Skip to content

Fix several x509_v2 issues#68829

Merged
twangboy merged 4 commits intosaltstack:3006.xfrom
lkubb:fix_x509_v2
Apr 2, 2026
Merged

Fix several x509_v2 issues#68829
twangboy merged 4 commits intosaltstack:3006.xfrom
lkubb:fix_x509_v2

Conversation

@lkubb
Copy link
Copy Markdown
Contributor

@lkubb lkubb commented Mar 18, 2026
edited
Loading

What does this PR do?

  • Makes x509_v2 states use concurrency=True when calling state.single for file.managed runs [NOTE: This doesn't happen in 3008 because of changes to the state.running function, the new test is superfluous there]
  • Makes x509.certificate_managed pass through prepend_cn and copypath params
  • Documents a forgotten breaking change versus the previous modules regarding handling of the public_key parameter
  • Tries to clear up documentation regarding what is expected in private_key, public_key and csr params
  • Doesn't add default mode for private_key_managed on Windows

What issues does this PR fix or reference?

Fixes: #66929
Fixes: #68828
Fixes: #66889 (by updating docs)
Fixes: #66942

Previous Behavior

  • x509.certificate_managed (and probably other states) fail when a state run is queued
  • x509.certificate_managed ignores prepend_cn and copypath
  • Docs are missing a breaking change and reported to be confusing regarding public key input methods for certificate management
  • private_key_managed fails on Windows

New Behavior

  • queued state runs don't interfere
  • params are passed through
  • An existing breaking change is documented properly, hopefully the docs are clearer
  • private_key_managed works on Windows

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests.

Commits signed with GPG?

Yes

@lkubb lkubb requested a review from a team as a code owner March 18, 2026 12:07
@lkubb lkubb changed the base branch from master to 3006.x March 18, 2026 12:14
@dafyddj dafyddj added the test:full Run the full test suite label Mar 24, 2026
lkubb added 4 commits April 2, 2026 11:31
@lkubb @twangboy
Fix x509_v2 states failing with queued state run
19c7f83
@lkubb @twangboy
Pass through copypath and prepend_cn (x509_v2)
60e2a96
@lkubb @twangboy
Clear up public key source handling docs
1c763cf 
This commit clears up input types for x509_v2 certificate parameters
relating to the certificate's public key.

It also documents a breaking change versus the previous modules that was
forgotten about and can cause confusion. See:
saltstack#66889
@lkubb @twangboy
Don't add default mode on Windows
5541dc8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dwoz dwoz dwoz approved these changes

@twangboy twangboy twangboy approved these changes

Assignees

No one assigned

Labels

test:full Run the full test suite

Projects

None yet

Milestone

Sulpher v3006.24

4 participants

@lkubb @dwoz @twangboy @dafyddj