Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add OpenSUSE support #605

Merged
merged 25 commits into from Nov 29, 2022
Merged

Add OpenSUSE support #605

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
c8807ca
Add variables for mariadb on opensuse
Nov 23, 2022
a843ed3
enable pipeline
Nov 23, 2022
ee94a66
add a note about the reuirement of the jmespath library.
Nov 23, 2022
8c335f6
Use python3 on opensuse
Nov 23, 2022
fd323c4
fix my yml.
Nov 25, 2022
3820e33
use right ansible variable
Nov 25, 2022
53ea19e
Suse requires python-rpm
Nov 25, 2022
9716988
try zypper
Nov 25, 2022
619f0be
python-xml
Nov 25, 2022
a524a27
another try at fixing the install
Nov 25, 2022
81a03f0
fix my yml
Nov 25, 2022
1d21527
another try
Nov 25, 2022
3d58e20
another try
Nov 25, 2022
301a160
another try now with rpm.
Nov 26, 2022
48717e2
fix my yml...
Nov 26, 2022
ca3f1c3
typo
Nov 26, 2022
b87ee86
do the test for Suse on the shell and not in ansible
Nov 26, 2022
0ab0adb
specify to use bash
Nov 26, 2022
c690ce2
specify to use bash
Nov 26, 2022
8b2229c
try the removes keyword of builtin.shell
Nov 26, 2022
7fe8a44
fix ansible syntax
Nov 26, 2022
507ef0c
fix zypper syntax
Nov 26, 2022
6747926
ensure pymysql is present
Nov 26, 2022
35743ce
set ansible python interpreter in converge-step, too
Nov 28, 2022
02245c1
move install task to prepare
Nov 29, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/mysql_hardening.yml
View file
Open in desktop
Expand Up @@ -37,7 +37,7 @@ jobs:
- debian11
# - amazon # geerlingguy.mysql does not support fedora
# - arch # needs to be fixed
# - opensuse_tumbleweed # needs to be fixed
- opensuse_tumbleweed # needs to be fixed
# - fedora # geerlingguy.mysql does not support fedora
steps:
- name: Checkout repo
Expand Down
7 changes: 7 additions & 0 deletions molecule/mysql_hardening/converge.yml
View file
Open in desktop
Expand Up @@ -24,6 +24,13 @@
- mysql_python_package_debian is not defined
- ansible_distribution != "Ubuntu"
- ansible_distribution_major_version|int < 20

- name: Use Python 3 on Suse
set_fact:
ansible_python_interpreter: /usr/bin/python3
when:
- ansible_os_family == 'Suse'

- include_role:
name: mysql_hardening
vars:
Expand Down
15 changes: 9 additions & 6 deletions molecule/mysql_hardening/prepare.yml
View file
Open in desktop
Expand Up @@ -15,6 +15,12 @@
- ansible_distribution == 'Debian'
- ansible_distribution_major_version|int >= 11

- name: Use Python 3 on Suse
set_fact:
ansible_python_interpreter: /usr/bin/python3
when:
- ansible_os_family == 'Suse'

- name: Use Python 2 on Debian 10
set_fact:
ansible_python_interpreter: /usr/bin/python
Expand All @@ -29,11 +35,9 @@
update_cache: true
when: ansible_os_family == 'Debian'

- name: install required tools on SuSE
community.general.zypper:
name: "python-xml"
state: present
when: ansible_facts.os_family == 'Suse'
- name: Install required python packages on Suse
ansible.builtin.shell: zypper -n install python-xml python3-rpm python3-PyMySQL
when: ansible_os_family == 'Suse'

- name: create missing directory
file:
Expand All @@ -56,7 +60,6 @@
- ansible_distribution != "Ubuntu"
- ansible_distribution_major_version|int < 20


- include_role:
name: dev-sec.mysql

Expand Down
1 change: 1 addition & 0 deletions roles/mysql_hardening/README.md
View file
Open in desktop
Expand Up @@ -16,6 +16,7 @@ It configures:

- Ansible 2.9.0
- An existing MySQL installation
- python-jmespath on the ansible host

### Example playbook

Expand Down
10 changes: 10 additions & 0 deletions roles/mysql_hardening/vars/Suse.yml
View file
Open in desktop
@@ -0,0 +1,10 @@
---
mysql_daemon: mariadb
mysql_hardening_mysql_conf_file: '/etc/my.cnf'
mysql_hardening_mysql_confd_dir: '/etc/my.cnf.d'

mysql_cnf_owner: 'root' # owner of /etc/my.cnf.d/*.cnf files
mysql_cnf_group: 'mysql' # owner of /etc/my.cnf.d/*.cnf files

mysql_hardening_group: 'mysql'
login_unix_socket: '/run/mysql/mysql.sock'