diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index 7c7ec26..cc2d866 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -37,7 +37,7 @@ variables: resources: containers: - container: default - image: quay.io/ansible/azure-pipelines-test-container:6.0.0 + image: quay.io/ansible/azure-pipelines-test-container:7.0.0 pool: Standard @@ -57,8 +57,23 @@ stages: test: units - name: Lint test: lint + - stage: Sanity_2_19 + displayName: Ansible 2.19 sanitay & Units & Lint + dependsOn: [] + jobs: + - template: templates/matrix.yml + parameters: + nameFormat: "{0}" + testFormat: 2.19/{0} + targets: + - name: Sanity + test: sanity + - name: Units + test: units + - name: Lint + test: lint - stage: Sanity_2_18 - displayName: Ansible 2.18 sanity + displayName: Ansible 2.18 sanity & Units & Lint dependsOn: [] jobs: - template: templates/matrix.yml @@ -73,7 +88,7 @@ stages: - name: Lint test: lint - stage: Sanity_2_17 - displayName: Ansible 2.17 sanity + displayName: Ansible 2.17 sanity & Units & Lint dependsOn: [] jobs: - template: templates/matrix.yml @@ -88,7 +103,7 @@ stages: - name: Lint test: lint - stage: Sanity_2_16 - displayName: Ansible 2.16 sanity + displayName: Ansible 2.16 sanity & Units & Lint dependsOn: [] jobs: - template: templates/matrix.yml @@ -100,19 +115,6 @@ stages: test: sanity - name: Units test: units - - stage: Sanity_2_15 - displayName: Ansible 2.15 sanity - dependsOn: [] - jobs: - - template: templates/matrix.yml - parameters: - nameFormat: "{0}" - testFormat: 2.15/{0} - targets: - - name: Sanity - test: sanity - - name: Units - test: units ## Docker - stage: Docker_devel displayName: Docker devel @@ -122,14 +124,28 @@ stages: parameters: testFormat: devel/linux/{0}/1 targets: - - name: Fedora 40 - test: fedora40 + - name: Fedora 42 + test: fedora42 + - name: Ubuntu 22.04 + test: ubuntu2204 + - name: Ubuntu 24.04 + test: ubuntu2404 + - stage: Docker_2_19 + displayName: Docker 2.19 + dependsOn: [] + jobs: + - template: templates/matrix.yml + parameters: + testFormat: 2.19/linux/{0}/1 + targets: + - name: Fedora 41 + test: fedora41 - name: Ubuntu 22.04 test: ubuntu2204 - name: Ubuntu 24.04 test: ubuntu2404 - stage: Docker_2_18 - displayName: Docker devel + displayName: Docker 2.18 dependsOn: [] jobs: - template: templates/matrix.yml @@ -152,8 +168,6 @@ stages: targets: - name: Fedora 39 test: fedora39 - - name: Ubuntu 20.04 - test: ubuntu2004 - name: Ubuntu 22.04 test: ubuntu2204 - stage: Docker_2_16 @@ -168,27 +182,6 @@ stages: test: centos7 - name: Fedora 38 test: fedora38 - - name: Ubuntu 20.04 - test: ubuntu2004 - - name: Ubuntu 22.04 - test: ubuntu2204 - - - stage: Docker_2_15 - displayName: Docker 2.15 - dependsOn: [] - jobs: - - template: templates/matrix.yml - parameters: - testFormat: 2.15/linux/{0}/1 - targets: - - name: CentOS 7 - test: centos7 - - name: Fedora 37 - test: fedora37 - - name: openSUSE 15 py3 - test: opensuse15 - - name: Ubuntu 20.04 - test: ubuntu2004 - name: Ubuntu 22.04 test: ubuntu2204 @@ -201,12 +194,32 @@ stages: parameters: testFormat: devel/{0}/1 targets: - - name: RHEL 9.4 - test: rhel/9.4 - - name: FreeBSD 13.3 - test: freebsd/13.3 + - name: RHEL 10.0 + test: rhel/10.0 + - name: RHEL 9.6 + test: rhel/9.6 + - name: FreeBSD 14.3 + test: freebsd/14.3 + - name: FreeBSD 13.5 + test: freebsd/13.5 + - stage: Remote_2_19 + displayName: Remote 2.19 + dependsOn: [] + jobs: + - template: templates/matrix.yml + parameters: + testFormat: 2.19/{0}/1 + targets: + - name: RHEL 10.0 + test: rhel/10.0 + - name: RHEL 9.5 + test: rhel/9.5 + - name: FreeBSD 14.2 + test: freebsd/14.2 + - name: FreeBSD 13.5 + test: freebsd/13.5 - stage: Remote_2_18 - displayName: Remote devel + displayName: Remote 2.18 dependsOn: [] jobs: - template: templates/matrix.yml @@ -215,8 +228,8 @@ stages: targets: - name: RHEL 9.4 test: rhel/9.4 - - name: FreeBSD 13.3 - test: freebsd/13.3 + - name: FreeBSD 13.5 + test: freebsd/13.5 - stage: Remote_2_17 displayName: Remote 2.17 dependsOn: [] @@ -227,8 +240,8 @@ stages: targets: - name: RHEL 9.3 test: rhel/9.3 - - name: FreeBSD 13.3 - test: freebsd/13.3 + - name: FreeBSD 13.5 + test: freebsd/13.5 - stage: Remote_2_16 displayName: Remote 2.16 dependsOn: [] @@ -241,34 +254,12 @@ stages: test: rhel/8.8 - name: RHEL 9.2 test: rhel/9.2 - - name: FreeBSD 13.2 - test: freebsd/13.2 - - - stage: Remote_2_15 - displayName: Remote 2.15 - dependsOn: [] - jobs: - - template: templates/matrix.yml - parameters: - testFormat: 2.15/{0}/1 - targets: - - name: RHEL 7.9 - test: rhel/7.9 - - name: RHEL 8.7 - test: rhel/8.7 - - name: RHEL 9.1 - test: rhel/9.1 - - name: FreeBSD 13.2 - test: freebsd/13.2 ## Finally - stage: Summary condition: succeededOrFailed() dependsOn: - - Sanity_2_15 - - Remote_2_15 - - Docker_2_15 - Sanity_2_16 - Remote_2_16 - Docker_2_16 @@ -278,8 +269,11 @@ stages: - Sanity_2_18 - Remote_2_18 - Docker_2_18 + - Sanity_2_19 + - Remote_2_19 + - Docker_2_19 - Sanity_devel - # - Remote_devel # Wait for test environment release - # - Docker_devel # Wait for test environment release + - Remote_devel + - Docker_devel jobs: - template: templates/coverage.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 8a844cc..75def47 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,74 @@ ansible.posix Release Notes .. contents:: Topics +v2.0.0 +====== + +Release Summary +--------------- + +This is the major release of the ``ansible.posix`` collection. +This changelog contains all changes to the modules and plugins +in this collection that have been added after the release of +``ansible.posix`` 1.6.2 + +Minor Changes +------------- + +- authorized_keys - allow using absolute path to a file as a SSH key(s) source (https://github.com/ansible-collections/ansible.posix/pull/568) +- callback plugins - Add recap information to timer, profile_roles and profile_tasks callback outputs (https://github.com/ansible-collections/ansible.posix/pull/387). + +Breaking Changes / Porting Guide +-------------------------------- + +- firewalld - Changed the type of forward and masquerade options from str to bool (https://github.com/ansible-collections/ansible.posix/issues/582). +- firewalld - Changed the type of icmp_block_inversion option from str to bool (https://github.com/ansible-collections/ansible.posix/issues/586). + +Removed Features (previously deprecated) +---------------------------------------- + +- skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350). + +Bugfixes +-------- + +- acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240). +- mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364). +- mount - If a comment is appended to a fstab entry, state present creates a double-entry (https://github.com/ansible-collections/ansible.posix/issues/595). + +v1.6.2 +====== + +Release Summary +--------------- + +This is the bugfix release of the stable version ``ansible.posix`` collection. +This changelog contains all changes to the modules and plugins +in this collection that have been added after the release of +``ansible.posix`` 1.6.1. + +Bugfixes +-------- + +- backport - Drop ansible-core 2.14 and set 2.15 minimum version (https://github.com/ansible-collections/ansible.posix/issues/578). + +v1.6.1 +====== + +Release Summary +--------------- + +This is the bugfix release of the stable version ``ansible.posix`` collection. +This changelog contains all changes to the modules and plugins +in this collection that have been added after the release of +``ansible.posix`` 1.6.1. + +Bugfixes +-------- + +- acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240). +- mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364). +- skippy - Revert removal of skippy plugin. It will be removed in version 2.0.0 (https://github.com/ansible-collections/ansible.posix/issues/573). v1.6.0 ====== diff --git a/README.md b/README.md index ddbbb1b..189b69c 100644 --- a/README.md +++ b/README.md @@ -4,9 +4,6 @@ https://dev.azure.com/ansible/ansible.posix/_apis/build/status/CI?branchName=main)](https://dev.azure.com/ansible/ansible.posix/_build?definitionId=26) [![Run Status](https://api.shippable.com/projects/5e669aaf8b17a60007e4d18d/badge?branch=main)]() - -An Ansible Collection of modules and plugins that target POSIX UNIX/Linux and derivative Operating Systems. - ## Communication * Join the Ansible forum: @@ -14,88 +11,102 @@ An Ansible Collection of modules and plugins that target POSIX UNIX/Linux and de * [Social Spaces](https://forum.ansible.com/c/chat/4): gather and interact with fellow enthusiasts. * [News & Announcements](https://forum.ansible.com/c/news/5): track project-wide announcements including social events. -* The Ansible [Bullhorn newsletter](https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn): used to announce releases and important changes. +## Description -For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/ansible/devel/community/communication.html). + +An Ansible Collection of modules and plugins that target POSIX UNIX/Linux and derivative Operating Systems. -## Supported Versions of Ansible - -## Ansible version compatibility +## Requirements -This collection has been tested against following Ansible versions: **>=2.15**. - +* Python: + * The Python interpreter version must meet Ansible Core's requirements. +* Ansible Core: + - ansible-core 2.16 or later -## Included content -Check out [Ansible Galaxy](https://galaxy.ansible.com/ui/repo/published/ansible/posix/content/) or [the Ansible documentation](https://docs.ansible.com/ansible/devel/collections/ansible/posix/) for all modules and plugins included in this collection. +## Installation -## Installing this collection +Before using this collection, you need to install it with the Ansible Galaxy command-line tool: -You can install the ``ansible.posix`` collection with the Ansible Galaxy CLI: +```shell +ansible-galaxy collection install ansible.posix +``` - ansible-galaxy collection install ansible.posix +You can also include it in a requirements.yml file and install it with ansible-galaxy collection install -r requirements.yml, using the format: -You can also include it in a `requirements.yml` file and install it with `ansible-galaxy collection install -r requirements.yml`, using the format: ```yaml ---- collections: - name: ansible.posix ``` -## Using this collection +Note that if you install any collections from Ansible Galaxy, they will not be upgraded automatically when you upgrade the Ansible package. +To upgrade the collection to the latest available version, run the following command: - +```shell +ansible-galaxy collection install ansible.posix --upgrade +``` -See [Ansible Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details. +You can also install a specific version of the collection, for example, if you need to downgrade when something is broken in the latest version (please report an issue in this repository). Use the following syntax to install version 2.0.0: -## Contributing to this collection +```shell +ansible-galaxy collection install ansible.posix:==2.0.0 +``` - +See [using Ansible collections](https://docs.ansible.com/ansible/devel/user_guide/collections_using.html) for more details. -We welcome community contributions to this collection. See [Contributing to Ansible-maintained collections](https://docs.ansible.com/ansible/devel/community/contributing_maintained_collections.html#contributing-maintained-collections) for complete details. +* The Ansible [Bullhorn newsletter](https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn): used to announce releases and important changes. + +For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/ansible/devel/community/communication.html). + +## Use Cases + +You can see the general use-cases as an example by `ansible-doc` command like below. + +For example, ansible.posix.firewalld module: +```shell +ansible-doc ansible.posix.firewalld +``` + +Also, if you want to confirm the plugins descriptions, you can follow the following option with `ansible-doc` command: + +For example, ansible.posix.profile_tasks callback plugin: +```shell +ansible-doc -t callback ansible.posix.profile_tasks +``` + +## Testing + +The following ansible-core versions have been tested with this collection: + +- ansible-core 2.20 (devel) +- ansible-core 2.19 (stable) * +- ansible-core 2.18 (stable) +- ansible-core 2.17 (stable) + +## Contributing + +We welcome community contributions to this collection. For more details, see [Contributing to Ansible-maintained collections](https://docs.ansible.com/ansible/devel/community/contributing_maintained_collections.html#contributing-maintained-collections) for complete details. * [Issues](https://github.com/ansible-collections/ansible.posix/issues) * [Pull Requests](https://github.com/ansible-collections/ansible.posix/pulls) * [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html) -### Code of Conduct -This collection follows the Ansible project's -[Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html). -Please read and familiarize yourself with this document. -## Release notes +## Support + +See [Communication](#Communication) section. + +## Release Notes and Roadmap + See [changelog](https://github.com/ansible-collections/ansible.posix/blob/main/CHANGELOG.rst) for more details. -## External requirements +## Related Information -None +This document was written using the following [template](https://access.redhat.com/articles/7068606). -## Tested with Ansible +The README has been carefully prepared to cover the [community template](https://github.com/ansible-collections/collection_template/blob/main/README.md), but if you find any problems, please file a [documentation issue](https://github.com/ansible-collections/ansible.posix/issues/new?assignees=&labels=&projects=&template=documentation_report.md). - - -- ansible-core 2.19 (devel) -- ansible-core 2.18 (stable) * -- ansible-core 2.17 (stable) -- ansible-core 2.16 (stable) -- ansible-core 2.15 (stable) - -*Note: For ansible-core 2.18, CI only covers sanity tests and no integration tests will be run until the test environment is released.* - -## Roadmap - - - -## More information - - - -- [Ansible Collection overview](https://github.com/ansible-collections/overview) -- [Ansible User guide](https://docs.ansible.com/ansible/latest/user_guide/index.html) -- [Ansible Developer guide](https://docs.ansible.com/ansible/latest/dev_guide/index.html) -- [Ansible Community code of conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html) - -## Licensing +## License Information GNU General Public License v3.0 or later. diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 70ee8c8..2fbc83f 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -405,3 +405,88 @@ releases: - dropping-ansible29.yml - test-reqs.yml release_date: '2024-09-11' + 1.6.1: + changes: + bugfixes: + - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240). + - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364). + - skippy - Revert removal of skippy plugin. It will be removed in version 2.0.0 + (https://github.com/ansible-collections/ansible.posix/issues/573). + release_summary: 'This is the bugfix release of the stable version ``ansible.posix`` + collection. + + This changelog contains all changes to the modules and plugins + + in this collection that have been added after the release of + + ``ansible.posix`` 1.6.1.' + fragments: + - 1.6.1.yml + - 365-boot-linux.yml + - 566_bump_version_161.yml + - 567_remove_version_added.yml + - 570_nfs4_acl.yml + - 571_ci_bump_core_version.yml + - 572_revert_removal_of_skippy.yml + release_date: '2024-10-11' + 1.6.2: + changes: + bugfixes: + - backport - Drop ansible-core 2.14 and set 2.15 minimum version (https://github.com/ansible-collections/ansible.posix/issues/578). + release_summary: 'This is the bugfix release of the stable version ``ansible.posix`` + collection. + + This changelog contains all changes to the modules and plugins + + in this collection that have been added after the release of + + ``ansible.posix`` 1.6.1.' + fragments: + - 1.6.2.yml + - 580_drop_ansible214.yml + release_date: '2024-10-22' + 2.0.0: + changes: + breaking_changes: + - firewalld - Changed the type of forward and masquerade options from str to + bool (https://github.com/ansible-collections/ansible.posix/issues/582). + - firewalld - Changed the type of icmp_block_inversion option from str to bool + (https://github.com/ansible-collections/ansible.posix/issues/586). + bugfixes: + - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240). + - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364). + - mount - If a comment is appended to a fstab entry, state present creates a + double-entry (https://github.com/ansible-collections/ansible.posix/issues/595). + minor_changes: + - authorized_keys - allow using absolute path to a file as a SSH key(s) source + (https://github.com/ansible-collections/ansible.posix/pull/568) + - callback plugins - Add recap information to timer, profile_roles and profile_tasks + callback outputs (https://github.com/ansible-collections/ansible.posix/pull/387). + release_summary: 'This is the major release of the ``ansible.posix`` collection. + + This changelog contains all changes to the modules and plugins + + in this collection that have been added after the release of + + ``ansible.posix`` 1.6.2' + removed_features: + - skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350). + fragments: + - 2.0.0.yml + - 365-boot-linux.yml + - 387_callback_output_header.yml + - 556_remove_skippy_callback.yml + - 566_bump_version_161.yml + - 567_remove_version_added.yml + - 568_update_authorized_key.yml + - 570_nfs4_acl.yml + - 571_ci_bump_core_version.yml + - 576_bump_version_2.yml + - 581_ci_selinux.yml + - 584_firewalld_opt_type.yml + - 587_update_README.yml + - 588_ci_enable_devel.yml + - 593_replace_freebsd_version.yml + - 597_remove_fstab_comment_on_updating.yml + - 598_icmp_block_inversion.yml + release_date: '2024-12-04' diff --git a/changelogs/fragments/365-boot-linux.yml b/changelogs/fragments/365-boot-linux.yml deleted file mode 100644 index ec88776..0000000 --- a/changelogs/fragments/365-boot-linux.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364). diff --git a/changelogs/fragments/387_callback_output_header.yml b/changelogs/fragments/387_callback_output_header.yml deleted file mode 100644 index 5eb8573..0000000 --- a/changelogs/fragments/387_callback_output_header.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: - - callback plugins - Add recap information to timer, profile_roles and profile_tasks callback outputs (https://github.com/ansible-collections/ansible.posix/pull/387). diff --git a/changelogs/fragments/566_bump_version_161.yml b/changelogs/fragments/566_bump_version_161.yml deleted file mode 100644 index 18bb513..0000000 --- a/changelogs/fragments/566_bump_version_161.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - Bump version to 1.6.1 for next release. diff --git a/changelogs/fragments/567_remove_version_added.yml b/changelogs/fragments/567_remove_version_added.yml deleted file mode 100644 index 12d0040..0000000 --- a/changelogs/fragments/567_remove_version_added.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - mount - remove wrong version_added section from ``opts_no_log``. diff --git a/changelogs/fragments/568_update_authorized_key.yml b/changelogs/fragments/568_update_authorized_key.yml deleted file mode 100644 index 7efa29c..0000000 --- a/changelogs/fragments/568_update_authorized_key.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: - - authorized_keys - allow using absolute path to a file as a SSH key(s) source (https://github.com/ansible-collections/ansible.posix/pull/568) diff --git a/changelogs/fragments/570_nfs4_acl.yml b/changelogs/fragments/570_nfs4_acl.yml deleted file mode 100644 index a6a7f69..0000000 --- a/changelogs/fragments/570_nfs4_acl.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240). diff --git a/changelogs/fragments/571_ci_bump_core_version.yml b/changelogs/fragments/571_ci_bump_core_version.yml deleted file mode 100644 index bec2e29..0000000 --- a/changelogs/fragments/571_ci_bump_core_version.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - Bump ansible-core version to 2.19 of devel branch and add 2.18 to CI. diff --git a/changelogs/fragments/576_bump_version_2.yml b/changelogs/fragments/576_bump_version_2.yml deleted file mode 100644 index a93dbf6..0000000 --- a/changelogs/fragments/576_bump_version_2.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - Bump ansible.posix version to 2.0.0. diff --git a/changelogs/fragments/581_ci_selinux.yml b/changelogs/fragments/581_ci_selinux.yml deleted file mode 100644 index c38b2f2..0000000 --- a/changelogs/fragments/581_ci_selinux.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -trivial: - - selinux - conditions for selinux integration tests have been modified to be more accurate. diff --git a/changelogs/fragments/584_firewalld_opt_type.yml b/changelogs/fragments/584_firewalld_opt_type.yml deleted file mode 100644 index 44ede21..0000000 --- a/changelogs/fragments/584_firewalld_opt_type.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -breaking_changes: - - firewalld - Changed the type of forward and masquerade options from str to bool (https://github.com/ansible-collections/ansible.posix/issues/582). diff --git a/changelogs/fragments/603_bump_version_3.yml b/changelogs/fragments/603_bump_version_3.yml new file mode 100644 index 0000000..6794958 --- /dev/null +++ b/changelogs/fragments/603_bump_version_3.yml @@ -0,0 +1,2 @@ +trivial: + - Bump version to 3.0.0 for the next release (https://github.com/ansible-collections/ansible.posix/issues/603). diff --git a/changelogs/fragments/618_ci_remove_ubuntu2004.yml b/changelogs/fragments/618_ci_remove_ubuntu2004.yml new file mode 100644 index 0000000..2d63e7e --- /dev/null +++ b/changelogs/fragments/618_ci_remove_ubuntu2004.yml @@ -0,0 +1,2 @@ +trivial: + - Remove ubuntu20.04 from CI tests (https://github.com/ansible-collections/ansible.posix/issues/612). diff --git a/changelogs/fragments/626_profile_tasks_datetime_format.yml b/changelogs/fragments/626_profile_tasks_datetime_format.yml new file mode 100644 index 0000000..3a60e55 --- /dev/null +++ b/changelogs/fragments/626_profile_tasks_datetime_format.yml @@ -0,0 +1,3 @@ +--- +minor_changes: + - profile_tasks - Add option to provide a different date/time format (https://github.com/ansible-collections/ansible.posix/issues/279). diff --git a/changelogs/fragments/631_fixes_module_path.yml b/changelogs/fragments/631_fixes_module_path.yml new file mode 100644 index 0000000..7aad317 --- /dev/null +++ b/changelogs/fragments/631_fixes_module_path.yml @@ -0,0 +1,6 @@ +--- +bugfixes: + - ansible.posix.cgroup_perf_recap - fixes json module load path (https://github.com/ansible-collections/ansible.posix/issues/630). +trivial: + - ansible.posix.seboolean - remove unnecessary condition from seboolean integration tests (https://github.com/ansible-collections/ansible.posix/issues/630). + - ansible.posix.selinux - optimize conditions for selinux integration tests (https://github.com/ansible-collections/ansible.posix/issues/630). diff --git a/changelogs/fragments/642_ci_add_rhel10.yml b/changelogs/fragments/642_ci_add_rhel10.yml new file mode 100644 index 0000000..759ba31 --- /dev/null +++ b/changelogs/fragments/642_ci_add_rhel10.yml @@ -0,0 +1,2 @@ +trivial: + - Add Red Hat Enterprise Linux 10.0 to the CI matrix (https://github.com/ansible-collections/ansible.posix/issues/642). diff --git a/changelogs/fragments/650-profile_tasks_roles.yml b/changelogs/fragments/650-profile_tasks_roles.yml new file mode 100644 index 0000000..d8664b8 --- /dev/null +++ b/changelogs/fragments/650-profile_tasks_roles.yml @@ -0,0 +1,2 @@ +minor_changes: + - "profile_tasks and profile_roles callback plugins - avoid deleted/deprecated callback functions, instead use modern interface that was introduced a longer time ago (https://github.com/ansible-collections/ansible.posix/issues/650)." diff --git a/changelogs/fragments/654_ci_bump_core_version.yml b/changelogs/fragments/654_ci_bump_core_version.yml new file mode 100644 index 0000000..d150a81 --- /dev/null +++ b/changelogs/fragments/654_ci_bump_core_version.yml @@ -0,0 +1,3 @@ +--- +trivial: + - Bump ansible-core version to 2.20 of devel branch and add 2.19 to CI diff --git a/changelogs/fragments/660_ci_azp_syntax.yml b/changelogs/fragments/660_ci_azp_syntax.yml new file mode 100644 index 0000000..1efd77a --- /dev/null +++ b/changelogs/fragments/660_ci_azp_syntax.yml @@ -0,0 +1,2 @@ +trivial: + - AZP - fixed syntax error in CI test. diff --git a/changelogs/fragments/665_update_readme_20250728.yml b/changelogs/fragments/665_update_readme_20250728.yml new file mode 100644 index 0000000..0b59713 --- /dev/null +++ b/changelogs/fragments/665_update_readme_20250728.yml @@ -0,0 +1,3 @@ +--- +trivial: + - README - Update README to reflect Ansible Core 2.19 release. diff --git a/changelogs/fragments/666_azp_update_20250728.yml b/changelogs/fragments/666_azp_update_20250728.yml new file mode 100644 index 0000000..d6b4b24 --- /dev/null +++ b/changelogs/fragments/666_azp_update_20250728.yml @@ -0,0 +1,3 @@ +--- +trivial: + - AZP - Update AZP matrix to follow ansible-test changes. diff --git a/changelogs/fragments/673_update_ci_20250805.yml b/changelogs/fragments/673_update_ci_20250805.yml new file mode 100644 index 0000000..6e47187 --- /dev/null +++ b/changelogs/fragments/673_update_ci_20250805.yml @@ -0,0 +1,2 @@ +trivial: + - Update AZP CI matrix (https://github.com/ansible-collections/ansible.posix/issues/673). diff --git a/galaxy.yml b/galaxy.yml index 01e619c..9a0b34d 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,7 +1,7 @@ --- namespace: ansible name: posix -version: 2.0.0 +version: 3.0.0 readme: README.md authors: - Ansible (github.com/ansible) diff --git a/meta/runtime.yml b/meta/runtime.yml index 1e85b01..49c7554 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,2 +1,2 @@ --- -requires_ansible: ">=2.15.0" +requires_ansible: ">=2.16.0" diff --git a/plugins/callback/cgroup_perf_recap.py b/plugins/callback/cgroup_perf_recap.py index d1f4247..6721a03 100644 --- a/plugins/callback/cgroup_perf_recap.py +++ b/plugins/callback/cgroup_perf_recap.py @@ -132,6 +132,7 @@ DOCUMENTATION = ''' import csv import datetime +import json import os import time import threading @@ -142,7 +143,7 @@ from functools import partial from ansible.module_utils._text import to_bytes, to_text from ansible.module_utils.six import with_metaclass -from ansible.parsing.ajson import AnsibleJSONEncoder, json +from ansible.parsing.ajson import AnsibleJSONEncoder from ansible.plugins.callback import CallbackBase diff --git a/plugins/callback/profile_roles.py b/plugins/callback/profile_roles.py index 270a74f..4d58014 100644 --- a/plugins/callback/profile_roles.py +++ b/plugins/callback/profile_roles.py @@ -124,10 +124,7 @@ class CallbackModule(CallbackBase): def v2_playbook_on_handler_task_start(self, task): self._record_task(task) - def playbook_on_setup(self): - self._display_tasktime() - - def playbook_on_stats(self, stats): + def v2_playbook_on_stats(self, stats): # Align summary report header with other callback plugin summary self._display.banner("ROLES RECAP") diff --git a/plugins/callback/profile_tasks.py b/plugins/callback/profile_tasks.py index c5cc5fe..2945bf9 100644 --- a/plugins/callback/profile_tasks.py +++ b/plugins/callback/profile_tasks.py @@ -52,6 +52,17 @@ DOCUMENTATION = ''' - section: callback_profile_tasks key: summary_only version_added: 1.5.0 + datetime_format: + description: + - Datetime format, as expected by the C(strftime) and C(strptime) methods. + An C(iso8601) alias will be translated to C('%Y-%m-%dT%H:%M:%S.%f') if that datetime standard wants to be used. + default: '%A %d %B %Y %H:%M:%S %z' + env: + - name: PROFILE_TASKS_DATETIME_FORMAT + ini: + - section: callback_profile_tasks + key: datetime_format + version_added: 3.0.0 ''' EXAMPLES = ''' @@ -72,14 +83,15 @@ sample output: > ''' import collections -import time + +from datetime import datetime from ansible.module_utils.six.moves import reduce from ansible.plugins.callback import CallbackBase # define start time -t0 = tn = time.time() +dt0 = dtn = datetime.now().astimezone() def secondsToStr(t): @@ -104,17 +116,18 @@ def filled(msg, fchar="*"): def timestamp(self): if self.current is not None: - elapsed = time.time() - self.stats[self.current]['started'] + elapsed = (datetime.now().astimezone() - self.stats[self.current]['started']).total_seconds() self.stats[self.current]['elapsed'] += elapsed -def tasktime(): - global tn - time_current = time.strftime('%A %d %B %Y %H:%M:%S %z') - time_elapsed = secondsToStr(time.time() - tn) - time_total_elapsed = secondsToStr(time.time() - t0) - tn = time.time() - return filled('%s (%s)%s%s' % (time_current, time_elapsed, ' ' * 7, time_total_elapsed)) +def tasktime(self): + global dtn + cdtn = datetime.now().astimezone() + datetime_current = cdtn.strftime(self.datetime_format) + time_elapsed = secondsToStr((cdtn - dtn).total_seconds()) + time_total_elapsed = secondsToStr((cdtn - dt0).total_seconds()) + dtn = cdtn + return filled('%s (%s)%s%s' % (datetime_current, time_elapsed, ' ' * 7, time_total_elapsed)) class CallbackModule(CallbackBase): @@ -134,6 +147,7 @@ class CallbackModule(CallbackBase): self.sort_order = None self.summary_only = None self.task_output_limit = None + self.datetime_format = None super(CallbackModule, self).__init__() @@ -159,9 +173,14 @@ class CallbackModule(CallbackBase): else: self.task_output_limit = int(self.task_output_limit) + self.datetime_format = self.get_option('datetime_format') + if self.datetime_format is not None: + if self.datetime_format == 'iso8601': + self.datetime_format = '%Y-%m-%dT%H:%M:%S.%f' + def _display_tasktime(self): if not self.summary_only: - self._display.display(tasktime()) + self._display.display(tasktime(self)) def _record_task(self, task): """ @@ -176,10 +195,11 @@ class CallbackModule(CallbackBase): # with the same UUID is executed when `serial` is specified in a playbook. # elapsed: Elapsed time since the first serialized task was started self.current = task._uuid + dtn = datetime.now().astimezone() if self.current not in self.stats: - self.stats[self.current] = {'started': time.time(), 'elapsed': 0.0, 'name': task.get_name()} + self.stats[self.current] = {'started': dtn, 'elapsed': 0.0, 'name': task.get_name()} else: - self.stats[self.current]['started'] = time.time() + self.stats[self.current]['started'] = dtn if self._display.verbosity >= 2: self.stats[self.current]['path'] = task.get_path() @@ -189,14 +209,11 @@ class CallbackModule(CallbackBase): def v2_playbook_on_handler_task_start(self, task): self._record_task(task) - def playbook_on_setup(self): - self._display_tasktime() - - def playbook_on_stats(self, stats): + def v2_playbook_on_stats(self, stats): # Align summary report header with other callback plugin summary self._display.banner("TASKS RECAP") - self._display.display(tasktime()) + self._display.display(tasktime(self)) self._display.display(filled("", fchar="=")) timestamp(self) diff --git a/plugins/modules/firewalld.py b/plugins/modules/firewalld.py index 4333afd..6dd26aa 100644 --- a/plugins/modules/firewalld.py +++ b/plugins/modules/firewalld.py @@ -74,7 +74,8 @@ options: icmp_block_inversion: description: - Enable/Disable inversion of ICMP blocks for a zone in firewalld. - type: str + - Note that the option type is changed to bool in ansible.posix version 2.0.0 and later. + type: bool zone: description: - The firewalld zone to add/remove to/from. @@ -152,7 +153,7 @@ author: ''' EXAMPLES = r''' -- name: permanently enable https service, also enable it immediately if possible +- name: Permanently enable https service, also enable it immediately if possible ansible.posix.firewalld: service: https state: enabled @@ -160,81 +161,92 @@ EXAMPLES = r''' immediate: true offline: true -- name: permit traffic in default zone for https service +- name: Permit traffic in default zone for https service ansible.posix.firewalld: service: https permanent: true state: enabled -- name: permit ospf traffic +- name: Permit ospf traffic ansible.posix.firewalld: protocol: ospf permanent: true state: enabled -- name: do not permit traffic in default zone on port 8081/tcp +- name: Do not permit traffic in default zone on port 8081/tcp ansible.posix.firewalld: port: 8081/tcp permanent: true state: disabled -- ansible.posix.firewalld: +- name: Permit traffic in default zone on port 161-162/ucp + ansible.posix.firewalld: port: 161-162/udp permanent: true state: enabled -- ansible.posix.firewalld: +- name: Permit traffic in dmz zone on http service + ansible.posix.firewalld: zone: dmz service: http permanent: true state: enabled -- ansible.posix.firewalld: +- name: Enable FTP service with rate limiting using firewalld rich rule + ansible.posix.firewalld: rich_rule: rule service name="ftp" audit limit value="1/m" accept permanent: true state: enabled -- ansible.posix.firewalld: +- name: Allow traffic from 192.0.2.0/24 in internal zone + ansible.posix.firewalld: source: 192.0.2.0/24 zone: internal state: enabled -- ansible.posix.firewalld: +- name: Assign eth2 interface to trusted zone + ansible.posix.firewalld: zone: trusted interface: eth2 permanent: true state: enabled -- ansible.posix.firewalld: +- name: Enable forwarding in internal zone + ansible.posix.firewalld: forward: true state: enabled permanent: true zone: internal -- ansible.posix.firewalld: +- name: Enable masquerade in dmz zone + ansible.posix.firewalld: masquerade: true state: enabled permanent: true zone: dmz -- ansible.posix.firewalld: +- name: Create custom zone if not already present + ansible.posix.firewalld: zone: custom state: present permanent: true -- ansible.posix.firewalld: +- name: Enable ICMP block inversion in drop zone + ansible.posix.firewalld: zone: drop state: enabled permanent: true icmp_block_inversion: true -- ansible.posix.firewalld: +- name: Block ICMP echo requests in drop zone + ansible.posix.firewalld: zone: drop state: enabled permanent: true icmp_block: echo-request -- ansible.posix.firewalld: +- name: Set internal zone target to ACCEPT + ansible.posix.firewalld: zone: internal state: present permanent: true @@ -250,7 +262,6 @@ EXAMPLES = r''' ''' from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.parsing.convert_bool import boolean from ansible_collections.ansible.posix.plugins.module_utils.firewalld import FirewallTransaction, fw_offline try: @@ -864,7 +875,7 @@ def main(): module = AnsibleModule( argument_spec=dict( icmp_block=dict(type='str'), - icmp_block_inversion=dict(type='str'), + icmp_block_inversion=dict(type='bool'), service=dict(type='str'), protocol=dict(type='str'), port=dict(type='str'), @@ -987,16 +998,7 @@ def main(): msgs.append("Changed icmp-block %s to %s" % (icmp_block, desired_state)) if icmp_block_inversion is not None: - # Type of icmp_block_inversion will be changed to boolean in a future release. - icmp_block_inversion_status = True - try: - icmp_block_inversion_status = boolean(icmp_block_inversion, True) - except TypeError: - module.warn('The value of the icmp_block_inversion option is "%s". ' - 'The type of the option will be changed from string to boolean in a future release. ' - 'To avoid unexpected behavior, please change the value to boolean.' % icmp_block_inversion) - expected_state = 'enabled' if (desired_state == 'enabled') == icmp_block_inversion_status else 'disabled' - + expected_state = 'enabled' if (desired_state == 'enabled') == icmp_block_inversion else 'disabled' transaction = IcmpBlockInversionTransaction( module, action_args=(), diff --git a/plugins/modules/mount.py b/plugins/modules/mount.py index dadbd46..b9e496e 100644 --- a/plugins/modules/mount.py +++ b/plugins/modules/mount.py @@ -303,7 +303,7 @@ def _set_mount_save_old(module, args): continue - fields = line.split() + fields = line.split('#')[0].split() # Check if we got a valid line for splitting # (on Linux the 5th and the 6th field is optional) diff --git a/plugins/modules/sysctl.py b/plugins/modules/sysctl.py index 77fc392..8b53620 100644 --- a/plugins/modules/sysctl.py +++ b/plugins/modules/sysctl.py @@ -80,6 +80,13 @@ EXAMPLES = r''' sysctl_file: /tmp/test_sysctl.conf reload: false +# Enable resource limits management in FreeBSD +- ansible.posix.sysctl: + name: kern.racct.enable + value: '1' + sysctl_file: /boot/loader.conf + reload: false + # Set ip forwarding on in /proc and verify token value with the sysctl command - ansible.posix.sysctl: name: net.ipv4.ip_forward diff --git a/tests/integration/targets/acl/tasks/acl.yml b/tests/integration/targets/acl/tasks/acl.yml index 24846d0..9e8d13f 100644 --- a/tests/integration/targets/acl/tasks/acl.yml +++ b/tests/integration/targets/acl/tasks/acl.yml @@ -46,6 +46,12 @@ path: "{{ test_dir }}" state: directory mode: "0755" + +- name: Install acl package + ansible.builtin.package: + name: acl + state: present + ############################################################################## - name: Grant ansible user read access to a file ansible.posix.acl: diff --git a/tests/integration/targets/firewalld/aliases b/tests/integration/targets/firewalld/aliases index 95259df..f2b0fc9 100644 --- a/tests/integration/targets/firewalld/aliases +++ b/tests/integration/targets/firewalld/aliases @@ -1,3 +1,5 @@ +needs/privileged +needs/root destructive shippable/posix/group1 skip/aix diff --git a/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml b/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml index 3bd5bf0..f416c85 100644 --- a/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml +++ b/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml @@ -114,60 +114,3 @@ ansible.builtin.assert: that: - result is not changed - -# Validate backwards compatible behavior until icmp block inversion is switched from string to boolean type -- name: Icmp block inversion enabled when icmp block inversion is non-boolean string and state is enabled - block: - - name: Testing enable icmp block inversion - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: some string - permanent: true - state: enabled - register: result - - - name: Assert icmp block inversion is enabled - ansible.builtin.assert: - that: - - result is changed - - - name: Testing enable icmp block inversion (verify not changed) - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: some string - permanent: true - state: enabled - register: result - - - name: Assert icmp block inversion is enabled (verify not changed) - ansible.builtin.assert: - that: - - result is not changed - -- name: Icmp block inversion disabled when icmp block inversion is non-boolean string and state is disabled - block: - - name: Testing disable icmp block inversion - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: some string - permanent: true - state: disabled - register: result - - - name: Assert icmp block inversion is disabled - ansible.builtin.assert: - that: - - result is changed - - - name: Testing disable icmp block inversion (verify not changed) - ansible.posix.firewalld: - zone: trusted - icmp_block_inversion: some string - permanent: true - state: disabled - register: result - - - name: Assert icmp block inversion is disabled (verify not changed) - ansible.builtin.assert: - that: - - result is not changed diff --git a/tests/integration/targets/mount/tasks/main.yml b/tests/integration/targets/mount/tasks/main.yml index bb91648..d96f865 100644 --- a/tests/integration/targets/mount/tasks/main.yml +++ b/tests/integration/targets/mount/tasks/main.yml @@ -1,3 +1,4 @@ +# SETUP ################################################################################ - name: Install dependencies (Linux) ansible.builtin.package: name: e2fsprogs @@ -110,6 +111,42 @@ mode: '0644' register: orig_info +# BIND MOUNT ################################################################################ +# bind mount check mode +- name: Bind mount a filesystem (Linux) (check mode) + ansible.posix.mount: + src: '{{ output_dir }}/mount_source' + name: '{{ output_dir }}/mount_dest' + state: mounted + fstype: None + opts: bind + when: ansible_system == 'Linux' + register: bind_result_linux_dry_run + check_mode: true + +- name: Bind mount a filesystem (FreeBSD) (check mode) + ansible.posix.mount: + src: '{{ output_dir }}/mount_source' + name: '{{ output_dir }}/mount_dest' + state: mounted + fstype: nullfs + when: ansible_system == 'FreeBSD' + register: bind_result_freebsd_dry_run + check_mode: true + +- name: Attempt to stat bind mounted file + ansible.builtin.stat: + path: '{{ output_dir }}/mount_dest/test_file' + when: ansible_system in ('FreeBSD', 'Linux') + register: dest_stat + +- name: Assert the bind mount did not take place + ansible.builtin.assert: + that: + - not dest_stat['stat']['exists'] + when: ansible_system in ('FreeBSD', 'Linux') + +# bind mount - name: Bind mount a filesystem (Linux) ansible.posix.mount: src: '{{ output_dir }}/mount_source' @@ -168,6 +205,48 @@ - (ansible_system == 'Linux' and not bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and not bind_result_freebsd['changed']) when: ansible_system in ('FreeBSD', 'Linux') +# remount check mode +- name: Remount filesystem with different opts (Linux) (check mode) + ansible.posix.mount: + src: '{{ output_dir }}/mount_source' + name: '{{ output_dir }}/mount_dest' + state: mounted + fstype: None + opts: bind,ro + when: ansible_system == 'Linux' + register: bind_result_linux + check_mode: true + +- name: Remount filesystem with different opts (FreeBSD) (check mode) + ansible.posix.mount: + src: '{{ output_dir }}/mount_source' + name: '{{ output_dir }}/mount_dest' + state: mounted + fstype: nullfs + opts: ro + when: ansible_system == 'FreeBSD' + register: bind_result_freebsd + check_mode: true + +- name: Get mount options + ansible.builtin.shell: + cmd: set -o pipefail && mount | grep mount_dest | grep -c -E -w '(ro|read-only)' + executable: "{{ shell_executable }}" + changed_when: false + failed_when: false + register: new_options_count + +- name: Make sure the filesystem does not have the new opts + ansible.builtin.assert: + that: + - linux_and_changed or freebsd_and_changed + - new_options_count.stdout | int == 0 + vars: + linux_and_changed: "{{ ansible_system == 'Linux' and bind_result_linux_dry_run['changed'] }}" + freebsd_and_changed: "{{ ansible_system == 'FreeBSD' and bind_result_freebsd['changed'] }}" + when: ansible_system in ('FreeBSD', 'Linux') + +# remount - name: Remount filesystem with different opts (Linux) ansible.posix.mount: src: '{{ output_dir }}/mount_source' @@ -203,6 +282,29 @@ - 1 == remount_options.stdout_lines | length when: ansible_system in ('FreeBSD', 'Linux') +# unmount check mode +- name: Unmount the bind mount (check mode) + ansible.posix.mount: + name: '{{ output_dir }}/mount_dest' + state: absent + when: ansible_system in ('Linux', 'FreeBSD') + register: unmount_result + check_mode: true + +- name: Make sure the file still exists in dest + ansible.builtin.stat: + path: '{{ output_dir }}/mount_dest/test_file' + when: ansible_system in ('FreeBSD', 'Linux') + register: dest_stat + +- name: Check that we did not unmount + ansible.builtin.assert: + that: + - unmount_result['changed'] + - dest_stat['stat']['exists'] + when: ansible_system in ('FreeBSD', 'Linux') + +# unmount - name: Unmount the bind mount ansible.posix.mount: name: '{{ output_dir }}/mount_dest' @@ -223,9 +325,36 @@ - not dest_stat['stat']['exists'] when: ansible_system in ('FreeBSD', 'Linux') -- name: Block to test remounted option +# SWAP ############################################################# +- name: Swap when: ansible_system in ('Linux') block: + # mount swap check mode + - name: Stat /etc/fstab + ansible.builtin.stat: + path: /etc/fstab + register: stat_fstab_before + + - name: Create fstab record for the first swap file (check mode) + ansible.posix.mount: + name: none + src: /tmp/swap1 + opts: sw + fstype: swap + state: present + check_mode: true + + - name: Stat /etc/fstab + ansible.builtin.stat: + path: /etc/fstab + register: stat_fstab_after + + - name: Assert that fstab checksum did not change + ansible.builtin.assert: + that: + - stat_fstab_before.stat.checksum == stat_fstab_after.stat.checksum + + # mount swap1 - name: Create fstab record for the first swap file ansible.posix.mount: name: none @@ -250,6 +379,7 @@ - swap1_created['changed'] - not swap1_created_again['changed'] + # mount swap2 - name: Create fstab record for the second swap file ansible.posix.mount: name: none @@ -274,6 +404,30 @@ - swap2_created['changed'] - not swap2_created_again['changed'] + # remove swap check mode + - name: Stat /etc/fstab + ansible.builtin.stat: + path: /etc/fstab + register: stat_fstab_before + + - name: Remove the fstab record for the first swap file (check mode) + ansible.posix.mount: + name: none + src: /tmp/swap1 + state: absent + check_mode: true + + - name: Stat /etc/fstab + ansible.builtin.stat: + path: /etc/fstab + register: stat_fstab_after + + - name: Assert that fstab checksum did not change + ansible.builtin.assert: + that: + - stat_fstab_before.stat.checksum == stat_fstab_after.stat.checksum + + # remove swap1 - name: Remove the fstab record for the first swap file ansible.posix.mount: name: none @@ -294,6 +448,7 @@ - swap1_removed['changed'] - not swap1_removed_again['changed'] + # remove swap2 - name: Remove the fstab record for the second swap file ansible.posix.mount: name: none @@ -314,6 +469,10 @@ - swap2_removed['changed'] - not swap2_removed_again['changed'] +# FIXUP ############################################################# +- name: Fix incomplete entry already present in fstab + when: ansible_system == 'Linux' + block: - name: Create fstab record with missing last two fields ansible.builtin.copy: dest: /etc/fstab @@ -343,6 +502,11 @@ - ''' 0 0'' in optional_fields_content.stdout' - 1 == optional_fields_content.stdout_lines | length +# REMOUNTED ############################################################# +- name: Block to test remounted option + when: ansible_system in ('Linux') + block: + # setup - name: Create empty file community.general.filesize: path: /tmp/myfs.img @@ -372,6 +536,26 @@ ansible.builtin.pause: seconds: 2 + # remount check mode + - name: Remount (check mode) + ansible.posix.mount: + path: /tmp/myfs + state: remounted + + - name: Get again the last write time + ansible.builtin.shell: + cmd: >- + set -o pipefail && dumpe2fs /tmp/myfs.img 2>/dev/null | grep -i "last write time:" |cut -d: -f2- + executable: "{{ shell_executable }}" + changed_when: false + register: last_write_time_check + + - name: Fail if they are different + ansible.builtin.fail: + msg: Filesytem was remounted, testing of the module failed! + when: last_write_time.stdout != last_write_time_check.stdout + + # remount - name: Test if the FS is remounted ansible.posix.mount: path: /tmp/myfs @@ -390,6 +574,29 @@ msg: Filesytem was not remounted, testing of the module failed! when: last_write is defined and last_write_time2 is defined and last_write_time.stdout == last_write_time2.stdout + # remount different options check mode + - name: Remount filesystem with different opts using remounted option (Linux only) + ansible.posix.mount: + path: /tmp/myfs + state: remounted + opts: rw,noexec + check_mode: true + + - name: Get remounted options (Linux only) + ansible.builtin.shell: + cmd: set -o pipefail && mount | grep myfs | grep -E -w 'noexec' | wc -l + executable: "{{ shell_executable }}" + failed_when: false + changed_when: false + register: remounted_options + + - name: Make sure the filesystem now has the new opts after using remounted (Linux only) + ansible.builtin.assert: + that: + - "'0' in remounted_options.stdout" + - "1 == remounted_options.stdout_lines | length" + + # remount different options - name: Remount filesystem with different opts using remounted option (Linux only) ansible.posix.mount: path: /tmp/myfs @@ -409,6 +616,7 @@ - "'1' in remounted_options.stdout" - "1 == remounted_options.stdout_lines | length" + # backup - name: Mount the FS again to test backup ansible.posix.mount: path: /tmp/myfs @@ -439,9 +647,11 @@ - /tmp/myfs.img - /tmp/myfs +# BOOT ############################################################# - name: Block to test boot option for Linux when: ansible_system in ('Linux') block: + # setup - name: Create empty file community.general.filesize: path: /tmp/myfs.img @@ -452,6 +662,7 @@ fstype: ext3 dev: /tmp/myfs.img + # noauto - name: Mount the FS with noauto option ansible.posix.mount: path: /tmp/myfs @@ -472,6 +683,7 @@ path: /tmp/myfs state: absent + # noauto + defaults - name: Mount the FS with noauto option and defaults ansible.posix.mount: path: /tmp/myfs @@ -499,6 +711,7 @@ - /tmp/myfs.img - /tmp/myfs +# NEWLINE END OF FILE ############################################ - name: Block to test missing newline at the EOF of fstab when: ansible_system in ('Linux') block: @@ -537,6 +750,7 @@ - /tmp/myfs1 - /tmp/test_fstab +# EPHEMERAL ################################################ - name: Block to test ephemeral option environment: PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin @@ -552,8 +766,7 @@ path: /tmp/myfs_B.img size: 20M - ##### FORMAT FS ON LINUX - + ##### FORMAT FS ON LINUX - name: Block to format FS on Linux when: ansible_system == 'Linux' block: @@ -567,8 +780,7 @@ fstype: ext3 dev: /tmp/myfs_B.img - ##### FORMAT FS ON SOLARIS AND BSD - + ##### FORMAT FS ON SOLARIS AND BSD - name: Create loop devices on Solaris and BSD ansible.builtin.shell: cmd: "set -o pipefail && {{ ephemeral_create_loop_dev_cmd }}" @@ -583,14 +795,49 @@ changed_when: true when: ephemeral_format_fs_cmd is defined - ##### TESTS - - name: Create fstab if it does not exist ansible.builtin.file: path: "{{ ephemeral_fstab }}" state: touch mode: '0644' + # normal ephemeral mount check mode + - name: Get checksum of /etc/fstab before mounting anything + ansible.builtin.stat: + path: '{{ ephemeral_fstab }}' + register: fstab_stat_before_mount + + - name: Mount the FS A with ephemeral state (check mode) + ansible.posix.mount: + path: /tmp/myfs + src: '{{ ephemeral_device_a }}' + fstype: '{{ ephemeral_fstype }}' + opts: rw + state: ephemeral + register: ephemeral_mount_info + check_mode: true + + - name: Get checksum of /etc/fstab after an ephemeral mount + ansible.builtin.stat: + path: '{{ ephemeral_fstab }}' + register: fstab_stat_after_mount + + - name: Get mountinfo + ansible.builtin.shell: + cmd: grep -c '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: check_mountinfo + failed_when: false + changed_when: false + + - name: Assert the mount occurred and the fstab is unchanged + ansible.builtin.assert: + that: + - check_mountinfo.stdout|int == 0 + - ephemeral_mount_info['changed'] + - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum'] + + # normal ephemeral mount - name: Get checksum of /etc/fstab before mounting anything ansible.builtin.stat: path: '{{ ephemeral_fstab }}' @@ -631,6 +878,48 @@ - ephemeral_mount_info['changed'] - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum'] + # remount different options check mode + - name: Get first mount record + ansible.builtin.shell: + cmd: grep '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: ephemeral_mount_record_1 + changed_when: false + + - name: Try to mount FS A where FS A is already mounted (should trigger remount and changed) + ansible.posix.mount: + path: /tmp/myfs + src: '{{ ephemeral_device_a }}' + fstype: '{{ ephemeral_fstype }}' + opts: ro + state: ephemeral + register: ephemeral_mount_info + check_mode: true + + - name: Get second mount record (should be different than the first) + ansible.builtin.shell: + cmd: grep '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: ephemeral_mount_record_2 + changed_when: false + + - name: Get mountinfo + ansible.builtin.shell: + cmd: grep -c '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + failed_when: false + register: check_mountinfo + changed_when: false + + - name: Assert the FS A is still mounted, the options unchanged and the fstab unchanged + ansible.builtin.assert: + that: + - check_mountinfo.stdout|int == 1 + - ephemeral_mount_record_1.stdout == ephemeral_mount_record_2.stdout + - ephemeral_mount_info['changed'] + - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum'] + + # remount different options - name: Get first mount record ansible.builtin.shell: cmd: grep '/tmp/myfs' <(mount -v) @@ -670,6 +959,7 @@ - ephemeral_mount_info['changed'] - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum'] + # conflicting mount - name: Try to mount file B on file A mountpoint (should fail) ansible.posix.mount: path: /tmp/myfs @@ -707,6 +997,39 @@ - test_file_stat['stat']['exists'] - ephemeral_mount_b_info is failed + # unmount check mode + - name: Unmount FS with state = unmounted + ansible.posix.mount: + path: /tmp/myfs + state: unmounted + check_mode: true + + - name: Get fstab checksum after unmounting an ephemeral mount with state = unmounted + ansible.builtin.stat: + path: '{{ ephemeral_fstab }}' + register: fstab_stat_after_unmount + + - name: Get mountinfo + ansible.builtin.shell: + cmd: grep -c '/tmp/myfs' <(mount -v) + executable: "{{ shell_executable }}" + register: check_mountinfo + failed_when: false + changed_when: false + + - name: Try to stat our test file + ansible.builtin.stat: + path: /tmp/myfs/test_file + register: test_file_stat + + - name: Assert that unmount did not take place and fstab unchanged + ansible.builtin.assert: + that: + - check_mountinfo.stdout|int == 1 + - test_file_stat['stat']['exists'] + - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_unmount['stat']['checksum'] + + # unmount - name: Unmount FS with state = unmounted ansible.posix.mount: path: /tmp/myfs @@ -759,6 +1082,7 @@ - /tmp/myfs_B.img - /tmp/myfs +# OPTS_NO_LOG ###################################### - name: Block to test opts_no_log option when: ansible_system == 'Linux' block: diff --git a/tests/integration/targets/seboolean/tasks/main.yml b/tests/integration/targets/seboolean/tasks/main.yml index 4aad585..97a41d1 100644 --- a/tests/integration/targets/seboolean/tasks/main.yml +++ b/tests/integration/targets/seboolean/tasks/main.yml @@ -20,5 +20,4 @@ ansible.builtin.include_tasks: seboolean.yml when: - ansible_selinux is defined - - ansible_selinux - ansible_selinux.status == 'enabled' diff --git a/tests/integration/targets/selinux/tasks/main.yml b/tests/integration/targets/selinux/tasks/main.yml index 8d8db05..0531064 100644 --- a/tests/integration/targets/selinux/tasks/main.yml +++ b/tests/integration/targets/selinux/tasks/main.yml @@ -19,23 +19,21 @@ - name: Debug message for when SELinux is disabled ansible.builtin.debug: msg: SELinux is disabled - when: ansible_selinux is defined and not ansible_selinux + when: ansible_selinux is defined and ansible_selinux.status == 'disabled' - name: Debug message for when SELinux is enabled and not disabled ansible.builtin.debug: msg: SELinux is {{ ansible_selinux.status }} - when: ansible_selinux is defined and ansible_selinux + when: ansible_selinux is defined - name: Include_tasks for when SELinux is enabled ansible.builtin.include_tasks: selinux.yml when: - ansible_selinux is defined - - ansible_selinux - ansible_selinux.status == 'enabled' - name: Include tasks for selogin when SELinux is enabled ansible.builtin.include_tasks: selogin.yml when: - ansible_selinux is defined - - ansible_selinux - ansible_selinux.status == 'enabled' diff --git a/tests/sanity/ignore-2.20.txt b/tests/sanity/ignore-2.20.txt new file mode 100644 index 0000000..3cf68c0 --- /dev/null +++ b/tests/sanity/ignore-2.20.txt @@ -0,0 +1 @@ +tests/utils/shippable/timing.py shebang diff --git a/tests/utils/shippable/shippable.sh b/tests/utils/shippable/shippable.sh index 6269f57..44beb23 100755 --- a/tests/utils/shippable/shippable.sh +++ b/tests/utils/shippable/shippable.sh @@ -62,15 +62,15 @@ else retry pip install "https://github.com/ansible/ansible/archive/stable-${ansible_version}.tar.gz" --disable-pip-version-check fi -export ANSIBLE_COLLECTIONS_PATHS="${PWD}/../../../" +export ANSIBLE_COLLECTIONS_PATH="${PWD}/../../../" # START: HACK install dependencies if [ "${ansible_version}" == "2.9" ] || [ "${ansible_version}" == "2.10" ]; then # Note: Since community.general 5.x, Ansible Core versions prior to 2.11 are not supported. # So we need to use 4.8.1 for Ansible 2.9 and Ansible Engine 2.10. - retry git clone --depth=1 --single-branch -b 4.8.1 https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/general" + retry git clone --depth=1 --single-branch -b 4.8.1 https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATH}/ansible_collections/community/general" else - retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/general" + retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATH}/ansible_collections/community/general" fi # Note: we're installing with git to work around Galaxy being a huge PITA (https://github.com/ansible/galaxy/issues/2429) # END: HACK