feat: Import code for role

[radosroka]

Enhancement: Add initial code for the aide system role

[radosroka]

[citest]

[radosroka]

[citest]

[radosroka]

[citest]

[richm]

the template needs to be adjusted to fit your requirements;

What does this mean? Note that, in general, users will not be able to modify the template file. Was this in the original role? If so, then I guess that use case was different i.e. as a consultant, I need to install this role in a writable directory on the customers machine and modify and run the role as I require for my particular use case. This is definitely not the linux system roles use case, where the only thing the user may do is modify the inventory and the playbook, and provide files/templates - nothing else.

If we really want users to be able to provide custom configuration, then we should do either/both of these things:

1. Users can provide a list of configuration parameters that are written in the template
2. Users can provide their own aide.conf file or template

[radosroka]

the template needs to be adjusted to fit your requirements;

What does this mean? Note that, in general, users will not be able to modify the template file. Was this in the original role? If so, then I guess that use case was different i.e. as a consultant, I need to install this role in a writable directory on the customers machine and modify and run the role as I require for my particular use case. This is definitely not the linux system roles use case, where the only thing the user may do is modify the inventory and the playbook, and provide files/templates - nothing else.

If we really want users to be able to provide custom configuration, then we should do either/both of these things:

1. Users can provide a list of configuration parameters that are written in the template

2. Users can provide their own `aide.conf` file or template

Yeah, as you pointed out, this was designed originally for different use case. Let me evaluate options.

[radosroka]

In case user provides aide.conf should we prepend ansible_managed comment?

[richm]

In case user provides aide.conf should we prepend ansible_managed comment?

No - if the user provides the file, it is the responsibility of the user to mark the file as Ansible managed - this is the way all other system roles work

[radosroka]

@richm do you know why the tests are skipped after [citest]?

[richm]

1. all is not a valid specifier under EL - you must specify the major versions explicitly - so if aide is supported on EL 9 and 10, you must use

    - name: EL
      versions:
        - "9"
        - "10"

2. We have to use galaxy_tags now to specify platform support - support for platforms: is being deprecated - see fix: add support for EL10 .github#63 for additional information - this is why the template has explicit galaxy_tags - so if the aide role supports EL 9, 10, and Fedora, you need to have galaxy_tags like this:

  galaxy_tags:
    - el9
    - el10
    - fedora

[richm]

@richm do you know why the tests are skipped after [citest]?

Yes - the platforms and galaxy_tags in meta/main.yml need to be fixed - see https://github.com/linux-system-roles/aide/pull/3/files#r1832783551

[richm]

I don't know what ansible-lint is complaining about - just ignore it for now

[radosroka]

[citest]

[richm]

Looks like Testing Farm is having some issues right now

[richm]

[citest]

[radosroka]

[citest]

[radosroka]

[citest]

[radosroka]

[citest]

[radosroka]

[citest]

[radosroka]

[citest]

[radosroka]

[citest]

[radosroka]

[citest]

[radosroka]

[citest]

[spetrosi]

What else aide_db_template can be? I think this check is not required

[radosroka]

It can be user defined string or null by default.

[radosroka]

[citest]

[spetrosi]

Resolves: https://github.com/orgs/linux-system-roles/discussions/103