Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use new hardening role #93

Merged
merged 13 commits into from
Dec 21, 2023
Merged

Use new hardening role #93

merged 13 commits into from
Dec 21, 2023

Conversation

jsf9k
Copy link
Member

@jsf9k jsf9k commented Nov 3, 2023
edited
Loading

🗣 Description

This pull requests switches to the new cisagov/ansible-role-hardening-2 that @bra1ncramp created.

💭 Motivation and context

The new hardening role takes care of some security findings that were identified by the security team.

🧪 Testing

All automated tests pass. I also built and deployed a new AMI with these changes for our staging COOL environment. I was able to verify that the new AMI still functions as intended.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.
  • Build and test a new staging AMI with these changes.

✅ Pre-merge checklist

✅ Post-merge checklist

  • Create a release.

@jsf9k jsf9k added improvement This issue or pull request will add or improve functionality, maintainability, or ease of use version bump This issue or pull request increments the version number dependencies Pull requests that update a dependency file security This issue or pull request addresses a security issue labels Nov 3, 2023
@jsf9k jsf9k self-assigned this Nov 3, 2023
@jsf9k jsf9k force-pushed the improvement/use-new-hardening-role branch from 7cf5da9 to bbb4d49 Compare November 3, 2023 15:27
@jsf9k jsf9k mentioned this pull request Nov 3, 2023
Merged
4 tasks
@jsf9k
Copy link
Member Author

jsf9k commented Nov 3, 2023

I verified that using these changes results in an OpenVPN AMI that functions as expected

@jsf9k jsf9k marked this pull request as ready for review November 3, 2023 21:10
@jsf9k jsf9k requested a review from a team November 3, 2023 21:10
dav3r
dav3r approved these changes Nov 6, 2023
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 👍

@jsf9k jsf9k enabled auto-merge December 21, 2023 22:33
@jsf9k jsf9k merged commit 529d8e8 into develop Dec 21, 2023
9 checks passed
@jsf9k jsf9k deleted the improvement/use-new-hardening-role branch December 21, 2023 23:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dv4harr10 dv4harr10 dv4harr10 approved these changes

@dav3r dav3r dav3r approved these changes

@jasonodoom jasonodoom jasonodoom approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

Assignees

@jsf9k jsf9k

Labels
dependencies Pull requests that update a dependency file improvement This issue or pull request will add or improve functionality, maintainability, or ease of use security This issue or pull request addresses a security issue version bump This issue or pull request increments the version number
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jsf9k @jasonodoom @dav3r @dv4harr10