5e59c5261e
Fix documentation. ( #751 )
2024-05-05 19:57:32 +02:00
aa82575a78
ACME modules: simplify code, refactor argspec handling code, move csr/csr_content to own docs fragment ( #750 )
...
* Fix bug in argspec module util.
* Move csr / csr_content to new docs fragment.
* Simplify code.
* Refactor ACME argspec creation. Add with_certificate argument for new CERTIFICATE docs fragment.
2024-05-05 14:37:52 +02:00
f3c9cb7a8a
Refactor and extend argument spec helper, use for ACME modules ( #749 )
...
* Refactor argument spec helper.
* Remove superfluous comments.
2024-05-05 09:42:42 +00:00
f82b335916
Avoid exception if certificate has no AKI in acme_certificate. ( #748 )
...
Shouldn't happen since CA-issued certs should always have AKI,
but better be safe than sorry.
2024-05-05 09:43:29 +02:00
553ab45f46
ACME: improve acme_certificate docs, include cert_id in acme_certificate_renewal_info return value ( #747 )
...
* Use community.dns.quote_txt filter instead of regex replace to quote TXT entry value.
* Fix documentation of acme_certificate's challenge_data return value.
* Also return cert_id from acme_certificate_renewal_info module.
* The cert ID cannot be computed if the certificate has no AKI.
This happens with older Pebble versions, which are used when
testing against older ansible-core/-base/Ansible versions.
* Fix AKI extraction for older OpenSSL versions.
2024-05-04 23:38:57 +02:00
59606d48ad
Add acme_certificate_renewal_info module ( #746 )
...
* Allow to provide cert_info object to get_renewal_info().
* Add acme_certificate_renewal_info module.
* Allow to provide value for 'now'.
* Actually append msg_append.
* Fix bug in module timestamp param parsing, and add tests.
2024-05-04 15:47:42 +02:00
0a15be1017
Refactor time code, add tests, fix bug when parsing absolute timestamps that omit seconds ( #745 )
...
* Add time module utils.
* Add time helpers to ACME backend.
* Add changelog fragment.
* ACME timestamp parser: do not choke on nanoseconds.
2024-05-03 22:25:39 +02:00
9501a28a93
Add tests for acme_certificate_deactivate_authz module. ( #744 )
2024-05-01 11:30:07 +02:00
d906914737
Create acme_certificate_deactivate_authz module ( #741 )
...
* Create acme_certificate_deactivate_authz module.
* Add ACME version check.
2024-05-01 10:32:03 +02:00
33d278ad8f
acme_certificate: allow to request renewal of a certificate according to ARI ( #739 )
...
* Allow to request renewal of a certificate according to ARI in acme_certificate.
* Improve docs.
* Fix typo and use right object.
* Add warning.
2024-04-30 10:47:49 +02:00
6d4fc589ae
Implement basic acme_ari_info module. ( #732 )
2024-04-30 08:47:24 +02:00
9614b09f7a
Add function for retrieval of ARI information. ( #738 )
2024-04-29 23:37:55 +02:00
af5f4b57f8
acme module utils: add functions for parsing Retry-After header values and computation of ARI certificate IDs ( #737 )
...
* Implement Retry-After value parse.
* Add cert ID computation function.
* Add tests and links to MDN.
2024-04-29 23:06:35 +02:00
c6fbe58382
Implement certificate information retrieval code in the ACME backends. ( #736 )
2024-04-29 22:29:43 +02:00
afe7f7522c
Split up the default acme docs fragment to allow modules ot not need account data. ( #735 )
2024-04-29 22:22:38 +02:00
0c62837296
crypto.math module utils: add some tests, fix quick_is_not_prime() for small primes ( #733 )
...
* Fix quick_is_not_prime() for small primes. Add some tests.
* Fix return value of convert_int_to_bytes(0, 0) on Python 2.
* Add some more test cases.
* Simplify the changelog and point out that these errors only happen for cases not happening in regular use.
2024-04-29 08:50:28 +02:00
d71637c77d
Arch Linux switched to Python 3.12. ( #731 )
2024-04-28 15:20:03 +00:00
3899f79f97
Next expected release will be 2.20.0.
2024-04-20 12:06:08 +02:00
8ce0051f9b
Release 2.19.0.
2024-04-20 11:48:34 +02:00
4be691da50
Include changelog in docsite. ( #729 )
2024-04-18 12:22:34 +02:00
8fe012cf09
Prepare 2.19.0 release.
2024-04-18 07:51:28 +02:00
27a9ff14fb
Add x509_certificate_convert module. ( #728 )
2024-04-18 05:50:36 +00:00
ae548de502
Use timezone aware functionality when using cryptography >= 42.0.0 ( #727 )
...
* Use timezone aware functionality when using cryptography >= 42.0.0.
* Adjust OpenSSH certificate code to avoid functions deprecated in Python 3.12.
* Strip timezone info from isoformat() output.
* InvalidityDate.invalidity_date currently has no _utc variant.
2024-04-18 05:49:53 +00:00
1b75f1aa9c
Add and use CryptoBackend.get_ordered_csr_identifiers(). ( #725 )
2024-04-13 22:43:14 +02:00
7e33398d5c
ansible-core devel dropped support for Python 3.7. ( #722 )
2024-04-05 07:49:15 +02:00
50c2c4db29
CI: Add stable-2.17; copy ignore.txt files from 2.17 to 2.18; move stable-2.14 from AZP to GHA ( #721 )
...
* Add stable-2.17 to CI; copy ignore files from 2.17 to 2.18.
* Move stable-2.14 from AZP to GHA.
2024-04-03 08:32:16 +02:00
ee0ceea118
Move Alpine 3.18 docker to stable-2.16, add Alpine 3.19 docker, bump Alpine VM to 3.19. ( #720 )
2024-03-22 12:48:40 +01:00
b98cec74ae
Add FreeBSD 13.3 and 14.0 for devel, move FreeBSD 13.2 to stable-2.16. ( #719 )
2024-03-21 21:58:37 +01:00
05cc5fe82b
Add macOS 14.3 for devel, move 13.2 to stable-2.16. ( #718 )
2024-03-12 08:02:23 +01:00
fad3c1352b
Bump fsfe/reuse-action from 2 to 3 ( #717 )
...
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action ) from 2 to 3.
- [Release notes](https://github.com/fsfe/reuse-action/releases )
- [Commits](https://github.com/fsfe/reuse-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: fsfe/reuse-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-04 06:23:55 +01:00
4167d2c4b3
Next expected release will be 2.19.0.
2024-02-25 21:32:06 +01:00
ff1504dc58
Release 2.18.0.
2024-02-25 20:57:38 +01:00
08adb6b297
Deprecate check mode behavior of pipe modules. ( #714 )
2024-02-25 17:00:37 +01:00
42ba0a88f4
Prepare 2.18.0.
2024-02-23 20:07:06 +01:00
1736602ce7
Allow to configure how serial numbers are provided to x509_crl. ( #715 )
2024-02-19 21:05:13 +01:00
6b1a3d6e68
Add conversion filters for serial numbers ( #713 )
...
* Refactoring.
* Add parse_filter and to_filter plugins.
* Mention filters when serial numbers are accepted or returned.
2024-02-18 21:27:48 +01:00
51591891d3
luks_device: fix remove_keyslot not working when set to 0 and duplicate keys ( #710 )
...
* luks_device: fix remove_keyslot not working when set to 0
* luks_device: fix module outputting 'ok' when trying to add a key that is already present in another keyslot
* luks_device: fix breaking unit tests
* luks_device: Duplicate key test case code cleanup
* luks_device: Fix testing of LUKS passphrases when only testing one key slot
* luks_device: Fix testing of LUKS passphrases when only testing one key slot
* luks_device: Add changelog fragment for PR #710
* luks_device: Update changlog fragment
2024-02-11 12:23:21 +01:00
d1a229c255
Add MarkDown changelog and use it by default. ( #708 )
2024-02-09 13:08:12 +01:00
d9698a6eff
Next expected release is 2.18.0.
2024-01-27 12:47:38 +01:00
37fed289e6
Release 2.17.1.
2024-01-27 10:44:08 +01:00
9ec8680936
Emit warning when consistency cannot be checked. ( #705 )
2024-01-27 10:39:13 +01:00
87af1f2761
Disable consistency checking of RSA keys for cryptography 42.0.0 which no longer gives access to the required function. ( #702 )
2024-01-26 17:47:46 +01:00
da30487119
Prepare 2.17.1 release.
2024-01-25 23:52:22 +01:00
b57aa4a2ca
Fix openssl_dhparam. ( #698 )
2024-01-25 23:42:03 +01:00
a5f5ea1128
Next expected release is 2.18.0.
2024-01-21 09:29:10 +01:00
91dd7cd4dc
Release 2.17.0.
2024-01-21 09:03:37 +01:00
2913826352
Prepare 2.17.0 release.
2024-01-21 08:46:32 +01:00
0bc15598d7
Simplifiy workflows. ( #696 )
2024-01-17 23:14:53 +01:00
fb3f68ca96
Use import galaxy workflow from https://github.com/ansible-collections/community.docker/pull/754 . ( #694 )
2024-01-13 17:08:03 +01:00
a4edf22a9c
add allow discard option for luks devices ( #693 )
...
* add allow discard option for luks devices
* Add allow_discards to perfomance tests
* Fix version for luks devices doc
* Update plugins/modules/luks_device.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* add changelog fragment
* Update changelogs/fragments/693-allow-discards.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* added allow_discards to the persistently stored option list
* allow_discards works with not only luks2 containers
* Update plugins/modules/luks_device.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
2024-01-13 09:34:07 +01:00
Felix Fontein
dependabot[bot]
Steffen Gufler
0x00ace