8b68feb67e
* Improve link handling. * Also fetch alternate certificate chains. * Add retrieve_all_alternates option. * Simplify code. * Forgot when condition. * Add tests for retrieve_all_alternates. * Fixes. * Moved utility function for link parsing to module_utils. * Fix grammar.
85 lines
2.6 KiB
YAML
85 lines
2.6 KiB
YAML
---
|
|
- name: Check that certificate 1 is valid
|
|
assert:
|
|
that:
|
|
- cert_1_valid is not failed
|
|
- name: Check that certificate 1 contains correct SANs
|
|
assert:
|
|
that:
|
|
- "'DNS:example.com' in cert_1_text.stdout"
|
|
- name: Check that certificate 1 retrieval got all chains
|
|
assert:
|
|
that:
|
|
- "'all_chains' in cert_1_obtain_results"
|
|
- "'chain' in cert_1_obtain_results.all_chains[0]"
|
|
- "'full_chain' in cert_1_obtain_results.all_chains[0]"
|
|
- "lookup('file', output_dir ~ '/cert-1-chain.pem', rstrip=False) == cert_1_obtain_results.all_chains[0].chain"
|
|
- "lookup('file', output_dir ~ '/cert-1-fullchain.pem', rstrip=False) == cert_1_obtain_results.all_chains[0].full_chain"
|
|
|
|
- name: Check that certificate 2 is valid
|
|
assert:
|
|
that:
|
|
- cert_2_valid is not failed
|
|
- name: Check that certificate 2 contains correct SANs
|
|
assert:
|
|
that:
|
|
- "'DNS:*.example.com' in cert_2_text.stdout"
|
|
- "'DNS:example.com' in cert_2_text.stdout"
|
|
- name: Check that certificate 2 retrieval did not get all chains
|
|
assert:
|
|
that:
|
|
- "'all_chains' not in cert_2_obtain_results"
|
|
|
|
- name: Check that certificate 3 is valid
|
|
assert:
|
|
that:
|
|
- cert_3_valid is not failed
|
|
- name: Check that certificate 3 contains correct SANs
|
|
assert:
|
|
that:
|
|
- "'DNS:*.example.com' in cert_3_text.stdout"
|
|
- "'DNS:example.org' in cert_3_text.stdout"
|
|
- "'DNS:t1.example.com' in cert_3_text.stdout"
|
|
|
|
- name: Check that certificate 4 is valid
|
|
assert:
|
|
that:
|
|
- cert_4_valid is not failed
|
|
- name: Check that certificate 4 contains correct SANs
|
|
assert:
|
|
that:
|
|
- "'DNS:example.com' in cert_4_text.stdout"
|
|
- "'DNS:t1.example.com' in cert_4_text.stdout"
|
|
- "'DNS:test.t2.example.com' in cert_4_text.stdout"
|
|
- "'DNS:example.org' in cert_4_text.stdout"
|
|
- "'DNS:test.example.org' in cert_4_text.stdout"
|
|
|
|
- name: Check that certificate 5 is valid
|
|
assert:
|
|
that:
|
|
- cert_5_valid is not failed
|
|
- name: Check that certificate 5 contains correct SANs
|
|
assert:
|
|
that:
|
|
- "'DNS:t2.example.com' in cert_5_text.stdout"
|
|
- name: Check that certificate 5 was not recreated on the first try
|
|
assert:
|
|
that:
|
|
- cert_5_recreate_1 == False
|
|
- name: Check that certificate 5 was recreated on the second try
|
|
assert:
|
|
that:
|
|
- cert_5_recreate_2 == True
|
|
- name: Check that certificate 5 was recreated on the third try
|
|
assert:
|
|
that:
|
|
- cert_5_recreate_3 == True
|
|
|
|
- name: Check that certificate 6 is valid
|
|
assert:
|
|
that:
|
|
- cert_6_valid is not failed
|
|
- name: Check that certificate 6 contains correct SANs
|
|
assert:
|
|
that:
|
|
- "'DNS:example.org' in cert_6_text.stdout"
|