From 717040df58398e5c3295a7cce1a81f3dd2ab4222 Mon Sep 17 00:00:00 2001 From: Petr Ruzicka Date: Sun, 4 May 2025 07:55:06 +0200 Subject: [PATCH 1/2] feat(gh): add default github repo files --- .github/CODEOWNERS | 16 +- .github/renovate.json5 | 3 + .github/workflows/codeql-actions.yml | 40 +++++ .github/workflows/mega-linter.yml | 29 ++-- .github/workflows/pr-slack-notification.yml | 163 ++++++++++++++++++++ .github/workflows/release-please.yml | 9 +- .github/workflows/renovate.yml | 13 +- .github/workflows/scorecards.yml | 36 +++++ .github/workflows/semantic-pull-request.yml | 2 +- .mega-linter.yml | 13 ++ SECURITY.md | 8 + lychee.toml | 16 +- 12 files changed, 317 insertions(+), 31 deletions(-) create mode 100644 .github/workflows/codeql-actions.yml create mode 100644 .github/workflows/pr-slack-notification.yml create mode 100644 .github/workflows/scorecards.yml create mode 100644 SECURITY.md diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index dd260f1b7..973674b43 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,6 +1,14 @@ -# Users referenced in this file will automatically be requested as reviewers for -# PRs that modify the given paths -# See https://help.github.com/articles/about-code-owners/, https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners +# GitHub CODEOWNERS file +# Documentation: +# - https://help.github.com/articles/about-code-owners/ +# - https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners -# All code +# Syntax: +# pattern @user-or-team +# The last matching pattern takes precedence. + +############################### +# Repository Default Owners +############################### +# These owners will be the default owners for everything in the repo * @ruzickap diff --git a/.github/renovate.json5 b/.github/renovate.json5 index ea163e2f7..0ae106515 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -25,8 +25,10 @@ enabled: true, schedule: ["before 6am on Sunday"], }, + // Package update rules packageRules: [ { + description: "Disable auto-merge for major updates", matchUpdateTypes: ["major"], automerge: false, }, @@ -45,6 +47,7 @@ ], prBodyTemplate: "{{{table}}}{{{notes}}}{{{changelogs}}}", rebaseWhen: "behind-base-branch", + // Custom version extraction regexManagers: [ { extractVersionTemplate: "{{#if extractVersion}}{{{extractVersion}}}{{else}}^v?(?.+)${{/if}}", diff --git a/.github/workflows/codeql-actions.yml b/.github/workflows/codeql-actions.yml new file mode 100644 index 000000000..050466ea3 --- /dev/null +++ b/.github/workflows/codeql-actions.yml @@ -0,0 +1,40 @@ +name: "CodeQL GitHub Actions" + +on: + workflow_dispatch: + push: + branches: ["main"] + pull_request: + paths: + - .github/workflows/*.yml + schedule: + - cron: 17 10 * * 2 + +permissions: read-all + +jobs: + analyze-actions: + name: Analyze GitHub Actions + runs-on: "ubuntu-latest" + permissions: + # required for all workflows + security-events: write + # required to fetch internal or private CodeQL packs + packages: read + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + with: + languages: actions + build-mode: none + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + queries: security-extended + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + with: + category: "/language:actions" diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 24c79f4c6..635b9ba26 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -10,34 +10,35 @@ on: permissions: read-all jobs: + github-context: + runs-on: ubuntu-latest + steps: + - name: Debug + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + run: | + echo "${GITHUB_CONTEXT}" + mega-linter: runs-on: ubuntu-latest + if: ${{ (!startsWith(github.ref_name, 'renovate/') && !startsWith(github.ref_name, 'release-please--')) || github.event_name == 'workflow_dispatch' }} timeout-minutes: 30 steps: - name: Checkout Code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - name: Restore lychee cache - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 - with: - path: .lycheecache - key: cache-lychee-${{ github.sha }} - restore-keys: cache-lychee- - - name: Extract commands from markdown files run: | set -euxo pipefail + eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" + brew install mdq echo '#!/usr/bin/env bash' > README.sh - find . -name '*.md' -print0 | while IFS= read -r -d '' FILE; do - # Extract: ```bash ... ``` - sed -n "/^\`\`\`\(bash\|shell\)$/,/^\`\`\`$/p" "${FILE}" | sed '/^```*/d' >> README.sh - # Extract: ```bash ... ``` - sed -n "/^ \`\`\`\(bash\|shell\)$/,/^ \`\`\`$/p" "${FILE}" | sed '/^ ```*/d; s/^ //' >> README.sh - done + readarray -d '' MD_FILES < <(find . -type f -name "*.md" -print0) + mdq '```/^bash$|^shell$|^sh$/' --br -o plain "${MD_FILES[@]}" >> README.sh || true chmod a+x README.sh - name: 💡 MegaLinter - uses: oxsecurity/megalinter@146333030da68e2e58c6ff826633824fabe01eaf # v8.5.0 + uses: oxsecurity/megalinter@04cf22b980c2e9c2121553417ed651c944afc8e1 # v8.6.0 env: GITHUB_COMMENT_REPORTER: false # Disabled due to error: [GitHub Status Reporter] Error posting Status for REPOSITORY with ...: 403 diff --git a/.github/workflows/pr-slack-notification.yml b/.github/workflows/pr-slack-notification.yml new file mode 100644 index 000000000..f77d00e2b --- /dev/null +++ b/.github/workflows/pr-slack-notification.yml @@ -0,0 +1,163 @@ +name: pr-slack-notification + +# Based on: https://github.com/slackapi/slack-github-action/issues/269 + +on: + workflow_dispatch: + pull_request: + types: + - opened + - ready_for_review + - review_requested + - closed + issue_comment: + types: + - created + pull_request_review: + types: + - submitted + +permissions: read-all + +defaults: + run: + shell: bash -euxo pipefail {0} + +jobs: + github-context: + runs-on: ubuntu-latest + steps: + - name: Debug + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + run: | + echo "${GITHUB_CONTEXT}" + + pr-slack-notification: + runs-on: ubuntu-latest + name: Sends a message to Slack when a PR is opened + if: (github.event.action == 'opened' && github.event.pull_request.draft == false) || github.event.action == 'ready_for_review' + steps: + - name: Post PR summary message to slack + id: message + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 + with: + method: chat.postMessage + token: ${{ secrets.MY_SLACK_BOT_TOKEN }} + payload: | + channel: ${{ secrets.MY_SLACK_CHANNEL_ID }} + text: "💡 *${{ github.event.pull_request.user.login }}*: <${{ github.event.repository.html_url }}|${{ github.repository }}> - <${{ github.event.pull_request.html_url }}|#${{ github.event.pull_request.number }} - ${{ github.event.pull_request.title }}> (+${{ github.event.pull_request.additions }}, -${{ github.event.pull_request.deletions }})" + + - name: Create file with slack message timestamp + env: + TS: ${{ steps.message.outputs.ts }} + run: | + echo "${TS}" > slack-message-timestamp.txt + + - name: Cache slack message timestamp + uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + with: + path: slack-message-timestamp.txt + key: slack-message-timestamp-${{ github.event.pull_request.html_url }}-${{ steps.message.outputs.ts }} + + slack-emoji-react: + runs-on: ubuntu-latest + name: Adds emoji reaction to slack message when a PR is closed or reviewed + if: ${{ startsWith(github.event.pull_request.html_url, 'https') || startsWith(github.event.issue.pull_request.html_url, 'https') }} + steps: + # gh commands needs to be executed in the repository + - name: Checkout Code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + # https://stackoverflow.com/questions/74640750/github-actions-not-finding-cache + # I can not use the cache action in this job because the cache is not shared between runs + - name: Save slack timestamp as an environment variable + id: slack-timestamp + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_PULL_REQUEST_HTML_URL: ${{ github.event.pull_request.html_url || github.event.issue.pull_request.html_url }} + run: | + SLACK_TIMESTAMP=$(gh cache list --json key --jq "[.[].key|capture(\"${GITHUB_PULL_REQUEST_HTML_URL}-(?.+)\").x][0]") + echo "SLACK_TIMESTAMP=${SLACK_TIMESTAMP}" | tee -a "${GITHUB_ENV}" + if [[ "${SLACK_TIMESTAMP}" != '' ]]; then + echo "github_event_pull_request_html_url=true" >> "${GITHUB_OUTPUT}" + fi + + - name: Decide which emoji to add + if: ${{ steps.slack-timestamp.outputs.github_event_pull_request_html_url == 'true' }} + env: + GITHUB_EVENT_ACTION: ${{ github.event.action }} + GITHUB_EVENT_NAME: ${{ github.event_name }} + GITHUB_EVENT_REVIEW_STATE: ${{ github.event.review.state }} + run: | + case "${GITHUB_EVENT_ACTION}" in + created) + if [[ "${GITHUB_EVENT_NAME}" == 'issue_comment' ]]; then + echo "EMOJI=speech_balloon" >> "${GITHUB_ENV}" # 💬 + fi + ;; + submitted) + case "${GITHUB_EVENT_REVIEW_STATE}" in + changes_requested) + echo "EMOJI=repeat" >> "${GITHUB_ENV}" # 🔁 + ;; + approved) + echo "EMOJI=ok" >> "${GITHUB_ENV}" # 🆗 + ;; + commented) + echo "EMOJI=speech_balloon" >> "${GITHUB_ENV}" # 💬 + ;; + esac + ;; + review_requested) + echo "EMOJI=eyes" >> "${GITHUB_ENV}" # 👀 + ;; + *) + echo "EMOJI=false" >> "${GITHUB_ENV}" + ;; + esac + + - name: React to PR summary message in slack with emoji + if: ${{ steps.slack-timestamp.outputs.github_event_pull_request_html_url == 'true' && env.EMOJI != 'false' }} + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 + with: + method: reactions.add + token: ${{ secrets.MY_SLACK_BOT_TOKEN }} + payload: | + channel: ${{ secrets.MY_SLACK_CHANNEL_ID }} + timestamp: "${{ env.SLACK_TIMESTAMP }}" + name: ${{ env.EMOJI }} + + - name: Update the original message with status Merged ✅ + if: ${{ github.event.pull_request.merged && steps.slack-timestamp.outputs.github_event_pull_request_html_url == 'true' }} + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 + with: + method: chat.update + token: ${{ secrets.MY_SLACK_BOT_TOKEN }} + payload: | + channel: ${{ secrets.MY_SLACK_CHANNEL_ID }} + ts: "${{ env.SLACK_TIMESTAMP }}" + text: "✅ *${{ github.event.pull_request.user.login }}*: <${{ github.event.repository.html_url }}|${{ github.repository }}> - <${{ github.event.pull_request.html_url }}|#${{ github.event.pull_request.number }} - ${{ github.event.pull_request.title }}> (+${{ github.event.pull_request.additions }}, -${{ github.event.pull_request.deletions }})" + attachments: + - color: "28a745" + fields: + - title: "Status" + short: true + value: "Merged ✅" + + - name: Update the original message with status Closed ❎ + if: ${{ github.event.action == 'closed' && github.event.pull_request.merged == false && steps.slack-timestamp.outputs.github_event_pull_request_html_url == 'true' }} + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 + with: + method: chat.update + token: ${{ secrets.MY_SLACK_BOT_TOKEN }} + payload: | + channel: ${{ secrets.MY_SLACK_CHANNEL_ID }} + ts: "${{ env.SLACK_TIMESTAMP }}" + text: "❎ *${{ github.event.pull_request.user.login }}*: <${{ github.event.repository.html_url }}|${{ github.repository }}> - <${{ github.event.pull_request.html_url }}|#${{ github.event.pull_request.number }} - ${{ github.event.pull_request.title }}> (+${{ github.event.pull_request.additions }}, -${{ github.event.pull_request.deletions }})" + attachments: + - color: "fa7015" + fields: + - title: "Status" + short: true + value: "Closed ❎" diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 967c1e12f..116134279 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -7,15 +7,16 @@ on: branches: - main -permissions: - contents: write - pull-requests: write +permissions: read-all jobs: release-please: runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write steps: - - uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2 + - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 id: app-token with: app-id: ${{ secrets.MY_RENOVATE_GITHUB_APP_ID }} diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index f04a5065b..127e771fc 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -43,6 +43,15 @@ env: permissions: read-all jobs: + github-context: + runs-on: ubuntu-latest + steps: + - name: Debug + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + run: | + echo "${GITHUB_CONTEXT}" + renovate: runs-on: ubuntu-latest concurrency: @@ -52,13 +61,13 @@ jobs: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2 + - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 id: app-token with: app-id: ${{ secrets.MY_RENOVATE_GITHUB_APP_ID }} private-key: ${{ secrets.MY_RENOVATE_GITHUB_PRIVATE_KEY }} - name: 💡 Self-hosted Renovate - uses: renovatebot/github-action@67a664fc9b4481b33a3eff6ee9edfb7a7b9dfa1e # v41.0.2 + uses: renovatebot/github-action@19ba43e1bc58ed95c0ba205dee8b1bc0f27b630d # v42.0.0 with: token: ${{ steps.app-token.outputs.token }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml new file mode 100644 index 000000000..cc1c9a3c2 --- /dev/null +++ b/.github/workflows/scorecards.yml @@ -0,0 +1,36 @@ +name: scorecards +on: + workflow_dispatch: + push: + branches: + - main + schedule: + - cron: 30 1 * * 6 + +permissions: read-all + +jobs: + analysis: + name: Scorecard analysis + runs-on: ubuntu-latest + permissions: + security-events: write + id-token: write + + steps: + - name: Checkout code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + persist-credentials: false + + - name: Run analysis + uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1 + with: + results_file: results.sarif + results_format: sarif + publish_results: true + + - name: Upload to code-scanning + uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + with: + sarif_file: results.sarif diff --git a/.github/workflows/semantic-pull-request.yml b/.github/workflows/semantic-pull-request.yml index a446dece4..fb82332d1 100644 --- a/.github/workflows/semantic-pull-request.yml +++ b/.github/workflows/semantic-pull-request.yml @@ -16,7 +16,7 @@ jobs: semantic-pull-request: runs-on: ubuntu-latest steps: - - uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2 + - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 id: app-token with: app-id: ${{ secrets.MY_RENOVATE_GITHUB_APP_ID }} diff --git a/.mega-linter.yml b/.mega-linter.yml index 109c704fe..0de546377 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -8,6 +8,8 @@ ANSIBLE_ANSIBLE_LINT_PRE_COMMANDS: - command: ansible-galaxy install -r ansible/requirements.yml cwd: "workspace" +BASH_SHELLCHECK_ARGUMENTS: --exclude=SC2317 + BASH_SHFMT_ARGUMENTS: --case-indent --indent 2 --space-redirects DISABLE_LINTERS: @@ -24,6 +26,10 @@ FILTER_REGEX_EXCLUDE: CHANGELOG.md FORMATTERS_DISABLE_ERRORS: false +JSON_JSONLINT_ARGUMENTS: --comments + +JSON_JSONLINT_FILTER_REGEX_EXCLUDE: .devcontainer/devcontainer.json + MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .markdownlint.yml MARKDOWN_MARKDOWNLINT_FILTER_REGEX_EXCLUDE: CHANGELOG.md @@ -43,6 +49,13 @@ REPOSITORY_KICS_ARGUMENTS: --fail-on high REPOSITORY_TRIVY_ARGUMENTS: --severity HIGH,CRITICAL --ignore-unfixed +SPELL_LYCHEE_ARGUMENTS: + - --accept + - "429" + +SPELL_LYCHEE_UNSECURED_ENV_VARIABLES: + - GITHUB_TOKEN + TERRAFORM_TFLINT_UNSECURED_ENV_VARIABLES: - GITHUB_TOKEN diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..2686ea6db --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,8 @@ +# Security Policy + +## Reporting a Vulnerability + +To report a security issue, please email [petr.ruzicka@gmail.com](mailto:petr.ruzicka@gmail.com) +with a description of the issue, the steps you took to create the issue, +affected versions, and, if known, mitigations for the issue. This project +follows a 90 day disclosure timeline. diff --git a/lychee.toml b/lychee.toml index 182ae79de..f0370f93d 100644 --- a/lychee.toml +++ b/lychee.toml @@ -1,3 +1,4 @@ +# Configuration for lychee link checker # https://lychee.cli.rs/#/usage/config ############################# Cache ############################### @@ -23,15 +24,18 @@ accept = [999] # Exclude URLs and mail addresses from checking (supports regex) exclude = [ - # returns 403 when accessed from GitHub Action - 'stackoverflow\.com', - 'stackexchange\.com', - # Ignore all URLs with '$' - BASH variable in URL - '\$', + # keep-sorted start # Ignore all URLs with '{ ... }' - BASH / Ansible variable in URL '%7B.*%7D', + # Ignore all URLs with '$' - BASH variable in URL + '\$', # Ignore all URLs which starts with 'file://' 'file://', + # returns 403 when accessed from GitHub Action + 'stackoverflow\.com', + # returns 403 when accessed from GitHub Action + 'stackexchange\.com', + # keep-sorted end ] # Exclude these filesystem paths from getting checked @@ -40,7 +44,7 @@ exclude_path = [ "package-lock.json", ] -# Exclude all private IPs from checking. +# Exclude all private IPs from checking # Equivalent to setting `exclude_private`, `exclude_link_local`, and # `exclude_loopback` to true exclude_all_private = true From c801a64d696226d9cdfdbd63746f310f4c7cd770 Mon Sep 17 00:00:00 2001 From: Petr Ruzicka Date: Sun, 4 May 2025 09:18:00 +0200 Subject: [PATCH 2/2] chore(spelling): update spelling list by removing obsolete entries --- .github/workflows/links.yml | 36 ------- .spelling | 181 ++++++++++++++++++------------------ 2 files changed, 92 insertions(+), 125 deletions(-) delete mode 100644 .github/workflows/links.yml diff --git a/.github/workflows/links.yml b/.github/workflows/links.yml deleted file mode 100644 index 45388b569..000000000 --- a/.github/workflows/links.yml +++ /dev/null @@ -1,36 +0,0 @@ -name: links - -on: - workflow_dispatch: - push: - branches-ignore: - - main - paths: - - .github/workflows/links.yml - - lychee.toml - - "**.md" - schedule: - - cron: "0 0 * * 2" - -permissions: read-all - -jobs: - links: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - - - name: Restore lychee cache - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 - with: - path: .lycheecache - key: cache-lychee-${{ github.sha }} - restore-keys: cache-lychee- - - - name: Link Checker - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: lycheeverse/lychee-action@1d97d84f0bc547f7b25f4c2170d87d810dc2fb2c # v2.4.0 - with: - args: ". --no-progress --exclude-path CHANGELOG.md --exclude-all-private --exclude 'GITHUB_SHA%7D|_VERSION%7D|_TYPE%7D'" diff --git a/.spelling b/.spelling index 4a84ecbc8..b2d69ca15 100644 --- a/.spelling +++ b/.spelling @@ -1,91 +1,94 @@ -2d -Ansible -AutoActivation -Autounattend -Baloon -CENTOS_ARCH -CENTOS_TAG -CENTOS_TYPE -CENTOS_VERSION -CentOS -DoNotOpenInitialConfigurationTasksAtLogon -EnableLUA -GITHUB_SHA -GitLab -GitLab_CI_configuration.md -IEHarden -Libvirt -NetKVM -OpenSSH -Playbook -Plugin -QEMU-KVM -Qemu -RedHat -UBUNTU_ARCH -UBUNTU_TYPE_UC -UBUNTU_VERSION +yml +xz +xfs +virtualbox +virtio-win +virtio-tablet-pci +virtio-mouse-pci +virtio-keyboard-pci +virtio-input-host-pci +viostor +vioserial +vioser +vioscsi +viorng +vioinput +vdagent-win +vda1 +unattended.xml +u +timezone +sysstat +sshing +sshd +ssh +snmpd +sar +qxldod +qemu-ga-x64 +qemu-ga +pvpanic +preseed +plugins +playbook +netkvm +my_common_defaults +my_ +logwatch +logrotate +libvirt +kickstart +keymap +iso +i +hypervisor +gmail.com +freerdp +ext4 +en_US.UTF +common_windows_packages +com.redhat.spice.0 +centos +build_remote_ssh_ubuntu.sh +build.sh +amd64 +WinRM +Win32NT-common +WINDOWS_VERSION +WINDOWS_TYPE_UC +WINDOWS_RELEASE_UC +WINDOWS_EDITION_UC +WINDOWS_ARCH +VirtualBox +Virtio +VirtIO VAGRANTUP_ACCESS_TOKEN VAGRANTUP_ACCESS_TOKEN -VirtIO -Virtio -VirtualBox -WINDOWS_ARCH -WINDOWS_EDITION_UC -WINDOWS_RELEASE_UC -WINDOWS_TYPE_UC -WINDOWS_VERSION -Win32NT-common -WinRM -amd64 -build.sh -build_remote_ssh_ubuntu.sh -centos -com.redhat.spice.0 -common_windows_packages -en_US.UTF -ext4 -freerdp -gmail.com -hypervisor -iso -keymap -kickstart -libvirt -logrotate -logwatch -my_ -my_common_defaults -netkvm -playbook -plugins -preseed -pvpanic -qemu-ga -qemu-ga-x64 -qxldod -sar -snmpd -ssh -sshd -sshing -sysstat -timezone -unattended.xml -vda1 -vdagent-win -vioinput -viorng -vioscsi -vioser -vioserial -viostor -virtio-input-host-pci -virtio-keyboard-pci -virtio-mouse-pci -virtio-tablet-pci -virtio-win -virtualbox -xfs -xz -yml +UBUNTU_VERSION +UBUNTU_TYPE_UC +UBUNTU_ARCH +RedHat +Qemu +QEMU-KVM +Plugin +Playbook +OpenSSH +NetKVM +Libvirt +IEHarden +GitLab_CI_configuration.md +GitLab +GITHUB_SHA +EnableLUA +DoNotOpenInitialConfigurationTasksAtLogon +CentOS +CENTOS_VERSION +CENTOS_TYPE +CENTOS_TAG +CENTOS_ARCH +Baloon +Autounattend +AutoActivation +Ansible +90 +2d