-
Notifications
You must be signed in to change notification settings - Fork 23.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
openssl_certificate: deprecate assertonly provider #60623
openssl_certificate: deprecate assertonly provider #60623
Conversation
This comment has been minimized.
This comment has been minimized.
While testing this, I found a couple of bugs in the module. I'll push a PR later which fixes them. |
@@ -421,7 +466,98 @@ | |||
acme_challenge_path: /etc/ssl/challenges/ansible.com/ | |||
force: yes | |||
|
|||
# The following example shows one assertonly usage using all existing options for | |||
# assertonly, and shows how to emulate the behavior with the openssl_certificate_info, | |||
# openssl_csr_info, openssl_privatekey_info and assert modules: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
...and then you have a user that wants to ensure mode: u=rx
. ;-)
This is tough even with the stat
module.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it possible to use assertonly
to check this? I'm not sure whether that actually works.
Also, you could use the file
module with check_mode: yes
to see whether there would be a change, and assert
on that :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, the file
module in check_mode
seems like the way to go then. Thanks for the tip! Maybe we should add it here too (e.g. To check the additional parameters of this module also supported by the file module, you can use the file module in check_mode and see if the file is in the expected state.
)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
assertonly
does not care about file permissions. I've tested it with devel
, stable-2.8
, stable-2.7
and stable-2.6
. If mode
does not match the mode of the file in path
, it doesn't complain or change anything.
The promised bugfixes are in #60658. |
Once #60708 is merged, I'll update this PR to use the |
210790c
to
59cfa49
Compare
59cfa49
to
ecf7af3
Compare
Well, then let's shipit |
SUMMARY
Deprecates the
assertonly
provider ofopenssl_certificate
as described in #59972. Fixes #59972.ISSUE TYPE
COMPONENT NAME
openssl_certificate