summaryrefslogtreecommitdiff
path: root/test/integration/targets/prepare_http_tests
diff options
context:
space:
mode:
Diffstat (limited to 'test/integration/targets/prepare_http_tests')
-rw-r--r--test/integration/targets/prepare_http_tests/defaults/main.yml4
-rw-r--r--test/integration/targets/prepare_http_tests/tasks/main.yml41
-rw-r--r--test/integration/targets/prepare_http_tests/vars/httptester.yml5
3 files changed, 50 insertions, 0 deletions
diff --git a/test/integration/targets/prepare_http_tests/defaults/main.yml b/test/integration/targets/prepare_http_tests/defaults/main.yml
new file mode 100644
index 0000000000..1114729623
--- /dev/null
+++ b/test/integration/targets/prepare_http_tests/defaults/main.yml
@@ -0,0 +1,4 @@
+badssl_host: wrong.host.badssl.com
+httpbin_host: httpbin.org
+sni_host: sni.velox.ch
+badssl_host_substring: wrong.host.badssl.com
diff --git a/test/integration/targets/prepare_http_tests/tasks/main.yml b/test/integration/targets/prepare_http_tests/tasks/main.yml
new file mode 100644
index 0000000000..3e56320529
--- /dev/null
+++ b/test/integration/targets/prepare_http_tests/tasks/main.yml
@@ -0,0 +1,41 @@
+# The docker --link functionality gives us an ENV var we can key off of to see if we have access to
+# the httptester container
+- set_fact:
+ has_httptester: "{{ lookup('env', 'HTTPTESTER') != '' }}"
+
+# If we are running with access to a httptester container, grab it's cacert and install it
+- block:
+ # Override hostname defaults with httptester linked names
+ - include_vars: httptester.yml
+
+ - name: RedHat - Enable the dynamic CA configuration feature
+ command: update-ca-trust force-enable
+ when: ansible_os_family == 'RedHat'
+
+ - name: RedHat - Retrieve test cacert
+ get_url:
+ url: "http://ansible.http.tests/cacert.pem"
+ dest: "/etc/pki/ca-trust/source/anchors/ansible.pem"
+ when: ansible_os_family == 'RedHat'
+
+ - name: Suse - Retrieve test cacert
+ get_url:
+ url: "http://ansible.http.tests/cacert.pem"
+ dest: "/etc/pki/trust/anchors/ansible.pem"
+ when: ansible_os_family == 'Suse'
+
+ - name: Debian - Retrieve test cacert
+ get_url:
+ url: "http://ansible.http.tests/cacert.pem"
+ dest: "/usr/local/share/ca-certificates/ansible.crt"
+ when: ansible_os_family == 'Debian'
+
+ - name: Redhat - Update ca trust
+ command: update-ca-trust extract
+ when: ansible_os_family == 'RedHat'
+
+ - name: Debian/Suse - Update ca certificates
+ command: update-ca-certificates
+ when: ansible_os_family == 'Debian' or ansible_os_family == 'Suse'
+
+ when: has_httptester|bool
diff --git a/test/integration/targets/prepare_http_tests/vars/httptester.yml b/test/integration/targets/prepare_http_tests/vars/httptester.yml
new file mode 100644
index 0000000000..0e23ae936a
--- /dev/null
+++ b/test/integration/targets/prepare_http_tests/vars/httptester.yml
@@ -0,0 +1,5 @@
+# these are fake hostnames provided by docker link for the httptester container
+badssl_host: fail.ansible.http.tests
+httpbin_host: ansible.http.tests
+sni_host: sni1.ansible.http.tests
+badssl_host_substring: HTTP Client Testing Service