ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-09-22 07:01:54 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

openssl_certificate: update for #54298 (state=absent fix) (#54353)

Browse source 
* Update for #54298: Certificate is abstract, so instantiating doesn't work.

* Add test for removal.
This commit is contained in:
Felix Fontein 2019-03-26 16:09:54 +01:00 committed by John R Barker
commit 5bb5c9d295
3 changed files with 60 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/ansible/modules/crypto/openssl_certificate.py
View file

@ -691,6 +691,14 @@ class Certificate(crypto_utils.OpenSSLObject):
return True return True
class CertificateAbsent(Certificate):
def __init__(self, module):
super(CertificateAbsent, self).__init__(module, 'cryptography') # backend doesn't matter
def generate(self, module):
pass
def dump(self, check_mode=False): def dump(self, check_mode=False):
# Use only for absent # Use only for absent
@ -1684,8 +1692,7 @@ def main():
) )
if module.params['state'] == 'absent': if module.params['state'] == 'absent':
# backend doesn't matter certificate = CertificateAbsent(module)
certificate = Certificate(module, 'cryptography')
else: else:
if module.params['provider'] != 'assertonly' and module.params['csr_path'] is None: if module.params['provider'] != 'assertonly' and module.params['csr_path'] is None:

1
test/integration/targets/openssl_certificate/tasks/impl.yml
View file

@ -5,3 +5,4 @@
- import_tasks: expired.yml - import_tasks: expired.yml
- import_tasks: selfsigned.yml - import_tasks: selfsigned.yml
- import_tasks: ownca.yml - import_tasks: ownca.yml
- import_tasks: removal.yml

50
test/integration/targets/openssl_certificate/tasks/removal.yml Normal file
View file

@ -0,0 +1,50 @@
---
- name: (Removal, {{select_crypto_backend}}) Generate privatekey
openssl_privatekey:
path: '{{ output_dir }}/removal_privatekey.pem'
- name: (Removal, {{select_crypto_backend}}) Generate CSR
openssl_csr:
path: '{{ output_dir }}/removal_csr.csr'
privatekey_path: '{{ output_dir }}/removal_privatekey.pem'
- name: (Removal, {{select_crypto_backend}}) Generate selfsigned certificate
openssl_certificate:
path: '{{ output_dir }}/removal_cert.pem'
csr_path: '{{ output_dir }}/removal_csr.csr'
privatekey_path: '{{ output_dir }}/removal_privatekey.pem'
provider: selfsigned
selfsigned_digest: sha256
select_crypto_backend: '{{ select_crypto_backend }}'
- name: "(Removal, {{select_crypto_backend}}) Check that file is not gone"
stat:
path: "{{ output_dir }}/removal_cert.pem"
register: removal_1_prestat
- name: "(Removal, {{select_crypto_backend}}) Remove certificate"
openssl_certificate:
path: "{{ output_dir }}/removal_cert.pem"
state: absent
select_crypto_backend: '{{ select_crypto_backend }}'
register: removal_1
- name: "(Removal, {{select_crypto_backend}}) Check that file is gone"
stat:
path: "{{ output_dir }}/removal_cert.pem"
register: removal_1_poststat
- name: "(Removal, {{select_crypto_backend}}) Remove certificate (idempotent)"
openssl_certificate:
path: "{{ output_dir }}/removal_cert.pem"
state: absent
select_crypto_backend: '{{ select_crypto_backend }}'
register: removal_2
- name: (Removal, {{select_crypto_backend}}) Ensure removal worked
assert:
that:
- removal_1_prestat.stat.exists
- removal_1 is changed
- not removal_1_poststat.stat.exists
- removal_2 is not changed