network - [RFE] Support setting the metric of the default route for initscripts provider
Resolves:rhbz#2134202
network - [RFE] Support the DNS priority
Resolves:rhbz#2133858
network - Support looking up named route table in routing rule
Resolves:rhbz#2131293
network - tests_bond_options_nm.yml failing, Cannot find device "nm-bond"
Resolves:rhbz#2123311
cockpit - Add customization of port
Resolves:rhbz#2115152
firewall - RFE: firewall-system-role: add ability to add interface to zone by PCI device ID
Resolves:rhbz#2100942
firewall - support for firewall_config - gather firewall facts
Resolves:rhbz#2115154
logging - [RFE] Support startmsg.regex and endmsg.regex in the files inputs
Resolves:rhbz#2112145
selinux - Added setting of seuser and selevel for completeness
Resolves:rhbz#2115157
nbde_client - Sets proper spacing for parameter rd.neednet=1
Resolves:rhbz#2115156
ssh sshd - ssh, sshd: RSAMinSize parameter definition is missing
Resolves:rhbz#2109998
storage - [RHEL9] [WARNING]: The loop variable 'storage_test_volume' is already in use. You should set the `loop_var` value in the `loop_control` option for the task to something else to avoid variable collisions and unexpected behavior.
Resolves:rhbz#2082736
network - fix IPRouteUtils.get_route_tables_mapping() to accept any whitespace sequence
Resolves:rhbz#2115886
cockpit - Add customization of port
Resolves:rhbz#2115152
firewall - RFE: firewall-system-role: add ability to add interface to zone by PCI device ID
Resolves:rhbz#2100942
firewall - support for firewall_config - gather firewall facts
Resolves:rhbz#2115154
logging - [RFE] Support startmsg.regex and endmsg.regex in the files inputs
Resolves:rhbz#2112145
selinux - Added setting of seuser and selevel for completeness
Resolves:rhbz#2115157
nbde_client - Sets proper spacing for parameter rd.neednet=1
Resolves:rhbz#2115156
ssh sshd - ssh, sshd: RSAMinSize parameter definition is missing
Resolves:rhbz#2109998
storage - [RHEL9] [WARNING]: The loop variable 'storage_test_volume' is already in use. You should set the `loop_var` value in the `loop_control` option for the task to something else to avoid variable collisions and unexpected behavior.
Resolves:rhbz#2082736
network - fix IPRouteUtils.get_route_tables_mapping() to accept any whitespace sequence
Resolves:rhbz#2115886
[RHEL9] _storage_test_pool_pvs get wrong data type in test-verify-pool-members.yml
Resolves: rhbz#2044119
[RFE] [network] Support managing the network through nmstate schema
Resolves: rhbz#2072385
storage - support for adding/removing disks to/from storage pools
Resolves: rhbz#2072742
storage - support for attaching cache volumes to existing volumes
Resolves: rhbz#2072746
crypto_policies - rhel 8.7 default policy is FUTURE not DEFAULT
Resolves: rhbz#2100251
document minimum supported redis version required by rhel-system-roles
Resolves: rhbz#2100286
firewall - support add/modify/delete services
Resolves: rhbz#2100292
metrics - restart pmie, pmlogger if changed, do not wait for handler
Resolves: rhbz#2100294
forward_port should accept list of string or list of dict
Resolves: rhbz#2100605
storage - support for creating and managing LVM thin pools/LVs
Resolves: rhbz#2072745 (9.1.0)
Update Ansible syntax in Firewall system role README.md file examples
Resolves: rhbz#2094096 (9.1.0)
storage role raid_level "striped" is not supported
Resolves: rhbz#2083410 (9.1.0)
network: the controller device is not completely cleaned up in the bond tests.
Resolves: rhbz#2089872 (9.1.0)
state no longer required for masquerade and ICMP block inversion
Resolves: rhbz#2093423 (9.1.0)
Move tasks that set up CI environment to roles tasks/ dir
Resolves: rhbz#2093438 (9.1.0)
[Improvement] Allow System Role to reset to default Firewalld Settings
Resolves: rhbz#2043010
[RFE] add an option to the metrics role to enable postfix metric collection
Resolves: rhbz#2051737
sshd system role should not assume that RHEL 9 /etc/ssh/sshd_config has "Include > /etc/ssh/sshd_config.d/*.conf"
Resolves: rhbz#2052081
sshd system role should be able to optionally manage /etc/ssh/sshd_config on RHEL 9
Resolves: rhbz#2052086
logging tests fail during cleanup if no cloud-init on system
Resolves: rhbz#2058799
Metrics role, with "metrics_from_mssql" option does not configure /var/lib/pcp/pmdas/mssql/mssql.conf on first run
Resolves: rhbz#2060523
timesync: basic-smoke test failure in timesync/tests_ntp.yml
Resolves: rhbz#2060524
kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves: rhbz#2060525
Firewall system role Ansible deprecation warning related to "include"
Resolves: rhbz#2061511
ha_cluster - support advanced corosync configuration
Resolves: rhbz#2065337
network - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065382
Postfix RHEL System Role should provide the ability to replace config and reset configuration back to default [rhel-9.1.0]
Resolves: rhbz#2065383
metrics - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065392
postfix - consistently use ansible_managed in configuration files managed by role [rhel-9.1.0]
Resolves: rhbz#2065393
bond: fix typo in supporting the infiniband ports in active-backup mode [rhel-9.1.0]
Resolves: rhbz#2065394
pytest failed when running with nm providers in the rhel-8.5 beaker machine [rhel-9.1.0]
Resolves: rhbz#2066911
NBDE client system role does not support servers with static IP addresses [rhel-9.1.0]
Resolves: rhbz#2070462
Tlog role - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default
Resolves: rhbz#2071804
ha_cluster - add support for configuring bundle resources
Resolves: rhbz#2073519
FIPS mode detection in SSHD role is wrong
Resolves: rhbz#2073605
Logging - RFE - support template, severity and facility options
Resolves: rhbz#2075119
All roles should support running with gather_facts: false
Resolves: rhbz#2078989
[RFE] Extend rhel-system-roles.network feature set to support routing rules
Resolves: rhbz#2079622
ha_cluster - support SBD fencing
Resolves: rhbz#2079626
RFE storage Less verbosity by default
Resolves: rhbz#2079627
storage role cannot set mount_options for volumes
Resolves: rhbz#2083376
Rework the infiniband support
Resolves: rhbz#2086965
kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves: rhbz#2060525 (EL9)
timesync: basic-smoke test failure in timesync/tests_ntp.yml
Resolves: rhbz#2060524 (EL9)
(cherry picked from commit 6065b77481477ecc55f9af6638ec783cbadd1c87)
(cherry picked from commit 2575704e8a8cf17f3bff4c1c4c2dff0df48d1669)
firewall - ensure target changes take effect immediately
Resolves: rhbz#2057164 (EL9)
firewall - Firewall RHEL System Role should be able to set default zone
Resolves: rhbz#2022461 (EL9)
network - tests_802_1x_nm, tests_802_1x_updated_nm fails because of missing hostapd in EPEL
Resolves: rhbz#2053861 (EL9)
(cherry picked from commit 0b47c4621d3a2e385463729f41aabb0f12c0805f)
ha_cluster - set permissions for haclient group
Resolves: rhbz#2049754 (EL9)
network - Add more bonding options to rhel-system-roles.network
Resolves: rhbz#2054435 (EL9)
network - Fix or remove failing test tests_switch_provider_RHEL9. No package network-scripts available.
Resolves: rhbz#2050362 (EL9)
certificate - should consistently use ansible_managed in hook scripts
Resolves: rhbz#2054368 (EL9)
tlog - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2054367 (EL9)
vpn - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2054369 (EL9)
(cherry picked from commit 5bc1032e7397cbdf1654c987d0bdfe1fb8ae247c)
vpn - template error while templating string: no filter named 'vpn_ipaddr'
Resolves: rhbz#2050341 (EL9)
kdump - Unable to start service kdump: Job for kdump.service failed because the control process exited with error code.
Resolves: rhbz#2050419 (EL9)
remove collection dependencies on rhel because we vendor them in
(cherry picked from commit 62325241126fc196a0de1b2ea9fbed8861497f3d)
vpn - use custom vpn_ipaddr filter to make role work on RHEL 8.6 with ansible-core
this is covered by "make roles work with ansible-core on all platforms" BZ
logging - Logging role "logging_purge_confs" option not properly working
Resolves: rhbz#2039106
kernel_settings role should use ansible_managed in its configuration file
Resolves: rhbz#2047506
(cherry picked from commit 136a75679287eb30dc043cee5a59190b10c1e478)
Since Fedora 33, we generate both python3dist(foo.bar) and python3dist(foo-bar)
provides, but we'd like to follow PEP 503 and use only the names with dash.
By using the %py3_dist macro, this remains compatible with EPEL 8
Resolves: rhbz#2012298
(cherry picked from commit 2406e1f14815924cd65b4fdc3cf10c290f206a70)
- Support ansible-core and improve roles:
- selinux: Add support for Rocky Linux 8, fix
ansible_distribution_major_version
- timesync: Support ansible-core, use ansible_managed | comment
- kdump: Support ansible-core, use ansible_managed | comment
- network: Support ansible-core; deprecate RHEL 9 in readme; validate
that ipv6_disabled is conflicting with other settings; specify PCI
address to configure profile - adds match and path settings)
- storage: Support ansible-core, add skip checks feature to speed up
the tests
- logging: Support ansible-core, add the `uid` option for
elasticsearch, improve performance, use ansible_manged | comment
Resolves: rhbz#1990490 (EL9)
- ssh: Use ansible_manged | comment
- sshd: Use ansible_managed | comment
- ha_cluster: Support ansible-core, fix password_hash salt length
- vpn: Support ansible-core, use wait_for_connection instead of
wait_for with ssh
- ansible_managed | comment BZs:
Resolves: rhbz#2006230 (EL9)
- untar the collection tarballs and copy the files
- Add vendoring code for rhel / centos
- selinux: selinux, seboolean, seport, selogin, sefcontext
- storage: mount
- vpn: ipaddr
Resolves: rhbz#2006076 (EL9)
selinux tests_selinux_disabled.yml gives USER_AVC errors, so
add the tag so this test will be skipped by basic smoke test.
Resolves: rhbz#1996315 (EL9)
(cherry picked from commit ebbd49b04d5dced636177d56729fdc50d3a06df5)
metrics - the bpftrace role does not properly configure bpftrace agent
Resolves: rhbz#1994180 (EL9)
(cherry picked from commit 06ff97e58da3aff305ebea0ab34b9c55452eb031)
drop support for Ansible 2.8 - min_ansible_version is now 2.9
Resolves: rhbz#1989197 (EL9)
sshd - fix rhel6 support - failed to validate: error:Missing Match criteria for all Bad Match condition
Resolves: rhbz#1991598 (EL9)
(cherry picked from commit 86144623e53d9187029d9e82fdc65872322c64d8)
logging, certificate - Instead of the archive module, use "tar" command for backup.
Resolves: rhbz#1984182 (EL9)
logging - Add a support for list value to server_host in the elasticsearch output
Resolves: rhbz#1986460 (EL9)
logging - tests_relp.yml; Can't detect any of the required Python libraries cryptography (>= 1.2.3) or PyOpenSSL (>= 0.6)
Resolves: rhbz#1989962 (EL9)
(cherry picked from commit 6e83ea827bef074f0d105e208da3b633bb9ae66e)
network - tests_provider_nm.yml fails with an error: Failure in test 'I can manage a veth interface with NM after I managed it with initscripts.
Resolves: rhbz#1935919
network - _initscripts tests fail because "No package network-scripts available."
Resolves: rhbz#1935916
network - Test tests_bond_initscripts.yml failed to create interface
Resolves: rhbz#1980870
storage - covscan error - DEADCODE - vdopool if create_vdo else parent
Resolves: rhbz#1985571 (EL9)
network - network: tests_bond_initscripts.yml leaves behind unusable resolv.conf in CI
(cherry picked from commit c9b7a0996d52394d7675d49ca40bb3041967eafc)
network - Skip tests on RHEL9 that use hostapd
Resolves: rhbz#1945348
network - Fix the bond test on DHCP
certificate, logging - Use 'tar' command instead of archive module
Resolves: rhbz#1984182 (EL9)
kernel_settings - Disable bootloader testing on EL9
Resolves: rhbz#1944599
logging - Add a support for list value to server_host in the elasticsearch output
Resolves: rhbz#1986460 (EL9)
storage - Add support for percentage-based volume sizes
Resolves: rhbz#1984583 (EL9)
storage -storage_test_actual_size != storage_test_requested_size observed with tests_lvm_auto_size_cap.yml
(cherry picked from commit 597164e509ac52525191e73dbb1a74f8b1ed8b65)
Resolves: rhbz#1985382 (EL9)
EPEL yum repository configuration for tests
Rebasing to latest picks up this fix see rhel7 bz1980439
connections: workaround DeprecationWarning for NM.SettingEthtool.set_feature()
Rebasing to latest picks up this fix
(cherry picked from commit a9d89f48d068dc32b7492bb3d8f63046d5d78e94)
network - Re-running the network system role results in "changed: true" when nothing has actually changed
Resolves: rhbz#1980871
network - Test tests_bond_initscripts.yml failed to create interface
Resolves: rhbz#1980870
(cherry picked from commit 84faf297876c597a4232f699137b659ac18e11b5)
Use version tag in Source instead of commit hash where possible.
I think the network role prefers to do "proper" releases, and
auto-maintenance is untagged.
In addition, the following changes were made:
ha_cluster - add pacemaker resources configuration
Resolves: rhbz#1978726
ha_cluster - code cleanup
Resolves: rhbz#1978731
Postfix RHEL system role README.md missing variables under the "Role Variables" section
Resolves: rhbz#1978734
logging README.html examples are rendered incorrectly
Resolves: rhbz#1978758
make postfix role idempotent - round 2
Resolves: rhbz#1978760
selinux task for semanage says Fedora in name but also runs on RHEL/CentOS 8
Resolves: rhbz#1978740
metrics role task to enable logging for targeted hosts not working
Resolves: rhbz#1978746
network - Only show stderr_lines by default
Resolves: rhbz#1978731
storage - LVMVDO support
Resolves: rhbz#1978488
storage - fix several linter issues
Resolves: rhbz#1978731
ssh - Fix variable precedence when invoked through roles
Resolves: rhbz#1978745
ssh - Update configuration options list for OpenSSH 8.6
Resolves: rhbz#1978731
sshd - Fix variable precedence when invoked through roles
Resolves: rhbz#1978745
sshd - Update configuration options list for OpenSSH 8.6
Resolves: rhbz#1978731
sshd - support for appending a snippet to configuration file
Resolves: rhbz#1978752
timesync - add NTS support
Resolves: rhbz#1978753
timesync - rebase to latest
Resolves: rhbz#1978731
nbde_client - rebase to latest
Resolves: rhbz#1978731
(cherry picked from commit f0ea5fbead7b5a519f329724497da850fd0f8ae9)
Resolves: rhbz#1978731
Make the ansible_collection_files macro defined in Fedora automatically
and in RHEL manually consistent - having slash at the end to clean
double-slashes from the code.
(cherry picked from commit f04c75a2c87a901d9e2b090010744234422e9336)
Resolves: rhbz#1978731
It is more natural to have no slash / at the end of the url definition,
and instead use / where the url is used
Fix the forgeorg15 url
(cherry picked from commit 7c7eb82eee1390e461c4118eaf84845c25ca5581)
Avoid dynamically using the license macro since the license macro
is replaced with the value of License directive in the older rpmbuild.
Needs to list excluded files in this hardcoded style since when
format_item_for_files is executed, brp-python-bytecompile is not
executed yet.
Resolves: rhbz#1961404
Drop python3-six dependency which was used by lsr_role2collection.py.
Drop html files from rpm if the version has no markdown parser.
Drop unnecessary python scripts which include python3 only code, e.g.,
f-strings.
Resolves: rhbz#1961404
%_pkgdocdir and its subdirs, but the collection artifact tarball
has README.html in each roles/ROLE directory along with README.md.
Fixing it to make the collection artifact tarball consistent with
the collection part in rpm.
Related: rhbz#1961404
Following bz's are solved with the previous rebases.
Related: rhbz#1935957
storage: An unhandled exception occurred while running the lookup
plugin 'first_found'.
Related: rhbz#1944296
certificate: ipa-server package missing in RHEL-9 - Failed: Ensure
that IPA server packages are installed
Related: rhbz#1944557
tlog: Always install sssd.conf to enable files domain
Related: rhbz#1944561
crypto_policies: The NO-CAMELLIA is not available in RHEL9 package
anymore. Use a module that is available in all systems
Related: rhbz#1944579
ssh: Add support for RHEL-9 in meta/main.yml, add file vars/RedHat_9.yml
Related: rhbz#1945337
nbde_client: /bin/sh: line 1: cryptsetup: command not found
Related: rhbz#1945359
selinux umount: /sys/fs/selinux: target is busy.
Related: rhbz#1945376
ssh: file not found: file not found: /etc/ssh/ssh_config.d/00-ansible.conf
Related: rhbz#1945378
ssh: file not found: /etc/ssh/ssh_config.d/99-last.conf
Related: rhbz#1945380
ssh: Check if the selected options are in 'Include /etc/ssh/ssh_config.d/*.conf'
in config.content | b64decode
Related: rhbz#1945385
ssh: options_before.stdout == options_after.stdout
