Commit graph

554 commits

Author SHA1 Message Date
Matt Willsher
4c629407d7
Merge pull request #233 from richm/firewall-platform-support 2023-04-27 08:33:54 +01:00
Matt Willsher
f4336527fa
Merge pull request #231 from spetrosi/commitlint-gh-action 2023-04-27 08:33:32 +01:00
Rich Megginson
a2921b9dc1 test: skip selinux or firewall role test where not supported
Do not test with selinux or firewall if the platform does not support
those roles.
2023-04-26 16:11:18 -06:00
Richard Megginson
a36faf9309
Merge pull request #232 from richm/check_fingerprint
test: check generated files for ansible_managed, fingerprint
2023-04-26 10:01:31 -06:00
Rich Megginson
c5c519f73b test: check generated files for ansible_managed, fingerprint
Add the following files: tests/tasks/check_header.yml and
tests/templates/get_ansible_managed.j2.
Use check_header.yml to check generated files for the ansible_managed
and fingerprint headers.
check_header.yml takes these parameters.  `fingerprint` is required,
and one of `__file` or `__file_content`:

* `__file` - the full path of the file to check e.g. `/etc/realmd.conf`
* `__file_content` - the output of `slurp` of the file
* `__fingerprint` - required - the fingerprint string `system_role:$ROLENAME` e.g.
  `__fingerprint: "system_role:postfix"`
* `__comment_type` - optional, default `plain` - the type of comments used

e.g. `__comment_type: c` for C/C++-style comments.  `plain` uses `#`.
See https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_filters.html#adding-comments-to-files
for the different types of comment styles supported.

Example:
```
- name: Check generated files for ansible_managed, fingerprint
  include_tasks: tasks/check_header.yml
  vars:
    __file: /etc/myfile.conf
    __fingerprint: "system_role:my_role"
```

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-04-26 07:52:03 -06:00
Sergei Petrosian
3f17eeaf61 ci: Add commitlint GitHub action to ensure conventional commits
linux-system-roles move to using the conventional commits format to
automate collecting changelog and release notes, and automate
identifying version of releases.

For more information, see
- General conventional commits specs in
https://www.conventionalcommits.org/en/v1.0.0/,
- Conventional Commits format in system roles' Contribute
https://linux-system-roles.github.io/contribute.html#conventional-commits-format
2023-04-26 12:05:04 +02:00
Jakub Jelen
2e3e4a29b5 ci: Drop testing on Debian stretch (9)
This version is EOL since last year and various failures happen.

Fixes: #228
2023-04-26 10:09:06 +02:00
Matt Willsher
638e76cf64
Merge pull request #229 from Jakuje/indent
Make sure the list options are correctly indented
2023-04-19 19:52:05 +01:00
Jakub Jelen
a3065d070c Make sure the list options are correctly indented
Inspired by similar issue reported and fixed in ssh client role
https://github.com/linux-system-roles/ssh/pull/80/

This wont work in RHEL6 (not allowed AcceptEnv in match blocks) so just
skip it here.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-04-14 19:01:19 +02:00
Richard Megginson
ebf18bd8cd
Merge pull request #227 from richm/bsd
BSD: define __sshd_packages
2023-04-14 07:33:42 -06:00
Richard Megginson
6ede6a2c7b
Merge pull request #225 from willshersystems/dependabot/github_actions/mathieudutour/github-tag-action-6.1
Bump mathieudutour/github-tag-action from 6.0 to 6.1
2023-04-14 07:33:24 -06:00
Rich Megginson
1d689ed992 BSD: define __sshd_packages 2023-04-13 16:32:37 -06:00
Matt Willsher
e84617d70e
Merge pull request #224 from willshersystems/dependabot/github_actions/actions/checkout-3 2023-04-12 12:59:21 +01:00
dependabot[bot]
c165ae5c61
Bump mathieudutour/github-tag-action from 6.0 to 6.1
Bumps [mathieudutour/github-tag-action](https://github.com/mathieudutour/github-tag-action) from 6.0 to 6.1.
- [Release notes](https://github.com/mathieudutour/github-tag-action/releases)
- [Commits](https://github.com/mathieudutour/github-tag-action/compare/v6.0...v6.1)

---
updated-dependencies:
- dependency-name: mathieudutour/github-tag-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-11 15:35:48 +00:00
dependabot[bot]
54466f823e
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-11 15:35:44 +00:00
Richard Megginson
aa17300eb3
Merge pull request #223 from richm/dependabot
add dependabot check for github action updates
2023-04-11 09:35:18 -06:00
Rich Megginson
e66f115631 add dependabot check for github action updates 2023-04-11 08:58:16 -06:00
Richard Megginson
511527c889
Merge pull request #222 from richm/more-ansible-lint
ansible-lint - align with current Ansible recommendations
2023-04-11 08:56:25 -06:00
Rich Megginson
4ea9b1cc16 fix typo 2023-04-11 08:41:49 -06:00
Rich Megginson
95bbdf3e4f more github action fixes 2023-04-10 15:07:38 -06:00
Rich Megginson
53e649f227 fix github action 2023-04-10 14:48:29 -06:00
Rich Megginson
b29e05f24d fix pipefail setting 2023-04-10 14:29:38 -06:00
Rich Megginson
70808e97fc ansible-lint - align with current Ansible recommendations
Use `true/false` instead of `yes/no`
Ensure use of FQCN for builtin modules
Use correct spacing in Jinja expressions
All tasks and plays must have a `name`, and the `name` string must begin with an uppercase letter
Use `ansible.posix.mount` instead of `ansible.builtin.mount`
Use `set -o pipefail` with `shell` module where supported by the platform shell

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-04-10 14:21:30 -06:00
Matt Willsher
11eb7590e9
Merge pull request #221 from richm/v0.18.2 2023-04-07 08:59:56 +00:00
Rich Megginson
01b5325438 v0.18.2 2023-04-06 14:28:24 -06:00
Matt Willsher
a32e494924
Merge pull request #218 from nhosoi/fingerprint 2023-03-29 20:06:21 +00:00
Noriko Hosoi
3bc81d9f97 Fingerprint ansible-sshd managed config files
- Add repo and role name to the generated config files.
  # willshersystems:ansible-sshd

Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
2023-03-29 10:30:06 -07:00
Jakub Jelen
806bab7720 Fedora 38 has no longer non-standard hostkey permissions
The Fedora commit introducing this change (now in Rawhide/Fedora 38
only):

7a21555354

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-03-02 09:49:01 +01:00
Jakub Jelen
5c1f645e08 release 0.18.1
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-01-18 13:22:22 +01:00
Noriko Hosoi
bcc3c75c19 Add check for non-inclusive language
Add a check for usage of terms and language that is considered
non-inclusive. We are using the woke tool for this with a wordlist
that can be found at
https://github.com/linux-system-roles/tox-lsr/blob/main/src/tox_lsr/config_files/woke.yml

Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
2023-01-17 09:36:43 +01:00
Noriko Hosoi
d67c562142 Clean up / Workaround non-inclusive words
- CHANGELOG.md
- tests/tests_include_present.yml
2023-01-17 09:36:43 +01:00
Jakub Jelen
bcd15cab9d Add the alpine also to the README and galaxy metadata 2023-01-16 15:10:28 +01:00
Jakub Jelen
54b39a2de1 Run CI also on Alpine 2023-01-16 15:10:28 +01:00
Jakub Jelen
252deda7c4 tests: Use configuration option that is not in defaults 2023-01-16 15:10:28 +01:00
Jakub Jelen
317700c72e vars: Update defaults based on alpine:latest 2023-01-16 15:10:28 +01:00
Jakub Jelen
e63d6f9e99 tests: Filter out backspace characters from manual pages in alpine 2023-01-16 15:10:28 +01:00
Jakub Jelen
2e2ab311a6 tests: Whitespace cleanup 2023-01-16 15:10:28 +01:00
Jakub Jelen
c57e15668f tests: Different test requirements for alpine 2023-01-16 15:10:28 +01:00
Jakub Jelen
04f056867c Add support for managing selinux and firewall on RHEL 2023-01-13 10:42:40 +01:00
Matt Willsher
788a3d8668
Merge pull request #212 from findmyname666/alpine_support
Initial configuration for Alpine OS
2022-12-28 09:32:09 +00:00
Adrian Eib
16b4d4150d
Add vars for Alpine OS 2022-12-27 22:17:53 +01:00
Jakub Jelen
6f4d3d8fdb tasks: Improve the order of keys and add missing name
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-12-13 14:13:18 +01:00
Jakub Jelen
e6d075b8f3 meta: Provide explicit namespace to avoid ansible lint errors
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-12-13 14:13:18 +01:00
Matt Willsher
43aac1b156
Merge pull request #208 from richm/cl-20220927
Version v0.18.0 - CHANGELOG.md [citest skip]
2022-10-10 07:23:32 +01:00
Matt Willsher
237de5ba6d
Merge pull request #207 from Jakuje/test-all
Introduce automatic test for new configuration options in OpenSSH and add missing options so far
2022-10-10 07:22:57 +01:00
Rich Megginson
59b8d3c7b9 Version v0.18.0 - CHANGELOG.md [citest skip]
[v0.18.0] - 2022-09-27
--------------------

### New Features

- Adding support for OpenWrt 21.03

- Add final version of RequiredRSASize

Keep the old version for backward compatibility

Upstream commit:
https://github.com/openssh/openssh-portable/commit/1875042c

### Bug Fixes

- Update source template to match generated files

### Other Changes

- Remove legacy files

- Update pre-commit plugins to latest

- Linting fixes

- keep v prefix in version/tag

Keep the `v` prefix in the version/tag

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2022-09-27 14:45:14 -06:00
Jakub Jelen
7fb18bd3b8 tests: Introduce test for all documented options of the OS 2022-09-27 22:32:57 +02:00
Jakub Jelen
1c4197e341 Add configuration options from EL7 2022-09-27 22:32:57 +02:00
Jakub Jelen
ddb286111f Add missing configuration options from EL8 2022-09-27 22:32:57 +02:00
Jakub Jelen
c201ba2060 Support __sshd_supports_validate 2022-09-27 22:32:57 +02:00