|
|
@@ -56,7 +56,19 @@
|
|
|
when:
|
|
|
- mariadb_password | length < 1 or
|
|
|
k8s_version | length < 1 or
|
|
|
- k8s_cni | length < 1
|
|
|
+ k8s_cni | length < 1 or
|
|
|
+ domain_name | length < 1
|
|
|
+
|
|
|
+- name: Validate login node parameters when login_node_reqd is set to true
|
|
|
+ fail:
|
|
|
+ msg: "{{ input_config_failure_msg }} for login_node"
|
|
|
+ when:
|
|
|
+ - ( domain_name | length < 1 or
|
|
|
+ realm_name | length < 1 or
|
|
|
+ directory_manager_password | length < 1 or
|
|
|
+ ipa_admin_password | length < 1 ) and
|
|
|
+ ( login_node_required and
|
|
|
+ host_mapping_file )
|
|
|
|
|
|
- name: Assert mariadb_password
|
|
|
assert:
|
|
|
@@ -91,13 +103,63 @@
|
|
|
docker_password: "{{ docker_password }}"
|
|
|
no_log: True
|
|
|
|
|
|
+- name: Verify the value of login_node_required
|
|
|
+ assert:
|
|
|
+ that:
|
|
|
+ - login_node_required == true or login_node_required == false
|
|
|
+ success_msg: "{{ login_node_required_success_msg }}"
|
|
|
+ fail_msg: "{{ login_node_required_fail_msg }}"
|
|
|
+
|
|
|
- name: Validate the domain name
|
|
|
assert:
|
|
|
that:
|
|
|
- domain_name is regex("^(?!-)[A-Za-z0-9-]+([\\-\\.]{1}[a-z0-9]+)*\\.[A-Za-z]{2,6}$")
|
|
|
success_msg: "{{ domain_name_success_msg }}"
|
|
|
fail_msg: "{{ domain_name_fail_msg }}"
|
|
|
- when: domain_name | length > 0
|
|
|
+ when:
|
|
|
+ - host_mapping_file
|
|
|
+ - login_node_required
|
|
|
+
|
|
|
+- name: Validate the realm name
|
|
|
+ assert:
|
|
|
+ that:
|
|
|
+ - realm_name is regex("^(?!-)[A-Z0-9-]+([\\-\\.]{1}[a-z0-9]+)*\\.[A-Z]{2,6}$")
|
|
|
+ - '"." in realm_name'
|
|
|
+ success_msg: "{{ realm_name_success_msg }}"
|
|
|
+ fail_msg: "{{ realm_name_fail_msg }}"
|
|
|
+ when:
|
|
|
+ - host_mapping_file
|
|
|
+ - login_node_required
|
|
|
+
|
|
|
+- name: Assert directory_manager_password
|
|
|
+ assert:
|
|
|
+ that:
|
|
|
+ - directory_manager_password | length > min_length | int - 1
|
|
|
+ - directory_manager_password | length < max_length | int + 1
|
|
|
+ - '"-" not in directory_manager_password '
|
|
|
+ - '"\\" not in directory_manager_password '
|
|
|
+ - '"\"" not in directory_manager_password '
|
|
|
+ - " \"'\" not in directory_manager_password "
|
|
|
+ success_msg: "{{ success_msg_directory_manager_password }}"
|
|
|
+ fail_msg: "{{ fail_msg_directory_manager_password }}"
|
|
|
+ when:
|
|
|
+ - host_mapping_file
|
|
|
+ - login_node_required
|
|
|
+
|
|
|
+- name: Assert ipa_admin_password
|
|
|
+ assert:
|
|
|
+ that:
|
|
|
+ - ipa_admin_password | length > min_length | int - 1
|
|
|
+ - ipa_admin_password | length < max_length | int + 1
|
|
|
+ - '"-" not in ipa_admin_password '
|
|
|
+ - '"\\" not in ipa_admin_password '
|
|
|
+ - '"\"" not in ipa_admin_password '
|
|
|
+ - " \"'\" not in ipa_admin_password "
|
|
|
+ success_msg: "{{ success_msg_ipa_admin_password }}"
|
|
|
+ fail_msg: "{{ fail_msg_ipa_admin_password }}"
|
|
|
+ when:
|
|
|
+ - host_mapping_file
|
|
|
+ - login_node_required
|
|
|
|
|
|
- name: Encrypt input config file
|
|
|
command: >-
|
|
|
@@ -108,4 +170,4 @@
|
|
|
- name: Update omnia_config.yml permission
|
|
|
file:
|
|
|
path: "{{ role_path }}/../../../{{ config_filename }}"
|
|
|
- mode: "{{ vault_file_perm }}"
|
|
|
+ mode: "{{ vault_file_perm }}"
|
sakshiarora13