community.crypto/tests/integration/targets/openssl_pkcs12/tasks/main.yml

---
####################################################################
# WARNING: These are designed specifically for Ansible tests       #
# and should not be used as examples of how to write Ansible roles #
####################################################################

- block:
  - name: Generate private keys
    openssl_privatekey:
      path: '{{ output_dir }}/ansible_pkey{{ item }}.pem'
      size: '{{ default_rsa_key_size_certifiates }}'
    loop: "{{ range(1, 4) | list }}"

  - name: Generate privatekey with password
    openssl_privatekey:
      path: '{{ output_dir }}/privatekeypw.pem'
      passphrase: hunter2
      cipher: auto
      size: '{{ default_rsa_key_size }}'

  - name: Generate CSRs
    openssl_csr:
      path: '{{ output_dir }}/ansible{{ item }}.csr'
      privatekey_path: '{{ output_dir }}/ansible_pkey{{ item }}.pem'
      commonName: www{{ item }}.ansible.com
    loop: "{{ range(1, 4) | list }}"

  - name: Generate certificate
    x509_certificate:
      path: '{{ output_dir }}/ansible{{ item }}.crt'
      privatekey_path: '{{ output_dir }}/ansible_pkey{{ item }}.pem'
      csr_path: '{{ output_dir }}/ansible{{ item }}.csr'
      provider: selfsigned
    loop: "{{ range(1, 4) | list }}"

  - name: Generate concatenated PEM file
    copy:
      dest: '{{ output_dir }}/ansible23.crt'
      content: |
        {{ lookup("file", output_dir ~ "/ansible2.crt") }}
        {{ lookup("file", output_dir ~ "/ansible3.crt") }}

  - name: Generate PKCS#12 file with backend autodetection
    openssl_pkcs12:
      path: '{{ output_dir }}/ansible.p12'
      friendly_name: abracadabra
      privatekey_path: '{{ output_dir }}/ansible_pkey1.pem'
      certificate_path: '{{ output_dir }}/ansible1.crt'
      state: present

  - name: Delete result
    file:
      path: '{{ output_dir }}/ansible.p12'
      state: absent

  - block:
    - name: Running tests with pyOpenSSL backend
      include_tasks: impl.yml
      vars:
        select_crypto_backend: pyopenssl

    when: pyopenssl_version.stdout is version('0.15', '>=')

  - block:
    - name: Running tests with cryptography backend
      include_tasks: impl.yml
      vars:
        select_crypto_backend: cryptography

    when: cryptography_version.stdout is version('3.0', '>=')

  when: pyopenssl_version.stdout is version('0.15', '>=') or cryptography_version.stdout is version('3.0', '>=')
Initial commit 2020-03-09 13:11:34 +00:00			`---`
CI tests: add a note not to use tests as an example of writing roles (#111) 2020-09-25 06:25:48 +00:00			`####################################################################`
			`# WARNING: These are designed specifically for Ansible tests #`
			`# and should not be used as examples of how to write Ansible roles #`
			`####################################################################`

openssl_pkcs12: add cryptography backend (#234) * Began refactoring. * Continue. * Factor PyOpenSSL backend out. * Add basic cryptography backend. * Update plugins/modules/openssl_pkcs12.py Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Only run tests when new enough pyOpenSSL or cryptography is around. * Reduce required pyOpenSSL version from 17.1.0 to 0.15. I have no idea why 17.1.0 was there (in the tests), and not something smaller. The module itself did not mention any version. * Linting. * Linting. * Increase compatibility by selecting pyopenssl backend when iter_size or maciter_size is used. * Improve docs, add changelog fragment. * Move hackish code to cryptography_support. * Update plugins/modules/openssl_pkcs12.py Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Update plugins/modules/openssl_pkcs12.py Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Streamline cert creation. * Convert range to list. Co-authored-by: Ajpantuso <ajpantuso@gmail.com> 2021-05-20 17:36:07 +00:00			`- block:`
			`- name: Generate private keys`
			`openssl_privatekey:`
			`path: '{{ output_dir }}/ansible_pkey{{ item }}.pem'`
			`size: '{{ default_rsa_key_size_certifiates }}'`
			`loop: "{{ range(1, 4) \| list }}"`

			`- name: Generate privatekey with password`
			`openssl_privatekey:`
			`path: '{{ output_dir }}/privatekeypw.pem'`
			`passphrase: hunter2`
			`cipher: auto`
			`size: '{{ default_rsa_key_size }}'`

			`- name: Generate CSRs`
			`openssl_csr:`
			`path: '{{ output_dir }}/ansible{{ item }}.csr'`
			`privatekey_path: '{{ output_dir }}/ansible_pkey{{ item }}.pem'`
			`commonName: www{{ item }}.ansible.com`
			`loop: "{{ range(1, 4) \| list }}"`

			`- name: Generate certificate`
			`x509_certificate:`
			`path: '{{ output_dir }}/ansible{{ item }}.crt'`
			`privatekey_path: '{{ output_dir }}/ansible_pkey{{ item }}.pem'`
			`csr_path: '{{ output_dir }}/ansible{{ item }}.csr'`
			`provider: selfsigned`
			`loop: "{{ range(1, 4) \| list }}"`

			`- name: Generate concatenated PEM file`
			`copy:`
			`dest: '{{ output_dir }}/ansible23.crt'`
			`content: \|`
			`{{ lookup("file", output_dir ~ "/ansible2.crt") }}`
			`{{ lookup("file", output_dir ~ "/ansible3.crt") }}`

			`- name: Generate PKCS#12 file with backend autodetection`
			`openssl_pkcs12:`
			`path: '{{ output_dir }}/ansible.p12'`
			`friendly_name: abracadabra`
			`privatekey_path: '{{ output_dir }}/ansible_pkey1.pem'`
			`certificate_path: '{{ output_dir }}/ansible1.crt'`
			`state: present`

			`- name: Delete result`
			`file:`
			`path: '{{ output_dir }}/ansible.p12'`
			`state: absent`

			`- block:`
			`- name: Running tests with pyOpenSSL backend`
			`include_tasks: impl.yml`
			`vars:`
			`select_crypto_backend: pyopenssl`

			`when: pyopenssl_version.stdout is version('0.15', '>=')`

			`- block:`
			`- name: Running tests with cryptography backend`
			`include_tasks: impl.yml`
			`vars:`
			`select_crypto_backend: cryptography`

			`when: cryptography_version.stdout is version('3.0', '>=')`

			`when: pyopenssl_version.stdout is version('0.15', '>=') or cryptography_version.stdout is version('3.0', '>=')`