)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":28619,"name":"Dmitriy Rabotyagov","email":"noonedeadpunk@gmail.com","username":"noonedeadpunk"},"change_message_id":"007fb5d6567a155a8443cf54ae0cbf80a84e0b6c","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"c36825bd_5b04468f","updated":"2021-11-22 17:27:03.000000000","message":"Maybe also writing several strings in our doc https://docs.openstack.org/openstack-ansible/latest/user/security/index.html ?","commit_id":"33f5876381c6ee1ecac290adf968c4364c340344"},{"author":{"_account_id":31749,"name":"James Gibson","email":"james.gibson@bbc.co.uk","username":"jamesgibo"},"change_message_id":"76455b85fea036071cc62dc4e86be23fe7022805","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":3,"id":"948e80e7_a0435e0f","in_reply_to":"c36825bd_5b04468f","updated":"2021-12-01 16:59:10.000000000","message":"Yeah, I am putting together a separate patch with some docs for all of the TLS related patches I have put together.","commit_id":"33f5876381c6ee1ecac290adf968c4364c340344"}],"inventory/group_vars/haproxy/haproxy.yml":[{"author":{"_account_id":28619,"name":"Dmitriy Rabotyagov","email":"noonedeadpunk@gmail.com","username":"noonedeadpunk"},"change_message_id":"007fb5d6567a155a8443cf54ae0cbf80a84e0b6c","unresolved":true,"context_lines":[{"line_number":208,"context_line":"  haproxy_redirect_scheme: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(\u0027https if !{ ssl_fc } !{ path_beg /.well-known/acme-challenge/ }\u0027, \u0027https if !{ ssl_fc }\u0027) }}\""},{"line_number":209,"context_line":"  haproxy_frontend_acls: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(haproxy_ssl_letsencrypt_acl, {}) }}\""},{"line_number":210,"context_line":"  haproxy_acls: \"{{ keystone_security_txt_content is defined | ternary(haproxy_security_txt_acl, {}) }}\""},{"line_number":211,"context_line":"  haproxy_raw: \"{{ (haproxy_ssl | bool ) | ternary((haproxy_horizon_csp is defined | ternary(haproxy_security_headers + [ haproxy_horizon_csp ], haproxy_security_headers + [ haproxy_security_headers_csp ])), []) }}\""},{"line_number":212,"context_line":""},{"line_number":213,"context_line":"haproxy_ironic_api_service:"},{"line_number":214,"context_line":"  haproxy_service_name: ironic_api"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"cab890ed_75837390","line":211,"range":{"start_line":211,"start_character":40,"end_line":211,"end_character":41},"updated":"2021-11-22 17:27:03.000000000","message":"should we add \"and haproxy_security_headers\"?","commit_id":"33f5876381c6ee1ecac290adf968c4364c340344"},{"author":{"_account_id":25023,"name":"Jonathan Rosser","email":"jonathan.rosser@rd.bbc.co.uk","username":"jrosser"},"change_message_id":"4c4d61e7a1088ed4c206713d333146ad052a036b","unresolved":true,"context_lines":[{"line_number":208,"context_line":"  haproxy_redirect_scheme: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(\u0027https if !{ ssl_fc } !{ path_beg /.well-known/acme-challenge/ }\u0027, \u0027https if !{ ssl_fc }\u0027) }}\""},{"line_number":209,"context_line":"  haproxy_frontend_acls: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(haproxy_ssl_letsencrypt_acl, {}) }}\""},{"line_number":210,"context_line":"  haproxy_acls: \"{{ keystone_security_txt_content is defined | ternary(haproxy_security_txt_acl, {}) }}\""},{"line_number":211,"context_line":"  haproxy_raw: \"{{ (haproxy_ssl | bool ) | ternary((haproxy_horizon_csp is defined | ternary(haproxy_security_headers + [ haproxy_horizon_csp ], haproxy_security_headers + [ haproxy_security_headers_csp ])), []) }}\""},{"line_number":212,"context_line":""},{"line_number":213,"context_line":"haproxy_ironic_api_service:"},{"line_number":214,"context_line":"  haproxy_service_name: ironic_api"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"b3a1b2f9_0d3e7ac0","line":211,"range":{"start_line":211,"start_character":85,"end_line":211,"end_character":206},"updated":"2021-11-19 16:09:58.000000000","message":"this part should be able to be simplified with the use of default() rather than ternary as the decision is made depending on haproxy_horizon_csp being defined.\n\n  ternary(haproxy_security_headers + [ haproxy_horizon_csp | default(haproxy_security_headers_csp) ], [])","commit_id":"33f5876381c6ee1ecac290adf968c4364c340344"},{"author":{"_account_id":31749,"name":"James Gibson","email":"james.gibson@bbc.co.uk","username":"jamesgibo"},"change_message_id":"76455b85fea036071cc62dc4e86be23fe7022805","unresolved":false,"context_lines":[{"line_number":208,"context_line":"  haproxy_redirect_scheme: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(\u0027https if !{ ssl_fc } !{ path_beg /.well-known/acme-challenge/ }\u0027, \u0027https if !{ ssl_fc }\u0027) }}\""},{"line_number":209,"context_line":"  haproxy_frontend_acls: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(haproxy_ssl_letsencrypt_acl, {}) }}\""},{"line_number":210,"context_line":"  haproxy_acls: \"{{ keystone_security_txt_content is defined | ternary(haproxy_security_txt_acl, {}) }}\""},{"line_number":211,"context_line":"  haproxy_raw: \"{{ (haproxy_ssl | bool ) | ternary((haproxy_horizon_csp is defined | ternary(haproxy_security_headers + [ haproxy_horizon_csp ], haproxy_security_headers + [ haproxy_security_headers_csp ])), []) }}\""},{"line_number":212,"context_line":""},{"line_number":213,"context_line":"haproxy_ironic_api_service:"},{"line_number":214,"context_line":"  haproxy_service_name: ironic_api"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"30f81dca_00e2db4b","line":211,"range":{"start_line":211,"start_character":85,"end_line":211,"end_character":206},"in_reply_to":"72a1d501_aa725dcd","updated":"2021-12-01 16:59:10.000000000","message":"Done","commit_id":"33f5876381c6ee1ecac290adf968c4364c340344"},{"author":{"_account_id":28619,"name":"Dmitriy Rabotyagov","email":"noonedeadpunk@gmail.com","username":"noonedeadpunk"},"change_message_id":"007fb5d6567a155a8443cf54ae0cbf80a84e0b6c","unresolved":true,"context_lines":[{"line_number":208,"context_line":"  haproxy_redirect_scheme: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(\u0027https if !{ ssl_fc } !{ path_beg /.well-known/acme-challenge/ }\u0027, \u0027https if !{ ssl_fc }\u0027) }}\""},{"line_number":209,"context_line":"  haproxy_frontend_acls: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(haproxy_ssl_letsencrypt_acl, {}) }}\""},{"line_number":210,"context_line":"  haproxy_acls: \"{{ keystone_security_txt_content is defined | ternary(haproxy_security_txt_acl, {}) }}\""},{"line_number":211,"context_line":"  haproxy_raw: \"{{ (haproxy_ssl | bool ) | ternary((haproxy_horizon_csp is defined | ternary(haproxy_security_headers + [ haproxy_horizon_csp ], haproxy_security_headers + [ haproxy_security_headers_csp ])), []) }}\""},{"line_number":212,"context_line":""},{"line_number":213,"context_line":"haproxy_ironic_api_service:"},{"line_number":214,"context_line":"  haproxy_service_name: ironic_api"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"72a1d501_aa725dcd","line":211,"range":{"start_line":211,"start_character":85,"end_line":211,"end_character":206},"in_reply_to":"b3a1b2f9_0d3e7ac0","updated":"2021-11-22 17:27:03.000000000","message":"yes, double ternary is super hard to read. we need to simplify that for sure.","commit_id":"33f5876381c6ee1ecac290adf968c4364c340344"},{"author":{"_account_id":31749,"name":"James Gibson","email":"james.gibson@bbc.co.uk","username":"jamesgibo"},"change_message_id":"76455b85fea036071cc62dc4e86be23fe7022805","unresolved":false,"context_lines":[{"line_number":208,"context_line":"  haproxy_redirect_scheme: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(\u0027https if !{ ssl_fc } !{ path_beg /.well-known/acme-challenge/ }\u0027, \u0027https if !{ ssl_fc }\u0027) }}\""},{"line_number":209,"context_line":"  haproxy_frontend_acls: \"{{ (haproxy_ssl_letsencrypt_enable | bool and haproxy_ssl | bool) | ternary(haproxy_ssl_letsencrypt_acl, {}) }}\""},{"line_number":210,"context_line":"  haproxy_acls: \"{{ keystone_security_txt_content is defined | ternary(haproxy_security_txt_acl, {}) }}\""},{"line_number":211,"context_line":"  haproxy_raw: \"{{ (haproxy_ssl | bool ) | ternary((haproxy_horizon_csp is defined | ternary(haproxy_security_headers + [ haproxy_horizon_csp ], haproxy_security_headers + [ haproxy_security_headers_csp ])), []) }}\""},{"line_number":212,"context_line":""},{"line_number":213,"context_line":"haproxy_ironic_api_service:"},{"line_number":214,"context_line":"  haproxy_service_name: ironic_api"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"f07377f0_e5f7d7e3","line":211,"range":{"start_line":211,"start_character":40,"end_line":211,"end_character":41},"in_reply_to":"cab890ed_75837390","updated":"2021-12-01 16:59:10.000000000","message":"Done","commit_id":"33f5876381c6ee1ecac290adf968c4364c340344"}]}
