ansible/test/integration/targets/get_certificate/tests/validate.yml
John Westcott IV 6469baf460 Added get_certificate module (#41735)
* Added get_certificate module.

* Fixed test against bogus_ca.pem file
2018-12-07 13:27:16 +00:00

99 lines
2.4 KiB
YAML

- name: Get servers certificate
get_certificate:
host: "{{ httpbin_host }}"
port: 443
register: result
- debug: var=result
- assert:
that:
# This module should never change anything
- result is not changed
- result is not failed
# We got the correct ST from the cert
- "'North Carolina' == result.subject.ST"
- name: Connect to http port (will fail because there is no SSL cert to get)
get_certificate:
host: "{{ httpbin_host }}"
port: 80
register: result
ignore_errors: true
- assert:
that:
- result is not changed
- result is failed
# We got the expected error message
- "'The handshake operation timed out' in result.msg or 'unknown protocol' in result.msg or 'wrong version number' in result.msg"
- name: Test timeout option
get_certificate:
host: "{{ httpbin_host }}"
port: 1234
timeout: 1
register: result
ignore_errors: true
- assert:
that:
- result is not changed
- result is failed
# We got the expected error message
- "'Failed to get cert from port with error: timed out' == result.msg or 'Connection refused' in result.msg"
- name: Test failure if ca_certs is not a valid file
get_certificate:
host: "{{ httpbin_host }}"
port: 443
ca_certs: dn.e
register: result
ignore_errors: true
- assert:
that:
- result is not changed
- result is failed
# We got the correct response from the module
- "'ca_certs file does not exist' == result.msg"
- name: Download CA Cert as pem from server
get_url:
url: "http://ansible.http.tests/cacert.pem"
dest: "{{ output_dir }}/temp.pem"
- name: Get servers certificate comparing it to its own ca_cert file
get_certificate:
ca_certs: '{{ output_dir }}/temp.pem'
host: "{{ httpbin_host }}"
port: 443
register: result
- assert:
that:
- result is not changed
- result is not failed
- name: Get a temp directory
tempfile:
state: directory
register: my_temp_dir
- name: Deploy the bogus_ca.pem file
copy:
src: "bogus_ca.pem"
dest: "{{ my_temp_dir.path }}/bogus_ca.pem"
- name: Get servers certificate comparing it to an invalid ca_cert file
get_certificate:
ca_certs: '{{ my_temp_dir.path }}/bogus_ca.pem'
host: "{{ httpbin_host }}"
port: 443
register: result
ignore_errors: true
- assert:
that:
- result is not changed
- result.failed