New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
do not touch sysctl file to avoid idempotency problems #309
Conversation
@rndmh3ro please sign off your commits before merging :) |
@@ -5,7 +5,7 @@ | |||
owner: 'root' | |||
group: 'root' | |||
mode: '0440' | |||
state: touch | |||
state: file |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You will run into errors with this if the file does not exist (ansible file module errors out whenstate: file
is used on a non-existent path). The proper way to fix idempotence is
state: touch
modification_time: preserve
access_time: preserve
https://docs.ansible.com/ansible/latest/modules/file_module.html
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That is why it was touch, not file! Thanks! That's what happens if you don't document your code.
I'll fix thix.
* add testing for CentOS8 Adds testing environments for CentOS8 to local Kitchen and remote Travis tests. Currently only local Kitchen Docker tests are verified. Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * disable system wide CRYPTO_POLICY on RHEL8+ by default sshd will not use the crypto settings from sshd_config. To make the settings effective we need to disable the system wide CRYPTO_POLICY. see: https://access.redhat.com/solutions/4410591 Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * Set volume variable for travis tests to use cgroups mount where needed Signed-off-by: Sebastian Gumprich <github@gumpri.ch> Co-authored-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> Co-authored-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
See related ticket: - dev-sec#310 - dev-sec#309
* add testing for CentOS8 Adds testing environments for CentOS8 to local Kitchen and remote Travis tests. Currently only local Kitchen Docker tests are verified. Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * disable system wide CRYPTO_POLICY on RHEL8+ by default sshd will not use the crypto settings from sshd_config. To make the settings effective we need to disable the system wide CRYPTO_POLICY. see: https://access.redhat.com/solutions/4410591 Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * Set volume variable for travis tests to use cgroups mount where needed Signed-off-by: Sebastian Gumprich <github@gumpri.ch> Co-authored-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> Co-authored-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
No description provided.