# STDOUT: ---v---v---v---v---v--- ansible-playbook 2.9.27 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/jenkins/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /opt/ansible-2.9/lib/python3.9/site-packages/ansible executable location = /opt/ansible-2.9/bin/ansible-playbook python version = 3.9.18 (main, Sep 7 2023, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: tests_fs_attrs.yml *************************************************** 5 plays in /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml PLAY [Ensure UID and GID exists] *********************************************** TASK [Gathering Facts] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:2 Saturday 04 May 2024 13:23:59 +0000 (0:00:00.012) 0:00:00.012 ********** ok: [sut] META: ran handlers TASK [Ensure user exists] ****************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:5 Saturday 04 May 2024 13:24:00 +0000 (0:00:00.898) 0:00:00.911 ********** changed: [sut] => { "changed": true, "comment": "", "create_home": true, "group": 1040, "home": "/home/user1", "name": "user1", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1040 } TASK [Ensure group "somegroup" exists] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:9 Saturday 04 May 2024 13:24:01 +0000 (0:00:00.345) 0:00:01.257 ********** changed: [sut] => { "changed": true, "gid": 1041, "name": "somegroup", "state": "present", "system": false } META: ran handlers META: ran handlers PLAY [Issue certificate setting user/group] ************************************ TASK [Gathering Facts] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:14 Saturday 04 May 2024 13:24:01 +0000 (0:00:00.241) 0:00:01.498 ********** ok: [sut] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:2 Saturday 04 May 2024 13:24:01 +0000 (0:00:00.394) 0:00:01.893 ********** included: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml for sut TASK [linux-system-roles.certificate : Ensure ansible_facts used by role] ****** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2 Saturday 04 May 2024 13:24:01 +0000 (0:00:00.014) 0:00:01.907 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Check if system is ostree] ************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:11 Saturday 04 May 2024 13:24:01 +0000 (0:00:00.019) 0:00:01.927 ********** ok: [sut] => { "changed": false, "stat": { "exists": false } } TASK [linux-system-roles.certificate : Set flag to indicate system is ostree] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:16 Saturday 04 May 2024 13:24:01 +0000 (0:00:00.196) 0:00:02.124 ********** ok: [sut] => { "ansible_facts": { "__certificate_is_ostree": false }, "changed": false } TASK [linux-system-roles.certificate : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:20 Saturday 04 May 2024 13:24:01 +0000 (0:00:00.023) 0:00:02.147 ********** skipping: [sut] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=CentOS_7.yml) => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/vars/CentOS_7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.yml" } skipping: [sut] => (item=CentOS_7.9.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.9.yml", "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 Saturday 04 May 2024 13:24:01 +0000 (0:00:00.033) 0:00:02.181 ********** changed: [sut] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: download.cf.centos.org\n * extras: download.cf.centos.org\n * updates: download.cf.centos.org\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+4 Dependent packages)\n\nTotal download size: 1.1 M\nInstalled size: 5.8 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 2.9 MB/s | 1.1 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/6 \n Installing : python-ply-3.4-11.el7.noarch 2/6 \n Installing : python-pycparser-2.14-1.el7.noarch 3/6 \n Installing : python-cffi-1.6.0-5.el7.x86_64 4/6 \n Installing : python-idna-2.4-1.el7.noarch 5/6 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 6/6 \n Verifying : python-idna-2.4-1.el7.noarch 1/6 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/6 \n Verifying : python-ply-3.4-11.el7.noarch 3/6 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/6 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 5/6 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 6/6 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-idna.noarch 0:2.4-1.el7 \n python-ply.noarch 0:3.4-11.el7 python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } lsrpackages: python-cryptography python-dbus python-pyasn1 TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:24 Saturday 04 May 2024 13:24:08 +0000 (0:00:06.624) 0:00:08.806 ********** changed: [sut] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: download.cf.centos.org\n * extras: download.cf.centos.org\n * updates: download.cf.centos.org\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-17.el7_9 will be installed\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-17.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-17.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-17.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-17.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-17.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-17.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-17.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-17.el7_9 updates 608 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+4 Dependent packages)\n\nTotal download size: 843 k\nInstalled size: 3.3 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 1.4 MB/s | 843 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : libtalloc-2.1.16-1.el7.x86_64 1/5 \n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 2/5 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 3/5 \n Installing : libtevent-0.9.39-1.el7.x86_64 4/5 \n Installing : certmonger-0.78.4-17.el7_9.x86_64 5/5 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/5 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 2/5 \n Verifying : certmonger-0.78.4-17.el7_9.x86_64 3/5 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/5 \n Verifying : libtevent-0.9.39-1.el7.x86_64 5/5 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-17.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } lsrpackages: certmonger TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:37 Saturday 04 May 2024 13:24:12 +0000 (0:00:03.676) 0:00:12.482 ********** changed: [sut] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:63 Saturday 04 May 2024 13:24:12 +0000 (0:00:00.243) 0:00:12.726 ********** changed: [sut] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:92 Saturday 04 May 2024 13:24:12 +0000 (0:00:00.163) 0:00:12.890 ********** changed: [sut] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target syslog.target system.slice dbus.service basic.target systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14311", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14311", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:104 Saturday 04 May 2024 13:24:13 +0000 (0:00:00.511) 0:00:13.401 ********** changed: [sut] => (item={'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert_fs_attrs", "owner": "ftp" } } MSG: Certificate requested (new). File attributes updated. changed: [sut] => (item={'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040 } } MSG: Certificate requested (new). File attributes updated. TASK [linux-system-roles.certificate : Slurp the contents of the files] ******** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:156 Saturday 04 May 2024 13:24:14 +0000 (0:00:01.299) 0:00:14.701 ********** skipping: [sut] => (item=['cert', {'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "cert", { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert_fs_attrs", "owner": "ftp" } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['cert', {'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "cert", { "ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040 } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['key', {'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "key", { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert_fs_attrs", "owner": "ftp" } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['key', {'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "key", { "ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040 } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['ca', {'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "ca", { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert_fs_attrs", "owner": "ftp" } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['ca', {'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "ca", { "ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040 } ], "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Create return data] ********************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:168 Saturday 04 May 2024 13:24:14 +0000 (0:00:00.036) 0:00:14.737 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Stop tracking certificates] ************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:184 Saturday 04 May 2024 13:24:14 +0000 (0:00:00.018) 0:00:14.756 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Remove files] *************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:189 Saturday 04 May 2024 13:24:14 +0000 (0:00:00.020) 0:00:14.777 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:32 Saturday 04 May 2024 13:24:14 +0000 (0:00:00.024) 0:00:14.801 ********** ok: [sut] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:61 Saturday 04 May 2024 13:24:14 +0000 (0:00:00.400) 0:00:15.201 ********** included: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml for sut included: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml for sut TASK [Set virtualenv_path] ***************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:2 Saturday 04 May 2024 13:24:14 +0000 (0:00:00.037) 0:00:15.238 ********** ok: [sut] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Check if system is ostree] *********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:9 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.008) 0:00:15.247 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Set flag to indicate system is ostree] *********************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:14 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.024) 0:00:15.272 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Ensure python3 is installed] ********************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:18 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.019) 0:00:15.292 ********** ok: [sut] => { "changed": false, "rc": 0, "results": [ "python2-cryptography-1.7.2-2.el7.x86_64 providing python2-cryptography is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python2-cryptography is already installed" ] } lsrpackages: python2-cryptography TASK [Ensure python3 is installed] ********************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:29 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.387) 0:00:15.679 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Retrieve certificate file stats] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:40 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.020) 0:00:15.700 ********** ok: [sut] => { "changed": false, "stat": { "atime": 1714829053.827122, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "0461aa444e21509bcb37ea48e3de68fe10f9c310", "ctime": 1714829053.8901224, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 169867, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1714829053.822122, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_fs_attrs.crt", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1294, "uid": 14, "version": "717559190", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:45 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.161) 0:00:15.861 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:51 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.020) 0:00:15.881 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:63 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.024) 0:00:15.906 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:69 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.022) 0:00:15.928 ********** ok: [sut] => { "changed": false, "stat": { "atime": 1714829053.7731216, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7e1cb54394322963fcba446d03b67b298aa76959", "ctime": 1714829053.8901224, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 169866, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1714829053.822122, "nlink": 1, "path": "/etc/pki/tls/private/mycert_fs_attrs.key", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 14, "version": "717559177", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:74 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.160) 0:00:16.089 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:80 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.022) 0:00:16.112 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:92 Saturday 04 May 2024 13:24:15 +0000 (0:00:00.025) 0:00:16.137 ********** ok: [sut] => { "certificate": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "19:78:AD:79:94:70:31:F6:79:EA:D4:FC:6D:50:41:B1:92:2C:FB:D1" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "key_encipherment", "digital_signature" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "3D:89:59:7F:31:1A:8A:1F:94:77:48:B9:12:F1:73:12:B8:81:FB:5C" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "7B:C2:67:20:7D:BD:B5:DE:30:42:EF:4B:D1:7B:DD:D4:2E:84:E5:91:1F:62:11:6E:C5:0E:3F:C9:88:F0:FB:E5:0C:E4:CB:22:45:6A:B7:CD:96:85:F0:95:47:A3:F0:3E:D0:94:E9:B9:E2:30:43:EB:88:1C:B6:71:8E:96:26:F5:B8:DA:BF:09:ED:CB:29:86:D0:47:8C:B7:F0:5F:1F:A3:36:B4:3C:99:69:64:6A:E3:F6:22:07:A4:47:75:E9:E6:96:52:1A:FE:E7:C8:72:3E:0D:49:5A:7F:FD:9D:32:42:EF:8E:B7:D3:55:09:DD:1F:A0:32:B5:AD:B7:E4:FA:1D:CE:E0:3D:D1:FB:B0:A8:81:59:B4:7B:DB:FB:F8:3E:D4:D1:23:0F:3C:DF:9F:34:48:71:5A:FD:12:A1:D1:D4:25:AA:43:DE:D0:D0:5A:1F:46:65:03:A1:CB:EE:F0:EF:6C:30:68:05:E3:6A:E6:69:9A:2B:77:0A:2F:0F:C8:02:4C:E2:3F:46:4A:D8:1A:59:C5:5C:DB:23:46:E7:E5:B5:D8:72:52:12:17:81:DC:DF:D6:78:77:66:6A:5F:93:01:C6:86:9E:4B:2A:41:97:90:EF:43:5A:4E:E1:C6:4F:86:51:D0:F4:D5:E9:7D:5A:49:39:45:B8:F2:DF:C4:3E:8C:92" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "20250504132413Z", "not_valid_before": "20240504132413Z" } }, "changed": false } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:98 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.528) 0:00:16.666 ********** ok: [sut] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "19:78:AD:79:94:70:31:F6:79:EA:D4:FC:6D:50:41:B1:92:2C:FB:D1" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "key_encipherment", "digital_signature" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "3D:89:59:7F:31:1A:8A:1F:94:77:48:B9:12:F1:73:12:B8:81:FB:5C" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "7B:C2:67:20:7D:BD:B5:DE:30:42:EF:4B:D1:7B:DD:D4:2E:84:E5:91:1F:62:11:6E:C5:0E:3F:C9:88:F0:FB:E5:0C:E4:CB:22:45:6A:B7:CD:96:85:F0:95:47:A3:F0:3E:D0:94:E9:B9:E2:30:43:EB:88:1C:B6:71:8E:96:26:F5:B8:DA:BF:09:ED:CB:29:86:D0:47:8C:B7:F0:5F:1F:A3:36:B4:3C:99:69:64:6A:E3:F6:22:07:A4:47:75:E9:E6:96:52:1A:FE:E7:C8:72:3E:0D:49:5A:7F:FD:9D:32:42:EF:8E:B7:D3:55:09:DD:1F:A0:32:B5:AD:B7:E4:FA:1D:CE:E0:3D:D1:FB:B0:A8:81:59:B4:7B:DB:FB:F8:3E:D4:D1:23:0F:3C:DF:9F:34:48:71:5A:FD:12:A1:D1:D4:25:AA:43:DE:D0:D0:5A:1F:46:65:03:A1:CB:EE:F0:EF:6C:30:68:05:E3:6A:E6:69:9A:2B:77:0A:2F:0F:C8:02:4C:E2:3F:46:4A:D8:1A:59:C5:5C:DB:23:46:E7:E5:B5:D8:72:52:12:17:81:DC:DF:D6:78:77:66:6A:5F:93:01:C6:86:9E:4B:2A:41:97:90:EF:43:5A:4E:E1:C6:4F:86:51:D0:F4:D5:E9:7D:5A:49:39:45:B8:F2:DF:C4:3E:8C:92" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "20250504132413Z", "not_valid_before": "20240504132413Z" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:102 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.020) 0:00:16.687 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:111 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.022) 0:00:16.709 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:120 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.022) 0:00:16.732 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:127 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.021) 0:00:16.753 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:138 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.025) 0:00:16.778 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:151 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.024) 0:00:16.803 ********** ok: [sut] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_fs_attrs.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.050121", "end": "2024-05-04 13:24:16.808830", "rc": 0, "start": "2024-05-04 13:24:16.758709" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:160 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.262) 0:00:17.066 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:2 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.022) 0:00:17.089 ********** ok: [sut] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Check if system is ostree] *********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:9 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.008) 0:00:17.098 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Set flag to indicate system is ostree] *********************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:14 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.020) 0:00:17.118 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Ensure python3 is installed] ********************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:18 Saturday 04 May 2024 13:24:16 +0000 (0:00:00.019) 0:00:17.138 ********** ok: [sut] => { "changed": false, "rc": 0, "results": [ "python2-cryptography-1.7.2-2.el7.x86_64 providing python2-cryptography is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python2-cryptography is already installed" ] } lsrpackages: python2-cryptography TASK [Ensure python3 is installed] ********************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:29 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.383) 0:00:17.522 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Retrieve certificate file stats] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:40 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.018) 0:00:17.540 ********** ok: [sut] => { "changed": false, "stat": { "atime": 1714829054.3911264, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "89bcafd8b0932d682110eb7f18b1726ec4860abf", "ctime": 1714829054.4341266, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 169869, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1714829054.3841262, "nlink": 1, "path": "/etc/pki/tls/certs/certid.crt", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1294, "uid": 1040, "version": "717559227", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:45 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.158) 0:00:17.699 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:51 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.021) 0:00:17.721 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:63 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.022) 0:00:17.743 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:69 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.021) 0:00:17.765 ********** ok: [sut] => { "changed": false, "stat": { "atime": 1714829054.338126, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "59d7c99631eb72ed33532038cdef4428eab45b09", "ctime": 1714829054.4341266, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 169868, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1714829054.3841262, "nlink": 1, "path": "/etc/pki/tls/private/certid.key", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 1040, "version": "717559214", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:74 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.152) 0:00:17.918 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:80 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.022) 0:00:17.940 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:92 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.023) 0:00:17.963 ********** ok: [sut] => { "certificate": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "19:78:AD:79:94:70:31:F6:79:EA:D4:FC:6D:50:41:B1:92:2C:FB:D1" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "key_encipherment", "digital_signature" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "6C:2B:0F:6B:F4:7A:22:AE:37:58:94:31:67:90:5C:AC:16:85:2B:41" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "1F:6C:66:62:56:02:E9:4B:F1:BE:AD:AD:93:86:27:1E:B4:59:45:BE:68:3E:C2:74:AB:66:18:86:1C:F3:1B:63:C0:7B:57:BF:BC:F7:3D:AD:4B:21:DD:39:B6:AF:ED:59:3F:05:DF:F0:CB:F8:30:63:B2:87:AC:59:8D:4D:BD:04:9C:36:11:F7:D7:EB:E8:32:7E:F9:5D:DA:87:0C:51:C6:9F:1F:CA:2C:C2:31:00:E4:7A:29:C6:D7:43:59:82:41:E6:C9:AC:38:AB:BB:D7:F0:2C:FC:8D:F2:6C:31:C6:FC:B0:FD:A1:A5:6E:56:9C:A6:88:C3:A2:A4:0E:A5:61:6D:F9:82:FA:92:87:B1:EA:D9:66:71:27:5A:3C:64:46:43:06:44:B2:02:88:8B:4E:05:AF:DB:08:DB:73:C8:19:34:E1:B7:0D:1B:9E:B4:95:26:23:D1:88:5B:4C:BA:0E:09:42:E4:DA:8C:9F:B9:90:A5:06:27:6C:73:46:E5:41:D4:4A:54:5C:C8:B7:1F:6F:B6:45:14:8D:31:5B:09:A8:47:61:64:DE:7E:EF:39:C3:23:8D:BD:E5:3A:26:15:C3:04:97:D0:E6:82:D2:3D:E8:13:54:B8:C8:BD:2D:DD:15:6C:0A:1D:C9:98:F2:B3:02:18:C7:2A:01:4C:EB:66:F0:98" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "20250504132413Z", "not_valid_before": "20240504132414Z" } }, "changed": false } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:98 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.220) 0:00:18.183 ********** ok: [sut] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "19:78:AD:79:94:70:31:F6:79:EA:D4:FC:6D:50:41:B1:92:2C:FB:D1" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "key_encipherment", "digital_signature" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "6C:2B:0F:6B:F4:7A:22:AE:37:58:94:31:67:90:5C:AC:16:85:2B:41" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "1F:6C:66:62:56:02:E9:4B:F1:BE:AD:AD:93:86:27:1E:B4:59:45:BE:68:3E:C2:74:AB:66:18:86:1C:F3:1B:63:C0:7B:57:BF:BC:F7:3D:AD:4B:21:DD:39:B6:AF:ED:59:3F:05:DF:F0:CB:F8:30:63:B2:87:AC:59:8D:4D:BD:04:9C:36:11:F7:D7:EB:E8:32:7E:F9:5D:DA:87:0C:51:C6:9F:1F:CA:2C:C2:31:00:E4:7A:29:C6:D7:43:59:82:41:E6:C9:AC:38:AB:BB:D7:F0:2C:FC:8D:F2:6C:31:C6:FC:B0:FD:A1:A5:6E:56:9C:A6:88:C3:A2:A4:0E:A5:61:6D:F9:82:FA:92:87:B1:EA:D9:66:71:27:5A:3C:64:46:43:06:44:B2:02:88:8B:4E:05:AF:DB:08:DB:73:C8:19:34:E1:B7:0D:1B:9E:B4:95:26:23:D1:88:5B:4C:BA:0E:09:42:E4:DA:8C:9F:B9:90:A5:06:27:6C:73:46:E5:41:D4:4A:54:5C:C8:B7:1F:6F:B6:45:14:8D:31:5B:09:A8:47:61:64:DE:7E:EF:39:C3:23:8D:BD:E5:3A:26:15:C3:04:97:D0:E6:82:D2:3D:E8:13:54:B8:C8:BD:2D:DD:15:6C:0A:1D:C9:98:F2:B3:02:18:C7:2A:01:4C:EB:66:F0:98" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "20250504132413Z", "not_valid_before": "20240504132414Z" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:102 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.021) 0:00:18.205 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:111 Saturday 04 May 2024 13:24:17 +0000 (0:00:00.022) 0:00:18.228 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:120 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.023) 0:00:18.251 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:127 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.023) 0:00:18.274 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:138 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.024) 0:00:18.299 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:151 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.024) 0:00:18.324 ********** ok: [sut] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.049618", "end": "2024-05-04 13:24:18.269143", "rc": 0, "start": "2024-05-04 13:24:18.219525" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:160 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.201) 0:00:18.525 ********** ok: [sut] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY [Issue certificate setting user/group/mode] ******************************* TASK [Gathering Facts] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:67 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.028) 0:00:18.554 ********** ok: [sut] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:2 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.381) 0:00:18.936 ********** included: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml for sut TASK [linux-system-roles.certificate : Ensure ansible_facts used by role] ****** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.012) 0:00:18.948 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Check if system is ostree] ************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:11 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.021) 0:00:18.969 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Set flag to indicate system is ostree] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:16 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.019) 0:00:18.989 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:20 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.019) 0:00:19.008 ********** skipping: [sut] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=CentOS_7.yml) => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/vars/CentOS_7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.yml" } skipping: [sut] => (item=CentOS_7.9.yml) => { "ansible_loop_var": "item", "changed": false, "item": "CentOS_7.9.yml", "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 Saturday 04 May 2024 13:24:18 +0000 (0:00:00.061) 0:00:19.069 ********** ok: [sut] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } lsrpackages: python-cryptography python-dbus python-pyasn1 TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:24 Saturday 04 May 2024 13:24:19 +0000 (0:00:00.942) 0:00:20.011 ********** ok: [sut] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-17.el7_9.x86_64 providing certmonger is already installed" ] } lsrpackages: certmonger TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:37 Saturday 04 May 2024 13:24:20 +0000 (0:00:00.387) 0:00:20.399 ********** ok: [sut] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:63 Saturday 04 May 2024 13:24:20 +0000 (0:00:00.161) 0:00:20.561 ********** ok: [sut] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:92 Saturday 04 May 2024 13:24:20 +0000 (0:00:00.159) 0:00:20.721 ********** ok: [sut] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Sat 2024-05-04 13:24:13 UTC", "ActiveEnterTimestampMonotonic": "1530189328", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "network.target dbus.service syslog.target basic.target system.slice systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Sat 2024-05-04 13:24:13 UTC", "AssertTimestampMonotonic": "1530164627", "Before": "shutdown.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Sat 2024-05-04 13:24:13 UTC", "ConditionTimestampMonotonic": "1530164626", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "27322", "ExecMainStartTimestamp": "Sat 2024-05-04 13:24:13 UTC", "ExecMainStartTimestampMonotonic": "1530165353", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[Sat 2024-05-04 13:24:13 UTC] ; stop_time=[n/a] ; pid=27322 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Sat 2024-05-04 13:24:13 UTC", "InactiveExitTimestampMonotonic": "1530165402", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14311", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14311", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "27322", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Sat 2024-05-04 13:24:13 UTC", "WatchdogTimestampMonotonic": "1530189280", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:104 Saturday 04 May 2024 13:24:20 +0000 (0:00:00.227) 0:00:20.948 ********** changed: [sut] => (item={'name': 'mycert_fs_attrs_mode', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'mode': '0620', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "mode": "0620", "name": "mycert_fs_attrs_mode", "owner": "ftp" } } MSG: Certificate requested (new). File attributes updated. changed: [sut] => (item={'name': 'certid_mode', 'dns': 'www.example.com', 'mode': '0600', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "mode": "0600", "name": "certid_mode" } } MSG: Certificate requested (new). TASK [linux-system-roles.certificate : Slurp the contents of the files] ******** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:156 Saturday 04 May 2024 13:24:21 +0000 (0:00:01.226) 0:00:22.175 ********** skipping: [sut] => (item=['cert', {'name': 'mycert_fs_attrs_mode', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'mode': '0620', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "cert", { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "mode": "0620", "name": "mycert_fs_attrs_mode", "owner": "ftp" } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['cert', {'name': 'certid_mode', 'dns': 'www.example.com', 'mode': '0600', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "cert", { "ca": "self-sign", "dns": "www.example.com", "mode": "0600", "name": "certid_mode" } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['key', {'name': 'mycert_fs_attrs_mode', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'mode': '0620', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "key", { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "mode": "0620", "name": "mycert_fs_attrs_mode", "owner": "ftp" } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['key', {'name': 'certid_mode', 'dns': 'www.example.com', 'mode': '0600', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "key", { "ca": "self-sign", "dns": "www.example.com", "mode": "0600", "name": "certid_mode" } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['ca', {'name': 'mycert_fs_attrs_mode', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'mode': '0620', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "ca", { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "mode": "0620", "name": "mycert_fs_attrs_mode", "owner": "ftp" } ], "skip_reason": "Conditional result was False" } skipping: [sut] => (item=['ca', {'name': 'certid_mode', 'dns': 'www.example.com', 'mode': '0600', 'ca': 'self-sign'}]) => { "ansible_loop_var": "item", "changed": false, "item": [ "ca", { "ca": "self-sign", "dns": "www.example.com", "mode": "0600", "name": "certid_mode" } ], "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Create return data] ********************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:168 Saturday 04 May 2024 13:24:21 +0000 (0:00:00.034) 0:00:22.209 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Stop tracking certificates] ************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:184 Saturday 04 May 2024 13:24:21 +0000 (0:00:00.018) 0:00:22.228 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Remove files] *************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:189 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.021) 0:00:22.249 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:85 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.023) 0:00:22.273 ********** ok: [sut] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:112 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.378) 0:00:22.651 ********** included: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml for sut included: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml for sut TASK [Set virtualenv_path] ***************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:2 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.033) 0:00:22.685 ********** ok: [sut] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Check if system is ostree] *********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:9 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.010) 0:00:22.695 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Set flag to indicate system is ostree] *********************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:14 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.020) 0:00:22.715 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Ensure python3 is installed] ********************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:18 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.019) 0:00:22.734 ********** ok: [sut] => { "changed": false, "rc": 0, "results": [ "python2-cryptography-1.7.2-2.el7.x86_64 providing python2-cryptography is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python2-cryptography is already installed" ] } lsrpackages: python2-cryptography TASK [Ensure python3 is installed] ********************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:29 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.388) 0:00:23.123 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Retrieve certificate file stats] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:40 Saturday 04 May 2024 13:24:22 +0000 (0:00:00.020) 0:00:23.144 ********** ok: [sut] => { "changed": false, "stat": { "atime": 1714829061.178178, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "cb157778f0e520dd072e90b565b764d316715a7a", "ctime": 1714829061.2361786, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 169871, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0620", "mtime": 1714829061.1741781, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_fs_attrs_mode.crt", "pw_name": "ftp", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 14, "version": "717559315", "wgrp": true, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:45 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.159) 0:00:23.304 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:51 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.021) 0:00:23.325 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:63 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.024) 0:00:23.350 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:69 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.021) 0:00:23.372 ********** ok: [sut] => { "changed": false, "stat": { "atime": 1714829061.1271777, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "ec1c326b59f9b477381bbed55f4c3cc21c94514e", "ctime": 1714829061.2361786, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 169870, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0620", "mtime": 1714829061.1741781, "nlink": 1, "path": "/etc/pki/tls/private/mycert_fs_attrs_mode.key", "pw_name": "ftp", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 14, "version": "717559302", "wgrp": true, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:74 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.154) 0:00:23.526 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:80 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.021) 0:00:23.548 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:92 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.024) 0:00:23.572 ********** ok: [sut] => { "certificate": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "19:78:AD:79:94:70:31:F6:79:EA:D4:FC:6D:50:41:B1:92:2C:FB:D1" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "key_encipherment", "digital_signature" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "16:C1:80:74:B4:AC:74:10:FC:AB:0B:CA:E2:10:54:C7:9D:5E:89:20" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "23:1D:58:82:CC:B4:E6:79:B8:D0:CE:70:A1:FC:A7:4D:C8:87:0F:FC:64:F6:E9:92:81:9A:12:E4:BE:43:F1:AB:D6:67:44:D4:A6:70:3A:04:9F:B0:71:AD:CE:62:55:4D:6A:A4:52:19:EE:BC:6B:CF:83:03:44:4C:38:20:0B:DB:EC:B9:0F:61:D5:DC:AD:89:82:34:40:61:BD:4C:01:C5:90:01:CC:68:C4:B4:E9:64:93:34:F6:74:3C:B1:9E:94:C2:5C:15:C4:C0:59:F8:F0:34:BF:C6:4B:2E:8C:CB:67:0C:16:76:18:F5:43:4A:11:06:29:76:AE:C6:CE:C1:44:C2:02:90:74:A6:CA:F1:64:30:26:A0:19:00:48:72:07:BC:E7:9C:EB:60:40:C0:27:46:7A:AD:3A:8F:A7:69:93:D2:6D:0E:93:16:23:F1:C4:6F:2C:D0:E7:A3:0C:F9:64:5C:79:53:EB:9C:D8:6A:66:91:11:5E:7F:4A:72:DA:2C:47:8F:53:D1:75:5D:29:01:6A:5F:9A:67:C8:D3:26:D9:D6:F9:FB:77:C0:6F:C4:FF:4B:14:5D:85:F8:E0:DD:F6:F6:59:3B:F3:6B:31:2F:62:D3:DB:42:8E:33:7D:AB:7B:D6:CC:86:3A:92:90:DB:91:EC:0F:FE:A6:F6:C8:32:E0" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "20250504132413Z", "not_valid_before": "20240504132421Z" } }, "changed": false } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:98 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.222) 0:00:23.794 ********** ok: [sut] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "19:78:AD:79:94:70:31:F6:79:EA:D4:FC:6D:50:41:B1:92:2C:FB:D1" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "key_encipherment", "digital_signature" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "16:C1:80:74:B4:AC:74:10:FC:AB:0B:CA:E2:10:54:C7:9D:5E:89:20" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "23:1D:58:82:CC:B4:E6:79:B8:D0:CE:70:A1:FC:A7:4D:C8:87:0F:FC:64:F6:E9:92:81:9A:12:E4:BE:43:F1:AB:D6:67:44:D4:A6:70:3A:04:9F:B0:71:AD:CE:62:55:4D:6A:A4:52:19:EE:BC:6B:CF:83:03:44:4C:38:20:0B:DB:EC:B9:0F:61:D5:DC:AD:89:82:34:40:61:BD:4C:01:C5:90:01:CC:68:C4:B4:E9:64:93:34:F6:74:3C:B1:9E:94:C2:5C:15:C4:C0:59:F8:F0:34:BF:C6:4B:2E:8C:CB:67:0C:16:76:18:F5:43:4A:11:06:29:76:AE:C6:CE:C1:44:C2:02:90:74:A6:CA:F1:64:30:26:A0:19:00:48:72:07:BC:E7:9C:EB:60:40:C0:27:46:7A:AD:3A:8F:A7:69:93:D2:6D:0E:93:16:23:F1:C4:6F:2C:D0:E7:A3:0C:F9:64:5C:79:53:EB:9C:D8:6A:66:91:11:5E:7F:4A:72:DA:2C:47:8F:53:D1:75:5D:29:01:6A:5F:9A:67:C8:D3:26:D9:D6:F9:FB:77:C0:6F:C4:FF:4B:14:5D:85:F8:E0:DD:F6:F6:59:3B:F3:6B:31:2F:62:D3:DB:42:8E:33:7D:AB:7B:D6:CC:86:3A:92:90:DB:91:EC:0F:FE:A6:F6:C8:32:E0" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "20250504132413Z", "not_valid_before": "20240504132421Z" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:102 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.024) 0:00:23.819 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:111 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.023) 0:00:23.842 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:120 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.028) 0:00:23.871 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:127 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.025) 0:00:23.896 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:138 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.027) 0:00:23.924 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:151 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.026) 0:00:23.951 ********** ok: [sut] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_fs_attrs_mode.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.053974", "end": "2024-05-04 13:24:23.891876", "rc": 0, "start": "2024-05-04 13:24:23.837902" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:160 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.198) 0:00:24.149 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:2 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.023) 0:00:24.173 ********** ok: [sut] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Check if system is ostree] *********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:9 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.010) 0:00:24.184 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Set flag to indicate system is ostree] *********************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:14 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.019) 0:00:24.203 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Ensure python3 is installed] ********************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:18 Saturday 04 May 2024 13:24:23 +0000 (0:00:00.020) 0:00:24.224 ********** ok: [sut] => { "changed": false, "rc": 0, "results": [ "python2-cryptography-1.7.2-2.el7.x86_64 providing python2-cryptography is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python2-cryptography is already installed" ] } lsrpackages: python2-cryptography TASK [Ensure python3 is installed] ********************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:29 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.403) 0:00:24.627 ********** skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Retrieve certificate file stats] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:40 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.032) 0:00:24.660 ********** ok: [sut] => { "changed": false, "stat": { "atime": 1714829061.823183, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6003c9766f2ea65d4e85db08d1f9d039f2062108", "ctime": 1714829061.818183, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 169873, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1714829061.818183, "nlink": 1, "path": "/etc/pki/tls/certs/certid_mode.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1294, "uid": 0, "version": "717559352", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:45 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.157) 0:00:24.817 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:51 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.023) 0:00:24.841 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:63 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.026) 0:00:24.867 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:69 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.022) 0:00:24.889 ********** ok: [sut] => { "changed": false, "stat": { "atime": 1714829061.7701826, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "784a0c7cbbf8f8506aacc359ff096d055ee93f41", "ctime": 1714829061.818183, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 169872, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1714829061.818183, "nlink": 1, "path": "/etc/pki/tls/private/certid_mode.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "717559339", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:74 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.155) 0:00:25.045 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:80 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.021) 0:00:25.066 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:92 Saturday 04 May 2024 13:24:24 +0000 (0:00:00.024) 0:00:25.091 ********** ok: [sut] => { "certificate": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "19:78:AD:79:94:70:31:F6:79:EA:D4:FC:6D:50:41:B1:92:2C:FB:D1" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "key_encipherment", "digital_signature" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "34:17:DD:C3:6A:ED:74:64:91:F2:6E:F6:27:5D:F7:40:5E:91:08:DE" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "60:B6:73:B4:95:96:29:8F:25:10:BB:7C:00:CD:5D:FD:CF:B5:06:7F:E9:D8:17:69:D7:44:2B:7C:9D:10:3D:43:6D:BF:B8:3E:BB:98:8E:54:96:AD:36:75:A2:E5:73:EE:2A:B4:10:70:F8:F0:22:E4:FA:17:43:73:84:82:EC:C5:AB:BC:57:D0:67:22:39:65:12:90:39:8D:33:5C:DD:C4:E6:C2:1F:7F:16:D8:8C:19:4B:EC:A0:FA:ED:1D:7A:85:2A:38:15:BF:FB:6F:CD:6F:C6:AB:A9:AF:1F:D8:27:63:39:50:A6:76:45:1D:39:B2:24:4E:57:E7:A9:03:46:16:0D:48:86:88:1C:82:16:FC:9C:76:8A:E0:B4:33:EB:C6:30:A1:71:FD:89:BA:1D:A1:34:39:A7:B3:AF:98:0E:DB:C9:7A:EF:6C:16:8C:E6:88:F7:D1:1D:83:40:16:3B:6F:71:53:28:76:7E:B1:29:9B:04:8E:AE:CE:52:3F:B1:E7:62:5D:77:67:EB:8E:F0:E9:2B:0E:3B:D8:BB:D1:2E:E4:2C:7D:6C:54:97:22:84:0A:4B:FE:D1:49:92:3B:BF:F0:E8:49:DC:3C:71:06:2C:34:0D:A1:8F:CF:3B:0D:FC:89:12:7E:1F:31:1D:AC:F6:45:1B:F7:65:FF:58:39:A9:16" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "20250504132413Z", "not_valid_before": "20240504132421Z" } }, "changed": false } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:98 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.223) 0:00:25.314 ********** ok: [sut] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "19:78:AD:79:94:70:31:F6:79:EA:D4:FC:6D:50:41:B1:92:2C:FB:D1" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "key_encipherment", "digital_signature" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "34:17:DD:C3:6A:ED:74:64:91:F2:6E:F6:27:5D:F7:40:5E:91:08:DE" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "60:B6:73:B4:95:96:29:8F:25:10:BB:7C:00:CD:5D:FD:CF:B5:06:7F:E9:D8:17:69:D7:44:2B:7C:9D:10:3D:43:6D:BF:B8:3E:BB:98:8E:54:96:AD:36:75:A2:E5:73:EE:2A:B4:10:70:F8:F0:22:E4:FA:17:43:73:84:82:EC:C5:AB:BC:57:D0:67:22:39:65:12:90:39:8D:33:5C:DD:C4:E6:C2:1F:7F:16:D8:8C:19:4B:EC:A0:FA:ED:1D:7A:85:2A:38:15:BF:FB:6F:CD:6F:C6:AB:A9:AF:1F:D8:27:63:39:50:A6:76:45:1D:39:B2:24:4E:57:E7:A9:03:46:16:0D:48:86:88:1C:82:16:FC:9C:76:8A:E0:B4:33:EB:C6:30:A1:71:FD:89:BA:1D:A1:34:39:A7:B3:AF:98:0E:DB:C9:7A:EF:6C:16:8C:E6:88:F7:D1:1D:83:40:16:3B:6F:71:53:28:76:7E:B1:29:9B:04:8E:AE:CE:52:3F:B1:E7:62:5D:77:67:EB:8E:F0:E9:2B:0E:3B:D8:BB:D1:2E:E4:2C:7D:6C:54:97:22:84:0A:4B:FE:D1:49:92:3B:BF:F0:E8:49:DC:3C:71:06:2C:34:0D:A1:8F:CF:3B:0D:FC:89:12:7E:1F:31:1D:AC:F6:45:1B:F7:65:FF:58:39:A9:16" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "20250504132413Z", "not_valid_before": "20240504132421Z" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:102 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.024) 0:00:25.339 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:111 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.030) 0:00:25.370 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:120 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.024) 0:00:25.394 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:127 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.024) 0:00:25.419 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:138 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.025) 0:00:25.444 ********** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:151 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.026) 0:00:25.470 ********** ok: [sut] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid_mode.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.053865", "end": "2024-05-04 13:24:25.409303", "rc": 0, "start": "2024-05-04 13:24:25.355438" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:160 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.196) 0:00:25.667 ********** ok: [sut] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* sut : ok=101 changed=9 unreachable=0 failed=0 skipped=24 rescued=0 ignored=0 Saturday 04 May 2024 13:24:25 +0000 (0:00:00.023) 0:00:25.690 ********** =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 6.62s /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 linux-system-roles.certificate : Ensure provider packages are installed --- 3.68s /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:24 linux-system-roles.certificate : Ensure certificate requests ------------ 1.30s /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:104 linux-system-roles.certificate : Ensure certificate requests ------------ 1.23s /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:104 linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 0.94s /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 Gathering Facts --------------------------------------------------------- 0.90s /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:2 --------------------- Parse certificate ------------------------------------------------------- 0.53s /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:92 linux-system-roles.certificate : Ensure provider service is running ----- 0.51s /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:92 Ensure python3 is installed --------------------------------------------- 0.40s /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:18 Gathering Facts --------------------------------------------------------- 0.40s /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:32 -------------------- Gathering Facts --------------------------------------------------------- 0.39s /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:14 -------------------- Ensure python3 is installed --------------------------------------------- 0.39s /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:18 linux-system-roles.certificate : Ensure provider packages are installed --- 0.39s /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:24 Ensure python3 is installed --------------------------------------------- 0.39s /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:18 Ensure python3 is installed --------------------------------------------- 0.38s /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:18 Gathering Facts --------------------------------------------------------- 0.38s /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:67 -------------------- Gathering Facts --------------------------------------------------------- 0.38s /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:85 -------------------- Ensure user exists ------------------------------------------------------ 0.35s /WORKDIR/git-weekly-ci42vupwb5/tests/tests_fs_attrs.yml:5 --------------------- Retrieve auto-renew flag ------------------------------------------------ 0.26s /WORKDIR/git-weekly-ci42vupwb5/tests/tasks/assert_certificate_parameters.yml:151 linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.24s /WORKDIR/git-weekly-ci42vupwb5/tests/roles/linux-system-roles.certificate/tasks/main.yml:37 ---^---^---^---^---^--- # STDERR: ---v---v---v---v---v--- ---^---^---^---^---^---