rjeffman
commented
1 year ago [citest]
Closed rjeffman closed 1 year ago
rjeffman
commented
1 year ago [citest]
richm
commented
1 year ago I guess there already was a check for mode in tests/tasks/assert_certificate_parameters.yml
richm
commented
1 year ago @rjeffman not sure what's going on - the tests expect that if mode is not present, the files will be created with 0640 but they are being created with 0600 - does certmonger have some sort of default mode that it uses that is 0600?
rjeffman
commented
1 year ago @richm sorry, I've drowned in some other issues. I'll be looking at this issue this Friday (23/06).
rjeffman
commented
1 year ago [citest]
rjeffman
commented
1 year ago @richm tests passed with the latest fix, can you review this PR?
Enhancement: Allow seting of certificate and key files mode attribute through the use of the 'mode' parameter, when using the certmonger provider.
Reason: Previously, the certificate files generated by the certmonger provider used a default file mode that may not be suitable for some tools or for some more restricted environments.
Result: The file mode attribute can now be set using the same roles as Ansible's file mode parameter, accepting either a string or an integer.
Issue Tracker Tickets (Jira or BZ if any): https://bugzilla.redhat.com/show_bug.cgi?id=2180902