java_keystore: overwrite instead of fail when password or alias does not match (#2262)

* Overwrite instead of fail when password does not match. * Update documentation. * Fix tests. * Update plugins/modules/system/java_keystore.py Co-authored-by: Amin Vakil <info@aminvakil.com> * Fix documentation. * Apply suggestions from code review Co-authored-by: quidame <quidame@poivron.org> * Update tests/unit/plugins/modules/system/test_java_keystore.py * One more. Co-authored-by: Amin Vakil <info@aminvakil.com> Co-authored-by: quidame <quidame@poivron.org>
2025-05-30 21:09:09 -07:00 · 2021-04-19 06:59:52 +02:00 · 2021-04-19 06:59:52 +02:00 · 91a0264f38
commit 91a0264f38
parent 6a8eb7b388
4 changed files with 46 additions and 30 deletions
--- a/tests/unit/plugins/modules/system/test_java_keystore.py
+++ b/tests/unit/plugins/modules/system/test_java_keystore.py
@ -250,19 +250,33 @@ class TestCertChanged(ModuleTestCase):
            supports_check_mode=self.spec.supports_check_mode
        )

-        module.fail_json = Mock()
-
        with patch('os.remove', return_value=True):
            self.create_file.side_effect = ['/tmp/placeholder']
            self.run_commands.side_effect = [(0, 'foo=abcd:1234:efgh', ''),
                                             (1, 'keytool error: java.lang.Exception: Alias <foo> does not exist', '')]
-            cert_changed(module, "openssl", "keytool", "/path/to/keystore.jks", "changeit", 'foo')
-            module.fail_json.assert_called_once_with(
-                cmd=["keytool", "-list", "-alias", "foo", "-keystore", "/path/to/keystore.jks", "-storepass:env", "STOREPASS", "-v"],
-                msg='keytool error: java.lang.Exception: Alias <foo> does not exist',
-                err='',
-                rc=1
-            )
+            result = cert_changed(module, "openssl", "keytool", "/path/to/keystore.jks", "changeit", 'foo')
+            self.assertTrue(result, 'Alias mismatch detected')
+
+    def test_cert_changed_password_mismatch(self):
+        set_module_args(dict(
+            certificate='cert-foo',
+            private_key='private-foo',
+            dest='/path/to/keystore.jks',
+            name='foo',
+            password='changeit'
+        ))
+
+        module = AnsibleModule(
+            argument_spec=self.spec.argument_spec,
+            supports_check_mode=self.spec.supports_check_mode
+        )
+
+        with patch('os.remove', return_value=True):
+            self.create_file.side_effect = ['/tmp/placeholder']
+            self.run_commands.side_effect = [(0, 'foo=abcd:1234:efgh', ''),
+                                             (1, 'keytool error: java.io.IOException: Keystore password was incorrect', '')]
+            result = cert_changed(module, "openssl", "keytool", "/path/to/keystore.jks", "changeit", 'foo')
+            self.assertTrue(result, 'Password mismatch detected')

    def test_cert_changed_fail_read_cert(self):
        set_module_args(dict(