[PR #6715/33af903b backport][stable-7] Add consul_policy module from dormant PR (#6917)

Add consul_policy module from dormant PR (#6715) Squash commits to make rebasing easier Co-authored-by: Valerio Poggi <vrpoggigmail.com> (cherry picked from commit 33af903b24) Co-authored-by: Valerio Poggi <106782233+valeriopoggi@users.noreply.github.com>
2025-08-06 14:14:22 -07:00 · 2023-07-12 22:23:31 +02:00 · 2023-07-12 22:23:31 +02:00 · ce30e0732b
commit ce30e0732b
parent c2cbac062e
3 changed files with 442 additions and 1 deletions
--- a/tests/integration/targets/consul/tasks/consul_policy.yml
+++ b/tests/integration/targets/consul/tasks/consul_policy.yml
@ -0,0 +1,67 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+- name: Create a policy with rules
+  consul_policy:
+    name: foo-access
+    rules: |
+        key "foo" {
+            policy = "read"
+        }
+        key "private/foo" {
+            policy = "deny"
+        }
+    token: "{{ consul_management_token }}"
+  register: result
+
+- assert:
+    that:
+      - result is changed
+      - result['policy']['Name'] == 'foo-access'
+- name: Update the rules associated to a policy
+  consul_policy:
+    name: foo-access
+    rules: |
+        key "foo" {
+            policy = "read"
+        }
+        key "private/foo" {
+            policy = "deny"
+        }
+        event "bbq" {
+            policy = "write"
+        }
+    token: "{{ consul_management_token }}"
+  register: result
+- assert:
+    that:
+      - result is changed
+- name: Update reports not changed when updating again without changes
+  consul_policy:
+    name: foo-access
+    rules: |
+        key "foo" {
+            policy = "read"
+        }
+        key "private/foo" {
+            policy = "deny"
+        }
+        event "bbq" {
+            policy = "write"
+        }
+    token: "{{ consul_management_token }}"
+  register: result
+- assert:
+    that:
+      - result is not changed
+- name: Remove a policy
+  consul_policy:
+    name: foo-access
+    token: "{{ consul_management_token }}"
+    state: absent
+  register: result
+- assert:
+    that:
+      - result is changed
--- a/tests/integration/targets/consul/tasks/main.yml
+++ b/tests/integration/targets/consul/tasks/main.yml
@ -90,7 +90,8 @@
      - 2
      - 3
    - import_tasks: consul_session.yml
+    - import_tasks: consul_policy.yml
    always:
    - name: Kill consul process
      shell: kill $(cat {{ remote_tmp_dir }}/consul.pid)
-      ignore_errors: true
+      ignore_errors: true