Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add vars and tasks to support VGAuth guest operation testing #465

Merged
merged 3 commits into from
May 31, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 34 additions & 0 deletions common/add_vsphere_hosts_in_inventory.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Copyright 2023 VMware, Inc.
# SPDX-License-Identifier: BSD-2-Clause
---
# Add vCenter Server and ESXi server into memory inventory
#
- name: "Add vCenter Server into memory inventory"
include_tasks: add_host_in_memory_inventory.yml
vars:
add_host_in_memory_inventory_ip: "{{ vcenter_hostname }}"
add_host_in_memory_inventory_gp: "vcenter"
add_host_in_memory_inventory_user: "{{ vcenter_ssh_username }}"
add_host_in_memory_inventory_pwd: "{{ vcenter_ssh_password }}"
add_host_in_memory_inventory_python: "/bin/python"
add_host_in_memory_inventory_ssh_pipeline: true
add_host_in_memory_inventory_shell: "/usr/bin/bash"
when:
- vcenter_hostname is defined
- vcenter_hostname
- vcenter_ssh_username is defined
- vcenter_ssh_username
- vcenter_ssh_password is defined
- vcenter_ssh_password

- name: "Add ESXi Server into memory inventory"
include_tasks: ../common/add_host_in_memory_inventory.yml
vars:
add_host_in_memory_inventory_ip: "{{ esxi_hostname }}"
add_host_in_memory_inventory_gp: "esxi"
add_host_in_memory_inventory_user: "{{ esxi_username }}"
add_host_in_memory_inventory_pwd: "{{ esxi_password }}"
add_host_in_memory_inventory_python: "/bin/python"
add_host_in_memory_inventory_ssh_pipeline: true
add_host_in_memory_inventory_remote_tmp: "{{ vm_datastore_path }}"
add_host_in_memory_inventory_shell: "{{ esxi_shell }}"
50 changes: 50 additions & 0 deletions common/vcenter_get_domain_user_info.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# Copyright 2023 VMware, Inc.
# SPDX-License-Identifier: BSD-2-Clause
---
# Gather information about a domain user on vCenter Server
# Parameters:
# vcenter_domain_name: The vCenter Server user domain name. Default is same with vcenter_username domain.
# vcenter_domain_user_name: The domain user name.
#
- name: "Check parameter 'vcenter_domain_user_name' is set"
ansible.builtin.assert:
that:
- vcenter_is_defined is defined
- vcenter_is_defined
- vcenter_domain_user_name is defined
- vcenter_domain_user_name
fail_msg: >-
vCenter Server information must be defined in testing vars file and
parameter 'vcenter_domain_user_name' must be set for gathering domain user info.
Current vcenter_is_defined is {{ vcenter_is_defined | default('undefined')}},
vcenter_domain_user_name is {{ vcenter_domain_user_name | default('undefined') }}.

- name: "Set default user domain of vCenter Server"
ansible.builtin.set_fact:
vcenter_domain_name: "{{ vcenter_username.split('@')[-1] }}"
when: vcenter_domain_name is undefined or not vcenter_domain_name

- name: "Initialize the fact of vCenter Server domain user"
ansible.builtin.set_fact:
vcenter_domain_user_info: ""

- name: "Get info of domain user '{{ vcenter_domain_user_name }}@{{ vcenter_domain_name }}'"
community.vmware.vcenter_domain_user_group_info:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
validate_certs: "{{ validate_certs | default(false) }}"
domain: "{{ vcenter_domain_name }}"
search_string: "{{ vcenter_domain_name }}\\{{ vcenter_domain_user_name }}"
exact_match: true
register: get_domain_user_result

- name: "Set fact of vCenter Server domain user"
ansible.builtin.set_fact:
vcenter_domain_user_info: "{{ get_domain_user_result.domain_user_groups[0] }}"
when:
- get_domain_user_result.domain_user_groups is defined
- get_domain_user_result.domain_user_groups | length > 0

- name: "Display gathered domain user information"
ansible.builtin.debug: var=vcenter_domain_user_info
131 changes: 131 additions & 0 deletions common/vcenter_manage_domain_user.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
# Copyright 2023 VMware, Inc.
# SPDX-License-Identifier: BSD-2-Clause
---
# Add or delete a domain user on vCenter Server
keirazhang marked this conversation as resolved.
Show resolved Hide resolved
# Parameters:
# vcenter_domain_user_name: The domain user name.
# vcenter_domain_user_password: The domain user password.
# vcenter_domain_user_op: The operation of managing domain user: add or delete.
# vcenter_domain_name(optional): The vCenter Server user domain name.
# Default is vcenter_username domain.
# vcenter_domain_user_first_name(optional): The first name of domain user.
# Default is same as user name.
# vcenter_domain_user_last_name(optional): The last name of domain user.
# Default is same as domain name.
# vcenter_domain_user_group(optional): The user group which domain user belongs to.
# Default is empty.
#
# vcenter_is_defined is defined in common/set_vmware_module_hostname.yml
# groups['vcenter'] is defined in common/add_vsphere_hosts_in_inventory.yml
# both of them are set at env_setup
- name: "Check vCenter Server is defined and added into memory inventory"
ansible.builtin.assert:
that:
- vcenter_is_defined is defined
- vcenter_is_defined
- groups['vcenter'] is defined
- vcenter_hostname in groups['vcenter']
fail_msg: >-
vCenter Server information and its SSH username and password must be set in testing vars file.
Current vcenter_is_defined is {{ vcenter_is_defined | default('undefined') }},
and vCenter Server hostname in memory inventory is
{{ groups['vcenter'] is defined and vcenter_hostname in groups['vcenter'] }}.
- name: "Check vcenter_domain_user_name, vcenter_domain_user_password and vcenter_domain_user_op are set"
ansible.builtin.assert:
that:
- vcenter_domain_user_name is defined
- vcenter_domain_user_name
- vcenter_domain_user_password is defined
- vcenter_domain_user_password
- vcenter_domain_user_op is defined
- vcenter_domain_user_op in ['add', 'delete']
fail_msg: >-
Parameter 'vcenter_domain_user_name','vcenter_domain_user_password' and 'vcenter_domain_user_op'
must be set correclty for managing domain user.
Current vcenter_domain_user_name is {{ vcenter_domain_user_name | default('undefined') }},
vcenter_domain_user_password is {{ vcenter_domain_user_password | default('undefined') }},
and vcenter_domain_user_op is {{ vcenter_domain_user_op | default('undefined') }}.
- name: "Set default user domain of vCenter Server"
ansible.builtin.set_fact:
vcenter_domain_name: "{{ vcenter_username.split('@')[-1] }}"
when: vcenter_domain_name is undefined or not vcenter_domain_name

- name: "Set command for adding domain user"
ansible.builtin.set_fact:
manage_domain_user_cmd: >-
/usr/lib/vmware-vmafd/bin/dir-cli user create
--account "{{ vcenter_domain_user_name }}"
--user-password "{{ vcenter_domain_user_password }}"
--first-name "{{ vcenter_domain_user_first_name | default(vcenter_domain_user_name) }}"
--last-name "{{ vcenter_domain_user_last_name | default(vcenter_domain_name) }}"
--login "{{ vcenter_username }}"
--password "{{ vcenter_password }}"
when: vcenter_domain_user_op == "add"

- name: "Set command for deleteing domain user"
ansible.builtin.set_fact:
manage_domain_user_cmd: >-
/usr/lib/vmware-vmafd/bin/dir-cli user delete
--account "{{ vcenter_domain_user_name }}"
--login "{{ vcenter_username }}"
--password "{{ vcenter_password }}"
when: vcenter_domain_user_op == "delete"

- name: "{{ vcenter_domain_user_op | capitalize }} domain user '{{ vcenter_domain_user_name }}@{{ vcenter_domain_name }}'"
ansible.builtin.command: "{{ manage_domain_user_cmd }}"
ignore_errors: true
delegate_to: "{{ vcenter_hostname }}"
register: manage_domain_user_result

- name: "Display result of managing domain user"
ansible.builtin.debug: var=manage_domain_user_result
when: enable_debug | bool

- name: "Check the result of managing domain user '{{ vcenter_domain_user_name }}@{{ vcenter_domain_name }}'"
ansible.builtin.assert:
that:
- manage_domain_user_result.rc is defined
- manage_domain_user_result.rc == 0
fail_msg: >-
Failed to {{ vcenter_domain_user_op }} domain user '{{ vcenter_domain_user_name }}@{{ vcenter_domain_name }}'.
Return code is '{{ manage_domain_user_result.rc | default("unknown") }}'.
Hit error '{{ manage_domain_user_result.stderr | default("unknown") }}'.
success_msg: "{{ manage_domain_user_result.stdout | default(omit) }}"

- name: "Add domain user to user group"
block:
- name: "Set command for adding domain user to user group"
ansible.builtin.set_fact:
modify_user_group_cmd: >-
/usr/lib/vmware-vmafd/bin/dir-cli group modify
--name "{{ vcenter_domain_user_group }}"
--add "{{ vcenter_domain_user_name }}"
--login "{{ vcenter_username }}"
--password "{{ vcenter_password }}"
- name: "Add domain user to user group '{{ vcenter_domain_user_group }}'"
ansible.builtin.command: "{{ modify_user_group_cmd }}"
delegate_to: "{{ vcenter_hostname }}"
register: modify_user_group_result

- name: "Display result of adding domain user to user group"
ansible.builtin.debug: var=modify_user_group_result
when: enable_debug | bool

- name: "Check the result of adding domain user to user group '{{ vcenter_domain_user_group }}'"
ansible.builtin.assert:
that:
- modify_user_group_result.rc is defined
- modify_user_group_result.rc == 0
fail_msg: >-
Failed to add domain user '{{ vcenter_domain_user_name }}@{{ vcenter_domain_name }}'
to user group '{{ vcenter_domain_user_group }}'.
Return code is '{{ modify_user_group_result.rc | default("unknown") }}'.
Hit error '{{ modify_user_group_result.stderr | default("unknown") }}'
success_msg: "{{ modify_user_group_result.stdout | default(omit) }}"
when:
- vcenter_domain_user_op == "add"
- vcenter_domain_user_group is defined
- vcenter_domain_user_group
17 changes: 4 additions & 13 deletions env_setup/env_setup.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
- name: "Get vCenter Server version and build"
include_tasks: ../common/vcenter_get_version_build.yml
when: vcenter_is_defined is defined and vcenter_is_defined

- name: "Get ESXi version and build"
include_tasks: ../common/esxi_get_version_build.yml

Expand Down Expand Up @@ -87,7 +87,7 @@
include_tasks: check_vm_settings.yml

- name: "Get existing VM info"
include_tasks: ../common/vm_get_vm_info.yml
include_tasks: ../common/vm_get_vm_info.yml
when: vm_exists is defined and vm_exists

- name: Set fact of the VM datastore path
Expand All @@ -97,17 +97,8 @@
- name: Display the datatore path of VM files
ansible.builtin.debug: var=vm_datastore_path

- name: "Add esxi host into memory inventory"
include_tasks: ../common/add_host_in_memory_inventory.yml
vars:
add_host_in_memory_inventory_ip: "{{ esxi_hostname }}"
add_host_in_memory_inventory_gp: "esxi"
add_host_in_memory_inventory_user: "{{ esxi_username }}"
add_host_in_memory_inventory_pwd: "{{ esxi_password }}"
add_host_in_memory_inventory_python: "/bin/python"
add_host_in_memory_inventory_ssh_pipeline: true
add_host_in_memory_inventory_remote_tmp: "{{ vm_datastore_path }}"
add_host_in_memory_inventory_shell: "{{ esxi_shell }}"
- name: "Add vSphere hosts into memory inventory"
include_tasks: ../common/add_vsphere_hosts_in_inventory.yml

- name: "Enable guest IP hack on ESXi host to get VM IP address when there is no VMware tools installed or VMware tools is not up"
include_tasks: ../common/esxi_enable_guest_ip_hack.yml
11 changes: 7 additions & 4 deletions linux/open_vm_tools/ovt_verify_install.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,11 +49,14 @@
- vmtools_is_installed
- update_vmtools

# Set the fact of open-vm-tools packages
- include_tasks: ../utils/set_ovt_facts.yml
- name: "Set facts of open-vm-tools packages, processes and service"
include_tasks: ../utils/set_ovt_facts.yml

# Uninstall open-vm-tools for reinstallation
- include_tasks: uninstall_ovt.yml
- name: "Set facts of VGAuthService process and service"
include_tasks: ../utils/set_vgauth_facts.yml

- name: "Uninstall open-vm-tools for reinstall"
include_tasks: uninstall_ovt.yml
when:
- uninstall_tools is defined
- uninstall_tools
Expand Down
2 changes: 1 addition & 1 deletion linux/open_vm_tools/ovt_verify_status.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
- block:
- include_tasks: ../utils/add_user.yml
vars:
os_username: "vmware"
guest_user_name: "vmware"

- include_tasks: ../utils/enable_auto_login.yml
vars:
Expand Down
27 changes: 17 additions & 10 deletions linux/open_vm_tools/ovt_verify_uninstall.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,30 +12,37 @@
tasks:
- name: "Test case block"
block:
- include_tasks: ../setup/test_setup.yml
- name: "Test setup"
include_tasks: ../setup/test_setup.yml

# Flatcar doesn't support to uninstall open-vm-tools
- include_tasks: ../../common/skip_test_case.yml
- name: "Skip test case for {{ guest_os_ansible_distribution }}"
include_tasks: ../../common/skip_test_case.yml
vars:
skip_msg: "Skip test case because {{ guest_os_ansible_distribution }} doesn't support uninstalling open-vm-tools"
skip_reason: "Not Supported"
when: "'Flatcar' in guest_os_ansible_distribution"

- include_tasks: ../../common/skip_test_case.yml
- name: "Block test case when guest OS doesn't install open-vm-tools"
include_tasks: ../../common/skip_test_case.yml
vars:
skip_msg: "Test case '{{ ansible_play_name }}' is blocked because guest OS doesn't has open-vm-tools"
skip_reason: "Blocked"
when: vmtools_is_installed is undefined or not (vmtools_is_installed | bool)

- block:
# Set the fact of open-vm-tools packages
- include_tasks: ../utils/set_ovt_facts.yml
- name: "Uninstall open-vm-tools"
block:
- name: "Set facts of open-vm-tools packages, processes and service"
include_tasks: ../utils/set_ovt_facts.yml

# Uninstall open-vm-tools for reinstallation
- include_tasks: uninstall_ovt.yml
- name: "Set facts of VGAuthService process and service"
include_tasks: ../utils/set_vgauth_facts.yml

- name: "Uninstall open-vm-tools and check result"
include_tasks: uninstall_ovt.yml
when:
- "'Flatcar' not in guest_os_ansible_distribution"
- vmtools_is_installed is defined
- vmtools_is_installed | bool
rescue:
- include_tasks: ../../common/test_rescue.yml
- name: "Test case failure"
include_tasks: ../../common/test_rescue.yml
2 changes: 1 addition & 1 deletion linux/open_vm_tools/uninstall_ovt.yml
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@
expected_service_state: "absent"
with_items:
- "{{ ovt_service }}"
- "{{ vgauth_service }}"
- "{{ vgauth_service_name }}"

- name: "Set the fact that open-vm-tools is removed"
ansible.builtin.set_fact:
Expand Down
25 changes: 13 additions & 12 deletions linux/utils/add_user.yml
Original file line number Diff line number Diff line change
@@ -1,37 +1,38 @@
# Copyright 2021-2023 VMware, Inc.
# SPDX-License-Identifier: BSD-2-Clause
---
# Add a new user to guest
# Add a new user in guest OS
# Parameter:
# os_username: The user name to be added
# os_group: (Optional)The group name for the new user name.
# guest_user_name: The new user name
# guest_user_password: The new user's password
# guest_user_group: (Optional)The group name for the new user name.

# If user already exists, return changed with 'false'
- name: "Get user '{{ os_username }}' info"
- name: "Get user '{{ guest_user_name }}' info"
ansible.builtin.getent:
database: passwd
key: "{{ os_username }}"
key: "{{ guest_user_name }}"
failed_when: false
register: getent_user_result
delegate_to: "{{ vm_guest_ip }}"

- name: "User '{{ os_username }}' already exists"
- name: "User '{{ guest_user_name }}' already exists"
ansible.builtin.debug: var=getent_user_result.ansible_facts.getent_passwd
when:
- getent_user_result.ansible_facts is defined
- getent_user_result.ansible_facts.getent_passwd is defined
- getent_user_result.ansible_facts.getent_passwd[os_username] is defined
- getent_user_result.ansible_facts.getent_passwd[guest_user_name] is defined

# Create a new user if it doesn't exist
- name: "Add a new user '{{ os_username }}'"
- name: "Add a new user '{{ guest_user_name }}'"
ansible.builtin.user:
name: "{{ os_username }}"
group: "{{ os_group | default('users') }}"
password: "{{ vm_password | password_hash('sha512') }}"
name: "{{ guest_user_name }}"
group: "{{ guest_user_group | default('users') }}"
password: "{{ guest_user_password | default(vm_password) | password_hash('sha512') }}"
update_password: on_create
expires: -1
delegate_to: "{{ vm_guest_ip }}"
when: >
getent_user_result.ansible_facts is undefined or
getent_user_result.ansible_facts.getent_passwd is undefined or
getent_user_result.ansible_facts.getent_passwd[os_username] is undefined
getent_user_result.ansible_facts.getent_passwd[guest_user_name] is undefined
Loading