diff --git a/CHANGELOG.rst b/CHANGELOG.rst index d86951c9..f75d2a17 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,49 @@ Community Crypto Release Notes .. contents:: Topics +v1.7.0 +====== + +Release Summary +--------------- + +Regular feature and bugfix release. + +Minor Changes +------------- + +- cryptography_openssh module utils - new module_utils for managing asymmetric keypairs and OpenSSH formatted/encoded asymmetric keypairs (https://github.com/ansible-collections/community.crypto/pull/213). +- openssh_keypair - added ``backend`` parameter for selecting between the cryptography library or the OpenSSH binary for the execution of actions performed by ``openssh_keypair`` (https://github.com/ansible-collections/community.crypto/pull/236). +- openssh_keypair - added ``passphrase`` parameter for encrypting/decrypting OpenSSH private keys (https://github.com/ansible-collections/community.crypto/pull/225). +- openssl_csr - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). +- openssl_csr_info - now returns ``public_key_type`` and ``public_key_data`` (https://github.com/ansible-collections/community.crypto/pull/233). +- openssl_csr_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/204). +- openssl_csr_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). +- openssl_pkcs12 - added option ``select_crypto_backend`` and a ``cryptography`` backend. This requires cryptography 3.0 or newer, and does not support the ``iter_size`` and ``maciter_size`` options (https://github.com/ansible-collections/community.crypto/pull/234). +- openssl_privatekey - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). +- openssl_privatekey_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/205). +- openssl_privatekey_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). +- openssl_publickey - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). +- x509_certificate - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). +- x509_certificate_info - now returns ``public_key_type`` and ``public_key_data`` (https://github.com/ansible-collections/community.crypto/pull/233). +- x509_certificate_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/206). +- x509_certificate_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). +- x509_crl - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). +- x509_crl_info - add ``list_revoked_certificates`` option to avoid enumerating all revoked certificates (https://github.com/ansible-collections/community.crypto/pull/232). +- x509_crl_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/203). + +Bugfixes +-------- + +- openssh_keypair - fix ``check_mode`` to populate return values for existing keypairs (https://github.com/ansible-collections/community.crypto/issues/113, https://github.com/ansible-collections/community.crypto/pull/230). +- various modules - prevent crashes when modules try to set attributes on not yet existing files in check mode. This will be fixed in ansible-core 2.12, but it is not backported to every Ansible version we support (https://github.com/ansible-collections/community.crypto/issue/242, https://github.com/ansible-collections/community.crypto/pull/243). +- x509_certificate - fix crash when ``assertonly`` provider is used and some error conditions should be reported (https://github.com/ansible-collections/community.crypto/issues/240, https://github.com/ansible-collections/community.crypto/pull/241). + +New Modules +----------- + +- openssl_publickey_info - Provide information for OpenSSL public keys + v1.6.2 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 2caf20cd..3b9be133 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -394,3 +394,77 @@ releases: - 1.6.2.yml - 221-acme-meta.yml release_date: '2021-04-28' + 1.7.0: + changes: + bugfixes: + - openssh_keypair - fix ``check_mode`` to populate return values for existing + keypairs (https://github.com/ansible-collections/community.crypto/issues/113, + https://github.com/ansible-collections/community.crypto/pull/230). + - various modules - prevent crashes when modules try to set attributes on not + yet existing files in check mode. This will be fixed in ansible-core 2.12, + but it is not backported to every Ansible version we support (https://github.com/ansible-collections/community.crypto/issue/242, + https://github.com/ansible-collections/community.crypto/pull/243). + - x509_certificate - fix crash when ``assertonly`` provider is used and some + error conditions should be reported (https://github.com/ansible-collections/community.crypto/issues/240, + https://github.com/ansible-collections/community.crypto/pull/241). + minor_changes: + - cryptography_openssh module utils - new module_utils for managing asymmetric + keypairs and OpenSSH formatted/encoded asymmetric keypairs (https://github.com/ansible-collections/community.crypto/pull/213). + - openssh_keypair - added ``backend`` parameter for selecting between the cryptography + library or the OpenSSH binary for the execution of actions performed by ``openssh_keypair`` + (https://github.com/ansible-collections/community.crypto/pull/236). + - openssh_keypair - added ``passphrase`` parameter for encrypting/decrypting + OpenSSH private keys (https://github.com/ansible-collections/community.crypto/pull/225). + - openssl_csr - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, + https://github.com/ansible-collections/community.crypto/pull/150). + - openssl_csr_info - now returns ``public_key_type`` and ``public_key_data`` + (https://github.com/ansible-collections/community.crypto/pull/233). + - openssl_csr_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/204). + - openssl_csr_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, + https://github.com/ansible-collections/community.crypto/pull/150). + - openssl_pkcs12 - added option ``select_crypto_backend`` and a ``cryptography`` + backend. This requires cryptography 3.0 or newer, and does not support the + ``iter_size`` and ``maciter_size`` options (https://github.com/ansible-collections/community.crypto/pull/234). + - openssl_privatekey - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, + https://github.com/ansible-collections/community.crypto/pull/150). + - openssl_privatekey_info - refactor module to allow code re-use for diff mode + (https://github.com/ansible-collections/community.crypto/pull/205). + - openssl_privatekey_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, + https://github.com/ansible-collections/community.crypto/pull/150). + - openssl_publickey - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, + https://github.com/ansible-collections/community.crypto/pull/150). + - x509_certificate - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, + https://github.com/ansible-collections/community.crypto/pull/150). + - x509_certificate_info - now returns ``public_key_type`` and ``public_key_data`` + (https://github.com/ansible-collections/community.crypto/pull/233). + - x509_certificate_info - refactor module to allow code re-use for diff mode + (https://github.com/ansible-collections/community.crypto/pull/206). + - x509_certificate_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, + https://github.com/ansible-collections/community.crypto/pull/150). + - x509_crl - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, + https://github.com/ansible-collections/community.crypto/pull/150). + - x509_crl_info - add ``list_revoked_certificates`` option to avoid enumerating + all revoked certificates (https://github.com/ansible-collections/community.crypto/pull/232). + - x509_crl_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/203). + release_summary: Regular feature and bugfix release. + fragments: + - 1.7.0.yml + - 150-diff.yml + - 203-x509_crl_info.yml + - 204-openssl_csr_info.yml + - 205-openssl_privatekey_info.yml + - 206-x509_certificate_info.yml + - 213-cryptography-openssh-module-utils.yml + - 225-openssh-keypair-passphrase.yml + - 230-openssh_keypair-check_mode-return-values.yml + - 232-x509_crl_info-list_revoked_certificates.yml + - 233-public-key-info.yml + - 234-openssl_pkcs12-cryptography.yml + - 236-openssh_keypair-backends.yml + - 241-x509_certificate-assertonly.yml + - 243-permission-check-crash.yml + modules: + - description: Provide information for OpenSSL public keys + name: openssl_publickey_info + namespace: '' + release_date: '2021-06-02' diff --git a/changelogs/fragments/1.7.0.yml b/changelogs/fragments/1.7.0.yml deleted file mode 100644 index c1cd23f0..00000000 --- a/changelogs/fragments/1.7.0.yml +++ /dev/null @@ -1 +0,0 @@ -release_summary: Regular feature and bugfix release. diff --git a/changelogs/fragments/150-diff.yml b/changelogs/fragments/150-diff.yml deleted file mode 100644 index ed491173..00000000 --- a/changelogs/fragments/150-diff.yml +++ /dev/null @@ -1,9 +0,0 @@ -minor_changes: -- openssl_csr - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). -- openssl_csr_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). -- openssl_privatekey - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). -- openssl_privatekey_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). -- openssl_publickey - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). -- x509_certificate - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). -- x509_certificate_pipe - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). -- x509_crl - add diff mode (https://github.com/ansible-collections/community.crypto/issues/38, https://github.com/ansible-collections/community.crypto/pull/150). diff --git a/changelogs/fragments/203-x509_crl_info.yml b/changelogs/fragments/203-x509_crl_info.yml deleted file mode 100644 index 341663ad..00000000 --- a/changelogs/fragments/203-x509_crl_info.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "x509_crl_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/203)." diff --git a/changelogs/fragments/204-openssl_csr_info.yml b/changelogs/fragments/204-openssl_csr_info.yml deleted file mode 100644 index b7ee3289..00000000 --- a/changelogs/fragments/204-openssl_csr_info.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "openssl_csr_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/204)." diff --git a/changelogs/fragments/205-openssl_privatekey_info.yml b/changelogs/fragments/205-openssl_privatekey_info.yml deleted file mode 100644 index bca0214b..00000000 --- a/changelogs/fragments/205-openssl_privatekey_info.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "openssl_privatekey_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/205)." diff --git a/changelogs/fragments/206-x509_certificate_info.yml b/changelogs/fragments/206-x509_certificate_info.yml deleted file mode 100644 index 031736b9..00000000 --- a/changelogs/fragments/206-x509_certificate_info.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "x509_certificate_info - refactor module to allow code re-use for diff mode (https://github.com/ansible-collections/community.crypto/pull/206)." diff --git a/changelogs/fragments/213-cryptography-openssh-module-utils.yml b/changelogs/fragments/213-cryptography-openssh-module-utils.yml deleted file mode 100644 index 05abf1d6..00000000 --- a/changelogs/fragments/213-cryptography-openssh-module-utils.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - cryptography_openssh module utils - new module_utils for managing asymmetric keypairs and OpenSSH formatted/encoded asymmetric keypairs (https://github.com/ansible-collections/community.crypto/pull/213). diff --git a/changelogs/fragments/225-openssh-keypair-passphrase.yml b/changelogs/fragments/225-openssh-keypair-passphrase.yml deleted file mode 100644 index 2b10bd21..00000000 --- a/changelogs/fragments/225-openssh-keypair-passphrase.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - openssh_keypair - added ``passphrase`` parameter for encrypting/decrypting OpenSSH private keys (https://github.com/ansible-collections/community.crypto/pull/225). diff --git a/changelogs/fragments/230-openssh_keypair-check_mode-return-values.yml b/changelogs/fragments/230-openssh_keypair-check_mode-return-values.yml deleted file mode 100644 index c52e293a..00000000 --- a/changelogs/fragments/230-openssh_keypair-check_mode-return-values.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - openssh_keypair - fix ``check_mode`` to populate return values for existing keypairs (https://github.com/ansible-collections/community.crypto/issues/113, https://github.com/ansible-collections/community.crypto/pull/230). diff --git a/changelogs/fragments/232-x509_crl_info-list_revoked_certificates.yml b/changelogs/fragments/232-x509_crl_info-list_revoked_certificates.yml deleted file mode 100644 index cd30978d..00000000 --- a/changelogs/fragments/232-x509_crl_info-list_revoked_certificates.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "x509_crl_info - add ``list_revoked_certificates`` option to avoid enumerating all revoked certificates (https://github.com/ansible-collections/community.crypto/pull/232)." diff --git a/changelogs/fragments/233-public-key-info.yml b/changelogs/fragments/233-public-key-info.yml deleted file mode 100644 index 42c36a6f..00000000 --- a/changelogs/fragments/233-public-key-info.yml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: -- "openssl_csr_info - now returns ``public_key_type`` and ``public_key_data`` (https://github.com/ansible-collections/community.crypto/pull/233)." -- "x509_certificate_info - now returns ``public_key_type`` and ``public_key_data`` (https://github.com/ansible-collections/community.crypto/pull/233)." diff --git a/changelogs/fragments/234-openssl_pkcs12-cryptography.yml b/changelogs/fragments/234-openssl_pkcs12-cryptography.yml deleted file mode 100644 index d6bf9da7..00000000 --- a/changelogs/fragments/234-openssl_pkcs12-cryptography.yml +++ /dev/null @@ -1,4 +0,0 @@ -minor_changes: -- "openssl_pkcs12 - added option ``select_crypto_backend`` and a ``cryptography`` backend. - This requires cryptography 3.0 or newer, and does not support the ``iter_size`` and ``maciter_size`` options - (https://github.com/ansible-collections/community.crypto/pull/234)." diff --git a/changelogs/fragments/236-openssh_keypair-backends.yml b/changelogs/fragments/236-openssh_keypair-backends.yml deleted file mode 100644 index ea71951b..00000000 --- a/changelogs/fragments/236-openssh_keypair-backends.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - openssh_keypair - added ``backend`` parameter for selecting between the cryptography library or the OpenSSH binary for the execution of actions performed by ``openssh_keypair`` (https://github.com/ansible-collections/community.crypto/pull/236). diff --git a/changelogs/fragments/241-x509_certificate-assertonly.yml b/changelogs/fragments/241-x509_certificate-assertonly.yml deleted file mode 100644 index abf64357..00000000 --- a/changelogs/fragments/241-x509_certificate-assertonly.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- "x509_certificate - fix crash when ``assertonly`` provider is used and some error conditions should be reported (https://github.com/ansible-collections/community.crypto/issues/240, https://github.com/ansible-collections/community.crypto/pull/241)." diff --git a/changelogs/fragments/243-permission-check-crash.yml b/changelogs/fragments/243-permission-check-crash.yml deleted file mode 100644 index e24cc81f..00000000 --- a/changelogs/fragments/243-permission-check-crash.yml +++ /dev/null @@ -1,4 +0,0 @@ -bugfixes: -- "various modules - prevent crashes when modules try to set attributes on not yet existing files in check mode. - This will be fixed in ansible-core 2.12, but it is not backported to every Ansible version we support - (https://github.com/ansible-collections/community.crypto/issue/242, https://github.com/ansible-collections/community.crypto/pull/243)."