xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2026-05-17 03:44:22 +00:00
Code Issues Projects Releases Wiki Activity
5,966 Commits 41 Branches 80 Tags
e75a1dc7adf4b1addf4ad8cf36aaf61fa8202bf2
Commit Graph

2842 Commits

Author SHA1 Message Date
Jarrod Johnson e75a1dc7ad Gracefully accept loop cancellation in async 2026-01-28 16:22:53 -05:00
Jarrod Johnson 2dcbf76738 More async rework of ipmi 2026-01-28 15:39:00 -05:00
Jarrod Johnson 04d2a5affc More async conversions 2026-01-28 15:32:54 -05:00
Jarrod Johnson 134f339050 Update some ipmi code for async 2026-01-28 15:06:53 -05:00
Jarrod Johnson 291363c582 Update some code for async 2026-01-28 15:04:32 -05:00
Jarrod Johnson c29494bcf6 Make all the redfish iterators async consistent 2026-01-23 20:48:16 -05:00
Jarrod Johnson 50ec0bbca6 Correct to async for in refish retriev 2026-01-23 20:46:57 -05:00
Jarrod Johnson 52bb240aff Wire up async mechanism in redfish 2026-01-23 20:45:44 -05:00
Jarrod Johnson 667e44983d Fix ordering of confluentbmcname setting 2026-01-23 20:38:29 -05:00
Jarrod Johnson b0647275df Replace dead references to SecureHTTPConnection 2026-01-23 20:23:23 -05:00
Jarrod Johnson c4616745c4 Remove pyghmi usage across multiple areas 2026-01-23 13:31:09 -05:00
Jarrod Johnson 60c3d5400a Fix up proxmox module for async operation 2026-01-23 10:30:01 -05:00
Jarrod Johnson 6bc9282698 Change to await login 2026-01-22 14:59:31 -05:00
Jarrod Johnson b06ffb293a Asyncify proxmox retrieve function 2026-01-22 14:53:52 -05:00
Jarrod Johnson b548002a8d Fix nodegroup attribute async behavior 2026-01-22 14:50:59 -05:00
Jarrod Johnson 218ecce63f Correct import name 2026-01-22 14:46:34 -05:00
Jarrod Johnson 1c679727ad Correct issues in recent revision 2026-01-22 14:44:36 -05:00
Jarrod Johnson 50e530ebde Replace pyghmi with aiohmi in various plugins, remove some eventlet usage 2026-01-22 14:40:44 -05:00
Jarrod Johnson 7984c02042 Temporarily remove eficompressor dependency 2026-01-22 09:42:05 -05:00
Jarrod Johnson d338f8d586 Temporarily lift some rpm dependencies to work through dev 2026-01-22 09:26:45 -05:00
Jarrod Johnson c0d53ba986 Clean up RPM dependencies for async branch 2026-01-22 09:26:01 -05:00
Jarrod Johnson 68097428a5 Modernize asyncio invocation in main confluent runtime 2026-01-21 16:47:17 -05:00
Jarrod Johnson 7fedbc1810 Replace some pyghmi references and modernize some asyncio invocations 2026-01-21 16:45:42 -05:00
Jarrod Johnson b2f1b8da79 Add tasks management module for async 2026-01-21 16:23:31 -05:00
Jarrod Johnson 0dabccaec8 Corrections after some mistakes in the merge 2026-01-20 14:55:06 -05:00
Jarrod Johnson d89305ca42 Merge branch 'master' into async 
Try to merge in 2025 work into async
 2026-01-20 14:24:01 -05:00
Jarrod Johnson 99d10896e8 Fix parameter count unpack for accelerated switch interrogation 2026-01-08 17:07:39 -05:00
Jarrod Johnson c196bf9d55 Fix initial startup of a new confluent 
The indexes change failed on a brand new install.
 2025-12-02 14:31:10 -05:00
Markus Hilger ec39de3df0 Add bond alias to team description 2025-11-21 14:16:07 +01:00
Jarrod Johnson 73216fc062 Fix architecture name mismatch 
Confluent went with aarch64 consistent
with EL naming, but Ubuntu used
debian naming, recognize and just
handle that.
 2025-11-18 09:10:30 -05:00
Jarrod Johnson 61b07e0af4 Start index at 1 instead of 0 2025-11-17 12:05:03 -05:00
Jarrod Johnson 53760ab5dd Attribute feature enhancement 
Add expression functions upper, lower, block_number, and block_offset.

Add an 'id.index' auto-attribute to
yield a number for nodes.
 2025-11-17 11:58:04 -05:00
Jarrod Johnson d3e7a49f92 Simplify by recursion 
Use _handle_ast_node to process
everything before the function name in an Attribute call
 2025-11-15 10:32:11 -05:00
Jarrod Johnson 1f688ead28 Implement .replace() for attribute expressions 
Provide an easy to use replace() to allow removing or substiting values
during expression evaluation.
 2025-11-14 17:20:06 -05:00
Jarrod Johnson 6ebb6de107 Allow specifiying SNMP privacy protocol 
Modern SNMP devices may require AES.

Unfortunately, older ones may refuse AES.

For compatibility, continue to default to DES, but
allow AES to be indicated in attributes.
 2025-11-10 10:21:01 -05:00
Jarrod Johnson b07da455c2 Fix SAN generation 
The nameconstraint support missed
a branch, fix this.
 2025-11-07 11:22:12 -05:00
Jarrod Johnson cc9a81103b Do not autosign if the corresponding cryptography is unavailable 
We use cryptography verification, but it's relatively new.

For compatibility, we fall back to fingerprint only.

This is pretty bad when inflicted on
unsuspecting users on autosign,
so skip autosign if cert validation
would break.
 2025-11-04 15:51:22 -05:00
Jarrod Johnson 174d204607 Implement compatibility with newer pysnmp 
For now, terminate the async nature
if newer pysnmp is detected.
 2025-11-04 09:58:11 -05:00
Jarrod Johnson 2826abb7ab Prune excessive leftover ext config files 2025-11-03 14:21:36 -05:00
Jarrod Johnson 5adb5fa780 Automatically sign XCC certificates on discover 
If an XCC doesn't have a 'real' certificate, sign it with the confluent
CA for 47 days.
 2025-11-03 14:02:33 -05:00
Jarrod Johnson 5de063212f Prepare for supporting constrained CA 
If asked to sign using a name constrained CA,
avoid generating a certificate that
would violate those constraints.
 2025-11-03 10:43:34 -05:00
Jarrod Johnson 073f6d1389 Wire up cert signing to nodecertutil 2025-10-31 12:04:27 -04:00
Jarrod Johnson f755ba9f91 Implement method to sign BMC certificates 2025-10-31 10:46:42 -04:00
Jarrod Johnson cf8c01ef13 Merge remote-tracking branch 'lenovo' 2025-10-31 09:48:05 -04:00
Jarrod Johnson 8b12047ae0 Update to handle newer XCC2 firmware 2025-10-31 09:45:59 -04:00
Jarrod Johnson f0a779764d Fix ordering of digest argument 
The digest argument was erroneously inserted between startdate and it's
argument, correct this mistake.
 2025-10-28 15:39:04 -04:00
Jarrod Johnson 0ad7e99efe Only optionally use cryptography verification 
Some supported distributions can't run the newer cryptography.

Make it a feature that only works with newer platforms.
 2025-10-27 08:38:14 -04:00
Jarrod Johnson 24a76612ae Use sha284 hash algorithm 
Some implementations reject sha256 as inadequate if ecdsa has 384 bit keylength. Bring the digest up to match
the key size for the ECDSA.
 2025-10-27 06:41:05 -04:00
Jarrod Johnson 6c9c58f464 Update certutil to prepare for broader usage 
For one, apply more rules from CA/B forum. This includes including KU and EKU extensions, marking basicConstraints critical, and
randomized serial numbers.

Also make the backdate and end date configurable, to allow
for the BMC certs to have a more palatable validity interval.
 2025-10-26 14:57:26 -04:00
Jarrod Johnson 3125f4171b Begin overhaul of TLS cert management 
Begin expanding certutil to sign other certificates from external CSRs more easily.

Have certutil make the CA constraint critical.

Have the fingerprint based validator have a mechanism to check for properly signed certificate in lieu of exact match,
and update the stored fingerprint
on match.

Provide a means to request a custom subject when evaluating a
target.

Change redfish plugin to set that subject in the verifier.
 2025-10-24 20:02:51 -04:00