Add fapolicyd enabled check
fapolicyd check worked on with Brie.
When using fapolicyd for increased security, GitLab can report that a restore was successful but repositories show as empty. src
This check helps customers to identify whether fapolicyd is responsible for why repositories are shown as empty after a GitLab restore.
Adding a new check
Verification steps for review
Using RedHat (or similar) as the base OS with the default settings:
- Run the playbook
- The report should not have a
messagevalue for this check - Install and enable
fapolicyd - Run the playbook again
- The report should have a
messagevalue for this check
Author checklist
- After opening the MR:
-
Set it to the current milestone -
Ask the Maintainer from the Reviewer roulettesuggestion for review
-
Reviewer checklist
-
I followed the verification steps and confirm the functionality of the new check -
This check does only perform read operations -
This check does not output more than necessary on stdout for the check to function -
The messageexplains what it means when this check does not pass -
The workaround_urlprovides actionable information/steps for affected users -
This check is not using the Rails console/runner, or has Maintainer approval for doing so -
If this is a breaking change check: -
It has the corresponding xx_breaking_changestag (xx being the major release version for the change) -
The workaround_urlgoes to the entry on the https://docs.gitlab.com/update/deprecations/ page -
The ref_urlgoes to the deprecation issue linked from that entry -
The titleis the same as that entry -
The version_startedis equal to theannouncement_milestoneof the deprecation -
The version_fixedis equal to theremoval_milestoneof the deprecation
-
Edited by Brie Carranza