VMware: new module - vmware_local_role_manager (#33372)

This fix adds new module for managing various roles in local ESXi server. Also, adds integration tests for this change. Fixes: #27899 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2025-07-28 15:41:22 -07:00 · 2018-01-04 15:53:58 +05:30 · 2018-01-04 15:53:58 +05:30 · dcc1355d54
commit dcc1355d54
parent 0ddfdca143
3 changed files with 416 additions and 0 deletions
--- a/test/integration/targets/vmware_local_role_manager/aliases
+++ b/test/integration/targets/vmware_local_role_manager/aliases
@ -0,0 +1,4 @@
+posix/ci/cloud/group1/vcenter
+posix/ci/cloud/group1/smoketest
+cloud/vcenter
+destructive
--- a/test/integration/targets/vmware_local_role_manager/tasks/main.yml
+++ b/test/integration/targets/vmware_local_role_manager/tasks/main.yml
@ -0,0 +1,135 @@
+# Test code for the vmware_local_role_manager module
+# Copyright: (c) 2017, Abhijeet Kasurde <akasurde@redhat.com>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+- name: make sure pyvmomi is installed
+  pip:
+    name: pyvmomi
+    state: latest
+  when: "{{ ansible_user_id == 'root' }}"
+
+- name: store the vcenter container ip
+  set_fact:
+    vcsim: "{{ lookup('env', 'vcenter_host') }}"
+- debug: var=vcsim
+
+- name: Wait for Flask controller to come up online
+  wait_for:
+    host: "{{ vcsim }}"
+    port: 5000
+    state: started
+
+- name: kill vcsim
+  uri:
+    url: http://{{ vcsim }}:5000/killall
+
+- name: start vcsim
+  uri:
+    url: http://{{ vcsim }}:5000/spawn?esx=1
+  register: vcsim_instance
+
+- name: Wait for Flask controller to come up online
+  wait_for:
+    host: "{{ vcsim }}"
+    port: 443
+    state: started
+
+- debug: var=vcsim_instance
+
+- name: Role creation
+  vmware_local_role_manager:
+    hostname: "{{ vcsim }}"
+    username: "{{ vcsim_instance['json']['username'] }}"
+    password: "{{ vcsim_instance['json']['password'] }}"
+    local_role_name: SampleRole_0001
+    validate_certs: no
+    state: present
+  register: role_creation_0001
+
+- name: verify if role is created
+  assert:
+    that:
+      - "{{ role_creation_0001.changed == true }}"
+      - "{{ role_creation_0001.role_id is defined }}"
+      - "{{ role_creation_0001.local_role_name is defined }}"
+
+- name: Create role again
+  vmware_local_role_manager:
+    hostname: "{{ vcsim }}"
+    username: "{{ vcsim_instance['json']['username'] }}"
+    password: "{{ vcsim_instance['json']['password'] }}"
+    local_role_name: SampleRole_0001
+    validate_certs: no
+    state: present
+  register: role_creation_0001
+
+- name: verify if role is not created again
+  assert:
+    that:
+      - "{{ role_creation_0001.changed == false }}"
+
+- name: delete role
+  vmware_local_role_manager:
+    hostname: "{{ vcsim }}"
+    username: "{{ vcsim_instance['json']['username'] }}"
+    password: "{{ vcsim_instance['json']['password'] }}"
+    local_role_name: SampleRole_0001
+    validate_certs: no
+    state: absent
+  register: role_creation_0001
+
+- name: verify if role is not present
+  assert:
+    that:
+      - "{{ role_creation_0001.changed == true }}"
+
+- name: delete role again
+  vmware_local_role_manager:
+    hostname: "{{ vcsim }}"
+    username: "{{ vcsim_instance['json']['username'] }}"
+    password: "{{ vcsim_instance['json']['password'] }}"
+    local_role_name: SampleRole_0001
+    validate_certs: no
+    state: absent
+  register: role_creation_0001
+
+- name: verify if role is not present again
+  assert:
+    that:
+      - "{{ role_creation_0001.changed == false }}"
+
+- name: Create role with privileges
+  vmware_local_role_manager:
+    hostname: "{{ vcsim }}"
+    username: "{{ vcsim_instance['json']['username'] }}"
+    password: "{{ vcsim_instance['json']['password'] }}"
+    local_role_name: SampleRole_0001
+    validate_certs: no
+    local_privilege_ids: ['VirtualMachine.State.RenameSnapshot']
+    state: present
+  register: role_creation_0001
+
+- name: verify if role is created with privileges
+  assert:
+    that:
+      - "{{ role_creation_0001.changed == true }}"
+      - "{{ role_creation_0001.role_id is defined }}"
+
+- name: Create role with privileges additional privileges
+  vmware_local_role_manager:
+    hostname: "{{ vcsim }}"
+    username: "{{ vcsim_instance['json']['username'] }}"
+    password: "{{ vcsim_instance['json']['password'] }}"
+    local_role_name: SampleRole_0001
+    validate_certs: no
+    local_privilege_ids: ['VirtualMachine.State.RenameSnapshot', 'Folder.Create']
+    state: present
+  register: role_creation_0001
+
+- name: verify if role is created with updated privileges
+  assert:
+    that:
+      - "{{ role_creation_0001.changed == true }}"
+      - "{{ role_creation_0001.role_id is defined }}"
+      - "{{ role_creation_0001.old_privileges is defined }}"
+      - "{{ role_creation_0001.new_privileges is defined }}"