search

thaum-xyz / ankhmorpork

@paulfantom's GitOps managed kube cluster running in a cupboard. Built with fancy tools :sparkles:
https://ankhmorpork.thaum.xyz
MIT License
77 stars 10 forks source link

Update base infrastructure #397

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
devsec.hardening (source) galaxy-collection minor 8.7.0 -> 8.8.0
prometheus.prometheus (source) galaxy-collection minor 0.5.1 -> 0.6.0

Release Notes

dev-sec/ansible-collection-hardening (devsec.hardening) ### [`v8.8.0`](https://togithub.com/dev-sec/ansible-collection-hardening/blob/HEAD/CHANGELOG.md#880-2023-08-04) [Compare Source](https://togithub.com/dev-sec/ansible-collection-hardening/compare/8.7.0...8.8.0) [Full Changelog](https://togithub.com/dev-sec/ansible-collection-hardening/compare/8.7.0...8.8.0) **Implemented enhancements:** - Add support for Fedora 38 [#​671](https://togithub.com/dev-sec/ansible-collection-hardening/issues/671) - auditd: add possibility to override config template [#​685](https://togithub.com/dev-sec/ansible-collection-hardening/pull/685) \[[os_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/os_hardening)] ([Meecr0b](https://togithub.com/Meecr0b)) - add debian 12 support [#​684](https://togithub.com/dev-sec/ansible-collection-hardening/pull/684) \[[mysql_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/mysql_hardening)] \[[os_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/os_hardening)] \[[ssh_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/ssh_hardening)] \[[nginx_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/nginx_hardening)] ([rndmh3ro](https://togithub.com/rndmh3ro)) - feat: explicitly support Fedora 37 and 38 [#​682](https://togithub.com/dev-sec/ansible-collection-hardening/pull/682) \[[os_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/os_hardening)] \[[ssh_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/ssh_hardening)] ([nejch](https://togithub.com/nejch)) - Replace ssh_keys group with root, where applicable and use less permissive file mode [#​677](https://togithub.com/dev-sec/ansible-collection-hardening/pull/677) \[[ssh_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/ssh_hardening)] ([rndmh3ro](https://togithub.com/rndmh3ro)) - Add oddjob mkhomedir option rhel pam [#​675](https://togithub.com/dev-sec/ansible-collection-hardening/pull/675) \[[os_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/os_hardening)] ([imp1sh](https://togithub.com/imp1sh)) **Fixed bugs:** - How does one set `sshd_authenticationmethods` to include password authentication? [#​686](https://togithub.com/dev-sec/ansible-collection-hardening/issues/686) - Error: No file was found when using first_found on Ubuntu 20.04 [#​676](https://togithub.com/dev-sec/ansible-collection-hardening/issues/676) - FreeIPA environment mkhomedir fails [#​664](https://togithub.com/dev-sec/ansible-collection-hardening/issues/664) **Closed issues:** - What is the uscase of sysctl_overwrite over ansible.posix.sysctl? [#​683](https://togithub.com/dev-sec/ansible-collection-hardening/issues/683) - `Ensure permissions on mysql-logfile are correct` chokes when `log_error` is set to `stderr` [#​673](https://togithub.com/dev-sec/ansible-collection-hardening/issues/673) - TASK TASK FAILED: \[devsec.hardening.os_hardening : Set password ageing for existing regular (non-system, non-root) accounts] [#​670](https://togithub.com/dev-sec/ansible-collection-hardening/issues/670) - After os_hardening ssh not working [#​663](https://togithub.com/dev-sec/ansible-collection-hardening/issues/663) - Unsupported parameters for (ansible.builtin.user) module [#​650](https://togithub.com/dev-sec/ansible-collection-hardening/issues/650) **Merged pull requests:** - setting gets ignored [#​680](https://togithub.com/dev-sec/ansible-collection-hardening/pull/680) \[[os_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/os_hardening)] ([rndmh3ro](https://togithub.com/rndmh3ro)) - add var-naming\[no-role-prefix] to skip-list [#​679](https://togithub.com/dev-sec/ansible-collection-hardening/pull/679) ([rndmh3ro](https://togithub.com/rndmh3ro)) - expand on check conditions for non-file locations of logs [#​674](https://togithub.com/dev-sec/ansible-collection-hardening/pull/674) \[[mysql_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/mysql_hardening)] ([whysthatso](https://togithub.com/whysthatso)) - use new molecule-plugins [#​667](https://togithub.com/dev-sec/ansible-collection-hardening/pull/667) ([schurzi](https://togithub.com/schurzi)) - add spellchecking with codespell [#​662](https://togithub.com/dev-sec/ansible-collection-hardening/pull/662) \[[mysql_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/mysql_hardening)] \[[os_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/os_hardening)] \[[ssh_hardening](https://togithub.com/dev-sec/ansible-collection-hardening/labels/ssh_hardening)] ([schurzi](https://togithub.com/schurzi))
prometheus-community/ansible (prometheus.prometheus) ### [`v0.6.0`](https://togithub.com/prometheus-community/ansible/blob/HEAD/CHANGELOG.rst#v060) [Compare Source](https://togithub.com/prometheus-community/ansible/compare/0.5.1...0.6.0) \====== ## Minor Changes - feat: Add chrony_exporter role ([https://github.com/prometheus-community/ansible/pull/159](https://togithub.com/prometheus-community/ansible/pull/159)) - feat: Add pushgateway role ([https://github.com/prometheus-community/ansible/pull/127](https://togithub.com/prometheus-community/ansible/pull/127)) - feat: Add role smokeping_prober ([https://github.com/prometheus-community/ansible/pull/128](https://togithub.com/prometheus-community/ansible/pull/128)) - feature: Agent mode support ([https://github.com/prometheus-community/ansible/pull/198](https://togithub.com/prometheus-community/ansible/pull/198)) - feature: Make config installation dir configurable ([https://github.com/prometheus-community/ansible/pull/173](https://togithub.com/prometheus-community/ansible/pull/173)) - feature: blackbox exporter user/group configurable ([https://github.com/prometheus-community/ansible/pull/172](https://togithub.com/prometheus-community/ansible/pull/172)) - minor: support fedora 38 ([https://github.com/prometheus-community/ansible/pull/202](https://togithub.com/prometheus-community/ansible/pull/202)) ## Removed Features (previously deprecated) - removed: Drop fedora 36 support as it is EOL ([https://github.com/prometheus-community/ansible/pull/200](https://togithub.com/prometheus-community/ansible/pull/200)) - removed: Drop ubuntu 18.04 support as it is EOL ([https://github.com/prometheus-community/ansible/pull/199](https://togithub.com/prometheus-community/ansible/pull/199)) ## Bugfixes - fix(alertmanager): add routes before match_re ([https://github.com/prometheus-community/ansible/pull/194](https://togithub.com/prometheus-community/ansible/pull/194)) - fix(node_exporter): Fix ProtectHome for textfiles ([https://github.com/prometheus-community/ansible/pull/184](https://togithub.com/prometheus-community/ansible/pull/184)) - fix: Add test for argument_specs matching ([https://github.com/prometheus-community/ansible/pull/177](https://togithub.com/prometheus-community/ansible/pull/177)) - fix: Make binary installs consistent ([https://github.com/prometheus-community/ansible/pull/204](https://togithub.com/prometheus-community/ansible/pull/204)) - fix: mysqld_exporter should actually respect the mysqld_exporter_host variable ([https://github.com/prometheus-community/ansible/pull/88](https://togithub.com/prometheus-community/ansible/pull/88))

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by Mend Renovate. View repository job log here.