internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-03-26 21:33:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve tests (#852)

Browse Source 
* Use no longer needed wrapper.

* Improve tests.
This commit is contained in:
Felix Fontein
2025-03-08 10:48:34 +01:00
committed by GitHub
parent 7d5ebad188
commit 260bdb1572
16 changed files with 67 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/integration/targets/acme_ari_info/tests/validate.yml
View File

@@ -7,8 +7,8 @@
assert:
that:
- cert_1 is not changed
- cert_1.renewal_info.explanationURL is string or cert_1.renewal_info.explanationURL is not defined
- cert_1.renewal_info.retryAfter is string or cert_1.renewal_info.retryAfter is not defined
- cert_1.renewal_info.explanationURL is not defined or cert_1.renewal_info.explanationURL is string
- cert_1.renewal_info.retryAfter is not defined or cert_1.renewal_info.retryAfter is string
- cert_1.renewal_info.suggestedWindow.start is string
- cert_1.renewal_info.suggestedWindow.end is string
- >-

8
tests/integration/targets/filter_openssl_csr_info/tasks/impl.yml
View File

@@ -102,7 +102,7 @@
assert:
that:
- output is failed
- output.msg is search("^The community.crypto.openssl_csr_info input must be a text type, not <(?:class|type) 'list'>$")
- output.msg is search("The community.crypto.openssl_csr_info input must be a text type, not ")
- name: Get invalid certificate info
set_fact:
@@ -115,7 +115,7 @@
assert:
that:
- output is failed
- output.msg is search("^Unable to load (?:request|PEM file)(?:\.|$)")
- output.msg is search("Unable to load (?:request|PEM file)(?:\.|$)")
- name: Get invalid certificate info
set_fact:
@@ -128,7 +128,7 @@
assert:
that:
- output is failed
- output.msg is search("^The name_encoding option must be of a text type, not <(?:class|type) 'list'>$")
- output.msg is search("The name_encoding option must be of a text type, not ")
- name: Get invalid name_encoding parameter
set_fact:
@@ -141,4 +141,4 @@
assert:
that:
- output is failed
- output.msg is search("^The name_encoding option must be one of the values \"ignore\", \"idna\", or \"unicode\", not \"foo\"$")
- output.msg is search("The name_encoding option must be one of the values \"ignore\", \"idna\", or \"unicode\", not \"foo\"$")

3
tests/integration/targets/filter_openssl_privatekey_info/tasks/impl.yml
View File

@@ -51,7 +51,8 @@
assert:
that:
- result is failed
- result.msg == 'Wrong or empty passphrase provided for private key'
- >-
'Wrong or empty passphrase provided for private key' in result.msg
- name: Get key 3 info (with passphrase)
set_fact:

4
tests/integration/targets/filter_openssl_publickey_info/tasks/impl.yml
View File

@@ -79,7 +79,7 @@
assert:
that:
- output is failed
- output.msg is search("^The community.crypto.openssl_publickey_info input must be a text type, not <(?:class|type) 'list'>$")
- output.msg is search("The community.crypto.openssl_publickey_info input must be a text type, not ")
- name: Get invalid key info
set_fact:
@@ -92,4 +92,4 @@
assert:
that:
- output is failed
- 'output.msg is search("^Error while deserializing key: ")'
- 'output.msg is search("Error while deserializing key: ")'

2
tests/integration/targets/filter_split_pem/tasks/main.yml
View File

@@ -61,4 +61,4 @@
assert:
that:
- output is failed
- output.msg is search("^The community.crypto.split_pem input must be a text type, not <(?:class|type) 'list'>$")
- output.msg is search("The community.crypto.split_pem input must be a text type, not ")

8
tests/integration/targets/filter_x509_certificate_info/tasks/impl.yml
View File

@@ -179,7 +179,7 @@
assert:
that:
- output is failed
- output.msg is search("^The community.crypto.x509_certificate_info input must be a text type, not <(?:class|type) 'list'>$")
- output.msg is search("The community.crypto.x509_certificate_info input must be a text type, not ")
- name: Get invalid certificate info
set_fact:
@@ -192,7 +192,7 @@
assert:
that:
- output is failed
- output.msg is search("^Unable to load (?:certificate|PEM file)(?:\.|$)")
- output.msg is search("Unable to load (?:certificate|PEM file)(?:\.|$)")
- name: Get invalid certificate info
set_fact:
@@ -205,7 +205,7 @@
assert:
that:
- output is failed
- output.msg is search("^The name_encoding option must be of a text type, not <(?:class|type) 'list'>$")
- output.msg is search("The name_encoding option must be of a text type, not ")
- name: Get invalid name_encoding parameter
set_fact:
@@ -218,4 +218,4 @@
assert:
that:
- output is failed
- output.msg is search("^The name_encoding option must be one of the values \"ignore\", \"idna\", or \"unicode\", not \"foo\"$")
- output.msg is search("The name_encoding option must be one of the values \"ignore\", \"idna\", or \"unicode\", not \"foo\"$")

10
tests/integration/targets/filter_x509_crl_info/tasks/impl.yml
View File

@@ -291,7 +291,7 @@
assert:
that:
- output is failed
- output.msg is search("^The community.crypto.x509_crl_info input must be a text type, not <(?:class|type) 'list'>$")
- output.msg is search("The community.crypto.x509_crl_info input must be a text type, not ")
- name: Get invalid CRL info
set_fact:
@@ -304,7 +304,7 @@
assert:
that:
- output is failed
- output.msg is search("^Error while decoding CRL")
- output.msg is search("Error while decoding CRL")
- name: Get invalid CRL info
set_fact:
@@ -317,7 +317,7 @@
assert:
that:
- output is failed
- output.msg is search("^The name_encoding option must be of a text type, not <(?:class|type) 'list'>$")
- output.msg is search("The name_encoding option must be of a text type, not ")
- name: Get invalid name_encoding parameter
set_fact:
@@ -330,7 +330,7 @@
assert:
that:
- output is failed
- output.msg is search("^The name_encoding option must be one of the values \"ignore\", \"idna\", or \"unicode\", not \"foo\"$")
- output.msg is search("The name_encoding option must be one of the values \"ignore\", \"idna\", or \"unicode\", not \"foo\"$")
- name: Get invalid list_revoked_certificates parameter
set_fact:
@@ -343,4 +343,4 @@
assert:
that:
- output is failed
- output.msg is search("^The list_revoked_certificates option must be a boolean, not <(?:class|type) 'list'>$")
- output.msg is search("The list_revoked_certificates option must be a boolean, not ")

5
tests/integration/targets/openssl_csr_info/tasks/impl.yml
View File

@@ -84,7 +84,10 @@
- name: "({{ select_crypto_backend }}) Compare output of direct and loaded info"
assert:
that:
- result == result_direct
- >-
(result | dict2items | rejectattr("key", "equalto", "warnings") | list | items2dict)
==
(result_direct | dict2items | rejectattr("key", "equalto", "warnings") | list | items2dict)
- name: "({{ select_crypto_backend }}) Get CSR info"
openssl_csr_info:

4
tests/integration/targets/openssl_privatekey/tests/validate.yml
View File

@@ -80,7 +80,7 @@
- name: "({{ select_crypto_backend }}) Validate privatekey5 (assert - Passphrase protected key + idempotence)"
assert:
that:
- privatekey5.stdout == '{{ default_rsa_key_size }}'
- privatekey5.stdout == (default_rsa_key_size | string)
when: openssl_version.stdout is version('0.9.8zh', '>=')
- name: "({{ select_crypto_backend }}) Validate privatekey5 idempotence (assert - Passphrase protected key + idempotence)"
@@ -97,7 +97,7 @@
- name: "({{ select_crypto_backend }}) Validate privatekey6 (assert - Passphrase protected key with non ascii character)"
assert:
that:
- privatekey6.stdout == '{{ default_rsa_key_size }}'
- privatekey6.stdout == (default_rsa_key_size | string)
when: openssl_version.stdout is version('0.9.8zh', '>=')
- name: "({{ select_crypto_backend }}) Validate ECC generation (dump with OpenSSL)"

5
tests/integration/targets/openssl_privatekey_info/tasks/impl.yml
View File

@@ -38,7 +38,10 @@
- name: ({{select_crypto_backend}}) Compare output of direct and loaded info
assert:
that:
- result == result_direct
- >-
(result | dict2items | rejectattr("key", "equalto", "warnings") | list | items2dict)
==
(result_direct | dict2items | rejectattr("key", "equalto", "warnings") | list | items2dict)
- name: ({{select_crypto_backend}}) Get key 2 info
openssl_privatekey_info:

5
tests/integration/targets/openssl_publickey_info/tasks/impl.yml
View File

@@ -36,7 +36,10 @@
- name: ({{select_crypto_backend}}) Compare output of direct and loaded info
assert:
that:
- result == result_direct
- >-
(result | dict2items | rejectattr("key", "equalto", "warnings") | list | items2dict)
==
(result_direct | dict2items | rejectattr("key", "equalto", "warnings") | list | items2dict)
- name: ({{select_crypto_backend}}) Get key 2 info
openssl_publickey_info:

27
tests/integration/targets/openssl_signature/filter_plugins/helper.py Normal file
View File

@@ -0,0 +1,27 @@
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import itertools
def openssl_signatures_combiner(list_of_dicts):
result = []
for entry_dicts in itertools.product(*list_of_dicts):
entry = {}
for entry_dict in entry_dicts:
entry.update(entry_dict)
result.append(entry)
return result
class FilterModule:
''' Jinja2 compat filters '''
def filters(self):
return {
'openssl_signatures_combiner': openssl_signatures_combiner,
}

1
tests/integration/targets/openssl_signature/meta/main.yml
View File

@@ -6,3 +6,4 @@
dependencies:
- setup_openssl
- setup_remote_tmp_dir
- prepare_jinja2_compat

12
tests/integration/targets/openssl_signature/tasks/main.yml
View File

@@ -52,17 +52,7 @@
- name: Create all test combinations
set_fact:
# Explanation: see https://serverfault.com/a/1004124
all_tests: >-
[
{% for b in backends %}
{% for kt in key_types %}
{% for kp in key_password %}
{{ b | combine (kt) | combine(kp) }},
{% endfor %}
{% endfor %}
{% endfor %}
]
all_tests: "{{ [backends, key_types, key_password] | openssl_signatures_combiner }}"
- name: Generate private keys
openssl_privatekey:

5
tests/integration/targets/x509_certificate_info/tasks/impl.yml
View File

@@ -116,7 +116,10 @@
- name: ({{select_crypto_backend}}) Compare output of direct and loaded info
assert:
that:
- result == result_direct
- >-
(result | dict2items | rejectattr("key", "equalto", "warnings") | list | items2dict)
==
(result_direct | dict2items | rejectattr("key", "equalto", "warnings") | list | items2dict)
- name: ({{select_crypto_backend}}) Get certificate info
x509_certificate_info:

54
tests/unit/plugins/modules/utils.py
View File

@@ -1,54 +0,0 @@
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import json
from ansible_collections.community.crypto.tests.unit.compat import unittest
from ansible_collections.community.crypto.tests.unit.compat.mock import patch
from ansible.module_utils import basic
from ansible.module_utils.common.text.converters import to_bytes
def set_module_args(args):
if '_ansible_remote_tmp' not in args:
args['_ansible_remote_tmp'] = '/tmp'
if '_ansible_keep_remote_files' not in args:
args['_ansible_keep_remote_files'] = False
args = json.dumps({'ANSIBLE_MODULE_ARGS': args})
basic._ANSIBLE_ARGS = to_bytes(args)
class AnsibleExitJson(Exception):
pass
class AnsibleFailJson(Exception):
pass
def exit_json(*args, **kwargs):
if 'changed' not in kwargs:
kwargs['changed'] = False
raise AnsibleExitJson(kwargs)
def fail_json(*args, **kwargs):
kwargs['failed'] = True
raise AnsibleFailJson(kwargs)
class ModuleTestCase(unittest.TestCase):
def setUp(self):
self.mock_module = patch.multiple(basic.AnsibleModule, exit_json=exit_json, fail_json=fail_json)
self.mock_module.start()
self.mock_sleep = patch('time.sleep')
self.mock_sleep.start()
set_module_args({})
self.addCleanup(self.mock_module.stop)
self.addCleanup(self.mock_sleep.stop)