Skip to content

yoga: Stop changing permissions on files in CIS #1179

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 14 commits into from
Closed

yoga: Stop changing permissions on files in CIS #1179

wants to merge 14 commits into from

Conversation

markgoddard
Copy link
Contributor

MoteHue and others added 14 commits July 12, 2024 13:35
@MoteHue
Correct cve-2024-6387 reno
ac221ad
@markgoddard
Merge pull request #1160 from stackhpc/reno-fix-yoga
5140e56 
Correct cve-2024-6387 reno
@Alex-Welsh
Split Ubuntu Docker CE package into Focal/Jammy
771b736
@Alex-Welsh
Merge pull request #1157 from stackhpc/fix-docker-yoga-package
02a1c66 
Split Ubuntu Docker CE package into Focal/Jammy
@jovial
Disables password expiration and inactivity policies (#1106)
6a5920c 
* Disables password expiration and inactivity policies

This was causing the kayobe and kolla service accounts to be locked
out of the system.

* Remove flag that configures password expiry warning
@markgoddard
Remove Kolla Ansible docker repo file on Jammy upgrade
bde1427 
When switching from Kolla Ansible repositories to release train, we need
to remove the docker.list file that was added by Kolla Ansible.
@markgoddard
Make reboot timeout configurable in Ubuntu Jammy upgrade
ce12cc0
@markgoddard
Only enable Apt CVE-2024-6387 repo on Jammy hosts
033a7a9 
The fix is not required on Focal, and the package is not compatible.
@markgoddard
Merge pull request #1161 from stackhpc/ubuntu-jammy-fixes
3aa6637 
Ubuntu Jammy upgrade fixes
@markgoddard
ci-multinode: Add failing refstack tests to skip list
ab2a532 
In Yoga and Zed there are 2 tests that fail due to using internal TLS
but no external TLS. This breaks some URLs in API responses.

This change adds them to skip lists. This should be reverted in
Antelope, since it supports external TLS in multinodes.
@markgoddard
Bump stackhpc.hashicorp role to 2.5.0
3d6ac12 
This brings in a useful idempotency fix for Vault deployment.

(cherry picked from commit bf535c6)
@markgoddard
Merge pull request #1174 from stackhpc/yoga-vault-bits
66b75bf 
yoga: Bump stackhpc.hashicorp & multinode skip lists
@markgoddard
Stop changing permissions on files on Rocky 9
4dc1926 
A similar change was made for Ubuntu systems in #1119, but it did not
apply to Rocky 9 systems. This changes brings the two into line.

(cherry picked from commit ef96aa2)
@jovial @markgoddard
Stop changing permissions on files (#1119)
09d226c 
These are causing changes to docker overlay filesystems with
possible unintended consequences. It is also really slow to loop
through so many files in ansible.

(cherry picked from commit 0d1dfe2)
@markgoddard markgoddard requested a review from a team as a code owner July 23, 2024 08:08
@markgoddard markgoddard deleted the yoga-backports branch August 9, 2024 07:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@markgoddard @MoteHue @Alex-Welsh @jovial