Skip to content

Fix permissions with "group" option; test with ansible 2.12
Compare
Choose a tag to compare
@richm richm released this 08 Nov 21:03
1.1.1
52866a7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

use tox-lsr version 2.5.1

This version removes support for molecule until we can figure out
what to do about molecule. This should make all of the tox tests
pass (except for python 2.6).

Signed-off-by: Rich Megginson rmeggins@redhat.com

support ansible-core 2.11 ansible-test and ansible-lint

Fix parser fail on certificate verification.

Due to a change in Python's cryptography version 35.0.0 certificate
parser, and a difference in the ASN.1 certificate spec interpretation,
the certificates generated by certmonger fail to be validated.

This patch forces the version for the 'cryptography' package installed
to ignore the affected version, and should allow the tests for this
role to be executed.

certmonger already has a fix for the issue, but it might not be
available for every release supported by certificate role.

tests: Validate certificate permissions

Without specifying group:, certificates ought to have tight
permissions and only be accessible to the owner.

This currently also applies to certificates with group:, which is
wrong -- this will be fixed in the next commit.

Fix certificate permissions with "group" option

The default permissions are 0600, so that certificates are inaccessible
to the specified group. Add group read permission in that case, so that
this actually works.

Test this for both local certmonger and IPA.

support python 39, ansible-core 2.12, ansible-plugin-scan

update tox-lsr version to 2.7.1

update the tox-lsr version used in github actions tox CI
to 2.7.1

The only difference between this an 2.7.0 is that Ansible 2.12
is now GA.

Signed-off-by: Rich Megginson rmeggins@redhat.com

Assets 2
Loading