From 79d2f8a93a209cdcc1ab67604a11bdc3046c2cd4 Mon Sep 17 00:00:00 2001 From: Dag Wieers Date: Thu, 11 Jan 2018 21:28:42 +0100 Subject: [PATCH] ACI: Fix tests and add signature-based authentication test (#34758) --- .../aci_aaa_user_certificate/tasks/main.yml | 30 ++++++++----------- 1 file changed, 12 insertions(+), 18 deletions(-) diff --git a/test/integration/targets/aci_aaa_user_certificate/tasks/main.yml b/test/integration/targets/aci_aaa_user_certificate/tasks/main.yml index 121df628b4..f541d88de7 100644 --- a/test/integration/targets/aci_aaa_user_certificate/tasks/main.yml +++ b/test/integration/targets/aci_aaa_user_certificate/tasks/main.yml @@ -2,11 +2,11 @@ # Copyright: (c) 2017, Dag Wieers (dagwieers) # # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) -# + - name: Test that we have an ACI APIC host, ACI username and ACI password fail: msg: 'Please define the following variables: aci_hostname, aci_username and aci_password.' - when: aci_hostname is not defined or aci_username is not defined or aci_password is not defined + when: aci_hostname is not defined or aci_username is not defined or aci_password is not defined # CLEAN ENVIRONMENT @@ -20,7 +20,6 @@ user: admin certificate_name: admin state: absent - delegate_to: localhost # ADD USER CERTIFICATE @@ -36,23 +35,19 @@ certificate: "{{ lookup('file', 'pki/admin.crt') }}" state: present check_mode: yes - delegate_to: localhost register: cm_add_cert - name: Add user certificate (normal mode) aci_aaa_user_certificate: *cert_present - delegate_to: localhost register: nm_add_cert - name: Add user certificate again (check mode) aci_aaa_user_certificate: *cert_present check_mode: yes - delegate_to: localhost register: cm_add_cert_again - name: Add user certificate again (normal mode) aci_aaa_user_certificate: *cert_present - delegate_to: localhost register: nm_add_cert_again - name: Verify add_cert @@ -63,22 +58,21 @@ # QUERY ALL USER CERTIFICATES -- name: Query all user certificates (check_mode) +- name: Query all user certificates using signature-based authentication (check_mode) aci_aaa_user_certificate: &cert_query hostname: '{{ aci_hostname }}' username: '{{ aci_username }}' - password: '{{ aci_password }}' + #password: '{{ aci_password }}' + private_key: '{{ role_path }}/pki/admin.key' use_proxy: no validate_certs: no user: admin state: query check_mode: yes - delegate_to: localhost register: cm_query_all_certs -- name: Query all user certificates (normal mode) +- name: Query all user certificates using signature-based authentication (normal mode) aci_aaa_user_certificate: *cert_query - delegate_to: localhost register: nm_query_all_certs - name: Verify query_all_certs @@ -90,14 +84,14 @@ # QUERY OUR USER CERTIFICATE -- name: Query our certificate (check_mode) +- name: Query our certificate using signature-based authentication (check_mode) aci_aaa_user_certificate: <<: *cert_query certificate_name: admin check_mode: yes register: cm_query_cert -- name: Query our certificate (normal mode) +- name: Query our certificate using signature-based authentication (normal mode) aci_aaa_user_certificate: <<: *cert_query certificate_name: admin @@ -112,21 +106,21 @@ # REMOVE CERTIFICATE - name: Remove certificate (check_mode) - aci_tenant: *cert_absent + aci_aaa_user_certificate: *cert_absent check_mode: yes register: cm_remove_cert - name: Remove certificate (normal mode) - aci_tenant: *cert_absent + aci_aaa_user_certificate: *cert_absent register: nm_remove_cert - name: Remove certificate again (check_mode) - aci_tenant: *cert_absent + aci_aaa_user_certificate: *cert_absent check_mode: yes register: cm_remove_cert_again - name: Remove certificate again (normal mode) - aci_tenant: *cert_absent + aci_aaa_user_certificate: *cert_absent register: nm_remove_cert_again - name: Verify remove_cert