diff --git a/.travis.yml b/.travis.yml index 29b23a5..3152582 100644 --- a/.travis.yml +++ b/.travis.yml @@ -32,13 +32,13 @@ jobs: - language: 'node_js' node_js: 'lts/*' env: 'Lint' - name: 'Lint: salt-lint, yamllint, rubocop & commitlint' + name: 'Lint: salt-lint, yamllint, rubocop, shellcheck & commitlint' before_install: 'skip' script: # Install and run `salt-lint` - pip install --user salt-lint - - git ls-files | grep '\.sls$\|\.jinja$\|\.j2$\|\.tmpl$\|\.tst$' - | xargs salt-lint + - git ls-files -- *.sls *.jinja *.j2 *.tmpl *.tst + | xargs salt-lint # Install and run `yamllint` # Need at least `v1.17.0` for the `yaml-files` setting - pip install --user yamllint>=1.17.0 @@ -46,6 +46,10 @@ jobs: # Install and run `rubocop` - gem install rubocop - rubocop -d + # Run `shellcheck` (already pre-installed in Travis) + - shellcheck --version + - git ls-files -- *.sh *.bash *.ksh + | xargs shellcheck # Install and run `commitlint` - npm i -D @commitlint/config-conventional @commitlint/travis-cli diff --git a/docs/README.rst b/docs/README.rst index ab3678f..3c81ce0 100644 --- a/docs/README.rst +++ b/docs/README.rst @@ -16,6 +16,30 @@ fail2ban-formula ``fail2ban`` scans log files for malicious activity and executes actions based on what it finds. +.. list-table:: + :name: banner-breaking-changes-v1.0.0 + :header-rows: 1 + :widths: 1 + + * - WARNING: BREAKING CHANGES IN UPCOMING ``v1.0.0`` + * - This formula currently provides two methods for managing Fail2Ban; the old method + under ``fail2ban`` and the new method under ``fail2ban.ng``. + In upcoming `v1.0.0 `_, + the old method will be removed and ``fail2ban.ng`` will be promoted to ``fail2ban`` in its place. + + If you are not in a position to migrate, you will need to pin your repo to + the final release tag before + `v1.0.0 `_, + which is expected to be + `v0.16.3 `_. + + If you are currently using ``fail2ban.ng``, there is nothing to do until + `v1.0.0 `_ + is released. + + To migrate from the old ``fail2ban``, the first step is to convert to ``fail2ban.ng``, + before `v1.0.0 `_ + is released. .. contents:: **Table of Contents** diff --git a/fail2ban/config.sls b/fail2ban/config.sls index d065859..a9574da 100644 --- a/fail2ban/config.sls +++ b/fail2ban/config.sls @@ -1,6 +1,7 @@ {% from "fail2ban/map.jinja" import fail2ban with context %} include: + - fail2ban.deprecated - fail2ban {{ fail2ban.prefix }}/etc/fail2ban/fail2ban.local: diff --git a/fail2ban/deprecated.sls b/fail2ban/deprecated.sls new file mode 100644 index 0000000..09a2a0d --- /dev/null +++ b/fail2ban/deprecated.sls @@ -0,0 +1,41 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Evaluating as `False` by default, using this method since `defaults.yaml` not available in this repo #} +{%- if not salt['config.get']('fail2ban', {}).get('warning_messages', {}).get('v1.0.0', {}).get('mute_critical', False) %} +fail2ban-deprecated-in-v1.0.0-test-succeed: + test.succeed_without_changes: + - name: | + + ################################################################################ + # # + # WARNING: BREAKING CHANGES IN UPCOMING VERSION `v1.0.0` # + # # + ################################################################################ + # # + # This formula currently provides two methods for managing Fail2Ban; the old # + # method under `fail2ban` and the new method under `fail2ban.ng`. In upcoming # + # `v1.0.0`, the old method will be removed and `fail2ban.ng` will be promoted # + # to `fail2ban` in its place. # + # # + # If you are not in a position to migrate, you will need to pin your repo to # + # the final release tag before `v1.0.0`, which is expected to be `v0.16.3`. # + # # + # If you are currently using `fail2ban.ng`, there is nothing to do until # + # `v1.0.0` is released. # + # # + # To migrate from the old `fail2ban`, the first step is to convert to # + # `fail2ban.ng`, before `v1.0.0` is released. # + # # + # To prevent this message being displayed again, set the pillar/config value: # + # # + # ``` # + # fail2ban: # + # warning_messages: # + # v1.0.0: # + # mute_critical: true # + # ``` # + # # + ################################################################################ + # - failhard: True +{%- endif %} diff --git a/fail2ban/init.sls b/fail2ban/init.sls index f3f917d..3c8f3c8 100644 --- a/fail2ban/init.sls +++ b/fail2ban/init.sls @@ -1,5 +1,8 @@ {% from "fail2ban/map.jinja" import fail2ban with context %} +include: + - fail2ban.deprecated + fail2ban: pkg.installed: - name: {{ fail2ban.package }} diff --git a/fail2ban/ng/config.sls b/fail2ban/ng/config.sls index 7fad6da..4f4ae1d 100644 --- a/fail2ban/ng/config.sls +++ b/fail2ban/ng/config.sls @@ -1,6 +1,9 @@ # -*- coding: utf-8 -*- # vim: ft=sls +include: + - fail2ban.deprecated + {% from "fail2ban/ng/map.jinja" import fail2ban with context %} fail2ban.ng.config.fail2ban: diff --git a/fail2ban/ng/init.sls b/fail2ban/ng/init.sls index 2bdc897..1da16a6 100644 --- a/fail2ban/ng/init.sls +++ b/fail2ban/ng/init.sls @@ -2,6 +2,7 @@ # vim: ft=sls include: + - fail2ban.deprecated - fail2ban.ng.install - fail2ban.ng.config - fail2ban.ng.service diff --git a/fail2ban/ng/install.sls b/fail2ban/ng/install.sls index c269bfc..48ecc5a 100644 --- a/fail2ban/ng/install.sls +++ b/fail2ban/ng/install.sls @@ -3,6 +3,9 @@ {% from "fail2ban/ng/map.jinja" import fail2ban with context %} +include: + - fail2ban.deprecated + fail2ban.ng.install: pkg.installed: - name: {{ fail2ban.package }} diff --git a/fail2ban/ng/service.sls b/fail2ban/ng/service.sls index caf7352..26d24d3 100644 --- a/fail2ban/ng/service.sls +++ b/fail2ban/ng/service.sls @@ -3,6 +3,9 @@ {% from "fail2ban/ng/map.jinja" import fail2ban with context %} +include: + - fail2ban.deprecated + fail2ban.ng.service: {% if ( 'enabled' in fail2ban and fail2ban.enabled ) or ('enabled' not in fail2ban ) %} service.running: diff --git a/pillar.example b/pillar.example index 98b5880..79fec9d 100644 --- a/pillar.example +++ b/pillar.example @@ -2,6 +2,9 @@ # vim: ft=yaml --- fail2ban: + warning_messages: + v1.0.0: + mute_critical: false lookup: config: loglevel: ERROR diff --git a/pre-commit_semantic-release.sh b/pre-commit_semantic-release.sh index 9d34d74..4f4b24a 100755 --- a/pre-commit_semantic-release.sh +++ b/pre-commit_semantic-release.sh @@ -14,9 +14,9 @@ sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA sudo -H pip install m2r # Copy and then convert the `.md` docs -cp *.md docs/ -cd docs/ -m2r --overwrite *.md +cp ./*.md docs/ +cd docs/ || exit +m2r --overwrite ./*.md # Change excess `H1` headings to `H2` in converted `CHANGELOG.rst` sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst @@ -28,3 +28,15 @@ sed -i -e '1,4s/-/=/g' CHANGELOG.rst # Return back to the main directory cd .. + + +############################################################################### +# (C) Update last version before `v1.0.0` with `${nextRelease.version}` +############################################################################### +# Only apply this while the version number is below `v1.0.0`! +V_REPR=v${1} +MAJOR=$(echo "${V_REPR}" | cut -c-2) +if [ "${MAJOR}" = "v0" ]; then + sed -i -e "s@^\(\s\+\`\).*\(\s\`_\.\)@\1${V_REPR}\2${V_REPR}\3@" docs/README.rst + sed -i -e "s@^\(\s\+# the final release tag before \`v1.0.0\`, which is expected to be \`\).*\(\`.\s\+#\)@\1${V_REPR}\2@" fail2ban/deprecated.sls +fi diff --git a/release.config.js b/release.config.js index 6af7aa8..cb42175 100644 --- a/release.config.js +++ b/release.config.js @@ -14,7 +14,7 @@ module.exports = { prepareCmd: 'sh ./pre-commit_semantic-release.sh ${nextRelease.version}', }], ['@semantic-release/git', { - assets: ['*.md', 'docs/*.rst', 'FORMULA'], + assets: ['*.md', 'docs/*.rst', 'FORMULA', 'fail2ban/deprecated.sls'], }], '@semantic-release/github', ],