diff --git a/init-ansible b/init-ansible
index a791ea56..78ad6956 100755
--- a/init-ansible
+++ b/init-ansible
@@ -5,21 +5,23 @@
# Usage:
# init-ansible
-set -e
+set -o errexit
if [[ "$OSTYPE" == "darwin"* ]]
then
- readonly ExecName=$(greadlink -f "$0")
+ ExecName=$(greadlink -f "$0")
else
- readonly ExecName=$(readlink --canonicalize "$0")
+ ExecName=$(readlink --canonicalize "$0")
fi
+readonly ExecName
-readonly PlaybooksDir=$(dirname "$ExecName")
+PlaybooksDir=$(dirname "$ExecName")
+readonly PlaybooksDir
main()
{
- ansible-galaxy install -r "$PlaybooksDir"/requirements.yml
+ ansible-galaxy install --force -r "$PlaybooksDir"/requirements.yml
local roleDir
diff --git a/irods/create_catalog_provider.yml b/irods/create_catalog_provider.yml
index 43dc7ea7..8fffb708 100644
--- a/irods/create_catalog_provider.yml
+++ b/irods/create_catalog_provider.yml
@@ -3,31 +3,31 @@
hosts: dbms
become: true
tasks:
- - name: enable notifications when not testing
- set_fact:
+ - name: Enable notifications when not testing
+ ansible.builtin.set_fact:
notifications_enabled: true
tags:
- no_testing
- - name: allow communication with Postgres DBMS
- blockinfile:
+ - name: Allow communication with Postgres DBMS
+ ansible.builtin.blockinfile:
path: "{{ _irods_dbms_pg_hba }}"
marker: "# {mark} DS IRODS MANAGED BLOCK"
block: |
{% for i in groups['irods_catalog'] %}
- {% set addr = i if i|ansible.utils.ipaddr else lookup('dig', i) %}
+ {% set addr = i if i | ansible.utils.ipaddr else lookup('dig', i) %}
{{ '%-7s %-15s %-15s %-23s %s'
| format('host', 'ICAT', hostvars[i]._irods_db_user, addr ~ '/32', 'md5') }}
{% endfor %}
notify:
- - reload postgresql
+ - Reload postgresql
tags:
- postgres
handlers:
- - name: reload postgresql
+ - name: Reload postgresql
when: notifications_enabled | default(false)
- service:
+ ansible.builtin.service:
name: postgresql
state: reloaded
@@ -49,7 +49,7 @@
odbc_setup: >-
{{ lookup('ini', 'Setup file=files/postgresql-odbc-tmpl.ini section=PostgreSQL') }}
tasks:
- - name: configure linux kernel
+ - name: Configure linux kernel
sysctl:
name: kernel.{{ item.name }}
value: "{{ item.value }}"
@@ -57,42 +57,43 @@
tags:
- no_testing
- - name: verify PostgreSQL client version is 9.3 or 12
+ - name: Verify PostgreSQL client version is 9.3 or 12
when: _irods_dbms_pg_version != '9.3' and _irods_dbms_pg_version != '12'
- fail:
+ ansible.builtin.fail:
msg: Only PostgreSQL client versions 9.3 and 12 are supported
- - name: ensure PostgreSQL 9.3 clients are installed
+ - name: Ensure PostgreSQL 9.3 clients are installed
when: _irods_dbms_pg_version == '9.3'
- yum:
+ ansible.builtin.yum:
name:
- https://download.postgresql.org/pub/repos/yum/9.3/redhat/rhel-7-x86_64/postgresql93-libs-9.3.25-1PGDG.rhel7.x86_64.rpm
- https://download.postgresql.org/pub/repos/yum/9.3/redhat/rhel-7-x86_64/postgresql93-9.3.25-1PGDG.rhel7.x86_64.rpm
- https://download.postgresql.org/pub/repos/yum/9.3/redhat/rhel-7-x86_64/postgresql93-odbc-10.03.0000-1PGDG.rhel7.x86_64.rpm
- - when: _irods_dbms_pg_version == '12'
+ - name: Handle PostgreSQL 12
+ when: _irods_dbms_pg_version == '12'
block:
- - name: ensure PostgreSQL 12 repo is installed
- yum:
+ - name: Ensure PostgreSQL 12 repo is installed
+ ansible.builtin.yum:
name: https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
- - name: ensure PostgreSQL 12 clients are installed
- package:
+ - name: Ensure PostgreSQL 12 clients are installed
+ ansible.builtin.package:
name:
- postgresql12
- postgresql12-odbc
state: present
- - name: add postgres 12 clients to path
- copy:
+ - name: Add postgres 12 clients to path
+ ansible.builtin.copy:
src: "{{ item }}"
dest: /etc/profile.d
mode: a+r
with_fileglob:
- "files/profile.d/*"
- - name: define PostgreSQL 12 ODBC Driver
- shell: |
+ - name: Define PostgreSQL 12 ODBC Driver
+ ansible.builtin.shell: |
if driverDef="$(odbcinst -q -d -n PostgreSQL)"; then
description="$(sed --quiet 's/^Description=//p' <<< "$driverDef")"
driver="$(sed --quiet 's/^Driver=//p' <<< "$driverDef")"
@@ -113,27 +114,31 @@
register: result
changed_when: result.stdout == 'changed'
- - name: ensure required packages are installed
- package:
+ - name: Ensure required packages are installed
+ ansible.builtin.package:
name: "{{ item }}"
state: present
with_items:
- mailx
- parallel
- - name: ensure pika installed
- pip:
+ - name: Ensure pika installed
+ ansible.builtin.pip:
name: pika<1.2
state: present
- - name: lock irods-database-plugin-postgres to required version
+ - name: Lock irods-database-plugin-postgres to required version
yum_versionlock:
name:
- irods-database-plugin-postgres-{{ _irods_version }}
state: present
+# XXX - Due to https://github.com/ansible-collections/community.general/issues/4470, this isn't
+# idempotent.
+ tags: non_idempotent
+# XXX - ^^^
- - name: install irods server packages
- package:
+ - name: Install irods server packages
+ ansible.builtin.package:
name:
- irods-database-plugin-postgres
state: present
@@ -153,10 +158,10 @@
become_flags: '-i'
gather_facts: false
tasks:
- - name: start iRODS
+ - name: Start iRODS
irods_ctl:
- - name: authenticate clerver
+ - name: Authenticate clerver
irods_clerver_auth:
provider: "{{ inventory_hostname }}"
password: "{{ _irods_clerver_password }}"
diff --git a/irods/provision.yml b/irods/provision.yml
index 2e4553a5..00cb9b55 100644
--- a/irods/provision.yml
+++ b/irods/provision.yml
@@ -5,19 +5,21 @@
collections:
- community.general
tasks:
- - when: ansible_distribution == 'CentOS'
+ - name: Provision CentOS
+ when: ansible_distribution == 'CentOS'
block:
- name: CentOS | install iRODS package repository signing key
- rpm_key:
+ ansible.builtin.rpm_key:
key: https://packages.irods.org/irods-signing-key.asc
- name: CentOS | install iRODS repository
- get_url:
+ ansible.builtin.get_url:
url: https://packages.irods.org/renci-irods.yum.repo
dest: /etc/yum.repos.d/renci-irods.yum.repo
+ mode: u+r
- name: CentOS | force import of GPG key
- shell: |
+ ansible.builtin.shell: |
if ! resp="$(yum --assumeyes updateinfo)"; then
exit 1
fi
@@ -34,41 +36,46 @@
- irods-runtime-{{ _irods_version }}
- irods-server-{{ _irods_version }}
state: present
+# XXX - Due to https://github.com/ansible-collections/community.general/issues/4470, this isn't
+# idempotent.
+ tags: non_idempotent
+# XXX - ^^^
- name: CentOS | install OS specific required packages
- package:
+ ansible.builtin.package:
name:
- uuidd
- which
state: present
# TODO: When upgrading to iRODS 4.2.9, remove this task.
- - name: ensure unixODBC is installed (irods issue 5389)
- package:
+ - name: CentOS | ensure unixODBC is installed (irods issue 5389)
+ ansible.builtin.package:
name: unixODBC
state: present
- - when: ansible_distribution == 'Ubuntu'
+ - name: Provision Ubuntu
+ when: ansible_distribution == 'Ubuntu'
block:
- name: Ubuntu | install iRODS package repository signing key
- apt_key:
+ ansible.builtin.apt_key:
url: https://packages.irods.org/irods-signing-key.asc
- name: Ubuntu | install iRODS repository
- copy:
+ ansible.builtin.copy:
dest: /etc/apt/sources.list.d/renci-irods.list
mode: u+rw
content: |
deb [arch=amd64] https://packages.irods.org/apt/ {{ ansible_lsb.codename }} main
- name: Ubuntu | update apt cache
- apt:
+ ansible.builtin.apt:
update_cache: true
tags:
- non_idempotent
- name: Ubuntu | lock iRODS packages to required version
- copy:
+ ansible.builtin.copy:
dest: /etc/apt/preferences.d/irods
mode: u+rw
content: |
@@ -77,24 +84,24 @@
Pin-Priority: 1001
- name: Ubuntu | install OS specific required packages
- package:
+ ansible.builtin.package:
name:
- debianutils
- uuid-runtime
state: present
- - name: install iRODS server
- package:
+ - name: Install iRODS server
+ ansible.builtin.package:
name: irods-server
state: present
- - name: create service group
- group:
+ - name: Create service group
+ ansible.builtin.group:
name: "{{ _irods_service_group_name }}"
system: true
- - name: create service account
- user:
+ - name: Create service account
+ ansible.builtin.user:
name: "{{ _irods_service_account_name }}"
system: true
home: /var/lib/irods
@@ -106,8 +113,8 @@
- import_tasks: tasks/ensure_irods_ownership.yml
- - name: ensure default policy files are up-to-date
- copy:
+ - name: Ensure default policy files are up-to-date
+ ansible.builtin.copy:
dest: /etc/irods/{{ item }}
src: /var/lib/irods/packaging/{{ item }}.template
remote_src: true
diff --git a/irods/tasks/install_plugins.yml b/irods/tasks/install_plugins.yml
index 5ae7286c..97a5d156 100644
--- a/irods/tasks/install_plugins.yml
+++ b/irods/tasks/install_plugins.yml
@@ -1,14 +1,14 @@
---
-- name: ensure netcdf plugins not installed
- package:
+- name: Ensure netcdf plugins not installed
+ ansible.builtin.package:
name:
- irods-icommands-netcdf
- irods-microservice-plugin-netcdf
- irods-api-plugin-netcdf
state: absent
-- name: ensure netcdf rpms removed
- file:
+- name: Ensure netcdf rpms removed
+ ansible.builtin.file:
path: /root/{{ item }}-1.0-centos{{ ansible_distribution_major_version }}.rpm
state: absent
with_items:
@@ -16,23 +16,22 @@
- irods-microservice-plugin-netcdf
- irods-api-plugin-netcdf
-- name: install NetCDF plugins
- yum:
+- name: Install NetCDF plugins
+ ansible.builtin.yum:
name:
- http://people.renci.org/~dmoore/irods_netcdf/packages_2021_03_24/irods-netcdf-client_modules-4.2.8.0-centos-7-x86_64.rpm
- http://people.renci.org/~dmoore/irods_netcdf/packages_2021_03_24/irods-netcdf-icommands-4.2.8.0-centos-7-x86_64.rpm
- http://people.renci.org/~dmoore/irods_netcdf/packages_2021_03_24/irods-netcdf-server_modules-4.2.8.0-centos-7-x86_64.rpm
state: present
-- name: lock NetCDF plugins to 4.2.8.0
- yum_versionlock:
+- name: Lock NetCDF plugins to 4.2.8.0
+ community.general.yum_versionlock:
name:
- irods-netcdf-client_modules-4.2.8.0
- irods-netcdf-icommands-4.2.8.0
- irods-netcdf-server_modules-4.2.8.0
state: present
-
-- name: ensure msiSetAVU microservice is absent
- file:
- path: /var/lib/irods/plugins/microservices/libmsiSetAVU.so
- state: absent
+# XXX - Due to https://github.com/ansible-collections/community.general/issues/4470, this isn't
+# idempotent.
+ tags: non_idempotent
+# XXX - ^^^
diff --git a/irods/tests/webdav.yml b/irods/tests/webdav.yml
index ea2f3d25..4cde32b9 100644
--- a/irods/tests/webdav.yml
+++ b/irods/tests/webdav.yml
@@ -1,5 +1,5 @@
---
-- name: test WebDAV config template expansion
+- name: Test WebDAV config template expansion
hosts: localhost
run_once: true
gather_facts: false
@@ -13,14 +13,14 @@
varnish_service: >-
{{ lookup('template', '../templates/webdav/usr/lib/systemd/system/varnish.service.j2') }}
tasks:
- - name: verify head.html expands correctly
- assert:
+ - name: Verify head.html expands correctly
+ ansible.builtin.assert:
that:
- head is search('/* Style for the testing/base/ davrods */' | regex_escape)
- 'head is search(''content: "/testing/base/";'')'
- - name: verify default.vcl expands correctly
- assert:
+ - name: Verify default.vcl expands correctly
+ ansible.builtin.assert:
that:
- >-
default_vcl
@@ -33,8 +33,8 @@
default_vcl
is search('if (std.integer(beresp.http.Content-Length, 0) > 10485760)' | regex_escape)
- - name: verify purgeman.conf expands correctly
- assert:
+ - name: Verify purgeman.conf expands correctly
+ ansible.builtin.assert:
that:
- >-
purgeman_conf
@@ -44,27 +44,32 @@
- purgeman_conf is search('PURGEMAN_AMQP_EXCHANGE=irods')
- purgeman_conf is search('PURGEMAN_AMQP_USERNAME=guest')
- purgeman_conf is search('PURGEMAN_AMQP_PASSWORD=guest')
+ - >-
+ purgeman_conf
+ is search(
+ 'PURGEMAN_IRODS_HOST=dstesting-provider_configured-1.dstesting_default'
+ | regex_escape )
+ - purgeman_conf is search('PURGEMAN_IRODS_PORT=1247')
- - name: verify remainder fo purgeman.conf expands correctly
- debug:
+ - name: Verify remainder fo purgeman.conf expands correctly
+ ansible.builtin.debug:
msg: TODO check {{ item }}
with_items:
- - PURGEMAN_IRODS_HOST
- - PURGEMAN_IRODS_PORT
- PURGEMAN_IRODS_USERNAME
- PURGEMAN_IRODS_PASSWORD
- PURGEMAN_IRODS_ZONE
- PURGEMAN_VARNISH_URLS
- - name: verify varnish.service expands correctly
- assert:
+ - name: Verify varnish.service expands correctly
+ ansible.builtin.assert:
that:
- varnish_service is search('-a :6081,HTTP')
- >-
varnish_service
is search('-s file,/var/cache/varnish/varnish_cache.bin,1000M' | regex_escape)
-- name: test WebDAV dav html template expansion
+
+- name: Test WebDAV dav html template expansion
hosts: localhost
run_once: true
gather_facts: false
@@ -76,8 +81,8 @@
zone_index: "{{ lookup('template', '../templates/webdav/var/zone-index.html.j2') }}"
commons_index: "{{ lookup('template', '../templates/webdav/var/commons-index.html.j2') }}"
tasks:
- - name: verify index.html expands correctly, part 1
- assert:
+ - name: Verify index.html expands correctly, part 1
+ ansible.builtin.assert:
that:
- index is search('WebDAV Service Landing Page')
- index is search('Data Store WebDAV Access')
@@ -94,12 +99,12 @@
- index is search('testing/home/')
- index is search('accessible without authentication.')
- - name: verify index.html expands correctly, part 2
- assert:
+ - name: Verify index.html expands correctly, part 2
+ ansible.builtin.assert:
that: index is not search('has four anonymous, read-only')
- - name: verify zone/index.html expands correctly
- assert:
+ - name: Verify zone/index.html expands correctly
+ ansible.builtin.assert:
that:
- zone_index is search('Index of /testing on testing')
- zone_index is search('')
@@ -108,8 +113,8 @@
- zone_index is search('testing')
- zone_index is search('home/')
- - name: verify zone/commons/index.html expands correctly
- assert:
+ - name: Verify zone/commons/index.html expands correctly
+ ansible.builtin.assert:
that:
- commons_index is search('Index of /testing/commons/ on testing')
- commons_index is search('')
@@ -118,7 +123,8 @@
- commons_index is search('commons/')
- commons_index is search('testing')
-- name: test WebDAV dav-anon html template expansion
+
+- name: Test WebDAV dav-anon html template expansion
hosts: localhost
run_once: true
gather_facts: false
@@ -130,8 +136,8 @@
zone_index: "{{ lookup('template', '../templates/webdav/var/zone-index.html.j2') }}"
commons_index: "{{ lookup('template', '../templates/webdav/var/commons-index.html.j2') }}"
tasks:
- - name: verify index.html expands correctly, part 1
- assert:
+ - name: Verify index.html expands correctly, part 1
+ ansible.builtin.assert:
that:
- index is search('Anonymous WebDAV Service Landing Page')
- index is search('Data Store Anonymous, Read-Only')
@@ -139,45 +145,46 @@
- index is search('testing/home/')
- index is search('be accessible.')
- - name: verify index.html expands correctly, part 2
- assert:
+ - name: Verify index.html expands correctly, part 2
+ ansible.builtin.assert:
that:
- index is not search('WebDAV services. If a')
- index is not search('testing/home/')
- - name: verify zone/index.html expands correctly, part 1
- assert:
+ - name: Verify zone/index.html expands correctly, part 1
+ ansible.builtin.assert:
that:
- zone_index is search('')
- zone_index is search('/')
- zone_index is search('testing/')
- - name: verify zone/index.html expands correctly, part 2
- assert:
+ - name: Verify zone/index.html expands correctly, part 2
+ ansible.builtin.assert:
that: zone_index is not search('home/')
- - name: verify zone/commons/index.html expands correctly
- assert:
+ - name: Verify zone/commons/index.html expands correctly
+ ansible.builtin.assert:
that:
- commons_index is search('')
- commons_index is search('/')
- commons_index is search('testing/')
- commons_index is search('commons/')
-- name: test WebDAV server deposition
+
+- name: Test WebDAV server deposition
hosts: webdav
become: true
tasks:
- - name: test place TLS certificate chain file
- debug:
+ - name: Test place TLS certificate chain file
+ ansible.builtin.debug:
msg: TODO implement
- - name: test place TLS certificate file
- debug:
+ - name: Test place TLS certificate file
+ ansible.builtin.debug:
msg: TODO implement
- - name: test place TLS key file
- debug:
+ - name: Test place TLS key file
+ ansible.builtin.debug:
msg: TODO implement
- include_tasks: tasks/test_pkg_installed.yml
@@ -190,20 +197,20 @@
loop_control:
loop_var: pkg
- - name: test install iRODS package repository signing key
- shell: |
+ - name: Test install iRODS package repository signing key
+ ansible.builtin.shell: |
set -o pipefail
rpm --query --queryformat='%{SUMMARY}\n' gpg-pubkey | grep --quiet 'iRODS Consortium'
changed_when: false
- - name: test install iRODS repository
- stat:
+ - name: Test install iRODS repository
+ ansible.builtin.stat:
path: /etc/yum.repos.d/renci-irods.yum.repo
register: resp
failed_when: not resp.stat.exists
- - name: test lock irods-runtime to version 4.2.8
- shell: |
+ - name: Test lock irods-runtime to version 4.2.8
+ ansible.builtin.shell: |
set -o pipefail
if ! yum versionlock status | grep --quiet irods-runtime; then
printf 'irods-runtime not locked\n' >&2
@@ -220,14 +227,14 @@
fi
changed_when: false
- - name: test ssl.conf is gone
- stat:
+ - name: Test ssl.conf is gone
+ ansible.builtin.stat:
path: /etc/httpd/conf.d/ssl.conf
register: response
failed_when: response.stat.exists
- - name: test add davrods irods directory contents
- stat:
+ - name: Test add davrods irods directory contents
+ ansible.builtin.stat:
path: /etc/httpd/irods/{{ item }}
with_items:
- home-head.html
@@ -238,8 +245,8 @@
register: response
failed_when: not response.stat.exists
- - name: test apache modules
- stat:
+ - name: Test apache modules
+ ansible.builtin.stat:
path: /etc/httpd/conf.modules.d/{{ item }}
with_items:
- 00-mpm.conf
@@ -248,31 +255,31 @@
register: response
failed_when: not response.stat.exists
- - name: retrieve encoded irods_environment.json
- slurp:
+ - name: Retrieve encoded irods_environment.json
+ ansible.builtin.slurp:
src: /etc/httpd/irods/irods_environment.json
register: ie_encoded
- - name: decode irods_environment.json
- set_fact:
+ - name: Decode irods_environment.json
+ ansible.builtin.set_fact:
irods_environment: "{{ ie_encoded.content | b64decode }}"
- - name: test irods_environment.json contents
- assert:
+ - name: Test irods_environment.json contents
+ ansible.builtin.assert:
that:
- irods_environment.irods_home == '/testing'
- irods_environment.irods_host == 'dstesting-provider_configured-1.dstesting_default'
- irods_environment.irods_user_name == 'anonymous'
- irods_environment.irods_zone_name == 'testing'
- - name: test create content directories
- stat:
+ - name: Test create content directories
+ ansible.builtin.stat:
path: /var/www/html/dav/testing/commons
register: response
failed_when: not (response.stat.exists and response.stat.isdir)
- - name: test add web pages
- stat:
+ - name: Test add web pages
+ ansible.builtin.stat:
path: /var/www/html/{{ item }}
with_items:
- index.html
@@ -291,8 +298,8 @@
pkg: varnish
version: "6.5.1"
- - name: test create varnish shared memory mount point
- stat:
+ - name: Test create varnish shared memory mount point
+ ansible.builtin.stat:
path: /var/lib/varnish
register: response
failed_when: >-
@@ -300,8 +307,8 @@
not response.stat.isdir or
response.stat.mode != '0777'
- - name: test create directory for cache
- stat:
+ - name: Test create directory for cache
+ ansible.builtin.stat:
path: /cache_vol
register: response
failed_when: >-
@@ -311,8 +318,8 @@
response.stat.gr_name != 'varnish' or
response.stat.mode != '0755'
- - name: test create directory for varnish log
- stat:
+ - name: Test create directory for varnish log
+ ansible.builtin.stat:
path: /var/log/varnish
register: response
failed_when: >-
@@ -322,26 +329,26 @@
response.stat.gr_name != 'varnish' or
response.stat.mode != '0755'
- - name: test default.vcl deployed
- stat:
+ - name: Test default.vcl deployed
+ ansible.builtin.stat:
path: /etc/varnish/default.vcl
register: response
failed_when: not response.stat.exists
- - name: test varnish.service deployed
- stat:
+ - name: Test varnish.service deployed
+ ansible.builtin.stat:
path: /usr/lib/systemd/system/varnish.service
register: response
failed_when: not response.stat.exists
- - name: test create apache systemd service dependencies directory
- stat:
+ - name: Test create apache systemd service dependencies directory
+ ansible.builtin.stat:
path: /etc/systemd/system/httpd.service.requires
register: response
failed_when: not response.stat.exists or not response.stat.isdir
- - name: test ensure varnish runs when apache run
- stat:
+ - name: Test ensure varnish runs when apache run
+ ansible.builtin.stat:
path: /etc/systemd/system/httpd.service.requires/varnish.service
register: response
failed_when: >-
@@ -349,14 +356,14 @@
not response.stat.islnk or
response.stat.lnk_source != '/usr/lib/systemd/system/varnish.service'
- - name: test create varnish systemd service dependencies directory
- stat:
+ - name: Test create varnish systemd service dependencies directory
+ ansible.builtin.stat:
path: /etc/systemd/system/varnish.service.requires
register: response
failed_when: not response.stat.exists or not response.stat.isdir
- - name: test ensure varnishncsa runs when varnish run
- stat:
+ - name: Test ensure varnishncsa runs when varnish run
+ ansible.builtin.stat:
path: /etc/systemd/system/varnish.service.requires/varnishncsa.service
register: response
failed_when: >
@@ -364,26 +371,26 @@
not response.stat.islnk or
response.stat.lnk_source != '/usr/lib/systemd/system/varnishncsa.service'
- - name: test purgeman installed
- stat:
+ - name: Test purgeman installed
+ ansible.builtin.stat:
path: /usr/bin/purgeman
register: response
failed_when: not response.stat.exists
- - name: test purgeman.conf deployed
- stat:
+ - name: Test purgeman.conf deployed
+ ansible.builtin.stat:
path: /etc/purgeman/purgeman.conf
register: response
failed_when: not response.stat.exists
- - name: test purgeman.service deployed
- stat:
+ - name: Test purgeman.service deployed
+ ansible.builtin.stat:
path: /usr/lib/systemd/system/purgeman.service
register: response
failed_when: not response.stat.exists
- - name: test ensure purgeman runs when varnish run
- stat:
+ - name: Test ensure purgeman runs when varnish run
+ ansible.builtin.stat:
path: /etc/systemd/system/varnish.service.requires/purgeman.service
register: response
failed_when: >
@@ -391,6 +398,6 @@
not response.stat.islnk or
response.stat.lnk_source != '/usr/lib/systemd/system/purgeman.service'
- - name: test open HTTP connection in firewall
- script: scripts/check-apache-iptables.awk /etc/sysconfig/iptables
+ - name: Test open HTTP connection in firewall
+ ansible.builtin.script: scripts/check-apache-iptables.awk /etc/sysconfig/iptables
changed_when: false
diff --git a/irods/webdav.yml b/irods/webdav.yml
index abb0ac42..06713104 100644
--- a/irods/webdav.yml
+++ b/irods/webdav.yml
@@ -258,6 +258,10 @@
yum_versionlock:
name: irods-runtime-4.2.8
state: present
+# XXX - Due to https://github.com/ansible-collections/community.general/issues/4470, this isn't
+# idempotent.
+ tags: non_idempotent
+# XXX - ^^^
- name: build & install mod_ssl-rm_ssl_conf RPM package to remove ssl.conf
include_tasks: tasks/install_rm_sslconf_rpm.yml
diff --git a/requirements.yml b/requirements.yml
index 8d8b9f29..9cc76048 100644
--- a/requirements.yml
+++ b/requirements.yml
@@ -5,10 +5,5 @@ collections:
- name: ansible.netcommon
- name: community.docker
- name: community.general
- # XXX - Due to
- # https://github.com/ansible-collections/community.general/issues/4470, the
- # version must be less than 3.3.
- version: "<3.3"
- # XXX - ^^^
- name: community.postgresql
- - name: community.rabbitmq # Needed for testing
+ - name: community.rabbitmq # Needed for testing