Commit Graph

55 Commits

Author SHA1 Message Date
Rich Megginson
611d1d3a0b network role changes for release 1.21.0
network - [RFE] Support setting the metric of the default route for initscripts provider
Resolves:rhbz#2134202

network - [RFE] Support the DNS priority
Resolves:rhbz#2133858

network - Support looking up named route table in routing rule
Resolves:rhbz#2131293

network - tests_bond_options_nm.yml failing, Cannot find device "nm-bond"
Resolves:rhbz#2123311
2022-11-08 15:38:08 -07:00
Rich Megginson
4e1fefa681 Support for CHANGELOG.md; features and fixes for cockpit, logging, firewalll, etc.
cockpit - Add customization of port
Resolves:rhbz#2115152

firewall - RFE: firewall-system-role: add ability to add interface to zone by PCI device ID
Resolves:rhbz#2100942

firewall - support for firewall_config - gather firewall facts
Resolves:rhbz#2115154

logging - [RFE] Support startmsg.regex and endmsg.regex in the files inputs
Resolves:rhbz#2112145

selinux - Added setting of seuser and selevel for completeness
Resolves:rhbz#2115157

nbde_client - Sets proper spacing for parameter rd.neednet=1
Resolves:rhbz#2115156

ssh sshd - ssh, sshd: RSAMinSize parameter definition is missing
Resolves:rhbz#2109998

storage - [RHEL9] [WARNING]: The loop variable 'storage_test_volume' is already in use. You should set the `loop_var` value in the `loop_control` option for the task to something else to avoid variable collisions and unexpected behavior.
Resolves:rhbz#2082736

network - fix IPRouteUtils.get_route_tables_mapping() to accept any whitespace sequence
Resolves:rhbz#2115886
2022-08-09 11:08:23 -06:00
Rich Megginson
4fa14cd469 min_ansible_version; ansible-core 2.13; fixes for several roles - sources and .gitignore
sources and .gitignore

[RHEL9] _storage_test_pool_pvs get wrong data type in  test-verify-pool-members.yml
Resolves: rhbz#2044119

[RFE] [network] Support managing the network through nmstate schema
Resolves: rhbz#2072385

storage - support for adding/removing disks to/from storage pools
Resolves: rhbz#2072742

storage - support for attaching cache volumes to existing volumes
Resolves: rhbz#2072746

crypto_policies - rhel 8.7 default policy is FUTURE not DEFAULT
Resolves: rhbz#2100251

document minimum supported redis version required by rhel-system-roles
Resolves: rhbz#2100286

firewall - support add/modify/delete services
Resolves: rhbz#2100292

metrics - restart pmie, pmlogger if changed, do not wait for handler
Resolves: rhbz#2100294

forward_port should accept list of string or list of dict
Resolves: rhbz#2100605
2022-07-01 11:33:36 -06:00
Rich Megginson
c8b609abd4 sshd - fix ansible 2.9 support in meta/main.yml
sshd - fix ansible 2.9 support in meta/main.yml
Resolves: rhbz#2052086 (9.1.0)
2022-06-15 18:41:42 -06:00
Rich Megginson
62b86a01a8 storage, logging, ha_cluster, sshd - minor issues - sources and .gitignore
sources and .gitignore

storage - fix coverity scan issue in blivet.py
Resolves: rhbz#2072745 (9.1.0)

logging - fix gather_facts/set_vars issue
Resolves: rhbz#2078989 (9.1.0)

ha_cluster - Move tasks that set up CI environment to roles tasks/ dir
Resolves: rhbz#2093438 (9.1.0)

sshd - fix tests issue with rhel9 hosts
2022-06-13 11:05:00 -06:00
Rich Megginson
c4b86a65d4 storage LVM thin pools; striped deprecation; ha_cluster testing; firewall state optional; network testing - sources and .gitignore
sources and .gitignore

storage - support for creating and managing LVM thin pools/LVs
Resolves: rhbz#2072745 (9.1.0)

Update Ansible syntax in Firewall system role README.md file examples
Resolves: rhbz#2094096 (9.1.0)

storage role raid_level "striped" is not supported
Resolves: rhbz#2083410 (9.1.0)

network: the controller device is not completely cleaned up in the bond tests.
Resolves: rhbz#2089872 (9.1.0)

state no longer required for masquerade and ICMP block inversion
Resolves: rhbz#2093423 (9.1.0)

Move tasks that set up CI environment to roles tasks/ dir
Resolves: rhbz#2093438 (9.1.0)
2022-06-09 12:41:18 -06:00
Rich Megginson
60e109848e support gather_facts: false; snapshots; many other fixes, features - sources and .gitignore
sources and .gitignore

[Improvement] Allow System Role to reset to default Firewalld Settings
Resolves: rhbz#2043010

[RFE] add an option to the metrics role to enable postfix metric collection
Resolves: rhbz#2051737

sshd system role should not assume that RHEL 9 /etc/ssh/sshd_config has "Include > /etc/ssh/sshd_config.d/*.conf"
Resolves: rhbz#2052081

sshd system role should be able to optionally manage /etc/ssh/sshd_config on RHEL 9
Resolves: rhbz#2052086

logging tests fail during cleanup if no cloud-init on system
Resolves: rhbz#2058799

Metrics role, with "metrics_from_mssql" option does not configure /var/lib/pcp/pmdas/mssql/mssql.conf on first run
Resolves: rhbz#2060523

timesync: basic-smoke test failure in timesync/tests_ntp.yml
Resolves: rhbz#2060524

kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves: rhbz#2060525

Firewall system role Ansible deprecation warning related to "include"
Resolves: rhbz#2061511

ha_cluster - support advanced corosync configuration
Resolves: rhbz#2065337

network - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065382

Postfix RHEL System Role should provide the ability to replace config and reset configuration back to default [rhel-9.1.0]
Resolves: rhbz#2065383

metrics - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065392

postfix - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065393

bond: fix typo in supporting the infiniband ports in active-backup mode [rhel-9.1.0]
Resolves: rhbz#2065394

pytest failed when running with nm providers in the rhel-8.5 beaker machine [rhel-9.1.0]
Resolves: rhbz#2066911

NBDE client system role does not support servers with static IP addresses [rhel-9.1.0]
Resolves: rhbz#2070462

Tlog role - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default
Resolves: rhbz#2071804

ha_cluster - add support for configuring bundle resources
Resolves: rhbz#2073519

FIPS mode detection in SSHD role is wrong
Resolves: rhbz#2073605

Logging - RFE - support template, severity and facility options
Resolves: rhbz#2075119

All roles should support running with gather_facts: false
Resolves: rhbz#2078989

[RFE] Extend rhel-system-roles.network feature set to support routing rules
Resolves: rhbz#2079622

ha_cluster - support SBD fencing
Resolves: rhbz#2079626

RFE storage Less verbosity by default
Resolves: rhbz#2079627

storage role cannot set mount_options for volumes
Resolves: rhbz#2083376

Rework the infiniband support
Resolves: rhbz#2086965
2022-05-27 09:55:02 -06:00
Rich Megginson
ae192a3465 kernel_settings configobj; timesync service errors on el9 - sources and .gitignore
sources and .gitignore

kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves: rhbz#2060525 (EL9)

timesync: basic-smoke test failure in timesync/tests_ntp.yml
Resolves: rhbz#2060524 (EL9)

(cherry picked from commit 988f534df1b62224443d886c82886190c17060b4)
(cherry picked from commit 0b12f67bdad976eae0a579941c57c78e7e884d25)
2022-03-07 10:34:11 -07:00
Rich Megginson
7c38d9d5f3 firewall - set_default_zone, target immediate; network - fix 802 tests - epel hostapd - sources and .gitignore
sources and .gitignore

firewall - ensure target changes take effect immediately
Resolves: rhbz#2057164 (EL9)

firewall - Firewall RHEL System Role should be able to set default zone
Resolves: rhbz#2022461 (EL9)

network - tests_802_1x_nm, tests_802_1x_updated_nm fails because of missing hostapd in EPEL
Resolves: rhbz#2053861 (EL9)

(cherry picked from commit 777e931108d31a5d8e5af5b0963317acab3905d2)
2022-02-24 07:29:56 -07:00
Rich Megginson
258e73247d ha_cluster permissions; network bonding; some more ansible_managed - sources and .gitignore
sources and .gitignore

ha_cluster - set permissions for haclient group
Resolves: rhbz#2049754 (EL9)

network - Add more bonding options to rhel-system-roles.network
Resolves: rhbz#2054435 (EL9)

network - Fix or remove failing test tests_switch_provider_RHEL9. No package network-scripts available.
Resolves: rhbz#2050362 (EL9)

certificate - should consistently use ansible_managed in hook scripts
Resolves: rhbz#2054368 (EL9)

tlog - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2054367 (EL9)

vpn - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2054369 (EL9)
2022-02-21 11:24:49 -07:00
Richard Megginson
4c27e01955 ha_cluster constraints; network DNS; storage RAID, cached volumes; nbde_client - static IP 2022-02-14 21:26:34 +00:00
Rich Megginson
b6480c7f39 vpn - no filter named vpn_ipaddr; kdump - kdump.service fails; remove collection dependencies
sources and .gitignore

vpn - template error while templating string: no filter named 'vpn_ipaddr'
Resolves: rhbz#2050341 (EL9)

kdump - Unable to start service kdump: Job for kdump.service failed because the control process exited with error code.
Resolves: rhbz#2050419 (EL9)

remove collection dependencies on rhel because we vendor them in

(cherry picked from commit ce975e9c62f2bdd2919f4e6f2edfe955e3a96652)
2022-02-10 15:21:08 -07:00
Rich Megginson
4aee3a6cf3 logging_purge_conf fix; kernel_settings ansible_managed fix; vpn_ipaddr fix - sources and .gitignore
sources and .gitignore

vpn - use custom vpn_ipaddr filter to make role work on RHEL 8.6 with ansible-core
this is covered by "make roles work with ansible-core on all platforms" BZ

logging - Logging role "logging_purge_confs" option not properly working
Resolves: rhbz#2039106

kernel_settings role should use ansible_managed in its configuration file
Resolves: rhbz#2047506

(cherry picked from commit 585bf2b1d94e1e6e14af4451d21652da3c2cd542)
2022-02-01 08:27:51 -07:00
Richard Megginson
679e17907b add cockpit, firewall; ansible 2.12 support; many more enhancements, fixes 2021-12-09 18:51:08 +00:00
Sergei Petrosian
f8c6c6d6e8 Rebase to latest upstream
- Support ansible-core and improve roles:
- selinux: Add support for Rocky Linux 8, fix
ansible_distribution_major_version
  - timesync: Support ansible-core, use ansible_managed | comment
  - kdump: Support ansible-core, use ansible_managed | comment
- network: Support ansible-core; deprecate RHEL 9 in readme; validate
that ipv6_disabled is conflicting with other settings; specify PCI
address to configure profile - adds match and path settings)
- storage: Support ansible-core, add skip checks feature to speed up
the tests
- logging: Support ansible-core, add the `uid` option for
elasticsearch, improve performance, use ansible_manged | comment
  Resolves: rhbz#1990490 (EL9)
  - ssh: Use ansible_manged | comment
  - sshd: Use ansible_managed | comment
  - ha_cluster: Support ansible-core, fix password_hash salt length
- vpn: Support ansible-core, use wait_for_connection instead of
wait_for with ssh
  - ansible_managed | comment BZs:
    Resolves: rhbz#2006230 (EL9)
- untar the collection tarballs and copy the files
- Add vendoring code for rhel / centos
  - selinux: selinux, seboolean, seport, selogin, sefcontext
  - storage: mount
  - vpn: ipaddr
  Resolves: rhbz#2006076 (EL9)
2021-10-26 13:06:59 +02:00
Rich Megginson
d1ef6e6cb9 storage - revert dm-vdo workaround
sources and .gitignore

storage - revert the dm-vdo workaround fix for vdo testing
Resolves: rhbz#1978488 (EL9)

(cherry picked from commit b29d680632243def5f060b223bfacf699c89be70)
2021-08-26 08:22:55 -06:00
Rich Megginson
947b1122b4 logging - Update the certificates copy tasks - sources and .gitignore
logging - Update the certificates copy tasks
Resolves: rhbz#1996777 (EL9)

(cherry picked from commit aa1f94b1aba1ce0d1556589c7cd0789ca044184d)
2021-08-25 09:34:09 -06:00
Rich Megginson
818c68af35 metrics - the bpftrace role does not properly configure bpftrace agent
sources and .gitignore

metrics - the bpftrace role does not properly configure bpftrace agent
Resolves: rhbz#1994180 (EL9)

(cherry picked from commit f4ad485043ea038067343afb52edcad09b732b89)
2021-08-18 17:14:48 -06:00
Rich Megginson
af8f9dcc95 drop support for ansible 2.8; fix sshd el6 bug
sources and .gitignore

drop support for Ansible 2.8 - min_ansible_version is now 2.9
Resolves: rhbz#1989197 (EL9)

sshd - fix rhel6 support - failed to validate: error:Missing Match criteria for all Bad Match condition
Resolves: rhbz#1991598 (EL9)

(cherry picked from commit 7f1d328ac5783bda4c070aa2b68bd5905f6db05c)
2021-08-18 17:11:24 -06:00
Rich Megginson
ce769979cf storage - dm-vdo not found; tests_lvm_errors syntax errors
sources and .gitignore

storage - tests_create_lvmvdo_then_remove fails - Module dm-vdo not found
Resolves: rhbz#1991062 (EL9)

storage - Get syntax errors in tests_lvm_errors.yml
Resolves: rhbz#1991142 (EL9)

(cherry picked from commit e740774d321bbfee57d0c8bb5a46ecb6ef0a95af)
2021-08-18 17:08:21 -06:00
Rich Megginson
92471d9a8f logging, cert - use tar; logging - server_host; logging - py crypto
sources and .gitignore

logging, certificate - Instead of the archive module, use "tar" command for backup.
Resolves: rhbz#1984182 (EL9)

logging - Add a support for list value to server_host in the elasticsearch output
Resolves: rhbz#1986460 (EL9)

logging - tests_relp.yml; Can't detect any of the required Python libraries cryptography (>= 1.2.3) or PyOpenSSL (>= 0.6)
Resolves: rhbz#1989962 (EL9)

(cherry picked from commit 8daf3a42b881852c5d4e75f8255b31dfdc4421d1)
2021-08-08 11:27:22 -06:00
Rich Megginson
c44356213c metrics - Grafana dashboard not working after metrics role run unless services manually restarted
sources and .gitignore
Resolves: rhbz#1984150 (EL9)

(cherry picked from commit f30b3be9623c766d91c6f21fd9eea0f030e0d105)
2021-08-08 11:11:23 -06:00
Rich Megginson
527507bc3b storage - tag tests that use NVME and SCSI - sources and .gitignore
storage - tag tests that use NVME and SCSI
Resolves: rhbz#1988573 (EL9)

(cherry picked from commit fba93165eeb50e0343963d0e7bb19b0f6af825ab)
2021-08-08 10:47:13 -06:00
Rich Megginson
bf969a7c2a sshd - support for rhel9 managed hosts - sources and .gitignore
sshd - support for rhel9 managed hosts
Resolves: rhbz#1989221 (EL9)

(cherry picked from commit c5813f8f5e1ce3f1fecc69913fc7b365a8d996af)
2021-08-04 18:38:10 -06:00
Rich Megginson
6fa0f73cd0 network - no initscripts on el9, restore resolv.conf - storage deadcode issue
sources and .gitignore

network - tests_provider_nm.yml fails with an error: Failure in test 'I can manage a veth interface with NM after I managed it with initscripts.
Resolves: rhbz#1935919

network - _initscripts tests fail because "No package network-scripts available."
Resolves: rhbz#1935916

network - Test tests_bond_initscripts.yml failed to create interface
Resolves: rhbz#1980870

storage - covscan error - DEADCODE - vdopool if create_vdo else parent
Resolves: rhbz#1985571 (EL9)

network - network: tests_bond_initscripts.yml leaves behind unusable resolv.conf in CI

(cherry picked from commit be27c4bdc4eced742a999ee12dbb6bc174cf21dc)
2021-08-04 18:27:47 -06:00
Rich Megginson
d833c892d7 Several fixes - network, certificate, logging, storage, kernel_settings
sources and .gitignore

network - Skip tests on RHEL9 that use hostapd
Resolves: rhbz#1945348
network - Fix the bond test on DHCP
certificate, logging - Use 'tar' command instead of archive module
Resolves: rhbz#1984182 (EL9)
kernel_settings - Disable bootloader testing on EL9
Resolves: rhbz#1944599
logging - Add a support for list value to server_host in the elasticsearch output
Resolves: rhbz#1986460 (EL9)
storage - Add support for percentage-based volume sizes
Resolves: rhbz#1984583 (EL9)
storage -storage_test_actual_size != storage_test_requested_size observed with tests_lvm_auto_size_cap.yml
2021-08-04 17:28:44 -06:00
Rich Megginson
15506c2e6b Error: device becoming unmanaged and pytest not reproducible in tests_integration_pytest.yml
.gitignore and sources

Resolves: rhbz#1985382 (EL9)

EPEL yum repository configuration for tests
Rebasing to latest picks up this fix see rhel7 bz1980439

connections: workaround DeprecationWarning for NM.SettingEthtool.set_feature()
Rebasing to latest picks up this fix

(cherry picked from commit 88167bdae5b04a5feafcec999fdcc0975e1a1219)
2021-08-04 17:09:04 -06:00
Rich Megginson
d4c1cd435f ha_cluster - add pacemaker cluster properties configuration - sources and .gitignore
Resolves: rhbz#1982906 (EL9)
(cherry picked from commit d6c31985abe5a5428b8c833c5a7620192180988c)
2021-08-04 16:53:18 -06:00
Rich Megginson
b520497f16 crypto_policies - rename 'policy modules' to 'subpolicies' - sources and .gitignore
Resolves: rhbz#1982896 (EL9)
(cherry picked from commit 13af44c3868dc219a7600fe3f59228bbccff8ab6)
2021-08-04 16:48:36 -06:00
Richard Megginson
bc37c741bf storage - relabel doesn't support - Fixed volume relabeling 2021-08-04 22:39:11 +00:00
Rich Megginson
e3fcdb94e5 network - fix idempotency; fix bond tests - sources and .gitignore
network - Re-running the network system role results in "changed: true" when nothing has actually changed
  Resolves: rhbz#1980871
network - Test tests_bond_initscripts.yml failed to create interface
  Resolves: rhbz#1980870

(cherry picked from commit a1ac57a77b3e22abbf2c76a2f6163633448e0d57)
2021-08-04 11:01:55 -06:00
Rich Megginson
b21927587a storage - LVMVDO support - sources and .gitignore
Resolves: rhbz#1978488 EL9
(cherry picked from commit 4620521a4a729cb4cadd3d7b2cae703876192e38)
2021-07-09 09:55:27 -06:00
Rich Megginson
dc73167cc9 update sources and .gitignore
ha_cluster - add pacemaker resources configuration
  Resolves: rhbz#1978726
ha_cluster - code cleanup
  Resolves: rhbz#1978731
Postfix RHEL system role README.md missing variables under the "Role Variables" section
  Resolves: rhbz#1978734
logging README.html examples are rendered incorrectly
  Resolves: rhbz#1978758
make postfix role idempotent - round 2
  Resolves: rhbz#1978760
selinux task for semanage says Fedora in name but also runs on RHEL/CentOS 8
  Resolves: rhbz#1978740
metrics role task to enable logging for targeted hosts not working
  Resolves: rhbz#1978746
network - Only show stderr_lines by default
  Resolves: rhbz#1978731
storage - LVMVDO support
  Resolves: rhbz#1978488
storage - fix several linter issues
  Resolves: rhbz#1978731
ssh - Fix variable precedence when invoked through roles
  Resolves: rhbz#1978745
ssh - Update configuration options list for OpenSSH 8.6
  Resolves: rhbz#1978731
sshd - Fix variable precedence when invoked through roles
  Resolves: rhbz#1978745
sshd - Update configuration options list for OpenSSH 8.6
  Resolves: rhbz#1978731
sshd - support for appending a snippet to configuration file
  Resolves: rhbz#1978752
timesync - add NTS support
  Resolves: rhbz#1978753
timesync - rebase to latest
  Resolves: rhbz#1978731
nbde_client - rebase to latest
  Resolves: rhbz#1978731

(cherry picked from commit a4eb732a237001cd33ce062ecbc297e9eb86e638)
2021-07-02 12:27:39 -06:00
Noriko Hosoi
e5a42a3758 Add EL 9 support for timesync and network
Resolves: rhbz#1952887

postfix: Use FQRN in README
  Resolves: rhbz#1958964
2021-06-16 15:34:51 -07:00
Rich Megginson
b3d4ab2c64 sources - Fix HTML rendering of internal links when using pandoc/asciidoc
Uses pandoc gfm instead of markdown_github (1962976)

Related: rhbz#1961404
2021-06-16 15:07:57 -07:00
Noriko Hosoi
533ad2c992 Make spec file available for older versions of OSes. (1970165)
Drop python3-six dependency which was used by lsr_role2collection.py.
Drop html files from rpm if the version has no markdown parser.
Drop unnecessary python scripts which include python3 only code, e.g.,
  f-strings.

  Resolves: rhbz#1961404
2021-06-11 13:34:52 -07:00
Rich Megginson
a1ccf36593 update sources for fix kdump tests_ssh for basic smoke test (1957876)
Resolves: rhbz#1935914
2021-06-11 13:05:38 -07:00
Noriko Hosoi
6611d4664d fix logging README.html examples' rendering problems (1962374)
fix broken internal links in README.md files (1962976)

Fixed the bugs found in the review by @richm.
Bump version to 1.2.1-1.

Related: rhbz#1961404
2021-05-27 13:15:30 -07:00
Sergei Petrosian
2ef139db83 Add the requirement for kramdown for Fedora and RHEL 9 builds
Update mainid to the latest master commit of auto-maintenance

Upload the updated sources file

Separate requirements for galaxy_transform and md2html, fix version

Related: rhbz#1943532
2021-05-25 14:33:36 -07:00
Rich Megginson
781faa9e57 update sources and .gitignore
Related: rhbz#1961404
2021-05-25 14:33:36 -07:00
Noriko Hosoi
49a2f82370 Repacing auto-maintenance tarball with the official one.
Rebase: 1954747

Related: rhbz#1961404
2021-05-25 14:33:36 -07:00
Noriko Hosoi
5bac758698 - Copy auto-mainteannce/lsr_role2collection/collection_requirememts.txt
to the collectino top dir as requirements.txt if the source exists.
  (1954747)
- Copy auto-mainteannce/lsr_role2collection/collection_bindep.txt to the
  collectino top dir as bindep.txt if the source exists. (1954747)

Related: rhbz#1961404
2021-05-25 14:33:36 -07:00
Rich Megginson
fb7d76631e add vpn role source
Rebase: 1943679

Related: rhbz#1961404
2021-05-25 14:33:36 -07:00
Rich Megginson
bc131831ba update sources
Rebase: 1937938

Related: rhbz#1961404
2021-05-25 13:42:19 -07:00
Rich Megginson
df86859bf0 update sources for sshd rebase
Rebase: 1937938

Related: rhbz#1961404
2021-05-25 13:42:11 -07:00
Rich Megginson
e1a7df37f2 update sources for metrics rebase
Rebase: 1937938

Related: rhbz#1961404
2021-05-25 13:42:07 -07:00
Rich Megginson
75bf7dce8c add new postfix source
Rebase: 1937938

Related: rhbz#1961404
2021-05-25 13:41:59 -07:00
Rich Megginson
d30c493bfe update sources for network rebase
Rebase: 1937938, 1939711

Related: rhbz#1961404
2021-05-25 13:41:46 -07:00
Rich Megginson
a902424c1f Update sources for storage rebase
Rebase to latest upstream (1937938)

Related: rhbz#1961404
2021-05-25 13:41:37 -07:00
Rich Megginson
a06bd9db99 add new source
Rebase: 1937938, 1757869, 1848683

Related: rhbz#1961404
2021-05-25 13:41:22 -07:00