2014-09-03 17:04:02 +02:00
|
|
|
# Test code for the file module.
|
|
|
|
# (c) 2014, Richard Isaacson <richard.c.isaacson@gmail.com>
|
|
|
|
|
|
|
|
# This file is part of Ansible
|
|
|
|
#
|
|
|
|
# Ansible is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# Ansible is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
2015-12-18 02:51:42 +01:00
|
|
|
- name: Determine if python looks like it will support modern ssl features like SNI
|
2016-09-03 19:21:22 +02:00
|
|
|
command: "{{ ansible_python.executable }} -c 'from ssl import SSLContext'"
|
2015-12-18 02:51:42 +01:00
|
|
|
ignore_errors: True
|
|
|
|
register: python_test
|
|
|
|
|
|
|
|
- name: Set python_has_sslcontext if we have it
|
|
|
|
set_fact:
|
|
|
|
python_has_ssl_context: True
|
|
|
|
when: python_test.rc == 0
|
|
|
|
|
|
|
|
- name: Set python_has_sslcontext False if we don't have it
|
|
|
|
set_fact:
|
|
|
|
python_has_ssl_context: False
|
|
|
|
when: python_test.rc != 0
|
|
|
|
|
2016-04-22 20:38:03 +02:00
|
|
|
- name: Define test files for file schema
|
|
|
|
set_fact:
|
|
|
|
geturl_srcfile: "{{ output_dir | expanduser }}/aurlfile.txt"
|
|
|
|
geturl_dstfile: "{{ output_dir | expanduser }}/aurlfile_copy.txt"
|
|
|
|
|
|
|
|
- name: Create source file
|
2016-04-18 16:47:38 +02:00
|
|
|
copy:
|
|
|
|
dest: "{{ geturl_srcfile }}"
|
|
|
|
content: "foobar"
|
2016-04-22 20:38:03 +02:00
|
|
|
|
|
|
|
- name: test file fetch
|
|
|
|
get_url:
|
|
|
|
url: "{{ 'file://' + geturl_srcfile }}"
|
2016-04-18 16:47:38 +02:00
|
|
|
dest: "{{ geturl_dstfile }}"
|
|
|
|
register: result
|
2016-04-22 20:38:03 +02:00
|
|
|
|
|
|
|
- name: assert success and change
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- result.changed
|
|
|
|
- '"OK" in result.msg'
|
|
|
|
|
|
|
|
- name: test nonexisting file fetch
|
|
|
|
get_url:
|
|
|
|
url: "{{ 'file://' + geturl_srcfile + 'NOFILE' }}"
|
2016-04-18 16:47:38 +02:00
|
|
|
dest: "{{ geturl_dstfile + 'NOFILE' }}"
|
|
|
|
register: result
|
2016-04-22 20:38:03 +02:00
|
|
|
ignore_errors: True
|
|
|
|
|
|
|
|
- name: assert success and change
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- result.failed
|
|
|
|
|
2014-09-03 17:04:02 +02:00
|
|
|
- name: test https fetch
|
2016-05-11 05:43:07 +02:00
|
|
|
get_url: url="https://{{ httpbin_host }}/get" dest={{output_dir}}/get_url.txt force=yes
|
2014-09-03 17:04:02 +02:00
|
|
|
register: result
|
|
|
|
|
|
|
|
- name: assert the get_url call was successful
|
|
|
|
assert:
|
|
|
|
that:
|
2016-05-11 05:43:07 +02:00
|
|
|
- result.changed
|
2014-09-03 17:04:02 +02:00
|
|
|
- '"OK" in result.msg'
|
2015-05-28 21:35:37 +02:00
|
|
|
|
2015-05-29 00:35:25 +02:00
|
|
|
- name: test https fetch to a site with mismatched hostname and certificate
|
2015-05-28 21:35:37 +02:00
|
|
|
get_url:
|
2016-05-11 05:43:07 +02:00
|
|
|
url: "https://{{ badssl_host }}/"
|
2015-05-28 21:35:37 +02:00
|
|
|
dest: "{{ output_dir }}/shouldnotexist.html"
|
|
|
|
ignore_errors: True
|
|
|
|
register: result
|
|
|
|
|
|
|
|
- stat:
|
|
|
|
path: "{{ output_dir }}/shouldnotexist.html"
|
|
|
|
register: stat_result
|
|
|
|
|
|
|
|
- name: Assert that the file was not downloaded
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- "result.failed == true"
|
2016-04-05 02:35:47 +02:00
|
|
|
- "'Failed to validate the SSL certificate' in result.msg"
|
2015-05-28 21:35:37 +02:00
|
|
|
- "stat_result.stat.exists == false"
|
2015-05-29 00:35:25 +02:00
|
|
|
|
|
|
|
- name: test https fetch to a site with mismatched hostname and certificate and validate_certs=no
|
|
|
|
get_url:
|
2016-05-11 05:43:07 +02:00
|
|
|
url: "https://{{ badssl_host }}/"
|
|
|
|
dest: "{{ output_dir }}/get_url_no_validate.html"
|
2015-05-29 00:35:25 +02:00
|
|
|
validate_certs: no
|
|
|
|
register: result
|
|
|
|
|
|
|
|
- stat:
|
2016-05-11 05:43:07 +02:00
|
|
|
path: "{{ output_dir }}/get_url_no_validate.html"
|
2015-05-29 00:35:25 +02:00
|
|
|
register: stat_result
|
|
|
|
|
2015-05-29 02:01:18 +02:00
|
|
|
- name: Assert that the file was downloaded
|
2015-05-29 00:35:25 +02:00
|
|
|
assert:
|
|
|
|
that:
|
2015-05-29 02:01:18 +02:00
|
|
|
- "result.changed == true"
|
2015-05-29 00:35:25 +02:00
|
|
|
- "stat_result.stat.exists == true"
|
2015-07-14 20:48:41 +02:00
|
|
|
|
2016-05-11 05:43:07 +02:00
|
|
|
# SNI Tests
|
|
|
|
# SNI is only built into the stdlib from python-2.7.9 onwards
|
|
|
|
- name: Test that SNI works
|
|
|
|
get_url:
|
|
|
|
url: 'https://{{ sni_host }}/'
|
|
|
|
dest: "{{ output_dir }}/sni.html"
|
|
|
|
register: get_url_result
|
|
|
|
ignore_errors: True
|
|
|
|
|
|
|
|
- command: "grep '{{ sni_host }}' {{ output_dir}}/sni.html"
|
|
|
|
register: data_result
|
|
|
|
when: "{{ python_has_ssl_context }}"
|
|
|
|
|
|
|
|
- debug: var=get_url_result
|
|
|
|
- name: Assert that SNI works with this python version
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'data_result.rc == 0'
|
|
|
|
- '"failed" not in get_url_result'
|
|
|
|
when: "{{ python_has_ssl_context }}"
|
|
|
|
|
|
|
|
# If the client doesn't support SNI then get_url should have failed with a certificate mismatch
|
|
|
|
- name: Assert that hostname verification failed because SNI is not supported on this version of python
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'get_url_result["failed"]'
|
|
|
|
when: "{{ not python_has_ssl_context }}"
|
2015-12-20 20:33:42 +01:00
|
|
|
|
|
|
|
# These tests are just side effects of how the site is hosted. It's not
|
|
|
|
# specifically a test site. So the tests may break due to the hosting changing
|
2015-07-14 20:48:41 +02:00
|
|
|
- name: Test that SNI works
|
|
|
|
get_url:
|
2016-05-11 05:43:07 +02:00
|
|
|
url: 'https://{{ sni_host }}/'
|
2015-07-14 20:48:41 +02:00
|
|
|
dest: "{{ output_dir }}/sni.html"
|
|
|
|
register: get_url_result
|
|
|
|
ignore_errors: True
|
|
|
|
|
2016-05-11 05:43:07 +02:00
|
|
|
- command: "grep '{{ sni_host }}' {{ output_dir}}/sni.html"
|
2015-07-14 20:48:41 +02:00
|
|
|
register: data_result
|
2015-12-18 02:51:42 +01:00
|
|
|
when: "{{ python_has_ssl_context }}"
|
2015-07-14 20:48:41 +02:00
|
|
|
|
2015-12-17 20:25:45 +01:00
|
|
|
- debug: var=get_url_result
|
2015-07-14 20:48:41 +02:00
|
|
|
- name: Assert that SNI works with this python version
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'data_result.rc == 0'
|
|
|
|
- '"failed" not in get_url_result'
|
2015-12-18 02:51:42 +01:00
|
|
|
when: "{{ python_has_ssl_context }}"
|
2015-07-14 20:48:41 +02:00
|
|
|
|
|
|
|
# If the client doesn't support SNI then get_url should have failed with a certificate mismatch
|
|
|
|
- name: Assert that hostname verification failed because SNI is not supported on this version of python
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'get_url_result["failed"]'
|
2015-12-18 02:51:42 +01:00
|
|
|
when: "{{ not python_has_ssl_context }}"
|
2015-12-20 20:33:42 +01:00
|
|
|
# End hacky SNI test section
|
2016-03-07 22:35:20 +01:00
|
|
|
|
|
|
|
- name: Test get_url with redirect
|
|
|
|
get_url:
|
2016-05-11 05:43:07 +02:00
|
|
|
url: 'http://{{ httpbin_host }}/redirect/6'
|
2016-03-07 22:35:20 +01:00
|
|
|
dest: "{{ output_dir }}/redirect.json"
|
2016-03-20 15:58:23 +01:00
|
|
|
|
|
|
|
- name: Test that setting file modes work
|
|
|
|
get_url:
|
2016-05-11 05:43:07 +02:00
|
|
|
url: 'http://{{ httpbin_host }}/'
|
2016-03-20 15:58:23 +01:00
|
|
|
dest: '{{ output_dir }}/test'
|
|
|
|
mode: '0707'
|
|
|
|
register: result
|
|
|
|
|
|
|
|
- stat:
|
|
|
|
path: "{{ output_dir }}/test"
|
|
|
|
register: stat_result
|
|
|
|
|
|
|
|
- name: Assert that the file has the right permissions
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- "result.changed == true"
|
|
|
|
- "stat_result.stat.mode == '0707'"
|
|
|
|
|
|
|
|
- name: Test that setting file modes on an already downlaoded file work
|
|
|
|
get_url:
|
2016-05-11 05:43:07 +02:00
|
|
|
url: 'http://{{ httpbin_host }}/'
|
2016-03-20 15:58:23 +01:00
|
|
|
dest: '{{ output_dir }}/test'
|
|
|
|
mode: '0070'
|
|
|
|
register: result
|
|
|
|
|
|
|
|
- stat:
|
|
|
|
path: "{{ output_dir }}/test"
|
|
|
|
register: stat_result
|
|
|
|
|
|
|
|
- name: Assert that the file has the right permissions
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- "result.changed == true"
|
|
|
|
- "stat_result.stat.mode == '0070'"
|
2016-06-13 19:59:42 +02:00
|
|
|
|
|
|
|
#https://github.com/ansible/ansible/issues/16191
|
|
|
|
- name: Test url split with no filename
|
|
|
|
get_url:
|
2016-09-28 03:11:09 +02:00
|
|
|
url: https://{{ httpbin_host }}
|
2016-06-13 19:59:42 +02:00
|
|
|
dest: "{{ output_dir }}"
|
2017-04-07 18:54:37 +02:00
|
|
|
|
|
|
|
|
|
|
|
- name: Test client cert auth, with certs
|
|
|
|
get_url:
|
|
|
|
url: "https://ansible.http.tests/ssl_client_verify"
|
|
|
|
client_cert: "{{ output_dir }}/client.pem"
|
|
|
|
client_key: "{{ output_dir }}/client.key"
|
|
|
|
dest: "{{ output_dir }}/ssl_client_verify"
|
|
|
|
when: has_httptester
|
|
|
|
|
|
|
|
- name: Assert that the ssl_client_verify file contains the correct content
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'lookup("file", "{{ output_dir }}/ssl_client_verify") == "ansible.http.tests:SUCCESS"'
|
|
|
|
when: has_httptester
|