Open Stack

Hey Major,

This sounds like a great next step.  It might also be cool to set up
Vagrant to pull Ubuntu 14.04, grab Ansible, and run the scripts on it.
I'll carve out a few hours early next week and have a crack at it.

-Travis




On 11/6/15, 10:59 PM, Major Hayden wrote:

>Hello there,
>
>At this moment, openstack-ansible-security[1] is feature complete and
>all of the Ansible tasks and documentation for the STIGs are merged.
>Exciting!
>
>I've done lots of work to ensure that the role uses sane defaults so
>that it can be applied to the majority of OpenStack deployments without
>disrupting services.  It only supports Ubuntu 14.04 for now, but that's
>openstack-ansible's supported platform as well.
>
>I'd like to start by adding it to the gate-check-commit.sh script so
>that the security configurations are applied prior to running tempest.
>This should hopefully catch any defaults that could be disruptive in an
>openstack-ansible environment.  If that works, I'd like to add it to
>the run-playbooks.sh script so that it runs for all deployments
>(toggled via a configuration option, of course).
>
>Does that seem like a decent plan?  Let me know if that makes sense
>and I'll get to work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5465 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20151107/a498c1b6/attachment.bin>