--- - name: test out invalid options test_invalid_requires: register: invalid_options - name: assert test out invalid options assert: that: - invalid_options is successful - invalid_options.output == "output" - name: test out invalid os version test_min_os_version: register: invalid_os_version ignore_errors: yes - name: assert test out invalid os version assert: that: - invalid_os_version is failed - '"This module cannot run on this OS as it requires a minimum version of 20.0, actual was " in invalid_os_version.msg' - name: test out invalid powershell version test_min_ps_version: register: invalid_ps_version ignore_errors: yes - name: assert test out invalid powershell version assert: that: - invalid_ps_version is failed - '"This module cannot run as it requires a minimum PowerShell version of 20.0.0.0, actual was " in invalid_ps_version.msg' - name: test out environment block for task win_shell: set args: executable: cmd.exe environment: String: string value Int: 1234 Bool: True double_quote: 'double " quote' single_quote: "single ' quote" hyphen-var: abc@123 '_-(){}[]<>*+-/\?"''!@#$%^&|;:i,.`~0': '_-(){}[]<>*+-/\?"''!@#$%^&|;:i,.`~0' register: environment_block - name: assert environment block for task assert: that: - '"String=string value" in environment_block.stdout_lines' - '"Int=1234" in environment_block.stdout_lines' - '"Bool=True" in environment_block.stdout_lines' - '"double_quote=double \" quote" in environment_block.stdout_lines' - '"single_quote=single '' quote" in environment_block.stdout_lines' - '"hyphen-var=abc@123" in environment_block.stdout_lines' # yaml escaping rules - (\\ == \), (\" == "), ('' == ') - '"_-(){}[]<>*+-/\\?\"''!@#$%^&|;:i,.`~0=_-(){}[]<>*+-/\\?\"''!@#$%^&|;:i,.`~0" in environment_block.stdout_lines' - name: test out become requires without become_user set test_all_options: register: become_system - name: assert become requires without become_user set assert: that: - become_system is successful - become_system.output == "S-1-5-18" - set_fact: become_test_username: ansible_become_test gen_pw: password123! + {{ lookup('password', '/dev/null chars=ascii_letters,digits length=8') }} - name: create unprivileged user win_user: name: "{{ become_test_username }}" password: "{{ gen_pw }}" update_password: always groups: Users register: become_test_user_result - name: execute tests and ensure that test user is deleted regardless of success/failure block: - name: ensure current user is not the become user win_shell: whoami register: whoami_out - name: verify output assert: that: - not whoami_out.stdout_lines[0].endswith(become_test_username) - name: get become user profile dir so we can clean it up later vars: &become_vars ansible_become_user: "{{ become_test_username }}" ansible_become_password: "{{ gen_pw }}" ansible_become_method: runas ansible_become: yes win_shell: $env:USERPROFILE register: profile_dir_out - name: ensure profile dir contains test username (eg, if become fails silently, prevent deletion of real user profile) assert: that: - become_test_username in profile_dir_out.stdout_lines[0] - name: test out become requires when become_user set test_all_options: vars: *become_vars register: become_system - name: assert become requires when become_user set assert: that: - become_system is successful - become_system.output == become_test_user_result.sid always: - name: ensure test user is deleted win_user: name: "{{ become_test_username }}" state: absent - name: ensure test user profile is deleted # NB: have to work around powershell limitation of long filenames until win_file fixes it win_shell: rmdir /S /Q {{ profile_dir_out.stdout_lines[0] }} args: executable: cmd.exe when: become_test_username in profile_dir_out.stdout_lines[0]