molecule/keycloak/verify.yml - atmosphere - Gitiles

 # Copyright (c) 2023 VEXXHOST, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may
 # not use this file except in compliance with the License. You may obtain
 # a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.

 - name: Create user and assert it exists inside Keystone
   hosts: all
   tasks:
     - name: Create Keycloak user
       run_once: true
       delegate_to: localhost
       community.general.keycloak_user:
         # Keycloak settings
         auth_keycloak_url: "https://{{ keycloak_host }}"
         auth_realm: master
         auth_client_id: admin-cli
         auth_username: admin
         auth_password: "{{ keycloak_admin_password }}"
         validate_certs: "{{ cluster_issuer_type != 'self-signed' }}"
         # User settings
         realm: atmosphere
         username: test-user
       register: keycloak_user_result

     - name: Set a fact with user information using "end_state" or "existing"
       run_once: true
       ansible.builtin.set_fact:
         keycloak_user_info: "{{ keycloak_user_result.existing | ternary(keycloak_user_result.existing, keycloak_user_result.end_state) }}"

     - name: Get list of all users in "atmosphere" domain
       run_once: true
       delegate_to: localhost
       vexxhost.atmosphere.identity_user_info:
         domain: atmosphere
         name: "{{ keycloak_user_info.username }}"
       register: identity_user_info_result
       # XXX(mnaser): GHA seems to be slow so the user doesn't show up right
       #              away, it could also be a Keystone caching issue, for now
       #              we try a few more times.
       retries: 30
       delay: 1
       until: identity_user_info_result.users | length > 0

     - name: Assert that the user exists
       run_once: true
       ansible.builtin.assert:
         that:
           - identity_user_info_result.users | length > 0
           - identity_user_info_result.users[0].id == keycloak_user_info.id | regex_replace('-', '')
           - identity_user_info_result.users[0].name == keycloak_user_info.username

     # TODO: Simulate Keystone authentication
     # TODO: Simulate Horizon login
	# Copyright (c) 2023 VEXXHOST, Inc.
	#
	# Licensed under the Apache License, Version 2.0 (the "License"); you may
	# not use this file except in compliance with the License. You may obtain
	# a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	# License for the specific language governing permissions and limitations
	# under the License.

	- name: Create user and assert it exists inside Keystone
	hosts: all
	tasks:
	- name: Create Keycloak user
	run_once: true
	delegate_to: localhost
	community.general.keycloak_user:
	# Keycloak settings
	auth_keycloak_url: "https://{{ keycloak_host }}"
	auth_realm: master
	auth_client_id: admin-cli
	auth_username: admin
	auth_password: "{{ keycloak_admin_password }}"
	validate_certs: "{{ cluster_issuer_type != 'self-signed' }}"
	# User settings
	realm: atmosphere
	username: test-user
	register: keycloak_user_result

	- name: Set a fact with user information using "end_state" or "existing"
	run_once: true
	ansible.builtin.set_fact:
	keycloak_user_info: "{{ keycloak_user_result.existing \| ternary(keycloak_user_result.existing, keycloak_user_result.end_state) }}"

	- name: Get list of all users in "atmosphere" domain
	run_once: true
	delegate_to: localhost
	vexxhost.atmosphere.identity_user_info:
	domain: atmosphere
	name: "{{ keycloak_user_info.username }}"
	register: identity_user_info_result
	# XXX(mnaser): GHA seems to be slow so the user doesn't show up right
	# away, it could also be a Keystone caching issue, for now
	# we try a few more times.
	retries: 30
	delay: 1
	until: identity_user_info_result.users \| length > 0

	- name: Assert that the user exists
	run_once: true
	ansible.builtin.assert:
	that:
	- identity_user_info_result.users \| length > 0
	- identity_user_info_result.users[0].id == keycloak_user_info.id \| regex_replace('-', '')
	- identity_user_info_result.users[0].name == keycloak_user_info.username

	# TODO: Simulate Keystone authentication
	# TODO: Simulate Horizon login