Skip to content
This repository has been archived by the owner on Jan 19, 2019. It is now read-only.

Latest commit

 

History

History
217 lines (146 loc) · 7.47 KB

CHANGELOG.md

File metadata and controls

217 lines (146 loc) · 7.47 KB

openssl Cookbook CHANGELOG

This file is used to list changes made in each version of the openssl cookbook.

8.5.5 (2018-09-04)

All resources in this cookbook are now built into Chef 14.4+. When Chef 15.4 is released (April 2019) the resources will be removed from this cookbook as all users should be running Chef 14.4 or later at that point.

8.5.4 (2018-08-29)

  • Add missing email documentation for the request property
  • Fix x509_crl to work on non-Linux platforms
  • Attribute -> Property in the readme
  • revokation -> revocation in the readme
  • Update group/owner documentation
  • Avoid deprecation warnings on Chef 14.3+

8.5.3 (2018-08-15)

  • Call ::OpenSSL not OpenSSL to be more defensive in the helpers

8.5.2 (2018-08-14)

  • Back out mode change in ec_private_key

8.5.1 (2018-08-14)

  • Add license headers to the resources
  • Remove default_action setup from the resources since this is done automatically in custom resources now
  • Make sure to use the path name_property when creating the ec public key file
  • Make sure we're using openssl and not Chef's Openssl class
  • Simplify how we handle user/group properties

8.5.0 (2018-08-02)

  • Use the system provided owner/group defaults in resources
  • Added new openssl_x509_crl resource
  • Fix openssl_ec_public_key with documentation & tests
  • Few corrections in the documentation
  • Fix backward compatibility with chef client 12

8.4.0 (2018-07-30)

This release is brought to you by Institut National de l'Audiovisuel, which contributed the following changes:

  • openssl_x509 is renamed to openssl_x509_certificate with backwards compatibility for the old name
  • openssl_x509_certificate can now generate a signed certificate with a provided CA cert & key
  • openssl_x509_certificate now support x509 extensions
  • openssl_x509_certificate now support x509 csr
  • openssl_x509_certificate now generate a random serial for the certificate
  • openssl_x509_certificate expires has now a default value : 365
  • country field is now mandatory in x509_request
  • the private key file is not rewrited in x509_request if it already exist

8.3.0 (2018-07-25)

  • Add resource x509_request

8.2.0 (2018-07-23)

  • Add ec_private_key & ec_public_key resources

8.1.2 (2018-02-09)

  • Fix typo in resources that caused failures on Windows.
  • Properly reference key_cipher in the readme

8.1.1 (2018-01-05)

  • Add YARD comments to all the helpers
  • Move valid ciphers directly into the equal_to check
  • Remove the Chefspec matchers since modern ChefSpec does this automatically
  • Fix failures on Windows nodes

8.1.0 (2017-12-28)

  • Adding x509 support for /ST and /L
  • Allow passing private key content to rsa_public_key resource via property
  • Fix openssl_rsa_public_key converging on every run
  • Fix undefied method "cipher" error in openssl_rsa_private_key resource

8.0.0 (2017-12-11)

  • Added a new openssl_rsa_public_key resource which generates a public key from a private key
  • Rename openssl_rsa_key to openssl_rsa_private_key, while still allowing the old name to function. This resource actually generates private keys, but the previous name didn't make that clear
  • Added owner, group, and mode properties to all of the resources so you could control who owned the files you generated
  • Set the default modes of generated files to 640 instead of 644
  • Set the files to generate using node['root_group'] not 'root' for compatibility on other *nix systems such as FreeBSD and macOS
  • Added a new property to openssl_rsa_private_key for specifying the cipher to use
  • Converted integration tests to InSpec and moved all resources to a single Kitchen suite for quicker testing
  • Added a force property to allow overwriting any existing key that may exist
  • Fixed upgrade recipe failures on Debian 9
  • Added a new path property which allows you to set the path there instead of in the resource's name
  • Improved input validation in some of the helpers
  • Added a deprecation message in Opscode::OpenSSL::Password helper "secure_password" and removed readme documentation
  • Added a warning in the upgrade recipe if we're on an unsupported platform
  • Switched the upgrade recipe to a multipackage upgrade to speed up Chef runs

7.1.0 (2017-05-30)

  • Add supported platforms to the metdata
  • Fix amazon support
  • Remove class_eval usage and require Chef 12.7+

7.0.1 (2017-03-21)

  • Fix compatibility with Chef 12.5.1

7.0.0 (2017-03-06)

  • Converted LWRPs to custom resources, increasing the chef-client dependency to 12.5+. This fixes the bus where each resource notified on every run even if it didn't actually update the files on disk.
  • Added testing for Chef 13
  • Test with Local Delivery instead of Rake

6.1.1 (2017-01-19)

  • Resolve deprecation warnings in chefspec
  • Use proper ::File class and fix ^2 validation of dhparam key length
  • Disable .zero? in cookstyle for now

6.1.0 (2017-01-18)

  • [#37] Support for Subject Alternative Names on generated self-signed certificates
  • rubocop
  • Cookstyle fixes

6.0.0 (2016-09-08)

  • Update the minimum chef release to 12.1

5.0.1 (2016-09-01)

  • Update docs from node.normal as node.set has been deprecated
  • Testing updates

5.0.0 (2016-08-27)

  • Remove the need for the chef-sugar cookbook
  • Remove the default['openssl']['packages'] attribute in the upgrades recipe and instead use the correct openssl packages based on platform
  • Remove support for Debian 6 and Ubuntu 10.04 in the upgrade recipe
  • Add support for Fedora and Suse in the upgrade recipe
  • Prevent errors with unset variable in error raising within the random password helper
  • Add cookstyle and resolve all warnings
  • Add testing, contributing, and maintainers documentation
  • Add integration testing in Travis CI with kitchen-dokken
  • Add issues_url, source_url and chef_version metadata
  • Update the requirements section of the README
  • Update the Chefspecs to avoid errors and run using caching for faster runs
  • Add issues and PR templates for Github

v4.4.0 (2015-08-28)

  • NEW: x509 certificates are now signed via SHA-256 instead of SHA-1
  • FIX: gen_dhparam error now correctly fails with TypeError instead of ArgumentError if Generator argument isn't an integer

v4.3.2 (2015-08-01)

  • FIX: Updated changelog

v4.3 (2015-08-01)

  • NEW: Add rsa_key lwrp
  • FIX: dhparam lwrp now correctly honors the generator parameter

v4.2 (2015-06-23)

  • NEW: Add dhparam lwrp
  • FIX: x509 lwrp now updates resource count correctly

v4.1.2 (2015-06-20)

  • Add Serverspec suite
  • Removed update suite from .kitchen.yml
  • Add explicit license to test cookbook recipes
  • Add Whyrun support to x509 LWRP
  • Expand Chefspec tests for x509 LWRP to step_into LWRP
  • Add helper library
  • Update x509 LWRP to verify existing keys, if specified

v4.1.1 (2015-06-11)

  • README.md fixes

v4.1.0 (2015-06-11)

  • Add new random_password Mixin (Thanks, Seth!)
  • Rewritten README.md
  • Refactor specs
  • Clear Rubocop violations

v4.0.0 (2015-02-19)

  • Reverting to Opscode module namespace

v3.0.2 (2015-12-18)

  • Accidently released 2.0.2 as 3.0.2
  • Re-namespaced Opscode::OpenSSL::Password module as Chef::OpenSSL::Password

v2.0.2 (2014-12-30)

  • Call cert.to_pem before recipe DSL

v2.0.0 (2014-06-11)

  • 1 - COOK-847 - Add LWRP for generating self signed certs

  • 4 - COOK-4715 - add upgrade recipe and complete test harness

v1.1.0

Improvement

  • COOK-3222 - Allow setting length for secure_password

v1.0.2

  • Add name attribute to metadata