The role replaces the kdump configuration of the managed host.
157 | Previous settings will be lost, even if they are not specified in the
158 | role variables. Currently, this includes replacing at least the
159 | following configuration file:
160 |
161 |
/etc/kdump.conf
162 |
163 |
Requirements
164 |
See below
165 |
Collection requirements
166 |
The role requires external collections only for management of
167 | rpm-ostree nodes. Please run the following command to
168 | install them if you need to manage rpm-ostree nodes:
kdump_target: Can be specified to write vmcore to a
173 | location that is not in the root file system. If type is
174 | raw or a filesystem type, location points to a partition
175 | (by device node name, label, or uuid). For example:
176 |
kdump_target:
178 | type: raw
179 | location: /dev/sda1
If type is ssh, location points to a
186 | server: example:
187 |
type: ssh
189 | location: user@example.com
190 |
Similarly for nfs, location points to an
191 | nfs server:
192 |
type: nfs
194 | location: nfs.example.com
195 |
Only the ssh type is considered stable, support for the
196 | other types is experimental.
197 |
kdump_path: The path to which vmcore will be
198 | written. If kdump_target is not null, path is relative to
199 | that dump target. Otherwise, it must be an absolute path in the root
200 | file system.
201 |
kdump_core_collector: A command to copy the vmcore.
202 | If null, uses makedumpfile with options depending on the
203 | kdump_target.type.
204 |
kdump_system_action: The action that is performed
205 | when dumping the core file fails. Can be reboot,
206 | halt, poweroff, or shell.
207 |
kdump_auto_reset_crashkernel: Whether to reset
208 | kernel crashkernel to new default value or not when kexec-tools updates
209 | the default crashkernel value and existing kernels using the old default
210 | kernel crashkernel value.
211 |
kdump_dracut_args: Pass extra dracut options when
212 | rebuilding kdump initrd.
213 |
kdump_reboot_ok: If you run the role on a managed
214 | node that does not have memory reserved for crash kernel, i.e. the file
215 | /sys/kernel/kexec_crash_size contains 0, it
216 | might be required to reboot the managed node to configure kdump.
217 |
By default, the role does not reboot the managed node. If a managed
218 | node requires reboot, the role sets the
219 | kdump_reboot_required fact and fails, so that the user can
220 | reboot the managed node when needed. If you want the role to reboot the
221 | system if required, set this variable to true. You do not
222 | need to re-execute the role after boot.
223 |
Default: false
224 |
Ansible Facts Returned by
225 | the Role
226 |
kdump_reboot_required: The role sets this fact if
227 | the managed node requires reboot to complete kdump configuration.
228 | Re-execute the role after boot to ensure that kdump is working.
229 |
rpm-ostree
230 |
See README-ostree.md
231 |
License
232 |
MIT
233 |
234 |
235 |
236 |
--------------------------------------------------------------------------------
/.ansible-lint:
--------------------------------------------------------------------------------
1 | ---
2 | profile: production
3 | kinds:
4 | - yaml: "**/meta/collection-requirements.yml"
5 | - playbook: "**/tests/get_coverage.yml"
6 | - yaml: "**/tests/collection-requirements.yml"
7 | - playbook: "**/tests/tests_*.yml"
8 | - playbook: "**/tests/setup-snapshot.yml"
9 | - tasks: "**/tests/*.yml"
10 | - playbook: "**/tests/playbooks/*.yml"
11 | - tasks: "**/tests/tasks/*.yml"
12 | - tasks: "**/tests/tasks/*/*.yml"
13 | - vars: "**/tests/vars/*.yml"
14 | - playbook: "**/examples/*.yml"
15 | skip_list:
16 | - fqcn-builtins
17 | - var-naming[no-role-prefix]
18 | exclude_paths:
19 | - tests/roles/
20 | - .github/
21 | - .markdownlint.yaml
22 | - examples/roles/
23 | mock_roles:
24 | - linux-system-roles.kdump
25 | supported_ansible_also:
26 | - "2.14.0"
27 |
--------------------------------------------------------------------------------
/.codespell_ignores:
--------------------------------------------------------------------------------
1 | passt
2 |
--------------------------------------------------------------------------------
/.codespellrc:
--------------------------------------------------------------------------------
1 | [codespell]
2 | check-hidden = true
3 | # Note that `-w` doesn't work when ignore-multiline-regex is set
4 | # https://github.com/codespell-project/codespell/issues/3642
5 | ignore-multiline-regex = codespell:ignore-begin.*codespell:ignore-end
6 | ignore-words = .codespell_ignores
7 | # skip-file is not available https://github.com/codespell-project/codespell/pull/2759
8 | # .pandoc_template.html5 contains a typo in Licence that we shouldn't edit
9 | # .README.html is generated from README.md automatically - no need to check spelling
10 | skip = .pandoc_template.html5,.README.html
11 |
--------------------------------------------------------------------------------
/.commitlintrc.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | parserPreset: 'conventional-changelog-conventionalcommits',
3 | rules: {
4 | 'body-leading-blank': [1, 'always'],
5 | 'body-max-line-length': [2, 'always', 100],
6 | 'footer-leading-blank': [1, 'always'],
7 | 'footer-max-line-length': [2, 'always', 100],
8 | 'header-max-length': [2, 'always', 100],
9 | 'subject-case': [
10 | 2,
11 | 'never',
12 | ['start-case', 'pascal-case', 'upper-case'],
13 | ],
14 | 'subject-empty': [2, 'never'],
15 | 'subject-full-stop': [2, 'never', '.'],
16 | 'type-case': [2, 'always', 'lower-case'],
17 | 'type-empty': [2, 'never'],
18 | 'type-enum': [
19 | 2,
20 | 'always',
21 | [
22 | 'build',
23 | 'chore',
24 | 'ci',
25 | 'docs',
26 | 'feat',
27 | 'fix',
28 | 'perf',
29 | 'refactor',
30 | 'revert',
31 | 'style',
32 | 'test',
33 | 'tests',
34 | ],
35 | ],
36 | },
37 | prompt: {
38 | questions: {
39 | type: {
40 | description: "Select the type of change that you're committing",
41 | enum: {
42 | feat: {
43 | description: 'A new feature',
44 | title: 'Features',
45 | emoji: '✨',
46 | },
47 | fix: {
48 | description: 'A bug fix',
49 | title: 'Bug Fixes',
50 | emoji: '🐛',
51 | },
52 | docs: {
53 | description: 'Documentation only changes',
54 | title: 'Documentation',
55 | emoji: '📚',
56 | },
57 | style: {
58 | description:
59 | 'Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)',
60 | title: 'Styles',
61 | emoji: '💎',
62 | },
63 | refactor: {
64 | description:
65 | 'A code change that neither fixes a bug nor adds a feature',
66 | title: 'Code Refactoring',
67 | emoji: '📦',
68 | },
69 | perf: {
70 | description: 'A code change that improves performance',
71 | title: 'Performance Improvements',
72 | emoji: '🚀',
73 | },
74 | test: {
75 | description: 'Adding missing tests or correcting existing tests',
76 | title: 'Tests',
77 | emoji: '🚨',
78 | },
79 | tests: {
80 | description: 'Adding missing tests or correcting existing tests',
81 | title: 'Tests',
82 | emoji: '🚨',
83 | },
84 | build: {
85 | description:
86 | 'Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)',
87 | title: 'Builds',
88 | emoji: '🛠',
89 | },
90 | ci: {
91 | description:
92 | 'Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)',
93 | title: 'Continuous Integrations',
94 | emoji: '⚙️',
95 | },
96 | chore: {
97 | description: "Other changes that don't modify src or test files",
98 | title: 'Chores',
99 | emoji: '♻️',
100 | },
101 | revert: {
102 | description: 'Reverts a previous commit',
103 | title: 'Reverts',
104 | emoji: '🗑',
105 | },
106 | },
107 | },
108 | scope: {
109 | description:
110 | 'What is the scope of this change (e.g. component or file name)',
111 | },
112 | subject: {
113 | description:
114 | 'Write a short, imperative tense description of the change',
115 | },
116 | body: {
117 | description: 'Provide a longer description of the change',
118 | },
119 | isBreaking: {
120 | description: 'Are there any breaking changes?',
121 | },
122 | breakingBody: {
123 | description:
124 | 'A BREAKING CHANGE commit requires a body. Please enter a longer description of the commit itself',
125 | },
126 | breaking: {
127 | description: 'Describe the breaking changes',
128 | },
129 | isIssueAffected: {
130 | description: 'Does this change affect any open issues?',
131 | },
132 | issuesBody: {
133 | description:
134 | 'If issues are closed, the commit requires a body. Please enter a longer description of the commit itself',
135 | },
136 | issues: {
137 | description: 'Add issue references (e.g. "fix #123", "re #123".)',
138 | },
139 | },
140 | },
141 | };
142 |
--------------------------------------------------------------------------------
/.fmf/version:
--------------------------------------------------------------------------------
1 | 1
2 |
--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
1 | ---
2 | version: 2
3 | updates:
4 | - package-ecosystem: github-actions
5 | directory: /
6 | schedule:
7 | interval: monthly
8 | commit-message:
9 | prefix: ci
10 |
--------------------------------------------------------------------------------
/.github/pull_request_template.md:
--------------------------------------------------------------------------------
1 | Enhancement:
2 |
3 | Reason:
4 |
5 | Result:
6 |
7 | Issue Tracker Tickets (Jira or BZ if any):
8 |
--------------------------------------------------------------------------------
/.github/workflows/ansible-lint.yml:
--------------------------------------------------------------------------------
1 | ---
2 | name: Ansible Lint
3 | on: # yamllint disable-line rule:truthy
4 | pull_request:
5 | merge_group:
6 | branches:
7 | - main
8 | types:
9 | - checks_requested
10 | push:
11 | branches:
12 | - main
13 | workflow_dispatch:
14 | env:
15 | LSR_ROLE2COLL_NAMESPACE: fedora
16 | LSR_ROLE2COLL_NAME: linux_system_roles
17 | permissions:
18 | contents: read
19 | jobs:
20 | ansible_lint:
21 | runs-on: ubuntu-latest
22 | steps:
23 | - name: Update pip, git
24 | run: |
25 | set -euxo pipefail
26 | sudo apt update
27 | sudo apt install -y git
28 |
29 | - name: Checkout repo
30 | uses: actions/checkout@v4
31 |
32 | - name: Install tox, tox-lsr
33 | run: |
34 | set -euxo pipefail
35 | pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.11.0"
36 |
37 | - name: Convert role to collection format
38 | id: collection
39 | run: |
40 | set -euxo pipefail
41 | TOXENV=collection lsr_ci_runtox
42 | coll_dir=".tox/ansible_collections/$LSR_ROLE2COLL_NAMESPACE/$LSR_ROLE2COLL_NAME"
43 | # cleanup after collection conversion
44 | rm -rf "$coll_dir/.ansible" .tox/ansible-plugin-scan
45 | # ansible-lint action requires a .git directory???
46 | # https://github.com/ansible/ansible-lint/blob/main/action.yml#L45
47 | mkdir -p "$coll_dir/.git"
48 | meta_req_file="${{ github.workspace }}/meta/collection-requirements.yml"
49 | test_req_file="${{ github.workspace }}/tests/collection-requirements.yml"
50 | if [ -f "$meta_req_file" ] && [ -f "$test_req_file" ]; then
51 | coll_req_file="${{ github.workspace }}/req.yml"
52 | python -c 'import sys; import yaml
53 | hsh1 = yaml.safe_load(open(sys.argv[1]))
54 | hsh2 = yaml.safe_load(open(sys.argv[2]))
55 | coll = {}
56 | for item in hsh1["collections"] + hsh2["collections"]:
57 | if isinstance(item, dict):
58 | name = item["name"]
59 | rec = item
60 | else:
61 | name = item # assume string
62 | rec = {"name": name}
63 | if name not in coll:
64 | coll[name] = rec
65 | hsh1["collections"] = list(coll.values())
66 | yaml.safe_dump(hsh1, open(sys.argv[3], "w"))' "$meta_req_file" "$test_req_file" "$coll_req_file"
67 | echo merged "$coll_req_file"
68 | cat "$coll_req_file"
69 | elif [ -f "$meta_req_file" ]; then
70 | coll_req_file="$meta_req_file"
71 | elif [ -f "$test_req_file" ]; then
72 | coll_req_file="$test_req_file"
73 | else
74 | coll_req_file=""
75 | fi
76 | echo "coll_req_file=$coll_req_file" >> $GITHUB_OUTPUT
77 |
78 | - name: Run ansible-lint
79 | uses: ansible/ansible-lint@v25
80 | with:
81 | working_directory: ${{ github.workspace }}/.tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{ env.LSR_ROLE2COLL_NAME }}
82 | requirements_file: ${{ steps.collection.outputs.coll_req_file }}
83 | env:
84 | ANSIBLE_COLLECTIONS_PATH: ${{ github.workspace }}/.tox
85 |
--------------------------------------------------------------------------------
/.github/workflows/ansible-managed-var-comment.yml:
--------------------------------------------------------------------------------
1 | ---
2 | name: Check for ansible_managed variable use in comments
3 | on: # yamllint disable-line rule:truthy
4 | pull_request:
5 | merge_group:
6 | branches:
7 | - main
8 | types:
9 | - checks_requested
10 | push:
11 | branches:
12 | - main
13 | workflow_dispatch:
14 | permissions:
15 | contents: read
16 | jobs:
17 | ansible_managed_var_comment:
18 | runs-on: ubuntu-latest
19 | steps:
20 | - name: Update pip, git
21 | run: |
22 | set -euxo pipefail
23 | python3 -m pip install --upgrade pip
24 | sudo apt update
25 | sudo apt install -y git
26 |
27 | - name: Checkout repo
28 | uses: actions/checkout@v4
29 |
30 | - name: Install tox, tox-lsr
31 | run: |
32 | set -euxo pipefail
33 | pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.11.0"
34 |
35 | - name: Run ansible-plugin-scan
36 | run: |
37 | set -euxo pipefail
38 | TOXENV=ansible-managed-var-comment lsr_ci_runtox
39 |
--------------------------------------------------------------------------------
/.github/workflows/ansible-test.yml:
--------------------------------------------------------------------------------
1 | ---
2 | name: Ansible Test
3 | on: # yamllint disable-line rule:truthy
4 | pull_request:
5 | merge_group:
6 | branches:
7 | - main
8 | types:
9 | - checks_requested
10 | push:
11 | branches:
12 | - main
13 | workflow_dispatch:
14 | env:
15 | LSR_ROLE2COLL_NAMESPACE: fedora
16 | LSR_ROLE2COLL_NAME: linux_system_roles
17 | permissions:
18 | contents: read
19 | jobs:
20 | ansible_test:
21 | runs-on: ubuntu-latest
22 | steps:
23 | - name: Update pip, git
24 | run: |
25 | set -euxo pipefail
26 | python3 -m pip install --upgrade pip
27 | sudo apt update
28 | sudo apt install -y git
29 |
30 | - name: Checkout repo
31 | uses: actions/checkout@v4
32 |
33 | - name: Install tox, tox-lsr
34 | run: |
35 | set -euxo pipefail
36 | pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.11.0"
37 |
38 | - name: Convert role to collection format
39 | run: |
40 | set -euxo pipefail
41 | TOXENV=collection lsr_ci_runtox
42 |
43 | - name: Run ansible-test
44 | uses: ansible-community/ansible-test-gh-action@release/v1
45 | with:
46 | testing-type: sanity # wokeignore:rule=sanity
47 | ansible-core-version: stable-2.17
48 | collection-src-directory: ${{ github.workspace }}/.tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{ env.LSR_ROLE2COLL_NAME }}
49 |
--------------------------------------------------------------------------------
/.github/workflows/build_docs.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # yamllint disable rule:line-length
3 | name: Convert README.md to HTML and push to docs branch
4 | on: # yamllint disable-line rule:truthy
5 | push:
6 | branches:
7 | - main
8 | paths:
9 | - README.md
10 | release:
11 | types:
12 | - published
13 | permissions:
14 | contents: read
15 | jobs:
16 | build_docs:
17 | runs-on: ubuntu-latest
18 | permissions:
19 | contents: write
20 | steps:
21 | - name: Update pip, git
22 | run: |
23 | set -euxo pipefail
24 | sudo apt update
25 | sudo apt install -y git
26 |
27 | - name: Check out code
28 | uses: actions/checkout@v4
29 | with:
30 | fetch-depth: 0
31 | - name: Ensure the docs branch
32 | run: |
33 | set -euxo pipefail
34 | branch=docs
35 | existed_in_remote=$(git ls-remote --heads origin $branch)
36 |
37 | if [ -z "${existed_in_remote}" ]; then
38 | echo "Creating $branch branch"
39 | git config --global user.name "${{ github.actor }}"
40 | git config --global user.email "${{ github.actor }}@users.noreply.github.com"
41 | git checkout --orphan $branch
42 | git reset --hard
43 | git commit --allow-empty -m "Initializing $branch branch"
44 | git push origin $branch
45 | echo "Created $branch branch"
46 | else
47 | echo "Branch $branch already exists"
48 | fi
49 |
50 | - name: Checkout the docs branch
51 | uses: actions/checkout@v4
52 | with:
53 | ref: docs
54 |
55 | - name: Fetch README.md and .pandoc_template.html5 template from the workflow branch
56 | uses: actions/checkout@v4
57 | with:
58 | sparse-checkout: |
59 | README.md
60 | .pandoc_template.html5
61 | sparse-checkout-cone-mode: false
62 | path: ref_branch
63 | - name: Set RELEASE_VERSION based on whether run on release or on push
64 | run: |
65 | set -euxo pipefail
66 | if [ ${{ github.event_name }} = release ]; then
67 | echo "RELEASE_VERSION=${{ github.event.release.tag_name }}" >> $GITHUB_ENV
68 | elif [ ${{ github.event_name }} = push ]; then
69 | echo "RELEASE_VERSION=latest" >> $GITHUB_ENV
70 | else
71 | echo Unsupported event
72 | exit 1
73 | fi
74 |
75 | - name: Ensure that version and docs directories exist
76 | run: mkdir -p ${{ env.RELEASE_VERSION }} docs
77 |
78 | - name: Remove badges from README.md prior to converting to HTML
79 | run: sed -i '1,8 {/^\[\!.*actions\/workflows/d}' ref_branch/README.md
80 |
81 | - name: Convert README.md to HTML and save to the version directory
82 | uses: docker://pandoc/core:latest
83 | with:
84 | args: >-
85 | --from gfm --to html5 --toc --shift-heading-level-by=-1
86 | --template ref_branch/.pandoc_template.html5
87 | --output ${{ env.RELEASE_VERSION }}/README.html ref_branch/README.md
88 |
89 | - name: Copy latest README.html to docs/index.html for GitHub pages
90 | if: env.RELEASE_VERSION == 'latest'
91 | run: cp ${{ env.RELEASE_VERSION }}/README.html docs/index.html
92 |
93 | - name: Upload README.html as an artifact
94 | uses: actions/upload-artifact@master
95 | with:
96 | name: README.html
97 | path: ${{ env.RELEASE_VERSION }}/README.html
98 |
99 | - name: Commit changes
100 | run: |
101 | git config --global user.name "${{ github.actor }}"
102 | git config --global user.email "${{ github.actor }}@users.noreply.github.com"
103 | git add ${{ env.RELEASE_VERSION }}/README.html docs/index.html
104 | git commit -m "Update README.html for ${{ env.RELEASE_VERSION }}"
105 |
106 | - name: Push changes
107 | uses: ad-m/github-push-action@master
108 | with:
109 | github_token: ${{ secrets.GITHUB_TOKEN }}
110 | branch: docs
111 |
--------------------------------------------------------------------------------
/.github/workflows/changelog_to_tag.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # yamllint disable rule:line-length
3 | name: Tag, release, and publish role based on CHANGELOG.md push
4 | on: # yamllint disable-line rule:truthy
5 | push:
6 | branches:
7 | - main
8 | paths:
9 | - CHANGELOG.md
10 | permissions:
11 | contents: read
12 | jobs:
13 | tag_release_publish:
14 | runs-on: ubuntu-latest
15 | permissions:
16 | contents: write
17 | steps:
18 | - name: Update pip, git
19 | run: |
20 | set -euxo pipefail
21 | sudo apt update
22 | sudo apt install -y git
23 |
24 | - name: checkout PR
25 | uses: actions/checkout@v4
26 |
27 | - name: Get tag and message from the latest CHANGELOG.md commit
28 | id: tag
29 | run: |
30 | set -euxo pipefail
31 | print=false
32 | while read -r line; do
33 | if [[ "$line" =~ ^\[([0-9]+\.[0-9]+\.[0-9]+)\]\ -\ [0-9-]+ ]]; then
34 | if [ "$print" = false ]; then
35 | _tagname="${BASH_REMATCH[1]}"
36 | echo "$line"
37 | print=true
38 | else
39 | break
40 | fi
41 | elif [ "$print" = true ]; then
42 | echo "$line"
43 | fi
44 | done < CHANGELOG.md > ./.tagmsg.txt
45 | git fetch --all --tags
46 | for t in $( git tag -l ); do
47 | if [ "$t" = "$_tagname" ]; then
48 | echo INFO: tag "$t" already exists
49 | exit 1
50 | fi
51 | done
52 | # Get name of the branch that the change was pushed to
53 | _branch="${GITHUB_REF_NAME:-}"
54 | if [ "$_branch" = master ] || [ "$_branch" = main ]; then
55 | echo Using branch name ["$_branch"] as push branch
56 | else
57 | echo WARNING: GITHUB_REF_NAME ["$_branch"] is not main or master
58 | _branch=$( git branch -r | grep -o 'origin/HEAD -> origin/.*$' | \
59 | awk -F'/' '{print $3}' || : )
60 | fi
61 | if [ -z "$_branch" ]; then
62 | _branch=$( git branch --points-at HEAD --no-color --format='%(refname:short)' )
63 | fi
64 | if [ -z "$_branch" ]; then
65 | echo ERROR: unable to determine push branch
66 | git branch -a
67 | exit 1
68 | fi
69 | echo "tagname=$_tagname" >> "$GITHUB_OUTPUT"
70 | echo "branch=$_branch" >> "$GITHUB_OUTPUT"
71 | - name: Create tag
72 | uses: mathieudutour/github-tag-action@v6.2
73 | with:
74 | github_token: ${{ secrets.GITHUB_TOKEN }}
75 | custom_tag: ${{ steps.tag.outputs.tagname }}
76 | tag_prefix: ''
77 |
78 | - name: Create Release
79 | id: create_release
80 | uses: ncipollo/release-action@v1
81 | with:
82 | tag: ${{ steps.tag.outputs.tagname }}
83 | name: Version ${{ steps.tag.outputs.tagname }}
84 | bodyFile: ./.tagmsg.txt
85 | makeLatest: true
86 |
87 | - name: Publish role to Galaxy
88 | uses: robertdebock/galaxy-action@1.2.1
89 | with:
90 | galaxy_api_key: ${{ secrets.galaxy_api_key }}
91 | git_branch: ${{ steps.tag.outputs.branch }}
92 |
--------------------------------------------------------------------------------
/.github/workflows/codespell.yml:
--------------------------------------------------------------------------------
1 | # Codespell configuration is within .codespellrc
2 | ---
3 | name: Codespell
4 | on: # yamllint disable-line rule:truthy
5 | - pull_request
6 | permissions:
7 | contents: read
8 | jobs:
9 | codespell:
10 | name: Check for spelling errors
11 | runs-on: ubuntu-latest
12 | steps:
13 | - name: Checkout
14 | uses: actions/checkout@v4
15 |
16 | - name: Codespell
17 | uses: codespell-project/actions-codespell@v2
18 |
--------------------------------------------------------------------------------
/.github/workflows/markdownlint.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # yamllint disable rule:line-length
3 | name: Markdown Lint
4 | on: # yamllint disable-line rule:truthy
5 | pull_request:
6 | merge_group:
7 | branches:
8 | - main
9 | types:
10 | - checks_requested
11 | push:
12 | branches:
13 | - main
14 | workflow_dispatch:
15 | permissions:
16 | contents: read
17 | jobs:
18 | markdownlint:
19 | runs-on: ubuntu-latest
20 | steps:
21 | - name: Update pip, git
22 | run: |
23 | set -euxo pipefail
24 | sudo apt update
25 | sudo apt install -y git
26 |
27 | - name: Check out code
28 | uses: actions/checkout@v4
29 |
30 | # CHANGELOG.md is generated automatically from PR titles and descriptions
31 | # It might have issues but they are not critical
32 | - name: Lint all markdown files except for CHANGELOG.md
33 | uses: docker://avtodev/markdown-lint:master
34 | with:
35 | args: >-
36 | --ignore=CHANGELOG.md
37 | **/*.md
38 | config: .markdownlint.yaml
39 |
--------------------------------------------------------------------------------
/.github/workflows/pr-title-lint.yml:
--------------------------------------------------------------------------------
1 | ---
2 | name: PR Title Lint
3 | on: # yamllint disable-line rule:truthy
4 | pull_request:
5 | types:
6 | - opened
7 | - synchronize
8 | - reopened
9 | - edited
10 | merge_group:
11 | branches:
12 | - main
13 | types:
14 | - checks_requested
15 | permissions:
16 | contents: read
17 | jobs:
18 | commit-checks:
19 | runs-on: ubuntu-latest
20 | steps:
21 | - uses: actions/checkout@v4
22 | with:
23 | fetch-depth: 0
24 |
25 | - name: Install conventional-commit linter
26 | run: npm install @commitlint/config-conventional @commitlint/cli
27 |
28 | - name: Run commitlint on PR title
29 | env:
30 | PR_TITLE: ${{ github.event.pull_request.title }}
31 | # Echo from env variable to avoid bash errors with extra characters
32 | run: echo "$PR_TITLE" | npx commitlint --verbose
33 |
--------------------------------------------------------------------------------
/.github/workflows/qemu-kvm-integration-tests.yml:
--------------------------------------------------------------------------------
1 | ---
2 | name: Test
3 | on: # yamllint disable-line rule:truthy
4 | pull_request:
5 | merge_group:
6 | branches:
7 | - main
8 | types:
9 | - checks_requested
10 | push:
11 | branches:
12 | - main
13 | workflow_dispatch:
14 |
15 | permissions:
16 | contents: read
17 | # This is required for the ability to create/update the Pull request status
18 | statuses: write
19 | jobs:
20 | scenario:
21 | runs-on: ubuntu-latest
22 |
23 | strategy:
24 | fail-fast: false
25 | matrix:
26 | scenario:
27 | # QEMU
28 | - { image: "centos-9", env: "qemu-ansible-core-2.16" }
29 | - { image: "centos-10", env: "qemu-ansible-core-2.17" }
30 | # ansible/libdnf5 bug: https://issues.redhat.com/browse/RHELMISC-10110
31 | # - { image: "fedora-41", env: "qemu-ansible-core-2.17" }
32 | - { image: "fedora-42", env: "qemu-ansible-core-2.19" }
33 |
34 | # container
35 | - { image: "centos-9", env: "container-ansible-core-2.16" }
36 | - { image: "centos-9-bootc", env: "container-ansible-core-2.16" }
37 | # broken on non-running dbus
38 | # - { image: "centos-10", env: "container-ansible-core-2.17" }
39 | - { image: "centos-10-bootc", env: "container-ansible-core-2.17" }
40 | - { image: "fedora-41", env: "container-ansible-core-2.17" }
41 | - { image: "fedora-42", env: "container-ansible-core-2.17" }
42 | - { image: "fedora-41-bootc", env: "container-ansible-core-2.17" }
43 | - { image: "fedora-42-bootc", env: "container-ansible-core-2.17" }
44 |
45 | env:
46 | TOX_ARGS: "--skip-tags tests::infiniband,tests::nvme,tests::scsi"
47 |
48 | steps:
49 | - name: Checkout repo
50 | uses: actions/checkout@v4
51 |
52 | - name: Check if platform is supported
53 | id: check_platform
54 | run: |
55 | set -euxo pipefail
56 | image="${{ matrix.scenario.image }}"
57 | image="${image%-bootc}"
58 |
59 | # convert image to tag formats
60 | platform=
61 | platform_version=
62 | case "$image" in
63 | centos-*) platform=el; platform_version=el"${image#centos-}" ;;
64 | fedora-*) platform=fedora; platform_version="${image/-/}" ;;
65 | esac
66 | supported=
67 | if yq -e '.galaxy_info.galaxy_tags[] | select(. == "'${platform_version}'" or . == "'${platform}'")' meta/main.yml; then
68 | supported=true
69 | fi
70 |
71 | # bootc build support (in buildah) has a separate flag
72 | if [ "${{ matrix.scenario.image }}" != "$image" ]; then
73 | if ! yq -e '.galaxy_info.galaxy_tags[] | select(. == "containerbuild")' meta/main.yml; then
74 | supported=
75 | fi
76 | else
77 | # roles need to opt into support for running in a system container
78 | env="${{ matrix.scenario.env }}"
79 | if [ "${env#container}" != "$env" ] &&
80 | ! yq -e '.galaxy_info.galaxy_tags[] | select(. == "container")' meta/main.yml; then
81 | supported=
82 | fi
83 | fi
84 |
85 | echo "supported=$supported" >> "$GITHUB_OUTPUT"
86 |
87 | - name: Set up /dev/kvm
88 | if: steps.check_platform.outputs.supported
89 | run: |
90 | echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm.rules
91 | sudo udevadm control --reload-rules
92 | sudo udevadm trigger --name-match=kvm --settle
93 | ls -l /dev/kvm
94 |
95 | - name: Disable man-db to speed up package install
96 | if: steps.check_platform.outputs.supported
97 | run: |
98 | echo "set man-db/auto-update false" | sudo debconf-communicate
99 | sudo dpkg-reconfigure man-db
100 |
101 | - name: Install test dependencies
102 | if: steps.check_platform.outputs.supported
103 | run: |
104 | set -euxo pipefail
105 | python3 -m pip install --upgrade pip
106 | sudo apt update
107 | sudo apt install -y --no-install-recommends git ansible-core genisoimage qemu-system-x86
108 | pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.11.0"
109 |
110 | # HACK: Drop this when moving this workflow to 26.04 LTS
111 | - name: Update podman to 5.x for compatibility with bootc-image-builder's podman 5
112 | if: steps.check_platform.outputs.supported && endsWith(matrix.scenario.image, '-bootc')
113 | run: |
114 | sed 's/noble/plucky/g' /etc/apt/sources.list.d/ubuntu.sources | sudo tee /etc/apt/sources.list.d/plucky.sources >/dev/null
115 | cat </dev/null
116 | Package: podman buildah golang-github-containers-common crun libgpgme11t64 libgpg-error0 golang-github-containers-image catatonit conmon containers-storage
117 | Pin: release n=plucky
118 | Pin-Priority: 991
119 |
120 | Package: libsubid4 netavark passt aardvark-dns containernetworking-plugins libslirp0 slirp4netns
121 | Pin: release n=plucky
122 | Pin-Priority: 991
123 |
124 | Package: *
125 | Pin: release n=plucky
126 | Pin-Priority: 400
127 | EOF
128 |
129 | sudo apt update
130 | sudo apt install -y podman crun conmon containers-storage
131 |
132 | - name: Configure tox-lsr
133 | if: steps.check_platform.outputs.supported
134 | run: >-
135 | curl -o ~/.config/linux-system-roles.json
136 | https://raw.githubusercontent.com/linux-system-roles/linux-system-roles.github.io/master/download/linux-system-roles.json
137 |
138 | - name: Run qemu integration tests
139 | if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'qemu')
140 | run: >-
141 | tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} --make-batch
142 | --log-level debug $TOX_ARGS --skip-tags tests::bootc-e2e
143 | --lsr-report-errors-url DEFAULT --
144 |
145 | - name: Qemu result summary
146 | if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'qemu') && always()
147 | run: |
148 | set -euo pipefail
149 | # some platforms may have setup/cleanup playbooks - need to find the
150 | # actual test playbook that starts with tests_
151 | while read code start end test_files; do
152 | for f in $test_files; do
153 | test_file="$f"
154 | f="$(basename $test_file)"
155 | if [[ "$f" =~ ^tests_ ]]; then
156 | break
157 | fi
158 | done
159 | if [ "$code" = "0" ]; then
160 | echo -n "PASS: "
161 | mv "$test_file.log" "${test_file}-SUCCESS.log"
162 | else
163 | echo -n "FAIL: "
164 | mv "$test_file.log" "${test_file}-FAIL.log"
165 | fi
166 | echo "$f"
167 | done < batch.report
168 |
169 | - name: Run container tox integration tests
170 | if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'container')
171 | run: |
172 | set -euo pipefail
173 | # HACK: debug.py/profile.py setup is broken
174 | export LSR_CONTAINER_PROFILE=false
175 | export LSR_CONTAINER_PRETTY=false
176 | rc=0
177 | for t in tests/tests_*.yml; do
178 | if tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} $t > ${t}.log 2>&1; then
179 | echo "PASS: $(basename $t)"
180 | mv "${t}.log" "${t}-SUCCESS.log"
181 | else
182 | echo "FAIL: $(basename $t)"
183 | mv "${t}.log" "${t}-FAIL.log"
184 | rc=1
185 | fi
186 | done
187 | exit $rc
188 |
189 | - name: Run bootc validation tests in QEMU
190 | if: steps.check_platform.outputs.supported &&
191 | startsWith(matrix.scenario.env, 'container') &&
192 | endsWith(matrix.scenario.image, '-bootc')
193 | run: |
194 | set -euxo pipefail
195 | env=$(echo "${{ matrix.scenario.env }}" | sed 's/^container-/qemu-/')
196 |
197 | for image_file in $(ls tests/tmp/*/qcow2/disk.qcow2 2>/dev/null); do
198 | test="tests/$(basename $(dirname $(dirname $image_file))).yml"
199 | if tox -e "$env" -- --image-file "$(pwd)/$image_file" \
200 | --log-level debug $TOX_ARGS \
201 | --lsr-report-errors-url DEFAULT \
202 | -e __bootc_validation=true \
203 | -- "$test" >out 2>&1; then
204 | mv out "${test}-PASS.log"
205 | else
206 | mv out "${test}-FAIL.log"
207 | exit 1
208 | fi
209 | done
210 |
211 | - name: Upload test logs on failure
212 | if: failure()
213 | uses: actions/upload-artifact@v4
214 | with:
215 | name: "logs-${{ matrix.scenario.image }}-${{ matrix.scenario.env }}"
216 | path: |
217 | tests/*.log
218 | artifacts/default_provisioners.log
219 | artifacts/*.qcow2.*.log
220 | batch.txt
221 | batch.report
222 | retention-days: 30
223 |
224 | - name: Show test log failures
225 | if: steps.check_platform.outputs.supported && failure()
226 | run: |
227 | set -euo pipefail
228 | # grab check_logs.py script
229 | curl -s -L -o check_logs.py https://raw.githubusercontent.com/linux-system-roles/auto-maintenance/refs/heads/main/check_logs.py
230 | chmod +x check_logs.py
231 | declare -a cmdline=(./check_logs.py --github-action-format)
232 | for log in tests/*-FAIL.log; do
233 | cmdline+=(--lsr-error-log "$log")
234 | done
235 | "${cmdline[@]}"
236 |
237 | - name: Set commit status as success with a description that platform is skipped
238 | if: ${{ steps.check_platform.outputs.supported == '' }}
239 | uses: myrotvorets/set-commit-status-action@master
240 | with:
241 | status: success
242 | context: "${{ github.workflow }} / scenario (${{ matrix.scenario.image }}, ${{ matrix.scenario.env }}) (pull_request)"
243 | description: The role does not support this platform. Skipping.
244 | targetUrl: ""
245 |
--------------------------------------------------------------------------------
/.github/workflows/test_converting_readme.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # yamllint disable rule:line-length
3 | name: Test converting README.md to README.html
4 | on: # yamllint disable-line rule:truthy
5 | pull_request:
6 | merge_group:
7 | branches:
8 | - main
9 | types:
10 | - checks_requested
11 | push:
12 | branches:
13 | - main
14 | permissions:
15 | contents: read
16 | jobs:
17 | test_converting_readme:
18 | runs-on: ubuntu-latest
19 | permissions:
20 | contents: write
21 | steps:
22 | - name: Update pip, git
23 | run: |
24 | set -euxo pipefail
25 | sudo apt update
26 | sudo apt install -y git
27 |
28 | - name: Check out code
29 | uses: actions/checkout@v4
30 |
31 | - name: Remove badges from README.md prior to converting to HTML
32 | run: sed -i '1,8 {/^\[\!.*actions\/workflows/d}' README.md
33 |
34 | - name: Convert README.md to HTML
35 | uses: docker://pandoc/core:latest
36 | with:
37 | args: >-
38 | --from gfm --to html5 --toc --shift-heading-level-by=-1
39 | --template .pandoc_template.html5
40 | --output README.html README.md
41 |
42 | - name: Upload README.html as an artifact
43 | uses: actions/upload-artifact@master
44 | with:
45 | name: README.html
46 | path: README.html
47 |
--------------------------------------------------------------------------------
/.github/workflows/tft.yml:
--------------------------------------------------------------------------------
1 | ---
2 | name: Run integration tests in Testing Farm
3 | on:
4 | issue_comment:
5 | types:
6 | - created
7 | permissions:
8 | contents: read
9 | # This is required for the ability to create/update the Pull request status
10 | statuses: write
11 | jobs:
12 | prepare_vars:
13 | name: Get info from role and PR to determine if and how to test
14 | # The concurrency key is used to prevent multiple workflows from running at the same time
15 | concurrency:
16 | # group name contains reponame-pr_num to allow simualteneous runs in different PRs
17 | group: testing-farm-${{ github.event.repository.name }}-${{ github.event.issue.number }}
18 | cancel-in-progress: true
19 | # Let's schedule tests only on user request. NOT automatically.
20 | # Only repository owner or member can schedule tests
21 | if: |
22 | github.event.issue.pull_request
23 | && contains(github.event.comment.body, '[citest]')
24 | && (contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association)
25 | || contains('systemroller', github.event.comment.user.login))
26 | runs-on: ubuntu-latest
27 | outputs:
28 | supported_platforms: ${{ steps.supported_platforms.outputs.supported_platforms }}
29 | head_sha: ${{ steps.head_sha.outputs.head_sha }}
30 | memory: ${{ steps.memory.outputs.memory }}
31 | steps:
32 | - name: Dump github context
33 | run: echo "$GITHUB_CONTEXT"
34 | shell: bash
35 | env:
36 | GITHUB_CONTEXT: ${{ toJson(github) }}
37 |
38 | - name: Checkout repo
39 | uses: actions/checkout@v4
40 |
41 | - name: Get head sha of the PR
42 | id: head_sha
43 | run: |
44 | head_sha=$(gh api "repos/$REPO/pulls/$PR_NO" --jq '.head.sha')
45 | echo "head_sha=$head_sha" >> $GITHUB_OUTPUT
46 | env:
47 | REPO: ${{ github.repository }}
48 | PR_NO: ${{ github.event.issue.number }}
49 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
50 |
51 | - name: Checkout PR
52 | uses: actions/checkout@v4
53 | with:
54 | ref: ${{ steps.head_sha.outputs.head_sha }}
55 |
56 | - name: Get memory
57 | id: memory
58 | run: |
59 | if [ -d tests/provision.fmf ]; then
60 | memory=$(grep -rPo ' m: \K(.*)' tests/provision.fmf)
61 | fi
62 | if [ -n "$memory" ]; then
63 | echo "memory=$memory" >> $GITHUB_OUTPUT
64 | else
65 | echo "memory=2048" >> $GITHUB_OUTPUT
66 | fi
67 |
68 | - name: Get supported platforms
69 | id: supported_platforms
70 | run: |
71 | supported_platforms=""
72 | meta_main=meta/main.yml
73 | # All Fedora are supported, add latest Fedora versions to supported_platforms
74 | if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi fedora$; then
75 | supported_platforms+=" Fedora-41"
76 | supported_platforms+=" Fedora-42"
77 | fi
78 | # Specific Fedora versions supported
79 | if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qiP 'fedora\d+$'; then
80 | for fedora_ver in $(yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -iPo 'fedora\K(\d+$)'); do
81 | supported_platforms+=" Fedora-$fedora_ver"
82 | done
83 | fi
84 | if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi el7; then
85 | supported_platforms+=" CentOS-7-latest"
86 | fi
87 | for ver in 8 9 10; do
88 | if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi el"$ver"; then
89 | supported_platforms+=" CentOS-Stream-$ver"
90 | fi
91 | done
92 | echo "supported_platforms=$supported_platforms" >> $GITHUB_OUTPUT
93 |
94 | testing-farm:
95 | name: ${{ matrix.platform }}/ansible-${{ matrix.ansible_version }}
96 | needs: prepare_vars
97 | strategy:
98 | fail-fast: false
99 | matrix:
100 | include:
101 | - platform: Fedora-41
102 | ansible_version: 2.17
103 | - platform: Fedora-42
104 | ansible_version: 2.19
105 | - platform: CentOS-7-latest
106 | ansible_version: 2.9
107 | - platform: CentOS-Stream-8
108 | ansible_version: 2.9
109 | # On CentOS-Stream-8, latest supported Ansible is 2.16
110 | - platform: CentOS-Stream-8
111 | ansible_version: 2.16
112 | - platform: CentOS-Stream-9
113 | ansible_version: 2.17
114 | - platform: CentOS-Stream-10
115 | ansible_version: 2.17
116 | runs-on: ubuntu-latest
117 | env:
118 | ARTIFACTS_DIR_NAME: "tf_${{ github.event.repository.name }}-${{ github.event.issue.number }}_\
119 | ${{ matrix.platform }}-${{ matrix.ansible_version }}_\
120 | ${{ needs.prepare_vars.outputs.datetime }}/artifacts"
121 | ARTIFACT_TARGET_DIR: /srv/pub/alt/${{ vars.SR_LSR_USER }}/logs
122 | steps:
123 | - name: Set variables with DATETIME and artifact location
124 | id: set_vars
125 | run: |
126 | printf -v DATETIME '%(%Y%m%d-%H%M%S)T' -1
127 | ARTIFACTS_DIR_NAME="tf_${{ github.event.repository.name }}-${{ github.event.issue.number }}_\
128 | ${{ matrix.platform }}-${{ matrix.ansible_version }}_$DATETIME/artifacts"
129 | ARTIFACTS_TARGET_DIR=/srv/pub/alt/${{ vars.SR_LSR_USER }}/logs
130 | ARTIFACTS_DIR=$ARTIFACTS_TARGET_DIR/$ARTIFACTS_DIR_NAME
131 | ARTIFACTS_URL=https://dl.fedoraproject.org/pub/alt/${{ vars.SR_LSR_USER }}/logs/$ARTIFACTS_DIR_NAME
132 | echo "DATETIME=$DATETIME" >> $GITHUB_OUTPUT
133 | echo "ARTIFACTS_DIR=$ARTIFACTS_DIR" >> $GITHUB_OUTPUT
134 | echo "ARTIFACTS_URL=$ARTIFACTS_URL" >> $GITHUB_OUTPUT
135 |
136 | - name: Set commit status as pending
137 | if: contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)
138 | uses: myrotvorets/set-commit-status-action@master
139 | with:
140 | sha: ${{ needs.prepare_vars.outputs.head_sha }}
141 | status: pending
142 | context: ${{ matrix.platform }}|ansible-${{ matrix.ansible_version }}
143 | description: Test started
144 | targetUrl: ""
145 |
146 | - name: Set commit status as success with a description that platform is skipped
147 | if: "!contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)"
148 | uses: myrotvorets/set-commit-status-action@master
149 | with:
150 | sha: ${{ needs.prepare_vars.outputs.head_sha }}
151 | status: success
152 | context: ${{ matrix.platform }}|ansible-${{ matrix.ansible_version }}
153 | description: The role does not support this platform. Skipping.
154 | targetUrl: ""
155 |
156 | - name: Run test in testing farm
157 | uses: sclorg/testing-farm-as-github-action@v4
158 | if: contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)
159 | with:
160 | git_ref: main
161 | pipeline_settings: '{ "type": "tmt-multihost" }'
162 | environment_settings: '{ "provisioning": { "tags": { "BusinessUnit": "system_roles" } } }'
163 | # Keeping SR_ARTIFACTS_URL at the bottom makes the link in logs clickable
164 | variables: "SR_ANSIBLE_VER=${{ matrix.ansible_version }};\
165 | SR_REPO_NAME=${{ github.event.repository.name }};\
166 | SR_GITHUB_ORG=${{ github.repository_owner }};\
167 | SR_PR_NUM=${{ github.event.issue.number }};\
168 | SR_ARTIFACTS_DIR=${{ steps.set_vars.outputs.ARTIFACTS_DIR }};\
169 | SR_TEST_LOCAL_CHANGES=false;\
170 | SR_LSR_USER=${{ vars.SR_LSR_USER }};\
171 | SR_ARTIFACTS_URL=${{ steps.set_vars.outputs.ARTIFACTS_URL }}"
172 | # Note that LINUXSYSTEMROLES_SSH_KEY must be single-line, TF doesn't read multi-line variables fine.
173 | secrets: "SR_LSR_DOMAIN=${{ secrets.SR_LSR_DOMAIN }};\
174 | SR_LSR_SSH_KEY=${{ secrets.SR_LSR_SSH_KEY }}"
175 | compose: ${{ matrix.platform }}
176 | # There are two blockers for using public ranch:
177 | # 1. multihost is not supported in public https://github.com/teemtee/tmt/issues/2620
178 | # 2. Security issue that leaks long secrets - Jira TFT-2698
179 | tf_scope: private
180 | api_key: ${{ secrets.TF_API_KEY_RH }}
181 | update_pull_request_status: false
182 | tmt_plan_filter: "tag:playbooks_parallel,kdump"
183 |
184 | - name: Set final commit status
185 | uses: myrotvorets/set-commit-status-action@master
186 | if: always() && contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)
187 | with:
188 | sha: ${{ needs.prepare_vars.outputs.head_sha }}
189 | status: ${{ job.status }}
190 | context: ${{ matrix.platform }}|ansible-${{ matrix.ansible_version }}
191 | description: Test finished
192 | targetUrl: ${{ steps.set_vars.outputs.ARTIFACTS_URL }}
193 |
--------------------------------------------------------------------------------
/.github/workflows/tft_citest_bad.yml:
--------------------------------------------------------------------------------
1 | ---
2 | name: Re-run failed testing farm tests
3 | on:
4 | issue_comment:
5 | types:
6 | - created
7 | permissions:
8 | contents: read
9 | jobs:
10 | citest_bad_rerun:
11 | if: |
12 | github.event.issue.pull_request
13 | && contains(fromJson('["[citest_bad]", "[citest-bad]", "[citest bad]"]'), github.event.comment.body)
14 | && contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association)
15 | permissions:
16 | actions: write # for re-running failed jobs: https://docs.github.com/en/rest/actions/workflow-runs?apiVersion=2022-11-28#re-run-a-job-from-a-workflow-run
17 | runs-on: ubuntu-latest
18 | steps:
19 | - name: Wait 10s until tft.yml workflow is created and skipped because new comment don't match [citest]
20 | run: sleep 10s
21 |
22 | - name: Re-run failed jobs for this PR
23 | env:
24 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
25 | REPO: ${{ github.repository }}
26 | PR_TITLE: ${{ github.event.issue.title }}
27 | run: |
28 | PENDING_RUN=$(gh api "repos/$REPO/actions/workflows/tft.yml/runs?event=issue_comment" \
29 | | jq -r "[.workflow_runs[] | select( .display_title == \"$PR_TITLE\") | \
30 | select(.status == \"pending\" or .status == \"queued\" or .status == \"in_progress\") | .id][0]")
31 | # if pending run don't exist, take the last run with failure state
32 | if [ "$PENDING_RUN" != "null" ]; then
33 | echo "The workflow $PENDING_RUN is still running, wait for it to finish to re-run"
34 | exit 1
35 | fi
36 | RUN_ID=$(gh api "repos/$REPO/actions/workflows/tft.yml/runs?event=issue_comment" \
37 | | jq -r "[.workflow_runs[] | select( .display_title == \"$PR_TITLE\" ) | select( .conclusion == \"failure\" ) | .id][0]")
38 | if [ "$RUN_ID" = "null" ]; then
39 | echo "Failed workflow not found, exiting"
40 | exit 1
41 | fi
42 | echo "Re-running workflow $RUN_ID"
43 | gh api --method POST repos/$REPO/actions/runs/$RUN_ID/rerun-failed-jobs
44 |
--------------------------------------------------------------------------------
/.github/workflows/weekly_ci.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # yamllint disable rule:line-length
3 | name: Weekly CI trigger
4 | on: # yamllint disable-line rule:truthy
5 | workflow_dispatch:
6 | schedule:
7 | - cron: 0 7 * * 6
8 | env:
9 | BRANCH_NAME: weekly-ci
10 | COMMIT_MESSAGE: "ci: This PR is to trigger periodic CI testing"
11 | BODY_MESSAGE: >-
12 | This PR is for the purpose of triggering periodic CI testing.
13 | We don't currently have a way to trigger CI without a PR,
14 | so this PR serves that purpose.
15 | COMMENT: "[citest]"
16 | permissions:
17 | contents: read
18 | jobs:
19 | weekly_ci:
20 | runs-on: ubuntu-latest
21 | permissions:
22 | issues: write
23 | pull-requests: write
24 | contents: write
25 | steps:
26 | - name: Update pip, git
27 | run: |
28 | set -euxo pipefail
29 | sudo apt update
30 | sudo apt install -y git
31 |
32 | - name: Checkout latest code
33 | uses: actions/checkout@v4
34 | with:
35 | fetch-depth: 0
36 | - name: Create or rebase commit, add dump_packages callback
37 | run: |
38 | set -euxo pipefail
39 |
40 | git config --global user.name "github-actions[bot]"
41 | git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
42 | git checkout ${{ env.BRANCH_NAME }} || git checkout -b ${{ env.BRANCH_NAME }}
43 | git rebase main
44 | if [ ! -d tests/callback_plugins ]; then
45 | mkdir -p tests/callback_plugins
46 | fi
47 | curl -L -s -o tests/callback_plugins/dump_packages.py https://raw.githubusercontent.com/linux-system-roles/auto-maintenance/main/callback_plugins/dump_packages.py
48 | git add tests/callback_plugins
49 | git commit --allow-empty -m "${{ env.COMMIT_MESSAGE }}"
50 | git push -f --set-upstream origin ${{ env.BRANCH_NAME }}
51 |
52 | - name: Create and comment pull request
53 | uses: actions/github-script@v7
54 | with:
55 | github-token: ${{ secrets.GH_PUSH_TOKEN }}
56 | script: |
57 | const head = [context.repo.owner, ":", "${{ env.BRANCH_NAME }}"].join("");
58 | const response = await github.rest.pulls.list({
59 | owner: context.repo.owner,
60 | repo: context.repo.repo,
61 | head: head,
62 | base: context.ref,
63 | state: "open"
64 | });
65 | let pr_number = '';
66 | if (response.data.length === 0) {
67 | pr_number = (await github.rest.pulls.create({
68 | owner: context.repo.owner,
69 | repo: context.repo.repo,
70 | title: "${{ env.COMMIT_MESSAGE }}",
71 | body: "${{ env.BODY_MESSAGE }}",
72 | head: "${{ env.BRANCH_NAME }}",
73 | base: context.ref,
74 | draft: true
75 | })).data.number;
76 | } else {
77 | pr_number = response.data[0].number;
78 | }
79 | github.rest.issues.createComment({
80 | owner: context.repo.owner,
81 | repo: context.repo.repo,
82 | issue_number: pr_number,
83 | body: "${{ env.COMMENT }}",
84 | });
85 |
--------------------------------------------------------------------------------
/.github/workflows/woke.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # yamllint disable rule:line-length
3 | name: Woke
4 | on: # yamllint disable-line rule:truthy
5 | - pull_request
6 | jobs:
7 | woke:
8 | name: Detect non-inclusive language
9 | runs-on: ubuntu-latest
10 | steps:
11 | - name: Checkout
12 | uses: actions/checkout@v4
13 |
14 | - name: Run lsr-woke-action
15 | # Originally, uses: get-woke/woke-action@v0
16 | uses: linux-system-roles/lsr-woke-action@main
17 | with:
18 | woke-args: "-c https://raw.githubusercontent.com/linux-system-roles/tox-lsr/main/src/tox_lsr/config_files/woke.yml --count-only-error-for-failure"
19 | # Cause the check to fail on any broke rules
20 | fail-on-error: true
21 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | passes.yml
2 | vault.yml
3 | *.pyc
4 | *.retry
5 | /tests/.coverage
6 | /tests/htmlcov*
7 | /.tox
8 | /venv*/
9 | /.venv/
10 | .vscode/
11 | artifacts/
12 | __pycache__/
13 | *~
14 | .pytest_cache/
15 |
--------------------------------------------------------------------------------
/.markdownlint.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | # Default state for all rules
3 | default: true
4 |
5 | # Path to configuration file to extend
6 | extends: null
7 |
8 | # MD001/heading-increment/header-increment - Heading levels should only increment by one level at a time
9 | MD001: true
10 |
11 | # MD002/first-heading-h1/first-header-h1 - First heading should be a top-level heading
12 | MD002:
13 | # Heading level
14 | level: 1
15 |
16 | # MD003/heading-style/header-style - Heading style
17 | MD003:
18 | # Heading style
19 | style: "consistent"
20 |
21 | # MD004/ul-style - Unordered list style
22 | MD004:
23 | # List style
24 | style: "consistent"
25 |
26 | # MD005/list-indent - Inconsistent indentation for list items at the same level
27 | MD005: true
28 |
29 | # MD006/ul-start-left - Consider starting bulleted lists at the beginning of the line
30 | MD006: true
31 |
32 | # MD007/ul-indent - Unordered list indentation
33 | MD007:
34 | # Spaces for indent
35 | indent: 2
36 | # Whether to indent the first level of the list
37 | start_indented: false
38 | # Spaces for first level indent (when start_indented is set)
39 | start_indent: 2
40 |
41 | # MD009/no-trailing-spaces - Trailing spaces
42 | MD009:
43 | # Spaces for line break
44 | br_spaces: 2
45 | # Allow spaces for empty lines in list items
46 | list_item_empty_lines: false
47 | # Include unnecessary breaks
48 | strict: false
49 |
50 | # MD010/no-hard-tabs - Hard tabs
51 | MD010:
52 | # Include code blocks
53 | code_blocks: true
54 | # Fenced code languages to ignore
55 | ignore_code_languages: []
56 | # Number of spaces for each hard tab
57 | spaces_per_tab: 1
58 |
59 | # MD011/no-reversed-links - Reversed link syntax
60 | MD011: true
61 |
62 | # MD012/no-multiple-blanks - Multiple consecutive blank lines
63 | MD012:
64 | # Consecutive blank lines
65 | maximum: 1
66 |
67 | # Modified for LSR
68 | # GFM does not limit line length
69 | # MD013/line-length - Line length
70 | MD013: false
71 | # # Number of characters
72 | # # line_length: 80
73 | # line_length: 999
74 | # # Number of characters for headings
75 | # heading_line_length: 80
76 | # # Number of characters for code blocks
77 | # code_block_line_length: 80
78 | # # Include code blocks
79 | # code_blocks: true
80 | # # Include tables
81 | # tables: true
82 | # # Include headings
83 | # headings: true
84 | # # Include headings
85 | # headers: true
86 | # # Strict length checking
87 | # strict: false
88 | # # Stern length checking
89 | # stern: false
90 |
91 | # MD014/commands-show-output - Dollar signs used before commands without showing output
92 | MD014: true
93 |
94 | # MD018/no-missing-space-atx - No space after hash on atx style heading
95 | MD018: true
96 |
97 | # MD019/no-multiple-space-atx - Multiple spaces after hash on atx style heading
98 | MD019: true
99 |
100 | # MD020/no-missing-space-closed-atx - No space inside hashes on closed atx style heading
101 | MD020: true
102 |
103 | # MD021/no-multiple-space-closed-atx - Multiple spaces inside hashes on closed atx style heading
104 | MD021: true
105 |
106 | # MD022/blanks-around-headings/blanks-around-headers - Headings should be surrounded by blank lines
107 | MD022:
108 | # Blank lines above heading
109 | lines_above: 1
110 | # Blank lines below heading
111 | lines_below: 1
112 |
113 | # MD023/heading-start-left/header-start-left - Headings must start at the beginning of the line
114 | MD023: true
115 |
116 | # MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
117 | MD024: true
118 |
119 | # MD025/single-title/single-h1 - Multiple top-level headings in the same document
120 | MD025:
121 | # Heading level
122 | level: 1
123 | # RegExp for matching title in front matter
124 | front_matter_title: "^\\s*title\\s*[:=]"
125 |
126 | # MD026/no-trailing-punctuation - Trailing punctuation in heading
127 | MD026:
128 | # Punctuation characters not allowed at end of headings
129 | punctuation: ".,;:!。,;:!"
130 |
131 | # MD027/no-multiple-space-blockquote - Multiple spaces after blockquote symbol
132 | MD027: true
133 |
134 | # MD028/no-blanks-blockquote - Blank line inside blockquote
135 | MD028: true
136 |
137 | # MD029/ol-prefix - Ordered list item prefix
138 | MD029:
139 | # List style
140 | style: "one_or_ordered"
141 |
142 | # MD030/list-marker-space - Spaces after list markers
143 | MD030:
144 | # Spaces for single-line unordered list items
145 | ul_single: 1
146 | # Spaces for single-line ordered list items
147 | ol_single: 1
148 | # Spaces for multi-line unordered list items
149 | ul_multi: 1
150 | # Spaces for multi-line ordered list items
151 | ol_multi: 1
152 |
153 | # MD031/blanks-around-fences - Fenced code blocks should be surrounded by blank lines
154 | MD031:
155 | # Include list items
156 | list_items: true
157 |
158 | # MD032/blanks-around-lists - Lists should be surrounded by blank lines
159 | MD032: true
160 |
161 | # MD033/no-inline-html - Inline HTML
162 | MD033:
163 | # Allowed elements
164 | allowed_elements: []
165 |
166 | # MD034/no-bare-urls - Bare URL used
167 | MD034: true
168 |
169 | # MD035/hr-style - Horizontal rule style
170 | MD035:
171 | # Horizontal rule style
172 | style: "consistent"
173 |
174 | # MD036/no-emphasis-as-heading/no-emphasis-as-header - Emphasis used instead of a heading
175 | MD036:
176 | # Punctuation characters
177 | punctuation: ".,;:!?。,;:!?"
178 |
179 | # MD037/no-space-in-emphasis - Spaces inside emphasis markers
180 | MD037: true
181 |
182 | # MD038/no-space-in-code - Spaces inside code span elements
183 | MD038: true
184 |
185 | # MD039/no-space-in-links - Spaces inside link text
186 | MD039: true
187 |
188 | # MD040/fenced-code-language - Fenced code blocks should have a language specified
189 | MD040:
190 | # List of languages
191 | allowed_languages: []
192 | # Require language only
193 | language_only: false
194 |
195 | # MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading
196 | MD041:
197 | # Heading level
198 | level: 1
199 | # RegExp for matching title in front matter
200 | front_matter_title: "^\\s*title\\s*[:=]"
201 |
202 | # MD042/no-empty-links - No empty links
203 | MD042: true
204 |
205 | # Modified for LSR
206 | # Disabling, we do not need this
207 | # MD043/required-headings/required-headers - Required heading structure
208 | MD043: false
209 | # # List of headings
210 | # headings: []
211 | # # List of headings
212 | # headers: []
213 | # # Match case of headings
214 | # match_case: false
215 |
216 | # MD044/proper-names - Proper names should have the correct capitalization
217 | MD044:
218 | # List of proper names
219 | names: []
220 | # Include code blocks
221 | code_blocks: true
222 | # Include HTML elements
223 | html_elements: true
224 |
225 | # MD045/no-alt-text - Images should have alternate text (alt text)
226 | MD045: true
227 |
228 | # MD046/code-block-style - Code block style
229 | MD046:
230 | # Block style
231 | style: "consistent"
232 |
233 | # MD047/single-trailing-newline - Files should end with a single newline character
234 | MD047: true
235 |
236 | # MD048/code-fence-style - Code fence style
237 | MD048:
238 | # Code fence style
239 | style: "consistent"
240 |
241 | # MD049/emphasis-style - Emphasis style should be consistent
242 | MD049:
243 | # Emphasis style should be consistent
244 | style: "consistent"
245 |
246 | # MD050/strong-style - Strong style should be consistent
247 | MD050:
248 | # Strong style should be consistent
249 | style: "consistent"
250 |
251 | # MD051/link-fragments - Link fragments should be valid
252 | MD051: true
253 |
254 | # MD052/reference-links-images - Reference links and images should use a label that is defined
255 | MD052: true
256 |
257 | # MD053/link-image-reference-definitions - Link and image reference definitions should be needed
258 | MD053:
259 | # Ignored definitions
260 | ignored_definitions:
261 | - "//"
262 |
--------------------------------------------------------------------------------
/.ostree/README.md:
--------------------------------------------------------------------------------
1 | *NOTE*: The `*.txt` files are used by `get_ostree_data.sh` to create the lists
2 | of packages, and to find other system roles used by this role. DO NOT use them
3 | directly.
4 |
--------------------------------------------------------------------------------
/.ostree/get_ostree_data.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | set -euo pipefail
4 |
5 | ostree_dir="${OSTREE_DIR:-"$(dirname "$(realpath "$0")")"}"
6 |
7 | if [ -z "${4:-}" ] || [ "${1:-}" = help ] || [ "${1:-}" = -h ]; then
8 | cat <&2 echo ERROR - could not find role "$role" - please use ANSIBLE_COLLECTIONS_PATH
64 | exit 2
65 | }
66 |
67 | get_packages() {
68 | local ostree_dir pkgtype pkgfile rolefile
69 | ostree_dir="$1"
70 | for pkgtype in "${pkgtypes[@]}"; do
71 | for suff in "" "-$distro" "-${distro}-${major_ver}" "-${distro}-${ver}"; do
72 | pkgfile="$ostree_dir/packages-${pkgtype}${suff}.txt"
73 | if [ -f "$pkgfile" ]; then
74 | cat "$pkgfile"
75 | fi
76 | done
77 | rolefile="$ostree_dir/roles-${pkgtype}.txt"
78 | if [ -f "$rolefile" ]; then
79 | local roles role rolepath
80 | roles="$(cat "$rolefile")"
81 | for role in $roles; do
82 | rolepath="$(get_rolepath "$ostree_dir" "$role")"
83 | if [ -z "$rolepath" ]; then
84 | 1>&2 echo ERROR - could not find role "$role" - please use ANSIBLE_COLLECTIONS_PATH
85 | exit 2
86 | fi
87 | get_packages "$rolepath"
88 | done
89 | fi
90 | done | sort -u
91 | }
92 |
93 | format_packages_json() {
94 | local comma pkgs pkg
95 | comma=""
96 | pkgs="["
97 | while read -r pkg; do
98 | pkgs="${pkgs}${comma}\"${pkg}\""
99 | comma=,
100 | done
101 | pkgs="${pkgs}]"
102 | echo "$pkgs"
103 | }
104 |
105 | format_packages_raw() {
106 | cat
107 | }
108 |
109 | format_packages_yaml() {
110 | while read -r pkg; do
111 | echo "- $pkg"
112 | done
113 | }
114 |
115 | format_packages_toml() {
116 | while read -r pkg; do
117 | echo "[[packages]]"
118 | echo "name = \"$pkg\""
119 | echo "version = \"*\""
120 | done
121 | }
122 |
123 | distro="${distro_ver%%-*}"
124 | ver="${distro_ver##*-}"
125 | if [[ "$ver" =~ ^([0-9]*) ]]; then
126 | major_ver="${BASH_REMATCH[1]}"
127 | else
128 | echo ERROR: cannot parse major version number from version "$ver"
129 | exit 1
130 | fi
131 |
132 | "get_$category" "$ostree_dir" | "format_${category}_$format"
133 |
--------------------------------------------------------------------------------
/.ostree/packages-runtime-CentOS-10.txt:
--------------------------------------------------------------------------------
1 | kdump-utils
2 |
--------------------------------------------------------------------------------
/.ostree/packages-runtime-RedHat-10.txt:
--------------------------------------------------------------------------------
1 | kdump-utils
2 |
--------------------------------------------------------------------------------
/.ostree/packages-runtime.txt:
--------------------------------------------------------------------------------
1 | grubby
2 | iproute
3 | kexec-tools
4 | openssh-clients
5 |
--------------------------------------------------------------------------------
/.pandoc_template.html5:
--------------------------------------------------------------------------------
1 | $--| GitHub HTML5 Pandoc Template" v2.2 | 2020/08/12 | pandoc v2.1.1
2 |
3 |
51 | $-------------------------------------------------------------------------> lang
52 |
53 |
54 | $--=============================================================================
55 | $-- METADATA
56 | $--=============================================================================
57 |
58 |
59 |
60 | $-----------------------------------------------------------------------> author
61 | $for(author-meta)$
62 |
63 | $endfor$
64 | $-------------------------------------------------------------------------> date
65 | $if(date-meta)$
66 |
67 | $endif$
68 | $---------------------------------------------------------------------> keywords
69 | $if(keywords)$
70 |
71 | $endif$
72 | $------------------------------------------------------------------> description
73 | $if(description)$
74 |
75 | $endif$
76 | $------------------------------------------------------------------------> title
77 | $if(title-prefix)$$title-prefix$ – $endif$$pagetitle$
78 | $--===========================================================================
79 | $-- CSS STYLESHEETS
80 | $--===========================================================================
81 | $-- Here comes the placeholder (within double braces) that will be replaced
82 | $-- by the CSS file in the finalized template:
83 |
86 | $-------------------------------------------------------------------------------
87 |
88 | $-------------------------------------------------------------------------------
89 | $if(quotes)$
90 |
91 | $endif$
92 | $-------------------------------------------------------------> highlighting-css
93 | $if(highlighting-css)$
94 |
97 | $endif$
98 | $--------------------------------------------------------------------------> css
99 | $for(css)$
100 |
101 | $endfor$
102 | $-------------------------------------------------------------------------> math
103 | $if(math)$
104 | $math$
105 | $endif$
106 | $-------------------------------------------------------------------------------
107 |
110 | $--------------------------------------------------------------> header-includes
111 | $for(header-includes)$
112 | $header-includes$
113 | $endfor$
114 | $-------------------------------------------------------------------------------
115 |
116 |
117 |
118 | $---------------------------------------------------------------> include-before
119 | $for(include-before)$
120 | $include-before$
121 | $endfor$
122 | $-->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> IF: title
123 | $if(title)$
124 |
125 |