diff options
| author | Florian Heiderich <florian.heiderich.ext@bestsecret.com> | 2021-02-05 15:40:52 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-05 15:40:52 +0100 |
| commit | 8d6136eab96dc2c0745996eb9bbb893e93015d2e (patch) | |
| tree | edaf07607ede24c8bd730a3487d55bd8e6b09d03 /test/integration | |
| parent | Bump antsibull-changelog version for changelog sanity test. (diff) | |
| download | ansible-8d6136eab96dc2c0745996eb9bbb893e93015d2e.tar.xz ansible-8d6136eab96dc2c0745996eb9bbb893e93015d2e.zip | |
uri - add ca_path parameter (#71979)
* add changelog fragment for #71979 (ca_path for uri)
* add integration tests for ca_path in the uri module
* return path of ca cert instead of its content
* connect to port 444 on self_signed_host
and use quay.io/ansible/http-test-container:1.3.0
* state that the certificate in ca_path is used for validation
Diffstat (limited to 'test/integration')
| -rw-r--r-- | test/integration/targets/uri/tasks/main.yml | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/test/integration/targets/uri/tasks/main.yml b/test/integration/targets/uri/tasks/main.yml index 2297f6f189..4cefc6b309 100644 --- a/test/integration/targets/uri/tasks/main.yml +++ b/test/integration/targets/uri/tasks/main.yml @@ -131,6 +131,48 @@ - "stat_result.stat.exists == true" - "result.changed == true" +- name: "get ca certificate {{ self_signed_host }}" + get_url: + url: "http://{{ httpbin_host }}/ca2cert.pem" + dest: "{{ remote_tmp_dir }}/ca2cert.pem" + +- name: test https fetch to a site with self signed certificate using ca_path + uri: + url: "https://{{ self_signed_host }}:444/" + dest: "{{ output_dir }}/self-signed_using_ca_path.html" + ca_path: "{{ remote_tmp_dir }}/ca2cert.pem" + validate_certs: yes + register: result + +- stat: + path: "{{ output_dir }}/self-signed_using_ca_path.html" + register: stat_result + +- name: Assert that the file was downloaded + assert: + that: + - "stat_result.stat.exists == true" + - "result.changed == true" + +- name: test https fetch to a site with self signed certificate without using ca_path + uri: + url: "https://{{ self_signed_host }}:444/" + dest: "{{ output_dir }}/self-signed-without_using_ca_path.html" + validate_certs: yes + register: result + ignore_errors: true + +- stat: + path: "{{ output_dir }}/self-signed-without_using_ca_path.html" + register: stat_result + +- name: Assure that https access to a host with self-signed certificate without providing ca_path fails + assert: + that: + - "stat_result.stat.exists == false" + - result is failed + - "'certificate verify failed' in result.msg" + - name: test redirect without follow_redirects uri: url: 'https://{{ httpbin_host }}/redirect/2' |