import rhel-system-roles-1.21.0-2.el9

This commit is contained in:
CentOS Sources 2023-03-28 09:38:08 +00:00 committed by Stepan Oksanichenko
parent 4919636f1c
commit e937f39abb
8 changed files with 466 additions and 347 deletions

50
.gitignore vendored
View File

@ -1,23 +1,27 @@
SOURCES/ansible-posix-1.4.0.tar.gz SOURCES/ad_integration-1.0.2.tar.gz
SOURCES/ansible-sshd-9766d9097a87a130d4c8abde2247aaad5c925ecf.tar.gz SOURCES/ansible-posix-1.5.1.tar.gz
SOURCES/auto-maintenance-c22eff88d40972158cd5c413b7468b4e904cc76c.tar.gz SOURCES/ansible-sshd-v0.18.1.tar.gz
SOURCES/certificate-1.1.6.tar.gz SOURCES/auto-maintenance-d6a8e0167e9ed8d089093b7ead1e298241b534e1.tar.gz
SOURCES/cockpit-1.3.0.tar.gz SOURCES/certificate-1.1.9.tar.gz
SOURCES/community-general-5.4.0.tar.gz SOURCES/cockpit-1.4.3.tar.gz
SOURCES/crypto_policies-1.2.6.tar.gz SOURCES/community-general-6.3.0.tar.gz
SOURCES/firewall-1.4.0.tar.gz SOURCES/containers-podman-1.10.1.tar.gz
SOURCES/ha_cluster-1.7.4.tar.gz SOURCES/crypto_policies-1.2.7.tar.gz
SOURCES/kdump-1.2.5.tar.gz SOURCES/firewall-1.4.2.tar.gz
SOURCES/kernel_settings-1.1.10.tar.gz SOURCES/ha_cluster-1.8.7.tar.gz
SOURCES/logging-1.10.0.tar.gz SOURCES/journald-1.0.0.tar.gz
SOURCES/metrics-1.7.3.tar.gz SOURCES/kdump-1.2.6.tar.gz
SOURCES/nbde_client-1.2.6.tar.gz SOURCES/kernel_settings-1.1.11.tar.gz
SOURCES/nbde_server-1.1.5.tar.gz SOURCES/logging-1.11.5.tar.gz
SOURCES/network-1.9.1.tar.gz SOURCES/metrics-1.8.1.tar.gz
SOURCES/postfix-1.2.4.tar.gz SOURCES/nbde_client-1.2.10.tar.gz
SOURCES/selinux-1.4.0.tar.gz SOURCES/nbde_server-1.3.3.tar.gz
SOURCES/ssh-1.1.9.tar.gz SOURCES/network-1.11.2.tar.gz
SOURCES/storage-1.9.1.tar.gz SOURCES/podman-1.1.2.tar.gz
SOURCES/timesync-1.6.9.tar.gz SOURCES/postfix-1.3.3.tar.gz
SOURCES/tlog-1.2.9.tar.gz SOURCES/selinux-1.5.6.tar.gz
SOURCES/vpn-1.3.5.tar.gz SOURCES/ssh-1.1.12.tar.gz
SOURCES/storage-1.9.6.tar.gz
SOURCES/timesync-1.7.2.tar.gz
SOURCES/tlog-1.2.11.tar.gz
SOURCES/vpn-1.5.3.tar.gz

View File

@ -1,23 +1,27 @@
bca451fd997be80be30f106e49f1bf550d2e609c SOURCES/ansible-posix-1.4.0.tar.gz c531e83edf95f96389a6c1c10ea80ccd2b42cc75 SOURCES/ad_integration-1.0.2.tar.gz
c47e62ecf6502d952378206626ba66e456a73513 SOURCES/ansible-sshd-9766d9097a87a130d4c8abde2247aaad5c925ecf.tar.gz f36cb7b1662ecda55c27f5bc15e0a22a1f11a361 SOURCES/ansible-posix-1.5.1.tar.gz
453a44d1259addc4f702ea79da7b810b420e21f1 SOURCES/auto-maintenance-c22eff88d40972158cd5c413b7468b4e904cc76c.tar.gz 71c988d6ad9b916727cd93b8e2a2154183f5035a SOURCES/ansible-sshd-v0.18.1.tar.gz
25e2045c8fc9d6455d7c5b0c7d32d4976ebc5178 SOURCES/certificate-1.1.6.tar.gz a59d5ba01d5e536e800bc847528f16c16b961375 SOURCES/auto-maintenance-d6a8e0167e9ed8d089093b7ead1e298241b534e1.tar.gz
77b34cce8b416fec3a50900b47cbe6b8216e3036 SOURCES/cockpit-1.3.0.tar.gz 0e3826af628625ef7b16e3f57b6156128fd982c0 SOURCES/certificate-1.1.9.tar.gz
58f117fafe36a19425b3a9bc0ba69f33e5fa81ee SOURCES/community-general-5.4.0.tar.gz 05148744a2d69d469dc3c678bb1a9fb9747dea26 SOURCES/cockpit-1.4.3.tar.gz
56bc0763e0b549c3499a80e95d0953ee6769136a SOURCES/crypto_policies-1.2.6.tar.gz b97ec0ef0ff1390c137323192527129159b7c76f SOURCES/community-general-6.3.0.tar.gz
4ee58deb2a514edd81dbcc56508be4ca9fd49089 SOURCES/firewall-1.4.0.tar.gz ccb070885fd455bb6e7f2b8ca050d40d30609fec SOURCES/containers-podman-1.10.1.tar.gz
6ac7fbfa996fd4425415601d28e5b7b0790682ae SOURCES/ha_cluster-1.7.4.tar.gz 47e3a2db8790c98fd5c09ab1887318b6ba56ce49 SOURCES/crypto_policies-1.2.7.tar.gz
6ae0614d51db00957943fad6967674c0de88862c SOURCES/kdump-1.2.5.tar.gz 1c414411b4960040eebcef2ddd528eea0b47f05f SOURCES/firewall-1.4.2.tar.gz
17f28f701d7842499b232a7b28daae5f51ea631b SOURCES/kernel_settings-1.1.10.tar.gz 7cfd7d6fa2164fcb757a316e123cbe048f8f0ac9 SOURCES/ha_cluster-1.8.7.tar.gz
042ba1183db4d36742a21c92111d68415c7c951a SOURCES/logging-1.10.0.tar.gz 97edc58624de8ccb3f4b628a48811094a0dc1513 SOURCES/journald-1.0.0.tar.gz
4ebbf457b9f0d767d19b7ef322b848e5e4da50ef SOURCES/metrics-1.7.3.tar.gz 439ea600c242c914c90933f287f3caf8c7869c12 SOURCES/kdump-1.2.6.tar.gz
80baf489aea9052ad11c84df7a6adfca75ce7a7b SOURCES/nbde_client-1.2.6.tar.gz 49f4bc8f273339cde0cdecccffa7b902359b2601 SOURCES/kernel_settings-1.1.11.tar.gz
2e2ad1b455da8c0a198524a08ffe16f2c954f131 SOURCES/nbde_server-1.1.5.tar.gz 7fe83b26f954e55a282a4d5398e3064a7783a83a SOURCES/logging-1.11.5.tar.gz
cb01d5d59afdf4f514de5fda2220ea8271ecb699 SOURCES/network-1.9.1.tar.gz e217af697b4e3205177360726f579d01b145be77 SOURCES/metrics-1.8.1.tar.gz
4a31ac4e7d4de65c2a74cfc6f3c4ff852d5a578c SOURCES/postfix-1.2.4.tar.gz cf27267d3d54f1537ddda89f6d4db7abbe55b357 SOURCES/nbde_client-1.2.10.tar.gz
a54aee1fa1b0ee023e4168d0abe880ad6ea64dcb SOURCES/selinux-1.4.0.tar.gz 274986399c55eb35f281173621e75eb2d7ae00e6 SOURCES/nbde_server-1.3.3.tar.gz
fcdbd369bcc41df028f842e49ebff28370d3adb4 SOURCES/ssh-1.1.9.tar.gz 857b1c3ea5a1a48dc964fb5c139861ba01c9e732 SOURCES/network-1.11.2.tar.gz
10b9bf8f3b16fc99d6070af6dbf82f9f889a8ff6 SOURCES/storage-1.9.1.tar.gz fe48a68775bcb87daf3f62ab58a1998ffaa4e6be SOURCES/podman-1.1.2.tar.gz
c0af2701a0f8db1d721bf6df4ba257888be0fe87 SOURCES/timesync-1.6.9.tar.gz 9244301089661fecca31dfee431b32d4876063be SOURCES/postfix-1.3.3.tar.gz
53fd0059c1da4c42228a9c0df592a96cd5a5060f SOURCES/tlog-1.2.9.tar.gz bac983e0dcc5041a4c7d4d25849ed31aaf462df7 SOURCES/selinux-1.5.6.tar.gz
ec3e9a88af360861ea3ef4be92fbb6776690272d SOURCES/vpn-1.3.5.tar.gz 1bb35bc413249ce3209e471687afd60e0e25dddb SOURCES/ssh-1.1.12.tar.gz
0eea1b45136cb807740fa12435b02eccdb35a7ac SOURCES/storage-1.9.6.tar.gz
fefc5b4bd9635bb8fe70a9af9fc178cb5d3e8193 SOURCES/timesync-1.7.2.tar.gz
07c42ba749c110a87469a5c477579582c4d0c538 SOURCES/tlog-1.2.11.tar.gz
5b5ee7283092a16e9ec1aba47ee651274f784416 SOURCES/vpn-1.5.3.tar.gz

View File

@ -1,6 +1,52 @@
Changelog Changelog
========= =========
[1.21.0] - 2023-02-20
----------------------------
### New Features
- [ad_integration - New role - manage AD integration, join to AD domain](https://bugzilla.redhat.com/show_bug.cgi?id=2140795)
- [cockpit - convert cockpit role to use firewall, selinux role, and certificate role](https://bugzilla.redhat.com/show_bug.cgi?id=2137663)
- [ha_cluster - Allow quorum device configuration](https://bugzilla.redhat.com/show_bug.cgi?id=2140804)
- [ha_cluster - convert ha_cluster role to use firewall, selinux and certificate role](https://bugzilla.redhat.com/show_bug.cgi?id=2130010)
- [journald - New role - manage systemd-journald](https://bugzilla.redhat.com/show_bug.cgi?id=2165175)
- [logging - convert logging role to use firewall, selinux role, and certificate role](https://bugzilla.redhat.com/show_bug.cgi?id=2130357)
- [metrics - convert metrics role to use firewall and selinux role](https://bugzilla.redhat.com/show_bug.cgi?id=2133528)
- [nbde_server - convert nbde_server role to use firewall and selinux role](https://bugzilla.redhat.com/show_bug.cgi?id=2133930)
- [network - Support cloned MAC address](https://bugzilla.redhat.com/show_bug.cgi?id=2143768)
- [network - Support setting the metric of the default route for initscripts provider](https://bugzilla.redhat.com/show_bug.cgi?id=2134202)
- [network - Support the DNS priority](https://bugzilla.redhat.com/show_bug.cgi?id=2133858)
- [network - Support looking up named route table in routing rule](https://bugzilla.redhat.com/show_bug.cgi?id=2131293)
- [podman - New role - manage podman containers and systemd](https://bugzilla.redhat.com/show_bug.cgi?id=2143427)
- [postfix - convert postfix role to use firewall and selinux role](https://bugzilla.redhat.com/show_bug.cgi?id=2130329)
- [selinux - add support for the 'local' parameter](https://bugzilla.redhat.com/show_bug.cgi?id=2128843)
- [vpn - Add parameters shared_key_content, ike, esp, type, leftid, rightid](https://bugzilla.redhat.com/show_bug.cgi?id=2119102)
- [vpn - convert vpn role to use firewall and selinux role](https://bugzilla.redhat.com/show_bug.cgi?id=2130344)
### Bug Fixes
- [ha_cluster - use no_log in tasks looping over pot. secret parameters](https://bugzilla.redhat.com/show_bug.cgi?id=2143816)
- [ha_cluster - Allow enabled SBD on disabled cluster](https://bugzilla.redhat.com/show_bug.cgi?id=2153030)
- [ha_cluster - Fix stonith watchdog timeout](https://bugzilla.redhat.com/show_bug.cgi?id=2167528)
- [nbde_client - must handle clevis-luks-askpass and clevis-luks-askpass@ systemd unit names](https://bugzilla.redhat.com/show_bug.cgi?id=2126959)
- [nbde_client - nbde_client_clevis fails with a traceback and prints sensitive data](https://bugzilla.redhat.com/show_bug.cgi?id=2162782)
- [network - should route traffic via correct bond](https://bugzilla.redhat.com/show_bug.cgi?id=2168735)
- [selinux - managing modules is not idempotent](https://bugzilla.redhat.com/show_bug.cgi?id=2160152)
- [sshd,ssh,timesync - Unexpected templating type error - expected str instance, int found](https://bugzilla.redhat.com/show_bug.cgi?id=2129401)
- [tlog - Unconditionally enable the files provider](https://bugzilla.redhat.com/show_bug.cgi?id=2153043)
[1.20.1] - 2022-09-27
----------------------------
### New Features
- [ssh,sshd - Sync on final OpenSSH option name RequiredRSASize in ssh and sshd roles](https://bugzilla.redhat.com/show_bug.cgi?id=2129873)
### Bug Fixes
- none
[1.20.0] - 2022-08-05 [1.20.0] - 2022-08-05
---------------------------- ----------------------------

1
SOURCES/CHANGELOG.rst Normal file
View File

@ -0,0 +1 @@
See docs/CHANGELOG.md

10
SOURCES/extrasources.inc Normal file
View File

@ -0,0 +1,10 @@
Source801: https://galaxy.ansible.com/download/ansible-posix-1.5.1.tar.gz
Source901: https://galaxy.ansible.com/download/community-general-6.3.0.tar.gz
Source902: https://galaxy.ansible.com/download/containers-podman-1.10.1.tar.gz
Provides: bundled(ansible-collection(ansible.posix)) = 1.5.1
Provides: bundled(ansible-collection(community.general)) = 6.3.0
Provides: bundled(ansible-collection(containers.podman)) = 1.10.1
Source996: CHANGELOG.rst
Source998: collection_readme.sh

View File

@ -1,65 +0,0 @@
From d6c8319f52f3859b28044841063adf0013df878b Mon Sep 17 00:00:00 2001
From: Rich Megginson <rmeggins@redhat.com>
Date: Thu, 25 Mar 2021 13:57:45 -0600
Subject: [PATCH 3/4] Patch53: network-disable-bondtests.diff
---
tests/playbooks/tests_bond.yml | 2 ++
tests/playbooks/tests_bond_deprecated.yml | 2 ++
tests/tests_bond_deprecated_initscripts.yml | 1 +
tests/tests_bond_initscripts.yml | 1 +
4 files changed, 6 insertions(+)
diff --git a/tests/playbooks/tests_bond.yml b/tests/playbooks/tests_bond.yml
index 1e45788..d3005a6 100644
--- a/tests/playbooks/tests_bond.yml
+++ b/tests/playbooks/tests_bond.yml
@@ -8,6 +8,8 @@
dhcp_interface1: test1
port2_profile: bond0.1
dhcp_interface2: test2
+ tags:
+ - "tests::expfail"
tasks:
- name: "INIT Prepare setup"
debug:
diff --git a/tests/playbooks/tests_bond_deprecated.yml b/tests/playbooks/tests_bond_deprecated.yml
index f37e19a..ae475c4 100644
--- a/tests/playbooks/tests_bond_deprecated.yml
+++ b/tests/playbooks/tests_bond_deprecated.yml
@@ -8,6 +8,8 @@
dhcp_interface1: test1
port2_profile: bond0.1
dhcp_interface2: test2
+ tags:
+ - "tests::expfail"
tasks:
- name: "INIT Prepare setup"
debug:
diff --git a/tests/tests_bond_deprecated_initscripts.yml b/tests/tests_bond_deprecated_initscripts.yml
index 383b488..cdf3de0 100644
--- a/tests/tests_bond_deprecated_initscripts.yml
+++ b/tests/tests_bond_deprecated_initscripts.yml
@@ -10,6 +10,7 @@
network_provider: initscripts
tags:
- always
+ - "tests::expfail"
- import_playbook: playbooks/tests_bond_deprecated.yml
when: (ansible_distribution in ['CentOS','RedHat'] and
diff --git a/tests/tests_bond_initscripts.yml b/tests/tests_bond_initscripts.yml
index 8fa74c5..6a231c4 100644
--- a/tests/tests_bond_initscripts.yml
+++ b/tests/tests_bond_initscripts.yml
@@ -10,6 +10,7 @@
network_provider: initscripts
tags:
- always
+ - "tests::expfail"
- import_playbook: playbooks/tests_bond.yml
when: (ansible_distribution in ['CentOS','RedHat'] and
--
2.30.2

View File

@ -3,14 +3,13 @@
# ansible-core as a build_dep on RHEL8 # ansible-core as a build_dep on RHEL8
%if 0%{?fedora} || 0%{?rhel} >= 9 %if 0%{?fedora} || 0%{?rhel} >= 9
%bcond_without ansible %bcond_without ansible
%global ansible_build_dep ansible-core >= 2.11.0 %if 0%{?fedora}
BuildRequires: ansible-packaging
%else %else
%if 0%{?rhel} && ! 0%{?epel} BuildRequires: ansible-core >= 2.11.0
%bcond_with ansible
%else
%bcond_without ansible
%global ansible_build_dep ansible >= 2.9.10
%endif %endif
%else
%bcond_with ansible
%endif %endif
%bcond_with collection_artifact %bcond_with collection_artifact
@ -30,23 +29,12 @@ Name: linux-system-roles
%endif %endif
Url: https://github.com/linux-system-roles Url: https://github.com/linux-system-roles
Summary: Set of interfaces for unified system management Summary: Set of interfaces for unified system management
Version: 1.20.0 Version: 1.21.0
Release: 1%{?dist} Release: 2%{?dist}
#Group: Development/Libraries
License: GPLv3+ and MIT and BSD and Python License: GPLv3+ and MIT and BSD and Python
%global installbase %{_datadir}/linux-system-roles
%global _pkglicensedir %{_licensedir}/%{name} %global _pkglicensedir %{_licensedir}/%{name}
%global rolealtprefix linux-system-roles. %global roleinstprefix %{name}.
%global roleprefix %{name}.
%global roleinstprefix %{nil}
%global rolealtrelpath ../../linux-system-roles/
%if 0%{?rhel}
%global roleinstprefix %{roleprefix}
%global installbase %{_datadir}/ansible/roles
%global rolealtrelpath %{nil}
%endif
%if 0%{?rhel} %if 0%{?rhel}
%global collection_namespace redhat %global collection_namespace redhat
%global collection_name rhel_system_roles %global collection_name rhel_system_roles
@ -58,19 +46,25 @@ License: GPLv3+ and MIT and BSD and Python
%global collection_version %{version} %global collection_version %{version}
# Helper macros originally from macros.ansible by Igor Raits <ignatenkobrain> # Helper macros originally from macros.ansible by Igor Raits <ignatenkobrain>
# Not available on RHEL, so we must define those macros locally here without using ansible-galaxy # On RHEL, not available, so we must define those macros locally
# On Fedora, provided by ansible-packager
# Not used (yet). Could be made to point to AH in RHEL - but what about CentOS Stream? # Not used (yet). Could be made to point to AH in RHEL - but what about CentOS Stream?
#%%{!?ansible_collection_url:%%define ansible_collection_url() https://galaxy.ansible.com/%%{collection_namespace}/%%{collection_name}} #%%{!?ansible_collection_url:%%define ansible_collection_url() https://galaxy.ansible.com/%%{collection_namespace}/%%{collection_name}}
%if 0%{?rhel}
%if 0%{?fedora} || 0%{?rhel} >= 8 Provides: ansible-collection(%{collection_namespace}.%{collection_name}) = %{collection_version}
%{!?ansible_collection_files:%define ansible_collection_files %{_datadir}/ansible/collections/ansible_collections/%{collection_namespace}/} %global ansible_collection_files %{_datadir}/ansible/collections/ansible_collections/%{collection_namespace}/
%define ansible_roles_dir %{_datadir}/ansible/roles
%if %{without ansible}
# Untar and copy everything instead of galaxy-installing the built artifact when ansible is not available
%define ansible_collection_build() tar -cf %{_tmppath}/%{collection_namespace}-%{collection_name}-%{version}.tar.gz .
%define ansible_collection_install() mkdir -p %{buildroot}%{ansible_collection_files}%{collection_name}; (cd %{buildroot}%{ansible_collection_files}%{collection_name}; tar -xf %{_tmppath}/%{collection_namespace}-%{collection_name}-%{version}.tar.gz)
%else %else
# Define undefined macro using "!?ansible_collection_files:..." does not work for rhel-7 %define ansible_collection_build() ansible-galaxy collection build
%if %{?ansible_collection_files:0}%{!?ansible_collection_files:1} %define ansible_collection_install() ansible-galaxy collection install -n -p %{buildroot}%{_datadir}/ansible/collections %{collection_namespace}-%{collection_name}-%{version}.tar.gz
%define ansible_collection_files %{_datadir}/ansible/collections/ansible_collections/%{collection_namespace}/
%endif %endif
%endif %endif
# be compatible with the usual Fedora Provides:
Provides: ansible-collection-%{collection_namespace}-%{collection_name} = %{collection_version}-%{release}
# ansible-core is in rhel 8.6 and later - default to ansible-core, but allow # ansible-core is in rhel 8.6 and later - default to ansible-core, but allow
# the use of ansible if present - we may revisit this if the automatic dependency # the use of ansible if present - we may revisit this if the automatic dependency
@ -83,18 +77,6 @@ License: GPLv3+ and MIT and BSD and Python
Requires: (ansible-core >= 2.11.0 or ansible >= 2.9.0) Requires: (ansible-core >= 2.11.0 or ansible >= 2.9.0)
%endif %endif
%if %{with ansible}
BuildRequires: %{ansible_build_dep}
%endif
%if %{without ansible}
# We don't have ansible-galaxy.
# Simply copy everything instead of galaxy-installing the built artifact.
%define ansible_collection_build_install() tar -cf %{_tmppath}/%{collection_namespace}-%{collection_name}-%{version}.tar.gz .; mkdir -p %{buildroot}%{ansible_collection_files}%{collection_name}; (cd %{buildroot}%{ansible_collection_files}%{collection_name}; tar -xf %{_tmppath}/%{collection_namespace}-%{collection_name}-%{version}.tar.gz)
%else
%define ansible_collection_build_install() ansible-galaxy collection build; ansible-galaxy collection install -n -p %{buildroot}%{_datadir}/ansible/collections %{collection_namespace}-%{collection_name}-%{version}.tar.gz
%endif
# For each role, call either defcommit() or deftag(). The other macros # For each role, call either defcommit() or deftag(). The other macros
# (%%id and %%shortid) can be then used in the same way in both cases. # (%%id and %%shortid) can be then used in the same way in both cases.
# This way the rest of the spec file des not need to know whether we are # This way the rest of the spec file des not need to know whether we are
@ -125,88 +107,84 @@ BuildRequires: %{ansible_build_dep}
%%global rolestodir %%{?rolestodir} %%{roletodir%{1}} %%global rolestodir %%{?rolestodir} %%{roletodir%{1}}
} }
#%%defcommit 1 14314822b529520ac12964e0d2938c4bb18ab895 %global mainid d6a8e0167e9ed8d089093b7ead1e298241b534e1
Source: %{url}/auto-maintenance/archive/%{mainid}/auto-maintenance-%{mainid}.tar.gz
# BEGIN AUTOGENERATED SOURCES
%global rolename1 postfix %global rolename1 postfix
%deftag 1 1.2.4 %deftag 1 1.3.3
#%%defcommit 2 9fe6eb36772e83b53dcfb8ceb73608fd4f72eeda
%global rolename2 selinux %global rolename2 selinux
%deftag 2 1.4.0 %deftag 2 1.5.6
#%%defcommit 3 cbe4bf262bffae3bf53e531662237741954c4182
%global rolename3 timesync %global rolename3 timesync
%deftag 3 1.6.9 %deftag 3 1.7.2
#%%defcommit 4 02fc72b482e165472624b2f68eecd2ddce1d93b1
%global rolename4 kdump %global rolename4 kdump
%deftag 4 1.2.5 %deftag 4 1.2.6
#%%defcommit 5 a74092634adfe45f76cf761138abab1811692b4b
%global rolename5 network %global rolename5 network
%deftag 5 1.9.1 %deftag 5 1.11.2
#%%defcommit 6 50d2b8ccc98a8f4cb9d1d550d21adc227181e9fa
%global rolename6 storage %global rolename6 storage
%deftag 6 1.9.1 %deftag 6 1.9.6
#%%defcommit 7 d57caa8ca506d8cbc7ca0f96f7cb62b7e965f163
%global rolename7 metrics %global rolename7 metrics
%deftag 7 1.7.3 %deftag 7 1.8.1
#%%defcommit 8 2b9e53233ee3a68bdb532e62f289733e436a6106
%global rolename8 tlog %global rolename8 tlog
%deftag 8 1.2.9 %deftag 8 1.2.11
#%%defcommit 9 9373303b98e09ef38df7afc8d06e5e55812096c7
%global rolename9 kernel_settings %global rolename9 kernel_settings
%deftag 9 1.1.10 %deftag 9 1.1.11
#%%defcommit 10 20dd3e5520ca06dcccaa9b3f1fb428d055e0c23f
%global rolename10 logging %global rolename10 logging
%deftag 10 1.10.0 %deftag 10 1.11.5
#%%defcommit 11 c57d0b1f3384c525738fa26ba4bdca485e162567
%global rolename11 nbde_server %global rolename11 nbde_server
%deftag 11 1.1.5 %deftag 11 1.3.3
#%%defcommit 12 bef2fad5e365712d1f40e53662490ba2550a253f
%global rolename12 nbde_client %global rolename12 nbde_client
%deftag 12 1.2.6 %deftag 12 1.2.10
#%%defcommit 13 310fc53db04e8d3134524afb7a89b0477a2ffb83
%global rolename13 certificate %global rolename13 certificate
%deftag 13 1.1.6 %deftag 13 1.1.9
#%%defcommit 14 b2a9857ac661fa32e66666e444b73bfdb34cdf95
%global rolename14 crypto_policies %global rolename14 crypto_policies
%deftag 14 1.2.6 %deftag 14 1.2.7
%global forgeorg15 https://github.com/willshersystems %global forgeorg15 https://github.com/willshersystems
%global repo15 ansible-sshd %global repo15 ansible-sshd
%global rolename15 sshd %global rolename15 sshd
%defcommit 15 9766d9097a87a130d4c8abde2247aaad5c925ecf %deftag 15 v0.18.1
#%%deftag 15 v0.15.1
#%%defcommit 16 59b9fd7b25607d8bd33bdb082748955f2652846a
%global rolename16 ssh %global rolename16 ssh
%deftag 16 1.1.9 %deftag 16 1.1.12
#%%defcommit 17 f901239cb91878719c9e7461760ef8d4789d626d
%global rolename17 ha_cluster %global rolename17 ha_cluster
%deftag 17 1.7.4 %deftag 17 1.8.7
#%%defcommit 18 5f6cb73e6753fbdbb219b7d3079f0378b2d3bdb3
%global rolename18 vpn %global rolename18 vpn
%deftag 18 1.3.5 %deftag 18 1.5.3
%global rolename19 firewall %global rolename19 firewall
%deftag 19 1.4.0 %deftag 19 1.4.2
%global rolename20 cockpit %global rolename20 cockpit
%deftag 20 1.3.0 %deftag 20 1.4.3
%global rolename21 podman
%deftag 21 1.1.2
%global rolename22 ad_integration
%deftag 22 1.0.2
#%%global rolename23 rhc
#%%deftag 23 1.1.0
%global rolename24 journald
%deftag 24 1.0.0
%global mainid c22eff88d40972158cd5c413b7468b4e904cc76c
Source: %{url}/auto-maintenance/archive/%{mainid}/auto-maintenance-%{mainid}.tar.gz
Source1: %{archiveurl1} Source1: %{archiveurl1}
Source2: %{archiveurl2} Source2: %{archiveurl2}
Source3: %{archiveurl3} Source3: %{archiveurl3}
@ -227,27 +205,18 @@ Source17: %{archiveurl17}
Source18: %{archiveurl18} Source18: %{archiveurl18}
Source19: %{archiveurl19} Source19: %{archiveurl19}
Source20: %{archiveurl20} Source20: %{archiveurl20}
Source21: %{archiveurl21}
Source22: %{archiveurl22}
#Source23: %{archiveurl23}
Source24: %{archiveurl24}
# END AUTOGENERATED SOURCES
# Collection tarballs from Automation Hub # Includes with definitions/tags that differ between RHEL and Fedora
# Not used on Fedora. Source1001: extrasources.inc
Source801: ansible-posix-1.4.0.tar.gz
# Collection tarballs from Galaxy %include %{SOURCE1001}
# Not used on Fedora.
Source901: community-general-5.4.0.tar.gz
# changelog is auto generated on Fedora Source995: CHANGELOG.md
Source996: CHANGELOG.md
# Script to convert spec %changelog into collection CHANGELOG.md
# only used on Fedora
Source997: spec-to-changelog-md.sh
# Script to convert the collection README to Automation Hub.
# Not used on Fedora.
Source998: collection_readme.sh
Patch51: network-disable-bondtests.diff
BuildArch: noarch BuildArch: noarch
@ -264,22 +233,9 @@ BuildRequires: highlight
# Requirements for galaxy_transform.py # Requirements for galaxy_transform.py
BuildRequires: python3 BuildRequires: python3
%if 0%{?fedora} || 0%{?rhel} >= 8 BuildRequires: python%{python3_pkgversion}-ruamel-yaml
BuildRequires: %{py3_dist ruamel.yaml}
%else
BuildRequires: python3-ruamel-yaml
%endif
Obsoletes: rhel-system-roles-techpreview < 1.0-3 # We must put %%description within the if block to avoid empty lines showing up.
%if %{undefined __ansible_provides}
Provides: ansible-collection(%{collection_namespace}.%{collection_name}) = %{collection_version}
%endif
# be compatible with the usual Fedora Provides:
Provides: ansible-collection-%{collection_namespace}-%{collection_name} = %{version}-%{release}
# We need to put %%description within the if block to avoid empty
# lines showing up.
%if 0%{?rhel} %if 0%{?rhel}
%description %description
Collection of Ansible roles and modules that provide a stable and Collection of Ansible roles and modules that provide a stable and
@ -300,11 +256,33 @@ Summary: Collection artifact to import to Automation Hub / Ansible Galaxy
Collection artifact for %{name}. This package contains %{collection_namespace}-%{collection_name}-%{version}.tar.gz Collection artifact for %{name}. This package contains %{collection_namespace}-%{collection_name}-%{version}.tar.gz
%endif %endif
%prep # Fix issue with package update introduce with changing symlink to directory
%setup -q -a1 -a2 -a3 -a4 -a5 -a6 -a7 -a8 -a9 -a10 -a11 -a12 -a13 -a14 -a15 -a16 -a17 -a18 -a19 -a20 -n %{getarchivedir 0} # in 1.21.1-5
%pretrans -p <lua>
roles = {
"certificate", "cockpit", "crypto_policies", "firewall", "ha_cluster",
"kdump", "kernel_settings", "logging", "metrics", "nbde_client",
"nbde_server", "network", "postfix", "selinux", "ssh", "sshd", "storage",
"timesync", "tlog", "vpn"
}
for i,v in ipairs(roles) do
path = "/usr/share/ansible/roles/linux-system-roles." .. v
st = posix.stat(path)
if st and st.type == "link" then
os.remove(path)
end
end
for file in %_sourcedir/*.tar.gz; do %prep
if [[ "$file" =~ %_sourcedir/([^-]+)-([^-]+)-(.+).tar.gz ]]; then # BEGIN AUTOGENERATED SETUP
#%%setup -q -a1 -a2 -a3 -a4 -a5 -a6 -a7 -a8 -a9 -a10 -a11 -a12 -a13 -a14 -a15 -a16 -a17 -a18 -a19 -a20 -a21 -a22 -a23 -a24 -n %{getarchivedir 0}
%setup -q -a1 -a2 -a3 -a4 -a5 -a6 -a7 -a8 -a9 -a10 -a11 -a12 -a13 -a14 -a15 -a16 -a17 -a18 -a19 -a20 -a21 -a22 -a24 -n %{getarchivedir 0}
# END AUTOGENERATED SETUP
%if 0%{?rhel}
# Untar vendored collection tarballs to corresponding directories
for file in %{SOURCE801} %{SOURCE901} %{SOURCE902}; do
if [[ "$(basename $file)" =~ ([^-]+)-([^-]+)-(.+).tar.gz ]]; then
ns=${BASH_REMATCH[1]} ns=${BASH_REMATCH[1]}
name=${BASH_REMATCH[2]} name=${BASH_REMATCH[2]}
ver=${BASH_REMATCH[3]} ver=${BASH_REMATCH[3]}
@ -314,6 +292,7 @@ for file in %_sourcedir/*.tar.gz; do
popd > /dev/null popd > /dev/null
fi fi
done done
%endif
declare -A ROLESTODIR=(%{rolestodir}) declare -A ROLESTODIR=(%{rolestodir})
for rolename in %{rolenames}; do for rolename in %{rolenames}; do
@ -330,16 +309,15 @@ for rolename in %{rolenames}; do
mv "$dir_from_archive" ${rolename} mv "$dir_from_archive" ${rolename}
done done
%if 0%{?rhel}
cd %{rolename2}/tests cd %{rolename2}/tests
# this test causes avcs we want to ignore # this test causes avcs we want to ignore
sed -r -i -e '/hosts: all/a\ sed -r -i -e '/hosts: all/a\
tags:\ tags:\
- tests::avc' tests_selinux_disabled.yml - tests::avc' tests_selinux_disabled.yml
cd ../.. cd ../..
%endif
cd %{rolename5}
%patch51 -p1
cd ..
cd %{rolename15} cd %{rolename15}
find -P tests examples -name \*.yml | while read file; do find -P tests examples -name \*.yml | while read file; do
sed -r -i -e "s/ansible-sshd/linux-system-roles.sshd/" \ sed -r -i -e "s/ansible-sshd/linux-system-roles.sshd/" \
@ -368,7 +346,7 @@ cd ..
# - library: # - library:
# - Module selinux and seboolean for the selinux role # - Module selinux and seboolean for the selinux role
# - Module mount for the storage role # - Module mount for the storage role
declare -A module_map=( ["selinux.py"]="selinux" ["seboolean.py"]="selinux" ["mount.py"]="storage" ) declare -A module_map=( ["selinux.py"]="selinux" ["seboolean.py"]="selinux" ["mount.py"]="storage" )
for module in "${!module_map[@]}"; do for module in "${!module_map[@]}"; do
role="${module_map[${module}]}" role="${module_map[${module}]}"
if [ ! -d $role/library ]; then if [ ! -d $role/library ]; then
@ -388,14 +366,15 @@ for module in "${!module_map[@]}"; do
mkdir -p $role/module_utils/${role}_lsr mkdir -p $role/module_utils/${role}_lsr
fi fi
cp -pL .external/ansible/posix/plugins/module_utils/$module $role/module_utils/${role}_lsr/$module cp -pL .external/ansible/posix/plugins/module_utils/$module $role/module_utils/${role}_lsr/$module
sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' $role/library/$module
done done
# community.general: # community.general:
# - library: # - library:
# - Module seport, sefcontext and selogin for the selinux role rolename2 # - Module seport, sefcontext and selogin for the selinux role rolename2
# - Module ini_file for role tlog # - Module ini_file for role tlog
module_map=( ["seport.py"]="selinux" ["sefcontext.py"]="selinux" ["selogin.py"]="selinux" ["ini_file.py"]="tlog" ) # - rhc modules
# ["redhat_subscription.py"]="rhc" ["rhsm_release.py"]="rhc" ["rhsm_repository.py"]="rhc" )
module_map=( ["seport.py"]="selinux" ["sefcontext.py"]="selinux" ["selogin.py"]="selinux" ["ini_file.py"]="tlog" )
for module in "${!module_map[@]}"; do for module in "${!module_map[@]}"; do
role="${module_map[${module}]}" role="${module_map[${module}]}"
if [ ! -d $role/library ]; then if [ ! -d $role/library ]; then
@ -413,13 +392,52 @@ for module in "${!module_map[@]}"; do
ls -alrtF $role/library/$module ls -alrtF $role/library/$module
sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' $role/library/$module sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' $role/library/$module
done done
%endif
# containers.podman:
# - library:
# - Module podman_container_info, podman_image and podman_play for the podman role
module_map=( ["podman_container_info.py"]="podman" ["podman_image.py"]="podman" ["podman_play.py"]="podman" )
for module in "${!module_map[@]}"; do
role="${module_map[${module}]}"
if [ ! -d $role/library ]; then
mkdir $role/library
fi
moduledir=.external/containers/podman/plugins/modules
cp -pL $moduledir/$module $role/library/$module
ls -alrtF $role/library/$module
sed -i -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this module directly! It is only for role internal use.\n\1/' \
-e "s/ansible_collections.containers.podman.plugins.module_utils.podman/ansible.module_utils.${role}_lsr/" \
$role/library/$module
done
# containers.podman:
# - module_utils:
# - Module_util common for the podman role
module_map=( ["common.py"]="podman" )
for module in "${!module_map[@]}"; do
role="${module_map[${module}]}"
if [ ! -d $role/module_utils/${role}_lsr ]; then
mkdir -p $role/module_utils/${role}_lsr
fi
cp -pL .external/containers/podman/plugins/module_utils/podman/$module $role/module_utils/${role}_lsr/$module
done
# remove the temporary .external directory after vendoring
rm -rf .external
# Replacing "linux-system-roles.rolename" with "rhel-system-roles.rolename" in each role # Replacing "linux-system-roles.rolename" with "rhel-system-roles.rolename" in each role
%if "%{roleprefix}" != "linux-system-roles." # Replacing "fedora.linux_system_roles." with "redhat.rhel_system_roles" in each role
# This is for the "roles calling other roles" case
# for podman, change the FQCN - using a non-FQCN module name doesn't seem to work,
# even for the legacy role format
# replace community.general for rhc
for rolename in %{rolenames}; do for rolename in %{rolenames}; do
find $rolename -type f -exec \ find $rolename -type f -exec \
sed "s/linux-system-roles[.]${rolename}\\>/%{roleprefix}${rolename}/g" -i {} \; sed -e "s/linux-system-roles[.]${rolename}\\>/%{roleinstprefix}${rolename}/g" \
-e "s/fedora[.]linux_system_roles[.]/%{collection_namespace}.%{collection_name}./g" \
-e "s/containers[.]podman[.]/%{collection_namespace}.%{collection_name}./g" \
-e "s/community[.]general[.]/%{collection_namespace}.%{collection_name}./g" \
-i {} \;
done done
%endif %endif
@ -482,13 +500,20 @@ for role in %{rolenames}; do
includes="$includes --include $role" includes="$includes --include $role"
%if 0%{?rhel} %if 0%{?rhel}
# we vendor-in all of the dependencies on rhel, so remove them # we vendor-in all of the dependencies on rhel, so remove them
rm -f "$role/meta/requirements.yml" "$role/meta/collection-requirements.yml" rm -f "$role/meta/requirements.yml" "$role/meta/collection-requirements.yml" \
"$role/tests/collection-requirements.yml"
%endif %endif
done done
LANG=en_US.utf-8 LC_ALL=en_US.utf-8 python3 release_collection.py --galaxy-yml galaxy.yml \ # do not process changelogs on RHEL
%if 0%{?rhel}
extra_mapping="--extra-mapping fedora.linux_system_roles:%{collection_namespace}.%{collection_name}"
%else
extra_mapping=""
%endif
LANG=C.utf-8 LC_ALL=C.utf-8 python3 release_collection.py --galaxy-yml galaxy.yml \
--src-path $(pwd) --dest-path $(pwd)/.collections $includes --force --no-update \ --src-path $(pwd) --dest-path $(pwd)/.collections $includes --force --no-update \
--src-owner %{name} --skip-git --skip-check --debug --src-owner %{name} --skip-git --skip-check --skip-changelog $extra_mapping --debug
# Remove table of contents from logging README.md # Remove table of contents from logging README.md
# It is not needed for html and AH/Galaxy # It is not needed for html and AH/Galaxy
@ -504,51 +529,61 @@ for role in %{rolenames}; do
.collections/ansible_collections/%{collection_namespace}/%{collection_name}/roles/$role/README.md .collections/ansible_collections/%{collection_namespace}/%{collection_name}/roles/$role/README.md
done done
# Remove test only collection dependencies
# NOTE: These should not be in meta/collection-requirements.yml, they should be
# in tests/collection-requirements.yml, but they can't be moved yet
sed -i -e '/community[.]mysql:/d' -e '/community[.]postgresql:/d' \
.collections/ansible_collections/%{collection_namespace}/%{collection_name}/galaxy.yml
cp %{SOURCE995} \
.collections/ansible_collections/%{collection_namespace}/%{collection_name}/docs/CHANGELOG.md
%if 0%{?rhel} %if 0%{?rhel}
cp %{SOURCE996} \ cp %{SOURCE996} \
.collections/ansible_collections/%{collection_namespace}/%{collection_name}/docs/CHANGELOG.md .collections/ansible_collections/%{collection_namespace}/%{collection_name}/CHANGELOG.rst
%else
# Build the collection CHANGELOG.md
%{SOURCE997} %{_specdir}/%{name}.spec \
.collections/ansible_collections/%{collection_namespace}/%{collection_name}/docs/CHANGELOG.md
%endif %endif
# Build the collection
pushd .collections/ansible_collections/%{collection_namespace}/%{collection_name}/
%ansible_collection_build
popd
%install %install
mkdir -p $RPM_BUILD_ROOT%{installbase} mkdir -p %{buildroot}%{ansible_roles_dir}
mkdir -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles
for role in %{rolenames}; do for role in %{rolenames}; do
cp -pR "$role" "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role" cp -pR "$role" "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role"
done done
%if 0%{?rolealtprefix:1} %if 0%{?rhel}
# Create symlinks for roles in /usr/share/ansible/roles/linux-system-roles.$rolename
# That's required to make roles work with upstream naming too
for role in %{rolenames}; do for role in %{rolenames}; do
ln -s "%{rolealtrelpath}%{roleinstprefix}$role" "$RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}$role" ln -s "%{name}.$role" "%{buildroot}%{ansible_roles_dir}/linux-system-roles.$role"
done done
%endif %endif
mkdir -p $RPM_BUILD_ROOT%{_pkglicensedir} mkdir -p %{buildroot}%{_pkglicensedir}
rm $RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}network/examples/roles rm %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}network/examples/roles
for role in %{rolenames}; do for role in %{rolenames}; do
mkdir -p "$RPM_BUILD_ROOT%{_pkgdocdir}/$role" mkdir -p "%{buildroot}%{_pkgdocdir}/$role"
cp -p "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/CHANGELOG.md" \ ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/CHANGELOG.md" \
"$RPM_BUILD_ROOT%{_pkgdocdir}/$role" "%{buildroot}%{_pkgdocdir}/$role"
cp -p "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/README.md" \ ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/README.md" \
"$RPM_BUILD_ROOT%{_pkgdocdir}/$role" "%{buildroot}%{_pkgdocdir}/$role"
%if %{with html} %if %{with html}
cp -p "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/README.html" \ ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/README.html" \
"$RPM_BUILD_ROOT%{_pkgdocdir}/$role" "%{buildroot}%{_pkgdocdir}/$role"
%endif %endif
if [ -f "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/COPYING" ]; then if [ -f "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/COPYING" ]; then
cp -p "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/COPYING" \ ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/COPYING" \
"$RPM_BUILD_ROOT%{_pkglicensedir}/$role.COPYING" "%{buildroot}%{_pkglicensedir}/$role.COPYING"
fi fi
if [ -f "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/LICENSE" ]; then if [ -f "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/LICENSE" ]; then
cp -p "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/LICENSE" \ ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/LICENSE" \
"$RPM_BUILD_ROOT%{_pkglicensedir}/$role.LICENSE" "%{buildroot}%{_pkglicensedir}/$role.LICENSE"
fi fi
if [ -d "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/examples" ]; then if [ -d "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples" ]; then
for file in "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/examples/"*.yml ; do for file in "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples/"*.yml ; do
basename=$(basename "$file" .yml) basename=$(basename "$file" .yml)
newname="$basename" newname="$basename"
if [[ "$newname" != example-* ]]; then if [[ "$newname" != example-* ]]; then
@ -557,57 +592,58 @@ for role in %{rolenames}; do
if [[ "$newname" != *-playbook ]]; then if [[ "$newname" != *-playbook ]]; then
newname="${newname}-playbook" newname="${newname}-playbook"
fi fi
cp "$file" "$RPM_BUILD_ROOT%{_pkgdocdir}/$role/${newname}.yml" cp "$file" "%{buildroot}%{_pkgdocdir}/$role/${newname}.yml"
rm "$file" rm "$file"
done done
if [ -f "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/examples/inventory" ]; then if [ -f "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples/inventory" ]; then
cp "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/examples/inventory" \ cp "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples/inventory" \
"$RPM_BUILD_ROOT%{_pkgdocdir}/$role/example-inventory" "%{buildroot}%{_pkgdocdir}/$role/example-inventory"
rm "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/examples/inventory" rm "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples/inventory"
fi fi
# special case for network # special case for network
# this will error if the directory is unexpectedly empty # this will error if the directory is unexpectedly empty
rmdir "$RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}$role/examples" rmdir "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples"
fi fi
done done
rm $RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}*/semaphore rm %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}*/semaphore
rm -r $RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}*/molecule rm -r %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}*/molecule
rm -r $RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}*/.[A-Za-z]* rm -r %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}*/.[A-Za-z]*
rm $RPM_BUILD_ROOT%{installbase}/%{roleinstprefix}*/tests/.git* rm %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}*/tests/.git*
# NOTE: sshd/examples/example-root-login.yml is # NOTE: sshd/examples/example-root-login.yml is
# referenced in the configuring-openssh-servers-using-the-sshd-system-role documentation module # referenced in the configuring-openssh-servers-using-the-sshd-system-role documentation module
# must be updated if changing the file path # must be updated if changing the file path
# Install the collection
pushd .collections/ansible_collections/%{collection_namespace}/%{collection_name}/ pushd .collections/ansible_collections/%{collection_namespace}/%{collection_name}/
%ansible_collection_build_install %ansible_collection_install
popd popd
mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/collection mkdir -p %{buildroot}%{_pkgdocdir}/collection
mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/collection/roles mkdir -p %{buildroot}%{_pkgdocdir}/collection/roles
cp -p %{buildroot}%{ansible_collection_files}%{collection_name}/README.md \ ln -sr %{buildroot}%{ansible_collection_files}%{collection_name}/README.md \
$RPM_BUILD_ROOT%{_pkgdocdir}/collection %{buildroot}%{_pkgdocdir}/collection
for rolename in %{rolenames}; do for rolename in %{rolenames}; do
for file in CHANGELOG.md README.md; do for file in CHANGELOG.md README.md; do
if [ -f %{buildroot}%{ansible_collection_files}%{collection_name}/roles/${rolename}/$file ]; then if [ -f %{buildroot}%{ansible_collection_files}%{collection_name}/roles/${rolename}/$file ]; then
if [ ! -d $RPM_BUILD_ROOT%{_pkgdocdir}/collection/roles/${rolename} ]; then if [ ! -d %{buildroot}%{_pkgdocdir}/collection/roles/${rolename} ]; then
mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/collection/roles/${rolename} mkdir -p %{buildroot}%{_pkgdocdir}/collection/roles/${rolename}
fi fi
cp -p %{buildroot}%{ansible_collection_files}%{collection_name}/roles/${rolename}/$file \ ln -sr %{buildroot}%{ansible_collection_files}%{collection_name}/roles/${rolename}/$file \
$RPM_BUILD_ROOT%{_pkgdocdir}/collection/roles/${rolename} %{buildroot}%{_pkgdocdir}/collection/roles/${rolename}
fi fi
done done
done done
%if %{with html} %if %{with html}
# converting README.md to README.html for collection in $RPM_BUILD_ROOT%{_pkgdocdir}/collection # converting README.md to README.html for collection in %%{buildroot}%%{_pkgdocdir}/collection
readmes="$RPM_BUILD_ROOT%{_pkgdocdir}/collection/README.md" readmes="%{buildroot}%{_pkgdocdir}/collection/README.md"
for role in %{rolenames}; do for role in %{rolenames}; do
readmes="${readmes} $RPM_BUILD_ROOT%{_pkgdocdir}/collection/roles/${role}/README.md" readmes="${readmes} %{buildroot}%{_pkgdocdir}/collection/roles/${role}/README.md"
done done
sh md2html.sh $readmes sh md2html.sh $readmes
%endif %endif
@ -615,21 +651,21 @@ sh md2html.sh $readmes
%if %{with collection_artifact} %if %{with collection_artifact}
# Copy collection artifact to /usr/share/ansible/collections/ for collection-artifact # Copy collection artifact to /usr/share/ansible/collections/ for collection-artifact
pushd .collections/ansible_collections/%{collection_namespace}/%{collection_name}/ pushd .collections/ansible_collections/%{collection_namespace}/%{collection_name}/
if [ -f %{collection_namespace}-%{collection_name}-%{version}.tar.gz ]; then
mv %{collection_namespace}-%{collection_name}-%{version}.tar.gz \ mv %{collection_namespace}-%{collection_name}-%{version}.tar.gz \
$RPM_BUILD_ROOT%{_datadir}/ansible/collections/ %{buildroot}%{_datadir}/ansible/collections/
fi
popd popd
%endif %endif
# generate the %files section in the file files_section.txt # Generate the %%files section in files_section.txt
# Bulk files inclusion is not possible because roles store doc and licence
# files together with other files
format_item_for_files() { format_item_for_files() {
# $1 is directory or file name in buildroot # $1 is directory or file name in buildroot
# $2 - if true, and item is a directory, use %dir # $2 - if true, and item is a directory, use %%dir
local item local item
local files_item local files_item
item="$1" item="$1" # full path including buildroot
files_item=${item##"%{buildroot}"} files_item=${item##"%{buildroot}"} # path with cut buildroot to be added to %%files
if [ -L "$item" ]; then if [ -L "$item" ]; then
echo "$files_item" echo "$files_item"
elif [ -d "$item" ]; then elif [ -d "$item" ]; then
@ -642,14 +678,14 @@ format_item_for_files() {
fi fi
elif [[ "$item" == */README.md ]] || [[ "$item" == */README.html ]] || [[ "$item" == */CHANGELOG.md ]]; then elif [[ "$item" == */README.md ]] || [[ "$item" == */README.html ]] || [[ "$item" == */CHANGELOG.md ]]; then
if [[ "$item" == */private_* ]]; then if [[ "$item" == */private_* ]]; then
# mark as regular file, not %doc # mark as regular file, not %%doc
echo "$files_item" echo "$files_item"
else else
echo "%doc $files_item" echo "%doc $files_item"
fi fi
elif [[ "$item" != */COPYING* ]] && [[ "$item" != */LICENSE* ]]; then elif [[ "$item" == */COPYING* ]] || [[ "$item" == */LICENSE* ]]; then
# Avoid dynamically using the license macro since the license macro echo "%""%""license" "$files_item"
# is replaced with the value of License directive in the older rpmbuild. else
echo "$files_item" echo "$files_item"
fi fi
} }
@ -657,15 +693,7 @@ format_item_for_files() {
files_section=files_section.txt files_section=files_section.txt
rm -f $files_section rm -f $files_section
touch $files_section touch $files_section
%if %{without ansible} # Dynamically generate files section entries for %%{ansible_collection_files}
echo '%dir %{_datadir}/ansible' >> $files_section
echo '%dir %{_datadir}/ansible/roles' >> $files_section
%endif
%if "%{installbase}" != "%{_datadir}/ansible/roles"
echo '%dir %{installbase}' >> $files_section
%endif
echo '%dir %{ansible_collection_files}' >> $files_section
echo '%dir %{ansible_collection_files}%{collection_name}' >> $files_section
find %{buildroot}%{ansible_collection_files}%{collection_name} -mindepth 1 -maxdepth 1 | \ find %{buildroot}%{ansible_collection_files}%{collection_name} -mindepth 1 -maxdepth 1 | \
while read item; do while read item; do
if [[ "$item" == */roles ]]; then if [[ "$item" == */roles ]]; then
@ -681,7 +709,8 @@ find %{buildroot}%{ansible_collection_files}%{collection_name} -mindepth 1 -maxd
fi fi
done done
find %{buildroot}%{installbase} -mindepth 1 -maxdepth 1 | \ # Dynamically generate files section entries for %%{ansible_roles_dir}
find %{buildroot}%{ansible_roles_dir} -mindepth 1 -maxdepth 1 | \
while read item; do while read item; do
if [ -d "$item" ]; then if [ -d "$item" ]; then
format_item_for_files "$item" true >> $files_section format_item_for_files "$item" true >> $files_section
@ -692,48 +721,23 @@ find %{buildroot}%{installbase} -mindepth 1 -maxdepth 1 | \
format_item_for_files "$item" >> $files_section format_item_for_files "$item" >> $files_section
fi fi
done done
if [ "%{installbase}" != "%{_datadir}/ansible/roles" ]; then
find %{buildroot}%{_datadir}/ansible/roles -mindepth 1 -maxdepth 1 | \
while read item; do
if [ -d "$item" ]; then
format_item_for_files "$item" true >> $files_section
find "$item" -mindepth 1 -maxdepth 1 | while read roles_item; do
format_item_for_files "$roles_item" >> $files_section
done
else
format_item_for_files "$item" >> $files_section
fi
done
fi
# cat files_section.txt
# done with files_section.txt generation
%files -f files_section.txt %files -f files_section.txt
%{_pkgdocdir}/*/CHANGELOG.md %dir %{_datadir}/ansible
%{_pkgdocdir}/*/README.md %dir %{ansible_roles_dir}
%if %{with html} %dir %{ansible_collection_files}
%{_pkgdocdir}/*/README.html %dir %{ansible_collection_files}%{collection_name}
%endif %doc %{_pkgdocdir}
%{_pkgdocdir}/*/example-* %license %{_pkglicensedir}
%{_pkgdocdir}/collection/roles/*/CHANGELOG.md
%{_pkgdocdir}/collection/roles/*/README.md %if 0%{?rhel} && 0%{?rhel} < 8
%if %{with html}
%{_pkgdocdir}/collection/roles/*/README.html
%endif
%license %{_pkglicensedir}/*
%license %{installbase}/*/COPYING*
%license %{installbase}/*/LICENSE*
%license %{ansible_collection_files}/%{collection_name}/COPYING*
%license %{ansible_collection_files}/%{collection_name}/LICENSE*
%if 0%{?rhel} < 8
# Needs to list excluded files in this hardcoded style since when # Needs to list excluded files in this hardcoded style since when
# format_item_for_files is executed, brp-python-bytecompile is not # format_item_for_files is executed, brp-python-bytecompile is not
# executed yet. # executed yet.
%exclude %{installbase}/*/*.py? %exclude %{ansible_roles_dir}/*/*.py?
%exclude %{installbase}/*/*/*.py? %exclude %{ansible_roles_dir}/*/*/*.py?
%exclude %{installbase}/*/*/*/*.py? %exclude %{ansible_roles_dir}/*/*/*/*.py?
%exclude %{installbase}/*/*/*/*/*.py? %exclude %{ansible_roles_dir}/*/*/*/*/*.py?
%exclude %{ansible_collection_files}/%{collection_name}/*/*/*.py? %exclude %{ansible_collection_files}/%{collection_name}/*/*/*.py?
%exclude %{ansible_collection_files}/%{collection_name}/*/*/*/*.py? %exclude %{ansible_collection_files}/%{collection_name}/*/*/*/*.py?
%exclude %{ansible_collection_files}/%{collection_name}/*/*/*/*/*.py? %exclude %{ansible_collection_files}/%{collection_name}/*/*/*/*/*.py?
@ -745,6 +749,121 @@ fi
%endif %endif
%changelog %changelog
* Wed Feb 22 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-2
- Resolves:rhbz#2141330 : rhc - new role for subscription management/registration/insights
- remove role until https://bugzilla.redhat.com/show_bug.cgi?id=2171829 is fixed
* Mon Feb 20 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-1
- Resolves:rhbz#2168735 : network - RedHat Role rhel-system-roles.network should route traffic via correct bond
* Thu Feb 16 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.19
- Resolves:rhbz#2141330 : rhc - new role for subscription management/registration/insights
- vendor in modules required by rhc role
- Resolves:rhbz#2167528 : ha_cluster - Fix stonith watchdog timeout
* Wed Feb 15 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.18
- Resolves:rhbz#2141330 : rhc - new role for subscription management/registration/insights
- ad_integration - fix issue with using the network role to configure DNS
* Thu Feb 09 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.17
- Resolves:rhbz#2160152 : selinux - managing modules is not idempotent
- Fix nbde_server test issue
* Fri Feb 03 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.16
- Resolves:rhbz#2165175 : journald - New role - journald - manage systemd-journald
- Resolves:rhbz#2162782 : nbde_client - nbde_client_clevis fails with a traceback and prints sensitive data
- Resolves:rhbz#2160152 : selinux - managing modules is not idempotent
- fix storage tests_swap and tests_misc - swap size < 128GB on EL7
- fix podman general-meta issue
- ha_cluster non-x86_64 tests issue
- certificate non-x86_64 tests issue
* Fri Jan 20 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.15
- Resolves:rhbz#2149678 : Synchronize automation-related changes from Fedora spec file
- Resolves:rhbz#2100559 : network - role should support running tests with ANSIBLE_GATHERING=explicit
- Fix ansible-test issues in several roles
- Fix nbde_server tang test failure
* Fri Jan 13 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.14
- Resolves:rhbz#2140804 : ha_cluster - Allow quorum device configuration
- Resolves:rhbz#2153030 : ha_cluster - Allow enabled SBD on disabled cluster
- Resolves:rhbz#2143816 : ha_cluster - use no_log in tasks looping over pot. secret parameters
- community.general 6.2.0
- replace community.general with namespace.name for rhc role
* Thu Dec 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.13
- Resolves:rhbz#2143246 : storage - [RHEL9] ansible.parsing.yaml.objects.AnsibleUnicode object' has no attribute 'bytes'
- Resolves:rhbz#2128467 : storage - [RHEL9] disks_needed need to be set for the raid test cases
- Resolves:rhbz#2123594 : storage - [RHEL9 system role] storage role vdo tests failed about "VDO deduplication is off but it should not"
- Resolves:rhbz#2153660 : storage - [RHEL9] tests_create_thinp_then_remove_scsi_generated.yml failed at "assertion": "(storage_test_expected_size|int - storage_test_actual_size.bytes)|abs / storage_test_expected_size|int < 0.01"
* Thu Dec 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.12
- Resolves:rhbz#2153043 - tlog - Unconditionally enable the files provider
* Tue Dec 13 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.11
- Resolves:rhbz#2130357 : logging - [RFE] convert logging role to use firewall, selinux role, and certificate role
fix basic-smoke-test failures
* Mon Dec 12 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.10
- Resolves:rhbz#2130010 : ha_cluster - [RFE] convert ha_cluster role to use firewall, selinux and certificate role
- Resolves:rhbz#2143768 : network - Support cloned MAC address
- Resolves:rhbz#2143427 : podman - [RFE] role for managing podman containers and systemd
* Tue Dec 06 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.9
- Resolves:rhbz#2140795 : ad_integration - [RFE] new role to support AD integration, join to AD domain
* Mon Dec 05 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.8
- Resolves:rhbz#2130357 : logging - [RFE] convert logging role to use firewall, selinux role, and certificate role
fix tests - tests_relp now uses logging_purge_confs
* Tue Nov 29 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.7
- Resolves:rhbz#2126959 : nbde_client - must handle clevis-luks-askpass and clevis-luks-askpass@ systemd unit names
* Tue Nov 29 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.6
- Resolves:rhbz#2133930 : nbde_server - [RFE] convert nbde_server role to use firewall and selinux role
previous fix was not complete - needed additional fixes - ansible-lint 6.x fixes
* Mon Nov 21 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.5
- Resolves:rhbz#2137663 : cockpit - [RFE] convert cockpit role to use firewall, selinux role, and certificate role
fix test issues - use system roles collection for certificate role
make role work with ansible-core 2.14
- Resolves:rhbz#2130357 : logging - [RFE] convert logging role to use firewall, selinux role, and certificate role
fix tests - use getcert stop-tracking for hung tests - increase log test timeout
- Resolves:rhbz#2133528 : metrics - [RFE] convert metrics role to use firewall and selinux role
- Resolves:rhbz#2133930 : nbde_server - [RFE] convert nbde_server role to use firewall and selinux role
- Resolves:rhbz#2130329 : postfix - [RFE] convert postfix role to use firewall and selinux role
- Resolves:rhbz#2119102 : vpn - Add parameters shared_key_content, ike, esp, type, leftid, rightid
- Resolves:rhbz#2130344 : vpn - [RFE] convert vpn role to use firewall and selinux role
* Thu Nov 17 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.4.podman
- Resolves:rhbz#2143427 : podman - [RFE] role for managing podman containers and systemd
fix role tests with podman 4.3, ansible-core 2.14
* Wed Nov 16 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.3.ssh_sshd_selinux_timesync
- Resolves:rhbz#2128843 : selinux - add support for the 'local' parameter
- Resolves:rhbz#2129401 : sshd,ssh,timesync - Unexpected templating type error - expected str instance, int found
- Resolves:rhbz#2130969 : ssh,sshd - Sync on final OpenSSH option name RequiredRSASize in ssh and sshd roles [rhel-9.2.0]
* Tue Nov 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.2.network
- Resolves:rhbz#2134202 : network - [RFE] Support setting the metric of the default route for initscripts provider
- Resolves:rhbz#2133858 : network - [RFE] Support the DNS priority
- Resolves:rhbz#2131293 : network - Support looking up named route table in routing rule
- Resolves:rhbz#2123311 : network - tests_bond_options_nm.yml failing, Cannot find device "nm-bond"
- includes ha_cluster, vpn - README.md had headings that were too long causing problems
for md to adoc to html conversion on el8
- includes changing network role to support ansible-core 2.14
- includes community.general 6.0.1
- adds back network bondtests patch - bond tests still failing in beaker
* Tue Nov 08 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.1.network
- Resolves:rhbz#2134202 : network - [RFE] Support setting the metric of the default route for initscripts provider
- Resolves:rhbz#2133858 : network - [RFE] Support the DNS priority
- Resolves:rhbz#2131293 : network - Support looking up named route table in routing rule
- Resolves:rhbz#2123311 : network - tests_bond_options_nm.yml failing, Cannot find device "nm-bond"
* Tue Sep 27 2022 Rich Megginson <rmeggins@redhat.com> - 1.20.1-1
- Resolves:rhbz#2129873 : ssh,sshd - Sync on final OpenSSH option name RequiredRSASize in ssh and sshd roles
* Thu Aug 04 2022 Rich Megginson <rmeggins@redhat.com> - 1.20.0-1 * Thu Aug 04 2022 Rich Megginson <rmeggins@redhat.com> - 1.20.0-1
- ensure CHANGELOG.md files are marked as doc - ensure CHANGELOG.md files are marked as doc
- Resolves:rhbz#2115152 : cockpit - Add customization of port - Resolves:rhbz#2115152 : cockpit - Add customization of port