archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
stable-2.15
devel
stable-2.16
stable-2.14
stable-2.18
stable-2.17
milestone
stable-2.12
stable-2.13
stable-2.9
stable-2.11
stable-2.3
stable-2.10
stable-2.8
stable-2.4
stable-2.5
stable-2.6
stable-2.7
temp-2.10-devel
mazer_role_loader
stable-2.2
threading_plus_forking
threading_instead_of_forking
stable-2.1
stable-1.9
stable-2.0
stable-2.0.0.1
stable-2.0-network
release1.8.4
release1.8.3
release1.8.2
release1.8.1
release1.8.0
release1.7.2
release1.7.1
release1.7.0
release1.6.8
release1.6.10
release1.6.9
release1.6.7
release1.6.6
release1.6.5
release1.6.4
release1.6.3
release1.6.2
release1.6.1
release1.6.0
release1.5.5
release1.5.4
release1.5.3
release1.5.2
release1.5.1
release1.5.0
v2.14.3
v2.13.8
v2.14.3rc1
v2.13.8rc1
v2.14.2
v2.14.2rc1
v2.14.1
v2.13.7
v2.13.7rc1
v2.14.1rc1
v2.13.6
v2.14.0
v2.14.0rc2
v2.13.6rc1
v2.14.0rc1
v2.14.0b3
v2.13.5
v2.12.10
v2.14.0b2
v2.13.5rc1
v2.12.10rc1
v2.14.0b1
v2.12.9
v2.13.4
v2.13.4rc1
v2.12.9rc1
v2.13.3
v2.12.8
v2.12.8rc1
v2.13.3rc1
v2.13.2
v2.13.2rc1
v2.12.7
v2.13.1
v2.12.7rc1
v2.13.1rc1
v2.12.6
v2.11.12
v2.12.6rc1
v2.11.12rc1
v2.13.0
v2.13.0rc1
v2.13.0b1
v2.12.5
v2.11.11
v2.12.5rc1
v2.11.11rc1
v2.13.0b0
v2.12.4
v2.11.10
v2.12.4rc1
v2.11.10rc1
v2.11.9
v2.12.3
v2.12.3rc1
v2.11.9rc1
v2.12.2
v2.11.8
v2.10.17
v2.12.2rc1
v2.11.8rc1
v2.10.17rc1
v2.12.1
v2.11.7
v2.10.16
v2.10.16rc1
v2.11.7rc1
v2.12.1rc1
v2.12.0
v2.12.0rc1
v2.12.0b2
v2.11.6
v2.10.15
v2.9.27
v2.9.27rc1
v2.10.15rc1
v2.11.6rc1
v2.12.0b1
v2.11.5
v2.10.14
v2.9.26
v2.11.5rc1
v2.10.14rc1
v2.9.26rc1
v2.11.4
v2.10.13
v2.9.25
v2.9.25rc1
v2.10.13rc1
v2.11.4rc1
v2.11.3
v2.10.12
v2.9.24
v2.11.3rc1
v2.10.12rc1
v2.9.24rc1
v2.9.23
v2.10.11
v2.11.2
v2.11.2rc1
v2.10.11rc1
v2.9.23rc1
v2.11.1
v2.10.10
v2.9.22
v2.9.22rc1
v2.10.10rc1
v2.11.1rc1
v2.10.9
v2.9.21
v2.10.9rc1
v2.9.21rc1
v2.11.0
v2.8.20
v2.9.20
v2.10.8
v2.11.0rc2
v2.8.20rc1
v2.9.20rc1
v2.10.8rc1
v2.11.0rc1
stable-2.11-branchpoint
v2.11.0b4
v2.11.0b3
v2.11.0b2
v2.10.7
v2.9.19
v2.10.7rc1
v2.9.19rc1
v2.11.0b1
v2.8.19
v2.9.18
v2.10.6
v2.8.19rc1
v2.9.18rc1
v2.10.6rc1
v2.9.17
v2.10.5
v2.10.5rc1
v2.9.17rc1
v2.8.18
v2.9.16
v2.10.4
v2.8.18rc1
v2.9.16rc1
v2.10.4rc1
v2.8.17
v2.9.15
v2.10.3
v2.8.17rc1
v2.9.15rc1
v2.10.3rc1
v2.10.2
v2.9.14
v2.8.16
v2.8.16rc1
v2.9.14rc1
v2.10.2rc1
v2.10.1
v2.10.1rc3
v2.10.1rc2
v2.8.15
v2.9.13
v2.10.0
v2.9.12
v2.8.14
v2.10.0rc4
v2.10.0rc3
v2.10.0rc2
v2.10.0rc1
v2.9.11
v2.8.13
v2.9.10
v2.10.0b1
stable-2.10-branchpoint
v2.9.9
v2.7.18
v2.8.12
v2.9.8
v2.9.7
v2.8.11
v2.7.17
pre-ansible-base
v2.8.10
v2.8.9
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.8.8
v2.7.16
v2.9.2
v2.9.1
v2.8.7
v2.7.15
v2.9.0
v2.9.0rc5
v2.8.6
v2.7.14
v2.9.0rc4
v2.6.20
v2.9.0rc3
v2.9.0rc2
v2.9.0rc1
v2.8.5
v2.9.0b1
stable-2.9-branchpoint
v2.6.19
v2.7.13
v2.8.4
v2.8.3
v2.6.18
v2.7.12
v2.8.2
v2.8.1
v2.7.11
v2.6.17
v2.8.0
v2.8.0rc3
v2.8.0rc2
v2.8.0rc1
v2.8.0b1
v2.8.0a1
v2.6.16
v2.7.10
v2.6.15
v2.7.9
v2.7.8
v2.6.14
v2.5.15
v2.7.7
v2.6.13
v2.6.12
v2.7.6
v2.5.14
v2.7.5
v2.6.11
v2.6.10
v2.7.4
v2.5.13
v2.7.3
v2.6.9
v2.5.12
v2.6.8
v2.7.2
v2.6.7
v2.5.11
v2.7.1
v2.6.6
v2.7.0
v2.6.5
v2.7.0rc4
v2.5.10
v2.7.0rc3
v2.7.0rc2
v2.5.9
v2.6.4
v2.7.0rc1
v2.7.0b1
v2.7.0.a1
v2.6.3
v2.5.8
v2.6.2
v2.5.7
v2.6.1
v2.5.6
v2.4.6.0-1
v2.6.0
v2.6.0rc5
v2.6.0rc4
v2.4.5.0-1
v2.6.0rc3
v2.5.5
v2.4.5.0-0.1.rc1
v2.6.0rc2
v2.6.0rc1
v2.5.4
v2.6.0a2
v2.6.0a1
v2.5.3
v2.5.2
v2.5.1
v2.4.4.0-1
v2.4.4.0-0.3.rc2
v2.5.0
v2.5.0rc3
v2.5.0rc2
v2.4.4-0.2.rc1
v2.3.4.0-0.1.rc1
v2.5.0rc1
v2.4.4-0.1.beta1
v2.5.0b1
v2.5.0a1
v2.4.3.0-1
v2.4.3.0-0.6.rc3
v2.4.3.0-0.5.rc2
v2.4.3.0-0.4.rc1
v2.4.3-0.3.beta3
v2.4.3.0-0.2.beta2
v2.3.3.0-1
v2.4.3.0-0.1.beta1
v2.4.2.0-1
v2.4.2.0-0.5.rc1
v2.4.2.0-0.4.beta4
v2.3.3.0-0.3.rc3
v2.4.2.0-0.3.beta3
v2.4.2.0-0.2.beta2
v2.4.2.0-0.1.beta1
v2.4.1.0-1
v2.4.1.0-0.4.rc2
v2.3.3.0-0.2.rc2
v2.4.1.0-0.3.rc1
v2.4.1.0-0.2.beta2
v2.3.3.0-0.1.rc1
v2.4.1.0-0.1.beta1
v2.4.0.0-1
v2.4.0.0-0.5.rc5
v2.4.0.0-0.4.rc4
v2.4.0.0-0.3.rc3
v2.4.0.0-0.2.rc2
v2.4.0.0-0.1.rc1
v2.3.2.0-1
v2.3.2.0-0.5.rc5
v2.3.2.0-0.4.rc4
v2.3.2.0-0.3.rc3
v2.3.2.0-0.2.rc2
v2.3.2.0-0.1.rc1
v2.1.6.0-1
v2.3.1.0-1
v2.3.1.0-0.2.rc2
v2.2.3.0-1
v2.1.6.0-0.1.rc1
v2.3.1.0-0.1.rc1
v2.3.0.0-1
v2.3.0.0-0.6.rc6
v2.3.0.0-0.5.rc5
v2.3.0.0-0.4.rc4
v2.2.3.0-0.1.rc1
v2.3.0.0-0.3.rc3
v2.3.0.0-0.2.rc2
v2.2.2.0-1
v2.1.5.0-1
v2.3.0.0-0.1.rc1
v2.1.5.0-0.2.rc2
v2.2.2.0-0.2.rc2
v2.1.5.0-0.1.rc1
v2.2.2.0-0.1.rc1
v2.1.4.0-1
v2.2.1.0-1
v2.1.4.0-0.3.rc3
v2.2.1.0-0.5.rc5
v2.1.4.0-0.2.rc2
v2.2.1.0-0.4.rc4
v2.1.4.0-0.1.rc1
v2.2.1.0-0.3.rc3
v2.2.1.0-0.2.rc2
v2.2.1.0-0.1.rc1
v2.1.3.0-1
v2.2.0.0-1
v2.2.0.0-0.4.rc4
v2.1.3.0-0.3.rc3
v2.1.3.0-0.2.rc2
v2.2.0.0-0.3.rc3
v2.1.3.0-0.1.rc1
v2.2.0.0-0.2.rc2
v2.2.0.0-0.1.rc1
v2.1.2.0-1
v2.1.2.0-0.5.rc5
v2.1.2.0-0.4.rc4
v2.1.2.0-0.3.rc3
v2.1.2.0-0.2.rc2
v2.1.2.0-0.1.rc1
v2.1.1.0-1
v2.1.1.0-0.5.rc5
v2.1.1.0-0.4.rc4
v2.1.1.0-0.3.rc3
v2.1.1.0-0.2.rc2
v2.1.1.0-0.1.rc1
v2.1.0.0-1
v2.1.0.0-0.4.rc4
v2.1.0.0-0.2.rc2
v2.1.0.0-0.3.rc3
v2.1.0.0-0.1.rc1
v2.0.2.0-1
v1.9.6-1
v2.0.2.0-0.4.rc4
v2.0.2.0-0.3.rc3
v1.9.6-0.1.rc1
v2.0.2.0-0.2.rc2
v2.0.2.0-0.1.rc1
v1.9.5-1
v1.9.5-0.1.rc1
v2.0.1.0-1
v2.0.1.0-0.2.rc2
v2.0.1.0-0.1.rc1
v2.0.0.2-1
v2.0.0.1-1
v2.0.0.0-1
v2.0.0-0.9.rc4
v2.0.0-0.8.rc3
v2.0.0-0.7.rc2
v2.0.0-0.6.rc1
v2.0.0-0.5.beta3
v2.0.0-0.4.beta2
v1.9.4-1
v2.0.0-0.3.beta1
v1.9.4-0.3.rc3
v1.9.4-0.2.rc2
v1.9.4-0.1.rc1
v2.0.0-0.2.alpha2
v1.9.3-1
v2.0.0-0.1.alpha1
v1.9.3-0.3.rc3
v1.9.3-0.2.rc2
v1.9.3-0.1.rc1
v1.9.2-1
v1.9.2-0.2.rc2
v1_last
v1.9.2-0.1.rc1
v1.9.1-1
v1.9.1-0.4.rc4
v1.9.1-0.3.rc3
v1.9.1-0.2.rc2
v1.9.1-0.1.rc1
v1.9.0.1-1
v1.9.0-2
v1.9.0-1
v1.9.0-0.2.rc2
v1.9.0-0.1.rc1
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.2
v1.7.1
v1.7.0
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.3
v1.2.2
v1.2.1
v1.2
v1.1
v1.0
0.8
0.7.2
0.7
0.6
0.5
0.4.1
0.4
0.3.1
0.3
0.01
0.0.1
0.0.2
0.7.1
v0.9
v2.13.10
v2.13.10rc1
v2.13.11
v2.13.11rc1
v2.13.12
v2.13.12rc1
v2.13.13
v2.13.13rc1
v2.13.9
v2.13.9rc1
v2.14.10
v2.14.10rc1
v2.14.11
v2.14.11rc1
v2.14.12
v2.14.12rc1
v2.14.13
v2.14.14
v2.14.14rc1
v2.14.15
v2.14.15rc1
v2.14.16
v2.14.16rc1
v2.14.17
v2.14.17rc1
v2.14.18
v2.14.18rc1
v2.14.4
v2.14.4rc1
v2.14.5
v2.14.5rc1
v2.14.6
v2.14.6rc1
v2.14.7
v2.14.7rc1
v2.14.8
v2.14.8rc1
v2.14.9
v2.14.9rc1
v2.15.0
v2.15.0b1
v2.15.0b2
v2.15.0b3
v2.15.0rc1
v2.15.0rc2
v2.15.1
v2.15.10
v2.15.10rc1
v2.15.11
v2.15.11rc1
v2.15.12
v2.15.12rc1
v2.15.13
v2.15.13rc1
v2.15.1rc1
v2.15.2
v2.15.2rc1
v2.15.3
v2.15.3rc1
v2.15.4
v2.15.4rc1
v2.15.5
v2.15.5rc1
v2.15.6
v2.15.6rc1
v2.15.7
v2.15.7rc1
v2.15.8
v2.15.9
v2.15.9rc1
v2.16.0
v2.16.0b1
v2.16.0b2
v2.16.0rc1
v2.16.1
v2.16.10
v2.16.10rc1
v2.16.11
v2.16.11rc1
v2.16.12
v2.16.12rc1
v2.16.13
v2.16.13rc1
v2.16.1rc1
v2.16.2
v2.16.3
v2.16.3rc1
v2.16.4
v2.16.4rc1
v2.16.5
v2.16.5rc1
v2.16.6
v2.16.7
v2.16.7rc1
v2.16.8
v2.16.8rc1
v2.16.9
v2.16.9rc1
v2.17.0
v2.17.0b1
v2.17.0rc1
v2.17.0rc2
v2.17.1
v2.17.1rc1
v2.17.2
v2.17.2rc1
v2.17.2rc2
v2.17.3
v2.17.3rc1
v2.17.4
v2.17.4rc1
v2.17.5
v2.17.5rc1
v2.17.6
v2.17.6rc1
v2.18.0
v2.18.0b1
v2.18.0rc1
v2.18.0rc2
v2.5.0b2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6380a6c1df'
${ noResults }
ansible/test/integration/targets/git/tasks/gpg-verification.yml

193 lines
6.2 KiB
YAML
Raw Normal View History Unescape Escape

Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
# Test for verification of GnuPG signatures
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Create GnuPG verification workdir
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
tempfile:
state: directory
register: git_gpg_workdir
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Define variables based on workdir
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
set_fact:
git_gpg_keyfile: "{{ git_gpg_workdir.path }}/testkey.asc"
git_gpg_source: "{{ git_gpg_workdir.path }}/source"
git_gpg_dest: "{{ git_gpg_workdir.path }}/dest"
git_gpg_gpghome: "{{ git_gpg_workdir.path }}/gpg"
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Temporary store GnuPG test key
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
copy:
content: "{{ git_gpg_testkey }}"
dest: "{{ git_gpg_keyfile }}"
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Create temporary GNUPGHOME directory
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
file:
path: "{{ git_gpg_gpghome }}"
state: directory
mode: 0700
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Import GnuPG test key
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
command: gpg --import {{ git_gpg_keyfile }}
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Create local GnuPG signed repository directory
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
file:
path: "{{ git_gpg_source }}"
state: directory
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Generate local GnuPG signed repository
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
shell: |
set -e
git init
touch an_empty_file
git add an_empty_file
git commit --no-gpg-sign --message "Commit, and don't sign"
git tag lightweight_tag/unsigned_commit HEAD
git commit --allow-empty --gpg-sign --message "Commit, and sign"
git tag lightweight_tag/signed_commit HEAD
git tag --annotate --message "This is not a signed tag" unsigned_annotated_tag HEAD
git commit --allow-empty --gpg-sign --message "Commit, and sign"
git tag --sign --message "This is a signed tag" signed_annotated_tag HEAD
git checkout -b some_branch/signed_tip master
git commit --allow-empty --gpg-sign --message "Commit, and sign"
git checkout -b another_branch/unsigned_tip master
git commit --allow-empty --no-gpg-sign --message "Commit, and don't sign"
git checkout master
args:
chdir: "{{ git_gpg_source }}"
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Get hash of an unsigned commit
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
command: git show-ref --hash --verify refs/tags/lightweight_tag/unsigned_commit
args:
chdir: "{{ git_gpg_source }}"
register: git_gpg_unsigned_commit
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Get hash of a signed commit
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
command: git show-ref --hash --verify refs/tags/lightweight_tag/signed_commit
args:
chdir: "{{ git_gpg_source }}"
register: git_gpg_signed_commit
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify signed HEAD
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
verify_commit: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify a signed lightweight tag
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
version: lightweight_tag/signed_commit
verify_commit: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify an unsigned lightweight tag (should fail)
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
version: lightweight_tag/unsigned_commit
verify_commit: yes
register: git_verify
ignore_errors: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Check that unsigned lightweight tag verification failed
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
assert:
that:
Deprecate tests used as filters (#32361) * Warn on tests used as filters * Update docs, add aliases for tests that fit more gramatically with test syntax * Fix rst formatting * Add successful filter, alias of success * Remove renamed_deprecation, it was overkill * Make directory alias for is_dir * Update tests to use proper jinja test syntax * Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax * Add conversion script, porting guide updates, and changelog updates * Update newly added uses of tests as filters * No underscore variable * Convert recent tests as filter changes to win_stat * Fix some changes related to rebasing a few integration tests * Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name * Add test for tests_as_filters_warning * Update tests as filters in newly added/modified tests * Address recent changes to several integration tests * Address recent changes in cs_vpc
7 years ago
- git_verify is failed
- git_verify.msg is match("Failed to verify GPG signature of commit/tag.+")
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify a signed commit
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
version: "{{ git_gpg_signed_commit.stdout }}"
verify_commit: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify an unsigned commit
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
version: "{{ git_gpg_unsigned_commit.stdout }}"
verify_commit: yes
register: git_verify
ignore_errors: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Check that unsigned commit verification failed
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
assert:
that:
Deprecate tests used as filters (#32361) * Warn on tests used as filters * Update docs, add aliases for tests that fit more gramatically with test syntax * Fix rst formatting * Add successful filter, alias of success * Remove renamed_deprecation, it was overkill * Make directory alias for is_dir * Update tests to use proper jinja test syntax * Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax * Add conversion script, porting guide updates, and changelog updates * Update newly added uses of tests as filters * No underscore variable * Convert recent tests as filter changes to win_stat * Fix some changes related to rebasing a few integration tests * Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name * Add test for tests_as_filters_warning * Update tests as filters in newly added/modified tests * Address recent changes to several integration tests * Address recent changes in cs_vpc
7 years ago
- git_verify is failed
- git_verify.msg is match("Failed to verify GPG signature of commit/tag.+")
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify a signed annotated tag
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
version: signed_annotated_tag
verify_commit: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify an unsigned annotated tag (should fail)
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
version: unsigned_annotated_tag
verify_commit: yes
register: git_verify
ignore_errors: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Check that unsigned annotated tag verification failed
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
assert:
that:
Deprecate tests used as filters (#32361) * Warn on tests used as filters * Update docs, add aliases for tests that fit more gramatically with test syntax * Fix rst formatting * Add successful filter, alias of success * Remove renamed_deprecation, it was overkill * Make directory alias for is_dir * Update tests to use proper jinja test syntax * Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax * Add conversion script, porting guide updates, and changelog updates * Update newly added uses of tests as filters * No underscore variable * Convert recent tests as filter changes to win_stat * Fix some changes related to rebasing a few integration tests * Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name * Add test for tests_as_filters_warning * Update tests as filters in newly added/modified tests * Address recent changes to several integration tests * Address recent changes in cs_vpc
7 years ago
- git_verify is failed
- git_verify.msg is match("Failed to verify GPG signature of commit/tag.+")
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify a signed branch
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
version: some_branch/signed_tip
verify_commit: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Clone repo and verify an unsigned branch (should fail)
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
environment:
- GNUPGHOME: "{{ git_gpg_gpghome }}"
git:
repo: "{{ git_gpg_source }}"
dest: "{{ git_gpg_dest }}"
version: another_branch/unsigned_tip
verify_commit: yes
register: git_verify
ignore_errors: yes
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Check that unsigned branch verification failed
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
assert:
that:
Deprecate tests used as filters (#32361) * Warn on tests used as filters * Update docs, add aliases for tests that fit more gramatically with test syntax * Fix rst formatting * Add successful filter, alias of success * Remove renamed_deprecation, it was overkill * Make directory alias for is_dir * Update tests to use proper jinja test syntax * Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax * Add conversion script, porting guide updates, and changelog updates * Update newly added uses of tests as filters * No underscore variable * Convert recent tests as filter changes to win_stat * Fix some changes related to rebasing a few integration tests * Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name * Add test for tests_as_filters_warning * Update tests as filters in newly added/modified tests * Address recent changes to several integration tests * Address recent changes in cs_vpc
7 years ago
- git_verify is failed
- git_verify.msg is match("Failed to verify GPG signature of commit/tag.+")
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
ansible-test git: kill gpg-agent to remove locks (#50917) * ansible-test git: kill gpg-agent to remove locks * skip gpg-agent kill for OpenSUSE
6 years ago
- name: GPG-VERIFICATION | Stop gpg-agent so we can remove any locks on the GnuPG dir
command: gpgconf --kill gpg-agent
git: kill gpg-agent in tests on newer OpenSUSE hosts (#52476)
6 years ago
when: ansible_os_family != 'Suse' or ansible_distribution_version != '42.3' # OpenSUSE 42.3 ships with an older version of gpg-agent that doesn't support this
ansible-test: add Ubuntu 18.04 container (#50790) * ansible-test: Add Ubuntu 18.04 to Shippable CI nodes * re-add ubuntu1604/3 to matrix * forgot to add environment for git kill gpg-agent
6 years ago
environment:
GNUPGHOME: "{{ git_gpg_gpghome }}"
ansible-test git: kill gpg-agent to remove locks (#50917) * ansible-test git: kill gpg-agent to remove locks * skip gpg-agent kill for OpenSUSE
6 years ago
Correct usage for shutil.rmtree (#31541) * Correct usage for shutil.rmtree Fix adds correct usage of shutil.rmtree in git module Fixes: #31225 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> * Include archive tests so they get run * Use new include syntax * Cleanup syntax on git tests - use multi-line YAML - remove unneeded {{ }} around vars in conditionals - remove unneeded quotes - add task file name to task names for easier troubleshooting when things fail * Make archive tests work for RHEL/CentOS 6 The older versions of Jinja2 in RHEL/CentOS 6 required assertion tasks using the map filter to be skipped. The older version of git required gzip compression to be skipped on RHEL/CentOS 6. * Account for ansible_distribution_major_version missing
7 years ago
- name: GPG-VERIFICATION | Remove GnuPG verification workdir
Only use `git verify-tag` when verifying annotated tags (#26414) * Only use `git verify-tag` when verifying annotated tags The command `git verify-tag` only applies to annotated tags. When verifying lightweight tags, which are more similar to non-moving branches, one has to use `git verify-commit` instead. Using ':' as a separator is appropriate since that is one of the characters not allowed in a Git reference name. See also https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html * Improve testing of the Git module's gpg verification
7 years ago
file:
path: "{{ git_gpg_workdir.path }}"
state: absent