ansible-playbook [core 2.12.6]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /tmp/tmpt8vnebz7
executable location = /usr/bin/ansible-playbook
python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)]
jinja version = 2.11.3
libyaml = True
Using /etc/ansible/ansible.cfg as config file
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: rhel-8_setup.yml *****************************************************
1 plays in /cache/rhel-8_setup.yml
PLAY [Setup repos] *************************************************************
META: ran handlers
TASK [set up internal repositories] ********************************************
task path: /cache/rhel-8_setup.yml:5
Wednesday 06 July 2022 22:42:10 +0000 (0:00:00.018) 0:00:00.019 ********
ok: [/cache/rhel-8.qcow2] => (item=None) => {
"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
"changed": false
}
ok: [/cache/rhel-8.qcow2] => (item=None) => {
"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
"changed": false
}
ok: [/cache/rhel-8.qcow2] => (item=None) => {
"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
"changed": false
}
ok: [/cache/rhel-8.qcow2] => {
"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
"changed": false
}
META: ran handlers
META: ran handlers
PLAY RECAP *********************************************************************
/cache/rhel-8.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Wednesday 06 July 2022 22:42:11 +0000 (0:00:01.305) 0:00:01.324 ********
===============================================================================
set up internal repositories -------------------------------------------- 1.31s
/cache/rhel-8_setup.yml:5 -----------------------------------------------------
PLAYBOOK: tests_many_self_signed.yml *******************************************
2 plays in /tmp/tmplpebei7w/tests/tests_many_self_signed.yml
PLAY [Issue many self-signed certificates] *************************************
TASK [Gathering Facts] *********************************************************
task path: /tmp/tmplpebei7w/tests/tests_many_self_signed.yml:2
Wednesday 06 July 2022 22:42:11 +0000 (0:00:00.041) 0:00:01.366 ********
ok: [/cache/rhel-8.qcow2]
META: ran handlers
TASK [linux-system-roles.certificate : Set version specific variables] *********
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:2
Wednesday 06 July 2022 22:42:12 +0000 (0:00:01.070) 0:00:02.436 ********
included: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml for /cache/rhel-8.qcow2
TASK [linux-system-roles.certificate : Ensure ansible_facts used by role] ******
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2
Wednesday 06 July 2022 22:42:12 +0000 (0:00:00.026) 0:00:02.463 ********
ok: [/cache/rhel-8.qcow2]
TASK [linux-system-roles.certificate : Set platform/version specific variables] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:8
Wednesday 06 July 2022 22:42:13 +0000 (0:00:00.507) 0:00:02.970 ********
skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml) => {
"ansible_loop_var": "item",
"changed": false,
"item": "RedHat.yml",
"skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml) => {
"ansible_loop_var": "item",
"changed": false,
"item": "RedHat.yml",
"skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.yml) => {
"ansible_loop_var": "item",
"changed": false,
"item": "RedHat_8.yml",
"skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.6.yml) => {
"ansible_loop_var": "item",
"changed": false,
"item": "RedHat_8.6.yml",
"skip_reason": "Conditional result was False"
}
TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:5
Wednesday 06 July 2022 22:42:13 +0000 (0:00:00.040) 0:00:03.011 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [linux-system-roles.certificate : Ensure provider packages are installed] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:22
Wednesday 06 July 2022 22:42:15 +0000 (0:00:01.539) 0:00:04.551 ********
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:33
Wednesday 06 July 2022 22:42:16 +0000 (0:00:01.329) 0:00:05.880 ********
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": false,
"gid": 0,
"group": "root",
"mode": "0700",
"owner": "root",
"path": "/etc/certmonger//pre-scripts",
"secontext": "unconfined_u:object_r:etc_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] ***
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:59
Wednesday 06 July 2022 22:42:16 +0000 (0:00:00.540) 0:00:06.420 ********
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": false,
"gid": 0,
"group": "root",
"mode": "0700",
"owner": "root",
"path": "/etc/certmonger//post-scripts",
"secontext": "unconfined_u:object_r:etc_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
TASK [linux-system-roles.certificate : Ensure provider service is running] *****
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:88
Wednesday 06 July 2022 22:42:17 +0000 (0:00:00.400) 0:00:06.821 ********
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": false,
"enabled": true,
"name": "certmonger",
"state": "started",
"status": {
"ActiveEnterTimestamp": "Wed 2022-07-06 18:36:04 EDT",
"ActiveEnterTimestampMonotonic": "228945850",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "sysinit.target dbus.service dbus.socket syslog.target network.target system.slice systemd-journald.socket basic.target",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "yes",
"AssertTimestamp": "Wed 2022-07-06 18:36:04 EDT",
"AssertTimestampMonotonic": "228933431",
"Before": "multi-user.target shutdown.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "[not set]",
"BusName": "org.fedorahosted.certmonger",
"CPUAccounting": "no",
"CPUAffinity": "",
"CPUAffinityFromNUMA": "no",
"CPUQuotaPerSecUSec": "infinity",
"CPUQuotaPeriodUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "[not set]",
"CPUUsageNSec": "[not set]",
"CPUWeight": "[not set]",
"CacheDirectoryMode": "0755",
"CanFreeze": "yes",
"CanIsolate": "no",
"CanReload": "no",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf",
"CollectMode": "inactive",
"ConditionResult": "yes",
"ConditionTimestamp": "Wed 2022-07-06 18:36:04 EDT",
"ConditionTimestampMonotonic": "228933431",
"ConfigurationDirectoryMode": "0755",
"Conflicts": "shutdown.target",
"ControlGroup": "/system.slice/certmonger.service",
"ControlPID": "0",
"DefaultDependencies": "yes",
"DefaultMemoryLow": "0",
"DefaultMemoryMin": "0",
"Delegate": "no",
"Description": "Certificate monitoring and PKI enrollment",
"DevicePolicy": "auto",
"DynamicUser": "no",
"EffectiveCPUs": "",
"EffectiveMemoryNodes": "",
"EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)",
"ExecMainCode": "0",
"ExecMainExitTimestampMonotonic": "0",
"ExecMainPID": "23911",
"ExecMainStartTimestamp": "Wed 2022-07-06 18:36:04 EDT",
"ExecMainStartTimestampMonotonic": "228934830",
"ExecMainStatus": "0",
"ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"FailureAction": "none",
"FileDescriptorStoreMax": "0",
"FragmentPath": "/usr/lib/systemd/system/certmonger.service",
"FreezerState": "running",
"GID": "[not set]",
"GuessMainPID": "yes",
"IOAccounting": "no",
"IOSchedulingClass": "0",
"IOSchedulingPriority": "0",
"IOWeight": "[not set]",
"IPAccounting": "no",
"IPEgressBytes": "18446744073709551615",
"IPEgressPackets": "18446744073709551615",
"IPIngressBytes": "18446744073709551615",
"IPIngressPackets": "18446744073709551615",
"Id": "certmonger.service",
"IgnoreOnIsolate": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestamp": "Wed 2022-07-06 18:36:04 EDT",
"InactiveExitTimestampMonotonic": "228934872",
"InvocationID": "73d85d6be97a474c9524444a92253530",
"JobRunningTimeoutUSec": "infinity",
"JobTimeoutAction": "none",
"JobTimeoutUSec": "infinity",
"KeyringMode": "private",
"KillMode": "control-group",
"KillSignal": "15",
"LimitAS": "infinity",
"LimitASSoft": "infinity",
"LimitCORE": "infinity",
"LimitCORESoft": "0",
"LimitCPU": "infinity",
"LimitCPUSoft": "infinity",
"LimitDATA": "infinity",
"LimitDATASoft": "infinity",
"LimitFSIZE": "infinity",
"LimitFSIZESoft": "infinity",
"LimitLOCKS": "infinity",
"LimitLOCKSSoft": "infinity",
"LimitMEMLOCK": "65536",
"LimitMEMLOCKSoft": "65536",
"LimitMSGQUEUE": "819200",
"LimitMSGQUEUESoft": "819200",
"LimitNICE": "0",
"LimitNICESoft": "0",
"LimitNOFILE": "262144",
"LimitNOFILESoft": "1024",
"LimitNPROC": "14648",
"LimitNPROCSoft": "14648",
"LimitRSS": "infinity",
"LimitRSSSoft": "infinity",
"LimitRTPRIO": "0",
"LimitRTPRIOSoft": "0",
"LimitRTTIME": "infinity",
"LimitRTTIMESoft": "infinity",
"LimitSIGPENDING": "14648",
"LimitSIGPENDINGSoft": "14648",
"LimitSTACK": "infinity",
"LimitSTACKSoft": "8388608",
"LoadState": "loaded",
"LockPersonality": "no",
"LogLevelMax": "-1",
"LogRateLimitBurst": "0",
"LogRateLimitIntervalUSec": "0",
"LogsDirectoryMode": "0755",
"MainPID": "23911",
"MemoryAccounting": "yes",
"MemoryCurrent": "3997696",
"MemoryDenyWriteExecute": "no",
"MemoryHigh": "infinity",
"MemoryLimit": "infinity",
"MemoryLow": "0",
"MemoryMax": "infinity",
"MemoryMin": "0",
"MemorySwapMax": "infinity",
"MountAPIVFS": "no",
"MountFlags": "",
"NFileDescriptorStore": "0",
"NRestarts": "0",
"NUMAMask": "",
"NUMAPolicy": "n/a",
"Names": "certmonger.service",
"NeedDaemonReload": "no",
"Nice": "0",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"NotifyAccess": "none",
"OOMScoreAdjust": "0",
"OnFailureJobMode": "replace",
"PIDFile": "/run/certmonger.pid",
"PartOf": "dbus.service",
"PermissionsStartOnly": "no",
"Perpetual": "no",
"PrivateDevices": "no",
"PrivateMounts": "no",
"PrivateNetwork": "no",
"PrivateTmp": "no",
"PrivateUsers": "no",
"ProtectControlGroups": "no",
"ProtectHome": "no",
"ProtectKernelModules": "no",
"ProtectKernelTunables": "no",
"ProtectSystem": "no",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"RemainAfterExit": "no",
"RemoveIPC": "no",
"Requires": "sysinit.target system.slice dbus.socket",
"Restart": "no",
"RestartUSec": "100ms",
"RestrictNamespaces": "no",
"RestrictRealtime": "no",
"RestrictSUIDSGID": "no",
"Result": "success",
"RootDirectoryStartOnly": "no",
"RuntimeDirectoryMode": "0755",
"RuntimeDirectoryPreserve": "no",
"RuntimeMaxUSec": "infinity",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"StandardError": "inherit",
"StandardInput": "null",
"StandardInputData": "",
"StandardOutput": "journal",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitIntervalUSec": "10s",
"StartupBlockIOWeight": "[not set]",
"StartupCPUShares": "[not set]",
"StartupCPUWeight": "[not set]",
"StartupIOWeight": "[not set]",
"StateChangeTimestamp": "Wed 2022-07-06 18:36:04 EDT",
"StateChangeTimestampMonotonic": "228945850",
"StateDirectoryMode": "0755",
"StatusErrno": "0",
"StopWhenUnneeded": "no",
"SubState": "running",
"SuccessAction": "none",
"SyslogFacility": "3",
"SyslogLevel": "6",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"SystemCallErrorNumber": "0",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TasksAccounting": "yes",
"TasksCurrent": "1",
"TasksMax": "23436",
"TimeoutStartUSec": "1min 30s",
"TimeoutStopUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Transient": "no",
"Type": "dbus",
"UID": "[not set]",
"UMask": "0022",
"UnitFilePreset": "disabled",
"UnitFileState": "enabled",
"UtmpMode": "init",
"WantedBy": "multi-user.target",
"WatchdogTimestamp": "Wed 2022-07-06 18:36:04 EDT",
"WatchdogTimestampMonotonic": "228945849",
"WatchdogUSec": "0"
}
}
TASK [linux-system-roles.certificate : Ensure certificate requests] ************
task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:100
Wednesday 06 July 2022 22:42:18 +0000 (0:00:00.766) 0:00:07.587 ********
changed: [/cache/rhel-8.qcow2] => (item={'name': 'mycert_many_self_signed', 'dns': 'www.example.com', 'ca': 'self-sign'}) => {
"ansible_loop_var": "item",
"changed": true,
"item": {
"ca": "self-sign",
"dns": "www.example.com",
"name": "mycert_many_self_signed"
}
}
MSG:
Certificate requested (new).
changed: [/cache/rhel-8.qcow2] => (item={'name': 'other-cert', 'dns': 'www.example.org', 'ca': 'self-sign'}) => {
"ansible_loop_var": "item",
"changed": true,
"item": {
"ca": "self-sign",
"dns": "www.example.org",
"name": "other-cert"
}
}
MSG:
Certificate requested (new).
changed: [/cache/rhel-8.qcow2] => (item={'name': 'another-cert', 'dns': 'www.example.net', 'ca': 'self-sign'}) => {
"ansible_loop_var": "item",
"changed": true,
"item": {
"ca": "self-sign",
"dns": "www.example.net",
"name": "another-cert"
}
}
MSG:
Certificate requested (new).
META: role_complete for /cache/rhel-8.qcow2
META: ran handlers
META: ran handlers
PLAY [Verify certificate] ******************************************************
TASK [Gathering Facts] *********************************************************
task path: /tmp/tmplpebei7w/tests/tests_many_self_signed.yml:18
Wednesday 06 July 2022 22:42:20 +0000 (0:00:02.750) 0:00:10.338 ********
ok: [/cache/rhel-8.qcow2]
META: ran handlers
TASK [Verify each certificate] *************************************************
task path: /tmp/tmplpebei7w/tests/tests_many_self_signed.yml:50
Wednesday 06 July 2022 22:42:21 +0000 (0:00:00.791) 0:00:11.130 ********
included: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert_many_self_signed.crt', 'key_path': '/etc/pki/tls/private/mycert_many_self_signed.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]})
included: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/other-cert.crt', 'key_path': '/etc/pki/tls/private/other-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.org'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.org'}]})
included: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/another-cert.crt', 'key_path': '/etc/pki/tls/private/another-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.net'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.net'}]})
TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022 22:42:21 +0000 (0:00:00.053) 0:00:11.183 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"__virtualenv_path": "/tmp/certificate-tests-venv"
},
"changed": false
}
TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022 22:42:21 +0000 (0:00:00.068) 0:00:11.252 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022 22:42:23 +0000 (0:00:01.308) 0:00:12.561 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"-U",
"pip"
],
"name": [
"pip"
],
"requirements": null,
"state": "latest",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)
TASK [Install certreader] ******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022 22:42:24 +0000 (0:00:01.155) 0:00:13.717 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"cryptography<35",
"certreader>=0.1.1"
],
"name": [
"cryptography<35",
"certreader>=0.1.1"
],
"requirements": null,
"state": "present",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)
TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022 22:42:25 +0000 (0:00:00.921) 0:00:14.638 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657147338.29998,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "c07fceee288a9366d4e27ff2b5e0fc2de848b9c9",
"ctime": 1657147338.29698,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 753329,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657147338.29698,
"nlink": 1,
"path": "/etc/pki/tls/certs/mycert_many_self_signed.crt",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1294,
"uid": 0,
"version": "2990485192",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022 22:42:25 +0000 (0:00:00.510) 0:00:15.148 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022 22:42:25 +0000 (0:00:00.031) 0:00:15.180 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:49
Wednesday 06 July 2022 22:42:25 +0000 (0:00:00.047) 0:00:15.228 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:55
Wednesday 06 July 2022 22:42:25 +0000 (0:00:00.049) 0:00:15.278 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657147338.2499797,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "9595778bcf16ea7382c2d658b01acb70b5419900",
"ctime": 1657147338.29698,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 8400368,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657147338.29698,
"nlink": 1,
"path": "/etc/pki/tls/private/mycert_many_self_signed.key",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1704,
"uid": 0,
"version": "3893091959",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:60
Wednesday 06 July 2022 22:42:26 +0000 (0:00:00.382) 0:00:15.660 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:66
Wednesday 06 July 2022 22:42:26 +0000 (0:00:00.038) 0:00:15.699 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Parse certificate] *******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78
Wednesday 06 July 2022 22:42:26 +0000 (0:00:00.054) 0:00:15.754 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/certreader2json",
"/etc/pki/tls/certs/mycert_many_self_signed.crt"
],
"delta": "0:00:00.224157",
"end": "2022-07-06 18:42:26.374513",
"rc": 0,
"start": "2022-07-06 18:42:26.150356"
}
STDOUT:
{
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.com"
}
],
"extensions": {
"keyUsage": {
"value": [
"digital_signature",
"key_encipherment"
],
"critical": false
},
"subjectAltName": {
"value": [
{
"name": "DNS",
"value": "www.example.com"
}
],
"critical": false
},
"extendedKeyUsage": {
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
],
"critical": false
},
"basicConstraints": {
"value": {
"ca": false
},
"critical": true
},
"subjectKeyIdentifier": {
"value": "A7:60:19:84:7A:11:37:94:11:D2:8E:62:7E:66:01:B4:34:6A:93:90",
"critical": false
},
"authorityKeyIdentifier": {
"value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A",
"critical": false
}
},
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "11:A7:22:FD:29:C0:E3:EE:AC:6A:D2:74:72:86:CC:3F:33:12:FC:2C:50:E0:A5:5A:70:46:5F:13:3E:E8:55:7F:97:56:C9:BE:3F:3D:7B:E6:A2:C9:DB:20:EC:CC:39:7F:ED:A5:E5:8C:52:8E:80:F9:CE:BD:54:71:00:FD:80:B2:53:A5:70:5F:E5:7E:F1:A6:D5:9B:F1:A1:2E:DB:CD:35:94:D0:CB:53:08:38:DB:ED:77:3C:CD:AC:52:E9:1E:96:86:7D:AE:7C:B1:B3:C2:77:22:B4:FA:A5:F6:70:8B:AB:FE:66:89:7A:AC:9E:15:7F:65:E2:BD:2D:9F:2F:7E:41:35:12:C8:84:6C:E1:38:E5:30:66:BE:3A:71:D8:0A:60:D6:67:DB:D1:68:4D:94:85:30:FE:E5:7C:87:E0:1E:1F:8C:AA:5F:1E:D5:7E:D2:EA:C1:41:3C:FD:8B:37:2C:88:4C:21:E3:1C:A0:A3:62:F6:28:23:E2:5D:BB:70:57:04:2C:E7:64:58:AF:93:43:49:35:E0:A9:6B:D9:A7:9C:E7:CF:71:5F:88:DD:C5:01:2D:94:70:52:4A:BC:AD:31:DD:AB:E1:C1:51:80:08:CF:F4:C1:9F:FE:42:24:9B:91:E9:81:EF:74:FC:2F:E1:E4:36:6A:0C:BF:45:AB:48:34:F3"
},
"key_size": 2048,
"validity": {
"not_valid_after": "2023-07-06 22:36:04",
"not_valid_before": "2022-07-06 22:42:18"
}
}
TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022 22:42:26 +0000 (0:00:00.712) 0:00:16.466 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"cert_issued": {
"extensions": {
"authorityKeyIdentifier": {
"critical": false,
"value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A"
},
"basicConstraints": {
"critical": true,
"value": {
"ca": false
}
},
"extendedKeyUsage": {
"critical": false,
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
]
},
"keyUsage": {
"critical": false,
"value": [
"digital_signature",
"key_encipherment"
]
},
"subjectAltName": {
"critical": false,
"value": [
{
"name": "DNS",
"value": "www.example.com"
}
]
},
"subjectKeyIdentifier": {
"critical": false,
"value": "A7:60:19:84:7A:11:37:94:11:D2:8E:62:7E:66:01:B4:34:6A:93:90"
}
},
"key_size": 2048,
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "11:A7:22:FD:29:C0:E3:EE:AC:6A:D2:74:72:86:CC:3F:33:12:FC:2C:50:E0:A5:5A:70:46:5F:13:3E:E8:55:7F:97:56:C9:BE:3F:3D:7B:E6:A2:C9:DB:20:EC:CC:39:7F:ED:A5:E5:8C:52:8E:80:F9:CE:BD:54:71:00:FD:80:B2:53:A5:70:5F:E5:7E:F1:A6:D5:9B:F1:A1:2E:DB:CD:35:94:D0:CB:53:08:38:DB:ED:77:3C:CD:AC:52:E9:1E:96:86:7D:AE:7C:B1:B3:C2:77:22:B4:FA:A5:F6:70:8B:AB:FE:66:89:7A:AC:9E:15:7F:65:E2:BD:2D:9F:2F:7E:41:35:12:C8:84:6C:E1:38:E5:30:66:BE:3A:71:D8:0A:60:D6:67:DB:D1:68:4D:94:85:30:FE:E5:7C:87:E0:1E:1F:8C:AA:5F:1E:D5:7E:D2:EA:C1:41:3C:FD:8B:37:2C:88:4C:21:E3:1C:A0:A3:62:F6:28:23:E2:5D:BB:70:57:04:2C:E7:64:58:AF:93:43:49:35:E0:A9:6B:D9:A7:9C:E7:CF:71:5F:88:DD:C5:01:2D:94:70:52:4A:BC:AD:31:DD:AB:E1:C1:51:80:08:CF:F4:C1:9F:FE:42:24:9B:91:E9:81:EF:74:FC:2F:E1:E4:36:6A:0C:BF:45:AB:48:34:F3"
},
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.com"
}
],
"validity": {
"not_valid_after": "2023-07-06 22:36:04",
"not_valid_before": "2022-07-06 22:42:18"
}
}
},
"changed": false
}
TASK [Verify certificate subject] **********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:87
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.043) 0:00:16.510 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:96
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.045) 0:00:16.555 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key size] *********************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:105
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.033) 0:00:16.589 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:112
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.046) 0:00:16.635 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:125
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.046) 0:00:16.682 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.047) 0:00:16.729 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_many_self_signed.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
"delta": "0:00:00.071303",
"end": "2022-07-06 18:42:27.097312",
"rc": 0,
"start": "2022-07-06 18:42:27.026009"
}
STDOUT:
yes
TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:150
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.464) 0:00:17.194 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.046) 0:00:17.241 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"__virtualenv_path": "/tmp/certificate-tests-venv"
},
"changed": false
}
TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022 22:42:27 +0000 (0:00:00.027) 0:00:17.268 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022 22:42:29 +0000 (0:00:01.298) 0:00:18.567 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"-U",
"pip"
],
"name": [
"pip"
],
"requirements": null,
"state": "latest",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)
TASK [Install certreader] ******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022 22:42:30 +0000 (0:00:01.015) 0:00:19.582 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"cryptography<35",
"certreader>=0.1.1"
],
"name": [
"cryptography<35",
"certreader>=0.1.1"
],
"requirements": null,
"state": "present",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)
TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022 22:42:30 +0000 (0:00:00.876) 0:00:20.459 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657147339.1789799,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "5009fc968e6f54acbf40a1ed6860f0e27fbade99",
"ctime": 1657147339.1759799,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 753330,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657147339.1759799,
"nlink": 1,
"path": "/etc/pki/tls/certs/other-cert.crt",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1294,
"uid": 0,
"version": "3579992711",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022 22:42:31 +0000 (0:00:00.378) 0:00:20.838 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022 22:42:31 +0000 (0:00:00.030) 0:00:20.868 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:49
Wednesday 06 July 2022 22:42:31 +0000 (0:00:00.044) 0:00:20.913 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:55
Wednesday 06 July 2022 22:42:31 +0000 (0:00:00.041) 0:00:20.954 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657147339.1299798,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "781347e06b01f44a0c23f451e6426af3535e1490",
"ctime": 1657147339.1759799,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 8400369,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657147339.1759799,
"nlink": 1,
"path": "/etc/pki/tls/private/other-cert.key",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1708,
"uid": 0,
"version": "3359062817",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:60
Wednesday 06 July 2022 22:42:31 +0000 (0:00:00.376) 0:00:21.330 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:66
Wednesday 06 July 2022 22:42:31 +0000 (0:00:00.039) 0:00:21.370 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Parse certificate] *******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78
Wednesday 06 July 2022 22:42:31 +0000 (0:00:00.046) 0:00:21.416 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/certreader2json",
"/etc/pki/tls/certs/other-cert.crt"
],
"delta": "0:00:00.235301",
"end": "2022-07-06 18:42:31.929141",
"rc": 0,
"start": "2022-07-06 18:42:31.693840"
}
STDOUT:
{
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.org"
}
],
"extensions": {
"keyUsage": {
"value": [
"digital_signature",
"key_encipherment"
],
"critical": false
},
"subjectAltName": {
"value": [
{
"name": "DNS",
"value": "www.example.org"
}
],
"critical": false
},
"extendedKeyUsage": {
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
],
"critical": false
},
"basicConstraints": {
"value": {
"ca": false
},
"critical": true
},
"subjectKeyIdentifier": {
"value": "D2:6B:32:54:89:C5:53:FC:39:6F:6A:A4:2A:63:2C:F1:4B:0B:65:D0",
"critical": false
},
"authorityKeyIdentifier": {
"value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A",
"critical": false
}
},
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "94:52:27:90:4E:3E:5E:56:72:E0:22:EC:6A:1C:2F:AE:C2:FE:6A:9A:CA:E8:19:44:E7:2D:E0:FF:AA:68:10:A7:81:B2:F4:65:4B:2C:A4:0D:96:D2:27:72:4E:FE:24:30:AC:B8:87:6A:98:68:C3:44:88:33:33:74:2E:F1:28:38:38:9D:E8:4A:69:5C:7E:1D:3E:06:21:1E:B1:4A:B7:33:5D:63:B0:24:E0:3A:B8:66:15:D5:C5:C7:06:70:ED:E8:98:41:9C:82:1C:1E:33:E1:23:28:72:91:89:E5:02:3B:9F:C4:19:4A:9D:57:4C:04:C3:8B:12:DF:6C:F0:B1:81:CE:43:1A:E4:F6:5C:FC:7E:B9:8A:B1:09:E2:A1:B8:3C:19:98:22:07:BD:A2:5C:F0:A2:C3:80:DE:D3:FD:A1:57:79:04:47:31:96:00:60:C9:38:D1:81:4A:25:D9:F5:F0:9B:70:E8:2C:24:D0:32:17:26:52:3D:11:81:B4:73:18:68:9C:D1:9F:43:18:FF:B9:EE:AB:48:CC:53:99:99:33:93:8D:4D:3A:BC:01:67:A6:15:F9:5F:65:39:35:36:83:6E:8A:B5:CD:56:1F:EA:15:E7:27:DD:CD:A7:47:FA:C5:28:0C:BA:77:61:45:B6:1A:C3:CA:57:D0:96:51:7C:6F"
},
"key_size": 2048,
"validity": {
"not_valid_after": "2023-07-06 22:36:04",
"not_valid_before": "2022-07-06 22:42:19"
}
}
TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022 22:42:32 +0000 (0:00:00.606) 0:00:22.023 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"cert_issued": {
"extensions": {
"authorityKeyIdentifier": {
"critical": false,
"value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A"
},
"basicConstraints": {
"critical": true,
"value": {
"ca": false
}
},
"extendedKeyUsage": {
"critical": false,
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
]
},
"keyUsage": {
"critical": false,
"value": [
"digital_signature",
"key_encipherment"
]
},
"subjectAltName": {
"critical": false,
"value": [
{
"name": "DNS",
"value": "www.example.org"
}
]
},
"subjectKeyIdentifier": {
"critical": false,
"value": "D2:6B:32:54:89:C5:53:FC:39:6F:6A:A4:2A:63:2C:F1:4B:0B:65:D0"
}
},
"key_size": 2048,
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "94:52:27:90:4E:3E:5E:56:72:E0:22:EC:6A:1C:2F:AE:C2:FE:6A:9A:CA:E8:19:44:E7:2D:E0:FF:AA:68:10:A7:81:B2:F4:65:4B:2C:A4:0D:96:D2:27:72:4E:FE:24:30:AC:B8:87:6A:98:68:C3:44:88:33:33:74:2E:F1:28:38:38:9D:E8:4A:69:5C:7E:1D:3E:06:21:1E:B1:4A:B7:33:5D:63:B0:24:E0:3A:B8:66:15:D5:C5:C7:06:70:ED:E8:98:41:9C:82:1C:1E:33:E1:23:28:72:91:89:E5:02:3B:9F:C4:19:4A:9D:57:4C:04:C3:8B:12:DF:6C:F0:B1:81:CE:43:1A:E4:F6:5C:FC:7E:B9:8A:B1:09:E2:A1:B8:3C:19:98:22:07:BD:A2:5C:F0:A2:C3:80:DE:D3:FD:A1:57:79:04:47:31:96:00:60:C9:38:D1:81:4A:25:D9:F5:F0:9B:70:E8:2C:24:D0:32:17:26:52:3D:11:81:B4:73:18:68:9C:D1:9F:43:18:FF:B9:EE:AB:48:CC:53:99:99:33:93:8D:4D:3A:BC:01:67:A6:15:F9:5F:65:39:35:36:83:6E:8A:B5:CD:56:1F:EA:15:E7:27:DD:CD:A7:47:FA:C5:28:0C:BA:77:61:45:B6:1A:C3:CA:57:D0:96:51:7C:6F"
},
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.org"
}
],
"validity": {
"not_valid_after": "2023-07-06 22:36:04",
"not_valid_before": "2022-07-06 22:42:19"
}
}
},
"changed": false
}
TASK [Verify certificate subject] **********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:87
Wednesday 06 July 2022 22:42:32 +0000 (0:00:00.041) 0:00:22.065 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:96
Wednesday 06 July 2022 22:42:32 +0000 (0:00:00.042) 0:00:22.107 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key size] *********************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:105
Wednesday 06 July 2022 22:42:32 +0000 (0:00:00.032) 0:00:22.140 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:112
Wednesday 06 July 2022 22:42:32 +0000 (0:00:00.046) 0:00:22.186 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:125
Wednesday 06 July 2022 22:42:32 +0000 (0:00:00.044) 0:00:22.231 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022 22:42:32 +0000 (0:00:00.045) 0:00:22.276 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
"delta": "0:00:00.070078",
"end": "2022-07-06 18:42:32.634108",
"rc": 0,
"start": "2022-07-06 18:42:32.564030"
}
STDOUT:
yes
TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:150
Wednesday 06 July 2022 22:42:33 +0000 (0:00:00.455) 0:00:22.732 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022 22:42:33 +0000 (0:00:00.048) 0:00:22.781 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"__virtualenv_path": "/tmp/certificate-tests-venv"
},
"changed": false
}
TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022 22:42:33 +0000 (0:00:00.026) 0:00:22.807 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022 22:42:34 +0000 (0:00:01.292) 0:00:24.100 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"-U",
"pip"
],
"name": [
"pip"
],
"requirements": null,
"state": "latest",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)
TASK [Install certreader] ******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022 22:42:35 +0000 (0:00:01.086) 0:00:25.186 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"cryptography<35",
"certreader>=0.1.1"
],
"name": [
"cryptography<35",
"certreader>=0.1.1"
],
"requirements": null,
"state": "present",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)
TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022 22:42:36 +0000 (0:00:00.874) 0:00:26.060 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657147340.1509798,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "615770ce774da163cba3effa551d3d8511db16a3",
"ctime": 1657147340.1479797,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 754242,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657147340.1479797,
"nlink": 1,
"path": "/etc/pki/tls/certs/another-cert.crt",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1294,
"uid": 0,
"version": "3476297616",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022 22:42:36 +0000 (0:00:00.374) 0:00:26.435 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022 22:42:36 +0000 (0:00:00.032) 0:00:26.467 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:49
Wednesday 06 July 2022 22:42:37 +0000 (0:00:00.079) 0:00:26.547 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:55
Wednesday 06 July 2022 22:42:37 +0000 (0:00:00.073) 0:00:26.621 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657147340.1009798,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "30b318befbc1d91a2adc96439f47fcda90495cec",
"ctime": 1657147340.1479797,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 8400370,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657147340.1479797,
"nlink": 1,
"path": "/etc/pki/tls/private/another-cert.key",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1704,
"uid": 0,
"version": "2196278691",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:60
Wednesday 06 July 2022 22:42:37 +0000 (0:00:00.383) 0:00:27.004 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:66
Wednesday 06 July 2022 22:42:37 +0000 (0:00:00.031) 0:00:27.036 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Parse certificate] *******************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78
Wednesday 06 July 2022 22:42:37 +0000 (0:00:00.075) 0:00:27.111 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/certreader2json",
"/etc/pki/tls/certs/another-cert.crt"
],
"delta": "0:00:00.231366",
"end": "2022-07-06 18:42:37.647385",
"rc": 0,
"start": "2022-07-06 18:42:37.416019"
}
STDOUT:
{
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.net"
}
],
"extensions": {
"keyUsage": {
"value": [
"digital_signature",
"key_encipherment"
],
"critical": false
},
"subjectAltName": {
"value": [
{
"name": "DNS",
"value": "www.example.net"
}
],
"critical": false
},
"extendedKeyUsage": {
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
],
"critical": false
},
"basicConstraints": {
"value": {
"ca": false
},
"critical": true
},
"subjectKeyIdentifier": {
"value": "E2:8A:AC:10:18:94:EB:50:F7:3B:7F:C2:E2:A4:3B:A5:35:EA:32:56",
"critical": false
},
"authorityKeyIdentifier": {
"value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A",
"critical": false
}
},
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "1F:BE:02:F6:18:EA:A9:1F:E8:06:B2:80:76:04:3F:7E:F9:98:6D:C9:AF:29:9D:81:0B:00:39:7A:29:F2:01:B6:39:E4:0C:FC:CD:D9:91:A8:71:4D:53:3A:D2:9B:09:96:6C:1B:B3:A9:2A:F4:63:E3:84:FE:17:7C:5D:75:26:C9:62:D9:22:01:DA:BA:7B:C6:47:CA:E2:6B:37:20:85:43:F5:58:A3:23:0F:5C:8C:CC:3F:CA:66:E9:76:01:30:D6:02:EE:57:06:6F:88:61:01:94:9C:5E:12:61:04:C5:8C:E1:27:8A:81:28:7D:A4:6C:7B:3C:96:85:BE:3C:DB:24:E3:1E:4F:36:19:CF:7B:AC:22:0A:E8:79:84:6B:86:C1:47:DD:5A:9D:DE:AF:C6:4B:3E:B4:3B:0F:46:72:FB:B4:91:ED:A1:6E:1E:29:F9:A2:F5:8B:05:51:25:D0:C9:1F:4E:61:ED:B0:A9:35:E2:FE:8B:5F:B0:93:04:B4:D3:BF:62:25:AF:91:CC:DB:0C:A9:FE:85:80:FB:70:C1:49:47:B4:C5:58:D2:5C:4F:2B:30:5E:28:39:C3:86:0F:A1:76:5B:1A:DC:D5:DB:1D:0B:AB:D3:36:51:63:E9:80:E4:F1:7C:FA:67:73:65:30:36:BF:BC:94:30:E1:56:2C:C6:82"
},
"key_size": 2048,
"validity": {
"not_valid_after": "2023-07-06 22:36:04",
"not_valid_before": "2022-07-06 22:42:20"
}
}
TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022 22:42:38 +0000 (0:00:00.628) 0:00:27.739 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"cert_issued": {
"extensions": {
"authorityKeyIdentifier": {
"critical": false,
"value": "59:31:B7:F8:0D:08:12:16:0A:D4:E8:FA:0B:BD:91:65:C9:DC:60:5A"
},
"basicConstraints": {
"critical": true,
"value": {
"ca": false
}
},
"extendedKeyUsage": {
"critical": false,
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
]
},
"keyUsage": {
"critical": false,
"value": [
"digital_signature",
"key_encipherment"
]
},
"subjectAltName": {
"critical": false,
"value": [
{
"name": "DNS",
"value": "www.example.net"
}
]
},
"subjectKeyIdentifier": {
"critical": false,
"value": "E2:8A:AC:10:18:94:EB:50:F7:3B:7F:C2:E2:A4:3B:A5:35:EA:32:56"
}
},
"key_size": 2048,
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "1F:BE:02:F6:18:EA:A9:1F:E8:06:B2:80:76:04:3F:7E:F9:98:6D:C9:AF:29:9D:81:0B:00:39:7A:29:F2:01:B6:39:E4:0C:FC:CD:D9:91:A8:71:4D:53:3A:D2:9B:09:96:6C:1B:B3:A9:2A:F4:63:E3:84:FE:17:7C:5D:75:26:C9:62:D9:22:01:DA:BA:7B:C6:47:CA:E2:6B:37:20:85:43:F5:58:A3:23:0F:5C:8C:CC:3F:CA:66:E9:76:01:30:D6:02:EE:57:06:6F:88:61:01:94:9C:5E:12:61:04:C5:8C:E1:27:8A:81:28:7D:A4:6C:7B:3C:96:85:BE:3C:DB:24:E3:1E:4F:36:19:CF:7B:AC:22:0A:E8:79:84:6B:86:C1:47:DD:5A:9D:DE:AF:C6:4B:3E:B4:3B:0F:46:72:FB:B4:91:ED:A1:6E:1E:29:F9:A2:F5:8B:05:51:25:D0:C9:1F:4E:61:ED:B0:A9:35:E2:FE:8B:5F:B0:93:04:B4:D3:BF:62:25:AF:91:CC:DB:0C:A9:FE:85:80:FB:70:C1:49:47:B4:C5:58:D2:5C:4F:2B:30:5E:28:39:C3:86:0F:A1:76:5B:1A:DC:D5:DB:1D:0B:AB:D3:36:51:63:E9:80:E4:F1:7C:FA:67:73:65:30:36:BF:BC:94:30:E1:56:2C:C6:82"
},
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.net"
}
],
"validity": {
"not_valid_after": "2023-07-06 22:36:04",
"not_valid_before": "2022-07-06 22:42:20"
}
}
},
"changed": false
}
TASK [Verify certificate subject] **********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:87
Wednesday 06 July 2022 22:42:38 +0000 (0:00:00.073) 0:00:27.812 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:96
Wednesday 06 July 2022 22:42:38 +0000 (0:00:00.074) 0:00:27.886 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key size] *********************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:105
Wednesday 06 July 2022 22:42:38 +0000 (0:00:00.031) 0:00:27.918 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:112
Wednesday 06 July 2022 22:42:38 +0000 (0:00:00.069) 0:00:27.988 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:125
Wednesday 06 July 2022 22:42:38 +0000 (0:00:00.073) 0:00:28.061 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022 22:42:38 +0000 (0:00:00.072) 0:00:28.134 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
"delta": "0:00:00.071580",
"end": "2022-07-06 18:42:38.516249",
"rc": 0,
"start": "2022-07-06 18:42:38.444669"
}
STDOUT:
yes
TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:150
Wednesday 06 July 2022 22:42:39 +0000 (0:00:00.473) 0:00:28.608 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
META: ran handlers
META: ran handlers
PLAY RECAP *********************************************************************
/cache/rhel-8.qcow2 : ok=74 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
Wednesday 06 July 2022 22:42:39 +0000 (0:00:00.084) 0:00:28.692 ********
===============================================================================
linux-system-roles.certificate : Ensure certificate requests ------------ 2.75s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:100
linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 1.54s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 --
linux-system-roles.certificate : Ensure provider packages are installed --- 1.33s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 -
Ensure python3 is installed --------------------------------------------- 1.31s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6 --------------
set up internal repositories -------------------------------------------- 1.31s
/cache/rhel-8_setup.yml:5 -----------------------------------------------------
Ensure python3 is installed --------------------------------------------- 1.30s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6 --------------
Ensure python3 is installed --------------------------------------------- 1.29s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6 --------------
Install the package, force upgrade -------------------------------------- 1.16s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 -------------
Install the package, force upgrade -------------------------------------- 1.09s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 -------------
Gathering Facts --------------------------------------------------------- 1.07s
/tmp/tmplpebei7w/tests/tests_many_self_signed.yml:2 ---------------------------
Install the package, force upgrade -------------------------------------- 1.02s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 -------------
Install certreader ------------------------------------------------------ 0.92s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 -------------
Install certreader ------------------------------------------------------ 0.88s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 -------------
Install certreader ------------------------------------------------------ 0.87s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 -------------
Gathering Facts --------------------------------------------------------- 0.79s
/tmp/tmplpebei7w/tests/tests_many_self_signed.yml:18 --------------------------
linux-system-roles.certificate : Ensure provider service is running ----- 0.77s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 -
Parse certificate ------------------------------------------------------- 0.71s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78 -------------
Parse certificate ------------------------------------------------------- 0.63s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78 -------------
Parse certificate ------------------------------------------------------- 0.61s
/tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78 -------------
linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.54s
/tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 -
ansible-playbook [core 2.12.6]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /tmp/tmpt8vnebz7
executable location = /usr/bin/ansible-playbook
python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)]
jinja version = 2.11.3
libyaml = True
Using /etc/ansible/ansible.cfg as config file
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: rhel-8_setup.yml *****************************************************
1 plays in /cache/rhel-8_setup.yml
PLAY [Setup repos] *************************************************************
META: ran handlers
TASK [set up internal repositories] ********************************************
task path: /cache/rhel-8_setup.yml:5
Wednesday 06 July 2022 22:54:45 +0000 (0:00:00.018) 0:00:00.018 ********
ok: [/cache/rhel-8.qcow2] => (item=None) => {
"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
"changed": false
}
ok: [/cache/rhel-8.qcow2] => (item=None) => {
"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
"changed": false
}
ok: [/cache/rhel-8.qcow2] => (item=None) => {
"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
"changed": false
}
ok: [/cache/rhel-8.qcow2] => {
"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result",
"changed": false
}
META: ran handlers
META: ran handlers
PLAY RECAP *********************************************************************
/cache/rhel-8.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Wednesday 06 July 2022 22:54:46 +0000 (0:00:01.351) 0:00:01.369 ********
===============================================================================
set up internal repositories -------------------------------------------- 1.35s
/cache/rhel-8_setup.yml:5 -----------------------------------------------------
PLAYBOOK: tests_many_self_signed.yml *******************************************
2 plays in /tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml
PLAY [Issue many self-signed certificates] *************************************
TASK [Gathering Facts] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:2
Wednesday 06 July 2022 22:54:46 +0000 (0:00:00.043) 0:00:01.413 ********
ok: [/cache/rhel-8.qcow2]
META: ran handlers
TASK [fedora.linux_system_roles.certificate : Set version specific variables] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2
Wednesday 06 July 2022 22:54:48 +0000 (0:00:01.032) 0:00:02.446 ********
included: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for /cache/rhel-8.qcow2
TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2
Wednesday 06 July 2022 22:54:48 +0000 (0:00:00.026) 0:00:02.472 ********
ok: [/cache/rhel-8.qcow2]
TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:7
Wednesday 06 July 2022 22:54:48 +0000 (0:00:00.513) 0:00:02.986 ********
skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml) => {
"ansible_loop_var": "item",
"changed": false,
"item": "RedHat.yml",
"skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml) => {
"ansible_loop_var": "item",
"changed": false,
"item": "RedHat.yml",
"skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.yml) => {
"ansible_loop_var": "item",
"changed": false,
"item": "RedHat_8.yml",
"skip_reason": "Conditional result was False"
}
skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.6.yml) => {
"ansible_loop_var": "item",
"changed": false,
"item": "RedHat_8.6.yml",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5
Wednesday 06 July 2022 22:54:48 +0000 (0:00:00.041) 0:00:03.027 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22
Wednesday 06 July 2022 22:54:50 +0000 (0:00:01.429) 0:00:04.456 ********
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33
Wednesday 06 July 2022 22:54:51 +0000 (0:00:01.276) 0:00:05.732 ********
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": false,
"gid": 0,
"group": "root",
"mode": "0700",
"owner": "root",
"path": "/etc/certmonger//pre-scripts",
"secontext": "unconfined_u:object_r:etc_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:59
Wednesday 06 July 2022 22:54:51 +0000 (0:00:00.526) 0:00:06.259 ********
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": false,
"gid": 0,
"group": "root",
"mode": "0700",
"owner": "root",
"path": "/etc/certmonger//post-scripts",
"secontext": "unconfined_u:object_r:etc_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] ***
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88
Wednesday 06 July 2022 22:54:52 +0000 (0:00:00.420) 0:00:06.679 ********
ok: [/cache/rhel-8.qcow2] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": false,
"enabled": true,
"name": "certmonger",
"state": "started",
"status": {
"ActiveEnterTimestamp": "Wed 2022-07-06 18:48:34 EDT",
"ActiveEnterTimestampMonotonic": "217577643",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "dbus.service dbus.socket sysinit.target system.slice basic.target network.target syslog.target systemd-journald.socket",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "yes",
"AssertTimestamp": "Wed 2022-07-06 18:48:34 EDT",
"AssertTimestampMonotonic": "217565677",
"Before": "shutdown.target multi-user.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "[not set]",
"BusName": "org.fedorahosted.certmonger",
"CPUAccounting": "no",
"CPUAffinity": "",
"CPUAffinityFromNUMA": "no",
"CPUQuotaPerSecUSec": "infinity",
"CPUQuotaPeriodUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "[not set]",
"CPUUsageNSec": "[not set]",
"CPUWeight": "[not set]",
"CacheDirectoryMode": "0755",
"CanFreeze": "yes",
"CanIsolate": "no",
"CanReload": "no",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf",
"CollectMode": "inactive",
"ConditionResult": "yes",
"ConditionTimestamp": "Wed 2022-07-06 18:48:34 EDT",
"ConditionTimestampMonotonic": "217565676",
"ConfigurationDirectoryMode": "0755",
"Conflicts": "shutdown.target",
"ControlGroup": "/system.slice/certmonger.service",
"ControlPID": "0",
"DefaultDependencies": "yes",
"DefaultMemoryLow": "0",
"DefaultMemoryMin": "0",
"Delegate": "no",
"Description": "Certificate monitoring and PKI enrollment",
"DevicePolicy": "auto",
"DynamicUser": "no",
"EffectiveCPUs": "",
"EffectiveMemoryNodes": "",
"EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)",
"ExecMainCode": "0",
"ExecMainExitTimestampMonotonic": "0",
"ExecMainPID": "23914",
"ExecMainStartTimestamp": "Wed 2022-07-06 18:48:34 EDT",
"ExecMainStartTimestampMonotonic": "217566944",
"ExecMainStatus": "0",
"ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"FailureAction": "none",
"FileDescriptorStoreMax": "0",
"FragmentPath": "/usr/lib/systemd/system/certmonger.service",
"FreezerState": "running",
"GID": "[not set]",
"GuessMainPID": "yes",
"IOAccounting": "no",
"IOSchedulingClass": "0",
"IOSchedulingPriority": "0",
"IOWeight": "[not set]",
"IPAccounting": "no",
"IPEgressBytes": "18446744073709551615",
"IPEgressPackets": "18446744073709551615",
"IPIngressBytes": "18446744073709551615",
"IPIngressPackets": "18446744073709551615",
"Id": "certmonger.service",
"IgnoreOnIsolate": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestamp": "Wed 2022-07-06 18:48:34 EDT",
"InactiveExitTimestampMonotonic": "217566995",
"InvocationID": "d54891b3cfa34d7ca4a9f82aac3ff004",
"JobRunningTimeoutUSec": "infinity",
"JobTimeoutAction": "none",
"JobTimeoutUSec": "infinity",
"KeyringMode": "private",
"KillMode": "control-group",
"KillSignal": "15",
"LimitAS": "infinity",
"LimitASSoft": "infinity",
"LimitCORE": "infinity",
"LimitCORESoft": "0",
"LimitCPU": "infinity",
"LimitCPUSoft": "infinity",
"LimitDATA": "infinity",
"LimitDATASoft": "infinity",
"LimitFSIZE": "infinity",
"LimitFSIZESoft": "infinity",
"LimitLOCKS": "infinity",
"LimitLOCKSSoft": "infinity",
"LimitMEMLOCK": "65536",
"LimitMEMLOCKSoft": "65536",
"LimitMSGQUEUE": "819200",
"LimitMSGQUEUESoft": "819200",
"LimitNICE": "0",
"LimitNICESoft": "0",
"LimitNOFILE": "262144",
"LimitNOFILESoft": "1024",
"LimitNPROC": "14648",
"LimitNPROCSoft": "14648",
"LimitRSS": "infinity",
"LimitRSSSoft": "infinity",
"LimitRTPRIO": "0",
"LimitRTPRIOSoft": "0",
"LimitRTTIME": "infinity",
"LimitRTTIMESoft": "infinity",
"LimitSIGPENDING": "14648",
"LimitSIGPENDINGSoft": "14648",
"LimitSTACK": "infinity",
"LimitSTACKSoft": "8388608",
"LoadState": "loaded",
"LockPersonality": "no",
"LogLevelMax": "-1",
"LogRateLimitBurst": "0",
"LogRateLimitIntervalUSec": "0",
"LogsDirectoryMode": "0755",
"MainPID": "23914",
"MemoryAccounting": "yes",
"MemoryCurrent": "3977216",
"MemoryDenyWriteExecute": "no",
"MemoryHigh": "infinity",
"MemoryLimit": "infinity",
"MemoryLow": "0",
"MemoryMax": "infinity",
"MemoryMin": "0",
"MemorySwapMax": "infinity",
"MountAPIVFS": "no",
"MountFlags": "",
"NFileDescriptorStore": "0",
"NRestarts": "0",
"NUMAMask": "",
"NUMAPolicy": "n/a",
"Names": "certmonger.service",
"NeedDaemonReload": "no",
"Nice": "0",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"NotifyAccess": "none",
"OOMScoreAdjust": "0",
"OnFailureJobMode": "replace",
"PIDFile": "/run/certmonger.pid",
"PartOf": "dbus.service",
"PermissionsStartOnly": "no",
"Perpetual": "no",
"PrivateDevices": "no",
"PrivateMounts": "no",
"PrivateNetwork": "no",
"PrivateTmp": "no",
"PrivateUsers": "no",
"ProtectControlGroups": "no",
"ProtectHome": "no",
"ProtectKernelModules": "no",
"ProtectKernelTunables": "no",
"ProtectSystem": "no",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"RemainAfterExit": "no",
"RemoveIPC": "no",
"Requires": "system.slice dbus.socket sysinit.target",
"Restart": "no",
"RestartUSec": "100ms",
"RestrictNamespaces": "no",
"RestrictRealtime": "no",
"RestrictSUIDSGID": "no",
"Result": "success",
"RootDirectoryStartOnly": "no",
"RuntimeDirectoryMode": "0755",
"RuntimeDirectoryPreserve": "no",
"RuntimeMaxUSec": "infinity",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"StandardError": "inherit",
"StandardInput": "null",
"StandardInputData": "",
"StandardOutput": "journal",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitIntervalUSec": "10s",
"StartupBlockIOWeight": "[not set]",
"StartupCPUShares": "[not set]",
"StartupCPUWeight": "[not set]",
"StartupIOWeight": "[not set]",
"StateChangeTimestamp": "Wed 2022-07-06 18:48:34 EDT",
"StateChangeTimestampMonotonic": "217577643",
"StateDirectoryMode": "0755",
"StatusErrno": "0",
"StopWhenUnneeded": "no",
"SubState": "running",
"SuccessAction": "none",
"SyslogFacility": "3",
"SyslogLevel": "6",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"SystemCallErrorNumber": "0",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TasksAccounting": "yes",
"TasksCurrent": "1",
"TasksMax": "23436",
"TimeoutStartUSec": "1min 30s",
"TimeoutStopUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Transient": "no",
"Type": "dbus",
"UID": "[not set]",
"UMask": "0022",
"UnitFilePreset": "disabled",
"UnitFileState": "enabled",
"UtmpMode": "init",
"WantedBy": "multi-user.target",
"WatchdogTimestamp": "Wed 2022-07-06 18:48:34 EDT",
"WatchdogTimestampMonotonic": "217577641",
"WatchdogUSec": "0"
}
}
TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] *****
task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99
Wednesday 06 July 2022 22:54:53 +0000 (0:00:00.802) 0:00:07.482 ********
changed: [/cache/rhel-8.qcow2] => (item={'name': 'mycert_many_self_signed', 'dns': 'www.example.com', 'ca': 'self-sign'}) => {
"ansible_loop_var": "item",
"changed": true,
"item": {
"ca": "self-sign",
"dns": "www.example.com",
"name": "mycert_many_self_signed"
}
}
MSG:
Certificate requested (new).
changed: [/cache/rhel-8.qcow2] => (item={'name': 'other-cert', 'dns': 'www.example.org', 'ca': 'self-sign'}) => {
"ansible_loop_var": "item",
"changed": true,
"item": {
"ca": "self-sign",
"dns": "www.example.org",
"name": "other-cert"
}
}
MSG:
Certificate requested (new).
changed: [/cache/rhel-8.qcow2] => (item={'name': 'another-cert', 'dns': 'www.example.net', 'ca': 'self-sign'}) => {
"ansible_loop_var": "item",
"changed": true,
"item": {
"ca": "self-sign",
"dns": "www.example.net",
"name": "another-cert"
}
}
MSG:
Certificate requested (new).
META: role_complete for /cache/rhel-8.qcow2
META: ran handlers
META: ran handlers
PLAY [Verify certificate] ******************************************************
TASK [Gathering Facts] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:18
Wednesday 06 July 2022 22:54:55 +0000 (0:00:02.694) 0:00:10.177 ********
ok: [/cache/rhel-8.qcow2]
META: ran handlers
TASK [Verify each certificate] *************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:50
Wednesday 06 July 2022 22:54:56 +0000 (0:00:00.835) 0:00:11.012 ********
included: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert_many_self_signed.crt', 'key_path': '/etc/pki/tls/private/mycert_many_self_signed.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]})
included: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/other-cert.crt', 'key_path': '/etc/pki/tls/private/other-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.org'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.org'}]})
included: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/another-cert.crt', 'key_path': '/etc/pki/tls/private/another-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.net'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.net'}]})
TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022 22:54:56 +0000 (0:00:00.053) 0:00:11.066 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"__virtualenv_path": "/tmp/certificate-tests-venv"
},
"changed": false
}
TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022 22:54:56 +0000 (0:00:00.027) 0:00:11.093 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022 22:54:58 +0000 (0:00:01.378) 0:00:12.472 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"-U",
"pip"
],
"name": [
"pip"
],
"requirements": null,
"state": "latest",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)
TASK [Install certreader] ******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022 22:54:59 +0000 (0:00:01.125) 0:00:13.597 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"cryptography<35",
"certreader>=0.1.1"
],
"name": [
"cryptography<35",
"certreader>=0.1.1"
],
"requirements": null,
"state": "present",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)
TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022 22:55:00 +0000 (0:00:00.867) 0:00:14.464 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657148092.4848478,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "a1d90497777e5e7266833189eefc16f96758aa10",
"ctime": 1657148092.4818478,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 752898,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657148092.4818478,
"nlink": 1,
"path": "/etc/pki/tls/certs/mycert_many_self_signed.crt",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1273,
"uid": 0,
"version": "890315342",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022 22:55:00 +0000 (0:00:00.519) 0:00:14.983 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022 22:55:00 +0000 (0:00:00.033) 0:00:15.017 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:47
Wednesday 06 July 2022 22:55:00 +0000 (0:00:00.045) 0:00:15.062 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:53
Wednesday 06 July 2022 22:55:00 +0000 (0:00:00.043) 0:00:15.106 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657148092.4278479,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "e326219b9dee6e2d84f51666a4433e1a06159b4f",
"ctime": 1657148092.4818478,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 9519405,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657148092.4818478,
"nlink": 1,
"path": "/etc/pki/tls/private/mycert_many_self_signed.key",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1704,
"uid": 0,
"version": "3810082974",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:58
Wednesday 06 July 2022 22:55:01 +0000 (0:00:00.374) 0:00:15.480 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:64
Wednesday 06 July 2022 22:55:01 +0000 (0:00:00.032) 0:00:15.512 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Parse certificate] *******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74
Wednesday 06 July 2022 22:55:01 +0000 (0:00:00.046) 0:00:15.558 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/certreader2json",
"/etc/pki/tls/certs/mycert_many_self_signed.crt"
],
"delta": "0:00:00.223449",
"end": "2022-07-06 18:55:00.407482",
"rc": 0,
"start": "2022-07-06 18:55:00.184033"
}
STDOUT:
{
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.com"
}
],
"extensions": {
"keyUsage": {
"value": [
"digital_signature",
"key_encipherment"
],
"critical": false
},
"subjectAltName": {
"value": [
{
"name": "DNS",
"value": "www.example.com"
}
],
"critical": false
},
"extendedKeyUsage": {
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
],
"critical": false
},
"basicConstraints": {
"value": {
"ca": false
},
"critical": true
},
"subjectKeyIdentifier": {
"value": "BB:E3:DB:94:97:71:92:77:92:C5:7B:EF:71:D7:F5:A2:58:8E:C5:ED",
"critical": false
},
"authorityKeyIdentifier": {
"value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C",
"critical": false
}
},
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "C3:F6:7F:55:8C:00:6F:AB:F8:63:D3:B2:46:4F:55:6B:6A:EA:E2:5C:E2:C8:E2:41:F7:93:1F:3C:8D:D5:F6:10:CF:16:93:92:B2:3F:6C:3D:92:00:2B:5B:54:A5:58:7B:5C:F3:86:2A:66:DB:C3:41:10:8B:88:44:3A:10:C7:4B:83:3A:FB:EF:78:36:04:14:47:6D:23:A4:B1:CA:EC:90:37:FB:95:66:1F:B3:70:36:B4:A1:AF:BB:31:DA:59:C3:68:33:44:33:AB:DA:96:A5:99:E7:06:45:BD:4D:4E:8D:41:62:D9:DC:AC:AA:28:84:7F:3F:1D:0B:4F:13:C3:77:14:32:76:9A:B1:38:AC:A7:86:D2:FE:9B:57:C3:20:93:B0:21:7F:FC:E8:54:F2:8E:C2:5D:A9:51:0E:DB:01:8D:42:7F:74:06:FF:69:DC:2A:08:F1:0B:00:BF:2F:A1:F8:C7:8B:AB:D2:57:4E:91:B6:F9:FF:2E:CE:1B:FE:05:21:3D:7D:C6:A6:07:2A:C5:85:74:C6:98:89:F2:CB:26:BC:4C:62:93:44:BB:C3:C4:44:5F:E7:F3:1D:A0:B7:CC:B9:A3:B5:A7:1A:D2:50:F3:32:9B:79:24:B4:43:81:5E:43:D9:C4:94:18:1D:A4:15:AB:BC:97:F6:11:73:46:BE:C2"
},
"key_size": 2048,
"validity": {
"not_valid_after": "2023-07-06 22:48:35",
"not_valid_before": "2022-07-06 22:54:52"
}
}
TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:79
Wednesday 06 July 2022 22:55:01 +0000 (0:00:00.710) 0:00:16.269 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"cert_issued": {
"extensions": {
"authorityKeyIdentifier": {
"critical": false,
"value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C"
},
"basicConstraints": {
"critical": true,
"value": {
"ca": false
}
},
"extendedKeyUsage": {
"critical": false,
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
]
},
"keyUsage": {
"critical": false,
"value": [
"digital_signature",
"key_encipherment"
]
},
"subjectAltName": {
"critical": false,
"value": [
{
"name": "DNS",
"value": "www.example.com"
}
]
},
"subjectKeyIdentifier": {
"critical": false,
"value": "BB:E3:DB:94:97:71:92:77:92:C5:7B:EF:71:D7:F5:A2:58:8E:C5:ED"
}
},
"key_size": 2048,
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "C3:F6:7F:55:8C:00:6F:AB:F8:63:D3:B2:46:4F:55:6B:6A:EA:E2:5C:E2:C8:E2:41:F7:93:1F:3C:8D:D5:F6:10:CF:16:93:92:B2:3F:6C:3D:92:00:2B:5B:54:A5:58:7B:5C:F3:86:2A:66:DB:C3:41:10:8B:88:44:3A:10:C7:4B:83:3A:FB:EF:78:36:04:14:47:6D:23:A4:B1:CA:EC:90:37:FB:95:66:1F:B3:70:36:B4:A1:AF:BB:31:DA:59:C3:68:33:44:33:AB:DA:96:A5:99:E7:06:45:BD:4D:4E:8D:41:62:D9:DC:AC:AA:28:84:7F:3F:1D:0B:4F:13:C3:77:14:32:76:9A:B1:38:AC:A7:86:D2:FE:9B:57:C3:20:93:B0:21:7F:FC:E8:54:F2:8E:C2:5D:A9:51:0E:DB:01:8D:42:7F:74:06:FF:69:DC:2A:08:F1:0B:00:BF:2F:A1:F8:C7:8B:AB:D2:57:4E:91:B6:F9:FF:2E:CE:1B:FE:05:21:3D:7D:C6:A6:07:2A:C5:85:74:C6:98:89:F2:CB:26:BC:4C:62:93:44:BB:C3:C4:44:5F:E7:F3:1D:A0:B7:CC:B9:A3:B5:A7:1A:D2:50:F3:32:9B:79:24:B4:43:81:5E:43:D9:C4:94:18:1D:A4:15:AB:BC:97:F6:11:73:46:BE:C2"
},
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.com"
}
],
"validity": {
"not_valid_after": "2023-07-06 22:48:35",
"not_valid_before": "2022-07-06 22:54:52"
}
}
},
"changed": false
}
TASK [Verify certificate subject] **********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022 22:55:01 +0000 (0:00:00.043) 0:00:16.312 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:91
Wednesday 06 July 2022 22:55:01 +0000 (0:00:00.042) 0:00:16.355 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key size] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:99
Wednesday 06 July 2022 22:55:01 +0000 (0:00:00.030) 0:00:16.386 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:106
Wednesday 06 July 2022 22:55:01 +0000 (0:00:00.045) 0:00:16.431 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:118
Wednesday 06 July 2022 22:55:02 +0000 (0:00:00.045) 0:00:16.477 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:132
Wednesday 06 July 2022 22:55:02 +0000 (0:00:00.050) 0:00:16.527 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_many_self_signed.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
"delta": "0:00:00.080614",
"end": "2022-07-06 18:55:01.115021",
"rc": 0,
"start": "2022-07-06 18:55:01.034407"
}
STDOUT:
yes
TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022 22:55:02 +0000 (0:00:00.449) 0:00:16.977 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022 22:55:02 +0000 (0:00:00.046) 0:00:17.023 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"__virtualenv_path": "/tmp/certificate-tests-venv"
},
"changed": false
}
TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022 22:55:02 +0000 (0:00:00.028) 0:00:17.051 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022 22:55:03 +0000 (0:00:01.327) 0:00:18.378 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"-U",
"pip"
],
"name": [
"pip"
],
"requirements": null,
"state": "latest",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)
TASK [Install certreader] ******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022 22:55:04 +0000 (0:00:01.012) 0:00:19.391 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"cryptography<35",
"certreader>=0.1.1"
],
"name": [
"cryptography<35",
"certreader>=0.1.1"
],
"requirements": null,
"state": "present",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)
TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022 22:55:05 +0000 (0:00:00.849) 0:00:20.240 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657148093.209848,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "5c26427f2d633faa7500898b3df39e17b46c3d5f",
"ctime": 1657148093.206848,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 752905,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657148093.206848,
"nlink": 1,
"path": "/etc/pki/tls/certs/other-cert.crt",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1273,
"uid": 0,
"version": "3489799618",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022 22:55:06 +0000 (0:00:00.381) 0:00:20.621 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022 22:55:06 +0000 (0:00:00.032) 0:00:20.654 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:47
Wednesday 06 July 2022 22:55:06 +0000 (0:00:00.046) 0:00:20.700 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:53
Wednesday 06 July 2022 22:55:06 +0000 (0:00:00.052) 0:00:20.753 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657148093.1618478,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "62d590ab407e6da7731a2dec07132b8cb9f1849a",
"ctime": 1657148093.206848,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 9519407,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657148093.206848,
"nlink": 1,
"path": "/etc/pki/tls/private/other-cert.key",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1704,
"uid": 0,
"version": "784101028",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:58
Wednesday 06 July 2022 22:55:06 +0000 (0:00:00.362) 0:00:21.115 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:64
Wednesday 06 July 2022 22:55:06 +0000 (0:00:00.031) 0:00:21.146 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Parse certificate] *******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74
Wednesday 06 July 2022 22:55:06 +0000 (0:00:00.045) 0:00:21.192 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/certreader2json",
"/etc/pki/tls/certs/other-cert.crt"
],
"delta": "0:00:00.238743",
"end": "2022-07-06 18:55:05.964058",
"rc": 0,
"start": "2022-07-06 18:55:05.725315"
}
STDOUT:
{
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.org"
}
],
"extensions": {
"keyUsage": {
"value": [
"digital_signature",
"key_encipherment"
],
"critical": false
},
"subjectAltName": {
"value": [
{
"name": "DNS",
"value": "www.example.org"
}
],
"critical": false
},
"extendedKeyUsage": {
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
],
"critical": false
},
"basicConstraints": {
"value": {
"ca": false
},
"critical": true
},
"subjectKeyIdentifier": {
"value": "28:76:7D:C1:89:68:BC:34:13:88:4F:66:00:EB:5F:FD:7B:0C:89:8B",
"critical": false
},
"authorityKeyIdentifier": {
"value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C",
"critical": false
}
},
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "35:F4:AF:C1:23:0A:D0:E6:C8:E3:7B:B3:99:56:B9:4D:62:E1:97:F6:DE:21:79:E0:BA:0F:24:8B:DF:8A:3D:4C:4C:78:82:6E:D9:C6:44:76:6B:E8:8D:2F:FF:53:3B:9A:8E:78:E3:0D:FC:43:2B:CA:B3:00:AE:91:6A:83:A1:F2:98:F6:46:B8:31:D5:8F:DA:49:38:A2:59:89:1C:AE:18:48:0D:28:49:89:BE:CA:81:36:6C:CD:5A:60:E1:01:03:B2:DF:65:8A:F2:45:39:33:9A:60:C5:C5:8D:67:EC:B8:3B:B3:0E:E5:E8:4D:42:EC:96:9C:AB:C2:33:F1:F8:0E:27:9C:6A:DD:FF:F9:9F:BF:11:DA:EF:18:05:09:F1:70:3C:2C:53:61:AC:28:3A:17:ED:EB:90:8B:E8:97:57:43:AB:C5:44:46:5E:F7:4C:BD:7B:A1:42:FB:9A:CC:A7:F3:DF:FD:21:42:BC:61:08:9B:86:7F:9D:3C:84:87:92:D9:25:08:3F:5B:9F:4F:A2:41:A3:9B:3E:0E:25:1F:4C:E3:1D:04:A0:FF:37:48:BB:3E:08:50:6B:AA:7C:1F:62:B3:3D:62:92:F6:F3:68:B7:C4:B3:BC:CC:5F:CA:26:06:61:A3:1D:26:60:CF:BB:3C:40:1E:A3:70:21:E2:0D:6D:9A"
},
"key_size": 2048,
"validity": {
"not_valid_after": "2023-07-06 22:48:35",
"not_valid_before": "2022-07-06 22:54:53"
}
}
TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:79
Wednesday 06 July 2022 22:55:07 +0000 (0:00:00.637) 0:00:21.829 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"cert_issued": {
"extensions": {
"authorityKeyIdentifier": {
"critical": false,
"value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C"
},
"basicConstraints": {
"critical": true,
"value": {
"ca": false
}
},
"extendedKeyUsage": {
"critical": false,
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
]
},
"keyUsage": {
"critical": false,
"value": [
"digital_signature",
"key_encipherment"
]
},
"subjectAltName": {
"critical": false,
"value": [
{
"name": "DNS",
"value": "www.example.org"
}
]
},
"subjectKeyIdentifier": {
"critical": false,
"value": "28:76:7D:C1:89:68:BC:34:13:88:4F:66:00:EB:5F:FD:7B:0C:89:8B"
}
},
"key_size": 2048,
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "35:F4:AF:C1:23:0A:D0:E6:C8:E3:7B:B3:99:56:B9:4D:62:E1:97:F6:DE:21:79:E0:BA:0F:24:8B:DF:8A:3D:4C:4C:78:82:6E:D9:C6:44:76:6B:E8:8D:2F:FF:53:3B:9A:8E:78:E3:0D:FC:43:2B:CA:B3:00:AE:91:6A:83:A1:F2:98:F6:46:B8:31:D5:8F:DA:49:38:A2:59:89:1C:AE:18:48:0D:28:49:89:BE:CA:81:36:6C:CD:5A:60:E1:01:03:B2:DF:65:8A:F2:45:39:33:9A:60:C5:C5:8D:67:EC:B8:3B:B3:0E:E5:E8:4D:42:EC:96:9C:AB:C2:33:F1:F8:0E:27:9C:6A:DD:FF:F9:9F:BF:11:DA:EF:18:05:09:F1:70:3C:2C:53:61:AC:28:3A:17:ED:EB:90:8B:E8:97:57:43:AB:C5:44:46:5E:F7:4C:BD:7B:A1:42:FB:9A:CC:A7:F3:DF:FD:21:42:BC:61:08:9B:86:7F:9D:3C:84:87:92:D9:25:08:3F:5B:9F:4F:A2:41:A3:9B:3E:0E:25:1F:4C:E3:1D:04:A0:FF:37:48:BB:3E:08:50:6B:AA:7C:1F:62:B3:3D:62:92:F6:F3:68:B7:C4:B3:BC:CC:5F:CA:26:06:61:A3:1D:26:60:CF:BB:3C:40:1E:A3:70:21:E2:0D:6D:9A"
},
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.org"
}
],
"validity": {
"not_valid_after": "2023-07-06 22:48:35",
"not_valid_before": "2022-07-06 22:54:53"
}
}
},
"changed": false
}
TASK [Verify certificate subject] **********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022 22:55:07 +0000 (0:00:00.048) 0:00:21.878 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:91
Wednesday 06 July 2022 22:55:07 +0000 (0:00:00.048) 0:00:21.926 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key size] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:99
Wednesday 06 July 2022 22:55:07 +0000 (0:00:00.032) 0:00:21.959 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:106
Wednesday 06 July 2022 22:55:07 +0000 (0:00:00.042) 0:00:22.001 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:118
Wednesday 06 July 2022 22:55:07 +0000 (0:00:00.043) 0:00:22.044 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:132
Wednesday 06 July 2022 22:55:07 +0000 (0:00:00.045) 0:00:22.090 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
"delta": "0:00:00.068586",
"end": "2022-07-06 18:55:06.656835",
"rc": 0,
"start": "2022-07-06 18:55:06.588249"
}
STDOUT:
yes
TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022 22:55:08 +0000 (0:00:00.426) 0:00:22.516 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Set virtualenv_path] *****************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:2
Wednesday 06 July 2022 22:55:08 +0000 (0:00:00.043) 0:00:22.559 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"__virtualenv_path": "/tmp/certificate-tests-venv"
},
"changed": false
}
TASK [Ensure python3 is installed] *********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6
Wednesday 06 July 2022 22:55:08 +0000 (0:00:00.030) 0:00:22.589 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"rc": 0,
"results": []
}
MSG:
Nothing to do
TASK [Install the package, force upgrade] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11
Wednesday 06 July 2022 22:55:09 +0000 (0:00:01.279) 0:00:23.869 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"-U",
"pip"
],
"name": [
"pip"
],
"requirements": null,
"state": "latest",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)
TASK [Install certreader] ******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18
Wednesday 06 July 2022 22:55:10 +0000 (0:00:00.966) 0:00:24.836 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/pip3",
"install",
"cryptography<35",
"certreader>=0.1.1"
],
"name": [
"cryptography<35",
"certreader>=0.1.1"
],
"requirements": null,
"state": "present",
"version": null,
"virtualenv": "/tmp/certificate-tests-venv"
}
STDOUT:
Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)
Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)
Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1)
Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)
Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)
Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21)
TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:26
Wednesday 06 July 2022 22:55:11 +0000 (0:00:00.863) 0:00:25.699 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657148094.1648479,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "08c6d3a400bab067d4e6c0d87e4ad60f08124f20",
"ctime": 1657148094.1618478,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 752906,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657148094.1618478,
"nlink": 1,
"path": "/etc/pki/tls/certs/another-cert.crt",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1273,
"uid": 0,
"version": "646303238",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if certificate file exists] ***************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:31
Wednesday 06 July 2022 22:55:11 +0000 (0:00:00.398) 0:00:26.098 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate file owner and group] *********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:37
Wednesday 06 July 2022 22:55:11 +0000 (0:00:00.034) 0:00:26.132 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate permissions] ******************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:47
Wednesday 06 July 2022 22:55:11 +0000 (0:00:00.045) 0:00:26.177 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve key file stats] *************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:53
Wednesday 06 July 2022 22:55:11 +0000 (0:00:00.041) 0:00:26.219 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"stat": {
"atime": 1657148094.1158478,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "b0c95e1315aa180128cee6965c90d8c658cfaa02",
"ctime": 1657148094.1618478,
"dev": 64515,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 9519409,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1657148094.1618478,
"nlink": 1,
"path": "/etc/pki/tls/private/another-cert.key",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1704,
"uid": 0,
"version": "1121164723",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
TASK [Verify if key file exists] ***********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:58
Wednesday 06 July 2022 22:55:12 +0000 (0:00:00.374) 0:00:26.593 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key file owner and group] *****************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:64
Wednesday 06 July 2022 22:55:12 +0000 (0:00:00.066) 0:00:26.660 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Parse certificate] *******************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74
Wednesday 06 July 2022 22:55:12 +0000 (0:00:00.045) 0:00:26.705 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": [
"/tmp/certificate-tests-venv/bin/certreader2json",
"/etc/pki/tls/certs/another-cert.crt"
],
"delta": "0:00:00.238533",
"end": "2022-07-06 18:55:11.455553",
"rc": 0,
"start": "2022-07-06 18:55:11.217020"
}
STDOUT:
{
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.net"
}
],
"extensions": {
"keyUsage": {
"value": [
"digital_signature",
"key_encipherment"
],
"critical": false
},
"subjectAltName": {
"value": [
{
"name": "DNS",
"value": "www.example.net"
}
],
"critical": false
},
"extendedKeyUsage": {
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
],
"critical": false
},
"basicConstraints": {
"value": {
"ca": false
},
"critical": true
},
"subjectKeyIdentifier": {
"value": "A5:8C:18:18:B6:87:F7:82:BC:52:69:3E:42:8A:1D:0B:42:C7:D3:3C",
"critical": false
},
"authorityKeyIdentifier": {
"value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C",
"critical": false
}
},
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "73:D4:6F:49:25:3E:13:E2:A2:9C:A1:C7:B7:95:A2:D7:7B:2B:3A:00:AE:F2:A2:7C:36:4D:4B:1A:A4:4B:16:6A:CD:BA:B4:5D:BA:57:20:23:26:B8:A4:3D:48:B4:97:01:E1:58:8A:02:39:8F:E8:25:C7:8D:3B:EB:12:5B:2A:73:C5:B8:A0:6C:C1:CA:52:1E:8C:6F:C0:41:13:D6:94:F2:6F:5F:3D:BA:6B:AA:88:52:35:C5:23:CC:0F:A0:2E:95:F9:6D:0D:F2:74:A9:31:B8:F4:AD:81:A5:7F:A0:C3:CE:27:3E:B6:75:00:A0:ED:CD:08:26:0B:86:43:48:EF:34:1A:4B:FC:1A:2C:20:95:9B:31:2C:05:44:46:E2:85:3A:AE:D8:94:59:CC:92:B2:B0:FC:38:15:F1:B2:E8:0E:36:C5:3E:DD:EC:B0:D4:DA:DA:6C:7C:55:F6:68:5A:A4:C8:BB:D9:BA:B8:71:AF:ED:72:35:D8:B0:E0:44:29:FE:42:39:D2:F4:EF:A9:3D:38:36:E5:80:F9:3A:FF:E5:B3:AC:22:8A:93:43:95:5E:65:04:4D:C0:BF:37:5D:8C:A3:EC:BA:DD:E6:FC:49:FF:2C:55:55:89:B1:1F:F3:E4:70:6C:3B:6B:84:74:1F:9A:36:5A:EF:A8:5F:69:CE:FC:6A:5F"
},
"key_size": 2048,
"validity": {
"not_valid_after": "2023-07-06 22:48:35",
"not_valid_before": "2022-07-06 22:54:54"
}
}
TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:79
Wednesday 06 July 2022 22:55:12 +0000 (0:00:00.613) 0:00:27.319 ********
ok: [/cache/rhel-8.qcow2] => {
"ansible_facts": {
"cert_issued": {
"extensions": {
"authorityKeyIdentifier": {
"critical": false,
"value": "FD:F7:0C:F2:B1:C6:45:2A:0C:57:81:A6:5B:4F:95:51:CE:58:82:6C"
},
"basicConstraints": {
"critical": true,
"value": {
"ca": false
}
},
"extendedKeyUsage": {
"critical": false,
"value": [
{
"name": "id-kp-serverAuth",
"oid": "1.3.6.1.5.5.7.3.1"
},
{
"name": "id-kp-clientAuth",
"oid": "1.3.6.1.5.5.7.3.2"
}
]
},
"keyUsage": {
"critical": false,
"value": [
"digital_signature",
"key_encipherment"
]
},
"subjectAltName": {
"critical": false,
"value": [
{
"name": "DNS",
"value": "www.example.net"
}
]
},
"subjectKeyIdentifier": {
"critical": false,
"value": "A5:8C:18:18:B6:87:F7:82:BC:52:69:3E:42:8A:1D:0B:42:C7:D3:3C"
}
},
"key_size": 2048,
"signature_algorithm": {
"algorithm": "sha256WithRSAEncryption",
"signature": "73:D4:6F:49:25:3E:13:E2:A2:9C:A1:C7:B7:95:A2:D7:7B:2B:3A:00:AE:F2:A2:7C:36:4D:4B:1A:A4:4B:16:6A:CD:BA:B4:5D:BA:57:20:23:26:B8:A4:3D:48:B4:97:01:E1:58:8A:02:39:8F:E8:25:C7:8D:3B:EB:12:5B:2A:73:C5:B8:A0:6C:C1:CA:52:1E:8C:6F:C0:41:13:D6:94:F2:6F:5F:3D:BA:6B:AA:88:52:35:C5:23:CC:0F:A0:2E:95:F9:6D:0D:F2:74:A9:31:B8:F4:AD:81:A5:7F:A0:C3:CE:27:3E:B6:75:00:A0:ED:CD:08:26:0B:86:43:48:EF:34:1A:4B:FC:1A:2C:20:95:9B:31:2C:05:44:46:E2:85:3A:AE:D8:94:59:CC:92:B2:B0:FC:38:15:F1:B2:E8:0E:36:C5:3E:DD:EC:B0:D4:DA:DA:6C:7C:55:F6:68:5A:A4:C8:BB:D9:BA:B8:71:AF:ED:72:35:D8:B0:E0:44:29:FE:42:39:D2:F4:EF:A9:3D:38:36:E5:80:F9:3A:FF:E5:B3:AC:22:8A:93:43:95:5E:65:04:4D:C0:BF:37:5D:8C:A3:EC:BA:DD:E6:FC:49:FF:2C:55:55:89:B1:1F:F3:E4:70:6C:3B:6B:84:74:1F:9A:36:5A:EF:A8:5F:69:CE:FC:6A:5F"
},
"subject": [
{
"name": "commonName",
"oid": "2.5.4.3",
"value": "www.example.net"
}
],
"validity": {
"not_valid_after": "2023-07-06 22:48:35",
"not_valid_before": "2022-07-06 22:54:54"
}
}
},
"changed": false
}
TASK [Verify certificate subject] **********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:83
Wednesday 06 July 2022 22:55:12 +0000 (0:00:00.041) 0:00:27.360 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate SAN] **************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:91
Wednesday 06 July 2022 22:55:12 +0000 (0:00:00.041) 0:00:27.402 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify key size] *********************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:99
Wednesday 06 July 2022 22:55:12 +0000 (0:00:00.031) 0:00:27.433 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:106
Wednesday 06 July 2022 22:55:13 +0000 (0:00:00.076) 0:00:27.509 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:118
Wednesday 06 July 2022 22:55:13 +0000 (0:00:00.073) 0:00:27.582 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:132
Wednesday 06 July 2022 22:55:13 +0000 (0:00:00.043) 0:00:27.626 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false,
"cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
"delta": "0:00:00.070065",
"end": "2022-07-06 18:55:12.187100",
"rc": 0,
"start": "2022-07-06 18:55:12.117035"
}
STDOUT:
yes
TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:141
Wednesday 06 July 2022 22:55:13 +0000 (0:00:00.424) 0:00:28.051 ********
ok: [/cache/rhel-8.qcow2] => {
"changed": false
}
MSG:
All assertions passed
META: ran handlers
META: ran handlers
PLAY RECAP *********************************************************************
/cache/rhel-8.qcow2 : ok=74 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
Wednesday 06 July 2022 22:55:13 +0000 (0:00:00.081) 0:00:28.132 ********
===============================================================================
fedora.linux_system_roles.certificate : Ensure certificate requests ----- 2.69s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99
fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 1.43s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5
Ensure python3 is installed --------------------------------------------- 1.38s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6 --
set up internal repositories -------------------------------------------- 1.35s
/cache/rhel-8_setup.yml:5 -----------------------------------------------------
Ensure python3 is installed --------------------------------------------- 1.33s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6 --
Ensure python3 is installed --------------------------------------------- 1.28s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6 --
fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 1.28s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22
Install the package, force upgrade -------------------------------------- 1.13s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 -
Gathering Facts --------------------------------------------------------- 1.03s
/tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:2 ---------------
Install the package, force upgrade -------------------------------------- 1.01s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 -
Install the package, force upgrade -------------------------------------- 0.97s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 -
Install certreader ------------------------------------------------------ 0.87s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 -
Install certreader ------------------------------------------------------ 0.86s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 -
Install certreader ------------------------------------------------------ 0.85s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 -
Gathering Facts --------------------------------------------------------- 0.84s
/tmp/tmp0buh2ky5/tests/certificate/tests_many_self_signed.yml:18 --------------
fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.80s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88
Parse certificate ------------------------------------------------------- 0.71s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74 -
Parse certificate ------------------------------------------------------- 0.64s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74 -
Parse certificate ------------------------------------------------------- 0.61s
/tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74 -
fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.53s
/tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33