From c027307e0e3d11af46d9c4eef00047ab7baf75ee Mon Sep 17 00:00:00 2001 From: jlarriba Date: Wed, 8 Jan 2025 15:37:09 +0100 Subject: [PATCH] [OSPRH-12795] Remove tls cert and key from molecule tests in telemetry-operator --- .../molecule/default/collections.yml | 16 +++++ .../molecule/default/prepare.yml | 65 ++++------------- .../molecule/default/collections.yml | 1 + .../molecule/default/prepare.yml | 70 ++++--------------- 4 files changed, 46 insertions(+), 106 deletions(-) diff --git a/roles/edpm_telemetry/molecule/default/collections.yml b/roles/edpm_telemetry/molecule/default/collections.yml index afc836d72..19d2cef12 100644 --- a/roles/edpm_telemetry/molecule/default/collections.yml +++ b/roles/edpm_telemetry/molecule/default/collections.yml @@ -1,3 +1,19 @@ --- +# Copyright 2024 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + collections: - name: community.general + - name: community.crypto diff --git a/roles/edpm_telemetry/molecule/default/prepare.yml b/roles/edpm_telemetry/molecule/default/prepare.yml index ba5277fc6..ebde485f9 100644 --- a/roles/edpm_telemetry/molecule/default/prepare.yml +++ b/roles/edpm_telemetry/molecule/default/prepare.yml @@ -118,67 +118,30 @@ - volume.* - hardware.* + - name: Install crypto dependency + become: true + ansible.builtin.dnf: + name: python3-cryptography + state: present + - name: Create certs directory ansible.builtin.file: path: "{{ edpm_telemetry_certs }}" state: directory mode: "0775" - - name: Create tls.crt - ansible.builtin.copy: - dest: "{{ edpm_telemetry_certs }}/tls.crt" + - name: Generate an OpenSSL private key with the default values (4096 bits, RSA) + community.crypto.openssl_privatekey: + path: "{{ edpm_telemetry_certs }}/tls.key" mode: "0600" owner: root group: root - content: | - -----BEGIN CERTIFICATE----- - MIICdTCCAhugAwIBAgIRANbtgxUt6z0Lgu63tMkJi/owCgYIKoZIzj0EAwIwGjEY - MBYGA1UEAxMPcm9vdGNhLWludGVybmFsMB4XDTI0MDIyMDEwMjQwN1oXDTI1MDIx - OTEwMjQwN1owADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMIngiZ - KKDAYL7pwP3ti5XD8cNHaYfjHXmpeXWCinDjsnbVbxbIg8tbk/S37J7bVKXzkynZ - fqy5zm0OAMcUQpzVpAm8a4BNgBpyOkEmvI3wuk2+eV9UTvdxfnZH49w1PP1y6YMp - eTe4L/N73f+85S4T4t0z0LzuaUnBmDzrMHti1dhKEa4dHeUXgm0X4bIUYy7LDzJS - RXZWLrTlNudqNGTJjqysLF+tG0/42m+aCrDyobnGnDhipqKiDAymm/8imea4z9RN - TJB7YamWsKME1TWMXKTGdpvukzD5hMqSR9nb8GLhnSp2+affjONEA2qTFb2EjQsy - UN3H8TlxDTg4nU8CAwEAAaOBkDCBjTAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAww - CgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRw5+MeAyVauyYD - qxHKihlwOahznTA3BgNVHREBAf8ELTArgiNlZHBtLWNvbXB1dGUtMC5jdGxwbGFu - ZS5leGFtcGxlLmNvbYcEwKh6ZDAKBggqhkjOPQQDAgNIADBFAiEA/pS5XYr/Kcux - YAcw+uSB/iTMy5v/rXhGNyIIRuzhei0CIAr/jg2QBtOJGSr0DVUF+0qdi1o1GAxN - Ldhr3K2EKWFY - -----END CERTIFICATE----- - - name: Create tls.key - ansible.builtin.copy: - dest: "{{ edpm_telemetry_certs }}/tls.key" + - name: Create simple self-signed certificate + community.crypto.x509_certificate: + path: "{{ edpm_telemetry_certs }}/tls.crt" + privatekey_path: "{{ edpm_telemetry_certs }}/tls.key" + provider: selfsigned mode: "0600" owner: root group: root - content: | - -----BEGIN RSA PRIVATE KEY----- - MIIEogIBAAKCAQEAwwieCJkooMBgvunA/e2LlcPxw0dph+Mdeal5dYKKcOOydtVv - FsiDy1uT9LfsnttUpfOTKdl+rLnObQ4AxxRCnNWkCbxrgE2AGnI6QSa8jfC6Tb55 - X1RO93F+dkfj3DU8/XLpgyl5N7gv83vd/7zlLhPi3TPQvO5pScGYPOswe2LV2EoR - rh0d5ReCbRfhshRjLssPMlJFdlYutOU252o0ZMmOrKwsX60bT/jab5oKsPKhucac - OGKmoqIMDKab/yKZ5rjP1E1MkHthqZawowTVNYxcpMZ2m+6TMPmEypJH2dvwYuGd - Knb5p9+M40QDapMVvYSNCzJQ3cfxOXENODidTwIDAQABAoIBADtnD4M86vPzRERB - vCdbR62I7cT1pj3ePecFaFoTNYlmwL+TCG/fCM1SikD6GBbWZPTauFMBzKRdP3NV - 1YTNNfDA3WKdwfxlHoRvkDCx1LJCxOvS/PK9IgQZzFPIV62FhZsIefkaE7KV5fz6 - GEbBSOh85BdNpeE1mFn/nhfH5o9dpfbeZp3omO7jONGSK6RitMRxAQ8si1gXoGPG - VjN4tYUlxNf4Y7xULfjdtWThHzuvzgE86kQ5+mwLdxpPn2HT+H6yS270/NYzGSPm - lCBh5C8DtHAoE7riFzSNz9kqZ6dtqAqc98fIlKV1q/J40cCpg1+/DtgT0u7alBhg - c+ECQaECgYEA3RAoFqp5ZzTiXwAfbzpTrdFefKgmh+cKt9vLyL/J4NN+sK19GhMA - vHUazI0butFEgF2OVuFr2ohDHFguA/D/ocMpyYZLnLvx7RndKm2rUcHOpd06VJH4 - SXyY7URETOCQ2QzcTEAooSa5njnpJHzk8YxMa/r8I7lomOVMObAQFLECgYEA4dta - TT6EMRjH3DlPvoaZg2WVcHYeHRkPuBv/guHpIlWMwx5ywLkl+TDF/b5La8H9ZJAP - PLgv8zTHa3gbdnKq1VLB5ldwvcF61JhYwluyOsltJ4ARJ8j3m5WB3h0fm4Gu7YXl - ercUDPBjYm5Zn7h6i8A5svV5yiZkaVxiIGYoUf8CgYA3dsVIIo+BOICPa113r7+s - /bniNuIr+Oj0hl4TySLimM3RkEWyFBB8ODl4FvNdJQI13sNGwxonY0bLRsiMzpuk - v22tlVdFRNaHMZUO/yMbyS+K5/2pmFIeRfesmBM24qUVACgJrZNEE45Ax7DaKcfb - XuMRuJAoem1m5yj/1E/EkQKBgADAVAqRvKrVJEUNQ8Ckffo76kVXfz4liTHZlf3/ - dmEQ28kCXutZMlEj4mS3r1SKbqdY+1P+YNp0QH2RBrZcJ0lSXya+/7cB38C5SQJM - f8lGRkCtYmE5f+lak/YDLsm7orNTkLHZzg1E92+qYk3vtSil2QtJWcBcZFUdY44s - CNJNAoGAGmsvAw2tOqXU0hn/8oH2tjfD9sfYnKMe19vdJLPSQjJZv31QZPzl2g4j - yCCnUxqB0fmzNM/1TuPBzBcdtLWhV7k10jxrovkAHSDXsGBb/+8BbWH04tOhoOO7 - snX6BmT+G0RSby8naSiNl/8DM96Nj2Oh0WOwIa4oNdro3IaVqMs= - -----END RSA PRIVATE KEY----- diff --git a/roles/edpm_telemetry_power_monitoring/molecule/default/collections.yml b/roles/edpm_telemetry_power_monitoring/molecule/default/collections.yml index 7e96bda06..19d2cef12 100644 --- a/roles/edpm_telemetry_power_monitoring/molecule/default/collections.yml +++ b/roles/edpm_telemetry_power_monitoring/molecule/default/collections.yml @@ -16,3 +16,4 @@ collections: - name: community.general + - name: community.crypto diff --git a/roles/edpm_telemetry_power_monitoring/molecule/default/prepare.yml b/roles/edpm_telemetry_power_monitoring/molecule/default/prepare.yml index a04d7592b..573e0d03b 100644 --- a/roles/edpm_telemetry_power_monitoring/molecule/default/prepare.yml +++ b/roles/edpm_telemetry_power_monitoring/molecule/default/prepare.yml @@ -147,70 +147,30 @@ - volume.* - hardware.* - - name: Create certs directory + - name: Install crypto dependency become: true + ansible.builtin.dnf: + name: python3-cryptography + state: present + + - name: Create certs directory ansible.builtin.file: path: "{{ edpm_telemetry_certs }}" state: directory mode: "0775" - - name: Create tls.crt - become: true - ansible.builtin.copy: - dest: "{{ edpm_telemetry_certs }}/tls.crt" + - name: Generate an OpenSSL private key with the default values (4096 bits, RSA) + community.crypto.openssl_privatekey: + path: "{{ edpm_telemetry_certs }}/tls.key" mode: "0600" owner: root group: root - content: | - -----BEGIN CERTIFICATE----- - MIICdTCCAhugAwIBAgIRANbtgxUt6z0Lgu63tMkJi/owCgYIKoZIzj0EAwIwGjEY - MBYGA1UEAxMPcm9vdGNhLWludGVybmFsMB4XDTI0MDIyMDEwMjQwN1oXDTI1MDIx - OTEwMjQwN1owADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMIngiZ - KKDAYL7pwP3ti5XD8cNHaYfjHXmpeXWCinDjsnbVbxbIg8tbk/S37J7bVKXzkynZ - fqy5zm0OAMcUQpzVpAm8a4BNgBpyOkEmvI3wuk2+eV9UTvdxfnZH49w1PP1y6YMp - eTe4L/N73f+85S4T4t0z0LzuaUnBmDzrMHti1dhKEa4dHeUXgm0X4bIUYy7LDzJS - RXZWLrTlNudqNGTJjqysLF+tG0/42m+aCrDyobnGnDhipqKiDAymm/8imea4z9RN - TJB7YamWsKME1TWMXKTGdpvukzD5hMqSR9nb8GLhnSp2+affjONEA2qTFb2EjQsy - UN3H8TlxDTg4nU8CAwEAAaOBkDCBjTAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAww - CgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRw5+MeAyVauyYD - qxHKihlwOahznTA3BgNVHREBAf8ELTArgiNlZHBtLWNvbXB1dGUtMC5jdGxwbGFu - ZS5leGFtcGxlLmNvbYcEwKh6ZDAKBggqhkjOPQQDAgNIADBFAiEA/pS5XYr/Kcux - YAcw+uSB/iTMy5v/rXhGNyIIRuzhei0CIAr/jg2QBtOJGSr0DVUF+0qdi1o1GAxN - Ldhr3K2EKWFY - -----END CERTIFICATE----- - - - name: Create tls.key - become: true - ansible.builtin.copy: - dest: "{{ edpm_telemetry_certs }}/tls.key" + + - name: Create simple self-signed certificate + community.crypto.x509_certificate: + path: "{{ edpm_telemetry_certs }}/tls.crt" + privatekey_path: "{{ edpm_telemetry_certs }}/tls.key" + provider: selfsigned mode: "0600" owner: root group: root - content: | - -----BEGIN RSA PRIVATE KEY----- - MIIEogIBAAKCAQEAwwieCJkooMBgvunA/e2LlcPxw0dph+Mdeal5dYKKcOOydtVv - FsiDy1uT9LfsnttUpfOTKdl+rLnObQ4AxxRCnNWkCbxrgE2AGnI6QSa8jfC6Tb55 - X1RO93F+dkfj3DU8/XLpgyl5N7gv83vd/7zlLhPi3TPQvO5pScGYPOswe2LV2EoR - rh0d5ReCbRfhshRjLssPMlJFdlYutOU252o0ZMmOrKwsX60bT/jab5oKsPKhucac - OGKmoqIMDKab/yKZ5rjP1E1MkHthqZawowTVNYxcpMZ2m+6TMPmEypJH2dvwYuGd - Knb5p9+M40QDapMVvYSNCzJQ3cfxOXENODidTwIDAQABAoIBADtnD4M86vPzRERB - vCdbR62I7cT1pj3ePecFaFoTNYlmwL+TCG/fCM1SikD6GBbWZPTauFMBzKRdP3NV - 1YTNNfDA3WKdwfxlHoRvkDCx1LJCxOvS/PK9IgQZzFPIV62FhZsIefkaE7KV5fz6 - GEbBSOh85BdNpeE1mFn/nhfH5o9dpfbeZp3omO7jONGSK6RitMRxAQ8si1gXoGPG - VjN4tYUlxNf4Y7xULfjdtWThHzuvzgE86kQ5+mwLdxpPn2HT+H6yS270/NYzGSPm - lCBh5C8DtHAoE7riFzSNz9kqZ6dtqAqc98fIlKV1q/J40cCpg1+/DtgT0u7alBhg - c+ECQaECgYEA3RAoFqp5ZzTiXwAfbzpTrdFefKgmh+cKt9vLyL/J4NN+sK19GhMA - vHUazI0butFEgF2OVuFr2ohDHFguA/D/ocMpyYZLnLvx7RndKm2rUcHOpd06VJH4 - SXyY7URETOCQ2QzcTEAooSa5njnpJHzk8YxMa/r8I7lomOVMObAQFLECgYEA4dta - TT6EMRjH3DlPvoaZg2WVcHYeHRkPuBv/guHpIlWMwx5ywLkl+TDF/b5La8H9ZJAP - PLgv8zTHa3gbdnKq1VLB5ldwvcF61JhYwluyOsltJ4ARJ8j3m5WB3h0fm4Gu7YXl - ercUDPBjYm5Zn7h6i8A5svV5yiZkaVxiIGYoUf8CgYA3dsVIIo+BOICPa113r7+s - /bniNuIr+Oj0hl4TySLimM3RkEWyFBB8ODl4FvNdJQI13sNGwxonY0bLRsiMzpuk - v22tlVdFRNaHMZUO/yMbyS+K5/2pmFIeRfesmBM24qUVACgJrZNEE45Ax7DaKcfb - XuMRuJAoem1m5yj/1E/EkQKBgADAVAqRvKrVJEUNQ8Ckffo76kVXfz4liTHZlf3/ - dmEQ28kCXutZMlEj4mS3r1SKbqdY+1P+YNp0QH2RBrZcJ0lSXya+/7cB38C5SQJM - f8lGRkCtYmE5f+lak/YDLsm7orNTkLHZzg1E92+qYk3vtSil2QtJWcBcZFUdY44s - CNJNAoGAGmsvAw2tOqXU0hn/8oH2tjfD9sfYnKMe19vdJLPSQjJZv31QZPzl2g4j - yCCnUxqB0fmzNM/1TuPBzBcdtLWhV7k10jxrovkAHSDXsGBb/+8BbWH04tOhoOO7 - snX6BmT+G0RSby8naSiNl/8DM96Nj2Oh0WOwIa4oNdro3IaVqMs= - -----END RSA PRIVATE KEY-----