diff --git a/tests/integration/targets/lookup_gpg_fingerprint/meta/main.yml b/tests/integration/targets/lookup_gpg_fingerprint/meta/main.yml index acbc39ea4..398d0cf6c 100644 --- a/tests/integration/targets/lookup_gpg_fingerprint/meta/main.yml +++ b/tests/integration/targets/lookup_gpg_fingerprint/meta/main.yml @@ -4,5 +4,6 @@ # SPDX-License-Identifier: GPL-3.0-or-later dependencies: + - prepare_jinja2_compat - setup_remote_tmp_dir - setup_gnupg diff --git a/tests/integration/targets/lookup_gpg_fingerprint/tasks/main.yml b/tests/integration/targets/lookup_gpg_fingerprint/tasks/main.yml index e36a2fe1a..7af2462e2 100644 --- a/tests/integration/targets/lookup_gpg_fingerprint/tasks/main.yml +++ b/tests/integration/targets/lookup_gpg_fingerprint/tasks/main.yml @@ -3,55 +3,58 @@ # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) # SPDX-License-Identifier: GPL-3.0-or-later -- name: Create GPG key - ansible.builtin.command: - cmd: gpg --homedir "{{ remote_tmp_dir }}" --batch --generate-key - stdin: | - %echo Generating a basic OpenPGP key - %no-ask-passphrase - %no-protection - Key-Type: RSA - Key-Length: 4096 - Name-Real: Foo Bar - Name-Email: foo@bar.com - Expire-Date: 0 - %commit - %echo done - register: result - -- name: Extract fingerprint - ansible.builtin.shell: gpg --homedir "{{ remote_tmp_dir }}" --with-colons --fingerprint foo@bar.com | grep '^fpr:' - register: fingerprints - -- name: Show fingerprints - ansible.builtin.debug: - msg: "{{ fingerprints.stdout_lines | map('split', ':') }}" - -- name: Export public key - ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export --armor foo@bar.com - register: public_key - -- name: Export private key - ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export-secret-key --armor foo@bar.com - register: private_key - -- name: Write public key to disk - ansible.builtin.copy: - dest: "{{ remote_tmp_dir }}/public-key" - content: "{{ public_key.stdout }}" - -- name: Write private key to disk - ansible.builtin.copy: - dest: "{{ remote_tmp_dir }}/private-key" - content: "{{ private_key.stdout }}" - -- name: Gather fingerprints - ansible.builtin.set_fact: - public_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/public-key') }}" - private_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/private-key') }}" - -- name: Check whether fingerprints match - ansible.builtin.assert: - that: - - public_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9] - - private_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9] +- name: Run tests if GPG is available + when: has_gnupg + block: + - name: Create GPG key + ansible.builtin.command: + cmd: gpg --homedir "{{ remote_tmp_dir }}" --batch --generate-key + stdin: | + %echo Generating a basic OpenPGP key + %no-ask-passphrase + %no-protection + Key-Type: RSA + Key-Length: 4096 + Name-Real: Foo Bar + Name-Email: foo@bar.com + Expire-Date: 0 + %commit + %echo done + register: result + + - name: Extract fingerprint + ansible.builtin.shell: gpg --homedir "{{ remote_tmp_dir }}" --with-colons --fingerprint foo@bar.com | grep '^fpr:' + register: fingerprints + + - name: Show fingerprints + ansible.builtin.debug: + msg: "{{ fingerprints.stdout_lines | map('split', ':') | list }}" + + - name: Export public key + ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export --armor foo@bar.com + register: public_key + + - name: Export private key + ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export-secret-key --armor foo@bar.com + register: private_key + + - name: Write public key to disk + ansible.builtin.copy: + dest: "{{ remote_tmp_dir }}/public-key" + content: "{{ public_key.stdout }}" + + - name: Write private key to disk + ansible.builtin.copy: + dest: "{{ remote_tmp_dir }}/private-key" + content: "{{ private_key.stdout }}" + + - name: Gather fingerprints + ansible.builtin.set_fact: + public_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/public-key') }}" + private_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/private-key') }}" + + - name: Check whether fingerprints match + ansible.builtin.assert: + that: + - public_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9] + - private_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9] diff --git a/tests/integration/targets/prepare_jinja2_compat/filter_plugins/ansible_compatibility.py b/tests/integration/targets/prepare_jinja2_compat/filter_plugins/ansible_compatibility.py new file mode 100644 index 000000000..c14af4ccb --- /dev/null +++ b/tests/integration/targets/prepare_jinja2_compat/filter_plugins/ansible_compatibility.py @@ -0,0 +1,20 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +# Added in ansible-core 2.11 +def compatibility_split_filter(text, by_what): + return text.split(by_what) + + +class FilterModule: + ''' Jinja2 compat filters ''' + + def filters(self): + return { + 'split': compatibility_split_filter, + } diff --git a/tests/integration/targets/setup_gnupg/tasks/main.yml b/tests/integration/targets/setup_gnupg/tasks/main.yml index 8217072ba..9e02356fc 100644 --- a/tests/integration/targets/setup_gnupg/tasks/main.yml +++ b/tests/integration/targets/setup_gnupg/tasks/main.yml @@ -3,11 +3,22 @@ # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) # SPDX-License-Identifier: GPL-3.0-or-later +- name: Print distribution specific data + ansible.builtin.debug: + msg: | + Distribution: {{ ansible_facts.distribution }} + Distribution version: {{ ansible_facts.distribution_version }} + Distribution major version: {{ ansible_facts.distribution_major_version }} + OS family: {{ ansible_facts.os_family }} + - name: Include distribution specific variables ansible.builtin.include_vars: '{{ lookup("ansible.builtin.first_found", params) }}' vars: params: files: + - '{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml' + - '{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_major_version }}.yml' + - '{{ ansible_facts.distribution }}.yml' - '{{ ansible_facts.os_family }}.yml' - default.yml paths: @@ -16,3 +27,4 @@ - name: Install GnuPG ansible.builtin.package: name: '{{ gnupg_package_name }}' + when: has_gnupg diff --git a/tests/integration/targets/setup_gnupg/vars/Alpine.yml b/tests/integration/targets/setup_gnupg/vars/Alpine.yml index 86622e36b..99bd64412 100644 --- a/tests/integration/targets/setup_gnupg/vars/Alpine.yml +++ b/tests/integration/targets/setup_gnupg/vars/Alpine.yml @@ -3,4 +3,6 @@ # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) # SPDX-License-Identifier: GPL-3.0-or-later +# Alpine 3.12 should have GnuPG, but for some reason installing it fails... +has_gnupg: "{{ ansible_facts.distribution_version is version('3.13', '>=') }}" gnupg_package_name: gpg diff --git a/tests/integration/targets/setup_gnupg/vars/CentOS-6.yml b/tests/integration/targets/setup_gnupg/vars/CentOS-6.yml new file mode 100644 index 000000000..fd09e9142 --- /dev/null +++ b/tests/integration/targets/setup_gnupg/vars/CentOS-6.yml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +has_gnupg: false +# The GnuPG version included with CentOS 6 is too old, it doesn't understand --generate-key diff --git a/tests/integration/targets/setup_gnupg/vars/Darwin.yml b/tests/integration/targets/setup_gnupg/vars/Darwin.yml new file mode 100644 index 000000000..a7d999db8 --- /dev/null +++ b/tests/integration/targets/setup_gnupg/vars/Darwin.yml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +# TODO Homebrew currently isn't happy when running as root, so assume we don't have GnuPG +has_gnupg: false diff --git a/tests/integration/targets/setup_gnupg/vars/RedHat.yml b/tests/integration/targets/setup_gnupg/vars/RedHat.yml index 7e37bccdc..3e82c4f98 100644 --- a/tests/integration/targets/setup_gnupg/vars/RedHat.yml +++ b/tests/integration/targets/setup_gnupg/vars/RedHat.yml @@ -3,4 +3,5 @@ # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) # SPDX-License-Identifier: GPL-3.0-or-later +has_gnupg: true gnupg_package_name: gnupg2 diff --git a/tests/integration/targets/setup_gnupg/vars/default.yml b/tests/integration/targets/setup_gnupg/vars/default.yml index 61754364d..6059ed80e 100644 --- a/tests/integration/targets/setup_gnupg/vars/default.yml +++ b/tests/integration/targets/setup_gnupg/vars/default.yml @@ -3,4 +3,5 @@ # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) # SPDX-License-Identifier: GPL-3.0-or-later +has_gnupg: true gnupg_package_name: gnupg