.gitignore

@@ -1,12 +1,7 @@
-SOURCES/ClusterLabs-resource-agents-55a4e2c9.tar.gz
+/*.tar.gz
-SOURCES/aliyun-cli-2.1.10.tar.gz
+/*.rpm
-SOURCES/aliyun-python-sdk-core-2.13.1.tar.gz
+/*.whl
-SOURCES/aliyun-python-sdk-ecs-4.9.3.tar.gz
+/.*
-SOURCES/aliyun-python-sdk-vpc-3.0.2.tar.gz
+/*/
-SOURCES/colorama-0.3.3.tar.gz
+!/tests/
-SOURCES/google-cloud-sdk-360.0.0-linux-x86_64.tar.gz
+/tests/*.retry
-SOURCES/httplib2-0.20.4.tar.gz
-SOURCES/pycryptodome-3.20.0.tar.gz
-SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl
-SOURCES/pyroute2-0.4.13.tar.gz
-SOURCES/urllib3-1.26.18.tar.gz

RHEL-32828-db2-fix-OCF_SUCESS-typo.patch

@@ -0,0 +1,23 @@
+From a9c4aeb971e9f4963345d0e215b729def62dd27c Mon Sep 17 00:00:00 2001
+From: pepadelic <162310096+pepadelic@users.noreply.github.com>
+Date: Mon, 15 Apr 2024 13:52:54 +0200
+Subject: [PATCH] Update db2: fix OCF_SUCESS name in db2_notify
+
+fix OCF_SUCESS to OCF_SUCCESS  in db2_notify
+---
+ heartbeat/db2 | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/heartbeat/db2 b/heartbeat/db2
+index 95447ab6cb..1cd66f15af 100755
+--- a/heartbeat/db2
++++ b/heartbeat/db2
+@@ -848,7 +848,7 @@ db2_notify() {
+ 
+     # only interested in pre-start
+     [  $OCF_RESKEY_CRM_meta_notify_type = pre \
+-    -a $OCF_RESKEY_CRM_meta_notify_operation = start ] || return $OCF_SUCESS
++    -a $OCF_RESKEY_CRM_meta_notify_operation = start ] || return $OCF_SUCCESS
+ 
+     # gets FIRST_ACTIVE_LOG
+     db2_get_cfg $dblist || return $?

RHEL-34137-aws-agents-use-curl_retry.patch

@@ -0,0 +1,343 @@
+From fc0657b936f6a58f741e33f851b22f82bc68bffa Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Tue, 6 Feb 2024 13:28:12 +0100
+Subject: [PATCH 1/2] ocf-shellfuncs: add curl_retry()
+
+---
+ heartbeat/ocf-shellfuncs.in | 34 ++++++++++++++++++++++++++++++++++
+ 1 file changed, 34 insertions(+)
+
+diff --git a/heartbeat/ocf-shellfuncs.in b/heartbeat/ocf-shellfuncs.in
+index c5edb6f57..a69a9743d 100644
+--- a/heartbeat/ocf-shellfuncs.in
++++ b/heartbeat/ocf-shellfuncs.in
+@@ -672,6 +672,40 @@ EOF
+ 	systemctl daemon-reload
+ }
+ 
++# usage: curl_retry RETRIES SLEEP ARGS URL
++#
++# Use --show-error in ARGS to log HTTP error code
++#
++# returns:
++#    0  success
++# exit:
++#    1  fail
++curl_retry()
++{
++	local retries=$1 sleep=$2 opts=$3 url=$4
++	local tries=$(($retries + 1))
++	local args="--fail $opts $url"
++	local result rc
++
++	for try in $(seq $tries); do
++		ocf_log debug "curl $args try $try of $tries"
++		result=$(echo "$args" | xargs curl 2>&1)
++		rc=$?
++
++		ocf_log debug "result: $result"
++		[ $rc -eq 0 ] && break
++		sleep $sleep
++	done
++
++	if [ $rc -ne 0 ]; then
++		ocf_exit_reason "curl $args failed $tries tries"
++		exit $OCF_ERR_GENERIC
++	fi
++
++	echo "$result"
++	return $rc
++}
++
+ # usage: crm_mon_no_validation args...
+ # run crm_mon without any cib schema validation
+ # This is useful when an agent runs in a bundle to avoid potential
+
+From 80d330557319bdae9e45aad1279e435fc481d4e7 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Tue, 6 Feb 2024 13:28:25 +0100
+Subject: [PATCH 2/2] AWS agents: use curl_retry()
+
+---
+ heartbeat/aws-vpc-move-ip    | 35 ++++++++++++++++++++++++++---------
+ heartbeat/aws-vpc-route53.in | 27 +++++++++++++++++++++++++--
+ heartbeat/awseip             | 36 +++++++++++++++++++++++++++++++-----
+ heartbeat/awsvip             | 32 ++++++++++++++++++++++++++++----
+ 4 files changed, 110 insertions(+), 20 deletions(-)
+
+diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip
+index 54806f6ea..6115e5ba8 100755
+--- a/heartbeat/aws-vpc-move-ip
++++ b/heartbeat/aws-vpc-move-ip
+@@ -47,6 +47,8 @@ OCF_RESKEY_interface_default="eth0"
+ OCF_RESKEY_iflabel_default=""
+ OCF_RESKEY_monapi_default="false"
+ OCF_RESKEY_lookup_type_default="InstanceId"
++OCF_RESKEY_curl_retries_default="3"
++OCF_RESKEY_curl_sleep_default="1"
+ 
+ : ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
+ : ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}}
+@@ -60,6 +62,8 @@ OCF_RESKEY_lookup_type_default="InstanceId"
+ : ${OCF_RESKEY_iflabel=${OCF_RESKEY_iflabel_default}}
+ : ${OCF_RESKEY_monapi=${OCF_RESKEY_monapi_default}}
+ : ${OCF_RESKEY_lookup_type=${OCF_RESKEY_lookup_type_default}}
++: ${OCF_RESKEY_curl_retries=${OCF_RESKEY_curl_retries_default}}
++: ${OCF_RESKEY_curl_sleep=${OCF_RESKEY_curl_sleep_default}}
+ #######################################################################
+ 
+ 
+@@ -194,6 +198,22 @@ Name of resource type to lookup in route table.
+ <content type="string" default="${OCF_RESKEY_lookup_type_default}" />
+ </parameter>
+ 
++<parameter name="curl_retries" unique="0">
++<longdesc lang="en">
++curl retries before failing
++</longdesc>
++<shortdesc lang="en">curl retries</shortdesc>
++<content type="integer" default="${OCF_RESKEY_curl_retries_default}" />
++</parameter>
++
++<parameter name="curl_sleep" unique="0">
++<longdesc lang="en">
++curl sleep between tries
++</longdesc>
++<shortdesc lang="en">curl sleep</shortdesc>
++<content type="integer" default="${OCF_RESKEY_curl_sleep_default}" />
++</parameter>
++
+ </parameters>
+ 
+ <actions>
+@@ -250,8 +270,10 @@ ec2ip_validate() {
+ 		fi
+ 	fi
+ 
+-	TOKEN=$(curl -sX PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
+-	EC2_INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id -H "X-aws-ec2-metadata-token: $TOKEN")
++	TOKEN=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -sX PUT -H 'X-aws-ec2-metadata-token-ttl-seconds: 21600'" "http://169.254.169.254/latest/api/token")
++	[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
++	EC2_INSTANCE_ID=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/instance-id")
++	[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
+ 
+ 	if [ -z "${EC2_INSTANCE_ID}" ]; then
+ 		ocf_exit_reason "Instance ID not found. Is this a EC2 instance?"
+@@ -365,14 +387,9 @@ ec2ip_get_instance_eni() {
+ 	fi
+ 	ocf_log debug "MAC address associated with interface ${OCF_RESKEY_interface}: ${MAC_ADDR}"
+ 
+-	cmd="curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC_ADDR}/interface-id -H \"X-aws-ec2-metadata-token: $TOKEN\""
+-	ocf_log debug "executing command: $cmd"
++	cmd="curl_retry \"$OCF_RESKEY_curl_retries\" \"$OCF_RESKEY_curl_sleep\" \"--show-error -s -H 'X-aws-ec2-metadata-token: $TOKEN'\" \"http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC_ADDR}/interface-id\""
+ 	EC2_NETWORK_INTERFACE_ID="$(eval $cmd)"
+-	rc=$?
+-	if [ $rc != 0 ]; then
+-		ocf_log warn "command failed, rc: $rc"
+-		return $OCF_ERR_GENERIC
+-	fi
++	[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
+ 	ocf_log debug "network interface id associated MAC address ${MAC_ADDR}: ${EC2_NETWORK_INTERFACE_ID}"
+ 	echo $EC2_NETWORK_INTERFACE_ID
+ }
+diff --git a/heartbeat/aws-vpc-route53.in b/heartbeat/aws-vpc-route53.in
+index 18ab157e8..eba2ed95c 100644
+--- a/heartbeat/aws-vpc-route53.in
++++ b/heartbeat/aws-vpc-route53.in
+@@ -53,6 +53,8 @@ OCF_RESKEY_hostedzoneid_default=""
+ OCF_RESKEY_fullname_default=""
+ OCF_RESKEY_ip_default="local"
+ OCF_RESKEY_ttl_default=10
++OCF_RESKEY_curl_retries_default="3"
++OCF_RESKEY_curl_sleep_default="1"
+ 
+ : ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
+ : ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}}
+@@ -62,6 +64,8 @@ OCF_RESKEY_ttl_default=10
+ : ${OCF_RESKEY_fullname:=${OCF_RESKEY_fullname_default}}
+ : ${OCF_RESKEY_ip:=${OCF_RESKEY_ip_default}}
+ : ${OCF_RESKEY_ttl:=${OCF_RESKEY_ttl_default}}
++: ${OCF_RESKEY_curl_retries=${OCF_RESKEY_curl_retries_default}}
++: ${OCF_RESKEY_curl_sleep=${OCF_RESKEY_curl_sleep_default}}
+ 
+ usage() {
+ 	cat <<-EOT
+@@ -185,6 +189,22 @@ Time to live for Route53 ARECORD
+ <shortdesc lang="en">ARECORD TTL</shortdesc>
+ <content type="string" default="${OCF_RESKEY_ttl_default}" />
+ </parameter>
++
++<parameter name="curl_retries" unique="0">
++<longdesc lang="en">
++curl retries before failing
++</longdesc>
++<shortdesc lang="en">curl retries</shortdesc>
++<content type="integer" default="${OCF_RESKEY_curl_retries_default}" />
++</parameter>
++
++<parameter name="curl_sleep" unique="0">
++<longdesc lang="en">
++curl sleep between tries
++</longdesc>
++<shortdesc lang="en">curl sleep</shortdesc>
++<content type="integer" default="${OCF_RESKEY_curl_sleep_default}" />
++</parameter>
+ </parameters>
+ 
+ <actions>
+@@ -357,8 +377,11 @@ r53_monitor() {
+ _get_ip() {
+ 	case $OCF_RESKEY_ip in
+ 		local|public)
+-			TOKEN=$(curl -sX PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
+-			IPADDRESS=$(curl -s http://169.254.169.254/latest/meta-data/${OCF_RESKEY_ip}-ipv4 -H "X-aws-ec2-metadata-token: $TOKEN");;
++			TOKEN=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -sX PUT -H 'X-aws-ec2-metadata-token-ttl-seconds: 21600'" "http://169.254.169.254/latest/api/token")
++			[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
++			IPADDRESS=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/${OCF_RESKEY_ip}-ipv4")
++			[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
++			;;
+ 		*.*.*.*)
+ 			IPADDRESS="${OCF_RESKEY_ip}";;
+ 	esac
+diff --git a/heartbeat/awseip b/heartbeat/awseip
+index 49b0ca615..ffb6223a1 100755
+--- a/heartbeat/awseip
++++ b/heartbeat/awseip
+@@ -49,12 +49,16 @@ OCF_RESKEY_auth_type_default="key"
+ OCF_RESKEY_profile_default="default"
+ OCF_RESKEY_region_default=""
+ OCF_RESKEY_api_delay_default="3"
++OCF_RESKEY_curl_retries_default="3"
++OCF_RESKEY_curl_sleep_default="1"
+ 
+ : ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
+ : ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}}
+ : ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
+ : ${OCF_RESKEY_region=${OCF_RESKEY_region_default}}
+ : ${OCF_RESKEY_api_delay=${OCF_RESKEY_api_delay_default}}
++: ${OCF_RESKEY_curl_retries=${OCF_RESKEY_curl_retries_default}}
++: ${OCF_RESKEY_curl_sleep=${OCF_RESKEY_curl_sleep_default}}
+ 
+ meta_data() {
+     cat <<END
+@@ -141,6 +145,22 @@ a short delay between API calls, to avoid sending API too quick
+ <content type="integer" default="${OCF_RESKEY_api_delay_default}" />
+ </parameter>
+ 
++<parameter name="curl_retries" unique="0">
++<longdesc lang="en">
++curl retries before failing
++</longdesc>
++<shortdesc lang="en">curl retries</shortdesc>
++<content type="integer" default="${OCF_RESKEY_curl_retries_default}" />
++</parameter>
++
++<parameter name="curl_sleep" unique="0">
++<longdesc lang="en">
++curl sleep between tries
++</longdesc>
++<shortdesc lang="en">curl sleep</shortdesc>
++<content type="integer" default="${OCF_RESKEY_curl_sleep_default}" />
++</parameter>
++
+ </parameters>
+ 
+ <actions>
+@@ -171,14 +191,18 @@ awseip_start() {
+     awseip_monitor && return $OCF_SUCCESS
+ 
+     if [ -n "${PRIVATE_IP_ADDRESS}" ]; then
+-        NETWORK_INTERFACES_MACS=$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/ -H "X-aws-ec2-metadata-token: $TOKEN")
++        NETWORK_INTERFACES_MACS=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "-s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/network/interfaces/macs/")
+         for MAC in ${NETWORK_INTERFACES_MACS}; do
+-            curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/local-ipv4s -H "X-aws-ec2-metadata-token: $TOKEN" |
++            curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "-s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC%/*}/local-ipv4s" |
+                 grep -q "^${PRIVATE_IP_ADDRESS}$"
+             if [ $? -eq 0 ]; then
+-                NETWORK_ID=$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/interface-id -H "X-aws-ec2-metadata-token: $TOKEN")
++                NETWORK_ID=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "-s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC%/*}/interface-id")
+             fi
+         done
++        if [ -z "$NETWORK_ID" ]; then
++            ocf_exit_reason "Could not find network interface for private_ip_address: $PRIVATE_IP_ADDRESS"
++            exit $OCF_ERR_GENERIC
++        fi
+         $AWSCLI_CMD ec2 associate-address  \
+             --network-interface-id ${NETWORK_ID} \
+             --allocation-id ${ALLOCATION_ID} \
+@@ -282,8 +306,10 @@ fi
+ ELASTIC_IP="${OCF_RESKEY_elastic_ip}"
+ ALLOCATION_ID="${OCF_RESKEY_allocation_id}"
+ PRIVATE_IP_ADDRESS="${OCF_RESKEY_private_ip_address}"
+-TOKEN=$(curl -sX PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
+-INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id -H "X-aws-ec2-metadata-token: $TOKEN")
++TOKEN=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -sX PUT -H 'X-aws-ec2-metadata-token-ttl-seconds: 21600'" "http://169.254.169.254/latest/api/token")
++[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
++INSTANCE_ID=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/instance-id")
++[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
+ 
+ case $__OCF_ACTION in
+     start)
+diff --git a/heartbeat/awsvip b/heartbeat/awsvip
+index bdb4d68dd..f2b238a0f 100755
+--- a/heartbeat/awsvip
++++ b/heartbeat/awsvip
+@@ -48,12 +48,16 @@ OCF_RESKEY_auth_type_default="key"
+ OCF_RESKEY_profile_default="default"
+ OCF_RESKEY_region_default=""
+ OCF_RESKEY_api_delay_default="3"
++OCF_RESKEY_curl_retries_default="3"
++OCF_RESKEY_curl_sleep_default="1"
+ 
+ : ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
+ : ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}}
+ : ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
+ : ${OCF_RESKEY_region=${OCF_RESKEY_region_default}}
+ : ${OCF_RESKEY_api_delay=${OCF_RESKEY_api_delay_default}}
++: ${OCF_RESKEY_curl_retries=${OCF_RESKEY_curl_retries_default}}
++: ${OCF_RESKEY_curl_sleep=${OCF_RESKEY_curl_sleep_default}}
+ 
+ meta_data() {
+     cat <<END
+@@ -124,6 +128,22 @@ a short delay between API calls, to avoid sending API too quick
+ <content type="integer" default="${OCF_RESKEY_api_delay_default}" />
+ </parameter>
+ 
++<parameter name="curl_retries" unique="0">
++<longdesc lang="en">
++curl retries before failing
++</longdesc>
++<shortdesc lang="en">curl retries</shortdesc>
++<content type="integer" default="${OCF_RESKEY_curl_retries_default}" />
++</parameter>
++
++<parameter name="curl_sleep" unique="0">
++<longdesc lang="en">
++curl sleep between tries
++</longdesc>
++<shortdesc lang="en">curl sleep</shortdesc>
++<content type="integer" default="${OCF_RESKEY_curl_sleep_default}" />
++</parameter>
++
+ </parameters>
+ 
+ <actions>
+@@ -246,10 +266,14 @@ if [ -n "${OCF_RESKEY_region}" ]; then
+ 	AWSCLI_CMD="$AWSCLI_CMD --region ${OCF_RESKEY_region}"
+ fi
+ SECONDARY_PRIVATE_IP="${OCF_RESKEY_secondary_private_ip}"
+-TOKEN=$(curl -sX PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
+-INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id -H "X-aws-ec2-metadata-token: $TOKEN")
+-MAC_ADDRESS=$(curl -s http://169.254.169.254/latest/meta-data/mac -H "X-aws-ec2-metadata-token: $TOKEN")
+-NETWORK_ID=$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC_ADDRESS}/interface-id -H "X-aws-ec2-metadata-token: $TOKEN")
++TOKEN=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -sX PUT -H 'X-aws-ec2-metadata-token-ttl-seconds: 21600'" "http://169.254.169.254/latest/api/token")
++[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
++INSTANCE_ID=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/instance-id")
++[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
++MAC_ADDRESS=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/mac")
++[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
++NETWORK_ID=$(curl_retry "$OCF_RESKEY_curl_retries" "$OCF_RESKEY_curl_sleep" "--show-error -s -H 'X-aws-ec2-metadata-token: $TOKEN'" "http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC_ADDRESS}/interface-id")
++[ $? -ne 0 ] && exit $OCF_ERR_GENERIC
+ 
+ case $__OCF_ACTION in
+     start)

gating.yaml

@@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-8
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

resource-agents.spec

@@ -73,7 +73,7 @@
 Name:		resource-agents
 Summary:	Open Source HA Reusable Cluster Resource Scripts
 Version:	4.9.0
-Release:	54%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
+Release:	54%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}.1
 License:	GPLv2+ and LGPLv2+
 URL:		https://github.com/ClusterLabs/resource-agents
 %if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
@@ -160,6 +160,8 @@ Patch63:	RHEL-15305-1-findif.sh-fix-loopback-handling.patch
 Patch64:	RHEL-16248-aws-vpc-move-ip-aws-vpc-route53-awseip-awsvip-auth_type-role.patch
 Patch65:	RHEL-17083-findif-EOS-fix.patch
 Patch66:	RHEL-15305-2-findif.sh-dont-use-table-parameter.patch
+Patch67:	RHEL-34137-aws-agents-use-curl_retry.patch
+Patch68:	RHEL-32828-db2-fix-OCF_SUCESS-typo.patch
 
 # bundle patches
 Patch1000:	7-gcp-bundled.patch
@@ -408,6 +410,8 @@ exit 1
 %patch -p1 -P 64
 %patch -p1 -P 65
 %patch -p1 -P 66
+%patch -p1 -P 67 -F1
+%patch -p1 -P 68
 
 chmod 755 heartbeat/nova-compute-wait
 chmod 755 heartbeat/NovaEvacuate
@@ -989,6 +993,13 @@ ccs_update_schema > /dev/null 2>&1 ||:
 %{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm
 
 %changelog
+* Thu May 30 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-54.1
+- AWS agents: retry failed metadata requests to avoid instantly
+  failing when there is a hiccup in the network or metadata service
+- db2: fix OCF_SUCESS typo
+
+  Resolves: RHEL-34137, RHEL-32828
+
 * Thu Feb  8 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-54
 - findif.sh: fix loopback IP handling
 

rpminspect.yaml

@@ -0,0 +1,22 @@
+---
+xml:
+    # Do not try to XML-validate this DTD file
+    ignore:
+        - /usr/share/resource-agents/ra-api-1.dtd
+
+files:
+    # These paths are explicitly used in this package
+    ignore:
+        - /usr/lib/ocf/resource.d/heartbeat
+        - /usr/lib/resource-agents
+
+badfuncs:
+    # This program uses gethostbyname2, inet_aton, and inet_ntoa
+    ignore:
+        - /usr/libexec/heartbeat/send_arp
+
+upstream:
+    ignore:
+        # these files have to be bundled in resource-agents now
+        - httplib2-0.20.4.tar.gz
+        - pyparsing-2.4.7-py2.py3-none-any.whl

sources

@@ -0,0 +1,12 @@
+SHA512 (ClusterLabs-resource-agents-55a4e2c9.tar.gz) = 0b8dbf466cc4be3e165e4fb3b6a3ce93a6b49a7f4a7dc27916bfe3ec0b5de1e9df5c114d255608fb6ba1ca945ba49a4626e95cd28d6852e2e09d099d6edcb00b
+SHA512 (aliyun-cli-2.1.10.tar.gz) = 1c883e1116b695ff87f81bebc506df04004d097157cd817ac8dc81a18bc4df308579c5c34b3396a90a59cd07f5d9079002295231d999fa26eaf56914ea6ede9f
+SHA512 (aliyun-python-sdk-core-2.13.1.tar.gz) = c9eaccf3ed06ff2f5edc89d605511223650816ae3b192e6149f1b113d1d04c05c5220bdd588dc83024486748354436fec65fa59f5858befaa7cf9524dbb6da19
+SHA512 (aliyun-python-sdk-ecs-4.9.3.tar.gz) = 83b35b7e774fa8892106f771731cc11ca823fe3d6f3e2f5bc5f075e475623573b9123e5ecb2a750d13ebcda9bc76242485636d2d3284c3eec89afcb4ec3070a4
+SHA512 (aliyun-python-sdk-vpc-3.0.2.tar.gz) = e9e4f8224f828a0e0737e4515799e62e4d3808ef2985ae733c8dbe88961daae2d7524000d1ec09e6a5d7ec9491f1e29365e61a4bcfa4b6dbf5a4ec338386e209
+SHA512 (colorama-0.3.3.tar.gz) = 2e960ee25f89ca4bc21fc5ab7dac12bd09c9139c4af04a5131ead31f01bb86af23e749e85dafe0bda814b032cc917ad03c0152b333eb532646603b470adbbb64
+SHA512 (google-cloud-sdk-360.0.0-linux-x86_64.tar.gz) = 0e441359edd981038310c7e66ed3cbdaff1c5b24264bdebdca351ea5cbdef7b54b8d9d56ee45c713f467e65f1bc949c7f5175cd06ed16eae05bd589b187b6260
+SHA512 (httplib2-0.20.4.tar.gz) = 67c553926c1e103800bf622a4bb9ee6c3222fb33526f94fc64afa7e876281551bb6e42c8fce5d956f1f64a1727a25d457d23acb26360b69493dcaa3f8991e0be
+SHA512 (pycryptodome-3.20.0.tar.gz) = 9fed02190db9ae71b6895af2525d7670858817acf213c494969104da81138dacb11bc00be83b308e070a2c90766cd763e25a611ada402b32f6160a8ac9283f85
+SHA512 (pyparsing-2.4.7-py2.py3-none-any.whl) = acb6b4ff90254d73804621d302926deb69bc99ffde16d7aa16cba7d0af7a53c25b7197d422309d9e82a766704fd7ea4c8b078a48d2e7d8658a8b237266fe24f5
+SHA512 (pyroute2-0.4.13.tar.gz) = 7a86ef38c4892198a29b688b225df9b7fe7761a1685d7bf0430252783d93cfb13a52c82e05ba808f11b82ff3deac178585487eaa3adf77487a4e8402987fe646
+SHA512 (urllib3-1.26.18.tar.gz) = c89e93a032bf6b11375c06ef7c5abc1868f93e7655cfdca09e9bd939ad415d206ea159fe151ecd2e5f725e0e18a831c7a5382ad01dbc32264154fc8af7aec156

tests/run_tests.sh

@@ -0,0 +1,26 @@
+#!/bin/sh
+
+err=0
+
+agents=$(pcs resource list ocf:heartbeat 2>&1)
+if [ $(echo "$agents" | wc -l) -lt 2 ]; then
+	echo "ERROR: pcs: agents available:\n$agents"
+	err=$((err+1))
+else
+	echo "INFO: pcs: agents available..."
+fi
+
+for bin in aliyuncli-ra "gcloud-ra -v"; do
+	output="$($bin 2>&1)"
+	if [ $? -ne 0 ]; then
+		echo -e "ERROR: $bin failed:\n$output"
+		err=$((err+1))
+	else
+		echo "INFO: $bin works..."
+	fi
+done
+
+if [ $err -ge 1 ]; then
+	echo -e "\nERROR: $err tests FAILED..."
+	exit 1
+fi

tests/tests.yml

@@ -0,0 +1,16 @@
+- hosts: localhost
+  roles:
+    - role: standard-test-basic
+      tags:
+        - classic
+        - container
+      required_packages:
+        - resource-agents
+        - resource-agents-aliyun
+        - resource-agents-gcp
+        - pcs
+
+      tests:
+        - subpackage_tests:
+            dir: .
+            run: ./run_tests.sh