support gather_facts: false; snapshots; many other fixes, features

[Improvement] Allow System Role to reset to default Firewalld Settings
Resolves: rhbz#2043010

[RFE] add an option to the metrics role to enable postfix metric collection
Resolves: rhbz#2051737

sshd system role should not assume that RHEL 9 /etc/ssh/sshd_config has "Include > /etc/ssh/sshd_config.d/*.conf"
Resolves: rhbz#2052081

sshd system role should be able to optionally manage /etc/ssh/sshd_config on RHEL 9
Resolves: rhbz#2052086

logging tests fail during cleanup if no cloud-init on system
Resolves: rhbz#2058799

Metrics role, with "metrics_from_mssql" option does not configure /var/lib/pcp/pmdas/mssql/mssql.conf on first run
Resolves: rhbz#2060523

timesync: basic-smoke test failure in timesync/tests_ntp.yml
Resolves: rhbz#2060524

kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves: rhbz#2060525

Firewall system role Ansible deprecation warning related to "include"
Resolves: rhbz#2061511

ha_cluster - support advanced corosync configuration
Resolves: rhbz#2065337

network - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065382

Postfix RHEL System Role should provide the ability to replace config and reset configuration back to default [rhel-9.1.0]
Resolves: rhbz#2065383

metrics - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065392

postfix - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065393

bond: fix typo in supporting the infiniband ports in active-backup mode [rhel-9.1.0]
Resolves: rhbz#2065394

pytest failed when running with nm providers in the rhel-8.5 beaker machine [rhel-9.1.0]
Resolves: rhbz#2066911

NBDE client system role does not support servers with static IP addresses [rhel-9.1.0]
Resolves: rhbz#2070462

Tlog role - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default
Resolves: rhbz#2071804

ha_cluster - add support for configuring bundle resources
Resolves: rhbz#2073519

FIPS mode detection in SSHD role is wrong
Resolves: rhbz#2073605

Logging - RFE - support template, severity and facility options
Resolves: rhbz#2075119

All roles should support running with gather_facts: false
Resolves: rhbz#2078989

[RFE] Extend rhel-system-roles.network feature set to support routing rules
Resolves: rhbz#2079622

ha_cluster - support SBD fencing
Resolves: rhbz#2079626

RFE storage Less verbosity by default
Resolves: rhbz#2079627

storage role cannot set mount_options for volumes
Resolves: rhbz#2083376

Rework the infiniband support
Resolves: rhbz#2086965
This commit is contained in:
Rich Megginson 2022-04-27 18:47:49 -06:00
parent ae192a3465
commit 72d0c45898
2 changed files with 175 additions and 77 deletions

View File

@ -30,7 +30,7 @@ Name: linux-system-roles
%endif %endif
Url: https://github.com/linux-system-roles Url: https://github.com/linux-system-roles
Summary: Set of interfaces for unified system management Summary: Set of interfaces for unified system management
Version: 1.15.1 Version: 1.18.0
Release: 1%{?dist} Release: 1%{?dist}
#Group: Development/Libraries #Group: Development/Libraries
@ -127,85 +127,85 @@ BuildRequires: %{ansible_build_dep}
#%%defcommit 1 14314822b529520ac12964e0d2938c4bb18ab895 #%%defcommit 1 14314822b529520ac12964e0d2938c4bb18ab895
%global rolename1 postfix %global rolename1 postfix
%deftag 1 1.1.3 %deftag 1 1.2.3
#%%defcommit 2 9fe6eb36772e83b53dcfb8ceb73608fd4f72eeda #%%defcommit 2 9fe6eb36772e83b53dcfb8ceb73608fd4f72eeda
%global rolename2 selinux %global rolename2 selinux
%deftag 2 1.3.4 %deftag 2 1.3.6
#%%defcommit 3 cbe4bf262bffae3bf53e531662237741954c4182 #%%defcommit 3 cbe4bf262bffae3bf53e531662237741954c4182
%global rolename3 timesync %global rolename3 timesync
%deftag 3 1.6.6 %deftag 3 1.6.8
#%%defcommit 4 02fc72b482e165472624b2f68eecd2ddce1d93b1 #%%defcommit 4 02fc72b482e165472624b2f68eecd2ddce1d93b1
%global rolename4 kdump %global rolename4 kdump
%deftag 4 1.2.2 %deftag 4 1.2.4
%defcommit 5 61423ed36fc6da6dbe8321912e896c59a2d8e2f6 #%%defcommit 5 bf6215dab8357722ccc6052b27c2b029287ed5e6
%global rolename5 network %global rolename5 network
#%%deftag 5 1.7.0 %deftag 5 1.8.0
#%%defcommit 6 50d2b8ccc98a8f4cb9d1d550d21adc227181e9fa #%%defcommit 6 50d2b8ccc98a8f4cb9d1d550d21adc227181e9fa
%global rolename6 storage %global rolename6 storage
%deftag 6 1.7.0 %deftag 6 1.7.3
#%%defcommit 7 0673d842fb32c437501e2aada2e38921da98e115 #%%defcommit 7 d57caa8ca506d8cbc7ca0f96f7cb62b7e965f163
%global rolename7 metrics %global rolename7 metrics
%deftag 7 1.4.1 %deftag 7 1.7.2
#%%defcommit 8 2b9e53233ee3a68bdb532e62f289733e436a6106 #%%defcommit 8 2b9e53233ee3a68bdb532e62f289733e436a6106
%global rolename8 tlog %global rolename8 tlog
%deftag 8 1.2.5 %deftag 8 1.2.8
#%%defcommit 9 9373303b98e09ef38df7afc8d06e5e55812096c7 #%%defcommit 9 9373303b98e09ef38df7afc8d06e5e55812096c7
%global rolename9 kernel_settings %global rolename9 kernel_settings
%deftag 9 1.1.6 %deftag 9 1.1.8
#%%defcommit 10 20dd3e5520ca06dcccaa9b3f1fb428d055e0c23f #%%defcommit 10 20dd3e5520ca06dcccaa9b3f1fb428d055e0c23f
%global rolename10 logging %global rolename10 logging
%deftag 10 1.8.1 %deftag 10 1.9.2
#%%defcommit 11 c57d0b1f3384c525738fa26ba4bdca485e162567 #%%defcommit 11 c57d0b1f3384c525738fa26ba4bdca485e162567
%global rolename11 nbde_server %global rolename11 nbde_server
%deftag 11 1.1.2 %deftag 11 1.1.4
#%%defcommit 12 bef2fad5e365712d1f40e53662490ba2550a253f #%%defcommit 12 bef2fad5e365712d1f40e53662490ba2550a253f
%global rolename12 nbde_client %global rolename12 nbde_client
%deftag 12 1.2.0 %deftag 12 1.2.4
#%%defcommit 13 310fc53db04e8d3134524afb7a89b0477a2ffb83 #%%defcommit 13 310fc53db04e8d3134524afb7a89b0477a2ffb83
%global rolename13 certificate %global rolename13 certificate
%deftag 13 1.1.3 %deftag 13 1.1.5
#%%defcommit 14 b2a9857ac661fa32e66666e444b73bfdb34cdf95 #%%defcommit 14 b2a9857ac661fa32e66666e444b73bfdb34cdf95
%global rolename14 crypto_policies %global rolename14 crypto_policies
%deftag 14 1.2.3 %deftag 14 1.2.5
%global forgeorg15 https://github.com/willshersystems %global forgeorg15 https://github.com/willshersystems
%global repo15 ansible-sshd %global repo15 ansible-sshd
%global rolename15 sshd %global rolename15 sshd
%defcommit 15 214df35c0bee77b5d69f49c2da269251d451b28f #%%defcommit 15 2ba5bfee852aec5f699bf1c53193f7935beed825
#%%deftag 15 v0.14.1 %deftag 15 v0.15.0
#%%defcommit 16 59b9fd7b25607d8bd33bdb082748955f2652846a #%%defcommit 16 59b9fd7b25607d8bd33bdb082748955f2652846a
%global rolename16 ssh %global rolename16 ssh
%deftag 16 1.1.4 %deftag 16 1.1.6
#%%defcommit 17 f901239cb91878719c9e7461760ef8d4789d626d #%%defcommit 17 f901239cb91878719c9e7461760ef8d4789d626d
%global rolename17 ha_cluster %global rolename17 ha_cluster
%deftag 17 1.4.1 %deftag 17 1.7.1
#%%defcommit 18 5f6cb73e6753fbdbb219b7d3079f0378b2d3bdb3 #%%defcommit 18 5f6cb73e6753fbdbb219b7d3079f0378b2d3bdb3
%global rolename18 vpn %global rolename18 vpn
%deftag 18 1.3.2 %deftag 18 1.3.4
%global rolename19 firewall %global rolename19 firewall
%deftag 19 1.1.0 %deftag 19 1.2.1
%global rolename20 cockpit %global rolename20 cockpit
%deftag 20 1.2.1 %deftag 20 1.2.4
%global mainid 07860ebb58a41f294b5ff41b1b5ab8f358cd9513 %global mainid ff651c10be686d55e26b17f1a0e99e248a1acd63
Source: %{url}/auto-maintenance/archive/%{mainid}/auto-maintenance-%{mainid}.tar.gz Source: %{url}/auto-maintenance/archive/%{mainid}/auto-maintenance-%{mainid}.tar.gz
Source1: %{archiveurl1} Source1: %{archiveurl1}
Source2: %{archiveurl2} Source2: %{archiveurl2}
@ -230,11 +230,11 @@ Source20: %{archiveurl20}
# Collection tarballs from Automation Hub # Collection tarballs from Automation Hub
# Not used on Fedora. # Not used on Fedora.
Source801: ansible-posix-1.3.0.tar.gz Source801: ansible-posix-1.4.0.tar.gz
# Collection tarballs from Galaxy # Collection tarballs from Galaxy
# Not used on Fedora. # Not used on Fedora.
Source901: community-general-4.4.0.tar.gz Source901: community-general-5.0.0.tar.gz
# Script to convert the collection README to Automation Hub. # Script to convert the collection README to Automation Hub.
# Not used on Fedora. # Not used on Fedora.
@ -242,8 +242,6 @@ Source998: collection_readme.sh
Patch51: network-disable-bondtests.diff Patch51: network-disable-bondtests.diff
Patch71: metrics-symlink_follow.diff
BuildArch: noarch BuildArch: noarch
%if %{with html} %if %{with html}
@ -336,8 +334,11 @@ cd %{rolename5}
%patch51 -p1 %patch51 -p1
cd .. cd ..
cd %{rolename15} cd %{rolename15}
sed -r -i -e "s/ansible-sshd/linux-system-roles.sshd/" tests/*.yml examples/*.yml find -P tests examples -name \*.yml | while read file; do
sed -r -i -e "s/ willshersystems.sshd/ linux-system-roles.sshd/" tests/*.yml examples/*.yml README.md sed -r -i -e "s/ansible-sshd/linux-system-roles.sshd/" \
-e "s/ willshersystems.sshd/ linux-system-roles.sshd/" "$file"
done
sed -r -i -e "s/ willshersystems.sshd/ linux-system-roles.sshd/" README.md
sed -r -i -e "s/min_ansible_version: 2.8/min_ansible_version: 2.9/" meta/main.yml sed -r -i -e "s/min_ansible_version: 2.8/min_ansible_version: 2.9/" meta/main.yml
cd .. cd ..
@ -352,7 +353,6 @@ if [ "$rolesdir" != "$realrolesdir" ]; then
mv "$realrolesdir" . mv "$realrolesdir" .
rm -rf vendor rm -rf vendor
fi fi
%patch71 -p1
cd .. cd ..
%if 0%{?rhel} %if 0%{?rhel}
@ -394,7 +394,15 @@ for module in "${!module_map[@]}"; do
if [ ! -d $role/library ]; then if [ ! -d $role/library ]; then
mkdir $role/library mkdir $role/library
fi fi
cp -pL .external/community/general/plugins/modules/$module $role/library/$module # version 5.0.0 seems to be broken?
moduledir=.external/community/general/plugins/modules
if [ ! -f $moduledir/$module ]; then
moduledir=.external/community/general/plugins/modules/system
fi
if [ ! -f $moduledir/$module ]; then
moduledir=.external/community/general/plugins/modules/files
fi
cp -pL $moduledir/$module $role/library/$module
ls -alrtF $role/library/$module ls -alrtF $role/library/$module
sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' $role/library/$module sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' $role/library/$module
done done
@ -713,6 +721,140 @@ fi
%endif %endif
%changelog %changelog
* Mon May 02 2022 Rich Megginson <rmeggins@redhat.com> - 1.18.0-1
- firewall - [Improvement] Allow System Role to reset to default Firewalld Settings
Resolves: rhbz#2043010 (9.1.0)
- metrics - [RFE] add an option to the metrics role to enable postfix metric collection
Resolves: rhbz#2051737 (9.1.0)
- network - Rework the infiniband support
Resolves: rhbz#2086965 (9.1.0)
- sshd - recurse into tests and examples sub-directories when replacing string in files
the sshd role latest version added sub-directories under tests that need
role name replacement - so just use find
- sshd - sshd system role should not assume that RHEL 9 /etc/ssh/sshd_config has "Include > /etc/ssh/sshd_config.d/*.conf"
Resolves: rhbz#2052081 (9.1.0)
- sshd - sshd system role should be able to optionally manage /etc/ssh/sshd_config on RHEL 9
Resolves: rhbz#2052086 (9.1.0)
- storage - storage role cannot set mount_options for volumes
Resolves: rhbz#2083376 (9.1.0)
* Mon Apr 25 2022 Rich Megginson <rmeggins@redhat.com> - 1.17.0-1
- All roles should support running with gather_facts: false
Resolves: rhbz#2078989 (9.1.0)
- firewall - Firewall system role Ansible deprecation warning related to "include"
Resolves: rhbz#2061511 (9.1.0)
- ha_cluster - ha_cluster - support advanced corosync configuration
Resolves: rhbz#2065337 (9.1.0)
- ha_cluster - ha_cluster - support SBD fencing
Resolves: rhbz#2079626 (9.1.0)
- ha_cluster - ha_cluster - add support for configuring bundle resources
Resolves: rhbz#2073519 (9.1.0)
- kernel_settings - kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves: rhbz#2060525 (9.1.0)
- logging - logging tests fail during cleanup if no cloud-init on system
Resolves: rhbz#2058799 (9.1.0)
- logging - Logging - RFE - support template, severity and facility options
Resolves: rhbz#2075119 (9.1.0)
- metrics - Metrics role, with "metrics_from_mssql" option does not configure /var/lib/pcp/pmdas/mssql/mssql.conf on first run
Resolves: rhbz#2060523 (9.1.0)
- metrics - metrics - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2065392 (9.1.0)
- metrics - [RFE] add an option to the metrics role to enable postfix metric collection
Resolves: rhbz#2051737 (9.1.0)
- nbde_client - NBDE client system role does not support servers with static IP addresses
Resolves: rhbz#2070462 (9.1.0)
- network - [RFE] Extend rhel-system-roles.network feature set to support routing rules
Resolves: rhbz#2079622 (9.1.0)
- network - bond: fix typo in supporting the infiniband ports in active-backup mode
Resolves: rhbz#2065394 (9.1.0)
- network - pytest failed when running with nm providers in the rhel-8.5 beaker machine
Resolves: rhbz#2066911 (9.1.0)
- network - network - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2065382 (9.1.0)
- postfix - postfix - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2065393 (9.1.0)
- postfix - Postfix RHEL System Role should provide the ability to replace config and reset configuration back to default
Resolves: rhbz#2065383 (9.1.0)
- sshd - FIPS mode detection in SSHD role is wrong
Resolves: rhbz#2073605 (9.1.0)
- storage - RFE storage Less verbosity by default
Resolves: rhbz#2079627 (9.1.0)
- timesync - timesync: basic-smoke test failure in timesync/tests_ntp.yml
Resolves: rhbz#2060524 (9.1.0)
- tlog - Tlog role - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default
Resolves: rhbz#2071804 (9.1.0)
* Thu Apr 07 2022 Rich Megginson <rmeggins@redhat.com> - 1.16.3-1
- tlog - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default
Resolves rhbz#2072749 (EL8)
Resolves rhbz#2071804 (EL9)
* Wed Apr 06 2022 Sergei Petrosian <spetrosi@redhat.com> - 1.16.2-2
- Update community.general
* Thu Mar 31 2022 Rich Megginson <rmeggins@redhat.com> - 1.16.2-1
- nbde_client - NBDE client system role does not support servers with static IP addresses
previous fix did not handle some other cases
Resolves rhbz#1985022 (EL8)
Resolves rhbz#2031555 (EL9)
* Tue Mar 29 2022 Rich Megginson <rmeggins@redhat.com> - 1.16.1-1
- nbde_client - NBDE client system role does not support servers with static IP addresses
previous fix did not handle some cases
Resolves rhbz#1985022 (EL8)
Resolves rhbz#2031555 (EL9)
* Tue Mar 22 2022 Sergei Petrosian <spetrosi@redhat.com> - 1.16.0-2
- Update community.general
* Tue Mar 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.16.0-1
- network - pytest failed when running with nm providers in the rhel-8.5 beaker machine
Resolves rhbz#2064396 (EL8)
Resolves rhbz#2064401 (EL9)
- network - bond: fix typo in supporting the infiniband ports in active-backup modekernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves rhbz#2064388 (EL8)
Resolves rhbz#2064391 (EL9)
- network - consistently use ansible_managed in configuration files managed by role
Resolves rhbz#2057656 (EL8)
Resolves rhbz#2057657 (EL9)
- metrics - consistently use ansible_managed in configuration files managed by role
Resolves rhbz#2057645 (EL8)
Resolves rhbz#2057647 (EL9)
- postfix - consistently use ansible_managed in configuration files managed by role
Resolves rhbz#2057661 (EL8)
Resolves rhbz#2057662 (EL9)
- postfix - provide the ability to replace config and reset configuration back to default
Resolves rhbz#2044657 (EL8)
Resolves rhbz#2058780 (EL9)
- new tags required in galaxy.yml for Automation Hub
* Thu Mar 3 2022 Rich Megginson <rmeggins@redhat.com> - 1.15.1-1 * Thu Mar 3 2022 Rich Megginson <rmeggins@redhat.com> - 1.15.1-1
- kernel_settings error configobj not found on RHEL 8.6 managed hosts - kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves rhbz#2058772 (EL8) Resolves rhbz#2058772 (EL8)

View File

@ -1,44 +0,0 @@
From e7cc032dae8b740428b334eac179b4aa243f0aea Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
<41898282+github-actions[bot]@users.noreply.github.com>
Date: Tue, 1 Mar 2022 02:35:22 +0000
Subject: [PATCH] Squashed 'vendor/github.com/performancecopilot/ansible-pcp/'
changes from 2da846b..e41f4bd
e41f4bd Merge branch 'nhosoi-ansible_managed'
49337e0 Add "follow: yes" to the template task in the mssql and elasticsearch subrole.
git-subtree-dir: vendor/github.com/performancecopilot/ansible-pcp
git-subtree-split: e41f4bd98809ae49534e3f24feec3ce9c49c86ed
---
roles/elasticsearch/tasks/main.yml | 1 +
roles/mssql/tasks/main.yml | 1 +
2 files changed, 2 insertions(+)
diff --git a/roles/elasticsearch/tasks/main.yml b/roles/elasticsearch/tasks/main.yml
index 2ca9768..d806fad 100644
--- a/roles/elasticsearch/tasks/main.yml
+++ b/roles/elasticsearch/tasks/main.yml
@@ -45,6 +45,7 @@
template:
src: elasticsearch.conf.j2
dest: "{{ __elasticsearch_conf }}"
+ follow: yes
mode: 0600
when:
- elasticsearch_metrics_provider == 'pcp'
diff --git a/roles/mssql/tasks/main.yml b/roles/mssql/tasks/main.yml
index e951d1e..d6c9525 100644
--- a/roles/mssql/tasks/main.yml
+++ b/roles/mssql/tasks/main.yml
@@ -34,6 +34,7 @@
template:
src: mssql.conf.j2
dest: "{{ __mssql_conf }}"
+ follow: yes
mode: 0600
when: mssql_metrics_provider == 'pcp'
--
2.34.1