-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathCHANGELOG
219 lines (170 loc) · 9.33 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
* Wed Jul 10 2024 Steven Pritchard <steve@sicura.us> - 6.7.1
- Fix call to `FileUtils.cp` to work on Ruby 3
* Mon Oct 23 2023 Steven Pritchard <steve@sicura.us> - 6.7.0
- [puppetsync] Add EL9 support
* Wed Oct 11 2023 Steven Pritchard <steve@sicura.us> - 6.6.0
- [puppetsync] Updates for Puppet 8
- These updates may include the following:
- Update Gemfile
- Add support for Puppet 8
- Drop support for Puppet 6
- Update module dependencies
* Wed Aug 23 2023 Steven Pritchard <steve@sicura.us> - 6.5.0
- Add AlmaLinux 8 support
* Mon Jun 12 2023 Chris Tessmer <chris.tessmer@onyxpoint.com> - 6.4.0
- Add RockyLinux 8 support
* Wed Jun 16 2021 Chris Tessmer <chris.tessmer@onyxpoint.com> - 6.3.0
- Removed support for Puppet 5
- Ensured support for Puppet 7 in requirements and stdlib
* Fri Dec 18 2020 Chris Tessmer <chris.tessmer@onyxpoint.com> - 6.2.1
- Removed EL6 support
* Tue Dec 24 2019 Trevor Vaughan <tvaughan@onyxpoint.com> - 6.2.0-0
- Add EL8 support
* Fri Aug 02 2019 Robert Vincent <pillarsdotnet@gmail.com> - 6.2.0-0
- Drop Puppet 4 support
- Add Puppet 6 support
- Add puppetlabs-stdlib 6 support
* Fri Jan 25 2019 Liz Nemsick <lnemsick.simp@gmail.com> - 6.1.1-0
- Moved temporary aggregate CA certs reference files used by
pki_cert_sync out of the target directory. These temporary
files were being erroneously processed by the gitlab
application.
* Fri Jan 25 2019 Liz Nemsick <lnemsick.simp@gmail.com> - 6.1.0-0
- pki_cert_sync type now generates an aggregate CA certificates
with X.509 certificate headers removed, cacerts_no_headers.pem,
in addition to the existing aggregate CA certificates file,
cacerts.pem. This new CA certificates file is useful for
application that cannot handle certificate headers.
- Add a pki_cert_sync option, ``generate_pem_hash_links``, which controls
whether pki_cert_sync should generate and maintain the PEM file hash
links in the target directory. Disabling automatic PEM hash link
generation is useful if an application is managing those links
in the target directory, itself.
- Update the upper bound of stdlib to < 6.0.0
- Update a URL in the README.md
* Fri Sep 07 2018 Liz Nemsick <lnemsick.simp@gmail.com> - 6.0.4-0
- Drop Hiera 4 support
- Update badges and contribution guide URL in README.md
* Wed Jul 18 2018 Trevor Vaughan <tvaughan@onyxpoint.com> - 6.0.4-0
- Add support for OEL and Puppet 5
* Mon Apr 16 2018 Nick Miller <nick.miller@onyxpoint.com> - 6.0.3-0
- pki::copy's source parameter now accepts any string to allow for use of NSS
and remote file sources.
- Cleanup unneeded fixtures
- Update version range of auditd dependency in metadata.json
* Mon Dec 11 2017 Trevor Vaughan <tvaughan@onyxpoint.com> - 6.0.2-0
- Ensure that /etc/pki/simp_apps is recursively purged so that old certificates
are not left on the system
- Adds a new param, `$certname`, that controls the name of the certs in keydist
that will be copied over. This used to be set to `$facts['fqdn']` without an
option to change it, now it will default to `$trusted['certname']`
* Thu Jul 06 2017 Liz Nemsick <lnemsick.simp@gmail.com> - 6.0.1-0
- Update puppet dependency and remove OBE pe dependency in metadata.json
* Wed Jan 11 2017 Nick Markowski <nmarkowski@keywcorp.com> - 6.0.0-0
- SIMP certs are now managed in /etc/pki/simp/x509, and application
certs in /etc/pki/simp_apps/<app_name>/x509.
* Tue Jan 10 2017 Nick Miller <nick.miller@onyxpoint.com> - 6.0.0-0
- Changed default location of keydist certs from the files directory of the pki
module unless $pki is set to 'simp', when it will pull from pki_files in a
different module path instead.
* Mon Jan 09 2017 Nick Markowski <nmarkowski@keywcorp.com> - 6.0.0-0
- Set perms on simp_apps to 644/755; apps were being denied access to
their own certs because they could not access /etc/pki/simp_apps.
- We have made the decision to centralize application certificates
when simp is managing pki (simp_options::pki => true or 'simp').
This update re-tools pki::copy to better handle managing certs
in /etc/pki/simp_apps.
* Mon Dec 26 2016 Trevor Vaughan <tvaughan@onyxpoint.com> - 6.0.0-0
- Changed pki::pki_dir parameter to pki::base_dir
- Updated acceptance tests
- Fixed bugs in ordering
* Tue Dec 13 2016 Jeanne Greulich <jgreulich.greulich@onyxpoint.com> - 6.0.0-0
- Global catalyst updates
- Strong Type updates
- Changed default for pki directory to /etc/pki/simp from /etc/pki
* Wed Nov 23 2016 Jeanne Greulich <jgreulich.greulich@onyxpoint.com> - 5.0.0-0
- update requirement versions
* Mon Nov 21 2016 Chris Tessmer <chris.tessmer@onyxpoint.com> - 5.0.0-0
- Updated to compliance_markup version 2
* Fri Sep 30 2016 Chris Tessmer <chris.tessmer@onyxpoint.com> - 4.2.4-0
- Fixed dependencies in `metadata.json` prior to a Forge push.
* Wed Jul 06 2016 Trevor Vaughan <tvaughan@onyxpoint.com> - 4.2.3-0
- Fixed a permissions flapping issue between a file resource and the 'sync'
provider.
* Tue Apr 12 2016 Kendall Moore <kendall.moore@onyxpoint.com> - 4.2.2-0
- Removed custom type deprecation warning
* Mon Mar 28 2016 Trevor Vaughan <tvaughan@onyxpoint.com> - 4.2.1-0
- Removed extraneous cacerts keys
- Updated the README
- Fixed code comments
* Sat Mar 19 2016 Trevor Vaughan <tvaughan@onyxpoint.com> - 4.2.0-0
- Added the ability to copy from arbitrary OS locations for pki::copy. This was
mainly to support stunnel.
* Tue Feb 23 2016 Ralph Wright <ralph.wright@onyxpoint.com> - 4.1.0-9
- Added compliance function support
* Mon Jan 18 2016 Carl Caum <carl@puppetlabs.com> - 4.1.0-8
- Allow PKI file content source to be modified.
* Mon Dec 14 2015 Trevor Vaughan <tvaughan@onyxpoint.com> - 4.1.0-7
- Remove erroneous test5.simp.vm key from the keydist directory
* Mon Nov 09 2015 Chris Tessmer <chris.tessmer@onyxpoint.com> - 4.1.0-6
- Migration to simplib and simpcat (lib/ only)
* Tue Oct 13 2015 Nick Markowski <nmarkowski@keywcorp.com> - 4.1.0-5
- If a directory is placed in keydist/cacerts, the directory structure is copied
to pki/cacerts, and all certs in subdirectories are appended to cacerts.pem.
- If a directory is removed from keydist/cacerts, it is now forcibly removed
from .cacerts_ingress.
* Thu Feb 12 2015 Trevor Vaughan <tvaughan@onyxpoint.com> - 4.1.0-4
- Moved things to the new 'simp' environment
- Ensure the requirements on packages are appropriately defined
* Mon Feb 09 2015 Nick Markowski <nmarkowski@keywcorp.com> - 4.1.0-3
- A public RSA key is now generated off off the system private key, and
placed in /etc/pki/public/fqdn_rsa.pem
* Sun Jun 22 2014 Kendall Moore <kmoore@keywcorp.com> - 4.1.0-2
- Removed MD5 file checksums for FIPS compliance.
* Fri Jun 20 2014 Trevor Vaughan <tvaughan@onyxpoint.com> - 4.1.0-2
- Modified code in the pki_cert_sync provider for Ruby 2
compatibility.
* Thu May 15 2014 Kendall Moore <kmoore@keywcorp.com> - 4.1.0-1
- Updated pki_cert_sync to (re)build a concatenated cacerts.pem file which is
a bundled file of all valid CA certs in /etc/pki/cacerts.
* Tue Apr 08 2014 Kendall Moore <kmoore@keywcorp.com> - 4.1.0-0
- Updated manifests for puppet 3 and hiera compatibility.
- Refactored manifests to pass all lint tests.
- Removed the pki::pre class as all functionality now exists in the pki class.
- Added spec tests.
* Mon Mar 17 2014 Trevor Vaughan <tvaughan@onyxpoint.com> - 3.0.0-0
- Added a pki::copy define for properly copying the entire PKI set to an
alternate location on the system with proper ordering.
- Rolled the pki::pre class into the main pki class.
* Mon Feb 17 2014 Kendall Moore <kmoore@keywcorp.com> - 2.0.0-6
- Added autorequire to pki_cert_sync for file destination.
* Fri May 31 2013 Trevor Vaughan <tvaughan@onyxpoint.com> - 2.0.0-5
- Created a native type to replace the hack set of execs for CA certificate
synchronization. This is not perfect but it is far faster and better.
Ideally, the type would be able to pull the files from the Puppet server
itself. Also, the file resource for '/etc/pki/cacerts' was preserved for
legacy code notification compatibility.
* Wed Apr 11 2012 Trevor Vaughan <tvaughan@onyxpoint.com> - 2.0.0-4
- Moved mit-tests to /usr/share/simp...
- Updated pp files to better meet Puppet's recommended style guide.
* Fri Mar 02 2012 Trevor Vaughan <tvaughan@onyxpoint.com> - 2.0.0-3
- Improved test stubs.
* Wed Dec 14 2011 Trevor Vaughan <tvaughan@onyxpoint.com> - 2.0.0-2
- Added an initial suite of tests
- Fixed the creation of certificate hashes and now hash on 'subject' not 'issuer'.
- Updated the spec file to not require a separate file list.
- The certificate hash script had errors with cert hashes beginning with a '0'
as well as hashing on the issuer not the subject. Also, cleaned up the way
the intermediate directory cleanup is handled.
* Thu Oct 27 2011 Trevor Vaughan <tvaughan@onyxpoint.com> - 2.0.0-1
- Updated the PKI module to create a two-step certificate placement so that the
certificate hashes can be generated on the client. This is done due to RHEL6
using a different hashing algorithm than RHEL5
* Tue Jan 11 2011 Trevor Vaughan <tvaughan@onyxpoint.com> - 2.0.0-0
- Refactored for SIMP-2.0.0-alpha release
* Tue Oct 26 2010 Trevor Vaughan <tvaughan@onyxpoint.com> - 1-2
- Converting all spec files to check for directories prior to copy.
* Thu Jun 10 2010 Trevor Vaughan <tvaughan@onyxpoint.com> - 1.0-1
- No templates to copy in caused an RPM build failure.
* Mon May 24 2010 Trevor Vaughan <tvaughan@onyxpoint.com> - 1.0-0
- Code refactor and doc updates.