ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-08-12 17:14:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

[stable-10] Adjust YAML files (#10233) (#10244)

Browse source 
Adjust YAML files (#10233)

Adjust YAML files.

(cherry picked from commit eaa5e07b28)
This commit is contained in:
Felix Fontein 2025-06-15 10:02:03 +02:00 committed by GitHub
commit a9e892952d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
244 changed files with 7272 additions and 7329 deletions
Download patch file Download diff file Expand all files Collapse all files

48
tests/integration/targets/lookup_passwordstore/tasks/package.yml
View file

@ -23,17 +23,17 @@
- block:
# OpenSUSE Leap>=15.0 don't include password-store in main repo
- name: SUSE | Add security:privacy repo
template:
src: security-privacy.repo.j2
dest: /etc/zypp/repos.d/security:privacy.repo
- name: SUSE | Add security:privacy repo
template:
src: security-privacy.repo.j2
dest: /etc/zypp/repos.d/security:privacy.repo
- name: SUSE | Install package
package:
name: password-store
state: present
update_cache: true
disable_gpg_check: true
- name: SUSE | Install package
package:
name: password-store
state: present
update_cache: true
disable_gpg_check: true
when: ansible_facts.pkg_mgr in ['zypper', 'community.general.zypper']
# See https://github.com/gopasspw/gopass/issues/1849#issuecomment-802789285
@ -41,20 +41,20 @@
when: ansible_facts.os_family == 'Debian'
become: true
block:
- name: Fetch gopass repo keyring
ansible.builtin.get_url:
url: https://packages.gopass.pw/repos/gopass/gopass-archive-keyring.gpg
dest: /usr/share/keyrings/gopass-archive-keyring.gpg
- name: Add gopass repo
ansible.builtin.apt_repository:
repo: "deb [arch=amd64,arm64,armhf \
signed-by=/usr/share/keyrings/gopass-archive-keyring.gpg] \
https://packages.gopass.pw/repos/gopass stable main"
state: present
- name: Update apt-cache and install gopass package
ansible.builtin.apt:
name: gopass
update_cache: true
- name: Fetch gopass repo keyring
ansible.builtin.get_url:
url: https://packages.gopass.pw/repos/gopass/gopass-archive-keyring.gpg
dest: /usr/share/keyrings/gopass-archive-keyring.gpg
- name: Add gopass repo
ansible.builtin.apt_repository:
repo: "deb [arch=amd64,arm64,armhf \
signed-by=/usr/share/keyrings/gopass-archive-keyring.gpg] \
https://packages.gopass.pw/repos/gopass stable main"
state: present
- name: Update apt-cache and install gopass package
ansible.builtin.apt:
name: gopass
update_cache: true
- name: Install on macOS
when: ansible_facts.distribution == 'MacOSX'

200
tests/integration/targets/lookup_passwordstore/tasks/password_tests.yml
View file

@ -3,128 +3,128 @@
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
- name: Create a password ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'test-pass', length=8, create=true, backend=backend) }}"
- name: Create a password ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'test-pass', length=8, create=true, backend=backend) }}"
- name: Fetch password from an existing file ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'test-pass', backend=backend) }}"
- name: Fetch password from an existing file ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'test-pass', backend=backend) }}"
- name: Verify password ({{ backend }})
assert:
that:
- readpass == newpass
- name: Verify password ({{ backend }})
assert:
that:
- readpass == newpass
- name: Create a password with equal sign ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'test-pass-equal userpass=SimpleSample= create=true', backend=backend) }}"
- name: Create a password with equal sign ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'test-pass-equal userpass=SimpleSample= create=true', backend=backend) }}"
- name: Fetch a password with equal sign ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'test-pass-equal', backend=backend) }}"
- name: Fetch a password with equal sign ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'test-pass-equal', backend=backend) }}"
- name: Verify password ({{ backend }})
assert:
that:
- readpass == newpass
- name: Verify password ({{ backend }})
assert:
that:
- readpass == newpass
- name: Create a password using missing=create ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'test-missing-create', missing='create', length=8, backend=backend) }}"
- name: Create a password using missing=create ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'test-missing-create', missing='create', length=8, backend=backend) }}"
- name: Fetch password from an existing file ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'test-missing-create', backend=backend) }}"
- name: Fetch password from an existing file ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'test-missing-create', backend=backend) }}"
- name: Verify password ({{ backend }})
assert:
that:
- readpass == newpass
- name: Verify password ({{ backend }})
assert:
that:
- readpass == newpass
- name: Fetch password from existing file using missing=empty ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'test-missing-create', missing='empty', backend=backend) }}"
- name: Fetch password from existing file using missing=empty ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'test-missing-create', missing='empty', backend=backend) }}"
- name: Verify password ({{ backend }})
assert:
that:
- readpass == newpass
- name: Verify password ({{ backend }})
assert:
that:
- readpass == newpass
- name: Fetch password from non-existing file using missing=empty ({{ backend }})
set_fact:
readpass: "{{ query('community.general.passwordstore', 'test-missing-pass', missing='empty', backend=backend) }}"
- name: Fetch password from non-existing file using missing=empty ({{ backend }})
set_fact:
readpass: "{{ query('community.general.passwordstore', 'test-missing-pass', missing='empty', backend=backend) }}"
- name: Verify password ({{ backend }})
assert:
that:
- readpass == [ none ]
- name: Verify password ({{ backend }})
assert:
that:
- readpass == [ none ]
- name: Create the YAML password ({{ backend }})
command: "{{ backend }} insert -m -f test-yaml-pass"
args:
stdin: |
testpassword
key: |
multi
line
- name: Create the YAML password ({{ backend }})
command: "{{ backend }} insert -m -f test-yaml-pass"
args:
stdin: |
testpassword
key: |
multi
line
- name: Fetch a password with YAML subkey ({{ backend }})
set_fact:
readyamlpass: "{{ lookup('community.general.passwordstore', 'test-yaml-pass', subkey='key', backend=backend) }}"
- name: Fetch a password with YAML subkey ({{ backend }})
set_fact:
readyamlpass: "{{ lookup('community.general.passwordstore', 'test-yaml-pass', subkey='key', backend=backend) }}"
- name: Read a yaml subkey ({{ backend }})
assert:
that:
- readyamlpass == 'multi\nline\n'
- name: Read a yaml subkey ({{ backend }})
assert:
that:
- readyamlpass == 'multi\nline\n'
- name: Create a non-YAML multiline file ({{ backend }})
command: "{{ backend }} insert -m -f test-multiline-pass"
args:
stdin: |
testpassword
random additional line
- name: Create a non-YAML multiline file ({{ backend }})
command: "{{ backend }} insert -m -f test-multiline-pass"
args:
stdin: |
testpassword
random additional line
- name: Fetch password from multiline file ({{ backend }})
set_fact:
readyamlpass: "{{ lookup('community.general.passwordstore', 'test-multiline-pass', backend=backend) }}"
- name: Fetch password from multiline file ({{ backend }})
set_fact:
readyamlpass: "{{ lookup('community.general.passwordstore', 'test-multiline-pass', backend=backend) }}"
- name: Multiline pass only returns first line ({{ backend }})
assert:
that:
- readyamlpass == 'testpassword'
- name: Multiline pass only returns first line ({{ backend }})
assert:
that:
- readyamlpass == 'testpassword'
- name: Fetch all from multiline file ({{ backend }})
set_fact:
readyamlpass: "{{ lookup('community.general.passwordstore', 'test-multiline-pass', returnall='yes', backend=backend) }}"
- name: Fetch all from multiline file ({{ backend }})
set_fact:
readyamlpass: "{{ lookup('community.general.passwordstore', 'test-multiline-pass', returnall='yes', backend=backend) }}"
- name: Multiline pass returnall returns everything in the file ({{ backend }})
assert:
that:
- readyamlpass == 'testpassword\nrandom additional line\n'
- name: Multiline pass returnall returns everything in the file ({{ backend }})
assert:
that:
- readyamlpass == 'testpassword\nrandom additional line\n'
- name: Create a password in a folder ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'folder/test-pass', length=8, create=true, backend=backend) }}"
- name: Create a password in a folder ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'folder/test-pass', length=8, create=true, backend=backend) }}"
- name: Fetch password from folder ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'folder/test-pass', backend=backend) }}"
- name: Fetch password from folder ({{ backend }})
set_fact:
readpass: "{{ lookup('community.general.passwordstore', 'folder/test-pass', backend=backend) }}"
- name: Verify password from folder ({{ backend }})
assert:
that:
- readpass == newpass
- name: Verify password from folder ({{ backend }})
assert:
that:
- readpass == newpass
- name: Try to read folder as passname ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'folder', backend=backend) }}"
ignore_errors: true
register: eval_error
- name: Try to read folder as passname ({{ backend }})
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'folder', backend=backend) }}"
ignore_errors: true
register: eval_error
- name: Make sure reading folder as passname failed ({{ backend }})
assert:
that:
- eval_error is failed
- '"passname folder not found" in eval_error.msg'
when: backend != "gopass" # Remove this line once gopass backend can handle this
- name: Make sure reading folder as passname failed ({{ backend }})
assert:
that:
- eval_error is failed
- '"passname folder not found" in eval_error.msg'
when: backend != "gopass" # Remove this line once gopass backend can handle this

180
tests/integration/targets/lookup_passwordstore/tasks/tests.yml
View file

@ -30,7 +30,7 @@
- name: Store path of pass executable
set_fact:
passpath: "{{ result.stdout }}"
passpath: "{{ result.stdout }}"
- name: Move original pass into place if there was a leftover
command:
@ -49,7 +49,7 @@
- name: Store path of gopass executable
set_fact:
gopasspath: "{{ result.stdout }}"
gopasspath: "{{ result.stdout }}"
- name: Move original gopass into place if there was a leftover
command:
@ -64,9 +64,9 @@
command: "{{ item }} --version"
register: versions
loop:
- "{{ gpg2_bin }}"
- pass
- gopass
- "{{ gpg2_bin }}"
- pass
- gopass
- name: Output versions of tools
debug:
@ -131,52 +131,52 @@
- name: Test pass compatibility shim detection
block:
- name: Move original pass out of the way
command:
argv:
- mv
- "{{ passpath }}"
- "{{ passpath }}.testorig"
args:
creates: "{{ passpath }}.testorig"
- name: Move original pass out of the way
command:
argv:
- mv
- "{{ passpath }}"
- "{{ passpath }}.testorig"
args:
creates: "{{ passpath }}.testorig"
- name: Create dummy pass script
ansible.builtin.copy:
content: |
#!/bin/sh
echo "shim_ok"
dest: "{{ passpath }}"
mode: '0755'
- name: Create dummy pass script
ansible.builtin.copy:
content: |
#!/bin/sh
echo "shim_ok"
dest: "{{ passpath }}"
mode: '0755'
- name: Try reading from non-existent passwordstore location with different pass utility
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'test-pass') }}"
environment:
PATH: "/tmp"
- name: Try reading from non-existent passwordstore location with different pass utility
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'test-pass') }}"
environment:
PATH: "/tmp"
- name: Verify password received from shim
assert:
that:
- newpass == "shim_ok"
- name: Verify password received from shim
assert:
that:
- newpass == "shim_ok"
- name: Try to read folder as passname with a different pass utility
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'folder') }}"
- name: Try to read folder as passname with a different pass utility
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'folder') }}"
- name: Verify password received from shim
assert:
that:
- newpass == "shim_ok"
- name: Verify password received from shim
assert:
that:
- newpass == "shim_ok"
always:
- name: Move original pass back into place
command:
argv:
- mv
- "{{ passpath }}.testorig"
- "{{ passpath }}"
args:
removes: "{{ passpath }}.testorig"
- name: Move original pass back into place
command:
argv:
- mv
- "{{ passpath }}.testorig"
- "{{ passpath }}"
args:
removes: "{{ passpath }}.testorig"
# This are in addition to the real gopass tests above
# and verify plugin logic
@ -184,56 +184,56 @@
vars:
passwordstore_backend: "gopass"
block:
- name: Check if gopass executable exists
stat:
path: "{{ gopasspath }}"
register: gopass_check
- name: Check if gopass executable exists
stat:
path: "{{ gopasspath }}"
register: gopass_check
- name: Move original gopass out of the way
command:
argv:
- mv
- "{{ gopasspath }}"
- "{{ gopasspath }}.testorig"
args:
creates: "{{ gopasspath }}.testorig"
when: gopass_check.stat.exists == true
- name: Move original gopass out of the way
command:
argv:
- mv
- "{{ gopasspath }}"
- "{{ gopasspath }}.testorig"
args:
creates: "{{ gopasspath }}.testorig"
when: gopass_check.stat.exists == true
- name: Create mocked gopass script
ansible.builtin.copy:
content: |
#!/bin/sh
if [ "$GOPASS_NO_REMINDER" != "YES" ]; then
exit 1
fi
if [ "$1" = "--version" ]; then
exit 2
fi
echo "gopass_ok"
dest: "{{ gopasspath }}"
mode: '0755'
- name: Create mocked gopass script
ansible.builtin.copy:
content: |
#!/bin/sh
if [ "$GOPASS_NO_REMINDER" != "YES" ]; then
exit 1
fi
if [ "$1" = "--version" ]; then
exit 2
fi
echo "gopass_ok"
dest: "{{ gopasspath }}"
mode: '0755'
- name: Try to read folder as passname using gopass mock
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'folder') }}"
- name: Try to read folder as passname using gopass mock
set_fact:
newpass: "{{ lookup('community.general.passwordstore', 'folder') }}"
- name: Verify password received from gopass mock
assert:
that:
- newpass == "gopass_ok"
- name: Verify password received from gopass mock
assert:
that:
- newpass == "gopass_ok"
always:
- name: Remove mocked gopass
ansible.builtin.file:
path: "{{ gopasspath }}"
state: absent
- name: Remove mocked gopass
ansible.builtin.file:
path: "{{ gopasspath }}"
state: absent
- name: Move original gopass back into place
command:
argv:
- mv
- "{{ gopasspath }}.testorig"
- "{{ gopasspath }}"
args:
removes: "{{ gopasspath }}.testorig"
when: gopass_check.stat.exists == true
- name: Move original gopass back into place
command:
argv:
- mv
- "{{ gopasspath }}.testorig"
- "{{ gopasspath }}"
args:
removes: "{{ gopasspath }}.testorig"
when: gopass_check.stat.exists == true