diff options
author | Felix Fontein <felix@fontein.de> | 2019-08-18 20:48:34 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-08-18 20:48:34 +0200 |
commit | 0d88ec241fd6c24cd6194b4fa477a8478c7e4cbd (patch) | |
tree | e981028b8387aea96c4ad818b42d788592e309c3 /test/integration | |
parent | 16056f4978c8c85601734c8544afe336716f0e39 (diff) | |
download | ansible-0d88ec241fd6c24cd6194b4fa477a8478c7e4cbd.tar.gz |
openssl_certificate: fix idempotency (#60745)
* Fix openssl_certificate idempotency.
* Add changelog.
* Add integration test.
Diffstat (limited to 'test/integration')
-rw-r--r-- | test/integration/targets/openssl_certificate/tasks/selfsigned.yml | 18 | ||||
-rw-r--r-- | test/integration/targets/openssl_certificate/tests/validate_selfsigned.yml | 5 |
2 files changed, 23 insertions, 0 deletions
diff --git a/test/integration/targets/openssl_certificate/tasks/selfsigned.yml b/test/integration/targets/openssl_certificate/tasks/selfsigned.yml index 0dbe4c4fb0..8e145197c7 100644 --- a/test/integration/targets/openssl_certificate/tasks/selfsigned.yml +++ b/test/integration/targets/openssl_certificate/tasks/selfsigned.yml @@ -17,6 +17,13 @@ subject: commonName: www.example.com +- name: (Selfsigned, {{select_crypto_backend}}) Generate CSR + openssl_csr: + path: '{{ output_dir }}/csr_minimal_change.csr' + privatekey_path: '{{ output_dir }}/privatekey.pem' + subject: + commonName: www.example.org + - name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate openssl_certificate: path: '{{ output_dir }}/cert.pem' @@ -47,6 +54,17 @@ select_crypto_backend: '{{ select_crypto_backend }}' check_mode: yes +- name: (Selfsigned, {{select_crypto_backend}}) Generate selfsigned certificate (check mode, other CSR) + openssl_certificate: + path: '{{ output_dir }}/cert.pem' + csr_path: '{{ output_dir }}/csr_minimal_change.csr' + privatekey_path: '{{ output_dir }}/privatekey.pem' + provider: selfsigned + selfsigned_digest: sha256 + select_crypto_backend: '{{ select_crypto_backend }}' + check_mode: yes + register: selfsigned_certificate_csr_minimal_change + - name: (Selfsigned, {{select_crypto_backend}}) Check selfsigned certificate openssl_certificate: path: '{{ output_dir }}/cert.pem' diff --git a/test/integration/targets/openssl_certificate/tests/validate_selfsigned.yml b/test/integration/targets/openssl_certificate/tests/validate_selfsigned.yml index a357f7f816..1c24effa11 100644 --- a/test/integration/targets/openssl_certificate/tests/validate_selfsigned.yml +++ b/test/integration/targets/openssl_certificate/tests/validate_selfsigned.yml @@ -30,6 +30,11 @@ - selfsigned_certificate.notBefore == selfsigned_certificate_idempotence.notBefore - selfsigned_certificate.notAfter == selfsigned_certificate_idempotence.notAfter +- name: Make sure that changes in CSR are detected even if private key is specified + assert: + that: + - selfsigned_certificate_csr_minimal_change is changed + - block: - name: (Selfsigned validation, {{select_crypto_backend}}) Validate certificate v2 (test - certificate version == 2) shell: 'openssl x509 -noout -in {{ output_dir}}/cert_v2.pem -text | grep "Version" | sed "s/.*: \(.*\) .*/\1/g"' |