From 15ad3f1564a685630cbea07103cf0f5d079e753d Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Thu, 14 Dec 2023 12:31:52 +0200 Subject: [PATCH 1/2] bump netcommon to support custom ca cert --- galaxy.yml | 4 ++-- run.sh | 7 +++++++ tests/playbooks/tls-missed-check-fail.yml | 2 +- tests/playbooks/tls-with-custom-ca.yml | 21 +++++++++++++++++++++ 4 files changed, 31 insertions(+), 3 deletions(-) create mode 100644 tests/playbooks/tls-with-custom-ca.yml diff --git a/galaxy.yml b/galaxy.yml index a54143b..f83b151 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -12,7 +12,7 @@ namespace: nokia name: srlinux # The version of the collection. Must be compatible with semantic versioning -version: 0.3.0 +version: 0.4.0 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md @@ -46,7 +46,7 @@ tags: # L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version # range specifiers can be set and are separated by ',' dependencies: - "ansible.netcommon": ">=5.1.0" + "ansible.netcommon": ">=5.2.0" # The URL of the originating SCM repository repository: https://github.com/nokia/srlinux-ansible-collection diff --git a/run.sh b/run.sh index 2ffe712..b3ddee7 100755 --- a/run.sh +++ b/run.sh @@ -123,6 +123,12 @@ function test-tls-skip { ansible-playbook playbooks/tls-skipped-check.yml "$@" } +function test-tls-custom-ca { + _cdTests + revert-to-checkpoint + ansible-playbook playbooks/tls-with-custom-ca.yml "$@" +} + function test-get-container { _cdTests revert-to-checkpoint @@ -276,6 +282,7 @@ function _run-tests { test-cli-wrong-cmd "$@" test-tls-fail "$@" test-tls-skip "$@" + test-tls-custom-ca "$@" test-set-check-mode "$@" test-set-leaves "$@" test-set-leaves-twice "$@" diff --git a/tests/playbooks/tls-missed-check-fail.yml b/tests/playbooks/tls-missed-check-fail.yml index b55782e..dd4accd 100644 --- a/tests/playbooks/tls-missed-check-fail.yml +++ b/tests/playbooks/tls-missed-check-fail.yml @@ -8,7 +8,7 @@ vars: ansible_httpapi_use_ssl: yes tasks: - - name: json RPC get + - name: Get with TLS required but without setting skip verify or custom ca cert nokia.srlinux.get: paths: - path: /system/information diff --git a/tests/playbooks/tls-with-custom-ca.yml b/tests/playbooks/tls-with-custom-ca.yml new file mode 100644 index 0000000..47bf454 --- /dev/null +++ b/tests/playbooks/tls-with-custom-ca.yml @@ -0,0 +1,21 @@ +# Copyright 2023 Nokia +# Licensed under the BSD 3-Clause License. +# SPDX-License-Identifier: BSD-3-Clause + +- name: TLS with custom CA + hosts: clab + gather_facts: false + vars: + ansible_httpapi_use_ssl: yes + ansible_httpapi_ca_path: "{{ playbook_dir }}/../../scripts/clab-ansible/.tls/ca/ca.pem" + tasks: + - name: Get with TLS required and custom ca cert + nokia.srlinux.get: + paths: + - path: /system/information + datastore: state + register: get_return + failed_when: get_return.failed + + - debug: + var: get_return From dd809af58bd3d50e7b0692f6b66ca2d4236724b8 Mon Sep 17 00:00:00 2001 From: Roman Dodin Date: Thu, 14 Dec 2023 12:37:12 +0200 Subject: [PATCH 2/2] bump clab version --- run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run.sh b/run.sh index b3ddee7..ab4cf42 100755 --- a/run.sh +++ b/run.sh @@ -313,7 +313,7 @@ function test { # ci-test is a wrapper for testing in CI which first setups the environment. function ci-test { - install-containerlab 0.41.2 + install-containerlab 0.48.6 install-local-collection deploy-lab