Skip to content

Commit

Permalink
Add regression test for ansible-collections#153.
Browse files Browse the repository at this point in the history
  • Loading branch information
felixfontein committed Jul 4, 2024
1 parent d7ea8fb commit be72218
Show file tree
Hide file tree
Showing 3 changed files with 65 additions and 1 deletion.
44 changes: 44 additions & 0 deletions tests/integration/targets/setup_sops/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,3 +26,47 @@
set_fact:
sops_installed: true
age_installed: '{{ age_version_command.rc == 0 }}'

- name: Determine SOPS versions
when: sops_version_remote is not defined or sops_version_controller is not defined
block:
- name: Determine SOPS version on remote
command: sops --version --disable-version-check
changed_when: false
ignore_errors: true
register: sops_version_remote_tmp

- name: Determine SOPS version on remote, try 2
command: sops --version
changed_when: false
register: sops_version_remote_tmp_2
when: sops_version_remote_tmp is failed

- name: Determine SOPS version on controller
command: sops --version --disable-version-check
delegate_to: localhost
changed_when: false
ignore_errors: true
register: sops_version_controller_tmp

- name: Determine SOPS version on controller, try 2
command: sops --version {{ '--disable-version-check' if sops_version_controller_tmp is not defined else '' }}
delegate_to: localhost
changed_when: false
register: sops_version_controller_tmp_2
when: sops_version_controller_tmp is failed

- name: Set versions
set_fact:
sops_version_remote: >-
{{
(sops_version_remote_tmp_2 if sops_version_remote_tmp is failed else sops_version_remote_tmp).stdout
| regex_replace(".*sops ([0-9]+\.[0-9]+\.[0-9]+).*", "\1", multiline=true)
| trim
}}
sops_version_controller: >-
{{
(sops_version_controller_tmp_2 if sops_version_controller_tmp is failed else sops_version_controller_tmp).stdout
| regex_replace(".*sops ([0-9]+\.[0-9]+\.[0-9]+).*", "\1", multiline=true)
| trim
}}
5 changes: 4 additions & 1 deletion tests/integration/targets/sops_encrypt/files/.sops.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,7 @@
# SPDX-License-Identifier: GPL-3.0-or-later

creation_rules:
- pgp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4
- path_regex: test_json
unencrypted_regex: ^key1$
pgp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4
- pgp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4
17 changes: 17 additions & 0 deletions tests/integration/targets/sops_encrypt/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -245,6 +245,23 @@
value_1_raw: "{{ slurp.content | b64decode | community.sops.decrypt(output_type='json') | b64encode }}"
value_1: "{{ slurp.content | b64decode | community.sops.decrypt(output_type='json') | from_json }}"

- name: "SOPS 3.9.0+: check whether path_regex in .sops.yaml works"
assert:
that:
- >-
'"key1": "value1"' in slurp.content | b64decode
- >-
'"unencrypted_regex": "^key1$"' in slurp.content | b64decode
when: sops_version_controller is version('3.9.0', '>=')
- name: "SOPS before 3.9.0: check whether path_regex in .sops.yaml did not work"
assert:
that:
- >-
'"key1": "value1"' not in slurp.content | b64decode
- >-
'"unencrypted_regex": "^key1$"' not in slurp.content | b64decode
when: sops_version_controller is version('3.9.0', '<')

- name: Create JSON file (idempotency, check mode)
community.sops.sops_encrypt:
path: "{{ remote_tmp_dir }}/test_json"
Expand Down

0 comments on commit be72218

Please sign in to comment.