ansible/test/integration/targets/openssl_csr_info/tasks/impl.yml

95 lines
3 KiB
YAML
Raw Normal View History

---
- debug:
msg: "Executing tests with backend {{ select_crypto_backend }}"
- name: ({{select_crypto_backend}}) Get CSR info
openssl_csr_info:
path: '{{ output_dir }}/csr_1.csr'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result
- name: Check whether subject behaves as expected
assert:
that:
- result.subject.organizationalUnitName == 'ACME Department'
- "['organizationalUnitName', 'Crypto Department'] in result.subject_ordered"
- "['organizationalUnitName', 'ACME Department'] in result.subject_ordered"
- name: Check SubjectKeyIdentifier and AuthorityKeyIdentifier
assert:
that:
- result.subject_key_identifier == "00:11:22:33"
- result.authority_key_identifier == "44:55:66:77"
- result.authority_cert_issuer == expected_authority_cert_issuer
- result.authority_cert_serial_number == 12345
vars:
expected_authority_cert_issuer:
- "DNS:ca.example.org"
- "IP:1.2.3.4"
when: select_crypto_backend != 'pyopenssl' and cryptography_version.stdout is version('1.3', '>=')
- name: Update result list
set_fact:
info_results: "{{ info_results + [result] }}"
- name: ({{select_crypto_backend}}) Get CSR info directly
openssl_csr_info:
content: '{{ lookup("file", output_dir ~ "/csr_1.csr") }}'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result_direct
- name: ({{select_crypto_backend}}) Compare output of direct and loaded info
assert:
that:
- result == result_direct
- name: ({{select_crypto_backend}}) Get CSR info
openssl_csr_info:
path: '{{ output_dir }}/csr_2.csr'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result
- name: Update result list
set_fact:
info_results: "{{ info_results + [result] }}"
- name: ({{select_crypto_backend}}) Get CSR info
openssl_csr_info:
path: '{{ output_dir }}/csr_3.csr'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result
- name: Check AuthorityKeyIdentifier
assert:
that:
- result.authority_key_identifier is none
- result.authority_cert_issuer == expected_authority_cert_issuer
- result.authority_cert_serial_number == 12345
vars:
expected_authority_cert_issuer:
- "DNS:ca.example.org"
- "IP:1.2.3.4"
when: select_crypto_backend != 'pyopenssl' and cryptography_version.stdout is version('1.3', '>=')
- name: Update result list
set_fact:
info_results: "{{ info_results + [result] }}"
- name: ({{select_crypto_backend}}) Get CSR info
openssl_csr_info:
path: '{{ output_dir }}/csr_4.csr'
select_crypto_backend: '{{ select_crypto_backend }}'
register: result
- name: Check AuthorityKeyIdentifier
assert:
that:
- result.authority_key_identifier == "44:55:66:77"
- result.authority_cert_issuer is none
- result.authority_cert_serial_number is none
when: select_crypto_backend != 'pyopenssl' and cryptography_version.stdout is version('1.3', '>=')
- name: Update result list
set_fact:
info_results: "{{ info_results + [result] }}"