54 lines
1.9 KiB
YAML
54 lines
1.9 KiB
YAML
---
|
|
# Copyright (c) Ansible Project
|
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
####################################################################
|
|
# WARNING: These are designed specifically for Ansible tests #
|
|
# and should not be used as examples of how to write Ansible roles #
|
|
####################################################################
|
|
|
|
- name: Find out which elliptic curves are supported by installed OpenSSL
|
|
command: "{{ openssl_binary }} ecparam -list_curves"
|
|
register: openssl_ecc
|
|
|
|
- name: Compile list of elliptic curves supported by OpenSSL
|
|
set_fact:
|
|
openssl_ecc_list: |
|
|
{{
|
|
openssl_ecc.stdout_lines
|
|
| map('regex_search', '^ *([a-zA-Z0-9_-]+) *: .*$')
|
|
| select()
|
|
| map('regex_replace', '^ *([a-zA-Z0-9_-]+) *: .*$', '\1')
|
|
| list
|
|
}}
|
|
when: ansible_distribution != 'CentOS' or ansible_distribution_major_version != '6'
|
|
# CentOS comes with a very old jinja2 which does not include the map() filter...
|
|
- name: Compile list of elliptic curves supported by OpenSSL (CentOS 6)
|
|
set_fact:
|
|
openssl_ecc_list:
|
|
- secp384r1
|
|
- secp521r1
|
|
- prime256v1
|
|
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6'
|
|
|
|
- name: List of elliptic curves supported by OpenSSL
|
|
debug: var=openssl_ecc_list
|
|
|
|
- name: Run module with backend autodetection
|
|
openssl_privatekey:
|
|
path: '{{ remote_tmp_dir }}/privatekey_backend_selection.pem'
|
|
size: '{{ default_rsa_key_size }}'
|
|
|
|
- block:
|
|
- name: Running tests with cryptography backend
|
|
include_tasks: impl.yml
|
|
vars:
|
|
select_crypto_backend: cryptography
|
|
|
|
- import_tasks: ../tests/validate.yml
|
|
vars:
|
|
select_crypto_backend: cryptography
|
|
|
|
when: cryptography_version.stdout is version('0.5', '>=')
|