Commit Graph

68 Commits

Author SHA1 Message Date
Rich Megginson
3ed9daed62 system roles 1.23.0-4
Resolves: RHEL-58460 : podman - redhat.rhel_system_roles.podman fails to configure and run containers with podman rootless using different username and groupname.
fix issue with podman error removing kube specs on 8.8 and 9.2 managed nodes - covered by tests_basic.yml
https://github.com/linux-system-roles/podman/pull/186
fix issue with missing grubby testing on el8 ostree
https://github.com/linux-system-roles/podman/pull/187
fix issue with podman not working on 8.8/9.2
https://github.com/linux-system-roles/podman/pull/188

(cherry picked from commit 0a5df90210d55c6d10f2d8333997932cb5f1305f)
2024-10-28 18:18:27 -06:00
Rich Megginson
2a13f189be System Roles update for 1.23.0-3
Resolves: RHEL-58465
 - package rhel-system-roles.noarch does not provide docs for ansible-doc [rhel-8.10.z]

Resolves: RHEL-58494
ad_integration - fix: Sets domain name lower case in realmd.conf section header [rhel-8.10.z]

Resolves: RHEL-58917
bootloader - bootloader role tests do not work on ostree [rhel-8.10.z]

Resolves: RHEL-45711
bootloader - fix: Set user.cfg path to /boot/grub2/ on EL 9 UEFI [rhel-8]

Resolves: RHEL-58515
cockpit - cockpit install all wildcard match does not work in newer el9 [rhel-8.10.z]

Resolves: RHEL-58485
logging - RFE - system-roles - logging: Add truncate options for local file inputs [rhel-8.10.z]

Resolves: RHEL-58481
logging - redhat.rhel_system_roles.logging role fails to process logging_outputs: of type: "custom" [rhel-8.10.z]

Resolves: RHEL-58477
logging - [RFE] Add the umask settings or enable a variable in linux-system-roles.logging [rhel-8.10.z]

Resolves: RHEL-37550
logging - Setup imuxsock using rhel-system-roles.logging causing an error EL8

Resolves: RHEL-58519
nbde_client - feat: Allow initrd configuration to be skipped [rhel-8.10.z]

Resolves: RHEL-58525
podman - fix: proper cleanup for networks; ensure cleanup of resources [rhel-8.10.z]

Resolves: RHEL-58511
podman - fix: grab name of network to remove from quadlet file [rhel-8.10.z]

Resolves: RHEL-58507
podman - Create podman secret when skip_existing=True and it does not exist [rhel-8.10.z]

Resolves: RHEL-58503
podman - fix: do not use become for changing hostdir ownership, and expose subuid/subgid info [rhel-8.10.z]

Resolves: RHEL-58498
podman - fix: use correct user for cancel linger file name [rhel-8.10.z]

Resolves: RHEL-58460
podman - redhat.rhel_system_roles.podman fails to configure and run containers with podman rootless using different username and groupname. [rhel-8.10.z]

Resolves: RHEL-58473
sshd - second SSHD service broken [rhel-8.10.z]

Resolves: RHEL-58469
storage - rhel-system-role.storage is not idempotent [rhel-8.10.z]

Resolves: RHEL-58489
timesync - System Roles: No module documentation [rhel-8.10.z]

(cherry picked from commit 350d523452546e35bb0805af9ad9cc74712899d7)
2024-09-24 10:41:54 -06:00
Rich Megginson
641b0decd8 system roles 1.23.0-2.21
Resolves: RHEL-3241 : bootloader - Create bootloader role (MVP)
  fix issue with path on arches other than x86_64, and EFI systems
Resolves: RHEL-15872 : RHEL for Edge support in system roles
  cockpit fixed issue with test cleanup
  postgresql fixed issue with test cleanup
2024-02-26 15:33:39 -07:00
Rich Megginson
f73f382ab3 system roles 1.23.0-2.20
Resolves: RHEL-16965 : rhc - new rhc_insights.display_name parameter
Resolves: RHEL-16553 : snapshot - New Role for storage snapshot management (lvm, etc.)
  fixes error handling
(cherry picked from commit 07470f9223)
2024-02-21 12:50:55 -07:00
Rich Megginson
efd28a9d37 system roles 1.23.0-2.19
Resolves: RHEL-16553 : snapshot - New Role for storage snapshot management (lvm, etc.)
  fixes idempotency, check mode, cleanup, basic-smoke-test
(cherry picked from commit 3559a42c70)
2024-02-20 14:39:44 -07:00
Rich Megginson
d37f683cf7 system roles 1.23.0-2.18
Resolves: RHEL-22229 : podman - user linger needed before secrets
  fixed issue with ANSIBLE_GATHERING=explicit
Resolves: RHEL-5985 : sshd - ansible-sshd Manage SSH certificates
  fixed issue with RHEL7 tests
(cherry picked from commit ae90489135)
2024-02-20 08:26:49 -07:00
Rich Megginson
e525a876d1 system roles 1.23.0-2.17
Resolves: RHEL-25509 : nbde_server - fix: Allow tangd socket override directory to be managed outside of the role
Resolves: RHEL-21491 : network - Add blackhole type route to rhel-system-roles.network
Fixed issues with ANSIBLE_GATHERING=explicit in several roles
Fixed test cleanup issues in several roles

(cherry picked from commit a05f893f8e)
2024-02-15 13:00:29 -07:00
Rich Megginson
54f321fb4d system roles 1.23.0-2.16
Resolves: RHEL-16553 : snapshot - New Role for storage snapshot management (lvm, etc.)
  this is the MVP candidate for the snapshot role
(cherry picked from commit 0e9c4bb314)
2024-02-13 09:27:45 -07:00
Rich Megginson
446e4067f5 system roles 1.23.0-2.15
Resolves: RHEL-22108 : ha_cluster - Setting cluster members' attributes
(cherry picked from commit 049fc8aa31)
2024-02-12 11:38:25 -07:00
Rich Megginson
cd31843bf0 system roles 1.23.0-2.14
Resolves: RHEL-3241 : bootloader - Create bootloader role (MVP)
Resolves: RHEL-21400 : postgresql - unable to install PostgreSQL version 15 on RHEL 9
(cherry picked from commit 3c4fa7e40d)
2024-02-11 12:30:32 -07:00
Rich Megginson
d2d028c473 system roles release 1.23.0-2.13
Resolves: RHEL-16975 : rhc - rhc: new rhc_insights.ansible_host parameter
  Rename test playbook from .yaml to .yml
2024-02-09 17:13:04 -07:00
Rich Megginson
41f5878ad0 system roles release 1.23.0-2.12
Resolves: RHEL-22229 : podman - user linger needed before secrets
(cherry picked from commit 9f56f32207)
2024-02-08 11:51:13 -07:00
Rich Megginson
d1761c9d68 System roles release 1.23.0-2.11
Resolves: RHEL-21400 : postgresql - unable to install PostgreSQL version 15 on RHEL 9
Resolves: RHEL-23309 : storage - tests_lvm_auto_size_cap_nvme_generated failed at "Assert expected size is actual size"
(cherry picked from commit 6a179c582c)
2024-01-31 13:10:00 -07:00
Rich Megginson
9b3122f35e system roles update 1.23.0-2.10
Resolves: RHEL-14022 : storage - Basic support for creating shared logical volumes
GFS2 support in blivet is enabled

(cherry picked from commit 61a3ca5b23)
2024-01-28 11:01:43 -07:00
Rich Megginson
d389b8a689 system roles update 1.23.0-2.9
Resolves: RHEL-21383 : ad_integration - feat: add ad_integration_preserve_authselect_profile
Resolves: RHEL-21134 : ad_integration - feat: Add SSSD parameters support
Resolves: RHEL-21123 : journald - feat: Add support for ForwardToSyslog
Resolves: RHEL-22310 : podman - fix: cast secret data to string in order to allow JSON valued strings
Resolves: RHEL-21402 : podman - fix: name of volume quadlet service should be basename-volume.service
Resolves: RHEL-21400 : postgresql - PostgreSQL system role: unable to install PostgreSQL version 15 on RHEL 9
Resolves: RHEL-16975 : rhc - rhc: new rhc_insights.ansible_host parameter
2024-01-26 13:43:55 -07:00
Packit
ba8868d4c2 system roles update 1.23.0-2.8
Resolves: RHEL-16553 : snapshot - New Role for storage snapshot management (lvm, etc.)
(cherry picked from commit 39903062d5)
2024-01-24 16:12:47 -07:00
Rich Megginson
40de966582 system roles update 1.23.0-2.7
Resolves: RHEL-21946 : keylime_server - won't detect registrar start failure
Add ExcludeArch i686 to fix build issues with ansible-core

(cherry picked from commit 813f94e0f7)
2024-01-19 09:09:00 -07:00
Rich Megginson
9fad0dd0ea system roles update 1.23.0-2.6
Resolves: RHEL-21537 : storage - lvmlockd process is not running - test only
(cherry picked from commit bd67e936b9)
2024-01-18 09:12:47 -07:00
Rich Megginson
b1140e717e system roles update 1.23.0-2.5
Resolves: RHEL-3241 - bootloader - Create bootloader role (MVP)
(cherry picked from commit bea518c9cd)
2024-01-15 16:17:04 -07:00
Rich Megginson
6e095f7bc5 system roles update 1.23.0-2.4
Resolves: RHEL-15872 : RHEL for Edge support in system roles
  updated several roles with ostree improvements
  metrics role support
Resolves: RHEL-16542 : fapolicyd - feat: Import code for fapolicyd system role
  several role improvements
Resolves: RHEL-4684 : ha_cluster - fix: set sbd.service timeout based on SBD_START_DELAY
Resolves: RHEL-19047 : logging - fix: avoid conf of RatelimitBurst when RatelimitInterval is zero
Resolves: RHEL-18170 : metrics - [RFE] Metrics system role support for configuring PMIE webhooks
Resolves: RHEL-19242 : podman - fix: add no_log: true for tasks that can log secret data
Resolves: RHEL-18963 : postgresql - feat: enable using postgresql 16
Resolves: RHEL-16977 : rhc - rhc: support RHEL 7 managed nodes
Resolves: RHEL-19042 : selinux - fix: no longer use "item" as a loop variable
Resolves: RHEL-19044 : selinux - fix: Print an error message when module to be created doesn't exist
Resolves: RHEL-14022 : storage - Basic support for creating shared logical volumes
(cherry picked from commit 709df3b6b5)
2023-12-12 15:43:35 -07:00
Rich Megginson
cac0606edf System Roles update 1.23.0-2.3
Resolves: RHEL-17874
ha_cluster - high-availability firewall service is not added on qdevice node

(cherry picked from commit a2e3bb2669)
2023-12-01 11:22:23 -07:00
Rich Megginson
db49fd5e2a System Roles update 1.23.0-2.2
Resolves: RHEL-15872
RHEL for Edge support in system roles
vpn - fix issue with test cleanup

(cherry picked from commit d276fb22ac)
2023-11-30 18:31:47 -07:00
Rich Megginson
0c792715ec System Roles update 1.23.0-2.1
Resolves: RHEL-15872
RHEL for Edge support in system roles
except for nbde_client, rhc, metrics

Resolves: RHEL-17667
ad_integration - feat: Add sssd custom settings

Resolves: RHEL-16542
fapolicyd - feat: Import code for fapolicyd system role

Resolves: RHEL-14090
ha_cluster - [RFE] HA Cluster system role should be able to enable Resilient Storage repository

Resolves: RHEL-4624
ha_cluster - [FutureFeature] Allow ha_cluster role to configure fencing topology

Resolves: RHEL-3264
ha_cluster - [FutureFeature] Allow ha_cluster role to configure all qdevice options

Resolves: RHEL-3354
kdump - fix: retry read of kexec_crash_size

Resolves: RHEL-15933
logging - feat: Add support for the global config option preserveFQDN with a new logg…

Resolves: RHEL-15440
logging - feat: Add support for general queue and general action parameters

Resolves: RHEL-15038
logging - fix: check that logging_max_message_size is set, not rsyslog_max_message_size

Resolves: RHEL-16501
network - Ansible RHEL network system role issue with ipv6.routing-rules the prefix length for 'from' cannot be zero"

Resolves: RHEL-15871
selinux - fix: Use `ignore_selinux_state` module option

Resolves: RHEL-16213
storage - feat: Support for creating volumes without a FS
2023-11-30 14:38:56 -07:00
Sergei Petrosian
a2c692aac0 Update 1.23.0-2
- Resolves: RHEL-1119 ad_integration: Support for dynamic DNS Updates
  Update to a new version with fixed tests
2023-11-09 14:53:21 +01:00
Sergei Petrosian
2f1534c8c5 Update 1.23.0-1
- Resolves: RHEL-5345 spec - Remove with_html, instead use built-in .README.html
- Resolves: RHEL-5985 ansible-sshd - Manage SSH certificates
- rhbz#2224648: Remove ad_integration patch and use the latest ad_integration
  version instead. Vendor community-general.ini_files for
- RHEL-1119: ad_integration: Support for dynamic DNS Updates
- Change link to open new issue in galaxy.yml from deprecated BZ to Jira
2023-10-27 12:45:09 +02:00
Rich Megginson
44302dfdc5 ad_integration - leaks credentials when in check_mode
Resolves:rhbz#2233183
ad_integration - leaks credentials when in check_mode

(cherry picked from commit 86eefbad8d)
2023-08-22 11:00:20 -06:00
Rich Megginson
958fb35d1f second RC for 1.22.0 rhel 8.9 and 9.3
Resolves:rhbz#2232391
kdump - "Write new authorized_keys if needed" task idempotency issues

Resolves:rhbz#2232392
kdump - system role fails if kdump_ssh_user doesn't have a .ssh/authorized_keys file in home directory

Resolves RHEL-1398
kdump - fix: ensure .ssh directory exists for kdump_ssh_user on kdump_ssh_server

Resolves RHEL-1500
kdump - fix: Ensure authorized_keys management works with multiple hosts

Resolves:rhbz#2224648
firewall - fix: reload on resetting to defaults

Resolves RHEL-1496
firewall - fix: files: overwrite firewalld.conf on previous replaced

Resolves RHEL-1498
storage - fix: use stat.pw_name, stat.gr_name instead of owner, group

  sshd README remove upstream only docs
  first RC for 1.22.0 rhel 8.9 and 9.3
  fix firewall reload test gather facts

(cherry picked from commit a0cc364663)
2023-08-22 10:58:51 -06:00
Rich Megginson
33f14412d7 first RC candidate for 8.9/9.3 - 1.22.0-1
Resolves:rhbz#2224648 : firewall - fix: reload on resetting to defaults
sshd README remove upstream only docs
first RC for 1.22.0 rhel 8.9 and 9.3

(cherry picked from commit 374357ec37)
2023-08-15 11:50:03 -06:00
Rich Megginson
f738dc2b0e podman rootless quadlets, secrets
Resolves:rhbz#2220962
podman - support quadlet units
Fix rootless quadlets, secrets

(cherry picked from commit 05326c5f92)
2023-08-10 08:49:41 -06:00
Rich Megginson
baf1e89675 firewall ipset and tests
firewall - missing module in linux-system-roles.firewall to create an ipset
Resolves:rhbz#2140880

(cherry picked from commit 83fcfac874)
2023-08-09 17:36:08 -06:00
Rich Megginson
d599aa4661 podman, firewall, rhc, kdump updates
podman - use getsubids to look for subuid, subgid for IdM support
Resolves RHEL-866

podman - allow to not pull images, continue if image pull fails
Resolves RHEL-858

firewall - fix: reload on resetting to defaults
Resolves:rhbz#2224648

podman - Podman system role:  Unable to use podman_registries_conf to set unqualified-search-registries
Resolves:rhbz#2226077

firewall - Ansible RHEL firewall system role not idempotent when configuring the interface using the role in rhel9
Resolves RHEL-918

kdump - use failure_action instead of default on EL9 and later
Resolves RHEL-907

firewall - Check mode fails with replacing previous rules
Resolves RHEL-899

rhc - baseurl in rhsm.conf is empty when rhc_baseurl is not specified
Resolves:rhbz#2227823
2023-08-02 07:51:03 -06:00
Rich Megginson
64bc370682 systemd role update
systemd - system role for managing systemd units
Resolves:rhbz#2224388

(cherry picked from commit 9442dd700b)
2023-07-26 07:39:24 -06:00
Rich Megginson
c75138c4e2 keylime_server role
keylime_server - system role for managing keylime servers
Resolves:rhbz#2224387

(cherry picked from commit e349d4a003)
2023-07-25 18:06:58 -06:00
Rich Megginson
bc36408307 new role systemd; fix fact gathering; podman quadlet; others
podman - allow container networking configuration
Resolves:rhbz#2220963

podman - support for healthchecks and healthcheck actions
Resolves:rhbz#2220961

podman - support quadlet units
Resolves:rhbz#2220962

systemd - system role for managing systemd units
Resolves:rhbz#2224388

ALL - facts being gathered unnecessarily
Resolves:rhbz#2223036

certificate - rhel-system-roles.certificate does not re-issue after updating key_size
Resolves:rhbz#2186057

firewall - Check mode fails when creating new firewall service
Resolves:rhbz#2222433

firewall - should have option to disable conflicting services
Resolves:rhbz#2222809

firewall - when firewalld.service is masked, firewall role fails
Resolves:rhbz#2222808

storage - RAID volume pre cleanup - remove existing data from member disks as needed before creation
Resolves:rhbz#2224094
2023-07-21 09:31:16 -06:00
Rich Megginson
90dbc58e6e certificate and network
certificate - add mode parameter to change permissions for cert files
Resolves:rhbz#2218204

network - Support no-aaaa DNS option
Resolves:rhbz#2218595

(cherry picked from commit c8785aa8cd)
2023-07-10 11:38:25 -06:00
Rich Megginson
7d1dd3a5dd certificate and network
certificate - add mode parameter to change permissions for cert files
Resolves:rhbz#2218204

network - Support no-aaaa DNS option
Resolves:rhbz#2218595

(cherry picked from commit 0efeefa594)
2023-07-10 11:38:21 -06:00
Rich Megginson
1e93531073 storage test fix
storage - [RHEL8] Unexpected behavior when creating ext4 filesystem with invalid parameter
Resolves:rhbz#2218899

(cherry picked from commit 92a5021ede)
2023-07-09 18:59:41 -06:00
Rich Megginson
09e3392dac firewall, ssh
ssh - add ssh_backup option with default true
Resolves:rhbz#2216759

firewall - Don't install python(3)-firewall it's a dependency of firewalld
Resolves:rhbz#2216521

(cherry picked from commit 81d4e5f1c1)
2023-06-23 08:53:43 -06:00
Rich Megginson
c0de8af707 storage resize
storage - Storage: mounted devices that are in use cannot be resized
Resolves:rhbz#2168738

(cherry picked from commit f33da7dfae)
2023-06-22 11:52:02 -06:00
Rich Megginson
152e7f8d15 kdump crashkernel
kdump - support auto_reset_crashkernel, dracut_args, deprecate /etc/sysconfig/kdump
Resolves:rhbz#2211272

(cherry picked from commit e8f086ad49)
2023-06-20 13:56:43 -06:00
Rich Megginson
aeb07acc64 ad_integration - add ad_integration_force_rejoin
ad_integration - add ad_integration_force_rejoin
Resolves:rhbz#2211723

(cherry picked from commit b6d3c8974e)
2023-06-07 20:02:08 -06:00
Rich Megginson
97040c488e updates for network, rhc, selinux, storage
network - Support configuring auto-dns setting
Resolves:rhbz#2211273

rhc - implement rhc_proxy.scheme
Resolves:rhbz#2211778

storage - RFE for the storage system role to support configuring the stripe size for RAID LVM volumes
Resolves:rhbz#2141961

selinux - use restorecon -T 0 on supported platforms
Resolves:rhbz#2211271

storage - Failed to commit changes to disk: Failed to format device: Input/output error
Resolves:rhbz#2211247
2023-06-06 17:13:49 -06:00
Rich Megginson
d0b98466e9 storage role update
storage - [RFE] user-specified mount point owner and permissions
Resolves:rhbz#2181661

storage - Cannot set chunk size for RAID: Unsupported parameters for (blivet) module: pools.raid_chunk_size
Resolves:rhbz#2193057

storage - Failed to commit changes to disk: Failed to format device: Input/output error
Resolves:rhbz#2211247

(cherry picked from commit 8a3fe12adc)
2023-05-30 19:19:01 -06:00
Rich Megginson
b5368f3185 updates for gather_facts, rhc insights tags, tlog proxy provider
rhc - system role does not apply Insights tags
Resolves:rhbz#2209441

tlog - use the proxy provider - the files provider is deprecated in sssd
Resolves:rhbz#2191702

roles should support running with gather_facts: false
Resolves:rhbz#2190500

(cherry picked from commit 17eff1975a)
2023-05-30 15:39:13 -06:00
Rich Megginson
4c72d73cf8 Initial official build for 9.3/8.9 - new role postgresql
fingerprint in config files managed by roles
Resolves:rhbz#2186910

ha_cluster - Add possibility to load SBD watchdog kernel modules
Resolves:rhbz#2190478

ha_cluster - support for resource and operation defaults
Resolves:rhbz#2190483

postgresql - [RFE] system role for PostgreSQL management
Resolves:rhbz#2151371

rhc - [RFE] New role for Red Hat subscription management, insights management [rhel-8.9.0]
Resolves:rhbz#2179016

ha_cluster - use pcs to setup qdevice certificates if available
Resolves:rhbz#2190480

spec: Remove doc fragments from vendored modules
Resolves:rhbz#2186198

roles should support running with gather_facts: false
Resolves:rhbz#2190500

use ansible-galaxy collection build/install instead of tar
Resolves:rhbz#2175326

rhc - RHC system role: activation key registration fails if system is already registered
Resolves:rhbz#2186908

selinux - failing test - sshd/tests_firewall_selinux.yml - No package matching 'firewalld' found available, installed or updated
Resolves:rhbz#2190499
2023-05-04 08:43:08 -06:00
CentOS Sources
f322c8d9b2 Auto sync2gitlab import of rhel-system-roles-1.21.1-1.el8_8.src.rpm 2023-03-22 06:10:05 +00:00
Troy Dawson
5d04ffee80 Bring gating.yaml over from Brew dist-git
Signed-off-by: Troy Dawson <tdawson@redhat.com>
2023-03-10 11:23:39 -08:00
CentOS Sources
b47b31b3ef Auto sync2gitlab import of rhel-system-roles-1.21.0-2.el8.src.rpm 2023-02-28 18:15:22 +00:00
James Antill
d339e7e4e4 Import rpm: c8s 2023-02-27 15:19:33 -05:00
CentOS Sources
25555804f9 Auto sync2gitlab import of rhel-system-roles-1.21.0-1.el8.src.rpm 2023-02-22 02:16:28 +00:00