mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
* Update for #54298: Certificate is abstract, so instantiating doesn't work. * Add test for removal.
This commit is contained in:
parent
df86b9ec3d
commit
5bb5c9d295
3 changed files with 60 additions and 2 deletions
|
@ -691,6 +691,14 @@ class Certificate(crypto_utils.OpenSSLObject):
|
|||
|
||||
return True
|
||||
|
||||
|
||||
class CertificateAbsent(Certificate):
|
||||
def __init__(self, module):
|
||||
super(CertificateAbsent, self).__init__(module, 'cryptography') # backend doesn't matter
|
||||
|
||||
def generate(self, module):
|
||||
pass
|
||||
|
||||
def dump(self, check_mode=False):
|
||||
# Use only for absent
|
||||
|
||||
|
@ -1684,8 +1692,7 @@ def main():
|
|||
)
|
||||
|
||||
if module.params['state'] == 'absent':
|
||||
# backend doesn't matter
|
||||
certificate = Certificate(module, 'cryptography')
|
||||
certificate = CertificateAbsent(module)
|
||||
|
||||
else:
|
||||
if module.params['provider'] != 'assertonly' and module.params['csr_path'] is None:
|
||||
|
|
|
@ -5,3 +5,4 @@
|
|||
- import_tasks: expired.yml
|
||||
- import_tasks: selfsigned.yml
|
||||
- import_tasks: ownca.yml
|
||||
- import_tasks: removal.yml
|
||||
|
|
|
@ -0,0 +1,50 @@
|
|||
---
|
||||
- name: (Removal, {{select_crypto_backend}}) Generate privatekey
|
||||
openssl_privatekey:
|
||||
path: '{{ output_dir }}/removal_privatekey.pem'
|
||||
|
||||
- name: (Removal, {{select_crypto_backend}}) Generate CSR
|
||||
openssl_csr:
|
||||
path: '{{ output_dir }}/removal_csr.csr'
|
||||
privatekey_path: '{{ output_dir }}/removal_privatekey.pem'
|
||||
|
||||
- name: (Removal, {{select_crypto_backend}}) Generate selfsigned certificate
|
||||
openssl_certificate:
|
||||
path: '{{ output_dir }}/removal_cert.pem'
|
||||
csr_path: '{{ output_dir }}/removal_csr.csr'
|
||||
privatekey_path: '{{ output_dir }}/removal_privatekey.pem'
|
||||
provider: selfsigned
|
||||
selfsigned_digest: sha256
|
||||
select_crypto_backend: '{{ select_crypto_backend }}'
|
||||
|
||||
- name: "(Removal, {{select_crypto_backend}}) Check that file is not gone"
|
||||
stat:
|
||||
path: "{{ output_dir }}/removal_cert.pem"
|
||||
register: removal_1_prestat
|
||||
|
||||
- name: "(Removal, {{select_crypto_backend}}) Remove certificate"
|
||||
openssl_certificate:
|
||||
path: "{{ output_dir }}/removal_cert.pem"
|
||||
state: absent
|
||||
select_crypto_backend: '{{ select_crypto_backend }}'
|
||||
register: removal_1
|
||||
|
||||
- name: "(Removal, {{select_crypto_backend}}) Check that file is gone"
|
||||
stat:
|
||||
path: "{{ output_dir }}/removal_cert.pem"
|
||||
register: removal_1_poststat
|
||||
|
||||
- name: "(Removal, {{select_crypto_backend}}) Remove certificate (idempotent)"
|
||||
openssl_certificate:
|
||||
path: "{{ output_dir }}/removal_cert.pem"
|
||||
state: absent
|
||||
select_crypto_backend: '{{ select_crypto_backend }}'
|
||||
register: removal_2
|
||||
|
||||
- name: (Removal, {{select_crypto_backend}}) Ensure removal worked
|
||||
assert:
|
||||
that:
|
||||
- removal_1_prestat.stat.exists
|
||||
- removal_1 is changed
|
||||
- not removal_1_poststat.stat.exists
|
||||
- removal_2 is not changed
|
Loading…
Add table
Reference in a new issue