internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-04-27 00:46:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
961 Commits 4 Branches 110 Tags
fa36f75812c52a008bdad230a87508d5ed2d10b5
Commit Graph

247 Commits

Author SHA1 Message Date
Felix Fontein
070891b873 acme_challenge_cert_helper: adjust private key check (#1007) 
* Adjust private key check.

* Fix sorting.
 2026-04-25 13:32:31 +02:00
Felix Fontein
cb0137baca Mark dns-account-01 and dns-persist-01 more explicitly as experimental. (#1002) 2026-04-17 07:32:41 +02:00
Felix Fontein
d966acbef4 Improve authz handling. (#998) 2026-04-05 09:45:11 +00:00
Felix Fontein
f3b43185bf ACME: add dns-persist-01 support (#997) 
* Add dns-persist-01 DNS TXT record filters.

* Refactor parsing and joining CAA issue-values out.

* Add basic tests.

* Fix bug and add integration tests for filters.

* Add dns-persist-01 support to ACME modules.

* Add changelog fragment.
 2026-04-01 19:46:59 +02:00
Felix Fontein
13ea1de2f3 Add note on RFC draft adherence. 2026-03-29 22:19:35 +02:00
Felix Fontein
b1ae295fb7 ACME: implement dns-account-01 challenge type (#996) 
* Implement dns-account-01.

* Bump draft versions.

* dns-account-01 implementation changed in Pebble; only the one used by ansible-core 2.21/devel's ACME simulator matches the latest draft.
 2026-03-29 18:49:33 +00:00
Felix Fontein
bb216ed164 Document bcrypt dependency. (#989) 2026-03-23 21:12:53 +01:00
Albert Krewinkel
b1e4777b4d Fix typos (phassphrase => passphrase) (#984) 2026-03-06 19:02:14 +01:00
Felix Fontein
911ed33c2e Fix EC detection. (#981) 2026-02-11 21:44:24 +01:00
Felix Fontein
9cbf9fc6ec Re-sort imports. 2025-12-25 23:27:29 +01:00
Aram Akhavan
83806cafc7 luks_device: add support for tpm2 and keyslot priority (#972) 
* luks_device: add support for tpm2 and fido2 devices

* Update documentation per code review comments

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add support for keyslot priority

* Add changelog fragment.

* Remove fido2 support. Add idempotency for remove-tpm2

* Fix testing

* Fix testing again

* Fix formatting

* Fix format

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add required_by and fix formatting

* vscode did something stupid...

* Address code review comments

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-12-22 09:15:52 +01:00
Felix Fontein
1b86848a6f Stop mentioning Buypass. (#964) 
https://community.buypass.com/t/y4y130p
 2025-10-29 20:57:54 +01:00
Felix Fontein
5420f9baaf Cleanup with ruff check (#963) 
* Implement improvements suggested by ruff check.

* Add ruff check to CI.

* Add changelog fragment.
 2025-10-28 07:21:11 +01:00
Felix Fontein
6f0c58f483 Fix/improve docs. 2025-10-25 14:32:37 +02:00
Felix Fontein
f85e912d83 Adjust to new pylint release. 2025-10-12 23:13:38 +02:00
Felix Fontein
0f8a09e70e Reorganize imports due to https://github.com/ansible-community/antsibull-nox/pull/136. 2025-10-10 21:20:24 +02:00
Felix Fontein
c0072d29f5 ansible-core 2.20: avoid deprecated functionality (#953) 
* Avoid deprecated functionality.

* Lint.

* Fix typing.

* Python 3.7/3.8 compat.
 2025-08-17 22:30:10 +02:00
Aditya Putta
b2ab04861e Ensure consistent SSH key format with idempotent Ed25519 key regeneration (#932) 
* Ensure consistent SSH key format with idempotent Ed25519 key regeneration

* Update plugins/modules/openssh_keypair.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* removed extra whitespace

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-07-11 07:22:47 +02:00
Felix Fontein
fcb50ed142 Docs: mention RFC 9773 instead of the ARI draft (#929) 
* Mention RFC 9773 instead of the ARI draft.

* Remove mentions of the draft.
 2025-07-06 16:00:18 +02:00
Felix Fontein
c7489b8d3c acme_certificate: deprecate modify_account's default true, recommend to set to false (#924) 
* Deprecate modify_account's default value.

* Show new default in all examples.
 2025-06-25 20:59:28 +02:00
Felix Fontein
d83a923325 Ensure that *everything* is typed in community.crypto (#917) 
* Ensure that *everything* is typed in community.crypto.

* Fix comment.

* Ignore type definitions/imports and AssertionErrors for code coverage.
 2025-06-09 10:10:19 +02:00
Daniel Ziegenberg
ec063d8515 Add HARICA to the list of tested CAs (#915) 
* Add HARICA to the list of tested CAs

Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>

* Add ZeroSSL to list.

---------

Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-06-08 20:58:08 +02:00
Felix Fontein
e90d4d2b0f Improve type hinting. (#914) 2025-06-08 20:48:58 +02:00
Felix Fontein
f68b0d0c08 Improve type hints. (#913) 2025-06-01 21:33:20 +02:00
Felix Fontein
576a06b5b2 Remove no longer needed backend abstractions. (#912) 2025-06-01 09:07:06 +02:00
Felix Fontein
82522fc07f Improve typing (#911) 
* Make type checking more strict.

* mypy: warn about unreachable code.

* Enable warn_redundant_casts.

* Enable strict_bytes.

* Look at some warn_return_any warnings.
 2025-05-31 10:25:55 +02:00
Felix Fontein
6d273bc5b7 Fix invalid-name issues. (#909) 2025-05-30 23:06:24 +02:00
Felix Fontein
b8adc3b241 Use ruff format, and then undo most changes with black and isort. (#903) 2025-05-24 08:30:31 +02:00
Felix Fontein
43ea6148df Remove Entrust modules and certificate providers (#900) 
* Remove Entrust modules and certificate providers.

* Add more information on Entrust removal.

* Remove Entrust content from ignore.txt files.

* Work around bug in ansible-test.
 2025-05-22 19:08:48 +00:00
Felix Fontein
b08afe4237 Make all doc_fragments private. (#898) 2025-05-18 01:42:18 +02:00
Felix Fontein
7294841a28 Replace to_native with to_text. (#897) 2025-05-18 01:31:33 +02:00
Felix Fontein
318462fa24 Work on issues found by pylint (#896) 
* Look at possibly-used-before-assignment.

* Use latest beta releases of ansible-core 2.19 for mypy and pylint.

* Look at unsupported-*.

* Look at unknown-option-value.

* Look at redefined-builtin.

* Look at superfluous-parens.

* Look at unspecified-encoding.

* Adjust to new cryptography version and to ansible-core 2.17's pylint.

* Look at super-with-arguments.

* Look at no-else-*.

* Look at try-except-raise.

* Look at inconsistent-return-statements.

* Look at redefined-outer-name.

* Look at redefined-argument-from-local.

* Look at attribute-defined-outside-init.

* Look at unused-variable.

* Look at protected-access.

* Look at raise-missing-from.

* Look at arguments-differ.

* Look at useless-suppression and use-symbolic-message-instead.

* Look at consider-using-dict-items.

* Look at consider-using-in.

* Look at consider-using-set-comprehension.

* Look at consider-using-with.

* Look at use-dict-literal.
 2025-05-18 00:57:28 +02:00
Felix Fontein
a3a5284f97 Add basic typing for Entrust code. (#894) 2025-05-17 17:43:50 +02:00
Felix Fontein
990b40df3e Add pylint (#892) 
* Move mypy/flake8/isort config files to more 'natural' places.

* Add pylint.

* Look at no-member.

* Look at pointless-* and unnecessary-pass.

* Look at useless-*.

* Lint.
 2025-05-17 16:45:37 +02:00
Felix Fontein
5fbf35df86 Deprecate no longer used options. (#891) 2025-05-16 22:23:05 +02:00
Felix Fontein
44bcc8cebc Code refactoring (#889) 
* Add __all__ to all module and plugin utils.

* Convert quite a few positional args to keyword args.

* Avoid Python 3.8+ syntax.
 2025-05-16 06:55:57 +02:00
Felix Fontein
a5a4e022ba Make all module_utils and plugin_utils private (#887) 
* Add leading underscore. Remove deprecated module utils.

* Document module and plugin utils as private. Add changelog fragment.

* Convert relative to absolute imports.

* Remove unnecessary imports.
 2025-05-11 19:17:58 +02:00
Felix Fontein
f758d94fba Add type hints and type checking (#885) 
* Enable basic type checking.

* Fix first errors.

* Add changelog fragment.

* Add types to module_utils and plugin_utils (without module backends).

* Add typing hints for acme_* modules.

* Add typing to X.509 certificate modules, and add more helpers.

* Add typing to remaining module backends.

* Add typing for action, filter, and lookup plugins.

* Bump ansible-core 2.19 beta requirement for typing.

* Add more typing definitions.

* Add typing to some unit tests.
 2025-05-11 18:00:11 +02:00
Felix Fontein
12f958c955 Fix assert_required_cryptography_version() calls. 2025-05-03 12:55:50 +02:00
Felix Fontein
645b7bf9ed Get rid of backend parameter whenever possible (#883) 
* Get rid of backend parameter whenever possible.

* Always auto-detect if backend choices are 'cryptography' and 'auto', resp. always check cryptography version.

* Improve error message.

* Update documentation.
 2025-05-03 10:46:53 +02:00
Felix Fontein
fbcb89f092 Support cryptography 3.3 (#882) 
* Re-add Debian Bullseye to CI.

* Support cryptography 3.3 as well.
 2025-05-02 21:42:06 +02:00
Felix Fontein
86db561193 Get rid of some to_native and to_text calls. (#880) 2025-05-02 15:58:39 +02:00
Felix Fontein
5231ac8f3f Remove support for cryptography < 3.4 (#878) 
* Stop passing backend to cryptography.

* Make public_bytes() fallback the default.

* Remove compatibility code for older cryptography versions.

* Require cryptography 3.4+.

* Restrict to cryptography >= 3.4 in integration tests.

* Remove Debian Bullseye from CI.

It only supports cryptography 3.3.

* Improve imports.

* Remove no longer existing conditional.
 2025-05-02 15:27:18 +02:00
Felix Fontein
65872e884f Remove Python 2 specific code (#877) 
* Get rid of Python 2 special handling.

* Get rid of more Python 2 specific handling.

* Stop using six.

* ipaddress is part of the standard library since Python 3.

* Add changelog.

* Fix import.

* Remove unneeded imports.
 2025-05-01 16:21:13 +02:00
Felix Fontein
641e63b08c Replace % and str.format() with f-strings (#875) 
* Replace % and str.format() with f-strings.

* Apply suggestions from review.
 2025-05-01 11:50:10 +02:00
Felix Fontein
d8f838c365 Modernize some Python constructs (#876) 
* Update __future__ import, remove __metaclass__ assignment.

* Removing obsolete encoding comment.

* Remove unneccessary object inheritance.
 2025-05-01 10:36:59 +02:00
Felix Fontein
d368d1943d Bump version to 3.0.0-dev0, remove deprecated functionality and implement announced breaking changes (#873) 
* Bump verison to 3.0.0-dev0.

* Change check mode behavior for *_pipe modules.

* Remove PyOpenSSL backend.

* Remove PyOpenSSL setup.

* Change default of asn1_base64.

* Remove deprecated common module utils.

* Remove get_default_argspec().

* Mark two methods as abstract.

* Remove ACME v1 support.

* Remove retrieve_acme_v1_certificate().

* Remove deprecated docs fragment.

* Change meaning of mode parameter.

* Mark no longer used option as 'to deprecate'.
 2025-04-29 08:12:44 +02:00
Felix Fontein
aec1826c34 Reformat everything with black. 
I had to undo the u string prefix removals to not drop Python 2 compatibility.
That's why black isn't enabled in antsibull-nox.toml yet.
 2025-04-28 10:48:00 +02:00
Felix Fontein
04a0d38e3b Do not supply passphrase when killing keyslot. (#868) 2025-04-27 22:19:12 +02:00
Felix Fontein
aa9e7b6dfb Add isort and flake8 to CI (#869) 
* Run isort.

* Clean up unused assignments.

* Add flake8 linting step.
 2025-04-27 22:18:29 +02:00