* Add write helper.
* Adjust modules (except openssl_certificate).
* Adding tests for mode (with openssl_privatekey).
* Add openssl_certificate support.
* Never, ever remove the output file before actually trying to generate new content for it.
Removal is only allowed when state=absent, or when the object has been regenerated and the result needs to be written to that place.
* Add changelog.
* Extend test.
* Raise OpenSSLBadPassphraseError if passphrase is wrong.
* Improve handling of passphrase errors.
Current behavior for modules is: if passphrase is wrong (or wrongly specified), fail.
Current behavior for openssl_privatekey is: if passphrase is worng (or wrongly specified), regenerate.
* Add changelog.
* Add tests.
* Adjustments for some versions of PyOpenSSL.
* Update lib/ansible/modules/crypto/openssl_certificate.py
Improve text.
Co-Authored-By: felixfontein <felix@fontein.de>
Currently the check() method for idempotence only assumes the public
key is under the form of a PEM file when its not always the case.
The module openssl_publickey allows one to generate OpenSSH format
publickey. This leads to idempotence not being detected.
Removing 'md5' checksum checking as simply comparing current and desired publickey does the expected job.
Signed-off-by: Satyajit Bulage <sbulage@redhat.com>
All crypto modules uses file common arguments to specify generated file
permissions. This commits aims to add the extends_documentation_fragment
in the doc so it is automatically stated.
Currently during the check phase, the code considers the file to be
a public key if the file exist - which is not necessarily true.
This commits aims to ensure that the file is actually a publickey else
returns false for the check.
The OpenSSLObject class has been merged[1]. This commit makes the
openssl_publickey rely on this class and standardize the way openssl
module should be written.
[1] #26945
Crypto namespace contains the openssl modules. It has no integration
testing as of now.
This commits aims to add integration tests for the crypto namespace.
This will make it easier to spot breaking changes in the future.
This tests currently apply to:
* openssl_privatekey
* openssl_publickey
* openssl_csr
Public key can be extracted extracted in different format from
the PEM formatted RSA pair.
This commit allows the user to specify the format s/he wants to generate
the public key:
* PEM
* OpenSSH
* openssl_publickey: Allow one to specify file permission
Allow a user to specify file permissions on the generated publickey via
the file module common arguments.
* openssl: Add documentation regarding file_common_args
Add documentation for those modules to let the user know that he can
rely on file_common_args to specify file permissions.
Changes to the metadata format were approved here:
https://github.com/ansible/proposals/issues/54
* Update documentation to the new metadata format
* Changes to metadata-tool to account for new metadata
* Add GPL license header
* Add upgrade subcommand to upgrade metadata version
* Change default metadata to the new format
* Fix exclusion of non-modules from the metadata report
* Fix ansible-doc for new module metadata
* Exclude metadata version from ansible-doc output
* Fix website docs generation for the new metadata
* Update metadata schema in valiate-modules test
* Update the metadata in all modules to the new version
* Update validate-modules
* Validates ANSIBLE_METADATA
* Ensures imports happen after documentation vars
* Some pep8 cleanup
* Clean up some left over unneeded code
* Update modules for new module guidelines and validate-modules checks
* Update imports for ec2_vpc_route_table and ec2_vpc_nat_gateway
