Merge pull request #177 from cyberark/release-1.2.0

Bump version to 1.2.0
cyberark · Sep 9, 2022 · c193944 · c193944
2 parents a65b3bd + efb6644
commit c193944
Show file tree

Hide file tree

Showing 5 changed files with 59 additions and 22 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,22 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+## [1.2.0] - 2020-09-01
+
+### Added
+- Add `state` variable to Conjur Ansible role, which can be used to cleanup
+  configuration and identity artifacts created on managed nodes.
+  [cyberark/ansible-conjur-collection#176](https://github.com/cyberark/ansible-conjur-collection/pull/176)
+
+### Changed
+- Lookup plugin now retries variable retrieval 5 times before accepting a
+  failure response.
+  [cyberark/ansible-conjur-collection#60](https://github.com/cyberark/ansible-conjur-collection/pull/60)
+
+### Removed
+- End support for Python 2.
+  [cyberark/ansible-conjur-collection#69](https://github.com/cyberark/ansible-conjur-collection/pull/69)
+
 ## [1.1.0] - 2020-12-29
 
 ### Added
@@ -59,7 +75,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Migrated code from Ansible conjur_variable lookup plugin
 - Added support to configure the use of the plugin via environment variables
 
-[Unreleased]: https://github.com/cyberark/ansible-conjur-collection/compare/v1.1.0...HEAD
+[Unreleased]: https://github.com/cyberark/ansible-conjur-collection/compare/v1.2.0...HEAD
+[1.2.0]: https://github.com/cyberark/ansible-conjur-collection/compare/v1.1.0...v1.2.0
 [1.1.0]: https://github.com/cyberark/ansible-conjur-collection/compare/v1.0.7...v1.1.0
 [1.0.7]: https://github.com/cyberark/ansible-conjur-collection/compare/v1.0.6...v1.0.7
 [1.0.6]: https://github.com/cyberark/ansible-conjur-collection/compare/v1.0.5...v1.0.6

diff --git a/README.md b/README.md
@@ -28,10 +28,13 @@ http://ecotrust-canada.github.io/markdown-toc/ -->
 
 ## Certification Level
 
-![](https://img.shields.io/badge/Certification%20Level-Community-28A745?link=https://github.com/cyberark/community/blob/main/Conjur/conventions/certification-levels.md)
+![](https://img.shields.io/badge/Certification%20Level-Certified-6C757D?link=https://github.com/cyberark/community/blob/main/Conjur/conventions/certification-levels.md)
 
-This repo is a **Community** level project. It's a community contributed project that **is not reviewed or supported
-by CyberArk**. For more detailed information on our certification levels, see [our community guidelines](https://github.com/cyberark/community/blob/main/Conjur/conventions/certification-levels.md#community).
+This repo is a **Certified** level project. It's been reviewed by CyberArk to
+verify that it will securely work with CyberArk Enterprise as documented. In
+addition, CyberArk offers Enterprise-level support for these features. For more
+detailed information on our certification levels, see
+[our community guidelines](https://github.com/cyberark/community/blob/main/Conjur/conventions/certification-levels.md#community).
 
 ## Requirements
 
@@ -73,20 +76,20 @@ manner.
 
 ### Role Variables
 
-* `conjur_appliance_url` _(Optional)_: URL of the running Conjur service
-* `conjur_account` _(Optional)_: Conjur account name
-* `conjur_host_factory_token` _(Optional)_: [Host
+* `conjur_appliance_url` _(Required)_: URL of the running Conjur service
+* `conjur_account` _(Required)_: Conjur account name
+* `conjur_host_factory_token` _(Required)_: [Host
   Factory](https://developer.conjur.net/reference/services/host_factory/) token for layer
   enrollment. This should be specified in the environment on the Ansible controlling host.
-* `conjur_host_name` _(Optional)_: Name of the host to be created.
+* `conjur_host_name` _(Required)_: Name of the host to be created.
 * `conjur_ssl_certificate`: Public SSL certificate of the Conjur endpoint
 * `conjur_validate_certs`: Boolean value to indicate if the Conjur endpoint should validate
   certificates
+* `state`: Specifies whether to install of uninstall the Role on the specified nodes
 * `summon.version`: version of Summon to install. Default is `0.8.2`.
 * `summon_conjur.version`: version of Summon-Conjur provider to install. Default is `0.5.3`.
 
-The variables marked with _`(Optional)`_ are not required fields. All other variables are required
-for running with an HTTPS Conjur endpoint.
+The variables not marked _`(Required)`_ are required for running with an HTTPS Conjur endpoint.
 
 ### Example Playbook
 
@@ -108,6 +111,18 @@ This example:
   defined for the provided host factory token.
 - Installs Summon with the Summon Conjur provider for secret retrieval from Conjur.
 
+### Role Cleanup
+
+Executing the following playbook will clean up configuration and identity files
+written to the specified remote nodes, as well as uninstalling Summon and the
+Summon Conjur provider:
+```yml
+- hosts: servers
+  roles:
+    - role: cyberark.conjur.conjur_host_identity
+      state: absent
+```
+
 ### Summon & Service Managers
 
 With Summon installed, using Conjur with a Service Manager (like systemd) becomes a snap. Here's a

diff --git a/ci/build_release b/ci/build_release
@@ -2,11 +2,13 @@
 
 set -euo pipefail
 
-CURRENT_DIR="$(cd "$(dirname "$BASH_SOURCE")"; pwd)"
+TOP_LEVEL_DIR="$(cd "$(dirname "$BASH_SOURCE")"; pwd)/.."
 
-pushd "$CURRENT_DIR/.." >/dev/null
+pushd "$TOP_LEVEL_DIR" >/dev/null
   docker run --rm -t \
-    -v "$CURRENT_DIR/..:/runner" \
-    ansible/ansible-runner \
-    ansible-galaxy collection build --force
-popd  >/dev/null
+    -v "$TOP_LEVEL_DIR:/collection" \
+    python:3 /bin/bash -c "
+      pip install ansible
+      ansible-galaxy collection build --force --output /collection/. /collection
+    "
+popd >/dev/null
diff --git a/ci/publish_to_galaxy b/ci/publish_to_galaxy
@@ -5,11 +5,14 @@ set -euo pipefail
 # Strip the 'v' from the Tag Name
 TAG=${TAG_NAME//"v"}
 
-CURRENT_DIR="$(cd "$(dirname "$BASH_SOURCE")"; pwd)"
+TOP_LEVEL_DIR="$(cd "$(dirname "$BASH_SOURCE")"; pwd)/.."
 
-pushd "$CURRENT_DIR/.." >/dev/null
+pushd "$TOP_LEVEL_DIR" >/dev/null
   docker run --rm -t \
-    -v "$CURRENT_DIR/..:/runner" \
-    ansible/ansible-runner \
-    ansible-galaxy collection publish --api-key="${GALAXY_API_KEY}" /runner/cyberark-conjur-${TAG}.tar.gz
+    -e GALAXY_API_KEY \
+    -v "$TOP_LEVEL_DIR:/collection" \
+    python:3 /bin/bash -c "
+      pip install ansible
+      ansible-galaxy collection publish --api-key \${GALAXY_API_KEY} /collection/cyberark-conjur-${TAG}.tar.gz
+    "
 popd  >/dev/null
diff --git a/galaxy.yml b/galaxy.yml
@@ -1,6 +1,6 @@
 namespace: "cyberark"
 name: "conjur"
-version: "1.1.0"
+version: "1.2.0"
 readme: README.md
 authors:
     - CyberArk Business Development (@cyberark-bizdev)