Imran Iqbal
93853b643f
ci(workflows/commitlint): add to repo [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/172
4 jaren geleden
Imran Iqbal
24e115cacb
ci(kitchen+travis): remove `master-py2-arch-base-latest` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/167
4 jaren geleden
Imran Iqbal
7a964e4738
ci(gemfile.lock): add to repo with updated `Gemfile` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/163
4 jaren geleden
semantic-release-bot
ad932260f0
chore(release): 1.0.0 [skip ci]
# [1.0.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.10.1...v1.0.0 ) (2020-04-18)
### Bug Fixes
* do not error on unknown os_family grain ([94d2b0b
](94d2b0b97c
))
### Code Refactoring
* split default maps into separate files ([afcf5e7
](afcf5e7700
))
### Tests
* **yaml_dump_spec:** update after splitting `map.jinja` ([d1f7a37
](d1f7a37171
))
### BREAKING CHANGES
* `map.jinja` has been upgraded from using `pillar.get`
to `config.get`.
4 jaren geleden
Imran Iqbal
fdd3dfbc62
Merge pull request #41 from Sxderp/pr-fix-unknown-os-family
fix: do not error on unknown os_family grain
4 jaren geleden
Imran Iqbal
d1f7a37171
test(yaml_dump_spec): update after splitting `map.jinja`
4 jaren geleden
Steven Daniele
afcf5e7700
refactor: split default maps into separate files
While the default maps are mostly empty this sets the groundwork for
distribution specific defaults. The layout is based on the formula
template.
BREAKING CHANGE: `map.jinja` has been upgraded from using `pillar.get`
to `config.get`.
4 jaren geleden
Steven Daniele
94d2b0b97c
fix: do not error on unknown os_family grain
If the formula was ran on a system that reported an os_family that
wasn't one of "Debian", "RedHat", "Arch", "Suse" then the map.jinja
template would fail to render with "'NoneType' is not iterable.
This occurs because grains.filter_by will return None when it fails
match the grain to the input dictionary. The value is then blindly
passed into a dict.update() which causes the failure.
In this patch we ensure that the default values, as defined in
defaults.yaml, are always applied when grain matching fails.
4 jaren geleden
semantic-release-bot
80587f9671
chore(release): 0.10.1 [skip ci]
## [0.10.1](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.10.0...v0.10.1 ) (2020-04-18)
### Tests
* verify map output using `yaml_dump` ([69df9a6
](69df9a62d6
))
4 jaren geleden
Imran Iqbal
51873948c2
Merge pull request #42 from myii/test/verify-yaml_dump
test: verify map output using `yaml_dump`
4 jaren geleden
Imran Iqbal
69df9a62d6
test: verify map output using `yaml_dump`
* Semi-automated using https://github.com/myii/ssf-formula/pull/159
4 jaren geleden
Imran Iqbal
95e26621f9
chore(rubocop): use org-wide standard settings for `Metrics/BlockLength` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/158
4 jaren geleden
semantic-release-bot
6ced9d9cfa
chore(release): 0.10.0 [skip ci]
# [0.10.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.9.0...v0.10.0 ) (2020-04-02)
### Bug Fixes
* **zone.xml:** adjust whitespacing to pass tests & macro at top of file ([d8f0f47
](d8f0f47a54
))
### Features
* allow rich_rules to be specified as a dict ([cd4cec0
](cd4cec0089
))
### Styles
* **zone.xml:** remove all trailing whitespaces ([204efe5
](204efe5fc7
))
### Tests
* **zones_spec:** check content of rendered zone files ([6ebfc6f
](6ebfc6f20c
))
4 jaren geleden
Imran Iqbal
5c135df025
Merge pull request #40 from Sxderp/pr-add-dictionary-rich-rules2
Allow rich_rules to be specified as a dictionary
4 jaren geleden
Imran Iqbal
c69fd6bf04
chore(rubocop): relax `Metrics/BlockLength` for new tests
* Checked using https://github.com/myii/ssf-formula/pull/145
4 jaren geleden
Imran Iqbal
204efe5fc7
style(zone.xml): remove all trailing whitespaces
4 jaren geleden
Imran Iqbal
d8f0f47a54
fix(zone.xml): adjust whitespacing to pass tests & macro at top of file
4 jaren geleden
Imran Iqbal
6ebfc6f20c
test(zones_spec): check content of rendered zone files
4 jaren geleden
Steven Daniele
cd4cec0089
feat: allow rich_rules to be specified as a dict
When specifying rich rules as a dictionary ipsets and services can be
specified as lists. They will be expanded out by the jinja template into
individual rich rules for the parent zone.
4 jaren geleden
Imran Iqbal
cf21ccab97
chore(gitignore): update from the `template-formula` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/132
4 jaren geleden
Imran Iqbal
d02f890fb4
chore(rubocop): move `LineLength` cop from `Metrics` to `Layout` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/129
4 jaren geleden
semantic-release-bot
91362086a8
chore(release): 0.9.0 [skip ci]
# [0.9.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.8.0...v0.9.0 ) (2020-02-12)
### Features
* **zone.xml:** allow more services definition inside zone ([8d0172f
](8d0172f5c7
))
4 jaren geleden
Imran Iqbal
0d0f191449
Merge pull request #36 from miska/master
Allow more services definition inside zone
4 jaren geleden
semantic-release-bot
7ff891796a
chore(release): 0.8.0 [skip ci]
# [0.8.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.7.0...v0.8.0 ) (2020-02-12)
### Continuous Integration
* workaround issues with newly introduced `amazonlinux-1` [skip ci] ([ace3433
](ace343353d
))
* workaround issues with newly introduced `amazonlinux-1` [skip ci] ([b5a95f3
](b5a95f35ab
))
* **gemfile:** restrict `train` gem version until upstream fix [skip ci] ([908f5df
](908f5df86c
))
* **kitchen:** avoid using bootstrap for `master` instances [skip ci] ([0b82e43
](0b82e43a15
))
* **travis:** apply changes from build config validation [skip ci] ([6e1b876
](6e1b876298
))
* **travis:** opt-in to `dpl v2` to complete build config validation [skip ci] ([70dc9aa
](70dc9aa3b4
))
* **travis:** quote pathspecs used with `git ls-files` [skip ci] ([97afbb1
](97afbb1575
))
* **travis:** run `shellcheck` during lint job [skip ci] ([d8bede7
](d8bede7082
))
* **travis:** use `major.minor` for `semantic-release` version [skip ci] ([b96cc56
](b96cc569fe
))
* **travis:** use build config validation (beta) [skip ci] ([07e7900
](07e79001cd
))
### Features
* standardize license and hand over to saltstack formulas ([20cb8a6
](20cb8a60d3
))
4 jaren geleden
David Bezuidenhout
20cb8a60d3
feat: standardize license and hand over to saltstack formulas
4 jaren geleden
Imran Iqbal
ebd46bea31
Merge branch '20200212142439' into upstream
4 jaren geleden
Imran Iqbal
ace343353d
ci: workaround issues with newly introduced `amazonlinux-1` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/127
4 jaren geleden
Imran Iqbal
b5a95f35ab
ci: workaround issues with newly introduced `amazonlinux-1` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/127
4 jaren geleden
Michal Hrusecky
8d0172f5c7
feat(zone.xml): allow more services definition inside zone
Now multiple sections ending with `services` can be defined for each in pillar
and all of them will get merged into one service block in the zone. The goal is
to keep backward compatibility while allowing different services to be defined
in different pillars. So basically have various parts of the pillar affecting
the firewall without need to define everything centrally. Helpful for the
exceptions to the rules.
4 jaren geleden
Imran Iqbal
0b82e43a15
ci(kitchen): avoid using bootstrap for `master` instances [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/124
4 jaren geleden
Imran Iqbal
b96cc569fe
ci(travis): use `major.minor` for `semantic-release` version [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/112
5 jaren geleden
Imran Iqbal
908f5df86c
ci(gemfile): restrict `train` gem version until upstream fix [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/110
5 jaren geleden
Imran Iqbal
97afbb1575
ci(travis): quote pathspecs used with `git ls-files` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/107
5 jaren geleden
Imran Iqbal
d8bede7082
ci(travis): run `shellcheck` during lint job [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/106
5 jaren geleden
Imran Iqbal
70dc9aa3b4
ci(travis): opt-in to `dpl v2` to complete build config validation [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/100
5 jaren geleden
Imran Iqbal
6e1b876298
ci(travis): apply changes from build config validation [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/98
5 jaren geleden
Imran Iqbal
07e79001cd
ci(travis): use build config validation (beta) [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/97
5 jaren geleden
semantic-release-bot
dc8a9df3b8
chore(release): 0.7.0 [skip ci]
# [0.7.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.6.2...v0.7.0 ) (2019-11-09)
### Bug Fixes
* **map.jinja:** fix `salt-lint` errors ([de4e191
](de4e1915fb
))
* **rubocop:** add fixes using `rubocop --safe-auto-correct` ([8136b75
](8136b75fa0
))
* **yamllint:** fix all errors ([0f808d6
](0f808d6afb
))
### Documentation
* **readme:** modify according to standard structure ([3df11fc
](3df11fc75c
))
* **readme:** move to `docs/` directory ([d47265f
](d47265f974
))
### Features
* **semantic-release:** implement for this formula ([c5f114d
](c5f114d886
))
5 jaren geleden
Niels Abspoel
cf901ef465
Merge pull request #33 from myii/feat/implement-semantic-release
feat(semantic-release): implement for this formula
5 jaren geleden
Imran Iqbal
3df11fc75c
docs(readme): modify according to standard structure
5 jaren geleden
Imran Iqbal
d47265f974
docs(readme): move to `docs/` directory
5 jaren geleden
Imran Iqbal
8136b75fa0
fix(rubocop): add fixes using `rubocop --safe-auto-correct`
5 jaren geleden
Imran Iqbal
0f808d6afb
fix(yamllint): fix all errors
```bash
firewalld-formula$ yamllint -s .
./pillar.example
2:1 warning missing document start "---" (document-start)
3:12 warning truthy value should be one of [false, true] (truthy)
12:13 warning truthy value should be one of [false, true] (truthy)
15:89 error line too long (108 > 88 characters) (line-length)
19:13 warning truthy value should be one of [false, true] (truthy)
30:89 error line too long (363 > 88 characters) (line-length)
96:89 error line too long (170 > 88 characters) (line-length)
108:15 error wrong indentation: expected 12 but found 14 (indentation)
115:13 error empty value in block mapping (empty-values)
116:2 error syntax error: found character '%' that cannot start any token
152:89 error line too long (112 > 88 characters) (line-length)
./firewalld/defaults.yaml
3:1 warning missing document start "---" (document-start)
```
5 jaren geleden
Imran Iqbal
de4e1915fb
fix(map.jinja): fix `salt-lint` errors
```bash
Examining firewalld/map.jinja of type state
[209] Jinja comment should have spaces before and after: {# comment #}
firewalld/map.jinja:4
{## Start with defaults from defaults.yaml ##}
[209] Jinja comment should have spaces before and after: {# comment #}
firewalld/map.jinja:7
{##
[201] Trailing whitespace
firewalld/map.jinja:16
}, grain='os_family', merge=salt['pillar.get']('firewalld:lookup'))
[209] Jinja comment should have spaces before and after: {# comment #}
firewalld/map.jinja:19
{## Merge the flavor_map to the default settings ##}
[209] Jinja comment should have spaces before and after: {# comment #}
firewalld/map.jinja:22
{## Merge in salt:lookup pillar ##}
```
5 jaren geleden
Imran Iqbal
c5f114d886
feat(semantic-release): implement for this formula
* Automated using https://github.com/myii/ssf-formula/pull/95
5 jaren geleden
Imran Iqbal
db9597e398
Merge pull request #32 from Sxderp/pr-remove-unexpected-icmp-block-attribtue
Remove name attribute in icmp-block-inversion
5 jaren geleden
Steven Daniele
12b696a8fe
Remove name attribute in icmp-block-inversion
Firewalld does not parse the name attribute.
Log message:
firewalld[1999]: ERROR: Failed to load zone file 'public.xml':
PARSE_ERROR: icmp-block-inversion: Unexpected attribute name
5 jaren geleden
Imran Iqbal
9646ead4b4
Merge pull request #31 from Sxderp/pr-fix-block-inversion-key-name
Fix typo in icmp block inversion key name
5 jaren geleden
Steven Daniele
64825e20ab
Fix typo in icmp block inversion key name
5 jaren geleden
Niels Abspoel
ae1f2453d3
add updated firewalld.conf from 0.7.1
5 jaren geleden