Commit Graph

103 Commits

Author SHA1 Message Date
Imran Iqbal
6ebfc6f20c
test(zones_spec): check content of rendered zone files 2020-04-01 19:00:36 +01:00
Steven Daniele
cd4cec0089 feat: allow rich_rules to be specified as a dict
When specifying rich rules as a dictionary ipsets and services can be
specified as lists. They will be expanded out by the jinja template into
individual rich rules for the parent zone.
2020-03-30 09:01:27 -04:00
Imran Iqbal
cf21ccab97 chore(gitignore): update from the template-formula [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/132
2020-02-14 22:27:40 +00:00
Imran Iqbal
d02f890fb4 chore(rubocop): move LineLength cop from Metrics to Layout [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/129
2020-02-14 12:49:43 +00:00
semantic-release-bot
91362086a8 chore(release): 0.9.0 [skip ci]
# [0.9.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.8.0...v0.9.0) (2020-02-12)

### Features

* **zone.xml:** allow more services definition inside zone ([8d0172f](8d0172f5c7))
2020-02-12 19:12:49 +00:00
Imran Iqbal
0d0f191449
Merge pull request #36 from miska/master
Allow more services definition inside zone
2020-02-12 19:03:07 +00:00
semantic-release-bot
7ff891796a chore(release): 0.8.0 [skip ci]
# [0.8.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.7.0...v0.8.0) (2020-02-12)

### Continuous Integration

* workaround issues with newly introduced `amazonlinux-1` [skip ci] ([ace3433](ace343353d))
* workaround issues with newly introduced `amazonlinux-1` [skip ci] ([b5a95f3](b5a95f35ab))
* **gemfile:** restrict `train` gem version until upstream fix [skip ci] ([908f5df](908f5df86c))
* **kitchen:** avoid using bootstrap for `master` instances [skip ci] ([0b82e43](0b82e43a15))
* **travis:** apply changes from build config validation [skip ci] ([6e1b876](6e1b876298))
* **travis:** opt-in to `dpl v2` to complete build config validation [skip ci] ([70dc9aa](70dc9aa3b4))
* **travis:** quote pathspecs used with `git ls-files` [skip ci] ([97afbb1](97afbb1575))
* **travis:** run `shellcheck` during lint job [skip ci] ([d8bede7](d8bede7082))
* **travis:** use `major.minor` for `semantic-release` version [skip ci] ([b96cc56](b96cc569fe))
* **travis:** use build config validation (beta) [skip ci] ([07e7900](07e79001cd))

### Features

* standardize license and hand over to saltstack formulas ([20cb8a6](20cb8a60d3))
2020-02-12 14:51:28 +00:00
David Bezuidenhout
20cb8a60d3
feat: standardize license and hand over to saltstack formulas 2020-02-12 14:41:48 +00:00
Imran Iqbal
ebd46bea31
Merge branch '20200212142439' into upstream 2020-02-12 14:24:41 +00:00
Imran Iqbal
ace343353d ci: workaround issues with newly introduced amazonlinux-1 [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/127
2020-02-12 14:24:41 +00:00
Imran Iqbal
b5a95f35ab ci: workaround issues with newly introduced amazonlinux-1 [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/127
2020-02-12 14:24:12 +00:00
Michal Hrusecky
8d0172f5c7
feat(zone.xml): allow more services definition inside zone
Now multiple sections ending with `services` can be defined for each in pillar
and all of them will get merged into one service block in the zone. The goal is
to keep backward compatibility while allowing different services to be defined
in different pillars. So basically have various parts of the pillar affecting
the firewall without need to define everything centrally. Helpful for the
exceptions to the rules.
2020-02-11 15:29:11 +01:00
Imran Iqbal
0b82e43a15 ci(kitchen): avoid using bootstrap for master instances [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/124
2020-02-05 14:04:05 +00:00
Imran Iqbal
b96cc569fe ci(travis): use major.minor for semantic-release version [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/112
2019-12-22 00:56:35 +00:00
Imran Iqbal
908f5df86c ci(gemfile): restrict train gem version until upstream fix [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/110
2019-12-16 13:39:37 +00:00
Imran Iqbal
97afbb1575 ci(travis): quote pathspecs used with git ls-files [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/107
2019-11-27 22:01:28 +00:00
Imran Iqbal
d8bede7082 ci(travis): run shellcheck during lint job [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/106
2019-11-27 21:03:06 +00:00
Imran Iqbal
70dc9aa3b4 ci(travis): opt-in to dpl v2 to complete build config validation [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/100
2019-11-20 16:36:24 +00:00
Imran Iqbal
6e1b876298 ci(travis): apply changes from build config validation [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/98
2019-11-16 20:09:44 +00:00
Imran Iqbal
07e79001cd ci(travis): use build config validation (beta) [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/97
2019-11-13 16:51:58 +00:00
semantic-release-bot
dc8a9df3b8 chore(release): 0.7.0 [skip ci]
# [0.7.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v0.6.2...v0.7.0) (2019-11-09)

### Bug Fixes

* **map.jinja:** fix `salt-lint` errors ([de4e191](de4e1915fb))
* **rubocop:** add fixes using `rubocop --safe-auto-correct` ([8136b75](8136b75fa0))
* **yamllint:** fix all errors ([0f808d6](0f808d6afb))

### Documentation

* **readme:** modify according to standard structure ([3df11fc](3df11fc75c))
* **readme:** move to `docs/` directory ([d47265f](d47265f974))

### Features

* **semantic-release:** implement for this formula ([c5f114d](c5f114d886))
2019-11-09 15:08:24 +00:00
Niels Abspoel
cf901ef465
Merge pull request #33 from myii/feat/implement-semantic-release
feat(semantic-release): implement for this formula
2019-11-09 15:58:03 +01:00
Imran Iqbal
3df11fc75c
docs(readme): modify according to standard structure 2019-11-09 08:24:56 +00:00
Imran Iqbal
d47265f974
docs(readme): move to docs/ directory 2019-11-09 08:24:55 +00:00
Imran Iqbal
8136b75fa0
fix(rubocop): add fixes using rubocop --safe-auto-correct 2019-11-09 08:24:55 +00:00
Imran Iqbal
0f808d6afb
fix(yamllint): fix all errors
```bash
firewalld-formula$ yamllint -s .
./pillar.example
  2:1       warning  missing document start "---"  (document-start)
  3:12      warning  truthy value should be one of [false, true]  (truthy)
  12:13     warning  truthy value should be one of [false, true]  (truthy)
  15:89     error    line too long (108 > 88 characters)  (line-length)
  19:13     warning  truthy value should be one of [false, true]  (truthy)
  30:89     error    line too long (363 > 88 characters)  (line-length)
  96:89     error    line too long (170 > 88 characters)  (line-length)
  108:15    error    wrong indentation: expected 12 but found 14  (indentation)
  115:13    error    empty value in block mapping  (empty-values)
  116:2     error    syntax error: found character '%' that cannot start any token
  152:89    error    line too long (112 > 88 characters)  (line-length)

./firewalld/defaults.yaml
  3:1       warning  missing document start "---"  (document-start)
```
2019-11-09 08:24:55 +00:00
Imran Iqbal
de4e1915fb
fix(map.jinja): fix salt-lint errors
```bash
Examining firewalld/map.jinja of type state
[209] Jinja comment should have spaces before and after: {# comment #}
firewalld/map.jinja:4
{## Start with  defaults from defaults.yaml ##}

[209] Jinja comment should have spaces before and after: {# comment #}
firewalld/map.jinja:7
{##

[201] Trailing whitespace
firewalld/map.jinja:16
  }, grain='os_family', merge=salt['pillar.get']('firewalld:lookup'))

[209] Jinja comment should have spaces before and after: {# comment #}
firewalld/map.jinja:19
{## Merge the flavor_map to the default settings ##}

[209] Jinja comment should have spaces before and after: {# comment #}
firewalld/map.jinja:22
{## Merge in salt:lookup pillar ##}
```
2019-11-09 08:24:55 +00:00
Imran Iqbal
c5f114d886
feat(semantic-release): implement for this formula
* Automated using https://github.com/myii/ssf-formula/pull/95
2019-11-09 08:24:55 +00:00
Imran Iqbal
db9597e398
Merge pull request #32 from Sxderp/pr-remove-unexpected-icmp-block-attribtue
Remove name attribute in icmp-block-inversion
2019-11-08 18:52:47 +00:00
Steven Daniele
12b696a8fe Remove name attribute in icmp-block-inversion
Firewalld does not parse the name attribute.

Log message:
firewalld[1999]: ERROR: Failed to load zone file 'public.xml':
PARSE_ERROR: icmp-block-inversion: Unexpected attribute name
2019-11-08 10:37:31 -05:00
Imran Iqbal
9646ead4b4
Merge pull request #31 from Sxderp/pr-fix-block-inversion-key-name
Fix typo in icmp block inversion key name
2019-11-08 15:13:25 +00:00
Steven Daniele
64825e20ab Fix typo in icmp block inversion key name 2019-11-08 09:39:57 -05:00
Niels Abspoel
ae1f2453d3 add updated firewalld.conf from 0.7.1 2019-09-15 21:01:15 +01:00
Niels Abspoel
4937787038
Merge pull request #29 from noelmcloughlin/arch
feat(linux): archlinux support (no osfinger grain)
2019-08-04 21:23:15 +02:00
N
ad37448038
feat(linux): archlinux support (no osfinger grain) 2019-08-03 14:59:08 +01:00
Imran Iqbal
46288d6b50
Merge pull request #28 from aboe76/update_test_images
update test images
2019-04-30 20:07:25 +01:00
Niels Abspoel
f560dcd1b4 add @myii recommendations 2019-04-30 20:55:32 +02:00
Niels Abspoel
d201f448c9 update test images 2019-04-30 19:26:04 +02:00
Imran Iqbal
6a546ca192
Merge pull request #27 from aboe76/improve_service
update service and zones with more options
2019-04-06 22:39:30 +01:00
Niels Abspoel
a438f30f50 fix spacing in closing tags 2019-04-06 23:26:48 +02:00
Niels Abspoel
9522826dcb update gems 2019-04-06 22:03:15 +02:00
Niels Abspoel
87ecf4eea4 update gems 2019-04-06 21:58:48 +02:00
Niels Abspoel
18fc482853 update service and zones with more options
update kitchen travis
fix ipsets.sls
2019-04-06 21:40:50 +02:00
Javier Bértoli
f5c2acbd3a
Merge pull request #25 from aboe76/fix_travis
update kitchen.yml and Gemfile
2018-12-23 19:55:19 -03:00
Niels Abspoel
b05886c13e update kitchen.yml and Gemfile 2018-12-22 19:38:27 +01:00
Niels Abspoel
22e301a218
Merge pull request #24 from valibud/master
Add support for inet6 ipsets.
2018-12-10 20:01:04 +01:00
Valentin Bud
d1d7a9186c Add support for inet6 ipsets. 2018-12-10 13:44:53 +02:00
Niels Abspoel
a2d99c5957
Merge pull request #23 from netmanagers/master
Refactor ipset & backend
2018-08-26 07:55:00 +02:00
Javier Bértoli
951050008d Update pillar.example 2018-08-25 19:05:21 -03:00
Javier Bértoli
15a48462f0 Refactor backend format, add backward compatibility, simple pkg testing
See https://github.com/saltstack-formulas/firewalld-formula/pull/21#pullrequestreview-146958098
2018-08-25 19:00:11 -03:00