roles/lib_openshift/src/test/integration/oc_serviceaccount_secret.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

#!/usr/bin/ansible-playbook --module-path=../../../library/
---
- hosts: "{{ cli_master_test }}"
  gather_facts: no
  user: root

  vars:
    namespace: default
    service_account_name: someserviceaccountname
    secret_name: somesecretname

  vars_prompt:
  - name: cli_master_test
    prompt: "Master to run against"
    private: false
    default: localhost

  post_tasks:
  - name: create service account to test with - Arrange
    oc_serviceaccount:
      namespace: "{{ namespace }}"
      name: "{{ service_account_name }}"

  - name: create secret to test with - Arrange
    oc_secret:
      namespace: "{{ namespace }}"
      name: "{{ secret_name }}"
      contents:
      - path: blah
        data: blahdeblah

  - name: Ensure the service account and secret are not linked - Arrange
    oc_serviceaccount_secret:
      state: absent
      service_account: "{{ service_account_name }}"
      secret: "{{ secret_name }}"
      namespace: "{{ namespace }}"

  - name: get secrets of a service account - Act
    oc_serviceaccount_secret:
      state: list
      service_account: builder
      namespace: "{{ namespace }}"
    register: sasecretout

  - name: get secrets of a service account - Assert
    assert:
      that:
      - "sasecretout.changed == False"
      - "sasecretout.state == 'list'"
      - "sasecretout.results | length > 0"

  - name: Test linking a service account and secret - Act
    oc_serviceaccount_secret:
      service_account: "{{ service_account_name }}"
      secret: "{{ secret_name }}"
      namespace: "{{ namespace }}"
    register: sasecretout

  - name: Test linking a service account and secret - Assert
    assert:
      that:
      - "sasecretout.changed == True"
      - "sasecretout.state == 'present'"
      - "sasecretout.results.returncode == 0"
      - "sasecretout.results.results | length > 0"

  - name: Test linking a service account and secret - idempotency - Act
    oc_serviceaccount_secret:
      service_account: "{{ service_account_name }}"
      secret: "{{ secret_name }}"
      namespace: "{{ namespace }}"
    register: sasecretout

  - name: Test linking a service account and secret - idempotency - Assert
    assert:
      that:
      - "sasecretout.changed == False"
      - "sasecretout.state == 'present'"