Output all validated challenges with basic infos.
This commit is contained in:
parent
0737fc4eaf
commit
a1ad4ac9d6
|
@ -161,11 +161,12 @@ class ACMECertificateClient(object):
|
|||
return [authz for authz in order.authorizations.values() if authz.status == 'pending']
|
||||
|
||||
def call_validate(self, pending_authzs, get_challenge, wait=True):
|
||||
authzs_to_wait_for = []
|
||||
authzs_with_challenges_to_wait_for = []
|
||||
for authz in pending_authzs:
|
||||
authz.call_validate(self.client, get_challenge(authz), wait=wait)
|
||||
authzs_to_wait_for.append(authz)
|
||||
return authzs_to_wait_for
|
||||
challenge_type = get_challenge(authz)
|
||||
authz.call_validate(self.client, challenge_type, wait=wait)
|
||||
authzs_with_challenges_to_wait_for.append((authz, challenge_type, authz.find_challenge(challenge_type)))
|
||||
return authzs_with_challenges_to_wait_for
|
||||
|
||||
def wait_for_validation(self, authzs_to_wait_for):
|
||||
wait_for_validation(authzs_to_wait_for, self.client)
|
||||
|
|
|
@ -191,6 +191,44 @@ account_uri:
|
|||
description: ACME account URI.
|
||||
returned: success
|
||||
type: str
|
||||
validating_challenges:
|
||||
description: List of challenges whose validation was triggered.
|
||||
returned: success
|
||||
type: list
|
||||
elements: dict
|
||||
contains:
|
||||
identifier:
|
||||
description:
|
||||
- The identifier the challenge is for.
|
||||
type: str
|
||||
returned: always
|
||||
identifier_type:
|
||||
description:
|
||||
- The identifier's type for the challenge.
|
||||
type: str
|
||||
returned: always
|
||||
choices:
|
||||
- dns
|
||||
- ip
|
||||
authz_url:
|
||||
description:
|
||||
- The URL of the authorization object for this challenge.
|
||||
type: str
|
||||
returned: always
|
||||
challenge_type:
|
||||
description:
|
||||
- The challenge's type.
|
||||
type: str
|
||||
returned: always
|
||||
choices:
|
||||
- http-01
|
||||
- dns-01
|
||||
- tls-alpn-01
|
||||
challenge_url:
|
||||
description:
|
||||
- The URL of the challenge object.
|
||||
type: str
|
||||
returned: always
|
||||
'''
|
||||
|
||||
from ansible_collections.community.crypto.plugins.module_utils.acme.acme import (
|
||||
|
@ -266,7 +304,7 @@ def main():
|
|||
]
|
||||
|
||||
# Step 4: validate pending authorizations
|
||||
authzs_to_wait_for = client.call_validate(
|
||||
authzs_with_challenges_to_wait_for = client.call_validate(
|
||||
really_pending_authzs,
|
||||
get_challenge=lambda authz: challenges[authz.combined_identifier],
|
||||
wait=False,
|
||||
|
@ -277,8 +315,18 @@ def main():
|
|||
if order and module.params['deactivate_authzs'] and not done:
|
||||
client.deactivate_authzs(order)
|
||||
module.exit_json(
|
||||
changed=len(authzs_to_wait_for) > 0,
|
||||
changed=len(authzs_with_challenges_to_wait_for) > 0,
|
||||
account_uri=client.client.account_uri,
|
||||
validating_challenges=[
|
||||
dict(
|
||||
identifier=authz.identifier,
|
||||
identifier_type=authz.identifier_type,
|
||||
authz_url=authz.url,
|
||||
challenge_type=challenge_type,
|
||||
challenge_url=challenge.url,
|
||||
)
|
||||
for authz, challenge_type, challenge in authzs_with_challenges_to_wait_for
|
||||
],
|
||||
)
|
||||
except ModuleFailException as e:
|
||||
e.do_fail(module)
|
||||
|
|
|
@ -102,8 +102,8 @@
|
|||
- order_info_1.authorizations_by_identifier['dns:' ~ domain_name].identifier.type == 'dns'
|
||||
- order_info_1.authorizations_by_identifier['dns:' ~ domain_name].identifier.value == domain_name
|
||||
- order_info_1.authorizations_by_identifier['dns:' ~ domain_name].status == 'pending'
|
||||
- (order_info_1.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'eq', 'http-01') | first).status == 'pending'
|
||||
- (order_info_1.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'eq', 'dns-01') | first).status == 'pending'
|
||||
- (order_info_1.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'equalto', 'http-01') | first).status == 'pending'
|
||||
- (order_info_1.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'equalto', 'dns-01') | first).status == 'pending'
|
||||
- order_info_1.authorizations_by_status['deactivated'] | length == 0
|
||||
- order_info_1.authorizations_by_status['expired'] | length == 0
|
||||
- order_info_1.authorizations_by_status['invalid'] | length == 0
|
||||
|
@ -168,8 +168,8 @@
|
|||
- order_info_2.authorizations_by_identifier['dns:' ~ domain_name].identifier.type == 'dns'
|
||||
- order_info_2.authorizations_by_identifier['dns:' ~ domain_name].identifier.value == domain_name
|
||||
- order_info_2.authorizations_by_identifier['dns:' ~ domain_name].status in ['pending', 'valid']
|
||||
- (order_info_2.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'eq', 'http-01') | first).status in ['processing', 'valid']
|
||||
- (order_info_2.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'eq', 'dns-01') | first).status == 'pending'
|
||||
- (order_info_2.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'equalto', 'http-01') | first).status in ['processing', 'valid']
|
||||
- (order_info_2.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'equalto', 'dns-01') | first).status == 'pending'
|
||||
- order_info_2.authorizations_by_status['deactivated'] | length == 0
|
||||
- order_info_2.authorizations_by_status['expired'] | length == 0
|
||||
- order_info_2.authorizations_by_status['invalid'] | length == 0
|
||||
|
@ -264,7 +264,7 @@
|
|||
- order_info_3.authorizations_by_identifier['dns:' ~ domain_name].identifier.type == 'dns'
|
||||
- order_info_3.authorizations_by_identifier['dns:' ~ domain_name].identifier.value == domain_name
|
||||
- order_info_3.authorizations_by_identifier['dns:' ~ domain_name].status == 'valid'
|
||||
- (order_info_3.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'eq', 'http-01') | first).status == 'valid'
|
||||
- (order_info_3.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'equalto', 'http-01') | first).status == 'valid'
|
||||
- order_info_3.authorizations_by_status['deactivated'] | length == 0
|
||||
- order_info_3.authorizations_by_status['expired'] | length == 0
|
||||
- order_info_3.authorizations_by_status['invalid'] | length == 0
|
||||
|
@ -328,7 +328,7 @@
|
|||
- order_info_4.authorizations_by_identifier['dns:' ~ domain_name].identifier.type == 'dns'
|
||||
- order_info_4.authorizations_by_identifier['dns:' ~ domain_name].identifier.value == domain_name
|
||||
- order_info_4.authorizations_by_identifier['dns:' ~ domain_name].status == 'deactivated'
|
||||
- (order_info_4.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'eq', 'http-01') | first).status == 'valid'
|
||||
- (order_info_4.authorizations_by_identifier['dns:' ~ domain_name].challenges | selectattr('type', 'equalto', 'http-01') | first).status == 'valid'
|
||||
- order_info_4.authorizations_by_status['deactivated'] | length == 1
|
||||
- order_info_4.authorizations_by_status['deactivated'][0] == 'dns:' ~ domain_name
|
||||
- order_info_4.authorizations_by_status['expired'] | length == 0
|
||||
|
|
|
@ -8,6 +8,7 @@ docs/docsite/rst/guide_selfsigned.rst rstcheck
|
|||
plugins/modules/acme_account_info.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_create.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_info.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_validate.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_challenge_cert_helper.py validate-modules:return-syntax-error
|
||||
plugins/modules/ecs_certificate.py validate-modules:invalid-documentation
|
||||
plugins/modules/get_certificate.py validate-modules:invalid-documentation
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
plugins/modules/acme_account_info.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_create.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_info.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_validate.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_challenge_cert_helper.py validate-modules:return-syntax-error
|
||||
plugins/modules/ecs_certificate.py validate-modules:invalid-documentation
|
||||
plugins/modules/get_certificate.py validate-modules:invalid-documentation
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
plugins/modules/acme_account_info.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_create.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_info.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_certificate_order_validate.py validate-modules:return-syntax-error
|
||||
plugins/modules/acme_challenge_cert_helper.py validate-modules:return-syntax-error
|
||||
plugins/modules/ecs_certificate.py validate-modules:invalid-documentation
|
||||
plugins/modules/get_certificate.py validate-modules:invalid-documentation
|
||||
|
|
Loading…
Reference in New Issue