Support for custom ca paths (#24)

* bump netcommon to support custom ca cert * bump clab version
nokia · Dec 14, 2023 · 3df0a30 · 3df0a30
1 parent 02185b0
commit 3df0a30
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 4 deletions.
diff --git a/galaxy.yml b/galaxy.yml
@@ -12,7 +12,7 @@ namespace: nokia
 name: srlinux
 
 # The version of the collection. Must be compatible with semantic versioning
-version: 0.3.0
+version: 0.4.0
 
 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
 readme: README.md
@@ -46,7 +46,7 @@ tags:
 # L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
 # range specifiers can be set and are separated by ','
 dependencies:
-  "ansible.netcommon": ">=5.1.0"
+  "ansible.netcommon": ">=5.2.0"
 
 # The URL of the originating SCM repository
 repository: https://github.com/nokia/srlinux-ansible-collection

diff --git a/run.sh b/run.sh
@@ -123,6 +123,12 @@ function test-tls-skip {
   ansible-playbook playbooks/tls-skipped-check.yml "$@"
 }
 
+function test-tls-custom-ca {
+  _cdTests
+  revert-to-checkpoint
+  ansible-playbook playbooks/tls-with-custom-ca.yml "$@"
+}
+
 function test-get-container {
   _cdTests
   revert-to-checkpoint
@@ -276,6 +282,7 @@ function _run-tests {
   test-cli-wrong-cmd "$@"
   test-tls-fail "$@"
   test-tls-skip "$@"
+  test-tls-custom-ca "$@"
   test-set-check-mode "$@"
   test-set-leaves "$@"
   test-set-leaves-twice "$@"
@@ -306,7 +313,7 @@ function test {
 
 # ci-test is a wrapper for testing in CI which first setups the environment.
 function ci-test {
-  install-containerlab 0.41.2
+  install-containerlab 0.48.6
   install-local-collection
   deploy-lab
 

diff --git a/tests/playbooks/tls-missed-check-fail.yml b/tests/playbooks/tls-missed-check-fail.yml
@@ -8,7 +8,7 @@
   vars:
     ansible_httpapi_use_ssl: yes
   tasks:
-    - name: json RPC get
+    - name: Get with TLS required but without setting skip verify or custom ca cert
       nokia.srlinux.get:
         paths:
           - path: /system/information

diff --git a/tests/playbooks/tls-with-custom-ca.yml b/tests/playbooks/tls-with-custom-ca.yml
@@ -0,0 +1,21 @@
+# Copyright 2023 Nokia
+# Licensed under the BSD 3-Clause License.
+# SPDX-License-Identifier: BSD-3-Clause
+
+- name: TLS with custom CA
+  hosts: clab
+  gather_facts: false
+  vars:
+    ansible_httpapi_use_ssl: yes
+    ansible_httpapi_ca_path: "{{ playbook_dir }}/../../scripts/clab-ansible/.tls/ca/ca.pem"
+  tasks:
+    - name: Get with TLS required and custom ca cert
+      nokia.srlinux.get:
+        paths:
+          - path: /system/information
+            datastore: state
+      register: get_return
+      failed_when: get_return.failed
+
+    - debug:
+        var: get_return