feat: support for ostree systems #124
Conversation
|
[citest] |
|
[citest] |
| @@ -0,0 +1 @@ | |||
| openssh-ldap | |||
There was a problem hiding this comment.
it is not clear to me where did these files come from and why these packages are needed. AFAIK the openssh-ldap is used only on the server to provide support for loading public authorized_keys from LDAP and do not have any use in the ssh client role.
So in the mean of keeping the role simple, I would propose to drop this. The same for the keycat, which is only useful for the server side of the OpenSSH.
There was a problem hiding this comment.
The weekly CI job that runs all integration tests - #119
uses an Ansible callback plugin - https://github.com/linux-system-roles/ssh/pull/119/files that comes from https://github.com/linux-system-roles/auto-maintenance/blob/main/callback_plugins/dump_packages.py
that intercepts all calls to the package:, yum:, and dnf: modules and prints the packages passed to the module - https://dl.fedoraproject.org/pub/alt/linuxsystemroles/logs/lsr-citool_ssh-119-e861b60_CentOS-7-latest_20231113-115435/artifacts/tests_additional_packages-PASSED.log
TASK [fedora.linux_system_roles.ssh : Ensure required packages are installed] ***
task path: /WORKDIR/git-weekly-ci7pusbkan/.collection/ansible_collections/fedora/linux_system_roles/roles/ssh/tasks/main.yml:5
Monday 13 November 2023 11:53:39 +0000 (0:00:00.029) 0:00:01.151 *******
changed: [sut] => {
"changed": true,
"changes": {
"installed": [
"openssh-ldap"
]
},
"rc": 0,
"results": [
"openssh-7.4p1-23.el7_9.x86_64 providing openssh is already installed",
"openssh-clients-7.4p1-23.el7_9.x86_64 providing openssh-clients is already installed",
"Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: download.cf.centos.org\n * extras: download.cf.centos.org\n * updates: download.cf.centos.org\nResolving Dependencies\n--> Running transaction check\n---> Package openssh-ldap.x86_64 0:7.4p1-23.el7_9 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n openssh-ldap x86_64 7.4p1-23.el7_9 updates 113 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package\n\nTotal download size: 113 k\nInstalled size: 92 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : openssh-ldap-7.4p1-23.el7_9.x86_64 1/1 \n Verifying : openssh-ldap-7.4p1-23.el7_9.x86_64 1/1 \n\nInstalled:\n openssh-ldap.x86_64 0:7.4p1-23.el7_9 \n\nComplete!\n"
]
}
lsrpackages: openssh openssh-clients openssh-ldap
Then, I use the script https://github.com/linux-system-roles/auto-maintenance/blob/main/check-logs-for-packages.sh to scrape the logs for the list of runtime and testing packages and generate the files in the .ostree/ directory.
If running on an rpm-ostree system, the call to package: will fail if these packages are not present.
Some alternatives:
- rewrite the test to omit the
openssh-ldappackage if using ostree - skip the test if using ostree
|
and it looks like the logic in check-logs does not handle the case where a package is declared in a test but installed in the main role code. I'll move those packages to testing. |
Feature: Allow running and testing the role with ostree managed nodes. Reason: We have users who want to use the role to manage ostree systems. Result: Users can use the role to manage ostree managed nodes. Signed-off-by: Rich Megginson <[email protected]>
|
[citest] |
Feature: Allow running and testing the role with ostree managed nodes.
Reason: We have users who want to use the role to manage ostree
systems.
Result: Users can use the role to manage ostree managed nodes.
Signed-off-by: Rich Megginson [email protected]