1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Find a file
Toshio Kuratomi e238ae999b Cyptography pr 20566 rebase (#25560)
Make pyca/cryptography the preferred backend for cryptographic needs (mainly vault) falling back to pycrypto

pyca/cryptography is already implicitly a dependency in many cases
through paramiko (2.0+) as well as the new openssl_publickey module,
which requires pyOpenSSL 16.0+. Additionally, pyca/cryptography is
an optional dep for better performance with vault already.

This commit leverages cryptography's padding, constant time comparisons,
and CBC/CTR modes to reduce the amount of code ansible needs to
maintain.

* Handle wrong password given for VaultAES format

* Do not display deprecation warning for cryptography on python-2.6

* Namespace all of the pycrypto imports and always import them

  Makes unittests better and the code less likely to get stupid mistakes
  (like using HMAC from cryptogrpahy when the one from pycrypto is needed)

* Add back in atfork since we need pycrypto to reinitialize its RNG just in case we're being used with old paramiko

* contrib/inventory/gce: Remove spurious require on pycrypto

(cherry picked from commit 9e16b9db275263b3ea8d1b124966fdebfc9ab271)

* Add cryptography to ec2_win_password module requirements
  * Fix python3 bug which would pass text strings to a function which
    requires byte strings.

* Attempt to add pycrypto version to setup deps

* Change hacking README for dual pycrypto/cryptography

* update dependencies for various CI scripts

* additional CI dockerfile/script updates

* add paramiko to the windows and sanity requirement set

  This is needed because ansible lists it as a requirement. Previously
  the missing dep wasn't enforced, but cryptography imports pkg_resources
  so you can't ignore a requirement any more

* Add integration test cases for old vault and for wrong passwords

* helper script for manual testing of pycrypto/cryptography

* Skip the pycrypto tests so that users without it installed can still run the unittests

* Run unittests for vault with both cryptography and pycrypto backend
2017-06-27 06:00:15 -07:00
.github Ask for Network OS version info (#25958) 2017-06-21 12:55:55 +01:00
bin added comment on why not os.chdir 2017-06-19 17:17:10 -04:00
contrib Cyptography pr 20566 rebase (#25560) 2017-06-27 06:00:15 -07:00
docs Fix roles language in docs (#25811) 2017-06-26 23:10:07 -07:00
examples Fix spelling mistakes (comments only) (#25564) 2017-06-12 07:55:19 +01:00
hacking Cyptography pr 20566 rebase (#25560) 2017-06-27 06:00:15 -07:00
lib/ansible Cyptography pr 20566 rebase (#25560) 2017-06-27 06:00:15 -07:00
packaging Updating release vars versions for 2.3.1 and 2.1.6 2017-06-05 10:05:41 -05:00
test Cyptography pr 20566 rebase (#25560) 2017-06-27 06:00:15 -07:00
ticket_stubs Remove obsolete ticket stubs. 2016-12-08 11:35:20 -05:00
.coveragerc Docker image updates for integration tests. (#26054) 2017-06-23 12:45:38 -07:00
.gitattributes avoid exporting files useless to dist 2017-06-23 15:56:43 -04:00
.gitignore Enable codecov.io and add coverage grouping. 2017-05-15 19:14:05 +08:00
.gitmodules Code cleanup. 2016-12-08 11:35:04 -05:00
.mailmap add mailmap entries for @resmo 2017-04-09 11:56:37 +02:00
.yamllint Lint YAML files under test/ 2016-11-11 14:50:57 -08:00
ansible-core-sitemap.xml Remove remnants of obsolete fireball mode. 2016-12-09 16:56:34 -07:00
CHANGELOG.md Cyptography pr 20566 rebase (#25560) 2017-06-27 06:00:15 -07:00
CODING_GUIDELINES.md Coding guidelines were not PEP8 compliant :-) (#25589) 2017-06-13 09:25:37 +01:00
CONTRIBUTING.md Update CONTRIBUTING.md with more recent developments 2016-03-23 15:32:29 +01:00
COPYING license file should be in source tree 2012-03-15 20:24:22 -04:00
docsite_requirements.txt Fixes the build issue pertaining to sphinx-build which is required to build ansible (#22480) 2017-03-14 14:19:46 -07:00
Makefile avoid exporting files useless to dist 2017-06-23 15:56:43 -04:00
MANIFEST.in Include .yamllint in manifest so yamllint works. 2017-04-12 10:59:52 -07:00
MODULE_GUIDELINES.md Move GUIDELINES.md from modules repo (#19313) 2016-12-14 11:46:14 -05:00
README.md Fix installation instructions link in the README (#24754) 2017-05-18 08:09:53 +01:00
RELEASES.txt updated release info 2017-05-03 18:21:32 -04:00
requirements.txt Cyptography pr 20566 rebase (#25560) 2017-06-27 06:00:15 -07:00
ROADMAP.rst Update ROADMAP (#20002) 2017-01-16 11:36:53 +00:00
setup.py Cyptography pr 20566 rebase (#25560) 2017-06-27 06:00:15 -07:00
shippable.yml Restore disabled opensuse integration tests. 2017-05-17 17:13:27 +08:00
tox.ini update the flake8 config in tox.ini 2017-04-05 09:43:37 -07:00
VERSION Bumping devel version to 2.4.0 2017-03-15 09:42:01 -05:00

PyPI version Build Status

Ansible

Ansible is a radically simple IT automation system. It handles configuration-management, application deployment, cloud provisioning, ad-hoc task-execution, and multinode orchestration - including trivializing things like zero downtime rolling updates with load balancers.

Read the documentation and more at https://ansible.com/

Many users run straight from the development branch (it's generally fine to do so), but you might also wish to consume a release.

You can find instructions here for a variety of platforms.

Design Principles

  • Have a dead simple setup process and a minimal learning curve
  • Manage machines very quickly and in parallel
  • Avoid custom-agents and additional open ports, be agentless by leveraging the existing SSH daemon
  • Describe infrastructure in a language that is both machine and human friendly
  • Focus on security and easy auditability/review/rewriting of content
  • Manage new remote machines instantly, without bootstrapping any software
  • Allow module development in any dynamic language, not just Python
  • Be usable as non-root
  • Be the easiest IT automation system to use, ever.

Get Involved

  • Read Community Information for all kinds of ways to contribute to and interact with the project, including mailing list information and how to submit bug reports and code to Ansible.
  • All code submissions are done through pull requests. Take care to make sure no merge commits are in the submission, and use git rebase vs git merge for this reason. If submitting a large code change (other than modules), it's probably a good idea to join ansible-devel and talk about what you would like to do or add first and to avoid duplicate efforts. This not only helps everyone know what's going on, it also helps save time and effort if we decide some changes are needed.
  • Users list: ansible-project
  • Development list: ansible-devel
  • Announcement list: ansible-announce - read only
  • irc.freenode.net: #ansible

Branch Info

  • Releases are named after Led Zeppelin songs. (Releases prior to 2.0 were named after Van Halen songs.)
  • The devel branch corresponds to the release actively under development.
  • For releases 1.8 - 2.2, modules are kept in different repos, you'll want to follow core and extras
  • Various release-X.Y branches exist for previous releases.
  • We'd love to have your contributions, read Community Information for notes on how to get started.

Authors

Ansible was created by Michael DeHaan (michael.dehaan/gmail/com) and has contributions from over 1000 users (and growing). Thanks everyone!

Ansible is sponsored by Ansible, Inc

Licence

GNU Click on the Link to see the full text.