Work around problems on some CI targets.

ansible-collections · Jul 15, 2023 · ea41552 · ea41552
1 parent f056b71
commit ea41552
Show file tree

Hide file tree

Showing 7 changed files with 77 additions and 52 deletions.
diff --git a/tests/integration/targets/lookup_gpg_fingerprint/tasks/main.yml b/tests/integration/targets/lookup_gpg_fingerprint/tasks/main.yml
@@ -3,55 +3,58 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-- name: Create GPG key
-  ansible.builtin.command:
-    cmd: gpg --homedir "{{ remote_tmp_dir }}" --batch --generate-key
-    stdin: |
-      %echo Generating a basic OpenPGP key
-      %no-ask-passphrase
-      %no-protection
-      Key-Type: RSA
-      Key-Length: 4096
-      Name-Real: Foo Bar
-      Name-Email: foo@bar.com
-      Expire-Date: 0
-      %commit
-      %echo done
-  register: result
-
-- name: Extract fingerprint
-  ansible.builtin.shell: gpg --homedir "{{ remote_tmp_dir }}" --with-colons --fingerprint foo@bar.com | grep '^fpr:'
-  register: fingerprints
-
-- name: Show fingerprints
-  ansible.builtin.debug:
-    msg: "{{ fingerprints.stdout_lines | map('split', ':') }}"
-
-- name: Export public key
-  ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export --armor foo@bar.com
-  register: public_key
-
-- name: Export private key
-  ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export-secret-key --armor foo@bar.com
-  register: private_key
-
-- name: Write public key to disk
-  ansible.builtin.copy:
-    dest: "{{ remote_tmp_dir }}/public-key"
-    content: "{{ public_key.stdout }}"
-
-- name: Write private key to disk
-  ansible.builtin.copy:
-    dest: "{{ remote_tmp_dir }}/private-key"
-    content: "{{ private_key.stdout }}"
-
-- name: Gather fingerprints
-  ansible.builtin.set_fact:
-    public_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/public-key') }}"
-    private_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/private-key') }}"
-
-- name: Check whether fingerprints match
-  ansible.builtin.assert:
-    that:
-      - public_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9]
-      - private_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9]
+- name: Run tests if GPG is available
+  when: has_gnupg
+  block:
+    - name: Create GPG key
+      ansible.builtin.command:
+        cmd: gpg --homedir "{{ remote_tmp_dir }}" --batch --generate-key
+        stdin: |
+          %echo Generating a basic OpenPGP key
+          %no-ask-passphrase
+          %no-protection
+          Key-Type: RSA
+          Key-Length: 4096
+          Name-Real: Foo Bar
+          Name-Email: foo@bar.com
+          Expire-Date: 0
+          %commit
+          %echo done
+      register: result
+
+    - name: Extract fingerprint
+      ansible.builtin.shell: gpg --homedir "{{ remote_tmp_dir }}" --with-colons --fingerprint foo@bar.com | grep '^fpr:'
+      register: fingerprints
+
+    - name: Show fingerprints
+      ansible.builtin.debug:
+        msg: "{{ fingerprints.stdout_lines | map('split', ':') | list }}"
+
+    - name: Export public key
+      ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export --armor foo@bar.com
+      register: public_key
+
+    - name: Export private key
+      ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export-secret-key --armor foo@bar.com
+      register: private_key
+
+    - name: Write public key to disk
+      ansible.builtin.copy:
+        dest: "{{ remote_tmp_dir }}/public-key"
+        content: "{{ public_key.stdout }}"
+
+    - name: Write private key to disk
+      ansible.builtin.copy:
+        dest: "{{ remote_tmp_dir }}/private-key"
+        content: "{{ private_key.stdout }}"
+
+    - name: Gather fingerprints
+      ansible.builtin.set_fact:
+        public_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/public-key') }}"
+        private_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/private-key') }}"
+
+    - name: Check whether fingerprints match
+      ansible.builtin.assert:
+        that:
+          - public_key_fingerprint == (fingerprints.stdout_lines | map('split', ':'))[0][9]
+          - private_key_fingerprint == (fingerprints.stdout_lines | map('split', ':'))[0][9]
diff --git a/tests/integration/targets/setup_gnupg/tasks/main.yml b/tests/integration/targets/setup_gnupg/tasks/main.yml
@@ -8,6 +8,9 @@
   vars:
     params:
       files:
+        - '{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml'
+        - '{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_major_version }}.yml'
+        - '{{ ansible_facts.distribution }}.yml'
         - '{{ ansible_facts.os_family }}.yml'
         - default.yml
       paths:
@@ -16,3 +19,4 @@
 - name: Install GnuPG
   ansible.builtin.package:
     name: '{{ gnupg_package_name }}'
+  when: has_gnupg
diff --git a/tests/integration/targets/setup_gnupg/vars/Alpine.yml b/tests/integration/targets/setup_gnupg/vars/Alpine.yml
@@ -3,4 +3,6 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+# Alpine 3.12 should have GnuPG, but for some reason installing it fails...
+has_gnupg: "{{ ansible_facts.distribution_version is version('3.13', '>=') }}"
 gnupg_package_name: gpg
diff --git a/tests/integration/targets/setup_gnupg/vars/Darwin.yml b/tests/integration/targets/setup_gnupg/vars/Darwin.yml
@@ -0,0 +1,7 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+# TODO Homebrew currently isn't happy when running as root, so assume we don't have GnuPG
+has_gnupg: false
diff --git a/tests/integration/targets/setup_gnupg/vars/RedHat-6.yml b/tests/integration/targets/setup_gnupg/vars/RedHat-6.yml
@@ -0,0 +1,7 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+has_gnupg: false
+# The GnuPG version included with CentOS 6 is too old, it doesn't understand --generate-key
diff --git a/tests/integration/targets/setup_gnupg/vars/RedHat.yml b/tests/integration/targets/setup_gnupg/vars/RedHat.yml
@@ -3,4 +3,5 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+has_gnupg: true
 gnupg_package_name: gnupg2
diff --git a/tests/integration/targets/setup_gnupg/vars/default.yml b/tests/integration/targets/setup_gnupg/vars/default.yml
@@ -3,4 +3,5 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+has_gnupg: true
 gnupg_package_name: gnupg