-
Notifications
You must be signed in to change notification settings - Fork 165
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
August issues #406
Merged
Merged
August issues #406
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Removed duplicate 2.2.17 Signed-off-by: George Nalen <georgen@mindpointgroup.com>
Release v1.0.3 Updates Signed-off-by: George Nalen <georgen@mindpointgroup.com>
Devel to main Signed-off-by: George Nalen <georgen@mindpointgroup.com>
New Benchmark updates and issue fixes Signed-off-by: George Nalen <georgen@mindpointgroup.com>
Benchmarks 2.0.0 and other updates
Merge devel to main
Devel to main release March 23
Release to main
March interim updates
Galaxy compliance
Devel to main release
devel to main release
workflow pipeline run through devel-main
main release
Main Release
Final V2.0.0 release to main
* initial v3.0.0 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed old conflict line Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up warning on 432 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up ec2_checks Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated warning on line 435 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated prelim and typos Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * [pre-commit.ci] pre-commit autoupdate updates: - [github.com/ansible-community/ansible-lint: v24.2.0 → v24.2.1](ansible/ansible-lint@v24.2.0...v24.2.1) * March 24 updates (#356) * added conditional to user password check #354 thanks to @bbaassssiiee Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated logic to check root passwd locked Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * lint and audit order change Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated for documentation format Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Allow for a local site policy for the openSSH server. (#358) If changes to the system-wide crypto policy are required to meet local site policy for the openSSH server, these changes should be done with a sub-policy assigned to the system-wide crypto policy. The role defaults can be overridden by the user's vars. The user should implement a .pmod file, and add its basename to `rhel8cis_allowed_crypto_policies_modules`. The role vars are harder to change due to the 21 priority levels of Ansible. Signed-off-by: Bas Meijer <bas.meijer@enexis.nl> * Issues March24 (#366) * #359 addressed thanks to @bbaassssiiee Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * sysctl matches requirement & handler added Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * container updated and cautions updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * issues #360 addressed thanks to @bbaassssiiee Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added #361 ensure local interface on 3.4.2.2 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * issue #363 addressed Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * variable naming and lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * variable naming and lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated handler Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * variable naming and lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fix issues with pam_unix Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added extra options Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * issue #365 addressed Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed commenting alternate file Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated var name to discovered Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * renamed variable tomake it clearer Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fix typo Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated discovered variable naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated variable naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * [pre-commit.ci] pre-commit autoupdate (#367) updates: - [github.com/pre-commit/pre-commit-hooks: v4.5.0 → v4.6.0](pre-commit/pre-commit-hooks@v4.5.0...v4.6.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * [pre-commit.ci] pre-commit autoupdate (#368) updates: - [github.com/ansible-community/ansible-lint: v24.2.1 → v24.2.2](ansible/ansible-lint@v24.2.1...v24.2.2) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * updated for audit and url alignment (#370) Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * [pre-commit.ci] pre-commit autoupdate (#372) updates: - [github.com/Yelp/detect-secrets: v1.4.0 → v1.5.0](Yelp/detect-secrets@v1.4.0...v1.5.0) - [github.com/gitleaks/gitleaks: v8.18.2 → v8.18.3](gitleaks/gitleaks@v8.18.2...v8.18.3) - [github.com/ansible-community/ansible-lint: v24.2.2 → v24.6.0](ansible/ansible-lint@v24.2.2...v24.6.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * use RHEL8 chrony.conf (#371) Signed-off-by: Tomáš Kuba <tom.kuba@gmail.com> * Update Alma 8 GPG Key (#369) * Update Alma 8 GPG Key Update AlmaLinux.yml Signed-off-by: ajython <ajython@users.noreply.github.com> * Update AlmaLinux.yml Replace depricated Alma 8 GPG key Signed-off-by: ajython <ajython@users.noreply.github.com> --------- Signed-off-by: ajython <ajython@users.noreply.github.com> * May 24 updates (#376) * updated path to match disa for audit tools Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated dict control Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated nullok logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated typos Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated typ thanks to @msachikanta Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * [pre-commit.ci] pre-commit autoupdate (#383) updates: - [github.com/gitleaks/gitleaks: v8.18.3 → v8.18.4](gitleaks/gitleaks@v8.18.3...v8.18.4) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * updated known issues thanks to @fgierlinger Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Interactive users logic and workflow (#385) * interactive user vars updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * improved conditionals checks Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Tidy up titles Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated with latest devel Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed file not required Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * improved logic for /dev/null home dirs Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Updated workflow to new runner Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> Signed-off-by: Bas Meijer <bas.meijer@enexis.nl> Signed-off-by: Tomáš Kuba <tom.kuba@gmail.com> Signed-off-by: ajython <ajython@users.noreply.github.com> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> Co-authored-by: Bas <bas.meijer@enexis.nl> Co-authored-by: tomkuba <tomkuba@users.noreply.github.com> Co-authored-by: ajython <ajython@users.noreply.github.com> Co-authored-by: Fred W <112580756+frederickw082922@users.noreply.github.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: uk-bolly <mark.bollyuk@gmail.com>
… into august_issues
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Works with new audit branch created to align updates. |
georgenalen
approved these changes
Sep 3, 2024
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overall Review of Changes:
tidy up of branches
audit
precommits
authselect
Issue Fixes:
#400
#402
Enhancements:
rewrite authselect to simplify process
changed vars so easily overridden
jmespath dependancy removal
audit now able to run with ARM64 binary (note: It may have more failures in audit as not benchmark officially written for ARM, more feedback required)
How has this been tested?:
Manually and pipeline