8000 Release Version 2.0.0 · ahuffman/ansible-sudoers · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Version 2.0.0
Compare
Choose a tag to compare
@ahuffman ahuffman released this 09 Jul 14:18
· 14 commits to master since this release
2.0.0
e3fd11f

Version 2.0.0

Into the Future

Version 2.0.0 is a major rewrite of the old role code. The revamp allows us to better represent the data, as well as allows us to align with the ahuffman.scan_sudoers role. This allows for migration of running configurations to new systems, as well as quicker time to deployment by automatic generation of the sudoers_files variable off of an existing running configuration.

Changes

  • Variables redesigned to be more declarative for each sudoers file
    • Each file has a path key which defines where the file gets deployed VS. creating include files off of an alias name
  • Unnecessary variables dropped
    • Several variables were dropped since the new data structures are more flexible and declarative, many were no longer required, or made no sense in the new scheme
    • All variables were slightly renamed to prevent users coming from versions 1.0.x to purposefully break in case they were deploying the role from Galaxy without a tag or version specified in their automation
      • Allows users a chance to evaluate and adopt version 2.0.0+ in the future without breaking configurations
  • Data structure of sudoers file specifications redesigned
  • Jinja2 Templates were able to be reduced to a single file
    • Each item in the sudoers_files variable will define how this template is implemented
    • Allows for more freedom in what you want in each included file as well as the default /etc/sudoers file
  • Documentation rewritten and reformatted for all changes
    • New playbook examples added
    • Example of migration of a running sudoers configuration added
    • How to build the required data format from existing running configuration added with ahuffman.scan_sudoers role
  • Backup style changed to fetch to Ansible Control Node VS. backup of files on remote file-systems (prevents accidental inclusion of old files in included directories)
    • This comes with a configurable sudoers_backup_path variable to define the path where remote backups are pulled to prior to changes of the running configurations.
  • Default sudoers_files definition aligned with a RHEL7.6 default /etc/sudoers configuration
  • Configurable visudo binary path for validation of sudoers configurations. Default set to /usr/sbin/visudo which should work for most Operating System flavors
  • Better representation of sudoers_files via new data structure of the /etc/sudoers and related included files.
  • Ansible 2.8.x best-practices and syntax have been adopted
Assets 2
Loading
0