diff --git a/tests/integration/targets/acme_inspect/tasks/impl.yml b/tests/integration/targets/acme_inspect/tasks/impl.yml index ed38657b..48af5caa 100644 --- a/tests/integration/targets/acme_inspect/tasks/impl.yml +++ b/tests/integration/targets/acme_inspect/tasks/impl.yml @@ -131,6 +131,19 @@ register: authz - ansible.builtin.debug: var=authz +- name: Get HTTP-01 challenge URLs + ansible.builtin.set_fact: + http01challenge_urls: >- + {{ + authz.results + | map(attribute='output_json') + | map(attribute='challenges') + | map('selectattr', 'type', 'equalto', 'http-01') + | map('first') + | map(attribute='url') + | list + }} + - name: Get HTTP-01 challenge for authz community.crypto.acme_inspect: acme_directory: "{{ acme_directory_url }}" @@ -138,13 +151,23 @@ validate_certs: false account_key_src: "{{ remote_tmp_dir }}/accountkey.pem" account_uri: "{{ account_creation.headers.location }}" - url: "{{ (item.challenges | selectattr('type', 'equalto', 'http-01') | list)[0].url }}" + url: "{{ item }}" method: get select_crypto_backend: "{{ select_crypto_backend }}" register: http01challenge - loop: "{{ authz.results | map(attribute='output_json') | list }}" + loop: "{{ http01challenge_urls }}" - ansible.builtin.debug: var=http01challenge +- name: Get HTTP-01 activation URLs + ansible.builtin.set_fact: + activation_urls: >- + {{ + http01challenge.results + | map(attribute='output_json') + | map(attribute='url') + | list + }} + - name: Activate HTTP-01 challenge manually community.crypto.acme_inspect: acme_directory: "{{ acme_directory_url }}" @@ -152,12 +175,12 @@ validate_certs: false account_key_src: "{{ remote_tmp_dir }}/accountkey.pem" account_uri: "{{ account_creation.headers.location }}" - url: "{{ item.url }}" + url: "{{ item }}" method: post content: '{}' select_crypto_backend: "{{ select_crypto_backend }}" register: activation - loop: "{{ http01challenge.results | map(attribute='output_json') | list }}" + loop: "{{ activation_urls }}" - ansible.builtin.debug: var=activation - name: Get HTTP-01 challenge results @@ -167,11 +190,11 @@ validate_certs: false account_key_src: "{{ remote_tmp_dir }}/accountkey.pem" account_uri: "{{ account_creation.headers.location }}" - url: "{{ item.url }}" + url: "{{ item }}" method: get select_crypto_backend: "{{ select_crypto_backend }}" register: validation_result - loop: "{{ http01challenge.results | map(attribute='output_json') | list }}" + loop: "{{ http01challenge_urls }}" until: "validation_result.output_json.status not in ['pending', 'processing']" retries: 20 delay: 1 diff --git a/tests/integration/targets/acme_inspect/tests/validate.yml b/tests/integration/targets/acme_inspect/tests/validate.yml index a1d7159e..6371f68a 100644 --- a/tests/integration/targets/acme_inspect/tests/validate.yml +++ b/tests/integration/targets/acme_inspect/tests/validate.yml @@ -92,44 +92,44 @@ - name: Check get challenge output ansible.builtin.assert: that: - - item is not changed - - "'directory' in item" - - "'headers' in item" - - "'output_text' in item" - - "'output_json' in item" - - item.output_json.status == 'pending' - - item.output_json.type == 'http-01' - - item.output_json.url == item.invocation.module_args.url - - "'token' in item.output_json" - loop: "{{ http01challenge.results }}" + - item.0 is not changed + - "'directory' in item.0" + - "'headers' in item.0" + - "'output_text' in item.0" + - "'output_json' in item.0" + - item.0.output_json.status == 'pending' + - item.0.output_json.type == 'http-01' + - item.0.output_json.url == item.1 + - "'token' in item.0.output_json" + loop: "{{ http01challenge.results | zip(http01challenge_urls) }}" - name: Check challenge activation output ansible.builtin.assert: that: - - item is changed - - "'directory' in item" - - "'headers' in item" - - "'output_text' in item" - - "'output_json' in item" - - item.output_json.status in ['pending', 'processing'] - - item.output_json.type == 'http-01' - - item.output_json.url == item.invocation.module_args.url - - "'token' in item.output_json" - loop: "{{ activation.results }}" + - item.0 is changed + - "'directory' in item.0" + - "'headers' in item.0" + - "'output_text' in item.0" + - "'output_json' in item.0" + - item.0.output_json.status in ['pending', 'processing'] + - item.0.output_json.type == 'http-01' + - item.0.output_json.url == item.1 + - "'token' in item.0.output_json" + loop: "{{ activation.results | zip(activation_urls) }}" - name: Check validation result ansible.builtin.assert: that: - - item is not changed - - "'directory' in item" - - "'headers' in item" - - "'output_text' in item" - - "'output_json' in item" - - item.output_json.status == 'invalid' - - item.output_json.type == 'http-01' - - item.output_json.url == item.invocation.module_args.url - - "'token' in item.output_json" - - "'validated' in item.output_json" - - "'error' in item.output_json" - - item.output_json.error.type == 'urn:ietf:params:acme:error:unauthorized' - loop: "{{ validation_result.results }}" + - item.0 is not changed + - "'directory' in item.0" + - "'headers' in item.0" + - "'output_text' in item.0" + - "'output_json' in item.0" + - item.0.output_json.status == 'invalid' + - item.0.output_json.type == 'http-01' + - item.0.output_json.url == item.1 + - "'token' in item.0.output_json" + - "'validated' in item.0.output_json" + - "'error' in item.0.output_json" + - item.0.output_json.error.type == 'urn:ietf:params:acme:error:unauthorized' + loop: "{{ validation_result.results | zip(http01challenge_urls) }}"