@@ -194,3 +194,39 @@ def test_temporary_admin_password_file_not_present(host):
with host.sudo():
assert not host.file('/root/.ldap_admin_password').exists
def test_ldap_tls_private_key_file(host):
"""
Tests if the TLS private key has been deployed correctly.
inventory_hostname = host.ansible.get_variables()['inventory_hostname']
key = host.file('/etc/ssl/private/%s_ldap.key' % inventory_hostname)
assert key.is_file
assert key.user == 'root'
assert key.group == 'openldap'
assert key.mode == 0o640
assert key.content_string == open('tests/data/x509/%s_ldap.key.pem' % inventory_hostname).read()
def test_ldap_tls_certificate_file(host):
Tests if the TLS certificate has been deployed correctly.
cert = host.file('/etc/ssl/certs/%s_ldap.pem' % inventory_hostname)
assert cert.is_file
assert cert.user == 'root'
assert cert.group == 'root'
assert cert.mode == 0o644
assert cert.content_string == open('tests/data/x509/%s_ldap.cert.pem' % inventory_hostname).read()