Add filter module base, prepare adding filters (#553)
* Improve string handling. * Cleanup tests. * Add filter module mock.pull/554/head
Felix Fontein
GitHub
parent
5d24d04adf
commit
80f7b084c0
|
|
@ -14,7 +14,7 @@ import re
|
||||||
import sys
|
import sys
|
||||||
import traceback
|
import traceback
|
||||||
|
|
||||||
from ansible.module_utils.common.text.converters import to_text, to_bytes
|
from ansible.module_utils.common.text.converters import to_text, to_bytes, to_native
|
||||||
from ansible.module_utils.six.moves.urllib.parse import urlparse, urlunparse, ParseResult
|
from ansible.module_utils.six.moves.urllib.parse import urlparse, urlunparse, ParseResult
|
||||||
|
|
||||||
from ._asn1 import serialize_asn1_string_as_der
|
from ._asn1 import serialize_asn1_string_as_der
|
||||||
|
|
@ -138,7 +138,7 @@ def cryptography_get_extensions_from_cert(cert):
|
||||||
der = backend._ffi.buffer(data.data, data.length)[:]
|
der = backend._ffi.buffer(data.data, data.length)[:]
|
||||||
entry = dict(
|
entry = dict(
|
||||||
critical=(crit == 1),
|
critical=(crit == 1),
|
||||||
value=base64.b64encode(der),
|
value=to_native(base64.b64encode(der)),
|
||||||
)
|
)
|
||||||
try:
|
try:
|
||||||
oid = obj2txt(backend._lib, backend._ffi, backend._lib.X509_EXTENSION_get_object(ext))
|
oid = obj2txt(backend._lib, backend._ffi, backend._lib.X509_EXTENSION_get_object(ext))
|
||||||
|
|
@ -155,7 +155,7 @@ def cryptography_get_extensions_from_cert(cert):
|
||||||
for ext in cert.extensions:
|
for ext in cert.extensions:
|
||||||
result[ext.oid.dotted_string] = dict(
|
result[ext.oid.dotted_string] = dict(
|
||||||
critical=ext.critical,
|
critical=ext.critical,
|
||||||
value=base64.b64encode(ext.value.public_bytes()),
|
value=to_native(base64.b64encode(ext.value.public_bytes())),
|
||||||
)
|
)
|
||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
@ -198,7 +198,7 @@ def cryptography_get_extensions_from_csr(csr):
|
||||||
der = backend._ffi.buffer(data.data, data.length)[:]
|
der = backend._ffi.buffer(data.data, data.length)[:]
|
||||||
entry = dict(
|
entry = dict(
|
||||||
critical=(crit == 1),
|
critical=(crit == 1),
|
||||||
value=base64.b64encode(der),
|
value=to_native(base64.b64encode(der)),
|
||||||
)
|
)
|
||||||
try:
|
try:
|
||||||
oid = obj2txt(backend._lib, backend._ffi, backend._lib.X509_EXTENSION_get_object(ext))
|
oid = obj2txt(backend._lib, backend._ffi, backend._lib.X509_EXTENSION_get_object(ext))
|
||||||
|
|
@ -215,7 +215,7 @@ def cryptography_get_extensions_from_csr(csr):
|
||||||
for ext in csr.extensions:
|
for ext in csr.extensions:
|
||||||
result[ext.oid.dotted_string] = dict(
|
result[ext.oid.dotted_string] = dict(
|
||||||
critical=ext.critical,
|
critical=ext.critical,
|
||||||
value=base64.b64encode(ext.value.public_bytes()),
|
value=to_native(base64.b64encode(ext.value.public_bytes())),
|
||||||
)
|
)
|
||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
|
||||||
|
|
@ -171,7 +171,7 @@ class CertificateInfoRetrieval(object):
|
||||||
result['not_after'] = not_after.strftime(TIMESTAMP_FORMAT)
|
result['not_after'] = not_after.strftime(TIMESTAMP_FORMAT)
|
||||||
result['expired'] = not_after < datetime.datetime.utcnow()
|
result['expired'] = not_after < datetime.datetime.utcnow()
|
||||||
|
|
||||||
result['public_key'] = self._get_public_key_pem()
|
result['public_key'] = to_native(self._get_public_key_pem())
|
||||||
|
|
||||||
public_key_info = get_publickey_info(
|
public_key_info = get_publickey_info(
|
||||||
self.module,
|
self.module,
|
||||||
|
|
|
||||||
|
|
@ -133,7 +133,7 @@ class CSRInfoRetrieval(object):
|
||||||
result['name_constraints_critical'],
|
result['name_constraints_critical'],
|
||||||
) = self._get_name_constraints()
|
) = self._get_name_constraints()
|
||||||
|
|
||||||
result['public_key'] = self._get_public_key_pem()
|
result['public_key'] = to_native(self._get_public_key_pem())
|
||||||
|
|
||||||
public_key_info = get_publickey_info(
|
public_key_info = get_publickey_info(
|
||||||
self.module,
|
self.module,
|
||||||
|
|
|
||||||
|
|
@ -214,7 +214,7 @@ class PrivateKeyInfoRetrieval(object):
|
||||||
except OpenSSLObjectError as exc:
|
except OpenSSLObjectError as exc:
|
||||||
raise PrivateKeyParseError(to_native(exc), result)
|
raise PrivateKeyParseError(to_native(exc), result)
|
||||||
|
|
||||||
result['public_key'] = self._get_public_key(binary=False)
|
result['public_key'] = to_native(self._get_public_key(binary=False))
|
||||||
pk = self._get_public_key(binary=True)
|
pk = self._get_public_key(binary=True)
|
||||||
result['public_key_fingerprints'] = get_fingerprint_of_bytes(
|
result['public_key_fingerprints'] = get_fingerprint_of_bytes(
|
||||||
pk, prefer_one=prefer_one_fingerprint) if pk is not None else dict()
|
pk, prefer_one=prefer_one_fingerprint) if pk is not None else dict()
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,22 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Copyright (c) 2022 Felix Fontein <felix@fontein.de>
|
||||||
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||||
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||||
|
|
||||||
|
# NOTE: THIS IS ONLY FOR FILTER PLUGINS!
|
||||||
|
|
||||||
|
from __future__ import absolute_import, division, print_function
|
||||||
|
__metaclass__ = type
|
||||||
|
|
||||||
|
|
||||||
|
from ansible.errors import AnsibleFilterError
|
||||||
|
|
||||||
|
|
||||||
|
class FilterModuleMock(object):
|
||||||
|
def __init__(self, params):
|
||||||
|
self.check_mode = True
|
||||||
|
self.params = params
|
||||||
|
self._diff = False
|
||||||
|
|
||||||
|
def fail_json(self, msg, **kwargs):
|
||||||
|
raise AnsibleFilterError(msg)
|
||||||
|
|
@ -42,10 +42,6 @@
|
||||||
- 3
|
- 3
|
||||||
- 4
|
- 4
|
||||||
|
|
||||||
- name: Prepare result list
|
|
||||||
set_fact:
|
|
||||||
info_results: {}
|
|
||||||
|
|
||||||
- name: Running tests with cryptography backend
|
- name: Running tests with cryptography backend
|
||||||
include_tasks: impl.yml
|
include_tasks: impl.yml
|
||||||
vars:
|
vars:
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@
|
||||||
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
|
path: '{{ remote_tmp_dir }}/ca-crl1.crl'
|
||||||
register: crl_1_info_1
|
register: crl_1_info_1
|
||||||
|
|
||||||
- name: ({{select_crypto_backend}}) Read ca-crl1.crl
|
- name: Read ca-crl1.crl
|
||||||
slurp:
|
slurp:
|
||||||
src: '{{ remote_tmp_dir }}/ca-crl1.crl'
|
src: '{{ remote_tmp_dir }}/ca-crl1.crl'
|
||||||
register: slurp
|
register: slurp
|
||||||
|
|
@ -110,7 +110,7 @@
|
||||||
revocation_date: 20191001000000Z
|
revocation_date: 20191001000000Z
|
||||||
register: crl_1_idem
|
register: crl_1_idem
|
||||||
|
|
||||||
- name: ({{select_crypto_backend}}) Read file
|
- name: Read file
|
||||||
slurp:
|
slurp:
|
||||||
src: '{{ remote_tmp_dir }}/{{ item }}'
|
src: '{{ remote_tmp_dir }}/{{ item }}'
|
||||||
loop:
|
loop:
|
||||||
|
|
@ -692,4 +692,4 @@
|
||||||
- Ed448
|
- Ed448
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
|
|
||||||
when: select_crypto_backend == 'cryptography' and cryptography_version.stdout is version('2.6', '>=')
|
when: cryptography_version.stdout is version('2.6', '>=')
|
||||||
|
|
|
||||||
|
|
@ -85,13 +85,9 @@
|
||||||
register: certificate_infos
|
register: certificate_infos
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
- name: Running tests with cryptography backend
|
- name: Running tests
|
||||||
include_tasks: impl.yml
|
include_tasks: impl.yml
|
||||||
vars:
|
|
||||||
select_crypto_backend: cryptography
|
|
||||||
|
|
||||||
- import_tasks: ../tests/validate.yml
|
- import_tasks: ../tests/validate.yml
|
||||||
vars:
|
|
||||||
select_crypto_backend: cryptography
|
|
||||||
|
|
||||||
when: cryptography_version.stdout is version('1.2', '>=')
|
when: cryptography_version.stdout is version('1.2', '>=')
|
||||||
|
|
|
||||||
|
|
@ -189,7 +189,7 @@
|
||||||
- ed25519_ed448_crl.results[1] is failed
|
- ed25519_ed448_crl.results[1] is failed
|
||||||
- ed25519_ed448_crl_idempotence.results[0] is failed
|
- ed25519_ed448_crl_idempotence.results[0] is failed
|
||||||
- ed25519_ed448_crl_idempotence.results[1] is failed
|
- ed25519_ed448_crl_idempotence.results[1] is failed
|
||||||
when: select_crypto_backend == 'cryptography' and cryptography_version.stdout is version('2.6', '>=') and cryptography_version.stdout is version('2.8', '<') and ed25519_ed448_privatekey is not failed
|
when: cryptography_version.stdout is version('2.6', '>=') and cryptography_version.stdout is version('2.8', '<') and ed25519_ed448_privatekey is not failed
|
||||||
|
|
||||||
- name: Verify Ed25519 and Ed448 tests (for cryptography >= 2.8)
|
- name: Verify Ed25519 and Ed448 tests (for cryptography >= 2.8)
|
||||||
assert:
|
assert:
|
||||||
|
|
@ -200,4 +200,4 @@
|
||||||
- ed25519_ed448_crl_idempotence is succeeded
|
- ed25519_ed448_crl_idempotence is succeeded
|
||||||
- ed25519_ed448_crl_idempotence.results[0] is not changed
|
- ed25519_ed448_crl_idempotence.results[0] is not changed
|
||||||
- ed25519_ed448_crl_idempotence.results[1] is not changed
|
- ed25519_ed448_crl_idempotence.results[1] is not changed
|
||||||
when: select_crypto_backend == 'cryptography' and cryptography_version.stdout is version('2.8', '>=') and ed25519_ed448_privatekey is not failed
|
when: cryptography_version.stdout is version('2.8', '>=') and ed25519_ed448_privatekey is not failed
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue