RONCC
/
Dell-Omnia-Clusters-HPC-AI


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284
							#  Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
---
# Testcase to verify ipa installation in manager node
- name: OMNIA_1.2_SEC2_TC_013
  hosts: manager
  vars_files:
    - test_vars/test_security_ipa_vars.yml
  tasks:
    - name: Gather IPA version
      command: ipa --version
      register: ipa_version_op
      tags: SECURITY_TC_001

    - name: Validate the ipa version
      assert:
        that:
          - "'VERSION' in ipa_version_op.stdout"
        fail_msg: "{{ ipa_install_verification_fail_msg }}"
        success_msg: "{{ ipa_install_verification_success_msg }}"
      tags: SECURITY_TC_001

# OMNIA_1.2_SEC2_TC_014
# Testcase to verify user creation in Free IPA
- name: OMNIA_1.2_SEC2_TC_014
  hosts: manager
  vars_files:
    - test_vars/test_security_ipa_vars.yml
  tasks:
    - name: Generate random user
      command: echo "{{ user_var + random_number }}"
      register: user_name
      tags: SECURITY_TC_002

    - name: Create a random user for testing in free IPA
      command: ipa user-add {{ user_name.stdout }}  --first='userFirst' --last='userLast' --random
      register: create_user_op
      tags: SECURITY_TC_002

    - name: Get the list of users created in free IPA
      command: ipa user-find
      register: user_find_op
      tags: SECURITY_TC_002
 
    - name: Verify the presence of created user in free IPA
      assert:
        that:
          - "'{{ user_name.stdout }}' in user_find_op.stdout"
        fail_msg: "{{ user_creation_fail_msg }}"
        success_msg: "{{ user_creation_success_msg }}"
      tags: SECURITY_TC_002

# Test case to verify group creation in Free IPA
- name: OMNIA_1.2_SEC2_TC_015
  hosts: manager
  vars_files:
    - test_vars/test_security_ipa_vars.yml
  tasks:
    - name: Generate random group
      command: echo "{{ group_var + random_number }}"
      register: group_name
      tags: SECURITY_TC_003

    - name: Create a random group for testing in free IPA
      command: ipa group-add {{ group_name.stdout }}
      register: create_group_op
      tags: SECURITY_TC_003

    - name: Get the list of groups created in free IPA
      command: ipa group-find
      register: group_find_op
      tags: SECURITY_TC_003
  
    - name: Verify the presence of created group in free IPA
      assert:
        that:
          - "'{{ group_name.stdout }}' in group_find_op.stdout"
        fail_msg: "{{ group_creation_fail_msg }}"
        success_msg: "{{ group_creation_success_msg }}"
      tags: SECURITY_TC_003

# Testcase to verify whether user is added to group
- name: OMNIA_1.2_SEC2_TC_016
  hosts: manager
  vars_files:
    - test_vars/test_security_ipa_vars.yml
  tasks:
    - name: Generate random user
      command: echo "{{ user_var + random_number }}"
      register: user_name
      tags: SECURITY_TC_004

    - name: Create user to add into group in free IPA
      command: ipa user-add {{ user_name.stdout }}  --first='user' --last='Random' --random
      register: create_user_op
      tags: SECURITY_TC_004

    - name: Get the list of users created in free IPA
      command: ipa user-find
      register: user_find_op
      tags: SECURITY_TC_004

    - name: Verify the presence of created user in free IPA
      assert:
        that:
          - "'{{ user_name.stdout }}' in user_find_op.stdout"
        fail_msg: "{{ user_creation_fail_msg }}"
        success_msg: "{{ user_creation_success_msg }}"
      tags: SECURITY_TC_004
    
    - name: Generate random group
      command: echo "{{ group_var + random_number }}"
      register: group_name
      tags: SECURITY_TC_004

    - name: Create a group to add users in free IPA
      command: ipa group-add {{ group_name.stdout }}
      register: create_group_op
      tags: SECURITY_TC_004

    - name: Get the list of groups created in free IPA
      command: ipa group-find
      register: group_find_op
      tags: SECURITY_TC_004

    - name: Verify the presence of created group in free IPA
      assert:
        that:
          - "'{{ group_name.stdout }}' in group_find_op.stdout"
        fail_msg: "{{ group_creation_fail_msg }}"
        success_msg: "{{ group_creation_success_msg }}"
      tags: SECURITY_TC_004

    - name: Add created user to created group in free IPA
      command: ipa group-add-member {{ group_name.stdout }} --users={{ user_name.stdout}}
      register: group_add_member_op
      tags: SECURITY_TC_004
 
    - name: Get details of group in which user is added in free IPA
      command: ipa group-show {{ group_name.stdout }}
      register: group_show_op
      tags: SECURITY_TC_004

    - name: Verify user presence in the group from free IPA
      assert:
        that:
          - "'{{ user_name.stdout }}' in group_show_op.stdout"
        fail_msg: "{{ add_user_to_group_fail_msg }}"
        success_msg: "{{ add_user_to_group_success_msg }}" 
      tags: SECURITY_TC_004

# Testcase to verify user deletion in Free IPA
- name: OMNIA_1.2_SEC2_TC_017
  hosts: manager
  vars_files:
    - test_vars/test_security_ipa_vars.yml  
  tasks:
    - name: Generate random user
      command: echo "{{ user_var + random_number }}"
      register: user_name
      tags: SECURITY_TC_005

    - name: Create a user to perform deletion
      command: ipa user-add {{ user_name.stdout }}  --first='userFirst' --last='userLast' --random
      register: create_user_op
      tags: SECURITY_TC_005

    - name: Get the list of users created in free IPA
      command: ipa user-find
      register: user_find_op
      tags: SECURITY_TC_005

    - name: Verify the presence of created user in free IPA
      assert:
        that:
          - "'{{ user_name.stdout }}' in user_find_op.stdout"
        fail_msg: "{{ user_creation_fail_msg }}"
        success_msg: "{{ user_creation_success_msg }}"
      tags: SECURITY_TC_005
   
    - name: Delete created user in free IPA
      command: ipa user-del  {{ user_name.stdout }}
      register: user_del_op
      tags: SECURITY_TC_005
 
    - name: Select all the remaining users from free IPA
      command: ipa user-find
      register: user_find_op_after_del 
      tags: SECURITY_TC_005

    - name: Verify the absence of deleted user in free IPA
      assert:
        that:
          - "'{{ user_name.stdout }}' not in user_find_op_after_del.stdout"		
        fail_msg: "{{ user_deletion_fail_msg }}"
        success_msg: "{{ user_deletion_success_msg }}"
      tags: SECURITY_TC_005

# Testcase to verify group deletion in Free IPA
- name: OMNIA_1.2_SEC2_TC_018
  hosts: manager
  vars_files:
    - test_vars/test_security_ipa_vars.yml
  tasks:
    - name: Generate random group
      command: echo "{{ group_var + random_number }}"
      register: group_name
      tags: SECURITY_TC_006

    - name: Create a group to perform deletion in free IPA
      command: ipa group-add {{ group_name.stdout }}
      register: create_group_op
      tags: SECURITY_TC_006

    - name: Get the list of groups created in free IPA
      command: ipa group-find
      register: group_find_op
      tags: SECURITY_TC_006

    - name: Verify the presence of created group in free IPA
      assert:
        that:
          - "'{{ group_name.stdout }}' in group_find_op.stdout"
        fail_msg: "{{ group_creation_fail_msg }}"
        success_msg: "{{ group_creation_success_msg }}"
      tags: SECURITY_TC_006

    - name: Delete created group in free IPA
      command: ipa group-del {{ group_name.stdout }}
      register: group_del_op
      tags: SECURITY_TC_006
  
    - name: Select all the remaining users from free IPA
      command: ipa group-find
      register: group_find_op_after_del
      tags: SECURITY_TC_006

    - name: Verify the absence of deleted user in IPA
      assert:
        that:
          - "'{{ group_name.stdout }}' not in group_find_op_after_del.stdout"		
        fail_msg: "{{ group_deletion_fail_msg }}"
        success_msg: "{{ group_deletion_success_msg }}"
      tags: SECURITY_TC_006

# Testcase to verify role creation in Free IPA
- name: OMNIA_1.2_SEC2_TC_019
  hosts: manager
  vars_files:
    - test_vars/test_security_ipa_vars.yml
  tasks:
    - name: Generate random role
      command: echo "{{ role_var + random_number }}"
      register: role_name
      tags: SECURITY_TC_007

    - name: Create a random role for testing in free IPA
      command: ipa role-add {{ role_name.stdout }} --des='User Defined Role'
      register: create_role_op
      tags: SECURITY_TC_007

    - name: Get the list of roles created in free IPA
      command: ipa role-find
      register: role_find_op
      tags: SECURITY_TC_007
  
    - name: Verify the presence of created role in free IPA
      assert:
        that:
          - "'{{ role_name.stdout }}' in role_find_op.stdout"
        fail_msg: "{{ role_creation_fail_msg }}"
        success_msg: "{{ role_creation_success_msg }}"
      tags: SECURITY_TC_007