Commit graph

474 commits

Author SHA1 Message Date
Jakub Jelen
77d3163243 Workaround for https://github.com/ansible/ansible-lint/issues/2209
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-08-18 09:08:53 +02:00
Jakub Jelen
08285659ed Fix ansible-lint warnings
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-08-18 09:08:53 +02:00
Rich Megginson
67d2339f03 Ensure values are cast to correct type
https://github.com/willshersystems/ansible-sshd/issues/188
This shouldn't be necessary, but there seems no way to
guarantee using a version of Jinja which doesn't have this
problem.

In addition - it is not good practice to compare values to
`true` or `false` - instead, just ensure the value is a `bool`
type and evaluate in a boolean context.
2022-08-16 08:36:57 +02:00
Matt Willsher
9766d9097a
Merge pull request #196 from richm/add-RSAMinSize-2 2022-07-29 09:54:24 +01:00
Rich Megginson
1bc8395ea8 Add parameter RSAMinSize to Match blocks
This is a follow-on to https://github.com/willshersystems/ansible-sshd/pull/194
The previous PR added RSAMinSize as an option for the "body" of the
config file, but not for Match blocks.
2022-07-28 15:43:35 -06:00
Matt Willsher
9f3eb191ea
Merge pull request #194 from richm/add-RSAMinSize 2022-07-28 15:08:03 +01:00
Matt Willsher
841a6ef9e4
Merge pull request #193 from nhosoi/tag_release 2022-07-22 02:38:25 +01:00
Matt Willsher
30f03bbd8d
Merge pull request #192 from nhosoi/changelog 2022-07-22 02:37:00 +01:00
Rich Megginson
6c0ff316af add parameter RSAMinSize
Add support for the new RSAMinSize parameter.
2022-07-21 15:35:57 -06:00
Noriko Hosoi
65fe227276 Add changelog_to_tag.yml to .github/workflows
Description:
When a new changelog section is added to CHANGELOG.md and pushed,
changelog_to_tag.yml is triggered, which generates a new tag and
a new release.

Example of CHANGELOG.md changes:
  [v9.9.9] - 2022-12-31
  --------------------

  ### New features

  - New feature A

  ### Bug fixes

  - Bug fix B

Using this example, when the commit on CHANGELOG.md is pushed, a
new tag "v9.9.9" is added and Version v9.9.9 is released in github.
If tag "v9.9.9" already exists, the CHANGELOG.md push fails.

Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
2022-07-21 13:48:50 -07:00
Noriko Hosoi
0c22107a32 Add CHANGELOG.md
- Each changelog has 3 sections, "### New Features", "### Bug Fixes",
  and "Other Changes".
- If there is no items in a section, let it have "- none".
2022-07-07 13:15:28 -07:00
Matt Willsher
7349bd448e
Merge pull request #191 from richm/meta-29 2022-06-15 23:09:30 +01:00
Rich Megginson
4ca9e8f142 the role still supports 2.9 2022-06-14 07:40:52 -06:00
Jakub Jelen
61cce32ce6 tests: Do not be picky about spaces/tabs
When testing with cloud-init, it modifies the sshd_configuration and can
replace some tabs with whitespaces. This happens frequently around the
subsystem keyword. There are no functional changes, but the matching
did not work as expected.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-06-13 17:28:34 +02:00
Matt Willsher
e45987e3c7
Merge pull request #189 from willshersystems/docs-update 2022-06-06 10:19:26 +01:00
Matt Willsher
54e5b69d55 Fix various linting issues 2022-06-05 09:18:15 +01:00
Matt Willsher
8e39178751 Fix various linting issues 2022-06-05 09:03:05 +01:00
Matt Willsher
57c46b6587 Fix various linting issues 2022-06-05 09:00:47 +01:00
Matt Willsher
477daa032f Fix various linting issues 2022-06-05 08:57:58 +01:00
Matt Willsher
af7230cf29 Fix various linting issues 2022-06-05 08:54:56 +01:00
Matt Willsher
b9c5db54b6 Revert incorrect module name 2022-06-03 11:30:13 +01:00
Matt Willsher
90338a3f0a Fix various linting issues 2022-06-03 11:22:17 +01:00
Matt Willsher
dc350e600f
Addition notes about secondary variables 2022-06-02 12:38:25 +01:00
Matt Willsher
0f7b222e13
Merge pull request #187 from Jakuje/remove-kvm
Remove kvm from virtualization platforms, update dependency.
2022-06-02 12:21:03 +01:00
Jakub Jelen
97bd62a387 Remove kvm from skipped environments 2022-05-25 09:02:28 +02:00
Jakub Jelen
19cf7e9a3c CI: Revert back to upstream roles after the git issues are fixed 2022-05-19 09:49:42 +02:00
Jakub Jelen
753073f4d6 ci: Use the same workaround for unsafe directory in Fedora 2022-05-10 16:48:22 +02:00
Jakub Jelen
74026ba2f8 Add support for Ubuntu 22 with drop-in directory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
051f5666b2 Test solution for unsafe dir on latest ubuntu
https://github.com/roles-ansible/check-ansible-ubuntu-latest-action/pull/2
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
dd5f79e5f0 tests: Verify os defaults are used also if the drop-in directory exists
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
fe69a54f4e CI: Add older Ubuntu versions to CI too
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
509f987dfc README: Reword and clarify documentation
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
b1421c7d2d Refactor tasks to separate files based on the context
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
e9c8d55d5e README: Document the behavior of checking the Include directive
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
d39c6f7daf tests: Check include directive is added when missing
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
e1e820428d tests: Verify the main configuration file contains Include directive if needed
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
9c202bd60e Verify the Include is in main configuration file
... if drop-in file is modified

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
fef8b17c6d README: Update links to the CI results
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
2ba5bfee85 CI: Workaround for CentOS 6 2022-04-19 17:20:27 +02:00
Jakub Jelen
e24ff31d2a Ensure the ansible facts are available 2022-04-19 17:20:27 +02:00
Jakub Jelen
bd64ca7441 More portable way for sharing variables between role and tests 2022-04-19 17:20:27 +02:00
Jakub Jelen
c515ffdf94 Move the common variables to separate file 2022-04-19 17:20:27 +02:00
Jakub Jelen
bcbdf92182 Avoid unnecessary use of 'and' in 'when' conditions 2022-04-19 17:20:27 +02:00
Jakub Jelen
09b4214a51 Clarify the magic number 2022-04-19 17:20:27 +02:00
Jakub Jelen
c1d1cdfeac Reuse the list of skipped virtualization environments 2022-04-19 17:20:27 +02:00
Jakub Jelen
7e311e19a9 tests: Add whitespace
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
ff56d75a6e Update documentation with recent changes
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
860e533713 Introduce default hostkeys to check when using drop-in directory
Previously no hostkeys were checked if they were not present
in the generated configuration file. When the drop-in directory is
used, usually, there are no hostkeys in that file and no sanity
check for hostkeys was executed.

This amends the "auto" value for the hostkeys check to allow checking
for default hostkeys that are read by OpenSSH by default.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
9502c325ea tests: Add negative test for FIPS mode
This fixes also a typo that was overlooked previously

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
daa81ee84c Unbreak FIPS detection and hostkey filtering
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00