From 81f660f6061f16166af06bec94ddbc44fbc221ab Mon Sep 17 00:00:00 2001
From: Sam Doran <sdoran@redhat.com>
Date: Tue, 15 Sep 2020 17:21:45 -0400
Subject: [PATCH] [stable-2.8] incidental_setup_openssl - Pin version of Python
 packages

A recent update to cffi that was yanked is still being installed on our
Mac OS X 10.11 test image since the version of pip there is very old and
does not ignore yanked packages.

Pin the version of pyOpenSSL and its dependencies to fix this and avoid
future spontaneous failures..
(cherry picked from commit 65cdb86c8aefdf4f4c7dc173b0e548a2717ffc1d)

Co-authored-by: Sam Doran <sdoran@redhat.com>
---
 test/integration/targets/setup_openssl/tasks/main.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/test/integration/targets/setup_openssl/tasks/main.yml b/test/integration/targets/setup_openssl/tasks/main.yml
index 5e93a8c3c19..26362db4c6f 100644
--- a/test/integration/targets/setup_openssl/tasks/main.yml
+++ b/test/integration/targets/setup_openssl/tasks/main.yml
@@ -18,7 +18,15 @@
 - name: Install pyOpenSSL
   become: True
   pip:
-    name: pyOpenSSL
+    name:
+      - pyOpenSSL==19.1.0
+      # dependencies for pyOpenSSL
+      - cffi==1.14.2
+      - cryptography==3.1
+      - enum34==1.1.10
+      - ipaddress==1.0.23
+      - pycparser==2.20
+      - six==1.15.0
   when:  ansible_os_family == 'Darwin'
 
 - name: register pyOpenSSL version