Skip to content

Commit

Permalink
Adding ecdsa (#15)
Browse files Browse the repository at this point in the history 
* Removing Vagrant Acceptance test
* Adding comments around KSK algorithm in KASP
* Fixing regex on SPEC for kasp policy
* DNSKEYALG hash
  • Loading branch information
@mave007
mave007 authored Jan 21, 2021
1 parent 49ed2bf commit 738729e
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 103 deletions.
99 changes: 1 addition & 98 deletions .travis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,105 +26,8 @@ jobs:
env: CHECK=parallel_spec
- stage: spec and lint
env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec
- stage: spec and lint
env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec
- stage: RSPEC
script: bundle exec rake spec
- stage: acceptance old
bundler_args:
dist: trusty
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply TEST_TIERS=low
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: xenial
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-16.04 BEAKER_TESTMODE=apply TEST_TIERS=low
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: bionic
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-18.04 BEAKER_TESTMODE=apply TEST_TIERS=low
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: focal
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-20.04 BEAKER_TESTMODE=apply TEST_TIERS=low
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: trusty
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/centos-7 BEAKER_TESTMODE=apply TEST_TIERS=low
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance old
bundler_args:
dist: trusty
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply TEST_TIERS=medium
rvm: 2.4
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: xenial
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-16.04 BEAKER_TESTMODE=apply TEST_TIERS=medium
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: bionic
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-18.04 BEAKER_TESTMODE=apply TEST_TIERS=medium
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: focal
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-20.04 BEAKER_TESTMODE=apply TEST_TIERS=medium
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: trusty
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/centos-7 BEAKER_TESTMODE=apply TEST_TIERS=medium
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance old
bundler_args:
dist: trusty
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-14.04 BEAKER_TESTMODE=apply TEST_TIERS=high
rvm: 2.4
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: xenial
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-16.04 BEAKER_TESTMODE=apply TEST_TIERS=high
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: bionic
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-18.04 BEAKER_TESTMODE=apply TEST_TIERS=high
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: acceptance
bundler_args:
dist: focal
env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_set=docker/ubuntu-20.04 BEAKER_TESTMODE=apply TEST_TIERS=high
rvm: 2.4.10
script: bundle exec rake beaker
services: docker
- stage: deploy
env: PUPPET_VERSION="~> 5.0" CHECK=build DEPLOY_TO_FORGE=yes
notifications:
Expand Down
1 change: 0 additions & 1 deletion hiera.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,4 +12,3 @@ hierarchy:
path: "os/%{os.family}.yaml"
- name: "common"
path: "common.yaml"

7 changes: 7 additions & 0 deletions spec/defines/policy_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,7 @@
}x,
).with_content(
%r{<KSK>
\s+<!--\sKSK\sAlgo\sRSASHA1-NSEC3-SHA1\s\(7\)\s-->
\s+<Algorithm\slength="2048">7</Algorithm>
\s+<Lifetime>P365D</Lifetime>
\s+<Repository>SoftHSM</Repository>
Expand Down Expand Up @@ -483,6 +484,7 @@
'policy_test_policy',
).with_content(
%r{<KSK>
\s+<!--\sKSK\sAlgo\sRSASHA1\s\(5\)\s-->
\s+<Algorithm\slength="2048">5</Algorithm>
\s+<Lifetime>P365D</Lifetime>
\s+<Repository>SoftHSM</Repository>
Expand All @@ -501,6 +503,7 @@
'policy_test_policy',
).with_content(
%r{<KSK>
\s+<!--\sKSK\sAlgo\sECDSAP256SHA256\s\(13\)\s-->
\s+<Algorithm\slength="2048">13</Algorithm>
\s+<Lifetime>P365D</Lifetime>
\s+<Repository>SoftHSM</Repository>
Expand All @@ -519,6 +522,7 @@
'policy_test_policy',
).with_content(
%r{<KSK>
\s+<!--\sKSK\sAlgo\sRSASHA1-NSEC3-SHA1\s\(7\)\s-->
\s+<Algorithm\slength="1024">7</Algorithm>
\s+<Lifetime>P365D</Lifetime>
\s+<Repository>SoftHSM</Repository>
Expand All @@ -537,6 +541,7 @@
'policy_test_policy',
).with_content(
%r{<KSK>
\s+<!--\sKSK\sAlgo\sRSASHA1-NSEC3-SHA1\s\(7\)\s-->
\s+<Algorithm\slength="2048">7</Algorithm>
\s+<Lifetime>P1D</Lifetime>
\s+<Repository>SoftHSM</Repository>
Expand All @@ -555,6 +560,7 @@
'policy_test_policy',
).with_content(
%r{<KSK>
\s+<!--\sKSK\sAlgo\sRSASHA1-NSEC3-SHA1\s\(7\)\s-->
\s+<Algorithm\slength="2048">7</Algorithm>
\s+<Lifetime>P365D</Lifetime>
\s+<Repository>SoftHSM</Repository>
Expand All @@ -573,6 +579,7 @@
'policy_test_policy',
).with_content(
%r{<KSK>
\s+<!--\sKSK\sAlgo\sRSASHA1-NSEC3-SHA1\s\(7\)\s-->
\s+<Algorithm\slength="2048">7</Algorithm>
\s+<Lifetime>P365D</Lifetime>
\s+<Repository>SoftHSM</Repository>
Expand Down
11 changes: 7 additions & 4 deletions templates/etc/opendnssec/kasp-fragment.xml.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ if not defined?(NSEC_ALGO)
'SHA1' => 1
}
end
if not defined?(DNSKEY_ALGO)
DNSKEY_ALGO = {
if not defined?(DNSKEYALG)
DNSKEYALG = {
'RSASHA1' => 5,
'RSASHA1-NSEC3-SHA1' => 7,
'RSASHA256' => 8,
Expand Down Expand Up @@ -59,7 +59,10 @@ end

<!-- Parameters for KSK only -->
<KSK>
<Algorithm length="<%= @ksk_algorithm_length %>"><%= DNSKEY_ALGO[@ksk_algorithm] %></Algorithm>
<% if @ksk_algorithm %>
<!-- KSK Algo <%= @ksk_algorithm %> (<%= DNSKEYALG[@ksk_algorithm] %>) -->
<% end %>
<Algorithm length="<%= @ksk_algorithm_length %>"><%= DNSKEYALG[@ksk_algorithm] %></Algorithm>
<Lifetime><%= @ksk_lifetime %></Lifetime>
<Repository><%= @repository_name %></Repository>
<Standby><%= @ksk_standby %></Standby>
Expand All @@ -70,7 +73,7 @@ end

<!-- Parameters for ZSK only -->
<ZSK>
<Algorithm length="<%= @zsk_algorithm_length %>"><%= DNSKEY_ALGO[@zsk_algorithm] %></Algorithm>
<Algorithm length="<%= @zsk_algorithm_length %>"><%= DNSKEYALG[@zsk_algorithm] %></Algorithm>
<Lifetime><%= @zsk_lifetime %></Lifetime>
<Repository><%= @repository_name %></Repository>
<Standby><%= @zsk_standby %></Standby>
Expand Down

0 comments on commit 738729e

Please sign in to comment.