coulomb/railiance-infra
0
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity
45 Commits 1 Branch 0 Tags
b32dfd4f5a2c98e62bbdfcf1ea9d4662c1834d2d
Commit Graph

14 Commits

Author SHA1 Message Date
Bernd Worsch
6bb953090c feat: datetime reports, auto-commit on verify, register pruning EP 
- Include time in TAP report filename (ISO 8601: date + HHmmssZ)
- Add changed_when: false to report write task — verify play now shows
  changed=0 on a clean run (all green recap)
- make verify auto-commits new reports to repo after a passing run;
  exits non-zero before committing if assertions fail
- Register EP-RAIL-001: report pruning extension point for future
  implementation when reports/ accumulates beyond a threshold

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 16:44:06 +00:00
tegwick
8f5799553e feat: implement WP-0002 — Goss test suite, verify playbook, and ADR-002 
- goss/baseline.yaml: assertions for all spec/server-baseline.yaml items
  (packages, services, SSH config, UFW rules, admin user, fail2ban, HISTCONTROL)
- goss/vars/baseline-vars.yaml: parameterised ports and paths
- ansible/roles/goss/: installs Goss binary (v0.4.9), deploys tests,
  runs assertions in TAP format, fetches report to reports/
- ansible/playbooks/verify.yaml: playbook wrapping the goss role
- Makefile: add 'make verify' target; update 'make status' with hint
- docs/adr/ADR-002: formal repo boundary — railiance-hosts vs railiance-bootstrap
- workplans/RAIL-HO-WP-0002: registered workstream 8fed53c2, T03–T06 done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 12:38:48 +01:00
Bernd Worsch
2be5de2a3a feat: add server baseline spec, status command, and test suite workplan 
- Fix duplicate `converge` Makefile target (was causing warnings)
- Fix `make status` SSH hardening check (use grep on sshd_config instead
  of sshd -T which fails without hostkeys)
- Add `make status` target with connectivity, UFW, fail2ban, SSH checks
- Add spec/server-baseline.yaml — authoritative target-state spec for
  all managed nodes (firewall, SSH, services, packages, users)
- Add workplan RAIL-HO-WP-0002 for Goss test suite and repo boundary ADR

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 11:10:27 +00:00
Bernd Worsch
6957614fd7 feat: add make targets for convergence 2025-09-14 02:23:03 +00:00
Bernd Worsch
43455a4481 feat: add terraform-providers targets 2025-09-14 01:31:03 +00:00
Bernd Worsch
1da97ad867 build: first successfull plan, apply, destroy of server 2025-09-14 01:20:54 +00:00
Bernd Worsch
94b9bba11d fix: use the apikey 2025-09-14 00:24:48 +00:00
Bernd Worsch
7547513738 fix: apikey loading was broken 2025-09-14 00:11:27 +00:00
Bernd Worsch
59283fff6d fix: load api-key from secrets 2025-09-13 23:57:54 +00:00
Bernd Worsch
17c9963c0f fix: doctor target reports terraform now 2025-09-13 23:37:34 +00:00
Bernd Worsch
77c1323ae5 fix: Makefile target hooks makes precommit work finally 2025-09-13 21:58:19 +00:00
Bernd Worsch
2bcf4d2fda fix: broken inlining of python block moved to script 2025-09-13 23:46:48 +02:00
Bernd Worsch
bde4d85a52 chore: extended makefile with hooks target to set up pre-commit 2025-09-13 23:34:27 +02:00
Bernd Worsch
9860735f82 feat: initial import of RailianceHosts starter 2025-09-13 20:26:11 +02:00