Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

⚠️ CONFLICT! Lineage pull request for: skeleton #78

Merged
merged 46 commits into from
Jun 11, 2024
Merged

⚠️ CONFLICT! Lineage pull request for: skeleton #78

merged 46 commits into from
Jun 11, 2024

Conversation

cisagovbot
Copy link

@cisagovbot cisagovbot commented Jun 2, 2024
edited by jsf9k
Loading

Lineage Pull Request: CONFLICT

Lineage has created this pull request to incorporate new changes found in an
upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-ansible-role.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with
your project.

The lineage/skeleton branch has one or more unresolved merge conflicts
that you must resolve before merging this pull request!

How to resolve the conflicts

  1. Take ownership of this pull request by removing any other assignees.

  2. Clone the repository locally, and reapply the merge:

    git clone git@github.com:cisagov/ansible-role-docker.git ansible-role-docker
cd ansible-role-docker
git remote add skeleton https://github.com/cisagov/skeleton-ansible-role.git
git remote set-url --push skeleton no_push
git switch develop
git switch --create lineage/skeleton --track origin/develop
git pull skeleton HEAD
git status

  3. Review the changes displayed by the status command. Fix any conflicts and
    possibly incorrect auto-merges.

  4. After resolving each of the conflicts, add your changes to the
    branch, commit, and push your changes:

    git add .github/dependabot.yml meta/main.yml molecule/default/molecule.yml molecule/default/requirements.yml 
git commit
git push --force --set-upstream origin lineage/skeleton

    Note that you may append to the default merge commit message
    that git creates for you, but please do not delete the existing
    content    . It provides useful information about the merge that is
    being performed.

  5. Wait for all the automated tests to pass.

  6. Confirm each item in the "Pre-approval checklist" below.

  7. Remove any of the checklist items that do not apply.

  8. Ensure every remaining checkbox has been checked.

  9. Mark this draft pull request "Ready for review".

✅ Pre-approval checklist

Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!

  • ✌️ The conflicts in this pull request have been resolved.
  • All relevant type-of-change labels have been added.
  • All new and existing tests pass.

Note

You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

mcdonnnj and others added 30 commits April 21, 2024 05:11
@mcdonnnj
Update the bandit configuration in pre-commit
771490a 
We removed the systemd_enabled scenario in
cisagov/skeleton-ansible-role#175 but we missed updating the `exclude`
directive for the `bandit` hook. Instead of just removing the unused
scenario the regex is instead updated to match the `tests`
subdirectory for any molecule scenario.
@jsf9k
Change the license so that it is an SPDX string
33947a6 
This is what is expected by Ansible Galaxy:
https://docs.ansible.com/ansible/latest/dev_guide/collections_galaxy_meta.html
@jsf9k @mcdonnnj
Pin ansible-core when running the ansible-lint linter
07e2b60 
New versions of ansible-core (2.16.7 and 2.17.0) have been released
that do not suffer from the bug discussed in ansible/ansible#82702.
This bug broke any symlinked files in vars, tasks, etc. for any
Ansible role installed via ansible-galaxy.

All versions later than ansible-core 2.16.7 and 2.17.0 should function
as expected.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k
Remove unnecessary line
c74e5db 
The line is not only unnecessary, it was commented out to boot!
@jsf9k
Explain why ansible may need to be added as a dependency for ansible-…
2e53e0d 
…lint

On its own ansible-lint does not pull in ansible, only ansible-core.
Therefore, if an Ansible module lives in ansible instead of
ansible-core, the linter will complain that the module is unknown.  In
these cases it is necessary to add the ansible package itself as an
additional dependency, with the same pinning as is done in
requirements-test.txt of cisagov/skeleton-ansible-role.
@mcdonnnj
Add community.docker as a requirement for molecule testing
c000a6d 
We explicitly add the `community.docker` collection with a minimum
version as a requirement to the molecule configuration. This will allow
us to ensure that a version of this collection that is compatible with
2.32.0 and newer of the Python requests library is installed.
@mcdonnnj
Merge pull request #196 from cisagov/bug/specify_collection_version_r…
82e9264 
…equirement

Add `community.docker` as a requirement for molecule testing
@jsf9k @mcdonnnj
Modify the ansible-core pin to ensure a good version is used
670748b 
We can do this because new versions of ansible-core (2.16.7 and
2.17.0) have been released that do not suffer from the bug discussed
in ansible/ansible#82702.  This bug broke any symlinked files in vars,
tasks, etc. for any Ansible role installed via ansible-galaxy.

All versions later than ansible-core 2.16.7 and 2.17.0 should function
as expected.
@jsf9k @mcdonnnj
Update ansible pin
db61055 
With the updated ansible-core pin we can support ansible 9.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@mcdonnnj
Restore externally managed Python environment indicator
fc7b883 
In SystemD-enabled Docker images sources from geerlingguy he has made
the decision to remove the indicator for an externally managed Python
environment if the host is configured with one. This impacts Debian
Bookworm and Trixie, as well as Ubuntu 24.04 (Noble Numbat), and as far
as we know any future versions of these distributions. This will help
ensure that our Ansible role testing is done against images that
reflect how a host will be configured when used to create AMIs.
@mcdonnnj @dav3r @jsf9k
Determine Python version on host dynamically
4958184 
Remove the hard-coded values used in to restore the externally managed
Python environment file. Instead check that Python 3 is installed and
derive the major.minor version of the Python 3 package that is on the
host.

Co-authored-by: dav3r <david.redmin@gwe.cisa.dhs.gov>
Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
@mcdonnnj
Streamline logic checking for applicable host platforms
4e1659e 
In the playbook that restores the externally managed Python environment
file we can just check for supported distributions instead of checking
for Debian-based and then excluding distributions (like Kali).
@mcdonnnj @dav3r
Fix typo in comment
b967e9d 
Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
@mcdonnnj @dav3r
Improve explanatory comment
b25f1fc 
Improve the comment that explains the backslash usage in a YAML
multiline string used to define a regex pattern.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
@mcdonnnj
Add support for Ubuntu 24.04 (Noble Numbat)
706151e
@jsf9k @mcdonnnj
Add support for Fedora 40
e7d3969 
Remove support for Fedora 38 as it is now EOL.
@mcdonnnj
Merge pull request #193 from cisagov/improvement/remove-ansible-core-pin
5c97685 
Update version pin on `ansible-core` Python package
@mcdonnnj
Merge pull request #190 from cisagov/improvement/restore_externally_m…
14e069b 
…anage_python_file

Restore externally managed Python environment indicator if necessary
@mcdonnnj
Merge pull request #189 from cisagov/improvement/add_support_for_ubun…
ec431ef 
…tu_2404

Add support for Ubuntu 24.04 (Noble Numbat)
@mcdonnnj
Merge pull request #188 from cisagov/improvement/add-support-for-fedo…
59d8cd6 
…ra-40

Add support for Fedora 40
@mcdonnnj
Merge pull request #187 from cisagov/improvement/make-license-entry-spdx
5689f30 
Change the license so that it is an SPDX string
@mcdonnnj
Merge pull request #185 from cisagov/bug/update_pre-commit_configurat…
81839d9 
…ion_to_remove_scenario

Update the `bandit` hook configuration for pre-commit
@jsf9k @mcdonnnj
Add GH actions to setup QEMU and buildx
581a55c 
This idea was stolen from felddy/reusable-workflows.
@jsf9k @mcdonnnj
Add Molecule testing support for aarch where possible
5759b77
@jsf9k @dav3r @mcdonnnj
Alphabetize platforms
234ac03 
Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
@jsf9k @mcdonnnj
Add support for the aarch64 platform for Fedora 39, Fedora 40, and AL…
77f62e3 
…2023

These platforms can now be included because the following PRs have
been merged:
- geerlingguy/docker-fedora39-ansible#2
- geerlingguy/docker-fedora40-ansible#1
- geerlingguy/docker-amazonlinux2023-ansible#4
@jsf9k @mcdonnnj
Prefer the name arm64 to aarch64
6158bae 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @mcdonnnj
Assign a name to the test job in the build GHA workflow
357a701 
This helps keep the job name in line with the molecule configuration.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@mcdonnnj
Update the update_molecule_images.sh helper script
4d2653d 
Adjust the script to pull down platform specific images instead of just
the image of the running system's platform. This will ensure that all
images needed by the molecule configuration are retrieved regardless of
the system platform.
@mcdonnnj
Add new dependabot ignore directives
ba48f71 
Adds commented out ignore statements for the following new Action
dependencies added to the `test` job:
- docker/setup-buildx-action
- docker/setup-qemu-action

Once uncommented in downstream repositories this will ensure that these
dependencies are managed in a centralized place.
jsf9k added 6 commits June 6, 2024 10:58
@jsf9k
Merge remote-tracking branch 'skeleton-ansible-role/develop' into lin…
b4de34a 
…eage/skeleton
@jsf9k
Uncomment new Dependabot ignore directives from upstream
6a620c7
@jsf9k
Account for the possibility of a non-zero return code
38c18c1 
The systemctl is-system-running command can return a nonzero value if
the status is degraded:
https://man.archlinux.org/man/systemctl.1#System_Commands
@jsf9k
Remove Debian 13 from test matrix
4b2c896 
Docker does not yet officially support Debian Trixie.  See
https://docs.docker.com/engine/install/debian/ for more details.
@jsf9k
Do not specify the architecture in the apt repo specification
1069c39 
We want the correct architecture to be picked up automatically.
@jsf9k
Remove redundant task
9b236c3 
The earlier ansible.builtin.apt_repository task already updates the
cache.
@jsf9k jsf9k force-pushed the lineage/skeleton branch from 55adf58 to 9b236c3 Compare June 6, 2024 17:23
mcdonnnj and others added 3 commits June 6, 2024 13:55
@mcdonnnj
Update pre-commit hook versions
f51fe62 
This is done automatically with the `pre-commit autoupdate` command.
The pre-commit/mirrors-prettier was manually held back because the
latest tags are for alpha releases of the next major version.
@mcdonnnj
Manually update the prettier hook
8e55b8e 
Use the latest v3 release available from NPM.
@jsf9k
Prefer ansible_architecture over ansible_userspace_architecture
d7d6d40 
It appears that the ansible_userspace_architecture fact is undefined
in at least some cases now, and in any event ansible_architecture
gives the expected value.
@jsf9k jsf9k force-pushed the lineage/skeleton branch from e43f012 to d7d6d40 Compare June 6, 2024 19:47
jsf9k and others added 6 commits June 6, 2024 16:42
@jsf9k @mcdonnnj
Correct commented-out ansible pin
c617bb9 
The pin now agrees with what is in cisagov/skeleton-ansible-role.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@mcdonnnj
Merge pull request #183 from cisagov/maintenance/update_pre-commit_hooks
de92c3c 
Update `pre-commit` hooks
@mcdonnnj
Merge pull request #182 from cisagov/improvement/pin-packages-for-ans…
7ddea47 
…ible-lint

Pin packages for `ansible-lint`
Merge https://github.com/cisagov/skeleton-generic into lineage/skeleton
92a2ef7
@mcdonnnj
Merge pull request #198 from cisagov/lineage/skeleton
bcdf7a8 
Lineage pull request for: skeleton
Merge https://github.com/cisagov/skeleton-ansible-role into lineage/s…
1a00148 
…keleton
@jsf9k jsf9k marked this pull request as ready for review June 8, 2024 01:21
@jsf9k jsf9k requested a review from a team June 8, 2024 01:22
@jsf9k jsf9k enabled auto-merge June 8, 2024 01:22
@jsf9k jsf9k mentioned this pull request Jun 10, 2024
Merged
3 tasks
@jsf9k jsf9k merged commit ff44677 into develop Jun 11, 2024
49 checks passed
@jsf9k jsf9k deleted the lineage/skeleton branch June 11, 2024 15:08
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@dav3r dav3r dav3r approved these changes

@dv4harr10 dv4harr10 dv4harr10 approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jasonodoom jasonodoom Awaiting requested review from jasonodoom

@jsf9k jsf9k Awaiting requested review from jsf9k jsf9k is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

Assignees

@jsf9k jsf9k

Labels
dependencies Pull requests that update a dependency file github-actions Pull requests that update GitHub Actions code upstream update This issue or pull request pulls in upstream updates
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@cisagovbot @dav3r @dv4harr10 @felddy @jsf9k @jasonodoom @mcdonnnj