Skip to content

Commit

Permalink
Fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
spetrosi committed Nov 2, 2023
1 parent 1fc3e9e commit bc64665
Show file tree
Hide file tree
Showing 12 changed files with 125 additions and 80 deletions.
2 changes: 1 addition & 1 deletion tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@

- name: Put boot loader bassword to {{ __bootloader_user_conf }}
copy:
content: GRUB2_PASSWORD={{ __bootloader_pass_hash }}
content: GRUB2_PASSWORD={{ __bootloader_pass_hash.stdout }}
dest: "{{ __bootloader_user_conf }}"
mode: 0600
changed_when: true
Expand Down
18 changes: 8 additions & 10 deletions tasks/reboot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,13 @@
reboot:
when: bootloader_reboot_ok | bool

- name: Notify and set fact when bootloader_reboot_ok is false
- name: Notify about reboot
when: not bootloader_reboot_ok
block:
- name: Notify about reboot
debug:
msg: >
Boot loader settings have been modified.
A reboot is required in order to apply the changes.
debug:
msg: >-
Boot loader settings have been modified.
A reboot is required in order to apply the changes.
- name: Set bootloader_reboot_required
set_fact:
bootloader_reboot_required: true
- name: Set bootloader_reboot_required
set_fact:
bootloader_reboot_required: "{{ not bootloader_reboot_ok }}"
18 changes: 12 additions & 6 deletions tasks/write_bootloader.yml
Original file line number Diff line number Diff line change
@@ -1,17 +1,23 @@
# SPDX-License-Identifier: MIT
---
- name: Write boot loader configuration
command: grub2-mkconfig -o {{ __bootloader_grub_conf }}
changed_when: true

# A workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1152027
- name: Fix default kernel boot parameters on EL 7
shell: |-
set -o pipefail
grubby --info=DEFAULT | awk '/^args/ {print $0}'
cat {{ __bootloader_default_grub }}
eval $(grubby --info=DEFAULT | awk '/^args/ {print $0}')
sed -i -e "s,^GRUB_CMDLINE_LINUX=.*,GRUB_CMDLINE_LINUX=\"$args\","
{{ __bootloader_default_grub }}
sed -i -e "s|^GRUB_CMDLINE_LINUX=.*|GRUB_CMDLINE_LINUX=\"$args\"|" \
{{ __bootloader_default_grub }}
cat {{ __bootloader_default_grub }}
changed_when: true
when:
- ansible_distribution in ['CentOS', 'RedHat']
- ansible_facts.distribution_major_version is version('7', '=')

# - name: Write boot loader configuration
# command: grub2-mkconfig -o {{ __bootloader_grub_conf }}
# changed_when: true
# when:
# - ansible_distribution in ['CentOS', 'RedHat']
# - ansible_facts.distribution_major_version is version('7', '=')
9 changes: 0 additions & 9 deletions templates/bootloader.conf.j2

This file was deleted.

34 changes: 34 additions & 0 deletions tests/tests_password.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# SPDX-License-Identifier: MIT
---
- name: Test bootloader_settings variable
hosts: all
gather_facts: false
tasks:
- name: Set boot loader password
vars:
bootloader_password: dummy-pass

Check warning on line 9 in tests/tests_password.yml

View workflow job for this annotation

GitHub Actions / Detect non-inclusive language

`dummy` may be insensitive, use `placeholder`, `sample` instead
include_role:
name: linux-system-roles.bootloader

- name: Get contents of {{ __bootloader_user_conf }}
command: cat {{ __bootloader_user_conf }}
failed_when: >-
not (__bootloader_user_conf_content.stdout |
regex_search('^GRUB2_PASSWORD=grub\.pbkdf2\.sha512\.10000\..*'))
register: __bootloader_user_conf_content
changed_when: false

- name: Remove boot loader password
vars:
bootloader_remove_password: true
include_role:
name: linux-system-roles.bootloader

- name: Get stat of {{ __bootloader_user_conf }}
stat:
path: "{{ __bootloader_user_conf }}"
register: __bootloader_user_conf_stat

- name: Verify that user conf doesn't exist
assert:
that: not __bootloader_user_conf_stat.stat.exists
78 changes: 68 additions & 10 deletions tests/tests_settings.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,46 +13,104 @@
bootloader_settings:
- name: console
value: tty0
- name: net.ifnames
value: 0
- name: print-fatal-signals
value: 1
- name: no_timer_check
state: present
- name: quiet
- name: rd.lvm.lv
- name: debug
- previous: replaced
bootloader_timeout: 6
include_role:
name: linux-system-roles.bootloader

- name: Flush handlers
meta: flush_handlers

- name: Ensure bootloader_reboot_required is not set to true
- name: Ensure bootloader_reboot_required is set to false
assert:
that: not bootloader_reboot_required | d(false)
that: not bootloader_reboot_required

- name: Verify settings
shell: >-
set -euo pipefail;
grubby --info=DEFAULT;
grubby --info=DEFAULT |
grep -P
'args="(\$tuned_params |)console=tty0 net.ifnames=0 no_timer_check
quiet rd.lvm.lv"$'
'args=".*console=tty0 print-fatal-signals=1 no_timer_check quiet
debug( |)"$'
changed_when: false

- name: Verify boot loader timeout configuration
command: cat /etc/default/grub
failed_when: >-
not __bootloader_default_grub_content.stdout is regex('GRUB_TIMEOUT=6')
register: __bootloader_default_grub_content
changed_when: false

- name: Remove some settings
- name: Change some settings
vars:
bootloader_settings:
- name: quiet
state: absent
- name: rd.lvm.lv
- name: debug
state: absent
bootloader_timeout: 4
include_role:
name: linux-system-roles.bootloader

- name: Flush handlers
meta: flush_handlers

- name: Ensure bootloader_reboot_required is set to false
assert:
that: not bootloader_reboot_required

- name: Verify settings
shell: >-
set -euo pipefail;
grubby --info=DEFAULT;
grubby --info=DEFAULT |
grep -P
'args="(\$tuned_params |)console=tty0 net.ifnames=0 no_timer_check"$'
'args=".*console=tty0 print-fatal-signals=1 no_timer_check( |)"$'
changed_when: false

- name: Verify boot loader timeout configuration
command: cat /etc/default/grub
failed_when: >-
not __bootloader_default_grub_content.stdout is regex('GRUB_TIMEOUT=4')
register: __bootloader_default_grub_content
changed_when: false

- name: Set an existing variable, should report not changed
vars:
bootloader_settings:
- name: console
value: tty0
state: present
bootloader_timeout: 4
include_role:
name: linux-system-roles.bootloader

- name: Flush handlers
meta: flush_handlers

- name: Ensure bootloader_reboot_required is not set to true
assert:
that: not bootloader_reboot_required

- name: Verify settings
shell: >-
set -euo pipefail;
grubby --info=DEFAULT;
grubby --info=DEFAULT |
grep -P
'args=".*console=tty0 print-fatal-signals=1 no_timer_check( |)"$'
changed_when: false

- name: Verify boot loader timeout configuration
command: cat /etc/default/grub
failed_when: >-
not __bootloader_default_grub_content.stdout is regex('GRUB_TIMEOUT=4')
register: __bootloader_default_grub_content
changed_when: false
7 changes: 0 additions & 7 deletions vars/CentOS_6.yml

This file was deleted.

7 changes: 0 additions & 7 deletions vars/CentOS_7.yml

This file was deleted.

7 changes: 0 additions & 7 deletions vars/Fedora.yml

This file was deleted.

7 changes: 0 additions & 7 deletions vars/RedHat_6.yml

This file was deleted.

7 changes: 0 additions & 7 deletions vars/RedHat_7.yml

This file was deleted.

11 changes: 2 additions & 9 deletions vars/main.yml
Original file line number Diff line number Diff line change
@@ -1,14 +1,5 @@
# SPDX-License-Identifier: MIT
---
# Put the role's internal variables here that are not distribution specific.
# You can override these by defining the same variable with a different
# value in a platform/version specific file in vars/

# Examples of non-distribution specific (generic) internal variables:
__bootloader_foo_config: "bootloader.conf"
__bootloader_packages:
- grubby
__bootloader_services: []
# ansible_facts required by the role
__bootloader_required_facts:
- distribution
Expand All @@ -20,4 +11,6 @@ __bootloader_required_facts:
# the 'gather_subset' parameter of the 'setup' module
__bootloader_required_facts_subsets: "{{ ['!all', '!min'] +
__bootloader_required_facts }}"
__bootloader_packages:
- grubby
__bootloader_default_grub: /etc/default/grub

0 comments on commit bc64665

Please sign in to comment.