ansible/test/integration/targets/prepare_http_tests/tasks/default.yml
Matt Martz 35b0fef536
Changes required for macOS 10.15 ()
* Use default group of staff on macos to prevent sudo issues
* Install gnu-tar for macos in git and unarchive tests
* Enable timezone module to support py3 on macos
* If the virtualenv command is missing, try python -m virtualenv
* Install passlib for filter_core on macos
* Install paramiko via pip on macos for paramiko tests
* Normalize discovered python interpreter on macos
* Get pip tests passing, by ensuring we have wheel installed
* Create /etc/ansible for ca certs on mac, list lookup_url as destructive
* Fixups for CA certs
* Include macos
* Dynamically get cafile instead of hardcoding the path
2020-09-25 15:30:47 -04:00

64 lines
1.9 KiB
YAML

- name: RedHat - Enable the dynamic CA configuration feature
command: update-ca-trust force-enable
when: ansible_os_family == 'RedHat'
- name: RedHat - Retrieve test cacert
get_url:
url: "http://ansible.http.tests/cacert.pem"
dest: "/etc/pki/ca-trust/source/anchors/ansible.pem"
when: ansible_os_family == 'RedHat'
- name: Get client cert/key
get_url:
url: "http://ansible.http.tests/{{ item }}"
dest: "{{ remote_tmp_dir }}/{{ item }}"
with_items:
- client.pem
- client.key
- name: Suse - Retrieve test cacert
get_url:
url: "http://ansible.http.tests/cacert.pem"
dest: "/etc/pki/trust/anchors/ansible.pem"
when: ansible_os_family == 'Suse'
- name: Debian/Alpine - Retrieve test cacert
get_url:
url: "http://ansible.http.tests/cacert.pem"
dest: "/usr/local/share/ca-certificates/ansible.crt"
when: ansible_os_family in ['Debian', 'Alpine']
- name: Redhat - Update ca trust
command: update-ca-trust extract
when: ansible_os_family == 'RedHat'
- name: Debian/Alpine/Suse - Update ca certificates
command: update-ca-certificates
when: ansible_os_family in ['Debian', 'Alpine', 'Suse']
- name: FreeBSD - Retrieve test cacert
get_url:
url: "http://ansible.http.tests/cacert.pem"
dest: "/tmp/ansible.pem"
when: ansible_os_family == 'FreeBSD'
- name: FreeBSD - Add cacert to root certificate store
blockinfile:
path: "/etc/ssl/cert.pem"
block: "{{ lookup('file', '/tmp/ansible.pem') }}"
when: ansible_os_family == 'FreeBSD'
- name: MacOS - Retrieve test cacert
when: ansible_os_family == 'Darwin'
block:
- uri:
url: "http://ansible.http.tests/cacert.pem"
return_content: true
register: cacert_pem
- raw: '{{ ansible_python_interpreter }} -c "import ssl; print(ssl.get_default_verify_paths().cafile)"'
register: macos_cafile
- blockinfile:
path: "{{ macos_cafile.stdout_lines|first }}"
block: "{{ cacert_pem.content }}"