tests: Verify the main configuration file contains Include directive if needed

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-11-22 11:00:19 +01:00 · 2022-04-06 16:07:31 +02:00 · 2022-04-06 16:07:31 +02:00 · e1e820428d
commit e1e820428d
parent 9c202bd60e
2 changed files with 22 additions and 0 deletions
--- a/tests/tests_alternative_file.yml
+++ b/tests/tests_alternative_file.yml
@ -38,6 +38,7 @@
          Banner: /etc/issue
          Ciphers: aes256-ctr
        sshd_Compression: no
+
    - name: Configure second alternative sshd_config file
      include_role:
        name: ansible-sshd
@ -49,6 +50,7 @@
          Banner: /etc/issue2
          Ciphers: aes128-ctr
        sshd_MaxStartups: 100
+
    - name: Now configure the main sshd_config file
      include_role:
        name: ansible-sshd
@ -114,6 +116,16 @@
              - "'MaxStartups 100' not in config3.content | b64decode"
              - "'Compression no' not in config3.content | b64decode"

+        - name: Check the main configuration file contains some default values for RHEL 9 or Fedora
+          assert:
+            that:
+              - "'Include /etc/ssh/sshd_config.d/*.conf' in config3.content | b64decode"
+              - "'AuthorizedKeysFile .ssh/authorized_keys' in config3.content | b64decode"
+              - "'Subsystem sftp /usr/libexec/sftp-server' in config3.content | b64decode"
+          when:
+            - ansible_facts['os_family'] == 'RedHat'
+            - ansible_facts['distribution_major_version']|int > 8
+
        - name: Check the generated config has requested properties
          assert:
            that:
--- a/tests/tests_alternative_file_role.yml
+++ b/tests/tests_alternative_file_role.yml
@ -130,6 +130,16 @@
              - "'MaxStartups 100' not in config3.content | b64decode"
              - "'Compression no' not in config3.content | b64decode"

+        - name: Check the main configuration file contains some default values for RHEL 9 or Fedora
+          assert:
+            that:
+              - "'Include /etc/ssh/sshd_config.d/*.conf' in config3.content | b64decode"
+              - "'AuthorizedKeysFile .ssh/authorized_keys' in config3.content | b64decode"
+              - "'Subsystem sftp /usr/libexec/sftp-server' in config3.content | b64decode"
+          when:
+            - ansible_facts['os_family'] == 'RedHat'
+            - ansible_facts['distribution_major_version']|int > 8
+
        - name: Check the generated config has requested properties
          assert:
            that: