ansible-playbook [core 2.17.7]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.12/site-packages/ansible
  ansible collection location = /tmp/collections-zyC
  executable location = /usr/local/bin/ansible-playbook
  python version = 3.12.8 (main, Dec  3 2024, 00:00:00) [GCC 14.2.1 20241104 (Red Hat 14.2.1-6)] (/usr/bin/python3.12)
  jinja version = 3.1.4
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
running playbook inside collection fedora.linux_system_roles
redirecting (type: callback) ansible.builtin.debug to ansible.posix.debug
redirecting (type: callback) ansible.builtin.debug to ansible.posix.debug
redirecting (type: callback) ansible.builtin.profile_tasks to ansible.posix.profile_tasks
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: tests_fs_attrs.yml ***************************************************
5 plays in /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml

PLAY [Ensure UID and GID exists] ***********************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:2
Saturday 18 January 2025  07:59:14 -0500 (0:00:00.008)       0:00:00.008 ****** 
[WARNING]: Platform linux on host managed-node1 is using the discovered Python
interpreter at /usr/bin/python3.12, but future installation of another Python
interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-
core/2.17/reference_appendices/interpreter_discovery.html for more information.
ok: [managed-node1]

TASK [Ensure user exists] ******************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:5
Saturday 18 January 2025  07:59:15 -0500 (0:00:01.207)       0:00:01.215 ****** 
changed: [managed-node1] => {
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 1040,
    "home": "/home/user1",
    "name": "user1",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 1040
}

TASK [Ensure group "somegroup" exists] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:9
Saturday 18 January 2025  07:59:16 -0500 (0:00:00.731)       0:00:01.947 ****** 
changed: [managed-node1] => {
    "changed": true,
    "gid": 1041,
    "name": "somegroup",
    "state": "present",
    "system": false
}

PLAY [Issue certificate setting user/group] ************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:14
Saturday 18 January 2025  07:59:16 -0500 (0:00:00.555)       0:00:02.502 ****** 
ok: [managed-node1]

TASK [fedora.linux_system_roles.certificate : Set version specific variables] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2
Saturday 18 January 2025  07:59:17 -0500 (0:00:00.957)       0:00:03.459 ****** 
included: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for managed-node1

TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2
Saturday 18 January 2025  07:59:17 -0500 (0:00:00.026)       0:00:03.486 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "__certificate_required_facts | difference(ansible_facts.keys() | list) | length > 0",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Check if system is ostree] *******
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:10
Saturday 18 January 2025  07:59:17 -0500 (0:00:00.048)       0:00:03.534 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "exists": false
    }
}

TASK [fedora.linux_system_roles.certificate : Set flag to indicate system is ostree] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:15
Saturday 18 January 2025  07:59:18 -0500 (0:00:00.741)       0:00:04.276 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "__certificate_is_ostree": false
    },
    "changed": false
}

TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:19
Saturday 18 January 2025  07:59:18 -0500 (0:00:00.025)       0:00:04.302 ****** 
skipping: [managed-node1] => (item=RedHat.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "RedHat.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=CentOS.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "CentOS.yml",
    "skip_reason": "Conditional result was False"
}
ok: [managed-node1] => (item=CentOS_10.yml) => {
    "ansible_facts": {
        "__certificate_certmonger_packages": [
            "certmonger",
            "python3-packaging"
        ]
    },
    "ansible_included_var_files": [
        "/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/CentOS_10.yml"
    ],
    "ansible_loop_var": "item",
    "changed": false,
    "item": "CentOS_10.yml"
}
ok: [managed-node1] => (item=CentOS_10.yml) => {
    "ansible_facts": {
        "__certificate_certmonger_packages": [
            "certmonger",
            "python3-packaging"
        ]
    },
    "ansible_included_var_files": [
        "/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/CentOS_10.yml"
    ],
    "ansible_loop_var": "item",
    "changed": false,
    "item": "CentOS_10.yml"
}

TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5
Saturday 18 January 2025  07:59:18 -0500 (0:00:00.050)       0:00:04.353 ****** 
changed: [managed-node1] => {
    "changed": true,
    "rc": 0,
    "results": [
        "Installed: python3-cffi-1.16.0-7.el10.x86_64",
        "Installed: python3-ply-3.11-25.el10.noarch",
        "Installed: python3-pycparser-2.20-16.el10.noarch",
        "Installed: python3-cryptography-43.0.0-4.el10.x86_64",
        "Installed: python3-pyasn1-0.6.1-1.el10.noarch"
    ]
}
lsrpackages: python3-cryptography python3-dbus python3-pyasn1

TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:23
Saturday 18 January 2025  07:59:21 -0500 (0:00:02.473)       0:00:06.826 ****** 
changed: [managed-node1] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": true,
    "rc": 0,
    "results": [
        "Installed: dbus-tools-1:1.14.10-5.el10.x86_64",
        "Installed: python3-packaging-23.2-6.el10.noarch",
        "Installed: certmonger-0.79.20-3.el10.x86_64"
    ]
}
lsrpackages: certmonger python3-packaging

TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:35
Saturday 18 January 2025  07:59:23 -0500 (0:00:02.596)       0:00:09.422 ****** 
changed: [managed-node1] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": true,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/etc/certmonger//pre-scripts",
    "secontext": "unconfined_u:object_r:etc_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:61
Saturday 18 January 2025  07:59:24 -0500 (0:00:00.735)       0:00:10.157 ****** 
changed: [managed-node1] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": true,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/etc/certmonger//post-scripts",
    "secontext": "unconfined_u:object_r:etc_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:90
Saturday 18 January 2025  07:59:25 -0500 (0:00:00.551)       0:00:10.709 ****** 
changed: [managed-node1] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": true,
    "enabled": true,
    "name": "certmonger",
    "state": "started",
    "status": {
        "AccessSELinuxContext": "system_u:object_r:certmonger_unit_file_t:s0",
        "ActiveEnterTimestampMonotonic": "0",
        "ActiveExitTimestampMonotonic": "0",
        "ActiveState": "inactive",
        "After": "syslog.target network.target dbus.socket system.slice basic.target sysinit.target dbus-broker.service systemd-journald.socket",
        "AllowIsolate": "no",
        "AssertResult": "no",
        "AssertTimestampMonotonic": "0",
        "Before": "shutdown.target",
        "BindLogSockets": "no",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
        "BusName": "org.fedorahosted.certmonger",
        "CPUAccounting": "yes",
        "CPUAffinityFromNUMA": "no",
        "CPUQuotaPerSecUSec": "infinity",
        "CPUQuotaPeriodUSec": "infinity",
        "CPUSchedulingPolicy": "0",
        "CPUSchedulingPriority": "0",
        "CPUSchedulingResetOnFork": "no",
        "CPUShares": "[not set]",
        "CPUUsageNSec": "[not set]",
        "CPUWeight": "[not set]",
        "CacheDirectoryMode": "0755",
        "CanFreeze": "yes",
        "CanIsolate": "no",
        "CanLiveMount": "no",
        "CanReload": "no",
        "CanStart": "yes",
        "CanStop": "yes",
        "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore",
        "CleanResult": "success",
        "CollectMode": "inactive",
        "ConditionResult": "no",
        "ConditionTimestampMonotonic": "0",
        "ConfigurationDirectoryMode": "0755",
        "Conflicts": "shutdown.target",
        "ControlGroupId": "0",
        "ControlPID": "0",
        "CoredumpFilter": "0x33",
        "CoredumpReceive": "no",
        "DebugInvocation": "no",
        "DefaultDependencies": "yes",
        "DefaultMemoryLow": "0",
        "DefaultMemoryMin": "0",
        "DefaultStartupMemoryLow": "0",
        "Delegate": "no",
        "Description": "Certificate monitoring and PKI enrollment",
        "DevicePolicy": "auto",
        "DynamicUser": "no",
        "EffectiveMemoryHigh": "3698225152",
        "EffectiveMemoryMax": "3698225152",
        "EffectiveTasksMax": "22365",
        "EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)",
        "ExecMainCode": "0",
        "ExecMainExitTimestampMonotonic": "0",
        "ExecMainHandoffTimestampMonotonic": "0",
        "ExecMainPID": "0",
        "ExecMainStartTimestampMonotonic": "0",
        "ExecMainStatus": "0",
        "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
        "ExecStartEx": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; flags= ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
        "ExitType": "main",
        "ExtensionImagePolicy": "root=verity+signed+encrypted+unprotected+absent:usr=verity+signed+encrypted+unprotected+absent:home=encrypted+unprotected+absent:srv=encrypted+unprotected+absent:tmp=encrypted+unprotected+absent:var=encrypted+unprotected+absent",
        "FailureAction": "none",
        "FileDescriptorStoreMax": "0",
        "FileDescriptorStorePreserve": "restart",
        "FinalKillSignal": "9",
        "FragmentPath": "/usr/lib/systemd/system/certmonger.service",
        "FreezerState": "running",
        "GID": "[not set]",
        "GuessMainPID": "yes",
        "IOAccounting": "no",
        "IOReadBytes": "[not set]",
        "IOReadOperations": "[not set]",
        "IOSchedulingClass": "2",
        "IOSchedulingPriority": "4",
        "IOWeight": "[not set]",
        "IOWriteBytes": "[not set]",
        "IOWriteOperations": "[not set]",
        "IPAccounting": "no",
        "IPEgressBytes": "[no data]",
        "IPEgressPackets": "[no data]",
        "IPIngressBytes": "[no data]",
        "IPIngressPackets": "[no data]",
        "Id": "certmonger.service",
        "IgnoreOnIsolate": "no",
        "IgnoreSIGPIPE": "yes",
        "InactiveEnterTimestampMonotonic": "0",
        "InactiveExitTimestampMonotonic": "0",
        "JobRunningTimeoutUSec": "infinity",
        "JobTimeoutAction": "none",
        "JobTimeoutUSec": "infinity",
        "KeyringMode": "private",
        "KillMode": "control-group",
        "KillSignal": "15",
        "LimitAS": "infinity",
        "LimitASSoft": "infinity",
        "LimitCORE": "infinity",
        "LimitCORESoft": "infinity",
        "LimitCPU": "infinity",
        "LimitCPUSoft": "infinity",
        "LimitDATA": "infinity",
        "LimitDATASoft": "infinity",
        "LimitFSIZE": "infinity",
        "LimitFSIZESoft": "infinity",
        "LimitLOCKS": "infinity",
        "LimitLOCKSSoft": "infinity",
        "LimitMEMLOCK": "8388608",
        "LimitMEMLOCKSoft": "8388608",
        "LimitMSGQUEUE": "819200",
        "LimitMSGQUEUESoft": "819200",
        "LimitNICE": "0",
        "LimitNICESoft": "0",
        "LimitNOFILE": "524288",
        "LimitNOFILESoft": "1024",
        "LimitNPROC": "13978",
        "LimitNPROCSoft": "13978",
        "LimitRSS": "infinity",
        "LimitRSSSoft": "infinity",
        "LimitRTPRIO": "0",
        "LimitRTPRIOSoft": "0",
        "LimitRTTIME": "infinity",
        "LimitRTTIMESoft": "infinity",
        "LimitSIGPENDING": "13978",
        "LimitSIGPENDINGSoft": "13978",
        "LimitSTACK": "infinity",
        "LimitSTACKSoft": "8388608",
        "LiveMountResult": "success",
        "LoadState": "loaded",
        "LockPersonality": "no",
        "LogLevelMax": "-1",
        "LogRateLimitBurst": "0",
        "LogRateLimitIntervalUSec": "0",
        "LogsDirectoryMode": "0755",
        "MainPID": "0",
        "ManagedOOMMemoryPressure": "auto",
        "ManagedOOMMemoryPressureDurationUSec": "[not set]",
        "ManagedOOMMemoryPressureLimit": "0",
        "ManagedOOMPreference": "none",
        "ManagedOOMSwap": "auto",
        "MemoryAccounting": "yes",
        "MemoryAvailable": "3279249408",
        "MemoryCurrent": "[not set]",
        "MemoryDenyWriteExecute": "no",
        "MemoryHigh": "infinity",
        "MemoryKSM": "no",
        "MemoryLimit": "infinity",
        "MemoryLow": "0",
        "MemoryMax": "infinity",
        "MemoryMin": "0",
        "MemoryPeak": "[not set]",
        "MemoryPressureThresholdUSec": "200ms",
        "MemoryPressureWatch": "auto",
        "MemorySwapCurrent": "[not set]",
        "MemorySwapMax": "infinity",
        "MemorySwapPeak": "[not set]",
        "MemoryZSwapCurrent": "[not set]",
        "MemoryZSwapMax": "infinity",
        "MemoryZSwapWriteback": "yes",
        "MountAPIVFS": "no",
        "MountImagePolicy": "root=verity+signed+encrypted+unprotected+absent:usr=verity+signed+encrypted+unprotected+absent:home=encrypted+unprotected+absent:srv=encrypted+unprotected+absent:tmp=encrypted+unprotected+absent:var=encrypted+unprotected+absent",
        "NFileDescriptorStore": "0",
        "NRestarts": "0",
        "NUMAPolicy": "n/a",
        "Names": "certmonger.service",
        "NeedDaemonReload": "no",
        "Nice": "0",
        "NoNewPrivileges": "no",
        "NonBlocking": "no",
        "NotifyAccess": "none",
        "OOMPolicy": "stop",
        "OOMScoreAdjust": "0",
        "OnFailureJobMode": "replace",
        "OnSuccessJobMode": "fail",
        "PIDFile": "/run/certmonger.pid",
        "PartOf": "dbus-broker.service",
        "Perpetual": "no",
        "PrivateDevices": "no",
        "PrivateIPC": "no",
        "PrivateMounts": "no",
        "PrivateNetwork": "no",
        "PrivatePIDs": "no",
        "PrivateTmp": "no",
        "PrivateTmpEx": "no",
        "PrivateUsers": "no",
        "PrivateUsersEx": "no",
        "ProcSubset": "all",
        "ProtectClock": "no",
        "ProtectControlGroups": "no",
        "ProtectControlGroupsEx": "no",
        "ProtectHome": "no",
        "ProtectHostname": "no",
        "ProtectKernelLogs": "no",
        "ProtectKernelModules": "no",
        "ProtectKernelTunables": "no",
        "ProtectProc": "default",
        "ProtectSystem": "no",
        "RefuseManualStart": "no",
        "RefuseManualStop": "no",
        "ReloadResult": "success",
        "ReloadSignal": "1",
        "RemainAfterExit": "no",
        "RemoveIPC": "no",
        "Requires": "system.slice sysinit.target dbus.socket",
        "Restart": "no",
        "RestartKillSignal": "15",
        "RestartMaxDelayUSec": "infinity",
        "RestartMode": "normal",
        "RestartSteps": "0",
        "RestartUSec": "100ms",
        "RestartUSecNext": "100ms",
        "RestrictNamespaces": "no",
        "RestrictRealtime": "no",
        "RestrictSUIDSGID": "no",
        "Result": "success",
        "RootDirectoryStartOnly": "no",
        "RootEphemeral": "no",
        "RootImagePolicy": "root=verity+signed+encrypted+unprotected+absent:usr=verity+signed+encrypted+unprotected+absent:home=encrypted+unprotected+absent:srv=encrypted+unprotected+absent:tmp=encrypted+unprotected+absent:var=encrypted+unprotected+absent",
        "RuntimeDirectoryMode": "0755",
        "RuntimeDirectoryPreserve": "no",
        "RuntimeMaxUSec": "infinity",
        "RuntimeRandomizedExtraUSec": "0",
        "SameProcessGroup": "no",
        "SecureBits": "0",
        "SendSIGHUP": "no",
        "SendSIGKILL": "yes",
        "SetLoginEnvironment": "no",
        "Slice": "system.slice",
        "StandardError": "inherit",
        "StandardInput": "null",
        "StandardOutput": "journal",
        "StartLimitAction": "none",
        "StartLimitBurst": "5",
        "StartLimitIntervalUSec": "10s",
        "StartupBlockIOWeight": "[not set]",
        "StartupCPUShares": "[not set]",
        "StartupCPUWeight": "[not set]",
        "StartupIOWeight": "[not set]",
        "StartupMemoryHigh": "infinity",
        "StartupMemoryLow": "0",
        "StartupMemoryMax": "infinity",
        "StartupMemorySwapMax": "infinity",
        "StartupMemoryZSwapMax": "infinity",
        "StateChangeTimestampMonotonic": "0",
        "StateDirectoryMode": "0755",
        "StatusErrno": "0",
        "StopWhenUnneeded": "no",
        "SubState": "dead",
        "SuccessAction": "none",
        "SurviveFinalKillSignal": "no",
        "SyslogFacility": "3",
        "SyslogLevel": "6",
        "SyslogLevelPrefix": "yes",
        "SyslogPriority": "30",
        "SystemCallErrorNumber": "2147483646",
        "TTYReset": "no",
        "TTYVHangup": "no",
        "TTYVTDisallocate": "no",
        "TasksAccounting": "yes",
        "TasksCurrent": "[not set]",
        "TasksMax": "22365",
        "TimeoutAbortUSec": "1min 30s",
        "TimeoutCleanUSec": "infinity",
        "TimeoutStartFailureMode": "terminate",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopFailureMode": "terminate",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Transient": "no",
        "Type": "dbus",
        "UID": "[not set]",
        "UMask": "0022",
        "UnitFilePreset": "disabled",
        "UnitFileState": "disabled",
        "UtmpMode": "init",
        "WatchdogSignal": "6",
        "WatchdogTimestampMonotonic": "0",
        "WatchdogUSec": "infinity"
    }
}

TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] *****
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:101
Saturday 18 January 2025  07:59:26 -0500 (0:00:01.140)       0:00:11.849 ****** 
changed: [managed-node1] => (item={'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.com",
        "group": "ftp",
        "name": "mycert_fs_attrs",
        "owner": "ftp"
    }
}

MSG:

Certificate requested (new). File attributes updated.
changed: [managed-node1] => (item={'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.com",
        "group": 1041,
        "name": "certid",
        "owner": 1040
    }
}

MSG:

Certificate requested (new). File attributes updated.

TASK [fedora.linux_system_roles.certificate : Slurp the contents of the files] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:152
Saturday 18 January 2025  07:59:27 -0500 (0:00:01.703)       0:00:13.552 ****** 
skipping: [managed-node1] => (item=['cert', {'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "cert",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": "ftp",
            "name": "mycert_fs_attrs",
            "owner": "ftp"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['cert', {'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "cert",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": 1041,
            "name": "certid",
            "owner": 1040
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['key', {'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "key",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": "ftp",
            "name": "mycert_fs_attrs",
            "owner": "ftp"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['key', {'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "key",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": 1041,
            "name": "certid",
            "owner": 1040
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['ca', {'name': 'mycert_fs_attrs', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "ca",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": "ftp",
            "name": "mycert_fs_attrs",
            "owner": "ftp"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['ca', {'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "ca",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": 1041,
            "name": "certid",
            "owner": 1040
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => {
    "changed": false
}

MSG:

All items skipped

TASK [fedora.linux_system_roles.certificate : Create return data] **************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:160
Saturday 18 January 2025  07:59:27 -0500 (0:00:00.123)       0:00:13.676 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Stop tracking certificates] ******
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:176
Saturday 18 January 2025  07:59:28 -0500 (0:00:00.059)       0:00:13.736 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Remove files] ********************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:181
Saturday 18 January 2025  07:59:28 -0500 (0:00:00.052)       0:00:13.788 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "skip_reason": "Conditional result was False"
}

PLAY [Verify certificate] ******************************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:32
Saturday 18 January 2025  07:59:28 -0500 (0:00:00.057)       0:00:13.845 ****** 
ok: [managed-node1]

TASK [Verify each certificate] *************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:61
Saturday 18 January 2025  07:59:29 -0500 (0:00:00.919)       0:00:14.764 ****** 
included: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml for managed-node1 => (item={'path': '/etc/pki/tls/certs/mycert_fs_attrs.crt', 'key_path': '/etc/pki/tls/private/mycert_fs_attrs.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 'ftp', 'group': 'ftp', 'mode': '0640'})
included: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml for managed-node1 => (item={'path': '/etc/pki/tls/certs/certid.crt', 'key_path': '/etc/pki/tls/private/certid.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 1040, 'group': 1041, 'mode': '0640'})

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:2
Saturday 18 January 2025  07:59:29 -0500 (0:00:00.055)       0:00:14.820 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Check if system is ostree] ***********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:9
Saturday 18 January 2025  07:59:29 -0500 (0:00:00.015)       0:00:14.835 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [Set flag to indicate system is ostree] ***********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:14
Saturday 18 January 2025  07:59:29 -0500 (0:00:00.018)       0:00:14.853 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:18
Saturday 18 January 2025  07:59:29 -0500 (0:00:00.017)       0:00:14.870 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "ansible_distribution_major_version == \"7\"",
    "skip_reason": "Conditional result was False"
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:28
Saturday 18 January 2025  07:59:29 -0500 (0:00:00.013)       0:00:14.884 ****** 
ok: [managed-node1] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do
lsrpackages: python3-cryptography python3-pyasn1

TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:38
Saturday 18 January 2025  07:59:30 -0500 (0:00:00.840)       0:00:15.725 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "atime": 1737205166.8738358,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "60e1b86769bb3563869f58f4874659eba37719c8",
        "ctime": 1737205166.9848335,
        "dev": 51714,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 50,
        "gr_name": "ftp",
        "inode": 250863,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0640",
        "mtime": 1737205166.8708358,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/mycert_fs_attrs.crt",
        "pw_name": "ftp",
        "readable": true,
        "rgrp": true,
        "roth": false,
        "rusr": true,
        "size": 1294,
        "uid": 14,
        "version": "2249687778",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:43
Saturday 18 January 2025  07:59:30 -0500 (0:00:00.447)       0:00:16.172 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:49
Saturday 18 January 2025  07:59:30 -0500 (0:00:00.060)       0:00:16.233 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:59
Saturday 18 January 2025  07:59:30 -0500 (0:00:00.056)       0:00:16.290 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:65
Saturday 18 January 2025  07:59:30 -0500 (0:00:00.054)       0:00:16.345 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "atime": 1737205166.814837,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "f88884134886ce2d62659210ce7fe6b860a65c48",
        "ctime": 1737205166.9858334,
        "dev": 51714,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 50,
        "gr_name": "ftp",
        "inode": 12588074,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0640",
        "mtime": 1737205166.8708358,
        "nlink": 1,
        "path": "/etc/pki/tls/private/mycert_fs_attrs.key",
        "pw_name": "ftp",
        "readable": true,
        "rgrp": true,
        "roth": false,
        "rusr": true,
        "size": 1704,
        "uid": 14,
        "version": "3903052916",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:70
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.432)       0:00:16.778 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:76
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.018)       0:00:16.796 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:86
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.037)       0:00:16.834 ****** 
ok: [managed-node1] => {
    "certificate": {
        "extensions": {
            "authorityKeyIdentifier": {
                "critical": false,
                "value": "DE:EA:B1:4B:0E:37:63:4F:5A:75:14:BB:44:2A:55:86:06:2B:5D:76"
            },
            "basicConstraints": {
                "critical": true,
                "value": {
                    "ca": false
                }
            },
            "extendedKeyUsage": {
                "critical": false,
                "value": [
                    {
                        "name": "id-kp-serverAuth",
                        "oid": "1.3.6.1.5.5.7.3.1"
                    },
                    {
                        "name": "id-kp-clientAuth",
                        "oid": "1.3.6.1.5.5.7.3.2"
                    }
                ]
            },
            "keyUsage": {
                "critical": false,
                "value": [
                    "digital_signature",
                    "key_encipherment"
                ]
            },
            "subjectAltName": {
                "critical": false,
                "value": [
                    {
                        "name": "DNS",
                        "value": "www.example.com"
                    }
                ]
            },
            "subjectKeyIdentifier": {
                "critical": false,
                "value": "07:63:75:30:F9:02:5A:63:D7:17:38:44:53:40:9D:1A:18:1F:A6:8C"
            }
        },
        "key_size": 2048,
        "signature_algorithm": {
            "algorithm": "sha256WithRSAEncryption",
            "signature": "70:46:0F:05:96:37:44:22:CB:2E:3C:D0:14:43:79:5C:72:0E:6F:BB:02:D6:34:41:2E:3D:AF:94:A0:B4:5C:89:48:34:86:E2:2D:A7:E0:9A:73:75:CD:15:94:E0:CC:0D:A0:7A:4F:5D:6D:0B:45:2F:01:C9:BF:44:42:B6:1A:D9:DF:3E:95:EA:92:95:87:EA:4B:2B:1B:ED:FE:0F:A3:AC:E0:84:66:B4:80:FE:11:75:EB:FF:82:F5:3A:FE:82:CB:5E:3A:1B:9B:B3:6B:C7:D3:1C:D2:94:0F:2A:7D:7A:EB:56:B6:F2:50:96:56:6A:D7:2F:67:75:13:63:9B:D9:F5:47:04:4A:F3:97:52:59:32:E6:AE:A1:30:2C:78:45:4B:CA:31:2B:23:AD:1E:E6:DC:8E:33:93:7D:3E:53:AA:43:EF:16:F6:67:8B:41:AF:3C:42:10:E0:9C:77:8A:D5:C0:0D:C2:FA:AA:B9:DA:FF:5B:66:0F:58:39:3A:34:FE:C1:DF:7D:1B:D0:74:48:A7:21:79:92:3D:E9:DC:2C:DE:A2:1E:70:C9:35:8D:ED:5A:4B:75:BC:CB:70:3A:90:98:E0:8D:26:3E:B3:4F:B7:73:0E:E9:39:3A:FE:E6:F5:2A:8C:6A:C0:14:D0:12:B7:A2:7C:6F:C4:65:45:F1:8A:9A:F3"
        },
        "subject": [
            {
                "name": "commonName",
                "oid": "2.5.4.3",
                "value": "www.example.com"
            }
        ],
        "validity": {
            "not_valid_after": "20260118125926Z",
            "not_valid_before": "20250118125926Z"
        }
    },
    "changed": false
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:92
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.549)       0:00:17.383 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "DE:EA:B1:4B:0E:37:63:4F:5A:75:14:BB:44:2A:55:86:06:2B:5D:76"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.com"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "07:63:75:30:F9:02:5A:63:D7:17:38:44:53:40:9D:1A:18:1F:A6:8C"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "70:46:0F:05:96:37:44:22:CB:2E:3C:D0:14:43:79:5C:72:0E:6F:BB:02:D6:34:41:2E:3D:AF:94:A0:B4:5C:89:48:34:86:E2:2D:A7:E0:9A:73:75:CD:15:94:E0:CC:0D:A0:7A:4F:5D:6D:0B:45:2F:01:C9:BF:44:42:B6:1A:D9:DF:3E:95:EA:92:95:87:EA:4B:2B:1B:ED:FE:0F:A3:AC:E0:84:66:B4:80:FE:11:75:EB:FF:82:F5:3A:FE:82:CB:5E:3A:1B:9B:B3:6B:C7:D3:1C:D2:94:0F:2A:7D:7A:EB:56:B6:F2:50:96:56:6A:D7:2F:67:75:13:63:9B:D9:F5:47:04:4A:F3:97:52:59:32:E6:AE:A1:30:2C:78:45:4B:CA:31:2B:23:AD:1E:E6:DC:8E:33:93:7D:3E:53:AA:43:EF:16:F6:67:8B:41:AF:3C:42:10:E0:9C:77:8A:D5:C0:0D:C2:FA:AA:B9:DA:FF:5B:66:0F:58:39:3A:34:FE:C1:DF:7D:1B:D0:74:48:A7:21:79:92:3D:E9:DC:2C:DE:A2:1E:70:C9:35:8D:ED:5A:4B:75:BC:CB:70:3A:90:98:E0:8D:26:3E:B3:4F:B7:73:0E:E9:39:3A:FE:E6:F5:2A:8C:6A:C0:14:D0:12:B7:A2:7C:6F:C4:65:45:F1:8A:9A:F3"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.com"
                }
            ],
            "validity": {
                "not_valid_after": "20260118125926Z",
                "not_valid_before": "20250118125926Z"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:96
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.019)       0:00:17.403 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:104
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.035)       0:00:17.438 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:112
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.019)       0:00:17.458 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:119
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.036)       0:00:17.495 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:130
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.042)       0:00:17.537 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:143
Saturday 18 January 2025  07:59:31 -0500 (0:00:00.043)       0:00:17.581 ****** 
ok: [managed-node1] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_fs_attrs.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.044599",
    "end": "2025-01-18 07:59:32.432038",
    "rc": 0,
    "start": "2025-01-18 07:59:32.387439"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:152
Saturday 18 January 2025  07:59:32 -0500 (0:00:00.610)       0:00:18.191 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:2
Saturday 18 January 2025  07:59:32 -0500 (0:00:00.060)       0:00:18.252 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Check if system is ostree] ***********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:9
Saturday 18 January 2025  07:59:32 -0500 (0:00:00.025)       0:00:18.278 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [Set flag to indicate system is ostree] ***********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:14
Saturday 18 January 2025  07:59:32 -0500 (0:00:00.033)       0:00:18.311 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:18
Saturday 18 January 2025  07:59:32 -0500 (0:00:00.034)       0:00:18.345 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "ansible_distribution_major_version == \"7\"",
    "skip_reason": "Conditional result was False"
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:28
Saturday 18 January 2025  07:59:32 -0500 (0:00:00.023)       0:00:18.369 ****** 
ok: [managed-node1] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do
lsrpackages: python3-cryptography python3-pyasn1

TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:38
Saturday 18 January 2025  07:59:33 -0500 (0:00:00.818)       0:00:19.188 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "atime": 1737205167.6578195,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "e152e56a188be7b8318c570945c5cd870f6fdcf8",
        "ctime": 1737205167.7648172,
        "dev": 51714,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 1041,
        "gr_name": "somegroup",
        "inode": 294663,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0640",
        "mtime": 1737205167.6558197,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/certid.crt",
        "pw_name": "user1",
        "readable": true,
        "rgrp": true,
        "roth": false,
        "rusr": true,
        "size": 1294,
        "uid": 1040,
        "version": "597504856",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:43
Saturday 18 January 2025  07:59:33 -0500 (0:00:00.418)       0:00:19.606 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:49
Saturday 18 January 2025  07:59:33 -0500 (0:00:00.018)       0:00:19.625 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:59
Saturday 18 January 2025  07:59:33 -0500 (0:00:00.037)       0:00:19.662 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:65
Saturday 18 January 2025  07:59:33 -0500 (0:00:00.034)       0:00:19.697 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "atime": 1737205167.6108205,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "522f6220e7b3a8be3764388f759077cd130b849e",
        "ctime": 1737205167.7658174,
        "dev": 51714,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 1041,
        "gr_name": "somegroup",
        "inode": 12588075,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0640",
        "mtime": 1737205167.6558197,
        "nlink": 1,
        "path": "/etc/pki/tls/private/certid.key",
        "pw_name": "user1",
        "readable": true,
        "rgrp": true,
        "roth": false,
        "rusr": true,
        "size": 1704,
        "uid": 1040,
        "version": "3108046295",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:70
Saturday 18 January 2025  07:59:34 -0500 (0:00:00.417)       0:00:20.115 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:76
Saturday 18 January 2025  07:59:34 -0500 (0:00:00.019)       0:00:20.134 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:86
Saturday 18 January 2025  07:59:34 -0500 (0:00:00.040)       0:00:20.175 ****** 
ok: [managed-node1] => {
    "certificate": {
        "extensions": {
            "authorityKeyIdentifier": {
                "critical": false,
                "value": "DE:EA:B1:4B:0E:37:63:4F:5A:75:14:BB:44:2A:55:86:06:2B:5D:76"
            },
            "basicConstraints": {
                "critical": true,
                "value": {
                    "ca": false
                }
            },
            "extendedKeyUsage": {
                "critical": false,
                "value": [
                    {
                        "name": "id-kp-serverAuth",
                        "oid": "1.3.6.1.5.5.7.3.1"
                    },
                    {
                        "name": "id-kp-clientAuth",
                        "oid": "1.3.6.1.5.5.7.3.2"
                    }
                ]
            },
            "keyUsage": {
                "critical": false,
                "value": [
                    "digital_signature",
                    "key_encipherment"
                ]
            },
            "subjectAltName": {
                "critical": false,
                "value": [
                    {
                        "name": "DNS",
                        "value": "www.example.com"
                    }
                ]
            },
            "subjectKeyIdentifier": {
                "critical": false,
                "value": "7C:74:8E:67:4F:0A:CC:68:22:85:8C:A5:9D:BB:D1:29:B6:26:85:F0"
            }
        },
        "key_size": 2048,
        "signature_algorithm": {
            "algorithm": "sha256WithRSAEncryption",
            "signature": "0F:76:C8:7F:0C:F6:3B:EC:FD:0D:ED:29:6F:68:AF:7F:64:56:DD:7B:C5:B6:F7:EB:02:45:CE:39:39:97:2D:ED:DB:46:A6:B6:42:39:F9:9D:33:7A:83:F4:CD:07:2F:75:DD:9B:22:8A:BD:79:AB:D6:8F:ED:22:9C:61:2D:1D:BE:D7:64:19:95:47:83:4D:B4:EC:69:47:09:54:0F:89:B5:A0:C9:87:5A:95:05:D4:57:9A:CE:A7:66:FA:6B:0C:40:EE:EC:77:77:7D:B9:17:5E:FD:BB:D7:1D:9C:86:22:BF:9E:85:E5:F2:29:DF:62:D3:EB:AC:44:57:83:E0:95:44:DD:F9:CD:D6:DF:52:6C:35:8E:AF:D5:A8:5D:77:0C:BD:AB:6F:73:14:0A:7D:57:6D:FE:93:50:6E:2C:C1:62:CD:DC:75:69:0A:ED:01:F7:01:FC:5D:78:A1:6E:EB:74:A4:43:A0:EF:43:1E:4F:6A:F8:56:1B:AE:5D:34:49:EC:6C:CB:6D:7D:87:AA:48:34:94:D1:86:07:C7:30:96:6F:BF:07:B4:92:F9:A9:5A:F0:FC:BA:2F:04:86:B0:0D:B8:3A:04:7B:A5:37:28:B4:AB:69:A4:A9:B4:46:C5:12:7F:89:F6:BF:70:26:A2:71:DD:14:2E:CA:34:DF:50:D0:81:1C"
        },
        "subject": [
            {
                "name": "commonName",
                "oid": "2.5.4.3",
                "value": "www.example.com"
            }
        ],
        "validity": {
            "not_valid_after": "20260118125926Z",
            "not_valid_before": "20250118125927Z"
        }
    },
    "changed": false
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:92
Saturday 18 January 2025  07:59:34 -0500 (0:00:00.425)       0:00:20.600 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "DE:EA:B1:4B:0E:37:63:4F:5A:75:14:BB:44:2A:55:86:06:2B:5D:76"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.com"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "7C:74:8E:67:4F:0A:CC:68:22:85:8C:A5:9D:BB:D1:29:B6:26:85:F0"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "0F:76:C8:7F:0C:F6:3B:EC:FD:0D:ED:29:6F:68:AF:7F:64:56:DD:7B:C5:B6:F7:EB:02:45:CE:39:39:97:2D:ED:DB:46:A6:B6:42:39:F9:9D:33:7A:83:F4:CD:07:2F:75:DD:9B:22:8A:BD:79:AB:D6:8F:ED:22:9C:61:2D:1D:BE:D7:64:19:95:47:83:4D:B4:EC:69:47:09:54:0F:89:B5:A0:C9:87:5A:95:05:D4:57:9A:CE:A7:66:FA:6B:0C:40:EE:EC:77:77:7D:B9:17:5E:FD:BB:D7:1D:9C:86:22:BF:9E:85:E5:F2:29:DF:62:D3:EB:AC:44:57:83:E0:95:44:DD:F9:CD:D6:DF:52:6C:35:8E:AF:D5:A8:5D:77:0C:BD:AB:6F:73:14:0A:7D:57:6D:FE:93:50:6E:2C:C1:62:CD:DC:75:69:0A:ED:01:F7:01:FC:5D:78:A1:6E:EB:74:A4:43:A0:EF:43:1E:4F:6A:F8:56:1B:AE:5D:34:49:EC:6C:CB:6D:7D:87:AA:48:34:94:D1:86:07:C7:30:96:6F:BF:07:B4:92:F9:A9:5A:F0:FC:BA:2F:04:86:B0:0D:B8:3A:04:7B:A5:37:28:B4:AB:69:A4:A9:B4:46:C5:12:7F:89:F6:BF:70:26:A2:71:DD:14:2E:CA:34:DF:50:D0:81:1C"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.com"
                }
            ],
            "validity": {
                "not_valid_after": "20260118125926Z",
                "not_valid_before": "20250118125927Z"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:96
Saturday 18 January 2025  07:59:34 -0500 (0:00:00.028)       0:00:20.629 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:104
Saturday 18 January 2025  07:59:34 -0500 (0:00:00.049)       0:00:20.678 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:112
Saturday 18 January 2025  07:59:34 -0500 (0:00:00.021)       0:00:20.699 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:119
Saturday 18 January 2025  07:59:35 -0500 (0:00:00.045)       0:00:20.745 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:130
Saturday 18 January 2025  07:59:35 -0500 (0:00:00.065)       0:00:20.810 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:143
Saturday 18 January 2025  07:59:35 -0500 (0:00:00.055)       0:00:20.866 ****** 
ok: [managed-node1] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.044572",
    "end": "2025-01-18 07:59:35.521359",
    "rc": 0,
    "start": "2025-01-18 07:59:35.476787"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:152
Saturday 18 January 2025  07:59:35 -0500 (0:00:00.437)       0:00:21.303 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

PLAY [Issue certificate setting user/group/mode] *******************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:67
Saturday 18 January 2025  07:59:35 -0500 (0:00:00.128)       0:00:21.432 ****** 
ok: [managed-node1]

TASK [fedora.linux_system_roles.certificate : Set version specific variables] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2
Saturday 18 January 2025  07:59:36 -0500 (0:00:00.943)       0:00:22.375 ****** 
included: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for managed-node1

TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2
Saturday 18 January 2025  07:59:36 -0500 (0:00:00.017)       0:00:22.393 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "__certificate_required_facts | difference(ansible_facts.keys() | list) | length > 0",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Check if system is ostree] *******
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:10
Saturday 18 January 2025  07:59:36 -0500 (0:00:00.041)       0:00:22.435 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Set flag to indicate system is ostree] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:15
Saturday 18 January 2025  07:59:36 -0500 (0:00:00.024)       0:00:22.459 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:19
Saturday 18 January 2025  07:59:36 -0500 (0:00:00.019)       0:00:22.479 ****** 
skipping: [managed-node1] => (item=RedHat.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "RedHat.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=CentOS.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "CentOS.yml",
    "skip_reason": "Conditional result was False"
}
ok: [managed-node1] => (item=CentOS_10.yml) => {
    "ansible_facts": {
        "__certificate_certmonger_packages": [
            "certmonger",
            "python3-packaging"
        ]
    },
    "ansible_included_var_files": [
        "/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/CentOS_10.yml"
    ],
    "ansible_loop_var": "item",
    "changed": false,
    "item": "CentOS_10.yml"
}
ok: [managed-node1] => (item=CentOS_10.yml) => {
    "ansible_facts": {
        "__certificate_certmonger_packages": [
            "certmonger",
            "python3-packaging"
        ]
    },
    "ansible_included_var_files": [
        "/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/CentOS_10.yml"
    ],
    "ansible_loop_var": "item",
    "changed": false,
    "item": "CentOS_10.yml"
}

TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5
Saturday 18 January 2025  07:59:36 -0500 (0:00:00.041)       0:00:22.520 ****** 
ok: [managed-node1] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do
lsrpackages: python3-cryptography python3-dbus python3-pyasn1

TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:23
Saturday 18 January 2025  07:59:37 -0500 (0:00:00.815)       0:00:23.335 ****** 
ok: [managed-node1] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do
lsrpackages: certmonger python3-packaging

TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:35
Saturday 18 January 2025  07:59:38 -0500 (0:00:00.851)       0:00:24.187 ****** 
ok: [managed-node1] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/etc/certmonger//pre-scripts",
    "secontext": "unconfined_u:object_r:etc_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:61
Saturday 18 January 2025  07:59:38 -0500 (0:00:00.439)       0:00:24.627 ****** 
ok: [managed-node1] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/etc/certmonger//post-scripts",
    "secontext": "unconfined_u:object_r:etc_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:90
Saturday 18 January 2025  07:59:39 -0500 (0:00:00.477)       0:00:25.104 ****** 
ok: [managed-node1] => (item=certmonger) => {
    "__certificate_provider": "certmonger",
    "ansible_loop_var": "__certificate_provider",
    "changed": false,
    "enabled": true,
    "name": "certmonger",
    "state": "started",
    "status": {
        "AccessSELinuxContext": "system_u:object_r:certmonger_unit_file_t:s0",
        "ActiveEnterTimestamp": "Sat 2025-01-18 07:59:26 EST",
        "ActiveEnterTimestampMonotonic": "252439316",
        "ActiveExitTimestampMonotonic": "0",
        "ActiveState": "active",
        "After": "basic.target systemd-journald.socket dbus.socket network.target syslog.target system.slice sysinit.target dbus-broker.service",
        "AllowIsolate": "no",
        "AssertResult": "yes",
        "AssertTimestamp": "Sat 2025-01-18 07:59:25 EST",
        "AssertTimestampMonotonic": "252414781",
        "Before": "shutdown.target multi-user.target",
        "BindLogSockets": "no",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
        "BusName": "org.fedorahosted.certmonger",
        "CPUAccounting": "yes",
        "CPUAffinityFromNUMA": "no",
        "CPUQuotaPerSecUSec": "infinity",
        "CPUQuotaPeriodUSec": "infinity",
        "CPUSchedulingPolicy": "0",
        "CPUSchedulingPriority": "0",
        "CPUSchedulingResetOnFork": "no",
        "CPUShares": "[not set]",
        "CPUUsageNSec": "741865000",
        "CPUWeight": "[not set]",
        "CacheDirectoryMode": "0755",
        "CanFreeze": "yes",
        "CanIsolate": "no",
        "CanLiveMount": "no",
        "CanReload": "no",
        "CanStart": "yes",
        "CanStop": "yes",
        "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore",
        "CleanResult": "success",
        "CollectMode": "inactive",
        "ConditionResult": "yes",
        "ConditionTimestamp": "Sat 2025-01-18 07:59:25 EST",
        "ConditionTimestampMonotonic": "252414777",
        "ConfigurationDirectoryMode": "0755",
        "Conflicts": "shutdown.target",
        "ControlGroup": "/system.slice/certmonger.service",
        "ControlGroupId": "5272",
        "ControlPID": "0",
        "CoredumpFilter": "0x33",
        "CoredumpReceive": "no",
        "DebugInvocation": "no",
        "DefaultDependencies": "yes",
        "DefaultMemoryLow": "0",
        "DefaultMemoryMin": "0",
        "DefaultStartupMemoryLow": "0",
        "Delegate": "no",
        "Description": "Certificate monitoring and PKI enrollment",
        "DevicePolicy": "auto",
        "DynamicUser": "no",
        "EffectiveMemoryHigh": "3698225152",
        "EffectiveMemoryMax": "3698225152",
        "EffectiveTasksMax": "22365",
        "EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)",
        "ExecMainCode": "0",
        "ExecMainExitTimestampMonotonic": "0",
        "ExecMainHandoffTimestamp": "Sat 2025-01-18 07:59:25 EST",
        "ExecMainHandoffTimestampMonotonic": "252427197",
        "ExecMainPID": "9353",
        "ExecMainStartTimestamp": "Sat 2025-01-18 07:59:25 EST",
        "ExecMainStartTimestampMonotonic": "252415886",
        "ExecMainStatus": "0",
        "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[Sat 2025-01-18 07:59:25 EST] ; stop_time=[n/a] ; pid=9353 ; code=(null) ; status=0/0 }",
        "ExecStartEx": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; flags= ; start_time=[Sat 2025-01-18 07:59:25 EST] ; stop_time=[n/a] ; pid=9353 ; code=(null) ; status=0/0 }",
        "ExitType": "main",
        "ExtensionImagePolicy": "root=verity+signed+encrypted+unprotected+absent:usr=verity+signed+encrypted+unprotected+absent:home=encrypted+unprotected+absent:srv=encrypted+unprotected+absent:tmp=encrypted+unprotected+absent:var=encrypted+unprotected+absent",
        "FailureAction": "none",
        "FileDescriptorStoreMax": "0",
        "FileDescriptorStorePreserve": "restart",
        "FinalKillSignal": "9",
        "FragmentPath": "/usr/lib/systemd/system/certmonger.service",
        "FreezerState": "running",
        "GID": "[not set]",
        "GuessMainPID": "yes",
        "IOAccounting": "no",
        "IOReadBytes": "[not set]",
        "IOReadOperations": "[not set]",
        "IOSchedulingClass": "2",
        "IOSchedulingPriority": "4",
        "IOWeight": "[not set]",
        "IOWriteBytes": "[not set]",
        "IOWriteOperations": "[not set]",
        "IPAccounting": "no",
        "IPEgressBytes": "[no data]",
        "IPEgressPackets": "[no data]",
        "IPIngressBytes": "[no data]",
        "IPIngressPackets": "[no data]",
        "Id": "certmonger.service",
        "IgnoreOnIsolate": "no",
        "IgnoreSIGPIPE": "yes",
        "InactiveEnterTimestampMonotonic": "0",
        "InactiveExitTimestamp": "Sat 2025-01-18 07:59:25 EST",
        "InactiveExitTimestampMonotonic": "252416516",
        "InvocationID": "8a1dde897be142e99349a8b0adc9afab",
        "JobRunningTimeoutUSec": "infinity",
        "JobTimeoutAction": "none",
        "JobTimeoutUSec": "infinity",
        "KeyringMode": "private",
        "KillMode": "control-group",
        "KillSignal": "15",
        "LimitAS": "infinity",
        "LimitASSoft": "infinity",
        "LimitCORE": "infinity",
        "LimitCORESoft": "infinity",
        "LimitCPU": "infinity",
        "LimitCPUSoft": "infinity",
        "LimitDATA": "infinity",
        "LimitDATASoft": "infinity",
        "LimitFSIZE": "infinity",
        "LimitFSIZESoft": "infinity",
        "LimitLOCKS": "infinity",
        "LimitLOCKSSoft": "infinity",
        "LimitMEMLOCK": "8388608",
        "LimitMEMLOCKSoft": "8388608",
        "LimitMSGQUEUE": "819200",
        "LimitMSGQUEUESoft": "819200",
        "LimitNICE": "0",
        "LimitNICESoft": "0",
        "LimitNOFILE": "524288",
        "LimitNOFILESoft": "1024",
        "LimitNPROC": "13978",
        "LimitNPROCSoft": "13978",
        "LimitRSS": "infinity",
        "LimitRSSSoft": "infinity",
        "LimitRTPRIO": "0",
        "LimitRTPRIOSoft": "0",
        "LimitRTTIME": "infinity",
        "LimitRTTIMESoft": "infinity",
        "LimitSIGPENDING": "13978",
        "LimitSIGPENDINGSoft": "13978",
        "LimitSTACK": "infinity",
        "LimitSTACKSoft": "8388608",
        "LiveMountResult": "success",
        "LoadState": "loaded",
        "LockPersonality": "no",
        "LogLevelMax": "-1",
        "LogRateLimitBurst": "0",
        "LogRateLimitIntervalUSec": "0",
        "LogsDirectoryMode": "0755",
        "MainPID": "9353",
        "ManagedOOMMemoryPressure": "auto",
        "ManagedOOMMemoryPressureDurationUSec": "[not set]",
        "ManagedOOMMemoryPressureLimit": "0",
        "ManagedOOMPreference": "none",
        "ManagedOOMSwap": "auto",
        "MemoryAccounting": "yes",
        "MemoryAvailable": "3282964480",
        "MemoryCurrent": "2674688",
        "MemoryDenyWriteExecute": "no",
        "MemoryHigh": "infinity",
        "MemoryKSM": "no",
        "MemoryLimit": "infinity",
        "MemoryLow": "0",
        "MemoryMax": "infinity",
        "MemoryMin": "0",
        "MemoryPeak": "10964992",
        "MemoryPressureThresholdUSec": "200ms",
        "MemoryPressureWatch": "auto",
        "MemorySwapCurrent": "0",
        "MemorySwapMax": "infinity",
        "MemorySwapPeak": "0",
        "MemoryZSwapCurrent": "0",
        "MemoryZSwapMax": "infinity",
        "MemoryZSwapWriteback": "yes",
        "MountAPIVFS": "no",
        "MountImagePolicy": "root=verity+signed+encrypted+unprotected+absent:usr=verity+signed+encrypted+unprotected+absent:home=encrypted+unprotected+absent:srv=encrypted+unprotected+absent:tmp=encrypted+unprotected+absent:var=encrypted+unprotected+absent",
        "NFileDescriptorStore": "0",
        "NRestarts": "0",
        "NUMAPolicy": "n/a",
        "Names": "certmonger.service",
        "NeedDaemonReload": "no",
        "Nice": "0",
        "NoNewPrivileges": "no",
        "NonBlocking": "no",
        "NotifyAccess": "none",
        "OOMPolicy": "stop",
        "OOMScoreAdjust": "0",
        "OnFailureJobMode": "replace",
        "OnSuccessJobMode": "fail",
        "PIDFile": "/run/certmonger.pid",
        "PartOf": "dbus-broker.service",
        "Perpetual": "no",
        "PrivateDevices": "no",
        "PrivateIPC": "no",
        "PrivateMounts": "no",
        "PrivateNetwork": "no",
        "PrivatePIDs": "no",
        "PrivateTmp": "no",
        "PrivateTmpEx": "no",
        "PrivateUsers": "no",
        "PrivateUsersEx": "no",
        "ProcSubset": "all",
        "ProtectClock": "no",
        "ProtectControlGroups": "no",
        "ProtectControlGroupsEx": "no",
        "ProtectHome": "no",
        "ProtectHostname": "no",
        "ProtectKernelLogs": "no",
        "ProtectKernelModules": "no",
        "ProtectKernelTunables": "no",
        "ProtectProc": "default",
        "ProtectSystem": "no",
        "RefuseManualStart": "no",
        "RefuseManualStop": "no",
        "ReloadResult": "success",
        "ReloadSignal": "1",
        "RemainAfterExit": "no",
        "RemoveIPC": "no",
        "Requires": "sysinit.target dbus.socket system.slice",
        "Restart": "no",
        "RestartKillSignal": "15",
        "RestartMaxDelayUSec": "infinity",
        "RestartMode": "normal",
        "RestartSteps": "0",
        "RestartUSec": "100ms",
        "RestartUSecNext": "100ms",
        "RestrictNamespaces": "no",
        "RestrictRealtime": "no",
        "RestrictSUIDSGID": "no",
        "Result": "success",
        "RootDirectoryStartOnly": "no",
        "RootEphemeral": "no",
        "RootImagePolicy": "root=verity+signed+encrypted+unprotected+absent:usr=verity+signed+encrypted+unprotected+absent:home=encrypted+unprotected+absent:srv=encrypted+unprotected+absent:tmp=encrypted+unprotected+absent:var=encrypted+unprotected+absent",
        "RuntimeDirectoryMode": "0755",
        "RuntimeDirectoryPreserve": "no",
        "RuntimeMaxUSec": "infinity",
        "RuntimeRandomizedExtraUSec": "0",
        "SameProcessGroup": "no",
        "SecureBits": "0",
        "SendSIGHUP": "no",
        "SendSIGKILL": "yes",
        "SetLoginEnvironment": "no",
        "Slice": "system.slice",
        "StandardError": "inherit",
        "StandardInput": "null",
        "StandardOutput": "journal",
        "StartLimitAction": "none",
        "StartLimitBurst": "5",
        "StartLimitIntervalUSec": "10s",
        "StartupBlockIOWeight": "[not set]",
        "StartupCPUShares": "[not set]",
        "StartupCPUWeight": "[not set]",
        "StartupIOWeight": "[not set]",
        "StartupMemoryHigh": "infinity",
        "StartupMemoryLow": "0",
        "StartupMemoryMax": "infinity",
        "StartupMemorySwapMax": "infinity",
        "StartupMemoryZSwapMax": "infinity",
        "StateChangeTimestamp": "Sat 2025-01-18 07:59:26 EST",
        "StateChangeTimestampMonotonic": "252439316",
        "StateDirectoryMode": "0755",
        "StatusErrno": "0",
        "StopWhenUnneeded": "no",
        "SubState": "running",
        "SuccessAction": "none",
        "SurviveFinalKillSignal": "no",
        "SyslogFacility": "3",
        "SyslogLevel": "6",
        "SyslogLevelPrefix": "yes",
        "SyslogPriority": "30",
        "SystemCallErrorNumber": "2147483646",
        "TTYReset": "no",
        "TTYVHangup": "no",
        "TTYVTDisallocate": "no",
        "TasksAccounting": "yes",
        "TasksCurrent": "1",
        "TasksMax": "22365",
        "TimeoutAbortUSec": "1min 30s",
        "TimeoutCleanUSec": "infinity",
        "TimeoutStartFailureMode": "terminate",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopFailureMode": "terminate",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Transient": "no",
        "Type": "dbus",
        "UID": "[not set]",
        "UMask": "0022",
        "UnitFilePreset": "disabled",
        "UnitFileState": "enabled",
        "UtmpMode": "init",
        "WantedBy": "multi-user.target",
        "WatchdogSignal": "6",
        "WatchdogTimestampMonotonic": "0",
        "WatchdogUSec": "0"
    }
}

TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] *****
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:101
Saturday 18 January 2025  07:59:39 -0500 (0:00:00.577)       0:00:25.682 ****** 
changed: [managed-node1] => (item={'name': 'mycert_fs_attrs_mode', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'mode': '0620', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.com",
        "group": "ftp",
        "mode": "0620",
        "name": "mycert_fs_attrs_mode",
        "owner": "ftp"
    }
}

MSG:

Certificate requested (new). File attributes updated.
changed: [managed-node1] => (item={'name': 'certid_mode', 'dns': 'www.example.com', 'mode': '0600', 'ca': 'self-sign'}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "ca": "self-sign",
        "dns": "www.example.com",
        "mode": "0600",
        "name": "certid_mode"
    }
}

MSG:

Certificate requested (new).

TASK [fedora.linux_system_roles.certificate : Slurp the contents of the files] ***
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:152
Saturday 18 January 2025  07:59:41 -0500 (0:00:01.673)       0:00:27.355 ****** 
skipping: [managed-node1] => (item=['cert', {'name': 'mycert_fs_attrs_mode', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'mode': '0620', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "cert",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": "ftp",
            "mode": "0620",
            "name": "mycert_fs_attrs_mode",
            "owner": "ftp"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['cert', {'name': 'certid_mode', 'dns': 'www.example.com', 'mode': '0600', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "cert",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "mode": "0600",
            "name": "certid_mode"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['key', {'name': 'mycert_fs_attrs_mode', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'mode': '0620', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "key",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": "ftp",
            "mode": "0620",
            "name": "mycert_fs_attrs_mode",
            "owner": "ftp"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['key', {'name': 'certid_mode', 'dns': 'www.example.com', 'mode': '0600', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "key",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "mode": "0600",
            "name": "certid_mode"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['ca', {'name': 'mycert_fs_attrs_mode', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'mode': '0620', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "ca",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "group": "ftp",
            "mode": "0620",
            "name": "mycert_fs_attrs_mode",
            "owner": "ftp"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['ca', {'name': 'certid_mode', 'dns': 'www.example.com', 'mode': '0600', 'ca': 'self-sign'}])  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "item": [
        "ca",
        {
            "ca": "self-sign",
            "dns": "www.example.com",
            "mode": "0600",
            "name": "certid_mode"
        }
    ],
    "skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => {
    "changed": false
}

MSG:

All items skipped

TASK [fedora.linux_system_roles.certificate : Create return data] **************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:160
Saturday 18 January 2025  07:59:41 -0500 (0:00:00.088)       0:00:27.444 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Stop tracking certificates] ******
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:176
Saturday 18 January 2025  07:59:41 -0500 (0:00:00.037)       0:00:27.482 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.certificate : Remove files] ********************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:181
Saturday 18 January 2025  07:59:41 -0500 (0:00:00.056)       0:00:27.538 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "certificate_test_mode | d(false)",
    "skip_reason": "Conditional result was False"
}

PLAY [Verify certificate] ******************************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:85
Saturday 18 January 2025  07:59:41 -0500 (0:00:00.081)       0:00:27.619 ****** 
ok: [managed-node1]

TASK [Verify each certificate] *************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:112
Saturday 18 January 2025  07:59:42 -0500 (0:00:00.941)       0:00:28.560 ****** 
included: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml for managed-node1 => (item={'path': '/etc/pki/tls/certs/mycert_fs_attrs_mode.crt', 'key_path': '/etc/pki/tls/private/mycert_fs_attrs_mode.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 'ftp', 'group': 'ftp', 'mode': '0620'})
included: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml for managed-node1 => (item={'path': '/etc/pki/tls/certs/certid_mode.crt', 'key_path': '/etc/pki/tls/private/certid_mode.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'mode': '0600'})

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:2
Saturday 18 January 2025  07:59:42 -0500 (0:00:00.054)       0:00:28.614 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Check if system is ostree] ***********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:9
Saturday 18 January 2025  07:59:42 -0500 (0:00:00.016)       0:00:28.631 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [Set flag to indicate system is ostree] ***********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:14
Saturday 18 January 2025  07:59:42 -0500 (0:00:00.018)       0:00:28.649 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:18
Saturday 18 January 2025  07:59:42 -0500 (0:00:00.018)       0:00:28.668 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "ansible_distribution_major_version == \"7\"",
    "skip_reason": "Conditional result was False"
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:28
Saturday 18 January 2025  07:59:42 -0500 (0:00:00.013)       0:00:28.681 ****** 
ok: [managed-node1] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do
lsrpackages: python3-cryptography python3-pyasn1

TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:38
Saturday 18 January 2025  07:59:43 -0500 (0:00:00.811)       0:00:29.493 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "atime": 1737205180.735549,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "ac65d523abd4faef988e8da794e01f225e8fb693",
        "ctime": 1737205180.7805479,
        "dev": 51714,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 50,
        "gr_name": "ftp",
        "inode": 294664,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0620",
        "mtime": 1737205180.7335489,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/mycert_fs_attrs_mode.crt",
        "pw_name": "ftp",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1294,
        "uid": 14,
        "version": "674594640",
        "wgrp": true,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:43
Saturday 18 January 2025  07:59:44 -0500 (0:00:00.383)       0:00:29.877 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:49
Saturday 18 January 2025  07:59:44 -0500 (0:00:00.018)       0:00:29.895 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:59
Saturday 18 January 2025  07:59:44 -0500 (0:00:00.039)       0:00:29.935 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:65
Saturday 18 January 2025  07:59:44 -0500 (0:00:00.036)       0:00:29.971 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "atime": 1737205180.6875498,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "686b32ed15c6db64b7964b6bea00aa75321fc79f",
        "ctime": 1737205180.781548,
        "dev": 51714,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 50,
        "gr_name": "ftp",
        "inode": 12588076,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0620",
        "mtime": 1737205180.7335489,
        "nlink": 1,
        "path": "/etc/pki/tls/private/mycert_fs_attrs_mode.key",
        "pw_name": "ftp",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1708,
        "uid": 14,
        "version": "2527294829",
        "wgrp": true,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:70
Saturday 18 January 2025  07:59:44 -0500 (0:00:00.401)       0:00:30.372 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:76
Saturday 18 January 2025  07:59:44 -0500 (0:00:00.030)       0:00:30.403 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:86
Saturday 18 January 2025  07:59:44 -0500 (0:00:00.045)       0:00:30.449 ****** 
ok: [managed-node1] => {
    "certificate": {
        "extensions": {
            "authorityKeyIdentifier": {
                "critical": false,
                "value": "DE:EA:B1:4B:0E:37:63:4F:5A:75:14:BB:44:2A:55:86:06:2B:5D:76"
            },
            "basicConstraints": {
                "critical": true,
                "value": {
                    "ca": false
                }
            },
            "extendedKeyUsage": {
                "critical": false,
                "value": [
                    {
                        "name": "id-kp-serverAuth",
                        "oid": "1.3.6.1.5.5.7.3.1"
                    },
                    {
                        "name": "id-kp-clientAuth",
                        "oid": "1.3.6.1.5.5.7.3.2"
                    }
                ]
            },
            "keyUsage": {
                "critical": false,
                "value": [
                    "digital_signature",
                    "key_encipherment"
                ]
            },
            "subjectAltName": {
                "critical": false,
                "value": [
                    {
                        "name": "DNS",
                        "value": "www.example.com"
                    }
                ]
            },
            "subjectKeyIdentifier": {
                "critical": false,
                "value": "B7:01:E0:D9:62:6D:6B:B8:3F:FB:6B:27:0D:B9:4B:26:64:58:F3:72"
            }
        },
        "key_size": 2048,
        "signature_algorithm": {
            "algorithm": "sha256WithRSAEncryption",
            "signature": "6A:2C:91:08:DD:6C:1B:BA:B8:7C:10:7A:FD:28:59:9D:A6:E6:0C:64:F6:6C:D2:4B:AB:3E:6A:8A:2C:1B:22:A4:C7:00:78:66:F7:17:30:AF:45:53:04:17:AA:CC:03:72:4D:B7:CC:F7:A2:61:D2:FB:85:CF:76:42:40:FF:D2:72:F4:7A:07:9E:8C:49:38:86:B0:7F:A8:1C:22:B5:DB:A9:77:24:86:8A:08:86:0D:2F:59:31:CB:C9:6B:E4:24:BE:58:8B:70:23:A8:9F:BC:C7:36:51:61:02:7C:1A:E8:53:15:D1:BF:E2:4B:CF:4D:53:25:1B:E9:18:7C:30:E0:CF:42:8A:3E:41:B1:0B:CC:32:E5:C1:ED:C6:94:A6:F4:E0:2C:5F:BA:89:7F:46:2C:80:0F:F5:C4:F1:AC:F1:B7:53:F2:49:8A:3E:F3:50:AD:47:7B:16:7A:13:56:A5:32:6D:4B:B4:3E:52:B3:7F:1B:BF:69:FF:89:8E:4F:78:AC:B7:3D:9A:20:B9:CD:89:32:58:AE:EC:D6:31:EB:31:BB:3C:0E:D9:07:FD:B0:30:F8:C5:A6:D2:A3:57:27:57:A4:9F:3B:48:65:27:AE:F1:6F:DF:A4:FE:96:50:9B:F8:BB:BE:F7:1A:AE:16:6E:B1:D0:68:A7:8D:C1:32:06:0A:19:67"
        },
        "subject": [
            {
                "name": "commonName",
                "oid": "2.5.4.3",
                "value": "www.example.com"
            }
        ],
        "validity": {
            "not_valid_after": "20260118125926Z",
            "not_valid_before": "20250118125940Z"
        }
    },
    "changed": false
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:92
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.432)       0:00:30.881 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "DE:EA:B1:4B:0E:37:63:4F:5A:75:14:BB:44:2A:55:86:06:2B:5D:76"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.com"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "B7:01:E0:D9:62:6D:6B:B8:3F:FB:6B:27:0D:B9:4B:26:64:58:F3:72"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "6A:2C:91:08:DD:6C:1B:BA:B8:7C:10:7A:FD:28:59:9D:A6:E6:0C:64:F6:6C:D2:4B:AB:3E:6A:8A:2C:1B:22:A4:C7:00:78:66:F7:17:30:AF:45:53:04:17:AA:CC:03:72:4D:B7:CC:F7:A2:61:D2:FB:85:CF:76:42:40:FF:D2:72:F4:7A:07:9E:8C:49:38:86:B0:7F:A8:1C:22:B5:DB:A9:77:24:86:8A:08:86:0D:2F:59:31:CB:C9:6B:E4:24:BE:58:8B:70:23:A8:9F:BC:C7:36:51:61:02:7C:1A:E8:53:15:D1:BF:E2:4B:CF:4D:53:25:1B:E9:18:7C:30:E0:CF:42:8A:3E:41:B1:0B:CC:32:E5:C1:ED:C6:94:A6:F4:E0:2C:5F:BA:89:7F:46:2C:80:0F:F5:C4:F1:AC:F1:B7:53:F2:49:8A:3E:F3:50:AD:47:7B:16:7A:13:56:A5:32:6D:4B:B4:3E:52:B3:7F:1B:BF:69:FF:89:8E:4F:78:AC:B7:3D:9A:20:B9:CD:89:32:58:AE:EC:D6:31:EB:31:BB:3C:0E:D9:07:FD:B0:30:F8:C5:A6:D2:A3:57:27:57:A4:9F:3B:48:65:27:AE:F1:6F:DF:A4:FE:96:50:9B:F8:BB:BE:F7:1A:AE:16:6E:B1:D0:68:A7:8D:C1:32:06:0A:19:67"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.com"
                }
            ],
            "validity": {
                "not_valid_after": "20260118125926Z",
                "not_valid_before": "20250118125940Z"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:96
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.023)       0:00:30.904 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:104
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.038)       0:00:30.943 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:112
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.019)       0:00:30.962 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:119
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.038)       0:00:31.001 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:130
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.053)       0:00:31.054 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:143
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.061)       0:00:31.116 ****** 
ok: [managed-node1] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_fs_attrs_mode.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.047759",
    "end": "2025-01-18 07:59:45.805001",
    "rc": 0,
    "start": "2025-01-18 07:59:45.757242"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:152
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.451)       0:00:31.567 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Set virtualenv_path] *****************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:2
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.040)       0:00:31.608 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "__virtualenv_path": "/tmp/certificate-tests-venv"
    },
    "changed": false
}

TASK [Check if system is ostree] ***********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:9
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.020)       0:00:31.628 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [Set flag to indicate system is ostree] ***********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:14
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.022)       0:00:31.651 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "not __certificate_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:18
Saturday 18 January 2025  07:59:45 -0500 (0:00:00.034)       0:00:31.685 ****** 
skipping: [managed-node1] => {
    "changed": false,
    "false_condition": "ansible_distribution_major_version == \"7\"",
    "skip_reason": "Conditional result was False"
}

TASK [Ensure python3 is installed] *********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:28
Saturday 18 January 2025  07:59:46 -0500 (0:00:00.020)       0:00:31.705 ****** 
ok: [managed-node1] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do
lsrpackages: python3-cryptography python3-pyasn1

TASK [Retrieve certificate file stats] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:38
Saturday 18 January 2025  07:59:46 -0500 (0:00:00.871)       0:00:32.576 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "atime": 1737205181.549532,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "4808e705682cf8e75dee603c746b2c3c0a870bf7",
        "ctime": 1737205181.547532,
        "dev": 51714,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 294665,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1737205181.547532,
        "nlink": 1,
        "path": "/etc/pki/tls/certs/certid_mode.crt",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1294,
        "uid": 0,
        "version": "3742225105",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if certificate file exists] ***************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:43
Saturday 18 January 2025  07:59:47 -0500 (0:00:00.383)       0:00:32.960 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate file owner and group] *********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:49
Saturday 18 January 2025  07:59:47 -0500 (0:00:00.029)       0:00:32.989 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate permissions] ******************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:59
Saturday 18 January 2025  07:59:47 -0500 (0:00:00.060)       0:00:33.050 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve key file stats] *************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:65
Saturday 18 January 2025  07:59:47 -0500 (0:00:00.041)       0:00:33.092 ****** 
ok: [managed-node1] => {
    "changed": false,
    "stat": {
        "atime": 1737205181.501533,
        "attr_flags": "",
        "attributes": [],
        "block_size": 4096,
        "blocks": 8,
        "charset": "us-ascii",
        "checksum": "e82fedcc8e86750ccb8aad7058d4d8a577b77f94",
        "ctime": 1737205181.547532,
        "dev": 51714,
        "device_type": 0,
        "executable": false,
        "exists": true,
        "gid": 0,
        "gr_name": "root",
        "inode": 12588077,
        "isblk": false,
        "ischr": false,
        "isdir": false,
        "isfifo": false,
        "isgid": false,
        "islnk": false,
        "isreg": true,
        "issock": false,
        "isuid": false,
        "mimetype": "text/plain",
        "mode": "0600",
        "mtime": 1737205181.547532,
        "nlink": 1,
        "path": "/etc/pki/tls/private/certid_mode.key",
        "pw_name": "root",
        "readable": true,
        "rgrp": false,
        "roth": false,
        "rusr": true,
        "size": 1704,
        "uid": 0,
        "version": "3137712110",
        "wgrp": false,
        "woth": false,
        "writeable": true,
        "wusr": true,
        "xgrp": false,
        "xoth": false,
        "xusr": false
    }
}

TASK [Verify if key file exists] ***********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:70
Saturday 18 January 2025  07:59:47 -0500 (0:00:00.412)       0:00:33.505 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key file owner and group] *****************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:76
Saturday 18 January 2025  07:59:47 -0500 (0:00:00.055)       0:00:33.560 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Parse certificate] *******************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:86
Saturday 18 January 2025  07:59:47 -0500 (0:00:00.132)       0:00:33.692 ****** 
ok: [managed-node1] => {
    "certificate": {
        "extensions": {
            "authorityKeyIdentifier": {
                "critical": false,
                "value": "DE:EA:B1:4B:0E:37:63:4F:5A:75:14:BB:44:2A:55:86:06:2B:5D:76"
            },
            "basicConstraints": {
                "critical": true,
                "value": {
                    "ca": false
                }
            },
            "extendedKeyUsage": {
                "critical": false,
                "value": [
                    {
                        "name": "id-kp-serverAuth",
                        "oid": "1.3.6.1.5.5.7.3.1"
                    },
                    {
                        "name": "id-kp-clientAuth",
                        "oid": "1.3.6.1.5.5.7.3.2"
                    }
                ]
            },
            "keyUsage": {
                "critical": false,
                "value": [
                    "digital_signature",
                    "key_encipherment"
                ]
            },
            "subjectAltName": {
                "critical": false,
                "value": [
                    {
                        "name": "DNS",
                        "value": "www.example.com"
                    }
                ]
            },
            "subjectKeyIdentifier": {
                "critical": false,
                "value": "16:82:11:E5:EF:5A:72:1E:C1:D5:11:34:76:1C:62:EE:C6:BC:1F:FA"
            }
        },
        "key_size": 2048,
        "signature_algorithm": {
            "algorithm": "sha256WithRSAEncryption",
            "signature": "03:49:58:54:47:E9:B8:ED:37:C9:54:CE:5C:E4:F4:52:2E:1F:74:5A:67:C6:0F:6C:82:2C:A9:4A:3F:DB:0A:27:5E:14:59:12:0D:63:63:1C:23:A3:71:D5:8D:47:1D:1C:CF:37:AC:F9:9B:16:77:60:57:CC:BC:25:CF:62:09:0F:A4:F9:77:9C:E7:BD:12:64:83:12:62:79:B7:12:98:52:FE:3C:A3:18:4A:56:FF:9B:70:3D:EF:6D:4F:9E:C2:E0:EA:84:B4:5D:24:2B:66:4B:C8:77:F7:48:94:F0:05:40:64:BB:03:C0:C3:A6:42:57:3E:61:ED:1E:4B:4E:C9:D6:96:19:1B:7C:5A:D6:D5:D3:4F:DC:4A:10:65:F3:52:28:7F:87:2A:C1:B2:E9:38:C6:7A:E3:8B:CF:AC:2F:2B:C5:96:15:EE:EA:CD:6A:58:B4:00:D0:AD:26:11:F1:85:D8:2D:31:27:11:BF:2E:A7:44:3D:E0:5F:2F:37:9B:02:DD:80:7F:0C:F2:80:32:53:5E:B7:35:0B:66:08:98:A0:AD:67:61:65:98:2B:DC:DF:68:6D:CE:74:66:4E:5C:9F:B5:EA:0C:1C:AD:96:1C:45:B7:D6:31:45:AE:3B:C9:F4:8C:8B:0E:3F:4E:0B:16:DE:EF:3D:83:2C:A0:10:D5:05:34"
        },
        "subject": [
            {
                "name": "commonName",
                "oid": "2.5.4.3",
                "value": "www.example.com"
            }
        ],
        "validity": {
            "not_valid_after": "20260118125926Z",
            "not_valid_before": "20250118125941Z"
        }
    },
    "changed": false
}

TASK [Load certificate YAML to cert_issued variable] ***************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:92
Saturday 18 January 2025  07:59:48 -0500 (0:00:00.500)       0:00:34.193 ****** 
ok: [managed-node1] => {
    "ansible_facts": {
        "cert_issued": {
            "extensions": {
                "authorityKeyIdentifier": {
                    "critical": false,
                    "value": "DE:EA:B1:4B:0E:37:63:4F:5A:75:14:BB:44:2A:55:86:06:2B:5D:76"
                },
                "basicConstraints": {
                    "critical": true,
                    "value": {
                        "ca": false
                    }
                },
                "extendedKeyUsage": {
                    "critical": false,
                    "value": [
                        {
                            "name": "id-kp-serverAuth",
                            "oid": "1.3.6.1.5.5.7.3.1"
                        },
                        {
                            "name": "id-kp-clientAuth",
                            "oid": "1.3.6.1.5.5.7.3.2"
                        }
                    ]
                },
                "keyUsage": {
                    "critical": false,
                    "value": [
                        "digital_signature",
                        "key_encipherment"
                    ]
                },
                "subjectAltName": {
                    "critical": false,
                    "value": [
                        {
                            "name": "DNS",
                            "value": "www.example.com"
                        }
                    ]
                },
                "subjectKeyIdentifier": {
                    "critical": false,
                    "value": "16:82:11:E5:EF:5A:72:1E:C1:D5:11:34:76:1C:62:EE:C6:BC:1F:FA"
                }
            },
            "key_size": 2048,
            "signature_algorithm": {
                "algorithm": "sha256WithRSAEncryption",
                "signature": "03:49:58:54:47:E9:B8:ED:37:C9:54:CE:5C:E4:F4:52:2E:1F:74:5A:67:C6:0F:6C:82:2C:A9:4A:3F:DB:0A:27:5E:14:59:12:0D:63:63:1C:23:A3:71:D5:8D:47:1D:1C:CF:37:AC:F9:9B:16:77:60:57:CC:BC:25:CF:62:09:0F:A4:F9:77:9C:E7:BD:12:64:83:12:62:79:B7:12:98:52:FE:3C:A3:18:4A:56:FF:9B:70:3D:EF:6D:4F:9E:C2:E0:EA:84:B4:5D:24:2B:66:4B:C8:77:F7:48:94:F0:05:40:64:BB:03:C0:C3:A6:42:57:3E:61:ED:1E:4B:4E:C9:D6:96:19:1B:7C:5A:D6:D5:D3:4F:DC:4A:10:65:F3:52:28:7F:87:2A:C1:B2:E9:38:C6:7A:E3:8B:CF:AC:2F:2B:C5:96:15:EE:EA:CD:6A:58:B4:00:D0:AD:26:11:F1:85:D8:2D:31:27:11:BF:2E:A7:44:3D:E0:5F:2F:37:9B:02:DD:80:7F:0C:F2:80:32:53:5E:B7:35:0B:66:08:98:A0:AD:67:61:65:98:2B:DC:DF:68:6D:CE:74:66:4E:5C:9F:B5:EA:0C:1C:AD:96:1C:45:B7:D6:31:45:AE:3B:C9:F4:8C:8B:0E:3F:4E:0B:16:DE:EF:3D:83:2C:A0:10:D5:05:34"
            },
            "subject": [
                {
                    "name": "commonName",
                    "oid": "2.5.4.3",
                    "value": "www.example.com"
                }
            ],
            "validity": {
                "not_valid_after": "20260118125926Z",
                "not_valid_before": "20250118125941Z"
            }
        }
    },
    "changed": false
}

TASK [Verify certificate subject] **********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:96
Saturday 18 January 2025  07:59:48 -0500 (0:00:00.029)       0:00:34.222 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate SAN] **************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:104
Saturday 18 January 2025  07:59:48 -0500 (0:00:00.046)       0:00:34.268 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify key size] *********************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:112
Saturday 18 January 2025  07:59:48 -0500 (0:00:00.018)       0:00:34.287 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Key Usage] ********************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:119
Saturday 18 January 2025  07:59:48 -0500 (0:00:00.039)       0:00:34.327 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Verify certificate Extended Key Usage] ***********************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:130
Saturday 18 January 2025  07:59:48 -0500 (0:00:00.046)       0:00:34.374 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

TASK [Retrieve auto-renew flag] ************************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:143
Saturday 18 January 2025  07:59:48 -0500 (0:00:00.052)       0:00:34.426 ****** 
ok: [managed-node1] => {
    "changed": false,
    "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid_mode.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'",
    "delta": "0:00:00.047769",
    "end": "2025-01-18 07:59:49.085153",
    "rc": 0,
    "start": "2025-01-18 07:59:49.037384"
}

STDOUT:

yes

TASK [Verify certificate auto-renew flag] **************************************
task path: /tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:152
Saturday 18 January 2025  07:59:49 -0500 (0:00:00.412)       0:00:34.839 ****** 
ok: [managed-node1] => {
    "changed": false
}

MSG:

All assertions passed

PLAY RECAP *********************************************************************
managed-node1              : ok=101  changed=9    unreachable=0    failed=0    skipped=24   rescued=0    ignored=0   


TASKS RECAP ********************************************************************
Saturday 18 January 2025  07:59:49 -0500 (0:00:00.033)       0:00:34.872 ****** 
=============================================================================== 
fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.60s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:23 
fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 2.47s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 
fedora.linux_system_roles.certificate : Ensure certificate requests ----- 1.70s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:101 
fedora.linux_system_roles.certificate : Ensure certificate requests ----- 1.67s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:101 
Gathering Facts --------------------------------------------------------- 1.21s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:2 
fedora.linux_system_roles.certificate : Ensure provider service is running --- 1.14s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:90 
Gathering Facts --------------------------------------------------------- 0.96s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:14 
Gathering Facts --------------------------------------------------------- 0.94s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:67 
Gathering Facts --------------------------------------------------------- 0.94s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:85 
Gathering Facts --------------------------------------------------------- 0.92s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:32 
Ensure python3 is installed --------------------------------------------- 0.87s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:28 
fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 0.85s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:23 
Ensure python3 is installed --------------------------------------------- 0.84s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:28 
Ensure python3 is installed --------------------------------------------- 0.82s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:28 
fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 0.82s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 
Ensure python3 is installed --------------------------------------------- 0.81s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:28 
fedora.linux_system_roles.certificate : Check if system is ostree ------- 0.74s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:10 
fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.74s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:35 
Ensure user exists ------------------------------------------------------ 0.73s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tests_fs_attrs.yml:5 
Retrieve auto-renew flag ------------------------------------------------ 0.61s
/tmp/collections-zyC/ansible_collections/fedora/linux_system_roles/tests/certificate/tasks/assert_certificate_parameters.yml:143