linux-system-roles-ssh/tests/tests_custom_drop_in.yml at 04b654247783c8946194e61f2e67abe03c3cd7de · richm/linux-system-roles-ssh · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
---
- name: Test we can write any other configuration file as a drop-in
  hosts: all
  vars:
    __ssh_test_backup_files:
      - /tmp/ssh_config.d_00-ansible.conf

  tasks:
    - name: Skip if the system does not support drop in directory
      meta: end_host
      when:
        - ansible_facts['os_family'] != 'Suse' and
          ansible_facts['distribution'] != 'Fedora' and
          not (ansible_facts['distribution'] in ['RedHat','CentOS'] and
               ansible_facts['distribution_version'] | int >= 8) and
          not (ansible_facts['distribution'] in ['Ubuntu'] and
               ansible_facts['distribution_version'] | int >= 20)

    - name: Backup configuration files
      include_tasks: tasks/backup.yml

    - name: Run role
      include_tasks: tasks/run_role_with_clear_facts.yml
      vars:
        ssh:
          Compression: true
          GSSAPIAuthentication: false
        __ssh_drop_in_template: /tmp/ssh_config.d_{name}.conf

    - name: Verify the configuration file was created in the right place
      block:
        - name: Download the custom configuration file drop-in
          slurp:
            src: /tmp/ssh_config.d_00-ansible.conf
          register: config

        - name: Verify the options are in the file
          assert:
            that:
              - "'Compression yes' in config.content | b64decode"
              - "'GSSAPIAuthentication no' in config.content | b64decode"
              # common defaults should be skipped (ssh_skip_defaults=auto)
              - "'Include' not in config.content | b64decode"
              - "'SendEnv' not in config.content | b64decode"

    - name: Restore configuration files
      include_tasks: tasks/restore.yml