Files
@ f176b9957d1b
Branch filter:
Location: majic-ansible-roles/roles/ldap_server/molecule/default/prepare.yml - annotation
f176b9957d1b
3.6 KiB
text/x-yaml
MAR-218: Drop the workaround for running connectivity tests:
- Relevant PR has been long merged into testinfra, and no longer poses
an issue.
- Relevant PR has been long merged into testinfra, and no longer poses
an issue.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 | ec4e3e91c4d3 ec4e3e91c4d3 694893c0259a bba096126140 bba096126140 bba096126140 bba096126140 bba096126140 bba096126140 c10934519e18 bba096126140 1b36419c4641 bba096126140 bba096126140 bba096126140 c10934519e18 bba096126140 bba096126140 1b36419c4641 bba096126140 bba096126140 bba096126140 bba096126140 bba096126140 bba096126140 c3861b9a54bb c3861b9a54bb c3861b9a54bb c3861b9a54bb bba096126140 bba096126140 c10934519e18 bba096126140 bba096126140 bba096126140 bba096126140 ec4e3e91c4d3 ec4e3e91c4d3 694893c0259a c082a26b62ff ec4e3e91c4d3 694893c0259a ec4e3e91c4d3 c10934519e18 c082a26b62ff ec4e3e91c4d3 ec4e3e91c4d3 c10934519e18 c082a26b62ff c082a26b62ff ec4e3e91c4d3 ec4e3e91c4d3 c10934519e18 bba096126140 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 7cabc17c71c3 ec4e3e91c4d3 694893c0259a c10934519e18 694893c0259a 694893c0259a 694893c0259a 694893c0259a 694893c0259a 694893c0259a 694893c0259a 694893c0259a c082a26b62ff ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 c10934519e18 ec4e3e91c4d3 c082a26b62ff ec4e3e91c4d3 65ad7f138939 c10934519e18 65ad7f138939 65ad7f138939 65ad7f138939 65ad7f138939 65ad7f138939 7cabc17c71c3 65ad7f138939 65ad7f138939 c3861b9a54bb c3861b9a54bb 65ad7f138939 694893c0259a 694893c0259a c082a26b62ff ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 c10934519e18 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 7cabc17c71c3 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 694893c0259a 694893c0259a c082a26b62ff ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 c10934519e18 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 ec4e3e91c4d3 7cabc17c71c3 ec4e3e91c4d3 ec4e3e91c4d3 5a36f75bc297 c082a26b62ff 694893c0259a 694893c0259a c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff | ---
- name: Prepare, test fixtures
hosts: localhost
connection: local
gather_facts: false
tasks:
- name: Initialise CA hierarchy
ansible.builtin.command: "gimmecert init"
args:
creates: ".gimmecert/ca/level1.cert.pem"
chdir: "tests/data/"
- name: Generate server private keys and certificates
ansible.builtin.command:
args:
chdir: "tests/data/"
creates: ".gimmecert/server/{{ item.name }}.cert.pem"
argv:
- "gimmecert"
- "server"
- "{{ item.name }}"
- "{{ item.fqdn }}"
with_items:
- name: parameters-mandatory-bookworm_ldap
fqdn: parameters-mandatory
- name: parameters-optional-bookworm_ldap
fqdn: parameters-optional
- name: Set-up link to generated X.509 material
ansible.builtin.file:
src: ".gimmecert"
dest: "tests/data/x509"
state: link
- name: Prepare
hosts: all
become: true
gather_facts: false
tasks:
- name: Install python for Ansible
ansible.builtin.raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-minimal)
changed_when: false
- name: Update all caches to avoid errors due to missing remote archives
ansible.builtin.apt:
update_cache: true
changed_when: false
- name: Deploy CA certificate
ansible.builtin.copy:
src: tests/data/x509/ca/level1.cert.pem
dest: /etc/ssl/certs/testca.cert.pem
owner: root
group: root
mode: "0644"
- name: Install tools for testing
ansible.builtin.apt:
name:
- net-tools
- nmap
- gnutls-bin
state: present
- name: Prepare, helpers
hosts: client
become: true
tasks:
- name: Install tool for teting TCP connectivity
ansible.builtin.apt:
name: hping3
state: present
- name: Set-up /etc/hosts with entries for all servers
ansible.builtin.lineinfile:
path: /etc/hosts
regexp: "^{{ item.key }}"
line: "{{ item.key }} {{ item.value }}"
owner: root
group: root
mode: "0644"
state: present
with_dict:
192.168.56.21: parameters-mandatory-bookworm
192.168.56.22: parameters-optional-bookworm
- name: Prepare, test fixtures
hosts: parameters-optional
become: true
tasks:
- name: Set-up the hosts file
ansible.builtin.lineinfile:
path: /etc/hosts
regexp: "^{{ item.key }}"
line: "{{ item.key }} {{ item.value }}"
owner: root
group: root
mode: "0644"
state: present
with_dict:
127.0.2.1: parameters-optional
- name: Prepare, test fixtures
hosts: parameters-mandatory
become: true
tasks:
- name: Set-up the hosts file
ansible.builtin.lineinfile:
path: /etc/hosts
regexp: "^{{ item.key }}"
line: "{{ item.key }} {{ item.value }}"
owner: root
group: root
mode: "0644"
state: present
with_dict:
127.0.2.1: parameters-mandatory
- name: Prepare, helpers
hosts: backup-server
become: true
roles:
- role: backup_server
backup_host_ssh_private_keys:
rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_clients:
- server: localhost
ip: 127.0.0.1
public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
|