2018-11-22 06:55:48 +10:00
---
- name : fail to run the module without become
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username
secret : password
state : present
register : fail_no_become
failed_when : '"Failed to access the user' 's credential store, run the module with become" not in fail_no_become.msg'
- name : create domain user credential (check mode)
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username
secret : password
state : present
register : domain_user_check
check_mode : True
vars : &become_vars
ansible_become : True
ansible_become_method : runas
ansible_become_user : '{{ ansible_user }}'
ansible_become_pass : '{{ ansible_password }}'
- name : get result of create domain user credential (check mode)
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : domain_user_actual_check
vars : *become_vars
- name : asset create domain user credential (check mode)
assert :
that :
- domain_user_check is changed
- not domain_user_actual_check.exists
- name : create domain user credential
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username
secret : password
state : present
register : domain_user
vars : *become_vars
- name : get result of create domain user credential
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : domain_user_actual
vars : *become_vars
- name : asset create domain user credential
assert :
that :
- domain_user is changed
- domain_user_actual.exists
- domain_user_actual.alias == None
- domain_user_actual.attributes == []
- domain_user_actual.comment == None
- domain_user_actual.name == test_hostname
- domain_user_actual.persistence == "LocalMachine"
- domain_user_actual.secret == ""
- domain_user_actual.type == "DomainPassword"
- domain_user_actual.username == "DOMAIN\\username"
- name : create domain user credential again always update
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username
secret : password
state : present
register : domain_user_again_always
vars : *become_vars
- name : create domain user credential again on_create
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username
secret : password
update_secret : on_create
state : present
register : domain_user_again_on_create
vars : *become_vars
- name : assert create domain user credential again
assert :
that :
- domain_user_again_always is changed
- not domain_user_again_on_create is changed
- name : update credential (check mode)
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username2
alias : ansible
attributes :
- name : attribute 1
data : attribute 1 value
- name : attribute 2
data : '{{ "attribute 2 value" | b64encode }}'
data_format : base64
comment : Credential comment
persistence : enterprise
state : present
register : update_cred_check
check_mode : True
vars : *become_vars
- name : get result of update credential (check mode)
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : update_cred_actual_check
vars : *become_vars
- name : assert update credential (check mode)
assert :
that :
- update_cred_check is changed
- update_cred_actual_check.exists
- update_cred_actual_check.alias == None
- update_cred_actual_check.attributes == []
- update_cred_actual_check.comment == None
- update_cred_actual_check.name == test_hostname
- update_cred_actual_check.persistence == "LocalMachine"
- update_cred_actual_check.secret == ""
- update_cred_actual_check.type == "DomainPassword"
- update_cred_actual_check.username == "DOMAIN\\username"
- name : update credential
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username2
alias : ansible
attributes :
- name : attribute 1
data : attribute 1 value
- name : attribute 2
data : '{{ "attribute 2 value" | b64encode }}'
data_format : base64
comment : Credential comment
persistence : enterprise
state : present
register : update_cred
vars : *become_vars
- name : get result of update credential
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : update_cred_actual
vars : *become_vars
- name : assert update credential
assert :
that :
- update_cred is changed
- update_cred_actual.exists
- update_cred_actual.alias == "ansible"
- update_cred_actual.attributes|count == 2
- update_cred_actual.attributes[0].name == "attribute 1"
- update_cred_actual.attributes[0].data == "attribute 1 value"|b64encode
- update_cred_actual.attributes[1].name == "attribute 2"
- update_cred_actual.attributes[1].data == "attribute 2 value"|b64encode
- update_cred_actual.comment == "Credential comment"
- update_cred_actual.name == test_hostname
- update_cred_actual.persistence == "Enterprise"
- update_cred_actual.secret == ""
- update_cred_actual.type == "DomainPassword"
- update_cred_actual.username == "DOMAIN\\username2"
- name : update credential again
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username2
alias : ansible
attributes :
- name : attribute 1
data : attribute 1 value
- name : attribute 2
data : '{{ "attribute 2 value" | b64encode }}'
data_format : base64
comment : Credential comment
persistence : enterprise
state : present
register : update_cred_again
vars : *become_vars
- name : assert update credential again
assert :
that :
- not update_cred_again is changed
- name : add new attribute
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username2
alias : ansible
attributes :
- name : attribute 1
data : attribute 1 value
- name : attribute 2
data : '{{ "attribute 2 value" | b64encode }}'
data_format : base64
- name : attribute 3
data : attribute 3 value
comment : Credential comment
persistence : enterprise
state : present
register : add_attribute
vars : *become_vars
- name : get result of add new attribute
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : add_attribute_actual
vars : *become_vars
- name : assert add new attribute
assert :
that :
- add_attribute is changed
- add_attribute_actual.attributes|count == 3
- add_attribute_actual.attributes[0].name == "attribute 1"
- add_attribute_actual.attributes[0].data == "attribute 1 value"|b64encode
- add_attribute_actual.attributes[1].name == "attribute 2"
- add_attribute_actual.attributes[1].data == "attribute 2 value"|b64encode
- add_attribute_actual.attributes[2].name == "attribute 3"
- add_attribute_actual.attributes[2].data == "attribute 3 value"|b64encode
- name : remove attribute
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username2
alias : ansible
attributes :
- name : attribute 1
data : attribute 1 value
- name : attribute 2
data : '{{ "attribute 2 value" | b64encode }}'
data_format : base64
comment : Credential comment
persistence : enterprise
state : present
register : remove_attribute
vars : *become_vars
- name : get result of remove attribute
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : remove_attribute_actual
vars : *become_vars
- name : assert remove attribute
assert :
that :
- remove_attribute is changed
- remove_attribute_actual.attributes|count == 2
- remove_attribute_actual.attributes[0].name == "attribute 1"
- remove_attribute_actual.attributes[0].data == "attribute 1 value"|b64encode
- remove_attribute_actual.attributes[1].name == "attribute 2"
- remove_attribute_actual.attributes[1].data == "attribute 2 value"|b64encode
- name : edit attribute
win_credential :
name : '{{ test_hostname }}'
type : domain_password
username : DOMAIN\username2
alias : ansible
attributes :
- name : attribute 1
data : attribute 1 value new
- name : attribute 2
data : '{{ "attribute 2 value" | b64encode }}'
data_format : base64
comment : Credential comment
persistence : enterprise
state : present
register : edit_attribute
vars : *become_vars
- name : get result of edit attribute
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : edit_attribute_actual
vars : *become_vars
- name : assert remove attribute
assert :
that :
- edit_attribute is changed
- edit_attribute_actual.attributes|count == 2
- edit_attribute_actual.attributes[0].name == "attribute 1"
- edit_attribute_actual.attributes[0].data == "attribute 1 value new"|b64encode
- edit_attribute_actual.attributes[1].name == "attribute 2"
- edit_attribute_actual.attributes[1].data == "attribute 2 value"|b64encode
- name : remove credential (check mode)
win_credential :
name : '{{ test_hostname }}'
type : domain_password
state : absent
register : remove_cred_check
check_mode : True
vars : *become_vars
- name : get result of remove credential (check mode)
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : remove_cred_actual_check
vars : *become_vars
- name : assert remove credential (check mode)
assert :
that :
- remove_cred_check is changed
- remove_cred_actual_check.exists
- name : remove credential
win_credential :
name : '{{ test_hostname }}'
type : domain_password
state : absent
register : remove_cred
vars : *become_vars
- name : get result of remove credential
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_password
register : remove_cred_actual
vars : *become_vars
- name : assert remove credential
assert :
that :
- remove_cred is changed
- not remove_cred_actual.exists
- name : remove credential again
win_credential :
name : '{{ test_hostname }}'
type : domain_password
state : absent
register : remove_cred_again
vars : *become_vars
- name : assert remove credential again
assert :
that :
- not remove_cred_again is changed
- name : create generic password (check mode)
win_credential :
name : '{{ test_hostname }}'
type : generic_password
persistence : enterprise
username : genericuser
secret : genericpass
state : present
register : generic_password_check
check_mode : True
vars : *become_vars
- name : get result of create generic password (check mode)
test_cred_facts :
name : '{{ test_hostname }}'
type : generic_password
register : generic_password_actual_check
vars : *become_vars
- name : assert result of create generic password (check mode)
assert :
that :
- generic_password_check is changed
- not generic_password_actual_check.exists
- name : create generic password
win_credential :
name : '{{ test_hostname }}'
type : generic_password
persistence : enterprise
username : genericuser
secret : genericpass
state : present
register : generic_password
vars : *become_vars
- name : get result of create generic password
test_cred_facts :
name : '{{ test_hostname }}'
type : generic_password
register : generic_password_actual
vars : *become_vars
2019-04-02 09:29:05 +10:00
- name : set encoded password result
set_fact :
encoded_pass : '{{ "genericpass" | string | b64encode(encoding="utf-16-le") }}'
2018-11-22 06:55:48 +10:00
- name : assert create generic password
assert :
that :
- generic_password is changed
- generic_password_actual.exists
- generic_password_actual.alias == None
- generic_password_actual.attributes == []
- generic_password_actual.comment == None
- generic_password_actual.name == test_hostname
- generic_password_actual.persistence == "Enterprise"
2019-04-02 09:29:05 +10:00
- generic_password_actual.secret == encoded_pass
2018-11-22 06:55:48 +10:00
- generic_password_actual.type == "Generic"
- generic_password_actual.username == "genericuser"
- name : create generic password again
win_credential :
name : '{{ test_hostname }}'
type : generic_password
persistence : enterprise
username : genericuser
secret : genericpass
state : present
register : generic_password_again
vars : *become_vars
- name : assert create generic password again
assert :
that :
- not generic_password_again is changed
- name : fail to create certificate cred with invalid thumbprint
win_credential :
name : '{{ test_hostname }}'
type : domain_certificate
username : 00112233445566778899AABBCCDDEEFF00112233
state : present
register : fail_invalid_cert
failed_when : fail_invalid_cert.msg != "Failed to find certificate with the thumbprint 00112233445566778899AABBCCDDEEFF00112233 in the CurrentUser\\My store"
vars : *become_vars
- name : create domain certificate cred (check mode)
win_credential :
name : '{{ test_hostname }}'
type : domain_certificate
username : '{{ cert_thumbprint }}'
state : present
register : domain_cert_check
check_mode : True
vars : *become_vars
- name : get result of create domain certificate cred (check mode)
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_certificate
register : domain_cert_actual_check
vars : *become_vars
- name : assert create domain certificate cred (check mode)
assert :
that :
- domain_cert_check is changed
- not domain_cert_actual_check.exists
- name : create domain certificate cred
win_credential :
name : '{{ test_hostname }}'
type : domain_certificate
username : '{{ cert_thumbprint }}'
state : present
register : domain_cert
vars : *become_vars
- name : get result of create domain certificate cred
test_cred_facts :
name : '{{ test_hostname }}'
type : domain_certificate
register : domain_cert_actual
vars : *become_vars
- name : assert create domain certificate cred
assert :
that :
- domain_cert is changed
- domain_cert_actual.exists
- domain_cert_actual.alias == None
- domain_cert_actual.attributes == []
- domain_cert_actual.comment == None
- domain_cert_actual.name == test_hostname
- domain_cert_actual.persistence == "LocalMachine"
- domain_cert_actual.secret == ""
- domain_cert_actual.type == "DomainCertificate"
- domain_cert_actual.username == cert_thumbprint
- name : create domain certificate cred again
win_credential :
name : '{{ test_hostname }}'
type : domain_certificate
username : '{{ cert_thumbprint }}'
state : present
register : domain_cert_again
vars : *become_vars
- name : assert create domain certificate cred again
assert :
that :
- not domain_cert_again is changed
- name : create generic certificate cred (check mode)
win_credential :
name : '{{ test_hostname }}'
type : generic_certificate
username : '{{ cert_thumbprint }}'
secret : '{{ "pin code" | b64encode }}'
secret_format : base64
state : present
register : generic_cert_check
check_mode : True
vars : *become_vars
- name : get result of create generic certificate cred (check mode)
test_cred_facts :
name : '{{ test_hostname }}'
type : generic_certificate
register : generic_cert_actual_check
vars : *become_vars
- name : assert create generic certificate cred (check mode)
assert :
that :
- generic_cert_check is changed
- not generic_cert_actual_check.exists
- name : create generic certificate cred
win_credential :
name : '{{ test_hostname }}'
type : generic_certificate
username : '{{ cert_thumbprint }}'
secret : '{{ "pin code" | b64encode }}'
secret_format : base64
state : present
register : generic_cert
vars : *become_vars
- name : get result of create generic certificate cred
test_cred_facts :
name : '{{ test_hostname }}'
type : generic_certificate
register : generic_cert_actual
vars : *become_vars
- name : assert create generic certificate cred
assert :
that :
- generic_cert is changed
- generic_cert_actual.exists
- generic_cert_actual.alias == None
- generic_cert_actual.attributes == []
- generic_cert_actual.comment == None
- generic_cert_actual.name == test_hostname
- generic_cert_actual.persistence == "LocalMachine"
- generic_cert_actual.secret == "pin code" | b64encode
- generic_cert_actual.type == "GenericCertificate"
- generic_cert_actual.username == cert_thumbprint
- name : create generic certificate cred again
win_credential :
name : '{{ test_hostname }}'
type : generic_certificate
username : '{{ cert_thumbprint }}'
state : present
register : generic_cert_again
vars : *become_vars
- name : assert create generic certificate cred again
assert :
that :
- not generic_cert_again is changed