From 98a6d4b2e1a0228032e26c17e9bcc00eec35799d Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Wed, 23 Nov 2016 18:27:07 +0200
Subject: [PATCH] - Move DH params test from Testinfra to post_tasks to
 workaround a limitation when running tests with Docker.

---
 tests/playbook.yml     | 10 ++++++++++
 tests/test_ca_store.py |  6 ------
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/tests/playbook.yml b/tests/playbook.yml
index 00745b7..7a44200 100644
--- a/tests/playbook.yml
+++ b/tests/playbook.yml
@@ -5,3 +5,13 @@
 
 - hosts: all
   roles: [ ca-store ]
+  post_tasks:
+      - name: Get DH params bit count
+        dhparams:
+            path: /etc/ssl/dhparams.pem
+        register: ca_store_test_dhparams
+
+      - name: Verify high bit count DH params
+        assert:
+            that:
+                - ca_store_test_dhparams.bits >= 2048
diff --git a/tests/test_ca_store.py b/tests/test_ca_store.py
index d2929b5..f8d6ad5 100644
--- a/tests/test_ca_store.py
+++ b/tests/test_ca_store.py
@@ -49,12 +49,6 @@ def test_update_ca_certificates(File, Ansible, Command, Sudo,
         assert Command(filename).rc == 0
 
 
-def test_dh_params(File, Ansible):
-    assert File('/etc/ssl/dhparams.pem').is_file
-    assert int(Ansible('dhparams', 'path=/etc/ssl/dhparams.pem')[
-        "bits"]) >= 2048
-
-
 def test_snakeoil_cert(File):
     assert File('/etc/ssl/certs/ssl-cert-snakeoil.pem').is_file
 
-- 
GitLab