* Remove Entrust modules and certificate providers.
* Add more information on Entrust removal.
* Remove Entrust content from ignore.txt files.
* Work around bug in ansible-test.
* Look at possibly-used-before-assignment.
* Use latest beta releases of ansible-core 2.19 for mypy and pylint.
* Look at unsupported-*.
* Look at unknown-option-value.
* Look at redefined-builtin.
* Look at superfluous-parens.
* Look at unspecified-encoding.
* Adjust to new cryptography version and to ansible-core 2.17's pylint.
* Look at super-with-arguments.
* Look at no-else-*.
* Look at try-except-raise.
* Look at inconsistent-return-statements.
* Look at redefined-outer-name.
* Look at redefined-argument-from-local.
* Look at attribute-defined-outside-init.
* Look at unused-variable.
* Look at protected-access.
* Look at raise-missing-from.
* Look at arguments-differ.
* Look at useless-suppression and use-symbolic-message-instead.
* Look at consider-using-dict-items.
* Look at consider-using-in.
* Look at consider-using-set-comprehension.
* Look at consider-using-with.
* Look at use-dict-literal.
* Enable basic type checking.
* Fix first errors.
* Add changelog fragment.
* Add types to module_utils and plugin_utils (without module backends).
* Add typing hints for acme_* modules.
* Add typing to X.509 certificate modules, and add more helpers.
* Add typing to remaining module backends.
* Add typing for action, filter, and lookup plugins.
* Bump ansible-core 2.19 beta requirement for typing.
* Add more typing definitions.
* Add typing to some unit tests.
* Create script to reproduce certs.
* Recreate the certificates and update the tests.
* Anonymize certificates.
* Make mostly reproducable by storing the private keys.
I've tried to hide the private keys so that 'security checkers' won't find them
and won't complain. Let's see whether that works...
* Provide error information.
* Add helper function for order creation retrying.
* Improve existing documentation.
* Document 'replaces' return value.
* Add order_creation_error_strategy and order_creation_max_retries options.
* Add changelog fragment.
* Fix authz deactivation for finalizing step.
* Fix profile handling on order creation.
* Improve existing tests.
* Add ARI and profile tests.
* Warn when 'replaces' is removed when retrying to create an order.
* Add gpg_fingerprint lookup.
* Work around problems on some CI targets.
* Use get_bin_path to find the gpg executable. Document that we need it.
* Improve and test error handling.
* Refactor (potentially) common code to module_utils and plugin_utils.
This will be useful to create a filter version of this, and further lookups, filters, and modules.
* Do not create a keyring when there isn't one.
* Fixups.
* Fix description.
* More fixes for lookup.
* Also add a gpg_fingerprint filter.
* Improve formulation.
Co-authored-by: Sandra McCann <samccann@redhat.com>
---------
Co-authored-by: Sandra McCann <samccann@redhat.com>
* Do extra docs validation. Explicitly disallow semantic markup in docs.
* Forgot to add new requirement.
* Improve test.
* TEMP - make CI fail.
* Revert "TEMP - make CI fail."
This reverts commit a71b8901c1.
* Remove unnecessary import.
* Make sure ANSIBLE_COLLECTIONS_PATH is set.
* Make sure sanity tests from older Ansible versions don't complain.
* Add EE files.
* Install cryptography and PyOpenSSL from PyPi.
* Revert "Install cryptography and PyOpenSSL from PyPi."
This reverts commit 6b90a1efae.
* Only run test when cryptography has a new enough version.
* And another one.
* Extend changelog.
* Remove vendored copy of ipaddress.
* Forgot an import.
* Remove sanity ignores and checks related to ipaddress.
* Remove octal IPv4 address.
Such IPs are no longer accepted by ipaddress in Python's standard library (CVE-2021-29921).
* Remove unused import.
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
* Add first guides for creating certificates.
* Add extra docs check.
* Introduce error to see whether extra checks work.
* Revert "Introduce error to see whether extra checks work."
This reverts commit 8656a158b8.
* Linting.
* Fix copy'n'paste error.
* Move acme.py to acme/__init__.py to prepare splitup.
* Began moving generic code out.
* Creating backends.
* Update unit tests.
* Move remaining new code out.
* Use new interface.
* Rewrite module init code.
* Add changelog.
* Add BackendException for crypto backend errors.
* Improve / uniformize ACME error reporting.
* Create ACMELegacyAccount for backwards compatibility.
* Split up ACMEAccount into ACMEClient and ACMEAccount.
* Move get_keyauthorization into module_utils.acme.challenges.
* Improve error handling.
* Move challenge and authorization handling code into module_utils.
* Add split_identifier helper.
* Move order code into module_utils.
* Move ACME v2 certificate handling code to module_utils.
* Fix/move ACME v1 certificate retrieval to module_utils as well.
* Refactor alternate chain handling code by splitting it up into simpler functions.
* Make chain matcher creation part of backend.
* Move disk-independent parts of openssl_privatekey to module_utils and doc_fragments.
* Improve documentation.
* Add openssl_privatekey_pipe module.
* Fallback in case no fingerprints are returned.
* Prevent no_log=True for content to stop module from working correctly.
* Forgot version_added.
* Update copyright. All the interesting code is no longer in this file anyway.
* Remove file arguments.
* Add framework for action modules.
* Convert openssl_privatekey_pipe to action plugin.
* Linting.
* Bump version.
* Add return_current_key option.
* Add no_log to examples.
* Remove preparation for potential later extensibility (easy to re-add when needed).
* Fix deprecation version in docs.
* Use new ArgumentSpec object for AnsibleActionModule as well.
