Commit Graph

8 Commits (1dc3fe531744c61908a2280f8d4e06c5d3433a49)

Author SHA1 Message Date
James Cassell bc4ef99533 standardize TLS connection properties (#54315)
* openstack: standardize tls params

* tower: tower_verify_ssl->validate_certs

* docker: use standard tls config params

- cacert_path -> ca_cert
- cert_path -> client_cert
- key_path -> client_key
- tls_verify -> validate_certs

* k8s: standardize tls connection params

- verify_ssl -> validate_certs
- ssl_ca_cert -> ca_cert
- cert_file -> client_cert
- key_file -> client_key

* ingate: verify_ssl -> validate_certs

* manageiq: standardize tls params

- verify_ssl -> validate_certs
- ca_bundle_path -> ca_cert

* mysql: standardize tls params

- ssl_ca -> ca_cert
- ssl_cert -> client_cert
- ssl_key -> client_key

* nios: ssl_verify -> validate_certs

* postgresql: ssl_rootcert -> ca_cert

* rabbitmq: standardize tls params

- cacert -> ca_cert
- cert -> client_cert
- key -> client_key

* rackspace: verify_ssl -> validate_certs

* vca: verify_certs -> validate_certs

* kubevirt_cdi_upload: upload_host_verify_ssl -> upload_host_validate_certs

* lxd: standardize tls params

- key_file -> client_key
- cert_file -> client_cert

* get_certificate: ca_certs -> ca_cert

* get_certificate.py: clarify one or more certs in a file

Co-Authored-By: jamescassell <code@james.cassell.me>

* zabbix: tls_issuer -> ca_cert

* bigip_device_auth_ldap: standardize tls params

- ssl_check_peer -> validate_certs
- ssl_client_cert -> client_cert
- ssl_client_key -> client_key
- ssl_ca_cert -> ca_cert

* vdirect: vdirect_validate_certs -> validate_certs

* mqtt: standardize tls params

- ca_certs -> ca_cert
- certfile -> client_cert
- keyfile -> client_key

* pulp_repo: standardize tls params

remove `importer_ssl` prefix

* rhn_register: sslcacert -> ca_cert

* yum_repository: standardize tls params

The fix for yum_repository is not straightforward since this module is
only a thin wrapper for the underlying commands and config.  In this
case, we add the new values as aliases, keeping the old as primary,
only due to the internal structure of the module.

Aliases added:
- sslcacert -> ca_cert
- sslclientcert -> client_cert
- sslclientkey -> client_key
- sslverify -> validate_certs

* gitlab_hook: enable_ssl_verification -> hook_validate_certs

* Adjust arguments for docker_swarm inventory plugin.

* foreman callback: standardize tls params

- ssl_cert -> client_cert
- ssl_key -> client_key

* grafana_annotations: validate_grafana_certs -> validate_certs

* nrdp callback: validate_nrdp_certs -> validate_certs

* kubectl connection: standardize tls params

- kubectl_cert_file -> client_cert
- kubectl_key_file -> client_key
- kubectl_ssl_ca_cert -> ca_cert
- kubectl_verify_ssl -> validate_certs

* oc connection: standardize tls params

- oc_cert_file -> client_cert
- oc_key_file -> client_key
- oc_ssl_ca_cert -> ca_cert
- oc_verify_ssl -> validate_certs

* psrp connection: cert_trust_path -> ca_cert

TODO: cert_validation -> validate_certs (multi-valued vs bool)

* k8s inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* openshift inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* tower inventory: verify_ssl -> validate_certs

* hashi_vault lookup: cacert -> ca_cert

* k8s lookup: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* laps_passord lookup: cacert_file -> ca_cert

* changelog for TLS parameter standardization
6 years ago
Abhijeet Kasurde 32fce43311
hashi_vault: fix multiple spaces in params (#51524)
Fixes param parsing in hashi_vault

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
6 years ago
Matt Clay d2a7cc0b9f Fix integration tests to support remote hosts. 6 years ago
Matt Clay 6a0452559b Handle non-target file deps for integration tests.
Some integration test targets have dependencies on files outside
the `test/integration/targets/` directory tree. Changes to these
dependencies can result in unexpected test failures since they do
not trigger integration tests which depend on them.
6 years ago
Matt Clay 7b4bc572de
Fix ansible-test target dependency issues. (#50908)
* Log dependencies at verbosity level 4.

This makes it easier to debug target dependency issues.

* Scan symlinks for target dependencies.

Some test targets use symlinks to files in other test targets.
These dependencies were previously undetected. This could result in
changes made to dependencies without triggering the dependent tests.

* Track missing target deps with `needs/target/*`.

Some existing test targets have untracked dependencies on other
test targets. This can result in changes to those dependencies
not triggering their dependent tests, resulting in test failures
after a PR is merged.

This PR adds the appropriate `needs/target/*` aliases to track
those dependencies, along with appropriate processing in
ansible-test to handle the new aliases.

* Scan meta dependencies in script targets.

Script targets are often former role targets which were converted
to allow custom invocations of ansible-playbook. These targets still
have their meta dependencies, but they were not being detected.

This could result in changes to dependencies not triggering the
targets which depend on them.
6 years ago
Felix Fontein d2f524fb27 Use {{ ansible_python.executable }} instead of python in integration tests. (#47340) 6 years ago
Matt Clay f74f7b0373
Add constraint for requests on python 2.6. (#47306)
* Add constraint for requests on python 2.6.
* Use constraints in lookup_hashi_vault test.
6 years ago
Pilou 9984c0fd40 hashi_vault lookup: add integration tests (#44814)
* hashi_vault lookup: add integration tests

* hashi_vault lookup tests: use ansible-ci-files
6 years ago