test: improve tests using new setup_ssh_keypair helper (#285)

* test: use new setup_ssh_keypair helper

Remove the previous setup_sshkey helper

* ci: fix tmp dir location to please chattr

tests/integration/targets/hcloud_placement_group/defaults/main/main.yml

@@ -3,3 +3,4 @@
 ---
 hcloud_placement_group_name: "{{ hcloud_ns }}"
 hcloud_server_name: "{{ hcloud_ns }}"
+hcloud_ssh_key_name: "{{ hcloud_ns }}"

tests/integration/targets/hcloud_placement_group/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - setup_ssh_keypair

tests/integration/targets/hcloud_placement_group/tasks/cleanup.yml

@@ -0,0 +1,5 @@
+---
+- name: Cleanup test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    state: absent

tests/integration/targets/hcloud_placement_group/tasks/prepare.yml

@@ -0,0 +1,6 @@
+---
+- name: Create test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    public_key: "{{ test_ssh_keypair.public_key }}"
+  register: test_ssh_key

tests/integration/targets/hcloud_placement_group/tasks/test.yml

@@ -68,7 +68,7 @@
     placement_group: "{{ hcloud_placement_group_name }}"
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: server
 - name: verify create server with placement group

tests/integration/targets/hcloud_rdns/defaults/main/main.yml

@@ -5,3 +5,4 @@ hcloud_server_name: "{{ hcloud_ns }}"
 hcloud_floating_ip_name: "{{ hcloud_ns }}"
 hcloud_primary_ip_name: "{{ hcloud_ns }}"
 hcloud_load_balancer_name: "{{ hcloud_ns }}"
+hcloud_ssh_key_name: "{{ hcloud_ns }}"

tests/integration/targets/hcloud_rdns/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - setup_ssh_keypair

tests/integration/targets/hcloud_rdns/tasks/cleanup.yml

@@ -0,0 +1,5 @@
+---
+- name: Cleanup test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    state: absent

tests/integration/targets/hcloud_rdns/tasks/prepare.yml

@@ -0,0 +1,6 @@
+---
+- name: Create test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    public_key: "{{ test_ssh_keypair.public_key }}"
+  register: test_ssh_key

tests/integration/targets/hcloud_rdns/tasks/test.yml

@@ -7,7 +7,7 @@
     server_type: cx11
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: setup
 - name: verify setup

tests/integration/targets/hcloud_server/defaults/main/main.yml

@@ -1,6 +1,7 @@
 # Copyright: (c) 2019, Hetzner Cloud GmbH <info@hetzner-cloud.de>
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 ---
+hcloud_ssh_key_name: "{{ hcloud_ns }}"
 hcloud_server_name: "{{ hcloud_ns }}"
 hcloud_firewall_name: "{{ hcloud_ns }}"
 hcloud_primary_ip_name: "{{ hcloud_ns }}"

tests/integration/targets/hcloud_server/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - setup_ssh_keypair

tests/integration/targets/hcloud_server/tasks/cleanup.yml

@@ -0,0 +1,5 @@
+---
+- name: Cleanup test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    state: absent

tests/integration/targets/hcloud_server/tasks/prepare.yml

@@ -0,0 +1,6 @@
+---
+- name: Create test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    public_key: "{{ test_ssh_keypair.public_key }}"
+  register: test_ssh_key

tests/integration/targets/hcloud_server/tasks/test_basic.yml

@@ -361,7 +361,7 @@
     server_type: cx11
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: started
   register: main_server
 - name: verify create server with ssh key
@@ -378,7 +378,7 @@
     name: "{{ hcloud_server_name }}"
     rescue_mode: "linux64"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: main_server
   check_mode: true
@@ -392,7 +392,7 @@
     name: "{{ hcloud_server_name }}"
     rescue_mode: "linux64"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: main_server
 - name: verify activate rescue mode
@@ -405,7 +405,7 @@
   hetzner.hcloud.hcloud_server:
     name: "{{ hcloud_server_name }}"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: main_server
 - name: verify activate rescue mode
@@ -442,7 +442,7 @@
     server_type: cx11
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     rescue_mode: "linux64"
     state: started
   register: main_server
@@ -471,7 +471,7 @@
     server_type: cx11
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     labels:
       key: value
       mylabel: "val123"
@@ -490,7 +490,7 @@
     server_type: cx11
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     labels:
       key: other
       mylabel: "val123"
@@ -509,7 +509,7 @@
     server_type: cx11
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     labels:
       mylabel: "val123"
       key: other
@@ -537,7 +537,7 @@
     backups: true
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: result
 - name: verify enable backups
@@ -564,7 +564,7 @@
     server_type: cpx11
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: result_after_test
   ignore_errors: true

tests/integration/targets/hcloud_server/tasks/test_firewalls.yml

@@ -35,7 +35,7 @@
       - "{{ hcloud_firewall_name }}"
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: result
 - name: verify test create server with firewalls
@@ -51,7 +51,7 @@
       - "{{ hcloud_firewall_name }}"
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: result
 - name: verify test create server with firewalls idempotence
@@ -67,7 +67,7 @@
       - "{{ hcloud_firewall_name }}2"
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: result
 - name: verify test update server with firewalls
@@ -83,7 +83,7 @@
       - "{{ hcloud_firewall_name }}2"
     image: "ubuntu-22.04"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: present
   register: result
 - name: verify test update server with firewalls idempotence

tests/integration/targets/hcloud_server/tasks/test_primary_ips.yml

@@ -31,7 +31,7 @@
     ipv4: "{{primaryIPv4.hcloud_primary_ip.id}}"
     ipv6: "{{primaryIPv6.hcloud_primary_ip.id}}"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: stopped
   register: result
 - name: verify test create server with primary ips
@@ -49,7 +49,7 @@
     ipv6: ""
     enable_ipv6: false
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: stopped
   register: result
 - name: verify test create server with primary ips

tests/integration/targets/hcloud_server/tasks/test_private_network_only.yml

@@ -71,7 +71,7 @@
     private_networks:
       - "{{ primaryNetwork.hcloud_network.name }}"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: stopped
   register: result
 - name: verify test create server with primary network
@@ -91,7 +91,7 @@
       - "{{ primaryNetwork.hcloud_network.name }}"
       - "{{ secondaryNetwork.hcloud_network.id }}"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: stopped
   register: result
 - name: verify test update server by adding secondary network
@@ -111,7 +111,7 @@
       - "{{ primaryNetwork.hcloud_network.name }}"
       - "{{ secondaryNetwork.hcloud_network.id }}"
     ssh_keys:
-      - ci@ansible.hetzner.cloud
+      - "{{ hcloud_ssh_key_name }}"
     state: stopped
   register: result
 - name: verify test update server idem

tests/integration/targets/hcloud_ssh_key/defaults/main/main.yml

@@ -3,8 +3,3 @@
 ---
 hcloud_server_name: "{{ hcloud_ns }}"
 hcloud_ssh_key_name: "{{ hcloud_ns }}"
-hcloud_ssh_key_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnaTPfKaX1QKcRLOfr34buVLh5FhJAThI9NYB0xNdXsMd4Y0zLyyCQzHbx4eWCVZxym/s6csWSeLaAhO1GOHeAw3hQFMqf1oTBx6Y8g0pKpeotKPa/PDSUzdZF9Lc+DadtpQd8kFVHAu1Kd3zoEUnk1u6kP7I4qu4Z/6F9qBDF+M3aobiPVxdS7GwaVRW3nZu+FcQDLiBiNOjuRDyjHcDfEUkoh2SOu25RrFtGPzFu5mGmBJwotKpWAocLGfHzyn/fAHxgw3jKZVH/t+XWQFnl82Ie8yE3Z1EZ7oDkNRqFQT9AdXEQOLycTTYTQMJZpgeFTv3sAo6lPRCusiFmmLcf ci@ansible.hetzner.cloud"
-hcloud_ssh_key_fingerprint: "56:89:c4:d6:a7:4a:79:82:f4:c2:58:9c:e1:d2:2d:4e"
-
-hcloud_doubled_ssh_key_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1AiuN3UMQKzOs4tNudmlDSkSebC+savc6CivoHGflUKeli7nKb5pKgGiqH+zeWZc+8+flUa2BxsJWmi7d1nGJ++W4BnzmqW78ApelpJnGtuX8IKNcq/trhVTQyaShPiLluoBs7bXyyZpAKNGkk3jHrgwwYD/QQDN0CJnQUM18fjH5CUes2vmaG/kkhn7ctuVHDOvDcEy8KdBX3fYyrtXw5GgWDC5borG6yT1f3E9AXfRPL9OQjMTeC+G4FHscJAZjNnYav+jLrQLdV1xJ0JgbjRyBgTAfBszx9oKIjzCUPvpj4npju0WFGu10pIh0w7bluMoVn1tS6Y3gxE/Cepwt ci@ansible.hetzner.cloud"
-hcloud_doubled_ssh_key_fingerprint: "f9:33:40:ff:77:f3:3e:85:f2:9e:8f:98:71:fd:a0:58"

tests/integration/targets/hcloud_ssh_key/meta/main.yml

@@ -1,3 +1,3 @@
 ---
 dependencies:
-  - setup_sshkey
+  - setup_ssh_keypair

tests/integration/targets/hcloud_ssh_key/tasks/cleanup.yml

@@ -0,0 +1,10 @@
+---
+- name: Cleanup test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    state: absent
+
+- name: Cleanup test_server
+  hetzner.hcloud.hcloud_server:
+    name: "{{ hcloud_server_name }}"
+    state: absent

tests/integration/targets/hcloud_ssh_key/tasks/test.yml

@@ -15,7 +15,7 @@
 - name: test create ssh key with check mode
   hetzner.hcloud.hcloud_ssh_key:
     name: "{{ hcloud_ssh_key_name }}"
-    public_key: "{{ key_material }}"
+    public_key: "{{ test_ssh_keypair.public_key }}"
   register: result
   check_mode: true
 - name: test create ssh key with check mode
@@ -26,23 +26,23 @@
 - name: test create ssh key
   hetzner.hcloud.hcloud_ssh_key:
     name: "{{ hcloud_ssh_key_name }}"
-    public_key: "{{ key_material }}"
+    public_key: "{{ test_ssh_keypair.public_key }}"
     labels:
       key: value
       my-label: label
-  register: sshKey
+  register: ssh_key
 - name: verify create ssh key
   assert:
     that:
-      - sshKey is changed
-      - sshKey.hcloud_ssh_key.name == "{{ hcloud_ssh_key_name }}"
-      - sshKey.hcloud_ssh_key.public_key ==  "{{ key_material }}"
-      - sshKey.hcloud_ssh_key.labels.key == "value"
+      - ssh_key is changed
+      - ssh_key.hcloud_ssh_key.name == "{{ hcloud_ssh_key_name }}"
+      - ssh_key.hcloud_ssh_key.public_key ==  "{{ test_ssh_keypair.public_key }}"
+      - ssh_key.hcloud_ssh_key.labels.key == "value"
 
 - name: test create ssh key idempotence
   hetzner.hcloud.hcloud_ssh_key:
     name: "{{ hcloud_ssh_key_name }}"
-    public_key: "{{ key_material }}"
+    public_key: "{{ test_ssh_keypair.public_key }}"
   register: result
 - name: verify create ssh key idempotence
   assert:
@@ -51,7 +51,7 @@
 
 - name: test update ssh key with check mode
   hetzner.hcloud.hcloud_ssh_key:
-    id: "{{ sshKey.hcloud_ssh_key.id }}"
+    id: "{{ ssh_key.hcloud_ssh_key.id }}"
     name: "changed-{{ hcloud_ssh_key_name }}"
   register: result
   check_mode: true
@@ -62,7 +62,7 @@
 
 - name: test update ssh key
   hetzner.hcloud.hcloud_ssh_key:
-    id: "{{ sshKey.hcloud_ssh_key.id }}"
+    id: "{{ ssh_key.hcloud_ssh_key.id }}"
     name: "changed-{{ hcloud_ssh_key_name }}"
     labels:
       key: value
@@ -75,7 +75,7 @@
 
 - name: test update ssh key with same labels
   hetzner.hcloud.hcloud_ssh_key:
-    id: "{{ sshKey.hcloud_ssh_key.id }}"
+    id: "{{ ssh_key.hcloud_ssh_key.id }}"
     name: "changed-{{ hcloud_ssh_key_name }}"
     labels:
       key: value
@@ -87,7 +87,7 @@
 
 - name: test update ssh key with other labels
   hetzner.hcloud.hcloud_ssh_key:
-    id: "{{ sshKey.hcloud_ssh_key.id }}"
+    id: "{{ ssh_key.hcloud_ssh_key.id }}"
     name: "changed-{{ hcloud_ssh_key_name }}"
     labels:
       key: value
@@ -100,7 +100,7 @@
 
 - name: test rename ssh key
   hetzner.hcloud.hcloud_ssh_key:
-    id: "{{ sshKey.hcloud_ssh_key.id }}"
+    id: "{{ ssh_key.hcloud_ssh_key.id }}"
     name: "{{ hcloud_ssh_key_name }}"
   register: result
 - name: test rename ssh key
@@ -123,20 +123,10 @@
     that:
       - main_server is changed
 
-- name: absent ssh key
-  hetzner.hcloud.hcloud_ssh_key:
-    id: "{{ sshKey.hcloud_ssh_key.id }}"
-    state: absent
-  register: result
-- name: verify absent sshkey
-  assert:
-    that:
-      - result is success
-
 - name: test fail cleanly on double created ssh key
   hetzner.hcloud.hcloud_ssh_key:
-    name: "{{ hcloud_ssh_key_name }}othername"
-    public_key: "{{ hcloud_doubled_ssh_key_public_key }}"
+    name: "{{ hcloud_ssh_key_name }}-other-name"
+    public_key: "{{ test_ssh_keypair.public_key }}"
   register: result
   ignore_errors: true
 - name: verify failed correctly
@@ -145,12 +135,12 @@
       - result is failed
       - 'result.msg == "SSH key with the same fingerprint already exists"'
 
-- name: cleanup
-  hetzner.hcloud.hcloud_server:
-    name: "{{ hcloud_server_name }}"
+- name: test delete ssh key
+  hetzner.hcloud.hcloud_ssh_key:
+    id: "{{ ssh_key.hcloud_ssh_key.id }}"
     state: absent
   register: result
-- name: verify cleanup
+- name: verify absent ssh_key
   assert:
     that:
       - result is success

tests/integration/targets/hcloud_ssh_key_info/meta/main.yml

@@ -1,3 +1,3 @@
 ---
 dependencies:
-  - setup_sshkey
+  - setup_ssh_keypair

tests/integration/targets/hcloud_ssh_key_info/tasks/cleanup.yml

@@ -0,0 +1,5 @@
+---
+- name: Cleanup test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    state: absent

tests/integration/targets/hcloud_ssh_key_info/tasks/prepare.yml

@@ -0,0 +1,8 @@
+---
+- name: Create test_ssh_key
+  hetzner.hcloud.hcloud_ssh_key:
+    name: "{{ hcloud_ssh_key_name }}"
+    public_key: "{{ test_ssh_keypair.public_key }}"
+    labels:
+      key: value
+  register: test_ssh_key

tests/integration/targets/hcloud_ssh_key_info/tasks/test.yml

@@ -1,25 +1,6 @@
 # Copyright: (c) 2019, Hetzner Cloud GmbH <info@hetzner-cloud.de>
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 ---
-- name: setup ensure ssh key is absent
-  hetzner.hcloud.hcloud_ssh_key:
-    name: "{{ hcloud_ssh_key_name }}"
-    state: absent
-  register: result
-
-- name: setup test ssh_key
-  hetzner.hcloud.hcloud_ssh_key:
-    name: "{{hcloud_ssh_key_name}}"
-    public_key: "{{ key_material }}"
-    labels:
-      key: value
-  register: result
-- name: verify create test ssh_key
-  assert:
-    that:
-      - result is changed
-      - result.hcloud_ssh_key.public_key == "{{ key_material }}"
-
 - name: test gather hcloud ssh key infos in check mode
   hetzner.hcloud.hcloud_ssh_key_info:
   register: hcloud_ssh_key
@@ -55,13 +36,3 @@
   assert:
     that:
       - hcloud_ssh_key.hcloud_ssh_key_info | list | count == 0
-
-- name: cleanup
-  hetzner.hcloud.hcloud_ssh_key:
-    name: "{{hcloud_ssh_key_name}}"
-    state: absent
-  register: result
-- name: verify cleanup
-  assert:
-    that:
-      - result is success

tests/integration/targets/setup_ssh_keypair/tasks/main.yml

@@ -0,0 +1,18 @@
+---
+# https://github.com/ansible-collections/community.crypto/pull/504
+- name: Create temporary directory for test_ssh_keypair
+  ansible.builtin.file:
+    state: directory
+    path: ~/tmp
+
+- name: Create temporary file for test_ssh_keypair
+  ansible.builtin.tempfile:
+    path: ~/tmp
+    suffix: "{{ hcloud_ssh_key_name }}"
+  register: _tmp_ssh_key_file
+
+- name: Create test_ssh_keypair
+  community.crypto.openssh_keypair:
+    path: "{{ _tmp_ssh_key_file.path }}"
+    force: true
+  register: test_ssh_keypair

tests/integration/targets/setup_sshkey/tasks/main.yml

@@ -1,55 +0,0 @@
-# (c) 2014, James Laska <jlaska@ansible.com>
-
-# This file is part of Ansible
-#
-# Ansible is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Ansible is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
-
-- name: create a temp file
-  tempfile:
-    state: file
-  register: sshkey_file
-  tags:
-    - prepare
-
-- name: generate sshkey
-  shell: echo 'y' | ssh-keygen -P '' -f {{ sshkey_file.path }}
-  tags:
-    - prepare
-
-- name: create another temp file
-  tempfile:
-    state: file
-  register: another_sshkey_file
-  tags:
-    - prepare
-
-- name: generate another_sshkey
-  shell: echo 'y' | ssh-keygen -P '' -f {{ another_sshkey_file.path }}
-  tags:
-    - prepare
-
-- name: record fingerprint
-  shell: openssl rsa -in {{ sshkey_file.path }} -pubout -outform DER 2>/dev/null | openssl md5 -c
-  register: fingerprint
-  tags:
-    - prepare
-
-- name: set facts for future roles
-  set_fact:
-    sshkey: "{{ sshkey_file.path }}"
-    key_material: "{{ lookup('file', sshkey_file.path ~ '.pub') }}"
-    another_key_material: "{{ lookup('file', another_sshkey_file.path ~ '.pub') }}"
-    fingerprint: "{{ fingerprint.stdout.split()[1] }}"
-  tags:
-    - prepare