ansible module update firewalld #91
Conversation
Signed-off-by: Aaron Lippold <[email protected]>
Signed-off-by: GitHub <[email protected]>
Signed-off-by: GitHub <[email protected]>
Signed-off-by: Aaron Lippold <[email protected]>
Signed-off-by: GitHub <[email protected]>
Signed-off-by: Aaron Lippold <[email protected]>
minimized the .ansible-lint showing warnings as needed Signed-off-by: Aaron Lippold <[email protected]>
Signed-off-by: GitHub <[email protected]>
fixed the posix collection issue in meta/main.yml removed uneeded references to the collection Signed-off-by: Aaron Lippold <[email protected]>
Signed-off-by: GitHub <[email protected]>
Signed-off-by: GitHub <[email protected]>
Signed-off-by: Aaron Lippold <[email protected]>
Signed-off-by: Aaron Lippold <[email protected]>
Signed-off-by: Aaron Lippold <[email protected]>
added env vars for colorized output Signed-off-by: Aaron Lippold <[email protected]>
|
This PR address a variety of issues - in truth PR creep - which started with the ansible 2.10.x transition to collections. On inspection, we also noticed that Travis builds were having linting issues, updates to ansible-lint were causing semi-random failures. We migrated the build process over to GitHub Actions since it's free now and it was easier to get molecule stable there. The separateAnsible Lint' workflow could be removed as I have it stable in the molecule process. Lastly, we migrated the Playbook to point generally to the new POSIX collection in the meta area and updated the meta main file to follow the new Galaxy standards in the galaxy docs. |
|
If you would like to see the GH Actions results - not sure why they are not triggering here - you can see the passing results here: https://github.com/yarick/Ubuntu1804-CIS/actions |
|
todo #93 |
| @@ -5,7 +5,7 @@ driver: | |||
| name: docker | |||
| lint: | | |||
| set -e | |||
| ansible-lint | |||
| ansible-lint -c .ansible-lint | |||
There was a problem hiding this comment.
one of these may be enough
| provisioner: | ||
| name: ansible | ||
| lint: | ||
| name: ansible-lint | ||
| name: ansible-lint -c .ansible-lint |
|
can't see anything related to firewalld |
|
The issue with firewalld is addressed in the meta/main.yml. Link to the file below.
This allows ansible to resolve the module given the new collection pattern.
…On Sun, Mar 7, 2021, 1:52 PM Florian Utz ***@***.***> wrote:
Closed #91 <#91>.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#91 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALK42D3VWXYMW5S67VPT63TCPDNVANCNFSM4YHOMIQQ>
.
|
|
I'm on my phone at the moment. Once I get back to my computer I will send
you the links to where you needed to change the scope so that you can load
the firewalld module
…On Sun, Mar 7, 2021, 5:28 PM Aaron Lippold ***@***.***> wrote:
I open this issue too connect to a pull request I submitted
On Sun, Mar 7, 2021, 1:52 PM Florian Utz ***@***.***> wrote:
> Closed #91 <#91>.
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#91 (comment)>,
> or unsubscribe
> <
https://github.com/notifications/unsubscribe-auth/AALK42D3VWXYMW5S67VPT63TCPDNVANCNFSM4YHOMIQQ
>
> .
>
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#91 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALK42CPVSRGM46TWEDAPWTTCP4XJANCNFSM4YHOMIQQ>
.
|
|
https://github.com/yarick/Ubuntu1804-CIS/blob/879dc5d125e99fc2e455223950344d3dff912b31/meta/main.yml#L24-L25 is the specific line that addresses the posix collection ( as of ansible 2.10.x ) firewalld module issue - as described here - https://groups.google.com/g/ansible-project/c/eXsoOKEd0Mk/m/XTgbnPWbCAAJ?pli=1 |
See the comments below. Does that clear up the question? The firewalld module was moved into the postfix collection |
|
Hi Aaron, I will check it again. Why did you also remove my CI/CD? |
|
@yarick and @aaronlippold sorry for my confusing. I understand the things now. Can you tell me why you have selected the versions ansible==2.7 ansible-lint==4.2.0 ? |
|
These were the versions you documented in your supports on your read me |
|
I also replaced the CICD given that a separate service is not required now that github actions are free for any public repos. This seems like a more integrated solution, and it seems to be much simpler. |
|
thank you for your comments. I have no experience with the github actions but we should give it a try :) I will merge the change and be happy to get more contributions if there is something to improve |
|
Hi,
I am happy to do a quick zoom with you as - truth be told - the MITRE SAF
will likely use your CIS hardening as great source of community guidance
along with our InSpec validation profiles.
I hope this becomes an ongoing partnership which we can both help the
community.
Have a great weekend.
Yours,
--------
Aaron Lippold
***@***.***
260-255-4779
twitter/aim/yahoo,etc.
'aaronlippold'
…On Sun, Mar 14, 2021 at 1:43 PM Florian Utz ***@***.***> wrote:
Merged #91 <#91> into
master.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#91 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALK42FV4N5LL6ZDNKPGVRDTDTYV5ANCNFSM4YHOMIQQ>
.
|
Ansible fails to locate the firewalld module/plugin due to the restructuring of the Ansible Modules by moving them into collections.
https://groups.google.com/g/ansible-project/c/eXsoOKEd0Mk/m/XTgbnPWbCAAJ?pli=1