Added dependency for trippsc2.general.

trippsc2 · Jul 26, 2024 · 9b63198 · 9b63198
1 parent 36566f2
commit 9b63198
Show file tree

Hide file tree

Showing 12 changed files with 19 additions and 10 deletions.
diff --git a/galaxy.yml b/galaxy.yml
@@ -1,7 +1,7 @@
 ---
 namespace: trippsc2
 name: adcs
-version: 1.1.6
+version: 1.2.0
 readme: README.md
 authors:
   - Jim Tarpley
@@ -14,6 +14,7 @@ tags: []
 dependencies:
   ansible.windows: ">=1.0.0"
   community.windows: ">=1.11.0"
+  trippsc2.general: ">=2.4.0"
   trippsc2.windows: ">=1.0.0"
 
 repository: https://github.com/trippsc2/ansible-collection-adcs.git

diff --git a/roles/certificate_authority/README.md b/roles/certificate_authority/README.md
@@ -1,7 +1,7 @@
 <!-- BEGIN_ANSIBLE_DOCS -->
 
 # Ansible Role: trippsc2.adcs.certificate_authority
-Version: 1.1.6
+Version: 1.2.0
 
 This role installs and configures a Windows machine as a Active Directory Certificate Services Certification Authority.
 

diff --git a/roles/signed_certificate/README.md b/roles/signed_certificate/README.md
@@ -1,7 +1,7 @@
 <!-- BEGIN_ANSIBLE_DOCS -->
 
 # Ansible Role: trippsc2.adcs.signed_certificate
-Version: 1.1.6
+Version: 1.2.0
 
 This role issues a certificate from a AD CS Certification Authority.
 

diff --git a/roles/signed_certificate/meta/main.yml b/roles/signed_certificate/meta/main.yml
@@ -30,6 +30,7 @@ galaxy_info:
 
 collections:
   - ansible.windows
+  - trippsc2.general
 
 dependencies:
   - role: trippsc2.general.generate_csr
diff --git a/roles/signed_certificate/molecule-tests.sh b/roles/signed_certificate/molecule-tests.sh
@@ -6,12 +6,14 @@ MOLECULE_BOX="rocky8_cis" molecule test -s linux
 MOLECULE_BOX="w2022_cis" molecule test -s win
 MOLECULE_BOX="debian12_base" molecule test -s linux
 MOLECULE_BOX="ubuntu2404_base" molecule test -s linux
-
-MOLECULE_BOX="w2019_cis" molecule test -s win
+MOLECULE_BOX="w11_23h2_base" molecule test -s win
 
 MOLECULE_BOX="rocky9_base" molecule test -s linux
 
 MOLECULE_BOX="debian11_base" molecule test -s linux
 
+MOLECULE_BOX="w2019_cis" molecule test -s win
+MOLECULE_BOX="w10_22h2_base" molecule test -s win
+
 MOLECULE_BOX="ubuntu2204_base" molecule test -s linux
 MOLECULE_BOX="ubuntu2004_base" molecule test -s linux
diff --git a/roles/signed_certificate/molecule/linux/molecule.yml b/roles/signed_certificate/molecule/linux/molecule.yml
@@ -25,8 +25,12 @@ provisioner:
   inventory:
     group_vars:
       subjects:
+        cert_private_key_path: >-
+          {{ '/etc/pki/tls/private/cert.key' if ansible_os_family == 'RedHat' else '/etc/ssl/private/cert.key' }}
         cert_private_key_owner: test
         cert_private_key_group: test
+        cert_certificate_path: >-
+          {{ '/etc/pki/tls/certs/cert.crt' if ansible_os_family == 'RedHat' else '/etc/ssl/certs/cert.crt' }}
         cert_certificate_owner: test
         cert_certificate_group: test
         cert_signing_ca_hostname: ca

diff --git a/roles/signed_certificate/molecule/win/molecule.yml b/roles/signed_certificate/molecule/win/molecule.yml
@@ -26,6 +26,8 @@ provisioner:
   inventory:
     group_vars:
       subjects:
+        cert_certificate_path: C:\Windows\Temp\cert.crt
+        cert_private_key_path: C:\Windows\Temp\cert.key
         cert_signing_ca_hostname: ca
         cert_signing_ca_fqdn: ca
         cert_signing_ca_common_name: RootCA

diff --git a/roles/signed_certificate/tasks/Debian.yml b/roles/signed_certificate/tasks/Debian.yml
@@ -4,7 +4,7 @@
 
 - name: Add private key owner to ssl-cert (Debian-based)
   when:
-    - ('/etc/ssl/private' in _cert_private_key_path)
+    - ('/etc/ssl/private' in cert_private_key_path)
     - cert_private_key_owner != 'root'
   block:
     - name: Ensure ssl-cert package is installed

diff --git a/roles/signed_certificate/tasks/Windows.yml b/roles/signed_certificate/tasks/Windows.yml
@@ -2,7 +2,7 @@
 - name: Copy signed certificate to path
   ansible.windows.win_copy:
     content: "{{ _cert_signed_cert_content }}"
-    dest: "{{ _cert_certificate_path }}"
+    dest: "{{ cert_certificate_path }}"
 
 - name: Remove CSR file
   ansible.windows.win_file:

diff --git a/roles/signed_certificate/tasks/linux.yml b/roles/signed_certificate/tasks/linux.yml
@@ -3,7 +3,7 @@
   become: true
   ansible.builtin.copy:
     content: "{{ _cert_signed_cert_content }}"
-    dest: "{{ _cert_certificate_path }}"
+    dest: "{{ cert_certificate_path }}"
     owner: "{{ cert_certificate_owner }}"
     group: "{{ cert_certificate_group }}"
     mode: "{{ cert_certificate_mode }}"

diff --git a/roles/signed_certificate/vars/main.yml b/roles/signed_certificate/vars/main.yml
@@ -4,5 +4,4 @@ _cert_supported_os_families:
   - RedHat
   - Windows
 
-_cert_certificate_path: "{{ cert_certificate_path | default(_cert_default_certificate_path) }}"
 _cert_csr_tmp_path: "{{ cert_csr_tmp_path | default(_cert_default_csr_tmp_path) }}"
diff --git a/roles/sub_ca_certificate/README.md b/roles/sub_ca_certificate/README.md
@@ -1,7 +1,7 @@
 <!-- BEGIN_ANSIBLE_DOCS -->
 
 # Ansible Role: trippsc2.adcs.sub_ca_certificate
-Version: 1.1.6
+Version: 1.2.0
 
 This role signs a subordinate CA certificate on a Windows machine.