saltstack-formulas/firewalld-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: saltstack-formulas:master
Branches Tags
saltstack-formulas:master
saltstack-formulas:v1.3.1
saltstack-formulas:v1.3.0
saltstack-formulas:v1.2.1
saltstack-formulas:v1.2.0
saltstack-formulas:v1.1.2
saltstack-formulas:v1.1.1
saltstack-formulas:v1.1.0
saltstack-formulas:v1.0.0
saltstack-formulas:v0.10.1
saltstack-formulas:v0.10.0
saltstack-formulas:v0.9.0
saltstack-formulas:v0.8.0
saltstack-formulas:v0.7.0
saltstack-formulas:v0.6.2
..
compare: saltstack-formulas:v1.3.0
Branches Tags
saltstack-formulas:master
saltstack-formulas:v1.3.1
saltstack-formulas:v1.3.0
saltstack-formulas:v1.2.1
saltstack-formulas:v1.2.0
saltstack-formulas:v1.1.2
saltstack-formulas:v1.1.1
saltstack-formulas:v1.1.0
saltstack-formulas:v1.0.0
saltstack-formulas:v0.10.1
saltstack-formulas:v0.10.0
saltstack-formulas:v0.9.0
saltstack-formulas:v0.8.0
saltstack-formulas:v0.7.0
saltstack-formulas:v0.6.2

No commits in common. "master" and "v1.3.0" have entirely different histories.
master ... v1.3.0

24 changed files with 689 additions and 1154 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -127,7 +127,6 @@ tmp/
# `salt-formula` -- Vagrant Specific files
.vagrant
top.sls
!test/salt/pillar/top.sls
# `suricata-formula` -- Platform binaries
*.rpm

130
.gitlab-ci.yml
View File

@ -102,7 +102,7 @@ rubocop:
###############################################################################
# Define `test` template
###############################################################################
.test_instance: &test_instance
.test_instance:
stage: *stage_test
image: *image_dindruby
services: *services_docker_dind
@ -117,84 +117,106 @@ rubocop:
# Alternative value to consider: `${CI_JOB_NAME}`
- 'bin/kitchen verify "${DOCKER_ENV_CI_JOB_NAME}"'
###############################################################################
# Define `test` template (`allow_failure: true`)
###############################################################################
.test_instance_failure_permitted:
<<: *test_instance
allow_failure: true
###############################################################################
# `test` stage: each instance below uses the `test` template above
###############################################################################
## Define the rest of the matrix based on Kitchen testing
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
# yamllint disable rule:line-length
# default-debian-11-tiamat-py3: {extends: '.test_instance'}
# default-debian-10-tiamat-py3: {extends: '.test_instance'}
# default-debian-9-tiamat-py3: {extends: '.test_instance'}
# default-ubuntu-2204-tiamat-py3: {extends: '.test_instance_failure_permitted'}
# default-ubuntu-2004-tiamat-py3: {extends: '.test_instance'}
# default-ubuntu-1804-tiamat-py3: {extends: '.test_instance'}
# default-centos-stream8-tiamat-py3: {extends: '.test_instance_failure_permitted'}
# default-ubuntu-1604-tiamat-py3: {extends: '.test_instance'}
# default-centos-8-tiamat-py3: {extends: '.test_instance'}
# default-centos-7-tiamat-py3: {extends: '.test_instance'}
# default-amazonlinux-2-tiamat-py3: {extends: '.test_instance'}
# default-oraclelinux-8-tiamat-py3: {extends: '.test_instance'}
# default-oraclelinux-7-tiamat-py3: {extends: '.test_instance'}
# default-almalinux-8-tiamat-py3: {extends: '.test_instance'}
# default-rockylinux-8-tiamat-py3: {extends: '.test_instance'}
# default-debian-11-master-py3: {extends: '.test_instance'}
# default-debian-10-master-py3: {extends: '.test_instance'}
default-debian-9-master-py3: {extends: '.test_instance'}
# default-ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'}
# default-ubuntu-2004-master-py3: {extends: '.test_instance'}
default-ubuntu-1804-master-py3: {extends: '.test_instance'}
default-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'}
default-ubuntu-1604-master-py3: {extends: '.test_instance'}
default-centos-8-master-py3: {extends: '.test_instance'}
default-centos-7-master-py3: {extends: '.test_instance'}
default-fedora-36-master-py3: {extends: '.test_instance_failure_permitted'}
default-fedora-35-master-py3: {extends: '.test_instance'}
default-opensuse-leap-153-master-py3: {extends: '.test_instance'}
default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'}
default-fedora-34-master-py3: {extends: '.test_instance'}
default-fedora-33-master-py3: {extends: '.test_instance'}
default-fedora-32-master-py3: {extends: '.test_instance'}
default-opensuse-leap-152-master-py3: {extends: '.test_instance'}
default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance'}
default-amazonlinux-2-master-py3: {extends: '.test_instance'}
default-oraclelinux-8-master-py3: {extends: '.test_instance'}
default-oraclelinux-7-master-py3: {extends: '.test_instance'}
default-arch-base-latest-master-py3: {extends: '.test_instance'}
# default-gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
# default-gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
default-almalinux-8-master-py3: {extends: '.test_instance'}
default-rockylinux-8-master-py3: {extends: '.test_instance'}
# default-debian-11-3004-1-py3: {extends: '.test_instance'}
# default-debian-10-3004-1-py3: {extends: '.test_instance'}
# default-debian-9-3004-1-py3: {extends: '.test_instance'}
# default-ubuntu-2204-3004-1-py3: {extends: '.test_instance_failure_permitted'}
# default-ubuntu-2004-3004-1-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3004-1-py3: {extends: '.test_instance'}
# default-centos-stream8-3004-1-py3: {extends: '.test_instance_failure_permitted'}
# default-centos-7-3004-1-py3: {extends: '.test_instance'}
# default-fedora-36-3004-1-py3: {extends: '.test_instance_failure_permitted'}
# default-fedora-35-3004-1-py3: {extends: '.test_instance'}
# default-amazonlinux-2-3004-1-py3: {extends: '.test_instance'}
# default-oraclelinux-8-3004-1-py3: {extends: '.test_instance'}
# default-oraclelinux-7-3004-1-py3: {extends: '.test_instance'}
# default-arch-base-latest-3004-1-py3: {extends: '.test_instance'}
# default-gentoo-stage3-latest-3004-1-py3: {extends: '.test_instance'}
# default-gentoo-stage3-systemd-3004-1-py3: {extends: '.test_instance'}
# default-almalinux-8-3004-1-py3: {extends: '.test_instance'}
# default-rockylinux-8-3004-1-py3: {extends: '.test_instance'}
# default-opensuse-leap-153-3004-0-py3: {extends: '.test_instance'}
# default-opensuse-tmbl-latest-3004-0-py3: {extends: '.test_instance_failure_permitted'}
# default-debian-10-3003-4-py3: {extends: '.test_instance'}
# default-debian-9-3003-4-py3: {extends: '.test_instance'}
# default-ubuntu-2004-3003-4-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3003-4-py3: {extends: '.test_instance'}
# default-centos-stream8-3003-4-py3: {extends: '.test_instance_failure_permitted'}
# default-centos-7-3003-4-py3: {extends: '.test_instance'}
# default-amazonlinux-2-3003-4-py3: {extends: '.test_instance'}
# default-oraclelinux-8-3003-4-py3: {extends: '.test_instance'}
# default-oraclelinux-7-3003-4-py3: {extends: '.test_instance'}
# default-almalinux-8-3003-4-py3: {extends: '.test_instance'}
# yamllint enable rule:line-length
# default-debian-10-3003-0-py3: {extends: '.test_instance'}
# default-debian-9-3003-0-py3: {extends: '.test_instance'}
# default-ubuntu-2004-3003-0-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3003-0-py3: {extends: '.test_instance'}
# default-centos-8-3003-0-py3: {extends: '.test_instance'}
# default-centos-7-3003-0-py3: {extends: '.test_instance'}
# default-fedora-34-3003-0-py3: {extends: '.test_instance'}
# default-fedora-33-3003-0-py3: {extends: '.test_instance'}
# default-fedora-32-3003-0-py3: {extends: '.test_instance'}
# default-amazonlinux-2-3003-0-py3: {extends: '.test_instance'}
# default-oraclelinux-8-3003-0-py3: {extends: '.test_instance'}
# default-oraclelinux-7-3003-0-py3: {extends: '.test_instance'}
# default-arch-base-latest-3003-0-py3: {extends: '.test_instance'}
# default-gentoo-stage3-latest-3003-0-py3: {extends: '.test_instance'}
# default-gentoo-stage3-systemd-3003-0-py3: {extends: '.test_instance'}
# default-debian-10-3002-6-py3: {extends: '.test_instance'}
# default-debian-9-3002-6-py3: {extends: '.test_instance'}
# default-ubuntu-2004-3002-6-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3002-6-py3: {extends: '.test_instance'}
# default-ubuntu-1604-3002-6-py3: {extends: '.test_instance'}
# default-centos-8-3002-6-py3: {extends: '.test_instance'}
# default-centos-7-3002-6-py3: {extends: '.test_instance'}
# default-fedora-34-3002-6-py3: {extends: '.test_instance'}
# default-fedora-33-3002-6-py3: {extends: '.test_instance'}
# default-fedora-32-3002-6-py3: {extends: '.test_instance'}
# default-amazonlinux-2-3002-6-py3: {extends: '.test_instance'}
# default-oraclelinux-8-3002-6-py3: {extends: '.test_instance'}
# default-oraclelinux-7-3002-6-py3: {extends: '.test_instance'}
# default-arch-base-latest-3002-6-py3: {extends: '.test_instance'}
# default-gentoo-stage3-latest-3002-5-py3: {extends: '.test_instance'}
# default-gentoo-stage3-systemd-3002-5-py3: {extends: '.test_instance'}
# default-opensuse-leap-152-3002-2-py3: {extends: '.test_instance'}
# default-opensuse-tmbl-latest-3002-2-py3: {extends: '.test_instance'}
# default-debian-10-3001-7-py3: {extends: '.test_instance'}
# default-debian-9-3001-7-py3: {extends: '.test_instance'}
# default-ubuntu-2004-3001-7-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3001-7-py3: {extends: '.test_instance'}
# default-ubuntu-1604-3001-7-py3: {extends: '.test_instance'}
# default-centos-8-3001-7-py3: {extends: '.test_instance'}
# default-centos-7-3001-7-py3: {extends: '.test_instance'}
# default-fedora-34-3001-7-py3: {extends: '.test_instance'}
# default-fedora-33-3001-7-py3: {extends: '.test_instance'}
# default-fedora-32-3001-7-py3: {extends: '.test_instance'}
# default-opensuse-leap-152-3001-7-py3: {extends: '.test_instance'}
# default-opensuse-tmbl-latest-3001-7-py3: {extends: '.test_instance'}
# default-amazonlinux-2-3001-7-py3: {extends: '.test_instance'}
# default-oraclelinux-8-3001-7-py3: {extends: '.test_instance'}
# default-oraclelinux-7-3001-7-py3: {extends: '.test_instance'}
# default-arch-base-latest-3001-7-py3: {extends: '.test_instance'}
# default-gentoo-stage3-latest-3001-6-py3: {extends: '.test_instance'}
# default-gentoo-stage3-systemd-3001-6-py3: {extends: '.test_instance'}
# default-debian-10-3000-9-py3: {extends: '.test_instance'}
# default-debian-9-3000-9-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3000-9-py3: {extends: '.test_instance'}
# default-ubuntu-1604-3000-9-py3: {extends: '.test_instance'}
# default-centos-8-3000-9-py3: {extends: '.test_instance'}
# default-centos-7-3000-9-py3: {extends: '.test_instance'}
# default-opensuse-leap-152-3000-9-py3: {extends: '.test_instance'}
# default-amazonlinux-2-3000-9-py3: {extends: '.test_instance'}
# default-oraclelinux-8-3000-9-py3: {extends: '.test_instance'}
# default-oraclelinux-7-3000-9-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3000-9-py2: {extends: '.test_instance'}
# default-ubuntu-1604-3000-9-py2: {extends: '.test_instance'}
# default-arch-base-latest-3000-9-py2: {extends: '.test_instance'}
# default-gentoo-stage3-latest-3000-8-py3: {extends: '.test_instance'}
# default-gentoo-stage3-systemd-3000-8-py3: {extends: '.test_instance'}
###############################################################################
# `release` stage: `semantic-release`

31
.pre-commit-config.yaml
View File

@ -3,18 +3,6 @@
---
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
ci:
autofix_commit_msg: |
ci(pre-commit.ci): apply auto fixes from pre-commit.com hooks
For more information, see https://pre-commit.ci
autofix_prs: true
autoupdate_branch: ''
autoupdate_commit_msg: |
ci(pre-commit.ci): perform `pre-commit` autoupdate
autoupdate_schedule: quarterly
skip: []
submodules: false
default_stages: [commit]
repos:
- repo: https://github.com/dafyddj/commitlint-pre-commit-hook
@ -30,7 +18,7 @@ repos:
additional_dependencies: ['@commitlint/config-conventional@8.3.4']
always_run: true
- repo: https://github.com/rubocop-hq/rubocop
rev: v1.30.1
rev: v1.9.1
hooks:
- id: rubocop
name: Check Ruby files with rubocop
@ -38,14 +26,14 @@ repos:
always_run: true
pass_filenames: false
- repo: https://github.com/shellcheck-py/shellcheck-py
rev: v0.8.0.4
rev: v0.7.1.1
hooks:
- id: shellcheck
name: Check shell scripts with shellcheck
files: ^.*\.(sh|bash|ksh)$
types: []
- repo: https://github.com/adrienverge/yamllint
rev: v1.26.3
rev: v1.23.0
hooks:
- id: yamllint
name: Check YAML syntax with yamllint
@ -53,7 +41,7 @@ repos:
always_run: true
pass_filenames: false
- repo: https://github.com/warpnet/salt-lint
rev: v0.8.0
rev: v0.3.0
hooks:
- id: salt-lint
name: Check Salt files using salt-lint
@ -64,14 +52,3 @@ repos:
- id: rstcheck
name: Check reST files using rstcheck
exclude: 'docs/CHANGELOG.rst'
- repo: https://github.com/saltstack-formulas/mirrors-rst-lint
rev: v1.3.2
hooks:
- id: rst-lint
name: Check reST files using rst-lint
exclude: |
(?x)^(
docs/CHANGELOG.rst|
docs/TOFS_pattern.rst|
)$
additional_dependencies: [pygments==2.9.0]

4
.rubocop.yml
View File

@ -16,8 +16,4 @@ Security/YAMLLoad:
Exclude:
- test/integration/**/_mapdata.rb
# General settings across all cops in this formula
AllCops:
NewCops: enable
# Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`

117
.travis.yml
View File

@ -83,30 +83,27 @@ jobs:
## Define the rest of the matrix based on Kitchen testing
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
# - env: INSTANCE=default-debian-11-tiamat-py3
# - env: INSTANCE=default-debian-10-tiamat-py3
# - env: INSTANCE=default-debian-9-tiamat-py3
# - env: INSTANCE=default-ubuntu-2204-tiamat-py3
# - env: INSTANCE=default-ubuntu-2004-tiamat-py3
# - env: INSTANCE=default-ubuntu-1804-tiamat-py3
# - env: INSTANCE=default-centos-stream8-tiamat-py3
# - env: INSTANCE=default-ubuntu-1604-tiamat-py3
# - env: INSTANCE=default-centos-8-tiamat-py3
# - env: INSTANCE=default-centos-7-tiamat-py3
# - env: INSTANCE=default-amazonlinux-2-tiamat-py3
# - env: INSTANCE=default-oraclelinux-8-tiamat-py3
# - env: INSTANCE=default-oraclelinux-7-tiamat-py3
# - env: INSTANCE=default-almalinux-8-tiamat-py3
# - env: INSTANCE=default-rockylinux-8-tiamat-py3
# - env: INSTANCE=default-debian-11-master-py3
# - env: INSTANCE=default-debian-10-master-py3
- env: INSTANCE=default-debian-9-master-py3
# - env: INSTANCE=default-ubuntu-2204-master-py3
# - env: INSTANCE=default-ubuntu-2004-master-py3
- env: INSTANCE=default-ubuntu-1804-master-py3
- env: INSTANCE=default-centos-stream8-master-py3
- env: INSTANCE=default-ubuntu-1604-master-py3
- env: INSTANCE=default-centos-8-master-py3
- env: INSTANCE=default-centos-7-master-py3
- env: INSTANCE=default-fedora-36-master-py3
- env: INSTANCE=default-fedora-35-master-py3
- env: INSTANCE=default-opensuse-leap-153-master-py3
- env: INSTANCE=default-fedora-34-master-py3
- env: INSTANCE=default-fedora-33-master-py3
- env: INSTANCE=default-fedora-32-master-py3
- env: INSTANCE=default-opensuse-leap-152-master-py3
- env: INSTANCE=default-opensuse-tmbl-latest-master-py3
- env: INSTANCE=default-amazonlinux-2-master-py3
- env: INSTANCE=default-oraclelinux-8-master-py3
@ -114,38 +111,72 @@ jobs:
- env: INSTANCE=default-arch-base-latest-master-py3
# - env: INSTANCE=default-gentoo-stage3-latest-master-py3
# - env: INSTANCE=default-gentoo-stage3-systemd-master-py3
- env: INSTANCE=default-almalinux-8-master-py3
- env: INSTANCE=default-rockylinux-8-master-py3
# - env: INSTANCE=default-debian-11-3004-1-py3
# - env: INSTANCE=default-debian-10-3004-1-py3
# - env: INSTANCE=default-debian-9-3004-1-py3
# - env: INSTANCE=default-ubuntu-2204-3004-1-py3
# - env: INSTANCE=default-ubuntu-2004-3004-1-py3
# - env: INSTANCE=default-ubuntu-1804-3004-1-py3
# - env: INSTANCE=default-centos-stream8-3004-1-py3
# - env: INSTANCE=default-centos-7-3004-1-py3
# - env: INSTANCE=default-fedora-36-3004-1-py3
# - env: INSTANCE=default-fedora-35-3004-1-py3
# - env: INSTANCE=default-amazonlinux-2-3004-1-py3
# - env: INSTANCE=default-oraclelinux-8-3004-1-py3
# - env: INSTANCE=default-oraclelinux-7-3004-1-py3
# - env: INSTANCE=default-arch-base-latest-3004-1-py3
# - env: INSTANCE=default-gentoo-stage3-latest-3004-1-py3
# - env: INSTANCE=default-gentoo-stage3-systemd-3004-1-py3
# - env: INSTANCE=default-almalinux-8-3004-1-py3
# - env: INSTANCE=default-rockylinux-8-3004-1-py3
# - env: INSTANCE=default-opensuse-leap-153-3004-0-py3
# - env: INSTANCE=default-opensuse-tmbl-latest-3004-0-py3
# - env: INSTANCE=default-debian-10-3003-4-py3
# - env: INSTANCE=default-debian-9-3003-4-py3
# - env: INSTANCE=default-ubuntu-2004-3003-4-py3
# - env: INSTANCE=default-ubuntu-1804-3003-4-py3
# - env: INSTANCE=default-centos-stream8-3003-4-py3
# - env: INSTANCE=default-centos-7-3003-4-py3
# - env: INSTANCE=default-amazonlinux-2-3003-4-py3
# - env: INSTANCE=default-oraclelinux-8-3003-4-py3
# - env: INSTANCE=default-oraclelinux-7-3003-4-py3
# - env: INSTANCE=default-almalinux-8-3003-4-py3
# - env: INSTANCE=default-debian-10-3003-0-py3
# - env: INSTANCE=default-debian-9-3003-0-py3
# - env: INSTANCE=default-ubuntu-2004-3003-0-py3
# - env: INSTANCE=default-ubuntu-1804-3003-0-py3
# - env: INSTANCE=default-centos-8-3003-0-py3
# - env: INSTANCE=default-centos-7-3003-0-py3
# - env: INSTANCE=default-fedora-34-3003-0-py3
# - env: INSTANCE=default-fedora-33-3003-0-py3
# - env: INSTANCE=default-fedora-32-3003-0-py3
# - env: INSTANCE=default-amazonlinux-2-3003-0-py3
# - env: INSTANCE=default-oraclelinux-8-3003-0-py3
# - env: INSTANCE=default-oraclelinux-7-3003-0-py3
# - env: INSTANCE=default-arch-base-latest-3003-0-py3
# - env: INSTANCE=default-gentoo-stage3-latest-3003-0-py3
# - env: INSTANCE=default-gentoo-stage3-systemd-3003-0-py3
# - env: INSTANCE=default-debian-10-3002-6-py3
# - env: INSTANCE=default-debian-9-3002-6-py3
# - env: INSTANCE=default-ubuntu-2004-3002-6-py3
# - env: INSTANCE=default-ubuntu-1804-3002-6-py3
# - env: INSTANCE=default-ubuntu-1604-3002-6-py3
# - env: INSTANCE=default-centos-8-3002-6-py3
# - env: INSTANCE=default-centos-7-3002-6-py3
# - env: INSTANCE=default-fedora-34-3002-6-py3
# - env: INSTANCE=default-fedora-33-3002-6-py3
# - env: INSTANCE=default-fedora-32-3002-6-py3
# - env: INSTANCE=default-amazonlinux-2-3002-6-py3
# - env: INSTANCE=default-oraclelinux-8-3002-6-py3
# - env: INSTANCE=default-oraclelinux-7-3002-6-py3
# - env: INSTANCE=default-arch-base-latest-3002-6-py3
# - env: INSTANCE=default-gentoo-stage3-latest-3002-5-py3
# - env: INSTANCE=default-gentoo-stage3-systemd-3002-5-py3
# - env: INSTANCE=default-opensuse-leap-152-3002-2-py3
# - env: INSTANCE=default-opensuse-tmbl-latest-3002-2-py3
# - env: INSTANCE=default-debian-10-3001-7-py3
# - env: INSTANCE=default-debian-9-3001-7-py3
# - env: INSTANCE=default-ubuntu-2004-3001-7-py3
# - env: INSTANCE=default-ubuntu-1804-3001-7-py3
# - env: INSTANCE=default-ubuntu-1604-3001-7-py3
# - env: INSTANCE=default-centos-8-3001-7-py3
# - env: INSTANCE=default-centos-7-3001-7-py3
# - env: INSTANCE=default-fedora-34-3001-7-py3
# - env: INSTANCE=default-fedora-33-3001-7-py3
# - env: INSTANCE=default-fedora-32-3001-7-py3
# - env: INSTANCE=default-opensuse-leap-152-3001-7-py3
# - env: INSTANCE=default-opensuse-tmbl-latest-3001-7-py3
# - env: INSTANCE=default-amazonlinux-2-3001-7-py3
# - env: INSTANCE=default-oraclelinux-8-3001-7-py3
# - env: INSTANCE=default-oraclelinux-7-3001-7-py3
# - env: INSTANCE=default-arch-base-latest-3001-7-py3
# - env: INSTANCE=default-gentoo-stage3-latest-3001-6-py3
# - env: INSTANCE=default-gentoo-stage3-systemd-3001-6-py3
# - env: INSTANCE=default-debian-10-3000-9-py3
# - env: INSTANCE=default-debian-9-3000-9-py3
# - env: INSTANCE=default-ubuntu-1804-3000-9-py3
# - env: INSTANCE=default-ubuntu-1604-3000-9-py3
# - env: INSTANCE=default-centos-8-3000-9-py3
# - env: INSTANCE=default-centos-7-3000-9-py3
# - env: INSTANCE=default-opensuse-leap-152-3000-9-py3
# - env: INSTANCE=default-amazonlinux-2-3000-9-py3
# - env: INSTANCE=default-oraclelinux-8-3000-9-py3
# - env: INSTANCE=default-oraclelinux-7-3000-9-py3
# - env: INSTANCE=default-ubuntu-1804-3000-9-py2
# - env: INSTANCE=default-ubuntu-1604-3000-9-py2
# - env: INSTANCE=default-arch-base-latest-3000-9-py2
# - env: INSTANCE=default-gentoo-stage3-latest-3000-8-py3
# - env: INSTANCE=default-gentoo-stage3-systemd-3000-8-py3
## Define the release stage that runs `semantic-release`
- stage: 'release'

14
.yamllint
View File

@ -5,15 +5,13 @@
extends: 'default'
# Files to ignore completely
# 1. All YAML files under directory `.bundle/`, introduced if gems are installed locally
# 2. All YAML files under directory `.cache/`, introduced during the CI run
# 3. All YAML files under directory `.git/`
# 4. All YAML files under directory `node_modules/`, introduced during the CI run
# 5. Any SLS files under directory `test/`, which are actually state files
# 6. Any YAML files under directory `.kitchen/`, introduced during local testing
# 7. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax
# 1. All YAML files under directory `.cache/`, introduced during the GitLab CI run
# 2. All YAML files under directory `.git/`
# 3. All YAML files under directory `node_modules/`, introduced during the Travis run
# 4. Any SLS files under directory `test/`, which are actually state files
# 5. Any YAML files under directory `.kitchen/`, introduced during local testing
# 6. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax
ignore: |
.bundle/
.cache/
.git/
node_modules/

6
AUTHORS.md
View File

@ -4,18 +4,18 @@ This list is sorted by the number of commits per contributor in _descending_ ord
Avatar|Contributor|Contributions
:-:|---|:-:
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10231489?v=4' width='36' height='36' alt='@myii'>|[@myii](https://github.com/myii)|79
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10231489?v=4' width='36' height='36' alt='@myii'>|[@myii](https://github.com/myii)|78
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1800660?v=4' width='36' height='36' alt='@aboe76'>|[@aboe76](https://github.com/aboe76)|24
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/242396?v=4' width='36' height='36' alt='@javierbertoli'>|[@javierbertoli](https://github.com/javierbertoli)|13
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/6609453?v=4' width='36' height='36' alt='@Sxderp'>|[@Sxderp](https://github.com/Sxderp)|6
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4195158?v=4' width='36' height='36' alt='@dafyddj'>|[@dafyddj](https://github.com/dafyddj)|3
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/38090329?v=4' width='36' height='36' alt='@genaumann'>|[@genaumann](https://github.com/genaumann)|3
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/13322818?v=4' width='36' height='36' alt='@noelmcloughlin'>|[@noelmcloughlin](https://github.com/noelmcloughlin)|3
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/12465797?v=4' width='36' height='36' alt='@hoonetorg'>|[@hoonetorg](https://github.com/hoonetorg)|3
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1233212?v=4' width='36' height='36' alt='@baby-gnu'>|[@baby-gnu](https://github.com/baby-gnu)|3
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/5417682?v=4' width='36' height='36' alt='@tinuva'>|[@tinuva](https://github.com/tinuva)|3
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/6018668?v=4' width='36' height='36' alt='@amendlik'>|[@amendlik](https://github.com/amendlik)|2
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2619394?v=4' width='36' height='36' alt='@apatard'>|[@apatard](https://github.com/apatard)|2
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/38090329?v=4' width='36' height='36' alt='@genaumann'>|[@genaumann](https://github.com/genaumann)|2
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/641501?v=4' width='36' height='36' alt='@Angelo-Verona'>|[@Angelo-Verona](https://github.com/Angelo-Verona)|1
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4069630?v=4' width='36' height='36' alt='@cmercier'>|[@cmercier](https://github.com/cmercier)|1
<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/702318?v=4' width='36' height='36' alt='@basepi'>|[@basepi](https://github.com/basepi)|1
@ -26,4 +26,4 @@ Avatar|Contributor|Contributions
---
Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2021-06-22.
Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2021-06-18.

12
CHANGELOG.md
View File

@ -1,17 +1,5 @@
# Changelog
## [1.3.1](https://github.com/saltstack-formulas/firewalld-formula/compare/v1.3.0...v1.3.1) (2021-06-22)
### Bug Fixes
* **debian10 iptables:** install iptables from buster-backports ([8d5c0c9](https://github.com/saltstack-formulas/firewalld-formula/commit/8d5c0c941044b65f275b05f5579d54282943ced7))
### Continuous Integration
* **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] ([70cf9fa](https://github.com/saltstack-formulas/firewalld-formula/commit/70cf9fa8d50ae833020108c5136ad8fddf733d29))
# [1.3.0](https://github.com/saltstack-formulas/firewalld-formula/compare/v1.2.1...v1.3.0) (2021-06-18)

1
CODEOWNERS
View File

@ -26,7 +26,6 @@
/test/integration/**/libraries/system.rb @saltstack-formulas/ssf
/test/integration/**/inspec.yml @saltstack-formulas/ssf
/test/integration/**/README.md @saltstack-formulas/ssf
/test/salt/pillar/top.sls @saltstack-formulas/ssf
/.gitignore @saltstack-formulas/ssf
/.cirrus.yml @saltstack-formulas/ssf
/.gitlab-ci.yml @saltstack-formulas/ssf

2
FORMULA
View File

@ -1,7 +1,7 @@
name: firewalld
os: Debian, Ubuntu, Raspbian, RedHat, Fedora, CentOS, Suse, openSUSE, Gentoo, Funtoo, Arch, Manjaro, Alpine, FreeBSD, OpenBSD, Solaris, SmartOS, Windows, MacOS
os_family: Debian, RedHat, Suse, Gentoo, Arch, Alpine, FreeBSD, OpenBSD, Solaris, Windows, MacOS
version: 1.3.1
version: 1.3.0
release: 1
minimum_version: 2017.7
summary: firewalld formula

21
Gemfile
View File

@ -1,19 +1,14 @@
# frozen_string_literal: true
source ENV.fetch('PROXY_RUBYGEMSORG', 'https://rubygems.org')
source 'https://rubygems.org'
# Install the `inspec` gem using `git` because versions after `4.22.22`
# suppress diff output; this version fixes this for our uses.
# rubocop:disable Layout/LineLength
gem 'inspec', git: 'https://gitlab.com/saltstack-formulas/infrastructure/inspec', branch: 'ssf'
# rubocop:enable Layout/LineLength
# Install the `kitchen-docker` gem using `git` in order to gain a performance
# improvement: avoid package installations which are already covered by the
# `salt-image-builder` (i.e. the pre-salted images that we're using)
# Use the latest version of `inspec` prior to `4.23.4`, which introduces a
# regression where the diff isn't displayed when comparing using `eq`.
gem 'inspec', '~> 4.22.22'
# Install the `kitchen-docker` gem using `git` because the latest version
# currently available (`2.10.0`) doesn't include a recent fix for Gentoo.
# rubocop:disable Layout/LineLength
gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf'
# rubocop:enable Layout/LineLength
gem 'kitchen-inspec', '>= 2.5.0'
gem 'kitchen-salt', '>= 0.7.2'
gem 'kitchen-inspec', '>= 2.2.1'
gem 'kitchen-salt', '>= 0.6.3'

661
Gemfile.lock
View File

@ -1,418 +1,321 @@
GIT
remote: https://gitlab.com/saltstack-formulas/infrastructure/inspec
revision: aaef842906a5666f0fc0b4f186b4dd3498f5b28c
branch: ssf
specs:
inspec (5.18.15)
cookstyle
faraday_middleware (>= 0.12.2, < 1.1)
inspec-core (= 5.18.15)
mongo (= 2.13.2)
progress_bar (~> 1.3.3)
rake
train (~> 3.10)
train-aws (~> 0.2)
train-habitat (~> 0.1)
train-winrm (~> 0.2)
inspec-core (5.18.15)
addressable (~> 2.4)
chef-telemetry (~> 1.0, >= 1.0.8)
faraday (>= 0.9.0, < 1.5)
faraday_middleware (~> 1.0)
hashie (>= 3.4, < 5.0)
license-acceptance (>= 0.2.13, < 3.0)
method_source (>= 0.8, < 2.0)
mixlib-log (~> 3.0)
multipart-post (~> 2.0)
parallel (~> 1.9)
parslet (>= 1.5, < 2.0)
pry (~> 0.13)
rspec (>= 3.9, <= 3.11)
rspec-its (~> 1.2)
rubyzip (>= 1.2.2, < 3.0)
semverse (~> 3.0)
sslshake (~> 1.2)
thor (>= 0.20, < 2.0)
tomlrb (>= 1.2, < 2.1)
train-core (~> 3.10)
tty-prompt (~> 0.17)
tty-table (~> 0.10)
GIT
remote: https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker
revision: 9a09bc1e571e25f3ccabf4725ca2048d970fff82
revision: 042e6921940a28d2502258b6a5ff3be17dd2fd37
branch: ssf
specs:
kitchen-docker (2.12.0)
kitchen-docker (2.10.0)
test-kitchen (>= 1.0.0)
GEM
remote: https://rubygems.org/
specs:
activesupport (7.0.3.1)
activesupport (5.2.4.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
addressable (2.8.0)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
addressable (2.7.0)
public_suffix (>= 2.0.2, < 5.0)
ast (2.4.2)
aws-eventstream (1.2.0)
aws-partitions (1.607.0)
aws-sdk-alexaforbusiness (1.56.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-eventstream (1.1.0)
aws-partitions (1.386.0)
aws-sdk-apigateway (1.55.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-amplify (1.32.0)
aws-sdk-core (~> 3, >= 3.120.0)
aws-sdk-apigatewayv2 (1.29.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-apigateway (1.78.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-athena (1.33.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-apigatewayv2 (1.42.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-autoscaling (1.22.0)
aws-sdk-core (~> 3, >= 3.52.1)
aws-sigv4 (~> 1.1)
aws-sdk-applicationautoscaling (1.51.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-budgets (1.36.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-athena (1.55.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-cloudformation (1.44.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-autoscaling (1.63.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-cloudfront (1.46.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-batch (1.47.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-cloudhsm (1.27.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-budgets (1.50.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-cloudhsmv2 (1.30.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudformation (1.70.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-cloudtrail (1.29.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudfront (1.65.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-cloudwatch (1.45.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudhsm (1.39.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-cloudwatchlogs (1.38.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudhsmv2 (1.42.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-codecommit (1.40.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudtrail (1.49.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-codedeploy (1.37.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudwatch (1.64.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-codepipeline (1.37.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudwatchevents (1.46.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-configservice (1.53.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudwatchlogs (1.53.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-codecommit (1.51.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-codedeploy (1.49.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-codepipeline (1.53.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-cognitoidentity (1.31.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sigv4 (~> 1.1)
aws-sdk-cognitoidentityprovider (1.53.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sigv4 (~> 1.1)
aws-sdk-configservice (1.79.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.131.2)
aws-sdk-core (3.109.1)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-partitions (~> 1, >= 1.239.0)
aws-sigv4 (~> 1.1)
jmespath (~> 1, >= 1.6.1)
aws-sdk-costandusagereportservice (1.40.0)
aws-sdk-core (~> 3, >= 3.127.0)
jmespath (~> 1.0)
aws-sdk-costandusagereportservice (1.28.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-databasemigrationservice (1.53.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-dynamodb (1.55.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-dynamodb (1.75.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.202.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ec2 (1.322.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ecr (1.39.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ecr (1.56.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ecs (1.70.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ecrpublic (1.12.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-efs (1.36.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ecs (1.100.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-eks (1.45.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-efs (1.54.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-elasticache (1.44.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-eks (1.75.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-elasticbeanstalk (1.39.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticache (1.78.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-elasticloadbalancing (1.29.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticbeanstalk (1.51.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-elasticloadbalancingv2 (1.53.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticloadbalancing (1.40.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-elasticsearchservice (1.43.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticloadbalancingv2 (1.78.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-firehose (1.35.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticsearchservice (1.65.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-guardduty (1.42.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-emr (1.53.0)
aws-sdk-core (~> 3, >= 3.121.2)
aws-sdk-iam (1.46.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-eventbridge (1.24.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-kafka (1.29.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-firehose (1.48.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kinesis (1.30.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-glue (1.88.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-kms (1.39.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-guardduty (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-lambda (1.51.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-iam (1.69.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-organizations (1.17.0)
aws-sdk-core (~> 3, >= 3.39.0)
aws-sigv4 (~> 1.0)
aws-sdk-rds (1.104.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-kafka (1.50.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-redshift (1.50.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-kinesis (1.41.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-route53 (1.44.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.57.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-route53domains (1.28.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-lambda (1.84.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-route53resolver (1.21.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-mq (1.40.0)
aws-sdk-core (~> 3, >= 3.120.0)
aws-sigv4 (~> 1.1)
aws-sdk-networkfirewall (1.17.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-networkmanager (1.24.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-organizations (1.59.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sigv4 (~> 1.1)
aws-sdk-ram (1.26.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sigv4 (~> 1.1)
aws-sdk-rds (1.148.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-redshift (1.84.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-route53 (1.63.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-route53domains (1.40.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-route53resolver (1.37.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.83.1)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sdk-s3control (1.43.0)
aws-sdk-core (~> 3, >= 3.122.0)
aws-sigv4 (~> 1.1)
aws-sdk-secretsmanager (1.46.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-securityhub (1.35.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-securityhub (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ses (1.36.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-servicecatalog (1.60.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sdk-sms (1.27.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ses (1.41.0)
aws-sdk-core (~> 3, >= 3.120.0)
aws-sdk-sns (1.34.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-shield (1.48.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-sqs (1.34.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-signer (1.32.0)
aws-sdk-core (~> 3, >= 3.120.0)
aws-sdk-ssm (1.95.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-simpledb (1.29.0)
aws-sdk-core (~> 3, >= 3.120.0)
aws-sigv2 (~> 1.0)
aws-sdk-sms (1.40.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-sns (1.53.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-sqs (1.51.1)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-ssm (1.137.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-states (1.39.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sigv4 (~> 1.1)
aws-sdk-synthetics (1.19.0)
aws-sdk-core (~> 3, >= 3.121.2)
aws-sigv4 (~> 1.1)
aws-sdk-transfer (1.34.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sigv4 (~> 1.1)
aws-sdk-waf (1.43.0)
aws-sdk-core (~> 3, >= 3.122.0)
aws-sigv4 (~> 1.1)
aws-sigv2 (1.1.0)
aws-sigv4 (1.5.0)
aws-sigv4 (1.2.2)
aws-eventstream (~> 1, >= 1.0.2)
azure_graph_rbac (0.17.2)
ms_rest_azure (~> 0.12.0)
azure_mgmt_key_vault (0.17.7)
azure_mgmt_key_vault (0.17.6)
ms_rest_azure (~> 0.12.0)
azure_mgmt_resources (0.18.2)
azure_mgmt_resources (0.18.0)
ms_rest_azure (~> 0.12.0)
azure_mgmt_security (0.19.0)
azure_mgmt_security (0.18.2)
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
azure_mgmt_storage (0.22.0)
ms_rest_azure (~> 0.12.0)
bcrypt_pbkdf (1.1.0)
bson (4.15.0)
bcrypt_pbkdf (1.0.1)
builder (3.2.4)
chef-config (17.10.0)
chef-config (16.6.14)
addressable
chef-utils (= 17.10.0)
chef-utils (= 16.6.14)
fuzzyurl
mixlib-config (>= 2.2.12, < 4.0)
mixlib-shellout (>= 2.0, < 4.0)
tomlrb (~> 1.2)
chef-telemetry (1.1.1)
chef-telemetry (1.0.14)
chef-config
concurrent-ruby (~> 1.0)
chef-utils (17.10.0)
concurrent-ruby
ffi-yajl (~> 2.2)
chef-utils (16.6.14)
coderay (1.1.3)
concurrent-ruby (1.1.10)
cookstyle (7.32.1)
rubocop (= 1.25.1)
concurrent-ruby (1.1.7)
declarative (0.0.20)
diff-lcs (1.5.0)
docker-api (2.2.0)
declarative-option (0.1.0)
diff-lcs (1.4.4)
docker-api (2.0.0)
excon (>= 0.47.0)
multi_json
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
ed25519 (1.3.0)
erubi (1.10.0)
excon (0.92.3)
faraday (1.4.3)
faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1)
faraday-net_http (~> 1.0)
faraday-net_http_persistent (~> 1.1)
ecma-re-validator (0.2.1)
regexp_parser (~> 1.2)
ed25519 (1.2.4)
erubi (1.9.0)
excon (0.78.0)
faraday (0.17.3)
multipart-post (>= 1.2, < 3)
ruby2_keywords (>= 0.0.4)
faraday-cookie_jar (0.0.7)
faraday (>= 0.8.0)
http-cookie (~> 1.0.0)
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-net_http (1.0.1)
faraday-net_http_persistent (1.2.0)
faraday_middleware (1.0.0)
faraday (~> 1.0)
ffi (1.15.5)
faraday_middleware (0.12.2)
faraday (>= 0.7.4, < 1.0)
ffi (1.13.1)
ffi-yajl (2.3.4)
libyajl2 (~> 1.2)
fuzzyurl (0.9.0)
google-api-client (0.52.0)
google-api-client (0.44.0)
addressable (~> 2.5, >= 2.5.1)
googleauth (~> 0.9)
httpclient (>= 2.8.1, < 3.0)
mini_mime (~> 1.0)
representable (~> 3.0)
retriable (>= 2.0, < 4.0)
rexml
signet (~> 0.12)
googleauth (0.14.0)
googleauth (0.13.0)
faraday (>= 0.17.3, < 2.0)
jwt (>= 1.4, < 3.0)
memoist (~> 0.16)
multi_json (~> 1.11)
os (>= 0.9, < 2.0)
signet (~> 0.14)
gssapi (1.3.1)
gssapi (1.3.0)
ffi (>= 1.0.1)
gyoku (1.4.0)
gyoku (1.3.1)
builder (>= 2.1.2)
rexml (~> 3.0)
hashie (4.1.0)
highline (2.0.3)
http-cookie (1.0.5)
hana (1.3.6)
hashie (3.6.0)
http-cookie (1.0.3)
domain_name (~> 0.5)
httpclient (2.8.3)
i18n (1.12.0)
i18n (1.8.5)
concurrent-ruby (~> 1.0)
inifile (3.0.0)
jmespath (1.6.1)
json (2.6.2)
jwt (2.4.1)
kitchen-inspec (2.6.1)
hashie (>= 3.4, <= 5.0)
inspec (>= 2.2.64, < 7.0)
test-kitchen (>= 2.7, < 4)
kitchen-salt (0.7.2)
inspec (4.22.22)
faraday_middleware (~> 0.12.2)
inspec-core (= 4.22.22)
train (~> 3.0)
train-aws (~> 0.1)
train-habitat (~> 0.1)
train-winrm (~> 0.2)
inspec-core (4.22.22)
addressable (~> 2.4)
chef-telemetry (~> 1.0)
faraday (>= 0.9.0)
hashie (~> 3.4)
json_schemer (>= 0.2.1, < 0.2.12)
license-acceptance (>= 0.2.13, < 2.0)
method_source (>= 0.8, < 2.0)
mixlib-log (~> 3.0)
multipart-post (~> 2.0)
parallel (~> 1.9)
parslet (~> 1.5)
pry (~> 0.13)
rspec (~> 3.9)
rspec-its (~> 1.2)
rubyzip (~> 1.2, >= 1.2.2)
semverse (~> 3.0)
sslshake (~> 1.2)
thor (>= 0.20, < 2.0)
tomlrb (~> 1.2.0)
train-core (~> 3.0)
tty-prompt (~> 0.17)
tty-table (~> 0.10)
jmespath (1.4.0)
json (2.3.1)
json_schemer (0.2.11)
ecma-re-validator (~> 0.2)
hana (~> 1.3)
regexp_parser (~> 1.5)
uri_template (~> 0.7)
jwt (2.2.2)
kitchen-inspec (2.2.1)
hashie (~> 3.4)
inspec (>= 2.2.64, < 5.0)
test-kitchen (>= 2.7, < 3)
kitchen-salt (0.6.3)
hashie (>= 3.5)
test-kitchen (>= 1.4)
license-acceptance (2.1.13)
libyajl2 (1.2.0)
license-acceptance (1.0.19)
pastel (~> 0.7)
tomlrb (>= 1.2, < 3.0)
tty-box (~> 0.6)
tty-prompt (~> 0.20)
tomlrb (~> 1.2)
tty-box (~> 0.3)
tty-prompt (~> 0.18)
little-plugger (1.1.4)
logging (2.3.1)
logging (2.3.0)
little-plugger (~> 1.1)
multi_json (~> 1.14)
memoist (0.16.2)
method_source (1.0.0)
mini_mime (1.1.2)
minitest (5.16.2)
mixlib-config (3.0.27)
mini_mime (1.0.2)
minitest (5.14.2)
mixlib-config (3.0.9)
tomlrb
mixlib-install (3.12.19)
mixlib-install (3.12.3)
mixlib-shellout
mixlib-versioning
thor
mixlib-log (3.0.9)
mixlib-shellout (3.2.7)
mixlib-shellout (3.1.6)
chef-utils
mixlib-versioning (1.2.12)
mongo (2.13.2)
bson (>= 4.8.2, < 5.0.0)
ms_rest (0.7.6)
concurrent-ruby (~> 1.0)
faraday (>= 0.9, < 2.0.0)
@ -423,83 +326,60 @@ GEM
faraday-cookie_jar (~> 0.0.6)
ms_rest (~> 0.7.6)
multi_json (1.15.0)
multipart-post (2.2.3)
multipart-post (2.1.1)
net-scp (3.0.0)
net-ssh (>= 2.6.5, < 7.0.0)
net-ssh (6.1.0)
net-ssh-gateway (2.0.0)
net-ssh (>= 4.0.0)
nori (2.6.0)
options (2.3.2)
os (1.1.4)
parallel (1.22.1)
parser (3.1.2.0)
ast (~> 2.4.1)
os (1.1.1)
parallel (1.19.2)
parslet (1.8.2)
pastel (0.8.0)
tty-color (~> 0.5)
progress_bar (1.3.3)
highline (>= 1.6, < 3)
options (~> 2.3.0)
pry (0.14.1)
pry (0.13.1)
coderay (~> 1.1)
method_source (~> 1.0)
public_suffix (4.0.7)
rainbow (3.1.1)
rake (13.0.6)
regexp_parser (2.5.0)
representable (3.2.0)
public_suffix (4.0.6)
regexp_parser (1.8.2)
representable (3.0.4)
declarative (< 0.1.0)
trailblazer-option (>= 0.1.1, < 0.2.0)
declarative-option (< 0.2.0)
uber (< 0.2.0)
retriable (3.1.2)
rexml (3.2.5)
rspec (3.11.0)
rspec-core (~> 3.11.0)
rspec-expectations (~> 3.11.0)
rspec-mocks (~> 3.11.0)
rspec-core (3.11.0)
rspec-support (~> 3.11.0)
rspec-expectations (3.11.0)
rspec (3.9.0)
rspec-core (~> 3.9.0)
rspec-expectations (~> 3.9.0)
rspec-mocks (~> 3.9.0)
rspec-core (3.9.3)
rspec-support (~> 3.9.3)
rspec-expectations (3.9.3)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.11.0)
rspec-support (~> 3.9.0)
rspec-its (1.3.0)
rspec-core (>= 3.0.0)
rspec-expectations (>= 3.0.0)
rspec-mocks (3.11.1)
rspec-mocks (3.9.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.11.0)
rspec-support (3.11.0)
rubocop (1.25.1)
parallel (~> 1.10)
parser (>= 3.1.0.0)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0)
rexml
rubocop-ast (>= 1.15.1, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 1.4.0, < 3.0)
rubocop-ast (1.19.1)
parser (>= 3.1.1.0)
ruby-progressbar (1.11.0)
ruby2_keywords (0.0.5)
rubyntlm (0.6.3)
rubyzip (2.3.2)
semverse (3.0.2)
signet (0.17.0)
addressable (~> 2.8)
faraday (>= 0.17.5, < 3.a)
rspec-support (~> 3.9.0)
rspec-support (3.9.4)
rubyntlm (0.6.2)
rubyzip (1.3.0)
semverse (3.0.0)
signet (0.14.0)
addressable (~> 2.3)
faraday (>= 0.17.3, < 2.0)
jwt (>= 1.5, < 3.0)
multi_json (~> 1.10)
sslshake (1.3.1)
strings (0.2.1)
strings (0.2.0)
strings-ansi (~> 0.2)
unicode-display_width (>= 1.5, < 3.0)
unicode-display_width (~> 1.5)
unicode_utils (~> 1.4)
strings-ansi (0.2.0)
test-kitchen (3.3.1)
test-kitchen (2.7.2)
bcrypt_pbkdf (~> 1.0)
chef-utils (>= 16.4.35)
ed25519 (~> 1.2)
license-acceptance (>= 1.0.11, < 3.0)
mixlib-install (~> 3.6)
@ -511,32 +391,28 @@ GEM
winrm (~> 2.0)
winrm-elevated (~> 1.0)
winrm-fs (~> 1.1)
thor (1.2.1)
thor (1.0.1)
thread_safe (0.3.6)
timeliness (0.3.10)
tomlrb (1.3.0)
trailblazer-option (0.1.2)
train (3.10.1)
activesupport (>= 6.0.3.1)
tomlrb (1.2.9)
train (3.3.27)
activesupport (>= 5.2.4.3, < 6.0.0)
azure_graph_rbac (~> 0.16)
azure_mgmt_key_vault (~> 0.17)
azure_mgmt_resources (~> 0.15)
azure_mgmt_security (~> 0.18)
azure_mgmt_storage (~> 0.18)
docker-api (>= 1.26, < 3.0)
google-api-client (>= 0.23.9, <= 0.52.0)
googleauth (>= 0.6.6, <= 0.14.0)
google-api-client (>= 0.23.9, < 0.44.1)
googleauth (>= 0.6.6, < 0.13.1)
inifile (~> 3.0)
train-core (= 3.10.1)
train-core (= 3.3.27)
train-winrm (~> 0.2)
train-aws (0.2.24)
aws-sdk-alexaforbusiness (~> 1.0)
aws-sdk-amplify (~> 1.32.0)
train-aws (0.1.18)
aws-sdk-apigateway (~> 1.0)
aws-sdk-apigatewayv2 (~> 1.0)
aws-sdk-applicationautoscaling (>= 1.46, < 1.52)
aws-sdk-athena (~> 1.0)
aws-sdk-autoscaling (>= 1.22, < 1.64)
aws-sdk-batch (>= 1.36, < 1.48)
aws-sdk-autoscaling (~> 1.22.0)
aws-sdk-budgets (~> 1.0)
aws-sdk-cloudformation (~> 1.0)
aws-sdk-cloudfront (~> 1.0)
@ -544,21 +420,16 @@ GEM
aws-sdk-cloudhsmv2 (~> 1.0)
aws-sdk-cloudtrail (~> 1.8)
aws-sdk-cloudwatch (~> 1.13)
aws-sdk-cloudwatchevents (>= 1.36, < 1.47)
aws-sdk-cloudwatchlogs (~> 1.13)
aws-sdk-codecommit (~> 1.0)
aws-sdk-codedeploy (~> 1.0)
aws-sdk-codepipeline (~> 1.0)
aws-sdk-cognitoidentity (>= 1.26, < 1.32)
aws-sdk-cognitoidentityprovider (>= 1.46, < 1.54)
aws-sdk-configservice (~> 1.21)
aws-sdk-core (~> 3.0)
aws-sdk-costandusagereportservice (~> 1.6)
aws-sdk-databasemigrationservice (>= 1.42, < 1.54)
aws-sdk-dynamodb (~> 1.31)
aws-sdk-ec2 (~> 1.70)
aws-sdk-ecr (~> 1.18)
aws-sdk-ecrpublic (~> 1.3)
aws-sdk-ecs (~> 1.30)
aws-sdk-efs (~> 1.0)
aws-sdk-eks (~> 1.9)
@ -567,65 +438,48 @@ GEM
aws-sdk-elasticloadbalancing (~> 1.8)
aws-sdk-elasticloadbalancingv2 (~> 1.0)
aws-sdk-elasticsearchservice (~> 1.0)
aws-sdk-emr (~> 1.53.0)
aws-sdk-eventbridge (~> 1.24.0)
aws-sdk-firehose (~> 1.0)
aws-sdk-glue (>= 1.71, < 1.89)
aws-sdk-guardduty (~> 1.31)
aws-sdk-iam (~> 1.13)
aws-sdk-kafka (~> 1.0)
aws-sdk-kinesis (~> 1.0)
aws-sdk-kms (~> 1.13)
aws-sdk-lambda (~> 1.0)
aws-sdk-mq (~> 1.40.0)
aws-sdk-networkfirewall (>= 1.6.0)
aws-sdk-networkmanager (>= 1.13.0)
aws-sdk-organizations (>= 1.17, < 1.60)
aws-sdk-ram (>= 1.21, < 1.27)
aws-sdk-organizations (~> 1.17.0)
aws-sdk-rds (~> 1.43)
aws-sdk-redshift (~> 1.0)
aws-sdk-route53 (~> 1.0)
aws-sdk-route53domains (~> 1.0)
aws-sdk-route53resolver (~> 1.0)
aws-sdk-s3 (~> 1.30)
aws-sdk-s3control (~> 1.43.0)
aws-sdk-secretsmanager (>= 1.42, < 1.47)
aws-sdk-securityhub (~> 1.0)
aws-sdk-servicecatalog (>= 1.48, < 1.61)
aws-sdk-ses (~> 1.41.0)
aws-sdk-shield (~> 1.30)
aws-sdk-signer (~> 1.32.0)
aws-sdk-simpledb (~> 1.29.0)
aws-sdk-ses (~> 1.0)
aws-sdk-sms (~> 1.0)
aws-sdk-sns (~> 1.9)
aws-sdk-sqs (~> 1.10)
aws-sdk-ssm (~> 1.0)
aws-sdk-states (>= 1.35, < 1.40)
aws-sdk-synthetics (~> 1.19.0)
aws-sdk-transfer (>= 1.26, < 1.35)
aws-sdk-waf (~> 1.43.0)
train-core (3.10.1)
train-core (3.3.27)
addressable (~> 2.5)
ffi (!= 1.13.0)
json (>= 1.8, < 3.0)
mixlib-shellout (>= 2.0, < 4.0)
net-scp (>= 1.2, < 4.0)
net-ssh (>= 2.9, < 7.0)
train-habitat (0.2.22)
train-winrm (0.2.13)
winrm (>= 2.3.6, < 3.0)
train-habitat (0.2.13)
train-winrm (0.2.11)
winrm (~> 2.0)
winrm-elevated (~> 1.2.2)
winrm-fs (~> 1.0)
tty-box (0.7.0)
tty-box (0.6.0)
pastel (~> 0.8)
strings (~> 0.2.0)
tty-cursor (~> 0.7)
tty-color (0.6.0)
tty-color (0.5.2)
tty-cursor (0.7.1)
tty-prompt (0.23.1)
tty-prompt (0.22.0)
pastel (~> 0.8)
tty-reader (~> 0.8)
tty-reader (0.9.0)
tty-reader (0.8.0)
tty-cursor (~> 0.7)
tty-screen (~> 0.8)
wisper (~> 2.0)
@ -634,15 +488,16 @@ GEM
pastel (~> 0.8)
strings (~> 0.2.0)
tty-screen (~> 0.8)
tzinfo (2.0.4)
concurrent-ruby (~> 1.0)
tzinfo (1.2.7)
thread_safe (~> 0.1)
uber (0.1.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.8.2)
unicode-display_width (2.2.0)
unf_ext (0.0.7.7)
unicode-display_width (1.7.0)
unicode_utils (1.4.0)
winrm (2.3.6)
uri_template (0.7.0)
winrm (2.3.5)
builder (>= 2.1.2)
erubi (~> 1.8)
gssapi (~> 1.2)
@ -650,15 +505,15 @@ GEM
httpclient (~> 2.2, >= 2.2.0.2)
logging (>= 1.6.1, < 3.0)
nori (~> 2.0)
rubyntlm (~> 0.6.0, >= 0.6.3)
winrm-elevated (1.2.3)
rubyntlm (~> 0.6.0, >= 0.6.1)
winrm-elevated (1.2.2)
erubi (~> 1.8)
winrm (~> 2.0)
winrm-fs (~> 1.0)
winrm-fs (1.3.5)
winrm-fs (1.3.3)
erubi (~> 1.8)
logging (>= 1.6.1, < 3.0)
rubyzip (~> 2.0)
rubyzip (~> 1.1)
winrm (~> 2.0)
wisper (2.0.1)
@ -666,10 +521,10 @@ PLATFORMS
ruby
DEPENDENCIES
inspec!
inspec (~> 4.22.22)
kitchen-docker!
kitchen-inspec (>= 2.5.0)
kitchen-salt (>= 0.7.2)
kitchen-inspec (>= 2.2.1)
kitchen-salt (>= 0.6.3)
BUNDLED WITH
2.1.2

4
bin/kitchen
View File

@ -19,8 +19,8 @@ if File.file?(bundle_binstub)
load(bundle_binstub)
else
abort(
'Your `bin/bundle` was not generated by Bundler, ' \
'so this binstub cannot run. Replace `bin/bundle` by running ' \
'Your `bin/bundle` was not generated by Bundler, '\
'so this binstub cannot run. Replace `bin/bundle` by running '\
'`bundle binstubs bundler --force`, then run this command again.'
)
end

10
docs/AUTHORS.rst
View File

@ -15,7 +15,7 @@ This list is sorted by the number of commits per contributor in *descending* ord
- Contributions
* - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/10231489?v=4' width='36' height='36' alt='@myii'>`
- `@myii <https://github.com/myii>`_
- 79
- 78
* - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/1800660?v=4' width='36' height='36' alt='@aboe76'>`
- `@aboe76 <https://github.com/aboe76>`_
- 24
@ -28,9 +28,6 @@ This list is sorted by the number of commits per contributor in *descending* ord
* - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/4195158?v=4' width='36' height='36' alt='@dafyddj'>`
- `@dafyddj <https://github.com/dafyddj>`_
- 3
* - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/38090329?v=4' width='36' height='36' alt='@genaumann'>`
- `@genaumann <https://github.com/genaumann>`_
- 3
* - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/13322818?v=4' width='36' height='36' alt='@noelmcloughlin'>`
- `@noelmcloughlin <https://github.com/noelmcloughlin>`_
- 3
@ -49,6 +46,9 @@ This list is sorted by the number of commits per contributor in *descending* ord
* - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/2619394?v=4' width='36' height='36' alt='@apatard'>`
- `@apatard <https://github.com/apatard>`_
- 2
* - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/38090329?v=4' width='36' height='36' alt='@genaumann'>`
- `@genaumann <https://github.com/genaumann>`_
- 2
* - :raw-html-m2r:`<img class='float-left rounded-1' src='https://avatars.githubusercontent.com/u/641501?v=4' width='36' height='36' alt='@Angelo-Verona'>`
- `@Angelo-Verona <https://github.com/Angelo-Verona>`_
- 1
@ -74,4 +74,4 @@ This list is sorted by the number of commits per contributor in *descending* ord
----
Auto-generated by a `forked version <https://github.com/myii/maintainer>`_ of `gaocegege/maintainer <https://github.com/gaocegege/maintainer>`_ on 2021-06-22.
Auto-generated by a `forked version <https://github.com/myii/maintainer>`_ of `gaocegege/maintainer <https://github.com/gaocegege/maintainer>`_ on 2021-06-18.

15
docs/CHANGELOG.rst
View File

@ -2,21 +2,6 @@
Changelog
=========
`1.3.1 <https://github.com/saltstack-formulas/firewalld-formula/compare/v1.3.0...v1.3.1>`_ (2021-06-22)
-----------------------------------------------------------------------------------------------------------
Bug Fixes
^^^^^^^^^
* **debian10 iptables:** install iptables from buster-backports (\ `8d5c0c9 <https://github.com/saltstack-formulas/firewalld-formula/commit/8d5c0c941044b65f275b05f5579d54282943ced7>`_\ )
Continuous Integration
^^^^^^^^^^^^^^^^^^^^^^
* **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] (\ `70cf9fa <https://github.com/saltstack-formulas/firewalld-formula/commit/70cf9fa8d50ae833020108c5136ad8fddf733d29>`_\ )
`1.3.0 <https://github.com/saltstack-formulas/firewalld-formula/compare/v1.2.1...v1.3.0>`_ (2021-06-18)
-----------------------------------------------------------------------------------------------------------

13
firewalld/debian10.sls
View File

@ -1,13 +0,0 @@
{% from "firewalld/map.jinja" import firewalld with context %}
firewalld_repo_buster-backports:
pkgrepo.managed:
- name: deb http://deb.debian.org/debian buster-backports main
- file: /etc/apt/sources.list.d/buster-backports.list
firewalld_install_iptables_from_buster-backports:
pkg.installed:
- name: iptables
- fromrepo: buster-backports
- version: '1.8.5*'
- refresh: True

5
firewalld/init.sls
View File

@ -16,9 +16,6 @@ firewalld-unsupported:
{% elif firewalld.enabled %}
include:
{% if grains.get('osfinger', '') == 'Debian-10' %}
- firewalld.debian10
{% endif %}
- firewalld.config
- firewalld.ipsets
- firewalld.backend
@ -50,7 +47,7 @@ service_firewalld:
- service: ip6tables # ensure it's stopped
reload_firewalld:
cmd.wait: # noqa: 213
cmd.wait:
- name: 'firewall-cmd --reload'
- require:
- service: service_firewalld

380
kitchen.yml
View File

@ -6,47 +6,28 @@ driver:
name: docker
use_sudo: false
privileged: true
run_command: /usr/lib/systemd/systemd
provisioner:
name: salt_solo
log_level: debug
salt_install: none
require_chef: false
formula: firewalld
salt_copy_filter:
- .kitchen
- .git
run_command: /lib/systemd/systemd
platforms:
## SALT `tiamat`
- name: debian-11-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:debian-11
run_command: /lib/systemd/systemd
- name: debian-10-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:debian-10
run_command: /lib/systemd/systemd
- name: debian-9-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:debian-9
run_command: /lib/systemd/systemd
- name: ubuntu-2204-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:ubuntu-22.04
run_command: /lib/systemd/systemd
- name: ubuntu-2004-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:ubuntu-20.04
run_command: /lib/systemd/systemd
- name: ubuntu-1804-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:ubuntu-18.04
run_command: /lib/systemd/systemd
- name: centos-stream8-tiamat-py3
- name: ubuntu-1604-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:centos-stream8
image: saltimages/salt-tiamat-py3:ubuntu-16.04
- name: centos-8-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:centos-8
- name: centos-7-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:centos-7
@ -59,60 +40,50 @@ platforms:
- name: oraclelinux-7-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:oraclelinux-7
- name: almalinux-8-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:almalinux-8
- name: rockylinux-8-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:rockylinux-8
## SALT `master`
- name: debian-11-master-py3
driver:
image: saltimages/salt-master-py3:debian-11
run_command: /lib/systemd/systemd
- name: debian-10-master-py3
driver:
image: saltimages/salt-master-py3:debian-10
run_command: /lib/systemd/systemd
- name: debian-9-master-py3
driver:
image: saltimages/salt-master-py3:debian-9
run_command: /lib/systemd/systemd
- name: ubuntu-2204-master-py3
driver:
image: saltimages/salt-master-py3:ubuntu-22.04
run_command: /lib/systemd/systemd
- name: ubuntu-2004-master-py3
driver:
image: saltimages/salt-master-py3:ubuntu-20.04
run_command: /lib/systemd/systemd
- name: ubuntu-1804-master-py3
driver:
image: saltimages/salt-master-py3:ubuntu-18.04
run_command: /lib/systemd/systemd
- name: centos-stream8-master-py3
- name: ubuntu-1604-master-py3
driver:
image: saltimages/salt-master-py3:centos-stream8
image: saltimages/salt-master-py3:ubuntu-16.04
- name: centos-8-master-py3
driver:
image: saltimages/salt-master-py3:centos-8
- name: centos-7-master-py3
driver:
image: saltimages/salt-master-py3:centos-7
- name: fedora-36-master-py3
- name: fedora-34-master-py3
driver:
image: saltimages/salt-master-py3:fedora-36
- name: fedora-35-master-py3
image: saltimages/salt-master-py3:fedora-34
- name: fedora-33-master-py3
driver:
image: saltimages/salt-master-py3:fedora-35
- name: opensuse-leap-153-master-py3
image: saltimages/salt-master-py3:fedora-33
- name: fedora-32-master-py3
driver:
image: saltimages/salt-master-py3:opensuse-leap-15.3
# Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
image: saltimages/salt-master-py3:fedora-32
- name: opensuse-leap-152-master-py3
driver:
image: saltimages/salt-master-py3:opensuse-leap-15.2
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: opensuse-tmbl-latest-master-py3
driver:
image: saltimages/salt-master-py3:opensuse-tumbleweed-latest
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
@ -129,6 +100,7 @@ platforms:
- name: arch-base-latest-master-py3
driver:
image: saltimages/salt-master-py3:arch-base-latest
run_command: /usr/lib/systemd/systemd
- name: gentoo-stage3-latest-master-py3
driver:
image: saltimages/salt-master-py3:gentoo-stage3-latest
@ -136,134 +108,270 @@ platforms:
- name: gentoo-stage3-systemd-master-py3
driver:
image: saltimages/salt-master-py3:gentoo-stage3-systemd
- name: almalinux-8-master-py3
driver:
image: saltimages/salt-master-py3:almalinux-8
- name: rockylinux-8-master-py3
driver:
image: saltimages/salt-master-py3:rockylinux-8
## SALT `3004.1`
- name: debian-11-3004-1-py3
## SALT `3003.0`
- name: debian-10-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:debian-11
run_command: /lib/systemd/systemd
- name: debian-10-3004-1-py3
image: saltimages/salt-3003.0-py3:debian-10
- name: debian-9-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:debian-10
run_command: /lib/systemd/systemd
- name: debian-9-3004-1-py3
image: saltimages/salt-3003.0-py3:debian-9
- name: ubuntu-2004-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:debian-9
run_command: /lib/systemd/systemd
- name: ubuntu-2204-3004-1-py3
image: saltimages/salt-3003.0-py3:ubuntu-20.04
- name: ubuntu-1804-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:ubuntu-22.04
run_command: /lib/systemd/systemd
- name: ubuntu-2004-3004-1-py3
image: saltimages/salt-3003.0-py3:ubuntu-18.04
- name: centos-8-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:ubuntu-20.04
run_command: /lib/systemd/systemd
- name: ubuntu-1804-3004-1-py3
image: saltimages/salt-3003.0-py3:centos-8
- name: centos-7-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:ubuntu-18.04
run_command: /lib/systemd/systemd
- name: centos-stream8-3004-1-py3
image: saltimages/salt-3003.0-py3:centos-7
- name: fedora-34-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:centos-stream8
- name: centos-7-3004-1-py3
image: saltimages/salt-3003.0-py3:fedora-34
- name: fedora-33-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:centos-7
- name: fedora-36-3004-1-py3
image: saltimages/salt-3003.0-py3:fedora-33
- name: fedora-32-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:fedora-36
- name: fedora-35-3004-1-py3
image: saltimages/salt-3003.0-py3:fedora-32
- name: amazonlinux-2-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:fedora-35
- name: amazonlinux-2-3004-1-py3
image: saltimages/salt-3003.0-py3:amazonlinux-2
- name: oraclelinux-8-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:amazonlinux-2
- name: oraclelinux-8-3004-1-py3
image: saltimages/salt-3003.0-py3:oraclelinux-8
- name: oraclelinux-7-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:oraclelinux-8
- name: oraclelinux-7-3004-1-py3
image: saltimages/salt-3003.0-py3:oraclelinux-7
- name: arch-base-latest-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:oraclelinux-7
- name: arch-base-latest-3004-1-py3
image: saltimages/salt-3003.0-py3:arch-base-latest
run_command: /usr/lib/systemd/systemd
- name: gentoo-stage3-latest-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:arch-base-latest
- name: gentoo-stage3-latest-3004-1-py3
driver:
image: saltimages/salt-3004.1-py3:gentoo-stage3-latest
image: saltimages/salt-3003.0-py3:gentoo-stage3-latest
run_command: /sbin/init
- name: gentoo-stage3-systemd-3004-1-py3
- name: gentoo-stage3-systemd-3003-0-py3
driver:
image: saltimages/salt-3004.1-py3:gentoo-stage3-systemd
- name: almalinux-8-3004-1-py3
driver:
image: saltimages/salt-3004.1-py3:almalinux-8
- name: rockylinux-8-3004-1-py3
driver:
image: saltimages/salt-3004.1-py3:rockylinux-8
image: saltimages/salt-3003.0-py3:gentoo-stage3-systemd
## SALT `3004.0`
- name: opensuse-leap-153-3004-0-py3
## SALT `3002.6`
- name: debian-10-3002-6-py3
driver:
image: saltimages/salt-3004.0-py3:opensuse-leap-15.3
# Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
image: saltimages/salt-3002.6-py3:debian-10
- name: debian-9-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:debian-9
- name: ubuntu-2004-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:ubuntu-20.04
- name: ubuntu-1804-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:ubuntu-18.04
- name: ubuntu-1604-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:ubuntu-16.04
- name: centos-8-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:centos-8
- name: centos-7-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:centos-7
- name: fedora-34-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:fedora-34
- name: fedora-33-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:fedora-33
- name: fedora-32-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:fedora-32
- name: amazonlinux-2-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:amazonlinux-2
- name: oraclelinux-8-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:oraclelinux-8
- name: oraclelinux-7-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:oraclelinux-7
- name: arch-base-latest-3002-6-py3
driver:
image: saltimages/salt-3002.6-py3:arch-base-latest
run_command: /usr/lib/systemd/systemd
## SALT `3002.5`
- name: gentoo-stage3-latest-3002-5-py3
driver:
image: saltimages/salt-3002.5-py3:gentoo-stage3-latest
run_command: /sbin/init
- name: gentoo-stage3-systemd-3002-5-py3
driver:
image: saltimages/salt-3002.5-py3:gentoo-stage3-systemd
## SALT `3002.2`
- name: opensuse-leap-152-3002-2-py3
driver:
image: saltimages/salt-3002.2-py3:opensuse-leap-15.2
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: opensuse-tmbl-latest-3004-0-py3
- name: opensuse-tmbl-latest-3002-2-py3
driver:
image: saltimages/salt-3004.0-py3:opensuse-tumbleweed-latest
image: saltimages/salt-3002.2-py3:opensuse-tumbleweed-latest
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
## SALT `3003.4`
- name: debian-10-3003-4-py3
## SALT `3001.7`
- name: debian-10-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:debian-10
run_command: /lib/systemd/systemd
- name: debian-9-3003-4-py3
image: saltimages/salt-3001.7-py3:debian-10
- name: debian-9-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:debian-9
run_command: /lib/systemd/systemd
- name: ubuntu-2004-3003-4-py3
image: saltimages/salt-3001.7-py3:debian-9
- name: ubuntu-2004-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:ubuntu-20.04
run_command: /lib/systemd/systemd
- name: ubuntu-1804-3003-4-py3
image: saltimages/salt-3001.7-py3:ubuntu-20.04
- name: ubuntu-1804-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:ubuntu-18.04
run_command: /lib/systemd/systemd
- name: centos-stream8-3003-4-py3
image: saltimages/salt-3001.7-py3:ubuntu-18.04
- name: ubuntu-1604-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:centos-stream8
- name: centos-7-3003-4-py3
image: saltimages/salt-3001.7-py3:ubuntu-16.04
- name: centos-8-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:centos-7
- name: amazonlinux-2-3003-4-py3
image: saltimages/salt-3001.7-py3:centos-8
- name: centos-7-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:amazonlinux-2
- name: oraclelinux-8-3003-4-py3
image: saltimages/salt-3001.7-py3:centos-7
- name: fedora-34-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:oraclelinux-8
- name: oraclelinux-7-3003-4-py3
image: saltimages/salt-3001.7-py3:fedora-34
- name: fedora-33-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:oraclelinux-7
- name: almalinux-8-3003-4-py3
image: saltimages/salt-3001.7-py3:fedora-33
- name: fedora-32-3001-7-py3
driver:
image: saltimages/salt-3003.4-py3:almalinux-8
image: saltimages/salt-3001.7-py3:fedora-32
- name: opensuse-leap-152-3001-7-py3
driver:
image: saltimages/salt-3001.7-py3:opensuse-leap-15.2
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: opensuse-tmbl-latest-3001-7-py3
driver:
image: saltimages/salt-3001.7-py3:opensuse-tumbleweed-latest
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: amazonlinux-2-3001-7-py3
driver:
image: saltimages/salt-3001.7-py3:amazonlinux-2
- name: oraclelinux-8-3001-7-py3
driver:
image: saltimages/salt-3001.7-py3:oraclelinux-8
- name: oraclelinux-7-3001-7-py3
driver:
image: saltimages/salt-3001.7-py3:oraclelinux-7
- name: arch-base-latest-3001-7-py3
driver:
image: saltimages/salt-3001.7-py3:arch-base-latest
run_command: /usr/lib/systemd/systemd
## SALT `3001.6`
- name: gentoo-stage3-latest-3001-6-py3
driver:
image: saltimages/salt-3001.6-py3:gentoo-stage3-latest
run_command: /sbin/init
- name: gentoo-stage3-systemd-3001-6-py3
driver:
image: saltimages/salt-3001.6-py3:gentoo-stage3-systemd
## SALT `3000.9`
- name: debian-10-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:debian-10
- name: debian-9-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:debian-9
- name: ubuntu-1804-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:ubuntu-18.04
- name: ubuntu-1604-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:ubuntu-16.04
- name: centos-8-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:centos-8
- name: centos-7-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:centos-7
- name: opensuse-leap-152-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:opensuse-leap-15.2
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: amazonlinux-2-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:amazonlinux-2
- name: oraclelinux-8-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:oraclelinux-8
- name: oraclelinux-7-3000-9-py3
driver:
image: saltimages/salt-3000.9-py3:oraclelinux-7
- name: ubuntu-1804-3000-9-py2
driver:
image: saltimages/salt-3000.9-py2:ubuntu-18.04
- name: ubuntu-1604-3000-9-py2
driver:
image: saltimages/salt-3000.9-py2:ubuntu-16.04
- name: arch-base-latest-3000-9-py2
driver:
image: saltimages/salt-3000.9-py2:arch-base-latest
run_command: /usr/lib/systemd/systemd
## SALT `3000.8`
- name: gentoo-stage3-latest-3000-8-py3
driver:
image: saltimages/salt-3000.8-py3:gentoo-stage3-latest
run_command: /sbin/init
- name: gentoo-stage3-systemd-3000-8-py3
driver:
image: saltimages/salt-3000.8-py3:gentoo-stage3-systemd
provisioner:
name: salt_solo
log_level: debug
salt_install: none
require_chef: false
formula: firewalld
salt_copy_filter:
- .kitchen
- .git
verifier:
# https://www.inspec.io/
name: inspec
sudo: true
# cli, documentation, html, progress, json, json-min, json-rspec, junit
reporter:
# cli, documentation, html, progress, json, json-min, json-rspec, junit
- cli
suites:

8
pre-commit_semantic-release.sh
View File

@ -7,16 +7,16 @@ sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA
###############################################################################
# (B) Use `m2r2` to convert automatically produced `.md` docs to `.rst`
# (B) Use `m2r` to convert automatically produced `.md` docs to `.rst`
###############################################################################
# Install `m2r2`
pip3 install m2r2
# Install `m2r`
pip3 install m2r
# Copy and then convert the `.md` docs
cp ./*.md docs/
cd docs/ || exit
m2r2 --overwrite ./*.md
m2r --overwrite ./*.md
# Change excess `H1` headings to `H2` in converted `CHANGELOG.rst`
sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst

174
test/integration/default/files/_mapdata/almalinux-8.yaml
View File

@ -1,174 +0,0 @@
# yamllint disable rule:indentation rule:line-length
# AlmaLinux-8
---
values:
AllowZoneDrifting: 'no'
AutomaticHelpers: system
FirewallBackend: nftables
FlushAllOnReload: 'yes'
IndividualCalls: 'no'
LogDenied: 'off'
RFC3964_IPv4: 'yes'
arch: amd64
backend:
manage: true
pkg: nftables
config: /etc/firewalld.conf
default_zone: public
direct:
chain:
MYCHAIN:
ipv: ipv4
table: raw
passthrough:
MYPASSTHROUGH:
args: -t raw -A MYCHAIN -j DROP
ipv: ipv4
rule:
INTERNETACCESS:
args: -i iintern -o iextern -s 192.168.1.0/24 -m conntrack --ctstate NEW,RELATED,ESTABLISHED
-j ACCEPT
chain: FORWARD
ipv: ipv4
priority: '0'
table: filter
enabled: true
ipset:
manage: true
pkg: ipset
ipsets:
fail2ban-ssh:
description: fail2ban-ssh ipset
entries:
- 10.0.0.1
options:
hashsize:
- 1024
maxelem:
- 65536
timeout:
- 300
short: fail2ban-ssh
type: hash:ip
fail2ban-ssh-ipv6:
description: fail2ban-ssh-ipv6 ipset
entries:
- 2a01::1
options:
family:
- inet6
hashsize:
- 1024
maxelem:
- 65536
timeout:
- 300
short: fail2ban-ssh-ipv6
type: hash:ip
package: firewalld
service: firewalld
services:
salt-minion:
description: salt-minion
ports:
tcp:
- '8000'
short: salt-minion
sshcustom:
description: SSH on port 3232 and 5252. Secure Shell (SSH) is a protocol for
logging into and executing commands on remote machines. It provides secure
encrypted communications. If you plan on accessing your machine remotely
via SSH over a firewalled interface, enable this option. You need the openssh-server
package installed for this option to be useful.
destinations:
ipv4:
- 224.0.0.251
- 224.0.0.252
ipv6:
- ff02::fb
- ff02::fc
modules:
- some_module_to_load
ports:
tcp:
- 3232
- 5252
protocols:
- igmp
short: sshcustom
source_ports:
tcp:
- 21
zabbixcustom:
description: zabbix custom rule
ports:
tcp:
- '10051'
short: Zabbixcustom
zones:
public:
description: For use in public areas. You do not trust the other computers
on networks to not harm your computer. Only selected incoming connections
are accepted.
other_services:
- zabbixcustom
ports:
- comment: zabbix-agent
port: 10050
protocol: tcp
- comment: bacula-client
port: 9102
protocol: tcp
- comment: vsftpd
port: 21
protocol: tcp
protocols:
- igmp
rich_rules:
- accept: true
family: ipv4
source:
address: 8.8.8.8/24
- family: ipv4
ipset:
name: fail2ban-ssh
reject:
type: icmp-port-unreachable
- accept:
limit: "3/m"
log:
level: warning
limit: "3/m"
prefix: "http fw limit 3/m"
service: http
services:
- http
- https
- ssh
- salt-minion
short: Public
source_ports:
- comment: something
port: 2222
protocol: tcp
- comment: something_else
port: 4444
protocol: tcp
rich_public:
description: Example
rich_rules:
http-priority:
accept: true
ipsets:
- other-ipset
priority: 15
services:
- http
ssh-csg:
accept: true
ipsets:
- fail2ban-ssh
- other-ipset
services:
- ssh
short: rich_public

174
test/integration/default/files/_mapdata/rockylinux-8.yaml
View File

@ -1,174 +0,0 @@
# yamllint disable rule:indentation rule:line-length
# Rocky Linux-8
---
values:
AllowZoneDrifting: 'no'
AutomaticHelpers: system
FirewallBackend: nftables
FlushAllOnReload: 'yes'
IndividualCalls: 'no'
LogDenied: 'off'
RFC3964_IPv4: 'yes'
arch: amd64
backend:
manage: true
pkg: nftables
config: /etc/firewalld.conf
default_zone: public
direct:
chain:
MYCHAIN:
ipv: ipv4
table: raw
passthrough:
MYPASSTHROUGH:
args: -t raw -A MYCHAIN -j DROP
ipv: ipv4
rule:
INTERNETACCESS:
args: -i iintern -o iextern -s 192.168.1.0/24 -m conntrack --ctstate NEW,RELATED,ESTABLISHED
-j ACCEPT
chain: FORWARD
ipv: ipv4
priority: '0'
table: filter
enabled: true
ipset:
manage: true
pkg: ipset
ipsets:
fail2ban-ssh:
description: fail2ban-ssh ipset
entries:
- 10.0.0.1
options:
hashsize:
- 1024
maxelem:
- 65536
timeout:
- 300
short: fail2ban-ssh
type: hash:ip
fail2ban-ssh-ipv6:
description: fail2ban-ssh-ipv6 ipset
entries:
- 2a01::1
options:
family:
- inet6
hashsize:
- 1024
maxelem:
- 65536
timeout:
- 300
short: fail2ban-ssh-ipv6
type: hash:ip
package: firewalld
service: firewalld
services:
salt-minion:
description: salt-minion
ports:
tcp:
- '8000'
short: salt-minion
sshcustom:
description: SSH on port 3232 and 5252. Secure Shell (SSH) is a protocol for
logging into and executing commands on remote machines. It provides secure
encrypted communications. If you plan on accessing your machine remotely
via SSH over a firewalled interface, enable this option. You need the openssh-server
package installed for this option to be useful.
destinations:
ipv4:
- 224.0.0.251
- 224.0.0.252
ipv6:
- ff02::fb
- ff02::fc
modules:
- some_module_to_load
ports:
tcp:
- 3232
- 5252
protocols:
- igmp
short: sshcustom
source_ports:
tcp:
- 21
zabbixcustom:
description: zabbix custom rule
ports:
tcp:
- '10051'
short: Zabbixcustom
zones:
public:
description: For use in public areas. You do not trust the other computers
on networks to not harm your computer. Only selected incoming connections
are accepted.
other_services:
- zabbixcustom
ports:
- comment: zabbix-agent
port: 10050
protocol: tcp
- comment: bacula-client
port: 9102
protocol: tcp
- comment: vsftpd
port: 21
protocol: tcp
protocols:
- igmp
rich_rules:
- accept: true
family: ipv4
source:
address: 8.8.8.8/24
- family: ipv4
ipset:
name: fail2ban-ssh
reject:
type: icmp-port-unreachable
- accept:
limit: "3/m"
log:
level: warning
limit: "3/m"
prefix: "http fw limit 3/m"
service: http
services:
- http
- https
- ssh
- salt-minion
short: Public
source_ports:
- comment: something
port: 2222
protocol: tcp
- comment: something_else
port: 4444
protocol: tcp
rich_public:
description: Example
rich_rules:
http-priority:
accept: true
ipsets:
- other-ipset
priority: 15
services:
- http
ssh-csg:
accept: true
ipsets:
- fail2ban-ssh
- other-ipset
services:
- ssh
short: rich_public

3
test/integration/default/inspec.yml
View File

@ -22,7 +22,4 @@ supports:
- platform-name: oracle
- platform-name: arch
- platform-name: gentoo
- platform-name: almalinux
- platform-name: rocky
- platform-name: mac_os_x
- platform: windows

3
test/integration/share/inspec.yml
View File

@ -19,7 +19,4 @@ supports:
- platform-name: oracle
- platform-name: arch
- platform-name: gentoo
- platform-name: almalinux
- platform-name: rocky
- platform-name: mac_os_x
- platform: windows

54
test/integration/share/libraries/system.rb
View File

@ -4,7 +4,6 @@
# Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
# Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
# rubocop:disable Metrics/ClassLength
class SystemResource < Inspec.resource(1)
name 'system'
@ -22,8 +21,7 @@ class SystemResource < Inspec.resource(1)
family: build_platform_family,
name: build_platform_name,
release: build_platform_release,
finger: build_platform_finger,
codename: build_platform_codename
finger: build_platform_finger
}
end
@ -38,7 +36,7 @@ class SystemResource < Inspec.resource(1)
def build_platform_name
case inspec.platform[:name]
when 'amazon', 'oracle', 'rocky'
when 'amazon', 'oracle'
"#{inspec.platform[:name]}linux"
when /^windows_/
inspec.platform[:family]
@ -51,22 +49,18 @@ class SystemResource < Inspec.resource(1)
def build_platform_release
case inspec.platform[:name]
when 'amazon'
# `2018` relase is named `1` in `kitchen.yml`
# `2018` relase is named `1` in kitchen.yaml
inspec.platform[:release].gsub(/2018.*/, '1')
when 'arch'
'base-latest'
when 'gentoo'
"#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}"
when 'mac_os_x'
inspec.command('sw_vers -productVersion').stdout.to_s
when 'opensuse'
# rubocop:disable Style/NumericLiterals,Layout/LineLength
inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release]
# rubocop:enable Style/NumericLiterals,Layout/LineLength
when 'windows_8.1_pro'
'8.1'
when 'windows_server_2022_datacenter'
'2022-server'
when 'windows_server_2019_datacenter'
'2019-server'
when 'windows_server_2016_datacenter'
@ -93,46 +87,4 @@ class SystemResource < Inspec.resource(1)
build_platform_release.split('.')[0]
end
end
# rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity
def build_platform_codename
case build_platform_finger
when 'ubuntu-22.04'
'jammy'
when 'ubuntu-20.04'
'focal'
when 'ubuntu-18.04'
'bionic'
when 'debian-11'
'bullseye'
when 'debian-10'
'buster'
when 'debian-9'
'stretch'
when 'almalinux-8'
"AlmaLinux #{build_platform_release} (Arctic Sphynx)"
when 'amazonlinux-2'
'Amazon Linux 2'
when 'arch-base-latest'
'Arch Linux'
when 'centos-7'
'CentOS Linux 7 (Core)'
when 'centos-8'
'CentOS Stream 8'
when 'opensuse-tumbleweed'
'openSUSE Tumbleweed'
when 'opensuse-15'
"openSUSE Leap #{build_platform_release}"
when 'oraclelinux-8', 'oraclelinux-7'
"Oracle Linux Server #{build_platform_release}"
when 'gentoo-2-sysd', 'gentoo-2-sysv'
'Gentoo/Linux'
when 'rockylinux-8'
"Rocky Linux #{build_platform_release} (Green Obsidian)"
else
''
end
end
# rubocop:enable Metrics/MethodLength,Metrics/CyclomaticComplexity
end
# rubocop:enable Metrics/ClassLength