Ryan Lerch
3c41882bb0
Replaces references to shell: with ansible.builtin.shell Signed-off-by: Ryan Lerch <rlerch@redhat.com>
40 lines
1.3 KiB
YAML
40 lines
1.3 KiB
YAML
---
|
|
- name: Get admin ticket
|
|
delegate_to: "{{ ipa_server }}"
|
|
ansible.builtin.shell: echo "{{ipa_admin_password}}" | kinit admin
|
|
check_mode: no
|
|
changed_when: "1 != 1"
|
|
tags:
|
|
- config
|
|
- krb5
|
|
|
|
|
|
- name: Create servicedelegationtarget entry
|
|
delegate_to: "{{ ipa_server }}"
|
|
ansible.builtin.command: ipa servicedelegationtarget-add {{targetname}}-delegation-targets
|
|
register: add_result
|
|
check_mode: no
|
|
changed_when: "'Added service delegation target' in add_result.stdout"
|
|
failed_when: "not ('Added service delegation target' in add_result.stdout or 'already exists' in add_result.stderr)"
|
|
tags:
|
|
- config
|
|
- krb5
|
|
|
|
- name: Add servicedelegationtarget members
|
|
delegate_to: "{{ ipa_server }}"
|
|
ansible.builtin.command: ipa servicedelegationtarget-add-member {{targetname}}-delegation-targets --principals={{item.service}}/{{item.host}}@{{ipa_realm}}
|
|
loop: "{{ members }}"
|
|
register: add_member_result
|
|
check_mode: no
|
|
changed_when: "'Number of members added 1' in add_member_result.stdout"
|
|
failed_when: "not ('Number of members added 1' in add_member_result.stdout or 'Number of members added 0' in add_member_result.stdout)"
|
|
tags:
|
|
- config
|
|
- krb5
|
|
|
|
- name: Destroy admin ticket
|
|
delegate_to: "{{ ipa_server }}"
|
|
ansible.builtin.command: kdestroy -A
|
|
tags:
|
|
- config
|
|
- krb5
|