chore!: Remove support for RHEL 7 based distributions (#304)

.github/CODEOWNERS

@@ -1,5 +1,5 @@
 # Main global owner #
 #####################
-* @alessfg @aknot242
+* @alessfg
 /.github/workflows/
 *.md

CHANGELOG.md

@@ -1,11 +1,15 @@
 # Changelog
 
-## 0.9.1 (Unreleased)
+## 0.10.0 (Unreleased)
+
+BREAKING CHANGES:
+
+- Remove support for RHEL 7 based distributions (RHEL/CentOS/Oracle Linux 7). CentOS 7 has reached EoL, RHEL 7 has reached EoM, and Oracle Linux 7 will reach EoL shortly. These distributions will not be supported by new NGINX App Protect releases moving forward. If you are still using one of these distributions, please consider upgrading. If you still want to use this role for the time being, please use the previous release (0.9.0). Do note that you will only be able to use NGINX App Protect versions released as of the date of the aforementioned release (January 29, 2023).
 
 FEATURES:
 
-- Add support for installing NGINX App Protect WAF on Alpine Linux 3.16/3.17, RHEL 9, and Ubuntu jammy.
-- Remove support for installing NGINX App Protect WAF on Ubuntu bionic.
+- Add support for installing NGINX App Protect WAF on Alpine Linux 3.17, RHEL 9, and Ubuntu jammy.
+- Remove support for installing NGINX App Protect WAF/DoS on Alpine Linux 3.15/3.16 and Ubuntu bionic.
 
 ENHANCEMENTS:
 
@@ -44,7 +48,7 @@ BUG FIXES:
 TESTS:
 
 - Update GitHub actions to run on Ubuntu 22.04 (and thus support `cgroups` v2).
-- Explicitly specify `amd64` as the platform used in Molecule tests. This will ensure that tests work as expected when run on different host architectures (e.g. newer Macbooks with `arm` processors).
+- Explicitly specify `x86_64` as the platform used in Molecule tests. This will ensure that tests work as expected when run on different host architectures (e.g. newer Macbooks with `arm` processors).
 
 ## 0.8.1 (September 28, 2022)
 

README.md

@@ -91,12 +91,9 @@ The NGINX App Protect Ansible role supports all platforms supported by [NGINX Pl
 ```yaml
 Amazon Linux 2:
   - any
-CentOS:
-  - 7.4+
 Debian:
   - buster (10)
 RHEL:
-  - 7.4+
   - 8.1+
 Ubuntu:
   - bionic (18.04)
@@ -108,15 +105,10 @@ Ubuntu:
 The NGINX App Protect Ansible role supports all platforms supported by [NGINX Plus](https://www.nginx.com/products/technical-specs/) that intersect with the following list of distributions of App Protect DoS:
 
 ```yaml
-Alpine:
-  - 3.15
-CentOS:
-  - 7.4+
 Debian:
   - buster (10)
   - bullseye (11)
 RHEL:
-  - 7.4+
   - 8.0+
 Ubuntu:
   - bionic (18.04)

defaults/main.yml

@@ -112,7 +112,7 @@ nginx_app_protect_log_policy_file:
   - src: files/config/log-policy.json
     dest: /etc/app_protect/conf/log-policy.json
 
-# Set SELinux enforcing for NGINX (CentOS/Red Hat only) - you may need to open ports on your own
+# Set SELinux enforcing for NGINX (Red Hat only) - you may need to open ports on your own
 nginx_app_protect_selinux: false
 
 # Enable enforcing mode if true.  Permissive if false (audit only, no enforcing) globally (only works with nginx_selinux: true)

meta/main.yml

@@ -17,7 +17,7 @@ galaxy_info:
     - name: Debian
       versions: [bullseye]
     - name: EL
-      versions: ['7', '8', '9']
+      versions: ['8', '9']
     - name: OracleLinux
       versions: ['8']
     - name: Ubuntu

molecule/advanced/molecule.yml

@@ -8,54 +8,15 @@ driver:
 platforms:
   - name: test-workload
     image: nginxdemos/hello
-    platform: amd64
+    platform: x86_64
     privileged: true
     groups:
       - workload
     networks:
       - name: molecule-test
-  - name: centos-7
-    image: centos:7
-    dockerfile: ../common/Dockerfile.j2
-    platform: amd64
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /usr/sbin/init
-    groups:
-      - nap
-    networks:
-      - name: molecule-test
-  - name: debian-buster
-    image: debian:buster-slim
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /sbin/init
-    groups:
-      - nap
-    networks:
-      - name: molecule-test
-  - name: ubuntu-bionic
-    image: ubuntu:bionic
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /sbin/init
-    groups:
-      - nap
-    networks:
-      - name: molecule-test
   - name: ubuntu-focal
     image: ubuntu:focal
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host

molecule/common/Dockerfile.j2

@@ -25,8 +25,7 @@ RUN \
     && dnf clean all; \
   elif [ $(command -v yum) ]; then \
     yum makecache fast \
-    && yum install -y bash iproute initscripts sudo /usr/bin/python /usr/bin/python2-config vim yum-plugin-ovl \
-    && yum install -y http://mirror.centos.org/centos/7/os/x86_64/Packages/yum-plugin-copr-1.1.31-54.el7_8.noarch.rpm http://mirror.centos.org/centos/7/os/x86_64/Packages/libseccomp-2.3.1-4.el7.x86_64.rpm \
+    && yum install -y bash iproute initscripts sudo /usr/bin/python /usr/bin/python2-config vim yum-plugin-copr yum-plugin-ovl \
     && yum copr enable -y jsynacek/systemd-backports-for-centos-7 \
     && yum update --disableplugin=priorities -y systemd \
     && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf \

molecule/default/molecule.yml

@@ -2,18 +2,9 @@
 driver:
   name: docker
 platforms:
-  - name: alpine-3.16
-    image: alpine:3.16
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /sbin/init
   - name: alpine-3.17
     image: alpine:3.17
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -22,16 +13,7 @@ platforms:
     command: /sbin/init
   - name: amazonlinux-2
     image: amazonlinux:2
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /usr/sbin/init
-  - name: centos-7
-    image: centos:7
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -40,7 +22,7 @@ platforms:
     command: /usr/sbin/init
   - name: debian-bullseye
     image: debian:bullseye-slim
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -49,16 +31,7 @@ platforms:
     command: /sbin/init
   - name: oraclelinux-8
     image: oraclelinux:8
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /usr/sbin/init
-  - name: rhel-7
-    image: registry.access.redhat.com/ubi7:7.9
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -67,7 +40,7 @@ platforms:
     command: /usr/sbin/init
   - name: rhel-8
     image: redhat/ubi8:8.7
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -78,7 +51,7 @@ platforms:
     image: redhat/ubi9:9.1.0
     env:
       SMDEV_CONTAINER_OFF: "1"
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -87,7 +60,7 @@ platforms:
     command: /usr/sbin/init
   - name: ubuntu-focal
     image: ubuntu:focal
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -96,7 +69,7 @@ platforms:
     command: /sbin/init
   - name: ubuntu-jammy
     image: ubuntu:jammy
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host

molecule/dos/molecule.yml

@@ -2,63 +2,27 @@
 driver:
   name: docker
 platforms:
-  - name: alpine-3.15
-    image: alpine:3.15
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /sbin/init
-  - name: centos-7
-    image: centos:7
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /usr/sbin/init
   - name: debian-bullseye
     image: debian:bullseye-slim
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
     command: /sbin/init
-  - name: rhel-7
-    image: registry.access.redhat.com/ubi7:7.9
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /usr/sbin/init
   - name: rhel-8
     image: redhat/ubi8:8.7
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
     command: /usr/sbin/init
-  - name: ubuntu-bionic
-    image: ubuntu:bionic
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /sbin/init
   - name: ubuntu-focal
     image: ubuntu:focal
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host

molecule/specific-version/molecule.yml

@@ -4,16 +4,7 @@ driver:
 platforms:
   - name: amazonlinux-2
     image: amazonlinux:2
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /usr/sbin/init
-  - name: centos-7
-    image: centos:7
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -22,7 +13,7 @@ platforms:
     command: /usr/sbin/init
   - name: debian-bullseye
     image: debian:bullseye-slim
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
@@ -31,34 +22,16 @@ platforms:
     command: /sbin/init
   - name: oraclelinux-8
     image: oraclelinux:8
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /usr/sbin/init
-  - name: rhel-7
-    image: registry.access.redhat.com/ubi7:7.9
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
     command: /usr/sbin/init
-  - name: ubuntu-bionic
-    image: ubuntu:bionic
-    platform: amd64
-    dockerfile: ../common/Dockerfile.j2
-    privileged: true
-    cgroupns_mode: host
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    command: /sbin/init
   - name: ubuntu-focal
     image: ubuntu:focal
-    platform: amd64
+    platform: x86_64
     dockerfile: ../common/Dockerfile.j2
     privileged: true
     cgroupns_mode: host