ansible-collections/hcp-ansible
ansible-collections/hcp-ansible
4
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

feat/major-revamp #11

Merged
lanson merged 42 commits from fix/various into main 2024-08-17 14:54:28 +00:00
Conversation 0 Commits 42 Files Changed 163 +135
7 changed files with 135 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 9371296d80 - Show all commits

8
molecule/hashistack_ca_default/converge.yml Normal file
View File

@ -0,0 +1,8 @@
---
- name: Converge
hosts: all
become: true
tasks:
- name: "Include ednz_cloud.hashistack.hashistack_ca"
ansible.builtin.include_role:
name: "ednz_cloud.hashistack.hashistack_ca"

0
molecule/hashistack_ca_default/etc/hashistack/.gitkeep Normal file
View File

67
molecule/hashistack_ca_default/group_vars/all.yml Normal file
View File

@ -0,0 +1,67 @@
---
# defaults file for hashistack_ca
hashistack_ca_directory: "{{ lookup('env', 'PWD') }}/etc/hashistack/certificates"
hashistack_ca_use_cryptography: false
hashistack_ca_action: "noop"
hashistack_ca_domain: ednz.fr
##############################
# Root Certificate Authority #
##############################
hashistack_ca_root_org_name: EDNZ Cloud
hashistack_ca_root_country: FR
hashistack_ca_root_locality: Paris
hashistack_ca_root_common_name: "{{ hashistack_ca_domain }} Root CA"
hashistack_ca_root_email:
hashistack_ca_root_key_usage:
- keyCertSign
- cRLSign
hashistack_ca_root_key_usage_critical: true
hashistack_ca_root_basic_constraints:
- CA:TRUE
hashistack_ca_root_basic_constraints_critical: true
# Optional fields
hashistack_ca_root_state_or_province_name:
hashistack_ca_root_email_address:
# Validity
hashistack_ca_root_valid_for: 0d
hashistack_ca_root_renew_threshold: 0d
######################################
# Intermediate Certificate Authority #
######################################
hashistack_ca_intermediate_org_name: EDNZ Cloud Intermediate
hashistack_ca_intermediate_country: FR
hashistack_ca_intermediate_locality: Paris
hashistack_ca_intermediate_common_name: "{{ hashistack_ca_domain }} Intermediate CA"
hashistack_ca_intermediate_email:
hashistack_ca_intermediate_key_usage:
- keyCertSign
- cRLSign
hashistack_ca_intermediate_key_usage_critical: true
hashistack_ca_intermediate_basic_constraints:
- CA:TRUE
- pathlen:0
hashistack_ca_intermediate_basic_constraints_critical: true
# Optional fields
hashistack_ca_intermediate_state_or_province_name:
hashistack_ca_intermediate_email_address:
# Validity
hashistack_ca_intermediate_valid_for: 365d
hashistack_ca_intermediate_renew_threshold: 90d
# Name Constraints
hashistack_ca_intermediate_name_constraints_permitted:
- DNS:.nomad
- DNS:.consul
- DNS:.example.com
- DNS:localhost
- IP:192.168.0.0/16
- IP:172.16.0.0/16
- IP:10.0.0.0/8
- IP:127.0.0.0/8
hashistack_ca_intermediate_name_constraints_critical: "{{ (hashistack_ca_intermediate_name_constraints_permitted is defined and hashistack_ca_intermediate_name_constraints_permitted | length > 0) }}"

37
molecule/hashistack_ca_default/molecule.yml Normal file
View File

@ -0,0 +1,37 @@
---
dependency:
name: galaxy
options:
requirements-file: ./requirements.yml
driver:
name: docker
platforms:
- name: instance
image: geerlingguy/docker-${MOLECULE_TEST_OS}-ansible
command: ""
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup
cgroupns_mode: host
privileged: true
pre_build_image: true
provisioner:
name: ansible
config_options:
defaults:
remote_tmp: /tmp/.ansible
verifier:
name: ansible
scenario:
name: hashistack_ca_default
test_sequence:
- dependency
- cleanup
- destroy
- syntax
- create
- prepare
- converge
- idempotence
- verify
- cleanup
- destroy

13
molecule/hashistack_ca_default/prepare.yml Normal file
View File

@ -0,0 +1,13 @@
---
- name: Prepare
hosts: all
become: true
tasks:
- name: "Install pre-required system packages"
ansible.builtin.include_role:
name: ednz_cloud.manage_apt_packages
vars:
manage_apt_packages_list:
- name: unzip
version: latest
state: present

4
molecule/hashistack_ca_default/requirements.yml Normal file
View File

@ -0,0 +1,4 @@
---
# requirements file for molecule
roles:
- name: ednz_cloud.manage_apt_packages

6
molecule/hashistack_ca_default/verify.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Verify
hosts: all
gather_facts: true
become: true
tasks: []