Improve CI (#3348) (#3352)

* Remove superfluous test.

* Use remote_temp_dir instead of output_dir on remote.

* Read certificate from correct place.

* Adjust more places.

* Fix boolean.

* Improve cryptography setup.

* Fix java_keystore changes.

* Need to copy binary from remote.

* Use correct Python for serve script.

* Sleep before downloading.

* Use correct Python interpreter.

* Avoid failing shebang test.

* Fix permission error with macOS 11.1.

* Avoid shebang trouble.

(cherry picked from commit 7c43cc3faa)

tests/integration/targets/java_cert/defaults/main.yml

@@ -1,15 +1,15 @@
 ---
 test_pkcs12_path: testpkcs.p12
 test_keystore_path: keystore.jks
-test_keystore2_path: "{{ output_dir }}/keystore2.jks"
+test_keystore2_path: "{{ remote_tmp_dir }}/keystore2.jks"
 test_keystore2_password: changeit
-test_cert_path: "{{ output_dir }}/cert.pem"
-test_key_path: "{{ output_dir }}/key.pem"
-test_csr_path: "{{ output_dir }}/req.csr"
-test_cert2_path: "{{ output_dir }}/cert2.pem"
-test_key2_path: "{{ output_dir }}/key2.pem"
-test_csr2_path: "{{ output_dir }}/req2.csr"
-test_pkcs_path: "{{ output_dir }}/cert.p12"
-test_pkcs2_path: "{{ output_dir }}/cert2.p12"
+test_cert_path: "{{ remote_tmp_dir }}/cert.pem"
+test_key_path: "{{ remote_tmp_dir }}/key.pem"
+test_csr_path: "{{ remote_tmp_dir }}/req.csr"
+test_cert2_path: "{{ remote_tmp_dir }}/cert2.pem"
+test_key2_path: "{{ remote_tmp_dir }}/key2.pem"
+test_csr2_path: "{{ remote_tmp_dir }}/req2.csr"
+test_pkcs_path: "{{ remote_tmp_dir }}/cert.p12"
+test_pkcs2_path: "{{ remote_tmp_dir }}/cert2.p12"
 test_ssl: setupSSLServer.py
 test_ssl_port: 21500

tests/integration/targets/java_cert/meta/main.yml

@@ -1,3 +1,4 @@
 dependencies:
   - setup_java_keytool
   - setup_openssl
+  - setup_remote_tmp_dir

tests/integration/targets/java_cert/tasks/main.yml

@@ -9,15 +9,15 @@
     - name: prep pkcs12 file
       ansible.builtin.copy:
         src: "{{ test_pkcs12_path }}"
-        dest: "{{ output_dir }}/{{ test_pkcs12_path }}"
+        dest: "{{ remote_tmp_dir }}/{{ test_pkcs12_path }}"
 
     - name: import pkcs12
       community.general.java_cert:
-        pkcs12_path: "{{ output_dir }}/{{ test_pkcs12_path }}"
+        pkcs12_path: "{{ remote_tmp_dir }}/{{ test_pkcs12_path }}"
         pkcs12_password: changeit
         pkcs12_alias: default
         cert_alias: default
-        keystore_path: "{{ output_dir }}/{{ test_keystore_path }}"
+        keystore_path: "{{ remote_tmp_dir }}/{{ test_keystore_path }}"
         keystore_pass: changeme_keystore
         keystore_create: yes
         state: present
@@ -30,11 +30,11 @@
 
     - name: import pkcs12 with wrong password
       community.general.java_cert:
-        pkcs12_path: "{{ output_dir }}/{{ test_pkcs12_path }}"
+        pkcs12_path: "{{ remote_tmp_dir }}/{{ test_pkcs12_path }}"
         pkcs12_password: wrong_pass
         pkcs12_alias: default
         cert_alias: default_new
-        keystore_path: "{{ output_dir }}/{{ test_keystore_path }}"
+        keystore_path: "{{ remote_tmp_dir }}/{{ test_keystore_path }}"
         keystore_pass: changeme_keystore
         keystore_create: yes
         state: present
@@ -49,9 +49,9 @@
     - name: test fail on mutually exclusive params
       community.general.java_cert:
         cert_path: ca.crt
-        pkcs12_path: "{{ output_dir }}/{{ test_pkcs12_path }}"
+        pkcs12_path: "{{ remote_tmp_dir }}/{{ test_pkcs12_path }}"
         cert_alias: default
-        keystore_path: "{{ output_dir }}/{{ test_keystore_path }}"
+        keystore_path: "{{ remote_tmp_dir }}/{{ test_keystore_path }}"
         keystore_pass: changeme_keystore
         keystore_create: yes
         state: present
@@ -65,7 +65,7 @@
 
     - name: test fail on missing required params
       community.general.java_cert:
-        keystore_path: "{{ output_dir }}/{{ test_keystore_path }}"
+        keystore_path: "{{ remote_tmp_dir }}/{{ test_keystore_path }}"
         keystore_pass: changeme_keystore
         state: absent
       ignore_errors: true
@@ -78,7 +78,7 @@
 
     - name: delete object based on cert_alias parameter
       community.general.java_cert:
-        keystore_path: "{{ output_dir }}/{{ test_keystore_path }}"
+        keystore_path: "{{ remote_tmp_dir }}/{{ test_keystore_path }}"
         keystore_pass: changeme_keystore
         cert_alias: default
         state: absent
@@ -98,8 +98,8 @@
         path: "{{ item }}"
         state: absent
       loop:
-        - "{{ output_dir }}/{{ test_pkcs12_path }}"
-        - "{{ output_dir }}/{{ test_keystore_path }}"
+        - "{{ remote_tmp_dir }}/{{ test_pkcs12_path }}"
+        - "{{ remote_tmp_dir }}/{{ test_keystore_path }}"
         - "{{ test_keystore2_path }}"
         - "{{ test_cert_path }}"
         - "{{ test_key_path }}"

tests/integration/targets/java_cert/tasks/state_change.yml

@@ -239,13 +239,17 @@
 - name: Copy the ssl server script
   copy:
     src: "setupSSLServer.py"
-    dest: "{{ output_dir }}"
+    dest: "{{ remote_tmp_dir }}"
 
 - name: Create an SSL server that we will use for testing URL imports
-  command: python {{ output_dir }}/setupSSLServer.py {{ output_dir }} {{ test_ssl_port }}
+  command: "{{ ansible_python.executable }} {{ remote_tmp_dir }}/setupSSLServer.py {{ remote_tmp_dir }} {{ test_ssl_port }}"
   async: 10
   poll: 0
 
+- name: "Wait for one second to make sure that the serve script has actually been started"
+  pause:
+    seconds: 1
+
 - name: |
     Download the original cert.pem from our temporary server. The current cert should contain
      cert2.pem. Importing this cert should return a status of changed