Fix the playbooks commands, update readme with required reboot, repla…

…ce reboot commands

roles/remediate/README.md

@@ -45,9 +45,9 @@ The list of available remediation playbooks with their corresponding inhibitors
 - `leapp_missing_yum_plugins`
   - **Solves:** Required DNF plugins are not being loaded.
 - `leapp_multiple_kernels`
-  - **Solves:** Multiple kernels installed.
+  - **Solves:** Multiple kernels installed. **Requires reboot.**
 - `leapp_newest_kernel_not_in_use`
-  - **Solves:** Newest installed kernel not in use.
+  - **Solves:** Newest installed kernel not in use. **Requires reboot.**
 - `leapp_nfs_detected`
   - **Solves:** Use of NFS detected. Upgrade can't proceed.
 - `leapp_non_persistent_partitions`

roles/remediate/defaults/main.yml

@@ -1,6 +1,7 @@
 ---
 # defaults file for remedations
 
+post_reboot_delay: 120
 leapp_report_location: /var/log/leapp/leapp-report.json
 remediation_playbooks:
   - leapp_cifs_detected

roles/remediate/tasks/leapp_corrupted_grubenv_file.yml

@@ -10,7 +10,7 @@
       register: leapp_report_stat
 
     - name: leapp_corrupted_grubenv_file | End play if no leapp report exists
-      ansible.builtin.meta: end_play
+      ansible.builtin.meta: end_host
       when: leapp_report_stat.stat.exists is false
 
     - name: leapp_corrupted_grubenv_file | Read leapp report
@@ -28,6 +28,10 @@
       loop: "{{ leappreportdata.entries }}"
       when: item.title is match(entry_title) and (item.detail.remediations | selectattr('type', 'eq', 'hint') | length > 0)
 
+    - name: leapp_corrupted_grubenv_file | End execution of playbook if no entry found in leapp report
+      ansible.builtin.meta: end_host
+      when: hint is not defined
+
     - name: leapp_corrupted_grubenv_file | Extract file(s) using regex
       ansible.builtin.set_fact:
         files_grub: "{{ hint.context | regex_findall('Delete (.+?) file', '\\1') | first | split(',') | map('trim') }}"

roles/remediate/tasks/leapp_deprecated_sshd_directive.yml

@@ -28,6 +28,10 @@
       loop: "{{ leappreportdata.entries }}"
       when: item.title == entry_title and (item.detail.remediations | selectattr('type', 'eq', 'command') | list | length > 0)
 
+    - name: leapp_deprecated_sshd_directive | End execution of playbook if no entry found in leapp report
+      ansible.builtin.meta: end_host
+      when: remediation is not defined
+
     - name: leapp_deprecated_sshd_directive | Output command to be executed
       ansible.builtin.debug:
         msg: "{{ remediation.context | join(' ') }}"

roles/remediate/tasks/leapp_firewalld_unsupported_tftp_client.yml

@@ -10,7 +10,7 @@
       register: leapp_report_stat
 
     - name: leapp_firewalld_unsupported_tftp_client | End play if no leapp report exists
-      ansible.builtin.meta: end_play
+      ansible.builtin.meta: end_host
       when: leapp_report_stat.stat.exists is false
 
     - name: leapp_firewalld_unsupported_tftp_client | Read leapp report
@@ -28,6 +28,10 @@
       loop: "{{ leappreportdata.entries }}"
       when: item.title is match(entry_title) and (item.summary | length > 0)
 
+    - name: leapp_firewalld_unsupported_tftp_client | End execution of playbook if no entry found in leapp report
+      ansible.builtin.meta: end_host
+      when: summary is not defined
+
     - name: leapp_firewalld_unsupported_tftp_client | Remove the service from zones and policies
       block:
         - name: leapp_firewalld_unsupported_tftp_client | List all firewalld zones
@@ -66,7 +70,7 @@
 
     - name: leapp_firewalld_unsupported_tftp_client | Reload firewalld to apply changes
       ansible.builtin.service:
-        name: leapp_firewalld_unsupported_tftp_client | firewalld
+        name: firewalld
         state: reloaded
 
 ...

roles/remediate/tasks/leapp_loaded_removed_kernel_drivers.yml

@@ -28,6 +28,10 @@
       loop: "{{ leappreportdata.entries }}"
       when: item.title is match(entry_title_pattern)
 
+    - name: leapp_loaded_removed_kernel_drivers | End execution of playbook if no entry found in leapp report
+      ansible.builtin.meta: end_host
+      when: leapp_entry is not defined
+
     - name: leapp_loaded_removed_kernel_drivers | Parse summary to obtain list of modules
       ansible.builtin.set_fact:
         unsupported_modules: "{{ leapp_entry.summary | regex_findall('(?<=- ).*') }}"

roles/remediate/tasks/leapp_missing_efibootmgr.yml

@@ -3,7 +3,7 @@
   block:
     - name: leapp_missing_efibootmgr | Install efibootmgr package
       ansible.builtin.yum:
-        name: leapp_missing_efibootmgr | efibootmgr
+        name: efibootmgr
         state: present
 
 ...

roles/remediate/tasks/leapp_missing_pkg.yml

@@ -10,7 +10,7 @@
       register: leapp_report_stat
 
     - name: leapp_missing_pkg | End play if no leapp report exists
-      ansible.builtin.meta: end_play
+      ansible.builtin.meta: end_host
       when: leapp_report_stat.stat.exists is false
 
     - name: leapp_missing_pkg | Read leapp report
@@ -28,6 +28,10 @@
       loop: "{{ leappreportdata.entries }}"
       when: item.title is match(entry_title_pattern) and (item.detail.remediations | selectattr('type', 'eq', 'command') | list | length > 0)
 
+    - name: leapp_missing_pkg | End execution of playbook if no entry found in leapp report
+      ansible.builtin.meta: end_host
+      when: remediation is not defined
+
     - name: leapp_missing_pkg | Install the missing package via remediation command
       ansible.builtin.command: "{{ remediation.context | join(' ') }}"
       when: remediation is defined

roles/remediate/tasks/leapp_multiple_kernels.yml

@@ -19,24 +19,14 @@
       register: set_default_kernel
       changed_when: set_default_kernel.rc == 0
 
-    - name: leapp_multiple_kernels | Reboot into new kernel
-      ansible.builtin.shell: sleep 2 && shutdown -r now
-      async: 1
-      poll: 0
-      failed_when: false
+    - name: leapp_multiple_kernels | Update-and-reboot | Reboot when updates applied
+      ansible.builtin.reboot:
+        reboot_timeout: 7200
+        post_reboot_delay: "{{ post_reboot_delay }}"
       when: installed_kernels.stdout_lines[0] != current_kernel.stdout
-      changed_when: true
-
-    - name: leapp_multiple_kernels | Wait for reboot
-      ansible.builtin.wait_for_connection:
-        delay: 15
-        timeout: 60
-      become: false
-      when: installed_kernels.stdout_lines[0] != current_kernel.stdout
-
     - name: leapp_multiple_kernels | Remove old kernels
       ansible.builtin.yum:
-        name: leapp_multiple_kernels | kernel-core-{{ item }}
+        name: kernel-core-{{ item }}
         state: absent
       loop: "{{ installed_kernels.stdout_lines[1:] }}"
 

roles/remediate/tasks/leapp_newest_kernel_not_in_use.yml

@@ -13,17 +13,9 @@
       register: set_default_kernel
       changed_when: set_default_kernel.rc == 0
 
-    - name: leapp_newest_kernel_not_in_use | Reboot into new kernel
-      ansible.builtin.shell: sleep 2 && shutdown -r now
-      async: 1
-      poll: 0
-      failed_when: false
-      changed_when: true
-
-    - name: leapp_newest_kernel_not_in_use | Wait for reboot
-      ansible.builtin.wait_for_connection:
-        delay: 15
-        timeout: 60
-      become: false
+    - name: leapp_newest_kernel_not_in_use | Update-and-reboot | Reboot when updates applied
+      ansible.builtin.reboot:
+        reboot_timeout: 7200
+        post_reboot_delay: "{{ post_reboot_delay }}"
 
 ...

roles/remediate/tasks/leapp_nfs_detected.yml

@@ -10,7 +10,7 @@
       register: leapp_report_stat
 
     - name: leapp_nfs_detected | End play if no leapp report exists
-      ansible.builtin.meta: end_play
+      ansible.builtin.meta: end_host
       when: leapp_report_stat.stat.exists is false
 
     - name: leapp_nfs_detected | Read leapp report
@@ -28,6 +28,10 @@
       loop: "{{ leappreportdata.entries }}"
       when: item.title is match(entry_title) and (item.summary | length > 0)
 
+    - name: leapp_nfs_detected | End execution of playbook if no entry found in leapp report
+      ansible.builtin.meta: end_host
+      when: summary is not defined
+
     - name: leapp_nfs_detected | Split summary
       ansible.builtin.set_fact:
         split_summary: "{{ summary.split('- NFS')[1:] | map('regex_replace', '^[\\s\\n]+', '- NFS ') | list }}"

roles/remediate/tasks/leapp_old_postgresql_data.yml

@@ -7,7 +7,7 @@
       register: pgsql_data_stat
 
     - name: leapp_old_postgresql_data | End play if /var/lib/psql/data does not exist
-      ansible.builtin.meta: end_play
+      ansible.builtin.meta: end_host
       when: not pgsql_data_stat.stat.exists
 
     - name: leapp_old_postgresql_data | Set backup filename with timestamp

roles/remediate/tasks/leapp_relative_symlinks.yml

@@ -28,6 +28,10 @@
       loop: "{{ leappreportdata.entries }}"
       when: item.title == entry_title and (item.detail.remediations | selectattr('type', 'eq', 'command') | list | length > 0)
 
+    - name: leapp_relative_symlinks | End execution of playbook if no entry found in leapp report
+      ansible.builtin.meta: end_host
+      when: remediation is not defined
+
     - name: leapp_relative_symlinks | Output command to be executed
       ansible.builtin.debug:
         msg: "{{ remediation.context | last }}"

roles/remediate/tasks/leapp_rpms_with_rsa_sha1_detected.yml

@@ -10,7 +10,7 @@
       register: leapp_report_stat
 
     - name: leapp_rpms_with_rsa_sha1_detected | End play if no leapp report exists
-      ansible.builtin.meta: end_play
+      ansible.builtin.meta: end_host
       when: leapp_report_stat.stat.exists is false
 
     - name: leapp_rpms_with_rsa_sha1_detected | Read leapp report
@@ -28,13 +28,17 @@
       loop: "{{ leappreportdata.entries }}"
       when: item.title is match(entry_title) and (item.summary | length > 0)
 
+    - name: leapp_rpms_with_rsa_sha1_detected | End execution of playbook if no entry found in leapp report
+      ansible.builtin.meta: end_host
+      when: summary is not defined
+
     - name: leapp_rpms_with_rsa_sha1_detected | Parse bad_pkgs
       ansible.builtin.set_fact:
         bad_pkgs: "{{ summary | split('The list of problematic packages:') | last | trim | regex_findall('- ([^ ]+)', '\\1') }}"
 
     - name: leapp_rpms_with_rsa_sha1_detected | Remove bad packages
       ansible.builtin.dnf:
-        name: leapp_rpms_with_rsa_sha1_detected | {{ item }}
+        name: "{{ item }}"
         state: absent
       loop: "{{ bad_pkgs }}"
 

roles/remediate/tasks/leapp_unavailable_kde.yml

@@ -3,7 +3,7 @@
   block:
     - name: leapp_unavailable_kde | Install the GNOME desktop environment
       ansible.builtin.yum:
-        name: leapp_unavailable_kde | @^graphical-server-environment
+        name: "@^graphical-server-environment"
         state: present
 
 ...

roles/remediate/tasks/leapp_vdo_check_needed.yml

@@ -3,7 +3,7 @@
   block:
     - name: leapp_vdo_check_needed | Install vdo package
       ansible.builtin.dnf:
-        name: leapp_vdo_check_needed | vdo
+        name: vdo
         state: present
 
 ...

roles/remediate/tasks/main.yml

@@ -8,7 +8,7 @@
   tags: remediate
 
 - name: Remediate the system
-  ansible.builtin.include_tasks: "{{ item }}.yml"
+  ansible.builtin.include_tasks: "{{ remediation }}.yml"
   loop: "{{ remediation_playbooks }}"
   loop_control:
     loop_var: remediation