|
branko
|
49af212543b0
|
7 months ago
|
|
MAR-192: Switch to using NTP pools instead of servers:
- This is the recommended configuration by NTPsec, and also default on Debian. Previuosly suggested values for servers have been pool addresses in any case.
|
|
branko
|
736e06e7ffd6
|
7 months ago
|
|
MAR-194: Use IP addresses instead names for maintenance allowed connections:
- Less ambigious. Solves problems around names being resolvable to different IPs depending on what DNS server is used. - Parameter renamed to better represent what is specified. - Updated requirements to allow execution of ipv4/ipv6 filters. - Pin the rich requirement to a lower version for compatibility reasons. - Implement tests for IPv6 connectivity tests. - Improve rendering of base rules (indentation).
|
|
branko
|
5f9f8aef3473
|
7 months ago
|
|
MAR-154: Drop support for Python 2.7 from the common role:
- This primarily concerns removal of pip requirements upgrade checks for Python 2.7. - The old Python 3-specific paths are getting deprecated, and the Python 2 paths will be used instead. - Set permissions on pipreqcheck directory explicitly (because of deprecation testing).
|
|
branko
|
d0e45c50137a
|
10 months ago
|
|
MAR-189: Added support for Debian 11 Bullseye to common role:
- Drop the architecture suffix from all machines. - Introduced a hack/patch for Ferm utility that disables use of legacy iptables tools. - Minor fixes around package name differences compared to older distribution. - Use versioned binary name for Python 2.7.. Bullseye does not default/have /usr/bin/python pointing to Python 2.7 binary.
|
|
branko
|
d0c6f26ece9f
|
10 months ago
|
|
MAR-182: Added ability to specify input requirements for running pip package upgrade checks against helper virtual environments:
- These environments are used for running the package upgrade checks themselves.
|
|
branko
|
68c15461075c
|
13 months ago
|
|
MAR-181: Dropp support for Debian 9 Stretch from the common role:
- Drop platform name from all helper VMs. - Switch to using IPs from VirtualBox default allowed host-only network subnets.
|
|
branko
|
325b9d16a72b
|
4 years ago
|
|
MAR-151: Added support for Debian 10 Buster to common role:
- Updated tests. - Updated role reference documentation. - Updated role metadata information. - Refactored IP plan for the test machines for better separation between different types of machines and versions. - Parametrised tests for limited connectivity using the maintenance mode. - Don't use MariaDB compat package in tests - name differs between Debian 9 and Debian 10, and relevant parameter is already getting tested properly using the remaining packages.
|
|
branko
|
64e43cff4f29
|
4 years ago
|
|
|
|
branko
|
7b004fce5c8b
|
4 years ago
|
|
MAR-160: Added maintenance and maintenance_allowed_hosts parameters to common role:
- Lets the user specify list of hosts for which the incoming connections should be allowed. - Defaults are not to limit connectivity. - Implemented the necessary tests. - Set-up the base ferm/firewall rules if maintenance mode is enabled.
|
|
branko
|
ca784c26d35c
|
4 years ago
|
|
MAR-150: Use Gimmecert for X.509 test fixtures in the common role:
- Drop the statically-generated X.509 certificates used for testing. - Introduce fixture playbook in preparation phase that sets-up the necessary certificates. - Update the tests to use the fixture. - Dynamically calculate the OpenSSL hash for CA certificate instead of having the hard-coded value. - Add the fixture artefacts to .gitignore files.
|
|
branko
|
9a06395ab828
|
4 years ago
|
|
|
|
branko
|
6b8b1d4c9061
|
6 years ago
|
|
MAR-129: Updated backup_server role linting and test configuration:
- Fixed linting issues. - Use global linting configuration file. - Moved test variables into group_vars.
|