mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-24 05:40:23 -07:00
Bugfix/keycloak userfed idempotency (#5732)
* fix(modules/keycloak_user_federation): fixes ... ... federation read call not finding already existing federations properly because of bad parametrisation * fix(modules/keycloak_user_federation): added ... ... new integration test for module idempotency bugfix * added changelog fragment for pr Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
This commit is contained in:
parent
098912c229
commit
0ca41dedce
3 changed files with 116 additions and 2 deletions
|
@ -66,6 +66,59 @@
|
|||
- result.existing == {}
|
||||
- result.end_state.name == "{{ federation }}"
|
||||
|
||||
- name: Create new user federation in admin realm
|
||||
community.general.keycloak_user_federation:
|
||||
auth_keycloak_url: "{{ url }}"
|
||||
auth_realm: "{{ admin_realm }}"
|
||||
auth_username: "{{ admin_user }}"
|
||||
auth_password: "{{ admin_password }}"
|
||||
realm: "{{ admin_realm }}"
|
||||
name: "{{ federation }}"
|
||||
state: present
|
||||
provider_id: ldap
|
||||
provider_type: org.keycloak.storage.UserStorageProvider
|
||||
config:
|
||||
enabled: true
|
||||
priority: 0
|
||||
fullSyncPeriod: -1
|
||||
changedSyncPeriod: -1
|
||||
cachePolicy: DEFAULT
|
||||
batchSizeForSync: 1000
|
||||
editMode: READ_ONLY
|
||||
importEnabled: true
|
||||
syncRegistrations: false
|
||||
vendor: other
|
||||
usernameLDAPAttribute: uid
|
||||
rdnLDAPAttribute: uid
|
||||
uuidLDAPAttribute: entryUUID
|
||||
userObjectClasses: "inetOrgPerson, organizationalPerson"
|
||||
connectionUrl: "ldaps://ldap.example.com:636"
|
||||
usersDn: "ou=Users,dc=example,dc=com"
|
||||
authType: simple
|
||||
bindDn: cn=directory reader
|
||||
bindCredential: secret
|
||||
searchScope: 1
|
||||
validatePasswordPolicy: false
|
||||
trustEmail: false
|
||||
useTruststoreSpi: "ldapsOnly"
|
||||
connectionPooling: true
|
||||
pagination: true
|
||||
allowKerberosAuthentication: false
|
||||
useKerberosForPasswordAuthentication: false
|
||||
debug: false
|
||||
register: result
|
||||
|
||||
- name: Debug
|
||||
debug:
|
||||
var: result
|
||||
|
||||
- name: Assert user federation created (admin realm)
|
||||
assert:
|
||||
that:
|
||||
- result is changed
|
||||
- result.existing == {}
|
||||
- result.end_state.name == "{{ federation }}"
|
||||
|
||||
- name: Update existing user federation (no change)
|
||||
community.general.keycloak_user_federation:
|
||||
auth_keycloak_url: "{{ url }}"
|
||||
|
@ -121,6 +174,61 @@
|
|||
- result.end_state != {}
|
||||
- result.end_state.name == "{{ federation }}"
|
||||
|
||||
- name: Update existing user federation (no change, admin realm)
|
||||
community.general.keycloak_user_federation:
|
||||
auth_keycloak_url: "{{ url }}"
|
||||
auth_realm: "{{ admin_realm }}"
|
||||
auth_username: "{{ admin_user }}"
|
||||
auth_password: "{{ admin_password }}"
|
||||
realm: "{{ admin_realm }}"
|
||||
name: "{{ federation }}"
|
||||
state: present
|
||||
provider_id: ldap
|
||||
provider_type: org.keycloak.storage.UserStorageProvider
|
||||
config:
|
||||
enabled: true
|
||||
priority: 0
|
||||
fullSyncPeriod: -1
|
||||
changedSyncPeriod: -1
|
||||
cachePolicy: DEFAULT
|
||||
batchSizeForSync: 1000
|
||||
editMode: READ_ONLY
|
||||
importEnabled: true
|
||||
syncRegistrations: false
|
||||
vendor: other
|
||||
usernameLDAPAttribute: uid
|
||||
rdnLDAPAttribute: uid
|
||||
uuidLDAPAttribute: entryUUID
|
||||
userObjectClasses: "inetOrgPerson, organizationalPerson"
|
||||
connectionUrl: "ldaps://ldap.example.com:636"
|
||||
usersDn: "ou=Users,dc=example,dc=com"
|
||||
authType: simple
|
||||
bindDn: cn=directory reader
|
||||
bindCredential: "**********"
|
||||
searchScope: 1
|
||||
validatePasswordPolicy: false
|
||||
trustEmail: false
|
||||
useTruststoreSpi: "ldapsOnly"
|
||||
connectionPooling: true
|
||||
pagination: true
|
||||
allowKerberosAuthentication: false
|
||||
useKerberosForPasswordAuthentication: false
|
||||
debug: false
|
||||
register: result
|
||||
|
||||
- name: Debug
|
||||
debug:
|
||||
var: result
|
||||
|
||||
- name: Assert user federation unchanged (admin realm)
|
||||
assert:
|
||||
that:
|
||||
- result is not changed
|
||||
- result.existing != {}
|
||||
- result.existing.name == "{{ federation }}"
|
||||
- result.end_state != {}
|
||||
- result.end_state.name == "{{ federation }}"
|
||||
|
||||
- name: Update existing user federation (with change)
|
||||
community.general.keycloak_user_federation:
|
||||
auth_keycloak_url: "{{ url }}"
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue