diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..aa3d908 --- /dev/null +++ b/.gitignore @@ -0,0 +1,13 @@ +SOURCES/certificate-27986c2.tar.gz +SOURCES/kdump-0c2bb28.tar.gz +SOURCES/kernel_settings-f760285.tar.gz +SOURCES/logging-95e2574.tar.gz +SOURCES/metrics-e1ca747.tar.gz +SOURCES/nbde_client-da2db56.tar.gz +SOURCES/nbde_server-8110159.tar.gz +SOURCES/network-e0c7d55.tar.gz +SOURCES/postfix-0.1.tar.gz +SOURCES/selinux-6cd1ec8.tar.gz +SOURCES/storage-36c4803.tar.gz +SOURCES/timesync-924650d.tar.gz +SOURCES/tlog-2b3ffab.tar.gz diff --git a/.rhel-system-roles.metadata b/.rhel-system-roles.metadata new file mode 100644 index 0000000..e413b49 --- /dev/null +++ b/.rhel-system-roles.metadata @@ -0,0 +1,13 @@ +76558f143e91d425a3fafd870d27ca159fe10696 SOURCES/certificate-27986c2.tar.gz +36b200d1c6a8d1cb1ea87e3e9aa8c4f6bbd8155d SOURCES/kdump-0c2bb28.tar.gz +da22df6ef24c73b447638b6d26ff09bab2ead1c8 SOURCES/kernel_settings-f760285.tar.gz +ec33cb64813a896c5dc3673ee22e0b343b60cfbf SOURCES/logging-95e2574.tar.gz +20e613542ae7f17b050ffe6b94e46e76295ed891 SOURCES/metrics-e1ca747.tar.gz +cbc09ce6f6460e828b46a7cfdc2fc32cb5b7b8d7 SOURCES/nbde_client-da2db56.tar.gz +4a6b50b20e61a96e3d6448203a443d1d9b0c7d17 SOURCES/nbde_server-8110159.tar.gz +5a9597aa5142df3564dd3d85c3bebc1bb62f465d SOURCES/network-e0c7d55.tar.gz +66c82331f4ac9598c506c3999965b4d07dbfe49d SOURCES/postfix-0.1.tar.gz +246383bd6823533ed3a51a0501b75e38ba852908 SOURCES/selinux-6cd1ec8.tar.gz +b1f2825eca9a9e06c48d1ec4841a1bf1e52abf7b SOURCES/storage-36c4803.tar.gz +ffd2a706e4e3007684aa9874c8457ad5c8920050 SOURCES/timesync-924650d.tar.gz +43783aa7130ae254e8d848ab1295556628d0b1ef SOURCES/tlog-2b3ffab.tar.gz diff --git a/SOURCES/kdump-tier1-tags.diff b/SOURCES/kdump-tier1-tags.diff new file mode 100644 index 0000000..22c0684 --- /dev/null +++ b/SOURCES/kdump-tier1-tags.diff @@ -0,0 +1,142 @@ +diff --git a/tests/commonvars.yml b/tests/commonvars.yml +new file mode 100644 +index 0000000..2cd3566 +--- /dev/null ++++ b/tests/commonvars.yml +@@ -0,0 +1,2 @@ ++restore_services: ++ - kdump +diff --git a/tests/get_services_state.yml b/tests/get_services_state.yml +new file mode 100644 +index 0000000..4fe5d36 +--- /dev/null ++++ b/tests/get_services_state.yml +@@ -0,0 +1,4 @@ ++- name: Get initial state of services ++ tags: tests::cleanup ++ service_facts: ++ register: initial_state +diff --git a/tests/restore_services_state.yml b/tests/restore_services_state.yml +new file mode 100644 +index 0000000..2035dfc +--- /dev/null ++++ b/tests/restore_services_state.yml +@@ -0,0 +1,22 @@ ++- block: ++ - name: load common vars ++ include_vars: ++ file: commonvars.yml ++ ++ - name: Get final state of services ++ service_facts: ++ register: final_state ++ ++ - name: Restore state of services ++ service: ++ name: "{{ item }}" ++ state: "{{ 'started' if ++ initial_state.ansible_facts.services[sname]['state'] ++ == 'running' else 'stopped' }}" ++ when: ++ - sname in final_state.ansible_facts.services ++ - sname in initial_state.ansible_facts.services ++ vars: ++ sname: "{{ item + '.service' }}" ++ with_items: "{{ restore_services }}" ++ tags: tests::cleanup +diff --git a/tests/tests_default.yml b/tests/tests_default.yml +index 4c93830..9e7743a 100644 +--- a/tests/tests_default.yml ++++ b/tests/tests_default.yml +@@ -4,3 +4,13 @@ + + roles: + - kdump ++ ++ pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ ++ post_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_default_wrapper.yml b/tests/tests_default_wrapper.yml +index 2763fbd..95b3886 100644 +--- a/tests/tests_default_wrapper.yml ++++ b/tests/tests_default_wrapper.yml +@@ -1,6 +1,9 @@ + --- + - name: Create static inventory from hostvars + hosts: all ++ tags: ++# - 'tests::tier1' ++ - 'tests::slow' + tasks: + - name: create temporary file + tempfile: +@@ -17,10 +20,16 @@ + + + - name: Run tests_default.yml normally ++ tags: ++# - 'tests::tier1' ++ - 'tests::slow' + import_playbook: tests_default.yml + + - name: Run tests_default.yml in check_mode + hosts: all ++ tags: ++# - 'tests::tier1' ++ - 'tests::slow' + tasks: + - name: Run ansible-playbook with tests_default.yml in check mode + command: ansible-playbook -vvv -i {{ tempinventory.path }} --check tests_default.yml +diff --git a/tests/tests_ssh.yml b/tests/tests_ssh.yml +index 14a59d9..23bc7eb 100644 +--- a/tests/tests_ssh.yml ++++ b/tests/tests_ssh.yml +@@ -11,6 +11,13 @@ + # this is the address at which the ssh dump server can be reached + # from the managed host. Dumps will be uploaded there. + kdump_ssh_server_inside: "{{ kdump_ssh_source if kdump_ssh_source in hostvars[kdump_ssh_server_outside]['ansible_all_ipv4_addresses'] + hostvars[kdump_ssh_server_outside]['ansible_all_ipv6_addresses'] else hostvars[kdump_ssh_server_outside]['ansible_default_ipv4']['address'] }}" ++ tags: ++ # this test executes some tasks on localhost and relies on ++ # localhost being a different host than the managed host ++ # (localhost is being used as a second host in multihost ++ # scenario). This also means that localhost must be capable ++ # enough (not just a container - must be runnign a sshd). ++ - 'tests::multihost_localhost' + + tasks: + - name: gather facts from {{ kdump_ssh_server_outside }} +diff --git a/tests/tests_ssh_wrapper.yml b/tests/tests_ssh_wrapper.yml +index 9a8ecfd..1a6db73 100644 +--- a/tests/tests_ssh_wrapper.yml ++++ b/tests/tests_ssh_wrapper.yml +@@ -1,6 +1,8 @@ + --- + - name: Create static inventory from hostvars + hosts: all ++ tags: ++ - 'tests::slow' + tasks: + - name: create temporary file + tempfile: +@@ -17,10 +19,15 @@ + + + - name: Run tests_ssh.yml normally ++ tags: ++ - 'tests::slow' + import_playbook: tests_ssh.yml + + - name: Run tests_ssh.yml in check_mode + hosts: all ++ tags: ++ - 'tests::slow' ++ - 'tests::multihost_localhost' + tasks: + - name: Run ansible-playbook with tests_ssh.yml in check mode + command: ansible-playbook -vvv -i {{ tempinventory.path }} --check tests_ssh.yml diff --git a/SOURCES/md2html.sh b/SOURCES/md2html.sh new file mode 100644 index 0000000..f3da649 --- /dev/null +++ b/SOURCES/md2html.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +set -euxo pipefail + +for file in "$@"; do + pandoc -f markdown_github "${file}" -t asciidoc -o "${file%.md}.tmp.adoc" + touch -r "${file}" "${file%.md}.tmp.adoc" + TZ=UTC asciidoc -o "${file%.md}.html" -a footer-style=none -a toc2 -a source-highlighter=highlight "${file%.md}.tmp.adoc" + rm "${file%.md}.tmp.adoc" +done diff --git a/SOURCES/network-nm-reload-profile.diff b/SOURCES/network-nm-reload-profile.diff new file mode 100644 index 0000000..8920653 --- /dev/null +++ b/SOURCES/network-nm-reload-profile.diff @@ -0,0 +1,14 @@ +diff --git a/tests/playbooks/tests_ethtool_features.yml b/tests/playbooks/tests_ethtool_features.yml +index 9b51cab..57c48bd 100644 +--- a/tests/playbooks/tests_ethtool_features.yml ++++ b/tests/playbooks/tests_ethtool_features.yml +@@ -186,6 +186,9 @@ + - include_tasks: tasks/manage_test_interface.yml + vars: + state: absent ++ - name: Reload NetworkManager config ++ command: nmcli connection reload ++ ignore_errors: true + tags: + - "tests::cleanup" + diff --git a/SOURCES/network-permissions.diff b/SOURCES/network-permissions.diff new file mode 100644 index 0000000..05068ff --- /dev/null +++ b/SOURCES/network-permissions.diff @@ -0,0 +1,6 @@ +diff --git a/library/network_connections.py b/library/network_connections.py +old mode 100755 +new mode 100644 +diff --git a/tests/unit/test_network_connections.py b/tests/unit/test_network_connections.py +old mode 100755 +new mode 100644 diff --git a/SOURCES/network-tier1-tags.diff b/SOURCES/network-tier1-tags.diff new file mode 100644 index 0000000..582c071 --- /dev/null +++ b/SOURCES/network-tier1-tags.diff @@ -0,0 +1,478 @@ +diff --git a/tests/playbooks/tests_802_1x.yml b/tests/playbooks/tests_802_1x.yml +index 9cce1ae..76d99e9 100644 +--- a/tests/playbooks/tests_802_1x.yml ++++ b/tests/playbooks/tests_802_1x.yml +@@ -1,5 +1,10 @@ + # SPDX-License-Identifier: BSD-3-Clause + --- ++- name: Save host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/save_state.yml ++ + - hosts: all + vars: + interface: 802-1x-test +@@ -122,3 +127,8 @@ + command: update-ca-trust + tags: + - "tests::cleanup" ++ ++- name: Restore host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/restore_state.yml +diff --git a/tests/playbooks/tests_bridge.yml b/tests/playbooks/tests_bridge.yml +index d79d6ad..c8cf3cd 100644 +--- a/tests/playbooks/tests_bridge.yml ++++ b/tests/playbooks/tests_bridge.yml +@@ -1,5 +1,10 @@ + # SPDX-License-Identifier: BSD-3-Clause + --- ++- name: Save host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/save_state.yml ++ + - name: Test configuring bridges + hosts: all + vars: +@@ -14,6 +19,8 @@ + + - name: Add test bridge + hosts: all ++ tags: ++ - 'tests::net::bridge' + vars: + network_connections: + - name: "{{ interface }}" +@@ -36,11 +43,15 @@ + task: tasks/assert_profile_present.yml + + - import_playbook: down_profile.yml ++ tags: ++ - 'tests::net::bridge' + vars: + profile: "{{ interface }}" + # FIXME: assert profile/device down + + - import_playbook: remove_profile.yml ++ tags: ++ - 'tests::net::bridge' + vars: + profile: "{{ interface }}" + +@@ -51,5 +62,19 @@ + + # FIXME: Devices might still be left when profile is absent + # - import_playbook: run_tasks.yml +-# vars: ++# vars: + # task: tasks/assert_device_absent.yml ++ ++- name: Remove test bridge ++ hosts: all ++ tags: ++ - 'tests::cleanup' ++ - 'tests::net::bridge::cleanup' ++ tasks: ++ - command: 'ip link delete "{{ interface }}"' ++ ignore_errors: yes ++ ++- name: Restore host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/restore_state.yml +diff --git a/tests/playbooks/tests_checkpoint_cleanup.yml b/tests/playbooks/tests_checkpoint_cleanup.yml +index 18e3fd7..3b5a41a 100644 +--- a/tests/playbooks/tests_checkpoint_cleanup.yml ++++ b/tests/playbooks/tests_checkpoint_cleanup.yml +@@ -4,6 +4,11 @@ + # mark a device as unmanaged for NM and then tries to activiate it using NM. + # This failed without removing the checkpoint. + --- ++- name: Save host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/save_state.yml ++ + - hosts: all + vars: + interface: cptstbr +@@ -80,3 +85,8 @@ + ignore_errors: true + tags: + - "tests::cleanup" ++ ++- name: Restore host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/restore_state.yml +diff --git a/tests/playbooks/tests_ethernet.yml b/tests/playbooks/tests_ethernet.yml +index cd02579..adcffee 100644 +--- a/tests/playbooks/tests_ethernet.yml ++++ b/tests/playbooks/tests_ethernet.yml +@@ -1,5 +1,10 @@ + # SPDX-License-Identifier: BSD-3-Clause + --- ++- name: Save host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/save_state.yml ++ + - hosts: all + tasks: + - debug: +@@ -9,6 +14,8 @@ + + - name: Test configuring ethernet devices + hosts: all ++ tags: ++ - 'tests::net::veth' + vars: + type: veth + interface: lsr27 +@@ -26,6 +33,8 @@ + + - name: Test static interface up + hosts: all ++ tags: ++ - 'tests::net::reconf' + vars: + network_connections: + - name: "{{ interface }}" +@@ -48,17 +57,29 @@ + # FIXME: assert profile present + # FIXME: assert profile/device up + IP address + - import_playbook: down_profile.yml ++ tags: ++ - 'tests::cleanup' + vars: + profile: "{{ interface }}" + # FIXME: assert profile/device down + - import_playbook: remove_profile.yml ++ tags: ++ - 'tests::cleanup' + vars: + profile: "{{ interface }}" + # FIXME: assert profile away + - name: Remove interfaces + hosts: all ++ tags: ++ - 'tests::cleanup' ++ - 'tests::net::veth::cleanup' + tasks: + - include_tasks: tasks/manage_test_interface.yml + vars: + state: absent + - include_tasks: tasks/assert_device_absent.yml ++ ++- name: Restore host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/restore_state.yml +diff --git a/tests/playbooks/tests_ethtool_features.yml b/tests/playbooks/tests_ethtool_features.yml +index 76b0f8a..9b51cab 100644 +--- a/tests/playbooks/tests_ethtool_features.yml ++++ b/tests/playbooks/tests_ethtool_features.yml +@@ -1,5 +1,10 @@ + # SPDX-License-Identifier: BSD-3-Clause + --- ++- name: Save host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/save_state.yml ++ + - hosts: all + vars: + interface: lsrfeat1 +@@ -183,3 +188,8 @@ + state: absent + tags: + - "tests::cleanup" ++ ++- name: Restore host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/restore_state.yml +diff --git a/tests/playbooks/tests_reapply.yml b/tests/playbooks/tests_reapply.yml +index 4b1cb09..6995607 100644 +--- a/tests/playbooks/tests_reapply.yml ++++ b/tests/playbooks/tests_reapply.yml +@@ -4,6 +4,11 @@ + # of via Ansible. Until there is better test support for this, just check the + # log output for the respective log message. + --- ++- name: Save host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/save_state.yml ++ + - hosts: all + vars: + interface: rpltstbr +@@ -64,3 +69,8 @@ + ignore_errors: true + tags: + - "tests::cleanup" ++ ++- name: Restore host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/restore_state.yml +diff --git a/tests/playbooks/tests_states.yml b/tests/playbooks/tests_states.yml +index 5926ad0..e936d4e 100644 +--- a/tests/playbooks/tests_states.yml ++++ b/tests/playbooks/tests_states.yml +@@ -135,3 +135,18 @@ + - tasks/cleanup_profile+device.yml + tags: + - tests::states:remove_down_twice ++ ++ pre_tasks: ++ - name: Save host state ++ import_tasks: tasks/save_state.yml ++ ++ post_tasks: ++ - name: Remove test bridge in case it is still lingering ++ command: 'ip link delete "{{ interface }}"' ++ tags: ++ - 'tests::cleanup' ++ - 'tests::net::bridge::cleanup' ++ ignore_errors: yes ++ ++ - name: Restore host state ++ import_tasks: tasks/restore_state.yml +diff --git a/tests/playbooks/tests_vlan_mtu.yml b/tests/playbooks/tests_vlan_mtu.yml +index 029b599..378d5fe 100644 +--- a/tests/playbooks/tests_vlan_mtu.yml ++++ b/tests/playbooks/tests_vlan_mtu.yml +@@ -10,6 +10,8 @@ + - include_tasks: tasks/manage_test_interface.yml + vars: + state: present ++ tags: ++ - 'tests::net::veth' + - include_tasks: tasks/assert_device_present.yml + - name: >- + TEST: I can configure the MTU for a vlan interface without autoconnect. +@@ -38,6 +40,8 @@ + ip: + dhcp4: false + auto6: false ++ tags: ++ - 'tests::net::reconf' + - include_tasks: tasks/assert_device_present.yml + vars: + interface: "{{ vlan_interface }}" +@@ -62,6 +66,20 @@ + persistent_state: absent + state: down + ignore_errors: true ++ tags: ++ - 'tests::cleanup' ++ - 'tests::net::veth::cleanup' + - include_tasks: tasks/manage_test_interface.yml + vars: + state: absent ++ tags: ++ - 'tests::cleanup' ++ - 'tests::net::veth::cleanup' ++ ++ pre_tasks: ++ - name: Save host state ++ import_tasks: tasks/save_state.yml ++ ++ post_tasks: ++ - name: Restore host state ++ import_tasks: tasks/restore_state.yml +diff --git a/tests/playbooks/tests_wireless.yml b/tests/playbooks/tests_wireless.yml +index 822a15e..52661bd 100644 +--- a/tests/playbooks/tests_wireless.yml ++++ b/tests/playbooks/tests_wireless.yml +@@ -1,5 +1,10 @@ + # SPDX-License-Identifier: BSD-3-Clause + --- ++- name: Save host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/save_state.yml ++ + - hosts: all + vars: + interface: wlan0 +@@ -86,3 +91,8 @@ + - include_tasks: tasks/cleanup_mock_wifi.yml + tags: + - "tests::cleanup" ++ ++- name: Restore host state ++ hosts: all ++ tasks: ++ - import_tasks: tasks/restore_state.yml +diff --git a/tests/tasks/commonvars.yml b/tests/tasks/commonvars.yml +new file mode 100644 +index 0000000..50452f7 +--- /dev/null ++++ b/tests/tasks/commonvars.yml +@@ -0,0 +1,2 @@ ++restore_services: ++ - NetworkManager +diff --git a/tests/tasks/get_services_state.yml b/tests/tasks/get_services_state.yml +new file mode 100644 +index 0000000..4fe5d36 +--- /dev/null ++++ b/tests/tasks/get_services_state.yml +@@ -0,0 +1,4 @@ ++- name: Get initial state of services ++ tags: tests::cleanup ++ service_facts: ++ register: initial_state +diff --git a/tests/tasks/restore_services_state.yml b/tests/tasks/restore_services_state.yml +new file mode 100644 +index 0000000..2035dfc +--- /dev/null ++++ b/tests/tasks/restore_services_state.yml +@@ -0,0 +1,22 @@ ++- block: ++ - name: load common vars ++ include_vars: ++ file: commonvars.yml ++ ++ - name: Get final state of services ++ service_facts: ++ register: final_state ++ ++ - name: Restore state of services ++ service: ++ name: "{{ item }}" ++ state: "{{ 'started' if ++ initial_state.ansible_facts.services[sname]['state'] ++ == 'running' else 'stopped' }}" ++ when: ++ - sname in final_state.ansible_facts.services ++ - sname in initial_state.ansible_facts.services ++ vars: ++ sname: "{{ item + '.service' }}" ++ with_items: "{{ restore_services }}" ++ tags: tests::cleanup +diff --git a/tests/tasks/restore_state.yml b/tests/tasks/restore_state.yml +new file mode 100644 +index 0000000..f4e3d5f +--- /dev/null ++++ b/tests/tasks/restore_state.yml +@@ -0,0 +1,24 @@ ++--- ++- name: Remove /etc/sysconfig/network if there was no one ++ tags: ++ - 'tests::cleanup' ++ file: ++ path: /etc/sysconfig/network ++ state: absent ++ when: ++ - etc_sysconfig_network_stat is defined ++ - not etc_sysconfig_network_stat.stat.exists ++ ++- name: Restore services ++ import_tasks: restore_services_state.yml ++ ++- name: reload NetworkManager ++ tags: ++ - 'tests::cleanup' ++ command: nmcli connection reload ++ when: ++ - sname in final_state.ansible_facts.services ++ - sname in initial_state.ansible_facts.services ++ - final_state.ansible_facts.services[sname]['state'] == 'running' ++ vars: ++ sname: NetworkManager.service +diff --git a/tests/tasks/save_state.yml b/tests/tasks/save_state.yml +new file mode 100644 +index 0000000..5690aed +--- /dev/null ++++ b/tests/tasks/save_state.yml +@@ -0,0 +1,11 @@ ++--- ++- name: Get services state ++ import_tasks: get_services_state.yml ++ ++- name: Investigate /etc/sysconfig/network presence ++ tags: ++ - 'tests::cleanup' ++ stat: ++ path: /etc/sysconfig/network ++ register: etc_sysconfig_network_stat ++ ignore_errors: yes +diff --git a/tests/tests_802_1x_nm.yml b/tests/tests_802_1x_nm.yml +index 3bd0719..77cf2d9 100644 +--- a/tests/tests_802_1x_nm.yml ++++ b/tests/tests_802_1x_nm.yml +@@ -4,6 +4,8 @@ + # set network provider and gather facts + - hosts: all + name: Run playbook 'playbooks/tests_802_1x.yml' with nm as provider ++ tags: ++ - tests::expfail + tasks: + - name: Set network provider to 'nm' + set_fact: +@@ -21,3 +23,5 @@ + - import_playbook: playbooks/tests_802_1x.yml + when: + - ansible_distribution_major_version != '6' ++ tags: ++ - tests::expfail +diff --git a/tests/tests_802_1x_updated_nm.yml b/tests/tests_802_1x_updated_nm.yml +index 0d4c741..ca666a6 100644 +--- a/tests/tests_802_1x_updated_nm.yml ++++ b/tests/tests_802_1x_updated_nm.yml +@@ -4,6 +4,8 @@ + # set network provider and gather facts + - hosts: all + name: Run playbook 'playbooks/tests_802_1x_updated.yml' with nm as provider ++ tags: ++ - tests::expfail + tasks: + - name: Set network provider to 'nm' + set_fact: +@@ -21,3 +23,5 @@ + - import_playbook: playbooks/tests_802_1x_updated.yml + when: + - ansible_distribution_major_version != '6' ++ tags: ++ - tests::expfail +diff --git a/tests/tests_default.yml b/tests/tests_default.yml +index f6f7550..98e3c7e 100644 +--- a/tests/tests_default.yml ++++ b/tests/tests_default.yml +@@ -10,3 +10,11 @@ + that: + - "'warnings' not in __network_connections_result" + msg: "There are warnings" ++ ++ pre_tasks: ++ - name: Save host state ++ import_tasks: tasks/save_state.yml ++ ++ post_tasks: ++ - name: Restore host state ++ import_tasks: tasks/restore_state.yml +diff --git a/tests/tests_helpers_and_asserts.yml b/tests/tests_helpers_and_asserts.yml +index 5514182..d9bfa11 100644 +--- a/tests/tests_helpers_and_asserts.yml ++++ b/tests/tests_helpers_and_asserts.yml +@@ -15,6 +15,14 @@ + type: dummy + interface: dummy1298 + ++ pre_tasks: ++ - name: Save host state ++ import_tasks: tasks/save_state.yml ++ ++ post_tasks: ++ - name: Restore host state ++ import_tasks: tasks/restore_state.yml ++ + # FIXME: when: does not seem to work with include_tasks, therefore this cannot + # be safely tested for now + # - name: test tap interfaces diff --git a/SOURCES/rhel-system-roles-kdump-pr22.diff b/SOURCES/rhel-system-roles-kdump-pr22.diff new file mode 100644 index 0000000..d7d2796 --- /dev/null +++ b/SOURCES/rhel-system-roles-kdump-pr22.diff @@ -0,0 +1,80 @@ +diff --git a/tasks/ssh.yml b/tasks/ssh.yml +index 1a4e858..b05d01a 100644 +--- a/tasks/ssh.yml ++++ b/tasks/ssh.yml +@@ -18,3 +18,15 @@ + key: "{{ keydata.content|b64decode }}" + state: present + delegate_to: "{{ kdump_ssh_server }}" ++ ++- name: Fetch the servers public key ++ slurp: ++ src: /etc/ssh/ssh_host_rsa_key.pub ++ register: serverpubkey ++ delegate_to: "{{ kdump_ssh_server }}" ++ ++- name: Add the servers public key to known_hosts on managed node ++ known_hosts: ++ key: "{{ kdump_ssh_server_location }} {{ serverpubkey.content | b64decode }}" ++ name: "{{ kdump_ssh_server_location }}" ++ path: /etc/ssh/ssh_known_hosts +diff --git a/templates/kdump.conf.j2 b/templates/kdump.conf.j2 +index bf24210..504ff34 100644 +--- a/templates/kdump.conf.j2 ++++ b/templates/kdump.conf.j2 +@@ -1,12 +1,17 @@ + # {{ ansible_managed }} + + {% if kdump_target %} +-{{ kdump_target.type }} {{ kdump_target.location }} +-{% endif %} ++{% if kdump_target.type == "ssh" %} ++ssh {{ kdump_target.location | d(kdump_ssh_user ~ '@' ~ kdump_ssh_server) }} + +-{% if kdump_target and kdump_target.type == "ssh" and kdump_sshkey != '/root/.ssh/kdump_id_rsa' %} ++{% if kdump_sshkey != '/root/.ssh/kdump_id_rsa' %} + sshkey {{ kdump_sshkey }} + {% endif %} ++{% else %} ++{{ kdump_target.type }} {{ kdump_target.location }} ++ ++{% endif %} ++{% endif %} + + path {{ kdump_path }} + {% if kdump_core_collector %} +diff --git a/tests/tests_ssh.yml b/tests/tests_ssh.yml +index 679148e..14a59d9 100644 +--- a/tests/tests_ssh.yml ++++ b/tests/tests_ssh.yml +@@ -6,6 +6,11 @@ + # known and ansible is supposed to be configured to be able to + # connect to it (via inventory). + kdump_ssh_server_outside: localhost ++ kdump_ssh_source: "{{ ansible_env['SSH_CONNECTION'].split()[0] }}" ++ ++ # this is the address at which the ssh dump server can be reached ++ # from the managed host. Dumps will be uploaded there. ++ kdump_ssh_server_inside: "{{ kdump_ssh_source if kdump_ssh_source in hostvars[kdump_ssh_server_outside]['ansible_all_ipv4_addresses'] + hostvars[kdump_ssh_server_outside]['ansible_all_ipv6_addresses'] else hostvars[kdump_ssh_server_outside]['ansible_default_ipv4']['address'] }}" + + tasks: + - name: gather facts from {{ kdump_ssh_server_outside }} +@@ -25,8 +30,5 @@ + type: ssh + # This is the ssh dump server address visible from inside + # the machine being configured. Dumps are to be copied +- # there. We make here the assumption that this machine is +- # being run as a VM and the dump server is the VM host +- # (i.e. for ansible this is localhost). From the VM its +- # address is then identical to the default route. +- location: "{{ kdump_ssh_user }}@{{ ansible_default_ipv4.gateway }}" ++ # there. ++ location: "{{ kdump_ssh_user }}@{{ kdump_ssh_server_inside }}" +diff --git a/vars/main.yml b/vars/main.yml +new file mode 100644 +index 0000000..34d2d62 +--- /dev/null ++++ b/vars/main.yml +@@ -0,0 +1,2 @@ ++# determine the managed node facing ssh server address ++kdump_ssh_server_location: "{{ kdump_target.location | regex_replace('.*@(.*)$', '\\1') if kdump_target.location is defined else kdump_ssh_server }}" diff --git a/SOURCES/rhel-system-roles-network-prefix.diff b/SOURCES/rhel-system-roles-network-prefix.diff new file mode 100644 index 0000000..f729eee --- /dev/null +++ b/SOURCES/rhel-system-roles-network-prefix.diff @@ -0,0 +1,148 @@ +diff --git a/examples/bond_simple.yml b/examples/bond_simple.yml +index 4ca9811..f6f5897 100644 +--- a/examples/bond_simple.yml ++++ b/examples/bond_simple.yml +@@ -32,5 +32,5 @@ + interface_name: eth2 + master: bond0 + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network + ... +diff --git a/examples/bond_with_vlan.yml b/examples/bond_with_vlan.yml +index 2e6be23..3b7a6dc 100644 +--- a/examples/bond_with_vlan.yml ++++ b/examples/bond_with_vlan.yml +@@ -35,4 +35,4 @@ + - "192.0.2.{{ network_iphost }}/24" + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/bridge_with_vlan.yml b/examples/bridge_with_vlan.yml +index 037ff8e..83c586d 100644 +--- a/examples/bridge_with_vlan.yml ++++ b/examples/bridge_with_vlan.yml +@@ -33,4 +33,4 @@ + - "192.0.2.{{ network_iphost }}/24" + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/eth_simple_auto.yml b/examples/eth_simple_auto.yml +index 0ba168a..e4c4a54 100644 +--- a/examples/eth_simple_auto.yml ++++ b/examples/eth_simple_auto.yml +@@ -15,4 +15,4 @@ + mtu: 1450 + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/eth_with_802_1x.yml b/examples/eth_with_802_1x.yml +index 92a93a9..7731b7d 100644 +--- a/examples/eth_with_802_1x.yml ++++ b/examples/eth_with_802_1x.yml +@@ -27,4 +27,4 @@ + - client.pem + - cacert.pem + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/eth_with_vlan.yml b/examples/eth_with_vlan.yml +index 69da673..e0c2f11 100644 +--- a/examples/eth_with_vlan.yml ++++ b/examples/eth_with_vlan.yml +@@ -26,4 +26,4 @@ + - "192.0.2.{{ network_iphost }}/24" + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/ethtool_features.yml b/examples/ethtool_features.yml +index c580f89..0881316 100644 +--- a/examples/ethtool_features.yml ++++ b/examples/ethtool_features.yml +@@ -3,7 +3,7 @@ + - hosts: all + tasks: + - include_role: +- name: linux-system-roles.network ++ name: rhel-system-roles.network + vars: + network_connections: + - name: "{{ network_interface_name1 }}" +diff --git a/examples/ethtool_features_default.yml b/examples/ethtool_features_default.yml +index 78965e6..3cdd731 100644 +--- a/examples/ethtool_features_default.yml ++++ b/examples/ethtool_features_default.yml +@@ -3,7 +3,7 @@ + - hosts: all + tasks: + - include_role: +- name: linux-system-roles.network ++ name: rhel-system-roles.network + vars: + network_connections: + - name: "{{ network_interface_name1 }}" +diff --git a/examples/infiniband.yml b/examples/infiniband.yml +index 22603d9..9e7e267 100644 +--- a/examples/infiniband.yml ++++ b/examples/infiniband.yml +@@ -23,4 +23,4 @@ + - 198.51.100.133/30 + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/macvlan.yml b/examples/macvlan.yml +index 90cd09d..0064ad4 100644 +--- a/examples/macvlan.yml ++++ b/examples/macvlan.yml +@@ -26,4 +26,4 @@ + - 192.168.1.1/24 + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/remove+down_profile.yml b/examples/remove+down_profile.yml +index da2b1b8..f2d93e8 100644 +--- a/examples/remove+down_profile.yml ++++ b/examples/remove+down_profile.yml +@@ -8,5 +8,5 @@ + persistent_state: absent + state: down + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network + ... +diff --git a/examples/wireless_wpa_psk.yml b/examples/wireless_wpa_psk.yml +index eeec22f..60b0d83 100644 +--- a/examples/wireless_wpa_psk.yml ++++ b/examples/wireless_wpa_psk.yml +@@ -12,4 +12,4 @@ + # see https://docs.ansible.com/ansible/latest/user_guide/vault.html + password: "p@55w0rD" + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/tests/playbooks/down_profile.yml b/tests/playbooks/down_profile.yml +index 5087240..65e542d 100644 +--- a/tests/playbooks/down_profile.yml ++++ b/tests/playbooks/down_profile.yml +@@ -7,4 +7,4 @@ + - name: "{{ profile }}" + state: down + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/tests/playbooks/remove_profile.yml b/tests/playbooks/remove_profile.yml +index a50e848..b6e6796 100644 +--- a/tests/playbooks/remove_profile.yml ++++ b/tests/playbooks/remove_profile.yml +@@ -7,4 +7,4 @@ + - name: "{{ profile }}" + persistent_state: absent + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network diff --git a/SOURCES/rhel-system-roles-postfix-pr5.diff b/SOURCES/rhel-system-roles-postfix-pr5.diff new file mode 100644 index 0000000..4da6f48 --- /dev/null +++ b/SOURCES/rhel-system-roles-postfix-pr5.diff @@ -0,0 +1,40 @@ +diff --git a/README.md b/README.md +index 5950215..df64284 100644 +--- a/README.md ++++ b/README.md +@@ -17,7 +17,7 @@ Example Playbook + + Install and enable postfix. Configure "relay_domains=$mydestination" and + +-``` ++```yaml + --- + - hosts: all + vars: +@@ -31,7 +31,7 @@ Install and enable postfix. Configure "relay_domains=$mydestination" and + Install and enable postfix. Do not run 'postfix check' before restarting + postfix: + +-``` ++```yaml + --- + - hosts: all + vars: +@@ -43,7 +43,7 @@ postfix: + Install and enable postfix. Do single backup of main.cf (older backup will be + rewritten) and configure "relay_host=example.com": + +-``` ++```yaml + --- + - hosts: all + vars: +@@ -58,7 +58,7 @@ Install and enable postfix. Do timestamped backup of main.cf and + configure "relay_host=example.com" (if postfix_backup_multiple is + set to true postfix_backup is ignored): + +-``` ++```yaml + --- + - hosts: all + vars: diff --git a/SOURCES/rhel-system-roles-postfix-prefix.diff b/SOURCES/rhel-system-roles-postfix-prefix.diff new file mode 100644 index 0000000..65ab2a1 --- /dev/null +++ b/SOURCES/rhel-system-roles-postfix-prefix.diff @@ -0,0 +1,40 @@ +diff --git a/README.md b/README.md +index 5950215..a59d72f 100644 +--- a/README.md ++++ b/README.md +@@ -25,7 +25,7 @@ Install and enable postfix. Configure "relay_domains=$mydestination" and + relay_domains: "$mydestination" + relay_host: "example.com" + roles: +- - postfix ++ - linux-system-roles.postfix + ``` + + Install and enable postfix. Do not run 'postfix check' before restarting +@@ -37,7 +37,7 @@ postfix: + vars: + postfix_check: false + roles: +- - postfix ++ - linux-system-roles.postfix + ``` + + Install and enable postfix. Do single backup of main.cf (older backup will be +@@ -51,7 +51,7 @@ rewritten) and configure "relay_host=example.com": + relay_host: "example.com" + postfix_backup: true + roles: +- - postfix ++ - linux-system-roles.postfix + ``` + + Install and enable postfix. Do timestamped backup of main.cf and +@@ -66,7 +66,7 @@ set to true postfix_backup is ignored): + relay_host: "example.com" + postfix_backup_multiple: true + roles: +- - postfix ++ - linux-system-roles.postfix + ``` + + diff --git a/SOURCES/rhel-system-roles-selinux-prefix.diff b/SOURCES/rhel-system-roles-selinux-prefix.diff new file mode 100644 index 0000000..7e80daa --- /dev/null +++ b/SOURCES/rhel-system-roles-selinux-prefix.diff @@ -0,0 +1,32 @@ +diff --git a/README.md b/README.md +index a0385b0..6efc62d 100644 +--- a/README.md ++++ b/README.md +@@ -42,7 +42,7 @@ This role can be configured using variab + vars: + [ see below ] + roles: +- - role: linux-system-roles.selinux ++ - role: rhel-system-roles.selinux + become: true + ``` + +diff --git a/selinux-playbook.yml b/selinux-playbook.yml +index 78d3953..b2348d5 100644 +--- a/selinux-playbook.yml ++++ b/selinux-playbook.yml +@@ -31,7 +31,7 @@ + - name: execute the role and catch errors + block: + - include_role: +- name: linux-system-roles.selinux ++ name: rhel-system-roles.selinux + rescue: + # Fail if failed for a different reason than selinux_reboot_required. + - name: handle errors +@@ -52,4 +52,4 @@ + + - name: reapply the role + include_role: +- name: linux-system-roles.selinux ++ name: rhel-system-roles.selinux diff --git a/SOURCES/rhel-system-roles-storage-prefix.diff b/SOURCES/rhel-system-roles-storage-prefix.diff new file mode 100644 index 0000000..8bd9ea1 --- /dev/null +++ b/SOURCES/rhel-system-roles-storage-prefix.diff @@ -0,0 +1,13 @@ +diff --git a/README.md b/README.md +index c2debc9..d9e40b3 100644 +--- a/README.md ++++ b/README.md +@@ -81,7 +81,7 @@ Example Playbook + - hosts: all + + roles: +- - name: linux-system-roles.storage ++ - name: rhel-system-roles.storage + storage_pools: + - name: app + disks: diff --git a/SOURCES/rhel-system-roles-timesync-prefix.diff b/SOURCES/rhel-system-roles-timesync-prefix.diff new file mode 100644 index 0000000..6fe1889 --- /dev/null +++ b/SOURCES/rhel-system-roles-timesync-prefix.diff @@ -0,0 +1,46 @@ +diff -up timesync-1.0.0/README.md.orig timesync-1.0.0/README.md +--- timesync-1.0.0/README.md.orig 2018-08-21 11:46:41.000000000 +0200 ++++ timesync-1.0.0/README.md 2018-11-06 22:29:14.586770442 +0100 +@@ -82,7 +82,7 @@ Install and configure ntp to synchronize + - hostname: baz.example.com + iburst: yes + roles: +- - linux-system-roles.timesync ++ - rhel-system-roles.timesync + ``` + + Install and configure linuxptp to synchronize the system clock with a +@@ -95,7 +95,7 @@ grandmaster in PTP domain number 0, whic + - number: 0 + interfaces: [ eth0 ] + roles: +- - linux-system-roles.timesync ++ - rhel-system-roles.timesync + ``` + + Install and configure chrony and linuxptp to synchronize the system clock with +@@ -122,5 +122,5 @@ synchronization: + transport: UDPv4 + delay: 0.000010 + roles: +- - linux-system-roles.timesync ++ - rhel-system-roles.timesync + ``` +diff -up timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/multiple-ntp-servers.yml.orig timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/multiple-ntp-servers.yml +--- timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/multiple-ntp-servers.yml.orig 2019-06-03 18:03:18.081868584 +0200 ++++ timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/multiple-ntp-servers.yml 2019-06-03 18:03:26.718704991 +0200 +@@ -11,4 +11,4 @@ + - hostname: 3.pool.ntp.org + iburst: yes + roles: +- - linux-system-roles.timesync ++ - rhel-system-roles.timesync +diff -up timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/single-pool.yml.orig timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/single-pool.yml +--- timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/single-pool.yml.orig 2019-06-03 16:36:40.000000000 +0200 ++++ timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/single-pool.yml 2019-06-03 18:03:36.721515519 +0200 +@@ -6,4 +6,4 @@ + pool: yes + iburst: yes + roles: +- - linux-system-roles.timesync ++ - rhel-system-roles.timesync diff --git a/SOURCES/selinux-tier1-tags.diff b/SOURCES/selinux-tier1-tags.diff new file mode 100644 index 0000000..d0c785c --- /dev/null +++ b/SOURCES/selinux-tier1-tags.diff @@ -0,0 +1,162 @@ +diff --git a/tests/set_selinux_variables.yml b/tests/set_selinux_variables.yml +index f294101..7571066 100644 +--- a/tests/set_selinux_variables.yml ++++ b/tests/set_selinux_variables.yml +@@ -1,4 +1,12 @@ + --- ++- name: Install SELinux tool semanage on Fedora ++ package: ++ name: ++ - policycoreutils-python-utils ++ state: present ++ when: ansible_distribution == "Fedora" or ++ ( ansible_distribution_major_version > "7" and ++ ( ansible_distribution == "CentOS" or ansible_distribution == "RedHat" )) + - name: Get local modifications - boolean + command: /usr/sbin/semanage boolean -l -n -C + register: selinux_role_boolean +diff --git a/tests/tests_all_purge.yml b/tests/tests_all_purge.yml +index 03dfe05..c686837 100644 +--- a/tests/tests_all_purge.yml ++++ b/tests/tests_all_purge.yml +@@ -14,7 +14,9 @@ + name: + - policycoreutils-python-utils + state: present +- when: ansible_distribution == "Fedora" ++ when: ansible_distribution == "Fedora" or ++ ( ansible_distribution_major_version > "7" and ++ ( ansible_distribution == "CentOS" or ansible_distribution == "RedHat" )) + + - name: Add a Linux System Roles SELinux User + user: +diff --git a/tests/tests_all_transitions.yml b/tests/tests_all_transitions.yml +index f608a42..d0d209b 100644 +--- a/tests/tests_all_transitions.yml ++++ b/tests/tests_all_transitions.yml +@@ -1,6 +1,8 @@ + - name: Test all the possible selinux_state transitions + hosts: all + become: true ++ tags: ++ - 'tests::reboot' + vars: + states: + - permissive +diff --git a/tests/tests_boolean.yml b/tests/tests_boolean.yml +index 47eafc0..2aa0025 100644 +--- a/tests/tests_boolean.yml ++++ b/tests/tests_boolean.yml +@@ -1,5 +1,6 @@ + + - name: Check if selinux role sets SELinux booleans ++ tags: tests::expfail + hosts: all + become: true + +@@ -12,7 +13,7 @@ + selinux_booleans: + - { name: 'samba_enable_home_dirs', state: 'on', persistent: 'yes' } + +- - include: set_selinux_variables.yml ++ - import_tasks: set_selinux_variables.yml + - name: save state after initial changes and before other changes + set_fact: + boolean_before: "{{ selinux_role_boolean.stdout_lines }}" +diff --git a/tests/tests_fcontext.yml b/tests/tests_fcontext.yml +index 0a411fb..f6f1bf4 100644 +--- a/tests/tests_fcontext.yml ++++ b/tests/tests_fcontext.yml +@@ -13,7 +13,7 @@ + selinux_fcontexts: + - { target: '/tmp/test_dir1(/.*)?', setype: 'user_home_dir_t', ftype: 'd' } + +- - include: set_selinux_variables.yml ++ - import_tasks: set_selinux_variables.yml + - name: save state after initial changes and before other changes + set_fact: + fcontext_before: "{{ selinux_role_fcontext.stdout }}" +diff --git a/tests/tests_login.yml b/tests/tests_login.yml +index efa826d..c7ce462 100644 +--- a/tests/tests_login.yml ++++ b/tests/tests_login.yml +@@ -18,7 +18,7 @@ + - { login: 'sar-user', seuser: 'staff_u', serange: 's0-s0:c0.c1023', state: 'present' } + + +- - include: set_selinux_variables.yml ++ - import_tasks: set_selinux_variables.yml + - name: save state after initial changes and before other changes + set_fact: + login_before: "{{ selinux_role_login.stdout }}" +diff --git a/tests/tests_port.yml b/tests/tests_port.yml +index 446f79d..7bb112e 100644 +--- a/tests/tests_port.yml ++++ b/tests/tests_port.yml +@@ -29,7 +29,7 @@ + selinux_ports: + - { ports: '22022', proto: 'tcp', setype: 'ssh_port_t', state: 'present' } + +- - include: set_selinux_variables.yml ++ - import_tasks: set_selinux_variables.yml + - name: save state after other changes + set_fact: + port_after: "{{ selinux_role_port.stdout }}" +diff --git a/tests/tests_selinux_disabled.yml b/tests/tests_selinux_disabled.yml +index afd23e4..706882f 100644 +--- a/tests/tests_selinux_disabled.yml ++++ b/tests/tests_selinux_disabled.yml +@@ -18,7 +18,9 @@ + name: + - policycoreutils-python-utils + state: present +- when: ansible_distribution == "Fedora" ++ when: ansible_distribution == "Fedora" or ++ ( ansible_distribution_major_version > "7" and ++ ( ansible_distribution == "CentOS" or ansible_distribution == "RedHat" )) + + - name: Add a Linux System Roles SELinux User + user: +@@ -67,17 +69,28 @@ + assert: + that: "{{ ansible_selinux.config_mode == 'enforcing' }}" + msg: "SELinux config mode should be enforcing instead of {{ ansible_selinux.config_mode }}" +- - name: Restore original /etc/selinux/config +- copy: +- remote_src: true +- dest: /etc/selinux/config +- src: /etc/selinux/config.test_selinux_disabled +- - name: Remove /etc/selinux/config backup +- file: +- path: /etc/selinux/config.test_selinux_disabled +- state: absent +- - name: Remove Linux System Roles SELinux User +- user: +- name: sar-user +- remove: yes +- state: absent ++ ++ - name: Cleanup ++ tags: [ 'tests::cleanup' ] ++ block: ++ - name: Restore original /etc/selinux/config ++ copy: ++ remote_src: true ++ dest: /etc/selinux/config ++ src: /etc/selinux/config.test_selinux_disabled ++ ++ - name: Remove /etc/selinux/config backup ++ file: ++ path: /etc/selinux/config.test_selinux_disabled ++ state: absent ++ ++ - name: Remove Linux System Roles SELinux User ++ user: ++ name: sar-user ++ remove: yes ++ state: absent ++ ++ - import_role: ++ name: selinux ++ vars: ++ selinux_all_purge: true diff --git a/SOURCES/timesync-tier1-tags.diff b/SOURCES/timesync-tier1-tags.diff new file mode 100644 index 0000000..3abd22d --- /dev/null +++ b/SOURCES/timesync-tier1-tags.diff @@ -0,0 +1,335 @@ +diff --git a/tests/get_services_state.yml b/tests/get_services_state.yml +new file mode 100644 +index 0000000..4fe5d36 +--- /dev/null ++++ b/tests/get_services_state.yml +@@ -0,0 +1,4 @@ ++- name: Get initial state of services ++ tags: tests::cleanup ++ service_facts: ++ register: initial_state +diff --git a/tests/restore_services_state.yml b/tests/restore_services_state.yml +new file mode 100644 +index 0000000..3d48975 +--- /dev/null ++++ b/tests/restore_services_state.yml +@@ -0,0 +1,19 @@ ++- name: Get final state of services ++ tags: tests::cleanup ++ service_facts: ++ register: final_state ++ ++- name: Restore state of services ++ tags: tests::cleanup ++ service: ++ name: "{{ item }}" ++ state: "{{ 'started' if initial_state.ansible_facts.services[item + '.service']['state'] == 'running' else 'stopped' }}" ++ when: ++ - item + '.service' in final_state.ansible_facts.services ++ - item + '.service' in initial_state.ansible_facts.services ++ with_items: ++ - chronyd ++ - ntpd ++ - ptp4l ++ - phc2sys ++ - timemaster +diff --git a/tests/tests_default.yml b/tests/tests_default.yml +index 856ebe5..fb298c9 100644 +--- a/tests/tests_default.yml ++++ b/tests/tests_default.yml +@@ -3,4 +4,14 @@ + hosts: all + + roles: + - linux-system-roles.timesync ++ ++ pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ ++ post_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_default_wrapper.yml b/tests/tests_default_wrapper.yml +index a768f4c..b0c0ab3 100644 +--- a/tests/tests_default_wrapper.yml ++++ b/tests/tests_default_wrapper.yml +@@ -1,5 +1,8 @@ + --- + - name: Create static inventory from hostvars ++ tags: ++# - 'tests::tier1' ++ - 'tests::slow' + hosts: all + tasks: + - name: create temporary file +@@ -17,9 +20,15 @@ + + + - name: Run tests_default.yml normally ++ tags: ++# - 'tests::tier1' ++ - 'tests::slow' + import_playbook: tests_default.yml + + - name: Run tests_default.yml in check_mode ++ tags: ++# - 'tests::tier1' ++ - 'tests::slow' + hosts: all + tasks: + - name: Run ansible-playbook with tests_default.yml in check mode +diff --git a/tests/tests_ntp.yml b/tests/tests_ntp.yml +index e4b1b5e..446f1dc 100644 +--- a/tests/tests_ntp.yml ++++ b/tests/tests_ntp.yml +@@ -18,6 +19,11 @@ + roles: + - linux-system-roles.timesync + ++ pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + tasks: + - meta: flush_handlers + +@@ -35,3 +41,8 @@ + - "'172.16.123.1' in sources.stdout" + - "'172.16.123.2' in sources.stdout" + - "'172.16.123.3' in sources.stdout" ++ ++ post_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ntp_provider1.yml b/tests/tests_ntp_provider1.yml +index 08ecab9..9fe0db3 100644 +--- a/tests/tests_ntp_provider1.yml ++++ b/tests/tests_ntp_provider1.yml +@@ -8,6 +9,10 @@ + - linux-system-roles.timesync + + pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + - name: Remove NTP providers + package: name={{ item }} state=absent + with_items: +@@ -27,3 +32,7 @@ + assert: + that: + - "'172.16.123.1' in sources.stdout" ++ ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ntp_provider2.yml b/tests/tests_ntp_provider2.yml +index 5476ae4..e0d5c96 100644 +--- a/tests/tests_ntp_provider2.yml ++++ b/tests/tests_ntp_provider2.yml +@@ -8,6 +9,10 @@ + - linux-system-roles.timesync + + pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + - name: Remove ntp + package: name=ntp state=absent + +@@ -29,3 +34,7 @@ + + - name: Check chronyd service + shell: chronyc -n tracking ++ ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ntp_provider3.yml b/tests/tests_ntp_provider3.yml +index 44ca101..d440a64 100644 +--- a/tests/tests_ntp_provider3.yml ++++ b/tests/tests_ntp_provider3.yml +@@ -8,6 +9,10 @@ + - linux-system-roles.timesync + + pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + - name: Remove chrony + package: name=chrony state=absent + +@@ -29,3 +34,7 @@ + + - name: Check ntpd service + shell: ntpq -c rv | grep 'associd=0' ++ ++ - name: Import tasks ++ tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ntp_provider4.yml b/tests/tests_ntp_provider4.yml +index 8b452b8..8bccba0 100644 +--- a/tests/tests_ntp_provider4.yml ++++ b/tests/tests_ntp_provider4.yml +@@ -9,6 +10,10 @@ + - linux-system-roles.timesync + + pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + - name: Install chrony + package: name=chrony state=present + register: package_install +@@ -27,3 +32,7 @@ + + - name: Check chronyd service + shell: chronyc -n tracking ++ ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ntp_provider5.yml b/tests/tests_ntp_provider5.yml +index 1740164..98a054f 100644 +--- a/tests/tests_ntp_provider5.yml ++++ b/tests/tests_ntp_provider5.yml +@@ -9,6 +10,10 @@ + - linux-system-roles.timesync + + pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + - name: Install ntp + package: name=ntp state=present + register: package_install +@@ -27,3 +32,7 @@ + + - name: Check ntpd service + shell: ntpq -c rv | grep 'associd=0' ++ ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ntp_provider6.yml b/tests/tests_ntp_provider6.yml +index 21a2039..fb41824 100644 +--- a/tests/tests_ntp_provider6.yml ++++ b/tests/tests_ntp_provider6.yml +@@ -6,6 +7,10 @@ + both_avail: true + + tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + - name: Check for availability of both NTP providers + package: name={{ item }} state=present + register: package_install +@@ -71,3 +76,7 @@ + shell: chronyc -n tracking + when: + - not is_ntp_default ++ ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ntp_ptp.yml b/tests/tests_ntp_ptp.yml +index cab706f..7f4cdfc 100644 +--- a/tests/tests_ntp_ptp.yml ++++ b/tests/tests_ntp_ptp.yml +@@ -22,6 +23,11 @@ + roles: + - linux-system-roles.timesync + ++ pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + tasks: + - meta: flush_handlers + +@@ -48,3 +54,8 @@ + - "'PTP1' in sources.stdout" + + when: "'SOF_TIMESTAMPING_TX_' in ethtool.stdout" ++ ++ post_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ptp_multi.yml b/tests/tests_ptp_multi.yml +index d52d439..936e467 100644 +--- a/tests/tests_ptp_multi.yml ++++ b/tests/tests_ptp_multi.yml +@@ -1,5 +1,6 @@ + + - name: Configure time synchronization with multiple PTP domains ++ tags: tests::expfail + hosts: all + vars: + timesync_ptp_domains: +@@ -16,6 +17,11 @@ + roles: + - linux-system-roles.timesync + ++ pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + tasks: + - meta: flush_handlers + +@@ -58,3 +64,8 @@ + - "'domainNumber 1' in pmc.stdout" + + when: "'SOF_TIMESTAMPING_TX_' in ethtool.stdout" ++ ++ post_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml +diff --git a/tests/tests_ptp_single.yml b/tests/tests_ptp_single.yml +index 74da310..36d141e 100644 +--- a/tests/tests_ptp_single.yml ++++ b/tests/tests_ptp_single.yml +@@ -1,5 +1,6 @@ + + - name: Configure time synchronization with single PTP domain ++ tags: tests::expfail + hosts: all + vars: + timesync_ptp_domains: +@@ -8,6 +9,11 @@ + roles: + - linux-system-roles.timesync + ++ pre_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: get_services_state.yml ++ + tasks: + - meta: flush_handlers + +@@ -31,3 +37,8 @@ + - "'domainNumber 3' in pmc.stdout" + + when: "'SOF_TIMESTAMPING_TX_' in ethtool.stdout" ++ ++ post_tasks: ++ - name: Import tasks ++# tags: tests::tier1::cleanup ++ import_tasks: restore_services_state.yml diff --git a/SPECS/rhel-system-roles.spec b/SPECS/rhel-system-roles.spec new file mode 100644 index 0000000..c9d8759 --- /dev/null +++ b/SPECS/rhel-system-roles.spec @@ -0,0 +1,607 @@ +%if 0%{?rhel} +Name: rhel-system-roles +%else +Name: linux-system-roles +%endif +Summary: Set of interfaces for unified system management +Version: 1.0 +Release: 12%{?dist} + +#Group: Development/Libraries +License: GPLv3+ and MIT and BSD +%if 0%{?rhel} +%global rolealtprefix linux-system-roles. +%endif +%global roleprefix %{name}. + +# For each role, call either defcommit() or deftag(). The other macros +# (%%id and %%shortid) can be then used in the same way in both cases. +# This way the rest of the spec file des not need to know whether we are +# dealing with a tag or a commit. +%define defcommit() %{expand:%%global id%{1} %{2} +%%global shortid%{1} %%(c=%%{id%{1}}; echo ${c:0:7}) +} + +%define deftag() %{expand:%%global id%{1} %{2} +%%global shortid%{1} %{2} +} + +%defcommit 0 0c2bb286bbc1b73d728226924e0010c0fa1ce30a +%global rolename0 kdump +#%%deftag 0 1.0.0 + +#%%defcommit 1 43eec5668425d295dce3801216c19b1916df1f9b +%global rolename1 postfix +%deftag 1 0.1 + +%defcommit 2 6cd1ec8fdebdb92a789b14e5a44fe77f0a3d8ecd +%global rolename2 selinux +#%%deftag 2 1.0.0 + +%defcommit 3 924650d0cd4117f73a7f0413ab745a8632bc5cec +%global rolename3 timesync +#%%deftag 3 1.0.0 + +%defcommit 5 e0c7d550a9934b837c45997ce9adef425bce6bcf +%global rolename5 network +#%%deftag 5 1.0.0 + +%defcommit 6 36c4803f636b3d4f5830d650cd0b5584540a33d3 +%global rolename6 storage +#%%deftag 6 1.0.2 + +%defcommit 7 e1ca7474af8482e17f16f233d6df713eb57f710d +%global rolename7 metrics +#%%deftag 7 0.1.0 + +%defcommit 8 2b3ffabedc05e93b6157c186d143644ef61301a9 +%global rolename8 tlog +#%%deftag 8 0.2.0 + +%defcommit 9 f760285362332e4be7027aae5e0e7265efd428da +%global rolename9 kernel_settings +#%%deftag 9 0.2.0 + +%defcommit 10 95e25748cd6dd0ec620628ba4a00c01fb3015353 +%global rolename10 logging +#%%deftag 10 0.2.0 + +%defcommit 11 81101597d48f69ecae6a7dfa3f3d0677e95d9df4 +%global rolename11 nbde_server +#%%deftag 11 0.1.0 + +%defcommit 12 da2db56bed495a68fe96fb3eda0a85e120a4f752 +%global rolename12 nbde_client +#%%deftag 12 0.1.0 + +%defcommit 13 27986c2749c5d3c4064929d792d8c618ff6bc27e +%global rolename13 certificate +#%%deftag 13 0.1.0 + +Source: https://github.com/linux-system-roles/%{rolename0}/archive/%{id0}.tar.gz#/%{rolename0}-%{shortid0}.tar.gz +Source1: https://github.com/linux-system-roles/%{rolename1}/archive/%{id1}.tar.gz#/%{rolename1}-%{shortid1}.tar.gz +Source2: https://github.com/linux-system-roles/%{rolename2}/archive/%{id2}.tar.gz#/%{rolename2}-%{shortid2}.tar.gz +Source3: https://github.com/linux-system-roles/%{rolename3}/archive/%{id3}.tar.gz#/%{rolename3}-%{shortid3}.tar.gz +Source5: https://github.com/linux-system-roles/%{rolename5}/archive/%{id5}.tar.gz#/%{rolename5}-%{shortid5}.tar.gz +Source6: https://github.com/linux-system-roles/%{rolename6}/archive/%{id6}.tar.gz#/%{rolename6}-%{shortid6}.tar.gz +Source7: https://github.com/linux-system-roles/%{rolename7}/archive/%{id7}.tar.gz#/%{rolename7}-%{shortid7}.tar.gz +Source8: https://github.com/linux-system-roles/%{rolename8}/archive/%{id8}.tar.gz#/%{rolename8}-%{shortid8}.tar.gz +Source9: https://github.com/linux-system-roles/%{rolename9}/archive/%{id9}.tar.gz#/%{rolename9}-%{shortid9}.tar.gz +Source10: https://github.com/linux-system-roles/%{rolename10}/archive/%{id10}.tar.gz#/%{rolename10}-%{shortid10}.tar.gz +Source11: https://github.com/linux-system-roles/%{rolename11}/archive/%{id11}.tar.gz#/%{rolename11}-%{shortid11}.tar.gz +Source12: https://github.com/linux-system-roles/%{rolename12}/archive/%{id12}.tar.gz#/%{rolename12}-%{shortid12}.tar.gz +Source13: https://github.com/linux-system-roles/%{rolename13}/archive/%{id13}.tar.gz#/%{rolename13}-%{shortid13}.tar.gz + +Source999: md2html.sh + +%if "%{roleprefix}" != "linux-system-roles." +Patch1: rhel-system-roles-%{rolename1}-prefix.diff +Patch2: rhel-system-roles-%{rolename2}-prefix.diff +Patch3: rhel-system-roles-%{rolename3}-prefix.diff +Patch5: rhel-system-roles-%{rolename5}-prefix.diff +Patch6: rhel-system-roles-%{rolename6}-prefix.diff +# for some roles, the prefix change can be scripted - see below +%endif + +Patch11: rhel-system-roles-postfix-pr5.diff +Patch101: rhel-system-roles-kdump-pr22.diff + +Patch102: kdump-tier1-tags.diff + +Patch21: selinux-tier1-tags.diff + +Patch31: timesync-tier1-tags.diff + +Patch52: network-permissions.diff +Patch53: network-tier1-tags.diff +Patch54: network-nm-reload-profile.diff + +#Patch61: storage-safemode.diff + +Url: https://github.com/linux-system-roles/ +BuildArch: noarch + +BuildRequires: asciidoc +BuildRequires: pandoc +BuildRequires: highlight + +Requires: python3-jmespath + +Obsoletes: rhel-system-roles-techpreview < 1.0-3 + +# We need to put %%description within the if block to avoid empty +# lines showing up. +%if 0%{?rhel} +%description +Collection of Ansible roles and modules that provide a stable and +consistent configuration interface for managing multiple versions +of Red Hat Enterprise Linux. +%else +%description +Collection of Ansible roles and modules that provide a stable and +consistent configuration interface for managing multiple versions +of Fedora, Red Hat Enterprise Linux & CentOS. +%endif + +%prep +%setup -qc -a1 -a2 -a3 -a5 -a6 -a7 -a8 -a9 -a10 -a11 -a12 -a13 +cd %{rolename0}-%{id0} +%patch101 -p1 +%patch102 -p1 +cd .. +cd %{rolename1}-%{id1} +%if "%{roleprefix}" != "linux-system-roles." +%patch1 -p1 +%endif +%patch11 -p1 +cd .. +cd %{rolename2}-%{id2} +%if "%{roleprefix}" != "linux-system-roles." +%patch2 -p1 +%endif +%patch21 -p1 +cd .. +cd %{rolename3}-%{id3} +%if "%{roleprefix}" != "linux-system-roles." +%patch3 -p1 +%endif +%patch31 -p1 +cd .. +cd %{rolename5}-%{id5} +%if "%{roleprefix}" != "linux-system-roles." +%patch5 -p1 +%endif +%patch52 -p1 +%patch53 -p1 +%patch54 -p1 +cd .. +cd %{rolename6}-%{id6} +%if "%{roleprefix}" != "linux-system-roles." +%patch6 -p1 +%endif +#%%patch61 -p1 +cd .. + +# for some roles, the prefix change can be scripted - see below +%if "%{roleprefix}" != "linux-system-roles." +for role in %{rolename7}-%{id7} %{rolename8}-%{id8} %{rolename9}-%{id9} \ + %{rolename10}-%{id10} %{rolename11}-%{id11} %{rolename12}-%{id12} \ + %{rolename13}-%{id13}; do + find $role -type f -exec \ + sed "s/linux-system-roles[.]${role}\\>/%{roleprefix}${role}/g" -i {} \; +done +%endif + +%build +sh %{SOURCE999} \ +%{rolename0}-%{id0}/README.md \ +%{rolename1}-%{id1}/README.md \ +%{rolename2}-%{id2}/README.md \ +%{rolename3}-%{id3}/README.md \ +%{rolename5}-%{id5}/README.md \ +%{rolename6}-%{id6}/README.md \ +%{rolename7}-%{id7}/README.md \ +%{rolename8}-%{id8}/README.md \ +%{rolename9}-%{id9}/README.md \ +%{rolename10}-%{id10}/README.md \ +%{rolename11}-%{id11}/README.md \ +%{rolename12}-%{id12}/README.md \ +%{rolename13}-%{id13}/README.md + +%install +mkdir -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles + +cp -pR %{rolename0}-%{id0} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename0} +cp -pR %{rolename1}-%{id1} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename1} +cp -pR %{rolename2}-%{id2} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename2} +cp -pR %{rolename3}-%{id3} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename3} +cp -pR %{rolename5}-%{id5} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename5} +cp -pR %{rolename6}-%{id6} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename6} +cp -pR %{rolename7}-%{id7} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename7} +cp -pR %{rolename8}-%{id8} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename8} +cp -pR %{rolename9}-%{id9} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename9} +cp -pR %{rolename10}-%{id10} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename10} +cp -pR %{rolename11}-%{id11} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename11} +cp -pR %{rolename12}-%{id12} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename12} +cp -pR %{rolename13}-%{id13} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename13} + +%if 0%{?rolealtprefix:1} +ln -s %{roleprefix}%{rolename0} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename0} +ln -s %{roleprefix}%{rolename1} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename1} +ln -s %{roleprefix}%{rolename2} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename2} +ln -s %{roleprefix}%{rolename3} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename3} +ln -s %{roleprefix}%{rolename5} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename5} +ln -s %{roleprefix}%{rolename6} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename6} +ln -s %{roleprefix}%{rolename7} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename7} +ln -s %{roleprefix}%{rolename8} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename8} +ln -s %{roleprefix}%{rolename9} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename9} +ln -s %{roleprefix}%{rolename10} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename10} +ln -s %{roleprefix}%{rolename11} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename11} +ln -s %{roleprefix}%{rolename12} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename12} +ln -s %{roleprefix}%{rolename13} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename13} +%endif + +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/kdump +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/postfix +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/selinux +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/timesync +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/network +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/storage +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/metrics +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/tlog +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/kernel_settings +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/logging +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/nbde_server +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/nbde_client +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/certificate + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kdump/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kdump/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kdump/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/kdump + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}postfix/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}postfix/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}postfix/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/postfix + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}selinux/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}selinux/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}selinux/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/selinux +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}selinux/selinux-playbook.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/selinux/example-selinux-playbook.yml + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}timesync/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}timesync/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}timesync/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/timesync +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}timesync/examples/multiple-ntp-servers.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/timesync/example-timesync-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}timesync/examples/single-pool.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/timesync/example-timesync-pool-playbook.yml + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/LICENSE \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/bond_with_vlan.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-bond_with_vlan-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/bridge_with_vlan.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-bridge_with_vlan-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/eth_simple_auto.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-eth_simple_auto-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/eth_with_vlan.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-eth_with_vlan-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/infiniband.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-infiniband-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/macvlan.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-macvlan-playbook.yml +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/remove_profile.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-remove_profile-playbook.yml +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/remove_profile.yml +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/down_profile.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-down_profile-playbook.yml +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/down_profile.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/inventory \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-inventory +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/ethtool_features.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-ethtool_features-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/ethtool_features_default.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-ethtool_features_default-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/bond_simple.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-bond_simple-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/eth_with_802_1x.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-eth_with_802_1x-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/wireless_wpa_psk.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-wireless_wpa_psk-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/remove+down_profile.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-remove+down_profile-playbook.yml + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}storage/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}storage/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}storage/LICENSE \ + $RPM_BUILD_ROOT%{_pkgdocdir}/storage + +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}*/semaphore +rm -r $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}*/molecule +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}*/.travis.yml +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}*/.ansible-lint + +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/.gitignore +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/tests/.gitignore +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/roles +rmdir $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}metrics/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}metrics/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}metrics/LICENSE \ + $RPM_BUILD_ROOT%{_pkgdocdir}/metrics + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}tlog/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}tlog/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}tlog/LICENSE \ + $RPM_BUILD_ROOT%{_pkgdocdir}/tlog + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kernel_settings/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kernel_settings/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kernel_settings/LICENSE \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kernel_settings/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/kernel_settings + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}logging/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}logging/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}logging/LICENSE \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}logging/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/logging + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}nbde_server/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}nbde_server/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}nbde_server/LICENSE \ + $RPM_BUILD_ROOT%{_pkgdocdir}/nbde_server + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}nbde_client/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}nbde_client/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}nbde_client/LICENSE \ + $RPM_BUILD_ROOT%{_pkgdocdir}/nbde_client + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}certificate/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}certificate/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}certificate/LICENSE \ + $RPM_BUILD_ROOT%{_pkgdocdir}/certificate + +%files +%dir %{_datadir}/ansible +%dir %{_datadir}/ansible/roles +%if 0%{?rolealtprefix:1} +%{_datadir}/ansible/roles/%{rolealtprefix}kdump +%{_datadir}/ansible/roles/%{rolealtprefix}postfix +%{_datadir}/ansible/roles/%{rolealtprefix}selinux +%{_datadir}/ansible/roles/%{rolealtprefix}timesync +%{_datadir}/ansible/roles/%{rolealtprefix}network +%{_datadir}/ansible/roles/%{rolealtprefix}storage +%{_datadir}/ansible/roles/%{rolealtprefix}metrics +%{_datadir}/ansible/roles/%{rolealtprefix}tlog +%{_datadir}/ansible/roles/%{rolealtprefix}kernel_settings +%{_datadir}/ansible/roles/%{rolealtprefix}logging +%{_datadir}/ansible/roles/%{rolealtprefix}nbde_server +%{_datadir}/ansible/roles/%{rolealtprefix}nbde_client +%{_datadir}/ansible/roles/%{rolealtprefix}certificate +%endif +%{_datadir}/ansible/roles/%{roleprefix}kdump +%{_datadir}/ansible/roles/%{roleprefix}postfix +%{_datadir}/ansible/roles/%{roleprefix}selinux +%{_datadir}/ansible/roles/%{roleprefix}timesync +%{_datadir}/ansible/roles/%{roleprefix}network +%{_datadir}/ansible/roles/%{roleprefix}storage +%{_datadir}/ansible/roles/%{roleprefix}metrics +%{_datadir}/ansible/roles/%{roleprefix}tlog +%{_datadir}/ansible/roles/%{roleprefix}kernel_settings +%{_datadir}/ansible/roles/%{roleprefix}logging +%{_datadir}/ansible/roles/%{roleprefix}nbde_server +%{_datadir}/ansible/roles/%{roleprefix}nbde_client +%{_datadir}/ansible/roles/%{roleprefix}certificate +%doc %{_pkgdocdir}/*/example-*-playbook.yml +%doc %{_pkgdocdir}/network/example-inventory +%doc %{_pkgdocdir}/*/README.md +%doc %{_pkgdocdir}/*/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}kdump/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}postfix/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}selinux/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}timesync/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}network/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}storage/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}metrics/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}tlog/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}kernel_settings/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}logging/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}nbde_server/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}nbde_client/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}certificate/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}kdump/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}postfix/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}selinux/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}timesync/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}network/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}storage/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}metrics/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}tlog/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}kernel_settings/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}logging/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}nbde_server/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}nbde_client/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}certificate/README.html + + +%license %{_pkgdocdir}/*/COPYING +%license %{_pkgdocdir}/*/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}kdump/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}postfix/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}selinux/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}timesync/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}network/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}storage/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}metrics/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}tlog/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}kernel_settings/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}kernel_settings/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}logging/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}logging/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}nbde_server/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}nbde_client/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}certificate/LICENSE + +%changelog +* Mon Jun 29 2020 Pavel Cahyna - 1.0-12 +- Rebase network role to latest upstream, resolves rhbz#1822777, rhbz#1848472 +- Rebase logging role to latest upstream, resolves rhbz#1850790, + rhbz#1851804, rhbz#1848762 +- Rebase certificate role to latest upstream, resolves rhbz#1848742, + rhbz#1850790 +- Rebase nbde_client role to latest upstream, resolves rhbz#1848766, + rhbz#1850790 + +* Mon Jun 15 2020 Pavel Cahyna - 1.0-11 +- Rebase network role to latest upstream +- Remove all the soon-unnecessary tier1 tags in test +- Add a workaround for rhbz#1800627 in test +- Modify patches to remove tier1 tags +- Add metrics, tlog, logging, kernel_settings roles +- Add nbde_client, nbde_server, certificate roles +- Rebase storage role to latest upstream: adds support for mdraid, LUKS, + swap manangement + +* Mon Oct 21 2019 Pavel Cahyna - 1.0-10 +- Add the storage_safe_mode option, true by default, to prevent accidental + data removal: rhbz#1763242, issue #42, PR #43 and #51. + +* Thu Aug 15 2019 Pavel Cahyna - 1.0-9 +- Add the storage role + +* Thu Jun 13 2019 Pavel Cahyna - 1.0-7 +- Update tests for the network role +- Fix typo in a test for the timesync role +- Tag tests suitable for Tier1 testing +- Rebase the network role to add support for device features (PR#115, + rhbz#1696703) and atomic changes (PR#119, rhbz#1695161) +- network: apply upstream PR#121: allow modifying interface attributes + without disrupting services (rhbz#1695157) + +* Wed May 29 2019 Pavel Cahyna - 1.0-6 +- Rebase the selinux role, fixes typo in tests, uncovered by Ansible 2.7, + (rhbz#1677743) and lists all input variables in defaults + to make Satellite aware of them (rhbz#1674004, PR#43) +- Rebase the kdump role to fix check mode problems: rhbz#1685904 +- Rebase the timesync role: fixes check mode problems (rhbz#1685904) + and lists all input variables in defaults (rhbz#1674004) +- Rebase the network role: keeps the interface up for state: up + if persistent_state is absent and solves problems with defining + VLAN and MACVLAN interface types (issue #19) (rhbz#1685902) + +* Sat Jan 12 2019 Pavel Cahyna - 1.0-5 +- spec file improvement: Unify the source macros with deftag() and defcommit() +- Update to upstream released versions and drop unnecessary patches. +- Unify the spec file with Fedora (no functional changes intended). +- Misc spec file comments fixes (by Mike DePaulo) +- Fix rpmlint error by escaping a previous changelog entry with a macro (by Mike DePaulo) +- Comply with Fedora guidelines by always using "cp -p" in %%install (by Mike DePaulo) +- Rebase network role - doc improvements, Fedora 29 and Ansible 2.7 support +- Regenerate network role patch to apply without offset +- Rebase kdump role to fix a forgotten edit, rhbz#1645633 +- Update timesync examples: add var prefix (rhbz#1642152), correct role prefix +- Add Obsoletes for the -techpreview subpackage +- Add warnings to role READMEs and other doc updates, rhbz#1616018 +- network: split the state setting into state and persistent_state, rhbz#1616014 +- depend on python-jmespath as Ansible will not ship it, rhbz#1660559 + +* Tue Aug 14 2018 Pavel Cahyna - 1.0-4 +- Format the READMEs as html, by vdolezal, with changes to use highlight + (source-highlight does not understand YAML) + +* Thu Aug 9 2018 Pavel Cahyna - 1.0-3 +- Rebase the network role to the last revision (d866422). + Many improvements to tests, introduces autodetection of the current provider + and defaults to using profile name as interface name. +- Rebase the selinux, timesync and kdump roles to their 1.0rc1 versions. + Many changes to the role interfaces to make them more consistent + and conforming to Ansible best practices. +- Update the description. + +* Fri May 11 2018 Pavel Cahyna - 0.6-4 +- Fix complaints about /usr/bin/python during RPM build by making the affected scripts non-exec +- Fix merge botch + +* Mon Mar 19 2018 Troy Dawson - 0.6-3.1 +- Use -a (after cd) instead of -b (before cd) in %setup + +* Wed Mar 14 2018 Pavel Cahyna - 0.6-3 +- Minor corrections of the previous change by Till Maas. + +* Fri Mar 9 2018 Pavel Cahyna - 0.6-2 +- Document network role options: static routes, ethernet, dns + Upstream PR#36, bz1550128, documents bz1487747 and bz1478576 + +* Tue Jan 30 2018 Pavel Cahyna - 0.6-1 +- Drop hard dependency on ansible (#1525655), patch from Yaakov Selkowitz +- Update the network role to version 0.4, solves bz#1487747, bz#1478576 + +* Tue Dec 19 2017 Pavel Cahyna - 0.5-3 +- kdump: fix the wrong conditional for ssh checking and improve test (PR#10) + +* Tue Nov 07 2017 Pavel Cahyna - 0.5-2 +- kdump: add ssh support. upstream PR#9, rhbz1478707 + +* Tue Oct 03 2017 Pavel Cahyna - 0.5-1 +- SELinux: fix policy reload when SELinux is disabled on CentOS/RHEL 6 + (bz#1493574) +- network: update to b856c7481bf5274d419f71fb62029ea0044b3ec1 : + makes the network role idempotent (bz#1476053) and fixes manual + network provider selection (bz#1485074). + +* Mon Aug 28 2017 Pavel Cahyna - 0.4-1 +- network: update to b9b6f0a7969e400d8d6ba0ac97f69593aa1e8fa5: + ensure that state:absent followed by state:up works (bz#1478910), and change + the example IP adresses to the IANA-assigned ones. +- SELinux: fix the case when SELinux is disabled (bz#1479546). + +* Tue Aug 8 2017 Pavel Cahyna - 0.3-2 +- We can't change directories to symlinks (rpm bug #447156) so keep the old + names and create the new names as symlinks. + +* Tue Aug 8 2017 Pavel Cahyna - 0.3-1 +- Change the prefix to linux-system-roles., keeping compatibility + symlinks. +- Update the network role to dace7654feb7b5629ded0734c598e087c2713265: + adds InfiniBand support and other fixes. +- Drop a patch included upstream. + +* Mon Jun 26 2017 Pavel Cahyna - 0.2-2 +- Leave a copy of README and COPYING in every role's directory, as suggested by T. Bowling. +- Move the network example inventory to the documentation directory together. + with the example playbooks and delete the now empty "examples" directory. +- Use proper reserved (by RFC 7042) MAC addresses in the network examples. + +* Tue Jun 6 2017 Pavel Cahyna - 0.2-1 +- Update the networking role to version 0.2 (#1459203) +- Version every role and the package separately. They live in separate repos + and upstream release tags are not coordinated. + +* Mon May 22 2017 Pavel Cahyna - 0.1-2 +- Prefix the roles in examples and documentation with rhel-system-roles. + +* Thu May 18 2017 Pavel Cahyna - 0.1-1 +- Update to 0.1 (first upstream release). +- Remove the tuned role, it is not ready yet. +- Move the example playbooks to /usr/share/doc/rhel-system-roles/$SUBSYSTEM + directly to get rid of an extra directory. +- Depend on ansible. + +* Thu May 4 2017 Pavel Cahyna - 0-0.1.20170504 +- Initial release. +- kdump r. fe8bb81966b60fa8979f3816a12b0c7120d71140 +- postfix r. 43eec5668425d295dce3801216c19b1916df1f9b +- selinux r. 1e4a21f929455e5e76dda0b12867abaa63795ae7 +- timesync r. 33a1a8c349de10d6281ed83d4c791e9177d7a141 +- tuned r. 2e8bb068b9815bc84287e9b6dc6177295ffdf38b +- network r. 03ff040df78a14409a0d89eba1235b8f3e50a750 +