-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
validate_certs defaulting to true is a breaking change #357
Comments
@MallocArray, I will check internally and get back on this on whether we will revert the default to |
I am getting an error on the Other modules within the dellemc.openmanage collection work fine. |
@howezies update omsdk to latest, if issue still persists, open a separate issue for the same, we will look into it |
@MallocArray, I had a discussion internally. There were suggestions on keeping the I need to discuss this further with the team on how we could ease the transition or make it tied to say for e.g. environment variables that will provide a default values for these new arguments. |
I'm mostly concerned with these 2 points:
|
Ran into this issue today as well, had to downgrade to 4.4.0 to get my work done. |
All, we are having a patch release 5.0.1 targeted for 11 Feb 2022 with the following changes.
|
Summary
In the 5.0.0 release, it was noted that all modules support SSL over HTTPS, but did not make clear that validate_certs now defaults to true on modules. In addition, when validate_certs is true, it REQUIRES ca_path to be filled out or the task will fail. This is ultimately a breaking change as playbooks that worked without specifying validate_certs in the past now do not work at all with an error:
I have modules for other technologies that I do use validate_certs with, but they do not require a ca_path field to be filled out. Why do the Dell modules require this instead of using a default path or autodiscovering?
At this point, in order to use 5.0.0 I either have to modify all tasks to change validate_certs: false or modify all tasks to include a ca_path value, both of which will take unexpected time and effort.
Component Name
ome_application_network_time and presumably all other modules
Ansible Version
iDRAC or OpenManage Enterprise version
OME-M 1.40.10 and 1.30.10
Steps to Reproduce
Have working playbooks without validate_certs specified
Upgrade to collection 5.0.0
Experience failures because validate_certs defaults to true, but ca_path has no default value
Playbook used
Expected Results
When validate_certs is defaulted to true, it would not require an additional parameter of ca_path and instead use some default value that other collections must be using to support cert validation without needing to specify a ca_path, as I don't even know what path I would need to use in my Ansible Execution Environment
Actual Results
Community Note
to the original issue to help the community and maintainers prioritize this request
they generate extra noise for issue followers and do not help prioritize the request
The text was updated successfully, but these errors were encountered: