ansible/test/integration/targets/prepare_http_tests/tasks/kerberos.yml

- set_fact:
    krb5_config: '{{ remote_tmp_dir }}/krb5.conf'
    krb5_realm: '{{ httpbin_host.split(".")[1:] | join(".") | upper }}'
    krb5_provider: '{{ (ansible_facts.os_family == "FreeBSD" or ansible_facts.distribution == "MacOSX") | ternary("Heimdal", "MIT") }}'

- set_fact:
    krb5_username: admin@{{ krb5_realm }}

- name: Create krb5.conf file
  template:
    src: krb5.conf.j2
    dest: '{{ krb5_config }}'

- name: Include distribution specific variables
  include_vars: '{{ lookup("first_found", params) }}'
  vars:
    params:
      files:
      - '{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_major_version }}.yml'
      - '{{ ansible_facts.os_family }}-{{ ansible_facts.distribution_major_version }}.yml'
      - '{{ ansible_facts.distribution }}.yml'
      - '{{ ansible_facts.os_family }}.yml'
      - default.yml
      paths:
      - '{{ role_path }}/vars'

- name: Install Kerberos sytem packages
  package:
    name: '{{ krb5_packages }}'
    state: present
  when: ansible_facts.distribution not in ['Alpine', 'MacOSX']

# apk isn't available on ansible-core so just call command
- name: Alpine - Install Kerberos system packages
  command: apk add {{ krb5_packages | join(' ') }}
  when: ansible_facts.distribution == 'Alpine'

- name: Install python gssapi
  pip:
    name:
    - gssapi
    - importlib ; python_version < '2.7'
    state: present
    extra_args: '-c {{ remote_constraints }}'
  environment:
    # Put /usr/local/bin for FreeBSD as we need to use the heimdal port over the builtin version
    # https://github.com/pythongssapi/python-gssapi/issues/228
    # Need the /usr/lib/mit/bin custom path for OpenSUSE as krb5-config is placed there
    PATH: '/usr/local/bin:{{ ansible_facts.env.PATH }}:/usr/lib/mit/bin'
  notify: Remove python gssapi

- name: test the environment to make sure Kerberos is working properly
  httptester_kinit:
    username: '{{ krb5_username }}'
    password: '{{ krb5_password }}'
  environment:
    KRB5_CONFIG: '{{ krb5_config }}'
    KRB5CCNAME: FILE:{{ remote_tmp_dir }}/krb5.cc

- name: remove test credential cache
  file:
    path: '{{ remote_tmp_dir }}/krb5.cc'
    state: absent
Add support for GSSAPI/Kerberos to urls.py (#72113) * Add support for GSSAPI/Kerberos to urls.py * Test out changes with the latest test container * Get remote hosts working * Fix up httptester_krb5_password reader * Fix tests for opensuse and macOS * Hopefully last lot of testing changes * Dont do CBT on macOS * Fixes from review 4 years ago			`- set_fact:`
			`krb5_config: '{{ remote_tmp_dir }}/krb5.conf'`
			`krb5_realm: '{{ httpbin_host.split(".")[1:] \| join(".") \| upper }}'`
			`krb5_provider: '{{ (ansible_facts.os_family == "FreeBSD" or ansible_facts.distribution == "MacOSX") \| ternary("Heimdal", "MIT") }}'`

			`- set_fact:`
			`krb5_username: admin@{{ krb5_realm }}`

			`- name: Create krb5.conf file`
			`template:`
			`src: krb5.conf.j2`
			`dest: '{{ krb5_config }}'`

			`- name: Include distribution specific variables`
			`include_vars: '{{ lookup("first_found", params) }}'`
			`vars:`
			`params:`
			`files:`
			`- '{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_major_version }}.yml'`
			`- '{{ ansible_facts.os_family }}-{{ ansible_facts.distribution_major_version }}.yml'`
			`- '{{ ansible_facts.distribution }}.yml'`
			`- '{{ ansible_facts.os_family }}.yml'`
			`- default.yml`
			`paths:`
			`- '{{ role_path }}/vars'`

			`- name: Install Kerberos sytem packages`
			`package:`
			`name: '{{ krb5_packages }}'`
			`state: present`
			`when: ansible_facts.distribution not in ['Alpine', 'MacOSX']`

Rename to ansible-core (#72594) Change: - Initial set of changes for renaming to ansible-core - Includes changelog fragment changes from base -> core - Does NOT include docs changes - Modifies detection stuff in setup.py to support ansible<2.9 and ansible-base Test Plan: - ci_complete 4 years ago			`# apk isn't available on ansible-core so just call command`
Add support for GSSAPI/Kerberos to urls.py (#72113) * Add support for GSSAPI/Kerberos to urls.py * Test out changes with the latest test container * Get remote hosts working * Fix up httptester_krb5_password reader * Fix tests for opensuse and macOS * Hopefully last lot of testing changes * Dont do CBT on macOS * Fixes from review 4 years ago			`- name: Alpine - Install Kerberos system packages`
			`command: apk add {{ krb5_packages \| join(' ') }}`
			`when: ansible_facts.distribution == 'Alpine'`

			`- name: Install python gssapi`
			`pip:`
			`name:`
			`- gssapi`
			`- importlib ; python_version < '2.7'`
			`state: present`
			`extra_args: '-c {{ remote_constraints }}'`
			`environment:`
Fix FreeBSD HTTP Kerberos setup (#72595) 4 years ago			`# Put /usr/local/bin for FreeBSD as we need to use the heimdal port over the builtin version`
			`# https://github.com/pythongssapi/python-gssapi/issues/228`
			`# Need the /usr/lib/mit/bin custom path for OpenSUSE as krb5-config is placed there`
			`PATH: '/usr/local/bin:{{ ansible_facts.env.PATH }}:/usr/lib/mit/bin'`
Add support for GSSAPI/Kerberos to urls.py (#72113) * Add support for GSSAPI/Kerberos to urls.py * Test out changes with the latest test container * Get remote hosts working * Fix up httptester_krb5_password reader * Fix tests for opensuse and macOS * Hopefully last lot of testing changes * Dont do CBT on macOS * Fixes from review 4 years ago			`notify: Remove python gssapi`

			`- name: test the environment to make sure Kerberos is working properly`
			`httptester_kinit:`
			`username: '{{ krb5_username }}'`
			`password: '{{ krb5_password }}'`
			`environment:`
			`KRB5_CONFIG: '{{ krb5_config }}'`
			`KRB5CCNAME: FILE:{{ remote_tmp_dir }}/krb5.cc`

			`- name: remove test credential cache`
			`file:`
			`path: '{{ remote_tmp_dir }}/krb5.cc'`
			`state: absent`