mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-03-26 21:33:05 +00:00
12338309d2
Some tests for ipahost and ipauser modules, related to certificates had the verification part disabled. This patch enable these verifications.
65 lines
1.8 KiB
YAML
65 lines
1.8 KiB
YAML
---
|
|
- name: Test user certificates
|
|
hosts: ipaserver
|
|
become: true
|
|
gather_facts: false
|
|
|
|
tasks:
|
|
- name: Generate self-signed certificates.
|
|
shell:
|
|
cmd: |
|
|
openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout "private{{ item }}.key" -out "cert{{ item }}.pem" -subj '/CN=test'
|
|
openssl x509 -outform der -in "cert{{ item }}.pem" -out "cert{{ item }}.der"
|
|
base64 "cert{{ item }}.der" -w5000 > "cert{{ item }}.b64"
|
|
with_items: [1, 2]
|
|
become: no
|
|
delegate_to: localhost
|
|
|
|
- name: User test absent
|
|
ipauser:
|
|
ipaadmin_password: SomeADMINpassword
|
|
users:
|
|
- name: test
|
|
state: absent
|
|
|
|
- name: User test present
|
|
ipauser:
|
|
ipaadmin_password: SomeADMINpassword
|
|
users:
|
|
- name: test
|
|
first: test
|
|
last: test
|
|
|
|
- name: User test cert members present
|
|
ipauser:
|
|
ipaadmin_password: SomeADMINpassword
|
|
users:
|
|
- name: test
|
|
certificate:
|
|
- "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: User test cert members absent
|
|
ipauser:
|
|
ipaadmin_password: SomeADMINpassword
|
|
users:
|
|
- name: test
|
|
certificate:
|
|
- "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
|
|
- "{{ lookup('file', 'cert2.b64', rstrip=False) }}"
|
|
state: absent
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Remove certificate files.
|
|
shell:
|
|
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
|
|
with_items: [1, 2]
|
|
become: no
|
|
delegate_to: localhost
|
|
args:
|
|
warn: no # suppres warning for not using the `file` module.
|