Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update known_hosts module to better handle @cert-authority keys #70340

Open
wants to merge 1 commit into
base: devel
Choose a base branch
from

Conversation

zoredache
Copy link
Contributor

@zoredache zoredache commented Jun 27, 2020

SUMMARY

Fixes #70339
An attempt at fixing the known_hosts bug I submitted, plus updating tests to better describe the problem.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

known_hosts

ADDITIONAL INFORMATION

@ansibot
Copy link
Contributor

ansibot commented Jun 27, 2020

@zoredache This PR contains @ mentions in at least one commit message. Those mentions can cause cascading notifications through GitHub and need to be removed. Please squash or amend your commits to remove the mentions.

click here for bot help

@ansibot ansibot added affects_2.11 bug module needs_revision needs_triage support:core system labels Jun 27, 2020
Copy link
Member

@Akasurde Akasurde left a comment

Can you please add a changelog entry for this change here?

@zoredache zoredache force-pushed the known_hosts_ca_keys branch 2 times, most recently from 408396a to f336987 Compare Jun 27, 2020
@zoredache zoredache requested a review from Akasurde Jun 27, 2020
@ansibot ansibot added the support:community label Jun 27, 2020
@samdoran samdoran added the ci_verified label Jun 29, 2020
@samdoran samdoran removed the needs_triage label Jun 30, 2020
@ansibot ansibot added the stale_ci label Jul 8, 2020
lib/ansible/modules/known_hosts.py Outdated Show resolved Hide resolved
@zoredache
Copy link
Contributor Author

zoredache commented Jul 23, 2020

Updated to remove the extraneous bits Akasurde noticed. Also added some tests for @revoked signed host keys.

@ansibot ansibot removed ci_verified stale_ci labels Jul 23, 2020
@samdoran samdoran added the ci_verified label Jul 24, 2020
@ansibot ansibot added the stale_ci label Aug 1, 2020
@Akasurde
Copy link
Member

Akasurde commented Aug 10, 2020

@zoredache Can you please take a look into this failure - https://app.shippable.com/github/ansible/ansible/runs/172199/38/console ? Thanks.

@ansibot ansibot removed ci_verified stale_ci labels Aug 10, 2020
@samdoran samdoran added the ci_verified label Aug 10, 2020
@zoredache
Copy link
Contributor Author

zoredache commented Aug 10, 2020

@Akasurde, I could use some assistance with out to handle that. I am not certain, but I suspect that is CentOS instance is running the default version of OpenSSH for Centos6, which was 5.3 (release 2009-10-01). The functionality to support the certificates was added in 5.4 (release 2010-03-08).

Is there some obvious way to just not run the tests on Centos6 that hasn't been updated to a newer version of OpenSSH? I assume there must be some way to not run the tests on systems where a module wouldn't work?

@ansibot
Copy link
Contributor

ansibot commented Aug 10, 2020

@zoredache This PR was evaluated as a potentially problematic PR for the following reasons:

  • More than 50 changed files.
  • More than 50 commits.

Such PR can only be merged by human. Contact a Core team member to review this PR on IRC: #ansible-devel on irc.freenode.net

click here for bot help

@ansibot
Copy link
Contributor

ansibot commented Aug 10, 2020

@zoredache The following file(s) in this pull request are bundled copies of modules used to support incidental tests and should not be updated:

  • test/support/integration/plugins/module_utils/azure_rm_common.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/module_utils/azure_rm_common_rest.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/_azure_rm_mariadbconfiguration_facts.py
    • Possible match in the following collections: community.azure
  • test/support/integration/plugins/modules/_azure_rm_mariadbdatabase_facts.py
    • Possible match in the following collections: community.azure
  • test/support/integration/plugins/modules/_azure_rm_mariadbfirewallrule_facts.py
    • Possible match in the following collections: community.azure
  • test/support/integration/plugins/modules/_azure_rm_mariadbserver_facts.py
    • Possible match in the following collections: community.azure
  • test/support/integration/plugins/modules/_azure_rm_resource_facts.py
    • Possible match in the following collections: community.azure
  • test/support/integration/plugins/modules/_azure_rm_webapp_facts.py
    • Possible match in the following collections: community.azure
  • test/support/integration/plugins/modules/azure_rm_appserviceplan.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_functionapp.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_functionapp_info.py
    • Possible match in the following collections: azure.azcollection, community.azure
  • test/support/integration/plugins/modules/azure_rm_mariadbconfiguration.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_mariadbconfiguration_info.py
    • Possible match in the following collections: azure.azcollection, community.azure
  • test/support/integration/plugins/modules/azure_rm_mariadbdatabase.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_mariadbdatabase_info.py
    • Possible match in the following collections: azure.azcollection, community.azure
  • test/support/integration/plugins/modules/azure_rm_mariadbfirewallrule.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_mariadbfirewallrule_info.py
    • Possible match in the following collections: azure.azcollection, community.azure
  • test/support/integration/plugins/modules/azure_rm_mariadbserver.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_mariadbserver_info.py
    • Possible match in the following collections: azure.azcollection, community.azure
  • test/support/integration/plugins/modules/azure_rm_resource.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_resource_info.py
    • Possible match in the following collections: azure.azcollection, community.azure
  • test/support/integration/plugins/modules/azure_rm_storageaccount.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_webapp.py
    • Possible match in the following collections: azure.azcollection
  • test/support/integration/plugins/modules/azure_rm_webapp_info.py
    • Possible match in the following collections: azure.azcollection, community.azure
  • test/support/integration/plugins/modules/azure_rm_webappslot.py
    • Possible match in the following collections: azure.azcollection

Because the original module(s) have been migrated to collections, please re-submit this pull request in relevant collection repositories, typically under https://github.com/ansible-collections.

If you need further assistence with identifying the correct repository, please stop by IRC or the mailing list:

click here for bot help

@ansibot ansibot added needs_rebase and removed ci_verified labels Aug 10, 2020
@ansibot ansibot removed the needs_rebase label Aug 10, 2020
@zoredache
Copy link
Contributor Author

zoredache commented Aug 10, 2020

@zoredache This PR was evaluated as a potentially problematic PR for the following reasons:

Yup, sorry, I was trying to rebase my branch, but merged accidentally, I have correctly reset and re pushed with only my changes.

@samdoran samdoran added the ci_verified label Aug 12, 2020
@ansibot ansibot added the stale_ci label Aug 20, 2020
@ansibot ansibot added pre_azp and removed ci_verified stale_ci labels Dec 10, 2020
@ansibot ansibot removed the support:community label Mar 4, 2021
@eqrx eqrx added the ci_verified label Mar 5, 2021
@ansibot ansibot removed the ci_verified label Mar 5, 2021
@samdoran
Copy link
Contributor

samdoran commented Mar 17, 2021

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Mar 17, 2021

Azure Pipelines successfully started running 1 pipeline(s).

@ansibot ansibot removed the pre_azp label Mar 17, 2021
@samdoran samdoran added the ci_verified label Mar 19, 2021
@ansibot ansibot added the stale_ci label Mar 27, 2021
@s-hertel s-hertel self-requested a review Aug 6, 2021
@bcoca
Copy link
Member

bcoca commented Jun 1, 2022

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Jun 1, 2022

Azure Pipelines successfully started running 1 pipeline(s).

@ansibot ansibot removed ci_verified stale_ci labels Jun 1, 2022
@mattclay mattclay added the ci_verified label Jun 2, 2022
@ansibot ansibot added the stale_ci label Jun 10, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
affects_2.11 bug ci_verified has_issue module needs_revision stale_ci support:core system
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants