diff --git a/.gitignore b/.gitignore index 5bce807..6ec4a27 100644 --- a/.gitignore +++ b/.gitignore @@ -1,19 +1,23 @@ -SOURCES/ansible-sshd-1c5c48835e01adc176febf945e1fd36b7d9af7fd.tar.gz -SOURCES/auto-maintenance-2dd50c8a16af647e4c7a768c481335e97735958a.tar.gz -SOURCES/certificate-1.1.0.tar.gz -SOURCES/crypto_policies-1.2.0.tar.gz -SOURCES/ha_cluster-1.3.0.tar.gz -SOURCES/kdump-1.1.0.tar.gz -SOURCES/kernel_settings-1.1.0.tar.gz -SOURCES/logging-1.5.1.tar.gz -SOURCES/metrics-1.3.1.tar.gz -SOURCES/nbde_client-1.1.0.tar.gz -SOURCES/nbde_server-1.1.0.tar.gz -SOURCES/network-1.4.0.tar.gz -SOURCES/postfix-1.1.0.tar.gz -SOURCES/selinux-1.3.0.tar.gz -SOURCES/ssh-1.1.0.tar.gz -SOURCES/storage-1.6.1.tar.gz -SOURCES/timesync-1.6.0.tar.gz -SOURCES/tlog-1.2.0.tar.gz -SOURCES/vpn-1.2.0.tar.gz +SOURCES/ansible-posix-1.3.0.tar.gz +SOURCES/ansible-sshd-214df35c0bee77b5d69f49c2da269251d451b28f.tar.gz +SOURCES/auto-maintenance-5e7bb389fc5e93184871b3907e75ba896874dc21.tar.gz +SOURCES/certificate-1.1.3.tar.gz +SOURCES/cockpit-1.2.1.tar.gz +SOURCES/community-general-4.6.0.tar.gz +SOURCES/crypto_policies-1.2.3.tar.gz +SOURCES/firewall-1.1.0.tar.gz +SOURCES/ha_cluster-1.4.1.tar.gz +SOURCES/kdump-1.2.2.tar.gz +SOURCES/kernel_settings-1.1.6.tar.gz +SOURCES/logging-1.8.1.tar.gz +SOURCES/metrics-1.5.1.tar.gz +SOURCES/nbde_client-1.2.2.tar.gz +SOURCES/nbde_server-1.1.2.tar.gz +SOURCES/network-1.7.1.tar.gz +SOURCES/postfix-1.2.0.tar.gz +SOURCES/selinux-1.3.4.tar.gz +SOURCES/ssh-1.1.4.tar.gz +SOURCES/storage-1.7.0.tar.gz +SOURCES/timesync-1.6.6.tar.gz +SOURCES/tlog-1.2.5.tar.gz +SOURCES/vpn-1.3.2.tar.gz diff --git a/.rhel-system-roles.metadata b/.rhel-system-roles.metadata index 0348be1..265b0e5 100644 --- a/.rhel-system-roles.metadata +++ b/.rhel-system-roles.metadata @@ -1,19 +1,23 @@ -81dc493a73559dc310a806c8dad6c310f2456512 SOURCES/ansible-sshd-1c5c48835e01adc176febf945e1fd36b7d9af7fd.tar.gz -88baab8db9cba232b8deb8c690dccf2d3ef77b31 SOURCES/auto-maintenance-2dd50c8a16af647e4c7a768c481335e97735958a.tar.gz -b677782b53c4ffe790528b4b2c12f31b07523b4c SOURCES/certificate-1.1.0.tar.gz -1dea114d52dd032bde01a2a64a9b8233daeaa8dc SOURCES/crypto_policies-1.2.0.tar.gz -d3c6ec22b1e60ad3b53b07009ac54e946355aa75 SOURCES/ha_cluster-1.3.0.tar.gz -3e3e61b4a8fecc8fb649ab32a3751bd3a3930281 SOURCES/kdump-1.1.0.tar.gz -90ea8d850a2c46988e4128df36c1254b787d2fb7 SOURCES/kernel_settings-1.1.0.tar.gz -61127d1b542bf7501ca16834c1716cb01883abfa SOURCES/logging-1.5.1.tar.gz -170825f78241811a16095f795a93cc9144c39a98 SOURCES/metrics-1.3.1.tar.gz -f3298859354c92921a3b68fa76f877d4596915d6 SOURCES/nbde_client-1.1.0.tar.gz -a2c85f6a850285c8afb8635de0cbbb7eb2b46530 SOURCES/nbde_server-1.1.0.tar.gz -73207015b9e48cd2bdf86fab68f8f34e2181a94b SOURCES/network-1.4.0.tar.gz -8f10d7be6d7ea3d855cf5d22f32b5ba7bb8302be SOURCES/postfix-1.1.0.tar.gz -0f6894033fc2110eac6b81b5e6b4ca9ca0af6632 SOURCES/selinux-1.3.0.tar.gz -b5e0786216e22508435c13b4da7b6fcce4ad82fe SOURCES/ssh-1.1.0.tar.gz -5820c668d774e9a267011376138cca5a64fb23dd SOURCES/storage-1.6.1.tar.gz -7bf364246b52dd8df3de6b6c9bf4553410983439 SOURCES/timesync-1.6.0.tar.gz -ad38181af7223caa21b602e91d0feeb9085451e0 SOURCES/tlog-1.2.0.tar.gz -9f91e40a6657e262893f85158706934954bcbcb2 SOURCES/vpn-1.2.0.tar.gz +d2d2382c38eaf34d2295aba2aa4652d75ebbaeef SOURCES/ansible-posix-1.3.0.tar.gz +a4d4556cf6628e87fa62dec6c46099338b499930 SOURCES/ansible-sshd-214df35c0bee77b5d69f49c2da269251d451b28f.tar.gz +a2ec14498a7fd213f08dd24ca139039c958b07fd SOURCES/auto-maintenance-5e7bb389fc5e93184871b3907e75ba896874dc21.tar.gz +cee41b5fd6359e9ddeb83c5af7b8057fef6b2334 SOURCES/certificate-1.1.3.tar.gz +004064268df0e7dd154331b7799272d3277388d4 SOURCES/cockpit-1.2.1.tar.gz +ad8684050c86bad7ce4882a84e14be6867a56d8d SOURCES/community-general-4.6.0.tar.gz +0684c1335923ba8ebbb05afbd507e5ff31f874d6 SOURCES/crypto_policies-1.2.3.tar.gz +fcb8d48ccaeba886859ce6afd3d14bbb3f8a5667 SOURCES/firewall-1.1.0.tar.gz +9a990a4908bdf3269bce4f214907623780a5e221 SOURCES/ha_cluster-1.4.1.tar.gz +a1c9c89dea1dbe2410465c29ad0e1d3637ac5f52 SOURCES/kdump-1.2.2.tar.gz +0a681d1e3b236c4750d663f2a833e786a5e958ab SOURCES/kernel_settings-1.1.6.tar.gz +e530528ba5f9478cc8604aa6612388ea8e5078af SOURCES/logging-1.8.1.tar.gz +430ce63a7b45b97305e4f8591192fa7e58af8292 SOURCES/metrics-1.5.1.tar.gz +0424321322eb4d80560a8d2d9fee406296728463 SOURCES/nbde_client-1.2.2.tar.gz +33f0a3ea008021e69b2bbd7b25f6536f91e7613d SOURCES/nbde_server-1.1.2.tar.gz +dcd2261fe6b6a998aca3eb6c968204152e2ffd51 SOURCES/network-1.7.1.tar.gz +95c54da9ef5acaae9553f2c4ed250452502ab9e0 SOURCES/postfix-1.2.0.tar.gz +4e5c5216814577ee55304721e5c811ed8857efbc SOURCES/selinux-1.3.4.tar.gz +f38972c4b22a9f226b58725c7e9ba8fac692bba2 SOURCES/ssh-1.1.4.tar.gz +0728b4e01261f84ce470431a4ea21907db75f26a SOURCES/storage-1.7.0.tar.gz +0bd118c9df9bf556a76d42c92bde11fde5553eba SOURCES/timesync-1.6.6.tar.gz +17e6f3d437d161143c87b6709a42a3eff6ef7df0 SOURCES/tlog-1.2.5.tar.gz +d1bb00636c04bc1b2d94ce0e491afe9ef921cd56 SOURCES/vpn-1.3.2.tar.gz diff --git a/SOURCES/network-tier1-tags.diff b/SOURCES/network-tier1-tags.diff deleted file mode 100644 index 9529a03..0000000 --- a/SOURCES/network-tier1-tags.diff +++ /dev/null @@ -1,54 +0,0 @@ -From 4b1a8a87e7d297fd6669d653af7308dd9c1a513a Mon Sep 17 00:00:00 2001 -From: Rich Megginson -Date: Thu, 6 May 2021 13:52:38 -0600 -Subject: [PATCH] tag 802-1x test as expfail; make sure bridge test cleans up - properly - -The 802-1x test will fail on platforms where `hostapd` is not available, -so tag that test to make it skippable. - -The initscripts bridge test does not clean up properly, leaving the -device around which causes the nm test to fail. Explicitly remove -the device for cleanup. ---- - tests/playbooks/tests_802_1x.yml | 2 ++ - tests/playbooks/tests_bridge.yml | 10 ++++++++++ - 2 files changed, 12 insertions(+) - -diff --git a/tests/playbooks/tests_802_1x.yml b/tests/playbooks/tests_802_1x.yml -index 9cce1ae..4ceebb1 100644 ---- a/tests/playbooks/tests_802_1x.yml -+++ b/tests/playbooks/tests_802_1x.yml -@@ -3,6 +3,8 @@ - - hosts: all - vars: - interface: 802-1x-test -+ tags: -+ - tests::expfail - tasks: - - name: "INIT: 802.1x tests" - debug: -diff --git a/tests/playbooks/tests_bridge.yml b/tests/playbooks/tests_bridge.yml -index d79d6ad..14b1225 100644 ---- a/tests/playbooks/tests_bridge.yml -+++ b/tests/playbooks/tests_bridge.yml -@@ -49,6 +49,16 @@ - profile: "{{ interface }}" - task: tasks/assert_profile_absent.yml - -+- name: Remove test bridge -+ hosts: all -+ tags: -+ - tests::cleanup -+ tasks: -+ - name: Remove the test interface -+ command: ip link delete {{ interface | quote }} -+ ignore_errors: yes -+ changed_when: false -+ - # FIXME: Devices might still be left when profile is absent - # - import_playbook: run_tasks.yml - # vars: --- -2.30.2 - diff --git a/SPECS/rhel-system-roles.spec b/SPECS/rhel-system-roles.spec index e0d9256..7ae6c5d 100644 --- a/SPECS/rhel-system-roles.spec +++ b/SPECS/rhel-system-roles.spec @@ -1,7 +1,16 @@ +# NOTE: Even though ansible-core is in 8.6, it is only available +# at *runtime*, not at *buildtime* - so we can't have +# ansible-core as a build_dep on RHEL8 +%if 0%{?fedora} || 0%{?rhel} >= 9 +%bcond_without ansible +%global ansible_build_dep ansible-core >= 2.11.0 +%else %if 0%{?rhel} && ! 0%{?epel} %bcond_with ansible %else %bcond_without ansible +%global ansible_build_dep ansible >= 2.9.10 +%endif %endif %bcond_with collection_artifact @@ -21,11 +30,11 @@ Name: linux-system-roles %endif Url: https://github.com/linux-system-roles Summary: Set of interfaces for unified system management -Version: 1.7.3 -Release: 2%{?dist} +Version: 1.16.2 +Release: 1%{?dist} #Group: Development/Libraries -License: GPLv3+ and MIT and BSD +License: GPLv3+ and MIT and BSD and Python %global installbase %{_datadir}/linux-system-roles %global _pkglicensedir %{_licensedir}/%{name} %global rolealtprefix linux-system-roles. @@ -45,7 +54,6 @@ License: GPLv3+ and MIT and BSD %global collection_namespace fedora %global collection_name linux_system_roles %endif -%global subrole_prefix "private_${role}_subrole_" %global collection_version %{version} @@ -64,9 +72,19 @@ License: GPLv3+ and MIT and BSD %endif %endif +# ansible-core is in rhel 8.6 and later - default to ansible-core, but allow +# the use of ansible if present - we may revisit this if the automatic dependency +# generator is added to ansible-core in RHEL +# Fedora - the automatic generator will add this - no need to explicit declare +# it in the spec file +# EL7 - no dependency on ansible because there is no ansible in el7 - user is +# responsible for knowing they have to install ansible +%if 0%{?rhel} >= 8 +Requires: (ansible-core >= 2.11.0 or ansible >= 2.9.0) +%endif %if %{with ansible} -BuildRequires: ansible >= 2.9.10 +BuildRequires: %{ansible_build_dep} %endif %if %{without ansible} @@ -109,79 +127,85 @@ BuildRequires: ansible >= 2.9.10 #%%defcommit 1 14314822b529520ac12964e0d2938c4bb18ab895 %global rolename1 postfix -%deftag 1 1.1.0 +%deftag 1 1.2.0 #%%defcommit 2 9fe6eb36772e83b53dcfb8ceb73608fd4f72eeda %global rolename2 selinux -%deftag 2 1.3.0 +%deftag 2 1.3.4 -#%%defcommit 3 8db8f9ed9088432bac7abf68f1b284475a3baa38 +#%%defcommit 3 cbe4bf262bffae3bf53e531662237741954c4182 %global rolename3 timesync -%deftag 3 1.6.0 +%deftag 3 1.6.6 #%%defcommit 4 02fc72b482e165472624b2f68eecd2ddce1d93b1 %global rolename4 kdump -%deftag 4 1.1.0 +%deftag 4 1.2.2 -#%%defcommit 5 b08a0b3748ee87aa3bdbcf1f0b7e41ef4971bbee +#%%defcommit 5 61423ed36fc6da6dbe8321912e896c59a2d8e2f6 %global rolename5 network -%deftag 5 1.4.0 +%deftag 5 1.7.1 -#%%defcommit 6 b3b456183edb7b8aa6ceff7ce667d8e22009ef6a +#%%defcommit 6 50d2b8ccc98a8f4cb9d1d550d21adc227181e9fa %global rolename6 storage -%deftag 6 1.6.1 +%deftag 6 1.7.0 -#%%defcommit 7 0673d842fb32c437501e2aada2e38921da98e115 +#%%defcommit 7 d57caa8ca506d8cbc7ca0f96f7cb62b7e965f163 %global rolename7 metrics -%deftag 7 1.3.1 +%deftag 7 1.5.1 #%%defcommit 8 2b9e53233ee3a68bdb532e62f289733e436a6106 %global rolename8 tlog -%deftag 8 1.2.0 +%deftag 8 1.2.5 #%%defcommit 9 9373303b98e09ef38df7afc8d06e5e55812096c7 %global rolename9 kernel_settings -%deftag 9 1.1.0 +%deftag 9 1.1.6 #%%defcommit 10 20dd3e5520ca06dcccaa9b3f1fb428d055e0c23f %global rolename10 logging -%deftag 10 1.5.1 +%deftag 10 1.8.1 #%%defcommit 11 c57d0b1f3384c525738fa26ba4bdca485e162567 %global rolename11 nbde_server -%deftag 11 1.1.0 +%deftag 11 1.1.2 #%%defcommit 12 bef2fad5e365712d1f40e53662490ba2550a253f %global rolename12 nbde_client -%deftag 12 1.1.0 +%deftag 12 1.2.2 #%%defcommit 13 310fc53db04e8d3134524afb7a89b0477a2ffb83 %global rolename13 certificate -%deftag 13 1.1.0 +%deftag 13 1.1.3 #%%defcommit 14 b2a9857ac661fa32e66666e444b73bfdb34cdf95 %global rolename14 crypto_policies -%deftag 14 1.2.0 +%deftag 14 1.2.3 %global forgeorg15 https://github.com/willshersystems %global repo15 ansible-sshd %global rolename15 sshd -%defcommit 15 1c5c48835e01adc176febf945e1fd36b7d9af7fd -#%%deftag 15 v0.13.1 +%defcommit 15 214df35c0bee77b5d69f49c2da269251d451b28f +#%%deftag 15 v0.14.1 #%%defcommit 16 59b9fd7b25607d8bd33bdb082748955f2652846a %global rolename16 ssh -%deftag 16 1.1.0 +%deftag 16 1.1.4 #%%defcommit 17 f901239cb91878719c9e7461760ef8d4789d626d %global rolename17 ha_cluster -%deftag 17 1.3.0 +%deftag 17 1.4.1 #%%defcommit 18 5f6cb73e6753fbdbb219b7d3079f0378b2d3bdb3 %global rolename18 vpn -%deftag 18 1.2.0 +%deftag 18 1.3.2 + +%global rolename19 firewall +%deftag 19 1.1.0 -%global mainid 2dd50c8a16af647e4c7a768c481335e97735958a +%global rolename20 cockpit +%deftag 20 1.2.1 + +%global mainid 5e7bb389fc5e93184871b3907e75ba896874dc21 Source: %{url}/auto-maintenance/archive/%{mainid}/auto-maintenance-%{mainid}.tar.gz Source1: %{archiveurl1} Source2: %{archiveurl2} @@ -201,13 +225,22 @@ Source15: %{archiveurl15} Source16: %{archiveurl16} Source17: %{archiveurl17} Source18: %{archiveurl18} +Source19: %{archiveurl19} +Source20: %{archiveurl20} + +# Collection tarballs from Automation Hub +# Not used on Fedora. +Source801: ansible-posix-1.3.0.tar.gz + +# Collection tarballs from Galaxy +# Not used on Fedora. +Source901: community-general-4.6.0.tar.gz # Script to convert the collection README to Automation Hub. # Not used on Fedora. Source998: collection_readme.sh -Patch51: network-tier1-tags.diff -Patch52: network-disable-bondtests.diff +Patch51: network-disable-bondtests.diff BuildArch: noarch @@ -225,15 +258,9 @@ BuildRequires: highlight # Requirements for galaxy_transform.py BuildRequires: python3 %if 0%{?fedora} || 0%{?rhel} >= 8 -BuildRequires: python3dist(ruamel.yaml) - -Requires: python3-jmespath -Requires: python3-netaddr +BuildRequires: %{py3_dist ruamel.yaml} %else BuildRequires: python3-ruamel-yaml - -Requires: python-jmespath -Requires: python-netaddr %endif Obsoletes: rhel-system-roles-techpreview < 1.0-3 @@ -267,7 +294,19 @@ Collection artifact for %{name}. This package contains %{collection_namespace}-% %endif %prep -%setup -q -a1 -a2 -a3 -a4 -a5 -a6 -a7 -a8 -a9 -a10 -a11 -a12 -a13 -a14 -a15 -a16 -a17 -a18 -n %{getarchivedir 0} +%setup -q -a1 -a2 -a3 -a4 -a5 -a6 -a7 -a8 -a9 -a10 -a11 -a12 -a13 -a14 -a15 -a16 -a17 -a18 -a19 -a20 -n %{getarchivedir 0} + +for file in %_sourcedir/*.tar.gz; do + if [[ "$file" =~ %_sourcedir/([^-]+)-([^-]+)-(.+).tar.gz ]]; then + ns=${BASH_REMATCH[1]} + name=${BASH_REMATCH[2]} + ver=${BASH_REMATCH[3]} + mkdir -p .external/$ns/$name + pushd .external/$ns/$name > /dev/null + tar xfz "$file" + popd > /dev/null + fi +done declare -A ROLESTODIR=(%{rolestodir}) for rolename in %{rolenames}; do @@ -293,7 +332,6 @@ cd ../.. cd %{rolename5} %patch51 -p1 -%patch52 -p1 cd .. cd %{rolename15} sed -r -i -e "s/ansible-sshd/linux-system-roles.sshd/" tests/*.yml examples/*.yml @@ -301,6 +339,64 @@ sed -r -i -e "s/ willshersystems.sshd/ linux-system-roles.sshd/" tests/*.yml exa sed -r -i -e "s/min_ansible_version: 2.8/min_ansible_version: 2.9/" meta/main.yml cd .. +cd %{rolename7} +# metrics roles dir is a symlink to the vendored dir. +# rpm upgrade doesn't like the symlink. Replace the +# symlink with the real dir +rolesdir=$(pwd)/roles +realrolesdir=$(realpath "$rolesdir") +if [ "$rolesdir" != "$realrolesdir" ]; then + rm -rf roles + mv "$realrolesdir" . + rm -rf vendor +fi +cd .. + +%if 0%{?rhel} +# Unpack tar.gz to retrieve to be vendored modules and place them in the roles library. +# ansible.posix: +# - library: +# - Module selinux and seboolean for the selinux role +# - Module mount for the storage role +declare -A module_map=( ["selinux.py"]="selinux" ["seboolean.py"]="selinux" ["mount.py"]="storage" ) +for module in "${!module_map[@]}"; do + role="${module_map[${module}]}" + if [ ! -d $role/library ]; then + mkdir $role/library + fi + cp -pL .external/ansible/posix/plugins/modules/$module $role/library/$module + sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' -e "s/ansible_collections.ansible.posix.plugins.module_utils/ansible.module_utils.${role}_lsr/" $role/library/$module +done + +# ansible.posix: +# - module_utils: +# - Module_util mount for the storage role +module_map=( ["mount.py"]="storage" ) +for module in "${!module_map[@]}"; do + role="${module_map[${module}]}" + if [ ! -d $role/module_utils/${role}_lsr ]; then + mkdir -p $role/module_utils/${role}_lsr + fi + cp -pL .external/ansible/posix/plugins/module_utils/$module $role/module_utils/${role}_lsr/$module + sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' $role/library/$module +done + +# community.general: +# - library: +# - Module seport, sefcontext and selogin for the selinux role rolename2 +# - Module ini_file for role tlog +module_map=( ["seport.py"]="selinux" ["sefcontext.py"]="selinux" ["selogin.py"]="selinux" ["ini_file.py"]="tlog" ) +for module in "${!module_map[@]}"; do + role="${module_map[${module}]}" + if [ ! -d $role/library ]; then + mkdir $role/library + fi + cp -pL .external/community/general/plugins/modules/$module $role/library/$module + ls -alrtF $role/library/$module + sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' $role/library/$module +done +%endif + # Replacing "linux-system-roles.rolename" with "rhel-system-roles.rolename" in each role %if "%{roleprefix}" != "linux-system-roles." for rolename in %{rolenames}; do @@ -346,44 +442,35 @@ mkdir .collections %if 0%{?rhel} # Convert the upstream collection readme to the downstream one %{SOURCE998} lsr_role2collection/collection_readme.md +./galaxy_transform.py "%{collection_namespace}" "%{collection_name}" "%{collection_version}" \ + "Red Hat Enterprise Linux System Roles Ansible Collection" \ + "https://linux-system-roles.github.io" \ + "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/administration_and_configuration_tasks_using_system_roles_in_rhel" \ + "https://access.redhat.com/articles/3050101" \ + "https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%208&component=rhel-system-roles" \ + > galaxy.yml.tmp +# we vendor-in all of the dependencies on rhel, so remove them +rm -f lsr_role2collection/collection_requirements.txt +# but leave bindep.txt +%else +./galaxy_transform.py "%{collection_namespace}" "%{collection_name}" "%{collection_version}" \ + "Linux System Roles Ansible Collection" \ + > galaxy.yml.tmp %endif -./galaxy_transform.py "%{collection_namespace}" "%{collection_name}" "%{collection_version}" "Red Hat Enterprise Linux System Roles Ansible Collection" > galaxy.yml.tmp mv galaxy.yml.tmp galaxy.yml +includes="" for role in %{rolenames}; do - python3 lsr_role2collection.py --role "$role" --src-path "$role" \ - --src-owner %{name} --subrole-prefix %{subrole_prefix} --dest-path .collections \ - --readme lsr_role2collection/collection_readme.md \ - --namespace %{collection_namespace} --collection %{collection_name} -done - -# copy requirements.txt and bindep.txt from auto-maintenance/lsr_role2collection -if [ -f lsr_role2collection/collection_requirements.txt ]; then - cp lsr_role2collection/collection_requirements.txt \ - .collections/ansible_collections/%{collection_namespace}/%{collection_name}/requirements.txt -fi -if [ -f lsr_role2collection/collection_bindep.txt ]; then - cp lsr_role2collection/collection_bindep.txt \ - .collections/ansible_collections/%{collection_namespace}/%{collection_name}/bindep.txt -fi - -rm -f .collections/ansible_collections/%{collection_namespace}/%{collection_name}/tests/sanity/ignore-2.9.txt -# Merge .sanity-ansible-ignore-2.9-ROLENAME.txt into tests/sanity/ignore-2.9.txt -mkdir -p .collections/ansible_collections/%{collection_namespace}/%{collection_name}/tests/sanity -for role in %{rolenames}; do - if [ -f .collections/ansible_collections/%{collection_namespace}/%{collection_name}/.sanity-ansible-ignore-2.9-"$role".txt ]; - then - cat .collections/ansible_collections/%{collection_namespace}/%{collection_name}/.sanity-ansible-ignore-2.9-"$role".txt \ - >> .collections/ansible_collections/%{collection_namespace}/%{collection_name}/tests/sanity/ignore-2.9.txt - rm -f .collections/ansible_collections/%{collection_namespace}/%{collection_name}/.sanity-ansible-ignore-*-"$role".txt - fi + includes="$includes --include $role" +%if 0%{?rhel} + # we vendor-in all of the dependencies on rhel, so remove them + rm -f "$role/meta/requirements.yml" +%endif done -# removing dot files/dirs -rm -r .collections/ansible_collections/%{collection_namespace}/%{collection_name}/.[A-Za-z]* - -cp -p galaxy.yml lsr_role2collection/.ansible-lint \ - .collections/ansible_collections/%{collection_namespace}/%{collection_name} +LANG=en_US.utf-8 LC_ALL=en_US.utf-8 python3 release_collection.py --galaxy-yml galaxy.yml \ + --src-path $(pwd) --dest-path $(pwd)/.collections $includes --force --no-update \ + --src-owner %{name} --skip-git --skip-check --debug # Remove table of contents from logging README.md # It is not needed for html and AH/Galaxy @@ -623,6 +710,225 @@ fi %endif %changelog +* Tue Mar 29 2022 Rich Megginson - 1.16.2-1 +- nbde_client - NBDE client system role does not support servers with static IP addresses + previous fix did not handle some cases + Resolves rhbz#1985022 (EL8) + Resolves rhbz#2031555 (EL9) + +* Fri Mar 18 2022 Rich Megginson - 1.16.1-1 +- network - pytest failed when running with nm providers in the rhel-8.5 beaker machine + Resolves rhbz#2064396 (EL8) + Resolves rhbz#2064401 (EL9) +- network - bond: fix typo in supporting the infiniband ports in active-backup modekernel_settings error configobj not found on RHEL 8.6 managed hosts + Resolves rhbz#2064388 (EL8) + Resolves rhbz#2064391 (EL9) +- network - consistently use ansible_managed in configuration files managed by role + Resolves rhbz#2057656 (EL8) + Resolves rhbz#2057657 (EL9) + +* Thu Mar 17 2022 Rich Megginson - 1.16.0-3 +- remove unneeded metrics patch due to rebase + +* Thu Mar 17 2022 Rich Megginson - 1.16.0-2 +- remove unneeded metrics patch due to rebase +- fix bogus date in changelog + +* Tue Mar 15 2022 Rich Megginson - 1.16.0-1 +- metrics - consistently use ansible_managed in configuration files managed by role + Resolves rhbz#2057645 (EL8) + Resolves rhbz#2057647 (EL9) +- postfix - consistently use ansible_managed in configuration files managed by role + Resolves rhbz#2057661 (EL8) + Resolves rhbz#2057662 (EL9) +- postfix - provide the ability to replace config and reset configuration back to default + Resolves rhbz#2044657 (EL8) + Resolves rhbz#2058780 (EL9) +- new tags required in galaxy.yml for Automation Hub + +* Thu Mar 3 2022 Rich Megginson - 1.15.1-1 +- kernel_settings error configobj not found on RHEL 8.6 managed hosts + Resolves rhbz#2058772 (EL8) + Resolves rhbz#2058756 (EL9) +- timesync: basic-smoke test failure in timesync/tests_ntp.yml + Resolves rhbz#2059293 (EL8) + Resolves rhbz#2058645 (EL9) + +* Tue Mar 1 2022 Noriko Hosoi - 1.15.0-2 +- metrics - follow symlinks for the mssql and elasticsearch configuration paths + Resolves rhbz#2058655 (EL8) + Resolves rhbz#2058777 (EL9) + +* Tue Feb 22 2022 Rich Megginson - 1.15.0-1 +- firewall - ensure target changes take effect immediately + Resolves rhbz#2057172 (EL8) + Resolves rhbz#2057164 (EL9) +- firewall - Firewall RHEL System Role should be able to set default zone + Resolves rhbz#2022458 (EL8) + Resolves rhbz#2022461 (EL9) +- network - tests_802_1x_nm, tests_802_1x_updated_nm fails because of missing hostapd in EPEL + Resolves rhbz#2053862 (EL8) + Resolves rhbz#2053861 (EL9) + +* Mon Feb 14 2022 Rich Megginson - 1.14.0-1 +- ha_cluster - set permissions for haclient group + Resolves rhbz#2049747 (EL8) + Resolves rhbz#2049754 (EL9) +- network - Add more bonding options to rhel-system-roles.network + Resolves rhbz#2008931 (EL8) + Resolves rhbz#2054435 (EL9) +- certificate - should consistently use ansible_managed in hook scripts + Resolves rhbz#2054364 (EL8) + Resolves rhbz#2054368 (EL9) +- tlog - consistently use ansible_managed in configuration files managed by role + Resolves rhbz#2054363 (EL8) + Resolves rhbz#2054367 (EL9) +- vpn - consistently use ansible_managed in configuration files managed by role + Resolves rhbz#2054365 (EL8) + Resolves rhbz#2054369 (EL9) + +* Tue Feb 8 2022 Rich Megginson - 1.13.1-1 +- vpn - template error while templating string: no filter named 'vpn_ipaddr' + Resolves rhbz#2052103 (EL8) + Resolves rhbz#2050341 (EL9) +- kdump - Unable to start service kdump: Job for kdump.service failed because the control process exited with error code. + Resolves rhbz#2052105 (EL8) + Resolves rhbz#2050419 (EL9) +- remove collection dependencies on rhel because we vendor them in + +* Tue Feb 1 2022 Rich Megginson - 1.13.0-1 +- storage - RFE: Add support for RAID volumes (lvm-only) + Resolves rhbz#2016514 (EL8) + Resolves rhbz#2016518 (EL9) +- storage - RFE: Add support for cached volumes (lvm-only) + Resolves rhbz#2016511 (EL8) + Resolves rhbz#2016517 (EL9) +- metrics - metrics role can't be re-run if the Grafana admin password has been changed + Resolves rhbz#1967321 (EL8) + Resolves rhbz#2041632 (EL9) +- nbde_client - NBDE client system role does not support servers with static IP addresses + Resolves rhbz#1985022 (EL8) + Resolves rhbz#2031555 (EL9) +- ha_cluster - [RFE] ha_cluster - Support for creating resource constraints (Location, Ordering, etc.) + Resolves rhbz#2041635 (EL8) + Resolves rhbz#2041634 (EL9) +- firewall - ensure zone exists and can be used in subsequent operations + Resolves rhbz#2042541 (EL8) + Resolves rhbz#2024775 (EL9) +- network - RFE: Support Routing Tables in static routes in Network Role + Resolves rhbz#2031521 (EL8) + Resolves rhbz#2049798 (EL9) +- network - Failure to activate connection: nm-manager-error-quark: No suitable device found for this connection + Resolves rhbz#2034908 (EL8) + Resolves rhbz#2038957 (EL9) +- network - Set DNS search setting only for enabled IP protocols + Resolves rhbz#2041627 (EL8) + Resolves rhbz#2004899 (EL9) + +* Thu Jan 27 2022 Rich Megginson - 1.12.0-1 +- vpn - use custom vpn_ipaddr filter to make role work on RHEL 8.6 with ansible-core + this is covered by "make roles work with ansible-core on all platforms" BZ +- logging - Logging role "logging_purge_confs" option not properly working + Resolves rhbz#2040812 (EL8) + Resolves rhbz#2039106 (EL9) +- kernel_settings role should use ansible_managed in its configuration file + Resolves rhbz#2047504 (EL8) + Resolves rhbz#2047506 (EL9) + +* Thu Jan 20 2022 Fedora Release Engineering - 1.11.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Dec 14 2021 Rich Megginson - 1.11.0-2 +- RHEL8.6, 9 - add "Requires: ansible-core or ansible" + +* Thu Dec 2 2021 Rich Megginson - 1.11.0-1 +- timesync - fix ansible 2.12 issues, service_facts issues + Resolves rhbz#2012316 (EL8) + Resolves rhbz#2012298 (EL9) +- timesync - Failure related to missing ntp/ntpd package/service on RHEL-9 host + Resolves rhbz#2029463 (EL9) +- logging - add test case for immark quoting issue + Resolves rhbz#2021678 (EL8) + Resolves rhbz#2021676 (EL9) +- cockpit - use existing cert - cockpit_cert, cockpit_private_key + Resolves rhbz#2021661 (EL8) + Resolves rhbz#2021028 (EL9) +- storage - fix ansible 2.12 issues, service_facts issues; workaround lvm, udev issues in tests + Resolves rhbz#2012316 (EL8) + Resolves rhbz#2012298 (EL9) +- ssh - tests_all_options.yml: "assertion": "'StdinNull yes' in config.content | b64decode ", failure + Resolves rhbz#2029614 (EL8) + Resolves rhbz#2029427 (EL9) +- kdump - support reboot required and reboot ok + Resolves rhbz#2029605 (EL8) + Resolves rhbz#2029602 (EL9) +- metrics - sync with latest ansible-pcp + Resolves rhbz#2012316 (EL8) + Resolves rhbz#2012298 (EL9) +- sshd - should detect FIPS mode and handle tasks correctly in FIPS mode + Resolves rhbz#1979714 (EL8) + Resolves rhbz#2029634 (EL9) + +* Mon Nov 8 2021 Rich Megginson - 1.10.0-1 +- add cockpit role + Resolves rhbz#2021661 (EL8) + Resolves rhbz#2021028 (EL9) +- add firewall role + Resolves rhbz#1854988 (EL8) + Resolves rhbz#2021665 (EL9) +- firewall - add ability to add-source + Resolves rhbz#1932678 (EL8) + Resolves rhbz#2021667 (EL9) +- firewall - allow user defined zones + Resolves rhbz#1850768 (EL8) + Resolves rhbz#2021669 (EL9) +- firewall - allow specifying the zone + Resolves rhbz#1850753 (EL8) + Resolves rhbz#2021670 (EL9) +- updates for ansible 2.12 support + Resolves rhbz#2012316 (EL8) + Resolves rhbz#2012298 (EL9) +- update community.general to 4.0.1 + Resolves rhbz#2006081 (EL8) + Resolves rhbz#2006076 (EL9) +- network - Allow to specify PCI address to configure profiles + Resolves rhbz#1695634 (EL8) + Resolves rhbz#1999162 (EL9) +- network - support wifi Enhanced Open (OWE) + Resolves rhbz#1993379 (EL8) + Resolves rhbz#1993377 (EL9) +- network - support WPA3 Simultaneous Authentication of Equals(SAE) + Resolves rhbz#1993311 (EL8) + Resolves rhbz#1993304 (EL9) +- network - RFE: Support ignoring default gateway retrieved by DHCP/IPv6-RA + Resolves rhbz#1897565 (EL8) + Resolves rhbz#1978773 (EL9) +- network - Update network system role to reflect that network teaming is deprecated in RHEL 9 + Resolves rhbz#1897565 (EL8) + Resolves rhbz#1999770 (EL9) +- selinux - fails linit rules role-name and unnamed-task + Resolves rhbz#1974000 (EL8) + Resolves rhbz#2021675 (EL9) +- kernel_settings - ansible_managed | comment BZs: + Resolves rhbz#2006230 (EL9) + Resolves rhbz#2006231 (EL8) + Resolves rhbz#2006233 (EL7) +- logging - logging role missing quotes for immark module interval value + Resolves rhbz#2021678 (EL8) + Resolves rhbz#2021676 (EL9) +- logging - Add user and password + Resolves rhbz#2010327 (EL8) + Resolves rhbz#1990490 (EL9) +- logging - Performance improvement + Resolves rhbz#2005727 (EL8) + Resolves rhbz#2004303 (EL9) +- nbde_client - add regenerate-all to the dracut command + Resolves rhbz#2021682 (EL8) + Resolves rhbz#2021681 (EL9) +- certificate - Fix certificate permissions with "group" option + Resolves rhbz#2021683 (EL8) + Resolves rhbz#2021025 (EL9) + * Thu Aug 26 2021 Rich Megginson - 1.7.3-2 - selinux - tag tests_selinux_disabled.yml with tests::avc Resolves rhbz#1996315 (EL9)