The Sigsum team is happy to release a new version of the sigsum ansible collection, version tag v1.6.0, succeeding the previous release v1.5.0. The release can be checked out from the git repository as
git clone -b v1.6.0 https://git.glasklar.is/sigsum/admin/ansible.git
See the NEWS file for details on changes, excerpt below.
If you find any bugs, please report them on the sigsum-general@lists.sigsum.org mailing list or open an issue on GitLab in the ansible repository:
https://git.glasklar.is/sigsum/admin/ansible/
See the README.md file for installation and usage instructions, and the HACKING file for information about how the molecule tests can be used.
/ The Sigsum team
NEWS for sigsum ansible v1.6.0
With this release, all users should upgrade to torchwood v0.9.0 due to bugs in earlier versions of witnessctl and litebastion.
Changes between v1.5.0 and v1.6.0:
* Added support for per-log bastions.
* Added support for periodically pulling logs to witness from a centrally managed list (e.g., https://testing.witness-network.org/log-list.1).
* Added support for using externally managed TLS certificates for litebastion. This is useful when using challenge methods other than TLS-ALPN-01, such as DNS-01.
* Added support for litewitness -no-listen flag, which prevents litewitness from opening any listening sockets. This should only be used when relying solely on per-log bastions.
* Added support for toggling debug endpoints such as /logz for litewitness and litebastion. Debug endpoints are disabled by default.
* Deprecated the variables litewitness_sigsum_log_keys and litewitness_vkey_log_keys in favor of litewitness_logs. The old variables will remain supported for now but will be removed in a future release.
* Deprecated the variables litebastion_host and litebastion_email in favor of litebastion_acme_host and litebastion_acme_email. The old variables will remain supported for now but will be removed in a future release.
* Removed the litebastion_h2v variable as the corresponding flag was removed in litebastion v0.4.0.
* Bumped the default version of torchwood for litewitness and litebastion from v0.7.0 to v0.9.0.
* Bumped community.mysql version from 3.12.0 to 4.0.1
* Moved molecule tests to extensions directory.
* Fixed various warnings in molecule tests.