mirror of https://github.com/ansible/ansible.git
added integration tests for rpm_key (#26134)
David Newswanger
8 years ago
committed by
John R Barker
parent
ed17d7a0a5
commit
5242ff1b59
@ -0,0 +1,2 @@
|
|||||||
|
destructive
|
||||||
|
posix/ci/group1
|
||||||
@ -0,0 +1,2 @@
|
|||||||
|
- include: 'rpm_key.yaml'
|
||||||
|
when: ansible_os_family == "RedHat"
|
||||||
@ -0,0 +1,83 @@
|
|||||||
|
---
|
||||||
|
- name: download EPEL GPG key
|
||||||
|
get_url:
|
||||||
|
url: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
|
||||||
|
dest: /tmp/RPM-GPG-KEY-EPEL-7
|
||||||
|
|
||||||
|
- name: download sl rpm
|
||||||
|
get_url:
|
||||||
|
url: https://download.fedoraproject.org/pub/epel/7/x86_64/s/sl-5.02-1.el7.x86_64.rpm
|
||||||
|
dest: /tmp/sl.rpm
|
||||||
|
|
||||||
|
- name: remove EPEL GPG key from keyring
|
||||||
|
rpm_key:
|
||||||
|
state: absent
|
||||||
|
key: /tmp/RPM-GPG-KEY-EPEL-7
|
||||||
|
|
||||||
|
- name: check GPG signature of sl. Should fail
|
||||||
|
shell: "rpm --checksig /tmp/sl.rpm"
|
||||||
|
register: sl_check
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: confirm that signature check failed
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- "'MISSING KEYS' in sl_check.stdout"
|
||||||
|
- "sl_check.failed"
|
||||||
|
|
||||||
|
- name: remove EPEL GPG key from keyring (Idempotant)
|
||||||
|
rpm_key:
|
||||||
|
state: absent
|
||||||
|
key: /tmp/RPM-GPG-KEY-EPEL-7
|
||||||
|
register: idempotant_test
|
||||||
|
|
||||||
|
- name: check Idempotant
|
||||||
|
assert:
|
||||||
|
that: "not idempotant_test.changed"
|
||||||
|
|
||||||
|
- name: add EPEL GPG key to key ring
|
||||||
|
rpm_key:
|
||||||
|
state: present
|
||||||
|
key: /tmp/RPM-GPG-KEY-EPEL-7
|
||||||
|
|
||||||
|
- name: add EPEL GPG key to key ring (Idempotant)
|
||||||
|
rpm_key:
|
||||||
|
state: present
|
||||||
|
key: /tmp/RPM-GPG-KEY-EPEL-7
|
||||||
|
|
||||||
|
- name: check GPG signature of sl. Should return okay
|
||||||
|
shell: "rpm --checksig /tmp/sl.rpm"
|
||||||
|
register: sl_check
|
||||||
|
|
||||||
|
- name: confirm that signature check succeeded
|
||||||
|
assert:
|
||||||
|
that: "'rsa sha1 (md5) pgp md5 OK' in sl_check.stdout"
|
||||||
|
|
||||||
|
- name: remove GPG key from url
|
||||||
|
rpm_key:
|
||||||
|
state: absent
|
||||||
|
key: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
|
||||||
|
|
||||||
|
- name: Confirm key is missing
|
||||||
|
shell: "rpm --checksig /tmp/sl.rpm"
|
||||||
|
register: sl_check
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: confirm that signature check failed
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- "'MISSING KEYS' in sl_check.stdout"
|
||||||
|
- "sl_check.failed"
|
||||||
|
|
||||||
|
- name: add GPG key from url
|
||||||
|
rpm_key:
|
||||||
|
state: present
|
||||||
|
key: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
|
||||||
|
|
||||||
|
- name: check GPG signature of sl. Should return okay
|
||||||
|
shell: "rpm --checksig /tmp/sl.rpm"
|
||||||
|
register: sl_check
|
||||||
|
|
||||||
|
- name: confirm that signature check succeeded
|
||||||
|
assert:
|
||||||
|
that: "'rsa sha1 (md5) pgp md5 OK' in sl_check.stdout"
|
||||||
Loading…
Reference in New Issue