Commit graph

493 commits

Author SHA1 Message Date
Jakub Jelen
509f987dfc README: Reword and clarify documentation
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
b1421c7d2d Refactor tasks to separate files based on the context
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
e9c8d55d5e README: Document the behavior of checking the Include directive
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
d39c6f7daf tests: Check include directive is added when missing
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
e1e820428d tests: Verify the main configuration file contains Include directive if needed
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
9c202bd60e Verify the Include is in main configuration file
... if drop-in file is modified

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
fef8b17c6d README: Update links to the CI results
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
2ba5bfee85 CI: Workaround for CentOS 6 2022-04-19 17:20:27 +02:00
Jakub Jelen
e24ff31d2a Ensure the ansible facts are available 2022-04-19 17:20:27 +02:00
Jakub Jelen
bd64ca7441 More portable way for sharing variables between role and tests 2022-04-19 17:20:27 +02:00
Jakub Jelen
c515ffdf94 Move the common variables to separate file 2022-04-19 17:20:27 +02:00
Jakub Jelen
bcbdf92182 Avoid unnecessary use of 'and' in 'when' conditions 2022-04-19 17:20:27 +02:00
Jakub Jelen
09b4214a51 Clarify the magic number 2022-04-19 17:20:27 +02:00
Jakub Jelen
c1d1cdfeac Reuse the list of skipped virtualization environments 2022-04-19 17:20:27 +02:00
Jakub Jelen
7e311e19a9 tests: Add whitespace
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
ff56d75a6e Update documentation with recent changes
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
860e533713 Introduce default hostkeys to check when using drop-in directory
Previously no hostkeys were checked if they were not present
in the generated configuration file. When the drop-in directory is
used, usually, there are no hostkeys in that file and no sanity
check for hostkeys was executed.

This amends the "auto" value for the hostkeys check to allow checking
for default hostkeys that are read by OpenSSH by default.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
9502c325ea tests: Add negative test for FIPS mode
This fixes also a typo that was overlooked previously

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
daa81ee84c Unbreak FIPS detection and hostkey filtering
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
09f2c6a999 Add another virtualization platform exception
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
57357b0be7 tests: Slurp the correct file when writing main config
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
17bc0cbb1b tests: Fix OS detection to match also CentOS 9
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
9345faa5a1 Set explicit path to the main configuration file to work well with the drop-in directory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
295f1930d4 Update templates to apply FIPS hostkeys filter
This fixes up the commit 7f69d1e6

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
4b6332aaae CI: Unbreak the ansible-lint action 2022-04-19 17:20:27 +02:00
Jakub Jelen
afcefb6442 CI: Squash Debian targets into single file and remove the :latest
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Jakub Jelen
2d7009c59a CI: Squash CentOS actions into signle file
* add CentOS 9
 * use better tasks names

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
Matt Willsher
59a3cb190f
Merge pull request #175 from Jakuje/runtime-directory 2022-01-21 09:31:09 +00:00
Jakub Jelen
fc998f21c2 Fix runtime directory check 2021-11-30 16:29:06 +01:00
Jakub Jelen
214df35c0b Do not try to execute requirements as a playbooks in CI 2021-11-16 15:05:22 +01:00
Jakub Jelen
67fee24ecb Address review comments (to be squashed) 2021-11-16 15:05:22 +01:00
Jakub Jelen
ee63bacdcd tests: Verify the default hostkeys can be excluded in FIPS mode
ignore failures to bind fips_enabled into /proc/sys/crypto as it looks
like this does not work in the Github Actions containers.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-16 15:05:22 +01:00
Jakub Jelen
7f69d1e69a Filter out Ed25519 keys from default in FIPS mode
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-16 15:05:22 +01:00
ColdPain
71eab116bd README: fix meta/make_option_lists link 2021-11-09 14:03:41 +01:00
Matt Willsher
57c54e5268
Merge pull request #171 from spetrosi/fix-ansible-managed 2021-09-23 07:36:07 +01:00
Sergei Petrosian
44a7d8fb20 Use {{ ansible_managed | comment }} to fix multi-line ansible_managed
BZ#2006230, BZ#2006231, BZ#2006233
2021-09-21 12:44:12 +02:00
Matt Willsher
b1fe667432
Merge pull request #164 from spetrosi/drop-ansible-2.8
Drop support for Ansible 2.8 by bumping the Ansible version to 2.9
2021-08-18 04:40:59 +01:00
Matt Willsher
8349916e52
Merge pull request #169 from Jakuje/rip-travis
Remove travis configuration and update readme with new badges
2021-08-18 04:32:53 +01:00
Jakub Jelen
d8b9ae4793 README: Replace travis icons with Github Actions 2021-08-17 15:51:53 +02:00
Jakub Jelen
1be967aac8 Remove unused travis configuration 2021-08-17 15:51:51 +02:00
Dominik Rimpf
961f10b710 FIX: indentation including tests 2021-08-17 15:50:36 +02:00
Dominik Rimpf
c6b89726ea FIX: syntax 2021-08-17 15:26:43 +02:00
L3D
00df9a1855 the bullseye check is using the "main" branch
The https://github.com/marketplace/actions/check-ansible-debian-bullseye is available at the "main" branch.
2021-08-17 15:26:43 +02:00
Dominik Rimpf
6b1b328de3 ADD: doc bullseye support & github workflow on bullseye 2021-08-17 15:26:43 +02:00
Dominik Rimpf
ca83655c2a ADD: bullseye support 2021-08-17 15:26:43 +02:00
Matt Willsher
1c5c48835e
Merge pull request #165 from Jakuje/centos6 2021-08-10 21:39:29 +01:00
Jakub Jelen
d9e1934a83 Add CentOS 6 to CI 2021-08-09 10:09:34 +02:00
Jakub Jelen
2e3b3c0581 tests: Skip the negative test in RHEL6
The ansible_failed_result is not available in old Ansible on RHEL6
2021-08-09 10:08:56 +02:00
Jakub Jelen
9326a46dd8 tests: Skip the OS defaults test on CentOS 6 too
The CentOS6/RHEL6 images have modified sshd_config from what is shipped
in rpm package
2021-08-09 10:08:22 +02:00
Jakub Jelen
f6d26d8781 tests: Skip service status check on RHEL6
the init system there can not just "check" the status
2021-08-09 10:07:52 +02:00