diff options
Diffstat (limited to 'test/integration/targets/incidental_x509_crl/tasks')
-rw-r--r-- | test/integration/targets/incidental_x509_crl/tasks/impl.yml | 289 | ||||
-rw-r--r-- | test/integration/targets/incidental_x509_crl/tasks/main.yml | 83 |
2 files changed, 0 insertions, 372 deletions
diff --git a/test/integration/targets/incidental_x509_crl/tasks/impl.yml b/test/integration/targets/incidental_x509_crl/tasks/impl.yml deleted file mode 100644 index eafb2dad2b..0000000000 --- a/test/integration/targets/incidental_x509_crl/tasks/impl.yml +++ /dev/null @@ -1,289 +0,0 @@ ---- -- name: Create CRL 1 (check mode) - x509_crl: - path: '{{ output_dir }}/ca-crl1.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: 20191013000000Z - next_update: 20191113000000Z - revoked_certificates: - - path: '{{ output_dir }}/cert-1.pem' - revocation_date: 20191013000000Z - - path: '{{ output_dir }}/cert-2.pem' - revocation_date: 20191013000000Z - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - revocation_date: 20191001000000Z - check_mode: yes - register: crl_1_check -- name: Create CRL 1 - x509_crl: - path: '{{ output_dir }}/ca-crl1.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: 20191013000000Z - next_update: 20191113000000Z - revoked_certificates: - - path: '{{ output_dir }}/cert-1.pem' - revocation_date: 20191013000000Z - - path: '{{ output_dir }}/cert-2.pem' - revocation_date: 20191013000000Z - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - revocation_date: 20191001000000Z - register: crl_1 -- name: Retrieve CRL 1 infos - x509_crl_info: - path: '{{ output_dir }}/ca-crl1.crl' - register: crl_1_info_1 -- name: Retrieve CRL 1 infos via file content - x509_crl_info: - content: '{{ lookup("file", output_dir ~ "/ca-crl1.crl") }}' - register: crl_1_info_2 -- name: Create CRL 1 (idempotent, check mode) - x509_crl: - path: '{{ output_dir }}/ca-crl1.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: 20191013000000Z - next_update: 20191113000000Z - revoked_certificates: - - path: '{{ output_dir }}/cert-1.pem' - revocation_date: 20191013000000Z - - path: '{{ output_dir }}/cert-2.pem' - revocation_date: 20191013000000Z - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - revocation_date: 20191001000000Z - check_mode: yes - register: crl_1_idem_check -- name: Create CRL 1 (idempotent) - x509_crl: - path: '{{ output_dir }}/ca-crl1.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: 20191013000000Z - next_update: 20191113000000Z - revoked_certificates: - - path: '{{ output_dir }}/cert-1.pem' - revocation_date: 20191013000000Z - - path: '{{ output_dir }}/cert-2.pem' - revocation_date: 20191013000000Z - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - revocation_date: 20191001000000Z - register: crl_1_idem -- name: Create CRL 1 (idempotent with content, check mode) - x509_crl: - path: '{{ output_dir }}/ca-crl1.crl' - privatekey_content: "{{ lookup('file', output_dir ~ '/ca.key') }}" - issuer: - CN: Ansible - last_update: 20191013000000Z - next_update: 20191113000000Z - revoked_certificates: - - content: "{{ lookup('file', output_dir ~ '/cert-1.pem') }}" - revocation_date: 20191013000000Z - - content: "{{ lookup('file', output_dir ~ '/cert-2.pem') }}" - revocation_date: 20191013000000Z - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - revocation_date: 20191001000000Z - check_mode: yes - register: crl_1_idem_content_check -- name: Create CRL 1 (idempotent with content) - x509_crl: - path: '{{ output_dir }}/ca-crl1.crl' - privatekey_content: "{{ lookup('file', output_dir ~ '/ca.key') }}" - issuer: - CN: Ansible - last_update: 20191013000000Z - next_update: 20191113000000Z - revoked_certificates: - - content: "{{ lookup('file', output_dir ~ '/cert-1.pem') }}" - revocation_date: 20191013000000Z - - content: "{{ lookup('file', output_dir ~ '/cert-2.pem') }}" - revocation_date: 20191013000000Z - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - revocation_date: 20191001000000Z - register: crl_1_idem_content - -- name: Create CRL 2 (check mode) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - path: '{{ output_dir }}/cert-1.pem' - - path: '{{ output_dir }}/cert-2.pem' - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - check_mode: yes - register: crl_2_check -- name: Create CRL 2 - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - path: '{{ output_dir }}/cert-1.pem' - - path: '{{ output_dir }}/cert-2.pem' - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - register: crl_2 -- name: Create CRL 2 (idempotent, check mode) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - path: '{{ output_dir }}/cert-1.pem' - - path: '{{ output_dir }}/cert-2.pem' - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - ignore_timestamps: yes - check_mode: yes - register: crl_2_idem_check -- name: Create CRL 2 (idempotent) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - path: '{{ output_dir }}/cert-1.pem' - - path: '{{ output_dir }}/cert-2.pem' - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - - serial_number: 1234 - ignore_timestamps: yes - register: crl_2_idem -- name: Create CRL 2 (idempotent update, check mode) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - serial_number: 1235 - ignore_timestamps: yes - mode: update - check_mode: yes - register: crl_2_idem_update_change_check -- name: Create CRL 2 (idempotent update) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - serial_number: 1235 - ignore_timestamps: yes - mode: update - register: crl_2_idem_update_change -- name: Create CRL 2 (idempotent update, check mode) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - path: '{{ output_dir }}/cert-2.pem' - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - ignore_timestamps: yes - mode: update - check_mode: yes - register: crl_2_idem_update_check -- name: Create CRL 2 (idempotent update) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - path: '{{ output_dir }}/cert-2.pem' - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - ignore_timestamps: yes - mode: update - register: crl_2_idem_update -- name: Create CRL 2 (changed timestamps, check mode) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - path: '{{ output_dir }}/cert-2.pem' - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - ignore_timestamps: no - mode: update - check_mode: yes - register: crl_2_change_check -- name: Create CRL 2 (changed timestamps) - x509_crl: - path: '{{ output_dir }}/ca-crl2.crl' - privatekey_path: '{{ output_dir }}/ca.key' - issuer: - CN: Ansible - last_update: +0d - next_update: +0d - revoked_certificates: - - path: '{{ output_dir }}/cert-2.pem' - reason: key_compromise - reason_critical: yes - invalidity_date: 20191012000000Z - ignore_timestamps: no - mode: update - return_content: yes - register: crl_2_change diff --git a/test/integration/targets/incidental_x509_crl/tasks/main.yml b/test/integration/targets/incidental_x509_crl/tasks/main.yml deleted file mode 100644 index 1f82ff9e1b..0000000000 --- a/test/integration/targets/incidental_x509_crl/tasks/main.yml +++ /dev/null @@ -1,83 +0,0 @@ ---- -- set_fact: - certificates: - - name: ca - subject: - commonName: Ansible - is_ca: yes - - name: ca-2 - subject: - commonName: Ansible Other CA - is_ca: yes - - name: cert-1 - subject_alt_name: - - DNS:ansible.com - - name: cert-2 - subject_alt_name: - - DNS:example.com - - name: cert-3 - subject_alt_name: - - DNS:example.org - - IP:1.2.3.4 - - name: cert-4 - subject_alt_name: - - DNS:test.ansible.com - - DNS:b64.ansible.com - -- name: Generate private keys - openssl_privatekey: - path: '{{ output_dir }}/{{ item.name }}.key' - type: ECC - curve: secp256r1 - loop: "{{ certificates }}" - -- name: Generate CSRs - openssl_csr: - path: '{{ output_dir }}/{{ item.name }}.csr' - privatekey_path: '{{ output_dir }}/{{ item.name }}.key' - subject: "{{ item.subject | default(omit) }}" - subject_alt_name: "{{ item.subject_alt_name | default(omit) }}" - basic_constraints: "{{ 'CA:TRUE' if item.is_ca | default(false) else omit }}" - use_common_name_for_san: no - loop: "{{ certificates }}" - -- name: Generate CA certificates - openssl_certificate: - path: '{{ output_dir }}/{{ item.name }}.pem' - csr_path: '{{ output_dir }}/{{ item.name }}.csr' - privatekey_path: '{{ output_dir }}/{{ item.name }}.key' - provider: selfsigned - loop: "{{ certificates }}" - when: item.is_ca | default(false) - -- name: Generate other certificates - openssl_certificate: - path: '{{ output_dir }}/{{ item.name }}.pem' - csr_path: '{{ output_dir }}/{{ item.name }}.csr' - provider: ownca - ownca_path: '{{ output_dir }}/ca.pem' - ownca_privatekey_path: '{{ output_dir }}/ca.key' - loop: "{{ certificates }}" - when: not (item.is_ca | default(false)) - -- name: Get certificate infos - openssl_certificate_info: - path: '{{ output_dir }}/{{ item }}.pem' - loop: - - cert-1 - - cert-2 - - cert-3 - - cert-4 - register: certificate_infos - -- block: - - name: Running tests with cryptography backend - include_tasks: impl.yml - vars: - select_crypto_backend: cryptography - - - import_tasks: ../tests/validate.yml - vars: - select_crypto_backend: cryptography - - when: cryptography_version.stdout is version('1.2', '>=') |