summaryrefslogtreecommitdiffstats
path: root/roles/openshift_certificate_expiry
Commit message (Collapse)AuthorAgeFilesLines
* Fix softlinks broken by d3fefc32a727fe3c13159c4e9fe4399f35b487a8Klaas Demter2018-01-261-1/+1
|
* Move more plugins to lib_utilsMichael Gugino2018-01-106-1182/+3
| | | | | | | This commit continues moving plugins into lib_utils. This commit does not move any plugins for add-on roles such as logging and metrics.
* Remove become statementsMichael Gugino2018-01-092-3/+0
| | | | | This commit removes become:no statements that break the installer in various ways.
* Relocate filter plugins to lib_utilsMichael Gugino2017-12-181-1/+2
| | | | | | | | | | | | | | This commit relocates filter_plugings to lib_utils, changes the namespacing to prevent unintended use of older versions that may be present in filter_plugins/ directory on existing installs. Add lib_utils to meta depends for roles Also consolidate some plugins into lib_utils from various other areas. Update rpm spec, obsolete plugin rpms.
* Playbook Consolidation - openshift-checksRussell Teague2017-11-161-24/+24
|
* Update openshift_cert_expiry for py3 support.Andrew Butcher2017-08-011-34/+14
|
* Fix parsing certs with very large serial numbersTim Bielawa2017-06-232-3/+23
| | | | | | | | | | | Certificates with large serial numbers (such as those from commercial vendors) previously failed to parse due to absent logic in the FakeOpenSSLCertificate parser. This would cause the module to abort and break any other roles depending on the cert expiry checking results. * Identifies large serials in HEX format for decimal conversion * Update unit tests to parse a large serial
* health check playbooks: relocate and expandLuke Meyer2017-05-221-24/+24
| | | | | | | | | | | | | | | | | | We are moving toward having adhoc post-install checks and so the "preflight" designation needs to be widened. Updated location to playbooks/byo/openshift-checks, added health check playbook, and updated README. Also included the certificate_expiry playbooks. Left behind symlinks and wrappers for existing checks. To conform with the direction of the rest of the repo, the openshift-checks playbooks are split into two directories, one under playbooks/common with the actual invocation and one under playbooks/byo for entrypoints that are just wrappers for the ones in common. Because the certificate_expiry playbooks are intended not just to be functional but to be examples that users modify, I did not split them similarly. That could happen later after discussion but for now I just left them whole under byo/openshift-checks/certificate_expiry.
* Remove vim configuration from Python filesRodolfo Carvalho2017-05-091-1/+0
| | | | | | | In a project where contributors are free to use whatever editor they want and we have linting tools that verify the proper formatting of Python files, it should not be required to have a vim-specific line in Python files.
* Merge pull request #3975 from sdodson/ansible_23_warningsOpenShift Bot2017-05-012-4/+4
|\ | | | | Merged by openshift-bot
| * Don't double quote when conditionsScott Dodson2017-05-012-4/+4
| |
| * Remove jinja template delimeters from when conditionsScott Dodson2017-05-012-4/+4
| | | | | | | | | | | | In ansible 2.3 "[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: {{ g_glusterfs_hosts is not defined }}"
* | Fix test compatibility with OpenSSL 1.1.0Pierre-Louis Bonicoli2017-04-282-3/+4
|/ | | | | | Since OpenSSL 1.1.0, default name options ('oneline') for 'x509' command include 'space_eq'. Explicitly enable 'oneline' in order to have one behaviour with all versions.
* Add example scheduled certificate checkPep Turró Mauri2017-04-061-16/+117
| | | | | | | | | | Additional certificate expiration check playbooks: - one that that uploads the generated reports to a location in the masters - one that uses custom report paths with timestamps OpenShift Job and ScheduledJob examples that use these playbooks run from a container to check cluster certificates from within the cluster itself.
* Use ansible.compat.six where possibleJason DeTiberus2017-03-091-2/+3
|
* Use six from ansible.module_utils for remote hostsJason DeTiberus2017-03-091-1/+1
|
* test fixes for openshift_certificates_expiryJason DeTiberus2017-03-028-349/+289
| | | | | | | | | | | | | | - create pytest fixtures for building certs at runtime - update tests to use the fixtures - add tests for load_and_handle_cert - fix py2/py3 encode/decode issues raised by tests - add get_extension_count method to fakeOpenSSLCertificate - avoid using a temp file for passing ssl certificate to openssl subprocess - other test tweaks: - exclude conftest.py and tests from coverage report - reduce the fail_under to 26%, since the tests being included were inflating our coverage
* Address cert expiry parsing review commentsTim Bielawa2017-02-212-8/+7
|
* Implement fake openssl cert classesTim Bielawa2017-02-216-16/+485
|
* Include rpm/git paths in expiry README.Tim Bielawa2017-02-101-21/+44
|
* Make the cert expiry playbooks runnableTim Bielawa2017-02-096-68/+1
|
* Fix yaml lint in easy-mode playbookTim Bielawa2017-01-182-2/+2
|
* [Cert Expiry] Add serial numbers, include example PBs, docsTim Bielawa2017-01-1711-107/+911
| | | | | | | | * Now includes cert serial numbers in JSON and HTML output * Docs are updated with explicit usage instructions * Each example playbook includes a link to the playbook and an example of how to run it * A graphic and copy of an HTML report are now included * Example JSON output has been updated
* More toxificationJason DeTiberus2017-01-101-11/+14
| | | | | | | | | | | | - Move pylint tests to tox - Move yamllint tests to tox - Create separate tox config (and setup.py) for root - bump ansible requirement - unify pylint config - add docs - remove git directory containing old testing tools - install python-six if not present for openshift-facts - add python-six as a dependency for openshift-ansible-utils
* python3 support, add tox for better local testing against multiple python ↵Jason DeTiberus2016-12-201-4/+8
| | | | versions
* Update the openshift-certificate-expiry README to reflect latestTim Bielawa2016-12-191-7/+13
| | | | changes
* Check embedded etcd certs now, tooTim Bielawa2016-12-151-4/+44
| | | | | * Addresses RFE in https://bugzilla.redhat.com/show_bug.cgi?id=1389264
* Include 'total' and 'ok' in check resultsTim Bielawa2016-12-152-1/+6
| | | | * Addresses https://bugzilla.redhat.com/show_bug.cgi?id=1389263
* update tests and flake8/pylint fixesJason DeTiberus2016-11-292-25/+2
|
* Don't freak out if the oc command doesn't exist.Tim Bielawa2016-10-201-0/+6
|
* Make the json template filter-driven.Tim Bielawa2016-10-206-32/+105
|
* Add JSON result CLI parsing notes to the READMETim Bielawa2016-10-201-4/+32
|
* The JSON result saving template now includes a summary of expired/warned ↵Tim Bielawa2016-10-201-1/+15
| | | | certs for easier parsing.
* Clean up lint and other little things (polish++)Tim Bielawa2016-10-204-111/+149
| | | | | | * Fix code lint * Prefix role variables with the role name per best practices * Add words to README
* Fix playbooks, update readme, update default varsTim Bielawa2016-10-205-27/+151
| | | | | | Fix 'make ci' system Add examples
* Refactor into a roleTim Bielawa2016-10-207-0/+871