9546e1b8ed
Add sysctl detection
2026-06-16 14:23:44 +10:00
3c19ae54b2
Only capture user-specific .bashrc style files when using mode, in case they contain sensitive env vars.
CI / test (push) Successful in 14m0s
Lint / test (push) Successful in 42s
2026-06-16 13:35:33 +10:00
8774d019d3
Fix tests
CI / test (push) Successful in 14m26s
Lint / test (push) Successful in 43s
2026-06-14 19:21:32 +10:00
1e996f4a43
Group all package roles into Debian/RPM 'sections'
...
Lint / test (push) Waiting to run
CI / test (push) Has been cancelled
This includes managed config files and unit state.
This mode is not used if `--fqdn` or `--no-common-roles` is set,
in which case, the traditional behaviour of preserving one role
per package/unit is used instead.
This is a breaking change.
2026-06-14 19:19:59 +10:00
e2339616fb
remove flatpak tests which don't work great in CI
2026-06-14 18:49:26 +10:00
00329cdd33
install flatpak in test
CI / test (push) Failing after 5m15s
Lint / test (push) Successful in 42s
2026-06-14 18:42:28 +10:00
9dfbd411de
Add some flatpak tests
CI / test (push) Failing after 3m5s
Lint / test (push) Has been cancelled
2026-06-14 18:37:48 +10:00
8f425b595b
Remove newlines
Lint / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-06-14 18:34:22 +10:00
eb1d096c90
Add support for detecting flatpaks and snaps
CI / test (push) Failing after 5m51s
Lint / test (push) Successful in 43s
2026-06-14 18:25:26 +10:00
11351cce87
Fix test
2026-06-14 16:23:06 +10:00
bbfc338734
Fix regression that enforced merge_simple_packages
CI / test (push) Failing after 10m40s
Lint / test (push) Successful in 38s
2026-06-14 16:03:52 +10:00
76df10ee92
Add --merge-simple-packages to reduce the number of roles, for packages that have no config files or services to maintain.
CI / test (push) Failing after 5m32s
Lint / test (push) Successful in 40s
2026-06-14 15:52:07 +10:00
a0fbed5ca5
Fix curl option
CI / test (push) Successful in 11m55s
Lint / test (push) Successful in 41s
2026-06-07 14:44:36 +10:00
6c58beddfe
Attempt to install SOPS in tests
CI / test (push) Failing after 2m11s
Lint / test (push) Successful in 41s
2026-06-07 14:40:08 +10:00
fbb06f1177
More coverage
Lint / test (push) Successful in 45s
CI / test (push) Failing after 2m35s
2026-05-31 17:55:22 +10:00
62b2f2ffe6
More coverage
CI / test (push) Failing after 1s
Lint / test (push) Failing after 1s
2026-05-31 17:21:45 +10:00
bf735c8328
More coverage
CI / test (push) Failing after 1s
Lint / test (push) Failing after 1s
2026-05-31 17:15:22 +10:00
1544dc0295
more test coverage
2026-05-31 16:50:57 +10:00
b25dd1e314
* Add support for capturing ipset and iptables configuration files
...
CI / test (push) Successful in 8m23s
Lint / test (push) Successful in 33s
* Add support for generating ipset and iptables configuration files from runtime, if the former weren't present (`firewall_runtime` role)
* Dependency updates
2026-05-14 15:16:36 +10:00
3fcfefe644
0.5.0
CI / test (push) Successful in 8m28s
Lint / test (push) Successful in 1m5s
2026-05-12 12:24:00 +10:00
618dd20e7c
Update deps
2026-05-12 12:23:52 +10:00
5695f4258e
Add support for ssh configs as templates, via JinjaTurtle
2026-05-12 12:23:41 +10:00
5c686d27cc
Remove trivy..
CI / test (push) Successful in 8m16s
Lint / test (push) Successful in 33s
2026-03-23 11:20:56 +11:00
4ea7267b92
Update my GPG key
CI / test (push) Successful in 8m26s
Lint / test (push) Successful in 33s
Trivy / test (push) Successful in 25s
2026-03-11 12:02:39 +11:00
d403dcb918
0.4.4
CI / test (push) Successful in 8m14s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 24s
2026-02-17 10:58:38 +11:00
778237740a
Add ability to gracefully handle an encrypted private key for SSH (can be forced or automated with an env var too)
CI / test (push) Successful in 8m22s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 24s
2026-02-17 10:35:51 +11:00
87ddf52e81
Update cryptography dependency
CI / test (push) Successful in 8m22s
Lint / test (push) Successful in 33s
Trivy / test (push) Successful in 26s
2026-02-17 10:00:39 +11:00
5f6b0f49d9
Update dependencies
CI / test (push) Successful in 8m22s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 26s
2026-01-16 10:59:22 +11:00
1856e3a79d
Add support for AddressFamily and ConnectTimeout in the .ssh/config when using --remote-ssh-config.
2026-01-16 10:58:39 +11:00
478b0e1b9d
Add README example for --remote-ssh-config
CI / test (push) Successful in 8m19s
Lint / test (push) Successful in 33s
Trivy / test (push) Successful in 25s
2026-01-13 22:03:58 +11:00
f5eaac9f75
Support --remote-ssh-config [path-to-ssh-config] as an argument in case extra params are required beyond --remote-port or --remote-user.
...
CI / test (push) Successful in 8m18s
Lint / test (push) Successful in 33s
Trivy / test (push) Successful in 25s
Note: `--remote-host` must still be set, but it can be an 'alias' represented by the 'Host' value in the ssh config.
2026-01-13 21:56:28 +11:00
5754ef1aad
Add interactive output when 'enroll diff --enforce' is invoking Ansible.
CI / test (push) Successful in 8m18s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 24s
2026-01-11 10:01:16 +11:00
d172d848c4
Relax python3-jsonschema version for Fedora support
CI / test (push) Successful in 8m16s
Lint / test (push) Successful in 34s
Trivy / test (push) Successful in 24s
2026-01-10 11:44:51 +11:00
f84d795c49
Rename test file
CI / test (push) Successful in 8m15s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 24s
2026-01-10 11:24:01 +11:00
95b784c1a0
Fix and add tests
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-01-10 11:16:28 +11:00
ebd30247d1
Add --enforce mode to enroll diff and add --ignore-package-versions
...
CI / test (push) Failing after 1m48s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 22s
If there is diff detected between the two harvests, and it can
enforce restoring the state from the older harvest, it will
manifest the state and apply it with ansible. Only the specific
roles that had diffed will be applied (via the new tags capability).
`--ignore-package-versions` will skip reporting when packages are
upgraded/downgraded in the diff.
2026-01-10 10:51:41 +11:00
9a249cc973
Initial pass at an --enforce mode for enroll diff, to manifest and restore state of old harvest if ansible is on the PATH
CI / test (push) Successful in 8m13s
Lint / test (push) Successful in 33s
Trivy / test (push) Successful in 23s
2026-01-10 09:50:28 +11:00
9749190cd8
Fix test
CI / test (push) Successful in 8m14s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 21s
2026-01-10 09:15:29 +11:00
ca3d958a96
Add --exclude-path to enroll diff command
...
CI / test (push) Failing after 1m45s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 23s
So that you can ignore certain churn from the diff
(stuff you still wanted to harvest as a baseline but don't care if it changes day to day)
2026-01-10 08:56:35 +11:00
8be821c494
Update pynacl dependency to resolve CVE-2025-69277
CI / test (push) Successful in 8m1s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 23s
2026-01-08 17:16:58 +11:00
8daed96b7c
Attempt to generate Jinja2 templates of systemd unit files and Postfix main.cf (now that JinjaTurtle supports it)
CI / test (push) Successful in 8m13s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 23s
2026-01-06 12:47:12 +11:00
e0ef5ede98
Run validate in CLI tests
CI / test (push) Successful in 8m28s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 26s
2026-01-05 21:30:14 +11:00
025f00f924
Fix tests
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-01-05 21:25:46 +11:00
66d032d981
Introduce 'enroll validate' to check a harvest meets the schema spec and isn't lacking artifacts or contains orphaned ones
CI / test (push) Failing after 1m47s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 23s
2026-01-05 21:17:50 +11:00
45e0d9bb16
0.3.0
CI / test (push) Successful in 8m25s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 23s
2026-01-05 17:13:43 +11:00
9f30c56e8a
Don't remove apache2 (it breaks the manifest run)
CI / test (push) Successful in 8m22s
Lint / test (push) Successful in 31s
Trivy / test (push) Has been cancelled
2026-01-05 17:04:06 +11:00
7a9a0abcd1
Add tests for symlinks management
CI / test (push) Failing after 7m32s
Lint / test (push) Successful in 30s
Trivy / test (push) Successful in 23s
2026-01-05 16:54:39 +11:00
aea58c8684
Install Apache2 to test symlinks management in the ansible manifests
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-01-05 16:48:08 +11:00
ca4cf00e84
Changelog entry for symlinks
CI / test (push) Successful in 7m36s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 23s
2026-01-05 16:30:14 +11:00
d3fdfc9ef7
Manage certain symlinks e.g for apache2/nginx sites-enabled and so on
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-01-05 16:29:21 +11:00
