mariolenz
commented
1 year ago At the time of writing this comment I don't see they tag their releases.
So I agree / confirm that this collection is indeed violating the requirements.
Closed gotmax23 closed 1 year ago
mariolenz
commented
1 year ago At the time of writing this comment I don't see they tag their releases.
So I agree / confirm that this collection is indeed violating the requirements.
felixfontein
commented
1 year ago I can also confirm that they do not tag their releases and thus violate the requirements. Also they have been informed about this more than a month ago, and there has been zero feedback so far.
gotmax23
commented
1 year ago I've started a vote: https://github.com/ansible-community/community-topics/discussions/172
mariolenz
commented
1 year ago I counted votes: 7 x +1 from SC (gotmax23 felixfontein russoz mariolenz briantist markuman ssbarnea) 2 x +1 from community (oraNod cybette) edit: 1 x -1 from community (szh)
Can someone from the Steering Committee confirm this?
jtuttle
commented
1 year ago Hi there, I'm the manager of the CyberArk Community & Integrations team at CyberArk. We are responsible for most of the OSS repositories but unfortunately this one doesn't fall under our umbrella. This lapse has just been brought to my attention. I will try to get the appropriate person / team working on it ASAP. Sorry for the delay.
jtuttle
commented
1 year ago Update: I reached out to the person that manages @cyberark-bizdev directly and he said he will try to address it in the next few days, which I reckon will be next week sometime since it's Friday. I'll be on vacation next week but will try to hop on at some point to make sure this has been resolved.
felixfontein
commented
1 year ago I counted votes: 7 x +1 from SC (gotmax23 felixfontein russoz mariolenz briantist markuman ssbarnea) 2 x +1 from community (oraNod cybette) edit: 1 x -1 from community (szh)
Can someone from the Steering Committee confirm this?
I can confirm this count.
felixfontein
commented
1 year ago We talked a bit (informally) on this on IRC/Matrix, and we (well, the folks involved in the discussion there) are not really sure how to proceed with this. While we're happy that there is now some reaction, it is really late, considering that https://github.com/cyberark/ansible-security-automation-collection/issues/46 was created almost two months ago, and an earlier issue (https://github.com/cyberark/ansible-security-automation-collection/issues/44) from May has not received any feedback so far. We'll probably discuss this again in January once most folks are back from possible vacations.
gotmax23
commented
1 year ago Yeah, it's unfortunate that there was no response for two months and it only happened after we already agreed to remove the collection from the ansible package. I haven't announced the removal of this collection yet, but I guess we'll need another vote to keep this collection in the Ansible package if the issue is fixed. In any case, I tagged this for discussion in the next community meeting.
mhyclak-silex
commented
1 year ago This topic was just brought to my attention. I can say that we're using essentially a fork of cyberark.pas for one of our customers due to the inattention the modules received. There were some helpful patches in the Issues on the github repo that we pulled in and incorporated that allowed us to continue working. I would have to investigate from a contractual/legal standpoint what (if anything) we can share back to the community, but one of my teammates wrote some tests around the module as well. It's a tough one to do since you need a full-blown implementation to validate. I'm not sure if I'll be able to participate in the next meeting, but at least wanted to drop this comment for consideration.
felixfontein
commented
1 year ago We talked about this a bit at today's community meeting. We decided to wait a few more days (until ~mid January) to see what happens with the collection, and then potentially start another vote whether to delay / cancel the removal or not.
jtuttle
commented
1 year ago @felixfontein Thanks, I'm still trying to get the folks in charge of this project to fix it.
infamousjoeg
commented
1 year ago Sorry this took so long. I went ahead and added a tag and release to match the version in Galaxy for the collection: https://github.com/cyberark/ansible-security-automation-collection/tree/1.0.14
mariolenz
commented
1 year ago Closing because we decided to cancel the removal process in #180.
Summary
I'm filing this issue in accordance with Removal from Ansible § Collections not satisfying the Collection Requirements.
On 27 October (over four weeks ago), I opened an issue (https://github.com/cyberark/ansible-security-automation-collection/issues/46) against cyberark.pas's repository reporting their violation of the release tagging requirements. There has been no acknowledgment of the issue, and it hasn't been resolved, so it's eligible for removal from Ansible 9.
Two SC members need to confirm that this collection is indeed violating the requirements. After that, I'll give about a week long grace period before starting a vote on whether we should remove this collection from Ansible 9.