# test code for the known_hosts module # (c) 2017, Marius Gedminas # This file is part of Ansible # # Ansible is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . - name: copy an existing file in place copy: src: existing_known_hosts dest: "{{ output_dir | expanduser }}/known_hosts" # test addition - name: add a new host in check mode check_mode: yes known_hosts: name: example.org key: "{{ example_org_rsa_key }}" state: present path: "{{output_dir|expanduser}}/known_hosts" register: diff - name: assert that the diff looks as expected (the key was added at the end) assert: that: - 'diff.changed' - 'diff.diff.before_header == diff.diff.after_header == output_dir|expanduser + "/known_hosts"' - 'diff.diff.after.splitlines()[:-1] == diff.diff.before.splitlines()' - 'diff.diff.after.splitlines()[-1] == example_org_rsa_key.strip()' - name: add a new host known_hosts: name: example.org key: "{{ example_org_rsa_key }}" state: present path: "{{output_dir|expanduser}}/known_hosts" register: result - name: get the file content shell: cat "{{output_dir|expanduser}}/known_hosts" register: known_hosts - name: assert that the key was added and ordering preserved assert: that: - 'result.changed' - 'known_hosts.stdout_lines[0].startswith("example.com")' - 'known_hosts.stdout_lines[4].startswith("# example.net")' - 'known_hosts.stdout_lines[-1].strip() == example_org_rsa_key.strip()' # test idempotence of addition - name: add the same host in check mode check_mode: yes known_hosts: name: example.org key: "{{ example_org_rsa_key }}" state: present path: "{{output_dir|expanduser}}/known_hosts" register: check - name: assert that no changes were expected assert: that: - 'not check.changed' - 'check.diff.before == check.diff.after' - name: add the same host known_hosts: name: example.org key: "{{ example_org_rsa_key }}" state: present path: "{{output_dir|expanduser}}/known_hosts" register: result - name: get the file content shell: cat "{{output_dir|expanduser}}/known_hosts" register: known_hosts_v2 - name: assert that no changes happened assert: that: - 'not result.changed' - 'result.diff.before == result.diff.after' - 'known_hosts.stdout == known_hosts_v2.stdout' # test removal - name: remove the host in check mode check_mode: yes known_hosts: name: example.org key: "{{ example_org_rsa_key }}" state: absent path: "{{output_dir|expanduser}}/known_hosts" register: diff - name: assert that the diff looks as expected (the key was removed) assert: that: - 'diff.diff.before_header == diff.diff.after_header == output_dir|expanduser + "/known_hosts"' - 'diff.diff.before.splitlines()[-1] == example_org_rsa_key.strip()' - 'diff.diff.after.splitlines() == diff.diff.before.splitlines()[:-1]' - name: remove the host known_hosts: name: example.org key: "{{ example_org_rsa_key }}" state: absent path: "{{output_dir|expanduser}}/known_hosts" register: result - name: get the file content shell: cat "{{output_dir|expanduser}}/known_hosts" register: known_hosts_v3 - name: assert that the key was removed and ordering preserved assert: that: - 'result.changed' - '"example.org" not in known_hosts_v3.stdout' - 'known_hosts_v3.stdout_lines[0].startswith("example.com")' - 'known_hosts_v3.stdout_lines[-1].startswith("# example.net")' # test idempotence of removal - name: remove the same host in check mode check_mode: yes known_hosts: name: example.org key: "{{ example_org_rsa_key }}" state: absent path: "{{output_dir|expanduser}}/known_hosts" register: check - name: assert that no changes were expected assert: that: - 'not check.changed' - 'check.diff.before == check.diff.after' - name: remove the same host known_hosts: name: example.org key: "{{ example_org_rsa_key }}" state: absent path: "{{output_dir|expanduser}}/known_hosts" register: result - name: get the file content shell: cat "{{output_dir|expanduser}}/known_hosts" register: known_hosts_v4 - name: assert that no changes happened assert: that: - 'not result.changed' - 'result.diff.before == result.diff.after' - 'known_hosts_v3.stdout == known_hosts_v4.stdout' # test errors - name: Try using a comma separated list of hosts known_hosts: name: example.org,acme.com key: "{{ example_org_rsa_key }}" path: "{{output_dir|expanduser}}/known_hosts" ignore_errors: yes register: result - name: Assert that error message was displayed assert: that: - result is failed - result.msg == 'Comma separated list of names is not supported. Please pass a single name to lookup in the known_hosts file.' - name: Try using a name that does not match the key known_hosts: name: example.com key: "{{ example_org_rsa_key }}" path: "{{output_dir|expanduser}}/known_hosts" ignore_errors: yes register: result - name: Assert that name checking failed with error message assert: that: - result is failed - result.msg == 'Host parameter does not match hashed host field in supplied key'