Update federation_idp to use proxy
Update federation_idp to use proxy layer Change-Id: I89ed8526c15608a043cc98e0de50a1ef6f1c8020
This commit is contained in:
Arx Cruz
Rafael Castillo
parent
4df7a12ebf
commit
8563e2327c
@ -19,3 +19,11 @@ idp_info_expected_fields:
|
|||||||
- is_enabled
|
- is_enabled
|
||||||
- name
|
- name
|
||||||
- remote_ids
|
- remote_ids
|
||||||
|
|
||||||
|
idp_expected_fields:
|
||||||
|
- description
|
||||||
|
- domain_id
|
||||||
|
- id
|
||||||
|
- is_enabled
|
||||||
|
- name
|
||||||
|
- remote_ids
|
||||||
|
|||||||
@ -74,13 +74,6 @@
|
|||||||
that:
|
that:
|
||||||
- create_identity_provider is successful
|
- create_identity_provider is successful
|
||||||
- create_identity_provider is changed
|
- create_identity_provider is changed
|
||||||
- '"identity_provider" in create_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -90,6 +83,11 @@
|
|||||||
vars:
|
vars:
|
||||||
idp: '{{ create_identity_provider.identity_provider }}'
|
idp: '{{ create_identity_provider.identity_provider }}'
|
||||||
|
|
||||||
|
- name: Verify returned values
|
||||||
|
assert:
|
||||||
|
that: item in create_identity_provider.identity_provider
|
||||||
|
loop: "{{ idp_expected_fields }}"
|
||||||
|
|
||||||
- name: 'Fetch IDP info - with name'
|
- name: 'Fetch IDP info - with name'
|
||||||
openstack.cloud.federation_idp_info:
|
openstack.cloud.federation_idp_info:
|
||||||
name: '{{ idp_name }}'
|
name: '{{ idp_name }}'
|
||||||
@ -146,13 +144,6 @@
|
|||||||
that:
|
that:
|
||||||
- create_identity_provider is successful
|
- create_identity_provider is successful
|
||||||
- create_identity_provider is not changed
|
- create_identity_provider is not changed
|
||||||
- '"identity_provider" in create_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -187,13 +178,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is changed
|
- update_identity_provider is changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -225,13 +209,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is not changed
|
- update_identity_provider is not changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -264,13 +241,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is changed
|
- update_identity_provider is changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -302,13 +272,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is not changed
|
- update_identity_provider is not changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -318,7 +281,6 @@
|
|||||||
vars:
|
vars:
|
||||||
idp: '{{ update_identity_provider.identity_provider }}'
|
idp: '{{ update_identity_provider.identity_provider }}'
|
||||||
|
|
||||||
|
|
||||||
- name: 'Update IDP set Disabled - CHECK_MODE'
|
- name: 'Update IDP set Disabled - CHECK_MODE'
|
||||||
check_mode: yes
|
check_mode: yes
|
||||||
openstack.cloud.federation_idp:
|
openstack.cloud.federation_idp:
|
||||||
@ -341,13 +303,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is changed
|
- update_identity_provider is changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -379,13 +334,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is not changed
|
- update_identity_provider is not changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -416,13 +364,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is not changed
|
- update_identity_provider is not changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -461,13 +402,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is changed
|
- update_identity_provider is changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -503,13 +437,6 @@
|
|||||||
that:
|
that:
|
||||||
- update_identity_provider is successful
|
- update_identity_provider is successful
|
||||||
- update_identity_provider is not changed
|
- update_identity_provider is not changed
|
||||||
- '"identity_provider" in update_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name
|
- idp.id == idp_name
|
||||||
- idp.name == idp_name
|
- idp.name == idp_name
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -550,13 +477,6 @@
|
|||||||
that:
|
that:
|
||||||
- create_identity_provider is successful
|
- create_identity_provider is successful
|
||||||
- create_identity_provider is changed
|
- create_identity_provider is changed
|
||||||
- '"identity_provider" in create_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name_2
|
- idp.id == idp_name_2
|
||||||
- idp.name == idp_name_2
|
- idp.name == idp_name_2
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
@ -594,13 +514,6 @@
|
|||||||
that:
|
that:
|
||||||
- create_identity_provider is successful
|
- create_identity_provider is successful
|
||||||
- create_identity_provider is not changed
|
- create_identity_provider is not changed
|
||||||
- '"identity_provider" in create_identity_provider'
|
|
||||||
- '"id" in idp'
|
|
||||||
- '"name" in idp'
|
|
||||||
- '"domain_id" in idp'
|
|
||||||
- '"description" in idp'
|
|
||||||
- '"is_enabled" in idp'
|
|
||||||
- '"remote_ids" in idp'
|
|
||||||
- idp.id == idp_name_2
|
- idp.id == idp_name_2
|
||||||
- idp.name == idp_name_2
|
- idp.name == idp_name_2
|
||||||
- idp.domain_id == domain_id
|
- idp.domain_id == domain_id
|
||||||
|
|||||||
@ -72,6 +72,34 @@ EXAMPLES = '''
|
|||||||
'''
|
'''
|
||||||
|
|
||||||
RETURN = '''
|
RETURN = '''
|
||||||
|
identity_provider:
|
||||||
|
description: Dictionary describing the identity providers
|
||||||
|
returned: On success when I(state) is 'present'
|
||||||
|
type: dict
|
||||||
|
elements: dict
|
||||||
|
contains:
|
||||||
|
description:
|
||||||
|
description: Identity provider description
|
||||||
|
type: str
|
||||||
|
sample: "demodescription"
|
||||||
|
domain_id:
|
||||||
|
description: Domain to which the identity provider belongs
|
||||||
|
type: str
|
||||||
|
sample: "default"
|
||||||
|
id:
|
||||||
|
description: Identity provider ID
|
||||||
|
type: str
|
||||||
|
sample: "test-idp"
|
||||||
|
is_enabled:
|
||||||
|
description: Indicates whether the identity provider is enabled
|
||||||
|
type: bool
|
||||||
|
name:
|
||||||
|
description: Name of the identity provider, equals its ID.
|
||||||
|
type: str
|
||||||
|
sample: "test-idp"
|
||||||
|
remote_ids:
|
||||||
|
description: Remote IDs associated with the identity provider
|
||||||
|
type: list
|
||||||
'''
|
'''
|
||||||
|
|
||||||
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule
|
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule
|
||||||
@ -90,22 +118,6 @@ class IdentityFederationIdpModule(OpenStackModule):
|
|||||||
supports_check_mode=True,
|
supports_check_mode=True,
|
||||||
)
|
)
|
||||||
|
|
||||||
def normalize_idp(self, idp):
|
|
||||||
"""
|
|
||||||
Normalizes the IDP definitions so that the outputs are consistent with the
|
|
||||||
parameters
|
|
||||||
|
|
||||||
- "enabled" (parameter) == "is_enabled" (SDK)
|
|
||||||
- "name" (parameter) == "id" (SDK)
|
|
||||||
"""
|
|
||||||
if idp is None:
|
|
||||||
return None
|
|
||||||
|
|
||||||
_idp = idp.to_dict()
|
|
||||||
_idp['enabled'] = idp['is_enabled']
|
|
||||||
_idp['name'] = idp['id']
|
|
||||||
return _idp
|
|
||||||
|
|
||||||
def delete_identity_provider(self, idp):
|
def delete_identity_provider(self, idp):
|
||||||
"""
|
"""
|
||||||
Delete an existing Identity Provider
|
Delete an existing Identity Provider
|
||||||
@ -150,7 +162,7 @@ class IdentityFederationIdpModule(OpenStackModule):
|
|||||||
attributes['description'] = description
|
attributes['description'] = description
|
||||||
|
|
||||||
idp = self.conn.identity.create_identity_provider(id=name, **attributes)
|
idp = self.conn.identity.create_identity_provider(id=name, **attributes)
|
||||||
return (True, idp)
|
return (True, idp.to_dict(computed=False))
|
||||||
|
|
||||||
def update_identity_provider(self, idp):
|
def update_identity_provider(self, idp):
|
||||||
"""
|
"""
|
||||||
@ -176,13 +188,13 @@ class IdentityFederationIdpModule(OpenStackModule):
|
|||||||
attributes['remote_ids'] = remote_ids
|
attributes['remote_ids'] = remote_ids
|
||||||
|
|
||||||
if not attributes:
|
if not attributes:
|
||||||
return False, idp
|
return False, idp.to_dict(computed=False)
|
||||||
|
|
||||||
if self.ansible.check_mode:
|
if self.ansible.check_mode:
|
||||||
return True, None
|
return True, None
|
||||||
|
|
||||||
new_idp = self.conn.identity.update_identity_provider(idp, **attributes)
|
new_idp = self.conn.identity.update_identity_provider(idp, **attributes)
|
||||||
return (True, new_idp)
|
return (True, new_idp.to_dict(computed=False))
|
||||||
|
|
||||||
def run(self):
|
def run(self):
|
||||||
""" Module entry point """
|
""" Module entry point """
|
||||||
@ -205,11 +217,9 @@ class IdentityFederationIdpModule(OpenStackModule):
|
|||||||
self.fail_json(msg='A domain_id must be passed when creating'
|
self.fail_json(msg='A domain_id must be passed when creating'
|
||||||
' an identity provider')
|
' an identity provider')
|
||||||
(changed, idp) = self.create_identity_provider(name)
|
(changed, idp) = self.create_identity_provider(name)
|
||||||
idp = self.normalize_idp(idp)
|
|
||||||
self.exit_json(changed=changed, identity_provider=idp)
|
self.exit_json(changed=changed, identity_provider=idp)
|
||||||
|
|
||||||
(changed, new_idp) = self.update_identity_provider(idp)
|
(changed, new_idp) = self.update_identity_provider(idp)
|
||||||
new_idp = self.normalize_idp(new_idp)
|
|
||||||
self.exit_json(changed=changed, identity_provider=new_idp)
|
self.exit_json(changed=changed, identity_provider=new_idp)
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user