added integration tests for rpm_key (#26134)

4 files changed, 87 insertions, 0 deletions

diff --git a/test/integration/targets/rpm_key/aliases b/test/integration/targets/rpm_key/aliases
new file mode 100644
index 0000000000..8e7d715f9c
--- /dev/null
+++ b/test/integration/targets/rpm_key/aliases
@@ -0,0 +1,2 @@
+destructive
+posix/ci/group1
diff --git a/test/integration/targets/rpm_key/defaults/main.yaml b/test/integration/targets/rpm_key/defaults/main.yaml
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/test/integration/targets/rpm_key/defaults/main.yaml
diff --git a/test/integration/targets/rpm_key/tasks/main.yaml b/test/integration/targets/rpm_key/tasks/main.yaml
new file mode 100644
index 0000000000..9f6fd4ec60
--- /dev/null
+++ b/test/integration/targets/rpm_key/tasks/main.yaml
@@ -0,0 +1,2 @@
+ - include: 'rpm_key.yaml'
+   when: ansible_os_family == "RedHat"
diff --git a/test/integration/targets/rpm_key/tasks/rpm_key.yaml b/test/integration/targets/rpm_key/tasks/rpm_key.yaml
new file mode 100644
index 0000000000..a8bb75b0cb
--- /dev/null
+++ b/test/integration/targets/rpm_key/tasks/rpm_key.yaml
@@ -0,0 +1,83 @@
+---
+- name: download EPEL GPG key
+  get_url:
+    url: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
+    dest: /tmp/RPM-GPG-KEY-EPEL-7
+
+- name: download sl rpm
+  get_url:
+    url: https://download.fedoraproject.org/pub/epel/7/x86_64/s/sl-5.02-1.el7.x86_64.rpm
+    dest: /tmp/sl.rpm
+
+- name: remove EPEL GPG key from keyring
+  rpm_key:
+    state: absent
+    key: /tmp/RPM-GPG-KEY-EPEL-7
+
+- name: check GPG signature of sl. Should fail
+  shell: "rpm --checksig /tmp/sl.rpm"
+  register: sl_check
+  ignore_errors: yes
+
+- name: confirm that signature check failed
+  assert:
+    that:
+      - "'MISSING KEYS' in sl_check.stdout"
+      - "sl_check.failed"
+
+- name: remove EPEL GPG key from keyring (Idempotant)
+  rpm_key:
+    state: absent
+    key: /tmp/RPM-GPG-KEY-EPEL-7
+  register: idempotant_test
+
+- name: check Idempotant
+  assert:
+    that: "not idempotant_test.changed"
+
+- name: add EPEL GPG key to key ring
+  rpm_key:
+    state: present
+    key: /tmp/RPM-GPG-KEY-EPEL-7
+
+- name: add EPEL GPG key to key ring (Idempotant)
+  rpm_key:
+    state: present
+    key: /tmp/RPM-GPG-KEY-EPEL-7
+
+- name: check GPG signature of sl. Should return okay
+  shell: "rpm --checksig /tmp/sl.rpm"
+  register: sl_check
+
+- name: confirm that signature check succeeded
+  assert:
+    that: "'rsa sha1 (md5) pgp md5 OK' in sl_check.stdout"
+
+- name: remove GPG key from url
+  rpm_key:
+    state: absent
+    key: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
+
+- name: Confirm key is missing
+  shell: "rpm --checksig /tmp/sl.rpm"
+  register: sl_check
+  ignore_errors: yes
+
+- name: confirm that signature check failed
+  assert:
+    that:
+      - "'MISSING KEYS' in sl_check.stdout"
+      - "sl_check.failed"
+
+- name: add GPG key from url
+  rpm_key:
+    state: present
+    key: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
+
+- name: check GPG signature of sl. Should return okay
+  shell: "rpm --checksig /tmp/sl.rpm"
+  register: sl_check
+
+- name: confirm that signature check succeeded
+  assert:
+    that: "'rsa sha1 (md5) pgp md5 OK' in sl_check.stdout"