cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ansible/test/integration/consul.yml
Colin Nolan db50650365 Adds support for all Consul 0.8 ACL rule scopes (#25800) 
* Added in support for 'agent' and 'node' types.

* Tidies and moves `consul_acl` module closer to PEP8 compliance.

* Switched from using byspoke code to handle py2/3 string issues to using `to_text`.

* Made changes suggested by jrandall in https://github.com/ansible/ansible/pull/23467#pullrequestreview-34021967.

* Refactored consul_acl to support scopes with no pattern (and therefore a different HCL defintion).

* Corrects whitespace in Consul ACL HCL representation.

* Fixes Consul ACL to return the HCL equivalent JSON (according to the Consul docs) for the set ACLs.

* Repositioned import to align with Ansible standard (!= PEP8 standard).

* Adds Python 2.6 compatibility.

* Fixes PEP8 issues.

* Removes consul_acl.py as it now passes PEP8.

* Follows advice in the "Documenting Your Module" guide and moves imports up from the bottom.

* Tidies consul_acl module documentation.

* Updates link to guide about Consul ACLs.

* Removes new line spaces from error message string.

* Provide better error message if user forgets to associate a value to a Consul ACL rule.

* Minor refactoring of Consul ACL module.

* Fixes bug that was breaking idempotence in Consul ACL module.

* Detects redefinition of same rule.

* Adds test to check the Consul ACL module can set rules for all supported scopes.

* Fixes return when updating an ACL.

* Clean up of Consul ACL integration test file.

* Verify correct changes to existing Consul ACL rule.

* Adds tests for idempotence.

* Splits Consul ACL tests into cohesive modules.

* Adds test for deleting Consul ACLs.

* Test that Consul ACL module can set all rule scopes.

* Fixes issues surrounding the creation of ACLs.

Thanks for the comments by manos in https://github.com/ansible/ansible/pull/25800#issuecomment-310137889.

* Stops Consul ACL's name being "forgotten" if ACL updated by token.

* Fixes incorrect assignment when a Consul ACL is deleted.

* Fixes value of `changed` when Consul ACL is removed.

* Fixes tests for Consul ACL.

* Adds interal documentation.

* Refactors to separate update and create (also makes it possible to unit test this module).

* Improves documentation.

* Completes RETURN documentation for Consul ACL module.

* Fixes issue with equality checking for `None` in ACL Consul.

* Fixes Python 2 issue with making a decision based on `str` type.

* Fixes inequality check bug in Python 2.

* Adds tests for setting ACL with token.

* Adds support for creating an ACL with a given token.

* Outputs operation performed on Consul ACL when changed.

* Fixs issue with test for creating a Consul ACL with rules.

* Corrects property used to set ACL token in python-consul library.

* Fixes tear-down issue in test that creates a Consul ACL using a token.
2017-08-09 15:21:12 -04:00

78 lines
2.3 KiB
YAML
Raw Blame History

- hosts: localhost
connection: local
gather_facts: false
vars:
# these are the defaults from the consul-vagrant cluster setup
- mgmt_token: '4791402A-D875-4C18-8316-E652DBA53B18'
- acl_host: '11.0.0.2'
- metadata_json: '{"clearance": "top_secret"}'
pre_tasks:
# this works except for the KV_lookusp
- name: check that the consul agent is running locally
local_action: wait_for port=8500 timeout=5
ignore_errors: true
register: consul_running
roles:
- {role: test_consul_service,
when: not consul_running.failed is defined}
- {role: test_consul_kv,
when: not consul_running.failed is defined}
- {role: test_consul_acl,
when: not consul_running.failed is defined}
- {role: test_consul_session,
when: not consul_running.failed is defined}
tasks:
- name: setup services with passing check for consul inventory test
consul:
service_name: nginx
service_port: 80
script: "sh -c true"
interval: 5
token: '4791402A-D875-4C18-8316-E652DBA53B18'
tags:
- dev
- master
- name: setup failing service for inventory test
consul:
service_name: nginx
service_port: 443
script: "sh -c false"
interval: 5
tags:
- qa
- slave
- name: setup ssh service for inventory test
consul:
service_name: ssh
service_port: 2222
script: "sh -c true"
interval: 5
token: '4791402A-D875-4C18-8316-E652DBA53B18'
- name: update the Anonymous token to allow anon access to kv store
consul_acl:
mgmt_token: '{{mgmt_token}}'
host: '{{acl_host}}'
token: 'anonymous'
rules:
- key: ''
policy: write
- name: add metadata for the node through kv_store
consul_kv: "key=ansible/metadata/dc1/consul-1 value='{{metadata_json}}'"
- name: add metadata for the node through kv_store
consul_kv: key=ansible/groups/dc1/consul-1 value='a_group, another_group'
- name: warn that tests are ignored if consul agent is not running
debug: msg="A consul agent needs to be running inorder to run the tests. To setup a vagrant cluster for use in testing see http://github.com/sgargan/consul-vagrant"
when: consul_running.failed is defined
Reference in a new issue View git blame Copy permalink