Skip to content

Deprecation fixes to make the CI build #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Spindel wants to merge 21 commits into
base: master
Choose a base branch
from
Open

Deprecation fixes to make the CI build #81

Spindel wants to merge 21 commits into from

Conversation

@Spindel
Copy link
Member

@Spindel Spindel commented Apr 18, 2024

Just the bare minimum maintainance to make it work with the current gen python libraries.

@Spindel Spindel self-assigned this Apr 18, 2024
Spindel added 5 commits April 18, 2024 17:41
@Spindel
Fix pyOpenSSL patching routine
e274fcc 
The _lib is not accessible in more modern PyOpenSSL and thus won't need
to be batched, better to not fail then.
@Spindel
Make the models work with SqlAlchemy 2.0 in compat mode
5f8058e 
This uses the most basic update to the model code to work in SqlAlchemy
2.0. The declarative attribuetes may need an overhaul anyhow.
@Spindel
Consistently use UTC timestamp without TZ info
d6f879f 
This makes it explicit that we use UTC sans tzinfo, and thus avoid an
warning from python 3.11+ datetime library.

As the DB schema has no tzinfo, this makes it consistent.
@Spindel
Fix generate req script
7b10b60 
because requests should have version=0
@Spindel
Re-run modern black on the code
09aa6dc
Spindel added 16 commits April 18, 2024 17:42
@Spindel
CI: allow workflow on manual trigger
694479c
@Spindel
CI: If machine-id doesn't exist, make it so
fffe811
@Spindel
CI: Ensure openssl is part of the systest container
11d8bd1 
Because it helps to have it.
@Spindel
Add a transient dep on legacy-cgi for python 3.13 deprecation
d5bdc23
@Spindel
Allow failures for deprecation tests
6b6e55e 
As of now, due to transient dependencies we cannot avoid deprecation
warnings, and thus we should not make those be errors
@Spindel
re-generate the test fixtures
b72f2d0 
This re-generates the test fixtures ( with an very ugly script) in order
to set them up as-was but with valid certs that have the versions and
such loadable.
@Spindel
fixup! re-generate the test fixtures
75a7c99
@Spindel
use modern cryptography package to generate CA fixtures
3e45a95 
This adds a two way generate & compare operation for the parts that
generate our CA keys for the fixtures, in order to verify that we get
bit-identical output where we want them.
@Spindel
testdata signing a ca req now works
8a0ef92
@Spindel
testdata can now be created for expired certs with new library
f0d70ee
@Spindel
Clean out the testdata generation a bit
bc5714f
@Spindel
Fix some bugs in testdata that made it generate stupid data
cb59ea1 
Turns out that global variables can make things work that should not work
@Spindel
Now using more of the new objects
9ccfbaa
@Spindel
fixtures now passes the lints.
e7dc5ca
@Spindel
Migrate the generate_ca code to use new cryptography module
7ff75cf 
This sets it up to work without OpenSSL and moves the code that was duplicated from test fixture generation back home
@Spindel
Finish the porting of caramel to new cryptography
2f97f58 
This gets rid of the OpenSSL code and uses the recommended cryptography module instead.  Some quirks of behaviour are still there, but I think ti mostly works out.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@Spindel Spindel

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Spindel