diff --git a/test/utils/docker/httptester/Dockerfile b/test/utils/docker/httptester/Dockerfile deleted file mode 100644 index 13f21fd7dd9..00000000000 --- a/test/utils/docker/httptester/Dockerfile +++ /dev/null @@ -1,40 +0,0 @@ -# We are pinning at 1.13.8 due to the 1.13.9 image having a vastly different /etc/ssl/openssl.cnf that do not work with our below commands -FROM nginx:1.13.8-alpine - -# The following packages are required to get httpbin/brotlipy/cffi installed -# openssl-dev python2-dev libffi-dev gcc libstdc++ make musl-dev -# Symlinking /usr/lib/libstdc++.so.6 to /usr/lib/libstdc++.so is specifically required for brotlipy -RUN set -x && \ - apk add --no-cache openssl ca-certificates py-pip openssl-dev python2-dev libffi-dev gcc libstdc++ make musl-dev && \ - update-ca-certificates && \ - ln -s /usr/lib/libstdc++.so.6 /usr/lib/libstdc++.so && \ - mkdir -p /root/ca/certs /root/ca/private /root/ca/newcerts && \ - echo 1000 > /root/ca/serial && \ - touch /root/ca/index.txt && \ - sed -i 's/\.\/demoCA/\/root\/ca/g' /etc/ssl/openssl.cnf && \ - openssl req -new -x509 -days 3650 -nodes -extensions v3_ca -keyout /root/ca/private/cakey.pem -out /root/ca/cacert.pem \ - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=ansible.http.tests" && \ - openssl req -new -nodes -out /root/ca/ansible.http.tests-req.pem -keyout /root/ca/private/ansible.http.tests-key.pem \ - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=ansible.http.tests" && \ - yes | openssl ca -config /etc/ssl/openssl.cnf -days 3650 -out /root/ca/ansible.http.tests-cert.pem -infiles /root/ca/ansible.http.tests-req.pem && \ - openssl req -new -nodes -out /root/ca/sni1.ansible.http.tests-req.pem -keyout /root/ca/private/sni1.ansible.http.tests-key.pem -config /etc/ssl/openssl.cnf \ - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=sni1.ansible.http.tests" && \ - yes | openssl ca -config /etc/ssl/openssl.cnf -days 3650 -out /root/ca/sni1.ansible.http.tests-cert.pem -infiles /root/ca/sni1.ansible.http.tests-req.pem && \ - openssl req -new -nodes -out /root/ca/sni2.ansible.http.tests-req.pem -keyout /root/ca/private/sni2.ansible.http.tests-key.pem -config /etc/ssl/openssl.cnf \ - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=sni2.ansible.http.tests" && \ - yes | openssl ca -config /etc/ssl/openssl.cnf -days 3650 -out /root/ca/sni2.ansible.http.tests-cert.pem -infiles /root/ca/sni2.ansible.http.tests-req.pem && \ - openssl req -new -nodes -out /root/ca/client.ansible.http.tests-req.pem -keyout /root/ca/private/client.ansible.http.tests-key.pem -config /etc/ssl/openssl.cnf \ - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=client.ansible.http.tests" && \ - yes | openssl ca -config /etc/ssl/openssl.cnf -days 3650 -out /root/ca/client.ansible.http.tests-cert.pem -infiles /root/ca/client.ansible.http.tests-req.pem && \ - cp /root/ca/cacert.pem /usr/share/nginx/html/cacert.pem && \ - cp /root/ca/client.ansible.http.tests-cert.pem /usr/share/nginx/html/client.pem && \ - cp /root/ca/private/client.ansible.http.tests-key.pem /usr/share/nginx/html/client.key && \ - pip install gunicorn httpbin==0.6.2 && \ - apk del openssl-dev python2-dev libffi-dev gcc libstdc++ make musl-dev - -ADD services.sh /services.sh -ADD nginx.sites.conf /etc/nginx/conf.d/default.conf - -EXPOSE 80 443 - -CMD ["/services.sh"] diff --git a/test/utils/docker/httptester/httptester.yml b/test/utils/docker/httptester/httptester.yml deleted file mode 100644 index 6f0ca08193e..00000000000 --- a/test/utils/docker/httptester/httptester.yml +++ /dev/null @@ -1,170 +0,0 @@ ---- -- name: Configure httptester - hosts: all - vars: - os_packages: - apk: - - openssl - - py-pip - - ca-certificates - - openssl-dev - - python2-dev - - libffi-dev - - gcc - - libstdc\+\+ - - make - - musl-dev - apt: - - openssl - - python-pip - - python-dev - - libffi-dev - yum: - - openssl - - python-pip - - python-devel - - gcc - - libffi-devel - dnf: - - openssl - - python-pip - - python-devel - - gcc - - libffi-devel - tasks: - - name: Check for nginx - stat: - path: /usr/sbin/nginx - register: nginx - - - name: Install nginx - package: - name: nginx - update_cache: "{{ (ansible_pkg_mgr == 'dnf')|ternary(omit, 'yes') }}" - when: not nginx.stat.exists - - - name: Install OS Packages - package: - name: "{{ os_packages[ansible_pkg_mgr] }}" - update_cache: "{{ (ansible_pkg_mgr == 'dnf')|ternary(omit, 'yes') }}" - - - name: Symlink libstdc++ - file: - state: link - src: /usr/lib/libstdc++.so.6 - dest: /usr/lib/libstdc++.so - when: ansible_pkg_mgr == 'apk' - - - name: Create cert directories - file: - path: "{{ item }}" - state: directory - with_items: - - /root/ca/certs - - /root/ca/private - - /root/ca/newcerts - - - name: Set ca serial - copy: - dest: /root/ca/serial - content: 1000 - - - name: Create ca index - copy: - dest: /root/ca/index.txt - content: "" - - - name: Check for /etc/pki/tls/openssl.cnf - stat: - path: /etc/pki/tls/openssl.cnf - register: etc_pki_tls_openssl - - - name: Copy openssl.cnf to /etc/ssl - copy: - src: /etc/pki/tls/openssl.cnf - dest: /etc/ssl/openssl.cnf - remote_src: true - when: etc_pki_tls_openssl.stat.exists - - - name: Update openssl ca path - replace: - dest: /etc/ssl/openssl.cnf - regexp: '(\./demoCA|/etc/pki/CA)' - replace: '/root/ca' - - - name: Generate ca key - command: > - openssl req -new -x509 -days 3650 -nodes -extensions v3_ca -keyout /root/ca/private/cakey.pem -out /root/ca/cacert.pem - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=ansible.http.tests" - - - name: Generate ansible.http.tests key - command: > - openssl req -new -nodes -out /root/ca/ansible.http.tests-req.pem -keyout /root/ca/private/ansible.http.tests-key.pem - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=ansible.http.tests" - - - name: Generate ansible.http.tests cert - shell: > - yes | openssl ca -config /etc/ssl/openssl.cnf -days 3650 -out /root/ca/ansible.http.tests-cert.pem -infiles /root/ca/ansible.http.tests-req.pem - - - name: Generate sni1.ansible.http.tests key - command: > - openssl req -new -nodes -out /root/ca/sni1.ansible.http.tests-req.pem -keyout /root/ca/private/sni1.ansible.http.tests-key.pem -config /etc/ssl/openssl.cnf - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=sni1.ansible.http.tests" - - - name: Generate sni1.ansible.http.tests cert - shell: > - yes | openssl ca -config /etc/ssl/openssl.cnf -days 3650 -out /root/ca/sni1.ansible.http.tests-cert.pem -infiles /root/ca/sni1.ansible.http.tests-req.pem - - - name: Generate sni2.ansible.http.tests key - command: > - openssl req -new -nodes -out /root/ca/sni2.ansible.http.tests-req.pem -keyout /root/ca/private/sni2.ansible.http.tests-key.pem -config /etc/ssl/openssl.cnf - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=sni2.ansible.http.tests" - - - name: Generate sni2.ansible.http.tests cert - shell: > - yes | openssl ca -config /etc/ssl/openssl.cnf -days 3650 -out /root/ca/sni2.ansible.http.tests-cert.pem -infiles /root/ca/sni2.ansible.http.tests-req.pem - - - name: Generate client key - command: > - openssl req -new -nodes -out /root/ca/client.ansible.http.tests-req.pem -keyout /root/ca/private/client.ansible.http.tests-key.pem -config /etc/ssl/openssl.cnf - -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=client.ansible.http.tests" - - - name: Generate client.ansible.http.tests cert - shell: > - yes | openssl ca -config /etc/ssl/openssl.cnf -days 3650 -out /root/ca/client.ansible.http.tests-cert.pem -infiles /root/ca/client.ansible.http.tests-req.pem - - - name: Copy cacert.pem into nginx doc root for easy retrieval - copy: - src: "/root/ca/cacert.pem" - dest: "/usr/share/nginx/html/cacert.pem" - remote_src: true - - - copy: - src: /root/ca/client.ansible.http.tests-cert.pem - dest: /usr/share/nginx/html/client.pem - remote_src: true - - - copy: - src: /root/ca/private/client.ansible.http.tests-key.pem - dest: /usr/share/nginx/html/client.key - remote_src: true - - - name: Install gunicorn and httpbin - pip: - name: "{{ item.name }}" - version: "{{ item.version|default(omit) }}" - with_items: - - name: gunicorn - - name: httpbin - version: '0.6.2' - - - name: Copy services.sh script - copy: - src: "{{ playbook_dir }}/services.sh" - dest: /services.sh - mode: 0755 - - - name: Copy nginx sites configuration - copy: - src: nginx.sites.conf - dest: /etc/nginx/conf.d/default.conf diff --git a/test/utils/docker/httptester/nginx.sites.conf b/test/utils/docker/httptester/nginx.sites.conf deleted file mode 100644 index 4878d23d0a6..00000000000 --- a/test/utils/docker/httptester/nginx.sites.conf +++ /dev/null @@ -1,72 +0,0 @@ -server { - listen 80 default_server; - listen 443 ssl default_server; - - server_name ansible.http.tests _; - - ssl_certificate /root/ca/ansible.http.tests-cert.pem; - ssl_certificate_key /root/ca/private/ansible.http.tests-key.pem; - - ssl_client_certificate /root/ca/cacert.pem; - ssl_verify_client optional; - - location =/cacert.pem { - alias /usr/share/nginx/html/cacert.pem; - } - - location =/client.key { - alias /usr/share/nginx/html/client.key; - } - - location =/client.pem { - alias /usr/share/nginx/html/client.pem; - } - - location =/ssl_client_verify { - return 200 "ansible.http.tests:$ssl_client_verify"; - } - - location / { - proxy_pass http://127.0.0.1:8000; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $http_host; - proxy_redirect off; - } -} - -server { - listen 80; - listen 443 ssl; - - server_name sni1.ansible.http.tests; - - ssl_certificate /root/ca/sni1.ansible.http.tests-cert.pem; - ssl_certificate_key /root/ca/private/sni1.ansible.http.tests-key.pem; - - location / { - return 200 "sni1.ansible.http.tests"; - } -} - -server { - listen 80; - listen 443 ssl; - - server_name sni2.ansible.http.tests; - - ssl_certificate /root/ca/sni2.ansible.http.tests-cert.pem; - ssl_certificate_key /root/ca/private/sni2.ansible.http.tests-key.pem; - - location / { - return 200 "sni2.ansible.http.tests"; - } -} - -server { - listen 80; - - server_name fail.ansible.http.tests; - - rewrite /(.*) https://$host/$1 permanent; -} diff --git a/test/utils/docker/httptester/packer.json b/test/utils/docker/httptester/packer.json deleted file mode 100644 index 365fc2c2791..00000000000 --- a/test/utils/docker/httptester/packer.json +++ /dev/null @@ -1,47 +0,0 @@ -{ - "variables": { - "docker_image": "nginx:1.13.8-alpine" - }, - "builders": [ - { - "type": "docker", - "image": "{{user `docker_image`}}", - "commit": true, - "run_command": [ - "-d", - "-i", - "-t", - "{{.Image}}", - "/bin/sh" - ] - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "set -x", - "[ -f /sbin/apk ] && /sbin/apk add -U ansible || true", - "[ -f /usr/bin/dnf ] && /usr/bin/dnf -y install ansible python2-dnf || true", - "[ ! -f /usr/bin/dnf -a -f /usr/bin/yum ] && /usr/bin/yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-`grep -o [0-9] /etc/redhat-release | head -1`.noarch.rpm || true", - "[ ! -f /usr/bin/dnf -a -f /usr/bin/yum ] && /usr/bin/yum -y install ansible || true", - "[ -f /usr/bin/apt-get ] && /usr/bin/apt-get update && /usr/bin/apt-get -y install software-properties-common && /usr/bin/add-apt-repository ppa:ansible/ansible && /usr/bin/apt-get update && /usr/bin/apt-get -y install ansible || true" - ] - }, - { - "type": "ansible-local", - "playbook_file": "httptester.yml", - "playbook_dir": "{{template_dir}}", - "extra_arguments": [ - "-v" - ] - } - ], - "post-processors": [ - { - "type": "docker-tag", - "repository": "ansible/ansible", - "tag": "httptester" - } - ] -} diff --git a/test/utils/docker/httptester/services.sh b/test/utils/docker/httptester/services.sh deleted file mode 100755 index c319aaa4167..00000000000 --- a/test/utils/docker/httptester/services.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -gunicorn -D httpbin:app -nginx -g "daemon off;"