Last active
September 29, 2020 20:27
-
-
Save gustavomcarmo/e91128e36d5d5726ba611bcf814a189b to your computer and use it in GitHub Desktop.
LDAP Ansible modules integration tests
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| docker run --name openldap -d -p 389:389 osixia/openldap:1.2.1 | |
| if [ $? -ne 0 ]; then | |
| echo "Error on running the OpenLDAP Docker image." | |
| exit 1 | |
| fi | |
| until ldapsearch -x -b dc=example,dc=org -D cn=admin,dc=example,dc=org -w admin | grep "dn: dc=example,dc=org" | |
| do | |
| echo "OpenLDAP is not ready yet - sleeping 2s" | |
| sleep 2 | |
| done | |
| ansible-playbook test_ldap_entry.yml -e "ansible_python_interpreter=$(which python3)" | |
| people_exists=$(ldapsearch -x -b ou=people,dc=example,dc=org -D cn=admin,dc=example,dc=org -w admin | grep -c "dn: ou=people,dc=example,dc=org") | |
| if [ $people_exists -ne 1 ]; then | |
| echo "Error on creating the entry 'ou=people,dc=example,dc=org'." | |
| exit 1 | |
| fi | |
| groups_exists=$(ldapsearch -x -b ou=groups,dc=example,dc=org -D cn=admin,dc=example,dc=org -w admin | grep -c "dn: ou=groups,dc=example,dc=org") | |
| if [ $groups_exists -ne 1 ]; then | |
| echo "Error on creating the entry 'ou=groups,dc=example,dc=org'." | |
| exit 1 | |
| fi | |
| user_exists=$(ldapsearch -x -b ou=people,dc=example,dc=org -D cn=admin,dc=example,dc=org -w admin | grep -c "dn: uid=jacksp,ou=people,dc=example,dc=org") | |
| if [ $user_exists -ne 1 ]; then | |
| echo "Error on creating the entry 'uid=jacksp,ou=people,dc=example,dc=org'." | |
| exit 1 | |
| fi | |
| attr_exists=$(ldapsearch -x -b uid=jacksp,ou=people,dc=example,dc=org -D cn=admin,dc=example,dc=org -w admin | grep -c "userPassword:: YmxhY2tfcGVhcmw=") | |
| if [ $attr_exists -ne 1 ]; then | |
| echo "Error on creating the attribute userPassword for 'uid=jacksp,ou=people,dc=example,dc=org'." | |
| exit 1 | |
| fi | |
| docker stop openldap && docker rm openldap | |
| exit 0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: localhost | |
| connection: local | |
| gather_facts: no | |
| vars: | |
| ldap_uri: ldap:/// | |
| admin_dn: cn=admin,dc=example,dc=org | |
| admin_pw: admin | |
| tasks: | |
| - name: Install python-ldap | |
| pip: | |
| name: python-ldap | |
| - name: Create the LDAP top nodes | |
| ldap_entry: | |
| dn: "{{item}}" | |
| objectClass: organizationalUnit | |
| server_uri: "{{ ldap_uri }}" | |
| bind_dn: "{{ admin_dn }}" | |
| bind_pw: "{{ admin_pw }}" | |
| loop: | |
| - ou=people,dc=example,dc=org | |
| - ou=groups,dc=example,dc=org | |
| - name: Create the LDAP entries for Jack Sparrow and Hector Barbossa | |
| ldap_entry: | |
| dn: "{{ item.dn }}" | |
| server_uri: "{{ ldap_uri }}" | |
| bind_dn: "{{ admin_dn }}" | |
| bind_pw: "{{ admin_pw }}" | |
| objectClass: | |
| - inetOrgPerson | |
| - posixAccount | |
| attributes: | |
| description: "{{ item.description }}" | |
| cn: "{{ item.cn }}" | |
| sn: "{{ item.sn }}" | |
| uid: "{{ item.uid }}" | |
| gidNumber: 5000 | |
| uidNumber: "{{ item.uidNumber }}" | |
| loginShell: /bin/bash | |
| homeDirectory: "{{ item.homeDirectory }}" | |
| loop: | |
| - {dn: "uid=jacksp,ou=people,dc=example,dc=org", description: "LDAP user for Jack Sparrow", cn: "Jack", sn: "Sparrow", uid: "jacksp", uidNumber: 10000, homeDirectory: "/home/jacksp"} | |
| - {dn: "uid=hectorb,ou=people,dc=example,dc=org", description: "LDAP user for Hector Barbossa", cn: "Hector", sn: "Barbossa", uid: "hectorb", uidNumber: 10001, homeDirectory: "/home/hectorb"} | |
| - name: Add a password to Jack Sparrow | |
| ldap_attr: | |
| dn: uid=jacksp,ou=people,dc=example,dc=org | |
| server_uri: "{{ ldap_uri }}" | |
| bind_dn: "{{ admin_dn }}" | |
| bind_pw: "{{ admin_pw }}" | |
| name: userPassword | |
| values: black_pearl | |
| state: exact | |
| - name: Create LDAP entries for groups and assign Jack Sparrow to them | |
| ldap_entry: | |
| dn: "{{item}}" | |
| server_uri: "{{ ldap_uri }}" | |
| bind_dn: "{{ admin_dn }}" | |
| bind_pw: "{{ admin_pw }}" | |
| objectClass: | |
| - groupOfUniqueNames | |
| attributes: | |
| uniqueMember: uid=jacksp,ou=people,dc=example,dc=org | |
| loop: | |
| - cn=group1,ou=groups,dc=example,dc=org | |
| - cn=group2,ou=groups,dc=example,dc=org | |
| - name: Add Hector Barbossa to group2 | |
| ldap_attr: | |
| dn: cn=group2,ou=groups,dc=example,dc=org | |
| server_uri: "{{ ldap_uri }}" | |
| bind_dn: "{{ admin_dn }}" | |
| bind_pw: "{{ admin_pw }}" | |
| name: uniqueMember | |
| values: uid=hectorb,ou=people,dc=example,dc=org | |
| state: present | |
| - name: Remove Jack Sparrow from group2 | |
| ldap_attr: | |
| dn: cn=group2,ou=groups,dc=example,dc=org | |
| server_uri: "{{ ldap_uri }}" | |
| bind_dn: "{{ admin_dn }}" | |
| bind_pw: "{{ admin_pw }}" | |
| name: uniqueMember | |
| values: uid=jacksp,ou=people,dc=example,dc=org | |
| state: absent |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment