ec2_key: add a test for the force option (#32748)
* ec2_key: test force option * ec2_key: changes requested via review comments
This commit is contained in:
parent
d5e247243f
commit
239464f804
2 changed files with 39 additions and 15 deletions
|
@ -5,9 +5,6 @@
|
||||||
# - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY
|
# - EC2_SECRET_KEY -> AWS_SECRET_ACCESS_KEY -> AWX_SECRET_KEY
|
||||||
# - EC2_REGION -> AWS_REGION
|
# - EC2_REGION -> AWS_REGION
|
||||||
#
|
#
|
||||||
# TODO - name: test 'region' parameter
|
|
||||||
# TODO - name: test 'state=absent' parameter for existing key
|
|
||||||
# TODO - name: test 'state=absent' parameter for missing key
|
|
||||||
# TODO - name: test 'validate_certs' parameter
|
# TODO - name: test 'validate_certs' parameter
|
||||||
|
|
||||||
# ============================================================
|
# ============================================================
|
||||||
|
@ -147,7 +144,7 @@
|
||||||
- '"EC2ResponseError: 401 Unauthorized" in result.module_stderr'
|
- '"EC2ResponseError: 401 Unauthorized" in result.module_stderr'
|
||||||
|
|
||||||
# ============================================================
|
# ============================================================
|
||||||
- name: test state=absent with key_material
|
- name: test removing a non-existent keypair
|
||||||
ec2_key:
|
ec2_key:
|
||||||
name='{{ec2_key_name}}'
|
name='{{ec2_key_name}}'
|
||||||
ec2_region={{ec2_region}}
|
ec2_region={{ec2_region}}
|
||||||
|
@ -296,6 +293,25 @@
|
||||||
- '"private_key" not in result.results[0].key'
|
- '"private_key" not in result.results[0].key'
|
||||||
- 'result.results[0].key.fingerprint == "{{fingerprint}}"'
|
- 'result.results[0].key.fingerprint == "{{fingerprint}}"'
|
||||||
|
|
||||||
|
# ============================================================
|
||||||
|
|
||||||
|
- name: test force=no with another_key_material (expect changed=false)
|
||||||
|
ec2_key:
|
||||||
|
name: '{{ ec2_key_name }}'
|
||||||
|
ec2_region: '{{ ec2_region }}'
|
||||||
|
ec2_access_key: '{{ ec2_access_key }}'
|
||||||
|
ec2_secret_key: '{{ ec2_secret_key }}'
|
||||||
|
security_token: '{{ security_token }}'
|
||||||
|
key_material: '{{ another_key_material }}'
|
||||||
|
force: no
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: assert force=no with another_key_material (expect changed=false)
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- 'not result.changed'
|
||||||
|
- 'result.key.fingerprint == "{{ fingerprint }}"'
|
||||||
|
|
||||||
# ============================================================
|
# ============================================================
|
||||||
- name: test state=absent with key_material (expect changed=true)
|
- name: test state=absent with key_material (expect changed=true)
|
||||||
ec2_key:
|
ec2_key:
|
||||||
|
|
|
@ -15,33 +15,41 @@
|
||||||
# You should have received a copy of the GNU General Public License
|
# You should have received a copy of the GNU General Public License
|
||||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
- name: create random file
|
- name: create a temp file
|
||||||
shell: mktemp /tmp/id_rsa.XXXXXX
|
tempfile:
|
||||||
register: sshkey
|
state: file
|
||||||
|
register: sshkey_file
|
||||||
tags:
|
tags:
|
||||||
- prepare
|
- prepare
|
||||||
|
|
||||||
- name: generate sshkey
|
- name: generate sshkey
|
||||||
shell: echo 'y' | ssh-keygen -P '' -f {{sshkey.stdout}}
|
shell: echo 'y' | ssh-keygen -P '' -f {{ sshkey_file.path }}
|
||||||
tags:
|
tags:
|
||||||
- prepare
|
- prepare
|
||||||
|
|
||||||
- name: record key_material
|
- name: create another temp file
|
||||||
command: cat {{sshkey.stdout}}.pub
|
tempfile:
|
||||||
register: key_material
|
state: file
|
||||||
|
register: another_sshkey_file
|
||||||
|
tags:
|
||||||
|
- prepare
|
||||||
|
|
||||||
|
- name: generate another_sshkey
|
||||||
|
shell: echo 'y' | ssh-keygen -P '' -f {{ another_sshkey_file.path }}
|
||||||
tags:
|
tags:
|
||||||
- prepare
|
- prepare
|
||||||
|
|
||||||
- name: record fingerprint
|
- name: record fingerprint
|
||||||
shell: openssl rsa -in {{sshkey.stdout}} -pubout -outform DER 2>/dev/null | openssl md5 -c
|
shell: openssl rsa -in {{ sshkey_file.path }} -pubout -outform DER 2>/dev/null | openssl md5 -c
|
||||||
register: fingerprint
|
register: fingerprint
|
||||||
tags:
|
tags:
|
||||||
- prepare
|
- prepare
|
||||||
|
|
||||||
- name: set facts for future roles
|
- name: set facts for future roles
|
||||||
set_fact:
|
set_fact:
|
||||||
sshkey: '{{sshkey.stdout}}'
|
sshkey: '{{ sshkey_file.path }}'
|
||||||
key_material: '{{key_material.stdout}}'
|
key_material: "{{ lookup('file', sshkey_file.path ~ '.pub') }}"
|
||||||
fingerprint: '{{fingerprint.stdout.split()[1]}}'
|
another_key_material: "{{ lookup('file', another_sshkey_file.path ~ '.pub') }}"
|
||||||
|
fingerprint: '{{ fingerprint.stdout.split()[1] }}'
|
||||||
tags:
|
tags:
|
||||||
- prepare
|
- prepare
|
||||||
|
|
Loading…
Reference in a new issue