generated from linux-system-roles/template
-
Notifications
You must be signed in to change notification settings - Fork 10
/
tests_certificate.yml
46 lines (43 loc) · 1.42 KB
/
tests_certificate.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
---
- name: Test PostgreSQL server with ssl support using certificate role
hosts: all
tasks:
- name: Test PostgreSQL server with certificate in default path
vars:
postgresql_password: redhat
block:
- name: Deploy postgresql
include_tasks: tasks/install_and_check.yml
vars:
__test_clean_instance: false
__test_check_unix_socket: false
postgresql_certificates:
- name: test_crt
dns: www.example.com
ca: self-sign
postgresql_ssl_enable: true
postgresql_pg_hba_conf:
- type: hostssl
database: all
user: all
auth_method: md5
address: '127.0.0.1/32'
- name: Gather output of psql
environment:
PGPASSWORD: "{{ postgresql_password }}"
shell: |
set -euo pipefail
echo "\conninfo" | psql -U postgres -h 127.0.0.1
register: result
changed_when: false
- name: Check output of psql
assert:
that: >-
"SSL connection" in result.stdout
always:
- name: Stop tracking certificate
command: getcert stop-tracking -f /etc/pki/tls/certs/test_crt.crt
changed_when: false
- name: Clean up
include_tasks: tasks/clean_instance.yml
tags: tests::cleanup