File: missing_hostkey_acceptnew.yml

package info (click to toggle)
ansible-core 2.19.0~beta6-1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 32,628 kB
  • sloc: python: 180,313; cs: 4,929; sh: 4,601; xml: 34; makefile: 21
file content (79 lines) | stat: -rw-r--r-- 2,496 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
- name: MISSING-HOSTKEY | check accept_newhostkey support
  shell: ssh -o StrictHostKeyChecking=accept-new -V
  register: ssh_supports_accept_newhostkey
  ignore_errors: true

- block:
    - name: MISSING-HOSTKEY | accept_newhostkey when ssh does not support the option
      git:
        repo: '{{ repo_format2 }}'
        dest: '{{ checkout_dir }}'
        accept_newhostkey: true
        ssh_opts: '-o UserKnownHostsFile={{ remote_tmp_dir }}/known_hosts'
      register: git_result
      ignore_errors: true

    - assert:
        that:
          - git_result is failed
          - git_result.warnings is search("does not support")

  when: ssh_supports_accept_newhostkey.rc != 0

- name: MISSING-HOSTKEY | checkout ssh://git@github.com repo without accept_newhostkey (expected fail)
  git:
    repo: '{{ repo_format2 }}'
    dest: '{{ checkout_dir }}'
    ssh_opts: '-o UserKnownHostsFile={{ remote_tmp_dir }}/known_hosts'
  register: git_result
  ignore_errors: true

- assert:
    that:
      - git_result is failed

- block:
    - name: MISSING-HOSTKEY | checkout git@github.com repo with accept_newhostkey (expected pass)
      git:
        repo: '{{ repo_format2 }}'
        dest: '{{ checkout_dir }}'
        accept_newhostkey: true
        key_file: '{{ github_ssh_private_key }}'
        ssh_opts: '-o UserKnownHostsFile={{ remote_tmp_dir }}/known_hosts'
      register: git_result

    - assert:
        that:
          - git_result is changed

    - name: MISSING-HOSTKEY | clear checkout_dir
      file:
        state: absent
        path: '{{ checkout_dir }}'

    - name: MISSING-HOSTKEY | checkout ssh://git@github.com repo with accept_newhostkey (expected pass)
      git:
        repo: '{{ repo_format3 }}'
        dest: '{{ checkout_dir }}'
        version: >-
          {{ git_default_branch }}
        accept_newhostkey: false # should already have been accepted
        key_file: '{{ github_ssh_private_key }}'
        ssh_opts: '-o UserKnownHostsFile={{ remote_tmp_dir }}/known_hosts'
      register: git_result

    - assert:
        that:
          - git_result is changed

    - name: MISSING-HOSTEKY | Remove github.com hostkey from known_hosts
      lineinfile:
        dest: '{{ remote_tmp_dir }}/known_hosts'
        regexp: "github.com"
        state: absent

    - name: MISSING-HOSTKEY | clear checkout_dir
      file:
        state: absent
        path: '{{ checkout_dir }}'
  when: github_ssh_private_key is defined and ssh_supports_accept_newhostkey.rc == 0