088884c731
The 'docs' tox target executes the doc8 lint test which may result in failures when testing documentation builds, but OpenStack-CI does not execute that tox target. In order to ensure that we catch all standard documentation syntax errors and prevent them from merging, this patch includes the docs target in the 'linters' chain of tests. Fixes for any failures which result from executing this test are also included in the patch. Change-Id: I80c2ce387e59a30c34bf2252a54037c00b420380
946 B
All versions of Ubuntu and CentOS supported by the role verify packages against GPG signatures by default.
Deployers can disable GPG verification for all packages in Ubuntu by
setting the AllowUnauthenticated configuration option in a
file within /etc/apt/apt.conf.d/. The Ansible tasks will
search for this configuration option and will stop the playbook
execution if the option is set. Note that users can pass an argument on
the apt command line to bypass the checks as well, but that's outside
the scope of this check and remediation.
In CentOS, deployers can set gpgcheck=0 within
individual yum repository files in /etc/yum.repos.d/ to
disable GPG signature checking. The Ansible tasks will check for this
configuration option in those files and stop the playbook execution.
Deployers can use --skip-tags V-38462 to omit these
tasks when applying the security role on systems where GPG verification
must be disabled.