internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-03-26 21:33:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
774 Commits 4 Branches 109 Tags
78d9fe581368490c580eb5e3456d03569c0a79c6
Commit Graph

774 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felix Fontein
78d9fe5813 Add macOS 15.3. (#849) 2025-02-26 20:45:08 +01:00
Felix Fontein
a42e541326 Cleanup AZP config similarly to ansible-core did some years ago. (#846) 2025-02-10 22:52:24 +01:00
Felix Fontein
673b18d9a9 The next expected release will be 2.26.0. 2025-02-09 19:56:25 +01:00
Felix Fontein
2a99218162 Release 2.25.0. 2.25.0 2025-02-09 19:29:41 +01:00
Felix Fontein
e1763e22ae Prepare 2.25.0 release. 2025-02-09 14:25:42 +01:00
ilia-kats
2433fdab98 luks_device: allow passphrases to contain newlines (#844) 
* luks_device: allow passphrases to contain newlines

This is useful when passing binary keyfiles from an ansible vault, as
it removes the restriction that the binary data cannot contain newlines.
The only exception is adding a new key to an existing container, as in
that case the two passphrases are separated by a new line.

* add integration tests and a changelog fragment

* attempt to also make luks_add_key work with passphrases containing
newlines

* use a deterministic method to generate keyfile 3, improve changelog
formatting

* add licence and copyright to keyfile3.txt to satisfy CI
 2025-02-09 14:24:16 +01:00
Felix Fontein
cb6edf1a5f The next expected release will be 2.25.0. 2025-01-19 13:28:11 +01:00
Felix Fontein
3d4c5346c6 Release 2.24.0. 2.24.0 2025-01-19 13:03:31 +01:00
Felix Fontein
a8aa05ac4e Avoid reserved variable name 'order'. 2025-01-19 10:59:55 +01:00
Felix Fontein
0e122e5f56 Improve ACME profile support. 2025-01-19 10:55:26 +01:00
Felix Fontein
47ea1af180 Forgot to adjust warnings. 2025-01-19 10:47:24 +01:00
Felix Fontein
3951e6ceb4 Include cert ID in warning. 
This prevents the warning to be not shown for different certificates
in the same playbook due to warning de-duplication.
 2025-01-19 08:58:49 +01:00
Felix Fontein
bf70f8d717 Prepare 2.24.0. 2025-01-18 11:25:37 +01:00
Felix Fontein
214794d056 acme_certificate and acme_certificate_create_order: add order_creation_error_strategy and order_creation_max_retries options (#842) 
* Provide error information.

* Add helper function for order creation retrying.

* Improve existing documentation.

* Document 'replaces' return value.

* Add order_creation_error_strategy and order_creation_max_retries options.

* Add changelog fragment.

* Fix authz deactivation for finalizing step.

* Fix profile handling on order creation.

* Improve existing tests.

* Add ARI and profile tests.

* Warn when 'replaces' is removed when retrying to create an order.
 2025-01-18 10:51:10 +01:00
Felix Fontein
b9fa5b5193 Deprecate ansible-core < 2.17 and cryptography < 3.4. (#839) 2025-01-17 21:27:01 +00:00
Felix Fontein
5366b9e5ba Improve ACME tests; add acme_ari_info tests; use ARI and profiles features in acme_certificate tests (#841) 
* Fix description.

* Add basic acme_ari_info test.

* Refactoring.

* Extend acme_certificate tests.
 2025-01-14 23:49:24 +01:00
Felix Fontein
fd67767538 Move EOL'ed ansible-core 2.15 from AZP to GHA (#840) 
* Move EOL'ed ansible-core 2.15 from AZP to GHA.

* CentOS 7 does not work in GHA.
 2025-01-14 19:31:03 +01:00
Felix Fontein
ae35be3437 Adjust ARI tests to new Pebble (#837) 
* Adjust ARI tests to new Pebble.

* Fix key size for certificates to 2048 on all systems.
 2025-01-13 21:43:29 +01:00
Felix Fontein
01e7bf1f33 acme_certificate_renewal_info: add treat_parsing_error_as_non_existing option and existing and parsable return values (#838) 
* Fix error reporting for OpenSSL backend: raise BackendExceptions instead of directly failing the module.

* Add treat_parsing_error_as_non_existing option and existing and parsable return values.
 2025-01-12 21:42:24 +01:00
Felix Fontein
49354f2121 Add new ACME modules for working with orders. (#757) 2025-01-12 17:10:58 +01:00
Felix Fontein
072318466e Update ACME tests (#836) 
* Restrict remaining days to also work with short-lived profiles.

* Adjust boolean cases.

* Fix spelling error.

* Use larger key size for TLS-ALPN test certificate.
 2025-01-12 13:59:08 +01:00
Felix Fontein
248250514f Fix profile implementation. 2025-01-12 13:57:17 +01:00
Felix Fontein
2419e6c6ad Implement profile option. (#835) 2025-01-12 10:24:24 +01:00
Felix Fontein
029e009db1 CI: Add Fedora 41, Alpine 3.21, RHEL 9.5, FreeBSD 14.2 to CI for devel (#834) 
* Add Fedora 41, Alpine 3.21, RHEL 9.5, FreeBSD 14.2 to CI for devel.

* Fedora 41 also doesn't allow SHA-1 apparently.

Ref: https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer

* Work around broken cryptography in Fedora 41.
 2025-01-08 22:08:18 +01:00
Felix Fontein
cfd524f345 Fix CI badge image URL. Add documentation badge. 2025-01-04 11:27:22 +01:00
Felix Fontein
355480601d Make 2.9, 2.10, and 2.11 sanity tests shut up. 2025-01-03 15:26:19 +01:00
Felix Fontein
f956ddcc77 Add extra sanity test for acme action group. 2025-01-03 14:56:36 +01:00
Felix Fontein
ccb4ecfbd8 The next expected release will be 2.24.0. 2024-12-30 22:36:49 +01:00
Felix Fontein
95886d1cf9 Release 2.23.0. 2.23.0 2024-12-30 22:04:25 +01:00
Felix Fontein
9b53f4b382 Prepare 2.23.0 release. 2024-12-30 21:17:40 +01:00
Felix Fontein
3f0e292246 Add 'idempotent' attribute (#833) 
* Add 'idempotent' attribute.

* Mention check mode in attribute description.

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>

---------

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2024-12-30 21:11:12 +01:00
Felix Fontein
0d4b16aadb acme_certificate: be nicer to non-compliant CAs (#832) 
* Be nicer to non-compliant CAs.

* Mark as a feature, not a bugfix.
 2024-12-30 10:30:33 +00:00
Felix Fontein
db04914ab6 Deprecate PyOpenSSL. (#831) 2024-12-30 10:10:10 +01:00
Felix Fontein
abb0d67774 Add validation option. (#830) 2024-12-30 10:09:51 +01:00
Felix Fontein
05c442ab5e luks_device: allow to provide passphrases base64-encoded (#829) 
* Allow to provide passphrases base64-encoded.

* Add note on binary passphrases.
 2024-12-30 10:09:32 +01:00
Felix Fontein
4ce9745d35 Put appropriate module attributes into doc fragments. 2024-12-29 16:17:03 +01:00
Felix Fontein
37af200ecb Fix doc fragments indents. 2024-12-29 15:47:51 +01:00
Felix Fontein
ddbcf49868 Improve formulations. 2024-12-28 17:02:42 +01:00
Felix Fontein
942be86635 Reformat documentation with 'andebox yaml-doc' (#828) 
* Reformat documentation with 'andebox yaml-doc'.

* Fix/improve.

* Remaining fixes.

* One more.
 2024-12-28 16:00:28 +00:00
Felix Fontein
2ed7f69b83 Improve language. 2024-12-28 14:30:08 +01:00
Felix Fontein
91504cda85 Arch Linux updated to Python 3.13. (#826) 2024-12-22 21:27:54 +01:00
Felix Fontein
16434d9ad8 Fix some issues pointed out by zizmor. (#823) 2024-12-14 14:56:00 +01:00
Felix Fontein
9e10cfb53a Update the PKCS#12 encryption warning. (#820) 2024-11-23 15:44:06 +01:00
Felix Fontein
32047dccc5 Add test with device name starting with 'crypt'. (#821) 2024-11-21 21:46:26 +01:00
Felix Fontein
0f7c5f0de1 CI: Fix cryptsetup version for RHEL 9.1/9.2/9.3/9.4 (#819) 
* Fix cryptsetup version for RHEL 9.1/9.2/9.3.

* Also fix version for RHEL 9.4.

* Trigger change in openssh_cert.

* Use lower-case names.

* Actually install the right version.
 2024-11-18 21:36:53 +01:00
dependabot[bot]
8b831dbe59 Bump fsfe/reuse-action from 4 to 5 (#818) 
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action) from 4 to 5.
- [Release notes](https://github.com/fsfe/reuse-action/releases)
- [Commits](https://github.com/fsfe/reuse-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: fsfe/reuse-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-18 19:38:22 +01:00
Felix Fontein
8e33aafdba Add FreeBSD 13.4 to CI. (#815) 2024-11-08 23:05:44 +01:00
Felix Fontein
1b134f2d13 Next expected release will be 2.23.0. 2024-10-27 09:19:31 +01:00
Felix Fontein
7adca3efff Release 2.22.3. 2.22.3 2024-10-27 08:49:30 +01:00
Felix Fontein
6731b38baa Explicitly use UTC timezone in ACME OpenSSL backend (#811) 
* Allow abstract backend class to handle both with and without timezone.

* Explicitly use UTC timezone in OpenSSL backend code.
 2024-10-27 08:13:05 +01:00