Skip to content

feat: add vm_networking, vm_provision, vm_storage_labeling roles and security hardening#18

Open
stevefulme1 wants to merge 1 commit into
mainfrom
feat/vm-storage-labeling
Open

feat: add vm_networking, vm_provision, vm_storage_labeling roles and security hardening#18
stevefulme1 wants to merge 1 commit into
mainfrom
feat/vm-storage-labeling

Conversation

@stevefulme1

@stevefulme1 stevefulme1 commented Jun 11, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Add three new roles: vm_networking (NAD-based network attachment), vm_provision (create VMs from specs), vm_storage_labeling (apply storage metadata labels)
  • Harden security: default SSL verification to true, add no_log to credential-handling tasks
  • Add vm_storage_labeling.yml playbook and event_query.yml audit extension
  • CI and documentation improvements

Note: RVTools integration has been split to a separate PR.

Test plan

  • Verify vm_storage_labeling role applies labels correctly
  • Verify vm_networking attach/detach operations
  • Verify vm_provision creates VMs from specs
  • Confirm SSL verify defaults to true in all playbooks
  • Run ansible-test sanity

Comment thread extensions/audit/event_query.yml Fixed
@stevefulme1 stevefulme1 changed the title feat: add audit event_query support feat: add RVTools integration, vm_networking, vm_provision, and storage labeling Jul 1, 2026

@sabre1041 sabre1041 left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stevefulme1 why did the content of this PR change/expand drastically? it now has a lot an rvtools integration that was not there previously

…security hardening

Add three new roles:
- vm_networking: manage network attachments via NADs
- vm_provision: create VirtualMachines from specs
- vm_storage_labeling: apply storage metadata labels

Security improvements:
- Default SSL verification to true across all playbooks
- Add no_log to tasks handling API keys and Bearer tokens

Also includes audit event_query extension, CI updates, and
documentation improvements.
@stevefulme1 stevefulme1 force-pushed the feat/vm-storage-labeling branch from 2d48091 to 0eb2a29 Compare July 2, 2026 17:03
@stevefulme1 stevefulme1 changed the title feat: add RVTools integration, vm_networking, vm_provision, and storage labeling feat: add vm_networking, vm_provision, vm_storage_labeling roles and security hardening Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants