Commit graph

632 commits

Author SHA1 Message Date
Rich Megginson
5071717392 update README for EL10 2024-07-03 07:29:18 -06:00
Rich Megginson
af3094038e fix ansible-lint test 2024-07-02 10:40:29 -06:00
Rich Megginson
b5b3933072 fix: add support for EL10
According to the Ansible team, support for listing platforms in
role `meta/main.yml` files is being removed.
Instead, they recommend using `galaxy_tags`

https://github.com/ansible/ansible/blob/stable-2.17/changelogs/CHANGELOG-v2.17.rst
"Remove the galaxy_info field platforms from the role templates"
https://github.com/ansible/ansible/issues/82453

For each version listed under `platforms.EL` - add a tag like `elN`.

Q: Why not use a delimiter between the platform and the version e.g. `el-10`?

This is not allowed by ansible-lint:

```
meta-no-tags: Tags must contain lowercase letters and digits only., invalid: 'el-10'
meta/main.yml:1
```

So we cannot use uppercase letters either.

Q: Why not use our own meta/main.yml field?

No other fields are allowed by ansible-lint:

```
syntax-check[specific]: 'myfield' is not a valid attribute for a RoleMetadata
```

Q: Why not use some other field?

There are no other applicable or suitable fields.

Q: What happens when we want to support versions like `N.M`?

Use the word "dot" instead of "." e.g. `el10dot3`.
Similarly - use "dash" instead of "-".

We do not need tags such as `fedoraall`.
The `fedora` tag implies that the role works on all supported versions of fedora.
Otherwise, use tags such as `fedora40` if the role only supports specific versions.

In addition - for roles that have different variable files for EL9, create
the corresponding EL10 files, and update the variables for EL10.

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2024-07-02 10:36:19 -06:00
Matt Willsher
0011d61c37
docs(changelog): version v0.24.0 [citest skip] (#292) 2024-06-21 11:55:43 +01:00
Matt Willsher
d4eae954c1
feat: Ubuntu noble (#290)
* feat: Add support for Ubuntu Nobel/24.04 LTS
* fix: Add missing PrintMotd to Ubuntu 22.04
* fix(tests): Various linting fixes

---------
Co-authored-by: Jakub Jelen <jjelen@redhat.com>
2024-06-21 09:12:02 +01:00
dependabot[bot]
7c76e9d6ce
build(deps): bump mathieudutour/github-tag-action from 6.1 to 6.2 (#283)
Bumps [mathieudutour/github-tag-action](https://github.com/mathieudutour/github-tag-action) from 6.1 to 6.2.
- [Release notes](https://github.com/mathieudutour/github-tag-action/releases)
- [Commits](https://github.com/mathieudutour/github-tag-action/compare/v6.1...v6.2)

---
updated-dependencies:
- dependency-name: mathieudutour/github-tag-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-31 07:51:38 +01:00
Richard Megginson
4ce8fb5669
Merge pull request #287 from richm/cl-20240409
docs(changelog): version v0.23.5 [citest skip]
2024-04-12 09:57:33 -06:00
Rich Megginson
83b2ba1cde docs(changelog): version v0.23.5 [citest skip]
Update changelog and .README.html for version v0.23.5

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2024-04-09 15:10:18 -06:00
Richard Megginson
72c22bce71
Merge pull request #286 from richm/cleanup-sshd2
test: ensure that sshd2 is completely stopped and removed
2024-04-09 13:57:08 -06:00
Rich Megginson
fd06cf7317 test: ensure that sshd2 is completely stopped and removed
Some of our test suites require sshd2 to be completely stopped
and removed, or subsequent tests will fail.

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2024-04-09 07:28:57 -06:00
Richard Megginson
2bcb52394a
Merge pull request #285 from richm/cl-20240405
docs(changelog): version v0.23.4 [citest skip]
2024-04-06 09:09:34 -06:00
Rich Megginson
28977ce4f6 docs(changelog): version v0.23.4 [citest skip]
Update changelog and .README.html for version v0.23.4

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2024-04-05 12:38:16 -06:00
Jakub Jelen
b4ad3db2f1 Test creation of separate drop-in directory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-04-05 09:29:10 +02:00
Jakub Jelen
c76e729d4c tests: Reproducer for sshd_config_file and main mismatch
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-04-05 09:29:10 +02:00
Jakub Jelen
e83cb52ded fix: Document and streamline the sshd_main_config_file
The option was introduced in 6bb0d7b456
without documentation and intended use. The recent change
f6ae2094fe propagated this option to the
generated service files, which is resulting in unexpected results, when
a user decided to set only `sshd_config_file` for the second sshd
service causing the service file points to the system-wide
configuration file.

This is an attempt to fix this by introducing some heuristics to guess
if the user wants to set up second drop-in directory (ending with .d)
or create a standalone configuration file.

Fixes: #280
2024-04-05 09:29:10 +02:00
Richard Megginson
683c07e633
Merge pull request #284 from spetrosi/new-ver
docs(changelog): version v0.23.3 [citest skip]
2024-04-03 14:22:55 -06:00
Sergei Petrosian
97012f72e6 docs(changelog): version v0.23.3 [citest skip]
Update changelog and .README.html for version v0.23.3

Signed-off-by: Sergei Petrosian <spetrosi@redhat.com>
2024-04-03 22:05:28 +02:00
dependabot[bot]
0f101af534 build(deps): bump ansible/ansible-lint from 6 to 24
Bumps [ansible/ansible-lint](https://github.com/ansible/ansible-lint) from 6 to 24.
- [Release notes](https://github.com/ansible/ansible-lint/releases)
- [Commits](https://github.com/ansible/ansible-lint/compare/v6...v24)

---
updated-dependencies:
- dependency-name: ansible/ansible-lint
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-15 12:16:15 +01:00
Richard Megginson
9a25700beb
Merge pull request #278 from richm/cl-20240219
docs(changelog): version v0.23.2 [citest skip]
2024-02-19 10:09:54 -07:00
Rich Megginson
97f9003b6c docs(changelog): version v0.23.2 [citest skip]
Update changelog and .README.html for version v0.23.2

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2024-02-19 10:00:36 -07:00
Jakub Jelen
ec0f975ce3 EL7 main service file requires mandatory environment file
note, that this is not the case for the instantiated, which is in sync
with everything else.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-02-15 16:57:48 +01:00
Jakub Jelen
237e8b4255 Workaround for CentOS7 reporting ansible_facts['service_mgr'] == 'sysvinit' in containers
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-02-15 16:57:48 +01:00
Richard Megginson
e119c3fd28
Merge pull request #277 from orlovmyk/main
README.md typo in config word
2024-02-13 10:36:15 -07:00
Mykyta Orlov
efb053839f README.md typo in config word 2024-02-13 19:19:17 +02:00
Richard Megginson
a0935af1df
Merge pull request #275 from willshersystems/dependabot/github_actions/actions/checkout-4
build(deps): bump actions/checkout from 3 to 4
2024-02-01 11:09:40 -07:00
dependabot[bot]
0fe1c5a1c4
build(deps): bump actions/checkout from 3 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-01 05:45:03 +00:00
Jakub Jelen
d48e898148
docs: Fix spelling issues + fix reported issues (#274)
* README: Fix double-the in documentation

* README: Consistently referer to the role name and not to repository name

* README: Improve wording

* Fix more typos

* ci: Add GH action to check for spelling mistakes
2024-01-29 17:55:43 +00:00
Richard Megginson
0dd0868627
version v0.23.1 (#273) 2024-01-26 05:22:45 +00:00
Richard Megginson
cb8c339a42
Merge pull request #267 from Jakuje/runtime
fix: Review and update service units and socket unit to include distribution defaults
2024-01-25 14:25:32 -07:00
Jakub Jelen
f59b40b5c9 tests: Verify generated services/socket units do not miss any important options
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-01-22 16:52:34 +01:00
Jakub Jelen
f6ae2094fe Update service/socket files to match main OS's defaults
Specifics:
 * Debian 12 has no longer the instantiated service using inet, see the
   following commit:

0dc73888bb

 * I am not matching the Description tag verbosely as I do not find it
   crucial for functionality.
 * We generate additional -f switch to the sshd CLI pointing go the main
   sshd config we manage
 * The Before=sshd.service in the socket is not generated as I find it
   unnecessary when we conflict the service.
 * Recent Ubuntu versions have RuntimeDirectoryPreserve option, which I
   set for all Ubuntu/Debian as it should not hurt.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-01-22 16:41:33 +01:00
Jakub Jelen
84e6a71509 Ubuntu 20 already supports drop-in directory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-01-22 16:41:33 +01:00
Jakub Jelen
cea077a704 tests: The new manual pages have different indentation
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-01-22 16:41:33 +01:00
Jakub Jelen
793cca4c97 ci: Add missing requirements
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-01-22 16:41:33 +01:00
Jakub Jelen
d3e3bdce5a Add whitespace around the filter symbol
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2024-01-22 16:41:33 +01:00
Richard Megginson
32b892c3e3
Merge pull request #272 from richm/ansible-lint-test-2.16
ci: Use supported ansible-lint action; run ansible-lint against the collection
2024-01-08 11:15:12 -07:00
Rich Megginson
a25523ddce ci: Use supported ansible-lint action; run ansible-lint against the collection
The old ansible-community ansible-lint is deprecated.  There is a
new ansible-lint github action.

The latest Ansible repo gating tests run ansible-lint against
the collection format instead of against individual roles.
We have to convert the role to collection format before running
ansible-test.

This also requires tox-lsr 3.2.1

Role developers can run this locally using
`tox -e collection,ansible-lint-collection`
See https://github.com/linux-system-roles/tox-lsr/pull/125

Fix ansible-lint and ansible-test issues reported by the
latest 2.16 versions.

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2024-01-08 10:56:53 -07:00
Richard Megginson
f1c1f524c2
Merge pull request #271 from richm/cl-20231129
docs(changelog): version v0.23.0 [citest skip]
2023-11-30 08:19:05 -07:00
Rich Megginson
9ede1638f9 docs(changelog): version v0.23.0 [citest skip]
Update changelog and .README.html for version v0.23.0

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-11-29 17:53:57 -07:00
Richard Megginson
195cb2ead6
Merge pull request #270 from richm/ostree
feat: support for ostree systems
2023-11-29 07:06:04 -07:00
Rich Megginson
4543f0c679 feat: support for ostree systems
Feature: Allow running and testing the role with ostree managed nodes.

Reason: We have users who want to use the role to manage ostree
systems.

Result: Users can use the role to manage ostree managed nodes.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-11-28 09:40:18 -07:00
Richard Megginson
e54fca52c7
Merge pull request #269 from richm/test-backup-restore-preserve-file-attrs
tests: Ensure backup/restore preserves file attributes
2023-11-20 07:40:11 -07:00
Rich Megginson
24c1915595 tests: Ensure backup/restore preserves file attributes
I noticed some test failures in tests that check ownership/permissions
of config files.  The tests were recently changed to reuse the same
VM, so I suspect config files were not being backed up/restored with
the correct file attributes.  Use `cp -a` to preserve all file
attributes.

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-11-17 08:28:26 -07:00
Jakub Jelen
350a0e562b
fix: Avoid creation of runtime directories in home (#265) 2023-10-30 13:27:37 +00:00
Matt Willsher
7d50893deb
docs(changelog): version v0.22.0 [citest skip] (#263)
Update changelog and .README.html for version v0.22.0

Signed-off-by: Matt Willsher <matt@monki.org.uk>
2023-10-18 11:18:51 +01:00
Matt Willsher
59ee0c9715
fix: Remove recursive loop created by symlink of entire role (#262) 2023-10-17 07:30:46 +01:00
Sergei Petrosian
9a3aa1adb9
docs(changelog): version v0.21.0 [citest skip] (#255) 2023-09-13 14:42:01 +01:00
EmyLIEUTAUD
0bc6d8f40b
feat: manage ssh certificates (#252)
* Role configured to accept SSH connection via SSH certificates
* Works with or without principals and ansible-lint updated
* add test for SSH certificates authentication with principals
* Add configuration to run tests for SSH certificates authentication with principals
* tasks to use SSH certificates grouped into one file
* Update README.md
2023-09-11 14:39:03 +01:00
Matt Willsher
d54f51f32a
Merge pull request #254 from willshersystems/dependabot/github_actions/actions/checkout-4
build(deps): bump actions/checkout from 3 to 4
2023-09-06 09:12:56 +01:00
dependabot[bot]
65cb76028f
build(deps): bump actions/checkout from 3 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 12:23:27 +00:00