Version 1.4.7

[1.4.7] - 2023-07-21

Bug Fixes

• fix: reload on resetting to defaults (#159)

Version 1.4.6

[1.4.6] - 2023-07-19

Bug Fixes

• fix: make enabling/disabling non-existent services not fail in check mode (#153)
• fix: unmask firewalld on run, disable conflicting services (#154)
• fix: facts being gathered unnecessarily (#156)

Other Changes

• ci: fix python 2.7 CI tests by manually installing python2.7 package (#152)
• ci: ansible-test ignores file for ansible-core 2.15 (#155)

Version 1.4.5

[1.4.5] - 2023-06-21

Bug Fixes

• fix: Don't install python(3)-firewall it's a dependency of firewalld (#148)

Enhancement: The role now does not run tasks to install python-firewall or python3-firewall based on installed python version.

Reason: python-firewall or python3-firewall is pulled automatically by dnf and yum when installing firewalld.
The issue is that when I install python3 on EL 7, the role then fails with "No package matching 'python3-firewall' found available, installed or updated". It sees python3 present on the system and tries to install python3-firewall, which is not available on EL 7.

Result: The role doesn't fail on EL 7 when python3 is installed on the managed node.

Other Changes

• ci: Add commitlint GitHub action to ensure conventional commits (#139)

For more information, see Conventional Commits format in Contribute
https://linux-system-roles.github.io/contribute.html#conventional-commits-format

Signed-off-by: Sergei Petrosian spetrosi@redhat.com

• docs: Add note about using previous: replaced and temporary service failures (#141)

Add a note to the README about the use of previous: replaced and that it can
cause temporary service outages to the node being managed.
#138

• docs: Consistent contributing.md for all roles - allow role specific contributing.md section (#143)

Provide a single, consistent contributing.md for all roles. This mostly links to
and summarizes https://linux-system-roles.github.io/contribute.html

Allow for a role specific section which typically has information about
role particulars, role debugging tips, etc.

See linux-system-roles/.github#19

Signed-off-by: Rich Megginson rmeggins@redhat.com

• ci: update tox-lsr to version 3.0.0 (#144)

The major version bump is because tox-lsr 3 drops support
for tox version 2. If you are using tox 2 you will need to
upgrade to tox 3 or 4.

tox-lsr 3.0.0 adds support for tox 4, commitlint, and ansible-lint-collection

See https://github.com/linux-system-roles/tox-lsr/releases/tag/3.0.0
for full release notes

Signed-off-by: Rich Megginson rmeggins@redhat.com

• ci: fix pylintrc issues (#145)

Remove no-space-check and overgeneral-exception

• ci: Add pull request template and run commitlint on PR title only (#147)

We now ensure the conventional commits format only on PR titles and not on
commits to let developers keep commit messages targeted for other developers
i.e. describe actual changes to code that users should not care about.
And PR titles, on the contrary, must be aimed at end users.

For more info, see
https://linux-system-roles.github.io/contribute.html#write-a-good-pr-title-and-description

Signed-off-by: Sergei Petrosian spetrosi@redhat.com

• ci: Rename commitlint to PR title Lint, echo PR titles from env var (#149)

Signed-off-by: Sergei Petrosian spetrosi@redhat.com

Version 1.4.4

[1.4.4] - 2023-04-13

Other Changes

• fix ansible-lint issues in tests (#134)
• add docs for set_default_zone (#135)

Version 1.4.3

[1.4.3] - 2023-04-06

Other Changes

• Add README-ansible.md to refer Ansible intro page on linux-system-roles.github.io (#132)

Version 1.4.2

[1.4.2] - 2023-01-20

New Features

• none

Bug Fixes

• ansible-lint 6.x fixes
• cannot use distutils; use custom version

Other Changes

• Add check for non-inclusive language (#114)
• Add CodeQL workflow for GitHub code scanning

Version 1.4.1

[1.4.1] - 2022-12-12

New Features

• none

Bug Fixes

• none

Other Changes

• Added some example playbooks (#110)

Version 1.4.0

[1.4.0] - 2022-07-26

New Features

• feature - add/remove interfaces by PCI ID

FEATURE OVERVIEW

• allows users to add by what a device is (vendor:device_type) instead of interface names

  • interface names that match the wildcard XXXX:XXXX (X = hex) will be converted to interface names.

  • Multiple matches will result in play being done on multiple devices

• Add Network Manager interaction when adding/removing interfaces from zones

• Add functions that convert PCI IDs into network interface names

Fixes #87

Bug Fixes

• none

Other Changes

• changelog_to_tag action - support other than "master" for the main branch name, as well (#96)

Signed-off-by: Rich Megginson rmeggins@redhat.com

Version 1.3.0

[1.3.0] - 2022-07-20

New Features

• Feature: add/update/delete services

• Can add services by using the present state, with the specified details for the service (Permanent required)
• Only required details are the service name using the service option, other options supported:
• short, description, port, source port, protocol, module (helper_module), destination
• remove services by using absent state and only the service name (no "detail" options) (Permanent required)
• remove service elements by adding the elements and their values
• service will not be removed if any of the removable elements are specified as well
• update short and descriptions of services by using present state with the options while short or description are defined
• Cannot remove short or descriptions
• as with the rest of this feature, permanent is required to do this

Fixes: #80

• Feature: Ansible facts with firewalld configuration

• called by calling the firewall system role with either no parameters
  or with only the detailed parameter
• fetches and returns ansible fact firewall_config
• detailed in README.md, under ansible_fact section

Fixes #82

Bug Fixes

• bugfix: port forward dict form

• fixed bug where port_forward argument only worked with string argument
• additionally argument convert to list if necessary
• minimal tests added for port forward
• tests_port_forward.yml only has the fail case that the role fails

Fixes: #85

Other Changes

• make all tests work with gather_facts: false (#84)

The tests_zone.yml test uses facts outside of the role and
needs to gather_facts: true when using ANSIBLE_GATHERING=explicit

• make min_ansible_version a string in meta/main.yml (#88)

The Ansible developers say that min_ansible_version in meta/main.yml
must be a string value like "2.9", not a float value like 2.9.

• fix destination rendering in github markdown renderer

Just make the problematic text a literal string so it won't get rendered incorrectly

• Add CHANGELOG.md (#90)

state no longer required for masquerade and ICMP block inversion

fix: state no longer required for masquerade and ICMP block inversion

• The above, and added a new error message for attempting to not specify state when using options that require state like source, port, port_forward

-- Unit test case added for this error message

• Removed state option from integration tests for masquerading and ICMP block, retaining the same fail conditions

Fixes: #76

Fix deprecated syntax in Readme (#75)

tests_ansible: replaced immediate options with runtime options (#78)

• Replaced all uses of the depreciated immediate option with the runtime option

Fixes: #77