Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

openssl_certificate: Handle dump() in check_mode #38386

Merged
merged 1 commit into from
Apr 9, 2018
Merged

openssl_certificate: Handle dump() in check_mode #38386

merged 1 commit into from
Apr 9, 2018

Conversation

Spredzy
Copy link
Contributor

@Spredzy Spredzy commented Apr 6, 2018

SUMMARY

Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.

Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.

NoneType' object has no attribute 'get_notBefore'

The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME
  • openssl_certificate
ANSIBLE VERSION
  • devel
ADDITIONAL INFORMATION

Fixes: #37867

@ansibot
Copy link
Contributor

ansibot commented Apr 6, 2018

cc @MarkusTeufelberger
click here for bot help

@ansibot ansibot added bug This issue/PR relates to a bug. community_review In order to be merged, this PR must follow the community review workflow. module This issue/PR relates to a module. needs_triage Needs a first human triage before being processed. support:community This issue/PR relates to code supported by the Ansible community. test This PR relates to tests. labels Apr 6, 2018
@mkrizek mkrizek removed the needs_triage Needs a first human triage before being processed. label Apr 6, 2018
@ansibot
Copy link
Contributor

ansibot commented Apr 6, 2018

The test ansible-test sanity --test validate-modules [explain] failed with 1 error:

lib/ansible/modules/crypto/openssl_certificate.py:9:0: E106 Import found before documentation variables. All imports must appear below DOCUMENTATION/EXAMPLES/RETURN/ANSIBLE_METADATA.

click here for bot help

@ansibot ansibot added needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. and removed community_review In order to be merged, this PR must follow the community review workflow. labels Apr 6, 2018
@Spredzy
openssl_certificate: Handle dump() in check_mode
62fade4 
Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.

Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.

>  NoneType' object has no attribute 'get_notBefore'

The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.
@ansibot ansibot added community_review In order to be merged, this PR must follow the community review workflow. and removed needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Apr 6, 2018
@robertdebock
Copy link
Contributor

I've verified this code, works well for me.

robertdebock
robertdebock approved these changes Apr 6, 2018
View reviewed changes
Copy link
Contributor

@robertdebock robertdebock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I ran this code with ansible-2.5.0 (and just this file modified) and it works for me:

ansible --version
ansible 2.5.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/robertdb/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.14 (default, Mar 14 2018, 13:36:31) [GCC 7.3.1 20180303 (Red Hat 7.3.1-5)]

@MarkusTeufelberger
Copy link
Contributor

shipit

@ansibot ansibot added shipit This PR is ready to be merged by Core and removed community_review In order to be merged, this PR must follow the community review workflow. labels Apr 8, 2018
@gundalow gundalow merged commit 99497ce into ansible:devel Apr 9, 2018
gundalow pushed a commit to gundalow/ansible that referenced this pull request Apr 9, 2018
@Spredzy @gundalow
openssl_certificate: Handle dump() in check_mode (ansible#38386)
58c51be 
Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.

Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.

>  NoneType' object has no attribute 'get_notBefore'

The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.
(cherry picked from commit 99497ce)
@gundalow gundalow mentioned this pull request Apr 9, 2018
Merged
@gundalow
Copy link
Contributor

gundalow commented Apr 9, 2018

Merged into devel
PR for stable-2.5: #38462 which I'll merge once green

Thanks for code & reviews

gundalow added a commit that referenced this pull request Apr 9, 2018
@gundalow
Backport/2.5/38386 (#38462)
4f0389a 
* openssl_certificate: Handle dump() in check_mode (#38386)

Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.

Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.

>  NoneType' object has no attribute 'get_notBefore'

The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.
(cherry picked from commit 99497ce)
ilicmilan pushed a commit to ilicmilan/ansible that referenced this pull request Nov 7, 2018
@Spredzy @ilicmilan
openssl_certificate: Handle dump() in check_mode (ansible#38386)
9c89714 
Currently, when ones run the module in check_mode it tries to retrieve
values from the actual certificate generated in the generate() function.

Since in check_mode we call dump() without calling generate(), self.cert
is None, leading to self.cert.get_notBefore(), self.cert.get_notAfter()
and self.cert.get_serial_number() raising an error.

>  NoneType' object has no attribute 'get_notBefore'

The solution is to have two way to handle dump() method, whether its run
in check_mode=True or check_mode=False leading to different way the
information is retrieved.
@dagwieers dagwieers added the crypto Crypto community (ACME, openssl, letsencrypt) label Feb 7, 2019
@ansible ansible locked and limited conversation to collaborators Apr 27, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@robertdebock robertdebock robertdebock approved these changes

Assignees
No one assigned
Labels
bug This issue/PR relates to a bug. crypto Crypto community (ACME, openssl, letsencrypt) module This issue/PR relates to a module. shipit This PR is ready to be merged by Core support:community This issue/PR relates to code supported by the Ansible community. test This PR relates to tests.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

openssl_certificate on Ansible 2.5 fails: 'NoneType' object has no attribute 'get_notBefore'
7 participants
@Spredzy @ansibot @robertdebock @MarkusTeufelberger @gundalow @dagwieers @mkrizek