1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

37055 commits

Author SHA1 Message Date
David Norman
7963279fc2 Generate SHA256 signed certificates for WinRM (#36668)
* Generate SHA256 signed certificates

Vulnerability scanners are increasingly reporting SHA-1 signed certificates as a vulnerability on servers. Before this change, -ForceNewSSLCert generates a signature algorithm that openssl shows as sha1WthRSAEncryption for WinRM port 5986. After, this forces certificates to be signed with SHA256, which openssl shows sha256WithRSAEncryption.

Some example SHA-1 deprecations include:
- https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2017/4010323
- https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

Also note that RDP 3389 on Windows 2016 also defaults to a SHA256 certificate.

The specifics were merged from a script mod I found at https://gallery.technet.microsoft.com/scriptcenter/PowerShell-script-to-7a0321b7 intended for Exchange. It also includes a mod to add an alternate DNS listing so the cert contains CN=HOSTNAME plus now also an alternative of the FQDN.

I tested this change on Windows 2008R2, 2012R2, and 2016 Datacenter.

* Keep WinRM cert key length at 4096.

* Remove WinRM cert exportpolicy setting.
2018-04-20 09:01:48 +10:00
Sviatoslav Sydorenko
5ea1ee47dd Refactor Foreman provider to use simplified img 2018-04-20 00:36:23 +02:00
Sviatoslav Sydorenko
1664554b4a Unrandomize docker registry selection
stick with quay for now
2018-04-20 00:36:23 +02:00
Sviatoslav Sydorenko
d5b340cc43 Improve foreman image src selection 2018-04-20 00:36:23 +02:00
Sviatoslav Sydorenko
87eca24969 Add playbook with foreman tests 2018-04-20 00:36:23 +02:00
Sviatoslav Sydorenko
fb0487945c Add runme script to foreman inventory tests 2018-04-20 00:36:23 +02:00
Sviatoslav Sydorenko
d0018848a5 Enable foreman inventory plugin in tests 2018-04-20 00:36:23 +02:00
Sviatoslav Sydorenko
2608ef535f Add foreman cloud provider 2018-04-20 00:36:23 +02:00
Sviatoslav Sydorenko
e169da0748 Initialize foreman test suite 2018-04-20 00:36:23 +02:00
Brian Coca
11c40bcbda forman as inv plugin
updated with newer methods
fixed ssl name to match ansible convention
more options for host info
added vars_prefix
added comments explaining current flow
reformated commentd out code so pep8 can be happy
enabled caching
2018-04-19 17:07:47 -04:00
Thomas Krahn
7320d29851 Update tree.py
Fix wording (commadn instead of command)
2018-04-19 15:51:06 -04:00
Sudheer Satyanarayana
785c660432 Clarify recursive
If recursive is set to yes, the module changes the attributes of the directory recursively even though state: directory is not set.
2018-04-19 12:08:36 -07:00
pcahyna
a81c6668eb File module: correct description of "state" (#36327)
* File module: correct description of "state"

It was probably intended to say "intermediate subdirectories will be created" and not "immediate subdirectories will be created".
2018-04-19 12:04:48 -07:00
Adam Dobrawy
af9d6aadf0 [file] Update description of state (#38451)
* [file] Update description of state
2018-04-19 11:52:43 -07:00
Toshio Kuratomi
6ddc64bc7c Fixes for multiline doc descriotions breaking rst formatting
* strip whitespace to preserve indent level
* Make sure to indent subsequent lines of indentation
2018-04-19 11:37:37 -07:00
Abhijit Menon-Sen
ede1d6158a Fix typo(-ish)
The «if err» test always passed after #cf938e99926 changed the earlier
assignment to always set err to "\n" if stderr was empty, and so every
script plugin (e.g., ec2.py) started to always report an empty ERROR.
2018-04-19 22:27:48 +05:30
lazouz
a1759b02cd add user password lock option to user module (#37962)
* add user password lock option to user module

* fixup! add user password lock option to user module

* add unlock, set no default

* fixup! add unlock, set no default

* fixup! fixup! add unlock, set no default

* add lock password for FreeBSD, netBSD

* fixup! add lock password for FreeBSD, netBSD
2018-04-19 10:07:49 -04:00
Abhijeet Kasurde
268c682a05 VMware: new module : vmware_cluster_facts (#37105)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-04-19 05:41:04 -04:00
Olivier Bourdon
87a07e81a9 Fix interface method change (#38996) 2018-04-19 05:05:39 -04:00
Sloane Hertel
e2aa1155ba [ec2_ami] Ensure name or image_id is provided for state=present (#38972)
Add integration tests for backward compatibility and ensuring name or image_id is provided
2018-04-19 09:28:25 +10:00
Matt Martz
cdb79b0e3a
Consider parent also when comparing IncludedFile (#37083)
* Consider parent also when comparing IncludedFile

* Add new tests for IncludedFile and convert to pytest
2018-04-18 17:02:14 -05:00
Toshio Kuratomi
a08459a814
Update info on python support (#38855)
* Update the documentation to list Python 3 as official
* Add some reference targets for inventory variables so we can link to docs
* Add a platform FAQ section
  Populate it with

  * virtualenv info (previously on the python3 support page)
  * BSD (Link to the working with BSD page)
  * Solaris (Document how to work around the non-POSIX shell on some
    Solaris hosts)

  Fixes #21594

* Fix some refs in the release_and_maintenance document

* Fix unindent error in module template

Fix for the module/plugin template unintentionally unindented inside of
a raw block, leading to errors like:

ERROR: docs/docsite/rst/modules/redshift_facts_module.rst:289:0: Explicit markup ends without a blank line; unexpected unindent.

* Make wording for Solaris troubleshooting better.
2018-04-18 13:04:47 -07:00
John R Barker
c1ae1c8251
Fix broken yaml (#38966) 2018-04-18 20:54:14 +01:00
Alicia Cozine
0ebc0b9e5a adds FAQ TOC entry, links & examples to modules (#38706)
* adds FAQ TOC entry, links & examples to modules
* moves link to Notes, corrects examples
2018-04-18 11:41:54 -07:00
Ondra Machacek
aeaf0e358f ovirt: Use id instead of name of Blank template (#38948)
Since Blank template could be renamed we must use it's ID to be sure we
are using the Blank template.
2018-04-18 14:17:11 -04:00
Will Thames
dc09ddfbd5 elb_target_group: use port parameter as default for target port (#38578)
The docs suggest that `port` parameter is the default port upon
which targets listen. As such, a target need only provide a `Port`
key to override the default.
2018-04-18 13:19:54 -04:00
Toshio Kuratomi
8cdd75a09f Some more fixes for the docs :ref: disambiguation
The big one is that we needed to set plugin_type when we processed the by_support template.

Also added to list_of_CATEGORY_plugins page (which might not be used)
and corrected a place where I did module_name instead of name_module
2018-04-18 10:06:01 -07:00
Will Thames
6b970348b1 [AWS cloudfront_distribution] Update minimum protocol versions (#38644)
As per docs, the current set of values is

```
'SSLv3'|'TLSv1'|'TLSv1_2016'|'TLSv1.1_2016'|'TLSv1.2_2018'
```

Fixes #38642
2018-04-18 13:01:30 -04:00
Brian Coca
ce8c336d52 added ref to ansilbe molecule 2018-04-18 12:19:09 -04:00
Toshio Kuratomi
9faf7b949e Fix places in docs that refer to modules without namespace
We've namespaced all plugin docs.  Change the docs to reflect that
2018-04-18 08:43:34 -07:00
Toshio Kuratomi
f9d83944ec regex for finding :ref: labels was flawed
The regex to find labels inside of angle brackets was not detecting
anything before so I missed all of those.
* Fixed the regex in find-plugin-refs to take care of that.
* Fixed plugin_formatter to emit namespaced labels for the M() macro.
2018-04-18 08:43:34 -07:00
David Gunter
a833281e22 Add Yarn module (#19026)
* Add yarn module based off of NPM module, adjust syntax for install cmd

* Update author list

* Add Return docbloc

* Remove extra var assignment

* Always return output without emojis, small changes for yarn 0.16.1

* Move import line, add ANSIBLE_METADATA, bump version_added

* Updating module format to meet newest lint requirements. Update options and example docs.

* Bring back RETURN block and main() execution.

* All trailing whitespace removed.

* Remove json try/except.

* Add initial pass at setting up Yarn integration tests.

* Add better handling for latest and removal states. Add tests for upgrading a single package.

* Fix issue where state=latest for installing all packages caused failure.

* Set yarn bin to latest version for tests. Fix sanity tests.

* Switch template task to copy task in yarn integration tests.
2018-04-18 08:19:38 -05:00
Ondra Machacek
af8a20d8a1 ovirt: Support removing unmanaged networks (#38940) 2018-04-18 07:28:02 -04:00
Deepak Agrawal
bdd105f740
Handle Duplex parsing on some version of iosxr (#38738)
* Handle Duplex parsing on some version of iosxr

* use re noncapture group for multiple match as suggested by Eric
2018-04-18 13:22:08 +05:30
Martin Krizek
8173602a34
Add expandvars jinja2 filter (#38805)
* Add expandvars jinja2 filter

* Add docs

* Minor edit
2018-04-18 09:29:19 +02:00
Ryo IGARASHI
1cc2aeb40a Update apt.py (#37972)
* Update apt.py

Proposing description of "cache_valid_time" for Ansible 2.4 or greater.
If 'cache_valid_time' is set, 'update_cache' is set implicitly.
This means the logic should be reversed.

 label: docsite_pr

* Proposing the description of "cache_valid_time"..

This commit follows the discussion in #37972.

 label: docsite_pr
2018-04-18 08:41:10 +02:00
Jason Lingohr
d684c51815 Update win_certificate_store.py (#38860)
* Update win_certificate_store.py

Improvements to describe the different destination stores.

+label: docsite_pr

* Update win_certificate_store.py

Whole line needs to be quoted -- lingfish YAML fail.
2018-04-18 14:16:31 +10:00
scottb
c97e508806
[WIP] disambiguating autogenerated module docs attempted fix of #38439. (#38890)
Disambiguates autogenerated module docs - fixes #38439.
2018-04-17 18:45:07 -07:00
Deric Crago
50d151aef2 Updated 'quay.io/ansible/vcenter-test-container' image tag to '1.2.0'
vcsim remains on commit 'dee49fa3694c5aff05e4b340b0686772f65c1fe1'
2018-04-17 17:57:43 -07:00
Matt Clay
e401927d67 Restore seboolean and sefcontext tests on RHEL. 2018-04-17 16:34:47 -07:00
Jordan Borean
77ef4802f0
win_regedit: stabilise tests (#38912) 2018-04-18 08:11:44 +10:00
Matt Clay
26312b6557 Remove migrated httptester files.
The httptester has been migrated to:

https://github.com/ansible/http-test-container
2018-04-17 15:03:51 -07:00
Matt Clay
3d57f45815 Update httptester docs. 2018-04-17 15:02:56 -07:00
Toshio Kuratomi
a1b148d190 Fix shebang so sanity tests pass 2018-04-17 15:01:29 -07:00
Toshio Kuratomi
1f0cc54ec7 fixup style problems in new script 2018-04-17 15:01:29 -07:00
Toshio Kuratomi
6b1e6b8460 Add a script for finding bare plugin :ref:s
We're porting autogenerated plugin docs so that :ref: targets are
namespaced by plugin type.  To do this effectively, we need to know
where all the :ref: targets which refer to the bare plugin names are in
the rst files.  This script will find those.
2018-04-17 15:01:29 -07:00
Evgeniy Komissarov
92f4065157 Fix typo in windows_faq.rst (#38864)
Fix typo in `python-pip` packet name.
+label: docsite_pr
2018-04-18 07:55:57 +10:00
Matt Clay
57f1298074 Restore docker_secret test on RHEL. 2018-04-17 13:56:11 -07:00
Matt Clay
35748e5228 Update httptester container reference. 2018-04-17 12:15:07 -07:00
Brad Macpherson
11a5671d68 [cloud] New module: AWS EC2 Elastic IP address facts (#38823) 2018-04-17 15:10:54 -04:00