internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-03-26 21:33:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use ansible_facts.xxx instead of ansible_xxx. (#980)

Browse Source
This commit is contained in:
Felix Fontein
2026-02-07 16:12:21 +01:00
committed by GitHub
parent e91f8ec520
commit b5a9a41913
23 changed files with 57 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/integration/targets/crypto_info/tasks/main.yml
View File

@@ -17,7 +17,7 @@
var: result var: result
- name: Register cryptography version - name: Register cryptography version
ansible.builtin.command: "{{ ansible_python.executable }} -c 'import cryptography; print(cryptography.__version__)'" ansible.builtin.command: "{{ ansible_facts.python.executable }} -c 'import cryptography; print(cryptography.__version__)'"
register: local_cryptography_version register: local_cryptography_version
- name: Set cryptography version - name: Set cryptography version
@@ -30,7 +30,7 @@
{{ {{
local_cryptography_version is version("2.6", ">=") local_cryptography_version is version("2.6", ">=")
and not ( and not (
ansible_os_family == "FreeBSD" and ansible_facts.os_family == "FreeBSD" and
ansible_facts.distribution_version is version("12.1", ">=") and ansible_facts.distribution_version is version("12.1", ">=") and
ansible_facts.distribution_version is version("12.2", "<") ansible_facts.distribution_version is version("12.2", "<")
) )
@@ -39,7 +39,7 @@
{{ {{
local_cryptography_version is version("2.6", ">=") local_cryptography_version is version("2.6", ">=")
and not ( and not (
ansible_os_family == "FreeBSD" and ansible_facts.os_family == "FreeBSD" and
ansible_facts.distribution_version is version("12.1", ">=") and ansible_facts.distribution_version is version("12.1", ">=") and
ansible_facts.distribution_version is version("12.2", "<") ansible_facts.distribution_version is version("12.2", "<")
) )

2
tests/integration/targets/filter_openssl_privatekey_info/tasks/impl.yml
View File

@@ -89,7 +89,7 @@
- "result.public_data.curve is string" - "result.public_data.curve is string"
- "result.public_data.x != 0" - "result.public_data.x != 0"
- "result.public_data.y != 0" - "result.public_data.y != 0"
- "result.public_data.exponent_size == (521 if (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') else 256)" - "result.public_data.exponent_size == (521 if (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') else 256)"
- "'private_data' in result" - "'private_data' in result"
- "result.private_data.multiplier > 1024" - "result.private_data.multiplier > 1024"

2
tests/integration/targets/filter_openssl_privatekey_info/tasks/main.yml
View File

@@ -28,7 +28,7 @@
community.crypto.openssl_privatekey: community.crypto.openssl_privatekey:
path: '{{ remote_tmp_dir }}/privatekey_4.pem' path: '{{ remote_tmp_dir }}/privatekey_4.pem'
type: ECC type: ECC
curve: "{{ (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}" curve: "{{ (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}"
# ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead # ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead
- name: Generate privatekey 5 (DSA) - name: Generate privatekey 5 (DSA)

2
tests/integration/targets/filter_openssl_publickey_info/tasks/impl.yml
View File

@@ -49,7 +49,7 @@
- "result.public_data.curve is string" - "result.public_data.curve is string"
- "result.public_data.x != 0" - "result.public_data.x != 0"
- "result.public_data.y != 0" - "result.public_data.y != 0"
- "result.public_data.exponent_size == (521 if (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') else 256)" - "result.public_data.exponent_size == (521 if (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') else 256)"
- name: Get key 4 info - name: Get key 4 info
ansible.builtin.set_fact: ansible.builtin.set_fact:

2
tests/integration/targets/filter_openssl_publickey_info/tasks/main.yml
View File

@@ -22,7 +22,7 @@
community.crypto.openssl_privatekey: community.crypto.openssl_privatekey:
path: '{{ remote_tmp_dir }}/privatekey_3.pem' path: '{{ remote_tmp_dir }}/privatekey_3.pem'
type: ECC type: ECC
curve: "{{ (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}" curve: "{{ (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}"
# ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead # ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead
select_crypto_backend: cryptography select_crypto_backend: cryptography

14
tests/integration/targets/luks_device/tasks/main.yml
View File

@@ -21,10 +21,10 @@
vars: vars:
search: search:
files: files:
- '{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version }}.yml' - '{{ ansible_facts.distribution | lower }}-{{ ansible_facts.distribution_major_version }}.yml'
- '{{ ansible_distribution | lower }}-{{ ansible_distribution_version }}.yml' - '{{ ansible_facts.distribution | lower }}-{{ ansible_facts.distribution_version }}.yml'
- '{{ ansible_distribution | lower }}.yml' - '{{ ansible_facts.distribution | lower }}.yml'
- '{{ ansible_os_family | lower }}.yml' - '{{ ansible_facts.os_family | lower }}.yml'
- default.yml - default.yml
paths: paths:
- vars - vars
@@ -52,7 +52,7 @@
{{ cryptsetup_version.stdout_lines[0] | regex_search('cryptsetup ([0-9]+\.[0-9]+\.[0-9]+)') | split | last }} {{ cryptsetup_version.stdout_lines[0] | regex_search('cryptsetup ([0-9]+\.[0-9]+\.[0-9]+)') | split | last }}
- name: Create cryptfile - name: Create cryptfile
ansible.builtin.command: dd if=/dev/zero of={{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile bs=1M count=32 ansible.builtin.command: dd if=/dev/zero of={{ remote_tmp_dir.replace('~', ansible_facts.env.HOME) }}/cryptfile bs=1M count=32
- name: Figure out next loopback device - name: Figure out next loopback device
ansible.builtin.command: losetup -f ansible.builtin.command: losetup -f
@@ -60,7 +60,7 @@
register: cryptfile_device_output register: cryptfile_device_output
- name: Create lookback device - name: Create lookback device
ansible.builtin.command: losetup -f {{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile ansible.builtin.command: losetup -f {{ remote_tmp_dir.replace('~', ansible_facts.env.HOME) }}/cryptfile
become: true become: true
- name: Store some common data for tests - name: Store some common data for tests
@@ -87,5 +87,5 @@
become: true become: true
- ansible.builtin.file: - ansible.builtin.file:
dest: "{{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile" dest: "{{ remote_tmp_dir.replace('~', ansible_facts.env.HOME) }}/cryptfile"
state: absent state: absent

4
tests/integration/targets/openssl_privatekey/tasks/main.yml
View File

@@ -22,7 +22,7 @@
| map('regex_replace', '^ *([a-zA-Z0-9_-]+) *: .*$', '\1') | map('regex_replace', '^ *([a-zA-Z0-9_-]+) *: .*$', '\1')
| list | list
}} }}
when: ansible_distribution != 'CentOS' or ansible_distribution_major_version != '6' when: ansible_facts.distribution != 'CentOS' or ansible_facts.distribution_major_version != '6'
# CentOS comes with a very old jinja2 which does not include the map() filter... # CentOS comes with a very old jinja2 which does not include the map() filter...
- name: Compile list of elliptic curves supported by OpenSSL (CentOS 6) - name: Compile list of elliptic curves supported by OpenSSL (CentOS 6)
ansible.builtin.set_fact: ansible.builtin.set_fact:
@@ -30,7 +30,7 @@
- secp384r1 - secp384r1
- secp521r1 - secp521r1
- prime256v1 - prime256v1
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6' when: ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6'
- name: List of elliptic curves supported by OpenSSL - name: List of elliptic curves supported by OpenSSL
ansible.builtin.debug: var=openssl_ecc_list ansible.builtin.debug: var=openssl_ecc_list

2
tests/integration/targets/openssl_privatekey/tests/validate.yml
View File

@@ -4,7 +4,7 @@
# SPDX-License-Identifier: GPL-3.0-or-later # SPDX-License-Identifier: GPL-3.0-or-later
- ansible.builtin.set_fact: - ansible.builtin.set_fact:
system_potentially_has_no_algorithm_support: "{{ ansible_os_family == 'FreeBSD' }}" system_potentially_has_no_algorithm_support: "{{ ansible_facts.os_family == 'FreeBSD' }}"
- name: "({{ select_crypto_backend }}) Read private key" - name: "({{ select_crypto_backend }}) Read private key"
ansible.builtin.slurp: ansible.builtin.slurp:

2
tests/integration/targets/openssl_privatekey_convert/tasks/main.yml
View File

@@ -13,7 +13,7 @@
supports_ed25519: >- supports_ed25519: >-
{{ {{
not ( not (
ansible_os_family == "FreeBSD" and ansible_facts.os_family == "FreeBSD" and
ansible_facts.distribution_version is version("12.1", ">=") and ansible_facts.distribution_version is version("12.1", ">=") and
ansible_facts.distribution_version is version("12.2", "<") ansible_facts.distribution_version is version("12.2", "<")
) )

2
tests/integration/targets/openssl_privatekey_info/tasks/impl.yml
View File

@@ -156,7 +156,7 @@
- "result.public_data.curve is string" - "result.public_data.curve is string"
- "result.public_data.x != 0" - "result.public_data.x != 0"
- "result.public_data.y != 0" - "result.public_data.y != 0"
- "result.public_data.exponent_size == (521 if (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') else 256)" - "result.public_data.exponent_size == (521 if (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') else 256)"
- "'private_data' in result" - "'private_data' in result"
- "result.private_data.multiplier > 1024" - "result.private_data.multiplier > 1024"

2
tests/integration/targets/openssl_privatekey_info/tasks/main.yml
View File

@@ -29,7 +29,7 @@
community.crypto.openssl_privatekey: community.crypto.openssl_privatekey:
path: '{{ remote_tmp_dir }}/privatekey_4.pem' path: '{{ remote_tmp_dir }}/privatekey_4.pem'
type: ECC type: ECC
curve: "{{ (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}" curve: "{{ (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}"
# ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead # ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead
select_crypto_backend: cryptography select_crypto_backend: cryptography

2
tests/integration/targets/openssl_publickey_info/tasks/impl.yml
View File

@@ -74,7 +74,7 @@
- "result.public_data.curve is string" - "result.public_data.curve is string"
- "result.public_data.x != 0" - "result.public_data.x != 0"
- "result.public_data.y != 0" - "result.public_data.y != 0"
- "result.public_data.exponent_size == (521 if (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') else 256)" - "result.public_data.exponent_size == (521 if (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') else 256)"
- name: ({{ select_crypto_backend }}) Get key 4 info - name: ({{ select_crypto_backend }}) Get key 4 info
community.crypto.openssl_publickey_info: community.crypto.openssl_publickey_info:

2
tests/integration/targets/openssl_publickey_info/tasks/main.yml
View File

@@ -22,7 +22,7 @@
community.crypto.openssl_privatekey: community.crypto.openssl_privatekey:
path: '{{ remote_tmp_dir }}/privatekey_3.pem' path: '{{ remote_tmp_dir }}/privatekey_3.pem'
type: ECC type: ECC
curve: "{{ (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}" curve: "{{ (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}"
# ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead # ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead
select_crypto_backend: cryptography select_crypto_backend: cryptography

4
tests/integration/targets/openssl_signature/tasks/main.yml
View File

@@ -36,14 +36,14 @@
key_types: "{{ key_types + [{'type': 'DSA', 'size': 2048}, {'type': 'ECC', 'curve': 'secp256r1'}] }}" key_types: "{{ key_types + [{'type': 'DSA', 'size': 2048}, {'type': 'ECC', 'curve': 'secp256r1'}] }}"
when: when:
# FreeBSD 11 fails on secp256r1 keys # FreeBSD 11 fails on secp256r1 keys
- not ansible_os_family == 'FreeBSD' - not ansible_facts.os_family == 'FreeBSD'
- name: Add Ed25519 + Ed448 tests - name: Add Ed25519 + Ed448 tests
ansible.builtin.set_fact: ansible.builtin.set_fact:
key_types: "{{ key_types + [{'type': 'Ed25519'}, {'type': 'Ed448'}] }}" key_types: "{{ key_types + [{'type': 'Ed25519'}, {'type': 'Ed448'}] }}"
when: when:
# FreeBSD doesn't have support for Ed448/25519 # FreeBSD doesn't have support for Ed448/25519
- not ansible_os_family == 'FreeBSD' - not ansible_facts.os_family == 'FreeBSD'
- name: Create all test combinations - name: Create all test combinations
ansible.builtin.set_fact: ansible.builtin.set_fact:

22
tests/integration/targets/prepare_http_tests/tasks/default.yml
View File

@@ -5,17 +5,17 @@
- name: RedHat - Enable the dynamic CA configuration feature (RHEL up to 9) - name: RedHat - Enable the dynamic CA configuration feature (RHEL up to 9)
ansible.builtin.command: update-ca-trust force-enable ansible.builtin.command: update-ca-trust force-enable
when: ansible_os_family == 'RedHat' and ansible_distribution != "Fedora" and (ansible_distribution_major_version | int) < 10 when: ansible_facts.os_family == 'RedHat' and ansible_facts.distribution != "Fedora" and (ansible_facts.distribution_major_version | int) < 10
- name: RedHat - Enable the dynamic CA configuration feature (RHEL 10+) - name: RedHat - Enable the dynamic CA configuration feature (RHEL 10+)
ansible.builtin.command: update-ca-trust ansible.builtin.command: update-ca-trust
when: ansible_os_family == 'RedHat' and ansible_distribution != "Fedora" and (ansible_distribution_major_version | int) >= 10 when: ansible_facts.os_family == 'RedHat' and ansible_facts.distribution != "Fedora" and (ansible_facts.distribution_major_version | int) >= 10
- name: RedHat - Retrieve test cacert - name: RedHat - Retrieve test cacert
ansible.builtin.get_url: ansible.builtin.get_url:
url: "http://ansible.http.tests/cacert.pem" url: "http://ansible.http.tests/cacert.pem"
dest: "/etc/pki/ca-trust/source/anchors/ansible.pem" dest: "/etc/pki/ca-trust/source/anchors/ansible.pem"
when: ansible_os_family == 'RedHat' when: ansible_facts.os_family == 'RedHat'
- name: Get client cert/key - name: Get client cert/key
ansible.builtin.get_url: ansible.builtin.get_url:
@@ -29,42 +29,42 @@
ansible.builtin.get_url: ansible.builtin.get_url:
url: "http://ansible.http.tests/cacert.pem" url: "http://ansible.http.tests/cacert.pem"
dest: "/etc/pki/trust/anchors/ansible.pem" dest: "/etc/pki/trust/anchors/ansible.pem"
when: ansible_os_family == 'Suse' when: ansible_facts.os_family == 'Suse'
- name: Debian - Retrieve test cacert - name: Debian - Retrieve test cacert
ansible.builtin.get_url: ansible.builtin.get_url:
url: "http://ansible.http.tests/cacert.pem" url: "http://ansible.http.tests/cacert.pem"
dest: "/usr/local/share/ca-certificates/ansible.crt" dest: "/usr/local/share/ca-certificates/ansible.crt"
when: ansible_os_family == 'Debian' when: ansible_facts.os_family == 'Debian'
- name: Redhat - Update ca trust - name: Redhat - Update ca trust
ansible.builtin.command: update-ca-trust extract ansible.builtin.command: update-ca-trust extract
when: ansible_os_family == 'RedHat' when: ansible_facts.os_family == 'RedHat'
- name: Debian/Suse - Update ca certificates - name: Debian/Suse - Update ca certificates
ansible.builtin.command: update-ca-certificates ansible.builtin.command: update-ca-certificates
when: ansible_os_family == 'Debian' or ansible_os_family == 'Suse' when: ansible_facts.os_family == 'Debian' or ansible_facts.os_family == 'Suse'
- name: FreeBSD - Retrieve test cacert - name: FreeBSD - Retrieve test cacert
ansible.builtin.get_url: ansible.builtin.get_url:
url: "http://ansible.http.tests/cacert.pem" url: "http://ansible.http.tests/cacert.pem"
dest: "/tmp/ansible.pem" dest: "/tmp/ansible.pem"
when: ansible_os_family == 'FreeBSD' when: ansible_facts.os_family == 'FreeBSD'
- name: FreeBSD - Read test cacert - name: FreeBSD - Read test cacert
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/tmp/ansible.pem" src: "/tmp/ansible.pem"
register: slurp register: slurp
when: ansible_os_family == 'FreeBSD' when: ansible_facts.os_family == 'FreeBSD'
- name: FreeBSD - Add cacert to root certificate store - name: FreeBSD - Add cacert to root certificate store
ansible.builtin.blockinfile: ansible.builtin.blockinfile:
path: "/etc/ssl/cert.pem" path: "/etc/ssl/cert.pem"
block: "{{ slurp.content | b64decode }}" block: "{{ slurp.content | b64decode }}"
when: ansible_os_family == 'FreeBSD' when: ansible_facts.os_family == 'FreeBSD'
- name: MacOS - Retrieve test cacert - name: MacOS - Retrieve test cacert
when: ansible_os_family == 'Darwin' when: ansible_facts.os_family == 'Darwin'
block: block:
- ansible.builtin.uri: - ansible.builtin.uri:
url: "http://ansible.http.tests/cacert.pem" url: "http://ansible.http.tests/cacert.pem"

4
tests/integration/targets/prepare_http_tests/tasks/main.yml
View File

@@ -13,7 +13,7 @@
- ansible.builtin.set_fact: - ansible.builtin.set_fact:
has_httptester: "{{ lookup('env', 'HTTPTESTER') != '' }}" has_httptester: "{{ lookup('env', 'HTTPTESTER') != '' }}"
- name: make sure we have the ansible_os_family and ansible_distribution_version facts - name: make sure we have the ansible_facts.os_family and ansible_facts.distribution_version facts
ansible.builtin.setup: ansible.builtin.setup:
gather_subset: distribution gather_subset: distribution
when: ansible_facts == {} when: ansible_facts == {}
@@ -26,7 +26,7 @@
- ansible.builtin.include_tasks: "{{ lookup('first_found', files) }}" - ansible.builtin.include_tasks: "{{ lookup('first_found', files) }}"
vars: vars:
files: files:
- "{{ ansible_os_family | lower }}.yml" - "{{ ansible_facts.os_family | lower }}.yml"
- "default.yml" - "default.yml"
when: when:
- has_httptester|bool - has_httptester|bool

2
tests/integration/targets/setup_bcrypt/tasks/main.yml
View File

@@ -17,7 +17,7 @@
extra_args: "-c {{ remote_constraints }}" extra_args: "-c {{ remote_constraints }}"
- name: Register bcrypt version - name: Register bcrypt version
ansible.builtin.command: "{{ ansible_python.executable }} -c 'import bcrypt; print(bcrypt.__version__)'" ansible.builtin.command: "{{ ansible_facts.python.executable }} -c 'import bcrypt; print(bcrypt.__version__)'"
register: bcrypt_version register: bcrypt_version
ignore_errors: true ignore_errors: true

20
tests/integration/targets/setup_openssl/tasks/main.yml
View File

@@ -9,7 +9,7 @@
#################################################################### ####################################################################
- name: Register system environment - name: Register system environment
ansible.builtin.command: "{{ ansible_python.executable }} -c 'import os; print(dict(os.environ))'" ansible.builtin.command: "{{ ansible_facts.python.executable }} -c 'import os; print(dict(os.environ))'"
register: sys_environment register: sys_environment
- name: Show system environment - name: Show system environment
@@ -21,8 +21,8 @@
openssl_binary: openssl openssl_binary: openssl
- name: Include OS-specific variables - name: Include OS-specific variables
ansible.builtin.include_vars: '{{ ansible_os_family }}.yml' ansible.builtin.include_vars: '{{ ansible_facts.os_family }}.yml'
when: not ansible_os_family == "Darwin" when: not ansible_facts.os_family == "Darwin"
- name: Check whether OpenSSL is there - name: Check whether OpenSSL is there
ansible.builtin.command: "{{ openssl_binary }} version" ansible.builtin.command: "{{ openssl_binary }} version"
@@ -33,7 +33,7 @@
become: true become: true
ansible.builtin.package: ansible.builtin.package:
name: '{{ openssl_package_name }}' name: '{{ openssl_package_name }}'
when: not ansible_os_family == 'Darwin' and openssl_version_full is failed when: not ansible_facts.os_family == 'Darwin' and openssl_version_full is failed
- name: Register openssl version (full) - name: Register openssl version (full)
ansible.builtin.command: "{{ openssl_binary }} version" ansible.builtin.command: "{{ openssl_binary }} version"
@@ -43,7 +43,7 @@
ansible.builtin.debug: ansible.builtin.debug:
var: openssl_version_full.stdout_lines var: openssl_version_full.stdout_lines
- when: ansible_os_family == "Darwin" and "LibreSSL" in openssl_version_full.stdout - when: ansible_facts.os_family == "Darwin" and "LibreSSL" in openssl_version_full.stdout
# In case LibreSSL is installed on macOS, we need to install a more modern OpenSSL # In case LibreSSL is installed on macOS, we need to install a more modern OpenSSL
block: block:
- name: MACOS | Find brew binary - name: MACOS | Find brew binary
@@ -93,29 +93,29 @@
block: block:
- name: Install from system packages - name: Install from system packages
when: ansible_os_family != "Darwin" and target_system_python when: ansible_facts.os_family != "Darwin" and target_system_python
block: block:
- name: Install cryptography (Python 3 from system packages) - name: Install cryptography (Python 3 from system packages)
become: true become: true
ansible.builtin.package: ansible.builtin.package:
name: '{{ cryptography_package_name_python3 }}' name: '{{ cryptography_package_name_python3 }}'
when: ansible_python_version is version('3.0', '>=') when: ansible_facts.python_version is version('3.0', '>=')
- name: Install cryptography (Python 2 from system packages) - name: Install cryptography (Python 2 from system packages)
become: true become: true
ansible.builtin.package: ansible.builtin.package:
name: '{{ cryptography_package_name }}' name: '{{ cryptography_package_name }}'
when: ansible_python_version is version('3.0', '<') when: ansible_facts.python_version is version('3.0', '<')
- name: Install from PyPi - name: Install from PyPi
when: ansible_os_family == "Darwin" or not target_system_python when: ansible_facts.os_family == "Darwin" or not target_system_python
block: block:
- name: Install cryptography (PyPi) - name: Install cryptography (PyPi)
become: true become: true
ansible.builtin.pip: ansible.builtin.pip:
name: 'cryptography{% if ansible_os_family == "Darwin" %}>=3.3{% endif %}' name: 'cryptography{% if ansible_facts.os_family == "Darwin" %}>=3.3{% endif %}'
state: "{{ 'latest' if not target_system_python_cannot_upgrade_cryptography else omit }}" state: "{{ 'latest' if not target_system_python_cannot_upgrade_cryptography else omit }}"
extra_args: "-c {{ remote_constraints }}" extra_args: "-c {{ remote_constraints }}"

2
tests/integration/targets/setup_openssl/vars/FreeBSD.yml
View File

@@ -5,4 +5,4 @@
openssl_package_name: openssl openssl_package_name: openssl
cryptography_package_name: py27-cryptography cryptography_package_name: py27-cryptography
cryptography_package_name_python3: "py{{ ansible_python.version.major }}{{ ansible_python.version.minor }}-cryptography" cryptography_package_name_python3: "py{{ ansible_facts.python.version.major }}{{ ansible_facts.python.version.minor }}-cryptography"

4
tests/integration/targets/setup_pkg_mgr/tasks/main.yml
View File

@@ -12,10 +12,10 @@
pkg_mgr: community.general.pkgng pkg_mgr: community.general.pkgng
ansible_pkg_mgr: community.general.pkgng ansible_pkg_mgr: community.general.pkgng
cacheable: true cacheable: true
when: ansible_os_family == 'FreeBSD' when: ansible_facts.os_family == 'FreeBSD'
- ansible.builtin.set_fact: - ansible.builtin.set_fact:
pkg_mgr: community.general.zypper pkg_mgr: community.general.zypper
ansible_pkg_mgr: community.general.zypper ansible_pkg_mgr: community.general.zypper
cacheable: true cacheable: true
when: ansible_os_family == 'Suse' when: ansible_facts.os_family == 'Suse'

4
tests/integration/targets/setup_remote_tmp_dir/tasks/main.yml
View File

@@ -8,7 +8,7 @@
# and should not be used as examples of how to write Ansible roles # # and should not be used as examples of how to write Ansible roles #
#################################################################### ####################################################################
- name: make sure we have the ansible_os_family and ansible_distribution_version facts - name: make sure we have the ansible_facts.os_family and ansible_facts.distribution_version facts
ansible.builtin.setup: ansible.builtin.setup:
gather_subset: distribution gather_subset: distribution
when: ansible_facts == {} when: ansible_facts == {}
@@ -16,5 +16,5 @@
- ansible.builtin.include_tasks: "{{ lookup('first_found', files) }}" - ansible.builtin.include_tasks: "{{ lookup('first_found', files) }}"
vars: vars:
files: files:
- "{{ ansible_os_family | lower }}.yml" - "{{ ansible_facts.os_family | lower }}.yml"
- "default.yml" - "default.yml"

6
tests/integration/targets/setup_ssh_keygen/tasks/main.yml
View File

@@ -9,13 +9,13 @@
#################################################################### ####################################################################
- name: Include OS-specific variables - name: Include OS-specific variables
ansible.builtin.include_vars: '{{ ansible_os_family }}.yml' ansible.builtin.include_vars: '{{ ansible_facts.os_family }}.yml'
when: not ansible_os_family == "Darwin" and not ansible_os_family == "FreeBSD" when: not ansible_facts.os_family == "Darwin" and not ansible_facts.os_family == "FreeBSD"
- name: Install ssh-keygen - name: Install ssh-keygen
ansible.builtin.package: ansible.builtin.package:
name: '{{ openssh_client_package_name }}' name: '{{ openssh_client_package_name }}'
when: not ansible_os_family == "Darwin" and not ansible_os_family == "FreeBSD" when: not ansible_facts.os_family == "Darwin" and not ansible_facts.os_family == "FreeBSD"
- name: Get ssh version - name: Get ssh version
ansible.builtin.shell: ssh -Vq 2>&1|sed 's/^.*OpenSSH_\([0-9]\{1,\}\.[0-9]\{1,\}\).*$/\1/' ansible.builtin.shell: ssh -Vq 2>&1|sed 's/^.*OpenSSH_\([0-9]\{1,\}\.[0-9]\{1,\}\).*$/\1/'

2
tests/integration/targets/x509_certificate/tasks/selfsigned.yml
View File

@@ -235,7 +235,7 @@
community.crypto.openssl_privatekey: community.crypto.openssl_privatekey:
path: '{{ remote_tmp_dir }}/privatekey_ecc.pem' path: '{{ remote_tmp_dir }}/privatekey_ecc.pem'
type: ECC type: ECC
curve: "{{ (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}" curve: "{{ (ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '6') | ternary('secp521r1', 'secp256k1') }}"
# ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead # ^ cryptography on CentOS6 doesn't support secp256k1, so we use secp521r1 instead
- name: (Selfsigned, {{ select_crypto_backend }}) Generate CSR - name: (Selfsigned, {{ select_crypto_backend }}) Generate CSR