nicolas
/
threescale-cicd
mirror of https://github.com/nmasse-itix/threescale-cicd.git
1
0
Fork 0
Code Issues Releases Wiki Activity
An Ansible module that enables Continuous Delivery with Red Hat 3scale API Management Platform (3scale AMP)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
141 Commits
2 Branches
10 Tags
298 KiB
 
 
 
Tree: 11459dd469
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '11459dd469'
${ noResults }
threescale-cicd/tasks/steps/read_openapi.yml

64 lines
3.1 KiB
Raw Blame History

---
- name: Check the OpenAPI format version
assert:
that:
- "threescale_cicd_openapi_file_version == '2.0'"
msg: "Currently only the OpenAPI/Swagger 2.0 is handled. If needed, fill an issue or submit a pull request!"
- name: Make sure there is one and exactly one security requirement
assert:
that:
- 'threescale_cicd_api_security_requirements|length == 1'
msg: >-
You have {{ threescale_cicd_api_security_requirements|length }} global security requirements.
There must be one and only one security requirement.
- name: Make sure the security scheme is consistent with 3scale
assert:
that:
- >-
'type' in threescale_cicd_api_security_scheme and threescale_cicd_api_security_scheme.type == 'apiKey'
or (threescale_cicd_api_security_scheme.type == 'oauth2' and threescale_cicd_sso_issuer_endpoint is defined)
msg: >-
The embedded security definition {{ threescale_cicd_api_security_scheme_name }} is not compatible with 3scale.
Please make sure you chose an "apiKey" or "oauth2" scheme.
Also, if you chose "oauth2", you will need to pass the threescale_cicd_sso_issuer_endpoint extra variable.
The security definition you chose: {{ threescale_cicd_api_security_scheme|to_nice_json }}
- name: Make sure the Private Base URL is defined
assert:
that:
- 'threescale_cicd_private_base_url is defined'
msg: >-
Either the private base url or the tuple backend hostname/scheme must be declared as extra variables
(either threescale_cicd_private_base_url or threescale_cicd_api_backend_scheme / threescale_cicd_api_backend_hostname)
- name: Smoketests consistency
assert:
that:
# Operation must exists
- 'threescale_cicd_openapi_smoketest_operation in threescale_cicd_api_operations'
# Must be a GET
- "threescale_cicd_api_operations[threescale_cicd_openapi_smoketest_operation].verb == 'get'"
# Must NOT have a placeholder in the path
- 'threescale_cicd_api_operations[threescale_cicd_openapi_smoketest_operation].path.find("{") == -1'
msg: "The smoketest operation {{ threescale_cicd_openapi_smoketest_operation }} must be a GET and cannot have a placeholder in its path."
when: 'threescale_cicd_openapi_smoketest_operation|length > 0'
- name: Make sure the 'application' OAuth flow is enabled if smoke tests are required
assert:
that:
- "'application' in threescale_cicd_oicd_flows|default([ threescale_cicd_api_security_scheme.flow ])"
msg: >-
Since 3scale AMP 2.5, you need to explicitely add the "application" flow to the supported
OAuth flows if you want to run smoke tests. You can either disable smoke tests
(-e threescale_cicd_openapi_smoketest_operation="") or enable the application flow
(-e threescale_cicd_oicd_flows="{{ [ 'application', threescale_cicd_api_security_scheme.flow ] }}").
when: >-
threescale_cicd_api_security_scheme.type == 'oauth2'
and threescale_cicd_openapi_smoketest_operation|length > 0
and threescale_cicd_capabilities.oidc_configuration_api|bool
- debug:
msg: "Will work on service with system_name = {{ threescale_cicd_api_system_name }}"