blob: 7a4a1795aea9e7594ec01f2781997afdbd18c102 [file] [log] [blame]
Oleksandr Kozachenkob0093492023-09-06 21:43:47 +02001# Copyright (c) 2023 VEXXHOST, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
15- name: Create user and assert it exists inside Keystone
16 hosts: all
17 tasks:
18 - name: Create Keycloak user
19 run_once: true
20 delegate_to: localhost
21 community.general.keycloak_user:
22 # Keycloak settings
23 auth_keycloak_url: "https://{{ keycloak_host }}"
24 auth_realm: master
25 auth_client_id: admin-cli
26 auth_username: admin
27 auth_password: "{{ keycloak_admin_password }}"
28 validate_certs: "{{ cluster_issuer_type != 'self-signed' }}"
29 # User settings
30 realm: atmosphere
31 username: test-user
32 register: keycloak_user_result
33
34 - name: Set a fact with user information using "end_state" or "existing"
35 run_once: true
36 ansible.builtin.set_fact:
37 keycloak_user_info: "{{ keycloak_user_result.existing | ternary(keycloak_user_result.existing, keycloak_user_result.end_state) }}"
38
39 - name: Get list of all users in "atmosphere" domain
40 run_once: true
41 delegate_to: localhost
42 vexxhost.atmosphere.identity_user_info:
43 domain: atmosphere
44 name: "{{ keycloak_user_info.username }}"
45 register: identity_user_info_result
46 # XXX(mnaser): GHA seems to be slow so the user doesn't show up right
47 # away, it could also be a Keystone caching issue, for now
48 # we try a few more times.
49 retries: 30
50 delay: 1
Mohammed Naser8ccabb62025-02-05 13:20:09 -050051 until: identity_user_info_result.users | length > 0
Oleksandr Kozachenkob0093492023-09-06 21:43:47 +020052
53 - name: Assert that the user exists
54 run_once: true
55 ansible.builtin.assert:
56 that:
Mohammed Naser8ccabb62025-02-05 13:20:09 -050057 - identity_user_info_result.users | length > 0
58 - identity_user_info_result.users[0].id == keycloak_user_info.id | regex_replace('-', '')
59 - identity_user_info_result.users[0].name == keycloak_user_info.username
Oleksandr Kozachenkob0093492023-09-06 21:43:47 +020060
61 # TODO: Simulate Keystone authentication
62 # TODO: Simulate Horizon login