ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-22 12:50:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

GitLab group and project access token modules (#7964)

Browse source 
* Adding gitlab group and project acess token modules

* Documentation corrections and recreate option change

* Documentation corrections

* Correcting documentation for return objects
This commit is contained in:
Zoran Krleza 2024-02-25 19:44:49 +01:00 committed by GitHub
commit f6d0b35bb7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
12 changed files with 1402 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
tests/integration/targets/gitlab_group_access_token/aliases Normal file
View file

@ -0,0 +1,7 @@
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
azp/posix/1
gitlab/ci
disabled

15
tests/integration/targets/gitlab_group_access_token/defaults/main.yml Normal file
View file

@ -0,0 +1,15 @@
---
####################################################################
# WARNING: These are designed specifically for Ansible tests #
# and should not be used as examples of how to write Ansible roles #
####################################################################
# Copyright (c) 2024, Zoran Krleza <zoran.krleza@true-north.hr>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
gitlab_api_token:
gitlab_api_url:
gitlab_validate_certs: false
gitlab_group_name:
gitlab_token_name:

221
tests/integration/targets/gitlab_group_access_token/tasks/main.yml Normal file
View file

@ -0,0 +1,221 @@
---
####################################################################
# WARNING: These are designed specifically for Ansible tests #
# and should not be used as examples of how to write Ansible roles #
####################################################################
# Copyright (c) 2024, Zoran Krleza <zoran.krleza@true-north.hr>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
- name: Install required libs
pip:
name: python-gitlab
state: present
- block:
- name: Try to create access token in nonexisting group
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "some_nonexisting_group"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-01-01'
access_level: developer
scopes:
- api
- read_api
register: create_pfail_token_status
always:
- name: Assert that token creation in nonexisting group failed
assert:
that:
- create_pfail_token_status is failed
ignore_errors: true
- block:
- name: Try to create access token with nonvalid expires_at
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "some_nonexisting_group"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-13-01'
access_level: developer
scopes:
- api
- read_api
register: create_efail_token_status
always:
- name: Assert that token creation with invalid expires_at failed
assert:
that:
- create_efail_token_status is failed
ignore_errors: true
- name: Create access token
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "{{ gitlab_group_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
register: create_token_status
- name: Assert that token creation with valid arguments is successfull
assert:
that:
- create_token_status is changed
- create_token_status.access_token.token is defined
- name: Check existing access token recreate=never (default)
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "{{ gitlab_group_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
register: check_token_status
- name: Assert that token creation without changes and recreate=never succeeds with status not changed
assert:
that:
- check_token_status is not changed
- check_token_status.access_token.token is not defined
- name: Check existing access token with recreate=state_change
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "{{ gitlab_group_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
recreate: state_change
register: check_recreate_token_status
- name: Assert that token creation without changes and recreate=state_change succeeds with status not changed
assert:
that:
- check_recreate_token_status is not changed
- check_recreate_token_status.access_token.token is not defined
- block:
- name: Try to change existing access token with recreate=never
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "{{ gitlab_group_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-01-01'
access_level: developer
scopes:
- api
- read_api
register: change_token_status
always:
- name: Assert that token change with recreate=never fails
assert:
that:
- change_token_status is failed
ignore_errors: true
- name: Try to change existing access token with recreate=state_change
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "{{ gitlab_group_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-01-01'
access_level: developer
scopes:
- api
- read_api
recreate: state_change
register: change_recreate_token_status
- name: Assert that token change with recreate=state_change succeeds
assert:
that:
- change_recreate_token_status is changed
- change_recreate_token_status.access_token.token is defined
- name: Try to change existing access token with recreate=always
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "{{ gitlab_group_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-01-01'
access_level: developer
scopes:
- api
- read_api
recreate: always
register: change_recreate1_token_status
- name: Assert that token change with recreate=always succeeds
assert:
that:
- change_recreate1_token_status is changed
- change_recreate1_token_status.access_token.token is defined
- name: Revoke access token
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "{{ gitlab_group_name }}"
name: "{{ gitlab_token_name }}"
state: absent
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
register: revoke_token_status
- name: Assert that token revocation succeeds
assert:
that:
- revoke_token_status is changed
- name: Revoke nonexisting access token
community.general.gitlab_group_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
group: "{{ gitlab_group_name }}"
name: "{{ gitlab_token_name }}"
state: absent
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
register: revoke_token_status
- name: Assert that token revocation succeeds with status not changed
assert:
that:
- revoke_token_status is not changed

7
tests/integration/targets/gitlab_project_access_token/aliases Normal file
View file

@ -0,0 +1,7 @@
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
azp/posix/1
gitlab/ci
disabled

15
tests/integration/targets/gitlab_project_access_token/defaults/main.yml Normal file
View file

@ -0,0 +1,15 @@
---
####################################################################
# WARNING: These are designed specifically for Ansible tests #
# and should not be used as examples of how to write Ansible roles #
####################################################################
# Copyright (c) 2024, Zoran Krleza <zoran.krleza@true-north.hr>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
gitlab_api_token:
gitlab_api_url:
gitlab_validate_certs: false
gitlab_project_name:
gitlab_token_name:

221
tests/integration/targets/gitlab_project_access_token/tasks/main.yml Normal file
View file

@ -0,0 +1,221 @@
---
####################################################################
# WARNING: These are designed specifically for Ansible tests #
# and should not be used as examples of how to write Ansible roles #
####################################################################
# Copyright (c) 2024, Zoran Krleza <zoran.krleza@true-north.hr>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
- name: Install required libs
pip:
name: python-gitlab
state: present
- block:
- name: Try to create access token in nonexisting project
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "some_nonexisting_project"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-01-01'
access_level: developer
scopes:
- api
- read_api
register: create_pfail_token_status
always:
- name: Assert that token creation in nonexisting project failed
assert:
that:
- create_pfail_token_status is failed
ignore_errors: true
- block:
- name: Try to create access token with nonvalid expires_at
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "some_nonexisting_project"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-13-01'
access_level: developer
scopes:
- api
- read_api
register: create_efail_token_status
always:
- name: Assert that token creation with invalid expires_at failed
assert:
that:
- create_efail_token_status is failed
ignore_errors: true
- name: Create access token
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "{{ gitlab_project_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
register: create_token_status
- name: Assert that token creation with valid arguments is successfull
assert:
that:
- create_token_status is changed
- create_token_status.access_token.token is defined
- name: Check existing access token recreate=never (default)
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "{{ gitlab_project_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
register: check_token_status
- name: Assert that token creation without changes and recreate=never succeeds with status not changed
assert:
that:
- check_token_status is not changed
- check_token_status.access_token.token is not defined
- name: Check existing access token with recreate=state_change
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "{{ gitlab_project_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
recreate: state_change
register: check_recreate_token_status
- name: Assert that token creation without changes and recreate=state_change succeeds with status not changed
assert:
that:
- check_recreate_token_status is not changed
- check_recreate_token_status.access_token.token is not defined
- block:
- name: Try to change existing access token with recreate=never
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "{{ gitlab_project_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-01-01'
access_level: developer
scopes:
- api
- read_api
register: change_token_status
always:
- name: Assert that token change with recreate=never fails
assert:
that:
- change_token_status is failed
ignore_errors: true
- name: Try to change existing access token with recreate=state_change
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "{{ gitlab_project_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-01-01'
access_level: developer
scopes:
- api
- read_api
recreate: state_change
register: change_recreate_token_status
- name: Assert that token change with recreate=state_change succeeds
assert:
that:
- change_recreate_token_status is changed
- change_recreate_token_status.access_token.token is defined
- name: Try to change existing access token with recreate=always
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "{{ gitlab_project_name }}"
name: "{{ gitlab_token_name }}"
state: present
expires_at: '2025-01-01'
access_level: developer
scopes:
- api
- read_api
recreate: always
register: change_recreate1_token_status
- name: Assert that token change with recreate=always succeeds
assert:
that:
- change_recreate1_token_status is changed
- change_recreate1_token_status.access_token.token is defined
- name: Revoke access token
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "{{ gitlab_project_name }}"
name: "{{ gitlab_token_name }}"
state: absent
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
register: revoke_token_status
- name: Assert that token revocation succeeds
assert:
that:
- revoke_token_status is changed
- name: Revoke nonexisting access token
community.general.gitlab_project_access_token:
api_token: "{{ gitlab_api_token }}"
api_url: "{{ gitlab_api_url }}"
validate_certs: "{{ gitlab_validate_certs }}"
project: "{{ gitlab_project_name }}"
name: "{{ gitlab_token_name }}"
state: absent
expires_at: '2024-12-31'
access_level: developer
scopes:
- api
- read_api
register: revoke_token_status
- name: Assert that token revocation succeeds with status not changed
assert:
that:
- revoke_token_status is not changed