e78f61c5ed
Avoid TOCTOU issues, stronger perms on manifest dir, don't allow harvesting to existing dir by default, scan whole file for potential secrets
CI / test (push) Successful in 48s
CI / test (almalinux, docker.io/library/almalinux:9, python3.11) (push) Successful in 11m19s
CI / test (debian, docker.io/library/debian:13, python3) (push) Successful in 20m40s
Lint / test (push) Successful in 48s
2026-06-22 11:41:11 +10:00
c7a6bfe979
Update tests
CI / test (push) Successful in 51s
CI / test (almalinux, docker.io/library/almalinux:9, python3.11) (push) Successful in 11m30s
CI / test (debian, docker.io/library/debian:13, python3) (push) Successful in 19m55s
Lint / test (push) Successful in 44s
2026-06-22 11:06:24 +10:00
0a0f067111
Add other common strings that could represent sensitive values to ignore unless in --dangerous mode
2026-06-22 10:57:54 +10:00
1e61ae2ff9
Fix tests for deb build
CI / test (push) Successful in 49s
CI / test (almalinux, docker.io/library/almalinux:9, python3.11) (push) Successful in 11m32s
CI / test (debian, docker.io/library/debian:13, python3) (push) Successful in 20m1s
Lint / test (push) Successful in 44s
2026-06-22 10:05:17 +10:00
67b92731f6
Update tests
Lint / test (push) Waiting to run
CI / test (push) Failing after 49s
CI / test (almalinux, docker.io/library/almalinux:9, python3.11) (push) Has been cancelled
CI / test (debian, docker.io/library/debian:13, python3) (push) Has been cancelled
2026-06-22 09:58:54 +10:00
a85e8265f4
Don't allow .enroll.ini in CWD, rely on env var or XDG path
2026-06-22 09:52:33 +10:00
6ee8c60e64
Fix the almalinux tests - skip jinjaturtle and systemd in CI
CI / test (push) Successful in 46s
CI / test (almalinux, docker.io/library/almalinux:9, python3.11) (push) Successful in 11m26s
CI / test (debian, docker.io/library/debian:13, python3) (push) Successful in 20m24s
Lint / test (push) Successful in 45s
2026-06-21 17:49:51 +10:00
ce2652a3b3
Handle gracefully debian stuff when testing on rhel-like
CI / test (push) Has been cancelled
Lint / test (push) Has been cancelled
CI / test (almalinux, docker.io/library/almalinux:9, python3.11) (push) Failing after 5m10s
CI / test (debian, docker.io/library/debian:13, python3) (push) Failing after 10m10s
2026-06-21 16:15:33 +10:00
fc120f02a5
More test coverage
2026-06-21 13:37:37 +10:00
a0ac28f213
Support '--enforce' mode in 'enroll diff' with '--target' to use a specific config manager to run to enforce
CI / test (push) Successful in 27m26s
Lint / test (push) Successful in 45s
2026-06-21 12:38:10 +10:00
f335077e59
Fix salt rendering of yaml/json
2026-06-20 18:38:49 +10:00
8cbde1423a
erb support, and fix notify services in puppet/salt in fqdn mode
2026-06-20 18:22:08 +10:00
097022f782
Fix notification of individual services when related config changes, even when roles are grouped
CI / test (push) Successful in 19m18s
Lint / test (push) Successful in 42s
2026-06-20 15:31:42 +10:00
ceb86c513c
Improve test coverage of salt and puppet
Lint / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-06-20 12:30:02 +10:00
899724097e
Standardise more into CMModule parent class for the 3 child renderers
Lint / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-06-20 12:19:04 +10:00
7379587a28
Don't enforce /etc/enroll if no firewall rules to set in subdir
CI / test (push) Successful in 19m38s
Lint / test (push) Successful in 43s
2026-06-19 20:29:12 +10:00
d6371ccccd
Fixes for ensuring /etc/enroll exists if /etc/enroll/firewall is to be created
2026-06-19 20:18:19 +10:00
de42e16510
loooots of fixes.
CI / test (push) Failing after 20m26s
Lint / test (push) Successful in 44s
2026-06-19 18:55:30 +10:00
b8926f9a5f
Simplify the over-engineered ansible rendering. Simplify docker image mgmt on Puppet so it doesn't use that awful puppetlabs-docker module
CI / test (push) Successful in 20m26s
Lint / test (push) Successful in 47s
2026-06-19 16:32:25 +10:00
05b2875c17
Oh, Salt now works with JinjaTurtle :)
CI / test (push) Successful in 19m36s
Lint / test (push) Successful in 45s
2026-06-18 20:38:50 +10:00
adfeb21d4b
reintroduce Salt
Lint / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-06-18 20:35:38 +10:00
0d111caf62
Revert "Remove salt"
...
This reverts commit b149b2e5d7
2026-06-18 20:12:56 +10:00
b149b2e5d7
Remove salt
CI / test (push) Successful in 18m7s
Lint / test (push) Successful in 41s
2026-06-17 18:13:06 +10:00
ebc27e1111
Support for detecting Docker images
Lint / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-06-17 18:05:02 +10:00
e2be9a6239
Separate up the ansible renderer. Simplify the package management bits by using ansible.builtin.package
CI / test (push) Successful in 22m12s
Lint / test (push) Successful in 44s
2026-06-17 16:40:36 +10:00
ee08bf43ba
Support manifesting Salt
2026-06-17 14:19:25 +10:00
ceca3df83c
Fix hiera/fqdn support for Puppet
CI / test (push) Successful in 16m41s
Lint / test (push) Successful in 48s
2026-06-17 11:47:47 +10:00
20cc48e1ce
More refactoring, support hiera and multi site mode for Puppet
CI / test (push) Successful in 15m30s
Lint / test (push) Successful in 44s
2026-06-17 10:54:46 +10:00
de7531424d
Huge refactor to support extending a generic Config Manager class for different types (Ansible, Puppet... Salt soon?)
Lint / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-06-17 09:37:32 +10:00
f9e93cd6fd
Support manifesting Puppet :o
2026-06-16 16:39:18 +10:00
e682aae41e
Filter out more sysctl params that throw Invalid argument when executed on the fly
2026-06-16 16:30:33 +10:00
9546e1b8ed
Add sysctl detection
2026-06-16 14:23:44 +10:00
3c19ae54b2
Only capture user-specific .bashrc style files when using mode, in case they contain sensitive env vars.
CI / test (push) Successful in 14m0s
Lint / test (push) Successful in 42s
2026-06-16 13:35:33 +10:00
8774d019d3
Fix tests
CI / test (push) Successful in 14m26s
Lint / test (push) Successful in 43s
2026-06-14 19:21:32 +10:00
1e996f4a43
Group all package roles into Debian/RPM 'sections'
...
Lint / test (push) Waiting to run
CI / test (push) Has been cancelled
This includes managed config files and unit state.
This mode is not used if `--fqdn` or `--no-common-roles` is set,
in which case, the traditional behaviour of preserving one role
per package/unit is used instead.
This is a breaking change.
2026-06-14 19:19:59 +10:00
eb1d096c90
Add support for detecting flatpaks and snaps
CI / test (push) Failing after 5m51s
Lint / test (push) Successful in 43s
2026-06-14 18:25:26 +10:00
fbb06f1177
More coverage
Lint / test (push) Successful in 45s
CI / test (push) Failing after 2m35s
2026-05-31 17:55:22 +10:00
62b2f2ffe6
More coverage
CI / test (push) Failing after 1s
Lint / test (push) Failing after 1s
2026-05-31 17:21:45 +10:00
bf735c8328
More coverage
CI / test (push) Failing after 1s
Lint / test (push) Failing after 1s
2026-05-31 17:15:22 +10:00
1544dc0295
more test coverage
2026-05-31 16:50:57 +10:00
b25dd1e314
* Add support for capturing ipset and iptables configuration files
...
CI / test (push) Successful in 8m23s
Lint / test (push) Successful in 33s
* Add support for generating ipset and iptables configuration files from runtime, if the former weren't present (`firewall_runtime` role)
* Dependency updates
2026-05-14 15:16:36 +10:00
5695f4258e
Add support for ssh configs as templates, via JinjaTurtle
2026-05-12 12:23:41 +10:00
f84d795c49
Rename test file
CI / test (push) Successful in 8m15s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 24s
2026-01-10 11:24:01 +11:00
95b784c1a0
Fix and add tests
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-01-10 11:16:28 +11:00
9749190cd8
Fix test
CI / test (push) Successful in 8m14s
Lint / test (push) Successful in 32s
Trivy / test (push) Successful in 21s
2026-01-10 09:15:29 +11:00
025f00f924
Fix tests
Lint / test (push) Waiting to run
Trivy / test (push) Waiting to run
CI / test (push) Has been cancelled
2026-01-05 21:25:46 +11:00
66d032d981
Introduce 'enroll validate' to check a harvest meets the schema spec and isn't lacking artifacts or contains orphaned ones
CI / test (push) Failing after 1m47s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 23s
2026-01-05 21:17:50 +11:00
7a9a0abcd1
Add tests for symlinks management
CI / test (push) Failing after 7m32s
Lint / test (push) Successful in 30s
Trivy / test (push) Successful in 23s
2026-01-05 16:54:39 +11:00
bcf3dd7422
Fix tests
CI / test (push) Successful in 7m18s
Lint / test (push) Successful in 31s
Trivy / test (push) Successful in 22s
2026-01-05 15:52:25 +11:00
e68ec0bffc
More test coverage
2026-01-05 14:27:56 +11:00
