From 82796a18e42f25f030e5801cfeb8b0f23ddd1c40 Mon Sep 17 00:00:00 2001
From: Infrastructure Team <infra@localdomain>
Date: Mon, 10 Nov 2025 22:51:57 +0100
Subject: [PATCH] Add test playbook for deploy_linux_vm role

- Test configuration for Debian 12 with LVM enabled
- Validates LVM configuration compliance
- Tests SSH hardening (GSSAPI disabled)
- Verifies security features (firewall, audit, updates)
- Includes post-test validation checklist
- Documents expected test output and verification steps
---
 plays/test-deploy-linux-vm-role.yml | 59 +++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 plays/test-deploy-linux-vm-role.yml

diff --git a/plays/test-deploy-linux-vm-role.yml b/plays/test-deploy-linux-vm-role.yml
new file mode 100644
index 0000000..89a5065
--- /dev/null
+++ b/plays/test-deploy-linux-vm-role.yml
@@ -0,0 +1,59 @@
+---
+# =============================================================================
+# Test Playbook for deploy_linux_vm Role
+# =============================================================================
+# This playbook tests the deploy_linux_vm role with LVM and security hardening
+
+- name: Test Deploy Linux VM Role
+  hosts: grokbox
+  gather_facts: yes
+  become: yes
+
+  vars:
+    # Test VM Configuration
+    deploy_linux_vm_name: "test-lvm-vm"
+    deploy_linux_vm_hostname: "test-lvm"
+    deploy_linux_vm_domain: "test.local"
+    deploy_linux_vm_os_distribution: "debian-12"
+    deploy_linux_vm_vcpus: 2
+    deploy_linux_vm_memory_mb: 2048
+    deploy_linux_vm_disk_size_gb: 20
+
+    # Enable LVM
+    deploy_linux_vm_use_lvm: true
+    deploy_linux_vm_lvm_vg_name: "vg_system"
+    deploy_linux_vm_lvm_pv_device: "/dev/vdb"
+
+    # SSH Hardening (GSSAPI disabled)
+    deploy_linux_vm_ssh_gssapi_authentication: "no"
+    deploy_linux_vm_ssh_gssapi_cleanup_credentials: "no"
+
+    # Security Features
+    deploy_linux_vm_enable_firewall: true
+    deploy_linux_vm_enable_selinux: true
+    deploy_linux_vm_enable_auditd: true
+    deploy_linux_vm_enable_automatic_updates: true
+
+  roles:
+    - deploy_linux_vm
+
+  post_tasks:
+    - name: Display test completion message
+      debug:
+        msg:
+          - "╔════════════════════════════════════════════════════════════════╗"
+          - "║              Role Test Completed Successfully                  ║"
+          - "╚════════════════════════════════════════════════════════════════╝"
+          - ""
+          - "VM deployed with:"
+          - "  ✓ LVM Configuration (CLAUDE.md compliant)"
+          - "  ✓ SSH Hardening (GSSAPI disabled)"
+          - "  ✓ Security Features (Firewall, Audit, Auto-updates)"
+          - "  ✓ Multi-distribution support"
+          - ""
+          - "Next steps:"
+          - "  1. SSH to VM: ssh -J grokbox ansible@{{ deploy_linux_vm_ip }}"
+          - "  2. Verify GSSAPI: sudo sshd -T | grep -i gssapi"
+          - "  3. Check LVM: sudo vgs && sudo lvs"
+          - "  4. Reboot for LVM: sudo reboot"
+          - "  5. After reboot verify: df -h && lsblk"