Merge pull request #8 from stackabletech/feat/opa-test-ad-users

razvan · web-flow · commit 8646bfd79c28 · 2025-07-02T16:05:22.000+02:00
feat: create AD users and groups for OPA integration tests
diff --git a/roles/ad-dc/tasks/main.yaml b/roles/ad-dc/tasks/main.yaml
@@ -94,3 +94,45 @@
     dest_path: target/ca.crt
     format: pem
   delegate_to: localhost
+
+# Create users and groups used by the OPA ad-ad-userinfo test
+
+- name: Create Superset Admins group
+  microsoft.ad.group:
+    name: Superset Admins
+    scope: global
+    state: present
+
+- name: Create user alice
+  microsoft.ad.user:
+    name: alice
+    sam_account_name: sam-alice # different than upn prefix (name)
+    password: Asdf1234
+    enabled: true
+    upn: "alice@{{ ansible_facts.domain | lower }}"
+    groups:
+      set:
+        - Domain Users
+        - Superset Admins
+
+- name: Create user bob
+  microsoft.ad.user:
+    name: bob
+    sam_account_name: bob # same as upn prefix (name)
+    password: Asdf1234
+    enabled: true
+    upn: "bob@{{ ansible_facts.domain | upper }}"
+    groups:
+      set:
+        - Domain Users
+
+- name: Create user charlie
+  microsoft.ad.user:
+    name: charlie
+    sam_account_name: charlie
+    password: Asdf1234
+    enabled: true
+    upn: "charlie@custom.test" # custom suffix
+    groups:
+      set:
+        - Domain Users
