# ------------------------------------------------------------- # basic ssh-dss key - name: add basic ssh-dss key authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that the key was added assert: that: - 'result.changed == True' - 'result.key == dss_key_basic' - 'result.key_options == None' - name: re-add basic ssh-dss key authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that nothing changed assert: that: - 'result.changed == False' # ------------------------------------------------------------- # ssh-dss key with an unquoted option - name: add ssh-dss key with an unquoted option authorized_key: user: root key: "{{ dss_key_unquoted_option }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that the key was added assert: that: - 'result.changed == True' - 'result.key == dss_key_unquoted_option' - 'result.key_options == None' - name: re-add ssh-dss key with an unquoted option authorized_key: user: root key: "{{ dss_key_unquoted_option }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that nothing changed assert: that: - 'result.changed == False' # ------------------------------------------------------------- # ssh-dss key with a leading command="/bin/foo" - name: add ssh-dss key with a leading command authorized_key: user: root key: "{{ dss_key_command }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that the key was added assert: that: - 'result.changed == True' - 'result.key == dss_key_command' - 'result.key_options == None' - name: re-add ssh-dss key with a leading command authorized_key: user: root key: "{{ dss_key_command }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that nothing changed assert: that: - 'result.changed == False' # ------------------------------------------------------------- # ssh-dss key with a complex quoted leading command # ie. command="/bin/echo foo 'bar baz'" - name: add ssh-dss key with a complex quoted leading command authorized_key: user: root key: "{{ dss_key_complex_command }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that the key was added assert: that: - 'result.changed == True' - 'result.key == dss_key_complex_command' - 'result.key_options == None' - name: re-add ssh-dss key with a complex quoted leading command authorized_key: user: root key: "{{ dss_key_complex_command }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that nothing changed assert: that: - 'result.changed == False' # ------------------------------------------------------------- # ssh-dss key with a command and a single option, which are # in a comma-separated list - name: add ssh-dss key with a command and a single option authorized_key: user: root key: "{{ dss_key_command_single_option }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that the key was added assert: that: - 'result.changed == True' - 'result.key == dss_key_command_single_option' - 'result.key_options == None' - name: re-add ssh-dss key with a command and a single option authorized_key: user: root key: "{{ dss_key_command_single_option }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that nothing changed assert: that: - 'result.changed == False' # ------------------------------------------------------------- # ssh-dss key with a command and multiple other options - name: add ssh-dss key with a command and multiple options authorized_key: user: root key: "{{ dss_key_command_multiple_options }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that the key was added assert: that: - 'result.changed == True' - 'result.key == dss_key_command_multiple_options' - 'result.key_options == None' - name: re-add ssh-dss key with a command and multiple options authorized_key: user: root key: "{{ dss_key_command_multiple_options }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that nothing changed assert: that: - 'result.changed == False' # ------------------------------------------------------------- # ssh-dss key with multiple trailing parts, which are space- # separated and not quoted in any way - name: add ssh-dss key with trailing parts authorized_key: user: root key: "{{ dss_key_trailing }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that the key was added assert: that: - 'result.changed == True' - 'result.key == dss_key_trailing' - 'result.key_options == None' - name: re-add ssh-dss key with trailing parts authorized_key: user: root key: "{{ dss_key_trailing }}" state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that nothing changed assert: that: - 'result.changed == False' # ------------------------------------------------------------- # basic ssh-dss key with mutliple permit-open options # https://github.com/ansible/ansible-modules-core/issues/1715 - name: add basic ssh-dss key with multi-opts authorized_key: user: root key: "{{ dss_key_basic }}" key_options: 'no-agent-forwarding,no-X11-forwarding,permitopen="10.9.8.1:8080",permitopen="10.9.8.1:9001"' state: present path: "{{ output_dir | expanduser }}/authorized_keys" register: result - name: assert that the key with multi-opts was added assert: that: - 'result.changed == True' - 'result.key == dss_key_basic' - 'result.key_options == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\""' - name: get the file content shell: cat "{{ output_dir | expanduser }}/authorized_keys" | fgrep DATA_BASIC changed_when: no register: content - name: validate content assert: that: - 'content.stdout == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\" ssh-dss DATA_BASIC root@testing"'