ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpoau9jedf executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_no_auto_renew.yml ********************************************** 2 plays in /tmp/tmpqiz1ijmo/tests/tests_no_auto_renew.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tests_no_auto_renew.yml:2 Wednesday 06 July 2022 05:36:40 +0000 (0:00:00.015) 0:00:00.015 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:2 Wednesday 06 July 2022 05:36:41 +0000 (0:00:01.023) 0:00:01.038 ******** included: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml for /cache/centos-7.qcow2c.snap TASK [linux-system-roles.certificate : Ensure ansible_facts used by role] ****** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2 Wednesday 06 July 2022 05:36:41 +0000 (0:00:00.026) 0:00:01.065 ******** ok: [/cache/centos-7.qcow2c.snap] TASK [linux-system-roles.certificate : Set platform/version specific variables] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:8 Wednesday 06 July 2022 05:36:41 +0000 (0:00:00.434) 0:00:01.499 ******** skipping: [/cache/centos-7.qcow2c.snap] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/centos-7.qcow2c.snap] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [/cache/centos-7.qcow2c.snap] => (item=CentOS_7.yml) => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/vars/CentOS_7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.yml" } skipping: [/cache/centos-7.qcow2c.snap] => (item=CentOS_7.9.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.9.yml", "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 Wednesday 06 July 2022 05:36:41 +0000 (0:00:00.052) 0:00:01.552 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 Wednesday 06 July 2022 05:36:42 +0000 (0:00:01.179) 0:00:02.731 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-17.el7_9.x86_64 providing certmonger is already installed" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 Wednesday 06 July 2022 05:36:43 +0000 (0:00:00.596) 0:00:03.328 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:59 Wednesday 06 July 2022 05:36:43 +0000 (0:00:00.470) 0:00:03.799 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 Wednesday 06 July 2022 05:36:44 +0000 (0:00:00.345) 0:00:04.144 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Wed 2022-07-06 05:31:41 UTC", "ActiveEnterTimestampMonotonic": "172162297", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "systemd-journald.socket basic.target system.slice network.target syslog.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Wed 2022-07-06 05:31:41 UTC", "AssertTimestampMonotonic": "172148815", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2022-07-06 05:31:41 UTC", "ConditionTimestampMonotonic": "172148814", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "6078", "ExecMainStartTimestamp": "Wed 2022-07-06 05:31:41 UTC", "ExecMainStartTimestampMonotonic": "172149537", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2022-07-06 05:31:41 UTC", "InactiveExitTimestampMonotonic": "172149585", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14960", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14960", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "6078", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2022-07-06 05:31:41 UTC", "WatchdogTimestampMonotonic": "172162252", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 Wednesday 06 July 2022 05:36:44 +0000 (0:00:00.688) 0:00:04.833 ******** changed: [/cache/centos-7.qcow2c.snap] => (item={'name': 'mycert_no_auto_renew', 'dns': 'www.example.com', 'ca': 'self-sign', 'auto_renew': False}) => { "ansible_loop_var": "item", "changed": true, "item": { "auto_renew": false, "ca": "self-sign", "dns": "www.example.com", "name": "mycert_no_auto_renew" } } MSG: Certificate requested (new). changed: [/cache/centos-7.qcow2c.snap] => (item={'name': 'defaultcert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "defaultcert" } } MSG: Certificate requested (new). META: role_complete for /cache/centos-7.qcow2c.snap META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tests_no_auto_renew.yml:17 Wednesday 06 July 2022 05:36:46 +0000 (0:00:01.905) 0:00:06.739 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpqiz1ijmo/tests/tests_no_auto_renew.yml:42 Wednesday 06 July 2022 05:36:47 +0000 (0:00:00.717) 0:00:07.456 ******** included: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c.snap => (item={'path': '/etc/pki/tls/certs/mycert_no_auto_renew.crt', 'key_path': '/etc/pki/tls/private/mycert_no_auto_renew.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'auto_renew': False}) included: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c.snap => (item={'path': '/etc/pki/tls/certs/defaultcert.crt', 'key_path': '/etc/pki/tls/private/defaultcert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'auto_renew': True}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 05:36:47 +0000 (0:00:00.046) 0:00:07.502 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 05:36:47 +0000 (0:00:00.055) 0:00:07.558 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-18.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 05:36:48 +0000 (0:00:00.572) 0:00:08.131 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 05:36:49 +0000 (0:00:01.103) 0:00:09.235 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 05:36:50 +0000 (0:00:00.803) 0:00:10.038 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657085805.6933763, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "3687afea8e18f01d23491e1a8df6061972ffc6a1", "ctime": 1657085805.6903763, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 9668191, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657085805.6903763, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_no_auto_renew.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "18446744072276585822", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 05:36:50 +0000 (0:00:00.451) 0:00:10.490 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 05:36:50 +0000 (0:00:00.034) 0:00:10.524 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 05:36:50 +0000 (0:00:00.087) 0:00:10.611 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 05:36:50 +0000 (0:00:00.045) 0:00:10.657 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657085805.6463764, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "9b81d87adccfe9c994373cee5c233330970534f9", "ctime": 1657085805.6903763, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 9668190, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657085805.6903763, "nlink": 1, "path": "/etc/pki/tls/private/mycert_no_auto_renew.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744073524785939", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 05:36:51 +0000 (0:00:00.307) 0:00:10.964 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 05:36:51 +0000 (0:00:00.031) 0:00:10.995 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 05:36:51 +0000 (0:00:00.072) 0:00:11.068 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert_no_auto_renew.crt" ], "delta": "0:00:00.260408", "end": "2022-07-06 05:36:51.783196", "rc": 0, "start": "2022-07-06 05:36:51.522788" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "B9:50:E2:58:8F:86:9E:B4:8D:79:E5:9E:35:0E:16:5E:87:61:84:FE", "critical": false }, "authorityKeyIdentifier": { "value": "02:AD:DA:38:F4:E2:5E:3D:60:C0:9D:C9:B6:8B:BA:75:33:70:48:A5", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "2A:3B:2A:6B:25:F5:54:D1:30:6E:B7:C5:ED:32:42:41:89:1B:B9:45:BB:D1:E0:38:4E:47:30:1E:AB:44:DE:4F:73:15:82:B6:5F:73:43:00:65:4D:96:A4:11:52:01:77:38:34:FD:81:C1:10:C9:AF:05:98:F4:3E:9D:79:17:36:D3:D7:91:00:AE:DE:50:AE:54:16:E1:8D:8D:3E:80:7B:F3:E1:D5:6B:92:FF:38:E5:13:C6:B0:C1:A9:CA:18:3F:0B:8C:38:D8:60:A9:F0:0F:EB:49:A2:88:79:EF:15:EF:B0:90:48:DC:BB:C8:42:59:D1:7A:3E:D7:30:8F:57:15:6E:2E:11:68:FB:C9:7C:84:96:A1:28:14:31:E3:CC:5F:B6:0B:C8:CE:4E:83:8D:1C:C0:1E:E2:77:DD:BB:1F:66:CF:74:40:77:32:08:08:74:E1:D4:8B:3A:FA:97:C7:B9:A9:F3:97:59:F4:F4:39:15:69:97:39:C9:DF:6C:20:8F:97:B3:FA:15:D8:94:6B:AD:08:BA:B0:9F:B6:5F:1B:76:4C:B9:7A:30:F0:A3:92:3C:30:A3:87:A4:26:B8:E4:8B:2E:4E:ED:39:F7:A7:E8:36:C8:C7:B0:F9:24:7C:32:B3:9B:4E:BB:61:A7:39:E0:08:56:5E:CB:58:8E:38:B2:B2" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 05:31:41", "not_valid_before": "2022-07-06 05:36:45" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 05:36:51 +0000 (0:00:00.704) 0:00:11.773 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "02:AD:DA:38:F4:E2:5E:3D:60:C0:9D:C9:B6:8B:BA:75:33:70:48:A5" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "B9:50:E2:58:8F:86:9E:B4:8D:79:E5:9E:35:0E:16:5E:87:61:84:FE" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "2A:3B:2A:6B:25:F5:54:D1:30:6E:B7:C5:ED:32:42:41:89:1B:B9:45:BB:D1:E0:38:4E:47:30:1E:AB:44:DE:4F:73:15:82:B6:5F:73:43:00:65:4D:96:A4:11:52:01:77:38:34:FD:81:C1:10:C9:AF:05:98:F4:3E:9D:79:17:36:D3:D7:91:00:AE:DE:50:AE:54:16:E1:8D:8D:3E:80:7B:F3:E1:D5:6B:92:FF:38:E5:13:C6:B0:C1:A9:CA:18:3F:0B:8C:38:D8:60:A9:F0:0F:EB:49:A2:88:79:EF:15:EF:B0:90:48:DC:BB:C8:42:59:D1:7A:3E:D7:30:8F:57:15:6E:2E:11:68:FB:C9:7C:84:96:A1:28:14:31:E3:CC:5F:B6:0B:C8:CE:4E:83:8D:1C:C0:1E:E2:77:DD:BB:1F:66:CF:74:40:77:32:08:08:74:E1:D4:8B:3A:FA:97:C7:B9:A9:F3:97:59:F4:F4:39:15:69:97:39:C9:DF:6C:20:8F:97:B3:FA:15:D8:94:6B:AD:08:BA:B0:9F:B6:5F:1B:76:4C:B9:7A:30:F0:A3:92:3C:30:A3:87:A4:26:B8:E4:8B:2E:4E:ED:39:F7:A7:E8:36:C8:C7:B0:F9:24:7C:32:B3:9B:4E:BB:61:A7:39:E0:08:56:5E:CB:58:8E:38:B2:B2" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 05:31:41", "not_valid_before": "2022-07-06 05:36:45" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 05:36:51 +0000 (0:00:00.071) 0:00:11.845 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 05:36:51 +0000 (0:00:00.044) 0:00:11.889 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 05:36:52 +0000 (0:00:00.036) 0:00:11.925 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 05:36:52 +0000 (0:00:00.077) 0:00:12.002 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 05:36:52 +0000 (0:00:00.076) 0:00:12.079 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 05:36:52 +0000 (0:00:00.099) 0:00:12.178 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_no_auto_renew.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.079859", "end": "2022-07-06 05:36:52.596883", "rc": 0, "start": "2022-07-06 05:36:52.517024" } STDOUT: no TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 05:36:52 +0000 (0:00:00.404) 0:00:12.583 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 05:36:52 +0000 (0:00:00.045) 0:00:12.628 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 05:36:52 +0000 (0:00:00.028) 0:00:12.657 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-18.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 05:36:53 +0000 (0:00:00.564) 0:00:13.221 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 05:36:54 +0000 (0:00:00.948) 0:00:14.169 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 05:36:55 +0000 (0:00:00.828) 0:00:14.997 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657085806.6223764, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "c076d09994de3a32590240d120f9aab01bf41cae", "ctime": 1657085806.6183765, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 9668195, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657085806.6183765, "nlink": 1, "path": "/etc/pki/tls/certs/defaultcert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "18446744073610216224", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 05:36:55 +0000 (0:00:00.320) 0:00:15.318 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 05:36:55 +0000 (0:00:00.031) 0:00:15.349 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 05:36:55 +0000 (0:00:00.045) 0:00:15.395 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 05:36:55 +0000 (0:00:00.042) 0:00:15.437 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657085806.5733764, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "dd17b75791da2c464abd117f29ca58db21761134", "ctime": 1657085806.6183765, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 9668194, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657085806.6183765, "nlink": 1, "path": "/etc/pki/tls/private/defaultcert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072024158674", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 05:36:55 +0000 (0:00:00.308) 0:00:15.746 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 05:36:55 +0000 (0:00:00.033) 0:00:15.779 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 05:36:55 +0000 (0:00:00.047) 0:00:15.826 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/defaultcert.crt" ], "delta": "0:00:00.263011", "end": "2022-07-06 05:36:56.410838", "rc": 0, "start": "2022-07-06 05:36:56.147827" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "4B:03:10:82:8A:E0:F0:B0:3F:F9:71:E9:49:C4:A7:E1:4E:73:06:56", "critical": false }, "authorityKeyIdentifier": { "value": "02:AD:DA:38:F4:E2:5E:3D:60:C0:9D:C9:B6:8B:BA:75:33:70:48:A5", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "33:DD:8E:E5:E5:13:C2:CF:10:03:BC:90:C0:86:08:9C:5C:23:72:62:FA:74:B1:D2:C4:88:6E:C5:10:89:76:E9:66:07:8F:A8:E7:56:44:A7:09:18:C2:10:40:C8:C8:E4:EF:00:19:9E:FD:0B:F4:F7:23:5C:D3:5C:8E:AF:5E:16:40:8E:86:D2:F7:1C:1C:EE:F9:1D:93:5F:43:86:96:03:8C:65:D6:3E:97:C8:3A:89:54:05:C4:AC:5F:4E:C1:30:F5:55:0D:A3:7D:BE:F1:1F:26:BA:58:66:CA:F2:03:D4:DC:A6:1C:94:D4:7B:43:60:90:07:C5:C1:96:BF:55:9E:FF:78:0E:7C:C1:95:7B:2D:07:F2:36:85:06:DB:F6:02:28:D0:44:2B:91:17:FF:67:0F:26:F9:E5:7C:FD:EA:93:79:F9:53:F1:22:48:36:35:AA:CA:0E:8F:8F:CE:A6:CC:FB:39:E8:C4:64:CF:81:94:98:98:35:D9:20:89:95:96:A2:33:9E:2B:B5:F3:36:EA:53:88:EC:EF:FB:44:50:FD:A5:BA:C5:15:CB:B1:D0:70:DB:55:BA:8A:93:E9:D6:7F:3C:1D:7B:D2:7A:92:AC:38:7D:EE:E7:02:93:B1:ED:BD:51:06:4E:35:CD:D6:E1:3C:5A:1A:7C:9B:C8:F9:12:00" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 05:31:41", "not_valid_before": "2022-07-06 05:36:46" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 05:36:56 +0000 (0:00:00.572) 0:00:16.398 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "02:AD:DA:38:F4:E2:5E:3D:60:C0:9D:C9:B6:8B:BA:75:33:70:48:A5" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "4B:03:10:82:8A:E0:F0:B0:3F:F9:71:E9:49:C4:A7:E1:4E:73:06:56" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "33:DD:8E:E5:E5:13:C2:CF:10:03:BC:90:C0:86:08:9C:5C:23:72:62:FA:74:B1:D2:C4:88:6E:C5:10:89:76:E9:66:07:8F:A8:E7:56:44:A7:09:18:C2:10:40:C8:C8:E4:EF:00:19:9E:FD:0B:F4:F7:23:5C:D3:5C:8E:AF:5E:16:40:8E:86:D2:F7:1C:1C:EE:F9:1D:93:5F:43:86:96:03:8C:65:D6:3E:97:C8:3A:89:54:05:C4:AC:5F:4E:C1:30:F5:55:0D:A3:7D:BE:F1:1F:26:BA:58:66:CA:F2:03:D4:DC:A6:1C:94:D4:7B:43:60:90:07:C5:C1:96:BF:55:9E:FF:78:0E:7C:C1:95:7B:2D:07:F2:36:85:06:DB:F6:02:28:D0:44:2B:91:17:FF:67:0F:26:F9:E5:7C:FD:EA:93:79:F9:53:F1:22:48:36:35:AA:CA:0E:8F:8F:CE:A6:CC:FB:39:E8:C4:64:CF:81:94:98:98:35:D9:20:89:95:96:A2:33:9E:2B:B5:F3:36:EA:53:88:EC:EF:FB:44:50:FD:A5:BA:C5:15:CB:B1:D0:70:DB:55:BA:8A:93:E9:D6:7F:3C:1D:7B:D2:7A:92:AC:38:7D:EE:E7:02:93:B1:ED:BD:51:06:4E:35:CD:D6:E1:3C:5A:1A:7C:9B:C8:F9:12:00" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 05:31:41", "not_valid_before": "2022-07-06 05:36:46" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 05:36:56 +0000 (0:00:00.046) 0:00:16.444 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 05:36:56 +0000 (0:00:00.046) 0:00:16.491 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 05:36:56 +0000 (0:00:00.031) 0:00:16.523 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 05:36:56 +0000 (0:00:00.041) 0:00:16.565 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 05:36:56 +0000 (0:00:00.042) 0:00:16.607 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 05:36:56 +0000 (0:00:00.041) 0:00:16.648 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/defaultcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.078934", "end": "2022-07-06 05:36:57.045324", "rc": 0, "start": "2022-07-06 05:36:56.966390" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 05:36:57 +0000 (0:00:00.379) 0:00:17.028 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c.snap : ok=53 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Wednesday 06 July 2022 05:36:57 +0000 (0:00:00.052) 0:00:17.081 ******** =============================================================================== linux-system-roles.certificate : Ensure certificate requests ------------ 1.91s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 1.18s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 -- Install the package, force upgrade -------------------------------------- 1.10s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:11 ------------- Gathering Facts --------------------------------------------------------- 1.02s /tmp/tmpqiz1ijmo/tests/tests_no_auto_renew.yml:2 ------------------------------ Install the package, force upgrade -------------------------------------- 0.95s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:11 ------------- Install certreader ------------------------------------------------------ 0.83s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:18 ------------- Install certreader ------------------------------------------------------ 0.80s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:18 ------------- Gathering Facts --------------------------------------------------------- 0.72s /tmp/tmpqiz1ijmo/tests/tests_no_auto_renew.yml:17 ----------------------------- Parse certificate ------------------------------------------------------- 0.70s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:78 ------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.69s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 - linux-system-roles.certificate : Ensure provider packages are installed --- 0.60s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 - Ensure python3 is installed --------------------------------------------- 0.57s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:6 -------------- Parse certificate ------------------------------------------------------- 0.57s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:78 ------------- Ensure python3 is installed --------------------------------------------- 0.56s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:6 -------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.47s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 - Retrieve certificate file stats ----------------------------------------- 0.45s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:26 ------------- linux-system-roles.certificate : Ensure ansible_facts used by role ------ 0.43s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2 Retrieve auto-renew flag ------------------------------------------------ 0.41s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:141 ------------ Retrieve auto-renew flag ------------------------------------------------ 0.38s /tmp/tmpqiz1ijmo/tests/tasks/assert_certificate_parameters.yml:141 ------------ linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.35s /tmp/tmpqiz1ijmo/tests/roles/linux-system-roles.certificate/tasks/main.yml:59 - ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpoau9jedf executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_no_auto_renew.yml ********************************************** 2 plays in /tmp/tmp5ygcfjec/tests/certificate/tests_no_auto_renew.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tests_no_auto_renew.yml:2 Wednesday 06 July 2022 05:46:25 +0000 (0:00:00.015) 0:00:00.015 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Wednesday 06 July 2022 05:46:26 +0000 (0:00:01.096) 0:00:01.111 ******** included: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for /cache/centos-7.qcow2c.snap TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2 Wednesday 06 July 2022 05:46:26 +0000 (0:00:00.029) 0:00:01.140 ******** ok: [/cache/centos-7.qcow2c.snap] TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:7 Wednesday 06 July 2022 05:46:27 +0000 (0:00:00.440) 0:00:01.581 ******** skipping: [/cache/centos-7.qcow2c.snap] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/centos-7.qcow2c.snap] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [/cache/centos-7.qcow2c.snap] => (item=CentOS_7.yml) => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/CentOS_7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.yml" } skipping: [/cache/centos-7.qcow2c.snap] => (item=CentOS_7.9.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.9.yml", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 Wednesday 06 July 2022 05:46:27 +0000 (0:00:00.054) 0:00:01.636 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22 Wednesday 06 July 2022 05:46:28 +0000 (0:00:01.189) 0:00:02.826 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-17.el7_9.x86_64 providing certmonger is already installed" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33 Wednesday 06 July 2022 05:46:28 +0000 (0:00:00.588) 0:00:03.414 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:59 Wednesday 06 July 2022 05:46:29 +0000 (0:00:00.475) 0:00:03.889 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88 Wednesday 06 July 2022 05:46:29 +0000 (0:00:00.351) 0:00:04.241 ******** ok: [/cache/centos-7.qcow2c.snap] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Wed 2022-07-06 05:41:20 UTC", "ActiveEnterTimestampMonotonic": "176677201", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "system.slice syslog.target systemd-journald.socket network.target basic.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Wed 2022-07-06 05:41:20 UTC", "AssertTimestampMonotonic": "176662452", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2022-07-06 05:41:20 UTC", "ConditionTimestampMonotonic": "176662451", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "6092", "ExecMainStartTimestamp": "Wed 2022-07-06 05:41:20 UTC", "ExecMainStartTimestampMonotonic": "176663195", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2022-07-06 05:41:20 UTC", "InactiveExitTimestampMonotonic": "176663230", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14960", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14960", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "6092", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2022-07-06 05:41:20 UTC", "WatchdogTimestampMonotonic": "176677056", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 Wednesday 06 July 2022 05:46:30 +0000 (0:00:00.673) 0:00:04.914 ******** changed: [/cache/centos-7.qcow2c.snap] => (item={'name': 'mycert_no_auto_renew', 'dns': 'www.example.com', 'ca': 'self-sign', 'auto_renew': False}) => { "ansible_loop_var": "item", "changed": true, "item": { "auto_renew": false, "ca": "self-sign", "dns": "www.example.com", "name": "mycert_no_auto_renew" } } MSG: Certificate requested (new). changed: [/cache/centos-7.qcow2c.snap] => (item={'name': 'defaultcert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "defaultcert" } } MSG: Certificate requested (new). META: role_complete for /cache/centos-7.qcow2c.snap META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tests_no_auto_renew.yml:17 Wednesday 06 July 2022 05:46:32 +0000 (0:00:01.769) 0:00:06.684 ******** ok: [/cache/centos-7.qcow2c.snap] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tests_no_auto_renew.yml:42 Wednesday 06 July 2022 05:46:32 +0000 (0:00:00.727) 0:00:07.411 ******** included: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c.snap => (item={'path': '/etc/pki/tls/certs/mycert_no_auto_renew.crt', 'key_path': '/etc/pki/tls/private/mycert_no_auto_renew.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'auto_renew': False}) included: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c.snap => (item={'path': '/etc/pki/tls/certs/defaultcert.crt', 'key_path': '/etc/pki/tls/private/defaultcert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'auto_renew': True}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 05:46:32 +0000 (0:00:00.054) 0:00:07.466 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 05:46:33 +0000 (0:00:00.058) 0:00:07.525 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-18.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 05:46:33 +0000 (0:00:00.580) 0:00:08.105 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 05:46:34 +0000 (0:00:01.094) 0:00:09.200 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 05:46:35 +0000 (0:00:00.817) 0:00:10.018 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657086391.0543509, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "a43998c81e21d8e5c5c76262a349cab1a03ee0c8", "ctime": 1657086391.0513508, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 9668095, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657086391.0513508, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_no_auto_renew.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "18446744073066990371", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 05:46:36 +0000 (0:00:00.459) 0:00:10.478 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 05:46:36 +0000 (0:00:00.068) 0:00:10.546 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 05:46:36 +0000 (0:00:00.092) 0:00:10.639 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 05:46:36 +0000 (0:00:00.044) 0:00:10.683 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657086391.0053508, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "9b0cecf32e6eaac49aab72f3a0cbabe5acc7fe59", "ctime": 1657086391.0513508, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 9668094, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657086391.0513508, "nlink": 1, "path": "/etc/pki/tls/private/mycert_no_auto_renew.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "881245669", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 05:46:36 +0000 (0:00:00.331) 0:00:11.015 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 05:46:36 +0000 (0:00:00.061) 0:00:11.076 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 05:46:36 +0000 (0:00:00.073) 0:00:11.149 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert_no_auto_renew.crt" ], "delta": "0:00:00.262369", "end": "2022-07-06 05:46:37.140010", "rc": 0, "start": "2022-07-06 05:46:36.877641" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "2F:FE:56:09:FD:45:5F:00:FB:E0:0A:3D:85:68:71:77:87:8B:2A:4B", "critical": false }, "authorityKeyIdentifier": { "value": "86:6C:07:61:C3:94:A9:ED:89:69:38:21:CE:07:8B:89:13:CF:C0:06", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "6E:08:E0:C6:7F:3D:88:55:23:7A:80:BC:F1:FB:0F:FD:AB:5A:2F:58:61:B4:36:7F:46:47:1E:A6:3D:37:69:A4:84:7A:40:6A:C9:35:50:1C:10:9E:71:C2:D8:91:21:4A:16:1F:56:E8:C0:FB:15:86:A2:C1:BF:44:72:78:B5:9B:50:50:17:E4:07:B3:20:6F:B0:EE:7D:F7:51:C7:71:E3:28:6C:1D:29:35:0F:01:D5:22:88:67:D1:BB:EA:66:C6:89:F2:99:FD:44:BA:0A:61:40:25:2A:B9:67:8E:3B:23:C3:96:F8:E6:E7:0E:8A:4F:C9:71:8E:31:15:9D:F1:8B:5A:3A:96:B0:B5:3B:7C:49:0D:C5:EA:F7:18:33:AE:38:8C:66:55:FC:A2:1B:C7:FF:49:6B:BB:FB:47:5A:D5:82:3C:ED:17:78:37:D8:C3:F5:4C:A8:2B:B8:DA:87:24:DD:CC:A9:76:FE:7C:4F:38:30:DE:20:00:94:F3:FE:F4:5C:88:6B:2B:E5:89:23:FB:53:07:D2:C9:7C:9E:5B:3D:17:92:F2:1C:F8:58:5E:2A:2D:47:D9:67:C9:26:79:C2:25:3B:BA:90:67:E5:0E:53:07:B2:9D:82:54:2E:43:B2:36:93:76:BC:0F:9E:CD:43:26:81:DA:EB:AF:97:23:4A:5E" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 05:41:20", "not_valid_before": "2022-07-06 05:46:31" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 05:46:37 +0000 (0:00:00.697) 0:00:11.847 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "86:6C:07:61:C3:94:A9:ED:89:69:38:21:CE:07:8B:89:13:CF:C0:06" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "2F:FE:56:09:FD:45:5F:00:FB:E0:0A:3D:85:68:71:77:87:8B:2A:4B" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "6E:08:E0:C6:7F:3D:88:55:23:7A:80:BC:F1:FB:0F:FD:AB:5A:2F:58:61:B4:36:7F:46:47:1E:A6:3D:37:69:A4:84:7A:40:6A:C9:35:50:1C:10:9E:71:C2:D8:91:21:4A:16:1F:56:E8:C0:FB:15:86:A2:C1:BF:44:72:78:B5:9B:50:50:17:E4:07:B3:20:6F:B0:EE:7D:F7:51:C7:71:E3:28:6C:1D:29:35:0F:01:D5:22:88:67:D1:BB:EA:66:C6:89:F2:99:FD:44:BA:0A:61:40:25:2A:B9:67:8E:3B:23:C3:96:F8:E6:E7:0E:8A:4F:C9:71:8E:31:15:9D:F1:8B:5A:3A:96:B0:B5:3B:7C:49:0D:C5:EA:F7:18:33:AE:38:8C:66:55:FC:A2:1B:C7:FF:49:6B:BB:FB:47:5A:D5:82:3C:ED:17:78:37:D8:C3:F5:4C:A8:2B:B8:DA:87:24:DD:CC:A9:76:FE:7C:4F:38:30:DE:20:00:94:F3:FE:F4:5C:88:6B:2B:E5:89:23:FB:53:07:D2:C9:7C:9E:5B:3D:17:92:F2:1C:F8:58:5E:2A:2D:47:D9:67:C9:26:79:C2:25:3B:BA:90:67:E5:0E:53:07:B2:9D:82:54:2E:43:B2:36:93:76:BC:0F:9E:CD:43:26:81:DA:EB:AF:97:23:4A:5E" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 05:41:20", "not_valid_before": "2022-07-06 05:46:31" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 05:46:37 +0000 (0:00:00.044) 0:00:11.891 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 05:46:37 +0000 (0:00:00.051) 0:00:11.943 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 05:46:37 +0000 (0:00:00.034) 0:00:11.977 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 05:46:37 +0000 (0:00:00.048) 0:00:12.025 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 05:46:37 +0000 (0:00:00.048) 0:00:12.073 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 05:46:37 +0000 (0:00:00.047) 0:00:12.120 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_no_auto_renew.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.076724", "end": "2022-07-06 05:46:37.821410", "rc": 0, "start": "2022-07-06 05:46:37.744686" } STDOUT: no TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 05:46:38 +0000 (0:00:00.406) 0:00:12.527 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 05:46:38 +0000 (0:00:00.045) 0:00:12.572 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 05:46:38 +0000 (0:00:00.029) 0:00:12.602 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-18.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 05:46:38 +0000 (0:00:00.581) 0:00:13.184 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 05:46:39 +0000 (0:00:00.978) 0:00:14.162 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 05:46:40 +0000 (0:00:00.810) 0:00:14.973 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657086391.7943509, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "2d702329d803daad8ce66b1543788eacc33d1cf1", "ctime": 1657086391.7893507, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 9668099, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657086391.7893507, "nlink": 1, "path": "/etc/pki/tls/certs/defaultcert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "18446744073341988125", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 05:46:40 +0000 (0:00:00.347) 0:00:15.320 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 05:46:40 +0000 (0:00:00.033) 0:00:15.353 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 05:46:40 +0000 (0:00:00.048) 0:00:15.402 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 05:46:40 +0000 (0:00:00.044) 0:00:15.447 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "stat": { "atime": 1657086391.7443507, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "465bb0bf18bf1fa13622097d22bf7657ac4d142d", "ctime": 1657086391.7893507, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 9668098, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657086391.7893507, "nlink": 1, "path": "/etc/pki/tls/private/defaultcert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072930026678", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 05:46:41 +0000 (0:00:00.330) 0:00:15.777 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 05:46:41 +0000 (0:00:00.033) 0:00:15.810 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 05:46:41 +0000 (0:00:00.048) 0:00:15.859 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/defaultcert.crt" ], "delta": "0:00:00.261982", "end": "2022-07-06 05:46:41.728185", "rc": 0, "start": "2022-07-06 05:46:41.466203" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "5E:D9:CE:96:82:34:B1:5F:75:F6:BC:FB:9A:B6:23:3B:16:EA:94:5D", "critical": false }, "authorityKeyIdentifier": { "value": "86:6C:07:61:C3:94:A9:ED:89:69:38:21:CE:07:8B:89:13:CF:C0:06", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "2C:6D:C1:DE:13:7A:C7:0A:15:8D:42:AC:D2:CE:1D:A2:CA:7F:E8:7B:4A:02:75:92:55:52:D7:A9:1C:2F:12:FB:7D:6A:6F:53:2D:F5:3D:AD:BE:78:47:51:C1:02:30:80:F5:C7:D4:40:20:EC:15:F8:73:37:05:9E:1D:72:E3:0A:B7:D6:E7:61:4C:89:49:1B:36:88:33:16:71:D3:53:D8:3C:E6:50:45:9B:84:97:5D:79:B3:13:D2:56:34:1B:FE:6A:C7:B4:83:1E:DB:80:20:9F:B6:FD:45:CC:C1:5E:56:77:70:2C:61:1C:1A:7B:C9:3F:02:45:24:90:98:EC:E5:FB:BF:AD:D0:B8:6A:EE:BE:49:C8:4A:F7:22:E2:26:AE:F4:CF:FC:CA:77:F3:BA:F4:ED:BE:44:AB:5F:59:A5:B4:40:F2:DA:0A:EF:5A:00:52:3C:EA:AF:7C:A5:34:34:F6:3A:50:E9:6E:D0:4B:13:57:55:0B:00:EB:7B:DD:B3:C9:10:74:9F:B2:F0:C0:A3:99:25:35:DB:BE:EF:C2:25:EC:99:22:C0:3A:32:B7:6F:B7:49:6A:0C:EB:42:70:8F:FE:F7:BA:68:E0:E8:63:CE:1B:76:2F:DC:AD:A1:49:CF:2A:EF:8C:D3:66:75:7D:92:11:B2:1D:03:68:B1:2F:F3:4E" }, "key_size": 2048, "validity": { "not_valid_after": "2023-07-06 05:41:20", "not_valid_before": "2022-07-06 05:46:31" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 05:46:41 +0000 (0:00:00.577) 0:00:16.436 ******** ok: [/cache/centos-7.qcow2c.snap] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "86:6C:07:61:C3:94:A9:ED:89:69:38:21:CE:07:8B:89:13:CF:C0:06" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "5E:D9:CE:96:82:34:B1:5F:75:F6:BC:FB:9A:B6:23:3B:16:EA:94:5D" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "2C:6D:C1:DE:13:7A:C7:0A:15:8D:42:AC:D2:CE:1D:A2:CA:7F:E8:7B:4A:02:75:92:55:52:D7:A9:1C:2F:12:FB:7D:6A:6F:53:2D:F5:3D:AD:BE:78:47:51:C1:02:30:80:F5:C7:D4:40:20:EC:15:F8:73:37:05:9E:1D:72:E3:0A:B7:D6:E7:61:4C:89:49:1B:36:88:33:16:71:D3:53:D8:3C:E6:50:45:9B:84:97:5D:79:B3:13:D2:56:34:1B:FE:6A:C7:B4:83:1E:DB:80:20:9F:B6:FD:45:CC:C1:5E:56:77:70:2C:61:1C:1A:7B:C9:3F:02:45:24:90:98:EC:E5:FB:BF:AD:D0:B8:6A:EE:BE:49:C8:4A:F7:22:E2:26:AE:F4:CF:FC:CA:77:F3:BA:F4:ED:BE:44:AB:5F:59:A5:B4:40:F2:DA:0A:EF:5A:00:52:3C:EA:AF:7C:A5:34:34:F6:3A:50:E9:6E:D0:4B:13:57:55:0B:00:EB:7B:DD:B3:C9:10:74:9F:B2:F0:C0:A3:99:25:35:DB:BE:EF:C2:25:EC:99:22:C0:3A:32:B7:6F:B7:49:6A:0C:EB:42:70:8F:FE:F7:BA:68:E0:E8:63:CE:1B:76:2F:DC:AD:A1:49:CF:2A:EF:8C:D3:66:75:7D:92:11:B2:1D:03:68:B1:2F:F3:4E" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2023-07-06 05:41:20", "not_valid_before": "2022-07-06 05:46:31" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 05:46:42 +0000 (0:00:00.044) 0:00:16.481 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 05:46:42 +0000 (0:00:00.046) 0:00:16.527 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 05:46:42 +0000 (0:00:00.039) 0:00:16.567 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 05:46:42 +0000 (0:00:00.046) 0:00:16.613 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 05:46:42 +0000 (0:00:00.048) 0:00:16.662 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 05:46:42 +0000 (0:00:00.046) 0:00:16.708 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/defaultcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.065651", "end": "2022-07-06 05:46:42.381583", "rc": 0, "start": "2022-07-06 05:46:42.315932" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 05:46:42 +0000 (0:00:00.379) 0:00:17.087 ******** ok: [/cache/centos-7.qcow2c.snap] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c.snap : ok=53 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Wednesday 06 July 2022 05:46:42 +0000 (0:00:00.053) 0:00:17.141 ******** =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate requests ----- 1.77s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 1.19s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 Gathering Facts --------------------------------------------------------- 1.10s /tmp/tmp5ygcfjec/tests/certificate/tests_no_auto_renew.yml:2 ------------------ Install the package, force upgrade -------------------------------------- 1.09s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Install the package, force upgrade -------------------------------------- 0.98s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Install certreader ------------------------------------------------------ 0.82s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Install certreader ------------------------------------------------------ 0.81s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Gathering Facts --------------------------------------------------------- 0.73s /tmp/tmp5ygcfjec/tests/certificate/tests_no_auto_renew.yml:17 ----------------- Parse certificate ------------------------------------------------------- 0.70s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:74 - fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.67s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88 fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 0.59s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22 Ensure python3 is installed --------------------------------------------- 0.58s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Ensure python3 is installed --------------------------------------------- 0.58s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Parse certificate ------------------------------------------------------- 0.58s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:74 - fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.48s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33 Retrieve certificate file stats ----------------------------------------- 0.46s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:26 - fedora.linux_system_roles.certificate : Ensure ansible_facts used by role --- 0.44s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2 Retrieve auto-renew flag ------------------------------------------------ 0.41s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:132 Retrieve auto-renew flag ------------------------------------------------ 0.38s /tmp/tmp5ygcfjec/tests/certificate/tasks/assert_certificate_parameters.yml:132 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.35s /tmp/tmpoau9jedf/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:59