Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce the 'aap_rules_validation' role #16

Merged
merged 14 commits into from
Nov 4, 2024
Merged

Introduce the 'aap_rules_validation' role #16

merged 14 commits into from
Nov 4, 2024

Conversation

w4hf
Copy link
Contributor

@w4hf w4hf commented Oct 18, 2024
edited
Loading

What does this PR do?

Introduce a new role : aap_rules_validation
An ansible role which audit the declared AAP configuration and validate it against a set of user-defined rules.

How should this be tested?

Two test playbooks are delivered with the role under the folder tests/playbooks :

  • aap_rules_validation_filetree_read.yml
  • aap_rules_validation_include.yml
    A set of example rules to test against are available under tests/configs/controller_rules.yml

Is there a relevant Issue open for this?

n/a

Other Relevant info, PRs, etc

I demoed this role during the community of practice meeting under the controller_policy name which was rectified to adapt to the AAP strategy.

@w4hf w4hf requested a review from a team as a code owner October 18, 2024 17:07
@djdanielsson
Copy link
Contributor

I wonder if the name shouldn't have controller in the name if the plan is in the future to support all the components

@w4hf w4hf marked this pull request as draft October 23, 2024 13:33
@w4hf w4hf changed the title Introduce the 'controller_rules_validation' role Introduce the 'aap_rules_validation' role Oct 23, 2024
@w4hf w4hf marked this pull request as ready for review October 23, 2024 15:33
ivarmu
ivarmu requested changes Oct 29, 2024
View reviewed changes
Copy link
Contributor

@ivarmu ivarmu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Amazing work with this! This will be very useful for many people for sure!

I only have to ask for two amends and the addition of a changelog fragment.

roles/aap_rules_validation/tasks/check_credentials_encryption.yml Outdated Show resolved Hide resolved
roles/aap_rules_validation/tasks/check_roles.yml Outdated Show resolved Hide resolved
ivarmu
ivarmu approved these changes Oct 30, 2024
View reviewed changes
Copy link
Contributor

@ivarmu ivarmu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

djdanielsson
djdanielsson requested changes Oct 31, 2024
View reviewed changes
Copy link
Contributor

@djdanielsson djdanielsson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can merge once you fix the linting/pre-commit errors (the current ansible ones are expected so you can ignore those)

@w4hf w4hf requested a review from djdanielsson November 4, 2024 05:02
djdanielsson
djdanielsson approved these changes Nov 4, 2024
View reviewed changes
Copy link
Contributor

@djdanielsson djdanielsson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@djdanielsson djdanielsson merged commit 645c995 into redhat-cop:devel Nov 4, 2024
6 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@djdanielsson djdanielsson djdanielsson approved these changes

@ivarmu ivarmu ivarmu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@w4hf @djdanielsson @ivarmu