Commit graph

90 commits

Author SHA1 Message Date
Nikolaos Kakouros
6bb0d7b456 tMakes drop-in functionality configurable by the user 2022-08-26 20:23:51 +00:00
Nikolaos Kakouros
5f67c9b3d2 Backups relevant files 2022-08-23 15:18:41 +02:00
Nikolaos Kakouros
7866c6bc29 Fix tests 2022-08-23 15:18:41 +02:00
Nikolaos Kakouros
221a801260 Adds workaround for CentOS6 2022-08-23 15:18:41 +02:00
Nikolaos Kakouros
d2b274a0a1 Fixes tests 2022-08-23 15:18:41 +02:00
Nikolaos Kakouros
87ed3d4c15 Addresses comments and linters 2022-08-23 15:18:41 +02:00
Nikolaos Kakouros
db39a733aa Moves internal non-overridable variables out of defaults 2022-08-23 15:18:41 +02:00
Nikolaos Kakouros
d5b2f8df02 Adds tests for duplicate role use 2022-08-23 15:18:41 +02:00
Jakub Jelen
61cce32ce6 tests: Do not be picky about spaces/tabs
When testing with cloud-init, it modifies the sshd_configuration and can
replace some tabs with whitespaces. This happens frequently around the
subsystem keyword. There are no functional changes, but the matching
did not work as expected.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-06-13 17:28:34 +02:00
Matt Willsher
af7230cf29 Fix various linting issues 2022-06-05 08:54:56 +01:00
Matt Willsher
90338a3f0a Fix various linting issues 2022-06-03 11:22:17 +01:00
Jakub Jelen
74026ba2f8 Add support for Ubuntu 22 with drop-in directory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
dd5f79e5f0 tests: Verify os defaults are used also if the drop-in directory exists
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
d39c6f7daf tests: Check include directive is added when missing
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
e1e820428d tests: Verify the main configuration file contains Include directive if needed
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
bd64ca7441 More portable way for sharing variables between role and tests 2022-04-19 17:20:27 +02:00
Jakub Jelen
c515ffdf94 Move the common variables to separate file 2022-04-19 17:20:27 +02:00
Jakub Jelen
bcbdf92182 Avoid unnecessary use of 'and' in 'when' conditions 2022-04-19 17:20:27 +02:00
Jakub Jelen
c1d1cdfeac Reuse the list of skipped virtualization environments 2022-04-19 17:20:27 +02:00
Jakub Jelen
7e311e19a9 tests: Add whitespace
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
9502c325ea tests: Add negative test for FIPS mode
This fixes also a typo that was overlooked previously

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
09f2c6a999 Add another virtualization platform exception
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
57357b0be7 tests: Slurp the correct file when writing main config
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
17bc0cbb1b tests: Fix OS detection to match also CentOS 9
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
9345faa5a1 Set explicit path to the main configuration file to work well with the drop-in directory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
67fee24ecb Address review comments (to be squashed) 2021-11-16 15:05:22 +01:00
Jakub Jelen
ee63bacdcd tests: Verify the default hostkeys can be excluded in FIPS mode
ignore failures to bind fips_enabled into /proc/sys/crypto as it looks
like this does not work in the Github Actions containers.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-16 15:05:22 +01:00
Dominik Rimpf
961f10b710 FIX: indentation including tests 2021-08-17 15:50:36 +02:00
Jakub Jelen
2e3b3c0581 tests: Skip the negative test in RHEL6
The ansible_failed_result is not available in old Ansible on RHEL6
2021-08-09 10:08:56 +02:00
Jakub Jelen
9326a46dd8 tests: Skip the OS defaults test on CentOS 6 too
The CentOS6/RHEL6 images have modified sshd_config from what is shipped
in rpm package
2021-08-09 10:08:22 +02:00
Jakub Jelen
f6d26d8781 tests: Skip service status check on RHEL6
the init system there can not just "check" the status
2021-08-09 10:07:52 +02:00
Jakub Jelen
d16170bf31 tests: Skip the negative test in RHEL6 entirely 2021-08-09 10:07:37 +02:00
Jakub Jelen
a2646b7551 tests: Fix condition to match also CentOS 2021-08-09 10:07:28 +02:00
Jakub Jelen
f1ab555084 tests: The AcceptEnv is not accepted in Match block on RHEL6 2021-08-09 10:07:28 +02:00
Jakub Jelen
91784d1874 Workaround namespace feature also for RHEL6
The OpenSSH 5.3 in RHEL6 is so old it does not support "Match all" so we
need some creative workaround for this old stuff.
2021-08-09 10:07:09 +02:00
Jakub Jelen
ee2096d680 Add support for RHEL 9 and adjust tests for it 2021-08-03 17:35:24 +02:00
Jakub Jelen
d1446017e9 tests: Create temporary hostkey with proper backup 2021-06-11 21:49:31 +02:00
Jakub Jelen
8a85e7309b Rename sshd_namespace_append to sshd_config_namespace 2021-06-11 21:49:31 +02:00
Jakub Jelen
2a1426453b Increase test coverage for sshd_config_{owner,group,mode} variables with both invocations 2021-06-10 19:53:00 +02:00
Jakub Jelen
17022bb46d Test role invocation through old 'roles' 2021-06-10 19:53:00 +02:00
Jakub Jelen
ad399343c9 Skip defaults when appending configuration 2021-06-01 16:09:23 +02:00
Jakub Jelen
3cad473005 tests: Add negative test and context tests using regex 2021-06-01 16:09:23 +02:00
Jakub Jelen
8e180cfb48 Add new identification for Github Actions virtualization platform 2021-06-01 16:09:23 +02:00
Jakub Jelen
380ebd21d9 Support for appending a snippet to configuration file 2021-06-01 16:09:23 +02:00
Noriko Hosoi
fe0146b8a0 Fixing issues found by @jakure in his reviews. 2021-04-10 09:11:13 -07:00
Noriko Hosoi
6887864d2c Fix issues found by linters - enable all tests on all repos - remove suppressions
Cleaning up yamllint errors.
  - Use .yamllint.yml and .yamllint_defaults.yml instead of
    .yamllint.yaml.
  - Fix the invalid indentations.

Cleaning up ansible-lint errors.
  - Add "name" to every task.
  - Use command rather than shell
  - Add "changed_when: false".
  - Use '|' instead of '>' for the shell module.
  - Fix '/bin/sh: line 3: CRYPTO_POLICY: unbound variable'.
  - Add "set -eu" and "set -o pipefail" if pipefail is available.
    Note: "pipefail" is not available in "sh" and "dash".
  - Add "- '306'  # Shells that use pipes should set the pipefail option"
    to .ansible-lint since ansible-lint does not recognize it if it's set
    in "if set -o | grep pipefail".

RHELPLAN-73804
2021-04-09 10:27:42 -07:00
Rich Megginson
bb612fb6c5 use state: absent instead of state: missing 2021-01-28 15:56:14 -07:00
Jakub Jelen
d46e5eb226 tests: Use valid option in Match blocks in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
fd144194e6 tests: Do not use ed25519 keys as they are not available in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
f1aa17930a tests: Do not use gcm ciphers as they are not available in RHEL6 2020-12-11 13:25:19 +01:00