No description
Find a file
James Cassell bc4ef99533 standardize TLS connection properties (#54315)
* openstack: standardize tls params

* tower: tower_verify_ssl->validate_certs

* docker: use standard tls config params

- cacert_path -> ca_cert
- cert_path -> client_cert
- key_path -> client_key
- tls_verify -> validate_certs

* k8s: standardize tls connection params

- verify_ssl -> validate_certs
- ssl_ca_cert -> ca_cert
- cert_file -> client_cert
- key_file -> client_key

* ingate: verify_ssl -> validate_certs

* manageiq: standardize tls params

- verify_ssl -> validate_certs
- ca_bundle_path -> ca_cert

* mysql: standardize tls params

- ssl_ca -> ca_cert
- ssl_cert -> client_cert
- ssl_key -> client_key

* nios: ssl_verify -> validate_certs

* postgresql: ssl_rootcert -> ca_cert

* rabbitmq: standardize tls params

- cacert -> ca_cert
- cert -> client_cert
- key -> client_key

* rackspace: verify_ssl -> validate_certs

* vca: verify_certs -> validate_certs

* kubevirt_cdi_upload: upload_host_verify_ssl -> upload_host_validate_certs

* lxd: standardize tls params

- key_file -> client_key
- cert_file -> client_cert

* get_certificate: ca_certs -> ca_cert

* get_certificate.py: clarify one or more certs in a file

Co-Authored-By: jamescassell <code@james.cassell.me>

* zabbix: tls_issuer -> ca_cert

* bigip_device_auth_ldap: standardize tls params

- ssl_check_peer -> validate_certs
- ssl_client_cert -> client_cert
- ssl_client_key -> client_key
- ssl_ca_cert -> ca_cert

* vdirect: vdirect_validate_certs -> validate_certs

* mqtt: standardize tls params

- ca_certs -> ca_cert
- certfile -> client_cert
- keyfile -> client_key

* pulp_repo: standardize tls params

remove `importer_ssl` prefix

* rhn_register: sslcacert -> ca_cert

* yum_repository: standardize tls params

The fix for yum_repository is not straightforward since this module is
only a thin wrapper for the underlying commands and config.  In this
case, we add the new values as aliases, keeping the old as primary,
only due to the internal structure of the module.

Aliases added:
- sslcacert -> ca_cert
- sslclientcert -> client_cert
- sslclientkey -> client_key
- sslverify -> validate_certs

* gitlab_hook: enable_ssl_verification -> hook_validate_certs

* Adjust arguments for docker_swarm inventory plugin.

* foreman callback: standardize tls params

- ssl_cert -> client_cert
- ssl_key -> client_key

* grafana_annotations: validate_grafana_certs -> validate_certs

* nrdp callback: validate_nrdp_certs -> validate_certs

* kubectl connection: standardize tls params

- kubectl_cert_file -> client_cert
- kubectl_key_file -> client_key
- kubectl_ssl_ca_cert -> ca_cert
- kubectl_verify_ssl -> validate_certs

* oc connection: standardize tls params

- oc_cert_file -> client_cert
- oc_key_file -> client_key
- oc_ssl_ca_cert -> ca_cert
- oc_verify_ssl -> validate_certs

* psrp connection: cert_trust_path -> ca_cert

TODO: cert_validation -> validate_certs (multi-valued vs bool)

* k8s inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* openshift inventory: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* tower inventory: verify_ssl -> validate_certs

* hashi_vault lookup: cacert -> ca_cert

* k8s lookup: standardize tls params

- cert_file -> client_cert
- key_file -> client_key
- ca_cert -> ca_cert
- verify_ssl -> validate_certs

* laps_passord lookup: cacert_file -> ca_cert

* changelog for TLS parameter standardization
2019-03-28 00:19:28 -05:00
.github New lookup module: manifold (#50435) 2019-03-27 07:20:15 -04:00
bin
changelogs standardize TLS connection properties (#54315) 2019-03-28 00:19:28 -05:00
contrib
docs Add a force_replace_host flag to win_domain_membership (#53542) 2019-03-28 14:36:26 +10:00
examples
hacking Fix punctuation around issue reporting link (#54295) 2019-03-25 07:35:45 -07:00
lib/ansible standardize TLS connection properties (#54315) 2019-03-28 00:19:28 -05:00
licenses
packaging Add workspace module for azure (#53731) 2019-03-27 17:04:40 -07:00
test standardize TLS connection properties (#54315) 2019-03-28 00:19:28 -05:00
.cherry_picker.toml
.coveragerc
.gitattributes
.gitignore
.mailmap
CODING_GUIDELINES.md
COPYING
Makefile This was supposed to be named snapshot 2019-03-19 13:57:41 -07:00
MANIFEST.in
MODULE_GUIDELINES.md
README.rst
requirements.txt
setup.py Build manpages as part of sdist (#53728) 2019-03-18 12:43:38 -07:00
shippable.yml Add shippable/posix/group4/ for CI. (#53816) 2019-03-15 07:25:37 -07:00
tox.ini

|PyPI version| |Docs badge| |Chat badge| |Build Status| |Code Of Conduct| |Mailing Lists| |License|

*******
Ansible
*******

Ansible is a radically simple IT automation system. It handles
configuration-management, application deployment, cloud provisioning,
ad-hoc task-execution, and multinode orchestration -- including
trivializing things like zero-downtime rolling updates with load
balancers.

Read the documentation and more at https://ansible.com/

You can find installation instructions
`here <https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html>`_ for a
variety of platforms.

Most users should probably install a released version of Ansible from ``pip``, a package manager or
our `release repository <https://releases.ansible.com/ansible/>`_. `Officially supported
<https://www.ansible.com/ansible-engine>`_ builds of Ansible are also available. Some power users
run directly from the development branch - while significant efforts are made to ensure that
``devel`` is reasonably stable, you're more likely to encounter breaking changes when running
Ansible this way.

Design Principles
=================

*  Have a dead simple setup process and a minimal learning curve.
*  Manage machines very quickly and in parallel.
*  Avoid custom-agents and additional open ports, be agentless by
   leveraging the existing SSH daemon.
*  Describe infrastructure in a language that is both machine and human
   friendly.
*  Focus on security and easy auditability/review/rewriting of content.
*  Manage new remote machines instantly, without bootstrapping any
   software.
*  Allow module development in any dynamic language, not just Python.
*  Be usable as non-root.
*  Be the easiest IT automation system to use, ever.

Get Involved
============

*  Read `Community
   Information <https://docs.ansible.com/ansible/latest/community>`_ for all
   kinds of ways to contribute to and interact with the project,
   including mailing list information and how to submit bug reports and
   code to Ansible.
*  All code submissions are done through pull requests to the ``devel`` branch.
*  Feel free to talk to us before making larger changes
   to avoid duplicate efforts. This not only helps everyone
   know what's going on, it also helps save time and effort if we decide
   some changes are needed.
*  Users list:
   `ansible-project <https://groups.google.com/group/ansible-project>`_
*  Development list:
   `ansible-devel <https://groups.google.com/group/ansible-devel>`_
*  Announcement list:
   `ansible-announce <https://groups.google.com/group/ansible-announce>`_
   -- read only
*  irc.freenode.net: #ansible
*  For the full list of Email Lists, IRC channels see the
   `Communication page <https://docs.ansible.com/ansible/latest/community/communication.html>`_

Branch Info
===========

*  Releases are named after Led Zeppelin songs. (Releases prior to 2.0
   were named after Van Halen songs.)
*  The ``devel`` branch corresponds to the release actively under
   development.
*  The ``stable-2.x`` branches exist for current releases.
*  Various release-X.Y branches exist for previous releases.
*  For information about the active branches see the
   `Ansible release and maintenance <https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html>`_ page.
*  We'd love to have your contributions, read the `Community
   Guide <https://docs.ansible.com/ansible/latest/community>`_ for notes on
   how to get started.

Roadmap
=======

Based on team and community feedback, an initial roadmap will be published for a major or minor version (ex: 2.0, 2.1).
Subminor versions will generally not have roadmaps published.

The `Ansible Roadmap page <https://docs.ansible.com/ansible/devel/roadmap/>`_ details what is planned and how to influence the roadmap.

Authors
=======

Ansible was created by `Michael DeHaan <https://github.com/mpdehaan>`_
(michael.dehaan/gmail/com) and has contributions from over 4000 users
(and growing). Thanks everyone!

`Ansible <https://www.ansible.com>`_ is sponsored by `Red Hat, Inc.
<https://www.redhat.com>`_

License
=======

GNU General Public License v3.0

See `COPYING <COPYING>`_ to see the full text.

.. |PyPI version| image:: https://img.shields.io/pypi/v/ansible.svg
   :target: https://pypi.org/project/ansible
.. |Docs badge| image:: https://img.shields.io/badge/docs-latest-brightgreen.svg
   :target: https://docs.ansible.com/ansible/latest/
.. |Build Status| image:: https://api.shippable.com/projects/573f79d02a8192902e20e34b/badge?branch=devel
   :target: https://app.shippable.com/projects/573f79d02a8192902e20e34b
.. |Chat badge| image:: https://img.shields.io/badge/chat-IRC-brightgreen.svg
   :target: https://docs.ansible.com/ansible/latest/community/communication.html
.. |Code Of Conduct| image:: https://img.shields.io/badge/code%20of%20conduct-Ansible-silver.svg
   :target: https://docs.ansible.com/ansible/latest/community/code_of_conduct.html
   :alt: Ansible Code of Conduct
.. |Mailing Lists| image:: https://img.shields.io/badge/mailing%20lists-Ansible-orange.svg
   :target: https://docs.ansible.com/ansible/latest/community/communication.html#mailing-list-information
   :alt: Ansible mailing lists
.. |License| image:: https://img.shields.io/badge/license-GPL%20v3.0-brightgreen.svg
   :target: COPYING
   :alt: Repository License