internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-03-26 21:33:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8792635befe402f7ebb5f521bcdcd1e7fef9f1f9
community.crypto/tests/integration/targets/openssl_csr_pipe/tasks/impl.yml
Felix Fontein 8792635bef Fix some ansible-lint issues (#907) 
* Fix fqcn[action-core].

* Fix fqcn[action].

* Fix jinja[spacing].
2025-05-30 22:03:16 +02:00

97 lines
3.6 KiB
YAML
Raw Blame History

---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
- name: "({{ select_crypto_backend }}) Generate privatekey"
community.crypto.openssl_privatekey:
path: '{{ remote_tmp_dir }}/privatekey.pem'
size: '{{ default_rsa_key_size }}'
- name: "({{ select_crypto_backend }}) Generate CSR (check mode)"
community.crypto.openssl_csr_pipe:
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
subject:
commonName: www.ansible.com
select_crypto_backend: '{{ select_crypto_backend }}'
check_mode: true
register: generate_csr_check
- name: "({{ select_crypto_backend }}) Generate CSR"
community.crypto.openssl_csr_pipe:
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
subject:
commonName: www.ansible.com
select_crypto_backend: '{{ select_crypto_backend }}'
register: generate_csr
- name: "({{ select_crypto_backend }}) Generate CSR (idempotent)"
community.crypto.openssl_csr_pipe:
content: "{{ generate_csr.csr }}"
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
subject:
commonName: www.ansible.com
select_crypto_backend: '{{ select_crypto_backend }}'
register: generate_csr_idempotent
- name: "({{ select_crypto_backend }}) Generate CSR (idempotent, check mode)"
community.crypto.openssl_csr_pipe:
content: "{{ generate_csr.csr }}"
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
subject:
commonName: www.ansible.com
select_crypto_backend: '{{ select_crypto_backend }}'
check_mode: true
register: generate_csr_idempotent_check
- name: "({{ select_crypto_backend }}) Generate CSR (changed)"
community.crypto.openssl_csr_pipe:
content: "{{ generate_csr.csr }}"
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
subject:
commonName: ansible.com
select_crypto_backend: '{{ select_crypto_backend }}'
register: generate_csr_changed
- name: "({{ select_crypto_backend }}) Generate CSR (changed, check mode)"
community.crypto.openssl_csr_pipe:
content: "{{ generate_csr.csr }}"
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
subject:
commonName: ansible.com
select_crypto_backend: '{{ select_crypto_backend }}'
check_mode: true
register: generate_csr_changed_check
- name: "({{ select_crypto_backend }}) Validate CSR (test - privatekey modulus)"
ansible.builtin.command: '{{ openssl_binary }} rsa -noout -modulus -in {{ remote_tmp_dir }}/privatekey.pem'
register: privatekey_modulus
- name: "({{ select_crypto_backend }}) Validate CSR (test - Common Name)"
ansible.builtin.command: "{{ openssl_binary }} req -noout -subject -in /dev/stdin -nameopt oneline,-space_eq"
args:
stdin: "{{ generate_csr.csr }}"
register: csr_cn
- name: "({{ select_crypto_backend }}) Validate CSR (test - csr modulus)"
ansible.builtin.command: '{{ openssl_binary }} req -noout -modulus -in /dev/stdin'
args:
stdin: "{{ generate_csr.csr }}"
register: csr_modulus
- name: "({{ select_crypto_backend }}) Validate CSR (assert)"
ansible.builtin.assert:
that:
- csr_cn.stdout.split('=')[-1] == 'www.ansible.com'
- csr_modulus.stdout == privatekey_modulus.stdout
- name: "({{ select_crypto_backend }}) Validate CSR (check mode, idempotency)"
ansible.builtin.assert:
that:
- generate_csr_check is changed
- generate_csr is changed
- generate_csr_idempotent is not changed
- generate_csr_idempotent_check is not changed
- generate_csr_changed is changed
- generate_csr_changed_check is changed
Reference in New Issue View Git Blame Copy Permalink