ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-24 22:00:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

openssl_csr: improve subject validation (#53198)

Browse source 
* Improve subject field validation.

* Add country name idempotency test.

* Add failed country name test.

* Add changelog.
This commit is contained in:
Felix Fontein 2019-03-07 16:29:35 +01:00 committed by John R Barker
commit b2e992cecd
4 changed files with 56 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

35
test/integration/targets/openssl_csr/tasks/impl.yml
View file

@ -206,3 +206,38 @@
commonName: This is for Ansible
useCommonNameForSAN: no
select_crypto_backend: '{{ select_crypto_backend }}'
- name: Generate CSR with country name
openssl_csr:
path: '{{ output_dir }}/csr4.csr'
privatekey_path: '{{ output_dir }}/privatekey2.pem'
country_name: de
select_crypto_backend: '{{ select_crypto_backend }}'
register: country_idempotent_1
- name: Generate CSR with country name (idempotent)
openssl_csr:
path: '{{ output_dir }}/csr4.csr'
privatekey_path: '{{ output_dir }}/privatekey2.pem'
country_name: de
select_crypto_backend: '{{ select_crypto_backend }}'
register: country_idempotent_2
- name: Generate CSR with country name (idempotent 2)
openssl_csr:
path: '{{ output_dir }}/csr4.csr'
privatekey_path: '{{ output_dir }}/privatekey2.pem'
subject:
C: de
select_crypto_backend: '{{ select_crypto_backend }}'
register: country_idempotent_3
- name: Generate CSR with country name (bad country name)
openssl_csr:
path: '{{ output_dir }}/csr4.csr'
privatekey_path: '{{ output_dir }}/privatekey2.pem'
subject:
C: dex
select_crypto_backend: '{{ select_crypto_backend }}'
register: country_fail_4
ignore_errors: yes

8
test/integration/targets/openssl_csr/tests/validate.yml
View file

@ -101,3 +101,11 @@
assert:
that:
- csr3_cn.stdout.split('=')[-1] == 'This is for Ansible'
- name: Validate country name idempotency and validation
assert:
that:
- country_idempotent_1 is changed
- country_idempotent_2 is not changed
- country_idempotent_3 is not changed
- country_fail_4 is failed