Allow to pass CSR to acme_certificate as csr_content (#115)

* Allow to pass CSR to acme_certificate as csr_content. * Make sure contents are bytes. * No need to write CSR to disk. * Forgot version_added. * Fix documentation.
2026-05-06 13:22:58 +00:00 · 2020-10-09 14:01:34 +02:00
parent 8e10e1e590
commit 42dd19c387
5 changed files with 80 additions and 31 deletions
--- a/tests/integration/targets/acme_certificate/tasks/impl.yml
+++ b/tests/integration/targets/acme_certificate/tasks/impl.yml
@@ -62,6 +62,7 @@
    select_chain:
      - test_certificates: last
        issuer: "{{ acme_roots[1].subject }}"
+    use_csr_content: true
 - name: Store obtain results for cert 1
  set_fact:
    cert_1_obtain_results: "{{ certificate_obtain_result }}"
@@ -93,6 +94,7 @@
        subject: "{{ acme_intermediates[0].subject }}"
      - test_certificates: all
        issuer: "{{ acme_roots[2].subject }}"
+    use_csr_content: false
 - name: Store obtain results for cert 2
  set_fact:
    cert_2_obtain_results: "{{ certificate_obtain_result }}"
@@ -118,6 +120,7 @@
    select_chain:
      - test_certificates: last
        subject: "{{ acme_roots[1].subject }}"
+    use_csr_content: true
 - name: Store obtain results for cert 3
  set_fact:
    cert_3_obtain_results: "{{ certificate_obtain_result }}"
@@ -145,6 +148,7 @@
        issuer: "{{ acme_roots[2].subject }}"
      - test_certificates: last
        issuer: "{{ acme_roots[1].subject }}"
+    use_csr_content: false
 - name: Store obtain results for cert 4
  set_fact:
    cert_4_obtain_results: "{{ certificate_obtain_result }}"
@@ -165,6 +169,7 @@
    remaining_days: 10
    terms_agreed: no
    account_email: ""
+    use_csr_content: true
 - name: Store obtain results for cert 5a
  set_fact:
    cert_5a_obtain_results: "{{ certificate_obtain_result }}"
@@ -185,6 +190,7 @@
    remaining_days: 10
    terms_agreed: no
    account_email: ""
+    use_csr_content: false
 - name: Store obtain results for cert 5b
  set_fact:
    cert_5_recreate_1: "{{ challenge_data is changed }}"
@@ -204,6 +210,7 @@
    remaining_days: 1000
    terms_agreed: no
    account_email: ""
+    use_csr_content: true
 - name: Store obtain results for cert 5c
  set_fact:
    cert_5_recreate_2: "{{ challenge_data is changed }}"
@@ -224,6 +231,7 @@
    remaining_days: 10
    terms_agreed: no
    account_email: ""
+    use_csr_content: false
 - name: Store obtain results for cert 5d
  set_fact:
    cert_5_recreate_3: "{{ challenge_data is changed }}"
@@ -255,6 +263,7 @@
        subject_key_identifier: "{{ acme_intermediates[0].subject_key_identifier }}"
      - test_certificates: last
        issuer: "{{ acme_roots[1].subject }}"
+    use_csr_content: true
 - name: Store obtain results for cert 6
  set_fact:
    cert_6_obtain_results: "{{ certificate_obtain_result }}"
@@ -282,6 +291,7 @@
    select_chain:
      - test_certificates: last
        authority_key_identifier: "{{ acme_roots[2].subject_key_identifier }}"
+    use_csr_content: false
 - name: Store obtain results for cert 7
  set_fact:
    cert_7_obtain_results: "{{ certificate_obtain_result }}"
@@ -307,6 +317,7 @@
    remaining_days: 10
    terms_agreed: yes
    account_email: "example@example.org"
+    use_csr_content: true
 - name: Store obtain results for cert 8
  set_fact:
    cert_8_obtain_results: "{{ certificate_obtain_result }}"
--- a/tests/integration/targets/setup_acme/tasks/obtain-cert.yml
+++ b/tests/integration/targets/setup_acme/tasks/obtain-cert.yml
@@ -19,6 +19,8 @@
    privatekey_path: "{{ output_dir }}/{{ certificate_name }}.key"
    subject_alt_name: "{{ subject_alt_name }}"
    subject_alt_name_critical: "{{ subject_alt_name_critical }}"
+    return_content: true
+  register: csr_result
 ## ACME STEP 1 ################################################################################
 - name: ({{ certgen_title }}) Obtain cert, step 1
  acme_certificate:
@@ -29,7 +31,8 @@
    account_key: "{{ (output_dir ~ '/' ~ account_key ~ '.pem') if account_key_content is not defined else omit }}"
    account_key_content: "{{ account_key_content | default(omit) }}"
    modify_account: "{{ modify_account }}"
-    csr: "{{ output_dir }}/{{ certificate_name }}.csr"
+    csr: "{{ omit if use_csr_content | default(false) else output_dir ~ '/' ~ certificate_name ~ '.csr' }}"
+    csr_content: "{{ csr_result.csr if use_csr_content | default(false) else omit }}"
    dest: "{{ output_dir }}/{{ certificate_name }}.pem"
    fullchain_dest: "{{ output_dir }}/{{ certificate_name }}-fullchain.pem"
    chain_dest: "{{ output_dir }}/{{ certificate_name }}-chain.pem"
@@ -100,7 +103,8 @@
    account_key_content: "{{ account_key_content | default(omit) }}"
    account_uri: "{{ challenge_data.account_uri }}"
    modify_account: "{{ modify_account }}"
-    csr: "{{ output_dir }}/{{ certificate_name }}.csr"
+    csr: "{{ omit if use_csr_content | default(false) else output_dir ~ '/' ~ certificate_name ~ '.csr' }}"
+    csr_content: "{{ csr_result.csr if use_csr_content | default(false) else omit }}"
    dest: "{{ output_dir }}/{{ certificate_name }}.pem"
    fullchain_dest: "{{ output_dir }}/{{ certificate_name }}-fullchain.pem"
    chain_dest: "{{ output_dir }}/{{ certificate_name }}-chain.pem"