diff --git a/.github/workflows/version_check.yml b/.github/workflows/version_check.yml index 3aadafad..3828743a 100644 --- a/.github/workflows/version_check.yml +++ b/.github/workflows/version_check.yml @@ -1,8 +1,11 @@ --- -name: Comparing PR version with the latest version +name: Comparing PR version with the main version on: - pull_request: + pull_request_target: + types: + - opened + - synchronize branches: - main @@ -20,6 +23,13 @@ jobs: fetch-depth: 0 ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} + path: pr + + - name: Cloning Catapult main repository... + uses: actions/checkout@v4 + with: + fetch-depth: 0 + path: main - name: Comparing PR version with main... run: | @@ -30,10 +40,9 @@ jobs: export C_RST="\x1b[0m" VERSION_FILE="nova/core/galaxy.yml" - REMOTE_VERSION_URL="${{ vars.PROJECT_VERSION_FILE_URL }}" - PR_VERSION=$(cat $VERSION_FILE | grep "version:" | cut -d " " -f 2) - CURRENT_VERSION=$(curl "$REMOTE_VERSION_URL" -s | grep "version:" | cut -d " " -f 2) + PR_VERSION=$(cat pr/$VERSION_FILE | grep "version:" | cut -d " " -f 2) + CURRENT_VERSION=$(cat main/$VERSION_FILE | grep "version:" | cut -d " " -f 2) echo -n -e "${C_YELLOW}" echo -e "Pull Request Version - $PR_VERSION" diff --git a/nova/core/galaxy.yml b/nova/core/galaxy.yml index 60273878..9cfc495d 100644 --- a/nova/core/galaxy.yml +++ b/nova/core/galaxy.yml @@ -1,6 +1,6 @@ namespace: nova name: core -version: 3.3.2 +version: 3.4.14 readme: README.md authors: - https://github.com/novateams diff --git a/nova/core/requirements/poetry.lock b/nova/core/requirements/poetry.lock index 1725d159..9f58739a 100644 --- a/nova/core/requirements/poetry.lock +++ b/nova/core/requirements/poetry.lock @@ -416,13 +416,13 @@ tests-mypy = ["mypy (>=1.11.1)", "pytest-mypy-plugins"] [[package]] name = "azure-cli-core" -version = "2.63.0" +version = "2.64.0" description = "Microsoft Azure Command-Line Tools Core Module" optional = false python-versions = ">=3.8.0" files = [ - {file = "azure_cli_core-2.63.0-py3-none-any.whl", hash = "sha256:3c5dab56a6ed81cde92a4f3f5973afae5b6608b987abc4edbaadcc29bcf0fe96"}, - {file = "azure_cli_core-2.63.0.tar.gz", hash = "sha256:64af824d75013d2ff1d8fc500b41610e029946468ca034703e23b943330c6de7"}, + {file = "azure_cli_core-2.64.0-py3-none-any.whl", hash = "sha256:82ead13bb916df364559160889161621f8c28f3d5ded3352b126807c10c9a13d"}, + {file = "azure_cli_core-2.64.0.tar.gz", hash = "sha256:df449beb1604ef50aaadb509ae8fbbc44e5b92a46e358faec2ce0db6f0e19a4f"}, ] [package.dependencies] @@ -846,19 +846,20 @@ isodate = ">=0.6.1,<1.0.0" [[package]] name = "azure-mgmt-eventhub" -version = "11.0.0" +version = "11.1.0" description = "Microsoft Azure Event Hub Management Client Library for Python" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" files = [ - {file = "azure-mgmt-eventhub-11.0.0.zip", hash = "sha256:17107d4e85dde8f675794acc58302d6ce98a7254ee03f41d3fbd96b06ef36b96"}, - {file = "azure_mgmt_eventhub-11.0.0-py3-none-any.whl", hash = "sha256:e8db29d76c6ebc914af225bc409b2be1184989b96877f6d9ac5efe3f09feb083"}, + {file = "azure_mgmt_eventhub-11.1.0-py3-none-any.whl", hash = "sha256:1a084c2b7a3a2586acd31a196498403d2c8246daada4a7cb02dd17407fbf3421"}, + {file = "azure_mgmt_eventhub-11.1.0.tar.gz", hash = "sha256:e3b8fe09abae67c5da884e7b6f0de44e2f827c5b8009a652b951fb2d20fcb392"}, ] [package.dependencies] -azure-common = ">=1.1,<2.0" -azure-mgmt-core = ">=1.3.2,<2.0.0" -isodate = ">=0.6.1,<1.0.0" +azure-common = ">=1.1" +azure-mgmt-core = ">=1.3.2" +isodate = ">=0.6.1" +typing-extensions = ">=4.6.0" [[package]] name = "azure-mgmt-hdinsight" @@ -1361,17 +1362,17 @@ uvloop = ["uvloop (>=0.15.2)"] [[package]] name = "boto3" -version = "1.35.7" +version = "1.35.11" description = "The AWS SDK for Python" optional = false python-versions = ">=3.8" files = [ - {file = "boto3-1.35.7-py3-none-any.whl", hash = "sha256:bfbdf7c8f2e3eb70e4309cdcf5c9c7940e1fed4f645cdfb52581e7e67d3c8cab"}, - {file = "boto3-1.35.7.tar.gz", hash = "sha256:05bd349cf260ba177924f38d721e427e2b3a6dd0fa8a18fa4ffc1b889633b181"}, + {file = "boto3-1.35.11-py3-none-any.whl", hash = "sha256:f5834dd908edda56c3da86b908693c7cd1c17c2f8150de736e9e90c56ecc78f6"}, + {file = "boto3-1.35.11.tar.gz", hash = "sha256:bdfb8dd2564e5cf2f5095fb8e3a0a4612202654c1196692dddd9bc48aadc7657"}, ] [package.dependencies] -botocore = ">=1.35.7,<1.36.0" +botocore = ">=1.35.11,<1.36.0" jmespath = ">=0.7.1,<2.0.0" s3transfer = ">=0.10.0,<0.11.0" @@ -1380,13 +1381,13 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"] [[package]] name = "botocore" -version = "1.35.7" +version = "1.35.11" description = "Low-level, data-driven core of boto 3." optional = false python-versions = ">=3.8" files = [ - {file = "botocore-1.35.7-py3-none-any.whl", hash = "sha256:324e58518a92f2946bc6653e5e1272bc88d4b6313413f938bdc51cb90d34cbba"}, - {file = "botocore-1.35.7.tar.gz", hash = "sha256:85e4b58f2c6e54dfbf52eaee72ebc9b70188fd1716d47f626874abadcee45512"}, + {file = "botocore-1.35.11-py3-none-any.whl", hash = "sha256:e9b647b6cf1f63fd701c27433802d1c4342838a37fd152b40fe53b967fd19af4"}, + {file = "botocore-1.35.11.tar.gz", hash = "sha256:f5f671f8f9566f28bed496017ea94d275ca5c253e9e4f91cd56cb7a293e37d0c"}, ] [package.dependencies] @@ -1410,13 +1411,13 @@ files = [ [[package]] name = "certifi" -version = "2024.7.4" +version = "2024.8.30" description = "Python package for providing Mozilla's CA Bundle." optional = false python-versions = ">=3.6" files = [ - {file = "certifi-2024.7.4-py3-none-any.whl", hash = "sha256:c198e21b1289c2ab85ee4e67bb4b4ef3ead0892059901a8d5b622f24a1101e90"}, - {file = "certifi-2024.7.4.tar.gz", hash = "sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b"}, + {file = "certifi-2024.8.30-py3-none-any.whl", hash = "sha256:922820b53db7a7257ffbda3f597266d435245903d80737e34f8a45ff3e3230d8"}, + {file = "certifi-2024.8.30.tar.gz", hash = "sha256:bec941d2aa8195e248a60b31ff9f0558284cf01a52591ceda73ea9afffd69fd9"}, ] [[package]] @@ -1624,38 +1625,38 @@ files = [ [[package]] name = "cryptography" -version = "43.0.0" +version = "43.0.1" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." optional = false python-versions = ">=3.7" files = [ - {file = "cryptography-43.0.0-cp37-abi3-macosx_10_9_universal2.whl", hash = "sha256:64c3f16e2a4fc51c0d06af28441881f98c5d91009b8caaff40cf3548089e9c74"}, - {file = "cryptography-43.0.0-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3dcdedae5c7710b9f97ac6bba7e1052b95c7083c9d0e9df96e02a1932e777895"}, - {file = "cryptography-43.0.0-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3d9a1eca329405219b605fac09ecfc09ac09e595d6def650a437523fcd08dd22"}, - {file = "cryptography-43.0.0-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:ea9e57f8ea880eeea38ab5abf9fbe39f923544d7884228ec67d666abd60f5a47"}, - {file = "cryptography-43.0.0-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:9a8d6802e0825767476f62aafed40532bd435e8a5f7d23bd8b4f5fd04cc80ecf"}, - {file = "cryptography-43.0.0-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:cc70b4b581f28d0a254d006f26949245e3657d40d8857066c2ae22a61222ef55"}, - {file = "cryptography-43.0.0-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:4a997df8c1c2aae1e1e5ac49c2e4f610ad037fc5a3aadc7b64e39dea42249431"}, - {file = "cryptography-43.0.0-cp37-abi3-win32.whl", hash = "sha256:6e2b11c55d260d03a8cf29ac9b5e0608d35f08077d8c087be96287f43af3ccdc"}, - {file = "cryptography-43.0.0-cp37-abi3-win_amd64.whl", hash = "sha256:31e44a986ceccec3d0498e16f3d27b2ee5fdf69ce2ab89b52eaad1d2f33d8778"}, - {file = "cryptography-43.0.0-cp39-abi3-macosx_10_9_universal2.whl", hash = "sha256:7b3f5fe74a5ca32d4d0f302ffe6680fcc5c28f8ef0dc0ae8f40c0f3a1b4fca66"}, - {file = "cryptography-43.0.0-cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ac1955ce000cb29ab40def14fd1bbfa7af2017cca696ee696925615cafd0dce5"}, - {file = "cryptography-43.0.0-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:299d3da8e00b7e2b54bb02ef58d73cd5f55fb31f33ebbf33bd00d9aa6807df7e"}, - {file = "cryptography-43.0.0-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:ee0c405832ade84d4de74b9029bedb7b31200600fa524d218fc29bfa371e97f5"}, - {file = "cryptography-43.0.0-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:cb013933d4c127349b3948aa8aaf2f12c0353ad0eccd715ca789c8a0f671646f"}, - {file = "cryptography-43.0.0-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:fdcb265de28585de5b859ae13e3846a8e805268a823a12a4da2597f1f5afc9f0"}, - {file = "cryptography-43.0.0-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:2905ccf93a8a2a416f3ec01b1a7911c3fe4073ef35640e7ee5296754e30b762b"}, - {file = "cryptography-43.0.0-cp39-abi3-win32.whl", hash = "sha256:47ca71115e545954e6c1d207dd13461ab81f4eccfcb1345eac874828b5e3eaaf"}, - {file = "cryptography-43.0.0-cp39-abi3-win_amd64.whl", hash = "sha256:0663585d02f76929792470451a5ba64424acc3cd5227b03921dab0e2f27b1709"}, - {file = "cryptography-43.0.0-pp310-pypy310_pp73-macosx_10_9_x86_64.whl", hash = "sha256:2c6d112bf61c5ef44042c253e4859b3cbbb50df2f78fa8fae6747a7814484a70"}, - {file = "cryptography-43.0.0-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:844b6d608374e7d08f4f6e6f9f7b951f9256db41421917dfb2d003dde4cd6b66"}, - {file = "cryptography-43.0.0-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:51956cf8730665e2bdf8ddb8da0056f699c1a5715648c1b0144670c1ba00b48f"}, - {file = "cryptography-43.0.0-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:aae4d918f6b180a8ab8bf6511a419473d107df4dbb4225c7b48c5c9602c38c7f"}, - {file = "cryptography-43.0.0-pp39-pypy39_pp73-macosx_10_9_x86_64.whl", hash = "sha256:232ce02943a579095a339ac4b390fbbe97f5b5d5d107f8a08260ea2768be8cc2"}, - {file = "cryptography-43.0.0-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:5bcb8a5620008a8034d39bce21dc3e23735dfdb6a33a06974739bfa04f853947"}, - {file = "cryptography-43.0.0-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:08a24a7070b2b6804c1940ff0f910ff728932a9d0e80e7814234269f9d46d069"}, - {file = "cryptography-43.0.0-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:e9c5266c432a1e23738d178e51c2c7a5e2ddf790f248be939448c0ba2021f9d1"}, - {file = "cryptography-43.0.0.tar.gz", hash = "sha256:b88075ada2d51aa9f18283532c9f60e72170041bba88d7f37e49cbb10275299e"}, + {file = "cryptography-43.0.1-cp37-abi3-macosx_10_9_universal2.whl", hash = "sha256:8385d98f6a3bf8bb2d65a73e17ed87a3ba84f6991c155691c51112075f9ffc5d"}, + {file = "cryptography-43.0.1-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:27e613d7077ac613e399270253259d9d53872aaf657471473ebfc9a52935c062"}, + {file = "cryptography-43.0.1-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:68aaecc4178e90719e95298515979814bda0cbada1256a4485414860bd7ab962"}, + {file = "cryptography-43.0.1-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:de41fd81a41e53267cb020bb3a7212861da53a7d39f863585d13ea11049cf277"}, + {file = "cryptography-43.0.1-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:f98bf604c82c416bc829e490c700ca1553eafdf2912a91e23a79d97d9801372a"}, + {file = "cryptography-43.0.1-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:61ec41068b7b74268fa86e3e9e12b9f0c21fcf65434571dbb13d954bceb08042"}, + {file = "cryptography-43.0.1-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:014f58110f53237ace6a408b5beb6c427b64e084eb451ef25a28308270086494"}, + {file = "cryptography-43.0.1-cp37-abi3-win32.whl", hash = "sha256:2bd51274dcd59f09dd952afb696bf9c61a7a49dfc764c04dd33ef7a6b502a1e2"}, + {file = "cryptography-43.0.1-cp37-abi3-win_amd64.whl", hash = "sha256:666ae11966643886c2987b3b721899d250855718d6d9ce41b521252a17985f4d"}, + {file = "cryptography-43.0.1-cp39-abi3-macosx_10_9_universal2.whl", hash = "sha256:ac119bb76b9faa00f48128b7f5679e1d8d437365c5d26f1c2c3f0da4ce1b553d"}, + {file = "cryptography-43.0.1-cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1bbcce1a551e262dfbafb6e6252f1ae36a248e615ca44ba302df077a846a8806"}, + {file = "cryptography-43.0.1-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:58d4e9129985185a06d849aa6df265bdd5a74ca6e1b736a77959b498e0505b85"}, + {file = "cryptography-43.0.1-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:d03a475165f3134f773d1388aeb19c2d25ba88b6a9733c5c590b9ff7bbfa2e0c"}, + {file = "cryptography-43.0.1-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:511f4273808ab590912a93ddb4e3914dfd8a388fed883361b02dea3791f292e1"}, + {file = "cryptography-43.0.1-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:80eda8b3e173f0f247f711eef62be51b599b5d425c429b5d4ca6a05e9e856baa"}, + {file = "cryptography-43.0.1-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:38926c50cff6f533f8a2dae3d7f19541432610d114a70808f0926d5aaa7121e4"}, + {file = "cryptography-43.0.1-cp39-abi3-win32.whl", hash = "sha256:a575913fb06e05e6b4b814d7f7468c2c660e8bb16d8d5a1faf9b33ccc569dd47"}, + {file = "cryptography-43.0.1-cp39-abi3-win_amd64.whl", hash = "sha256:d75601ad10b059ec832e78823b348bfa1a59f6b8d545db3a24fd44362a1564cb"}, + {file = "cryptography-43.0.1-pp310-pypy310_pp73-macosx_10_9_x86_64.whl", hash = "sha256:ea25acb556320250756e53f9e20a4177515f012c9eaea17eb7587a8c4d8ae034"}, + {file = "cryptography-43.0.1-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:c1332724be35d23a854994ff0b66530119500b6053d0bd3363265f7e5e77288d"}, + {file = "cryptography-43.0.1-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:fba1007b3ef89946dbbb515aeeb41e30203b004f0b4b00e5e16078b518563289"}, + {file = "cryptography-43.0.1-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:5b43d1ea6b378b54a1dc99dd8a2b5be47658fe9a7ce0a58ff0b55f4b43ef2b84"}, + {file = "cryptography-43.0.1-pp39-pypy39_pp73-macosx_10_9_x86_64.whl", hash = "sha256:88cce104c36870d70c49c7c8fd22885875d950d9ee6ab54df2745f83ba0dc365"}, + {file = "cryptography-43.0.1-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:9d3cdb25fa98afdd3d0892d132b8d7139e2c087da1712041f6b762e4f807cc96"}, + {file = "cryptography-43.0.1-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:e710bf40870f4db63c3d7d929aa9e09e4e7ee219e703f949ec4073b4294f6172"}, + {file = "cryptography-43.0.1-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:7c05650fe8023c5ed0d46793d4b7d7e6cd9c04e68eabe5b0aeea836e37bdcec2"}, + {file = "cryptography-43.0.1.tar.gz", hash = "sha256:203e92a75716d8cfb491dc47c79e17d0d9207ccffcbcb35f598fbe463ae3444d"}, ] [package.dependencies] @@ -1668,7 +1669,7 @@ nox = ["nox"] pep8test = ["check-sdist", "click", "mypy", "ruff"] sdist = ["build"] ssh = ["bcrypt (>=3.1.5)"] -test = ["certifi", "cryptography-vectors (==43.0.0)", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-xdist"] +test = ["certifi", "cryptography-vectors (==43.0.1)", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-xdist"] test-randomorder = ["pytest-randomly"] [[package]] @@ -1971,13 +1972,13 @@ files = [ [[package]] name = "importlib-metadata" -version = "8.0.0" +version = "8.4.0" description = "Read metadata from Python packages" optional = false python-versions = ">=3.8" files = [ - {file = "importlib_metadata-8.0.0-py3-none-any.whl", hash = "sha256:15584cf2b1bf449d98ff8a6ff1abef57bf20f3ac6454f431736cd3e660921b2f"}, - {file = "importlib_metadata-8.0.0.tar.gz", hash = "sha256:188bd24e4c346d3f0a933f275c2fec67050326a856b9a359881d7c2a697e8812"}, + {file = "importlib_metadata-8.4.0-py3-none-any.whl", hash = "sha256:66f342cc6ac9818fc6ff340576acd24d65ba0b3efabb2b4ac08b598965a4a2f1"}, + {file = "importlib_metadata-8.4.0.tar.gz", hash = "sha256:9a547d3bc3608b025f93d403fdd1aae741c24fbb8314df4b155675742ce303c5"}, ] [package.dependencies] @@ -2510,13 +2511,13 @@ portalocker = ">=1.4,<3" [[package]] name = "msgraph-core" -version = "1.1.2" +version = "1.1.3" description = "Core component of the Microsoft Graph Python SDK" optional = false python-versions = ">=3.8" files = [ - {file = "msgraph_core-1.1.2-py3-none-any.whl", hash = "sha256:ed0695275d66914994a6ff71e7d71736ee4c4db3548a1021b2dd3a9605247def"}, - {file = "msgraph_core-1.1.2.tar.gz", hash = "sha256:c533cad1a23980487a4aa229dc5d9b00975fc6590e157e9f51046c6e80349288"}, + {file = "msgraph_core-1.1.3-py3-none-any.whl", hash = "sha256:c1eef715b37c8843044eb3aec45a2cffda2cb8914fb424c51bd391d89eaae725"}, + {file = "msgraph_core-1.1.3.tar.gz", hash = "sha256:276a6def64700e0b411caffea27964bd67c2cba2b88ba30f791808ef110ecd01"}, ] [package.dependencies] @@ -2732,49 +2733,49 @@ signedtoken = ["cryptography (>=3.0.0)", "pyjwt (>=2.0.0,<3)"] [[package]] name = "opentelemetry-api" -version = "1.26.0" +version = "1.27.0" description = "OpenTelemetry Python API" optional = false python-versions = ">=3.8" files = [ - {file = "opentelemetry_api-1.26.0-py3-none-any.whl", hash = "sha256:7d7ea33adf2ceda2dd680b18b1677e4152000b37ca76e679da71ff103b943064"}, - {file = "opentelemetry_api-1.26.0.tar.gz", hash = "sha256:2bd639e4bed5b18486fef0b5a520aaffde5a18fc225e808a1ac4df363f43a1ce"}, + {file = "opentelemetry_api-1.27.0-py3-none-any.whl", hash = "sha256:953d5871815e7c30c81b56d910c707588000fff7a3ca1c73e6531911d53065e7"}, + {file = "opentelemetry_api-1.27.0.tar.gz", hash = "sha256:ed673583eaa5f81b5ce5e86ef7cdaf622f88ef65f0b9aab40b843dcae5bef342"}, ] [package.dependencies] deprecated = ">=1.2.6" -importlib-metadata = ">=6.0,<=8.0.0" +importlib-metadata = ">=6.0,<=8.4.0" [[package]] name = "opentelemetry-sdk" -version = "1.26.0" +version = "1.27.0" description = "OpenTelemetry Python SDK" optional = false python-versions = ">=3.8" files = [ - {file = "opentelemetry_sdk-1.26.0-py3-none-any.whl", hash = "sha256:feb5056a84a88670c041ea0ded9921fca559efec03905dddeb3885525e0af897"}, - {file = "opentelemetry_sdk-1.26.0.tar.gz", hash = "sha256:c90d2868f8805619535c05562d699e2f4fb1f00dbd55a86dcefca4da6fa02f85"}, + {file = "opentelemetry_sdk-1.27.0-py3-none-any.whl", hash = "sha256:365f5e32f920faf0fd9e14fdfd92c086e317eaa5f860edba9cdc17a380d9197d"}, + {file = "opentelemetry_sdk-1.27.0.tar.gz", hash = "sha256:d525017dea0ccce9ba4e0245100ec46ecdc043f2d7b8315d56b19aff0904fa6f"}, ] [package.dependencies] -opentelemetry-api = "1.26.0" -opentelemetry-semantic-conventions = "0.47b0" +opentelemetry-api = "1.27.0" +opentelemetry-semantic-conventions = "0.48b0" typing-extensions = ">=3.7.4" [[package]] name = "opentelemetry-semantic-conventions" -version = "0.47b0" +version = "0.48b0" description = "OpenTelemetry Semantic Conventions" optional = false python-versions = ">=3.8" files = [ - {file = "opentelemetry_semantic_conventions-0.47b0-py3-none-any.whl", hash = "sha256:4ff9d595b85a59c1c1413f02bba320ce7ea6bf9e2ead2b0913c4395c7bbc1063"}, - {file = "opentelemetry_semantic_conventions-0.47b0.tar.gz", hash = "sha256:a8d57999bbe3495ffd4d510de26a97dadc1dace53e0275001b2c1b2f67992a7e"}, + {file = "opentelemetry_semantic_conventions-0.48b0-py3-none-any.whl", hash = "sha256:a0de9f45c413a8669788a38569c7e0a11ce6ce97861a628cca785deecdc32a1f"}, + {file = "opentelemetry_semantic_conventions-0.48b0.tar.gz", hash = "sha256:12d74983783b6878162208be57c9effcb89dc88691c64992d70bb89dc00daa1a"}, ] [package.dependencies] deprecated = ">=1.2.6" -opentelemetry-api = "1.26.0" +opentelemetry-api = "1.27.0" [[package]] name = "packaging" @@ -3930,13 +3931,13 @@ files = [ [[package]] name = "std-uritemplate" -version = "1.0.5" +version = "1.0.6" description = "std-uritemplate implementation for Python" optional = false python-versions = "<4.0,>=3.8" files = [ - {file = "std_uritemplate-1.0.5-py3-none-any.whl", hash = "sha256:8daf745b350ef3bc7b4ef82460a6c48aa459ca65fce8bda8657178959e3832d7"}, - {file = "std_uritemplate-1.0.5.tar.gz", hash = "sha256:6ea31e72f96ab2b54d93c774de2175ce5350a833fbf7c024bb3718a3a539f605"}, + {file = "std_uritemplate-1.0.6-py3-none-any.whl", hash = "sha256:52f575b088721e6e698303b90eb8de04c2820afa946ee9f923a19dd7c21c7f23"}, + {file = "std_uritemplate-1.0.6.tar.gz", hash = "sha256:9bed621204a9dbb47f89ea958c97c463d15f28bccbc801aab8c9b0d75719ec62"}, ] [[package]] @@ -4153,101 +4154,103 @@ dev = ["doc8", "flake8", "flake8-import-order", "rstcheck[sphinx]", "sphinx"] [[package]] name = "yarl" -version = "1.9.4" +version = "1.9.8" description = "Yet another URL library" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" files = [ - {file = "yarl-1.9.4-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:a8c1df72eb746f4136fe9a2e72b0c9dc1da1cbd23b5372f94b5820ff8ae30e0e"}, - {file = "yarl-1.9.4-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:a3a6ed1d525bfb91b3fc9b690c5a21bb52de28c018530ad85093cc488bee2dd2"}, - {file = "yarl-1.9.4-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:c38c9ddb6103ceae4e4498f9c08fac9b590c5c71b0370f98714768e22ac6fa66"}, - {file = "yarl-1.9.4-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d9e09c9d74f4566e905a0b8fa668c58109f7624db96a2171f21747abc7524234"}, - {file = "yarl-1.9.4-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b8477c1ee4bd47c57d49621a062121c3023609f7a13b8a46953eb6c9716ca392"}, - {file = "yarl-1.9.4-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d5ff2c858f5f6a42c2a8e751100f237c5e869cbde669a724f2062d4c4ef93551"}, - {file = "yarl-1.9.4-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:357495293086c5b6d34ca9616a43d329317feab7917518bc97a08f9e55648455"}, - {file = "yarl-1.9.4-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:54525ae423d7b7a8ee81ba189f131054defdb122cde31ff17477951464c1691c"}, - {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:801e9264d19643548651b9db361ce3287176671fb0117f96b5ac0ee1c3530d53"}, - {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:e516dc8baf7b380e6c1c26792610230f37147bb754d6426462ab115a02944385"}, - {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_ppc64le.whl", hash = "sha256:7d5aaac37d19b2904bb9dfe12cdb08c8443e7ba7d2852894ad448d4b8f442863"}, - {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_s390x.whl", hash = "sha256:54beabb809ffcacbd9d28ac57b0db46e42a6e341a030293fb3185c409e626b8b"}, - {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:bac8d525a8dbc2a1507ec731d2867025d11ceadcb4dd421423a5d42c56818541"}, - {file = "yarl-1.9.4-cp310-cp310-win32.whl", hash = "sha256:7855426dfbddac81896b6e533ebefc0af2f132d4a47340cee6d22cac7190022d"}, - {file = "yarl-1.9.4-cp310-cp310-win_amd64.whl", hash = "sha256:848cd2a1df56ddbffeb375535fb62c9d1645dde33ca4d51341378b3f5954429b"}, - {file = "yarl-1.9.4-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:35a2b9396879ce32754bd457d31a51ff0a9d426fd9e0e3c33394bf4b9036b099"}, - {file = "yarl-1.9.4-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:4c7d56b293cc071e82532f70adcbd8b61909eec973ae9d2d1f9b233f3d943f2c"}, - {file = "yarl-1.9.4-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:d8a1c6c0be645c745a081c192e747c5de06e944a0d21245f4cf7c05e457c36e0"}, - {file = "yarl-1.9.4-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4b3c1ffe10069f655ea2d731808e76e0f452fc6c749bea04781daf18e6039525"}, - {file = "yarl-1.9.4-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:549d19c84c55d11687ddbd47eeb348a89df9cb30e1993f1b128f4685cd0ebbf8"}, - {file = "yarl-1.9.4-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a7409f968456111140c1c95301cadf071bd30a81cbd7ab829169fb9e3d72eae9"}, - {file = "yarl-1.9.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e23a6d84d9d1738dbc6e38167776107e63307dfc8ad108e580548d1f2c587f42"}, - {file = "yarl-1.9.4-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d8b889777de69897406c9fb0b76cdf2fd0f31267861ae7501d93003d55f54fbe"}, - {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:03caa9507d3d3c83bca08650678e25364e1843b484f19986a527630ca376ecce"}, - {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:4e9035df8d0880b2f1c7f5031f33f69e071dfe72ee9310cfc76f7b605958ceb9"}, - {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_ppc64le.whl", hash = "sha256:c0ec0ed476f77db9fb29bca17f0a8fcc7bc97ad4c6c1d8959c507decb22e8572"}, - {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_s390x.whl", hash = "sha256:ee04010f26d5102399bd17f8df8bc38dc7ccd7701dc77f4a68c5b8d733406958"}, - {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:49a180c2e0743d5d6e0b4d1a9e5f633c62eca3f8a86ba5dd3c471060e352ca98"}, - {file = "yarl-1.9.4-cp311-cp311-win32.whl", hash = "sha256:81eb57278deb6098a5b62e88ad8281b2ba09f2f1147c4767522353eaa6260b31"}, - {file = "yarl-1.9.4-cp311-cp311-win_amd64.whl", hash = "sha256:d1d2532b340b692880261c15aee4dc94dd22ca5d61b9db9a8a361953d36410b1"}, - {file = "yarl-1.9.4-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:0d2454f0aef65ea81037759be5ca9947539667eecebca092733b2eb43c965a81"}, - {file = "yarl-1.9.4-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:44d8ffbb9c06e5a7f529f38f53eda23e50d1ed33c6c869e01481d3fafa6b8142"}, - {file = "yarl-1.9.4-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:aaaea1e536f98754a6e5c56091baa1b6ce2f2700cc4a00b0d49eca8dea471074"}, - {file = "yarl-1.9.4-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3777ce5536d17989c91696db1d459574e9a9bd37660ea7ee4d3344579bb6f129"}, - {file = "yarl-1.9.4-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9fc5fc1eeb029757349ad26bbc5880557389a03fa6ada41703db5e068881e5f2"}, - {file = "yarl-1.9.4-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:ea65804b5dc88dacd4a40279af0cdadcfe74b3e5b4c897aa0d81cf86927fee78"}, - {file = "yarl-1.9.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:aa102d6d280a5455ad6a0f9e6d769989638718e938a6a0a2ff3f4a7ff8c62cc4"}, - {file = "yarl-1.9.4-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:09efe4615ada057ba2d30df871d2f668af661e971dfeedf0c159927d48bbeff0"}, - {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:008d3e808d03ef28542372d01057fd09168419cdc8f848efe2804f894ae03e51"}, - {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:6f5cb257bc2ec58f437da2b37a8cd48f666db96d47b8a3115c29f316313654ff"}, - {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_ppc64le.whl", hash = "sha256:992f18e0ea248ee03b5a6e8b3b4738850ae7dbb172cc41c966462801cbf62cf7"}, - {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_s390x.whl", hash = "sha256:0e9d124c191d5b881060a9e5060627694c3bdd1fe24c5eecc8d5d7d0eb6faabc"}, - {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:3986b6f41ad22988e53d5778f91855dc0399b043fc8946d4f2e68af22ee9ff10"}, - {file = "yarl-1.9.4-cp312-cp312-win32.whl", hash = "sha256:4b21516d181cd77ebd06ce160ef8cc2a5e9ad35fb1c5930882baff5ac865eee7"}, - {file = "yarl-1.9.4-cp312-cp312-win_amd64.whl", hash = "sha256:a9bd00dc3bc395a662900f33f74feb3e757429e545d831eef5bb280252631984"}, - {file = "yarl-1.9.4-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:63b20738b5aac74e239622d2fe30df4fca4942a86e31bf47a81a0e94c14df94f"}, - {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d7d7f7de27b8944f1fee2c26a88b4dabc2409d2fea7a9ed3df79b67277644e17"}, - {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c74018551e31269d56fab81a728f683667e7c28c04e807ba08f8c9e3bba32f14"}, - {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:ca06675212f94e7a610e85ca36948bb8fc023e458dd6c63ef71abfd482481aa5"}, - {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5aef935237d60a51a62b86249839b51345f47564208c6ee615ed2a40878dccdd"}, - {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:2b134fd795e2322b7684155b7855cc99409d10b2e408056db2b93b51a52accc7"}, - {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:d25039a474c4c72a5ad4b52495056f843a7ff07b632c1b92ea9043a3d9950f6e"}, - {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:f7d6b36dd2e029b6bcb8a13cf19664c7b8e19ab3a58e0fefbb5b8461447ed5ec"}, - {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_ppc64le.whl", hash = "sha256:957b4774373cf6f709359e5c8c4a0af9f6d7875db657adb0feaf8d6cb3c3964c"}, - {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_s390x.whl", hash = "sha256:d7eeb6d22331e2fd42fce928a81c697c9ee2d51400bd1a28803965883e13cead"}, - {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:6a962e04b8f91f8c4e5917e518d17958e3bdee71fd1d8b88cdce74dd0ebbf434"}, - {file = "yarl-1.9.4-cp37-cp37m-win32.whl", hash = "sha256:f3bc6af6e2b8f92eced34ef6a96ffb248e863af20ef4fde9448cc8c9b858b749"}, - {file = "yarl-1.9.4-cp37-cp37m-win_amd64.whl", hash = "sha256:ad4d7a90a92e528aadf4965d685c17dacff3df282db1121136c382dc0b6014d2"}, - {file = "yarl-1.9.4-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:ec61d826d80fc293ed46c9dd26995921e3a82146feacd952ef0757236fc137be"}, - {file = "yarl-1.9.4-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:8be9e837ea9113676e5754b43b940b50cce76d9ed7d2461df1af39a8ee674d9f"}, - {file = "yarl-1.9.4-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:bef596fdaa8f26e3d66af846bbe77057237cb6e8efff8cd7cc8dff9a62278bbf"}, - {file = "yarl-1.9.4-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2d47552b6e52c3319fede1b60b3de120fe83bde9b7bddad11a69fb0af7db32f1"}, - {file = "yarl-1.9.4-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:84fc30f71689d7fc9168b92788abc977dc8cefa806909565fc2951d02f6b7d57"}, - {file = "yarl-1.9.4-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:4aa9741085f635934f3a2583e16fcf62ba835719a8b2b28fb2917bb0537c1dfa"}, - {file = "yarl-1.9.4-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:206a55215e6d05dbc6c98ce598a59e6fbd0c493e2de4ea6cc2f4934d5a18d130"}, - {file = "yarl-1.9.4-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:07574b007ee20e5c375a8fe4a0789fad26db905f9813be0f9fef5a68080de559"}, - {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:5a2e2433eb9344a163aced6a5f6c9222c0786e5a9e9cac2c89f0b28433f56e23"}, - {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:6ad6d10ed9b67a382b45f29ea028f92d25bc0bc1daf6c5b801b90b5aa70fb9ec"}, - {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_ppc64le.whl", hash = "sha256:6fe79f998a4052d79e1c30eeb7d6c1c1056ad33300f682465e1b4e9b5a188b78"}, - {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_s390x.whl", hash = "sha256:a825ec844298c791fd28ed14ed1bffc56a98d15b8c58a20e0e08c1f5f2bea1be"}, - {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:8619d6915b3b0b34420cf9b2bb6d81ef59d984cb0fde7544e9ece32b4b3043c3"}, - {file = "yarl-1.9.4-cp38-cp38-win32.whl", hash = "sha256:686a0c2f85f83463272ddffd4deb5e591c98aac1897d65e92319f729c320eece"}, - {file = "yarl-1.9.4-cp38-cp38-win_amd64.whl", hash = "sha256:a00862fb23195b6b8322f7d781b0dc1d82cb3bcac346d1e38689370cc1cc398b"}, - {file = "yarl-1.9.4-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:604f31d97fa493083ea21bd9b92c419012531c4e17ea6da0f65cacdcf5d0bd27"}, - {file = "yarl-1.9.4-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:8a854227cf581330ffa2c4824d96e52ee621dd571078a252c25e3a3b3d94a1b1"}, - {file = "yarl-1.9.4-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:ba6f52cbc7809cd8d74604cce9c14868306ae4aa0282016b641c661f981a6e91"}, - {file = "yarl-1.9.4-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a6327976c7c2f4ee6816eff196e25385ccc02cb81427952414a64811037bbc8b"}, - {file = "yarl-1.9.4-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:8397a3817d7dcdd14bb266283cd1d6fc7264a48c186b986f32e86d86d35fbac5"}, - {file = "yarl-1.9.4-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:e0381b4ce23ff92f8170080c97678040fc5b08da85e9e292292aba67fdac6c34"}, - {file = "yarl-1.9.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:23d32a2594cb5d565d358a92e151315d1b2268bc10f4610d098f96b147370136"}, - {file = "yarl-1.9.4-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ddb2a5c08a4eaaba605340fdee8fc08e406c56617566d9643ad8bf6852778fc7"}, - {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:26a1dc6285e03f3cc9e839a2da83bcbf31dcb0d004c72d0730e755b33466c30e"}, - {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:18580f672e44ce1238b82f7fb87d727c4a131f3a9d33a5e0e82b793362bf18b4"}, - {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_ppc64le.whl", hash = "sha256:29e0f83f37610f173eb7e7b5562dd71467993495e568e708d99e9d1944f561ec"}, - {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_s390x.whl", hash = "sha256:1f23e4fe1e8794f74b6027d7cf19dc25f8b63af1483d91d595d4a07eca1fb26c"}, - {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:db8e58b9d79200c76956cefd14d5c90af54416ff5353c5bfd7cbe58818e26ef0"}, - {file = "yarl-1.9.4-cp39-cp39-win32.whl", hash = "sha256:c7224cab95645c7ab53791022ae77a4509472613e839dab722a72abe5a684575"}, - {file = "yarl-1.9.4-cp39-cp39-win_amd64.whl", hash = "sha256:824d6c50492add5da9374875ce72db7a0733b29c2394890aef23d533106e2b15"}, - {file = "yarl-1.9.4-py3-none-any.whl", hash = "sha256:928cecb0ef9d5a7946eb6ff58417ad2fe9375762382f1bf5c55e61645f2c43ad"}, - {file = "yarl-1.9.4.tar.gz", hash = "sha256:566db86717cf8080b99b58b083b773a908ae40f06681e87e589a976faf8246bf"}, + {file = "yarl-1.9.8-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:08359dbc3540fafa8972db45d3ef2d61370b4c24b8a028a4301bc5d076eee0e2"}, + {file = "yarl-1.9.8-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:a7a716aae4fcecadfe4648268d3c194315152715391f4af6fad50d502be122e9"}, + {file = "yarl-1.9.8-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:62223670042a219b8e6fbd2c7f35c456278dcd346d3aba3f2c01c9bdec28f37e"}, + {file = "yarl-1.9.8-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:18097a9e50ea31c61fece83bac8f63263f0c0c16c439bf82ac729c23f3b170e3"}, + {file = "yarl-1.9.8-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:5809f8a48c8dab91f708947d358271ef1890c3012d6c45719f49d04af2112057"}, + {file = "yarl-1.9.8-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:71ff7a22355241f89e850afbc8858fb671ba7e2763af32ebbea158d23a84902a"}, + {file = "yarl-1.9.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3d54e9880e781a490483200a74f6314fb6cf692a8197ccde93adf32bec95626b"}, + {file = "yarl-1.9.8-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3ad8ea6ab27e27821739dfb94fab63284e3a52055e268f04529dc082fd0d59a2"}, + {file = "yarl-1.9.8-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:b79e031524259b51cdd1ea41f5053491ad3565b9cecd76389c9f705752d14283"}, + {file = "yarl-1.9.8-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:bd91ccded75d080f13ed01a5f5796887916d2e8c0999cd68bcb58f89f9b1c29c"}, + {file = "yarl-1.9.8-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:583f48ab25b3906e3716479e8f700c4cc487e44d52766a4ea52b01cb7ea772d6"}, + {file = "yarl-1.9.8-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:2f3e89838acdaf5bbd69383c408d9e119b4e9efbe8a38fa40045b5c966f918e3"}, + {file = "yarl-1.9.8-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:a44c0b83d1871e1e1859167a1804143f590f86ac4708380852dca4d8299d8594"}, + {file = "yarl-1.9.8-cp310-cp310-win32.whl", hash = "sha256:5d39ae58a67b64b470021d18a13529d0c58efc5bf057936ec4b29092d4061030"}, + {file = "yarl-1.9.8-cp310-cp310-win_amd64.whl", hash = "sha256:f89ade31926b9931bbe29f5c62d4174057e532fb0c72e2e6abdd129fda6a60f3"}, + {file = "yarl-1.9.8-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:986296e65b0312c1da168de4ec1bb054b4a7b0ec26e3f9e8dafc06bbb1385030"}, + {file = "yarl-1.9.8-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:b4c7c015dc813aa5fe15379f3540d178e3743c0f1cf9e4a4a8bff94bd2832a4d"}, + {file = "yarl-1.9.8-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:22b2db22f72e1cb8a552ae12dfb748167153c7cbf353c62781915b5328bf2561"}, + {file = "yarl-1.9.8-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:b4a567416bfb2a2b093aa64685aa7b6dfb593888784ef91b16fa6b985cceb951"}, + {file = "yarl-1.9.8-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:178f4ab054f3a5dc84c8091bd7395b6713aac83af893b62259d5eb3f5359ce7f"}, + {file = "yarl-1.9.8-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:02fe9809b29a7dc4a27b769a43c556288d949205db54338871a122b64751e0f4"}, + {file = "yarl-1.9.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c885a81f6c89b0d45fc0dd88e005c77dd8ba1dac421466d0dbb9192ce6d34e1e"}, + {file = "yarl-1.9.8-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:99f78f45c8b4c9824e1a37eb0a3ae63ad2dff66434d9620265a4256088be9cda"}, + {file = "yarl-1.9.8-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:30929a10be9a13026fd68377aba3223d633370abb93dadd3932754f3dcf4734a"}, + {file = "yarl-1.9.8-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:ee7c00a1979b3f23c8094dce6d9875453b3cb91b1153d9efaefa6773cf80cdb0"}, + {file = "yarl-1.9.8-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:e89d76b2aa11287f038a37577528c5f62d9385020b795a011f60dfd1b217cf9f"}, + {file = "yarl-1.9.8-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:81fde88456d2cbe005e16aca78ef744f322b3b15184dfe41b5b04f97b46aa5be"}, + {file = "yarl-1.9.8-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:b3dca0a4e192207f8bb4057725ff95e9a14d53a04728742f2b03692fc91b0a43"}, + {file = "yarl-1.9.8-cp311-cp311-win32.whl", hash = "sha256:9ea3a8532ea9fc2eeb6fc3def0c341aaeab7625545844f9c0a15350c17f9f479"}, + {file = "yarl-1.9.8-cp311-cp311-win_amd64.whl", hash = "sha256:c810606719683f4ab92127712efe283674d6ed29a627374411c762852913c2dd"}, + {file = "yarl-1.9.8-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:b3d373373908e687aa4c8b0666870b0cf65605254ba0819ed8d5af2fc0780496"}, + {file = "yarl-1.9.8-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:e3d1be58e28825a14fb9561733de62fbe95c892febe7d7a9ebcde916c531d603"}, + {file = "yarl-1.9.8-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:7318736a8ee9de8217d590866dd716fa3c0895e684e2ec6152d945a4ab758043"}, + {file = "yarl-1.9.8-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:db3dd602cbf6613dc1e4a6fbde7a1bee86948e5940086090bb505c2ab959bbdf"}, + {file = "yarl-1.9.8-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c5950226b128a1610f57c1f756fc611fdbdcb1e6b4497ccb05fce76a38915b07"}, + {file = "yarl-1.9.8-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:b341a995673180ed81a1040228a59e0b47ee687e367b1a03d829fa3c0eb4607e"}, + {file = "yarl-1.9.8-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9f912153a34698994f32cf683d966014b0dd99c73481302d6159bcb3a8303e84"}, + {file = "yarl-1.9.8-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:9ceab2b16043ae1953863ec240eb918ba1ac40d2aad55225141aac288c606442"}, + {file = "yarl-1.9.8-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:7c0d2bc2646ae2380bb91b9ddc2eb1e1fa6baef128499e817134d1d50c8b6c56"}, + {file = "yarl-1.9.8-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:ebd98e16ff9948e4d31514c937275017a122b765cb89961dd5d44ecd2cc18140"}, + {file = "yarl-1.9.8-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:83273ca458c85d7b026c770a86df6e36349e85100bd2cefe6d0ad7167a8f12a6"}, + {file = "yarl-1.9.8-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:4511dd73b6aeda0cc39111839923f1545726d621813c9d13355824fba328dbcf"}, + {file = "yarl-1.9.8-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:0ffb9f1cad56c547aa127e2c315e666ee9838156c8a3b14f37ba545b0167aa5e"}, + {file = "yarl-1.9.8-cp312-cp312-win32.whl", hash = "sha256:5796358c3d6c72b108b570e20ab951463237ec473b6d204da21050feaaaf7dca"}, + {file = "yarl-1.9.8-cp312-cp312-win_amd64.whl", hash = "sha256:c2dc6e941bf53160b44858d1b24767a056cd83166b69fbdd3b2e401856d8932e"}, + {file = "yarl-1.9.8-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:cb3d488f049db9522e3a0de50e07bac0c53565acd88a07bc9cf7182fd6890307"}, + {file = "yarl-1.9.8-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:50cbf73b6a4b62c3ad633e8920f2791adf485356ef37c9edbd5a1e7de8da2ddc"}, + {file = "yarl-1.9.8-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:b1e0649ee7ac354a3e40ee849707140b14a2cd0cd2dc2062fe620458dfe465c8"}, + {file = "yarl-1.9.8-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c2501b230e89cad2361719860648f780197812d3be91c7ca6658a097a7e22fc4"}, + {file = "yarl-1.9.8-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:be441a73f9f49427906274008bd98384d8ca4655981735281c314fc7c145d256"}, + {file = "yarl-1.9.8-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7de1968a1c2690b86e32e91acf8ed2043c346293f9bbe1704b9f6a481b73bd11"}, + {file = "yarl-1.9.8-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1ce892a75a2209cf4f7007de21c6f6d607f4b9406ac613a59ad02340f6e933e4"}, + {file = "yarl-1.9.8-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:405e75bb94b87cc4167eef0e08d6a539f60633229f7043edc2e65c82ef80e874"}, + {file = "yarl-1.9.8-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:bc5811c1906b38f2a203df1266c6dd11680ca85d610d6ee3701dde262a305520"}, + {file = "yarl-1.9.8-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:51476f19fe1296d3efe3770179548f5f4822e5c4ead9f5160ba156a6a9f5272c"}, + {file = "yarl-1.9.8-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:ce2af144a81883db914636bec646da4dcccfe9db05c2899e7afe90a3d817ffce"}, + {file = "yarl-1.9.8-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:8c91b71b0af1fb5454709e34b39e38c975faaa89c0cc8bb744d60300ca710fcd"}, + {file = "yarl-1.9.8-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:1a562055b5ec6371c307320e8460d16675244e810b20f343371fc52797d23615"}, + {file = "yarl-1.9.8-cp313-cp313-win32.whl", hash = "sha256:f7442a9342aa04ea60b760a8f0d210e269f881eb0660a2000fa1f8cb89820931"}, + {file = "yarl-1.9.8-cp313-cp313-win_amd64.whl", hash = "sha256:21ef75d8a18fa47725b50fcb7ae6d23a51c71a7426cdf7097e52f9e12a995eb6"}, + {file = "yarl-1.9.8-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:fd9affa8c18198dfa5a19c63b29ef2a2f35b8efacaf0bdd3e58f974c0ab0108d"}, + {file = "yarl-1.9.8-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:f79e65f16413a95d9f7633802a2ee34730b3ba1dd0af82811b377057883c4fb7"}, + {file = "yarl-1.9.8-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:3f8c454cf7e4d3762515ed2b5a40cf2feaeb8a8ed1d121f131a6178e16015319"}, + {file = "yarl-1.9.8-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:9f972fc63a1d6165d1cff650a16a498b0087334f7f9cd7385860c086d009cd49"}, + {file = "yarl-1.9.8-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:4ac4aa2f2d8253b9a5455d5f0ed45687ea9715b78a563490ddf7954337974cb7"}, + {file = "yarl-1.9.8-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:b001379047de5e03224dc0592f1b0e60738857a9b992d9b636b5050500ecce23"}, + {file = "yarl-1.9.8-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:39deb5a67b591682e54d1b09b36e79cd608ca27bea1fefed3bcaaa0b05d2b25e"}, + {file = "yarl-1.9.8-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ffd9dd7eac5d36f53fccdf11e98730b7a628561c77f6c2a9e0909d2a304f34d1"}, + {file = "yarl-1.9.8-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:497d5fd7dce44b5dcac648c830c99a673d30bc6cd9905b3e255c92c6dc01f537"}, + {file = "yarl-1.9.8-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:d99011d564f2b5cb4cf1012f9058e08d8d79674332474f7e940131f5952015df"}, + {file = "yarl-1.9.8-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:600f734296cb99db1af7e34c0dcf8ec9477072f72c4621677637fdc2273af120"}, + {file = "yarl-1.9.8-cp38-cp38-musllinux_1_2_s390x.whl", hash = "sha256:6703deac7bb0dd8b3f0bc3cb6844dab4e74c85c70783ae89bd0b52286ebdc102"}, + {file = "yarl-1.9.8-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:3346e2f641fcf31cf32c5a394d625e0676aba6fadccc06d35435e475753ed05d"}, + {file = "yarl-1.9.8-cp38-cp38-win32.whl", hash = "sha256:a54f7a63e48156a77a7c0333cefed29ceb004ab683d685a1192b341ac445cb73"}, + {file = "yarl-1.9.8-cp38-cp38-win_amd64.whl", hash = "sha256:45992ff8d941a1901c35f2ed90a60cb5fee8705ffadff395db4a5fd164473542"}, + {file = "yarl-1.9.8-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:590437f092af08e71521cc302940ef897e969152434c825bb3fb8f308b63a8bb"}, + {file = "yarl-1.9.8-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:551c26789acd38c7b90a89a1f262291d9f9a6a677185a83b5781e2a2c4258aec"}, + {file = "yarl-1.9.8-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:121bf7d647b3f6481ce1030350c1cc4c43e18758010732a449c71a1784ae793d"}, + {file = "yarl-1.9.8-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0c9db466370e8bc3459912850494ad3401f3664ff3a56842f0d4514166f54c9f"}, + {file = "yarl-1.9.8-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:ff56e21379824f3e3c39a37083d5ab905168b9483b1c0c563dd92eb2db18b251"}, + {file = "yarl-1.9.8-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:cce910a1510d60c7eff4bb263b28b9afdcc5f6b85c555e492cfe7548a09e2476"}, + {file = "yarl-1.9.8-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ba7c4b50cc0bb4caaa54554613ca13db47a24878a4fc1063e6303494fc67567"}, + {file = "yarl-1.9.8-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:b345de5e725b82e9458dc1381d7e28fe7d7ef93491370461dc98283b9dda51e2"}, + {file = "yarl-1.9.8-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:49dd58b79b0fd04e880c90bc570fde68407cc516c58812f0321f5e74c131107c"}, + {file = "yarl-1.9.8-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:15fb127bcc19065fd912391a43bc80114635f0062e0465765633ab5d0c7fc3a1"}, + {file = "yarl-1.9.8-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:6f4f87a7c97ba77fdc764b893ae4083c74e5857904962a70025ade0cd42bdbaf"}, + {file = "yarl-1.9.8-cp39-cp39-musllinux_1_2_s390x.whl", hash = "sha256:d336601d9ff3dc3b12263739ab1add25bdd2345d675f59ad49f72d9a6ccbc865"}, + {file = "yarl-1.9.8-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:3574834e4aaf24e24d12fa4fd53d0b0fd1d70b24a67bed81c44b284377e81d45"}, + {file = "yarl-1.9.8-cp39-cp39-win32.whl", hash = "sha256:db9305328486539bb7182c15f1ad1ea95dae52245e93a049f2b1d6f04e63674d"}, + {file = "yarl-1.9.8-cp39-cp39-win_amd64.whl", hash = "sha256:588d62a57c7a43b230557728ec9f252b3f81ad073cb5c0ef48d87cd3f8b6ace2"}, + {file = "yarl-1.9.8-py3-none-any.whl", hash = "sha256:d1612ce50f23b94897b9ef5eb65b72398a9a83ea990b42825272590f3484dae3"}, + {file = "yarl-1.9.8.tar.gz", hash = "sha256:3089553548d9ab23152cecb5a71131caaa9e9b16d7fc8196057c374fdc53cc4b"}, ] [package.dependencies] diff --git a/nova/core/roles/accounts/tasks/windows_create.yml b/nova/core/roles/accounts/tasks/windows_create.yml index 48f9168d..aa2e4ce4 100644 --- a/nova/core/roles/accounts/tasks/windows_create.yml +++ b/nova/core/roles/accounts/tasks/windows_create.yml @@ -59,13 +59,16 @@ loop_control: label: "{{ item.username }}" - - name: Setting correct password for {{ ansible_deployer_username }}... - ansible.builtin.set_fact: - ansible_deployer_password: "{{ item.password | default(pregenerated_password) }}" - loop: "{{ domain_accounts_list }}" - loop_control: - label: "{{ item.username }}" - when: item.username == ansible_deployer_username +# To make sure that we are setting the password for the correct account on all domain contollers +- name: Setting correct password for {{ ansible_deployer_username }}... + ansible.builtin.set_fact: + ansible_deployer_password: "{{ item.password | default(pregenerated_password) }}" + loop: "{{ domain_accounts_list }}" + loop_control: + label: "{{ item.username }}" + when: + - item.username == ansible_deployer_username + - ansible_facts.windows_domain_role in ["Primary domain controller", "Backup domain controller"] - name: Creating a profiles for... community.windows.win_user_profile: diff --git a/nova/core/roles/configure_package_mirrors/tasks/debian.yml b/nova/core/roles/configure_package_mirrors/tasks/debian.yml index 67e78d3f..087fb40c 100644 --- a/nova/core/roles/configure_package_mirrors/tasks/debian.yml +++ b/nova/core/roles/configure_package_mirrors/tasks/debian.yml @@ -9,15 +9,17 @@ src: /etc/apt/sources.list dest: /etc/apt/sources.list_backup remote_src: true + mode: "0644" when: not apt_backup_file.stat.exists - name: Templating custom debian-{{ ansible_distribution_release }}.list to {{ inventory_hostname }}... ansible.builtin.template: src: debian-{{ ansible_distribution_release }}.list dest: /etc/apt/sources.list + mode: "0644" register: apt_sources -- name: Running apt update... +- name: Running apt update... # noqa: no-handler ansible.builtin.apt: - update_cache: yes + update_cache: true when: apt_sources.changed diff --git a/nova/core/roles/configure_package_mirrors/tasks/kali.yml b/nova/core/roles/configure_package_mirrors/tasks/kali.yml index 5d5ec2fb..8bd4934d 100644 --- a/nova/core/roles/configure_package_mirrors/tasks/kali.yml +++ b/nova/core/roles/configure_package_mirrors/tasks/kali.yml @@ -9,15 +9,17 @@ src: /etc/apt/sources.list dest: /etc/apt/sources.list_backup remote_src: true + mode: "0644" when: not apt_backup_file.stat.exists - name: Templating custom kali.list to {{ inventory_hostname }}... ansible.builtin.template: src: kali-sources.list dest: /etc/apt/sources.list + mode: "0644" register: apt_sources -- name: Running apt update... +- name: Running apt update... # noqa: no-handler ansible.builtin.apt: - update_cache: yes + update_cache: true when: apt_sources.changed diff --git a/nova/core/roles/configure_package_mirrors/tasks/main.yml b/nova/core/roles/configure_package_mirrors/tasks/main.yml index 49a357f0..089ddcaf 100644 --- a/nova/core/roles/configure_package_mirrors/tasks/main.yml +++ b/nova/core/roles/configure_package_mirrors/tasks/main.yml @@ -3,32 +3,32 @@ when: ansible_network_os is not defined block: - name: Including Windows Chocolatey mirror tasks... - include_tasks: choco.yml + ansible.builtin.include_tasks: choco.yml when: ansible_os_family == "Windows" - name: Configuring Debian family sources.list when: ansible_os_family == "Debian" block: - name: Including Kali mirror tasks... - include_tasks: kali.yml + ansible.builtin.include_tasks: kali.yml when: - ansible_distribution == "Kali" - package_mirror_kali_uri != {} - name: Including Ubuntu mirror tasks... - include_tasks: ubuntu.yml + ansible.builtin.include_tasks: ubuntu.yml when: - ansible_distribution == "Ubuntu" - package_mirror_ubuntu_uri != {} - name: Including Debian mirror tasks... - include_tasks: debian.yml + ansible.builtin.include_tasks: debian.yml when: - ansible_distribution == "Debian" - package_mirror_debian_uri != {} - name: Including Parrot mirror tasks... - include_tasks: parrot.yml + ansible.builtin.include_tasks: parrot.yml when: - ansible_distribution == "Parrot" - package_mirror_parrot_uri != {} diff --git a/nova/core/roles/configure_package_mirrors/tasks/parrot.yml b/nova/core/roles/configure_package_mirrors/tasks/parrot.yml index 667d2c8d..33ff0349 100644 --- a/nova/core/roles/configure_package_mirrors/tasks/parrot.yml +++ b/nova/core/roles/configure_package_mirrors/tasks/parrot.yml @@ -9,6 +9,7 @@ src: /etc/apt/sources.list dest: /etc/apt/sources.list_backup remote_src: true + mode: "0644" when: not default_apt_backup_file.stat.exists - name: Checking if parrot.list (second file) backup exists... @@ -21,12 +22,14 @@ src: /etc/apt/sources.list.d/parrot.list dest: /etc/apt/sources.list.d/parrot.list_backup remote_src: true + mode: "0644" when: not apt_backup_file.stat.exists - name: Templating custom parrot-sources.list to {{ inventory_hostname }}... ansible.builtin.template: src: "{{ item.src }}" dest: "{{ item.dest }}" + mode: "0644" register: apt_sources loop: - src: parrot-sources-1.list @@ -36,5 +39,5 @@ - name: Running apt update... ansible.builtin.apt: - update_cache: yes + update_cache: true when: apt_sources.results[0].changed or apt_sources.results[1].changed diff --git a/nova/core/roles/configure_package_mirrors/tasks/ubuntu.yml b/nova/core/roles/configure_package_mirrors/tasks/ubuntu.yml index e0a13507..6dc97860 100644 --- a/nova/core/roles/configure_package_mirrors/tasks/ubuntu.yml +++ b/nova/core/roles/configure_package_mirrors/tasks/ubuntu.yml @@ -1,23 +1,58 @@ --- -- name: Checking if sources.list backup exists... - ansible.builtin.stat: - path: /etc/apt/sources.list_backup - register: apt_backup_file +- name: Configuring Ubuntu < 24.04 sources.list + when: ansible_distribution_release != "noble" + block: + - name: Checking if sources.list backup exists... + ansible.builtin.stat: + path: /etc/apt/sources.list_backup + register: non_noble_apt_backup_file -- name: Backing up existing sources.list... - ansible.builtin.copy: - src: /etc/apt/sources.list - dest: /etc/apt/sources.list_backup - remote_src: true - when: not apt_backup_file.stat.exists + - name: Backing up existing {{ ansible_distribution_release }} sources.list... + ansible.builtin.copy: + src: /etc/apt/sources.list + dest: /etc/apt/sources.list_backup + remote_src: true + mode: "0644" + when: not non_noble_apt_backup_file.stat.exists -- name: Templating custom ubuntu-sources.list to {{ inventory_hostname }}... - ansible.builtin.template: - src: ubuntu-sources.list - dest: /etc/apt/sources.list - register: apt_sources + - name: Templating custom ubuntu-sources.list to {{ inventory_hostname }}... + ansible.builtin.template: + src: ubuntu-sources.list + dest: /etc/apt/sources.list + mode: "0644" + register: non_noble_apt_sources + +- name: Configuring Ubuntu 24.04 sources.list + when: ansible_distribution_release == "noble" + block: + - name: Checking if ubuntu.sources backup exists... + ansible.builtin.stat: + path: /etc/apt/ubuntu.sources_backup + register: noble_apt_backup_file + + - name: Backing up and removing original ubuntu.sources... + when: not noble_apt_backup_file.stat.exists + block: + - name: Backing up existing {{ ansible_distribution_release }} sources.list... + ansible.builtin.copy: + src: /etc/apt/sources.list.d/ubuntu.sources + dest: /etc/apt/ubuntu.sources_backup + remote_src: true + mode: "0644" + + - name: Removing original ubuntu.sources... + ansible.builtin.file: + path: /etc/apt/sources.list.d/ubuntu.sources + state: absent + + - name: Templating custom ubuntu-sources.list to {{ inventory_hostname }}... + ansible.builtin.template: + src: ubuntu-sources.list + dest: /etc/apt/sources.list + mode: "0644" + register: noble_apt_sources - name: Running apt update... ansible.builtin.apt: - update_cache: yes - when: apt_sources.changed + update_cache: true + when: non_noble_apt_sources.changed or noble_apt_sources.changed diff --git a/nova/core/roles/expo/defaults/main.yml b/nova/core/roles/expo/defaults/main.yml index cedf8acc..b4285cb8 100644 --- a/nova/core/roles/expo/defaults/main.yml +++ b/nova/core/roles/expo/defaults/main.yml @@ -101,5 +101,5 @@ expo_sentry_backend_tracing: 1 ### NETWORK ### expo_network_name: expo-network -expo_network_ipv4_subnet: 172.19.0.0/16 +expo_network_ipv6_enabled: true expo_network_ipv6_subnet: fd71::/64 diff --git a/nova/core/roles/expo/templates/srv/expo/env/override.expo-network.env b/nova/core/roles/expo/templates/srv/expo/env/override.expo-network.env index 1657531d..f80d353a 100644 --- a/nova/core/roles/expo/templates/srv/expo/env/override.expo-network.env +++ b/nova/core/roles/expo/templates/srv/expo/env/override.expo-network.env @@ -3,5 +3,5 @@ ########################################################################### CONTAINER_NETWORK_NAME={{ expo_network_name }} -CONTAINER_NETWORK_IPV4_SUBNET="{{ expo_network_ipv4_subnet }}" +CONTAINER_NETWORK_IPV6_ENABLED={{ expo_network_ipv6_enabled }} CONTAINER_NETWORK_IPV6_SUBNET="{{ expo_network_ipv6_subnet }}" diff --git a/nova/core/roles/keycloak/defaults/main.yml b/nova/core/roles/keycloak/defaults/main.yml index a5d5b673..425f2b2b 100644 --- a/nova/core/roles/keycloak/defaults/main.yml +++ b/nova/core/roles/keycloak/defaults/main.yml @@ -1,6 +1,6 @@ --- -keycloak_version: 24.0.5 -keycloak_config_cli_version: 6.0.0 # https://github.com/adorsys/keycloak-config-cli +keycloak_version: 25.0.5 +keycloak_config_cli_version: 6.1.4-25 # https://github.com/adorsys/keycloak-config-cli keycloak_postgres_version: 15 keycloak_container_config_folder: /srv/keycloak keycloak_docker_network: local-network # Comes from nova.core.docker diff --git a/nova/core/roles/linux_xrdp_keyboard/tasks/main.yml b/nova/core/roles/linux_xrdp_keyboard/tasks/main.yml index 86e6f08a..19663c2c 100644 --- a/nova/core/roles/linux_xrdp_keyboard/tasks/main.yml +++ b/nova/core/roles/linux_xrdp_keyboard/tasks/main.yml @@ -1,9 +1,10 @@ --- # If other languages are needed then corresponding km-#.ini file is needed and xrdp_keyboard.ini needs to be updated -- name: Copying keymap(s) to kali... +- name: Copying keymap(s) to {{ inventory_hostname }}... ansible.builtin.copy: src: "{{ xrdp_keymap.src }}" dest: "{{ xrdp_keymap.dest }}" + mode: "0644" loop_control: loop_var: xrdp_keymap loop: diff --git a/nova/core/roles/machine_operations/tasks/aws/remove.yml b/nova/core/roles/machine_operations/tasks/aws/remove.yml index 9bb765e2..11047c75 100644 --- a/nova/core/roles/machine_operations/tasks/aws/remove.yml +++ b/nova/core/roles/machine_operations/tasks/aws/remove.yml @@ -2,7 +2,7 @@ - name: NO UNDEPLOY OR IMMUTABLE SET ansible.builtin.fail: msg: "{{ inventory_hostname }} HAS no_undeploy or immutable SET AND WON'T BE REMOVED" - when: immutable or no_undeploy or 'immutable' in group_names or 'no_undeploy' in group_names + when: immutable or no_undeploy or 'immutable' in group_names or 'no_undeploy' in group_names or 'custom_no_undeploy' in group_names - name: Terminating {{ custom_vm_name | default(vm_name) }} EC2 instance... amazon.aws.ec2_instance: diff --git a/nova/core/roles/machine_operations/tasks/linode/remove.yml b/nova/core/roles/machine_operations/tasks/linode/remove.yml index 58c70eef..e8568cd3 100644 --- a/nova/core/roles/machine_operations/tasks/linode/remove.yml +++ b/nova/core/roles/machine_operations/tasks/linode/remove.yml @@ -2,7 +2,7 @@ - name: NO UNDEPLOY OR IMMUTABLE SET ansible.builtin.fail: msg: "{{ inventory_hostname }} HAS no_undeploy or immutable SET AND WON'T BE REMOVED" - when: immutable or no_undeploy or 'immutable' in group_names or 'no_undeploy' in group_names + when: immutable or no_undeploy or 'immutable' in group_names or 'no_undeploy' in group_names or 'custom_no_undeploy' in group_names - name: Deleting {{ custom_vm_name | default(vm_name) }} VM from Linode... linode.cloud.instance: diff --git a/nova/core/roles/machine_operations/tasks/vmware_workstation/remove.yml b/nova/core/roles/machine_operations/tasks/vmware_workstation/remove.yml index d32165a8..f829580f 100644 --- a/nova/core/roles/machine_operations/tasks/vmware_workstation/remove.yml +++ b/nova/core/roles/machine_operations/tasks/vmware_workstation/remove.yml @@ -2,7 +2,7 @@ - name: NO UNDEPLOY OR IMMUTABLE SET ansible.builtin.fail: msg: "{{ inventory_hostname }} HAS no_undeploy or immutable SET AND WON'T BE REMOVED" - when: immutable or no_undeploy or 'immutable' in group_names or 'no_undeploy' in group_names + when: immutable or no_undeploy or 'immutable' in group_names or 'no_undeploy' in group_names or 'custom_no_undeploy' in group_names - name: Including VMware Workstation remove tasks... become: false diff --git a/nova/core/roles/machine_operations/tasks/vsphere/remove.yml b/nova/core/roles/machine_operations/tasks/vsphere/remove.yml index 283423c3..41227bcd 100644 --- a/nova/core/roles/machine_operations/tasks/vsphere/remove.yml +++ b/nova/core/roles/machine_operations/tasks/vsphere/remove.yml @@ -2,7 +2,7 @@ - name: NO UNDEPLOY OR IMMUTABLE SET ansible.builtin.fail: msg: "{{ inventory_hostname }} HAS no_undeploy or immutable SET AND WON'T BE REMOVED" - when: immutable or no_undeploy or 'immutable' in group_names or 'no_undeploy' in group_names + when: immutable or no_undeploy or 'immutable' in group_names or 'no_undeploy' in group_names or 'custom_no_undeploy' in group_names - name: Deleting {{ custom_vm_name | default(vm_name) }} VM... community.vmware.vmware_guest: diff --git a/nova/core/roles/nexus/defaults/main.yml b/nova/core/roles/nexus/defaults/main.yml index 2ac3e76f..df492f82 100644 --- a/nova/core/roles/nexus/defaults/main.yml +++ b/nova/core/roles/nexus/defaults/main.yml @@ -8,7 +8,7 @@ nexus_admin_username: admin # Built-in Nexus admin user nexus_configure: false # Set to true to also configure Nexus after installation nexus_configure_ldap: false # Set to true to also configure LDAP after installation nexus_allow_anonymous_access: true # Set to false to disable anonymous access -nexus_version: 3.70.1 # Nexus version to install +nexus_version: 3.70.2 # Nexus version to install nexus_realms_to_activate: # List of authentication realms to activate - NexusAuthenticatingRealm diff --git a/nova/core/roles/providentia/README.md b/nova/core/roles/providentia/README.md index f77e1e9d..e57b0389 100644 --- a/nova/core/roles/providentia/README.md +++ b/nova/core/roles/providentia/README.md @@ -23,7 +23,9 @@ If included, the keycloak will be using `keycloak.{{ providentia_app_fqdn }}` as ## Notes -The builtin keycloak is configured with HTTP by default, as Providentia does not trust self-signed certificates. This can and should be altered in real deployments. +The builtin Keycloak is _not_ secure by default: it is configured with HTTP (as Providentia does not trust self-signed certificates) by default and very weak passwords. This can and should be altered in real deployments! + +By default, the prebuilt image will be pulled from github - setting `providentia_deploy_branch` variable will clone the repository and build the image on host instead. ## Example diff --git a/nova/core/roles/providentia/defaults/main.yml b/nova/core/roles/providentia/defaults/main.yml index ccd62eb9..16a229b3 100644 --- a/nova/core/roles/providentia/defaults/main.yml +++ b/nova/core/roles/providentia/defaults/main.yml @@ -1,8 +1,6 @@ --- # host config providentia_install_docker: true # whether to install nova.core.docker on host -providentia_install_dir: /srv/providentia # path where providentia will be installed -providentia_install_dir_git: /srv/providentia.git # path where git configuration will be stored providentia_external_docker_network: false # Set to true if providentia should use an external docker network with the default config below providentia_external_docker_network_config: networks: @@ -25,8 +23,15 @@ providentia_builtin_reverse_proxy_tls_pregenerated_cert: # path to TLS cert on h providentia_builtin_reverse_proxy_tls_pregenerated_key: # path to TLS key on host # app config +# if providentia_deploy_branch is set, the code is cloned from github and image will be built on host +# the value accepts a gitref and can be used deploy other tags or branches +# otherwise, the image built in github will be used instead +providentia_deploy_branch: null +providentia_image_version: latest +providentia_install_dir: /srv/providentia # path where providentia will be installed +providentia_install_dir_git: /srv/providentia.git # path where git configuration will be stored + providentia_app_fqdn: "{{ fqdn }}" # fqdn for deployed instance -providentia_deploy_branch: main # gitref used for deployment, can be overridden to deploy other tags or branches providentia_redis_url: redis://redis:6379/0 # URL for app redis, defaults to builtin providentia_db_url: postgres://providentia:{{ providentia_builtin_database_db_password }}@postgresql/providentia?pool=5 # full database URL used by the app, defaults to builtin postgres providentia_sentry_dsn: # Sentry exception tracking endpoint diff --git a/nova/core/roles/providentia/tasks/clone_and_build.yml b/nova/core/roles/providentia/tasks/clone_and_build.yml new file mode 100644 index 00000000..8c9e32d7 --- /dev/null +++ b/nova/core/roles/providentia/tasks/clone_and_build.yml @@ -0,0 +1,68 @@ +--- +- name: Install host dependencies + ansible.builtin.package: + name: + - git + - make + +- name: Check if previous installation is prebuilt + ansible.builtin.stat: + path: /{{ providentia_install_dir }}/docker-compose.yml + register: providentia_prebuilt_compose_file + +- name: Stop previous installation + community.docker.docker_compose_v2: + project_src: "{{ providentia_install_dir }}" + state: absent + wait: true + when: providentia_prebuilt_compose_file.stat.exists + +- name: Clear previous installation dir + ansible.builtin.file: + path: "{{ providentia_install_dir }}" + state: absent + when: providentia_prebuilt_compose_file.stat.exists + +- name: Clone Providentia repo + ansible.builtin.git: + accept_hostkey: yes + repo: https://github.com/ClarifiedSecurity/Providentia.git + dest: "{{ providentia_install_dir }}" + version: "{{ providentia_deploy_branch }}" + force: yes + separate_git_dir: "{{ providentia_install_dir_git }}" + +- name: Template Providentia configuration + ansible.builtin.template: + src: "{{ conf.src }}" + dest: "{{ providentia_install_dir }}/{{ conf.dest | default(conf.src) }}" + lstrip_blocks: true + loop_control: + loop_var: conf + loop: + - src: .makerc-vars + - src: docker-compose.yml + dest: docker/prod/ + +- name: Replace app URI-s in keycloak config + ansible.builtin.replace: + path: "{{ providentia_install_dir }}/docker/prod/providentia.yaml" + regexp: 'providentia\.localhost' + replace: "{{ providentia_app_fqdn }}" + when: providentia_builtin_keycloak + +- name: Remove old version info + ansible.builtin.file: + path: "{{ providentia_install_dir }}/CURRENT_VERSION" + state: absent + +- name: Build Providentia image, start containers, clear cache + community.general.make: + chdir: "{{ providentia_install_dir }}" + target: "{{ build }}" + loop_control: + loop_var: build + loop: + - build + - start + - clear-redis diff --git a/nova/core/roles/providentia/tasks/main.yml b/nova/core/roles/providentia/tasks/main.yml index 968bfde2..3fe7ed16 100644 --- a/nova/core/roles/providentia/tasks/main.yml +++ b/nova/core/roles/providentia/tasks/main.yml @@ -4,52 +4,8 @@ name: nova.core.docker when: providentia_install_docker -- name: Install host dependencies - ansible.builtin.package: - name: - - git - - make +- include_tasks: clone_and_build.yml + when: providentia_deploy_branch -- name: Clone Providentia repo - ansible.builtin.git: - accept_hostkey: yes - repo: https://github.com/ClarifiedSecurity/Providentia.git - dest: "{{ providentia_install_dir }}" - version: "{{ providentia_deploy_branch }}" - force: yes - separate_git_dir: "{{ providentia_install_dir_git }}" - -- name: Template Providentia configuration - ansible.builtin.template: - src: "{{ conf.src }}" - dest: "{{ providentia_install_dir }}/{{ conf.dest | default(conf.src) }}" - lstrip_blocks: true - loop_control: - loop_var: conf - loop: - - src: .makerc-vars - - src: docker-compose.yml - dest: docker/prod/ - -- name: Replace app URI-s in keycloak config - ansible.builtin.replace: - path: "{{ providentia_install_dir }}/docker/prod/providentia.yaml" - regexp: 'providentia\.localhost' - replace: "{{ providentia_app_fqdn }}" - when: providentia_builtin_keycloak - -- name: Remove old version info - ansible.builtin.file: - path: "{{ providentia_install_dir }}/CURRENT_VERSION" - state: absent - -- name: Build Providentia image, start containers, clear cache - community.general.make: - chdir: "{{ providentia_install_dir }}" - target: "{{ build }}" - loop_control: - loop_var: build - loop: - - build - - start - - clear-redis +- include_tasks: prebuilt_image.yml + when: not providentia_deploy_branch diff --git a/nova/core/roles/providentia/tasks/prebuilt_image.yml b/nova/core/roles/providentia/tasks/prebuilt_image.yml new file mode 100644 index 00000000..be9570a0 --- /dev/null +++ b/nova/core/roles/providentia/tasks/prebuilt_image.yml @@ -0,0 +1,43 @@ +--- +- name: Check if previous installation is cloned + ansible.builtin.stat: + path: /{{ providentia_install_dir }}/CURRENT_VERSION + register: providentia_current_version_stat + +- name: Stop previous installation + community.general.make: + chdir: "{{ providentia_install_dir }}" + target: stop + when: providentia_current_version_stat.stat.exists + +- name: Template Providentia configuration + ansible.builtin.template: + src: "{{ item }}" + dest: "{{ providentia_install_dir }}/" + lstrip_blocks: true + loop: + - docker-compose.yml + - Makefile + +- name: Template builtin keycloak configuration + ansible.builtin.template: + src: "{{ item }}" + dest: "{{ providentia_install_dir }}/" + lstrip_blocks: true + loop: + - initdb_keycloak.sql + - keycloak-config.yml + when: providentia_builtin_keycloak + +- name: Start Providentia containers + community.docker.docker_compose_v2: + project_src: "{{ providentia_install_dir }}" + state: present + pull: always + remove_orphans: true + wait: true + +- name: Clear cache + ansible.builtin.command: docker compose exec web rails r 'Rails.cache.clear' + args: + chdir: "{{ providentia_install_dir }}" diff --git a/nova/core/roles/providentia/templates/Makefile b/nova/core/roles/providentia/templates/Makefile new file mode 100644 index 00000000..afe78c2a --- /dev/null +++ b/nova/core/roles/providentia/templates/Makefile @@ -0,0 +1,23 @@ +.DEFAULT_GOAL := help +.PHONY: help stop start shell import-db + +help: + @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_-]+:.*?##/ { printf " \033[36m%-16s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) + +stop: ## Stop containers + docker compose down + +start: ## Start daemonized containers + docker compose up -d + +restart: stop start ## Restart the containers + +shell: ## Open container shell + docker compose exec web sh + +import-db: ## Import database from dump + docker compose stop + docker compose up -d postgresql --wait + docker compose cp $(DUMP) postgresql:/dump.sql + docker compose exec postgresql psql -Uprovidentia -c '\i /dump.sql' + docker compose stop postgresql diff --git a/nova/core/roles/providentia/templates/docker-compose.yml b/nova/core/roles/providentia/templates/docker-compose.yml index 86b1a078..76dda723 100644 --- a/nova/core/roles/providentia/templates/docker-compose.yml +++ b/nova/core/roles/providentia/templates/docker-compose.yml @@ -10,17 +10,20 @@ services: {% if providentia_builtin_redis %} - "redis" {% endif %} + {% if providentia_deploy_branch %} build: context: ../../ dockerfile: Dockerfile target: production + {% else %} + image: "ghcr.io/clarifiedsecurity/providentia:{{ providentia_image_version }}" + {% endif %} entrypoint: ["/srv/app/docker-entrypoint.sh"] command: ["puma", "-C", "config/puma.production.rb"] restart: unless-stopped volumes: - /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt environment: - - RUBY_YJIT_ENABLE=1 - DATABASE_URL={{ providentia_db_url }} - REDIS_URL={{ providentia_redis_url }} - OIDC_ISSUER={{ providentia_oidc_issuer }} @@ -100,7 +103,7 @@ services: restart: unless-stopped volumes: {% if providentia_builtin_keycloak %} - - ./initdb_keycloak.sql:/docker-entrypoint-initdb.d/001-initdb.sql # from repo + - ./initdb_keycloak.sql:/docker-entrypoint-initdb.d/001-initdb.sql {% endif %} - "database_storage:/var/lib/postgresql/data" environment: @@ -112,30 +115,32 @@ services: {% if providentia_builtin_keycloak %} keycloak: - image: bitnami/keycloak:22.0.3 + image: bitnami/keycloak:25.0.4 depends_on: - - postgresql + {% if providentia_builtin_database %} + - "postgresql" + {% endif %} environment: - KEYCLOAK_PROXY_ADDRESS_FORWARDING=true - KEYCLOAK_ADMIN_USER=admin - KEYCLOAK_ADMIN_PASSWORD={{ providentia_builtin_keycloak_admin_password }} - - KEYCLOAK_DATABASE_PASSWORD={{ providentia_builtin_database_db_password }} + - KEYCLOAK_DATABASE_PASSWORD=secret labels: caddy: "{{ providentia_builtin_keycloak_fqdn }}:80" caddy.reverse_proxy: "{% raw %}{{upstreams 8080}}{% endraw %}" keycloak_config: - image: adorsys/keycloak-config-cli:latest-22.0.0 + image: adorsys/keycloak-config-cli:latest-25 depends_on: - keycloak volumes: - - ./providentia.yaml:/config/providentia.yaml + - ./keycloak-config.yml:/config/providentia.yaml environment: - KEYCLOAK_URL=http://keycloak:8080/ - KEYCLOAK_USER=admin - KEYCLOAK_PASSWORD={{ providentia_builtin_keycloak_admin_password }} - KEYCLOAK_AVAILABILITYCHECK_ENABLED=true - - KEYCLOAK_AVAILABILITYCHECK_TIMEOUT=30s + - KEYCLOAK_AVAILABILITYCHECK_TIMEOUT=60s - IMPORT_FILES='/config/*' {% endif %} diff --git a/nova/core/roles/providentia/templates/initdb_keycloak.sql b/nova/core/roles/providentia/templates/initdb_keycloak.sql new file mode 100644 index 00000000..28c02af1 --- /dev/null +++ b/nova/core/roles/providentia/templates/initdb_keycloak.sql @@ -0,0 +1,6 @@ +\connect postgres +create database bitnami_keycloak; +create role bn_keycloak with encrypted password 'secret' LOGIN; + +\connect bitnami_keycloak +grant all privileges on schema public to bn_keycloak; \ No newline at end of file diff --git a/nova/core/roles/providentia/templates/keycloak-config.yml b/nova/core/roles/providentia/templates/keycloak-config.yml new file mode 100644 index 00000000..090a08b5 --- /dev/null +++ b/nova/core/roles/providentia/templates/keycloak-config.yml @@ -0,0 +1,416 @@ +realm: Providentia +enabled: true +roles: + client: + Providentia: + - name: Providentia_TE_GT + composite: false + clientRole: true + attributes: {} + - name: Providentia_TE_RT + composite: false + clientRole: true + attributes: {} + - name: Providentia_TE_Admin + composite: false + clientRole: true + attributes: {} + - name: Providentia_Admin + composite: false + clientRole: true + attributes: {} +groups: [] +clients: + - clientId: Providentia + baseUrl: "https://{{ providentia_app_fqdn }}" + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + secret: 00000000-0000-0000-0000-000000000000 + redirectUris: + - "https://{{ providentia_app_fqdn }}/*" + webOrigins: + - "https://{{ providentia_app_fqdn }}" + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: true + directAccessGrantsEnabled: true + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: {} + authenticationFlowBindingOverrides: {} + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + defaultClientScopes: + - profile + - providentia-roles + - email + optionalClientScopes: [] +clientScopes: + - name: profile + description: "OpenID Connect built-in scope: profile" + protocol: openid-connect + attributes: + include.in.token.scope: "true" + display.on.consent.screen: "true" + consent.screen.text: "${profileScopeConsentText}" + protocolMappers: + - name: locale + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: locale + id.token.claim: "true" + access.token.claim: "true" + claim.name: locale + jsonType.label: String + - name: "given name" + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: firstName + id.token.claim: "true" + access.token.claim: "true" + claim.name: given_name + jsonType.label: String + - name: username + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: username + id.token.claim: "true" + access.token.claim: "true" + claim.name: preferred_username + jsonType.label: String + - name: "full name" + protocol: openid-connect + protocolMapper: oidc-full-name-mapper + consentRequired: false + config: + id.token.claim: "true" + access.token.claim: "true" + userinfo.token.claim: "true" + - name: "family name" + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: lastName + id.token.claim: "true" + access.token.claim: "true" + claim.name: family_name + jsonType.label: String + - name: "updated at" + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: updatedAt + id.token.claim: "true" + access.token.claim: "true" + claim.name: updated_at + jsonType.label: String + - name: profile + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: profile + id.token.claim: "true" + access.token.claim: "true" + claim.name: profile + jsonType.label: String + - name: birthdate + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: birthdate + id.token.claim: "true" + access.token.claim: "true" + claim.name: birthdate + jsonType.label: String + - name: picture + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: picture + id.token.claim: "true" + access.token.claim: "true" + claim.name: picture + jsonType.label: String + - name: website + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: website + id.token.claim: "true" + access.token.claim: "true" + claim.name: website + jsonType.label: String + - name: "middle name" + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: middleName + id.token.claim: "true" + access.token.claim: "true" + claim.name: middle_name + jsonType.label: String + - name: nickname + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: nickname + id.token.claim: "true" + access.token.claim: "true" + claim.name: nickname + jsonType.label: String + - name: gender + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: gender + id.token.claim: "true" + access.token.claim: "true" + claim.name: gender + jsonType.label: String + - name: zoneinfo + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: zoneinfo + id.token.claim: "true" + access.token.claim: "true" + claim.name: zoneinfo + jsonType.label: String + - name: email + description: "OpenID Connect built-in scope: email" + protocol: openid-connect + attributes: + include.in.token.scope: "true" + display.on.consent.screen: "true" + consent.screen.text: "${emailScopeConsentText}" + protocolMappers: + - name: email + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: email + id.token.claim: "true" + access.token.claim: "true" + claim.name: email + jsonType.label: String + - name: "email verified" + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: emailVerified + id.token.claim: "true" + access.token.claim: "true" + claim.name: email_verified + jsonType.label: boolean + - name: phone + description: "OpenID Connect built-in scope: phone" + protocol: openid-connect + attributes: + include.in.token.scope: "true" + display.on.consent.screen: "true" + consent.screen.text: "${phoneScopeConsentText}" + protocolMappers: + - name: "phone number verified" + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: phoneNumberVerified + id.token.claim: "true" + access.token.claim: "true" + claim.name: phone_number_verified + jsonType.label: boolean + - name: "phone number" + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: "true" + user.attribute: phoneNumber + id.token.claim: "true" + access.token.claim: "true" + claim.name: phone_number + jsonType.label: String + - name: web-origins + description: "OpenID Connect scope for add allowed web origins to the access token" + protocol: openid-connect + attributes: + include.in.token.scope: "false" + display.on.consent.screen: "false" + consent.screen.text: "" + protocolMappers: + - name: "allowed web origins" + protocol: openid-connect + protocolMapper: oidc-allowed-origins-mapper + consentRequired: false + config: {} + - name: role_list + description: "SAML role list" + protocol: saml + attributes: + consent.screen.text: "${samlRoleListScopeConsentText}" + display.on.consent.screen: "true" + protocolMappers: + - name: "role list" + protocol: saml + protocolMapper: saml-role-list-mapper + consentRequired: false + config: + single: "false" + attribute.nameformat: Basic + attribute.name: Role + - name: address + description: "OpenID Connect built-in scope: address" + protocol: openid-connect + attributes: + include.in.token.scope: "true" + display.on.consent.screen: "true" + consent.screen.text: "${addressScopeConsentText}" + protocolMappers: + - name: address + protocol: openid-connect + protocolMapper: oidc-address-mapper + consentRequired: false + config: + user.attribute.formatted: formatted + user.attribute.country: country + user.attribute.postal_code: postal_code + userinfo.token.claim: "true" + user.attribute.street: street + id.token.claim: "true" + user.attribute.region: region + access.token.claim: "true" + user.attribute.locality: locality + - name: offline_access + description: "OpenID Connect built-in scope: offline_access" + protocol: openid-connect + attributes: + consent.screen.text: "${offlineAccessScopeConsentText}" + display.on.consent.screen: "true" + - name: providentia-roles + description: "" + protocol: openid-connect + attributes: + include.in.token.scope: "false" + display.on.consent.screen: "true" + consent.screen.text: "${rolesScopeConsentText}" + protocolMappers: + - name: "client roles" + protocol: openid-connect + protocolMapper: oidc-usermodel-client-role-mapper + consentRequired: false + config: + multivalued: "true" + user.attribute: foo + id.token.claim: "true" + access.token.claim: "true" + claim.name: "resource_access.${client_id}.roles" + jsonType.label: String + usermodel.clientRoleMapping.clientId: Providentia + - name: "realm roles" + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + multivalued: "true" + user.attribute: foo + id.token.claim: "false" + access.token.claim: "true" + claim.name: realm_access.roles + jsonType.label: String +users: + - username: providentia.admin + email: providentia.admin@localhost + enabled: true + firstName: Providentia + lastName: Admin + clientRoles: + Providentia: + - Providentia_Admin + credentials: + - type: password + value: providentia.admin-pass + - username: providentia.teadmin + email: providentia.teadmin@localhost + enabled: true + firstName: Providentia + lastName: Admin + clientRoles: + Providentia: + - Providentia_TE_Admin + credentials: + - type: password + value: providentia.teadmin-pass + - username: providentia.rt + email: providentia.rt@localhost + enabled: true + firstName: Red + lastName: Team + clientRoles: + Providentia: + - Providentia_TE_GT + - Providentia_TE_RT + credentials: + - type: password + value: providentia.rt-pass + - username: providentia.gt + email: providentia.gt@localhost + enabled: true + firstName: Green + lastName: Team + clientRoles: + Providentia: + - Providentia_TE_GT + credentials: + - type: password + value: providentia.gt-pass +defaultDefaultClientScopes: + - role_list + - profile + - email + - web-origins +defaultOptionalClientScopes: + - offline_access + - address + - phone + - microprofile-jwt diff --git a/nova/core/roles/vault/defaults/main.yml b/nova/core/roles/vault/defaults/main.yml index 63788e3d..2c65526f 100644 --- a/nova/core/roles/vault/defaults/main.yml +++ b/nova/core/roles/vault/defaults/main.yml @@ -9,13 +9,16 @@ vault_configure: false # Run the initial default configuration for Vault vault_configure_ldap: false # Configuring LDAP authentication for Vault vault_configuration_uri: "https://{{ fqdn }}" # Defined separately for when configuring multiple Vaults vault_config_folder: /srv/vault -vault_version: 1.17.2 # Default Vault Docker image version +vault_version: 1.17.5 # Default Vault Docker image version vault_container_name: vault vault_server_log_level: debug # Debug gives better info about LDAP login failures and their reasons vault_validate_cert: true # Validate certificates when connecting to Vault # Testing environment variables -vault_auto_unseal: true # Disable for production environments and manually enter the unseal key(s) after container restart. Only works if vault_unseal_shares == 1 + +# Disable for production environments and manually enter the unseal key(s) after container restart. Only works if vault_unseal_shares == 1 +vault_auto_unseal: true + vault_root_token: {} # Used for testing purposes only, save it in a safe place and use ansible lookup modules to retrieve it vault_unseal_key: {} # Used for testing purposes only, save it in a safe place and use it to unseal the Vault after container restart diff --git a/nova/core/roles/vault/tasks/ca_intermediate.yml b/nova/core/roles/vault/tasks/ca_intermediate.yml index 63a393d5..4d2867a5 100644 --- a/nova/core/roles/vault/tasks/ca_intermediate.yml +++ b/nova/core/roles/vault/tasks/ca_intermediate.yml @@ -14,7 +14,8 @@ - name: Enabling Intermediate CA PKI engine... ansible.builtin.uri: - url: "{{ vault_configuration_uri }}/v1/sys/mounts/{{ vault_intermediate_ca_pki_engine_name }}{{ '/tune' if intermediate_ca_pki_engine_status.status == 200 else '' }}" + url: "{{ vault_configuration_uri }}/v1/sys/mounts/{{ vault_intermediate_ca_pki_engine_name + }}{{ '/tune' if intermediate_ca_pki_engine_status.status == 200 else '' }}" method: POST headers: X-Vault-Request: true @@ -158,7 +159,7 @@ client_flag: false code_signing_flag: true enforce_hostnames: true - key_bits: "{{ vault_code_signing_key_bits}}" + key_bits: "{{ vault_code_signing_key_bits }}" key_type: "{{ vault_code_signing_key_type }}" key_usage: DigitalSignature, KeyAgreement, KeyEncipherment max_ttl: 43800h diff --git a/nova/core/roles/vault/tasks/ca_mitm.yml b/nova/core/roles/vault/tasks/ca_mitm.yml index b84354e3..b5a07101 100644 --- a/nova/core/roles/vault/tasks/ca_mitm.yml +++ b/nova/core/roles/vault/tasks/ca_mitm.yml @@ -76,7 +76,7 @@ body: csr: "{{ mitm_csr.json.data.csr }}" common_name: "{{ vault_mitm_ca_name }}" - use_csr_values: yes + use_csr_values: true body_format: json validate_certs: "{{ vault_validate_cert }}" register: signed_mitm_ca diff --git a/nova/core/roles/vault/tasks/configure.yml b/nova/core/roles/vault/tasks/configure.yml index 6ce296b6..11c9c16a 100644 --- a/nova/core/roles/vault/tasks/configure.yml +++ b/nova/core/roles/vault/tasks/configure.yml @@ -23,14 +23,14 @@ ansible.builtin.lineinfile: path: "{{ vault_config_folder }}/creds/root_token" line: "{{ vault_init.json.root_token }}" - create: yes + create: true mode: "0600" - name: Saving Vault unseal key(s)... ansible.builtin.lineinfile: path: "{{ vault_config_folder }}/creds/unseal_key" line: "{{ vault_unseal_key_save }}" - create: yes + create: true mode: "0600" loop: "{{ vault_init.json.keys_base64 }}" loop_control: @@ -80,6 +80,7 @@ block: - name: Getting Vault root token... ansible.builtin.command: cat {{ vault_config_folder }}/creds/root_token + changed_when: false register: vault_root_token_lookup - name: Setting root token as fact... @@ -112,6 +113,7 @@ block: - name: Getting Vault unseal key... ansible.builtin.command: cat {{ vault_config_folder }}/creds/unseal_key + changed_when: false register: vault_unseal_key_lookup - name: Setting unseal key as fact... diff --git a/nova/core/roles/vault/tasks/configure_ldap.yml b/nova/core/roles/vault/tasks/configure_ldap.yml index d307e6e2..4a69e022 100644 --- a/nova/core/roles/vault/tasks/configure_ldap.yml +++ b/nova/core/roles/vault/tasks/configure_ldap.yml @@ -117,7 +117,9 @@ - name: Getting GUID for {{ vault_ldap_admin_group_name }} group... ansible.builtin.set_fact: - vault_admin_group_guid: "{{ vault_all_groups.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_ldap_admin_group_name) | map(attribute='key') | first }}" + vault_admin_group_guid: + "{{ vault_all_groups.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_ldap_admin_group_name) + | map(attribute='key') | first }}" - name: Listing all group aliases... ansible.builtin.uri: @@ -135,14 +137,19 @@ - name: Getting GUID for {{ vault_ldap_admin_group_name }} group alias... ansible.builtin.set_fact: - vault_admin_group_alias_guid: "{{ all_group_aliases.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_ldap_admin_group_name) | map(attribute='key') | first }}" + vault_admin_group_alias_guid: + "{{ all_group_aliases.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_ldap_admin_group_name) + | map(attribute='key') | first }}" when: - all_group_aliases.status != 404 # Means no aliases exist - - all_group_aliases.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_ldap_admin_group_name) | map(attribute='key') != [] # Means aliases matching vault_ldap_admin_group_name does not exists + - all_group_aliases.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_ldap_admin_group_name) + | map(attribute='key') != [] # Means aliases matching vault_ldap_admin_group_name does not exists - name: Mapping local {{ vault_ldap_admin_group_name }} group {{ vault_ldap_admin_group_name }} to LDAP group... ansible.builtin.uri: - url: "{{ vault_configuration_uri }}/v1/identity/group-alias{{ '' if vault_admin_group_alias_guid is not defined else '/id/' + vault_admin_group_alias_guid }}" + url: + "{{ vault_configuration_uri }}/v1/identity/group-alias{{ '' if vault_admin_group_alias_guid is not defined else '/id/' + + vault_admin_group_alias_guid }}" method: POST headers: X-Vault-Request: true diff --git a/nova/core/roles/vault/tasks/configure_policies.yml b/nova/core/roles/vault/tasks/configure_policies.yml index 48e85f58..64b6bba6 100644 --- a/nova/core/roles/vault/tasks/configure_policies.yml +++ b/nova/core/roles/vault/tasks/configure_policies.yml @@ -55,7 +55,9 @@ - name: Getting GUID for {{ vault_policy.vault_group_name }} group... ansible.builtin.set_fact: - vault_group_guid: "{{ vault_all_groups.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_policy.vault_group_name) | map(attribute='key') | first }}" + vault_group_guid: + "{{ vault_all_groups.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_policy.vault_group_name) + | map(attribute='key') | first }}" - name: Listing all group aliases... ansible.builtin.uri: @@ -72,10 +74,13 @@ - name: Getting GUID for {{ vault_policy.vault_group_name }} group alias... ansible.builtin.set_fact: - vault_group_alias_guid: "{{ all_group_aliases.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_policy.ldap_group_name) | map(attribute='key') | first }}" + vault_group_alias_guid: + "{{ all_group_aliases.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_policy.ldap_group_name) + | map(attribute='key') | first }}" when: - all_group_aliases.status != 404 # Means no aliases exist - - all_group_aliases.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_policy.ldap_group_name) | map(attribute='key') != [] # Means aliases matching ca_certificate_requesters_group_name does not exists + - all_group_aliases.json.data.key_info | dict2items | selectattr('value.name', 'eq', vault_policy.ldap_group_name) + | map(attribute='key') != [] # Means aliases matching ca_certificate_requesters_group_name does not exists - name: Mapping local {{ vault_policy.vault_group_name }} group {{ vault_policy.ldap_group_name }} to LDAP group... ansible.builtin.uri: diff --git a/nova/core/roles/vault/tasks/install.yml b/nova/core/roles/vault/tasks/install.yml index 8c5472cf..f88245ad 100644 --- a/nova/core/roles/vault/tasks/install.yml +++ b/nova/core/roles/vault/tasks/install.yml @@ -5,6 +5,7 @@ state: directory owner: 100 group: 1000 + mode: "0755" loop_control: loop_var: vault_dir loop: @@ -18,6 +19,7 @@ dest: "{{ vault_config_folder }}/{{ vault_config.dest }}" owner: 100 group: 1000 + mode: "0644" lstrip_blocks: true loop_control: loop_var: vault_config @@ -67,6 +69,6 @@ register: unseal_script - name: Unsealing Vault... - ansible.builtin.shell: "{{ vault_config_folder }}/config/unseal-vault.sh" + ansible.builtin.shell: "{{ vault_config_folder }}/config/unseal-vault.sh" # noqa: command-instead-of-shell changed_when: true when: unseal_script.stat.exists