Imran Iqbal
37597e5b12
refactor(map): use top-level `values:` key in `map.jinja` dumps
* Semi-automated using https://github.com/myii/ssf-formula/pull/284
преди 4 години
semantic-release-bot
f941871f0b
chore(release): 2.0.5 [skip ci]
## [2.0.5](https://github.com/saltstack-formulas/openssh-formula/compare/v2.0.4...v2.0.5 ) (2020-12-22)
### Continuous Integration
* **commitlint:** ensure `upstream/master` uses main repo URL [skip ci] ([7af3bf2
](7af3bf255d
))
* **gitlab-ci:** add `rubocop` linter (with `allow_failure`) [skip ci] ([37b9f3a
](37b9f3ac09
))
* **gitlab-ci:** use GitLab CI as Travis CI replacement ([bccd5fd
](bccd5fd3d8
))
* **pre-commit:** add to formula [skip ci] ([4e13609
](4e13609b99
))
* **pre-commit:** enable/disable `rstcheck` as relevant [skip ci] ([094bef5
](094bef5406
))
* **pre-commit:** finalise `rstcheck` configuration [skip ci] ([75e843a
](75e843a7bd
))
### Tests
* **map:** standardise `map.jinja` verification ([2bab68f
](2bab68f5ff
))
преди 4 години
Imran Iqbal
a7d9ae2dc1
Merge pull request #193 from myii/test/compare-mapdata-using-yaml
test(map): standardise `map.jinja` verification
преди 4 години
Imran Iqbal
2bab68f5ff
test(map): standardise `map.jinja` verification
* Automated using https://github.com/myii/ssf-formula/pull/281
преди 4 години
Imran Iqbal
7af3bf255d
ci(commitlint): ensure `upstream/master` uses main repo URL [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/278
преди 4 години
Imran Iqbal
37b9f3ac09
ci(gitlab-ci): add `rubocop` linter (with `allow_failure`) [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/277
преди 4 години
Imran Iqbal
bccd5fd3d8
ci(gitlab-ci): use GitLab CI as Travis CI replacement
* Automated using https://github.com/myii/ssf-formula/pull/275
преди 4 години
Imran Iqbal
3f5dba1102
chore(gemfile+lock): update to latest gem versions (2020-W44) [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/274
преди 4 години
Imran Iqbal
97c2ebf8f3
chore(gemfile+lock): update to latest gem versions (2020-W43) [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/273
преди 4 години
Imran Iqbal
75e843a7bd
ci(pre-commit): finalise `rstcheck` configuration [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/267
преди 4 години
Dafydd Jones
340cc0abe7
chore(commitlint): add `{body,footer,header}-max(-line)-length` [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/265
преди 4 години
Imran Iqbal
4d49d24490
chore(gemfile+lock): update to latest gem versions (2020-W41) [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/263
преди 4 години
Imran Iqbal
094bef5406
ci(pre-commit): enable/disable `rstcheck` as relevant [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/262
преди 4 години
Dafydd Jones
4e13609b99
ci(pre-commit): add to formula [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/259
преди 4 години
semantic-release-bot
1c3a6b8ab8
chore(release): 2.0.4 [skip ci]
## [2.0.4](https://github.com/saltstack-formulas/openssh-formula/compare/v2.0.3...v2.0.4 ) (2020-09-27)
### Bug Fixes
* **pillar:** `tofs` must not be under `mine_functions` ([c0d5052
](c0d5052f6a
))
### Tests
* **inspec:** `_mapdata` files should have `tofs` configuration ([5e9033f
](5e9033f500
))
преди 4 години
Imran Iqbal
91bc8bebe4
Merge pull request #196 from baby-gnu/fix/tofs-pillars
fix(pillar): `tofs` must not be under `mine_functions`
преди 4 години
Daniel Dehennin
c0d5052f6a
fix(pillar): `tofs` must not be under `mine_functions`
The debug output of test jobs don't show the use of TOFS as it should
and the pillar.example show that `tofs` is under `mine_functions`
instead of `openssh`.
* pillar.example: move `tofs` under `openssh`.
* test/salt/pillar/default.sls: ditoo.
преди 4 години
Daniel Dehennin
5e9033f500
test(inspec): `_mapdata` files should have `tofs` configuration
преди 4 години
Imran Iqbal
9576b72eb2
chore(inspec): fix typo [skip ci]
* https://github.com/myii/ssf-formula/commit/839898aedb34
преди 4 години
semantic-release-bot
91d4b0d6ea
chore(release): 2.0.3 [skip ci]
## [2.0.3](https://github.com/saltstack-formulas/openssh-formula/compare/v2.0.2...v2.0.3 ) (2020-09-09)
### Continuous Integration
* **kitchen:** force the hostname of the containers ([208f873
](208f87380c
))
### Tests
* **inspec:** no more need to mangle mapdata for hostname ([8cb31c6
](8cb31c6967
))
* **share:** standardise structure ([15241d3
](15241d39c5
))
преди 4 години
Imran Iqbal
cf9abf5e5a
Merge pull request #195 from baby-gnu/ci/force-hostname
test(inspec): use static hostname in mapdata
преди 4 години
Imran Iqbal
15241d39c5
test(share): standardise structure
* Standardised using https://github.com/myii/ssf-formula/pull/251
преди 4 години
Daniel Dehennin
8cb31c6967
test(inspec): no more need to mangle mapdata for hostname
We force the hostname in `kitchen` so the `_mapdata` files can be
static.
преди 4 години
Daniel Dehennin
208f87380c
ci(kitchen): force the hostname of the containers
преди 4 години
semantic-release-bot
b49824b343
chore(release): 2.0.2 [skip ci]
## [2.0.2](https://github.com/saltstack-formulas/openssh-formula/compare/v2.0.1...v2.0.2 ) (2020-08-26)
### Tests
* **inspec:** display proper diff when `_mapdata` mismatch ([1c99556
](1c99556695
))
преди 4 години
Imran Iqbal
a472db6913
Merge pull request #192 from baby-gnu/test/mapdata-proper-inspec-diff
test(inspec): display proper diff when `_mapdata` mismatch
преди 4 години
Daniel Dehennin
1c99556695
test(inspec): display proper diff when `_mapdata` mismatch
The use of `eq` instead of `include` premits to have a nice diff after
the `expected/got` oneliners.
преди 4 години
semantic-release-bot
34a9c8f703
chore(release): 2.0.1 [skip ci]
## [2.0.1](https://github.com/saltstack-formulas/openssh-formula/compare/v2.0.0...v2.0.1 ) (2020-08-21)
### Bug Fixes
* **map:** `path_join` can be used only for local file access ([3845d5f
](3845d5ff61
))
преди 4 години
Javier Bértoli
27c527a172
Merge pull request #190 from baby-gnu/fix/no-path_join-for-salt-url
fix(map): `path_join` can be used only for local file access
преди 4 години
Daniel Dehennin
3845d5ff61
fix(map): `path_join` can be used only for local file access
On windows machines, the `path_join` build wrong URL by using
backslash as separator.
URL used for fileserver access must use only slashes `/`.
преди 4 години
semantic-release-bot
b32ec9819c
chore(release): 2.0.0 [skip ci]
# [2.0.0](https://github.com/saltstack-formulas/openssh-formula/compare/v1.3.1...v2.0.0 ) (2020-08-01)
### Features
* **map:** `config.get` lookups from configurable roots ([ad4385b
](ad4385b077
))
* **map:** update to v4 “map.jinja” ([df477b2
](df477b25c2
))
преди 4 години
Imran Iqbal
db67ce6f42
Merge pull request #186 from baby-gnu/feature/v4-map.jinja
feat(map): update to v4 and add config.get lookup from multiple roots
преди 4 години
Imran Iqbal
a0af21a996
chore: add breaking change message for new `map.jinja`
BREAKING CHANGE: `map.jinja` has been upgraded from using `pillar.get`
to `config.get`.
преди 4 години
Daniel Dehennin
ad4385b077
feat(map): `config.get` lookups from configurable roots
We avoid compatibility break with user pillars by looking up
configuration values using `config.get` in configurable roots.
We provide a new parameter `map_jinja:config_get_roots` in the formula
`parameters/defaults.yaml`to retrives values not only from
`tplroot=openssh` but from `sshd_config` and `ssh_config` too.
We need to update the `_mapdata` reference files to include the new
`map_jinja:config_get_roots`.
преди 4 години
Daniel Dehennin
df477b25c2
feat(map): update to v4 “map.jinja”
The `map.jinja` now exports a single variable called `mapdata`.
We extract the `openssh`, `sshd_config` and `ssh_config` from it to
minimize the changes to `.sls` files.
преди 4 години
semantic-release-bot
a8cd7370df
chore(release): 1.3.1 [skip ci]
## [1.3.1](https://github.com/saltstack-formulas/openssh-formula/compare/v1.3.0...v1.3.1 ) (2020-07-31)
### Bug Fixes
* **inspec:** use the name `_mapdata` everywhere for coherency ([14e843e
](14e843ec2b
))
преди 4 години
Imran Iqbal
94a12d86d9
Merge pull request #189 from baby-gnu/fix/rename-mapdata-test-directory
fix(inspec): use the name `_mapdata` everywhere for coherency
преди 4 години
Daniel Dehennin
14e843ec2b
fix(inspec): use the name `_mapdata` everywhere for coherency
преди 4 години
semantic-release-bot
9f3c2f2686
chore(release): 1.3.0 [skip ci]
# [1.3.0](https://github.com/saltstack-formulas/openssh-formula/compare/v1.2.2...v1.3.0 ) (2020-07-30)
### Continuous Integration
* **kitchen:** execute `_mapdata` state ([70389b5
](70389b5964
))
### Features
* **map:** generate a YAML file to validate `map.jinja` ([e4ab335
](e4ab335077
))
### Tests
* **inspec:** share library to access some minion informations ([a8d61f4
](a8d61f4307
))
* **inspec:** verify `map.jinja` dump ([0eafbd9
](0eafbd945c
))
преди 4 години
Imran Iqbal
5e2fa1a5e6
Merge pull request #187 from baby-gnu/ci/validate_map.jinja
Ci/validate map.jinja
преди 4 години
Daniel Dehennin
e4ab335077
feat(map): generate a YAML file to validate `map.jinja`
We provide a new `_mapdata` state which generate a
`/tmp/salt_mapdata_dump.yaml` to be validated by `Inspec`.
преди 4 години
Daniel Dehennin
70389b5964
ci(kitchen): execute `_mapdata` state
преди 4 години
Daniel Dehennin
0eafbd945c
test(inspec): verify `map.jinja` dump
We store validated `map.jinja` dump under the profile `files`
directory to access them with `inspec.profile.file('filename')` to
validate the content of the generated mapdata file.
The YAML files contain a value specific to each minion, its hostname,
so we use string format to expand `%{hostname}`.
The `default` inspec profile need to depends on `share` to access the
`system` and `salt_minion` libraries.
преди 4 години
Daniel Dehennin
a8d61f4307
test(inspec): share library to access some minion informations
The `system.hostname` return the result of either `hostname -s` or
`hostnamectl --static` depending of the availability of each command.
The `system.platform` return a hash with tweaked `inspec.platform`
values:
- `system.platform[:family]` provides a family name for Arch
- `system.platform[:name]` modify `amazon` to `amazonlinux`
- `system.platform[:release]` tweak for Arch and Amazon Linux:
- `Arch` is always `base-later`
- `Amazon Linux` release `2018` became `1`
- `system.platform[:finger]` is just the concatenation of the name and
the first release number (except for Ubuntu which gives `20.04` for
example)
преди 4 години
semantic-release-bot
6a882026d2
chore(release): 1.2.2 [skip ci]
## [1.2.2](https://github.com/saltstack-formulas/openssh-formula/compare/v1.2.1...v1.2.2 ) (2020-07-30)
### Bug Fixes
* **jinja:** omit_ip_address don't work on some platform ([b2d38ae
](b2d38aec9b
))
преди 4 години
Imran Iqbal
27afecb96a
Merge pull request #188 from baby-gnu/fix/omit-ip-address-on-older-platform
fix(jinja): omit_ip_address don't work on some platform
преди 4 години
Daniel Dehennin
b2d38aec9b
fix(jinja): omit_ip_address don't work on some platform
It apprears that the
`if not (omit_ip_address is sameas true or host in omit_ip_address)`
always returns `True` on older Jinja platforms:
- default-ubuntu-1604-3000-3-py2
- default-ubuntu-1604-2019-2-py3
- default-amazonlinux-1-2019-2-py2
Each part of the `or` conditional need to be surrounded by parenthesis.
преди 4 години
semantic-release-bot
156a8a2cd8
chore(release): 1.2.1 [skip ci]
## [1.2.1](https://github.com/saltstack-formulas/openssh-formula/compare/v1.2.0...v1.2.1 ) (2020-07-21)
### Bug Fixes
* **known_hosts:** dig package does not install on Arch ([0b667cb
](0b667cbcf5
))
### Continuous Integration
* **kitchen:** execute `openssh.known_hosts` state ([644e616
](644e61651d
))
### Tests
* **config_spec:** verify /etc/ssh/ssh_known_hosts ([06ef24b
](06ef24b8e1
))
преди 4 години
Imran Iqbal
9c8b77ca24
Merge pull request #185 from baby-gnu/feature/test-known_hosts
test(config_spec): verify the generation of /etc/ssh/ssh_known_hosts
преди 4 години
Daniel Dehennin
0b667cbcf5
fix(known_hosts): dig package does not install on Arch
The conditionnal on `ensure dig is available` does not work on Arch
since the `which` command does not exists. As the `pkg.installed`
state is idempotent, we don't need an extra check which depends on the
environment.
The `dig` utility is provided by `bind` on Arch and no more by
`bind-tools`.
преди 4 години