SIMP 6.5.0

Release Notes for SIMP 6.5.0

JIRA Release Page

How to use this page

Go to the row of your module
If the "proposed version" is green, then it has been released and tagged
If the "proposed version" is blue, verify that the tests have all passed, bold the text
If the "proposed version" is bold, tag and release the component, and color the column green

Component Selection

BLUE	New version since last SIMP release
YELLOW	New component since last SIMP release
GRAY	Omitted component
WHITE	Same version as last SIMP release
RED	TBD: Outstanding problem
BOLD	Ready to release
BOLD ITALICS	Tag published but not verified as released
GREEN	New version tagged, Forge released, RPM released

	VERSION		TESTS		RELEASED
Component	6.5	6.4	Unit	Acceptance	Github	Puppet Forge	RPM	Changelog
adapter	2.0.0	1.0.1			released
environment-skeleton	7.2.0	7.1.0			released
gpgkeys	3.1.1	3.1.0			released
rsync-skeleton	7.0.4	7.0.1			released
rsync	6.2.1-2	6.2.1-2			released
rubygem-simp-cli	6.1.1	5.0.3			released
simp-core	6.5	6.4			unreleased
selinux-policy	1.0.0				released
utils	6.5.0	6.2.2			released
acpid	1.2.0	1.0.4			released
aide	6.4.2	6.3.0			released
at	0.1.0	0.0.7			released
auditd	8.6.2	8.4.0			released
autofs	7.0.0	6.2.0			released
chkrootkit	0.3.0	0.2.0			released
clamav	6.4.0	6.3.0			released
compliance_markup	3.1.3	3.0.1			released
cron	0.2.0	0.1.2			released
crypto_policy	0.1.2	N/A			released
dconf	0.1.0	0.0.3			released
deferred_resources	0.3.0	0.2.2			released
dhcp	6.2.0	6.1.1			released
fips	0.4.2	0.4.0			released
freeradius	8.1.1	8.0.1			released
gdm	7.2.3	7.2.0			released
gnome	8.1.2	8.1.0			released
haveged	0.6.0	0.5.0			released
hirs_provisioner	0.1.4	0.1.2			released
ima	0.3.0	0.2.0			released
incron	0.5.0	0.4.1			released
iptables	6.5.4	6.3.0			released
issue	0.2.0	0.1.1			released
krb5	7.1.0	7.0.5			released
libreswan	3.4.1	3.1.1			released
libvirt	5.3.0	5.2.2			released
logrotate	6.5.0	6.4.0			released
mate	1.1.1	1.0.2			released
mozilla	5.2.0	5.1.1			released
named	6.3.0	6.2.0			released
network	6.2.0	6.1.0			released
nfs	7.0.1	6.2.2			released
ntpd	6.5.1	6.5.0			released
oath	0.2.0	0.1.1			released
oddjob	2.2.0	2.1.1			released
openscap	6.3.0	6.2.1			released
pam	6.8.2	6.6.0			released
pki	6.2.0	6.1.1			released
polkit	6.3.0	6.1.2			released
postfix	5.5.0	5.3.0			released
pupmod	8.1.2	7.11.0			released
resolv	0.5.0	0.2.0			released
rkhunter	0.0.3	0.0.2			released
rsync	6.4.1	6.3.0			unreleased
rsyslog	7.6.4	7.5.0			released
selinux	2.6.2	2.5.0			released
simp	4.14.3	4.10.0			released
simp_apache	7.0.1	6.2.0			released
simp_banners	0.2.0	0.1.2			released
simp_bolt	0.3.0	0.1.1			released
simp_firewalld	0.1.2	N/A			released
simp_gitlab	0.6.0	0.4.0			released
simp_grub	0.2.1	0.1.1			released
simp_ipa	0.1.0	0.0.2			released
simp_nfs	1.0.1	0.2.0			released
simp_openldap	6.4.3	6.4.0			released
simp_options	1.4.1	1.3.0			released
simp_pki_service	0.3.1	0.2.0			released
simp_rsyslog	0.5.1	0.4.0			released
simp_snmpd	1.0.0	0.1.2			released
simpkv	0.7.1	--			released
simplib	4.6.2	3.15.3			released
ssh	6.11.1	6.8.1			released
sssd	6.3.1	6.2.0			released
stunnel	6.6.0	6.5.0			released
sudo	5.3.1	5.20			released
sudosh	6.2.1	6.1.1			released
svckill	3.6.1	3.5.0			released
swap	0.2.0	1.4.0			released
tcpwrappers	6.2.0	6.1.2			released
tftpboot	6.3.1	6.2.2			released
tlog	0.2.1	0.1.2			released
tpm	3.2.0	3.1.1			released
tpm2	0.3.1	0.2.0			released
tuned	0.2.1	0.1.1			released
upstart	6.1.1	6.0.5			released
useradd	0.4.1	0.3.0			released
vnc	7.1.1	7.0.1			released
vsftpd	7.4.0	7.3.0			released
x2go	0.3.0	0.2.1			released
xinetd	4.2.1	4.2.0			released

Non SIMP Components

Component	6.5	6.4
pupmod-camptocamp-kmod	2.5.0
pupmod-camptocamp-systemd	2.9.0
pupmod-herculesteam-augeasproviders_apache	N/A
pupmod-herculesteam-augeasproviders_core	2.6.0
pupmod-herculesteam-augeasproviders_grub	3.2.0
pupmod-herculesteam-augeasproviders_postgresql	removed
pupmod-herculesteam-augeasproviders_puppet	removed
pupmod-herculesteam-augeasproviders_shellvar	removed
pupmod-herculesteam-augeasproviders_ssh	3.3.0
pupmod-herculesteam-augeasproviders_sysctl	2.5.0
pupmod-onyxpoint-gpasswd	1.1.1
voxpupuli-yum	4.1.1
pupmod-puppetlabs-apache	5.5.0
pupmod-puppetlabs-concat	6.2.0
pupmod-puppetlabs-hocon	1.1.0
pupmod-puppetlabs-inifile	4.1.0
pupmod-puppetlabs-motd	4.1.0
pupmod-puppetlabs-mount_providers	removed
pupmod-puppetlabs-postgresql	6.6.0
puppetlabs-puppetdb	7.5.0
pupmod-puppetlabs-puppet_authorization	0.5.1
pupmod-puppetlabs-stdlib	6.2.0
pupmod-voxpupuli-firewalld	4.3.0	N/A
pupmod-aboe76-chrony	0.3.1	N/A
pupmod-herculesteam-augeasproviders_mounttab	removed
pupmod-herculesteam-augeasproviders_nagios	removed
pupmod-herculesteam-augeasproviders_pam	removed
pupmod-puppet-posix_acl	1.0.1
pupmod-puppet-snmp	5.1.1
pupmod-puppetlabs-java	6.2.0
pupmod-puppetlabs-mysql	10.4.0
pupmod-puppetlabs-ruby_task_helper	0.3.0
pupmod-puppetlabs-translate	2.1.0
pupmod-saz-locales	2.5.1
pupmod-treydock-kdump	0.4.1

Release Testing Procedure

The full release testing procedure is documented in the Official SIMP Docs.

Puppet Versions Testing

Puppet version for GitLab and TravisCI

Puppet modules will be tested in GitLab and TravisCI with the following versions:

Puppet version for simp-core (integration) and SIMP ISO testing

Release	Puppet	Ruby	Notes
SIMP 6.5.0			Version to be included in SIMP 6.5.0 ISOs

Release	Puppet	Ruby	Notes
PE 2019.8	6.16.0	2.4.10	Version to be included in SIMP 6.5.0 ISOs
PE 2019.8	6.16.0	2.5.8	New PE LTS

OS Versions For Testing

SIMP acceptance tests will be executed with the following OS versions:
- CentOS 7.8 (2003)
- CentOS 8.2 (2004) Client Only. Puppet Server and ISO in next release.
- CentOS 6.10 - EOL Nov 2020 not all new modules will work.
- RedHat 7.8
- RedHat 6.10 - EOL
- OracleLinux 7.8
- OracleLinux 6.10 -
SIMP 6.5.0 ISOs for CentOS 7.8 will be built
SIMP 6.5.0 modules will work on CentOS 7 and 8 clients. Where possible they will be updated for CentOS6.10. A list modules not compatible with 6.10 will be provided.
If licenses are available, SIMP 6.5.0 ISOs for RedHat 7.8 will be built and tested.

Tests - New/Changed Features

The tests in this section focus on new features or major, SIMP-wide changes.

Legend:

- Means this version needs to be tested (if in 6.5 it means it is not version specific and only needs to be done for the release.)

- This version does not need to be tested.

- Testing probably sufficient from other versions.

- Testing has failed.

- Testing completed and Passed.

blank - This test is not OS specific

green	these test are automated

	Component	Test	Required Tasks	Notes
1	simp-core	Verify Puppet File matches release versions		This must be completed before any other tests are done
2	installation	Verify installation from RPM
3	simp-core	Create and verify Changelog.rst		This addresses STIG updates and Compliance Markup modules changes.
4	simp-doc,	'Upgrading SIMP' has an entry for the latest version and is correct
5	simp-integration_test	SIMP server upgrade from RPM using the upgrade instructions. Document any steps that are needed outside the ordinary upgrade. Then, if there are additional steps, have someone else use the docs to do the upgrade to verify.		See simp-integration_test for automated upgrade test. this should be done for servers in both FIPS and NOFIPS mode.
6	RPMs and Released Modules	Dogfooding		Or "drink your own home brew", which ever you prefer. CentOS 7: SIMP server and SIMP client CentOS 6: SIMP client only
7	Final RPM testing	Run the simp-core install_from_rpm test and versify that it passes. This will pull the packages from packagecloud.io and do an install.	RPMs have been uploaded to packagecloud	in simp-core run SIMP_BEAKER_OS=oel beaker:suites[install_from_rpm] beaker:suites[install_from_rpm] beaker:suites[install_from_rpm,el6_server] SIMP_BEAKER_OS=oel beaker:suites[install_from_rpm,el6_server] and then do it all again with BEAKER_fips=yes
8	Puppet Forge Testing	run the simp-core test install_from_core_module test to test the modules pushed to Puppet Forge	After modules have been tag with an annotated tag	in simp-core run beaker:suites[install_from_core_module] SIMP_BEAKER_OS=oel beaker:suites[install_from_core_module] beaker:suites[install_from_core_module,el6_server] SIMP_BEAKER_OS=oel beaker:suites[install_from_core_module,el6_server] and then do it all again with BEAKER_fips=yes

Tests - Regression/Integration Testing

The tests in this section are regression tests to ensure unmodified capabilities still function. These tests should use the packer boxes created in the New/Changed Feature tests, were applicable.

Note that most of these tests should eventually be automated by simp-packer, simp-integration_test, or simp-core tests so check there and remove them from these list as they are automated elsewhere.

	Test	Notes
1	Verify non-standard BIOS boot options from the ISO: choose own partitions minimum installation	(SIMP, FIPS and Encryption are all tested by Packer.)
2	Verify all boot Options in UEFI mode from ISO: FIPS no-FIPS FIPS+Encrypted FIPS+choose own partitions minimum
3	PXE Boot Testing BIOS	test booting clients from EL7 server and EL6 server.
4	PXE Boot Testing UEFI
5	Bootstrap simp-lite scenario
6	Verify simp-lite operations: login operations (PAM, LDAP, local user) NFS operations (home directory) logging operations (rsyslog) auditing operations	test EL6 server from and upgraded server.
7	Bootstrap poss scenario
8	Bootstrap run-once scenario
9	Verify ability to switch FIPS from on to off	Switching from off to on is known to have problems because of ciphers.
10	Verify ability to turn on and off auditing and selinux
11	General Review of documentation: Getting Started User Guide HOW TOs FAQS
12	simp-utils: executables that are not tested otherwise work as advertised `unpack_dvd`	The following have acceptance tests that simply need to be executed: `gen_ldap_update` `updaterepos`

Open Issues Assigned to Release 6.5.0

key	summary	type	updated	assignee	status	reporter

Loading...

Refresh

SIMP Development