Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extending content for users reading 'defaults/main.yml' file #157

Conversation

ipruteanu-sie
Copy link
Contributor

Overall Review of Changes:
Extended the documentation @ defaults/main.yml file, with help of @brisky, as one can notice below.
@uk-bolly: If you notice anything strange/unclear in this PR, please let me know.

Issue Fixes:
N/A

Enhancements:
Enhanced docs.

How has this been tested?:
N/A, just docs.

brisky and others added 17 commits November 24, 2023 15:38
- Yum repos,
- bootloader,
- crypto policies,
- SELinux
- NTP

Signed-off-by: Ionut Pruteanu <[email protected]>
- Sections 2.2 && 2.3
- Section 3
- Section 4.1

Signed-off-by: Ionut Pruteanu <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
Signed-off-by: root@DERVISHx <[email protected]>
…om:infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis into siemens/feat/document_main_variables
[IP] I see no benefit to duplicate vars in defaults/main.yml in other files like specific vars for Alma/Rocky, especially since
we're using the same values for those vars. Also, replacing rsyslog with journald is not fine for this current doc-extension proposal.

This reverts commit a57333d.
@uk-bolly
Copy link
Member

hi @ipruteanu-sie

Thank you and @brisky so much for the PR, Happy to take it as it stands and it is lovely to have and see how we get on with the next CIS baseline release. If you can resolve the issues with the pipeline and DCO failures.
For a note:
While we do like the changes and documentation, we are seeing more and more complete movements of controls to different numbering and sections e.g. RHEL8-CIS v3 is nearly a complete rewrite due to changes. This has the potential to add to the overhead to document for each release.

Many thanks as always for your help

uk-bolly

brisky and others added 12 commits January 30, 2024 23:41
~~~
Small additions to first part of documentation.

Signed-off-by: Ionut Pruteanu <[email protected]>
- Yum repos,
- bootloader,
- crypto policies,
- SELinux
- NTP

Signed-off-by: Ionut Pruteanu <[email protected]>
- Sections 2.2 && 2.3
- Section 3
- Section 4.1

Signed-off-by: Ionut Pruteanu <[email protected]>
Signed-off-by: root@DERVISHx <[email protected]>
…om:infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis into siemens/feat/document_main_variables
Documenting usage of chrony variables.

Signed-off-by: Ionut Pruteanu <[email protected]>
ipruteanu-sie and others added 27 commits January 31, 2024 08:30
…l which governs if extra params will be configured

Signed-off-by: Ionut Pruteanu <[email protected]>
Correction to "when":  1_3_3

Signed-off-by: Joachim la Poutré <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
Corrected tag rule_1.8.10

Signed-off-by: Joachim la Poutré <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
Corrected tag: rule_5.6.1.1

Signed-off-by: Joachim la Poutré <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
Corrected tag: rule_5.6.1.5

Signed-off-by: Joachim la Poutré <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
Corrected tags: rule_6.1.8 & rule_6.1.12

Signed-off-by: Joachim la Poutré <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
Corrected tag: rule_6.2.3

Signed-off-by: Joachim la Poutré <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
Signed-off-by: Joshua Hemmings <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
updates:
- [github.com/ansible-community/ansible-lint: v6.22.1 → v6.22.2](ansible/ansible-lint@v6.22.1...v6.22.2)

Signed-off-by: Ionut Pruteanu <[email protected]>
Signed-off-by: root@DERVISHx <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
~~~
Small additions to first part of documentation.

Signed-off-by: Ionut Pruteanu <[email protected]>
- Yum repos,
- bootloader,
- crypto policies,
- SELinux
- NTP

Signed-off-by: Ionut Pruteanu <[email protected]>
- Sections 2.2 && 2.3
- Section 3
- Section 4.1

Signed-off-by: Ionut Pruteanu <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
Signed-off-by: root@DERVISHx <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
[IP] I see no benefit to duplicate vars in defaults/main.yml in other files like specific vars for Alma/Rocky, especially since
we're using the same values for those vars. Also, replacing rsyslog with journald is not fine for this current doc-extension proposal.

This reverts commit a57333d.

Signed-off-by: Ionut Pruteanu <[email protected]>
~~~

Fixing conflicts after rebasing current feature branch onto 'devel'

Signed-off-by: Ionut Pruteanu <[email protected]>
Signed-off-by: root@DERVISHx <[email protected]>
Signed-off-by: Ionut Pruteanu <[email protected]>
[IP] I see no benefit to duplicate vars in defaults/main.yml in other files like specific vars for Alma/Rocky, especially since
we're using the same values for those vars. Also, replacing rsyslog with journald is not fine for this current doc-extension proposal.

This reverts commit a57333d.

Signed-off-by: Ionut Pruteanu <[email protected]>
…om:infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis into siemens/feat/document_main_variables
@ipruteanu-sie
Copy link
Contributor Author

Hi @uk-bolly ! Thanks for your suggestions!

  • Actually, I've been running around in circles trying to fix the DCO issue: I was performing the rebase with the "--signoff", but actually the DCO output was still suggesting(correctly) that the changes related to rebase were unsigned. I've ended up with creating a patch, apply it(with signoff, ofc) on a new branch and generate a new PR, therefore current PR can be closed, as it was replaced by the new one.
  • Also, we understand the overhead needed for maintaining docs from release to release, but we also believe that the role-usability is improved when users have the chance to read a complete explanation about the variables they're dealing with.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

10 participants