Ansible role to manage Thales Hardware Security Module (HSM) client software

Go to file

Elod Illes 49970b3ceb Disable auto-discovery for setuptools With setuptools release 61.0.0 ansible-role-thales-hsm's package build command (python3 setup.py sdist bdist_wheel) started to fail: error: Multiple top-level packages discovered in a flat-layout: ['files', 'defaults', 'handlers', 'templates', 'releasenotes']. This bug is mentioned in setuptools issue 3197 [1], and the suggested workaround is to disable auto-discovery by adding 'py_modules=[]' in setup.py. ansible-lint also released a new version (6.0.0), which has new rules that blocks the gate. As a workaround, this patch caps ansible-lint version <6.0.0 to unblock the gate. [1] https://github.com/pypa/setuptools/issues/3197 Change-Id: Idb765d09f9498bc13f952c055026e29a46cab8d3		2022-03-26 20:24:49 +01:00
defaults	Document role variables and defaults	2019-01-14 08:24:18 -06:00
files	Add support for configuring load_sharing mode	2021-02-17 11:04:23 -05:00
handlers	Add support for configuring load_sharing mode	2021-02-17 11:04:23 -05:00
releasenotes/notes	Add support for configuring load_sharing mode	2021-02-17 11:04:23 -05:00
tasks	Add support for configuring load_sharing mode	2021-02-17 11:04:23 -05:00
templates	Add support for configuring load_sharing mode	2021-02-17 11:04:23 -05:00
zuul.d	Add gate config	2019-03-06 07:24:17 -06:00
.ansible-lint	Fix linters	2021-01-12 09:16:30 -07:00
.gitignore	Add gate config	2019-03-06 07:24:17 -06:00
.gitreview	OpenDev Migration Patch	2019-04-19 19:44:02 +00:00
AUTHORS	Initial commit.	2019-01-04 11:08:37 -06:00
LICENSE	Initial commit.	2019-01-04 11:08:37 -06:00
README.rst	Add support for configuring load_sharing mode	2021-02-17 11:04:23 -05:00
requirements.txt	Add files for python build	2019-01-04 15:00:12 -05:00
setup.cfg	Use underscore instead of dash	2020-04-29 15:26:54 -05:00
setup.py	Disable auto-discovery for setuptools	2022-03-26 20:24:49 +01:00
test-requirements.txt	Disable auto-discovery for setuptools	2022-03-26 20:24:49 +01:00
tox.ini	Add gate config	2019-03-06 07:24:17 -06:00
vars.yaml.sample	Add support for configuring load_sharing mode	2021-02-17 11:04:23 -05:00

README.rst

thales-hsm

This is a role to manage the client software for Entrust nShield Connect Hardware Security Modules (HSMs).

This repo uses the "Thales" name for historical reasons:

At the time when this repository was created nShield HSMs were owned by Thales. Since then, the nShield line of HSMs have gone through some ownership changes, including nCipher for some time, and currently Entrust.

If you are looking for the ansible role to manage client software for Thales Luna Network HSMs you can find it here:

https://opendev.org/openstack/ansible-role-lunasa-hsm

Role Variables

Name	Default Value	Description
thales_install_client	false	Whether the role should install the client software on the target host.
thales_configure_rfs	false	Whether the role should execute the RFS configuration tasks.
thales_client_working_dir	/tmp/thales_client_install	Working directory in the target host.
thales_client_gid	42481	Group ID for the thales group.
thales_client_uid	42481	User ID for the thales user.
thales_client_tarball_name	None	Filename for the Thales client software tarball.
thales_client_tarball_location	None	Full URL where a copy of the client software tarball can be downloaded.
thales_client_path	linux/libc6_11/amd64/nfast	Path to the client software directory inside the tarball
thales_km_data_tarball_name	None	Filename for the KM Data tarball
thales_km_data_location	None	Full URL where a copy of the KM Data tarball can be downloaded.
thales_rfs_ip_address	None	IPv4 address for the Thales RFS host.
thales_client_ips	None	Whitespace separated list of IP addresses to be added to RFS config.
thales_bootstrap_client_ip	None	Bootstrap client IP address. This IP will be allowed to update RFS server.
nshield_hsms	None	List of one or more HSM devices

Requirements

ansible >= 2.4