a-c-m
/
community.crypto
mirror of https://github.com/ansible-collections/community.crypto.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add RHEL 9.0, FreeBSD 13.1, Ubuntu 22.04 and Fedora 36 to CI (#456) 

* Add RHEL 9.0 and FreeBSD 13.1 to CI.

* Add Ubuntu 22.04 and Fedora 36 to CI.

* Switch orders so that root doesn't have a SHA1 signature.

* Skip openssh_cert test on RHEL 9.0.

* Make it possible that pyOpenSSL isn't installed *at all*.

* Work with default.
pull/464/head
Felix Fontein 2022-05-20 23:03:54 +02:00 committed by GitHub
parent fd0048827d
commit c566a7abf3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 59 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
.azure-pipelines/azure-pipelines.yml
View File

@ -126,16 +126,16 @@ stages:
targets: targets:
- name: CentOS 7 - name: CentOS 7
test: centos7 test: centos7
- name: Fedora 34
test: fedora34
- name: Fedora 35 - name: Fedora 35
test: fedora35 test: fedora35
- name: Fedora 36
test: fedora36
- name: openSUSE 15 - name: openSUSE 15
test: opensuse15 test: opensuse15
- name: Ubuntu 18.04 - name: Ubuntu 18.04
test: ubuntu1804 test: ubuntu1804
- name: Ubuntu 20.04 - name: Ubuntu 22.04
test: ubuntu2004 test: ubuntu2204
- name: Alpine 3 - name: Alpine 3
test: alpine3 test: alpine3
- stage: Docker_2_13 - stage: Docker_2_13
@ -148,8 +148,10 @@ stages:
targets: targets:
- name: openSUSE 15 py2 - name: openSUSE 15 py2
test: opensuse15py2 test: opensuse15py2
- name: Ubuntu 18.04 - name: Fedora 34
test: ubuntu1804 test: fedora34
- name: Ubuntu 20.04
test: ubuntu2004
- name: Alpine 3 - name: Alpine 3
test: alpine3 test: alpine3
- stage: Docker_2_12 - stage: Docker_2_12
@ -188,8 +190,6 @@ stages:
targets: targets:
- name: CentOS 6 - name: CentOS 6
test: centos6 test: centos6
- name: Fedora 31
test: fedora31
- stage: Docker_2_9 - stage: Docker_2_9
displayName: Docker 2.9 displayName: Docker 2.9
dependsOn: [] dependsOn: []
@ -232,12 +232,12 @@ stages:
test: macos/12.0 test: macos/12.0
- name: RHEL 7.9 - name: RHEL 7.9
test: rhel/7.9 test: rhel/7.9
- name: RHEL 8.5 - name: RHEL 9.0
test: rhel/8.5 test: rhel/9.0
- name: FreeBSD 12.3 - name: FreeBSD 12.3
test: freebsd/12.3 test: freebsd/12.3
- name: FreeBSD 13.0 - name: FreeBSD 13.1
test: freebsd/13.0 test: freebsd/13.1
- stage: Remote_2_13 - stage: Remote_2_13
displayName: Remote 2.13 displayName: Remote 2.13
dependsOn: [] dependsOn: []
@ -250,6 +250,8 @@ stages:
test: macos/12.0 test: macos/12.0
- name: RHEL 8.5 - name: RHEL 8.5
test: rhel/8.5 test: rhel/8.5
- name: FreeBSD 13.0
test: freebsd/13.0
- stage: Remote_2_12 - stage: Remote_2_12
displayName: Remote 2.12 displayName: Remote 2.12
dependsOn: [] dependsOn: []
@ -270,8 +272,6 @@ stages:
parameters: parameters:
testFormat: 2.11/{0}/1 testFormat: 2.11/{0}/1
targets: targets:
- name: RHEL 7.9
test: rhel/7.9
- name: RHEL 8.3 - name: RHEL 8.3
test: rhel/8.3 test: rhel/8.3
- name: FreeBSD 12.2 - name: FreeBSD 12.2

4
tests/integration/targets/certificate_complete_chain/tasks/existing.yml
View File

@ -130,11 +130,11 @@
- name: Check failure when infinite loop is found - name: Check failure when infinite loop is found
certificate_complete_chain: certificate_complete_chain:
input_chain: '{{ lookup("file", "cert2-fullchain.pem", rstrip=True) }}' input_chain: '{{ lookup("file", "cert1-fullchain.pem", rstrip=True) }}'
intermediate_certificates: intermediate_certificates:
- '{{ remote_tmp_dir }}/files/roots.pem' - '{{ remote_tmp_dir }}/files/roots.pem'
root_certificates: root_certificates:
- '{{ remote_tmp_dir }}/files/cert1-chain.pem' - '{{ remote_tmp_dir }}/files/cert2-chain.pem'
register: cert2_infinite_loop register: cert2_infinite_loop
ignore_errors: true ignore_errors: true
- name: Verify failure - name: Verify failure

1
tests/integration/targets/openssh_cert/aliases
View File

@ -1,2 +1,3 @@
shippable/posix/group1 shippable/posix/group1
destructive destructive
skip/rhel9.0 # TODO figure out why and fix

4
tests/integration/targets/openssl_pkcs12/tasks/main.yml
View File

@ -65,7 +65,7 @@
vars: vars:
select_crypto_backend: pyopenssl select_crypto_backend: pyopenssl
when: pyopenssl_version.stdout is version('0.15', '>=') when: (pyopenssl_version.stdout | default('0.0')) is version('0.15', '>=')
- block: - block:
- name: Running tests with cryptography backend - name: Running tests with cryptography backend
@ -75,4 +75,4 @@
when: cryptography_version.stdout is version('3.0', '>=') when: cryptography_version.stdout is version('3.0', '>=')
when: pyopenssl_version.stdout is version('0.15', '>=') or cryptography_version.stdout is version('3.0', '>=') when: (pyopenssl_version.stdout | default('0.0')) is version('0.15', '>=') or cryptography_version.stdout is version('3.0', '>=')

1
tests/integration/targets/setup_pyopenssl/defaults/main.yml Normal file
View File

@ -0,0 +1 @@
has_pyopenssl: true

51
tests/integration/targets/setup_pyopenssl/tasks/main.yml
View File

@ -9,19 +9,31 @@
block: block:
- name: Include OS-specific variables - name: Include OS-specific variables
include_vars: '{{ ansible_os_family }}.yml' include_vars: '{{ lookup("first_found", search) }}'
vars:
search:
files:
- '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
- '{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml'
- '{{ ansible_distribution }}.yml'
- '{{ ansible_os_family }}.yml'
paths:
- vars
- name: Install pyOpenSSL (Python 3 from system packages) - when: has_pyopenssl
become: true block:
package:
name: '{{ pyopenssl_package_name_python3 }}'
when: ansible_python_version is version('3.0', '>=')
- name: Install pyOpenSSL (Python 2 from system packages) - name: Install pyOpenSSL (Python 3 from system packages)
become: true become: true
package: package:
name: '{{ pyopenssl_package_name }}' name: '{{ pyopenssl_package_name_python3 }}'
when: ansible_python_version is version('3.0', '<') when: ansible_python_version is version('3.0', '>=')
- name: Install pyOpenSSL (Python 2 from system packages)
become: true
package:
name: '{{ pyopenssl_package_name }}'
when: ansible_python_version is version('3.0', '<')
- name: Install from PyPi - name: Install from PyPi
when: ansible_os_family == "Darwin" or not target_system_python when: ansible_os_family == "Darwin" or not target_system_python
@ -34,14 +46,17 @@
state: "{{ 'latest' if not target_system_python_cannot_upgrade_cryptography else omit }}" state: "{{ 'latest' if not target_system_python_cannot_upgrade_cryptography else omit }}"
extra_args: "-c {{ remote_constraints }}" extra_args: "-c {{ remote_constraints }}"
- name: Register pyOpenSSL version - when: has_pyopenssl
command: "{{ ansible_python.executable }} -c 'import OpenSSL; print(OpenSSL.__version__)'" block:
register: pyopenssl_version
- name: Register pyOpenSSL debug details - name: Register pyOpenSSL version
command: "{{ ansible_python.executable }} -m OpenSSL.debug" command: "{{ ansible_python.executable }} -c 'import OpenSSL; print(OpenSSL.__version__)'"
register: pyopenssl_debug_version register: pyopenssl_version
ignore_errors: yes
- name: Register pyOpenSSL debug details
command: "{{ ansible_python.executable }} -m OpenSSL.debug"
register: pyopenssl_debug_version
ignore_errors: yes
# Depending on which pyOpenSSL version has been installed, it could be that cryptography has # Depending on which pyOpenSSL version has been installed, it could be that cryptography has
# been upgraded to a newer version. Make sure to register cryptography_version another time here # been upgraded to a newer version. Make sure to register cryptography_version another time here

2
tests/integration/targets/setup_pyopenssl/vars/RedHat-9.yml Normal file
View File

@ -0,0 +1,2 @@
---
has_pyopenssl: false

4
tests/integration/targets/setup_python_info/vars/main.yml
View File

@ -43,11 +43,15 @@ system_python_version_data:
- '3.8' - '3.8'
'13.0': '13.0':
- '3.7' - '3.7'
'13.1':
- '3.8'
RedHat: RedHat:
'7': '7':
- '2.7' - '2.7'
'8': '8':
- '3.6' - '3.6'
'9.0':
- '3.9'
Suse: Suse:
'15': '15':
- '2.7' - '2.7'