Skip to content

Bug fixes 2.x pr devel 2.x #1858

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 396 commits into from
Jul 18, 2024
Merged

Bug fixes 2.x pr devel 2.x #1858

merged 396 commits into from
Jul 18, 2024

Conversation

gregharvey
Copy link
Member

No description provided.

gregharvey and others added 30 commits January 25, 2024 13:32
@gregharvey
Grouping systemd timer tasks together.
a57c5ff
@gregharvey
Merge branch 'devel-2.x' into bug_fixes_2.x-PR-devel-2.x
fc64d56
@gregharvey
Merge branch 'bug_fixes_2.x' into bug_fixes_2.x-PR-devel-2.x
c9883ad
@gregharvey
Bug fixes 2.x pr 2.x (#1400)
415956f 
* Improving AWS subnet docs.

* Error in timers structure in the SSL role.

* Removing obsolete backports requirements.

* Allow the billing role to access Sustainability information.

* Missing comma in IAM billing policy.

* Removing broken GitLab Runner code.

* Fixed the include_role task in gitlab_runner.

* Suppressing a failure if there is no system pip to call.

* Logic error in Ansible installer username, needs to be set from calling role.

* ansible_user is a reserved variable, seems to be causing issues.

* _ansible_ANYTHING is reserved, using _install_username instead.

* python_boto role also needs the username set in the calling role.

* Updating python_boto docs.

* Making profile.d loading more robust.

* Also pip removing ansible-core and trying with pip and pip3 to cover all bases.

* Updating bad AWS SG role var namespacing in other roles.

* Refactoring how we handle python3-pip.

* Allow passing in of the Python interpreter to Ansible.

* Updating the packages server for CE.

* Installing Ansible in a venv on all machines.

* Changing common_base format for readability.

* No need to specify Python to the point release.

* Docs update.

* Fixing LDAP SSL to use systemd timer.

* Allowing different systemd timer names for different Ansible installs.

* Fixing dynamic key name in ansible role.

* Trying to debug missing timer_command var.

* Treating the timer string so it becomes a dict.

* Moving default log location for clamav.

* Updating ClamAV docs.

* Grouping systemd timer tasks together.
@matej5
updating-aws-cloudfront-distribution-to-enable-logging-2.x-branch (#1404
95410ec 
)

Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@matej5
Adding default value if logging not defined 2.x (#1407)
f76e8de 
* adding-default-value-if-logging-not-defined-2.x

* adding-example-for-logging

---------

Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@matej5
Cleaner-pipeline-output-2.x (#1412)
d9c72c5 
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@drazenCE
Updating-extra-packages-2x (#1414)
1497adc
@matej5
updating-cloudfront-role-2.x (#1418)
1339850 
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@nfawbert
r68152-secure-symfony-app-for-prod 2.x (#1429)
e88a153
@nfawbert
r68152-put-new-prod-symfony-template 2.x (#1433)
6b609f7
@drazenCE
Adding-wazuh-role-2x (#1441)
8080fbb
@drazenCE
Fixing-wazuh (#1445)
5956f80
@drazenCE
Fixing wazuh pr 2.x (#1447)
19d85f3 
* Fixing-wazuh

* Fixing-wazuh
@drazenCE
Fixing wazuh pr 2.x (#1449)
86004d9 
* Fixing-wazuh

* Fixing-wazuh

* Adding-ansible-builtin-modules

* Adding-debug

* Fixing-vars
@gregharvey
Adding clamdscan package to clamav role. (#1452)
f59add7
@gregharvey
Merge branch '2.x' into bug_fixes_2.x
b4473ca
@gregharvey
Exposing ce-provision version in build output.
36a52ee
@gregharvey
Merge branch 'devel-2.x' into bug_fixes_2.x-PR-devel-2.x
3550065
@gregharvey
Merge branch 'bug_fixes_2.x' into bug_fixes_2.x-PR-devel-2.x
2630a8e
@gregharvey
Bug fixes 2.x pr 2.x (#1454)
e5d188c 
* Improving AWS subnet docs.

* Error in timers structure in the SSL role.

* Removing obsolete backports requirements.

* Allow the billing role to access Sustainability information.

* Missing comma in IAM billing policy.

* Removing broken GitLab Runner code.

* Fixed the include_role task in gitlab_runner.

* Suppressing a failure if there is no system pip to call.

* Logic error in Ansible installer username, needs to be set from calling role.

* ansible_user is a reserved variable, seems to be causing issues.

* _ansible_ANYTHING is reserved, using _install_username instead.

* python_boto role also needs the username set in the calling role.

* Updating python_boto docs.

* Making profile.d loading more robust.

* Also pip removing ansible-core and trying with pip and pip3 to cover all bases.

* Updating bad AWS SG role var namespacing in other roles.

* Refactoring how we handle python3-pip.

* Allow passing in of the Python interpreter to Ansible.

* Updating the packages server for CE.

* Installing Ansible in a venv on all machines.

* Changing common_base format for readability.

* No need to specify Python to the point release.

* Docs update.

* Fixing LDAP SSL to use systemd timer.

* Allowing different systemd timer names for different Ansible installs.

* Fixing dynamic key name in ansible role.

* Trying to debug missing timer_command var.

* Treating the timer string so it becomes a dict.

* Moving default log location for clamav.

* Updating ClamAV docs.

* Grouping systemd timer tasks together.

* Exposing ce-provision version in build output.
@drazenCE
Fixing-wazuh-vars (#1456)
1891d5e
@drazenCE
Fixing wazuh vars pr 2.x (#1460)
fc01c7c 
* Fixing-wazuh-vars

* Fixing-linting
@drazenCE
Updating-sury-keys (#1463)
e6ea7ba
@gregharvey
Replace ssl certs pr 2.x (#1467)
d427d4b 
* Documentation updates.

* Tidying SSL role and allowing option to replace a cert.
@gregharvey
Merge branch '2.x' into bug_fixes_2.x
a1f51a1
@gregharvey
Wrong variable in meta role for controller username.
a02e9e5
@gregharvey
Merge branch 'devel-2.x' into bug_fixes_2.x-PR-devel-2.x
3d49cf5
@gregharvey
Merge branch 'bug_fixes_2.x' into bug_fixes_2.x-PR-devel-2.x
b4d95bc
@gregharvey
Bug fixes 2.x pr 2.x (#1469)
830b3f2 
* Improving AWS subnet docs.

* Error in timers structure in the SSL role.

* Removing obsolete backports requirements.

* Allow the billing role to access Sustainability information.

* Missing comma in IAM billing policy.

* Removing broken GitLab Runner code.

* Fixed the include_role task in gitlab_runner.

* Suppressing a failure if there is no system pip to call.

* Logic error in Ansible installer username, needs to be set from calling role.

* ansible_user is a reserved variable, seems to be causing issues.

* _ansible_ANYTHING is reserved, using _install_username instead.

* python_boto role also needs the username set in the calling role.

* Updating python_boto docs.

* Making profile.d loading more robust.

* Also pip removing ansible-core and trying with pip and pip3 to cover all bases.

* Updating bad AWS SG role var namespacing in other roles.

* Refactoring how we handle python3-pip.

* Allow passing in of the Python interpreter to Ansible.

* Updating the packages server for CE.

* Installing Ansible in a venv on all machines.

* Changing common_base format for readability.

* No need to specify Python to the point release.

* Docs update.

* Fixing LDAP SSL to use systemd timer.

* Allowing different systemd timer names for different Ansible installs.

* Fixing dynamic key name in ansible role.

* Trying to debug missing timer_command var.

* Treating the timer string so it becomes a dict.

* Moving default log location for clamav.

* Updating ClamAV docs.

* Grouping systemd timer tasks together.

* Exposing ce-provision version in build output.

* Wrong variable in meta role for controller username.
drazenCE and others added 26 commits June 25, 2024 14:45
@drazenCE
Updating wazuh vars pr 2.x (#1787)
2645a53 
* Updating-wazuh-vars

* Updating-manager-vars

* Updating-wazuh-manager-active-response

* Updating-wazuh-manager-active-response-2x

* Fixing-wazuh-broken-pipeline

* Tweaking-wazuh-vars
@nfawbert
r68065 mattermost role first commit (#1789)
da8e909 
* r68065 mattermost role first commit

* fixing linting/syntax

* reload systemd with ansible.builtin.systemd_service

* handler for postgresql reloads

* default systemd unit file for mattermost role
@nfawbert
r68065 install python psycopg2 (#1791)
1d52a29
@nfawbert
r68065 use psycopg binary package as compiling creates depsolve issues (
f935659 
#1793)
@nfawbert
permissions for postgres setup (#1795)
996f67c
@nfawbert
r68065 add mattermost group before user (#1797)
bcb8383
@drazenCE
Updating-duplicity (#1804)
c7e68a5
@nfawbert
enable mattermost systemd unit (#1810)
69e741c
@nfawbert
nginx include for mattermost (#1812)
8694d1f 
* nginx include for mattermost

* add mattermost project type
@nfawbert
ssl on handled by nginx role (#1814)
e6637ca
@nfawbert
fix mattermost nginx include (#1822)
bcde5ae
@nfawbert
remove unsupported nginx option (#1824)
be379a5
@matej5
Restore testing update pr 2.x (#1832)
a58040d 
* Restore-testing-update

* Restore-testing-update-2

---------

Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@matej5
Resolving conflicts pr 2.x (#1834)
21ffa8d 
* Fixing-conflicts-and-updating-docs

* Fixed-conflicts

* Fixed-conflicts-2

---------

Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@nfawbert
initial commit - mattermost local backups (#1838)
f1e3478
@matej5
r69995-Updating-vhost-for-LE-validation (#1843)
303e501 
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@matej5
Changing priority flexibility pr 2.x (#1841)
a71e3b2 
* Changing-priority-flexibility

* Changing-priority-flexibility-2

* Adding-aws-acl-to-meta

* Adding-cast-to-int-for-priority

---------

Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@matej5
Aws acl role changes for ip set pr 2.x (#1848)
2037c74 
* aws_acl-role-changes-for-ip-set

* aws_acl-role-changes-for-ip-set-docs-update

---------

Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@tymofiisobchenko
add_php_repo_before_apt_extra_packages_task_from_common_base (#1850)
6d519bd
@tymofiisobchenko
fix_opensearch_vars (#1852)
419387c
@tymofiisobchenko
wait_timeout_for_opensearch_domain_creation (#1854)
184387a 
* wait_timeout_for_opensearch_domain_creation

* remove trailing space
@matej5
Updating-aws-acl-task (#1856)
6a31637 
Co-authored-by: Matej Stajduhar <matej.stajduhar@codeenigma.com>
@gregharvey
Merge branch '2.x' into bug_fixes_2.x
7e39e24
@gregharvey
Docs update and making Ansible installation via _init an option.
6fcda09
@gregharvey
Merge branch 'devel-2.x' of github.com:codeenigma/ce-provision into b…
be77f95 
…ug_fixes_2.x-PR-devel-2.x
@gregharvey
Merge branch 'bug_fixes_2.x' into bug_fixes_2.x-PR-devel-2.x
4fb7a40
@gitguardian GitGuardian
Copy link

gitguardian bot commented Jul 18, 2024

⚠️ GitGuardian has uncovered 6 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
11380256 Triggered Username Password bb1d5cd roles/debian/wazuh/defaults/main.yml View secret
5773360 Triggered Generic Password 65f72f4 install.sh View secret
5773360 Triggered Generic Password 4fa0f63 install.sh View secret
5773360 Triggered Generic Password c6f95bb install.sh View secret
11380256 Triggered Username Password 7fe424b roles/debian/wazuh/defaults/main.yml View secret
11380256 Triggered Username Password e901344 roles/debian/wazuh/defaults/main.yml View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@gregharvey gregharvey merged commit 8a0af76 into devel-2.x Jul 18, 2024
4 of 6 checks passed
@gregharvey gregharvey deleted the bug_fixes_2.x-PR-devel-2.x branch July 18, 2024 12:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@gregharvey @matej5 @drazenCE @nfawbert @tymofiisobchenko @klausi