--- - name: Generate names set_fact: ssh_cred_name1: "AWX-Collection-tests-tower_credential-ssh-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" ssh_cred_name2: "AWX-Collection-tests-tower_credential-ssh-cred2-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" ssh_cred_name3: "AWX-Collection-tests-tower_credential-ssh-cred-lookup-source-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" ssh_cred_name4: "AWX-Collection-tests-tower_credential-ssh-cred-file-source-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" vault_cred_name1: "AWX-Collection-tests-tower_credential-vault-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" vault_cred_name2: "AWX-Collection-tests-tower_credential-vault-ssh-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" net_cred_name1: "AWX-Collection-tests-tower_credential-net-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" scm_cred_name1: "AWX-Collection-tests-tower_credential-scm-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" aws_cred_name1: "AWX-Collection-tests-tower_credential-aws-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" vmware_cred_name1: "AWX-Collection-tests-tower_credential-vmware-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" sat6_cred_name1: "AWX-Collection-tests-tower_credential-sat6-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" cf_cred_name1: "AWX-Collection-tests-tower_credential-cf-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" gce_cred_name1: "AWX-Collection-tests-tower_credential-gce-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" azurerm_cred_name1: "AWX-Collection-tests-tower_credential-azurerm-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" openstack_cred_name1: "AWX-Collection-tests-tower_credential-openstack-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" rhv_cred_name1: "AWX-Collection-tests-tower_credential-rhv-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" insights_cred_name1: "AWX-Collection-tests-tower_credential-insights-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" tower_cred_name1: "AWX-Collection-tests-tower_credential-tower-cred1-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" - name: create a tempdir for an SSH key local_action: shell mktemp -d register: tempdir - name: Generate a local SSH key local_action: "shell ssh-keygen -b 2048 -t rsa -f {{ tempdir.stdout }}/id_rsa -q -N 'passphrase'" - name: Read the generated key set_fact: ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}" - name: Create a User-specific credential tower_credential: name: "{{ ssh_cred_name1 }}" organization: Default user: admin state: present kind: ssh register: result - assert: that: - "result is changed" - name: Delete a User-specific credential tower_credential: name: "{{ ssh_cred_name1 }}" organization: Default user: admin state: absent kind: ssh register: result - assert: that: - "result is changed" - name: Create a valid SSH credential tower_credential: name: "{{ ssh_cred_name2 }}" organization: Default state: present kind: ssh description: An example SSH credential username: joe password: secret become_method: sudo become_username: superuser become_password: supersecret ssh_key_data: "{{ ssh_key_data }}" ssh_key_unlock: "passphrase" register: result - assert: that: - "result is changed" - name: Create a valid SSH credential from lookup source tower_credential: name: "{{ ssh_cred_name3 }}" organization: Default state: present kind: ssh description: An example SSH credential from lookup source username: joe password: secret become_method: sudo become_username: superuser become_password: supersecret ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}" ssh_key_unlock: "passphrase" register: result - assert: that: - "result is changed" - name: Create a valid SSH credential from file source tower_credential: name: "{{ ssh_cred_name4 }}" organization: Default state: present kind: ssh description: An example SSH credential from file source username: joe password: secret become_method: sudo become_username: superuser become_password: supersecret ssh_key_data: "{{ tempdir.stdout }}/id_rsa" ssh_key_unlock: "passphrase" register: result - assert: that: - "result is changed" - "result is not failed" - "'ssh_key_data should be a string, not a path to a file.' in result.deprecations[0].msg" - name: Create an invalid SSH credential (passphrase required) tower_credential: name: SSH Credential organization: Default state: present kind: ssh username: joe ssh_key_data: "{{ ssh_key_data }}" ignore_errors: true register: result - assert: that: - "result is failed" - "'must be set when SSH key is encrypted' in result.msg" - name: Create an invalid SSH credential (Organization not found) tower_credential: name: SSH Credential organization: Missing Organization state: present kind: ssh username: joe ignore_errors: true register: result - assert: that: - "result is failed" - "'The requested object could not be found' in result.msg" - name: Delete an SSH credential tower_credential: name: "{{ ssh_cred_name2 }}" organization: Default state: absent kind: ssh register: result - assert: that: - "result is changed" - name: Delete an SSH credential tower_credential: name: "{{ ssh_cred_name3 }}" organization: Default state: absent kind: ssh register: result - assert: that: - "result is changed" - name: Delete an SSH credential tower_credential: name: "{{ ssh_cred_name4 }}" organization: Default state: absent kind: ssh register: result - assert: that: - "result is changed" - name: Create a valid Vault credential tower_credential: name: "{{ vault_cred_name1 }}" organization: Default state: present kind: vault description: An example Vault credential vault_password: secret-vault register: result - assert: that: - "result is changed" # We should decide when to delete this test - name: Create a valid Vault credential w/ kind=ssh (deprecated) tower_credential: name: "{{ vault_cred_name2 }}" organization: Default state: present kind: ssh description: An example Vault credential vault_password: secret-vault register: result - assert: that: - "result is changed" - name: Delete a Vault credential tower_credential: name: "{{ vault_cred_name1 }}" organization: Default state: absent kind: vault register: result - assert: that: - "result is changed" - name: Delete a Vault credential tower_credential: name: "{{ vault_cred_name2 }}" organization: Default state: absent kind: vault register: result - assert: that: - "result is changed" - name: Create a valid Network credential tower_credential: name: "{{ net_cred_name1 }}" organization: Default state: present kind: net username: joe password: secret authorize: true authorize_password: authorize-me register: result - assert: that: - "result is changed" - name: Delete a Network credential tower_credential: name: "{{ net_cred_name1 }}" organization: Default state: absent kind: net register: result - assert: that: - "result is changed" - name: Create a valid SCM credential tower_credential: name: "{{ scm_cred_name1 }}" organization: Default state: present kind: scm username: joe password: secret ssh_key_data: "{{ ssh_key_data }}" ssh_key_unlock: "passphrase" register: result - assert: that: - "result is changed" - name: Delete an SCM credential tower_credential: name: "{{ scm_cred_name1 }}" organization: Default state: absent kind: scm register: result - assert: that: - "result is changed" - name: Create a valid AWS credential tower_credential: name: "{{ aws_cred_name1 }}" organization: Default state: present kind: aws username: joe password: secret security_token: aws-token register: result - assert: that: - "result is changed" - name: Delete an AWS credential tower_credential: name: "{{ aws_cred_name1 }}" organization: Default state: absent kind: aws register: result - assert: that: - "result is changed" - name: Create a valid VMWare credential tower_credential: name: "{{ vmware_cred_name1 }}" organization: Default state: present kind: vmware host: https://example.org username: joe password: secret register: result - assert: that: - "result is changed" - name: Delete an VMWare credential tower_credential: name: "{{ vmware_cred_name1 }}" organization: Default state: absent kind: vmware register: result - assert: that: - "result is changed" - name: Create a valid Satellite6 credential tower_credential: name: "{{ sat6_cred_name1 }}" organization: Default state: present kind: satellite6 host: https://example.org username: joe password: secret register: result - assert: that: - "result is changed" - name: Delete a Satellite6 credential tower_credential: name: "{{ sat6_cred_name1 }}" organization: Default state: absent kind: satellite6 register: result - assert: that: - "result is changed" - name: Create a valid CloudForms credential tower_credential: name: "{{ cf_cred_name1 }}" organization: Default state: present kind: cloudforms host: https://example.org username: joe password: secret register: result - assert: that: - "result is changed" - name: Delete a CloudForms credential tower_credential: name: "{{ cf_cred_name1 }}" organization: Default state: absent kind: cloudforms register: result - assert: that: - "result is changed" - name: Create a valid GCE credential tower_credential: name: "{{ gce_cred_name1 }}" organization: Default state: present kind: gce username: joe project: ABC123 ssh_key_data: "{{ ssh_key_data }}" register: result - assert: that: - "result is changed" - name: Delete a GCE credential tower_credential: name: "{{ gce_cred_name1 }}" organization: Default state: absent kind: gce register: result - assert: that: - "result is changed" - name: Create a valid AzureRM credential tower_credential: name: "{{ azurerm_cred_name1 }}" organization: Default state: present kind: azure_rm username: joe password: secret subscription: some-subscription register: result - assert: that: - "result is changed" - name: Create a valid AzureRM credential with a tenant tower_credential: name: "{{ azurerm_cred_name1 }}" organization: Default state: present kind: azure_rm client: some-client secret: some-secret tenant: some-tenant subscription: some-subscription register: result - assert: that: - "result is changed" - name: Delete an AzureRM credential tower_credential: name: "{{ azurerm_cred_name1 }}" organization: Default state: absent kind: azure_rm register: result - assert: that: - "result is changed" - name: Create a valid OpenStack credential tower_credential: name: "{{ openstack_cred_name1 }}" organization: Default state: present kind: openstack host: https://keystone.example.org username: joe password: secret project: tenant123 domain: some-domain register: result - assert: that: - "result is changed" - name: Delete a OpenStack credential tower_credential: name: "{{ openstack_cred_name1 }}" organization: Default state: absent kind: openstack register: result - assert: that: - "result is changed" - name: Create a valid RHV credential tower_credential: name: "{{ rhv_cred_name1 }}" organization: Default state: present kind: rhv host: https://example.org username: joe password: secret register: result - assert: that: - "result is changed" - name: Delete an RHV credential tower_credential: name: "{{ rhv_cred_name1 }}" organization: Default state: absent kind: rhv register: result - assert: that: - "result is changed" - name: Create a valid Insights credential tower_credential: name: "{{ insights_cred_name1 }}" organization: Default state: present kind: insights username: joe password: secret register: result - assert: that: - "result is changed" - name: Delete an Insights credential tower_credential: name: "{{ insights_cred_name1 }}" organization: Default state: absent kind: insights register: result - assert: that: - "result is changed" - name: Create a valid Tower-to-Tower credential tower_credential: name: "{{ tower_cred_name1 }}" organization: Default state: present kind: tower host: https://tower.example.org username: joe password: secret register: result - assert: that: - "result is changed" - name: Delete a Tower-to-Tower credential tower_credential: name: "{{ tower_cred_name1 }}" organization: Default state: absent kind: tower register: result - assert: that: - "result is changed" - name: Check module fails with correct msg tower_credential: name: test-credential description: Credential Description kind: ssh organization: test-non-existing-org state: present register: result ignore_errors: true - assert: that: - "result.msg =='Failed to update credential, organization not found: The requested object could not be found.'"