internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-10 18:55:53 +00:00
Code Issues Projects Releases Wiki Activity
Files
6cac89128711f0444bc515f05aedf33cf6b3f4f4
ansible-freeipa/tests/host/certificate/test_hosts_certificate.yml
Thomas Woerner 473ed03e26 host*: Use FQCN for ansible.builtin 
Use Fully Qualified Collection Name (FQCN) for ansible builtins. This is
ansible.builtin.set_fact instead of set_fact for example and aplies for
all actions that are part of ansible.builtin.

All the replaced ansible.builtins:
  assert, command, copy, debug, fail, fetch, file, import_playbook,
  import_tasks, include_role, include_tasks, include_vars, package,
  set_fact, shell, slurp, stat, systemd
2022-12-20 13:50:23 +01:00

107 lines
3.4 KiB
YAML
Raw Blame History

---
- name: Test host certificates
hosts: ipaserver
become: true
tasks:
- name: Get Domain from server name
ansible.builtin.set_fact:
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Host test absent
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ 'test.' + ipaserver_domain }}"
state: absent
- name: Host test present
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ 'test.' + ipaserver_domain }}"
force: yes
register: result
failed_when: not result.changed or result.failed
- name: Generate self-signed certificates.
ansible.builtin.shell:
cmd: |
openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout "private{{ item }}.key" -out "cert{{ item }}.pem" -subj '/CN=test'
openssl x509 -outform der -in "cert{{ item }}.pem" -out "cert{{ item }}.der"
base64 "cert{{ item }}.der" -w5000 > "cert{{ item }}.b64"
with_items: [1, 2, 3]
become: no
delegate_to: localhost
- name: Host test cert members present
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ 'test.' + ipaserver_domain }}"
certificate:
- "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
- "{{ lookup('file', 'cert2.b64', rstrip=False) }}"
- "{{ lookup('file', 'cert3.b64', rstrip=False) }}"
action: member
register: result
failed_when: not result.changed or result.failed
- name: Host test cert members present again
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ 'test.' + ipaserver_domain }}"
certificate:
- "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
- "{{ lookup('file', 'cert2.b64', rstrip=False) }}"
- "{{ lookup('file', 'cert3.b64', rstrip=False) }}"
action: member
register: result
failed_when: result.changed or result.failed
- name: Host test cert members absent
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ 'test.' + ipaserver_domain }}"
certificate:
- "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
- "{{ lookup('file', 'cert2.b64', rstrip=False) }}"
- "{{ lookup('file', 'cert3.b64', rstrip=False) }}"
state: absent
action: member
register: result
failed_when: not result.changed or result.failed
- name: Host test cert members absent again
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ 'test.' + ipaserver_domain }}"
certificate:
- "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
- "{{ lookup('file', 'cert2.b64', rstrip=False) }}"
- "{{ lookup('file', 'cert3.b64', rstrip=False) }}"
state: absent
action: member
register: result
failed_when: result.changed or result.failed
- name: Host test absent
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ 'test.' + ipaserver_domain }}"
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
become: no
delegate_to: localhost
Reference in New Issue View Git Blame Copy Permalink