Skip to content

Releases: simp/rubygem-simp-cli

Release of 7.0.0

20 Oct 20:46
@op-ct op-ct
7.0.0
c24a57c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release of 7.0.0 Latest
Latest

BREAKING CHANGES

  • simp kv:
    • Updated the simp kv command suite to work with simp-simpkv
      Puppet module version >= 0.8.0.
      • simp-simpkv 0.8.0 changed how global keys are accessed.
      • Only impacts sites that explicitly enabled the experimental
        simpkv capability.

Changed

  • simp config:
    • The LOCAL sssd domain is no longer needed for sssd to start. The
      sssd::domains value is now only set if the SIMP server is the LDAP server.
    • Updated LDAP configuration to use 389ds, when the SIMP server is the LDAP
      is on EL>7.
      • Configures the LDAP server to be the SIMP 389ds accounts instance
      • Configures the LDAP client to communicate with the 389ds server.
    • Moved the mechanism to set the SIMP server's grub password to Puppet.
      • The password is now set via simp_grub::password instead of
        grub::password.
    • Configure simp_options::ntp::servers instead of deprecated
      simp_options::ntpd::servers.
    • Bumped .gemspec dependencies to mitigate CVE-2020-8130 and
      CVE-2017-8418
    • Changed set/get from master to server in updates to the puppet
      configuration
    • Changed the check for puppetserver running from a fragile CRL query to the
      actual status endpoint and moved from curl to native net/http

Added

  • simp config:
    • Added option to configure a local user with ssh and sudo privileges
      to prevent server lockout, when SIMP is not installed from ISO.
      • Especially important for cloud instances when the user does not have
        console access.
      • Specified local user will be created if not already present.
      • If the specified local user exists and has authorized ssh keys, the keys
        will be copied to /etc/ssh/local_keys/, the default location of local user
        ssh authorized key files in SIMP.
        IMPORTANT: Any future updates to a users's ssh authorized key list must
        be made to the user's file in /etc/ssh/local_keys/.
    • Set the NTP server defaults for ntpd and chronyd.
      simp_options::ntp::servers is intended to be the default NTP server
      settings for a SIMP system, regardless of whether it uses ntpd or
      chronyd. However, the chrony module does not use simp_options,
      because it is not a SIMP-maintained module. To work around this,
      simp config was updated to set chrony::servers to an alias of
      simp_options::ntp::servers in hieradata.

Fixed

  • simp config:
    • Fixed a bug in which running simp config multiple times could result in
      multiple /etc/hosts entries for the puppetserver.
    • Check for both ntpd and chronyd settings when determining the OS defaults
      for simp_options::ntp::server, not just ntpd settings.

Removed

  • simp CLI:
    • Dropped support for Puppet 5
    • Removed support for EL6
    • Removed management of puppetdb components since it is no longer enabled by
      default.
Assets 11
Loading

Pre-release 7.0.0-pre2

06 Aug 17:32
@op-ct op-ct
7.0.0-pre2
c15517a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Pre-release 7.0.0-pre2 Pre-release
Pre-release

BREAKING CHANGES

  • simp kv:
    • Updated the simp kv command suite to work with simp-simpkv
      Puppet module version >= 0.8.0.
      • simp-simpkv 0.8.0 changed how global keys are accessed.
      • Only impacts sites that explicitly enabled the experimental
        simpkv capability.

Changed

  • simp config:
    • The LOCAL sssd domain is no longer needed for sssd to start. The
      sssd::domains value is now only set if the SIMP server is the LDAP server.
    • Updated LDAP configuration to use 389ds, when the SIMP server is the LDAP
      is on EL>7.
      • Configures the LDAP server to be the SIMP 389ds accounts instance
      • Configures the LDAP client to communicate with the 389ds server.
    • Moved the mechanism to set the SIMP server's grub password to Puppet.
      • The password is now set via simp_grub::password instead of
        grub::password.
    • Configure simp_options::ntp::servers instead of deprecated
      simp_options::ntpd::servers.
    • Bumped .gemspec dependencies to mitigate CVE-2020-8130 and
      CVE-2017-8418

Added

  • simp config:
    • Added option to configure a local user with ssh and sudo privileges
      to prevent server lockout, when SIMP is not installed from ISO.
      • Especially important for cloud instances when the user does not have
        console access.
      • Specified local user will be created if not already present.
      • If the specified local user exists and has authorized ssh keys, the keys
        will be copied to /etc/ssh/local_keys/, the default location of local user
        ssh authorized key files in SIMP.
        IMPORTANT: Any future updates to a users's ssh authorized key list must
        be made to the user's file in /etc/ssh/local_keys/.
    • Set the NTP server defaults for ntpd and chronyd.
      simp_options::ntp::servers is intended to be the default NTP server
      settings for a SIMP system, regardless of whether it uses ntpd or
      chronyd. However, the chrony module does not use simp_options,
      because it is not a SIMP-maintained module. To work around this,
      simp config was updated to set chrony::servers to an alias of
      simp_options::ntp::servers in hieradata.

Fixed

  • simp config:
    • Fixed a bug in which running simp config multiple times could result in
      multiple /etc/hosts entries for the puppetserver.
    • Check for both ntpd and chronyd settings when determining the OS defaults
      for simp_options::ntp::server, not just ntpd settings.

Removed

  • simp CLI:
    • Dropped support for Puppet 5
    • Removed support for EL6
Assets 7
Loading

Pre-release 7.0.0-pre1

05 Aug 01:38
@op-ct op-ct
7.0.0-pre1
a70f657
Compare
Choose a tag to compare
Pre-release 7.0.0-pre1 Pre-release
Pre-release

BREAKING CHANGES

  • simp kv:
    • Updated the simp kv command suite to work with simp-simpkv
      Puppet module version >= 0.8.0.
      • simp-simpkv 0.8.0 changed how global keys are accessed.
      • Only impacts sites that explicitly enabled the experimental
        simpkv capability.

Changed

  • simp config:
    • The LOCAL sssd domain is no longer needed for sssd to start. The
      sssd::domains value is now only set if the SIMP server is the LDAP server.
    • Updated LDAP configuration to use 389ds, when the SIMP server is the LDAP
      is on EL>7.
      • Configures the LDAP server to be the SIMP 389ds accounts instance
      • Configures the LDAP client to communicate with the 389ds server.
    • Moved the mechanism to set the SIMP server's grub password to Puppet.
      • The password is now set via simp_grub::password instead of
        grub::password.
    • Configure simp_options::ntp::servers instead of deprecated
      simp_options::ntpd::servers.
    • Bumped .gemspec dependencies to mitigate CVE-2020-8130 and
      CVE-2017-8418

Added

  • simp config:
    • Added option to configure a local user with ssh and sudo privileges
      to prevent server lockout, when SIMP is not installed from ISO.
      • Especially important for cloud instances when the user does not have
        console access.
      • Specified local user will be created if not already present.
      • If the specified local user exists and has authorized ssh keys, the keys
        will be copied to /etc/ssh/local_keys/, the default location of local user
        ssh authorized key files in SIMP.
        IMPORTANT: Any future updates to a users's ssh authorized key list must
        be made to the user's file in /etc/ssh/local_keys/.
    • Set the NTP server defaults for ntpd and chronyd.
      simp_options::ntp::servers is intended to be the default NTP server
      settings for a SIMP system, regardless of whether it uses ntpd or
      chronyd. However, the chrony module does not use simp_options,
      because it is not a SIMP-maintained module. To work around this,
      simp config was updated to set chrony::servers to an alias of
      simp_options::ntp::servers in hieradata.

Fixed

  • simp config:
    • Fixed a bug in which running simp config multiple times could result in
      multiple /etc/hosts entries for the puppetserver.
    • Check for both ntpd and chronyd settings when determining the OS defaults
      for simp_options::ntp::server, not just ntpd settings.

Removed

  • simp CLI:
    • Dropped support for Puppet 5
    • Removed support for EL6
Assets 7
Loading

Release of 6.1.1

16 Oct 14:13
@simp-auto simp-auto
6.1.1
c0578d0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release of 6.1.1 
* Thu Oct 15 2020 Trevor Vaughan <[email protected]> - 6.1.1
  - Change the local user lockout warning to have simpler instructions
Assets 9
Loading

Release of 6.1.0

14 Oct 19:35
@simp-auto simp-auto
6.1.0
580beed
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release of 6.1.0 
* Wed Oct 07 2020 Liz Nemsick <[email protected]> - 6.1.0
  - Updated SIMP internet repositories configured by 'simp config'
    - Now uses simp-project.com repositories via new
      ``simp::yum::repo::internet_simp`` class
    - The packagecloud repositories are no longer being updated.
  - Added instructions to the local user lockout warning message in the
    bootstrap lock file:
    - Explain how to create a metadata.json file with the correct module
      dependencies for the sample Puppet code.
    - Tell the user to check that they can ssh into the server with the new
      user after bootstrap but before rebooting. This step is imperative to
      ensure that the user can also get through Puppet-managed
      authentication!
  - Fixed the following:
    - Bug in which `simp config` did not allow DNS domains that did
      not include at least one '.'.  Domains are now validated
      per RFC 3696.
    - Typo in a simp cli message about applying FACLs.
    - Incorrect path for the location of the SIMP server hieradata file
      in the local user lockout warning message in the bootstrap lock file.
    - Missing instructions in the local user lockout warning message about
      adding `passwd => false` to `simp::user_specification` for users who
      log in without a password.
Assets 2
Loading

Release of 6.0.3

30 Sep 20:03
@simp-auto simp-auto
6.0.3
eccd8f6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release of 6.0.3 
* Wed Sep 30 2020 Liz Nemsick <[email protected]> - 6.0.3
  - Fixed a bug where 'simp config' recommended the wrong SSSD domain,
    when the SIMP server was not the LDAP server.  It recommended the
    'Local' domain, when the appropriate SIMP-created domain with the
    'local' (EL6) or 'files' (EL7) provider is 'LOCAL'.
Assets 2
Loading

Release of 6.0.2

29 Sep 12:15
@simp-auto simp-auto
6.0.2
bfdccbc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release of 6.0.2 
* Thu Sep 10 2020 Liz Nemsick <[email protected]> - 6.0.2
  - Fixed a typo in an error message emitted when `simp config` cannot
    proceed because the environment to configure already exists.
  - Fixed a bug in `simp environment new` in which the actual failure
    messages from a failed `setfacl --restore` execution are not logged.
  - Updated HighLine from version 1.7.8 to 2.0.3.
Assets 2
Loading

Release of 6.0.1

03 Sep 16:16
@simp-auto simp-auto
6.0.1
b23f44b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release of 6.0.1 
* Tue Sep 01 2020 Jeanne Greulich <[email protected]> - 6.0.1
  - Fix Rakefile issue that prevented RPM from being built from simp-core
Assets 2
Loading

Release 6.0.0

18 Aug 16:41
@simp-auto simp-auto
6.0.0
957e3ed
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 6.0.0 
* Thu Aug 13 2020 Trevor Vaughan <[email protected]> - 6.0.0
- Allow users to set the SIMP_ENVIRONMENT environment variable to change the
  initial environment from 'production' to a custom value
- Fixed an issue where --dry-run would prompt the user to apply instead of
  simply skipping to the (skipped) action items and then writing the
  ~/.simp/simp_conf.yaml file
- Ensure that `simp config` uses the `simp::classes` parameter instead
  of `classes` by default
- Accept both `simp::classes` and `classes` as valid existing configurations

* Fri Jan 03 2020 Liz Nemsick <[email protected]> - 6.0.0
- Added simp kv command family to allow users to manage and inspect
  entries in a simpkv key/value store
- simp passgen changes
  - Split into sub-commands for ease of use:
    - 'simp passgen envs': List environments that may have 'simplib::passgen'
      passwords
    - 'simp passgen list': List names of 'simplib::passgen' passwords
    - 'simp passgen remove': Remove 'simplib::passgen' passwords
    - 'simp passgen set': Set 'simplib::passgen' passwords
    - 'simp passgen show':  Show 'simplib::passgen' passwords and other
      stored attributes
  - Updated to work with simpkv-enabled simplib::passgen.  Automatically
    detects whether simplib::passgen is operating in legacy mode or
    simpkv mode in the specified environment, and then executes password
    operations using the appropriate mechanism for that mode.
  - When setting passwords, disabled libpwquality/cracklib validation of
    user-entered passwords, by default, because not all passwords managed
    by simplib::passgen are user passwords.  This validation can be
    re-enabled with the '--validate' option of the 'simp passgen set' command.
  - Added the following command line options when creating passwords
    - '--[no-]auto-gen': Whether to auto-generate new passwords.
    - '--complexity': Password complexity to use when a password is
      auto-generated. Corresponds to the complexity option of simplib::passgen.
    - '--[no-]complex-only': Whether to only use only complex characters
      when a password is auto-generated. Corresponds to the complex_only
      option of simplib::passgen.
      key/value store.
    - '--[no-]validate': Enabled validation of new passwords with
      libpwquality/cracklib.
    - '--length': Password length to use when a password is auto-generated.
  - Added '--[no-]details' option when showing password information.  When
    enabled, all available password information is displayed, not just the
    current and previous password values.
- simp config changes
  - Removed deprecated '--non-interactive' option.  Use '--force-defaults'
    instead.

* Fri Aug 30 2019 Trevor Vaughan <[email protected]> - 6.0.0
- Fix Puppet Enterprise support
Assets 2
Loading

Release of 5.0.3

07 Aug 19:37
@simp-auto simp-auto
5.0.3
44eaa3e
Compare
Choose a tag to compare
Release of 5.0.3 
* Wed Aug 07 2019 Liz Nemsick <[email protected]> - 5.0.3
  - Fix errata in instructions on how to prevent possible root lockout
    from the SIMP server.
Assets 2
Loading