Jakub Jelen
9502c325ea
tests: Add negative test for FIPS mode
...
This fixes also a typo that was overlooked previously
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
09f2c6a999
Add another virtualization platform exception
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
57357b0be7
tests: Slurp the correct file when writing main config
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
17bc0cbb1b
tests: Fix OS detection to match also CentOS 9
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
9345faa5a1
Set explicit path to the main configuration file to work well with the drop-in directory
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
67fee24ecb
Address review comments (to be squashed)
2021-11-16 15:05:22 +01:00
Jakub Jelen
ee63bacdcd
tests: Verify the default hostkeys can be excluded in FIPS mode
...
ignore failures to bind fips_enabled into /proc/sys/crypto as it looks
like this does not work in the Github Actions containers.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-16 15:05:22 +01:00
Dominik Rimpf
961f10b710
FIX: indentation including tests
2021-08-17 15:50:36 +02:00
Jakub Jelen
2e3b3c0581
tests: Skip the negative test in RHEL6
...
The ansible_failed_result is not available in old Ansible on RHEL6
2021-08-09 10:08:56 +02:00
Jakub Jelen
9326a46dd8
tests: Skip the OS defaults test on CentOS 6 too
...
The CentOS6/RHEL6 images have modified sshd_config from what is shipped
in rpm package
2021-08-09 10:08:22 +02:00
Jakub Jelen
f6d26d8781
tests: Skip service status check on RHEL6
...
the init system there can not just "check" the status
2021-08-09 10:07:52 +02:00
Jakub Jelen
d16170bf31
tests: Skip the negative test in RHEL6 entirely
2021-08-09 10:07:37 +02:00
Jakub Jelen
a2646b7551
tests: Fix condition to match also CentOS
2021-08-09 10:07:28 +02:00
Jakub Jelen
f1ab555084
tests: The AcceptEnv is not accepted in Match block on RHEL6
2021-08-09 10:07:28 +02:00
Jakub Jelen
91784d1874
Workaround namespace feature also for RHEL6
...
The OpenSSH 5.3 in RHEL6 is so old it does not support "Match all" so we
need some creative workaround for this old stuff.
2021-08-09 10:07:09 +02:00
Jakub Jelen
ee2096d680
Add support for RHEL 9 and adjust tests for it
2021-08-03 17:35:24 +02:00
Jakub Jelen
d1446017e9
tests: Create temporary hostkey with proper backup
2021-06-11 21:49:31 +02:00
Jakub Jelen
8a85e7309b
Rename sshd_namespace_append to sshd_config_namespace
2021-06-11 21:49:31 +02:00
Jakub Jelen
2a1426453b
Increase test coverage for sshd_config_{owner,group,mode} variables with both invocations
2021-06-10 19:53:00 +02:00
Jakub Jelen
17022bb46d
Test role invocation through old 'roles'
2021-06-10 19:53:00 +02:00
Jakub Jelen
ad399343c9
Skip defaults when appending configuration
2021-06-01 16:09:23 +02:00
Jakub Jelen
3cad473005
tests: Add negative test and context tests using regex
2021-06-01 16:09:23 +02:00
Jakub Jelen
8e180cfb48
Add new identification for Github Actions virtualization platform
2021-06-01 16:09:23 +02:00
Jakub Jelen
380ebd21d9
Support for appending a snippet to configuration file
2021-06-01 16:09:23 +02:00
Noriko Hosoi
fe0146b8a0
Fixing issues found by @jakure in his reviews.
2021-04-10 09:11:13 -07:00
Noriko Hosoi
6887864d2c
Fix issues found by linters - enable all tests on all repos - remove suppressions
...
Cleaning up yamllint errors.
- Use .yamllint.yml and .yamllint_defaults.yml instead of
.yamllint.yaml.
- Fix the invalid indentations.
Cleaning up ansible-lint errors.
- Add "name" to every task.
- Use command rather than shell
- Add "changed_when: false".
- Use '|' instead of '>' for the shell module.
- Fix '/bin/sh: line 3: CRYPTO_POLICY: unbound variable'.
- Add "set -eu" and "set -o pipefail" if pipefail is available.
Note: "pipefail" is not available in "sh" and "dash".
- Add "- '306' # Shells that use pipes should set the pipefail option"
to .ansible-lint since ansible-lint does not recognize it if it's set
in "if set -o | grep pipefail".
RHELPLAN-73804
2021-04-09 10:27:42 -07:00
Rich Megginson
bb612fb6c5
use state: absent instead of state: missing
2021-01-28 15:56:14 -07:00
Jakub Jelen
d46e5eb226
tests: Use valid option in Match blocks in RHEL6
2020-12-11 13:25:19 +01:00
Jakub Jelen
fd144194e6
tests: Do not use ed25519 keys as they are not available in RHEL6
2020-12-11 13:25:19 +01:00
Jakub Jelen
f1aa17930a
tests: Do not use gcm ciphers as they are not available in RHEL6
2020-12-11 13:25:19 +01:00
Jakub Jelen
e92a98a97f
tests: Improve testing of the sysconfig with more real example
2020-12-11 13:25:19 +01:00
Jakub Jelen
45bf0180fe
tests: Verify backup files are created and can be disabled
2020-12-11 13:25:19 +01:00
Jakub Jelen
497db39466
tests: Move setup tasks to separate file
2020-12-11 13:25:19 +01:00
Jakub Jelen
86495969dc
tests: Skip hostkey test in Debian and RHEL6 as it is missing
2020-12-11 13:25:19 +01:00
Jakub Jelen
425400d521
Do not attempt to create and verify sysconfig on unrelated systems
2020-12-11 13:25:19 +01:00
Jakub Jelen
48dc56b2d2
Recognize podman container runtime and ignore services there
2020-12-11 13:25:19 +01:00
Jakub Jelen
acb56267a1
tests: Verify variable precedence is correctly applied
2020-12-11 13:25:19 +01:00
Jakub Jelen
156373262c
tests: Test match can accept dict directly
2020-12-11 13:25:19 +01:00
Jakub Jelen
bb979290db
tests: Verify the sshd_enable variable works
2020-12-11 13:25:19 +01:00
Jakub Jelen
9032ea2b1e
tests: Verify the defaults of this role do not change os defaults
2020-12-11 13:24:59 +01:00
Jakub Jelen
9ccbe04b7f
tests: Implement backup & restore of important files for separate tests
2020-12-11 13:24:40 +01:00
Jakub Jelen
242058a10b
tests: For Fedora containers, make sure the sshd host keys exist
2020-11-16 11:32:28 +01:00
Jakub Jelen
ff04f6ff89
tests: Replace cat with slurp
2020-11-16 11:20:56 +01:00
Jakub Jelen
567708dff6
tests: Make sure the user/group nobody is present in the test
2020-11-16 11:20:56 +01:00
Jakub Jelen
e4de9a6afd
tests: Use complete connection specification for RHEL7 compatibility
2020-11-16 11:20:56 +01:00
Jakub Jelen
e2d6a8ba0f
tests: Fix for Fedora using different default configuration file
2020-11-16 11:20:56 +01:00
Jakub Jelen
f3f041b580
tests: Verify we can write main config after included one
2020-11-16 11:20:55 +01:00
Jakub Jelen
35945647e1
tests: Use the main configuration file for setting sftp subsystem
2020-11-16 11:16:57 +01:00
Jakub Jelen
33dcb0d9d4
tests: Verify we can generate hostkeys and prevent its creation if needed
2020-11-16 11:16:44 +01:00
Jakub Jelen
ad913968ac
Add a symlink to make tests working in CI without modification to ansible.cfg
2020-11-06 11:35:10 +01:00