Verified Commit 5aafd651 authored by Pierre-Louis Bonicoli's avatar Pierre-Louis Bonicoli 🏗
Browse files

hardcode dh parameters: reduce test execution time

DH parameter generation takes too much time:

    21:21:42 TASK [Generate DH Parameters (2048 bits)]
    21:21:42 task path: pilou-/ansible-role-burp/molecule/common/prepare.yml:9
    21:21:42 <molecule-burp-server> ESTABLISH kubectl CONNECTION
    [...]
    21:21:45 <molecule-burp-server> EXEC ['/usr/bin/kubectl', 'exec',
        '-i', 'molecule-burp-server', '--', '/bin/sh', '-c',
        "/bin/sh -c 'python3 ansible-tmp/AnsiballZ_openssl_dhparam.py && sleep 0'"]
    21:26:25 <molecule-burp-server> EXEC ['/usr/bin/kubectl', 'exec',
        '-i', 'molecule-burp-server', '--', '/bin/sh', '-c',
        "/bin/sh -c 'rm -f -r ansible-tmp/ > /dev/null 2>&1 && sleep 0'"]
parent 15ebc8de
......@@ -20,6 +20,15 @@ provisioner:
group_vars:
all:
ansible_python_interpreter: /usr/bin/python3
dh_param: |
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEA6pHZF7WhpXa2td3M8YjydkMlGkyaLx4ZwPi/+u74m9wDxH4ee0nv
VPJkjw6kleyhcQ1LYJ73cBVqy3m5XGE0h4GdrosikN+G2ieMJC5X5ABSKMst9SS1
I+AJHtO3oYi8KYceAOYSiSgNB0aIuCPdCGU03dBZic1KtDKGh2jA+EyXZrQIy9hS
nrA0NXx1obmYDqBnbIwtfWcT907Qi9uSUtyKAHJIDTYPs0sFRw4GiCIeGVvlNWcR
FMtc98YkavW9+6h0EY6ItwfL2dWDy3bdZ5DWhA1+k40dUEiPZWHITLO9RJowSUdf
BruD9drj92v11PPTvS8RneFWW/6v/2vkmwIBAg==
-----END DH PARAMETERS-----
host_vars:
molecule-burp-client:
canary: foobar
......
......@@ -9,7 +9,7 @@
CA: '{{ ca["content"] | b64decode }}'
cert: '{{ server_cert["content"] | b64decode }}'
key: '{{ server_key["content"] | b64decode }}'
DH: '{{ dh["content"] | b64decode }}'
DH: '{{ dh_param }}'
pre_tasks:
- name: Fetch CA
slurp:
......@@ -26,11 +26,6 @@
src: /tmp/server_privatekey.pem
register: server_key
- name: Fetch DH param
slurp:
src: /tmp/dhparams.pem
register: dh
- name: Fetch client certificate
slurp:
src: /tmp/client.pem
......@@ -54,7 +49,7 @@
CA: '{{ hostvars["molecule-burp-server"]["ca"]["content"] | b64decode }}'
cert: '{{ hostvars["molecule-burp-server"]["server_cert"]["content"] | b64decode }}'
key: '{{ hostvars["molecule-burp-server"]["server_key"]["content"] | b64decode }}'
DH: '{{ hostvars["molecule-burp-server"]["dh"]["content"] | b64decode }}'
DH: '{{ dh_param }}'
burp_clients:
_server: *burp_server
testuser:
......
......@@ -6,11 +6,6 @@
name: python3-openssl
cache_valid_time: 86400
- name: Generate DH Parameters (2048 bits)
openssl_dhparam:
path: /tmp/dhparams.pem
size: 2048
- name: Generate privatekeys
openssl_privatekey:
path: '/tmp/{{ item }}_privatekey.pem'
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment