August issues #406
Merged
August issues #406
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Removed duplicate 2.2.17 Signed-off-by: George Nalen <[email protected]>
Release v1.0.3 Updates Signed-off-by: George Nalen <[email protected]>
Devel to main Signed-off-by: George Nalen <[email protected]>
New Benchmark updates and issue fixes Signed-off-by: George Nalen <[email protected]>
Benchmarks 2.0.0 and other updates
Merge devel to main
Devel to main release March 23
Release to main
March interim updates
Galaxy compliance
Devel to main release
devel to main release
workflow pipeline run through devel-main
main release
Main Release
Final V2.0.0 release to main
* initial v3.0.0 Signed-off-by: Mark Bolwell <[email protected]> * updated Signed-off-by: Mark Bolwell <[email protected]> * removed old conflict line Signed-off-by: Mark Bolwell <[email protected]> * tidy up warning on 432 Signed-off-by: Mark Bolwell <[email protected]> * tidy up ec2_checks Signed-off-by: Mark Bolwell <[email protected]> * updated warning on line 435 Signed-off-by: Mark Bolwell <[email protected]> * updated prelim and typos Signed-off-by: Mark Bolwell <[email protected]> * [pre-commit.ci] pre-commit autoupdate updates: - [github.com/ansible-community/ansible-lint: v24.2.0 → v24.2.1](ansible/ansible-lint@v24.2.0...v24.2.1) * March 24 updates (#356) * added conditional to user password check #354 thanks to @bbaassssiiee Signed-off-by: Mark Bolwell <[email protected]> * updated logic to check root passwd locked Signed-off-by: Mark Bolwell <[email protected]> * Updated Signed-off-by: Mark Bolwell <[email protected]> * lint and audit order change Signed-off-by: Mark Bolwell <[email protected]> * updated for documentation format Signed-off-by: Mark Bolwell <[email protected]> --------- Signed-off-by: Mark Bolwell <[email protected]> * Allow for a local site policy for the openSSH server. (#358) If changes to the system-wide crypto policy are required to meet local site policy for the openSSH server, these changes should be done with a sub-policy assigned to the system-wide crypto policy. The role defaults can be overridden by the user's vars. The user should implement a .pmod file, and add its basename to `rhel8cis_allowed_crypto_policies_modules`. The role vars are harder to change due to the 21 priority levels of Ansible. Signed-off-by: Bas Meijer <[email protected]> * Issues March24 (#366) * #359 addressed thanks to @bbaassssiiee Signed-off-by: Mark Bolwell <[email protected]> * sysctl matches requirement & handler added Signed-off-by: Mark Bolwell <[email protected]> * container updated and cautions updated Signed-off-by: Mark Bolwell <[email protected]> * issues #360 addressed thanks to @bbaassssiiee Signed-off-by: Mark Bolwell <[email protected]> * updated Signed-off-by: Mark Bolwell <[email protected]> * Added #361 ensure local interface on 3.4.2.2 Signed-off-by: Mark Bolwell <[email protected]> * issue #363 addressed Signed-off-by: Mark Bolwell <[email protected]> * variable naming and lint Signed-off-by: Mark Bolwell <[email protected]> * variable naming and lint Signed-off-by: Mark Bolwell <[email protected]> * updated handler Signed-off-by: Mark Bolwell <[email protected]> * variable naming and lint updates Signed-off-by: Mark Bolwell <[email protected]> * updated Signed-off-by: Mark Bolwell <[email protected]> * fix issues with pam_unix Signed-off-by: Mark Bolwell <[email protected]> * added extra options Signed-off-by: Mark Bolwell <[email protected]> * issue #365 addressed Signed-off-by: Mark Bolwell <[email protected]> * fixed commenting alternate file Signed-off-by: Mark Bolwell <[email protected]> * updated var name to discovered Signed-off-by: Mark Bolwell <[email protected]> * renamed variable tomake it clearer Signed-off-by: Mark Bolwell <[email protected]> * updated Signed-off-by: Mark Bolwell <[email protected]> * fix typo Signed-off-by: Mark Bolwell <[email protected]> * updated discovered variable naming Signed-off-by: Mark Bolwell <[email protected]> * updated variable naming Signed-off-by: Mark Bolwell <[email protected]> --------- Signed-off-by: Mark Bolwell <[email protected]> * [pre-commit.ci] pre-commit autoupdate (#367) updates: - [github.com/pre-commit/pre-commit-hooks: v4.5.0 → v4.6.0](pre-commit/pre-commit-hooks@v4.5.0...v4.6.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * [pre-commit.ci] pre-commit autoupdate (#368) updates: - [github.com/ansible-community/ansible-lint: v24.2.1 → v24.2.2](ansible/ansible-lint@v24.2.1...v24.2.2) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * updated for audit and url alignment (#370) Signed-off-by: Mark Bolwell <[email protected]> * [pre-commit.ci] pre-commit autoupdate (#372) updates: - [github.com/Yelp/detect-secrets: v1.4.0 → v1.5.0](Yelp/detect-secrets@v1.4.0...v1.5.0) - [github.com/gitleaks/gitleaks: v8.18.2 → v8.18.3](gitleaks/gitleaks@v8.18.2...v8.18.3) - [github.com/ansible-community/ansible-lint: v24.2.2 → v24.6.0](ansible/ansible-lint@v24.2.2...v24.6.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * use RHEL8 chrony.conf (#371) Signed-off-by: Tomáš Kuba <[email protected]> * Update Alma 8 GPG Key (#369) * Update Alma 8 GPG Key Update AlmaLinux.yml Signed-off-by: ajython <[email protected]> * Update AlmaLinux.yml Replace depricated Alma 8 GPG key Signed-off-by: ajython <[email protected]> --------- Signed-off-by: ajython <[email protected]> * May 24 updates (#376) * updated path to match disa for audit tools Signed-off-by: Mark Bolwell <[email protected]> * updated dict control Signed-off-by: Mark Bolwell <[email protected]> * updated nullok logic Signed-off-by: Mark Bolwell <[email protected]> * updated typos Signed-off-by: Mark Bolwell <[email protected]> * updated typ thanks to @msachikanta Signed-off-by: Mark Bolwell <[email protected]> --------- Signed-off-by: Mark Bolwell <[email protected]> * [pre-commit.ci] pre-commit autoupdate (#383) updates: - [github.com/gitleaks/gitleaks: v8.18.3 → v8.18.4](gitleaks/gitleaks@v8.18.3...v8.18.4) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * updated known issues thanks to @fgierlinger Signed-off-by: Mark Bolwell <[email protected]> * Interactive users logic and workflow (#385) * interactive user vars updates Signed-off-by: Mark Bolwell <[email protected]> * improved conditionals checks Signed-off-by: Mark Bolwell <[email protected]> * Tidy up titles Signed-off-by: Mark Bolwell <[email protected]> * updated with latest devel Signed-off-by: Mark Bolwell <[email protected]> * removed file not required Signed-off-by: Mark Bolwell <[email protected]> * improved logic for /dev/null home dirs Signed-off-by: Mark Bolwell <[email protected]> * Updated workflow to new runner Signed-off-by: Mark Bolwell <[email protected]> --------- Signed-off-by: Mark Bolwell <[email protected]> --------- Signed-off-by: Mark Bolwell <[email protected]> Signed-off-by: Bas Meijer <[email protected]> Signed-off-by: Tomáš Kuba <[email protected]> Signed-off-by: ajython <[email protected]> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> Co-authored-by: Bas <[email protected]> Co-authored-by: tomkuba <[email protected]> Co-authored-by: ajython <[email protected]> Co-authored-by: Fred W <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: uk-bolly <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
… into august_issues
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
Signed-off-by: Mark Bolwell <[email protected]>
|
Works with new audit branch created to align updates. |
Signed-off-by: Mark Bolwell <[email protected]>
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overall Review of Changes:
tidy up of branches
audit
precommits
authselect
Issue Fixes:
#400
#402
Enhancements:
rewrite authselect to simplify process
changed vars so easily overridden
jmespath dependancy removal
audit now able to run with ARM64 binary (note: It may have more failures in audit as not benchmark officially written for ARM, more feedback required)
How has this been tested?:
Manually and pipeline