Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package ansible-linux-system-roles for
openSUSE:Factory checked in at 2026-04-29 19:18:18
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ansible-linux-system-roles (Old)
and /work/SRC/openSUSE:Factory/.ansible-linux-system-roles.new.30200 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ansible-linux-system-roles"
Wed Apr 29 19:18:18 2026 rev:12 rq:1349853 version:1.2.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/ansible-linux-system-roles/ansible-linux-system-roles.changes
2026-03-12 22:23:12.412500529 +0100
+++
/work/SRC/openSUSE:Factory/.ansible-linux-system-roles.new.30200/ansible-linux-system-roles.changes
2026-04-29 19:19:21.528805075 +0200
@@ -1,0 +2,9 @@
+Tue Apr 28 15:23:51 UTC 2026 - Harshvardhan Sharma
<[email protected]>
+
+- Update to version 1.2.0: add new roles and update existing
+- Add postgresql role 1.5.1
+- Add kernel_settings role 1.3.8 (SLE 16 only)
+- Update certificate role 1.4.4 -> 1.5.0:
+ - Add openSUSE Leap platform support
+
+-------------------------------------------------------------------
Old:
----
certificate-1.4.4.tar.gz
New:
----
certificate-1.5.0.tar.gz
kernel_settings-1.3.8.tar.gz
postgresql-1.5.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ansible-linux-system-roles.spec ++++++
--- /var/tmp/diff_new_pack.HwFeR9/_old 2026-04-29 19:19:23.172872428 +0200
+++ /var/tmp/diff_new_pack.HwFeR9/_new 2026-04-29 19:19:23.176872592 +0200
@@ -27,13 +27,15 @@
%global mssql_version 2.6.6
%global suseconnect_version 1.0.1
%global auto_maintenance_version 1.120.5
-%global certificate_version 1.4.4
+%global certificate_version 1.5.0
%global selinux_version 1.11.1
%global podman_version 1.9.2
%global cockpit_version 1.7.4
%global aide_version 1.2.5
%global postfix_version 1.6.6
%global keylime_server_version 1.2.4
+%global postgresql_version 1.5.1
+%global kernel_settings_version 1.3.8
%if 0%{?suse_version} >= 1600
%global sle16 1
@@ -45,7 +47,7 @@
%define ansible_collection_path
%{_datadir}/ansible/collections/ansible_collections/suse/%{ansible_collection_name}
Name: ansible-linux-system-roles
-Version: 1.1.0
+Version: 1.2.0
Release: 0
Summary: Collection of Ansible roles for Linux system management
License: GPL-3.0-or-later
@@ -61,13 +63,15 @@
Source8:
%{url}/ansible-suseconnect/archive/refs/tags/%{suseconnect_version}-suse.tar.gz#/suseconnect-%{suseconnect_version}.tar.gz
Source9:
%{url}/ansible-auto_maintenance/archive/refs/tags/%{auto_maintenance_version}-suse.tar.gz#/auto_maintenance-%{auto_maintenance_version}.tar.gz
Source10:
%{url}/ansible-postfix/archive/refs/tags/%{postfix_version}-suse.tar.gz#/postfix-%{postfix_version}.tar.gz
+Source11:
%{url}/ansible-postgresql/archive/refs/tags/%{postgresql_version}-suse.tar.gz#/postgresql-%{postgresql_version}.tar.gz
%if %{sle16}
-Source11:
%{url}/ansible-certificate/archive/refs/tags/%{certificate_version}-suse.tar.gz#/certificate-%{certificate_version}.tar.gz
-Source12:
%{url}/ansible-selinux/archive/refs/tags/%{selinux_version}-suse.tar.gz#/selinux-%{selinux_version}.tar.gz
-Source13:
%{url}/ansible-podman/archive/refs/tags/%{podman_version}-suse.tar.gz#/podman-%{podman_version}.tar.gz
-Source14:
%{url}/ansible-cockpit/archive/refs/tags/%{cockpit_version}-suse.tar.gz#/cockpit-%{cockpit_version}.tar.gz
-Source15:
%{url}/ansible-aide/archive/refs/tags/%{aide_version}-suse.tar.gz#/aide-%{aide_version}.tar.gz
-Source16:
%{url}/ansible-keylime_server/archive/refs/tags/%{keylime_server_version}-suse.tar.gz#/keylime_server-%{keylime_server_version}.tar.gz
+Source12:
%{url}/ansible-certificate/archive/refs/tags/%{certificate_version}-suse.tar.gz#/certificate-%{certificate_version}.tar.gz
+Source13:
%{url}/ansible-selinux/archive/refs/tags/%{selinux_version}-suse.tar.gz#/selinux-%{selinux_version}.tar.gz
+Source14:
%{url}/ansible-podman/archive/refs/tags/%{podman_version}-suse.tar.gz#/podman-%{podman_version}.tar.gz
+Source15:
%{url}/ansible-cockpit/archive/refs/tags/%{cockpit_version}-suse.tar.gz#/cockpit-%{cockpit_version}.tar.gz
+Source16:
%{url}/ansible-aide/archive/refs/tags/%{aide_version}-suse.tar.gz#/aide-%{aide_version}.tar.gz
+Source17:
%{url}/ansible-keylime_server/archive/refs/tags/%{keylime_server_version}-suse.tar.gz#/keylime_server-%{keylime_server_version}.tar.gz
+Source18:
%{url}/ansible-kernel_settings/archive/refs/tags/%{kernel_settings_version}-suse.tar.gz#/kernel_settings-%{kernel_settings_version}.tar.gz
%endif
Source999: galaxy.yml
@@ -101,6 +105,7 @@
"suseconnect:%{suseconnect_version}"
"auto_maintenance:%{auto_maintenance_version}"
"postfix:%{postfix_version}"
+ "postgresql:%{postgresql_version}"
%if %{sle16}
"certificate:%{certificate_version}"
"selinux:%{selinux_version}"
@@ -108,6 +113,7 @@
"cockpit:%{cockpit_version}"
"aide:%{aide_version}"
"keylime_server:%{keylime_server_version}"
+ "kernel_settings:%{kernel_settings_version}"
%endif
)
++++++ certificate-1.4.4.tar.gz -> certificate-1.5.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/ansible-lint.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/ansible-lint.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/ansible-lint.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/ansible-lint.yml
2026-03-16 19:09:07.000000000 +0100
@@ -18,6 +18,9 @@
contents: read
jobs:
ansible_lint:
+ if: |
+ !((github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]')) ||
+ (github.event_name == 'push' &&
contains(github.event.head_commit.message, '[citest_skip]')))
runs-on: ubuntu-latest
steps:
- name: Update pip, git
@@ -32,7 +35,7 @@
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
- pip3 install
"git+https://github.com/linux-system-roles/[email protected]";
+ pip3 install
"git+https://github.com/linux-system-roles/[email protected]";
- name: Convert role to collection format
id: collection
@@ -41,7 +44,7 @@
TOXENV=collection lsr_ci_runtox
coll_dir=".tox/ansible_collections/$LSR_ROLE2COLL_NAMESPACE/$LSR_ROLE2COLL_NAME"
# cleanup after collection conversion
- rm -rf "$coll_dir/.ansible" .tox/ansible-plugin-scan
+ rm -rf "$coll_dir/.ansible" .tox/ansible-plugin-scan
"$coll_dir/.collection"
# ansible-lint action requires a .git directory???
# https://github.com/ansible/ansible-lint/blob/main/action.yml#L45
mkdir -p "$coll_dir/.git"
@@ -76,7 +79,7 @@
echo "coll_req_file=$coll_req_file" >> $GITHUB_OUTPUT
- name: Run ansible-lint
- uses: ansible/ansible-lint@v25
+ uses: ansible/ansible-lint@v26
with:
working_directory: ${{ github.workspace
}}/.tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{
env.LSR_ROLE2COLL_NAME }}
requirements_file: ${{ steps.collection.outputs.coll_req_file }}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/ansible-managed-var-comment.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/ansible-managed-var-comment.yml
---
old/ansible-certificate-1.4.4-suse/.github/workflows/ansible-managed-var-comment.yml
2026-01-06 16:45:47.000000000 +0100
+++
new/ansible-certificate-1.5.0-suse/.github/workflows/ansible-managed-var-comment.yml
2026-03-16 19:09:07.000000000 +0100
@@ -15,6 +15,9 @@
contents: read
jobs:
ansible_managed_var_comment:
+ if: |
+ !((github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]')) ||
+ (github.event_name == 'push' &&
contains(github.event.head_commit.message, '[citest_skip]')))
runs-on: ubuntu-latest
steps:
- name: Update pip, git
@@ -30,7 +33,7 @@
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
- pip3 install
"git+https://github.com/linux-system-roles/[email protected]";
+ pip3 install
"git+https://github.com/linux-system-roles/[email protected]";
- name: Run ansible-plugin-scan
run: |
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/ansible-test.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/ansible-test.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/ansible-test.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/ansible-test.yml
2026-03-16 19:09:07.000000000 +0100
@@ -18,6 +18,9 @@
contents: read
jobs:
ansible_test:
+ if: |
+ !((github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]')) ||
+ (github.event_name == 'push' &&
contains(github.event.head_commit.message, '[citest_skip]')))
runs-on: ubuntu-latest
steps:
- name: Update pip, git
@@ -33,7 +36,7 @@
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
- pip3 install
"git+https://github.com/linux-system-roles/[email protected]";
+ pip3 install
"git+https://github.com/linux-system-roles/[email protected]";
- name: Convert role to collection format
run: |
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/build_docs.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/build_docs.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/build_docs.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/build_docs.yml
2026-03-16 19:09:07.000000000 +0100
@@ -91,7 +91,7 @@
run: cp ${{ env.RELEASE_VERSION }}/README.html docs/index.html
- name: Upload README.html as an artifact
- uses: actions/upload-artifact@v6
+ uses: actions/upload-artifact@v7
with:
name: README.html
path: ${{ env.RELEASE_VERSION }}/README.html
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/codeql.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/codeql.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/codeql.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/codeql.yml
2026-03-16 19:09:07.000000000 +0100
@@ -14,6 +14,9 @@
- cron: 20 17 * * 4
jobs:
analyze:
+ if: |
+ !((github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]')) ||
+ (github.event_name == 'push' &&
contains(github.event.head_commit.message, '[citest_skip]')))
name: Analyze
runs-on: ubuntu-latest
permissions:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/codespell.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/codespell.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/codespell.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/codespell.yml
2026-03-16 19:09:07.000000000 +0100
@@ -7,6 +7,8 @@
contents: read
jobs:
codespell:
+ if: |
+ !(github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]'))
name: Check for spelling errors
runs-on: ubuntu-latest
steps:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/markdownlint.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/markdownlint.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/markdownlint.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/markdownlint.yml
2026-03-16 19:09:07.000000000 +0100
@@ -16,6 +16,9 @@
contents: read
jobs:
markdownlint:
+ if: |
+ !((github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]')) ||
+ (github.event_name == 'push' &&
contains(github.event.head_commit.message, '[citest_skip]')))
runs-on: ubuntu-latest
steps:
- name: Update pip, git
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/python-unit-test.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/python-unit-test.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/python-unit-test.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/python-unit-test.yml
2026-03-16 19:09:07.000000000 +0100
@@ -16,6 +16,9 @@
contents: read
jobs:
python:
+ if: |
+ !((github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]')) ||
+ (github.event_name == 'push' &&
contains(github.event.head_commit.message, '[citest_skip]')))
strategy:
matrix:
pyver_os:
@@ -67,7 +70,7 @@
tox=tox
virtualenv=virtualenv
fi
- pip install "$tox" "$virtualenv"
"git+https://github.com/linux-system-roles/[email protected]";
+ pip install "$tox" "$virtualenv"
"git+https://github.com/linux-system-roles/[email protected]";
# If you have additional OS dependency packages e.g. libcairo2-dev
# then put them in .github/config/ubuntu-requirements.txt, one
# package per line.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/qemu-kvm-integration-tests.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/qemu-kvm-integration-tests.yml
---
old/ansible-certificate-1.4.4-suse/.github/workflows/qemu-kvm-integration-tests.yml
2026-01-06 16:45:47.000000000 +0100
+++
new/ansible-certificate-1.5.0-suse/.github/workflows/qemu-kvm-integration-tests.yml
2026-03-16 19:09:07.000000000 +0100
@@ -18,6 +18,9 @@
statuses: write
jobs:
scenario:
+ if: |
+ !((github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]')) ||
+ (github.event_name == 'push' &&
contains(github.event.head_commit.message, '[citest_skip]')))
runs-on: ubuntu-latest
strategy:
@@ -25,25 +28,26 @@
matrix:
scenario:
# QEMU
- - { image: "centos-9", env: "qemu-ansible-core-2.16" }
- - { image: "centos-10", env: "qemu-ansible-core-2.17" }
- - { image: "fedora-42", env: "qemu-ansible-core-2.19" }
- - { image: "fedora-43", env: "qemu-ansible-core-2.19" }
- - { image: "leap-15.6", env: "qemu-ansible-core-2.18" }
+ - { image: "centos-9", env: "qemu-ansible-core-2-16" }
+ - { image: "centos-10", env: "qemu-ansible-core-2-17" }
+ - { image: "fedora-42", env: "qemu-ansible-core-2-19" }
+ - { image: "fedora-43", env: "qemu-ansible-core-2-20" }
+ - { image: "leap-15.6", env: "qemu-ansible-core-2-18" }
# container
- - { image: "centos-9", env: "container-ansible-core-2.16" }
- - { image: "centos-9-bootc", env: "container-ansible-core-2.16" }
+ - { image: "centos-9", env: "container-ansible-core-2-16" }
+ - { image: "centos-9-bootc", env: "container-ansible-core-2-16" }
# broken on non-running dbus
- # - { image: "centos-10", env: "container-ansible-core-2.17" }
- - { image: "centos-10-bootc", env: "container-ansible-core-2.17" }
- - { image: "fedora-42", env: "container-ansible-core-2.17" }
- - { image: "fedora-43", env: "container-ansible-core-2.19" }
- - { image: "fedora-42-bootc", env: "container-ansible-core-2.17" }
- - { image: "fedora-43-bootc", env: "container-ansible-core-2.19" }
+ # - { image: "centos-10", env: "container-ansible-core-2-17" }
+ - { image: "centos-10-bootc", env: "container-ansible-core-2-17" }
+ - { image: "fedora-42", env: "container-ansible-core-2-17" }
+ - { image: "fedora-43", env: "container-ansible-core-2-20" }
+ - { image: "fedora-42-bootc", env: "container-ansible-core-2-17" }
+ - { image: "fedora-43-bootc", env: "container-ansible-core-2-20" }
env:
TOX_ARGS: "--skip-tags tests::infiniband,tests::nvme,tests::scsi"
+ ANSIBLE_INJECT_FACT_VARS: "false"
steps:
- name: Checkout repo
@@ -71,7 +75,7 @@
# bootc build support (in buildah) has a separate flag
if [ "${{ matrix.scenario.image }}" != "$image" ]; then
- if ! yq -e '.galaxy_info.galaxy_tags[] | select(. ==
"containerbuild")' meta/main.yml; then
+ if ! yq -e '.galaxy_info.galaxy_tags[] | select(. ==
"containerbuild")' meta/main.yml; then
supported=
fi
else
@@ -106,7 +110,7 @@
python3 -m pip install --upgrade pip
sudo apt update
sudo apt install -y --no-install-recommends git ansible-core
genisoimage qemu-system-x86
- pip3 install
"git+https://github.com/linux-system-roles/[email protected]";
+ pip3 install
"git+https://github.com/linux-system-roles/[email protected]";
# HACK: Drop this when moving this workflow to 26.04 LTS
- name: Update podman to 5.x for compatibility with
bootc-image-builder's podman 5
@@ -171,10 +175,9 @@
if: steps.check_platform.outputs.supported &&
startsWith(matrix.scenario.env, 'container')
run: |
set -euo pipefail
- # HACK: debug.py/profile.py setup is broken
- export LSR_CONTAINER_PROFILE=false
- export LSR_CONTAINER_PRETTY=false
rc=0
+ # we cannot skip these on the first test
+ export SKIP_REQUIREMENTS=false
for t in tests/tests_*.yml; do
if tox -e ${{ matrix.scenario.env }} -- --image-name ${{
matrix.scenario.image }} $t > ${t}.log 2>&1; then
echo "PASS: $(basename $t)"
@@ -184,6 +187,8 @@
mv "${t}.log" "${t}-FAIL.log"
rc=1
fi
+ # we can skip these on subsequent runs
+ export SKIP_REQUIREMENTS=true
done
exit $rc
@@ -211,7 +216,7 @@
- name: Upload test logs on failure
if: failure()
- uses: actions/upload-artifact@v6
+ uses: actions/upload-artifact@v7
with:
name: "logs-${{ matrix.scenario.image }}-${{ matrix.scenario.env }}"
path: |
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/test_converting_readme.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/test_converting_readme.yml
---
old/ansible-certificate-1.4.4-suse/.github/workflows/test_converting_readme.yml
2026-01-06 16:45:47.000000000 +0100
+++
new/ansible-certificate-1.5.0-suse/.github/workflows/test_converting_readme.yml
2026-03-16 19:09:07.000000000 +0100
@@ -15,6 +15,9 @@
contents: read
jobs:
test_converting_readme:
+ if: |
+ !((github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]')) ||
+ (github.event_name == 'push' &&
contains(github.event.head_commit.message, '[citest_skip]')))
runs-on: ubuntu-latest
permissions:
contents: write
@@ -40,7 +43,7 @@
--output README.html README.md
- name: Upload README.html as an artifact
- uses: actions/upload-artifact@v6
+ uses: actions/upload-artifact@v7
with:
name: README.html
path: README.html
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/tft.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/tft.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/tft.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/tft.yml
2026-03-16 19:09:07.000000000 +0100
@@ -72,8 +72,8 @@
meta_main=meta/main.yml
# All Fedora are supported, add latest Fedora versions to
supported_platforms
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi fedora$;
then
- supported_platforms+=" Fedora-41"
supported_platforms+=" Fedora-42"
+ supported_platforms+=" Fedora-43"
fi
# Specific Fedora versions supported
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qiP
'fedora\d+$'; then
@@ -98,21 +98,22 @@
fail-fast: false
matrix:
include:
- - platform: Fedora-41
- ansible_version: 2.17
+ # Ensure ansible version is a string!
- platform: Fedora-42
- ansible_version: 2.19
+ ansible_version: "2.19"
+ - platform: Fedora-43
+ ansible_version: "2.20"
- platform: CentOS-7-latest
- ansible_version: 2.9
+ ansible_version: "2.9"
- platform: CentOS-Stream-8
- ansible_version: 2.9
+ ansible_version: "2.9"
# On CentOS-Stream-8, latest supported Ansible is 2.16
- platform: CentOS-Stream-8
- ansible_version: 2.16
+ ansible_version: "2.16"
- platform: CentOS-Stream-9
- ansible_version: 2.17
+ ansible_version: "2.17"
- platform: CentOS-Stream-10
- ansible_version: 2.17
+ ansible_version: "2.17"
runs-on: ubuntu-latest
env:
ARTIFACTS_DIR_NAME: "tf_${{ github.event.repository.name }}-${{
github.event.issue.number }}_\
@@ -168,6 +169,7 @@
SR_ARTIFACTS_DIR=${{ steps.set_vars.outputs.ARTIFACTS_DIR }};\
SR_TEST_LOCAL_CHANGES=false;\
SR_LSR_USER=${{ vars.SR_LSR_USER }};\
+ SR_ANSIBLE_INJECT_FACT_VARS=false;\
SR_ARTIFACTS_URL=${{ steps.set_vars.outputs.ARTIFACTS_URL }}"
# Note that LINUXSYSTEMROLES_SSH_KEY must be single-line, TF doesn't
read multi-line variables fine.
secrets: "SR_LSR_DOMAIN=${{ secrets.SR_LSR_DOMAIN }};\
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/.github/workflows/woke.yml
new/ansible-certificate-1.5.0-suse/.github/workflows/woke.yml
--- old/ansible-certificate-1.4.4-suse/.github/workflows/woke.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/.github/workflows/woke.yml
2026-03-16 19:09:07.000000000 +0100
@@ -5,6 +5,8 @@
- pull_request
jobs:
woke:
+ if: |
+ !(github.event_name == 'pull_request' &&
contains(github.event.pull_request.title, '[citest_skip]'))
name: Detect non-inclusive language
runs-on: ubuntu-latest
steps:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/CHANGELOG.md
new/ansible-certificate-1.5.0-suse/CHANGELOG.md
--- old/ansible-certificate-1.4.4-suse/CHANGELOG.md 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/CHANGELOG.md 2026-03-16
19:09:07.000000000 +0100
@@ -1,6 +1,28 @@
Changelog
=========
+[1.5.0] - 2026-03-16
+--------------------
+
+### New Features
+
+- feat: Add openSUSE Leap vars (#317)
+
+### Other Changes
+
+- ci: use ANSIBLE_INJECT_FACT_VARS=false by default for testing (#307)
+- ci: bump ansible/ansible-lint from 25 to 26 (#308)
+- ci: skip most CI checks if title contains citest skip [citest_skip] (#309)
+- ci: ansible-lint - remove .collection directory from converted collection
[citest_skip] (#310)
+- ci: tox-lsr version 3.15.0 [citest_skip] (#311)
+- ci: Add Fedora 43, remove Fedora 41 from Testing Farm CI (#312)
+- ci: Ansible version must be string, not float [citest_skip] (#313)
+- ci: bump actions/upload-artifact from 6 to 7 (#314)
+- ci: tox-lsr 3.16.0 - fix qemu tox test failures - rename to
qemu-ansible-core-X-Y [citest_skip] (#315)
+- ci: tox-lsr 3.17.0 - container test improvements, use ansible 2.20 for
fedora 43 [citest_skip] (#316)
+- refactor: fix python black formatting (#318)
+- ci: tox-lsr 3.17.1 - previous update broke container tests, this fixes them
[citest_skip] (#319)
+
[1.4.4] - 2026-01-06
--------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/README-ostree.md
new/ansible-certificate-1.5.0-suse/README-ostree.md
--- old/ansible-certificate-1.4.4-suse/README-ostree.md 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/README-ostree.md 2026-03-16
19:09:07.000000000 +0100
@@ -20,8 +20,8 @@
.ostree/get_ostree_data.sh packages runtime DISTRO-VERSION FORMAT
```
-`DISTRO-VERSION` is in the format that Ansible uses for `ansible_distribution`
-and `ansible_distribution_version` - for example, `Fedora-38`, `CentOS-8`,
+`DISTRO-VERSION` is in the format that Ansible uses for
`ansible_facts["distribution"]`
+and `ansible_facts["distribution_version"]` - for example, `Fedora-38`,
`CentOS-8`,
`RedHat-9.4`
`FORMAT` is one of `toml`, `json`, `yaml`, `raw`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/contributing.md
new/ansible-certificate-1.5.0-suse/contributing.md
--- old/ansible-certificate-1.4.4-suse/contributing.md 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/contributing.md 2026-03-16
19:09:07.000000000 +0100
@@ -85,7 +85,7 @@
you can use e.g.
```bash
- tox -e qemu-ansible-core-2.14 -- --image-name centos-9
tests/tests_default.yml
+ tox -e qemu-ansible-core-2-20 -- --image-name centos-9
tests/tests_default.yml
```
There are many command line options and environment variables which can be used
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/library/certificate_request.py
new/ansible-certificate-1.5.0-suse/library/certificate_request.py
--- old/ansible-certificate-1.4.4-suse/library/certificate_request.py
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/library/certificate_request.py
2026-03-16 19:09:07.000000000 +0100
@@ -311,7 +311,6 @@
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.certificate_lsr.providers import providers
-
KEY_USAGE_CHOICES = [
"digitalSignature",
"nonRepudiation",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/meta/collection-requirements.yml
new/ansible-certificate-1.5.0-suse/meta/collection-requirements.yml
--- old/ansible-certificate-1.4.4-suse/meta/collection-requirements.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/meta/collection-requirements.yml
2026-03-16 19:09:07.000000000 +0100
@@ -2,3 +2,5 @@
---
collections:
- name: ansible.posix
+ - name: community.general
+ version: '>=6.6.0,<12.0.0'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/meta/main.yml
new/ansible-certificate-1.5.0-suse/meta/main.yml
--- old/ansible-certificate-1.4.4-suse/meta/main.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/meta/main.yml 2026-03-16
19:09:07.000000000 +0100
@@ -27,6 +27,7 @@
- fedora
- redhat
- rhel
+ - leap
- ssl
- system
- tls
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/module_utils/certificate_lsr/providers/base.py
new/ansible-certificate-1.5.0-suse/module_utils/certificate_lsr/providers/base.py
---
old/ansible-certificate-1.4.4-suse/module_utils/certificate_lsr/providers/base.py
2026-01-06 16:45:47.000000000 +0100
+++
new/ansible-certificate-1.5.0-suse/module_utils/certificate_lsr/providers/base.py
2026-03-16 19:09:07.000000000 +0100
@@ -661,7 +661,7 @@
return (owner, group, mode)
def _set_user_and_group_if_different(self):
- (owner, group, mode) = self._get_permissions()
+ owner, group, mode = self._get_permissions()
if not any([owner, group, mode]):
return False
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/module_utils/certificate_lsr/providers/certmonger.py
new/ansible-certificate-1.5.0-suse/module_utils/certificate_lsr/providers/certmonger.py
---
old/ansible-certificate-1.4.4-suse/module_utils/certificate_lsr/providers/certmonger.py
2026-01-06 16:45:47.000000000 +0100
+++
new/ansible-certificate-1.5.0-suse/module_utils/certificate_lsr/providers/certmonger.py
2026-03-16 19:09:07.000000000 +0100
@@ -245,7 +245,7 @@
def _set_user_and_group_if_different(self):
if not self.module.params.get("booted"):
- (owner, group, mode) = self._get_permissions()
+ owner, group, mode = self._get_permissions()
if not any([owner, group, mode]):
return False
if owner:
@@ -420,8 +420,7 @@
return
with open(unit_path, "w") as f:
- f.write(
- """[Unit]
+ f.write("""[Unit]
Description=Request certificates via certmonger from System Role
Documentation=https://github.com/linux-system-roles/certificate/
ConditionFileExists={commands_file}
@@ -435,10 +434,7 @@
[Install]
WantedBy=multi-user.target
-""".format(
- commands_file=commands_file
- )
- )
+""".format(commands_file=commands_file))
# Enable the service
systemctl_cmd = ["systemctl", "enable", unit_name]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/module_utils/certificate_lsr/providers/providers.py
new/ansible-certificate-1.5.0-suse/module_utils/certificate_lsr/providers/providers.py
---
old/ansible-certificate-1.4.4-suse/module_utils/certificate_lsr/providers/providers.py
2026-01-06 16:45:47.000000000 +0100
+++
new/ansible-certificate-1.5.0-suse/module_utils/certificate_lsr/providers/providers.py
2026-03-16 19:09:07.000000000 +0100
@@ -8,7 +8,6 @@
from ansible.module_utils.certificate_lsr.providers import certmonger
-
# fmt: off
PROVIDERS = (
("certmonger", certmonger.CertificateRequestCertmongerProvider),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/plans/test_playbooks_parallel.fmf
new/ansible-certificate-1.5.0-suse/plans/test_playbooks_parallel.fmf
--- old/ansible-certificate-1.4.4-suse/plans/test_playbooks_parallel.fmf
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/plans/test_playbooks_parallel.fmf
2026-03-16 19:09:07.000000000 +0100
@@ -18,9 +18,10 @@
hardware:
memory: '>= 4096 MB'
environment:
- SR_ANSIBLE_VER: 2.17
+ # ensure versions are strings!
+ SR_ANSIBLE_VER: "2.17"
SR_REPO_NAME: certificate
- SR_PYTHON_VERSION: 3.12
+ SR_PYTHON_VERSION: "3.12"
SR_ONLY_TESTS: "" # tests_default.yml
SR_TEST_LOCAL_CHANGES: true
SR_PR_NUM: ""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_basic_ipa.yml
new/ansible-certificate-1.5.0-suse/tests/tests_basic_ipa.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_basic_ipa.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_basic_ipa.yml
2026-03-16 19:09:07.000000000 +0100
@@ -20,7 +20,8 @@
- name: Skip if not supported
meta: end_host
- when: __ostree_booted_stat.stat.exists
+ when: __ostree_booted_stat.stat.exists or
+ ansible_facts['os_family'] == 'Suse'
- name: Setup IPA
import_tasks: tasks/setup_ipa.yml
@@ -41,6 +42,12 @@
ca: ipa
group: ftp
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
+
- name: Verify certificates
include_tasks: tasks/assert_certificate_parameters.yml
loop: "{{ certificates }}"
@@ -48,8 +55,8 @@
loop_var: cert
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_basic_ipa.crt
- key_path: /etc/pki/tls/private/mycert_basic_ipa.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_basic_ipa.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_basic_ipa.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -73,8 +80,8 @@
- key_encipherment
- data_encipherment
- - path: /etc/pki/tls/certs/groupcert.crt
- key_path: /etc/pki/tls/private/groupcert.key
+ - path: "{{ __certificate_default_directory }}/certs/groupcert.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/groupcert.key"
owner: root
group: ftp
mode: "0640"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_basic_self_signed.yml
new/ansible-certificate-1.5.0-suse/tests/tests_basic_self_signed.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_basic_self_signed.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_basic_self_signed.yml
2026-03-16 19:09:07.000000000 +0100
@@ -1,7 +1,6 @@
---
- name: Issue simple self-signed certificate
hosts: all
-
vars:
certificate_requests:
- name: mycert_basic_self_signed
@@ -12,10 +11,16 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_basic_self_signed.crt
- key_path: /etc/pki/tls/private/mycert_basic_self_signed.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_basic_self_signed.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_basic_self_signed.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_dns_ip_email.yml
new/ansible-certificate-1.5.0-suse/tests/tests_dns_ip_email.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_dns_ip_email.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_dns_ip_email.yml
2026-03-16 19:09:07.000000000 +0100
@@ -23,10 +23,16 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_dns_ip_email.crt
- key_path: /etc/pki/tls/private/mycert_dns_ip_email.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_dns_ip_email.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_dns_ip_email.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_fs_attrs.yml
new/ansible-certificate-1.5.0-suse/tests/tests_fs_attrs.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_fs_attrs.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_fs_attrs.yml 2026-03-16
19:09:07.000000000 +0100
@@ -2,6 +2,23 @@
- name: Ensure UID and GID exists
hosts: all
tasks:
+ - name: Ensure ftp group exists
+ group:
+ name: ftp
+ system: true
+ when:
+ - not __bootc_validation | d(false)
+ - ansible_facts['os_family'] == 'Suse'
+
+ - name: Ensure ftp user exists
+ user:
+ name: ftp
+ group: ftp
+ system: true
+ when:
+ - not __bootc_validation | d(false)
+ - ansible_facts['os_family'] == 'Suse'
+
- name: Ensure user exists
user:
name: user1
@@ -31,6 +48,12 @@
ca: self-sign
when: not __bootc_validation | d(false)
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
+
- name: Verify each user/group certificate
include_tasks: tasks/assert_certificate_parameters.yml
loop: "{{ certificates }}"
@@ -38,8 +61,8 @@
loop_var: cert
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_fs_attrs.crt
- key_path: /etc/pki/tls/private/mycert_fs_attrs.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_fs_attrs.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_fs_attrs.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -50,8 +73,8 @@
owner: ftp
group: ftp
mode: "0640"
- - path: /etc/pki/tls/certs/certid.crt
- key_path: /etc/pki/tls/private/certid.key
+ - path: "{{ __certificate_default_directory }}/certs/certid.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/certid.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -96,8 +119,8 @@
loop_var: cert
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_fs_attrs_mode.crt
- key_path: /etc/pki/tls/private/mycert_fs_attrs_mode.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_fs_attrs_mode.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_fs_attrs_mode.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -108,8 +131,8 @@
owner: ftp
group: ftp
mode: "0620"
- - path: /etc/pki/tls/certs/certid_mode.crt
- key_path: /etc/pki/tls/private/certid_mode.key
+ - path: "{{ __certificate_default_directory }}/certs/certid_mode.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/certid_mode.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_key_size.yml
new/ansible-certificate-1.5.0-suse/tests/tests_key_size.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_key_size.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_key_size.yml 2026-03-16
19:09:07.000000000 +0100
@@ -14,6 +14,13 @@
dns: www.example.com
ca: self-sign
key_size: 1024
+
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
+
- name: Verify each certificate
include_tasks: tasks/assert_certificate_parameters.yml
loop: "{{ certificates }}"
@@ -21,8 +28,8 @@
loop_var: cert
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_key_size.crt
- key_path: /etc/pki/tls/private/mycert_key_size.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_key_size.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_key_size.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_key_size_reissue.yml
new/ansible-certificate-1.5.0-suse/tests/tests_key_size_reissue.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_key_size_reissue.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_key_size_reissue.yml
2026-03-16 19:09:07.000000000 +0100
@@ -16,6 +16,13 @@
dns: www.example.com
ca: self-sign
key_size: 4096
+
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
+
- name: Verify each certificate
include_tasks: tasks/assert_certificate_parameters.yml
loop: "{{ certificates }}"
@@ -23,8 +30,8 @@
loop_var: cert
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_key_size.crt
- key_path: /etc/pki/tls/private/mycert_key_size.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_key_size.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_key_size.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -73,8 +80,8 @@
loop_var: cert
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_key_size.crt
- key_path: /etc/pki/tls/private/mycert_key_size.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_key_size.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_key_size.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_key_usage_and_extended_key_usage.yml
new/ansible-certificate-1.5.0-suse/tests/tests_key_usage_and_extended_key_usage.yml
---
old/ansible-certificate-1.4.4-suse/tests/tests_key_usage_and_extended_key_usage.yml
2026-01-06 16:45:47.000000000 +0100
+++
new/ansible-certificate-1.5.0-suse/tests/tests_key_usage_and_extended_key_usage.yml
2026-03-16 19:09:07.000000000 +0100
@@ -1,7 +1,6 @@
---
- name: Issue simple self-signed certificate
hosts: all
-
vars:
certificate_requests:
- name: mycert_key_usage_and_extended_key_usage
@@ -21,11 +20,17 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_key_usage_and_extended_key_usage.crt
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_key_usage_and_extended_key_usage.crt"
key_path: >-
- /etc/pki/tls/private/mycert_key_usage_and_extended_key_usage.key
+ {{ __certificate_default_directory
}}/private/mycert_key_usage_and_extended_key_usage.key
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_many_self_signed.yml
new/ansible-certificate-1.5.0-suse/tests/tests_many_self_signed.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_many_self_signed.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_many_self_signed.yml
2026-03-16 19:09:07.000000000 +0100
@@ -26,6 +26,12 @@
changed_when: true
when: ansible_connection == "buildah"
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
+
- name: Verify each certificate
include_tasks: tasks/assert_certificate_parameters.yml
loop: "{{ certificates }}"
@@ -33,8 +39,8 @@
loop_var: cert
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_many_self_signed.crt
- key_path: /etc/pki/tls/private/mycert_many_self_signed.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_many_self_signed.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_many_self_signed.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -42,8 +48,8 @@
subject_alt_name:
- name: DNS
value: www.example.com
- - path: /etc/pki/tls/certs/other-cert.crt
- key_path: /etc/pki/tls/private/other-cert.key
+ - path: "{{ __certificate_default_directory }}/certs/other-cert.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/other-cert.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -51,8 +57,8 @@
subject_alt_name:
- name: DNS
value: www.example.org
- - path: /etc/pki/tls/certs/another-cert.crt
- key_path: /etc/pki/tls/private/another-cert.key
+ - path: "{{ __certificate_default_directory
}}/certs/another-cert.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/another-cert.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_no_auto_renew.yml
new/ansible-certificate-1.5.0-suse/tests/tests_no_auto_renew.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_no_auto_renew.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_no_auto_renew.yml
2026-03-16 19:09:07.000000000 +0100
@@ -1,7 +1,6 @@
---
- name: Issue simple self-signed certificate
hosts: all
-
vars:
certificate_requests:
- name: mycert_no_auto_renew
@@ -15,11 +14,17 @@
- linux-system-roles.certificate
- name: Verify certificate
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
hosts: all
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_no_auto_renew.crt
- key_path: /etc/pki/tls/private/mycert_no_auto_renew.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_no_auto_renew.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_no_auto_renew.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -28,8 +33,8 @@
- name: DNS
value: www.example.com
auto_renew: false
- - path: /etc/pki/tls/certs/defaultcert.crt
- key_path: /etc/pki/tls/private/defaultcert.key
+ - path: "{{ __certificate_default_directory }}/certs/defaultcert.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/defaultcert.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_not_wait_for_cert.yml
new/ansible-certificate-1.5.0-suse/tests/tests_not_wait_for_cert.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_not_wait_for_cert.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_not_wait_for_cert.yml
2026-03-16 19:09:07.000000000 +0100
@@ -1,7 +1,6 @@
---
- name: Issue simple self-signed certificate
hosts: all
-
vars:
certificate_wait: false
certificate_requests:
@@ -13,10 +12,16 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_not_wait_for_cert.crt
- key_path: /etc/pki/tls/private/mycert_not_wait_for_cert.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_not_wait_for_cert.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_not_wait_for_cert.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_principal.yml
new/ansible-certificate-1.5.0-suse/tests/tests_principal.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_principal.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_principal.yml
2026-03-16 19:09:07.000000000 +0100
@@ -12,10 +12,16 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_principal.crt
- key_path: /etc/pki/tls/private/mycert_principal.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_principal.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_principal.key"
subject:
- name: commonName
oid: 2.5.4.3
@@ -36,7 +42,6 @@
loop_control:
loop_var: cert
-
- name: Test issuing certificate with invalid principal.
hosts: all
vars:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_provider.yml
new/ansible-certificate-1.5.0-suse/tests/tests_provider.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_provider.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_provider.yml 2026-03-16
19:09:07.000000000 +0100
@@ -12,10 +12,16 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_provider.crt
- key_path: /etc/pki/tls/private/mycert_provider.key
+ - path: "{{ __certificate_default_directory }}/certs/mycert_provider.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_provider.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_run_hooks.yml
new/ansible-certificate-1.5.0-suse/tests/tests_run_hooks.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_run_hooks.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_run_hooks.yml
2026-03-16 19:09:07.000000000 +0100
@@ -1,7 +1,6 @@
---
- name: Issue simple self-signed certificate
hosts: all
-
vars:
certificate_requests:
- name: mycert_run_hooks
@@ -16,10 +15,16 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_run_hooks.crt
- key_path: /etc/pki/tls/private/mycert_run_hooks.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_run_hooks.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_run_hooks.key"
subject:
- name: commonName
oid: 2.5.4.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_subject.yml
new/ansible-certificate-1.5.0-suse/tests/tests_subject.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_subject.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_subject.yml 2026-03-16
19:09:07.000000000 +0100
@@ -1,7 +1,6 @@
---
- name: Issue simple self-signed certificate
hosts: all
-
vars:
certificate_requests:
- name: mycert_subject
@@ -18,10 +17,16 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_subject.crt
- key_path: /etc/pki/tls/private/mycert_subject.key
+ - path: "{{ __certificate_default_directory }}/certs/mycert_subject.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_subject.key"
subject:
- name: countryName
oid: 2.5.4.6
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ansible-certificate-1.4.4-suse/tests/tests_subject_complex.yml
new/ansible-certificate-1.5.0-suse/tests/tests_subject_complex.yml
--- old/ansible-certificate-1.4.4-suse/tests/tests_subject_complex.yml
2026-01-06 16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/tests/tests_subject_complex.yml
2026-03-16 19:09:07.000000000 +0100
@@ -2,7 +2,6 @@
- name: Issue simple self-signed certificate
hosts: all
become: true
-
vars:
certificate_requests:
- name: mycert_subject_complex
@@ -15,12 +14,18 @@
- name: Verify certificate
hosts: all
+ pre_tasks:
+ - name: Load certificate role platform variables
+ include_role:
+ name: linux-system-roles.certificate
+ tasks_from: set_vars.yml
+ public: true
become: true
gather_facts: true
vars:
certificates:
- - path: /etc/pki/tls/certs/mycert_subject_complex.crt
- key_path: /etc/pki/tls/private/mycert_subject_complex.key
+ - path: "{{ __certificate_default_directory
}}/certs/mycert_subject_complex.crt"
+ key_path: "{{ __certificate_default_directory
}}/private/mycert_subject_complex.key"
subject:
- name: emailAddress
oid: 1.2.840.113549.1.9.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/vars/SLES_15.yml
new/ansible-certificate-1.5.0-suse/vars/SLES_15.yml
--- old/ansible-certificate-1.4.4-suse/vars/SLES_15.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/vars/SLES_15.yml 2026-03-16
19:09:07.000000000 +0100
@@ -5,6 +5,6 @@
__certificate_default_directory: /etc/ssl
__certificate_packages:
- - python3-cryptography
- - python3-dbus-python
- - python3-pyasn1
+ - python311-cryptography
+ - python311-dbus-python
+ - python311-pyasn1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/vars/SLES_16.yml
new/ansible-certificate-1.5.0-suse/vars/SLES_16.yml
--- old/ansible-certificate-1.4.4-suse/vars/SLES_16.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/vars/SLES_16.yml 1970-01-01
01:00:00.000000000 +0100
@@ -1,10 +0,0 @@
-# SPDX-License-Identifier: MIT
----
-# Put internal variables here with SLES_16 specific values.
-
-__certificate_default_directory: /etc/ssl
-
-__certificate_packages:
- - python313-cryptography
- - python313-dbus-python
- - python313-pyasn1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/vars/SLES_SAP_15.yml
new/ansible-certificate-1.5.0-suse/vars/SLES_SAP_15.yml
--- old/ansible-certificate-1.4.4-suse/vars/SLES_SAP_15.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/vars/SLES_SAP_15.yml 2026-03-16
19:09:07.000000000 +0100
@@ -5,6 +5,6 @@
__certificate_default_directory: /etc/ssl
__certificate_packages:
- - python3-cryptography
- - python3-dbus-python
- - python3-pyasn1
+ - python311-cryptography
+ - python311-dbus-python
+ - python311-pyasn1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/vars/SLES_SAP_16.yml
new/ansible-certificate-1.5.0-suse/vars/SLES_SAP_16.yml
--- old/ansible-certificate-1.4.4-suse/vars/SLES_SAP_16.yml 2026-01-06
16:45:47.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/vars/SLES_SAP_16.yml 1970-01-01
01:00:00.000000000 +0100
@@ -1,10 +0,0 @@
-# SPDX-License-Identifier: MIT
----
-# Put internal variables here with SLES_SAP_16 specific values.
-
-__certificate_default_directory: /etc/ssl
-
-__certificate_packages:
- - python313-cryptography
- - python313-dbus-python
- - python313-pyasn1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ansible-certificate-1.4.4-suse/vars/Suse.yml
new/ansible-certificate-1.5.0-suse/vars/Suse.yml
--- old/ansible-certificate-1.4.4-suse/vars/Suse.yml 1970-01-01
01:00:00.000000000 +0100
+++ new/ansible-certificate-1.5.0-suse/vars/Suse.yml 2026-03-16
19:09:07.000000000 +0100
@@ -0,0 +1,10 @@
+# SPDX-License-Identifier: MIT
+---
+# SUSE os_family specific values.
+
+__certificate_default_directory: /etc/ssl
+
+__certificate_packages:
+ - python3-cryptography
+ - python3-dbus-python
+ - python3-pyasn1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' "old/ansible-certificate-1.4.4-suse/vars/openSUSE
Leap_15.yml" "new/ansible-certificate-1.5.0-suse/vars/openSUSE Leap_15.yml"
--- "old/ansible-certificate-1.4.4-suse/vars/openSUSE Leap_15.yml"
1970-01-01 01:00:00.000000000 +0100
+++ "new/ansible-certificate-1.5.0-suse/vars/openSUSE Leap_15.yml"
2026-03-16 19:09:07.000000000 +0100
@@ -0,0 +1,12 @@
+# SPDX-License-Identifier: MIT
+---
+# openSUSE Leap 15.x specific values.
+# Leap 15.x uses python311 as the ansible interpreter since
+# ansible-core 2.18+ requires Python 3.8+ and system python3 is 3.6.
+
+__certificate_default_directory: /etc/ssl
+
+__certificate_packages:
+ - python311-cryptography
+ - python311-dbus-python
+ - python311-pyasn1
