OpsMop Security 'Tooling'


#1

Another user had proposed 'hardening' the base system for vespene via:

Now, Michael has already responded and explained why that is definitely not a responsibility for vespene to worry about, however -- there could be a collaboration or even submission of opsmop to:

https://dev-sec.io/

Currently, they have separate repos for puppet, chef, ansible, etc... Think it could be kind of neat to see opsmop included there:
https://github.com/dev-sec as some examples. I don't expect this to be a 'Michael should do this', but maybe as opsmop becomes a bit more utilized, the community can work on it to see it included (if there is interest).


#2

These all seem pretty straightforward so I don't see why it couldn't be possible.

But yeah, too much for me to chase.

Our first priority should be to make sure we have all the basic modules we need for system configuration.


#3

Agreed. Youll notice most of my suggestions have 'community' included :)


#4

Awesome... yeah maybe look through those and see if any modules need to exist that don't exist?

On first glance it looks like template (file module) could do nearly everything.

The potential for OpsMop to have the shortest and simplest examples is quite high :)

I think all the language features are already there, but I have a note to implement 'failed_when' and 'changed_when' type features hopefully tomorrow, which is one of the placeholders in the existing docs right now. These will be some of the last things I do before starting push/pull features, most likely.