ansible/test/integration/targets/openssl_pkcs12/tests/validate.yml
2019-03-30 15:38:43 +01:00

52 lines
1.8 KiB
YAML

---
- name: 'Install pexpect'
pip:
name: 'pexpect'
state: 'present'
- name: 'Validate PKCS#12'
command: "openssl pkcs12 -info -in {{ output_dir }}/ansible.p12 -nodes -passin pass:''"
register: p12
- name: 'Validate PKCS#12 with no private key'
command: "openssl pkcs12 -info -in {{ output_dir }}/ansible_no_pkey.p12 -nodes -passin pass:''"
register: p12_validate_no_pkey
- name: 'Validate PKCS#12 (assert)'
assert:
that:
- p12.stdout_lines[2].split(':')[-1].strip() == 'abracadabra'
- p12_standard.mode == '0400'
- p12_no_pkey.changed
- p12_validate_no_pkey.stdout_lines[-1] == '-----END CERTIFICATE-----'
- p12_force.changed
- p12_force_and_mode.mode == '0644' and p12_force_and_mode.changed
- name: Check passphrase on private key
assert:
that:
- passphrase_error_1 is failed
- "'assphrase' in passphrase_error_1.msg or 'assword' in passphrase_error_1.msg"
- passphrase_error_2 is failed
- "'assphrase' in passphrase_error_2.msg or 'assword' in passphrase_error_2.msg or 'serializ' in passphrase_error_2.msg"
- passphrase_error_3 is failed
- "'assphrase' in passphrase_error_3.msg or 'assword' in passphrase_error_3.msg or 'serializ' in passphrase_error_3.msg"
- name: "Verify that broken PKCS#12 will be regenerated"
assert:
that:
- output_broken is changed
- name: Check backup
assert:
that:
- p12_backup_1 is changed
- p12_backup_1.backup_file is undefined
- p12_backup_2 is not changed
- p12_backup_2.backup_file is undefined
- p12_backup_3 is changed
- p12_backup_3.backup_file is string
- p12_backup_4 is changed
- p12_backup_4.backup_file is string
- p12_backup_5 is not changed
- p12_backup_5.backup_file is undefined