ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpoau9jedf executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_fs_attrs.yml *************************************************** 3 plays in /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml PLAY [Ensure UID and GID exists] *********************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:2 Wednesday 06 July 2022 05:35:24 +0000 (0:00:00.012) 0:00:00.012 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [Ensure user exists] ****************************************************** task path: /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:5 Wednesday 06 July 2022 05:35:25 +0000 (0:00:01.082) 0:00:01.094 ******** changed: [/cache/centos-7.qcow2c.snap] => { "changed": true, "comment": "", "create_home": true, "group": 1040, "home": "/home/user1", "name": "user1", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1040 } TASK [Ensure group "somegroup" exists] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:9 Wednesday 06 July 2022 05:35:26 +0000 (0:00:00.535) 0:00:01.630 ******** changed: [/cache/centos-7.qcow2c.snap] => { "changed": true, "gid": 1041, "name": "somegroup", "state": "present", "system": false } META: ran handlers META: ran handlers PLAY [Issue certificate setting user/group] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:13 Wednesday 06 July 2022 05:35:26 +0000 (0:00:00.460) 0:00:02.090 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:2 Wednesday 06 July 2022 05:35:27 +0000 (0:00:00.704) 0:00:02.794 ******** included: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml for /cache/centos-7.qcow2c.snap TASK [linux-system-roles.certificate : Ensure ansible_facts used by role] ****** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2 Wednesday 06 July 2022 05:35:27 +0000 (0:00:00.028) 0:00:02.823 ******** ok: [/cache/centos-7.qcow2c.snap] TASK [linux-system-roles.certificate : Set platform/version specific variables] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:8 Wednesday 06 July 2022 05:35:27 +0000 (0:00:00.412) 0:00:03.235 ******** skipping: [/cache/centos-7.qcow2c.snap] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/centos-7.qcow2c.snap] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [/cache/centos-7.qcow2c.snap] => (item=CentOS_7.yml) => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/vars/CentOS_7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.yml" } skipping: [/cache/centos-7.qcow2c.snap] => (item=CentOS_7.9.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.9.yml", "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 Wednesday 06 July 2022 05:35:27 +0000 (0:00:00.050) 0:00:03.286 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 Wednesday 06 July 2022 05:35:29 +0000 (0:00:01.224) 0:00:04.510 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-17.el7_9.x86_64 providing certmonger is already installed" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 Wednesday 06 July 2022 05:35:29 +0000 (0:00:00.590) 0:00:05.101 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:59 Wednesday 06 July 2022 05:35:30 +0000 (0:00:00.486) 0:00:05.587 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 Wednesday 06 July 2022 05:35:30 +0000 (0:00:00.348) 0:00:05.936 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Wed 2022-07-06 05:31:41 UTC", "ActiveEnterTimestampMonotonic": "172162297", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "systemd-journald.socket basic.target system.slice network.target syslog.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Wed 2022-07-06 05:31:41 UTC", "AssertTimestampMonotonic": "172148815", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2022-07-06 05:31:41 UTC", "ConditionTimestampMonotonic": "172148814", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "6078", "ExecMainStartTimestamp": "Wed 2022-07-06 05:31:41 UTC", "ExecMainStartTimestampMonotonic": "172149537", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2022-07-06 05:31:41 UTC", "InactiveExitTimestampMonotonic": "172149585", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14960", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14960", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "6078", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2022-07-06 05:31:41 UTC", "WatchdogTimestampMonotonic": "172162252", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 Wednesday 06 July 2022 05:35:31 +0000 (0:00:00.674) 0:00:06.611 ******** changed: [/cache/centos-7.qcow2c.snap] => (item={'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert_fs_attrs", "owner": "ftp" } } MSG: Certificate requested (new). File attributes updated. changed: [/cache/centos-7.qcow2c.snap] => (item={'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040 } } MSG: Certificate requested (new). File attributes updated. META: role_complete for /cache/centos-7.qcow2c.snap META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:31 Wednesday 06 July 2022 05:35:32 +0000 (0:00:01.596) 0:00:08.207 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:60 Wednesday 06 July 2022 05:35:33 +0000 (0:00:00.724) 0:00:08.932 ******** included: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c.snap => (item={'path': '/etc/pki/tls/certs/mycert_fs_attrs.crt', 'key_path': '/etc/pki/tls/private/mycert_fs_attrs.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 'ftp', 'group': 'ftp', 'mode': '0640'}) included: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c.snap => (item={'path': '/etc/pki/tls/certs/certid.crt', 'key_path': '/etc/pki/tls/private/certid.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 1040, 'group': 1041, 'mode': '0640'}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 05:35:33 +0000 (0:00:00.047) 0:00:08.980 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 05:35:33 +0000 (0:00:00.058) 0:00:09.039 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-18.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 05:35:34 +0000 (0:00:00.573) 0:00:09.612 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 05:35:35 +0000 (0:00:01.131) 0:00:10.744 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 05:35:36 +0000 (0:00:00.825) 0:00:11.569 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657085731.9183764, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "709433b1bb330cc711738a69707467cfc03b590c", "ctime": 1657085731.9483764, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 9668527, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657085731.9153764, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_fs_attrs.crt", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1294, "uid": 14, "version": "18446744072736545453", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 05:35:36 +0000 (0:00:00.429) 0:00:11.999 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 05:35:36 +0000 (0:00:00.033) 0:00:12.033 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 05:35:36 +0000 (0:00:00.047) 0:00:12.080 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 05:35:36 +0000 (0:00:00.043) 0:00:12.123 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657085731.8703763, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "b08fedf68394883cbcb6e5fecf1c8689f4e6b455", "ctime": 1657085731.9483764, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 9668526, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657085731.9153764, "nlink": 1, "path": "/etc/pki/tls/private/mycert_fs_attrs.key", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1708, "uid": 14, "version": "709550805", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 05:35:36 +0000 (0:00:00.313) 0:00:12.436 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 05:35:37 +0000 (0:00:00.033) 0:00:12.470 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 05:35:37 +0000 (0:00:00.047) 0:00:12.518 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert_fs_attrs.crt" ], "delta": "0:00:00.253790", "end": "2022-07-06 05:35:37.707123", "rc": 0, "start": "2022-07-06 05:35:37.453333" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "4B:A9:39:4F:AC:0A:05:89:E0:E3:21:06:8A:9C:90:12:EE:A5:34:9C", "critical": false }, "authorityKeyIdentifier": { "value": "02:AD:DA:38:F4:E2:5E:3D:60:C0:9D:C9:B6:8B:BA:75:33:70:48:A5", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "BD:65:BC:48:10:20:64:F5:D8:CB:AF:80:87:BA:F7:F4:14:FD:78:59:93:5A:EC:C9:53:DB:39:1A:2A:5E:AA:BD:5A:0B:23:9E:7D:23:DF:DC:50:40:5D:88:C9:9B:B9:A8:97:41:66:B6:4D:EC:80:CB:A0:6D:B9:98:F5:FA:17:FC:75:5B:8B:31:BC:7B:D9:31:9F:C3:34:4B:6D:2A:3C:10:67:5A:CA:B9:DD:1B:29:7C:FA:24:19:71:04:64:5E:F4:75:CD:52:B5:28:CE:92:C7:25:2C:5F:47:70:93:74:7F:90:CB:EF:09:86:CD:A9:DA:B5:18:97:0C:8E:44:76:C4:CD:C9:45:F2:54:1A:C2:48:7D:A1:EB:7D:71:FF:02:9C:44:29:C6:9C:AF:7D:CF:C0:C4:32:48:19:14:13:52:39:8E:18:E5:7C:A8:1E:B1:18:EE:26:37:43:48:01:1A:34:08:AC:9E:F1:04:96:55:E5:99:4E:26:D6:E0:33:A0:05:38:D5:77:F0:CE:29:01:67:D4:1F:66:7A:59:99:97:D3:55:F7:0F:87:1B:93:FA:4A:11:5F:57:0A:AD:58:0A:4D:86:91:DF:40:83:31:6F:52:F0:7E:4F:B5:60:12:04:2C:A3:33:D0:EC:E0:1E:00:B3:71:0D:29:43:61:DF:27:B1" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 05:31:41", "not_valid_before": "2022-07-06 05:35:31" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 05:35:37 +0000 (0:00:00.707) 0:00:13.225 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "02:AD:DA:38:F4:E2:5E:3D:60:C0:9D:C9:B6:8B:BA:75:33:70:48:A5" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "4B:A9:39:4F:AC:0A:05:89:E0:E3:21:06:8A:9C:90:12:EE:A5:34:9C" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "BD:65:BC:48:10:20:64:F5:D8:CB:AF:80:87:BA:F7:F4:14:FD:78:59:93:5A:EC:C9:53:DB:39:1A:2A:5E:AA:BD:5A:0B:23:9E:7D:23:DF:DC:50:40:5D:88:C9:9B:B9:A8:97:41:66:B6:4D:EC:80:CB:A0:6D:B9:98:F5:FA:17:FC:75:5B:8B:31:BC:7B:D9:31:9F:C3:34:4B:6D:2A:3C:10:67:5A:CA:B9:DD:1B:29:7C:FA:24:19:71:04:64:5E:F4:75:CD:52:B5:28:CE:92:C7:25:2C:5F:47:70:93:74:7F:90:CB:EF:09:86:CD:A9:DA:B5:18:97:0C:8E:44:76:C4:CD:C9:45:F2:54:1A:C2:48:7D:A1:EB:7D:71:FF:02:9C:44:29:C6:9C:AF:7D:CF:C0:C4:32:48:19:14:13:52:39:8E:18:E5:7C:A8:1E:B1:18:EE:26:37:43:48:01:1A:34:08:AC:9E:F1:04:96:55:E5:99:4E:26:D6:E0:33:A0:05:38:D5:77:F0:CE:29:01:67:D4:1F:66:7A:59:99:97:D3:55:F7:0F:87:1B:93:FA:4A:11:5F:57:0A:AD:58:0A:4D:86:91:DF:40:83:31:6F:52:F0:7E:4F:B5:60:12:04:2C:A3:33:D0:EC:E0:1E:00:B3:71:0D:29:43:61:DF:27:B1" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 05:31:41", "not_valid_before": "2022-07-06 05:35:31" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 05:35:37 +0000 (0:00:00.042) 0:00:13.267 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 05:35:37 +0000 (0:00:00.041) 0:00:13.309 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 05:35:37 +0000 (0:00:00.033) 0:00:13.342 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 05:35:37 +0000 (0:00:00.045) 0:00:13.387 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 05:35:37 +0000 (0:00:00.045) 0:00:13.433 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 05:35:38 +0000 (0:00:00.044) 0:00:13.477 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_fs_attrs.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.056945", "end": "2022-07-06 05:35:38.316092", "rc": 0, "start": "2022-07-06 05:35:38.259147" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 05:35:38 +0000 (0:00:00.351) 0:00:13.828 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 05:35:38 +0000 (0:00:00.045) 0:00:13.874 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 05:35:38 +0000 (0:00:00.028) 0:00:13.902 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-18.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 05:35:39 +0000 (0:00:00.550) 0:00:14.453 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 05:35:39 +0000 (0:00:00.922) 0:00:15.376 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 05:35:40 +0000 (0:00:00.794) 0:00:16.170 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657085732.6063764, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "daa8029a555f02ff4388d8cd1b393e9db0e92569", "ctime": 1657085732.6393764, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 9668521, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657085732.6033764, "nlink": 1, "path": "/etc/pki/tls/certs/certid.crt", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1294, "uid": 1040, "version": "18446744071750312391", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 05:35:41 +0000 (0:00:00.325) 0:00:16.495 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 05:35:41 +0000 (0:00:00.032) 0:00:16.528 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 05:35:41 +0000 (0:00:00.043) 0:00:16.572 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 05:35:41 +0000 (0:00:00.043) 0:00:16.615 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657085732.5583763, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "23e581cedea8014e209c5383f6a43fa316c9121a", "ctime": 1657085732.6393764, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 9668514, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657085732.6023765, "nlink": 1, "path": "/etc/pki/tls/private/certid.key", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 1040, "version": "1305715576", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 05:35:41 +0000 (0:00:00.331) 0:00:16.947 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 05:35:41 +0000 (0:00:00.033) 0:00:16.980 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 05:35:41 +0000 (0:00:00.048) 0:00:17.029 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/certid.crt" ], "delta": "0:00:00.267790", "end": "2022-07-06 05:35:42.090218", "rc": 0, "start": "2022-07-06 05:35:41.822428" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "8B:B1:D9:51:2D:AB:96:82:D7:DE:81:C4:3C:74:C3:88:0E:75:78:C4", "critical": false }, "authorityKeyIdentifier": { "value": "02:AD:DA:38:F4:E2:5E:3D:60:C0:9D:C9:B6:8B:BA:75:33:70:48:A5", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "81:FD:45:93:74:42:57:FC:29:19:0B:FA:BF:35:40:57:29:B6:52:64:FB:87:09:C8:05:D8:1E:A7:B4:D4:0D:B6:7E:48:C5:A0:74:AB:99:61:D5:B5:80:47:BA:2E:BE:F7:EF:36:FA:CE:AF:05:DA:C9:F5:BD:31:91:88:B2:F4:A6:AB:97:C9:8C:11:8C:E6:D7:64:1F:2A:7C:E2:FE:0C:82:FA:14:F7:59:86:CC:AA:E6:4A:3E:6B:7F:AD:56:33:B8:AB:A6:63:F6:E3:7D:9F:A8:03:E9:A3:68:65:DC:8E:EF:27:A3:28:6E:8C:A7:4D:95:B4:54:1C:EC:A4:45:AE:73:76:1C:73:CC:5E:29:F1:1D:FC:3F:E8:ED:5F:46:63:EE:19:DB:C4:56:92:AD:28:42:F5:C2:6B:41:32:03:CE:35:A3:FF:74:47:39:9B:52:5E:A9:54:A8:14:DF:C6:8F:E5:A1:89:AC:62:E7:0B:3E:59:54:F9:C9:71:FE:15:07:1B:E5:74:EC:33:30:F3:46:29:A9:9A:A2:DD:57:36:0B:7B:97:56:BB:50:EF:96:9A:D3:C3:FA:74:21:4B:97:78:86:6A:1A:41:C5:79:1B:EE:37:76:B0:80:8C:A1:20:92:51:A4:78:50:F8:B1:26:7C:B3:10:EF:A5:90:8A:34:17:44" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 05:31:41", "not_valid_before": "2022-07-06 05:35:32" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.577) 0:00:17.606 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "02:AD:DA:38:F4:E2:5E:3D:60:C0:9D:C9:B6:8B:BA:75:33:70:48:A5" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "8B:B1:D9:51:2D:AB:96:82:D7:DE:81:C4:3C:74:C3:88:0E:75:78:C4" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "81:FD:45:93:74:42:57:FC:29:19:0B:FA:BF:35:40:57:29:B6:52:64:FB:87:09:C8:05:D8:1E:A7:B4:D4:0D:B6:7E:48:C5:A0:74:AB:99:61:D5:B5:80:47:BA:2E:BE:F7:EF:36:FA:CE:AF:05:DA:C9:F5:BD:31:91:88:B2:F4:A6:AB:97:C9:8C:11:8C:E6:D7:64:1F:2A:7C:E2:FE:0C:82:FA:14:F7:59:86:CC:AA:E6:4A:3E:6B:7F:AD:56:33:B8:AB:A6:63:F6:E3:7D:9F:A8:03:E9:A3:68:65:DC:8E:EF:27:A3:28:6E:8C:A7:4D:95:B4:54:1C:EC:A4:45:AE:73:76:1C:73:CC:5E:29:F1:1D:FC:3F:E8:ED:5F:46:63:EE:19:DB:C4:56:92:AD:28:42:F5:C2:6B:41:32:03:CE:35:A3:FF:74:47:39:9B:52:5E:A9:54:A8:14:DF:C6:8F:E5:A1:89:AC:62:E7:0B:3E:59:54:F9:C9:71:FE:15:07:1B:E5:74:EC:33:30:F3:46:29:A9:9A:A2:DD:57:36:0B:7B:97:56:BB:50:EF:96:9A:D3:C3:FA:74:21:4B:97:78:86:6A:1A:41:C5:79:1B:EE:37:76:B0:80:8C:A1:20:92:51:A4:78:50:F8:B1:26:7C:B3:10:EF:A5:90:8A:34:17:44" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 05:31:41", "not_valid_before": "2022-07-06 05:35:32" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.043) 0:00:17.650 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.046) 0:00:17.696 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.032) 0:00:17.729 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.045) 0:00:17.774 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.044) 0:00:17.818 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.048) 0:00:17.867 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.060753", "end": "2022-07-06 05:35:42.725893", "rc": 0, "start": "2022-07-06 05:35:42.665140" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.371) 0:00:18.238 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c.snap : ok=56 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Wednesday 06 July 2022 05:35:42 +0000 (0:00:00.051) 0:00:18.290 ******** =============================================================================== linux-system-roles.certificate : Ensure certificate requests ------------ 1.60s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 1.22s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 -- Install the package, force upgrade -------------------------------------- 1.13s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:11 ------------- Gathering Facts --------------------------------------------------------- 1.08s /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:2 ----------------------------------- Install the package, force upgrade -------------------------------------- 0.92s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:11 ------------- Install certreader ------------------------------------------------------ 0.83s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:18 ------------- Install certreader ------------------------------------------------------ 0.79s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:18 ------------- Gathering Facts --------------------------------------------------------- 0.72s /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:31 ---------------------------------- Parse certificate ------------------------------------------------------- 0.71s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:78 ------------- Gathering Facts --------------------------------------------------------- 0.70s /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:13 ---------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.67s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 - linux-system-roles.certificate : Ensure provider packages are installed --- 0.59s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 - Parse certificate ------------------------------------------------------- 0.58s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:78 ------------- Ensure python3 is installed --------------------------------------------- 0.57s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:6 -------------- Ensure python3 is installed --------------------------------------------- 0.55s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:6 -------------- Ensure user exists ------------------------------------------------------ 0.54s /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:5 ----------------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 - Ensure group "somegroup" exists ----------------------------------------- 0.46s /tmp/tmpqiz1ijmo/tests/tests_fs_attrs.yml:9 ----------------------------------- Retrieve certificate file stats ----------------------------------------- 0.43s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:26 ------------- linux-system-roles.certificate : Ensure ansible_facts used by role ------ 0.41s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2 ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpoau9jedf executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_fs_attrs.yml *************************************************** 3 plays in /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml PLAY [Ensure UID and GID exists] *********************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:2 Wednesday 06 July 2022 05:45:10 +0000 (0:00:00.013) 0:00:00.013 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [Ensure user exists] ****************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:5 Wednesday 06 July 2022 05:45:11 +0000 (0:00:01.056) 0:00:01.070 ******** changed: [/cache/centos-7.qcow2c.snap] => { "changed": true, "comment": "", "create_home": true, "group": 1040, "home": "/home/user1", "name": "user1", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1040 } TASK [Ensure group "somegroup" exists] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:9 Wednesday 06 July 2022 05:45:12 +0000 (0:00:00.561) 0:00:01.631 ******** changed: [/cache/centos-7.qcow2c.snap] => { "changed": true, "gid": 1041, "name": "somegroup", "state": "present", "system": false } META: ran handlers META: ran handlers PLAY [Issue certificate setting user/group] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:13 Wednesday 06 July 2022 05:45:12 +0000 (0:00:00.479) 0:00:02.111 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Wednesday 06 July 2022 05:45:13 +0000 (0:00:00.741) 0:00:02.852 ******** included: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for /cache/centos-7.qcow2c.snap TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2 Wednesday 06 July 2022 05:45:13 +0000 (0:00:00.029) 0:00:02.881 ******** ok: [/cache/centos-7.qcow2c.snap] TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:7 Wednesday 06 July 2022 05:45:13 +0000 (0:00:00.425) 0:00:03.307 ******** skipping: [/cache/centos-7.qcow2c.snap] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/centos-7.qcow2c.snap] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [/cache/centos-7.qcow2c.snap] => (item=CentOS_7.yml) => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/CentOS_7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.yml" } skipping: [/cache/centos-7.qcow2c.snap] => (item=CentOS_7.9.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.9.yml", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 Wednesday 06 July 2022 05:45:13 +0000 (0:00:00.053) 0:00:03.360 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22 Wednesday 06 July 2022 05:45:15 +0000 (0:00:01.244) 0:00:04.605 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-17.el7_9.x86_64 providing certmonger is already installed" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33 Wednesday 06 July 2022 05:45:15 +0000 (0:00:00.592) 0:00:05.197 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:59 Wednesday 06 July 2022 05:45:16 +0000 (0:00:00.486) 0:00:05.684 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88 Wednesday 06 July 2022 05:45:16 +0000 (0:00:00.398) 0:00:06.083 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Wed 2022-07-06 05:41:20 UTC", "ActiveEnterTimestampMonotonic": "176677201", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "system.slice syslog.target systemd-journald.socket network.target basic.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Wed 2022-07-06 05:41:20 UTC", "AssertTimestampMonotonic": "176662452", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2022-07-06 05:41:20 UTC", "ConditionTimestampMonotonic": "176662451", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "6092", "ExecMainStartTimestamp": "Wed 2022-07-06 05:41:20 UTC", "ExecMainStartTimestampMonotonic": "176663195", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2022-07-06 05:41:20 UTC", "InactiveExitTimestampMonotonic": "176663230", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14960", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14960", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "6092", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2022-07-06 05:41:20 UTC", "WatchdogTimestampMonotonic": "176677056", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 Wednesday 06 July 2022 05:45:17 +0000 (0:00:00.686) 0:00:06.769 ******** changed: [/cache/centos-7.qcow2c.snap] => (item={'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert_fs_attrs", "owner": "ftp" } } MSG: Certificate requested (new). File attributes updated. changed: [/cache/centos-7.qcow2c.snap] => (item={'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040 } } MSG: Certificate requested (new). File attributes updated. META: role_complete for /cache/centos-7.qcow2c.snap META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:31 Wednesday 06 July 2022 05:45:19 +0000 (0:00:01.818) 0:00:08.587 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:60 Wednesday 06 July 2022 05:45:19 +0000 (0:00:00.748) 0:00:09.336 ******** included: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c.snap => (item={'path': '/etc/pki/tls/certs/mycert_fs_attrs.crt', 'key_path': '/etc/pki/tls/private/mycert_fs_attrs.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 'ftp', 'group': 'ftp', 'mode': '0640'}) included: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c.snap => (item={'path': '/etc/pki/tls/certs/certid.crt', 'key_path': '/etc/pki/tls/private/certid.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 1040, 'group': 1041, 'mode': '0640'}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 05:45:19 +0000 (0:00:00.049) 0:00:09.385 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 05:45:20 +0000 (0:00:00.029) 0:00:09.414 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-18.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 05:45:20 +0000 (0:00:00.591) 0:00:10.006 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 05:45:21 +0000 (0:00:01.132) 0:00:11.138 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 05:45:22 +0000 (0:00:00.937) 0:00:12.076 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657086318.0393507, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4bdaf479d87e3e7bf8286bc6b4e09dce3707d03d", "ctime": 1657086318.1123507, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 9668431, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657086318.0363507, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_fs_attrs.crt", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1294, "uid": 14, "version": "18446744073326440996", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 05:45:23 +0000 (0:00:00.442) 0:00:12.518 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 05:45:23 +0000 (0:00:00.033) 0:00:12.552 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 05:45:23 +0000 (0:00:00.046) 0:00:12.598 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 05:45:23 +0000 (0:00:00.046) 0:00:12.645 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657086317.9903507, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "b977f51a2253f15f5fb4b08f7311f49f3a0f5e8a", "ctime": 1657086318.1123507, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 9668430, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657086318.0363507, "nlink": 1, "path": "/etc/pki/tls/private/mycert_fs_attrs.key", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 14, "version": "18446744072335363526", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 05:45:23 +0000 (0:00:00.342) 0:00:12.987 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 05:45:23 +0000 (0:00:00.035) 0:00:13.022 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 05:45:23 +0000 (0:00:00.051) 0:00:13.074 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert_fs_attrs.crt" ], "delta": "0:00:00.261328", "end": "2022-07-06 05:45:24.134891", "rc": 0, "start": "2022-07-06 05:45:23.873563" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "12:43:28:0D:0D:C1:C4:02:60:61:C5:CC:8F:65:CD:0F:27:94:DF:80", "critical": false }, "authorityKeyIdentifier": { "value": "86:6C:07:61:C3:94:A9:ED:89:69:38:21:CE:07:8B:89:13:CF:C0:06", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "A3:F4:94:B0:33:6F:6A:92:3D:A1:20:A1:94:51:9D:C9:FC:F7:58:80:A7:E3:9D:33:68:89:88:F9:97:FD:D5:32:7B:1E:C9:95:46:AC:E3:63:7B:BD:81:16:91:5A:C2:00:60:5D:09:46:1B:A3:01:23:65:D5:55:E3:1C:F6:85:5C:3E:F1:06:4B:45:EF:34:1F:41:03:35:82:AC:60:D9:9B:D7:08:AB:EF:27:C4:50:04:31:4E:86:1E:9F:07:40:0B:12:25:7B:38:6C:26:5D:BE:4D:22:9D:48:AE:D2:5F:E8:1A:6A:F9:1D:E0:F1:67:04:21:49:E9:24:BF:FB:9D:0E:1F:CB:09:F0:A0:45:A4:48:D3:7B:CF:E8:BD:24:BC:39:FC:4C:E0:B4:DC:15:E2:AB:1E:B8:67:30:AF:9B:44:9B:B8:37:7C:A0:FD:B7:30:79:72:70:F7:10:06:06:5C:E9:9E:8C:13:64:97:FD:A6:D6:BB:FF:0E:08:F9:14:6C:6B:1A:72:2F:DB:15:04:FA:47:24:D7:B3:47:04:2E:84:11:1F:A9:EA:73:53:F3:A6:DB:20:FE:C3:4D:2F:DD:B8:99:AF:A5:F8:DC:34:DC:2C:11:39:DE:4E:5B:5B:59:23:CF:D2:E1:FD:F2:36:80:D8:8F:1B:40:F2:5D:3D:9A:98:AC" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 05:41:20", "not_valid_before": "2022-07-06 05:45:18" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 05:45:24 +0000 (0:00:00.685) 0:00:13.760 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "86:6C:07:61:C3:94:A9:ED:89:69:38:21:CE:07:8B:89:13:CF:C0:06" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "12:43:28:0D:0D:C1:C4:02:60:61:C5:CC:8F:65:CD:0F:27:94:DF:80" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "A3:F4:94:B0:33:6F:6A:92:3D:A1:20:A1:94:51:9D:C9:FC:F7:58:80:A7:E3:9D:33:68:89:88:F9:97:FD:D5:32:7B:1E:C9:95:46:AC:E3:63:7B:BD:81:16:91:5A:C2:00:60:5D:09:46:1B:A3:01:23:65:D5:55:E3:1C:F6:85:5C:3E:F1:06:4B:45:EF:34:1F:41:03:35:82:AC:60:D9:9B:D7:08:AB:EF:27:C4:50:04:31:4E:86:1E:9F:07:40:0B:12:25:7B:38:6C:26:5D:BE:4D:22:9D:48:AE:D2:5F:E8:1A:6A:F9:1D:E0:F1:67:04:21:49:E9:24:BF:FB:9D:0E:1F:CB:09:F0:A0:45:A4:48:D3:7B:CF:E8:BD:24:BC:39:FC:4C:E0:B4:DC:15:E2:AB:1E:B8:67:30:AF:9B:44:9B:B8:37:7C:A0:FD:B7:30:79:72:70:F7:10:06:06:5C:E9:9E:8C:13:64:97:FD:A6:D6:BB:FF:0E:08:F9:14:6C:6B:1A:72:2F:DB:15:04:FA:47:24:D7:B3:47:04:2E:84:11:1F:A9:EA:73:53:F3:A6:DB:20:FE:C3:4D:2F:DD:B8:99:AF:A5:F8:DC:34:DC:2C:11:39:DE:4E:5B:5B:59:23:CF:D2:E1:FD:F2:36:80:D8:8F:1B:40:F2:5D:3D:9A:98:AC" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 05:41:20", "not_valid_before": "2022-07-06 05:45:18" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 05:45:24 +0000 (0:00:00.043) 0:00:13.803 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 05:45:24 +0000 (0:00:00.043) 0:00:13.846 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 05:45:24 +0000 (0:00:00.030) 0:00:13.877 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 05:45:24 +0000 (0:00:00.042) 0:00:13.919 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 05:45:24 +0000 (0:00:00.046) 0:00:13.966 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 05:45:24 +0000 (0:00:00.044) 0:00:14.010 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_fs_attrs.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.066571", "end": "2022-07-06 05:45:24.772079", "rc": 0, "start": "2022-07-06 05:45:24.705508" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 05:45:24 +0000 (0:00:00.382) 0:00:14.393 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 05:45:25 +0000 (0:00:00.045) 0:00:14.439 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 05:45:25 +0000 (0:00:00.028) 0:00:14.467 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-18.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 05:45:25 +0000 (0:00:00.571) 0:00:15.038 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 05:45:26 +0000 (0:00:00.993) 0:00:16.032 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 05:45:27 +0000 (0:00:00.825) 0:00:16.858 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657086318.8343508, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "446d03062bfe146aa99a4beabab3de005c67c36a", "ctime": 1657086318.9213507, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 9668425, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657086318.8313508, "nlink": 1, "path": "/etc/pki/tls/certs/certid.crt", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1294, "uid": 1040, "version": "18446744072037439077", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 05:45:27 +0000 (0:00:00.323) 0:00:17.181 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 05:45:27 +0000 (0:00:00.033) 0:00:17.215 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 05:45:27 +0000 (0:00:00.047) 0:00:17.262 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 05:45:27 +0000 (0:00:00.045) 0:00:17.308 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657086318.7863507, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "5e4b766b2a8678e40a59e5de2518cad9ff60b70a", "ctime": 1657086318.922351, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 9668418, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657086318.8313508, "nlink": 1, "path": "/etc/pki/tls/private/certid.key", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 1040, "version": "233231490", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 05:45:28 +0000 (0:00:00.343) 0:00:17.651 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 05:45:28 +0000 (0:00:00.034) 0:00:17.686 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 05:45:28 +0000 (0:00:00.047) 0:00:17.733 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/certid.crt" ], "delta": "0:00:00.263674", "end": "2022-07-06 05:45:28.686098", "rc": 0, "start": "2022-07-06 05:45:28.422424" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "DF:BC:B0:CF:E7:A3:1D:BF:90:72:2B:9C:1B:7B:6A:EE:2B:C4:5F:95", "critical": false }, "authorityKeyIdentifier": { "value": "86:6C:07:61:C3:94:A9:ED:89:69:38:21:CE:07:8B:89:13:CF:C0:06", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "9D:2B:9E:90:1A:95:88:2E:52:09:8A:6F:D3:B7:54:3E:87:DA:98:4E:E0:B8:DF:92:64:55:31:59:5C:1B:87:FE:87:5C:78:87:B1:47:12:E9:96:1F:EE:81:17:01:98:1F:22:27:82:6A:3A:89:F3:2D:CD:3D:C6:F8:21:E6:CE:1A:81:D1:12:2A:15:86:42:CA:61:D3:BF:06:8F:D2:57:A8:AC:29:99:7C:4A:99:C0:F1:AE:BF:85:4B:76:E8:10:04:96:F2:6C:03:9A:21:74:F5:51:55:D7:E8:0F:04:23:49:6E:4F:7F:C4:FC:27:80:A5:E0:E9:3E:B4:83:A0:16:E5:A0:5A:A0:67:4D:B8:3A:18:DE:DF:C2:44:F4:58:90:CC:E0:33:B6:57:98:30:85:FF:40:46:98:C8:93:05:BF:F8:78:BF:45:5F:C4:13:78:44:ED:51:E9:ED:97:7A:B4:39:44:79:6F:6A:1D:A4:DE:C3:5B:3C:7C:18:39:52:14:D5:3E:5D:C5:83:F8:4D:0D:F1:D8:C7:42:21:50:CC:DC:7A:FF:1C:26:4B:4A:CB:73:BC:B6:A1:A7:FC:BB:A7:88:02:7D:F1:CB:58:14:5A:1F:40:FF:F9:B5:F3:AF:05:92:7E:E4:42:37:31:3C:82:87:00:2A:36:5E:2D:5A:9E:48:E4" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 05:41:20", "not_valid_before": "2022-07-06 05:45:18" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 05:45:28 +0000 (0:00:00.576) 0:00:18.310 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "86:6C:07:61:C3:94:A9:ED:89:69:38:21:CE:07:8B:89:13:CF:C0:06" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "DF:BC:B0:CF:E7:A3:1D:BF:90:72:2B:9C:1B:7B:6A:EE:2B:C4:5F:95" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "9D:2B:9E:90:1A:95:88:2E:52:09:8A:6F:D3:B7:54:3E:87:DA:98:4E:E0:B8:DF:92:64:55:31:59:5C:1B:87:FE:87:5C:78:87:B1:47:12:E9:96:1F:EE:81:17:01:98:1F:22:27:82:6A:3A:89:F3:2D:CD:3D:C6:F8:21:E6:CE:1A:81:D1:12:2A:15:86:42:CA:61:D3:BF:06:8F:D2:57:A8:AC:29:99:7C:4A:99:C0:F1:AE:BF:85:4B:76:E8:10:04:96:F2:6C:03:9A:21:74:F5:51:55:D7:E8:0F:04:23:49:6E:4F:7F:C4:FC:27:80:A5:E0:E9:3E:B4:83:A0:16:E5:A0:5A:A0:67:4D:B8:3A:18:DE:DF:C2:44:F4:58:90:CC:E0:33:B6:57:98:30:85:FF:40:46:98:C8:93:05:BF:F8:78:BF:45:5F:C4:13:78:44:ED:51:E9:ED:97:7A:B4:39:44:79:6F:6A:1D:A4:DE:C3:5B:3C:7C:18:39:52:14:D5:3E:5D:C5:83:F8:4D:0D:F1:D8:C7:42:21:50:CC:DC:7A:FF:1C:26:4B:4A:CB:73:BC:B6:A1:A7:FC:BB:A7:88:02:7D:F1:CB:58:14:5A:1F:40:FF:F9:B5:F3:AF:05:92:7E:E4:42:37:31:3C:82:87:00:2A:36:5E:2D:5A:9E:48:E4" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 05:41:20", "not_valid_before": "2022-07-06 05:45:18" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 05:45:28 +0000 (0:00:00.042) 0:00:18.352 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 05:45:28 +0000 (0:00:00.042) 0:00:18.395 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 05:45:29 +0000 (0:00:00.031) 0:00:18.426 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 05:45:29 +0000 (0:00:00.042) 0:00:18.468 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 05:45:29 +0000 (0:00:00.042) 0:00:18.511 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 05:45:29 +0000 (0:00:00.041) 0:00:18.553 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.063854", "end": "2022-07-06 05:45:29.303459", "rc": 0, "start": "2022-07-06 05:45:29.239605" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 05:45:29 +0000 (0:00:00.371) 0:00:18.924 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c.snap : ok=56 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Wednesday 06 July 2022 05:45:29 +0000 (0:00:00.052) 0:00:18.976 ******** =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate requests ----- 1.82s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 1.24s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 Install the package, force upgrade -------------------------------------- 1.13s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Gathering Facts --------------------------------------------------------- 1.06s /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:2 ----------------------- Install the package, force upgrade -------------------------------------- 0.99s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Install certreader ------------------------------------------------------ 0.94s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Install certreader ------------------------------------------------------ 0.83s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Gathering Facts --------------------------------------------------------- 0.75s /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:31 ---------------------- Gathering Facts --------------------------------------------------------- 0.74s /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:13 ---------------------- fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.69s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88 Parse certificate ------------------------------------------------------- 0.69s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:74 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 0.59s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22 Ensure python3 is installed --------------------------------------------- 0.59s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Parse certificate ------------------------------------------------------- 0.58s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:74 - Ensure python3 is installed --------------------------------------------- 0.57s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Ensure user exists ------------------------------------------------------ 0.56s /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:5 ----------------------- fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33 Ensure group "somegroup" exists ----------------------------------------- 0.48s /tmp/tmp5ygcfjec/tests/certificate/tests_fs_attrs.yml:9 ----------------------- Retrieve certificate file stats ----------------------------------------- 0.44s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:26 - fedora.linux_system_roles.certificate : Ensure ansible_facts used by role --- 0.43s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2