rpms/rhel-system-roles
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5355e8bcf8
rhel-system-roles/linux-system-roles.spec
Rich Megginson 5355e8bcf8 system roles 1.90.3-0.1 
Resolves: RHEL-67413 : metrics - fix: add support for Valkey
fix vendoring for selinux
fix cockpit full packages support for 9.6 and later
ensure gfs2 tests do not run on el10

(cherry picked from commit 12b80ba6a7)
2024-11-20 13:45:41 -07:00

2117 lines
94 KiB
RPMSpec
Raw Blame History

# NOTE: ansible-core is in rhel-8.6 and newer, but not installable
# in buildroot as it depended on modular Python.
# It has been installable at buildtime in 8.8 and newer.
%if 0%{?fedora}
BuildRequires: ansible-packaging
%else
%if 0%{?rhel} >= 8
BuildRequires: ansible-core >= 2.11.0
%endif
%endif
%bcond_with collection_artifact
# This is to avoid ansible-test errors like
# ERROR: lsr_role2coll_extra_script-vpn:1:1: unexpected non-module shebang: b'#!/usr/bin/bash'
# we use /usr/bin/env bash in all of our scripts - we don't want rpm to fix them
%undefine __brp_mangle_shebangs
%if 0%{?rhel}
Name: rhel-system-roles
%else
Name: linux-system-roles
%endif
Url: https://github.com/linux-system-roles
Summary: Set of interfaces for unified system management
Version: 1.90.3
Release: 0.1%{?dist}
License: GPLv3+ and MIT and BSD and Python
%global _pkglicensedir %{_licensedir}/%{name}
%global roleinstprefix %{name}.
%if 0%{?rhel}
%global collection_namespace redhat
%global collection_name rhel_system_roles
%else
%global collection_namespace fedora
%global collection_name linux_system_roles
%endif
%global collection_version %{version}
# this is where we stage the collection files for building
%global collection_dest_path .collections
%global collection_build_path %{collection_dest_path}/ansible_collections/%{collection_namespace}/%{collection_name}
# be compatible with the usual Fedora Provides:
Provides: ansible-collection-%{collection_namespace}-%{collection_name} = %{collection_version}-%{release}
# ansible-core is in rhel 8.6 and later - default to ansible-core, but allow
# the use of ansible if present - we may revisit this if the automatic dependency
# generator is added to ansible-core in RHEL
# Fedora - the automatic generator will add this - no need to explicit declare
# it in the spec file
# EL7 - no dependency on ansible because there is no ansible in el7 - user is
# responsible for knowing they have to install ansible
%if 0%{?rhel} >= 8
Requires: (ansible-core >= 2.11.0 or ansible >= 2.9.0)
%endif
# For each role, call either defcommit() or deftag(). The other macros
# (%%id and %%shortid) can be then used in the same way in both cases.
# This way the rest of the spec file des not need to know whether we are
# dealing with a tag or a commit.
%global archiveext tar.gz
# list of role names
%global rolenames %nil
# list of assignments that can be used to populate a bash associative array variable
%global rolestodir %nil
%define getarchivedir() %(p=%{basename:%{S:%{1}}}; echo ${p%%.%{archiveext}})
%define defcommit() %{expand:%%global ref%{1} %{2}
%%global shortcommit%{1} %%(c=%%{ref%{1}}; echo ${c:0:7})
%%global extractdir%{1} %%{expand:%%getarchivedir %{1}}
%%{!?repo%{1}:%%global repo%{1} %%{rolename%{1}}}
%%global archiveurl%{1} %%{?forgeorg%{1}}%%{!?forgeorg%{1}:%%{url}}/%%{repo%{1}}/archive/%%{ref%{1}}/%%{repo%{1}}-%%{ref%{1}}.tar.gz
%%global rolenames %%{?rolenames} %%{rolename%{1}}
%%global roletodir%{1} [%{rolename%{1}}]="%{extractdir%{1}}"
%%global rolestodir %%{?rolestodir} %{roletodir%{1}}
}
%define deftag() %{expand:%%global ref%{1} %{2}
%%global extractdir%{1} %%{expand:%%getarchivedir %{1}}
%%{!?repo%{1}:%%global repo%{1} %%{rolename%{1}}}
%%global archiveurl%{1} %%{?forgeorg%{1}}%%{!?forgeorg%{1}:%%{url}}/%%{repo%{1}}/archive/%%{ref%{1}}/%%{repo%{1}}-%%{ref%{1}}.tar.gz
%%global rolenames %%{?rolenames} %%{rolename%{1}}
%%global roletodir%{1} [%{rolename%{1}}]="%{extractdir%{1}}"
%%global rolestodir %%{?rolestodir} %%{roletodir%{1}}
}
%global mainid 1.90.3
Source: %{url}/auto-maintenance/archive/%{mainid}/auto-maintenance-%{mainid}.tar.gz
# BEGIN AUTOGENERATED SOURCES
%global rolename1 postfix
%deftag 1 1.5.2
%global rolename2 selinux
%deftag 2 1.8.1
%global rolename3 timesync
%deftag 3 1.9.1
%global rolename4 kdump
%deftag 4 1.4.8
%global rolename5 network
%deftag 5 1.17.0
%global rolename6 storage
%deftag 6 1.18.8
%global rolename7 metrics
%deftag 7 1.10.8
%global rolename8 tlog
%deftag 8 1.3.7
%global rolename9 kernel_settings
%deftag 9 1.3.3
%global rolename10 logging
%deftag 10 1.14.0
%global rolename11 nbde_server
%deftag 11 1.4.8
%global rolename12 nbde_client
%deftag 12 1.3.1
%global rolename13 certificate
%deftag 13 1.3.7
%global rolename14 crypto_policies
%deftag 14 1.4.1
%global forgeorg15 https://github.com/willshersystems
%global repo15 ansible-sshd
%global rolename15 sshd
%deftag 15 v0.25.0
%global rolename16 ssh
%deftag 16 1.5.1
%global rolename17 ha_cluster
%deftag 17 1.20.0
%global rolename18 vpn
%deftag 18 1.6.8
%global rolename19 firewall
%deftag 19 1.8.1
%global rolename20 cockpit
%deftag 20 1.5.13
%global rolename21 podman
%deftag 21 1.7.0
%global rolename22 ad_integration
%deftag 22 1.4.7
%global rolename23 rhc
%deftag 23 1.6.7
%global rolename24 journald
%deftag 24 1.3.4
%global rolename25 postgresql
%deftag 25 1.3.9
%global rolename26 systemd
%deftag 26 1.3.0
%global rolename27 keylime_server
%deftag 27 1.1.6
%global rolename28 fapolicyd
%deftag 28 1.1.8
%global rolename29 bootloader
%deftag 29 1.0.8
%global rolename30 snapshot
%deftag 30 1.4.2
%global rolename31 gfs2
%deftag 31 1.0.2
%global rolename32 sudo
%deftag 32 1.2.1
%global rolename33 aide
%deftag 33 0.0.1
Source1: %{archiveurl1}
Source2: %{archiveurl2}
Source3: %{archiveurl3}
Source4: %{archiveurl4}
Source5: %{archiveurl5}
Source6: %{archiveurl6}
Source7: %{archiveurl7}
Source8: %{archiveurl8}
Source9: %{archiveurl9}
Source10: %{archiveurl10}
Source11: %{archiveurl11}
Source12: %{archiveurl12}
Source13: %{archiveurl13}
Source14: %{archiveurl14}
Source15: %{archiveurl15}
Source16: %{archiveurl16}
Source17: %{archiveurl17}
Source18: %{archiveurl18}
Source19: %{archiveurl19}
Source20: %{archiveurl20}
Source21: %{archiveurl21}
Source22: %{archiveurl22}
Source23: %{archiveurl23}
Source24: %{archiveurl24}
Source25: %{archiveurl25}
Source26: %{archiveurl26}
Source27: %{archiveurl27}
Source28: %{archiveurl28}
Source29: %{archiveurl29}
Source30: %{archiveurl30}
Source31: %{archiveurl31}
Source32: %{archiveurl32}
Source33: %{archiveurl33}
# END AUTOGENERATED SOURCES
# Includes with definitions/tags that differ between RHEL and Fedora
Source1001: extrasources.inc
%include %{SOURCE1001}
# Includes with ansible_collection_build/_install that differ between RHEL versions
Source1002: ansible-packaging.inc
%include %{SOURCE1002}
Source1003: vendoring-prep.inc
Source1004: vendoring-build.inc
Source995: CHANGELOG.md
BuildArch: noarch
# Requirements for galaxy_transform.py
BuildRequires: python3
BuildRequires: python%{python3_pkgversion}-ruamel-yaml
# Requirements for release_collection.py
BuildRequires: python3-setuptools
# We must put %%description within the if block to avoid empty lines showing up.
%if 0%{?rhel}
%description
Collection of Ansible roles and modules that provide a stable and
consistent configuration interface for managing multiple versions
of Red Hat Enterprise Linux.
%else
%description
Collection of Ansible roles and modules that provide a stable and
consistent configuration interface for managing multiple versions
of Fedora, Red Hat Enterprise Linux & CentOS.
%endif
%if %{with collection_artifact}
%package collection-artifact
Summary: Collection artifact to import to Automation Hub / Ansible Galaxy
%description collection-artifact
Collection artifact for %{name}. This package contains %{collection_namespace}-%{collection_name}-%{version}.tar.gz
%endif
# Fix issue with package update introduce with changing symlink to directory
# in 1.21.1-5
%pretrans -p <lua>
roles = {
"certificate", "cockpit", "crypto_policies", "firewall", "ha_cluster",
"kdump", "kernel_settings", "logging", "metrics", "nbde_client",
"nbde_server", "network", "postfix", "selinux", "ssh", "sshd", "storage",
"timesync", "tlog", "vpn"
}
for i,v in ipairs(roles) do
path = "/usr/share/ansible/roles/linux-system-roles." .. v
st = posix.stat(path)
if st and st.type == "link" then
os.remove(path)
end
end
%prep
# BEGIN AUTOGENERATED SETUP
%setup -q -a1 -a2 -a3 -a4 -a5 -a6 -a7 -a8 -a9 -a10 -a11 -a12 -a13 -a14 -a15 -a16 -a17 -a18 -a19 -a20 -a21 -a22 -a23 -a24 -a25 -a26 -a27 -a28 -a29 -a30 -a31 -a32 -a33 -n %{getarchivedir 0}
# END AUTOGENERATED SETUP
# vendoring prep steps, if any
%include %{SOURCE1003}
declare -A ROLESTODIR=(%{rolestodir})
for rolename in %{rolenames}; do
dir_from_archive="${ROLESTODIR[${rolename}]}"
if [ ! -d "$dir_from_archive" ]; then
# ansible-sshd uses tags like vX.Y.Z
# using the github archive/ link with a tag like this strips
# the leading v from the tag used to construct the directory
# name in the archive
if [[ "$dir_from_archive" =~ %{repo15}-v([0-9]+[.][0-9]+.*) ]]; then
dir_from_archive="%{repo15}-${BASH_REMATCH[1]}"
fi
fi
mv "$dir_from_archive" ${rolename}
# Move a hidden .README.html to a not hidden README.html
mv $rolename/.README.html $rolename/README.html
done
%if 0%{?rhel}
cd %{rolename2}/tests
# this test causes avcs we want to ignore
sed -r -i -e '/hosts: all/a\
tags:\
- tests::avc' tests_selinux_disabled.yml
cd ../..
%endif
cd %{rolename15}
find -P tests examples -name \*.yml | while read file; do
sed -r -i -e "s/willshersystems:ansible-sshd/system_role:sshd/" \
-e "s/ansible-sshd/linux-system-roles.sshd/" \
-e "s/ willshersystems.sshd/ linux-system-roles.sshd/" "$file"
done
sed -r -i -e "s/ willshersystems.sshd/ linux-system-roles.sshd/" README.md README.html
sed -r -i -e 's/min_ansible_version: 2.8/min_ansible_version: "2.9"/' meta/main.yml
cd ..
cd %{rolename7}
# metrics roles dir is a symlink to the vendored dir.
# rpm upgrade doesn't like the symlink. Replace the
# symlink with the real dir
rolesdir=$(pwd)/roles
realrolesdir=$(realpath "$rolesdir")
if [ "$rolesdir" != "$realrolesdir" ]; then
rm -rf roles
mv "$realrolesdir" .
rm -rf vendor
fi
cd ..
# vendoring build steps, if any
%include %{SOURCE1004}
# Removing symlinks in tests/roles
for rolename in %{rolenames}; do
if [ -d ${rolename}/tests/roles ]; then
find ${rolename}/tests/roles -type l -exec rm {} \;
if [ -d ${rolename}/tests/roles/linux-system-roles.${rolename} ]; then
rm -r ${rolename}/tests/roles/linux-system-roles.${rolename}
fi
fi
done
rm %{rolename5}/tests/modules
rm %{rolename5}/tests/module_utils
rm %{rolename5}/tests/playbooks/roles
# Drop network/{scripts/print_all_options.py,tests/ensure_provider_tests.py}
# from rpm. These 2 files fail in brp-python-bytecompile due to f-strings
# when python2 is default python.
rm %{rolename5}/scripts/print_all_options.py
rm %{rolename5}/tests/ensure_provider_tests.py
# fix system_roles fingerprint in "external" roles
python3 lsr_fingerprint.py
%build
# remove upstream-only documentation - for example, documentation
# about collection dependencies is not needed in Fedora and EL RPMs
# since the dependencies are already provided
sed -e '/# Requirements/,/^#/s/^See below$/None/' \
-e '/# Collection requirements/,/^#/ {/# Collection requirements/d;/^#/!d}' \
-i */README.md
sed -e '/id="requirements">Requirements<\/h/,/^<h/s/See below/None/' \
-e '/id="collection-requirements">/,/^<h/ {/id="collection-requirements">/d;/^<h/!d}' \
-i */README.html
for role in %{rolenames}; do
# awk: Remove collection-requirements from README.html TOC
# 1. If match found, add the line and -2,+1 lines' line number in an array "d".
# 2. Save all lines in an array with line number as index
# 3. Print only those index not in array "d"
awk '/id="toc-collection-requirements">/{for(x=NR-2;x<=NR+1;x++)d[x];} \
{a[NR]=$0} \
END{for(i=1;i<=NR;i++)if(!(i in d))print a[i]}' \
$role/README.html > $role/README.html.tmp
mv $role/README.html.tmp $role/README.html
done
# sshd README is not in the same format
sed -e '/# Optional requirements/,/# Role variables/ {/# Optional/d;/# Role variables/!d}' \
-i sshd/README.md
sed -e '/id="optional-requirements">/,/^<h/ {/id="optional-requirements">/d;/^<h/!d}' \
-i sshd/README.html
# Remove optional-requirements from README.html TOC
awk '/id="toc-optional-requirements">/{for(x=NR-2;x<=NR+1;x++)d[x];} \
{a[NR]=$0} \
END{for(i=1;i<=NR;i++)if(!(i in d))print a[i]}' \
sshd/README.html > sshd/README.html.tml
mv sshd/README.html.tml sshd/README.html
matchstr="actions/workflows/"
for role in %{rolenames}; do
# in the first 14 lines of README.md, remove any line that looks like a
# github action badge. README.html doesn't have these lines.
sed -e "1,14 {\\,${matchstr},d; /\!\[/d}" -i $role/README.md
done
if [ ! -d %{collection_dest_path} ]; then
mkdir %{collection_dest_path}
fi
%if 0%{?rhel}
# Convert the upstream collection readme to the downstream one
%{SOURCE998} lsr_role2collection/collection_readme.md
%{python3} ./galaxy_transform.py "%{collection_namespace}" "%{collection_name}" "%{collection_version}" \
"Red Hat Enterprise Linux System Roles Ansible Collection" \
"https://linux-system-roles.github.io" \
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/administration_and_configuration_tasks_using_system_roles_in_rhel" \
"https://access.redhat.com/articles/3050101" \
"https://issues.redhat.com/secure/CreateIssueDetails!init.jspa?pid=12332745&summary=Your%20request%20summary&issuetype=1&priority=10200&labels=Partner-Feature-Request&components=12380283" \
> galaxy.yml.tmp
# we vendor-in all of the dependencies on rhel, so remove them
rm -f lsr_role2collection/collection_requirements.txt
# but leave bindep.txt
%else
./galaxy_transform.py "%{collection_namespace}" "%{collection_name}" "%{collection_version}" \
"Linux System Roles Ansible Collection" \
> galaxy.yml.tmp
%endif
mv galaxy.yml.tmp galaxy.yml
includes=""
for role in %{rolenames}; do
includes="$includes --include $role"
%if 0%{?rhel}
# we vendor-in all of the dependencies on rhel, so remove them
rm -f "$role/meta/requirements.yml" "$role/meta/collection-requirements.yml" \
"$role/tests/collection-requirements.yml"
%endif
done
# do not process changelogs on RHEL
%if 0%{?rhel}
extra_mapping="--extra-mapping fedora.linux_system_roles:%{collection_namespace}.%{collection_name}"
%else
extra_mapping=""
%endif
LANG=C.utf-8 LC_ALL=C.utf-8 %{python3} release_collection.py --galaxy-yml galaxy.yml \
--src-path $(pwd) --dest-path $(pwd)/%{collection_dest_path} $includes --keep --no-update \
--src-owner %{name} --skip-git --skip-check --skip-changelog $extra_mapping --debug
# Remove internal links from readme files
# They are not rendered properly on AH.
for role in %{rolenames}; do
sed -r -i -e 's/\[([^[]+)\]\(#[^)]+\)/\1/g' \
%{collection_build_path}/roles/$role/README.md
done
# we have removed some files - ensure that the ignore files refer only to
# existing files
for ignore_file in %{collection_build_path}/tests/sanity/ignore-*.txt; do
cp "$ignore_file" "$ignore_file.tmp"
while read -r file rest; do
if [ ! -f "%{collection_build_path}/$file" ]; then
sed "\,^${file} ,d" -i "$ignore_file"
fi
done < "$ignore_file.tmp"
rm "$ignore_file.tmp"
done
# Remove test only collection dependencies
# NOTE: These should not be in meta/collection-requirements.yml, they should be
# in tests/collection-requirements.yml, but they can't be moved yet
sed -i -e '/community[.]mysql:/d' -e '/community[.]postgresql:/d' \
%{collection_build_path}/galaxy.yml
cp %{SOURCE995} \
%{collection_build_path}/docs/CHANGELOG.md
%if 0%{?rhel}
cp %{SOURCE996} \
%{collection_build_path}/CHANGELOG.rst
%endif
# Build the collection
pushd %{collection_build_path}
%ansible_collection_build
popd
%install
mkdir -p %{buildroot}%{ansible_roles_dir}
for role in %{rolenames}; do
cp -pR "$role" "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role"
done
%if 0%{?rhel}
# Create symlinks for roles in /usr/share/ansible/roles/linux-system-roles.$rolename
# That's required to make roles work with upstream naming too
for role in %{rolenames}; do
ln -s "%{name}.$role" "%{buildroot}%{ansible_roles_dir}/linux-system-roles.$role"
done
%endif
mkdir -p %{buildroot}%{_pkglicensedir}
rm %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}network/examples/roles
for role in %{rolenames}; do
mkdir -p "%{buildroot}%{_pkgdocdir}/$role"
ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/CHANGELOG.md" \
"%{buildroot}%{_pkgdocdir}/$role"
ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/README.md" \
"%{buildroot}%{_pkgdocdir}/$role"
ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/README.html" \
"%{buildroot}%{_pkgdocdir}/$role"
if [ -f "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/COPYING" ]; then
ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/COPYING" \
"%{buildroot}%{_pkglicensedir}/$role.COPYING"
fi
if [ -f "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/LICENSE" ]; then
ln -sr "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/LICENSE" \
"%{buildroot}%{_pkglicensedir}/$role.LICENSE"
fi
if [ -d "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples" ]; then
for file in "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples/"* ; do
if [[ "$file" == *.yml ]]; then
basename=$(basename "$file" .yml)
newname="$basename"
if [[ "$newname" != example-* ]]; then
newname="example-$newname"
fi
if [[ "$newname" != *-playbook ]]; then
newname="${newname}-playbook"
fi
cp "$file" "%{buildroot}%{_pkgdocdir}/$role/${newname}.yml"
else
cp "$file" "%{buildroot}%{_pkgdocdir}/$role"
fi
rm "$file"
done
if [ -f "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples/inventory" ]; then
cp "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples/inventory" \
"%{buildroot}%{_pkgdocdir}/$role/example-inventory"
rm "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples/inventory"
fi
# special case for network
# this will error if the directory is unexpectedly empty
rmdir "%{buildroot}%{ansible_roles_dir}/%{roleinstprefix}$role/examples"
fi
done
rm -f %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}*/semaphore
rm -r %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}*/molecule
# remove .dot files/directories, but keep the .ostree directory
for item in %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}*/.[A-Za-z]*; do
if [ "$(basename "$item")" = .ostree ]; then
continue
fi
rm -r "$item"
done
rm %{buildroot}%{ansible_roles_dir}/%{roleinstprefix}*/tests/.git*
# NOTE: sshd/examples/example-root-login.yml is
# referenced in the configuring-openssh-servers-using-the-sshd-system-role documentation module
# must be updated if changing the file path
# Install the collection
pushd %{collection_build_path}
%ansible_collection_install
popd
mkdir -p %{buildroot}%{_pkgdocdir}/collection
mkdir -p %{buildroot}%{_pkgdocdir}/collection/roles
ln -sr %{buildroot}%{ansible_collection_files}%{collection_name}/README.md \
%{buildroot}%{_pkgdocdir}/collection
for rolename in %{rolenames}; do
for file in CHANGELOG.md README.md README.html; do
if [ -f %{buildroot}%{ansible_collection_files}%{collection_name}/roles/${rolename}/$file ]; then
if [ ! -d %{buildroot}%{_pkgdocdir}/collection/roles/${rolename} ]; then
mkdir -p %{buildroot}%{_pkgdocdir}/collection/roles/${rolename}
fi
ln -sr %{buildroot}%{ansible_collection_files}%{collection_name}/roles/${rolename}/$file \
%{buildroot}%{_pkgdocdir}/collection/roles/${rolename}
fi
done
done
%if %{with collection_artifact}
# Copy collection artifact to /usr/share/ansible/collections/ for collection-artifact
pushd %{collection_build_path}
mv %{collection_namespace}-%{collection_name}-%{version}.tar.gz \
%{buildroot}%{_datadir}/ansible/collections/
popd
%endif
# Generate the %%files section in files_section.txt
# Bulk files inclusion is not possible because roles store doc and licence
# files together with other files
format_item_for_files() {
# $1 is directory or file name in buildroot
# $2 - if true, and item is a directory, use %%dir
local item
local files_item
item="$1" # full path including buildroot
files_item=${item##"%{buildroot}"} # path with cut buildroot to be added to %%files
if [ -L "$item" ]; then
echo "$files_item"
elif [ -d "$item" ]; then
if [[ "$item" == */doc* ]]; then
echo "%doc $files_item"
elif [ "${2:-false}" = true ]; then
echo "%dir $files_item"
else
echo "$files_item"
fi
elif [[ "$item" == */README.md ]] || [[ "$item" == */README.html ]] || [[ "$item" == */CHANGELOG.md ]]; then
if [[ "$item" == */private_* ]]; then
# mark as regular file, not %%doc
echo "$files_item"
else
echo "%doc $files_item"
fi
elif [[ "$item" == */COPYING* ]] || [[ "$item" == */LICENSE* ]]; then
echo "%""%""license" "$files_item"
else
echo "$files_item"
fi
}
files_section=files_section.txt
rm -f $files_section
touch $files_section
# Dynamically generate files section entries for %%{ansible_collection_files}
find %{buildroot}%{ansible_collection_files}%{collection_name} -mindepth 1 -maxdepth 1 | \
while read item; do
if [[ "$item" == */roles ]]; then
format_item_for_files "$item" true >> $files_section
find "$item" -mindepth 1 -maxdepth 1 | while read roles_dir; do
format_item_for_files "$roles_dir" true >> $files_section
find "$roles_dir" -mindepth 1 -maxdepth 1 | while read roles_item; do
format_item_for_files "$roles_item" >> $files_section
done
done
else
format_item_for_files "$item" >> $files_section
fi
done
# Dynamically generate files section entries for %%{ansible_roles_dir}
find %{buildroot}%{ansible_roles_dir} -mindepth 1 -maxdepth 1 | \
while read item; do
if [ -d "$item" ]; then
format_item_for_files "$item" true >> $files_section
find "$item" -mindepth 1 -maxdepth 1 | while read roles_item; do
format_item_for_files "$roles_item" >> $files_section
done
else
format_item_for_files "$item" >> $files_section
fi
done
%files -f files_section.txt
%dir %{_datadir}/ansible
%dir %{ansible_roles_dir}
%dir %{ansible_collection_files}
%dir %{ansible_collection_files}%{collection_name}
%doc %{_pkgdocdir}
%license %{_pkglicensedir}
%if 0%{?rhel} && 0%{?rhel} < 8
# Needs to list excluded files in this hardcoded style since when
# format_item_for_files is executed, brp-python-bytecompile is not
# executed yet.
%exclude %{ansible_roles_dir}/*/*.py?
%exclude %{ansible_roles_dir}/*/*/*.py?
%exclude %{ansible_roles_dir}/*/*/*/*.py?
%exclude %{ansible_roles_dir}/*/*/*/*/*.py?
%exclude %{ansible_collection_files}/%{collection_name}/*/*/*.py?
%exclude %{ansible_collection_files}/%{collection_name}/*/*/*/*.py?
%exclude %{ansible_collection_files}/%{collection_name}/*/*/*/*/*.py?
%endif
%if %{with collection_artifact}
%files collection-artifact
%{_datadir}/ansible/collections/%{collection_namespace}-%{collection_name}-%{version}.tar.gz
%endif
%changelog
* Wed Nov 20 2024 Rich Megginson <rmeggins@redhat.com> - 1.90.3-0.1
- Resolves: RHEL-67413 : metrics - fix: add support for Valkey
- fix vendoring for selinux
- fix cockpit full packages support for 9.6 and later
- ensure gfs2 tests do not run on el10
* Wed Nov 13 2024 Rich Megginson <rmeggins@redhat.com> - 1.90.1-0.1
- Resolves: RHEL-67419 : sudo - feat: Add variable that handles semantic check for sudoers
fix meta/main.yml versions
- fix vendoring for selinux, podman
* Tue Nov 12 2024 Rich Megginson <rmeggins@redhat.com> - 1.90.0-0.1
- Resolves: RHEL-67411 : aide - New role aide to manage system integrity checking [rhel-10]
- Resolves: RHEL-67412 : firewall - fix: Prevent interface definitions overriding 'changed' value when other elements are changed [rhel-10]
- Resolves: RHEL-67286 : logging - [RFE] Add methods to define and set up custom templates in the logging role of RHEL systems roles [rhel-10]
- Resolves: RHEL-67413 : metrics - fix: add support for Valkey [rhel-10]
- Resolves: RHEL-67416 : network - Support autoconnect_retries in the network role [rhel-10]
- Resolves: RHEL-67415 : network - Support may-fail in the network role [rhel-10]
- Resolves: RHEL-67417 : podman - support the pod quadlet type [rhel-10]
- Resolves: RHEL-67418 : postgresql - postgresql role: The postgresql_cert_name variable doesn't work with existing certificates [rhel-10]
- Resolves: RHEL-67419 : sudo - feat: Add variable that handles semantic check for sudoers [rhel-10]
- Resolves: RHEL-67420 : systemd - support management of user units [rhel-10]
- Resolves: RHEL-67421 : vpn - no ansible-doc for redhat.rhel_system_roles.vpn_ipaddr [rhel-10]
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com>
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Fri Sep 13 2024 Rich Megginson <rmeggins@redhat.com> - 1.88.9-0.1
- Resolves: RHEL-57100 : podman - fails to configure and run containers with podman rootless using different username and groupname
- logging - test issue with imuxsock and loginctl used by podman - restart systemd-logind to fix podman tests
- updates collection README for new Automation Hub format
* Wed Sep 11 2024 Rich Megginson <rmeggins@redhat.com> - 1.88.8-0.1
- Resolves: RHEL-57100 : podman - fails to configure and run containers with podman rootless using different username and groupname
- podman - previous fix broke ansible 2.9 + el8 with volume cleanup
- logging - test issue with imuxsock and journald - restart dbus-broker
* Wed Sep 4 2024 Rich Megginson <rmeggins@redhat.com> - 1.88.7-0.2
- Resolves: RHEL-57100 : podman - fails to configure and run containers with podman rootless using different username and groupname
- fapolicyd - fix method used to read from journald to determine when daemon is listening
- storage - fix tests to use blkid instead of lsblk to get partition table
- storage - skip stratis tests on el8
- logging - tests_combination.yml needs fact gathering
- same as 1.88.7-0.1 but needed to bump N-V-R and rebuild for exception
* Wed Sep 4 2024 Rich Megginson <rmeggins@redhat.com> - 1.88.7-0.1
- Resolves: RHEL-57100 : podman - fails to configure and run containers with podman rootless using different username and groupname
- fapolicyd - fix method used to read from journald to determine when daemon is listening
- storage - fix tests to use blkid instead of lsblk to get partition table
- storage - skip stratis tests on el8
- logging - tests_combination.yml needs fact gathering
* Mon Aug 26 2024 Rich Megginson <rmeggins@redhat.com> - 1.88.4-0.1
- Resolves: RHEL-53897 : kernel_settings - fix: Use tuned files instead of using it as a module
- recent tuned in el9 changed the profile directory back to the old one
- so had to change the role to detect directory
* Thu Aug 22 2024 Rich Megginson <rmeggins@redhat.com> - 1.88.3-0.1
- Resolves: RHEL-34828 : gfs2 - New Role
- no el10, aarch64 support for gfs2
- network role docs
* Wed Aug 21 2024 Rich Megginson <rmeggins@redhat.com> - 1.88.2-0.1
- Resolves: RHEL-55296 : ha_cluster - Fixes for new pcs and ansible
- several fixes for ostree issues
* Tue Aug 20 2024 Rich Megginson <rmeggins@redhat.com> - 1.88.0-0.1
- Resolves: RHEL-55296 : ha_cluster - Fixes for new pcs and ansible
- fix gather_facts issue with fapolicyd
- fix gather_facts issue with ha_cluster
- fix bond test firewall issue with network
* Mon Aug 19 2024 Rich Megginson <rmeggins@redhat.com> - 1.87.2-0.1
- Resolves: RHEL-55235 : System Roles: No module documentation
- Fix storage role tests_lvm_pool_pv_grow issue with pvcreate hang on el7
- podman - skip quadlet tests on non-x86_64 arch
- journald - fix the test pattern that looks for the max size
- network - fix the bond tests issue with firewall
- sshd - add new parameters for openssh 9.8
* Fri Aug 16 2024 Rich Megginson <rmeggins@redhat.com> - 1.87.1-0.1
- Resolves: RHEL-50291 : storage - Fingerprint storage RHEL System Role managed config files
- s390x issue fix requires fix for architecture fact
* Fri Aug 16 2024 Rich Megginson <rmeggins@redhat.com> - 1.87.0-0.1
- Resolves: RHEL-48230 : snapshot - feat: rewrite snapshot.py as an Ansible module / add support for thin origins
- some test fixes in snapshot, network
* Fri Aug 9 2024 Rich Megginson <rmeggins@redhat.com> - 1.86.0-0.1
- Resolves: RHEL-53897 : kernel_settings - fix: Use tuned files instead of using it as a module
- Resolves: RHEL-53901 : network - support route src parameter
- Resolves: RHEL-53905 : rhc - fix: drop usage of "auto_attach" of the "redhat_subscription" module
* Thu Aug 1 2024 Rich Megginson <rmeggins@redhat.com> - 1.85.0-0.1
- Resolves: RHEL-45285 : ha_cluster - alerts support
- other fixes for el10 support
- add timesync_provider.sh side car doc for Automation Hub rendering issue
* Tue Jul 23 2024 Rich Megginson <rmeggins@redhat.com> - 1.84.1-0.1
- Resolves: RHEL-48609 : logging - RFE - system-roles - logging: Add truncate options for local file inputs
- Resolves: RHEL-50288 : logging - redhat.rhel_system_roles.logging role fails to process logging_outputs: of type: "custom"
- Resolves: RHEL-50289 : logging - [RFE] Add the umask settings or enable a variable in linux-system-roles.logging
- Resolves: RHEL-50104 : podman - fix: proper cleanup for networks; ensure cleanup of resources
- Resolves: RHEL-50291 : storage - Fingerprint storage RHEL System Role managed config files
* Mon Jul 15 2024 Rich Megginson <rmeggins@redhat.com> - 1.83.0-0.1
- Resolves: RHEL-46855 : postfix - feat: Added postfix_files feature as a simple means to add extra files/maps to config
- Resolves: RHEL-48230 : snapshot - feat: rewrite snapshot.py as an Ansible module / add support for thin origins
* Tue Jul 02 2024 Rich Megginson <rmeggins@redhat.com> - 1.82.0-0.1
- Resolves: RHEL-45944 : cockpit - cockpit install all wildcard match does not work in newer el9
- Resolves: RHEL-45718 : nbde_client - feat: Allow initrd configuration to be skipped
- Implements meta/main.yml el10 support in most roles
* Wed Jun 12 2024 Rich Megginson <rmeggins@redhat.com> - 1.79.0-0.3
- add patch for https://github.com/containers/ansible-podman-collections/pull/784
this is blocking gating tests
* Tue Jun 11 2024 Rich Megginson <rmeggins@redhat.com> - 1.79.0-0.2
- Resolves: RHEL-40759 : bootloader - fix: Set user.cfg path to /boot/grub2/ on EL 9 UEFI [rhel-10]
- Resolves: RHEL-38456 : logging - Setup imuxsock using rhel-system-roles.logging causing an error EL10
fix test
- Resolves: RHEL-40760 : podman - grab name of network to remove from quadlet file
- Resolves: RHEL-40795 : podman - Create podman secret when skip_existing=True and it does not exist [rhel-10]
- Resolves: RHEL-40181 : ssh - feat: Add new configuration options and remove false positives in the test
- Resolves: RHEL-40798 : storage - [RFE] manage stratis [rhel-10]
- Resolves: RHEL-34895 : storage - rhel-system-role.storage is not idempotent [rhel-10]
- Resolves: RHEL-40797 : storage - [RHEL9][RFE] resize LVM PVs [rhel-10]
- Resolves: RHEL-40796 : storage - [RHEL8 ] var unused_disks get different sector size disks [rhel-10]
* Tue May 21 2024 Sergei Petrosian <spetrosi@redhat.com> - 1.79.0-0.1
- Resolves: RHEL-38456 : logging - Setup imuxsock using rhel-system-roles.logging causing an error EL10
- Resolves: RHEL-37551 : sudo - Add sudo system role EL10
* Thu Apr 25 2024 Rich Megginson <rmeggins@redhat.com> - 1.78.1-0.1
- fix some issues with ansible-test
- Resolves: RHEL-34828 : gfs2 - add gfs2 system role [rhel-10]
* Mon Apr 22 2024 Rich Megginson <rmeggins@redhat.com> - 1.77.0-0.1
- Resolves: RHEL-34897 : - package rhel-system-roles.noarch does not provide docs for ansible-doc [rhel-10]
- Resolves: RHEL-34885 : ha_cluster - [RFE] rhel_system_roles.ha_cluster - Utilization Support [rhel-10]
- Resolves: RHEL-34886 : ha_cluster - Fix inconsistent approach for multiple `attributes.attrs` in `ha_cluster_node_options` [rhel-10]
- Resolves: RHEL-34887 : network - Fix testing Failures due to connection.autoconnect-ports Unknown Property [rhel-10]
- Resolves: RHEL-34884 : podman - feat: manage TLS cert/key files for registry connections and validate certs [rhel-10]
- Resolves: RHEL-34890 : podman - podman role should support default credentials and per-unit credentials [rhel-10]
- Resolves: RHEL-34891 : podman - podman role should support containers-auth.json [rhel-10]
- Resolves: RHEL-34895 : storage - rhel-system-role.storage is not idempotent [rhel-10]
* Mon Apr 15 2024 Rich Megginson <rmeggins@redhat.com> - 1.76.2-0.1
- Fix ansible-test issues
Ensure "WARNING: " is quoted in description string
Package doc_fragments for vendored modules
Fix wrong collection deprecation error
undefine __brp_mangle_shebangs because ansible-test does not like shebangs in executable files
ensure that any files removed during the build/install process are also removed
from ignore files
- Resolves: RHEL-34883 : ad_integration - fix: Sets domain name lower case in realmd.conf section header [rhel-10]
- Resolves: RHEL-34881 : bootloader - bootloader role tests do not work on ostree [rhel-10]
- Resolves: RHEL-34893 : ha_cluster - [RFE] ha_cluster_node_options allows per-node addresses and SBD options to be set [rhel-10]
- Resolves: RHEL-34894 : ha_cluster - [RFE] make it easier to install cloud agents [rhel-10]
- Resolves: RHEL-34898 : ha_cluster - [RFE] rhel_system_roles.ha_cluster - ACL Support [rhel-10]
- Resolves: RHEL-34892 : journald - feat: Add options for rate limit interval and burst [rhel-10]
- Resolves: RHEL-34896 : network - Make sure that the network role CI is solid robust [rhel-10]
- Resolves: RHEL-34888 : podman - fix: do not use become for changing hostdir ownership, and expose subuid/subgid info [rhel-10]
- Resolves: RHEL-34889 : podman - fix: use correct user for cancel linger file name [rhel-10]
- Resolves: RHEL-34890 : podman - podman role should support default credentials and per-unit credentials [rhel-10]
- Resolves: RHEL-34879 : sshd - second SSHD service broken [rhel-10]
- Resolves: RHEL-34908 : storage - [RHEL9] storage role resize volume failed [rhel-10]
- Resolves: RHEL-34907 : storage - Running rhel-system-roles.storage w/ type: raid a second time, fails if existing RAID device has stratis installed on them. [rhel-10]
- Resolves: RHEL-34895 : storage - rhel-system-role.storage is not idempotent [rhel-10]
* Mon Feb 26 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.21
- Resolves: RHEL-16336 : bootloader - Create bootloader role (MVP)
fix issue with path on arches other than x86_64, and EFI systems
- Resolves: RHEL-3253 : RHEL for Edge support in system roles
cockpit - fixed issue with test cleanup
postgresql - fixed issue with test cleanup
* Wed Feb 21 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.20
- Resolves: RHEL-16964 : rhc - new rhc_insights.display_name parameter
- Resolves: RHEL-16552 : snapshot - New Role for storage snapshot management (lvm, etc.)
fixes error handling
* Tue Feb 20 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.19
- Resolves: RHEL-16552 : snapshot - New Role for storage snapshot management (lvm, etc.)
fixes idempotency, check mode, cleanup, basic-smoke-test
* Tue Feb 20 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.18
- Resolves: RHEL-22228 : podman - user linger needed before secrets
fixed issue with ANSIBLE_GATHERING=explicit
- Resolves: RHEL-5972 : sshd - ansible-sshd Manage SSH certificates
fixed issue with RHEL7 tests
* Thu Feb 15 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.17
- Resolves: RHEL-25508 : nbde_server - fix: Allow tangd socket override directory to be managed outside of the role
- Resolves: RHEL-19579 : network - Add blackhole type route to rhel-system-roles.network
- Fixed issues with ANSIBLE_GATHERING=explicit in several roles
- Fixed test cleanup issues in several roles
* Tue Feb 13 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.16
- Resolves: RHEL-16552 : snapshot - New Role for storage snapshot management (lvm, etc.)
this is the MVP candidate for the snapshot role
* Mon Feb 12 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.15
- Resolves: RHEL-22106 : ha_cluster - Setting cluster members' attributes
* Sun Feb 11 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.14
- Resolves: RHEL-16336 : bootloader - Create bootloader role (MVP)
- Resolves: RHEL-5274 : postgresql - unable to install PostgreSQL version 15 on RHEL 9
* Fri Feb 9 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.13
- Resolves: RHEL-16974 : rhc - rhc: new rhc_insights.ansible_host parameter
Rename test playbook from .yaml to .yml
* Thu Feb 8 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.12
- Resolves: RHEL-22228 : podman - user linger needed before secrets
* Wed Jan 31 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.11
- Resolves: RHEL-5274 : postgresql - unable to install PostgreSQL version 15 on RHEL 9
- Resolves: RHEL-23497 : storage - tests_lvm_auto_size_cap_nvme_generated failed at "Assert expected size is actual size"
* Sat Jan 27 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.10
- Resolves: RHEL-1535 : storage - Basic support for creating shared logical volumes
GFS2 support in blivet is enabled
* Fri Jan 26 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.9
- Resolves: RHEL-21382 : ad_integration - feat: add ad_integration_preserve_authselect_profile
- Resolves: RHEL-21133 : ad_integration - feat: Add SSSD parameters support
- Resolves: RHEL-21117 : journald - feat: Add support for ForwardToSyslog
- Resolves: RHEL-22309 : podman - fix: cast secret data to string in order to allow JSON valued strings
- Resolves: RHEL-21401 : podman - fix: name of volume quadlet service should be basename-volume.service
- Resolves: RHEL-16974 : rhc - rhc: new rhc_insights.ansible_host parameter
* Wed Jan 24 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.8
- Resolves: RHEL-16552 : snapshot - New Role for storage snapshot management (lvm, etc.)
* Fri Jan 19 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.7
- Add ExcludeArch i686 to fix build issues with ansible-core
- Resolves: RHEL-15909 : keylime_server - won't detect registrar start failure
* Thu Jan 18 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.6
- Resolves: RHEL-21529 : storage - lvmlockd process is not running - test only
* Mon Jan 15 2024 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.5
- Resolves: RHEL-16336 : bootloader - Create bootloader role (MVP)
* Tue Dec 12 2023 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.4
- Resolves: RHEL-3253 : RHEL for Edge support in system roles
updated several roles with ostree improvements
metrics role support for ostree
- Resolves: RHEL-16541 : fapolicyd - feat: Import code for fapolicyd system role
several role improvements
- Resolves: RHEL-18026 : ha_cluster - fix: set sbd.service timeout based on SBD_START_DELAY
- Resolves: RHEL-19046 : logging - fix: avoid conf of RatelimitBurst when RatelimitInterval is zero
- Resolves: RHEL-13760 : metrics - [RFE] Metrics system role support for configuring PMIE webhooks
- Resolves: RHEL-19241 : podman - fix: add no_log: true for tasks that can log secret data
- Resolves: RHEL-18962 : postgresql - feat: enable using postgresql 16
- Resolves: RHEL-16976 : rhc - rhc: support RHEL 7 managed nodes
- Resolves: RHEL-19040 : selinux - fix: no longer use "item" as a loop variable
- Resolves: RHEL-19043 : selinux - fix: Print an error message when module to be created doesn't exist
- Resolves: RHEL-1535 : storage - Basic support for creating shared logical volumes
* Fri Dec 1 2023 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.3
- Resolves: RHEL-17875 : ha_cluster - high-availability firewall service is not added on qdevice node
* Thu Nov 30 2023 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.2
- Resolves: RHEL-3253 : RHEL for Edge support in system roles
vpn - fixed issue with test cleanup
* Thu Nov 30 2023 Rich Megginson <rmeggins@redhat.com> - 1.23.0-2.1
- Resolves: RHEL-3253 : RHEL for Edge support in system roles
except for nbde_client, rhc, and metrics
- Resolves: RHEL-17668 : ad_integration - feat: Add sssd custom settings
- Resolves: RHEL-16541 : fapolicyd - feat: Import code for fapolicyd system role
- Resolves: RHEL-15910 : ha_cluster - [RFE] HA Cluster system role should be able to enable Resilient Storage repository
- Resolves: RHEL-15908 : ha_cluster - [FutureFeature] Allow ha_cluster role to configure all qdevice options
- Resolves: RHEL-15876 : ha_cluster - [FutureFeature] Allow ha_cluster role to configure fencing topology
- Resolves: RHEL-3353 : kdump - fix: retry read of kexec_crash_size
- Resolves: RHEL-15932 : logging - feat: Add support for the global config option preserveFQDN
- Resolves: RHEL-15439 : logging - feat: Add support for general queue and general action parameters
- Resolves: RHEL-15037 : logging - fix: check that logging_max_message_size is set, not rsyslog_max_message_size
- Resolves: RHEL-13760 : metrics - [RFE] Metrics system role support for configuring PMIE webhooks
- Resolves: RHEL-1683 : network - Ansible RHEL network system role issue with ipv6.routing-rules the prefix length for 'from' cannot be zero"
- Resolves: RHEL-15870 : selinux - fix: Use `ignore_selinux_state` module option
- Resolves: RHEL-5972 : sshd - ansible-sshd Manage SSH certificates
- Resolves: RHEL-16212 : storage - feat: Support for creating volumes without a FS
* Thu Nov 9 2023 Sergei Petrosian <spetrosi@redhat.com> - 1.23.0-2
- RHEL-1118: ad_integration: Support for dynamic DNS Updates
Update to a new version with fixed tests
* Wed Sep 20 2023 Sergei Petrosian <spetrosi@redhat.com> - 1.23.0-1
- Resolves: RHEL-5346 spec - Remove with_html, instead use built-in .README.html
- Resolves: RHEL-5972 ansible-sshd - Manage SSH certificates
- rhbz#2223764: Remove ad_integration patch and use the latest ad_integration
version instead. Vendor community-general.ini_files for
- RHEL-1118: ad_integration: Support for dynamic DNS Updates
- Change link to open new issue in galaxy.yml from deprecated BZ to Jira
* Tue Aug 22 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-2
- Resolves:rhbz#2232758 : ad_integration - leaks credentials when in check_mode
NOTE: changelog entry below has the wrong bz
* Tue Aug 15 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-1
- Resolves:rhbz#2223764 : ad_integration - leaks credentials when in check_mode
- Resolves:rhbz#2232241 : kdump - "Write new authorized_keys if needed" task idempotency issues
- Resolves:rhbz#2232231 : kdump - system role fails if kdump_ssh_user doesn't have a .ssh/authorized_keys file in home directory
- Resolves RHEL-1397 : kdump - fix: ensure .ssh directory exists for kdump_ssh_user on kdump_ssh_server
- Resolves RHEL-1499 : kdump - fix: Ensure authorized_keys management works with multiple hosts
- Resolves:rhbz#2223764 : firewall - fix: reload on resetting to defaults
- Resolves RHEL-1495 : firewall - fix: files: overwrite firewalld.conf on previous replaced
- Resolves RHEL-1497 : storage - fix: use stat.pw_name, stat.gr_name instead of owner, group
sshd README remove upstream only docs
first RC for 1.22.0 rhel 8.9 and 9.3
fix firewall reload test gather facts
* Thu Aug 10 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.21
- Resolves:rhbz#2179455 : podman - support quadlet units
support for rootless quadlets, secrets
* Wed Aug 09 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.20
- Resolves:rhbz#2229802 : firewall - missing module in linux-system-roles.firewall to create an ipset
* Tue Aug 01 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.19
- Resolves:rhbz#2223764 : firewall - fix: reload on resetting to defaults
- Resolves:rhbz#2211984 : podman - Podman system role: Unable to use podman_registries_conf to set unqualified-search-registries
- Resolves:rhbz#2227821 : rhc - baseurl in rhsm.conf is empty when rhc_baseurl is not specified
- Resolves RHEL-906 : kdump - use failure_action instead of default on EL9 and later
- Resolves RHEL-898 : firewall - Check mode fails with replacing previous rules
- Resolves RHEL-885 : firewall - Ansible RHEL firewall system role not idempotent when configuring the interface using the role in rhel9
- Resolves RHEL-865 : podman - use getsubids to look for subuid, subgid for IdM support
- Resolves RHEL-857 : podman - allow to not pull images, continue if image pull fails
* Wed Jul 26 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.18
- Resolves:rhbz#2224384 : systemd - system role for managing systemd units
* Tue Jul 25 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.17
- Resolves:rhbz#2224385 : keylime_server - system role for managing keylime servers
* Fri Jul 21 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.16
- Resolves:rhbz#2222761 : firewall - should have option to disable conflicting services
- Resolves:rhbz#2161712 : podman - allow container networking configuration
- Resolves:rhbz#2179457 : podman - support for healthchecks and healthcheck actions
- Resolves:rhbz#2179455 : podman - support quadlet units
- Resolves:rhbz#2224384 : systemd - system role for managing systemd units
- Resolves:rhbz#2223032 : ALL - facts being gathered unnecessarily
- Resolves:rhbz#2224138 : certificate - rhel-system-roles.certificate does not re-issue after updating key_size
- Resolves:rhbz#2222428 : firewall - Check mode fails when creating new firewall service
- Resolves:rhbz#2224090 : storage - RAID volume pre cleanup - remove existing data from member disks as needed before creation
- Resolves:rhbz#2123859 : firewall - when firewalld.service is masked, firewall role fails
* Mon Jul 10 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.15
- Resolves:rhbz#2180902 : certificate - add mode parameter to change permissions for cert files
- Resolves:rhbz#2218592 : network - Support no-aaaa DNS option
* Sun Jul 09 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.14
- Resolves:rhbz#2213691 : storage - [RHEL8] Unexpected behavior when creating ext4 filesystem with invalid parameter
* Fri Jun 23 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.13
- Resolves:rhbz#2216753 : ssh - add ssh_backup option with default true
- Resolves:rhbz#2216520 : firewall - Don't install python(3)-firewall it's a dependency of firewalld
* Thu Jun 22 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.12
- Resolves:rhbz#2168692 : storage - Storage: mounted devices that are in use cannot be resized
* Tue Jun 20 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.11
- Resolves:rhbz#2211187 : kdump - support auto_reset_crashkernel, dracut_args, deprecate /etc/sysconfig/kdump
* Wed Jun 07 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.10
- Resolves:rhbz#2186253 : ad_integration - add ad_integration_force_rejoin
* Tue Jun 06 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.9
- Resolves:rhbz#2211194 : network - Support configuring auto-dns setting
- Resolves:rhbz#2211748 : rhc - implement rhc_proxy.scheme
- Resolves:rhbz#2179460 : selinux - use restorecon -T 0 on supported platforms
- Resolves:rhbz#2181656 : storage - RFE for the storage system role to support configuring the stripe size for RAID LVM volumes
- Resolves:rhbz#2210916 : storage - [RHEL9] Failed to commit changes to disk: Failed to format device: Input/output error
* Tue May 30 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.8
- Resolves:rhbz#2181657 : storage - [RFE] user-specified mount point owner and permissions
- Resolves:rhbz#2193058 : storage - Cannot set chunk size for RAID: Unsupported parameters for (blivet) module: pools.raid_chunk_size
- Resolves:rhbz#2210916 : storage - [RHEL9] Failed to commit changes to disk: Failed to format device: Input/output error
* Tue May 23 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.7
- remove upstream only docs from README.md files
- python3-setuptools is now required for release_collection.py
- fix ruamel issue described at https://github.com/linux-system-roles/auto-maintenance/pull/272
- Resolves:rhbz#2209200 : rhc - system role does not apply Insights tags
- Resolves:rhbz#2179458 : tlog - use the proxy provider - the files provider is deprecated in sssd
- Resolves:rhbz#2190502 : roles should support running with gather_facts: false
- READMEs for all roles contain only downstream applicable docs
- All roles/tests now work with ansible-core 2.15
- Fix some roles to work with remove-cloud-init
* Thu May 04 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.6
- Resolves:rhbz#2185062 : fingerprint in config files managed by roles
- Resolves:rhbz#2185067 : ha_cluster - Add possibility to load SBD watchdog kernel modules
- Resolves:rhbz#2185065 : ha_cluster - support for resource and operation defaults
- Resolves:rhbz#2151373 : postgresql - [RFE] system role for PostgreSQL management
- Resolves:rhbz#2179026 : rhc - [RFE] New role for Red Hat subscription management, insights management [rhel-9.3.0]
- Resolves:rhbz#2185066 : ha_cluster - use pcs to setup qdevice certificates if available
- Resolves:rhbz#2185002 : spec: Remove doc fragments from vendored modules
- Resolves:rhbz#2175324 : use ansible-galaxy collection build/install instead of tar
- Resolves:rhbz#2186218 : rhc - RHC system role: activation key registration fails if system is already registered
- Resolves:rhbz#2190501 : selinux - failing test - sshd/tests_firewall_selinux.yml - No package matching 'firewalld' found available, installed or updated
* Wed May 3 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.5
- fix issue with postgresql tests
* Tue May 2 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.4
- fix issue with ha_cluster vendoring modprobe
- move vendoring into included files
* Thu Apr 27 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.3
- fix issues in some tests with ANSIBLE_GATHERING=explicit
- add testing for fingerprints in config files
- fix podman jinja 2.7 issue
- sshd - skip firewall testing if not supported
* Thu Apr 6 2023 Rich Megginson <rmeggins@redhat.com> - 1.22.0-0.2
- initial 8.9/9.3
* Thu Apr 6 2023 Sergei Petrosian <spetrosi@redhat.com> - 1.21.1-2
- Resolves: rhbz#2185002 : Remove doc fragments from vendored modules
- Build collection artifact in the same directory on Fedora and RHEL
* Thu Mar 16 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.1-1
- Resolves:rhbz#2141330 : rhc - new role for subscription management/registration/insights
- includes the fix for tests_proxy.yml selinux and some test refactoring
* Wed Feb 22 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-2
- Resolves:rhbz#2141330 : rhc - new role for subscription management/registration/insights
- remove role until https://bugzilla.redhat.com/show_bug.cgi?id=2171829 is fixed
* Mon Feb 20 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-1
- Resolves:rhbz#2168735 : network - RedHat Role rhel-system-roles.network should route traffic via correct bond
* Thu Feb 16 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.19
- Resolves:rhbz#2141330 : rhc - new role for subscription management/registration/insights
- vendor in modules required by rhc role
- Resolves:rhbz#2167528 : ha_cluster - Fix stonith watchdog timeout
* Wed Feb 15 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.18
- Resolves:rhbz#2141330 : rhc - new role for subscription management/registration/insights
- ad_integration - fix issue with using the network role to configure DNS
* Thu Feb 09 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.17
- Resolves:rhbz#2160152 : selinux - managing modules is not idempotent
- Fix nbde_server test issue
* Fri Feb 03 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.16
- Resolves:rhbz#2165175 : journald - New role - journald - manage systemd-journald
- Resolves:rhbz#2162782 : nbde_client - nbde_client_clevis fails with a traceback and prints sensitive data
- Resolves:rhbz#2160152 : selinux - managing modules is not idempotent
- fix storage tests_swap and tests_misc - swap size < 128GB on EL7
- fix podman general-meta issue
- ha_cluster non-x86_64 tests issue
- certificate non-x86_64 tests issue
* Fri Jan 20 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.15
- Resolves:rhbz#2149678 : Synchronize automation-related changes from Fedora spec file
- Resolves:rhbz#2100559 : network - role should support running tests with ANSIBLE_GATHERING=explicit
- Fix ansible-test issues in several roles
- Fix nbde_server tang test failure
* Fri Jan 13 2023 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.14
- Resolves:rhbz#2140804 : ha_cluster - Allow quorum device configuration
- Resolves:rhbz#2153030 : ha_cluster - Allow enabled SBD on disabled cluster
- Resolves:rhbz#2143816 : ha_cluster - use no_log in tasks looping over pot. secret parameters
- community.general 6.2.0
- replace community.general with namespace.name for rhc role
* Thu Dec 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.13
- Resolves:rhbz#2143246 : storage - [RHEL9] ansible.parsing.yaml.objects.AnsibleUnicode object' has no attribute 'bytes'
- Resolves:rhbz#2128467 : storage - [RHEL9] disks_needed need to be set for the raid test cases
- Resolves:rhbz#2123594 : storage - [RHEL9 system role] storage role vdo tests failed about "VDO deduplication is off but it should not"
- Resolves:rhbz#2153660 : storage - [RHEL9] tests_create_thinp_then_remove_scsi_generated.yml failed at "assertion": "(storage_test_expected_size|int - storage_test_actual_size.bytes)|abs / storage_test_expected_size|int < 0.01"
* Thu Dec 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.12
- Resolves:rhbz#2153043 - tlog - Unconditionally enable the files provider
* Tue Dec 13 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.11
- Resolves:rhbz#2130357 : logging - [RFE] convert logging role to use firewall, selinux role, and certificate role
fix basic-smoke-test failures
* Mon Dec 12 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.10
- Resolves:rhbz#2130010 : ha_cluster - [RFE] convert ha_cluster role to use firewall, selinux and certificate role
- Resolves:rhbz#2143768 : network - Support cloned MAC address
- Resolves:rhbz#2143427 : podman - [RFE] role for managing podman containers and systemd
* Tue Dec 06 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.9
- Resolves:rhbz#2140795 : ad_integration - [RFE] new role to support AD integration, join to AD domain
* Mon Dec 05 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.8
- Resolves:rhbz#2130357 : logging - [RFE] convert logging role to use firewall, selinux role, and certificate role
fix tests - tests_relp now uses logging_purge_confs
* Tue Nov 29 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.7
- Resolves:rhbz#2126959 : nbde_client - must handle clevis-luks-askpass and clevis-luks-askpass@ systemd unit names
* Tue Nov 29 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.6
- Resolves:rhbz#2133930 : nbde_server - [RFE] convert nbde_server role to use firewall and selinux role
previous fix was not complete - needed additional fixes - ansible-lint 6.x fixes
* Mon Nov 21 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.5
- Resolves:rhbz#2137663 : cockpit - [RFE] convert cockpit role to use firewall, selinux role, and certificate role
fix test issues - use system roles collection for certificate role
make role work with ansible-core 2.14
- Resolves:rhbz#2130357 : logging - [RFE] convert logging role to use firewall, selinux role, and certificate role
fix tests - use getcert stop-tracking for hung tests - increase log test timeout
- Resolves:rhbz#2133528 : metrics - [RFE] convert metrics role to use firewall and selinux role
- Resolves:rhbz#2133930 : nbde_server - [RFE] convert nbde_server role to use firewall and selinux role
- Resolves:rhbz#2130329 : postfix - [RFE] convert postfix role to use firewall and selinux role
- Resolves:rhbz#2119102 : vpn - Add parameters shared_key_content, ike, esp, type, leftid, rightid
- Resolves:rhbz#2130344 : vpn - [RFE] convert vpn role to use firewall and selinux role
* Thu Nov 17 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.4.podman
- Resolves:rhbz#2143427 : podman - [RFE] role for managing podman containers and systemd
fix role tests with podman 4.3, ansible-core 2.14
* Wed Nov 16 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.3.ssh_sshd_selinux_timesync
- Resolves:rhbz#2128843 : selinux - add support for the 'local' parameter
- Resolves:rhbz#2129401 : sshd,ssh,timesync - Unexpected templating type error - expected str instance, int found
- Resolves:rhbz#2130969 : ssh,sshd - Sync on final OpenSSH option name RequiredRSASize in ssh and sshd roles [rhel-9.2.0]
* Tue Nov 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.2.network
- Resolves:rhbz#2134202 : network - [RFE] Support setting the metric of the default route for initscripts provider
- Resolves:rhbz#2133858 : network - [RFE] Support the DNS priority
- Resolves:rhbz#2131293 : network - Support looking up named route table in routing rule
- Resolves:rhbz#2123311 : network - tests_bond_options_nm.yml failing, Cannot find device "nm-bond"
- includes ha_cluster, vpn - README.md had headings that were too long causing problems
for md to adoc to html conversion on el8
- includes changing network role to support ansible-core 2.14
- includes community.general 6.0.1
- adds back network bondtests patch - bond tests still failing in beaker
* Tue Nov 08 2022 Rich Megginson <rmeggins@redhat.com> - 1.21.0-0.1.network
- Resolves:rhbz#2134202 : network - [RFE] Support setting the metric of the default route for initscripts provider
- Resolves:rhbz#2133858 : network - [RFE] Support the DNS priority
- Resolves:rhbz#2131293 : network - Support looking up named route table in routing rule
- Resolves:rhbz#2123311 : network - tests_bond_options_nm.yml failing, Cannot find device "nm-bond"
* Tue Sep 27 2022 Rich Megginson <rmeggins@redhat.com> - 1.20.1-1
- Resolves:rhbz#2129873 : ssh,sshd - Sync on final OpenSSH option name RequiredRSASize in ssh and sshd roles
* Thu Aug 04 2022 Rich Megginson <rmeggins@redhat.com> - 1.20.0-1
- ensure CHANGELOG.md files are marked as doc
- Resolves:rhbz#2115152 : cockpit - Add customization of port
- Resolves:rhbz#2100942 : firewall - RFE: firewall-system-role: add ability to add interface to zone by PCI device ID
- Resolves:rhbz#2115154 : firewall - support for firewall_config - gather firewall facts
- Resolves:rhbz#2112145 : logging - [RFE] Support startmsg.regex and endmsg.regex in the files inputs
- Resolves:rhbz#2115886 : network - fix IPRouteUtils.get_route_tables_mapping() to accept any whitespace sequence
- Resolves:rhbz#2115157 : selinux - Added setting of seuser and selevel for completeness
- Resolves:rhbz#2115156 : nbde_client - Sets proper spacing for parameter rd.neednet=1
- Resolves:rhbz#2109998 : ssh sshd - ssh, sshd: RSAMinSize parameter definition is missing
- Resolves:rhbz#2082736 : storage - [RHEL9] [WARNING]: The loop variable 'storage_test_volume' is already in use. You should set the `loop_var` value in the `loop_control` option for the task to something else to avoid variable collisions and unexpected behavior.
* Fri Jul 01 2022 Rich Megginson <rmeggins@redhat.com> - 1.19.3-1
- min_ansible_version is string instead of float
- fix storage test failures
- support for ansible-core 2.13
- crypto_policies - rhel 8.7 default policy is FUTURE not DEFAULT
Resolves: rhbz#2100251
- firewall - forward_port should accept list of string or list of dict
Resolves: rhbz#2100605
- firewall - support add/modify/delete services
Resolves: rhbz#2100292
- metrics - document minimum supported redis version required by rhel-system-roles
Resolves: rhbz#2100286
- metrics - restart pmie, pmlogger if changed, do not wait for handler
Resolves: rhbz#2100294
- network - Support managing the network through nmstate schema
Resolves: rhbz#2072385
- storage - _storage_test_pool_pvs get wrong data type in test-verify-pool-members.yml
Resolves: rhbz#2044119
- storage - support for adding/removing disks to/from storage pools
Resolves: rhbz#2072742
- storage - support for attaching cache volumes to existing volumes
Resolves: rhbz#2072746
* Wed Jun 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.19.2-1
- sshd - fix ansible 2.9 support in meta/main.yml
Resolves: rhbz#2052086 (9.1.0)
* Mon Jun 13 2022 Rich Megginson <rmeggins@redhat.com> - 1.19.1-1
- storage - fix coverity scan issue in blivet.py
Resolves: rhbz#2072745 (9.1.0)
- logging - fix gather_facts/set_vars issue
Resolves: rhbz#2078989 (9.1.0)
- ha_cluster - Move tasks that set up CI environment to roles tasks/ dir
Resolves: rhbz#2093438 (9.1.0)
- sshd - fix tests issue with rhel9 hosts
* Mon Jun 06 2022 Rich Megginson <rmeggins@redhat.com> - 1.19.0-1
- storage - support for creating and managing LVM thin pools/LVs
Resolves: rhbz#2072745 (9.1.0)
- firewall - Update Ansible syntax in Firewall system role README.md file examples
Resolves: rhbz#2094096 (9.1.0)
- storage role raid_level "striped" is not supported
Resolves: rhbz#2083410 (9.1.0)
- network: the controller device is not completely cleaned up in the bond tests.
Resolves: rhbz#2089872 (9.1.0)
- firewall - state no longer required for masquerade and ICMP block inversion
Resolves: rhbz#2093423 (9.1.0)
- ha_cluster - Move tasks that set up CI environment to roles tasks/ dir
Resolves: rhbz#2093438 (9.1.0)
* Mon May 02 2022 Rich Megginson <rmeggins@redhat.com> - 1.18.0-1
- firewall - [Improvement] Allow System Role to reset to default Firewalld Settings
Resolves: rhbz#2043010 (9.1.0)
- metrics - [RFE] add an option to the metrics role to enable postfix metric collection
Resolves: rhbz#2051737 (9.1.0)
- network - Rework the infiniband support
Resolves: rhbz#2086965 (9.1.0)
- sshd - recurse into tests and examples sub-directories when replacing string in files
the sshd role latest version added sub-directories under tests that need
role name replacement - so just use find
- sshd - sshd system role should not assume that RHEL 9 /etc/ssh/sshd_config has "Include > /etc/ssh/sshd_config.d/*.conf"
Resolves: rhbz#2052081 (9.1.0)
- sshd - sshd system role should be able to optionally manage /etc/ssh/sshd_config on RHEL 9
Resolves: rhbz#2052086 (9.1.0)
- storage - storage role cannot set mount_options for volumes
Resolves: rhbz#2083376 (9.1.0)
* Mon Apr 25 2022 Rich Megginson <rmeggins@redhat.com> - 1.17.0-1
- All roles should support running with gather_facts: false
Resolves: rhbz#2078989 (9.1.0)
- firewall - Firewall system role Ansible deprecation warning related to "include"
Resolves: rhbz#2061511 (9.1.0)
- ha_cluster - ha_cluster - support advanced corosync configuration
Resolves: rhbz#2065337 (9.1.0)
- ha_cluster - ha_cluster - support SBD fencing
Resolves: rhbz#2079626 (9.1.0)
- ha_cluster - ha_cluster - add support for configuring bundle resources
Resolves: rhbz#2073519 (9.1.0)
- kernel_settings - kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves: rhbz#2060525 (9.1.0)
- logging - logging tests fail during cleanup if no cloud-init on system
Resolves: rhbz#2058799 (9.1.0)
- logging - Logging - RFE - support template, severity and facility options
Resolves: rhbz#2075119 (9.1.0)
- metrics - Metrics role, with "metrics_from_mssql" option does not configure /var/lib/pcp/pmdas/mssql/mssql.conf on first run
Resolves: rhbz#2060523 (9.1.0)
- metrics - metrics - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2065392 (9.1.0)
- metrics - [RFE] add an option to the metrics role to enable postfix metric collection
Resolves: rhbz#2051737 (9.1.0)
- nbde_client - NBDE client system role does not support servers with static IP addresses
Resolves: rhbz#2070462 (9.1.0)
- network - [RFE] Extend rhel-system-roles.network feature set to support routing rules
Resolves: rhbz#2079622 (9.1.0)
- network - bond: fix typo in supporting the infiniband ports in active-backup mode
Resolves: rhbz#2065394 (9.1.0)
- network - pytest failed when running with nm providers in the rhel-8.5 beaker machine
Resolves: rhbz#2066911 (9.1.0)
- network - network - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2065382 (9.1.0)
- postfix - postfix - consistently use ansible_managed in configuration files managed by role
Resolves: rhbz#2065393 (9.1.0)
- postfix - Postfix RHEL System Role should provide the ability to replace config and reset configuration back to default
Resolves: rhbz#2065383 (9.1.0)
- sshd - FIPS mode detection in SSHD role is wrong
Resolves: rhbz#2073605 (9.1.0)
- storage - RFE storage Less verbosity by default
Resolves: rhbz#2079627 (9.1.0)
- timesync - timesync: basic-smoke test failure in timesync/tests_ntp.yml
Resolves: rhbz#2060524 (9.1.0)
- tlog - Tlog role - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default
Resolves: rhbz#2071804 (9.1.0)
* Thu Apr 07 2022 Rich Megginson <rmeggins@redhat.com> - 1.16.3-1
- tlog - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default
Resolves rhbz#2072749 (EL8)
Resolves rhbz#2071804 (EL9)
* Wed Apr 06 2022 Sergei Petrosian <spetrosi@redhat.com> - 1.16.2-2
- Update community.general
* Thu Mar 31 2022 Rich Megginson <rmeggins@redhat.com> - 1.16.2-1
- nbde_client - NBDE client system role does not support servers with static IP addresses
previous fix did not handle some other cases
Resolves rhbz#1985022 (EL8)
Resolves rhbz#2031555 (EL9)
* Tue Mar 29 2022 Rich Megginson <rmeggins@redhat.com> - 1.16.1-1
- nbde_client - NBDE client system role does not support servers with static IP addresses
previous fix did not handle some cases
Resolves rhbz#1985022 (EL8)
Resolves rhbz#2031555 (EL9)
* Tue Mar 22 2022 Sergei Petrosian <spetrosi@redhat.com> - 1.16.0-2
- Update community.general
* Tue Mar 15 2022 Rich Megginson <rmeggins@redhat.com> - 1.16.0-1
- network - pytest failed when running with nm providers in the rhel-8.5 beaker machine
Resolves rhbz#2064396 (EL8)
Resolves rhbz#2064401 (EL9)
- network - bond: fix typo in supporting the infiniband ports in active-backup modekernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves rhbz#2064388 (EL8)
Resolves rhbz#2064391 (EL9)
- network - consistently use ansible_managed in configuration files managed by role
Resolves rhbz#2057656 (EL8)
Resolves rhbz#2057657 (EL9)
- metrics - consistently use ansible_managed in configuration files managed by role
Resolves rhbz#2057645 (EL8)
Resolves rhbz#2057647 (EL9)
- postfix - consistently use ansible_managed in configuration files managed by role
Resolves rhbz#2057661 (EL8)
Resolves rhbz#2057662 (EL9)
- postfix - provide the ability to replace config and reset configuration back to default
Resolves rhbz#2044657 (EL8)
Resolves rhbz#2058780 (EL9)
- new tags required in galaxy.yml for Automation Hub
* Thu Mar 3 2022 Rich Megginson <rmeggins@redhat.com> - 1.15.1-1
- kernel_settings error configobj not found on RHEL 8.6 managed hosts
Resolves rhbz#2058772 (EL8)
Resolves rhbz#2058756 (EL9)
- timesync: basic-smoke test failure in timesync/tests_ntp.yml
Resolves rhbz#2059293 (EL8)
Resolves rhbz#2058645 (EL9)
* Tue Mar 1 2022 Noriko Hosoi <nhosoi@redhat.com> - 1.15.0-2
- metrics - follow symlinks for the mssql and elasticsearch configuration paths
Resolves rhbz#2058655 (EL8)
Resolves rhbz#2058777 (EL9)
* Thu Feb 24 2022 Rich Megginson <rmeggins@redhat.com> - 1.15.0-1
- firewall - ensure target changes take effect immediately
Resolves rhbz#2057172 (EL8)
Resolves rhbz#2057164 (EL9)
- firewall - Firewall RHEL System Role should be able to set default zone
Resolves rhbz#2022458 (EL8)
Resolves rhbz#2022461 (EL9)
- network - tests_802_1x_nm, tests_802_1x_updated_nm fails because of missing hostapd in EPEL
Resolves rhbz#2053862 (EL8)
Resolves rhbz#2053861 (EL9)
* Mon Feb 21 2022 Rich Megginson <rmeggins@redhat.com> - 1.14.0-1
- ha_cluster - set permissions for haclient group
Resolves rhbz#2049747 (EL8)
Resolves rhbz#2049754 (EL9)
- network - Add more bonding options to rhel-system-roles.network
Resolves rhbz#2008931 (EL8)
Resolves rhbz#2054435 (EL9)
- certificate - should consistently use ansible_managed in hook scripts
Resolves rhbz#2054364 (EL8)
Resolves rhbz#2054368 (EL9)
- tlog - consistently use ansible_managed in configuration files managed by role
Resolves rhbz#2054363 (EL8)
Resolves rhbz#2054367 (EL9)
- vpn - consistently use ansible_managed in configuration files managed by role
Resolves rhbz#2054365 (EL8)
Resolves rhbz#2054369 (EL9)
* Mon Feb 14 2022 Rich Megginson <rmeggins@redhat.com> - 1.13.0-1
- storage - RFE: Add support for RAID volumes (lvm-only)
Resolves rhbz#2016514 (EL8)
Resolves rhbz#2016518 (EL9)
- storage - RFE: Add support for cached volumes (lvm-only)
Resolves rhbz#2016511 (EL8)
Resolves rhbz#2016517 (EL9)
- metrics - metrics role can't be re-run if the Grafana admin password has been changed
Resolves rhbz#1967321 (EL8)
Resolves rhbz#2041632 (EL9)
- nbde_client - NBDE client system role does not support servers with static IP addresses
Resolves rhbz#1985022 (EL8)
Resolves rhbz#2031555 (EL9)
- ha_cluster - [RFE] ha_cluster - Support for creating resource constraints (Location, Ordering, etc.)
Resolves rhbz#2041635 (EL8)
Resolves rhbz#2041634 (EL9)
- firewall - ensure zone exists and can be used in subsequent operations
Resolves rhbz#2042541 (EL8)
Resolves rhbz#2024775 (EL9)
- network - RFE: Support Routing Tables in static routes in Network Role
Resolves rhbz#2031521 (EL8)
Resolves rhbz#2049798 (EL9)
- network - Failure to activate connection: nm-manager-error-quark: No suitable device found for this connection
Resolves rhbz#2034908 (EL8)
Resolves rhbz#2038957 (EL9)
- network - Set DNS search setting only for enabled IP protocols
Resolves rhbz#2041627 (EL8)
Resolves rhbz#2004899 (EL9)
* Tue Feb 8 2022 Rich Megginson <rmeggins@redhat.com> - 1.12.1-1
- vpn - template error while templating string: no filter named 'vpn_ipaddr'
Resolves rhbz#2052103 (EL8)
Resolves rhbz#2050341 (EL9)
- kdump - Unable to start service kdump: Job for kdump.service failed because the control process exited with error code.
Resolves rhbz#2052105 (EL8)
Resolves rhbz#2050419 (EL9)
- remove collection dependencies on rhel because we vendor them in
* Thu Feb 3 2022 Rich Megginson <rmeggins@redhat.com> - 1.12.0-2
- RHEL8.6, 9 - add "Requires: ansible-core or ansible"
Resolves rhbz#2012316 (EL8)
Resolves rhbz#2012298 (EL9)
* Thu Jan 27 2022 Rich Megginson <rmeggins@redhat.com> - 1.12.0-1
- vpn - use custom vpn_ipaddr filter to make role work on RHEL 8.6 with ansible-core
this is covered by "make roles work with ansible-core on all platforms" BZ
- logging - Logging role "logging_purge_confs" option not properly working
Resolves rhbz#2040812 (EL8)
Resolves rhbz#2039106 (EL9)
- kernel_settings role should use ansible_managed in its configuration file
Resolves rhbz#2047504 (EL8)
Resolves rhbz#2047506 (EL9)
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Dec 14 2021 Rich Megginson <rmeggins@redhat.com> - 1.11.0-2
- RHEL8.6, 9 - add "Requires: ansible-core or ansible"
* Thu Dec 2 2021 Rich Megginson <rmeggins@redhat.com> - 1.11.0-1
- timesync - fix ansible 2.12 issues, service_facts issues
Resolves rhbz#2012316 (EL8)
Resolves rhbz#2012298 (EL9)
- timesync - Failure related to missing ntp/ntpd package/service on RHEL-9 host
Resolves rhbz#2029463 (EL9)
- logging - add test case for immark quoting issue
Resolves rhbz#2021678 (EL8)
Resolves rhbz#2021676 (EL9)
- cockpit - use existing cert - cockpit_cert, cockpit_private_key
Resolves rhbz#2021661 (EL8)
Resolves rhbz#2021028 (EL9)
- storage - fix ansible 2.12 issues, service_facts issues; workaround lvm, udev issues in tests
Resolves rhbz#2012316 (EL8)
Resolves rhbz#2012298 (EL9)
- ssh - tests_all_options.yml: "assertion": "'StdinNull yes' in config.content | b64decode ", failure
Resolves rhbz#2029614 (EL8)
Resolves rhbz#2029427 (EL9)
- kdump - support reboot required and reboot ok
Resolves rhbz#2029605 (EL8)
Resolves rhbz#2029602 (EL9)
- metrics - sync with latest ansible-pcp
Resolves rhbz#2012316 (EL8)
Resolves rhbz#2012298 (EL9)
- sshd - should detect FIPS mode and handle tasks correctly in FIPS mode
Resolves rhbz#1979714 (EL8)
Resolves rhbz#2029634 (EL9)
* Mon Nov 8 2021 Rich Megginson <rmeggins@redhat.com> - 1.10.0-1
- add cockpit role
Resolves rhbz#2021661 (EL8)
Resolves rhbz#2021028 (EL9)
- add firewall role
Resolves rhbz#1854988 (EL8)
Resolves rhbz#2021665 (EL9)
- firewall - add ability to add-source
Resolves rhbz#1932678 (EL8)
Resolves rhbz#2021667 (EL9)
- firewall - allow user defined zones
Resolves rhbz#1850768 (EL8)
Resolves rhbz#2021669 (EL9)
- firewall - allow specifying the zone
Resolves rhbz#1850753 (EL8)
Resolves rhbz#2021670 (EL9)
- updates for ansible 2.12 support
Resolves rhbz#2012316 (EL8)
Resolves rhbz#2012298 (EL9)
- update community.general to 4.0.1
Resolves rhbz#2006081 (EL8)
Resolves rhbz#2006076 (EL9)
- network - Allow to specify PCI address to configure profiles
Resolves rhbz#1695634 (EL8)
Resolves rhbz#1999162 (EL9)
- network - support wifi Enhanced Open (OWE)
Resolves rhbz#1993379 (EL8)
Resolves rhbz#1993377 (EL9)
- network - support WPA3 Simultaneous Authentication of Equals(SAE)
Resolves rhbz#1993311 (EL8)
Resolves rhbz#1993304 (EL9)
- network - RFE: Support ignoring default gateway retrieved by DHCP/IPv6-RA
Resolves rhbz#1897565 (EL8)
Resolves rhbz#1978773 (EL9)
- network - Update network system role to reflect that network teaming is deprecated in RHEL 9
Resolves rhbz#1897565 (EL8)
Resolves rhbz#1999770 (EL9)
- selinux - fails linit rules role-name and unnamed-task
Resolves rhbz#1974000 (EL8)
Resolves rhbz#2021675 (EL9)
- kernel_settings - ansible_managed | comment BZs:
Resolves rhbz#2006230 (EL9)
Resolves rhbz#2006231 (EL8)
Resolves rhbz#2006233 (EL7)
- logging - logging role missing quotes for immark module interval value
Resolves rhbz#2021678 (EL8)
Resolves rhbz#2021676 (EL9)
- logging - Add user and password
Resolves rhbz#2010327 (EL8)
Resolves rhbz#1990490 (EL9)
- logging - Performance improvement
Resolves rhbz#2005727 (EL8)
Resolves rhbz#2004303 (EL9)
- nbde_client - add regenerate-all to the dracut command
Resolves rhbz#2021682 (EL8)
Resolves rhbz#2021681 (EL9)
- certificate - Fix certificate permissions with "group" option
Resolves rhbz#2021683 (EL8)
Resolves rhbz#2021025 (EL9)
* Tue Oct 26 2021 Sergei Petrosian <spetrosi@redhat.com> - 1.9.0-2
- Change the PFSL license to Python because this is how PFSL is reffered to in
rpminspect-data packages in Fedora, CentOS, and RHEL
Related: rhbz#2006076
* Mon Oct 11 2021 Sergei Petrosian <spetrosi@redhat.com> - 1.9.0-1
- Support ansible-core and improve roles:
- selinux: Add support for Rocky Linux 8, fix ansible_distribution_major_version
- timesync: Support ansible-core, use ansible_managed | comment
- kdump: Support ansible-core, use ansible_managed | comment
- network: Support ansible-core; deprecate RHEL 9 in readme; validate that ipv6_disabled is conflicting with other settings; specify PCI address to configure profile - adds match and path settings)
- storage: Support ansible-core, add skip checks feature to speed up the tests
- logging: Support ansible-core, add the `uid` option for elasticsearch, improve performance, use ansible_manged | comment
Resolves: rhbz#1990490 (EL9)
- ssh: Use ansible_manged | comment
- sshd: Use ansible_managed | comment
- ha_cluster: Support ansible-core, fix password_hash salt length
- vpn: Support ansible-core, use wait_for_connection instead of wait_for with ssh
- ansible_managed | comment BZs:
Resolves: rhbz#2006230 (EL9)
Resolves: rhbz#2006231 (EL8)
Resolves: rhbz#2006233 (EL7)
- untar the collection tarballs and copy the files
- Add vendoring code for rhel / centos
- selinux: selinux, seboolean, seport, selogin, sefcontext
- storage: mount
- vpn: ipaddr
Resolves: rhbz#2006076 (EL9)
Resolves: rhbz#2006081 (EL8)
* Thu Aug 26 2021 Rich Megginson <rmeggins@redhat.com> - 1.8.3-2
- selinux - tag tests_selinux_disabled.yml with tests::avc
Resolves rhbz#1996315 (EL9)
Resolves rhbz#1996317 (EL8)
* Thu Aug 26 2021 Rich Megginson <rmeggins@redhat.com> - 1.8.3-1
- storage - revert the dm-vdo workaround fix for vdo testing
Resolves rhbz#1978488 (EL9)
Resolves rhbz#1991141 (EL8)
* Tue Aug 24 2021 Rich Megginson <rmeggins@redhat.com> - 1.8.2-1
- logging - Update the certificates copy tasks
Resolves rhbz#1996777 (EL9)
Resolves rhbz#1994580 (EL8)
* Mon Aug 16 2021 Rich Megginson <rmeggins@redhat.com> - 1.8.1-1
- metrics - the bpftrace role does not properly configure bpftrace agent
Resolves rhbz#1994180 (EL9)
Resolves rhbz#1993240 (EL8)
* Thu Aug 12 2021 Rich Megginson <rmeggins@redhat.com> - 1.8.0-1
- drop support for Ansible 2.8 - min_ansible_version is now 2.9
Resolves rhbz#1989197 (EL9)
Resolves rhbz#1989199 (EL8)
- sshd - fix rhel6 support - failed to validate: error:Missing Match criteria for all Bad Match condition
Resolves rhbz#1991598 (EL9)
Resolves rhbz#1990947 (EL8)
* Tue Aug 10 2021 Rich Megginson <rmeggins@redhat.com> - 1.7.6-1
- storage - tests_create_lvmvdo_then_remove fails - Module dm-vdo not found
Resolves rhbz#1991141 (EL8)
Resolves rhbz#1991062 (EL9)
- storage - Get syntax errors in tests_lvm_errors.yml
Resolves rhbz#1990793 (EL8)
Resolves rhbz#1991142 (EL9)
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.7.5-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Aug 06 2021 Rich Megginson <rmeggins@redhat.com> - 1.7.5-1
- logging, certificate - Instead of the archive module, use "tar" command for backup.
Resolves rhbz#1984182 (EL9)
Resolves rhbz#1987096 (EL8)
- logging - Add a support for list value to server_host in the elasticsearch output
Resolves rhbz#1986460 (EL9)
Resolves rhbz#1986463 (EL8)
- logging - tests_relp.yml; Can't detect any of the required Python libraries cryptography (>= 1.2.3) or PyOpenSSL (>= 0.6)
Resolves rhbz#1989962 (EL9)
Resolves rhbz#1990142 (EL8)
* Fri Aug 06 2021 Rich Megginson <rmeggins@redhat.com> - 1.7.4-1
- metrics - Grafana dashboard not working after metrics role run unless services manually restarted
Resolves rhbz#1984150 (EL9)
Resolves rhbz#1978357 (EL8)
* Tue Aug 03 2021 Rich Megginson <rmeggins@redhat.com> - 1.7.3-1
- storage - tag tests that use NVME and SCSI
Resolves rhbz#1989211 (EL9)
Resolves rhbz#1989638 (EL8)
* Tue Aug 03 2021 Rich Megginson <rmeggins@redhat.com> - 1.7.2-1
- sshd - support for rhel9 managed hosts
Resolves rhbz#1989221 (EL9)
Resolves rhbz#1989638 (EL8)
* Thu Jul 29 2021 Rich Megginson <rmeggins@redhat.com> - 1.7.1-1
- network - tests_provider_nm.yml fails with an error: Failure in test 'I can manage a veth interface with NM after I managed it with initscripts.
Resolves rhbz#1935919
- network - _initscripts tests fail because "No package network-scripts available."
Resolves rhbz#1935916
- network - Test tests_bond_initscripts.yml failed to create interface
Resolves rhbz#1980870
- storage - covscan error - DEADCODE - vdopool if create_vdo else parent
Resolves rhbz#1985571 (EL9)
Resolves rhbz#1985572 (EL8)
- network - network: tests_bond_initscripts.yml leaves behind unusable resolv.conf in CI
Resolves rhbz#1915017
* Wed Jul 28 2021 Rich Megginson <rmeggins@redhat.com> - 1.7.0-1
- network - Skip tests on RHEL9 that use hostapd
Resolves rhbz#1945348
- network - Fix the bond test on DHCP
Resolves rhbz#1918252
- certificate, logging - Use 'tar' command instead of archive module
Resolves rhbz#1984182 (EL9)
Resolves rhbz#1987096 (EL8)
- kernel_settings - Disable bootloader testing on EL9
Resolves rhbz#1944599
- logging - Add a support for list value to server_host in the elasticsearch output
Resolves rhbz#1986460 (EL9)
Resolves rhbz#1986463 (EL8)
- storage - Add support for percentage-based volume sizes
Resolves rhbz#1984583 (EL9)
Resolves rhbz#1894642 (EL8)
- storage -storage_test_actual_size != storage_test_requested_size observed with tests_lvm_auto_size_cap.yml
Resolves rhbz#1986284 (EL8)
* Fri Jul 23 2021 Rich Megginson <rmeggins@redhat.com> - 1.6.1-1
- Error: device becoming unmanaged and pytest not reproducible in tests_integration_pytest.yml
Resolves rhbz#1985382 (EL9)
Resolves rhbz#1932699 (EL8)
- EPEL yum repository configuration for tests
Rebasing to latest picks up this fix - see rhel7 bz1980439
- connections: workaround DeprecationWarning for NM.SettingEthtool.set_feature()
Rebasing to latest picks up this fix
* Thu Jul 15 2021 Rich Megginson <rmeggins@redhat.com> - 1.6.0-1
- ha_cluster - add pacemaker cluster properties configuration
Resolves rhbz#1982913 (EL8)
Resolves rhbz#1982906 (EL9)
* Thu Jul 15 2021 Rich Megginson <rmeggins@redhat.com> - 1.5.0-1
- crypto_policies - rename 'policy modules' to 'subpolicies'
Resolves rhbz#1982896 (EL9)
Resolves rhbz#1982897 (EL8)
* Thu Jul 15 2021 Rich Megginson <rmeggins@redhat.com> - 1.4.2-1
- storage - relabel doesn't support - Fixed volume relabeling
Resolves rhbz#1876315 (EL8)
Resolves rhbz#1982841 (EL9)
* Fri Jul 9 2021 Rich Megginson <rmeggins@redhat.com> - 1.4.1-1
- network - Re-running the network system role results in "changed: true" when nothing has actually changed
Resolves rhbz#1980871
- network - Test tests_bond_initscripts.yml failed to create interface
Resolves rhbz#1980870
* Thu Jul 8 2021 Rich Megginson <rmeggins@redhat.com> - 1.4.0-1
- storage - LVMVDO support
Resolves rhbz#1882475
Resolves rhbz#1978488
* Wed Jun 23 2021 Rich Megginson <rmeggins@redhat.com> - 1.3.0-1
- ha_cluster - add pacemaker resources configuration
Resolves rhbz#1978726
- ha_cluster - code cleanup
Resolves rhbz#1978731
- Postfix RHEL system role README.md missing variables under the "Role Variables" section
Resolves rhbz#1978734
- logging README.html examples are rendered incorrectly
Resolves rhbz#1978758
- make postfix role idempotent - round 2
Resolves rhbz#1978760
- selinux task for semanage says Fedora in name but also runs on RHEL/CentOS 8
Resolves rhbz#1978740
- metrics role task to enable logging for targeted hosts not working
Resolves rhbz#1978746
- network - Only show stderr_lines by default
Resolves rhbz#1978731
- storage - LVMVDO support
Resolves rhbz#1978488
- storage - fix several linter issues
Resolves rhbz#1978731
- ssh - Fix variable precedence when invoked through roles
Resolves rhbz#1978745
- ssh - Update configuration options list for OpenSSH 8.6
Resolves rhbz#1978731
- sshd - Fix variable precedence when invoked through roles
Resolves rhbz#1978745
- sshd - Update configuration options list for OpenSSH 8.6
Resolves rhbz#1978731
- sshd - support for appending a snippet to configuration file
Resolves rhbz#1978752
- timesync - add NTS support
Resolves rhbz#1978753
- timesync - rebase to latest
Resolves rhbz#1978731
- nbde_client - rebase to latest
Resolves rhbz#1978731
* Thu Jun 17 2021 Sergei Petrosian <spetrosi@redhat.com> - 1.2.3-3
- Make the ansible_collection_files macro defined in Fedora automatically and
in RHEL manually consistent - having slash at the end to clean double-slashes
* Wed Jun 16 2021 Sergei Petrosian <spetrosi@redhat.com> - 1.2.3-2
- Remove slash (/) from the end of URLs to improve code readability
* Wed Jun 16 2021 Noriko Hosoi <nhosoi@redhat.com> - 1.2.3-1
- Add EL 9 support for timesync and network
Resolves rhbz#1952887
* Tue Jun 15 2021 Rich Megginson <rmeggins@redhat.com> - 1.2.2-3
- Fix HTML rendering of internal links when using pandoc/asciidoc
- Uses pandoc gfm instead of markdown_github
Resolves rhbz#1962976
* Fri Jun 11 2021 Noriko Hosoi <nhosoi@redhat.com> - 1.2.2-2
- Make spec file available for older versions of OSes.
- Drop python3-six dependency which was used by lsr_role2collection.py.
- Drop html files from rpm if the version has no markdown parser.
- Drop unnecessary python scripts which include python3 only code, e.g.,
f-strings.
Resolves rhbz#1970165
* Wed Jun 9 2021 Rich Megginson <rmeggins@redhat.com> - 1.2.2-1
- fix kdump tests_ssh for basic smoke test
Resolves rhbz#1957876
* Fri May 21 2021 Noriko Hosoi <nhosoi@redhat.com> - 1.2.1-1
- fix logging README.html examples' rendering problems
Resolves rhbz#1962374
- fix broken internal links in README.md files
Resolves rhbz#1962976
* Fri May 21 2021 Sergei Petrosian <spetrosi@redhat.com> - 1.2.0-2
- Add BuildRequires: rubygem-kramdown for Fedora and RHEL >= 9
* Fri May 14 2021 Rich Megginson <rmeggins@redhat.com> - 1.2.0-1
- rebase roles to latest upstream
Resolves rhbz#1957876
- make postfix role idempotent
Resolves rhbz#1960375
- use FQRN in postfix README
Resolves rhbz#1958963
- use relayhost in postfix README
Resolves rhbz#1866544
- use lazy unmount to fix umount: target is busy
Resolves rhbz#1945359
- network - Add support for ETHTOOL Ring option
Resolves rhbz#1959649
- storage: calltrace observed when set type: partition for storage_pools
Resolves rhbz#1854187
- ha_cluster - cannot read preshared key in binary format
Resolves rhbz#1952620
* Thu May 13 2021 Noriko Hosoi <nhosoi@redhat.com> - 1.1.0-2
- Dependencies in the collection packaging
Resolves rhbz#1954747
* Wed Apr 14 2021 Rich Megginson <rmeggins@redhat.com> - 1.1.0-1
- rebase timesync role to latest upstream
Resolves rhbz#1937938
- timesync - add timesync_chrony_custom_settings variable for free-form
local configs
Resolves rhbz#1938023
- do not use ignore_errors in timesync role
Resolves rhbz#1938014
- support for timesync_max_distance to configure maxdistance/maxdist parameter
Resolves rhbz#1938016
- support for ntp xleave, filter, and hw timestamping
Resolves rhbz#1938020
- rebase selinux role to latest upstream
Resolves rhbz#1937938
- should not reload the SELinux policy if its not changed
Resolves rhbz#1757869
- Ability to install custom SELinux module via Ansible
Resolves rhbz#1848683
- rebase storage role to latest upstream
Resolves rhbz#1937938
- rebase network role to latest upstream
Resolves rhbz#1937938
- support for ipv6_disabled to disable ipv6 for address
Resolves rhbz#1939711
- rebase postfix role to latest upstream
Resolves rhbz#1937938
- rebase metrics role to latest upstream
Resolves rhbz#1937938
- rebase sshd role to latest upstream
Resolves rhbz#1937938
- rebase remaining roles to latest upstream
Resolves rhbz#1937938
- Generate %%files dynamically
- add vpn role
Resolves rhbz#1943679
* Tue Apr 13 2021 Noriko Hosoi <nhosoi@redhat.com> - 1.0.1-2
- Adding the -collection-artifact subpackage, enabled using
"--with collection_artifact". It is used for importing to
ansible galaxy/automation hub.
- README.html files (main README for the collection and README
for each role) are not located in /usr/share/ansible/collections,
but just put in /usr/share/doc/linux-system-roles/collection in rpm.
- The README.html files are not included in the collection artifact.
- Fixing "sshd role README.md examples use incorrect role name".
* Tue Apr 6 2021 Pavel Cahyna <pcahyna@redhat.com> - 1.0.1-1
- Sync with RHEL version 1.0.1-1.el8
Fix description field in galaxy.yml
Remove "Technology Preview" from Collection README
Merging individual ignore file and add it to the package
Add a note to each module Doc to indicate it is private
Add patches for network and storage role ansible-test fixes
Simplify doc tags in %%files, corrects a forgotten doc tag for ha_cluster
Suppress one ansible-lint warning in ha_cluster
Add patch for the inclusive language leftover on network-role README.md
* Mon Feb 22 2021 Pavel Cahyna <pcahyna@redhat.com> - 1.0.0-16
- Sync with RHEL version 1.0.0-31
Rebase certificate role to pick up a test fix
Rebase logging role to fix default private key path,
upstream PR #218
Update collection doc transformation to match a modified text
and include the Tech Preview note again (for RHEL)
* Fri Feb 19 2021 Pavel Cahyna <pcahyna@redhat.com> - 1.0.0-15
- Sync with RHEL version 1.0.0-29
Added roles: ssh, ha_cluster
Updated roles: certificate, kernel_settings, nbde_client,
logging, network
Improvements to collection build and metadata
- Two further improvements from RHEL:
Corrected merge botch in files list - make ssh README a docfile
Dynamically update galaxy.yml with our metadata even on Fedora,
we can't rely on correct version number in auto-maintenance
* Tue Feb 9 2021 Pavel Cahyna <pcahyna@redhat.com> - 1.0.0-14
- Synchronize with RHEL, new roles added:
storage, metrics, tlog, kernel_settings, logging, nbde_server,
nbde_client, certificate, crypto_policies, sshd, and the
fedora.linux_system_roles collection.
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Dec 05 2018 Till Maas <opensource@till.name> - 1.0-8
- Install roles at /usr/share/linux-system-roles, use symlinks in
/usr/share/ansible/roles/ to allow using alternatives
* Wed Nov 14 2018 Mike DePaulo <mikedep333@gmail.com> - 1.0-7
- spec file improvement: Remove unnecessary %%doc for files under _pkgdocdor
- Install license files under /usr/share/licenses instead of /usr/share/doc
* Tue Nov 06 2018 Mike DePaulo <mikedep333@gmail.com> - 1.0-7
- Fix rpm build for added example timesync example playbooks
- Misc spec file comments fixes
- Fix rpmlint error by escaping a previous changelog entry with a macro
- Comply with Fedora guidelines by always using "cp -p" in %%install
- Update %%description to be different for Fedora.
* Wed Oct 24 2018 Pavel Cahyna <pcahyna@redhat.com> - 1.0-7
- Update to latest versions of selinux, kdump and timesync.
- Update to the latest revision of postfix, fixes README markup
- Add Obsoletes for the -techpreview subpackage introduced mistakenly in 1.0-1
- spec file improvement: Unify the source macros with deftag() and defcommit()
* Tue Oct 23 2018 Till Maas <opensource@till.name> - 1.0-6
- Update Network system role to latest commit to include Fedora 29 fixes
- Update example timesync example playbooks
- Add comments about upstream status
* Tue Aug 14 2018 Pavel Cahyna <pcahyna@redhat.com> - 1.0-4
- Format the READMEs as html, by vdolezal, with changes to use highlight
(source-highlight does not understand YAML)
* Thu Aug 9 2018 Pavel Cahyna <pcahyna@redhat.com> - 1.0-3
- Rebase the network role to the last revision (d866422).
Many improvements to tests, introduces autodetection of the current provider
and defaults to using profile name as interface name.
- Rebase the selinux, timesync and kdump roles to their 1.0rc1 versions.
Many changes to the role interfaces to make them more consistent
and conforming to Ansible best practices.
- Update the description.
* Fri May 11 2018 Pavel Cahyna <pcahyna@redhat.com> - 0.6-4
- Fix complaints about /usr/bin/python during RPM build by making the affected scripts non-exec
- Fix merge botch
* Mon Mar 19 2018 Troy Dawson <tdawson@redhat.com> - 0.6-3.1
- Use -a (after cd) instead of -b (before cd) in %%setup
* Wed Mar 14 2018 Pavel Cahyna <pcahyna@redhat.com> - 0.6-3
- Minor corrections of the previous change by Till Maas.
* Fri Mar 9 2018 Pavel Cahyna <pcahyna@redhat.com> - 0.6-2
- Document network role options: static routes, ethernet, dns
Upstream PR#36, bz1550128, documents bz1487747 and bz1478576
* Tue Jan 30 2018 Pavel Cahyna <pcahyna@redhat.com> - 0.6-1
- Drop hard dependency on ansible (#1525655), patch from Yaakov Selkowitz
- Update the network role to version 0.4, solves bz#1487747, bz#1478576
* Tue Dec 19 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.5-3
- kdump: fix the wrong conditional for ssh checking and improve test (PR#10)
* Tue Nov 07 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.5-2
- kdump: add ssh support. upstream PR#9, rhbz1478707
* Tue Oct 03 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.5-1
- SELinux: fix policy reload when SELinux is disabled on CentOS/RHEL 6
(bz#1493574)
- network: update to b856c7481bf5274d419f71fb62029ea0044b3ec1 :
makes the network role idempotent (bz#1476053) and fixes manual
network provider selection (bz#1485074).
* Mon Aug 28 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.4-1
- network: update to b9b6f0a7969e400d8d6ba0ac97f69593aa1e8fa5:
ensure that state:absent followed by state:up works (bz#1478910), and change
the example IP adresses to the IANA-assigned ones.
- SELinux: fix the case when SELinux is disabled (bz#1479546).
* Tue Aug 8 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.3-2
- We can't change directories to symlinks (rpm bug #447156) so keep the old
names and create the new names as symlinks.
* Tue Aug 8 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.3-1
- Change the prefix to linux-system-roles., keeping compatibility
symlinks.
- Update the network role to dace7654feb7b5629ded0734c598e087c2713265:
adds InfiniBand support and other fixes.
- Drop a patch included upstream.
* Mon Jun 26 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.2-2
- Leave a copy of README and COPYING in every role's directory, as suggested by T. Bowling.
- Move the network example inventory to the documentation directory together.
with the example playbooks and delete the now empty "examples" directory.
- Use proper reserved (by RFC 7042) MAC addresses in the network examples.
* Tue Jun 6 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.2-1
- Update the networking role to version 0.2 (#1459203)
- Version every role and the package separately. They live in separate repos
and upstream release tags are not coordinated.
* Mon May 22 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.1-2
- Prefix the roles in examples and documentation with rhel-system-roles.
* Thu May 18 2017 Pavel Cahyna <pcahyna@redhat.com> - 0.1-1
- Update to 0.1 (first upstream release).
- Remove the tuned role, it is not ready yet.
- Move the example playbooks to /usr/share/doc/rhel-system-roles/$SUBSYSTEM
directly to get rid of an extra directory.
- Depend on ansible.
* Thu May 4 2017 Pavel Cahyna <pcahyna@redhat.com> - 0-0.1.20170504
- Initial release.
- kdump r. fe8bb81966b60fa8979f3816a12b0c7120d71140
- postfix r. 43eec5668425d295dce3801216c19b1916df1f9b
- selinux r. 1e4a21f929455e5e76dda0b12867abaa63795ae7
- timesync r. 33a1a8c349de10d6281ed83d4c791e9177d7a141
- tuned r. 2e8bb068b9815bc84287e9b6dc6177295ffdf38b
- network r. 03ff040df78a14409a0d89eba1235b8f3e50a750
Reference in New Issue View Git Blame Copy Permalink