a581f1ebcd
Remove other deprecations ( #290 )
...
* Remove deprecated redirects.
* Remove deprecations.
* Add changelog fragment.
* Add some forgotten pieces.
* Bump version to 2.0.0.
* Fix formulation.
2021-10-16 21:00:48 +02:00
5f1efb6f7e
Remove assertonly ( #289 )
...
* Remove assertonly backend.
* Remove assertonly tests.
* The expired test is basically a test of assertonly.
* Replace assertonly verification by _info + assert.
2021-10-10 10:24:00 +02:00
9658a34605
Replace ansible.module_utils._text by ansible.module_utils.common.text.converters. ( #253 )
2021-06-26 13:45:28 +02:00
376d7cde12
Avoid crash in check mode ( #243 )
...
* Do not let AnsibleModule crash when setting permissions on not yet existing files in check mode.
* Add tests.
* Fix bugs.
2021-06-02 16:44:26 +02:00
b2e13d3c03
Documentation: fix modules formatting ( #161 )
...
* Documentation: fix modules formatting
* Apply suggestions from code review
* Fix sanity
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-12-19 17:15:10 +01:00
69335a8bac
Refactor x509_certificate module, add x509_certificate_pipe module ( #135 )
...
* Move documentation to doc fragment.
* Prepare module backends.
* Linting.
* Fix comments.
* First shot at actually moving code.
* Forgot SKI check.
* Remove unused imports.
* Improve check mode.
* Fix 'returned'.
* Move csr_* checks.
* Explicitly specify parameter.
* Add x509_certificate_pipe module.
* Update other seealsos.
* Forgot to remove doc fragment.
* Adjust to work with macOS 10.15.
* Update plugins/module_utils/crypto/module_backends/certificate_entrust.py
Co-authored-by: Chris Trufan <31186388+ctrufan@users.noreply.github.com>
* Add changelog fragments for entrust bugfix and module refactorings.
* Restore old behavior of Entrust backend when existing certificate cannot be parsed.
* Update plugins/modules/x509_certificate_pipe.py
Co-authored-by: Chris Trufan <31186388+ctrufan@users.noreply.github.com>
* Remove Entrust provider from x509_certificate_pipe for now.
* Add own CA tests.
* One more fix for Entrust provider, when csr_content is used.
* Update plugins/modules/x509_certificate_pipe.py
Co-authored-by: Chris Trufan <31186388+ctrufan@users.noreply.github.com>
* Fix another broken example.
* Revert "Remove Entrust provider from x509_certificate_pipe for now."
This reverts commit 6ee5d7d4f99f0fe2218276a2d3f1f38b676c29b9.
* ci_complete
* Apply suggestions from code review
Co-authored-by: MarkusTeufelberger <mteufelberger@mgit.at>
* Improve example.
* Improve readability of example, add another one.
* Extend descriptions of csr_* for selfsigned.
* Improve documentation.
* Move deprecation message up.
* Explain empty choices.
Co-authored-by: Chris Trufan <31186388+ctrufan@users.noreply.github.com>
Co-authored-by: MarkusTeufelberger <mteufelberger@mgit.at>
2020-11-24 17:21:52 +01:00
9792188b0e
Refactor openssl_csr module, add openssl_csr_pipe module ( #123 )
...
* Extract doc fragment from openssl_csr.
* Refactor openssl_csr module into backend + module.
* Add openssl_csr_pipe module.
* Add seealso references.
* ...
* Use /dev/stdin instead of -, which seems to be only supported by newer openssl versions.
* Bump version.
* DRY: use select_message_digest.
* Fix deprecation version in docs.
* Docs improvements.
* Improve argument spec handling for module backends.
* Linting.
* Fix linting problems by using kwargs.
2020-10-27 12:37:40 +01:00
fd7871ae7d
Allow to run x509_certificate selfsigned provider without providing a CSR ( #129 )
...
* Allow to run x509_certificate selfsigned provider without providing a CSR.
* Add missing prefixes (unrelated).
2020-10-19 18:09:40 +02:00
233d1afc29
CVE-2020-25646: no_log=True missing for private key content options ( #125 )
...
* Mark private key content options as no_log (CVE-2020-25646.)
* Mention no_log for openssl_privatekey's return_content option.
* Add change PR's URL.
* Plural.
2020-10-13 14:14:05 +02:00
430c6d0c1a
Increase # of bits for random serial numbers of certificates with PyOpenSSL backend ( #90 )
...
* Increase # of bits for random serial numbers of certificates with PyOpenSSL backend.
* Adjust algorithm to return a random number between 1000 and 2^160-1.
2020-08-18 16:34:01 +02:00
f404031d01
Fix FQCNs ( #83 )
2020-07-08 21:37:33 +02:00
5b8cd4944b
x509_certificate: Update docs for macOS 10.15 requirements ( #78 )
...
selfsigned_not_after and ownca_not_after values for macOS 10.15,
can be +825d. Updated the docs accordingly.
Migrated from ansible/ansible#64563
Thanks to Sironheart
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-01 15:28:50 +02:00
390cb1ccc1
Prepare release ( #75 )
...
* Improve changelog generator config.
* We don't have docs at that URL.
* Require Ansible(-base) 2.9.10 or newer.
Needed for deprecation syntax.
* Update all deprecations from Ansible 2.1x to community.crypto 2.0.0.
* Forgot to check in fixes.
* Shorten lines.
* Fix unit test requirements.
* Fix YAML strings which only had a closing quote.
* Galaxy neither likes uppercase nor spaces in tags.
* General README improvements.
* Add roadmap section to README.
* Next release will be 1.0.0.
* Extend using instructions.
* Tags with dashes are also not allowed.
* Fix changelog link.
2020-07-01 13:49:25 +02:00
109edecd78
Add version_added: 1.0.0 for all new features. ( #37 )
2020-06-29 15:21:35 +02:00
cb384443e4
cryptography backend: parse dirName, RID and otherName names ( #9 )
2020-06-21 22:47:48 +02:00
cc45650e82
Use fqcn for modules listed in M() and seealso. ( #72 )
2020-06-17 10:29:18 +02:00
9e5969a644
Remove ANSIBLE_METADATA from modules. ( #49 )
2020-05-14 13:22:12 +02:00
9a096dd146
Refactor module_utils/crypto.py ( #27 )
...
* Refactor module_utils/crypto.py: split up into multiple smaller modules
* Remove superfluous files.
* Fix sanity errors.
* Move CRL entry dumping code to module_utils.
* Move obj2txt usage from CRL modules to module_utils/crpyto/cryptography_crl.
* Move generic I/O functions to plugins/module_utils/io.py.
* Add helper method for retrieving serial number of certificate.
* Add compatibility code into __init__.py.
* Fix syntax error, and add ignore.txt entries for non-empty __init__.
2020-05-12 11:19:42 +02:00
5a6858472c
Remove version_added from return values. ( #28 )
2020-04-13 23:59:40 +02:00
f7dbd61fa7
Rename openssl_certificate* to x509_certificate* ( #7 )
...
* Rename openssl_certificate* to x509_certificate*.
* Update README.
* Add redirects.
* Also print warnings when using Ansible 2.9.
* Adjust ignore-2.9.txt.
* Update documentation.
2020-04-06 14:34:24 +02:00
Felix Fontein
Andrew Klychkov
Baptiste Mille-Mathias
Abhijeet Kasurde
Toshio Kuratomi