|
|
|
@ -2,29 +2,31 @@
|
|
|
|
|
# Copyright (C) Fedora Project Authors
|
|
|
|
|
# License Text: https://spdx.org/licenses/MIT.html
|
|
|
|
|
|
|
|
|
|
# several test dependencies are unwanted in RHEL
|
|
|
|
|
%bcond tests %{undefined rhel}
|
|
|
|
|
# Disable shebang munging for specific paths. These files are data files.
|
|
|
|
|
# ansible-test munges the shebangs itself.
|
|
|
|
|
%global __brp_mangle_shebangs_exclude_from_file %{SOURCE2}
|
|
|
|
|
|
|
|
|
|
# controls whether to generate shell completions
|
|
|
|
|
# may be useful for bootstrapping purposes
|
|
|
|
|
%bcond argcomplete 1
|
|
|
|
|
|
|
|
|
|
# disable the python -s shbang flag as we want to be able to find non system modules
|
|
|
|
|
%undefine _py3_shebang_s
|
|
|
|
|
# RHEL and Fedora add -s to the shebang line. We do *not* use -s -E -S or -I
|
|
|
|
|
# with ansible because it has many optional features which users need to
|
|
|
|
|
# install libraries on their own to use. For instance, paramiko for the
|
|
|
|
|
# network connection plugins or winrm to talk to windows hosts.
|
|
|
|
|
# Set this to nil to remove -s
|
|
|
|
|
%define py3_shbang_opts %{nil}
|
|
|
|
|
|
|
|
|
|
Name: ansible-core
|
|
|
|
|
Summary: A radically simple IT automation system
|
|
|
|
|
Epoch: 1
|
|
|
|
|
Version: 2.16.3
|
|
|
|
|
%global uversion %{version_no_tilde %{quote:%nil}}
|
|
|
|
|
Release: 4%{?dist}
|
|
|
|
|
Version: 2.16.13
|
|
|
|
|
Release: 1%{?dist}
|
|
|
|
|
Group: Development/Libraries
|
|
|
|
|
# The main license is GPLv3+. Many of the files in lib/ansible/module_utils
|
|
|
|
|
# are BSD licensed. There are various files scattered throughout the codebase
|
|
|
|
|
# containing code under different licenses.
|
|
|
|
|
License: GPL-3.0-or-later AND BSD-2-Clause AND PSF-2.0 AND MIT AND Apache-2.0
|
|
|
|
|
|
|
|
|
|
Source0: https://github.com/ansible/ansible/archive/v%{uversion}/%{name}-%{uversion}.tar.gz
|
|
|
|
|
Source1: https://github.com/ansible/ansible-documentation/archive/v%{uversion}/ansible-documentation-%{uversion}.tar.gz
|
|
|
|
|
Source0: https://files.pythonhosted.org/packages/source/a/ansible-core/ansible_core-%{version}.tar.gz
|
|
|
|
|
Source1: https://github.com/ansible/ansible-documentation/archive/v%{version}/ansible-documentation-%{version}.tar.gz
|
|
|
|
|
Source2: ansible-test-data-files.txt
|
|
|
|
|
|
|
|
|
|
Url: https://ansible.com
|
|
|
|
|
BuildArch: noarch
|
|
|
|
@ -48,42 +50,29 @@ Provides: bundled(python3dist(six)) = 1.16.0
|
|
|
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
|
Provides: bundled(python3dist(selectors2)) = 1.1.1
|
|
|
|
|
|
|
|
|
|
# lib/ansible/module_utils/compat/ipaddress.py
|
|
|
|
|
# SPDX-License-Identifier: PSF-2.0
|
|
|
|
|
Provides: bundled(python3dist(ipaddress)) = 1.0.22
|
|
|
|
|
|
|
|
|
|
Conflicts: ansible <= 2.9.99
|
|
|
|
|
#
|
|
|
|
|
# obsoletes/provides for ansible-base
|
|
|
|
|
#
|
|
|
|
|
Provides: ansible-base = %{version}-%{release}
|
|
|
|
|
Obsoletes: ansible-base < 2.10.6-1
|
|
|
|
|
# We obsolete old ansible, and any version of ansible-base.
|
|
|
|
|
Obsoletes: ansible < 2.10.0
|
|
|
|
|
Obsoletes: ansible-base < 2.11.0
|
|
|
|
|
|
|
|
|
|
BuildRequires: git-core
|
|
|
|
|
BuildRequires: make
|
|
|
|
|
BuildRequires: pyproject-rpm-macros
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-devel
|
|
|
|
|
# This is only used in %%prep to relax the required setuptools version,
|
|
|
|
|
# which is not necessary in RHEL 10+.
|
|
|
|
|
# Not using it in RHEL avoids unwanted dependencies.
|
|
|
|
|
%if %{undefined rhel}
|
|
|
|
|
BuildRequires: tomcli >= 0.3.0
|
|
|
|
|
%endif
|
|
|
|
|
# Needed to build manpages from source.
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-docutils
|
|
|
|
|
|
|
|
|
|
%if %{with tests}
|
|
|
|
|
BuildRequires: git-core
|
|
|
|
|
BuildRequires: glibc-all-langpacks
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-systemd
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
%if %{with argcomplete}
|
|
|
|
|
Requires: python%{python3_pkgversion}-argcomplete
|
|
|
|
|
%endif
|
|
|
|
|
%if 0%{?fedora} >= 39
|
|
|
|
|
BuildRequires: python3-libdnf5
|
|
|
|
|
Recommends: python3-libdnf5
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-jinja2
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-pip
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-pyyaml
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-rpm-macros
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-setuptools
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-wheel
|
|
|
|
|
|
|
|
|
|
Requires: git-core
|
|
|
|
|
Requires: python%{python3_pkgversion}-cryptography
|
|
|
|
|
Requires: python%{python3_pkgversion}-jinja2 >= 3.0.0
|
|
|
|
|
Requires: python%{python3_pkgversion}-packaging
|
|
|
|
|
Requires: python%{python3_pkgversion}-pyyaml >= 5.1
|
|
|
|
|
Requires: python%{python3_pkgversion}-resolvelib >= 0.5.3
|
|
|
|
|
Requires: python%{python3_pkgversion}-resolvelib < 1.1.0
|
|
|
|
|
|
|
|
|
|
%global _description %{expand:
|
|
|
|
|
Ansible is a radically simple model-driven configuration management,
|
|
|
|
@ -94,99 +83,30 @@ are transferred to managed machines automatically.}
|
|
|
|
|
|
|
|
|
|
%description %_description
|
|
|
|
|
|
|
|
|
|
This is the base part of ansible (the engine).
|
|
|
|
|
|
|
|
|
|
%package doc
|
|
|
|
|
Summary: Documentation for Ansible Core
|
|
|
|
|
Provides: ansible-base-doc = %{version}-%{release}
|
|
|
|
|
Obsoletes: ansible-base-doc < 2.10.6-1
|
|
|
|
|
|
|
|
|
|
%description doc %_description
|
|
|
|
|
%package -n ansible-test
|
|
|
|
|
Summary: Tool for testing ansible plugin and module code
|
|
|
|
|
Requires: %{name} = %{epoch}:%{version}-%{release}
|
|
|
|
|
|
|
|
|
|
This package installs extensive documentation for ansible-core
|
|
|
|
|
%description -n ansible-test %_description
|
|
|
|
|
|
|
|
|
|
This package installs the ansible-test command for testing modules and plugins
|
|
|
|
|
developed for ansible.
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
|
%autosetup -p1 -n ansible-%{uversion} -a1
|
|
|
|
|
# Relax setuptools constraint on Fedora
|
|
|
|
|
# Future RHELs have new enough setuptools
|
|
|
|
|
%if %{undefined rhel}
|
|
|
|
|
tomcli-set pyproject.toml lists replace \
|
|
|
|
|
'build-system.requires' 'setuptools >=.*' 'setuptools'
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
sed -i -s 's|/usr/bin/env python|%{python3}|' \
|
|
|
|
|
bin/ansible-test \
|
|
|
|
|
test/lib/ansible_test/_util/target/cli/ansible_test_cli_stub.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# TODO: Investigate why hostname is the only module that still has a shebang
|
|
|
|
|
# and file an upstream issue if needed.
|
|
|
|
|
sed -i -e '1{\@^#!.*@d}' lib/ansible/modules/hostname.py
|
|
|
|
|
|
|
|
|
|
sed '/^mock$/d' test/lib/ansible_test/_data/requirements/units.txt > _requirements.txt
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%generate_buildrequires
|
|
|
|
|
%pyproject_buildrequires %{?with_tests:_requirements.txt test/units/requirements.txt}
|
|
|
|
|
%if %{with argcomplete}
|
|
|
|
|
# Shell completions
|
|
|
|
|
echo 'python%{python3_pkgversion}-argcomplete'
|
|
|
|
|
%endif
|
|
|
|
|
%autosetup -n ansible_core-%{version} -a1
|
|
|
|
|
|
|
|
|
|
# Fix all Python shebangs recursively in ansible-test
|
|
|
|
|
%{py3_shebang_fix} test/lib/ansible_test
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
|
%pyproject_wheel
|
|
|
|
|
%{pyproject_wheel}
|
|
|
|
|
|
|
|
|
|
# Build manpages
|
|
|
|
|
mkdir -p docs/man/man1
|
|
|
|
|
%{python3} packaging/cli-doc/build.py man --output-dir docs/man/man1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%if %{with argcomplete}
|
|
|
|
|
# Build shell completions
|
|
|
|
|
(
|
|
|
|
|
cd bin
|
|
|
|
|
for shell in bash fish; do
|
|
|
|
|
mkdir -p "../${shell}_completions"
|
|
|
|
|
for bin in *; do
|
|
|
|
|
if grep -q PYTHON_ARGCOMPLETE_OK "${bin}"; then
|
|
|
|
|
case "${shell}" in
|
|
|
|
|
bash)
|
|
|
|
|
format="${bin}"
|
|
|
|
|
;;
|
|
|
|
|
fish)
|
|
|
|
|
format="${bin}.${shell}"
|
|
|
|
|
;;
|
|
|
|
|
esac
|
|
|
|
|
register-python-argcomplete --shell "${shell}" "${bin}" > "../${shell}_completions/${format}"
|
|
|
|
|
else
|
|
|
|
|
echo "Skipped generating completions for ${bin}"
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
done
|
|
|
|
|
)
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
|
%pyproject_install
|
|
|
|
|
%pyproject_save_files ansible ansible_test
|
|
|
|
|
|
|
|
|
|
# These files are executable when they shouldn't be.
|
|
|
|
|
# Only the actual "binaries" in %%{_bindir} need to be executable
|
|
|
|
|
# and have shebangs.
|
|
|
|
|
while read -r file; do
|
|
|
|
|
sed -i -e '1{\@^#!.*@d}' "${file}"
|
|
|
|
|
done < <(find \
|
|
|
|
|
%{buildroot}%{python3_sitelib}/ansible/cli/*.py \
|
|
|
|
|
%{buildroot}%{python3_sitelib}/ansible/cli/scripts/ansible_connection_cli_stub.py \
|
|
|
|
|
-type f ! -executable)
|
|
|
|
|
|
|
|
|
|
%if %{with argcomplete}
|
|
|
|
|
install -Dpm 0644 bash_completions/* -t %{buildroot}%{bash_completions_dir}
|
|
|
|
|
install -Dpm 0644 fish_completions/* -t %{buildroot}%{fish_completions_dir}
|
|
|
|
|
%endif
|
|
|
|
|
%{pyproject_install}
|
|
|
|
|
|
|
|
|
|
# Create system directories that Ansible defines as default locations in
|
|
|
|
|
# ansible/config/base.yml
|
|
|
|
@ -212,7 +132,7 @@ DATADIR_LOCATIONS='%{_datadir}/ansible/collections
|
|
|
|
|
%{_datadir}/ansible/plugins/test
|
|
|
|
|
%{_datadir}/ansible/plugins/vars'
|
|
|
|
|
|
|
|
|
|
UPSTREAM_DATADIR_LOCATIONS=$(grep -ri default lib/ansible/config/base.yml| tr ':' '\n' | grep '/usr/share/ansible')
|
|
|
|
|
UPSTREAM_DATADIR_LOCATIONS=$(grep -ri default lib/ansible/config/base.yml | tr ':' '\n' | grep '/usr/share/ansible')
|
|
|
|
|
|
|
|
|
|
if [ "$SYSTEM_LOCATIONS" != "$UPSTREAM_SYSTEM_LOCATIONS" ] ; then
|
|
|
|
|
echo "The upstream Ansible datadir locations have changed. Spec file needs to be updated"
|
|
|
|
@ -226,8 +146,8 @@ done
|
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/ansible/
|
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/ansible/roles/
|
|
|
|
|
|
|
|
|
|
cp ansible-documentation-%{uversion}/examples/hosts %{buildroot}/etc/ansible/
|
|
|
|
|
cp ansible-documentation-%{uversion}/examples/ansible.cfg %{buildroot}/etc/ansible/
|
|
|
|
|
cp ansible-documentation-%{version}/examples/hosts %{buildroot}%{_sysconfdir}/ansible/
|
|
|
|
|
cp ansible-documentation-%{version}/examples/ansible.cfg %{buildroot}%{_sysconfdir}/ansible/
|
|
|
|
|
mkdir -p %{buildroot}/%{_mandir}/man1
|
|
|
|
|
cp -v docs/man/man1/*.1 %{buildroot}/%{_mandir}/man1/
|
|
|
|
|
|
|
|
|
@ -239,14 +159,8 @@ cp -v docs/man/man1/*.1 %{buildroot}/%{_mandir}/man1/
|
|
|
|
|
%global _pkglicensedir %{_licensedir}/ansible-core
|
|
|
|
|
install -Dpm 0644 licenses/* -t %{buildroot}%{_pkglicensedir}
|
|
|
|
|
|
|
|
|
|
%check
|
|
|
|
|
%if %{with tests}
|
|
|
|
|
%{python3} bin/ansible-test \
|
|
|
|
|
units --local --python-interpreter %{python3} -vv
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files -f %{pyproject_files}
|
|
|
|
|
%files
|
|
|
|
|
%defattr(-,root,root)
|
|
|
|
|
%license COPYING
|
|
|
|
|
%license %{_pkglicensedir}/{Apache-License,MIT-license,PSF-license,simplified_bsd}.txt
|
|
|
|
|
%doc README.md changelogs/CHANGELOG-v2.1?.rst
|
|
|
|
@ -254,20 +168,24 @@ install -Dpm 0644 licenses/* -t %{buildroot}%{_pkglicensedir}
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/ansible/*
|
|
|
|
|
%{_bindir}/ansible*
|
|
|
|
|
%{_datadir}/ansible/
|
|
|
|
|
%if %{with argcomplete}
|
|
|
|
|
%{bash_completions_dir}/ansible*
|
|
|
|
|
%{fish_completions_dir}/ansible*.fish
|
|
|
|
|
%endif
|
|
|
|
|
%{_mandir}/man1/ansible*
|
|
|
|
|
%{python3_sitelib}/ansible*
|
|
|
|
|
%exclude %{_bindir}/ansible-test
|
|
|
|
|
%exclude %{python3_sitelib}/ansible_test
|
|
|
|
|
|
|
|
|
|
%files doc
|
|
|
|
|
%doc ansible-documentation-%{uversion}/docs/docsite/rst
|
|
|
|
|
%if %{with docs}
|
|
|
|
|
%doc ansible-documentation-%{uversion}/docs/docsite/_build/html
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
%files -n ansible-test
|
|
|
|
|
%{_bindir}/ansible-test
|
|
|
|
|
%{python3_sitelib}/ansible_test
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
|
* Tue Nov 26 2024 Dimitri Savineau <dsavinea@redhat.com> - 1:2.16.13-1
|
|
|
|
|
- ansible-core 2.16.13 release (RHEL-69036)
|
|
|
|
|
- Add back ansible-test subpackage and drop doc subpackage
|
|
|
|
|
- Fix CVE-2024-8775 (Exposure of Sensitive Information in Ansible
|
|
|
|
|
Vault Files Due to Improper Logging) (RHEL-59076)
|
|
|
|
|
- Fix CVE-2024-9902 (Ansible-core user may read/write unauthorized
|
|
|
|
|
content) (RHEL-69034)
|
|
|
|
|
|
|
|
|
|
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1:2.16.3-4
|
|
|
|
|
- Bump release for October 2024 mass rebuild:
|
|
|
|
|
Resolves: RHEL-64018
|
|
|
|
|