Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

openssl_privatekey: add backup option #53593

Merged
merged 8 commits into from Mar 18, 2019

Conversation

Projects
None yet
4 participants
@felixfontein
Copy link
Contributor

felixfontein commented Mar 9, 2019

SUMMARY

Adds a backup option (similarly to the copy or template modules) and mention it as an option for paranoid/careless users. (Default is off.)

Fixes #32038.

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

openssl_privatekey

felixfontein added some commits Mar 9, 2019

@ansibot

This comment has been minimized.

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Mar 9, 2019

@ansibot ansibot added the test label Mar 9, 2019

@felixfontein felixfontein force-pushed the felixfontein:openssl_privatekey-backup branch from 75c0a0d to c3b9460 Mar 9, 2019

@felixfontein

This comment has been minimized.

Copy link
Contributor Author

felixfontein commented Mar 9, 2019

I had to pass module to all remove() functions to allow to call module.backup_local().

@felixfontein felixfontein referenced this pull request Mar 17, 2019

Open

Crypto issues #444

@@ -23,6 +23,11 @@
L(ECC,https://en.wikipedia.org/wiki/Elliptic-curve_cryptography)
private keys.
- Keys are generated in PEM format.
- "Please note that the module regenerates private keys if they don't match

This comment has been minimized.

@MarkusTeufelberger

MarkusTeufelberger Mar 17, 2019

Contributor
Suggested change
- "Please note that the module regenerates private keys if they don't match
- "Take note that the module regenerates private keys if they don't match

This comment has been minimized.

@felixfontein

felixfontein Mar 17, 2019

Author Contributor

What's wrong with "Please note"?

This comment has been minimized.

@MarkusTeufelberger

MarkusTeufelberger Mar 17, 2019

Contributor

While I appreciate the courtesy, it raises the question if/where we should write "please" elsewhere and how often.

MarkusTeufelberger and others added some commits Mar 17, 2019

Update lib/ansible/modules/crypto/openssl_privatekey.py
Co-Authored-By: felixfontein <felix@fontein.de>
Update lib/ansible/modules/crypto/openssl_privatekey.py
Co-Authored-By: felixfontein <felix@fontein.de>
Update lib/ansible/modules/crypto/openssl_privatekey.py
Co-Authored-By: felixfontein <felix@fontein.de>
@@ -325,6 +352,8 @@ def dump(self):
'changed': self.changed,
'fingerprint': self.fingerprint,
}
if self.backup_path:

This comment has been minimized.

@MarkusTeufelberger

MarkusTeufelberger Mar 17, 2019

Contributor

Should this field be present in check mode if the key would be regenerated?

This comment has been minimized.

@felixfontein

felixfontein Mar 17, 2019

Author Contributor

Good question. I'll take a look what copy/template do.

This comment has been minimized.

@felixfontein

felixfontein Mar 17, 2019

Author Contributor

Turns out copy does not return it in check mode, and template doesn't return anything (neither in check mode nor in normal mode) except the standard changed result. So I guess we don't need to return it for check mode.

This comment has been minimized.

@MarkusTeufelberger

MarkusTeufelberger Mar 17, 2019

Contributor

... or we need to file issues against these 2 modules. ;-)

I guess it's fine either way though, so let's keep it similar to copy for now.

@ansibot ansibot removed the needs_triage label Mar 17, 2019

@MarkusTeufelberger

This comment has been minimized.

Copy link
Contributor

MarkusTeufelberger commented Mar 17, 2019

shipit

@ansibot ansibot added shipit and removed community_review labels Mar 17, 2019

@gundalow gundalow merged commit e00f315 into ansible:devel Mar 18, 2019

1 check passed

Shippable Run 114350 status is SUCCESS.
Details

@felixfontein felixfontein deleted the felixfontein:openssl_privatekey-backup branch Mar 18, 2019

@felixfontein

This comment has been minimized.

Copy link
Contributor Author

felixfontein commented Mar 18, 2019

@MarkusTeufelberger thanks for reviewing!
@gundalow thanks for merging!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.