openssl_privatekey: add backup option (#53593)

* Add backup option to openssl_privatekey. * Add changelog fragment. * Make module available in remove(). * Add tests for backup. * Update lib/ansible/modules/crypto/openssl_privatekey.py Co-Authored-By: felixfontein <felix@fontein.de> * Update lib/ansible/modules/crypto/openssl_privatekey.py Co-Authored-By: felixfontein <felix@fontein.de> * Update lib/ansible/modules/crypto/openssl_privatekey.py Co-Authored-By: felixfontein <felix@fontein.de> * Update lib/ansible/modules/crypto/openssl_privatekey.py
2026-05-06 13:22:48 +00:00 · 2019-03-18 17:34:47 +01:00
parent 3fa39ac818
commit e00f315358
9 changed files with 81 additions and 11 deletions
--- a/test/integration/targets/openssl_privatekey/tasks/impl.yml
+++ b/test/integration/targets/openssl_privatekey/tasks/impl.yml
@@ -149,6 +149,7 @@
    passphrase: hunter2
    cipher: "{{ 'aes256' if select_crypto_backend == 'pyopenssl' else 'auto' }}"
    select_crypto_backend: '{{ select_crypto_backend }}'
+    backup: yes
  register: passphrase_1

 - name: Generate privatekey with passphrase (idempotent)
@@ -157,18 +158,21 @@
    passphrase: hunter2
    cipher: "{{ 'aes256' if select_crypto_backend == 'pyopenssl' else 'auto' }}"
    select_crypto_backend: '{{ select_crypto_backend }}'
+    backup: yes
  register: passphrase_2

 - name: Regenerate privatekey without passphrase
  openssl_privatekey:
    path: '{{ output_dir }}/privatekeypw.pem'
    select_crypto_backend: '{{ select_crypto_backend }}'
+    backup: yes
  register: passphrase_3

 - name: Regenerate privatekey without passphrase (idempotent)
  openssl_privatekey:
    path: '{{ output_dir }}/privatekeypw.pem'
    select_crypto_backend: '{{ select_crypto_backend }}'
+    backup: yes
  register: passphrase_4

 - name: Regenerate privatekey with passphrase
@@ -177,4 +181,25 @@
    passphrase: hunter2
    cipher: "{{ 'aes256' if select_crypto_backend == 'pyopenssl' else 'auto' }}"
    select_crypto_backend: '{{ select_crypto_backend }}'
+    backup: yes
  register: passphrase_5
+
+- name: Remove module
+  openssl_privatekey:
+    path: '{{ output_dir }}/privatekeypw.pem'
+    passphrase: hunter2
+    cipher: "{{ 'aes256' if select_crypto_backend == 'pyopenssl' else 'auto' }}"
+    select_crypto_backend: '{{ select_crypto_backend }}'
+    backup: yes
+    state: absent
+  register: remove_1
+
+- name: Remove module (idempotent)
+  openssl_privatekey:
+    path: '{{ output_dir }}/privatekeypw.pem'
+    passphrase: hunter2
+    cipher: "{{ 'aes256' if select_crypto_backend == 'pyopenssl' else 'auto' }}"
+    select_crypto_backend: '{{ select_crypto_backend }}'
+    backup: yes
+    state: absent
+  register: remove_2
--- a/test/integration/targets/openssl_privatekey/tests/validate.yml
+++ b/test/integration/targets/openssl_privatekey/tests/validate.yml
@@ -113,3 +113,16 @@
      - passphrase_3 is changed
      - passphrase_4 is not changed
      - passphrase_5 is changed
+      - passphrase_1.backup_file is undefined
+      - passphrase_2.backup_file is undefined
+      - passphrase_3.backup_file is not none
+      - passphrase_4.backup_file is undefined
+      - passphrase_5.backup_file is not none
+
+- name: Validate remove
+  assert:
+    that:
+      - remove_1 is changed
+      - remove_2 is not changed
+      - remove_1.backup_file is not none
+      - remove_2.backup_file is undefined