Restructure integration tests for authorized_key module

* Split tasks/main.yml in integration tests to each function block. Signed-off-by: Hideki Saito <saito@fgrep.org>
2026-06-10 02:25:54 +00:00 · 2021-07-01 12:36:49 +09:00
parent a994a58b23
commit 69d17ed4b7
7 changed files with 486 additions and 474 deletions
--- a/tests/integration/targets/authorized_key/tasks/ssh_dss.yml
+++ b/tests/integration/targets/authorized_key/tasks/ssh_dss.yml
@@ -0,0 +1,241 @@
+# -------------------------------------------------------------
+# basic ssh-dss key
+
+- name: add basic ssh-dss key
+  authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that the key was added
+  assert:
+    that:
+      - 'result.changed == True'
+      - 'result.key == dss_key_basic'
+      - 'result.key_options == None'
+
+- name: re-add basic ssh-dss key
+  authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that nothing changed
+  assert:
+    that:
+      - 'result.changed == False'
+
+# -------------------------------------------------------------
+# ssh-dss key with an unquoted option
+
+- name: add ssh-dss key with an unquoted option
+  authorized_key:
+    user: root
+    key: "{{ dss_key_unquoted_option }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that the key was added
+  assert:
+    that:
+      - 'result.changed == True'
+      - 'result.key == dss_key_unquoted_option'
+      - 'result.key_options == None'
+
+- name: re-add ssh-dss key with an unquoted option
+  authorized_key:
+    user: root
+    key: "{{ dss_key_unquoted_option }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that nothing changed
+  assert:
+    that:
+      - 'result.changed == False'
+
+# -------------------------------------------------------------
+# ssh-dss key with a leading command="/bin/foo"
+
+- name: add ssh-dss key with a leading command
+  authorized_key:
+    user: root
+    key: "{{ dss_key_command }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that the key was added
+  assert:
+    that:
+      - 'result.changed == True'
+      - 'result.key == dss_key_command'
+      - 'result.key_options == None'
+
+- name: re-add ssh-dss key with a leading command
+  authorized_key:
+    user: root
+    key: "{{ dss_key_command }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that nothing changed
+  assert:
+    that:
+      - 'result.changed == False'
+
+# -------------------------------------------------------------
+# ssh-dss key with a complex quoted leading command
+# ie. command="/bin/echo foo 'bar baz'"
+
+- name: add ssh-dss key with a complex quoted leading command
+  authorized_key:
+    user: root
+    key: "{{ dss_key_complex_command }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that the key was added
+  assert:
+    that:
+      - 'result.changed == True'
+      - 'result.key == dss_key_complex_command'
+      - 'result.key_options == None'
+
+- name: re-add ssh-dss key with a complex quoted leading command
+  authorized_key:
+    user: root
+    key: "{{ dss_key_complex_command }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that nothing changed
+  assert:
+    that:
+      - 'result.changed == False'
+
+# -------------------------------------------------------------
+# ssh-dss key with a command and a single option, which are
+# in a comma-separated list
+
+- name: add ssh-dss key with a command and a single option
+  authorized_key:
+    user: root
+    key: "{{ dss_key_command_single_option }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that the key was added
+  assert:
+    that:
+      - 'result.changed == True'
+      - 'result.key == dss_key_command_single_option'
+      - 'result.key_options == None'
+
+- name: re-add ssh-dss key with a command and a single option
+  authorized_key:
+    user: root
+    key: "{{ dss_key_command_single_option }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that nothing changed
+  assert:
+    that:
+      - 'result.changed == False'
+
+# -------------------------------------------------------------
+# ssh-dss key with a command and multiple other options
+
+- name: add ssh-dss key with a command and multiple options
+  authorized_key:
+    user: root
+    key: "{{ dss_key_command_multiple_options }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that the key was added
+  assert:
+    that:
+      - 'result.changed == True'
+      - 'result.key == dss_key_command_multiple_options'
+      - 'result.key_options == None'
+
+- name: re-add ssh-dss key with a command and multiple options
+  authorized_key:
+    user: root
+    key: "{{ dss_key_command_multiple_options }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that nothing changed
+  assert:
+    that:
+      - 'result.changed == False'
+
+# -------------------------------------------------------------
+# ssh-dss key with multiple trailing parts, which are space-
+# separated and not quoted in any way
+
+- name: add ssh-dss key with trailing parts
+  authorized_key:
+    user: root
+    key: "{{ dss_key_trailing }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that the key was added
+  assert:
+    that:
+      - 'result.changed == True'
+      - 'result.key == dss_key_trailing'
+      - 'result.key_options == None'
+
+- name: re-add ssh-dss key with trailing parts
+  authorized_key:
+    user: root
+    key: "{{ dss_key_trailing }}"
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that nothing changed
+  assert:
+    that:
+      - 'result.changed == False'
+
+# -------------------------------------------------------------
+# basic ssh-dss key with mutliple permit-open options
+# https://github.com/ansible/ansible-modules-core/issues/1715
+
+- name: add basic ssh-dss key with multi-opts
+  authorized_key:
+    user: root
+    key: "{{ dss_key_basic }}"
+    key_options: 'no-agent-forwarding,no-X11-forwarding,permitopen="10.9.8.1:8080",permitopen="10.9.8.1:9001"'
+    state: present
+    path: "{{ output_dir | expanduser }}/authorized_keys"
+  register: result
+
+- name: assert that the key with multi-opts was added
+  assert:
+    that:
+      - 'result.changed == True'
+      - 'result.key == dss_key_basic'
+      - 'result.key_options == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\""'
+
+- name: get the file content
+  shell: cat "{{ output_dir | expanduser }}/authorized_keys" | fgrep DATA_BASIC
+  changed_when: no
+  register: content
+
+- name: validate content
+  assert:
+    that:
+      - 'content.stdout == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\" ssh-dss DATA_BASIC root@testing"'