diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index b1d8a78..464e152 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -1,29 +1,29 @@ --- # This is an example playbook to execute Ansible tests. -# - name: Verify -# hosts: all -# gather_facts: false -# tasks: -# - name: "Test: directory /usr/local/share/ca-certificates" -# block: -# - name: "Stat directory /usr/local/share/ca-certificates" -# ansible.builtin.stat: -# path: "/usr/local/share/ca-certificates" -# register: usr_local_share_ca_certificates -# -# - name: "Find files in directory /usr/local/share/ca-certificates" -# ansible.builtin.find: -# paths: "/usr/local/share/ca-certificates" -# file_type: file -# register: usr_local_share_ca_certificates_ls -# -# - name: "Verify directory /usr/local/share/ca-certificates" -# ansible.builtin.assert: -# that: -# - usr_local_share_ca_certificates.stat.exists -# - usr_local_share_ca_certificates.stat.isdir -# - usr_local_share_ca_certificates.stat.pw_name == 'root' -# - usr_local_share_ca_certificates.stat.gr_name == 'root' -# - usr_local_share_ca_certificates.stat.mode == '0755' -# - (usr_local_share_ca_certificates_ls.files|length) == 0 +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: "Test: directory /usr/local/share/ca-certificates" + block: + - name: "Stat directory /usr/local/share/ca-certificates" + ansible.builtin.stat: + path: "/usr/local/share/ca-certificates" + register: usr_local_share_ca_certificates + + - name: "Find files in directory /usr/local/share/ca-certificates" + ansible.builtin.find: + paths: "/usr/local/share/ca-certificates" + file_type: file + register: usr_local_share_ca_certificates_ls + + - name: "Verify directory /usr/local/share/ca-certificates" + ansible.builtin.assert: + that: + - usr_local_share_ca_certificates.stat.exists + - usr_local_share_ca_certificates.stat.isdir + - usr_local_share_ca_certificates.stat.pw_name == 'root' + - usr_local_share_ca_certificates.stat.gr_name == 'root' + - usr_local_share_ca_certificates.stat.mode == '0755' + - (usr_local_share_ca_certificates_ls.files|length) == 0 diff --git a/molecule/with_custom_ca/verify.yml b/molecule/with_custom_ca/verify.yml index 5b0b958..f5b9be4 100644 --- a/molecule/with_custom_ca/verify.yml +++ b/molecule/with_custom_ca/verify.yml @@ -1,54 +1,54 @@ --- # This is an example playbook to execute Ansible tests. -# - name: Verify -# hosts: all -# gather_facts: false -# tasks: -# - name: "Test: directory /usr/local/share/ca-certificates" -# block: -# - name: "Stat directory /usr/local/share/ca-certificates" -# ansible.builtin.stat: -# path: "/usr/local/share/ca-certificates" -# register: usr_local_share_ca_certificates -# -# - name: "Find files in directory /usr/local/share/ca-certificates" -# ansible.builtin.find: -# paths: "/usr/local/share/ca-certificates" -# file_type: file -# register: usr_local_share_ca_certificates_ls -# -# - name: "Verify directory /usr/local/share/ca-certificates" -# ansible.builtin.assert: -# that: -# - usr_local_share_ca_certificates.stat.exists -# - usr_local_share_ca_certificates.stat.isdir -# - usr_local_share_ca_certificates.stat.pw_name == 'root' -# - usr_local_share_ca_certificates.stat.gr_name == 'root' -# - usr_local_share_ca_certificates.stat.mode == '0755' -# - (usr_local_share_ca_certificates_ls.files|length) == 1 -# - (usr_local_share_ca_certificates_ls.files[0].path|basename) == 'isrg_root.crt' -# -# - name: "Test: certificate isrg_root.crt" -# block: -# - name: "Stat file /usr/local/share/ca-certificates/isrg_root.crt" -# ansible.builtin.stat: -# path: "/usr/local/share/ca-certificates/isrg_root.crt" -# register: isrg_root_file -# -# - name: "Get certificate info" -# community.crypto.x509_certificate_info: -# path: "/usr/local/share/ca-certificates/isrg_root.crt" -# register: isrg_root_pem -# -# - name: "Verify certificate is readable" -# ansible.builtin.assert: -# that: -# - isrg_root_file.stat.exists -# - isrg_root_file.stat.isreg -# - isrg_root_file.stat.pw_name == 'root' -# - isrg_root_file.stat.gr_name == 'root' -# - isrg_root_file.stat.mode == '0644' -# - not isrg_root_pem.failed -# - not isrg_root_pem.expired -# - isrg_root_pem.issuer == isrg_root_pem.subject +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: "Test: directory /usr/local/share/ca-certificates" + block: + - name: "Stat directory /usr/local/share/ca-certificates" + ansible.builtin.stat: + path: "/usr/local/share/ca-certificates" + register: usr_local_share_ca_certificates + + - name: "Find files in directory /usr/local/share/ca-certificates" + ansible.builtin.find: + paths: "/usr/local/share/ca-certificates" + file_type: file + register: usr_local_share_ca_certificates_ls + + - name: "Verify directory /usr/local/share/ca-certificates" + ansible.builtin.assert: + that: + - usr_local_share_ca_certificates.stat.exists + - usr_local_share_ca_certificates.stat.isdir + - usr_local_share_ca_certificates.stat.pw_name == 'root' + - usr_local_share_ca_certificates.stat.gr_name == 'root' + - usr_local_share_ca_certificates.stat.mode == '0755' + - (usr_local_share_ca_certificates_ls.files|length) == 1 + - (usr_local_share_ca_certificates_ls.files[0].path|basename) == 'isrg_root.crt' + + - name: "Test: certificate isrg_root.crt" + block: + - name: "Stat file /usr/local/share/ca-certificates/isrg_root.crt" + ansible.builtin.stat: + path: "/usr/local/share/ca-certificates/isrg_root.crt" + register: isrg_root_file + + - name: "Get certificate info" + community.crypto.x509_certificate_info: + path: "/usr/local/share/ca-certificates/isrg_root.crt" + register: isrg_root_pem + + - name: "Verify certificate is readable" + ansible.builtin.assert: + that: + - isrg_root_file.stat.exists + - isrg_root_file.stat.isreg + - isrg_root_file.stat.pw_name == 'root' + - isrg_root_file.stat.gr_name == 'root' + - isrg_root_file.stat.mode == '0644' + - not isrg_root_pem.failed + - not isrg_root_pem.expired + - isrg_root_pem.issuer == isrg_root_pem.subject