kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-12-02 15:39:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f363d36a36beb1362ee2bb52d85136d5a1d39ae6
computer-playbook/tests/unit
History
Kevin Veen-Birkenbach 26dfab147d Implement reserved username handling for users, LDAP and Keycloak 
Add end-to-end support for reserved usernames and tighten CAPTCHA / Keycloak logic.

Changes:

- Makefile: rename EXTRA_USERS → RESERVED_USERNAMES and pass it as --reserved-usernames to the users defaults generator.

- cli/build/defaults/users.py: propagate  flag into generated users, add --reserved-usernames CLI option and mark listed accounts as reserved.

- Add reserved_users filter plugin with  and  helpers for Ansible templates and tasks.

- Add unit tests for reserved_users filters and the new reserved-usernames behaviour in the users defaults generator.

- group_vars/all/00_general.yml: harden RECAPTCHA_ENABLED / HCAPTCHA_ENABLED checks with default('') and explicit > 0 length checks.

- svc-db-openldap: introduce OPENLDAP_PROVISION_* flags, add OPENLDAP_PROVISION_RESERVED and OPERNLDAP_USERS to optionally exclude reserved users from provisioning.

- svc-db-openldap templates/tasks: switch role/group LDIF and user import loops to use OPERNLDAP_USERS instead of the full users dict.

- networks: assign dedicated subnet for web-app-roulette-wheel.

- web-app-keycloak vars: compute KEYCLOAK_RESERVED_USERNAMES_LIST and KEYCLOAK_RESERVED_USERNAMES_REGEX from users | reserved_usernames.

- web-app-keycloak user profile template: inject reserved-username regex into username validation pattern and improve error message, fix SSH public key attribute usage and add component name field.

- web-app-keycloak update/_update.yml: strip subComponents from component payloads before update and disable async/poll for easier debugging.

- web-app-keycloak tasks/main.yml: guard cleanup include with MODE_CLEANUP and keep reCAPTCHA update behind KEYCLOAK_RECAPTCHA_ENABLED.

- user/users defaults: mark system/service accounts (root, daemon, mail, admin, webmaster, etc.) as reserved so they cannot be chosen as login names.

- svc-prx-openresty vars: simplify OPENRESTY_CONTAINER lookup by dropping unused default parameter.

- sys-ctl-rpr-btrfs-balancer: simplify main.yml by removing the extra block wrapper.

- sys-daemon handlers: quote handler name for consistency.

Context: change set discussed and refined in ChatGPT on 2025-11-29 (Infinito.Nexus reserved usernames & Keycloak user profile flow). See conversation: https://chatgpt.com/share/692b21f5-5d98-800f-8e15-1ded49deddc9
2025-11-29 17:40:45 +01:00
..
cli
Implement reserved username handling for users, LDAP and Keycloak
2025-11-29 17:40:45 +01:00
filter_plugins
Implement reserved username handling for users, LDAP and Keycloak
2025-11-29 17:40:45 +01:00
lookup_plugins
Implement filter checks: ensure all defined filters are used and remove dead code
2025-09-01 11:47:51 +02:00
module_utils
Enhance CertUtils to return the newest matching certificate and add comprehensive unit tests
2025-10-15 09:21:00 +02:00
roles
Ensure deterministic ordering of web health expectations and add unit tests
2025-11-29 13:40:31 +01:00
utils
Restructured server config
2025-08-07 11:31:06 +02:00
web-app-desktop
Refactor category sorting in docker_cards_grouped lookup plugin, restructure Shopware task sequence, and extend menu categories (Commerce, Storage). Added unit tests for lookup plugin.
2025-11-03 09:14:15 +01:00
__init__.py
Added gid to applications to make them posix group ldap compatible
2025-07-03 23:51:14 +02:00
README.md
Renamed web-app-port-ui to web-app-desktop
2025-08-26 11:35:22 +02:00
test_main.py
Optimized test_main.py
2025-07-16 08:25:16 +02:00

README.md

Unit Tests

This directory contains unit tests for various custom components in the project, such as the custom lookup plugin docker_cards used in the web-app-desktop role.

Overview

The unit tests are written using Pythons built-in unittest framework. They are designed to verify that your custom logic works as expected—such as extracting metadata from role files—without needing to run the entire playbook.

Running the Tests

You can run the tests using one of the following methods:

  1. Using Unittest Discovery:

    From the project's root directory, run:

    python -m unittest discover -s tests/unit

    This command will discover and execute all test files within the tests/unit directory.

  2. Running a Specific Test File:

    If you want to run only the Docker cards test, execute:

    python tests/unit/test_docker_cards.py

How It Works

  • Setup:
    The test script creates a temporary directory to simulate your roles folder. It then creates a sample role (web-app-desktop) with a README.md file (containing a header for the title) and a meta/main.yml file (with the required metadata).

  • Execution:
    Dummy variable values for domains and applications are provided (these are the variables the lookup plugin expects). The lookup plugin is then run, which processes the sample role and returns the card information.

  • Verification:
    The test uses assertions to ensure that the output contains the expected title, description, icon information, constructed URL, and the correct iframe flag.

  • Cleanup:
    After the test completes, the temporary directory is removed, ensuring that no test artifacts remain.

Requirements

  • Python 3.6 or newer is recommended.
  • All necessary dependencies for your project should be installed.

These tests help ensure that your custom code is reliable and behaves as expected, and they can be easily integrated into a Continuous Integration (CI) pipeline.

Happy testing!

Reference in New Issue View Git Blame Copy Permalink