Prepare 0.6.0 release

alessfg · alessfg · commit c60afdc0fcd3 · 2023-01-30T00:57:04.000+01:00
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -1,10 +1,11 @@
 ---
 name: Bug report
 about: Create a report to help us improve
-title: ''
-labels: ''
-assignees: ''
+title: ""
+labels: ""
+assignees: ""
 ---
+
 ### Describe the bug
 
 A clear and concise description of what the bug is.
@@ -13,8 +14,8 @@ A clear and concise description of what the bug is.
 
 Steps to reproduce the behavior:
 
-1. Deploy NGINX Config role using playbook.yml
-2. View output/logs/configuration on '...'
+1. Deploy the Ansible NGINX configuration role using `playbook.yml`
+2. View output/logs/configuration on ...
 3. See error
 
 ### Expected behavior
@@ -23,7 +24,7 @@ A clear and concise description of what you expected to happen.
 
 ### Your environment
 
-- Version of the NGINX Config role or specific commit
+- Version of the Ansible NGINX configuration role or specific commit
 - Version of Ansible
 - Version of Jinja2 (if you are using any templating capability)
 - Target deployment platform
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -1,10 +1,11 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
-title: ''
-labels: ''
-assignees: ''
+title: ""
+labels: ""
+assignees: ""
 ---
+
 ### Is your feature request related to a problem? Please describe
 
 A clear and concise description of what the problem is. Ex. I'm always frustrated when ...
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
@@ -1,9 +1,26 @@
 # Security Policy
 
-## Supported Versions
+## Versions
 
-This role mainly consists of Ansible tasks. Ansible applies security fixes to the most recent three releases. Please find more information in [the Ansible docs](https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html#release-status).
+### Latest Versions
+
+We advise users to run or update to the most recent release of the Ansible NGINX configuration role. Older versions of this role may not have all enhancements and/or bug fixes applied to them.
+
+### Supported Versions
+
+This codebase mainly consists of an Ansible role, sprinkled with a dose of GitHub actions for CI/CD. Ansible applies security fixes to the most recent three releases. Please find more information in [the Ansible docs](https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html#release-status).
 
 ## Reporting a Vulnerability
 
-If you find a security vulnerability that affects Ansible, we encourage you to report it according to the [Ansible guidelines](https://docs.ansible.com/ansible/devel/community/reporting_bugs_and_features.html#reporting-a-bug).
+### Ansible
+
+If you find a security vulnerability that affects Ansible directly, we encourage you to report it according to the [Ansible guidelines](https://docs.ansible.com/ansible/devel/community/reporting_bugs_and_features.html#reporting-a-bug).
+
+### Codebase
+
+If you find a security vulnerability that affects the codebase, we encourage you to report it to the F5 Security Incident Response Team (F5 SIRT):
+
+- If you’re an F5 customer with an active support contract, please contact [F5 Technical Support](https://www.f5.com/services/support).
+- If you aren’t an F5 customer, please report any potential or current instances of security vulnerabilities to the F5 SIRT at <F5SIRT@f5.com>.
+
+For more information visit [https://www.f5.com/services/support/report-a-vulnerability](https://www.f5.com/services/support/report-a-vulnerability)
diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml
@@ -92,13 +92,13 @@ template: |
 
   ## Install & Upgrade
 
-  * To install the Ansible NGINX config role on a fresh environment, run `ansible-galaxy install nginxinc.nginx_config`.
-  * To upgrade the Ansible NGINX config role to the latest release, run `ansible-galaxy install -f nginxinc.nginx_config`.
-  * To install or upgrade to this specific Ansible NGINX config role release ($RESOLVED_VERSION), run `ansible-galaxy install -f nginxinc.nginx_config,v$RESOLVED_VERSION`.
+  - To install the Ansible NGINX config role on a fresh environment, run `ansible-galaxy install nginxinc.nginx_config`.
+  - To upgrade the Ansible NGINX config role to the latest release, run `ansible-galaxy install -f nginxinc.nginx_config`.
+  - To install or upgrade to this specific Ansible NGINX config role release ($RESOLVED_VERSION), run `ansible-galaxy install -f nginxinc.nginx_config,v$RESOLVED_VERSION`.
 
   ## Resources
 
-  * Functional configuration examples (check `converge.yml` under each `molecule` scenario) -- [github.com/nginxinc/ansible-role-nginx-config/tree/$RESOLVED_VERSION/molecule](https://github.com/nginxinc/ansible-role-nginx-config/tree/$RESOLVED_VERSION/molecule).
-  * Ansible Galaxy repository -- [galaxy.ansible.com/nginxinc/nginx_config](https://galaxy.ansible.com/nginxinc/nginx_config).
-  * NGINX Ansible role & collection introductory blog -- [nginx.com/blog/announcing-nginx-core-collection-ansible](https://www.nginx.com/blog/announcing-nginx-core-collection-ansible).
-  * NGINX: Better with Ansible demo -- [github.com/alessfg/nginx-ansible-demo](https://github.com/alessfg/nginx-ansible-demo).
+  - Functional configuration examples (check `converge.yml` under each `molecule` scenario) -- [github.com/nginxinc/ansible-role-nginx-config/tree/$RESOLVED_VERSION/molecule](https://github.com/nginxinc/ansible-role-nginx-config/tree/$RESOLVED_VERSION/molecule).
+  - Ansible Galaxy repository -- [galaxy.ansible.com/nginxinc/nginx_config](https://galaxy.ansible.com/nginxinc/nginx_config).
+  - NGINX Ansible role & collection introductory blog -- [nginx.com/blog/announcing-nginx-core-collection-ansible](https://www.nginx.com/blog/announcing-nginx-core-collection-ansible).
+  - NGINX: Better with Ansible demo -- [github.com/alessfg/nginx-ansible-demo](https://github.com/alessfg/nginx-ansible-demo).
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,6 @@
 # Changelog
 
-## 0.6.0 (Unreleased)
+## 0.6.0 (January 29, 2023)
 
 ENHANCEMENTS:
 
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
@@ -14,22 +14,19 @@ appearance, race, religion, or sexual identity and orientation.
 Examples of behavior that contributes to creating a positive environment
 include:
 
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+- Showing empathy towards other community members
 
 Examples of unacceptable behavior by participants include:
 
-* The use of sexualized language or imagery and unwelcome sexual attention or
- advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
- address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
- professional setting
+- The use of sexualized language or imagery and unwelcome sexual attention or advances
+- Trolling, insulting/derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or electronic address, without explicit permission
+- Other conduct which could reasonably be considered inappropriate in a professional setting
 
 ## Our Responsibilities
 
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -12,8 +12,8 @@ The following is a set of guidelines for contributing to the NGINX config Ansibl
 
 [Code Guidelines](#code-guidelines)
 
-* [Git Guidelines](#git-guidelines)
-* [Ansible Guidelines](#ansible-guidelines)
+- [Git Guidelines](#git-guidelines)
+- [Ansible Guidelines](#ansible-guidelines)
 
 [Code of Conduct](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/CODE_OF_CONDUCT.md)
 
@@ -27,14 +27,14 @@ Follow our [Installation Guide](https://github.com/nginxinc/ansible-role-nginx-c
 
 ### Project Structure
 
-* The NGINX config Ansible role is written in `yaml` and supports NGINX Open Source and NGINX Plus.
-* The project follows the standard [Ansible role directory structure](https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html):
-  * The main code is found in [`tasks/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/tasks/).
-  * Variables can be found in [`defaults/main/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/defaults/main/).
-  * "Constant" variables can be found in [`vars/main.yml`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/vars/main.yml).
-  * Configuration templates for NGINX can be found in [`templates/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/templates/).
-  * [Molecule](https://molecule.readthedocs.io/) tests can be found in [`molecule/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/molecule/).
-  * CI/CD is done via GitHub actions using the workflow files found in [`.github/workflows/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/.github/workflows/).
+- The NGINX config Ansible role is written in `yaml` and supports NGINX Open Source and NGINX Plus.
+- The project follows the standard [Ansible role directory structure](https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html):
+  - The main code is found in [`tasks/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/tasks/).
+  - Variables can be found in [`defaults/main/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/defaults/main/).
+  - "Constant" variables can be found in [`vars/main.yml`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/vars/main.yml).
+  - Configuration templates for NGINX can be found in [`templates/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/templates/).
+  - [Molecule](https://molecule.readthedocs.io/) tests can be found in [`molecule/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/molecule/).
+  - CI/CD is done via GitHub actions using the workflow files found in [`.github/workflows/`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/.github/workflows/).
 
 ## Contributing
 
@@ -48,27 +48,27 @@ To suggest a feature or enhancement, please create an issue on GitHub with the l
 
 ### Open a Pull Request
 
-* Fork the repo, create a branch, implement your changes, add any relevant Molecule tests, submit a PR when your changes are **tested** (using Molecule) and ready for review.
-* Fill in [our pull request template](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/.github/pull_request_template.md).
+- Fork the repo, create a branch, implement your changes, add any relevant Molecule tests, submit a PR when your changes are **tested** (using Molecule) and ready for review.
+- Fill in [our pull request template](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/.github/pull_request_template.md).
 
 Note: if you'd like to implement a new feature, please consider creating a feature request issue first to start a discussion about the feature.
 
 ## Code Guidelines
 
 ### Ansible Guidelines
 
-* Run `molecule lint` over your code to automatically resolve a lot of `yaml` and Ansible style issues.
-* Run `molecule test` on your code before you submit a PR to catch any potential issues. If you are testing a specific molecule scenario, run `molecule test -s <scenario>`. If you are testing the NGINX Plus scenario (`plus`), you will need to procure an NGINX Plus license (check out the [NGINX Plus developer license FAQ](https://www.nginx.com/developer-license-faqs/) to find out how to request one).
-* Follow these guides on some good practices for Ansible:
-  * <https://www.ansible.com/blog/ansible-best-practices-essentials>
-  * <https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html>
+- Run `molecule lint` over your code to automatically resolve a lot of `yaml` and Ansible style issues.
+- Run `molecule test` on your code before you submit a PR to catch any potential issues. If you are testing a specific molecule scenario, run `molecule test -s <scenario>`. If you are testing the NGINX Plus scenario (`plus`), you will need to procure an NGINX Plus license (check out the [NGINX Plus developer license FAQ](https://www.nginx.com/developer-license-faqs/) to find out how to request one).
+- Follow these guides on some good practices for Ansible:
+  - <https://www.ansible.com/blog/ansible-best-practices-essentials>
+  - <https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html>
 
 ### Git Guidelines
 
-* Keep a clean, concise and meaningful git commit history on your branch (within reason), rebasing locally and squashing before submitting a PR.
-* Follow the guidelines of writing a good commit message as described here <https://chris.beams.io/posts/git-commit/> and summarised in the next few points:
-  * In the subject line, use the present tense ("Add feature" not "Added feature").
-  * In the subject line, use the imperative mood ("Move cursor to..." not "Moves cursor to...").
-  * Limit the subject line to 72 characters or less.
-  * Reference issues and pull requests liberally after the subject line.
-  * Add more detailed description in the body of the git message (`git commit -a` to give you more space and time in your text editor to write a good message instead of `git commit -am`).
+- Keep a clean, concise and meaningful git commit history on your branch (within reason), rebasing locally and squashing before submitting a PR.
+- Follow the guidelines of writing a good commit message as described here <https://chris.beams.io/posts/git-commit/> and summarised in the next few points:
+  - In the subject line, use the present tense ("Add feature" not "Added feature").
+  - In the subject line, use the imperative mood ("Move cursor to..." not "Moves cursor to...").
+  - Limit the subject line to 72 characters or less.
+  - Reference issues and pull requests liberally after the subject line.
+  - Add more detailed description in the body of the git message (`git commit -a` to give you more space and time in your text editor to write a good message instead of `git commit -am`).
diff --git a/README.md b/README.md
@@ -14,8 +14,8 @@ This role configures NGINX Open Source and NGINX Plus on your target host.
 
 ### Ansible
 
-* This role is developed and tested with [maintained](https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html) versions of Ansible core (above `2.12`).
-* When using Ansible core, you will also need to install the following collections:
+- This role is developed and tested with [maintained](https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html) versions of Ansible core (above `2.12`).
+- When using Ansible core, you will also need to install the following collections:
 
     ```yaml
     ---
@@ -29,36 +29,50 @@ This role configures NGINX Open Source and NGINX Plus on your target host.
     ```
 
     **Note:** You can alternatively install the Ansible community distribution (what is known as the "old" Ansible) if you don't want to manage individual collections.
-* Instructions on how to install Ansible can be found in the [Ansible website](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#upgrading-ansible-from-version-2-9-and-older-to-version-2-10-or-later).
+- Instructions on how to install Ansible can be found in the [Ansible website](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#upgrading-ansible-from-version-2-9-and-older-to-version-2-10-or-later).
 
 ### Jinja2
 
-* This role uses Jinja2 templates. Ansible core installs Jinja2 by default, but depending on your install and/or upgrade path, you might be running an outdated version of Jinja2. The minimum version of Jinja2 required for the role to properly function is `2.11`.
-* Instructions on how to install Jinja2 can be found in the [Jinja2 website](https://jinja.palletsprojects.com/en/2.11.x/intro/#installation).
+- This role uses Jinja2 templates. Ansible core installs Jinja2 by default, but depending on your install and/or upgrade path, you might be running an outdated version of Jinja2. The minimum version of Jinja2 required for the role to properly function is `3.1`.
+- Instructions on how to install Jinja2 can be found in the [Jinja2 website](https://jinja.palletsprojects.com/en/3.1.x/intro/#installation).
 
 ### Molecule (Optional)
 
-* Molecule is used to test the various functionalities of the role. The recommended version of Molecule to test this role is `3.3`.
-* Instructions on how to install Molecule can be found in the [Molecule website](https://molecule.readthedocs.io/en/latest/installation.html). *You will also need to install the Molecule Docker driver.*
-* To run the NGINX Plus/App Protect config Molecule tests, you must copy your NGINX Plus/App Protect license to the role's [`files/license`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/files/license/) folder.
+- Molecule is used to test the various functionalities of the role. The recommended version of Molecule to test this role is `4.x`.
+- Instructions on how to install Molecule can be found in the [Molecule website](https://molecule.readthedocs.io/en/latest/installation.html). *You will also need to install the Molecule Docker driver.*
+- To run the NGINX Plus/App Protect config Molecule tests, you must copy your NGINX Plus/App Protect license to the role's [`files/license`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/files/license/) folder.
 
-You can alternatively add your NGINX Plus/App Protect repository certificate and key to the local environment. Run the following commands to export these files as base64-encoded variables and execute the Molecule tests:
+  You can alternatively add your NGINX Plus/App Protect repository certificate and key to the local environment. Run the following commands to export these files as base64-encoded variables and execute the Molecule tests:
 
-```bash
-export NGINX_CRT=$( cat <path to your certificate file> | base64 )
-export NGINX_KEY=$( cat <path to your key file> | base64 )
-molecule test -s plus
-```
+  ```bash
+  export NGINX_CRT=$( cat <path to your certificate file> | base64 )
+  export NGINX_KEY=$( cat <path to your key file> | base64 )
+  molecule test -s plus
+  ```
 
 ## Installation
 
 ### Ansible Galaxy
 
-Use `ansible-galaxy install nginxinc.nginx_config` to install the latest stable release of the role on your system.
+To install the latest stable release of the role on your system, use:
+
+```bash
+ansible-galaxy install nginxinc.nginx_config
+```
+
+Alternatively, if you have already installed the role, update the role to the latest release:
+
+```bash
+ansible-galaxy install -f nginxinc.nginx_config
+```
 
 ### Git
 
-Use `git clone https://github.com/nginxinc/ansible-role-nginx-config.git` to pull the latest edge commit of the role from GitHub.
+To pull the latest edge commit of the role from GitHub, use:
+
+```bash
+git clone https://github.com/nginxinc/ansible-role-nginx-config.git
+```
 
 ## Platforms
 
diff --git a/SUPPORT.md b/SUPPORT.md
