Markdown updates

Author: alessfg

.github/ISSUE_TEMPLATE/bug_report.md

@@ -6,22 +6,28 @@ labels: ''
 assignees: ''
 ---
 ### Describe the bug
+
 A clear and concise description of what the bug is.
 
 ### To reproduce
+
 Steps to reproduce the behavior:
+
 1. Deploy NGINX App Protect role using playbook.yml
 2. View output/logs/configuration on '...'
 3. See error
 
 ### Expected behavior
+
 A clear and concise description of what you expected to happen.
 
-### Your environment:
--   Version of the NGINX App Protect role or specific commit
--   Version of Ansible
--   Version of Jinja2 (if you are using any templating capability)
--   Target deployment platform
+### Your environment
+
+- Version of the NGINX App Protect role or specific commit
+- Version of Ansible
+- Version of Jinja2 (if you are using any templating capability)
+- Target deployment platform
 
 ### Additional context
+
 Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -6,13 +6,17 @@ labels: ''
 assignees: ''
 ---
 ### Is your feature request related to a problem? Please describe
+
 A clear and concise description of what the problem is. Ex. I'm always frustrated when ...
 
 ### Describe the solution you'd like
+
 A clear and concise description of what you want to happen.
 
 ### Describe alternatives you've considered
+
 A clear and concise description of any alternative solutions or features you've considered.
 
 ### Additional context
+
 Add any other context or screenshots about the feature request here.

.github/pull_request_template.md

@@ -1,10 +1,12 @@
 ### Proposed changes
+
 Describe the use case and detail of the change. If this PR addresses an issue on GitHub, make sure to include a link to that issue using one of the [supported keywords](https://docs.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue) here in this description (not in the title of the PR).
 
 ### Checklist
+
 Before creating a PR, run through this checklist and mark each as complete.
 
--   [ ] I have read the [CONTRIBUTING](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/CONTRIBUTING.md) document
--   [ ] I have added Molecule tests that prove my fix is effective or that my feature works
--   [ ] I have checked that any relevant Molecule tests pass after adding my changes
--   [ ] I have updated any relevant documentation (`defaults/main.yml`, `README.md` and `CHANGELOG.md`)
+- [ ] I have read the [CONTRIBUTING](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/CONTRIBUTING.md) document
+- [ ] I have added Molecule tests that prove my fix is effective or that my feature works
+- [ ] I have checked that any relevant Molecule tests pass after adding my changes
+- [ ] I have updated any relevant documentation (`defaults/main.yml`, `README.md` and `CHANGELOG.md`)

CHANGELOG.md

@@ -14,17 +14,17 @@ Remove deprecated variables mentioned in the `0.5.0` release. These involve temp
 
 FEATURES:
 
-*   Add support for NGINX App Protect DoS (Denial of Service) product. The `nginx_app_protect_dos_enable` variable must be set to `true` in order to install NGINX App Protect DoS.
-*   Add support for NGINX App Protect WAF on Amazon Linux 2 (requires NGINX App Protect 3.3).
-*   Add a `nginx_app_protect_manage_repo` feature flag which can be used to disable NGINX App Protect repo management by this role.
+* Add support for NGINX App Protect DoS (Denial of Service) product. The `nginx_app_protect_dos_enable` variable must be set to `true` in order to install NGINX App Protect DoS.
+* Add support for NGINX App Protect WAF on Amazon Linux 2 (requires NGINX App Protect 3.3).
+* Add a `nginx_app_protect_manage_repo` feature flag which can be used to disable NGINX App Protect repo management by this role.
 
 ENHANCEMENTS:
 
-*   Replace Ansible base with Ansible core. Ansible core will be the "core" Ansible release moving forward from Ansible `2.11`.
-*   Update GitHub actions to add a workflow dispatch option.
-*   Update the Ansible `community.general` collection to `3.3.2` and `community.docker` collection to `1.8.0`.
-*   Replace "yes"/"no" boolean values with "true"/"false" to comply with YAML spec `1.2`.
-*   Update `nginx` role requirement in Molecule tests to `0.20.0`.
+* Replace Ansible base with Ansible core. Ansible core will be the "core" Ansible release moving forward from Ansible `2.11`.
+* Update GitHub actions to add a workflow dispatch option.
+* Update the Ansible `community.general` collection to `3.3.2` and `community.docker` collection to `1.8.0`.
+* Replace "yes"/"no" boolean values with "true"/"false" to comply with YAML spec `1.2`.
+* Update `nginx` role requirement in Molecule tests to `0.20.0`.
 
 ## 0.5.0 (May 12, 2021)
 
@@ -34,20 +34,20 @@ The NGINX App Protect repository has been updated. This might cause some issues
 
 DEPRECATION WARNINGS:
 
-*   **The ability to create an NGINX config including some basic App Protect directives will be removed in the upcoming `0.6.0` release at some stage after June 2021.** Please use the [NGINX config role](https://github.com/nginxinc/ansible-role-nginx-config) instead for this (and much more) functionality. This will include the removal of the following variables: `nginx_app_protect_conf_template_enable`, `nginx_app_protect_conf_template`, `nginx_app_protect_demo_workload_protocol`, `nginx_app_protect_demo_workload_host`, `nginx_app_protect_log_policy_syslog_target`, `nginx_app_protect_log_policy_target`.
+* **The ability to create an NGINX config including some basic App Protect directives will be removed in the upcoming `0.6.0` release at some stage after June 2021.** Please use the [NGINX config role](https://github.com/nginxinc/ansible-role-nginx-config) instead for this (and much more) functionality. This will include the removal of the following variables: `nginx_app_protect_conf_template_enable`, `nginx_app_protect_conf_template`, `nginx_app_protect_demo_workload_protocol`, `nginx_app_protect_demo_workload_host`, `nginx_app_protect_log_policy_syslog_target`, `nginx_app_protect_log_policy_target`.
 
-*   **The ability to dynamically create App Protect security and log policies via Jinja2 templates will be removed in the `0.6.0` release at some stage after June 2021 due to relative inflexibility.** The `nginx_app_protect_security_policy_file_enable`, `nginx_app_protect_security_policy_file_*`, `nginx_app_protect_log_policy_file_enable` and `nginx_app_protect_log_policy_file_*` variables should be used instead of the following variables which are to be removed: `nginx_app_protect_security_policy_template_enable`, `nginx_app_protect_security_policy_template`, `nginx_app_protect_security_policy_enforcement_mode`, `nginx_app_protect_log_policy_template_enable`, `nginx_app_protect_log_policy_template`, `nginx_app_protect_log_policy_filter_request_type`.
+* **The ability to dynamically create App Protect security and log policies via Jinja2 templates will be removed in the `0.6.0` release at some stage after June 2021 due to relative inflexibility.** The `nginx_app_protect_security_policy_file_enable`, `nginx_app_protect_security_policy_file_*`, `nginx_app_protect_log_policy_file_enable` and `nginx_app_protect_log_policy_file_*` variables should be used instead of the following variables which are to be removed: `nginx_app_protect_security_policy_template_enable`, `nginx_app_protect_security_policy_template`, `nginx_app_protect_security_policy_enforcement_mode`, `nginx_app_protect_log_policy_template_enable`, `nginx_app_protect_log_policy_template`, `nginx_app_protect_log_policy_filter_request_type`.
 
 FEATURES:
 
-*   Implement Release Drafter.
-*   Add warning re having to install NGINX Plus beforehand on Alpine distros if NGINX Plus releases a security patch.
+* Implement Release Drafter.
+* Add warning re having to install NGINX Plus beforehand on Alpine distros if NGINX Plus releases a security patch.
 
 ENHANCEMENTS:
 
-*   Changing the default policy directory from `/etc/nginx` to `/etc/app_protect/conf` to align with this change introduced in App Protect 3.2.
-*   Update Ansible base to `2.10.9`, Ansible Lint to `5.0.8`, yamllint to `1.26.1` and Docker Python SDK to `5.0.0`.
-*   Update the Ansible `community.general` collection to `3.0.2` and `community.docker` collection to `1.6.0`.
+* Changing the default policy directory from `/etc/nginx` to `/etc/app_protect/conf` to align with this change introduced in App Protect 3.2.
+* Update Ansible base to `2.10.9`, Ansible Lint to `5.0.8`, yamllint to `1.26.1` and Docker Python SDK to `5.0.0`.
+* Update the Ansible `community.general` collection to `3.0.2` and `community.docker` collection to `1.6.0`.
 
 ## 0.4.3 (April 6, 2021)
 
@@ -57,8 +57,9 @@ The `nginx_app_protect_version` variable has been removed, as it cannot be imple
 
 FEATURES:
 
-*   Add support for Dependabot.
-*   Replace Ansible community distribution with Ansible base and add the necessary extra collections as a dependency requirement. For reference, these are:
+* Add support for Dependabot.
+* Replace Ansible community distribution with Ansible base and add the necessary extra collections as a dependency requirement. For reference, these are:
+
     ```yaml
     ---
     collections:
@@ -67,22 +68,23 @@ FEATURES:
       - name: ansible.posix
         version: 1.2.0
     ```
-*   Explicitly list Jinja2 `2.11.3` as a requirement, as well as detail the minimum supported version (`2.11.x`).
-*   You can now specify an `nginx_app_protect_repository` for NGINX App Protect.
-*   You can now specify an `nginx_app_protect_security_updates_repository` for NGINX App Protect signatures and threat campaigns packages.
-*   You can now specify NGINX App Protect signatures and threat campaigns package versions using the `nginx_app_protect_signatures_version` and `nginx_app_protect_threat_campaigns_version` variables.
+
+* Explicitly list Jinja2 `2.11.3` as a requirement, as well as detail the minimum supported version (`2.11.x`).
+* You can now specify an `nginx_app_protect_repository` for NGINX App Protect.
+* You can now specify an `nginx_app_protect_security_updates_repository` for NGINX App Protect signatures and threat campaigns packages.
+* You can now specify NGINX App Protect signatures and threat campaigns package versions using the `nginx_app_protect_signatures_version` and `nginx_app_protect_threat_campaigns_version` variables.
 
 ENHANCEMENTS:
 
-*   Support for NGINX App Protect 3.1 -- Adds support for Debian 10, Ubuntu 20.04 and Alpine 3.10.
-*   Add test coverage for new platforms and testing scenario.
-*   Consolidate dependencies into a single tasks file.
-*   Remove requirement for `package_facts` module when using this role.
-*   Update Signatures repository URL.
-*   Update Ansible base to `2.10.7`, Ansible Lint to `5.0.6`, Molecule to `3.3.0`, yamllint to `1.26.0` and Docker Python SDK to `4.4.4`.
-*   Specify GitHub actions Ubuntu release.
-*   Minor GitHub template tweaks, including the creation of a SECURITY doc.
-*   Only run GitHub actions Galaxy CI/CD workflow when a new release is published.
+* Support for NGINX App Protect 3.1 -- Adds support for Debian 10, Ubuntu 20.04 and Alpine 3.10.
+* Add test coverage for new platforms and testing scenario.
+* Consolidate dependencies into a single tasks file.
+* Remove requirement for `package_facts` module when using this role.
+* Update Signatures repository URL.
+* Update Ansible base to `2.10.7`, Ansible Lint to `5.0.6`, Molecule to `3.3.0`, yamllint to `1.26.0` and Docker Python SDK to `4.4.4`.
+* Specify GitHub actions Ubuntu release.
+* Minor GitHub template tweaks, including the creation of a SECURITY doc.
+* Only run GitHub actions Galaxy CI/CD workflow when a new release is published.
 
 KNOWN ISSUES:
 
@@ -92,9 +94,9 @@ Service manager support is not included in NGINX App Protect for Alpine. When us
 
 ENHANCEMENTS:
 
-*   Replace TravisCI with GitHub actions.
-*   Update Ansible base to `2.10.4`, Ansible to `2.10.5`, Molecule to `3.2.2` and Docker Python SDK to `4.4.1`.
-*   Update copyright notice.
+* Replace TravisCI with GitHub actions.
+* Update Ansible base to `2.10.4`, Ansible to `2.10.5`, Molecule to `3.2.2` and Docker Python SDK to `4.4.1`.
+* Update copyright notice.
 
 BUG FIXES:
 
@@ -114,12 +116,12 @@ The ability to dynamically create App Protect security and log policies via Jinj
 
 ENHANCEMENTS:
 
-*   Add survey to README.
-*   Improve README structure and use tables where relevant.
-*   Update Ansible (now Ansible base) to `2.10.2`, Ansible (now Ansible Community Distribution) to `2.10.0`, and yamllint to `1.25.0`.
-*   Ability to deploy static security policy files via the `nginx_app_protect_security_policy_file_enable` and `nginx_app_protect_security_policy_file_*` variables. NOTE: `nginx_app_protect_configure` must be set to true.
-*   Ability to deploy static log policy files via the `nginx_app_protect_log_policy_file_enable` and `nginx_app_protect_log_policy_file_*` variables. NOTE: `nginx_app_protect_configure` must be set to true.
-*   Add CentOS/RHEL 7.9 to list of supported platforms.
+* Add survey to README.
+* Improve README structure and use tables where relevant.
+* Update Ansible (now Ansible base) to `2.10.2`, Ansible (now Ansible Community Distribution) to `2.10.0`, and yamllint to `1.25.0`.
+* Ability to deploy static security policy files via the `nginx_app_protect_security_policy_file_enable` and `nginx_app_protect_security_policy_file_*` variables. NOTE: `nginx_app_protect_configure` must be set to true.
+* Ability to deploy static log policy files via the `nginx_app_protect_log_policy_file_enable` and `nginx_app_protect_log_policy_file_*` variables. NOTE: `nginx_app_protect_configure` must be set to true.
+* Add CentOS/RHEL 7.9 to list of supported platforms.
 
 ## 0.3.2 (September 30, 2020)
 
@@ -131,19 +133,19 @@ Prevent TravisCI from trying to build (and failing) NGINX App Protect images on
 
 FEATURES:
 
-*   Two new variables have been introduced:
-    *   `nginx_app_protect_service_modify` -- Setting this variable to true/false will determine whether the default service timeout value gets modified.
-    *   `nginx_app_protect_log_policy_target` -- This variable is intended as an eventual replacement for `nginx_app_protect_log_policy_syslog_target` and allows using different destinations for NGINX App Protect's log files.
+* Two new variables have been introduced:
+  * `nginx_app_protect_service_modify` -- Setting this variable to true/false will determine whether the default service timeout value gets modified.
+  * `nginx_app_protect_log_policy_target` -- This variable is intended as an eventual replacement for `nginx_app_protect_log_policy_syslog_target` and allows using different destinations for NGINX App Protect's log files.
 
 ENHANCEMENTS:
 
 Split the default Molecule scenario into a simple and advanced scenario to solve timeout issues encountered in TravisCI.
 
 BUG FIXES:
 
-*   Rename handlers to use more specific role related naming and prevent namespace collision issues.
-*   Set NGINX handler to `state: restarted` to prevent some compatibility issues when NGINX App Protect is installed on an instance already running NGINX beforehand.
-*   Using `update_cache: true` by itself in the `apt` module is not always idempotent. Moved the NGINX App Protect installation task to a corresponding `apt` or `yum` module to avoid this scenario.
+* Rename handlers to use more specific role related naming and prevent namespace collision issues.
+* Set NGINX handler to `state: restarted` to prevent some compatibility issues when NGINX App Protect is installed on an instance already running NGINX beforehand.
+* Using `update_cache: true` by itself in the `apt` module is not always idempotent. Moved the NGINX App Protect installation task to a corresponding `apt` or `yum` module to avoid this scenario.
 
 ## 0.3.0 (September 21, 2020)
 
@@ -158,16 +160,17 @@ BREAKING CHANGES:
 FEATURES:
 
 A new variable has been introduced:
-*   `nginx_app_protect_setup_license` -- Determine whether you want to use this role to upload your NGINX App Protect license to your target host.
+
+* `nginx_app_protect_setup_license` -- Determine whether you want to use this role to upload your NGINX App Protect license to your target host.
 
 ENHANCEMENTS:
 
-*   Switch to using `ansible_facts` wherever possible.
-*   Simplified overall role structure by:
-    *   Reducing signing key setup tasks to a single file.
-    *   Merging all install steps to a single file.
-*   Added handlers to check for NGINX syntax validity and fail if any errors are detected.
-*   Update Ansible Lint to `4.3.5`.
+* Switch to using `ansible_facts` wherever possible.
+* Simplified overall role structure by:
+  * Reducing signing key setup tasks to a single file.
+  * Merging all install steps to a single file.
+* Added handlers to check for NGINX syntax validity and fail if any errors are detected.
+* Update Ansible Lint to `4.3.5`.
 
 ## 0.2.2 (September 15, 2020)
 
@@ -183,31 +186,31 @@ Fixed newly appearing linting issues in role.
 
 ENHANCEMENTS:
 
-*   Bring docs up to speed with other NGINX roles.
-*   Move some default variables into the vars subfolder.
+* Bring docs up to speed with other NGINX roles.
+* Move some default variables into the vars subfolder.
 
 ## 0.2.0 (September 10, 2020)
 
 BREAKING CHANGES:
 
-*   All of the variables have been updated to prevent naming collisions when using other roles. Please see README.MD for new variable names.
-*   Example playbook has been removed by collection authors in favor of using the Molecule configuration as a 'known-working' implementation.
+* All of the variables have been updated to prevent naming collisions when using other roles. Please see README.MD for new variable names.
+* Example playbook has been removed by collection authors in favor of using the Molecule configuration as a 'known-working' implementation.
 
 FEATURES:
 
-*   Molecule 3 testing foundation is in the project, and linting is being performed by TravisCI. Now time to write tests!
+* Molecule 3 testing foundation is in the project, and linting is being performed by TravisCI. Now time to write tests!
 
 ENHANCEMENTS:
 
-*   Huge refactoring by @alessfg to better unify this role with the structures present in the other nginxinc Ansible roles.
-*   Update Ansible to `2.9.13` and Ansible Lint to `4.3.4`.
-*   Explicitly defined mode in relevant tasks for breaking changes in Ansible.
-*   Role refactored to separate install and configure operations in preparation for an upcoming role split.
+* Huge refactoring by @alessfg to better unify this role with the structures present in the other nginxinc Ansible roles.
+* Update Ansible to `2.9.13` and Ansible Lint to `4.3.4`.
+* Explicitly defined mode in relevant tasks for breaking changes in Ansible.
+* Role refactored to separate install and configure operations in preparation for an upcoming role split.
 
 BUG FIXES:
 
-*   The CentOS, RHEL, Debian and Ubuntu repositories have slightly changed to respond to a NAP repository deprecation activity. You may run into some duplication issues when running the role on a preexisting target that already has had NGINX installed using the role. To fix this, manually remove the old repository source.
-*   The RHEL and CentOS repository setups were incorrectly using a static gpgkey instead of using the variable as a source.
+* The CentOS, RHEL, Debian and Ubuntu repositories have slightly changed to respond to a NAP repository deprecation activity. You may run into some duplication issues when running the role on a preexisting target that already has had NGINX installed using the role. To fix this, manually remove the old repository source.
+* The RHEL and CentOS repository setups were incorrectly using a static gpgkey instead of using the variable as a source.
 
 ## 0.1.0 (September 9, 2020)
 

CODE_OF_CONDUCT.md

@@ -67,10 +67,8 @@ members of the project's leadership.
 
 ## Attribution
 
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
-
-[homepage]: https://www.contributor-covenant.org
+This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org), version 1.4,
+available at <https://www.contributor-covenant.org/version/1/4/code-of-conduct.html>
 
 For answers to common questions about this code of conduct, see
-https://www.contributor-covenant.org/faq
+<https://www.contributor-covenant.org/faq>