Commit graph

566 commits

Author SHA1 Message Date
Dominik Rimpf
70c913ed0e
feat: support for debian 12 2023-06-18 23:10:14 +02:00
Dominik Rimpf
4ba6ca1a80
fix: debian 11 defaults 2023-06-15 17:18:41 +02:00
Jakub Jelen
039aa32606 feat: Add missing configuration options available in Match block
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-06-15 15:56:48 +02:00
Jakub Jelen
484da0584b feat: Add new options from OpenSSH 9.3
This version is now available in Alpine.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-06-15 15:56:48 +02:00
Sergei Petrosian
1a7d995b96 ci: Add pull request template and run commitlint on PR title only
We now ensure the conventional commits format only on PR titles and not
on
commits to let developers keep commit messages targeted for other
developers
i.e. describe actual changes to code that users should not care about.
And PR titles, on the contrary, must be aimed at end users.

For more info, see
https://linux-system-roles.github.io/contribute.html#write-a-good-pr-title-and-description
2023-06-15 11:33:51 +02:00
Sergei Petrosian
9f26414a37 Move commitlint.config.js to hidden .commitlintrc.js 2023-06-15 11:33:51 +02:00
Dominik Rimpf
b7bf1ec02d chore: moved debian 7 (wheezy) config to explicit file 2023-06-15 11:32:48 +02:00
Stefan Weber
0aea603673 separate failing test for Fedora / RHEL
due to difference in
Subsystem sftp /usr/libexec/openssh/sftp-server (RHEL)
Subsystem sftp /usr/libexec/sftp-server (Fedora)
2023-05-04 16:21:56 +02:00
Stefan Weber
742a88e3c6 fix subsystem test for RHEL > 8 2023-05-04 16:21:56 +02:00
Stefan Weber
75760559a8 proper Subsystem sftp default
(same for RHEL6/7/8)
2023-05-04 16:21:56 +02:00
Richard Megginson
9a6ad4e5f8
Merge pull request #234 from richm/cl-20230427
docs(changelog): version v0.19.0
2023-04-28 07:49:13 -06:00
Rich Megginson
b1ec052b39 docs(changelog): version v0.19.0
changelog for release v0.19.0
2023-04-27 19:11:51 -06:00
Matt Willsher
4c629407d7
Merge pull request #233 from richm/firewall-platform-support 2023-04-27 08:33:54 +01:00
Matt Willsher
f4336527fa
Merge pull request #231 from spetrosi/commitlint-gh-action 2023-04-27 08:33:32 +01:00
Rich Megginson
a2921b9dc1 test: skip selinux or firewall role test where not supported
Do not test with selinux or firewall if the platform does not support
those roles.
2023-04-26 16:11:18 -06:00
Richard Megginson
a36faf9309
Merge pull request #232 from richm/check_fingerprint
test: check generated files for ansible_managed, fingerprint
2023-04-26 10:01:31 -06:00
Rich Megginson
c5c519f73b test: check generated files for ansible_managed, fingerprint
Add the following files: tests/tasks/check_header.yml and
tests/templates/get_ansible_managed.j2.
Use check_header.yml to check generated files for the ansible_managed
and fingerprint headers.
check_header.yml takes these parameters.  `fingerprint` is required,
and one of `__file` or `__file_content`:

* `__file` - the full path of the file to check e.g. `/etc/realmd.conf`
* `__file_content` - the output of `slurp` of the file
* `__fingerprint` - required - the fingerprint string `system_role:$ROLENAME` e.g.
  `__fingerprint: "system_role:postfix"`
* `__comment_type` - optional, default `plain` - the type of comments used

e.g. `__comment_type: c` for C/C++-style comments.  `plain` uses `#`.
See https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_filters.html#adding-comments-to-files
for the different types of comment styles supported.

Example:
```
- name: Check generated files for ansible_managed, fingerprint
  include_tasks: tasks/check_header.yml
  vars:
    __file: /etc/myfile.conf
    __fingerprint: "system_role:my_role"
```

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-04-26 07:52:03 -06:00
Sergei Petrosian
3f17eeaf61 ci: Add commitlint GitHub action to ensure conventional commits
linux-system-roles move to using the conventional commits format to
automate collecting changelog and release notes, and automate
identifying version of releases.

For more information, see
- General conventional commits specs in
https://www.conventionalcommits.org/en/v1.0.0/,
- Conventional Commits format in system roles' Contribute
https://linux-system-roles.github.io/contribute.html#conventional-commits-format
2023-04-26 12:05:04 +02:00
Jakub Jelen
2e3e4a29b5 ci: Drop testing on Debian stretch (9)
This version is EOL since last year and various failures happen.

Fixes: #228
2023-04-26 10:09:06 +02:00
Matt Willsher
638e76cf64
Merge pull request #229 from Jakuje/indent
Make sure the list options are correctly indented
2023-04-19 19:52:05 +01:00
Jakub Jelen
a3065d070c Make sure the list options are correctly indented
Inspired by similar issue reported and fixed in ssh client role
https://github.com/linux-system-roles/ssh/pull/80/

This wont work in RHEL6 (not allowed AcceptEnv in match blocks) so just
skip it here.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-04-14 19:01:19 +02:00
Richard Megginson
ebf18bd8cd
Merge pull request #227 from richm/bsd
BSD: define __sshd_packages
2023-04-14 07:33:42 -06:00
Richard Megginson
6ede6a2c7b
Merge pull request #225 from willshersystems/dependabot/github_actions/mathieudutour/github-tag-action-6.1
Bump mathieudutour/github-tag-action from 6.0 to 6.1
2023-04-14 07:33:24 -06:00
Rich Megginson
1d689ed992 BSD: define __sshd_packages 2023-04-13 16:32:37 -06:00
Matt Willsher
e84617d70e
Merge pull request #224 from willshersystems/dependabot/github_actions/actions/checkout-3 2023-04-12 12:59:21 +01:00
dependabot[bot]
c165ae5c61
Bump mathieudutour/github-tag-action from 6.0 to 6.1
Bumps [mathieudutour/github-tag-action](https://github.com/mathieudutour/github-tag-action) from 6.0 to 6.1.
- [Release notes](https://github.com/mathieudutour/github-tag-action/releases)
- [Commits](https://github.com/mathieudutour/github-tag-action/compare/v6.0...v6.1)

---
updated-dependencies:
- dependency-name: mathieudutour/github-tag-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-11 15:35:48 +00:00
dependabot[bot]
54466f823e
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-11 15:35:44 +00:00
Richard Megginson
aa17300eb3
Merge pull request #223 from richm/dependabot
add dependabot check for github action updates
2023-04-11 09:35:18 -06:00
Rich Megginson
e66f115631 add dependabot check for github action updates 2023-04-11 08:58:16 -06:00
Richard Megginson
511527c889
Merge pull request #222 from richm/more-ansible-lint
ansible-lint - align with current Ansible recommendations
2023-04-11 08:56:25 -06:00
Rich Megginson
4ea9b1cc16 fix typo 2023-04-11 08:41:49 -06:00
Rich Megginson
95bbdf3e4f more github action fixes 2023-04-10 15:07:38 -06:00
Rich Megginson
53e649f227 fix github action 2023-04-10 14:48:29 -06:00
Rich Megginson
b29e05f24d fix pipefail setting 2023-04-10 14:29:38 -06:00
Rich Megginson
70808e97fc ansible-lint - align with current Ansible recommendations
Use `true/false` instead of `yes/no`
Ensure use of FQCN for builtin modules
Use correct spacing in Jinja expressions
All tasks and plays must have a `name`, and the `name` string must begin with an uppercase letter
Use `ansible.posix.mount` instead of `ansible.builtin.mount`
Use `set -o pipefail` with `shell` module where supported by the platform shell

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-04-10 14:21:30 -06:00
Matt Willsher
11eb7590e9
Merge pull request #221 from richm/v0.18.2 2023-04-07 08:59:56 +00:00
Rich Megginson
01b5325438 v0.18.2 2023-04-06 14:28:24 -06:00
Matt Willsher
a32e494924
Merge pull request #218 from nhosoi/fingerprint 2023-03-29 20:06:21 +00:00
Noriko Hosoi
3bc81d9f97 Fingerprint ansible-sshd managed config files
- Add repo and role name to the generated config files.
  # willshersystems:ansible-sshd

Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
2023-03-29 10:30:06 -07:00
Jakub Jelen
806bab7720 Fedora 38 has no longer non-standard hostkey permissions
The Fedora commit introducing this change (now in Rawhide/Fedora 38
only):

7a21555354

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-03-02 09:49:01 +01:00
Jakub Jelen
5c1f645e08 release 0.18.1
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-01-18 13:22:22 +01:00
Noriko Hosoi
bcc3c75c19 Add check for non-inclusive language
Add a check for usage of terms and language that is considered
non-inclusive. We are using the woke tool for this with a wordlist
that can be found at
https://github.com/linux-system-roles/tox-lsr/blob/main/src/tox_lsr/config_files/woke.yml

Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
2023-01-17 09:36:43 +01:00
Noriko Hosoi
d67c562142 Clean up / Workaround non-inclusive words
- CHANGELOG.md
- tests/tests_include_present.yml
2023-01-17 09:36:43 +01:00
Jakub Jelen
bcd15cab9d Add the alpine also to the README and galaxy metadata 2023-01-16 15:10:28 +01:00
Jakub Jelen
54b39a2de1 Run CI also on Alpine 2023-01-16 15:10:28 +01:00
Jakub Jelen
252deda7c4 tests: Use configuration option that is not in defaults 2023-01-16 15:10:28 +01:00
Jakub Jelen
317700c72e vars: Update defaults based on alpine:latest 2023-01-16 15:10:28 +01:00
Jakub Jelen
e63d6f9e99 tests: Filter out backspace characters from manual pages in alpine 2023-01-16 15:10:28 +01:00
Jakub Jelen
2e2ab311a6 tests: Whitespace cleanup 2023-01-16 15:10:28 +01:00
Jakub Jelen
c57e15668f tests: Different test requirements for alpine 2023-01-16 15:10:28 +01:00