1# -*- coding: utf-8 -*- 2# 3# Copyright: (c) 2019, F5 Networks Inc. 4# GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) 5 6from __future__ import (absolute_import, division, print_function) 7__metaclass__ = type 8 9import os 10import json 11import pytest 12import sys 13 14if sys.version_info < (2, 7): 15 pytestmark = pytest.mark.skip("F5 Ansible modules require Python >= 2.7") 16 17from ansible.module_utils.basic import AnsibleModule 18 19from ansible_collections.f5networks.f5_modules.plugins.modules.bigip_device_certificate import ( 20 ModuleManager, ArgumentSpec, ModuleParameters 21) 22from ansible_collections.f5networks.f5_modules.tests.unit.compat import unittest 23from ansible_collections.f5networks.f5_modules.tests.unit.compat.mock import Mock, patch 24from ansible_collections.f5networks.f5_modules.tests.unit.modules.utils import set_module_args 25 26fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures') 27fixture_data = {} 28 29 30def load_fixture(name): 31 path = os.path.join(fixture_path, name) 32 33 if path in fixture_data: 34 return fixture_data[path] 35 36 with open(path) as f: 37 data = f.read() 38 39 try: 40 data = json.loads(data) 41 except Exception: 42 pass 43 44 fixture_data[path] = data 45 return data 46 47 48class TestParameters(unittest.TestCase): 49 def test_module_parameters(self): 50 args = dict( 51 key_size=2048, 52 cert_name='foo.crt', 53 key_name='foo.key', 54 days_valid=60, 55 issuer=dict( 56 country='US', 57 state='WA', 58 locality='Seattle', 59 organization='F5', 60 division='IT', 61 common_name='foo.bar.local', 62 email='admin@foo.bar.local' 63 ), 64 new_cert='yes' 65 ) 66 p = ModuleParameters(params=args) 67 assert p.key_size == 2048 68 assert p.cert_name == 'foo.crt' 69 assert p.key_name == 'foo.key' 70 assert p.days_valid == 60 71 assert 'CN=foo.bar.local' in p.issuer 72 73 74class TestManager(unittest.TestCase): 75 def setUp(self): 76 self.spec = ArgumentSpec() 77 78 def test_update_expired_cert(self, *args): 79 set_module_args(dict( 80 days_valid=60, 81 provider=dict( 82 server='localhost', 83 password='password', 84 user='admin', 85 transport='cli', 86 server_port=22 87 ) 88 )) 89 90 module = AnsibleModule( 91 argument_spec=self.spec.argument_spec, 92 supports_check_mode=self.spec.supports_check_mode, 93 required_if=self.spec.required_if 94 ) 95 96 mm = ModuleManager(module=module) 97 mm.expired = Mock(return_value=True) 98 mm.update_certificate = Mock(return_value=True) 99 mm.restart_daemon = Mock(return_value=True) 100 mm.copy_files_to_trusted = Mock(return_value=True) 101 102 results = mm.exec_module() 103 104 assert results['changed'] is True 105 assert results['days_valid'] == 60 106 107 def test_create_new_cert(self): 108 set_module_args(dict( 109 key_size=2048, 110 cert_name='foo.crt', 111 key_name='foo.key', 112 days_valid=60, 113 new_cert='yes', 114 issuer=dict( 115 country='US', 116 state='WA', 117 locality='Seattle', 118 organization='F5', 119 division='IT', 120 common_name='foo.bar.local', 121 email='admin@foo.bar.local' 122 ), 123 provider=dict( 124 server='localhost', 125 password='password', 126 user='admin', 127 transport='cli', 128 server_port=22 129 ) 130 )) 131 132 module = AnsibleModule( 133 argument_spec=self.spec.argument_spec, 134 supports_check_mode=self.spec.supports_check_mode, 135 required_if=self.spec.required_if 136 ) 137 138 mm = ModuleManager(module=module) 139 mm.expired = Mock(return_value=True) 140 mm.generate_cert_key = Mock(return_value=True) 141 mm.restart_daemon = Mock(return_value=True) 142 mm.configure_new_cert = Mock(return_value=True) 143 144 results = mm.exec_module() 145 146 assert results['changed'] is True 147 assert results['days_valid'] == 60 148 assert results['cert_name'] == 'foo.crt' 149 assert results['key_name'] == 'foo.key' 150 assert results['issuer'] == dict( 151 country='US', 152 state='WA', 153 locality='Seattle', 154 organization='F5', 155 division='IT', 156 common_name='foo.bar.local', 157 email='admin@foo.bar.local' 158 ) 159