mirror of
https://github.com/iiab/iiab.git
synced 2025-03-09 15:40:17 +00:00
Merge pull request #3679 from holta/ansible-core-2.16.1
Recommend ansible-core 2.16.1
This commit is contained in:
commit
95866394ea
3 changed files with 33 additions and 15 deletions
|
@ -11,7 +11,7 @@ CWD=`pwd`
|
|||
OS=`grep ^ID= /etc/os-release | cut -d= -f2`
|
||||
OS=${OS//\"/} # Remove all '"'
|
||||
MIN_RPI_KERN=5.4.0 # Do not use 'rpi-update' unless absolutely necessary: https://github.com/iiab/iiab/issues/1993
|
||||
MIN_ANSIBLE_VER=2.14.11 # 2023-05-22: ansible-core 2.12 EOL per https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix 2022-11-09: Raspberry Pi 3 (and 3 B+ etc?) apparently install (and require?) ansible-core 2.11 for now -- @deldesir can explain more on PR #3419. Historical: Ansible 2.8.3 and 2.8.6 had serious bugs, preventing their use with IIAB.
|
||||
MIN_ANSIBLE_VER=2.14.12 # 2023-05-22: ansible-core 2.12 EOL per https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix 2022-11-09: Raspberry Pi 3 (and 3 B+ etc?) apparently install (and require?) ansible-core 2.11 for now -- @deldesir can explain more on PR #3419. Historical: Ansible 2.8.3 and 2.8.6 had serious bugs, preventing their use with IIAB.
|
||||
|
||||
REINSTALL=false
|
||||
DEBUG=false
|
||||
|
|
|
@ -158,20 +158,38 @@
|
|||
when: item != 'mysql' and item != 'postgresql' and item != 'mongodb' and item != 'nodejs' and item != 'yarn' # Exclude auto-installed dependencies
|
||||
loop: "{{ vars_checklist }}"
|
||||
|
||||
|
||||
- name: Set vars_deprecated_list for 4+ vars ("XYZ_install") to be checked
|
||||
set_fact:
|
||||
vars_deprecated_list:
|
||||
- dhcpd # Deprecated
|
||||
- named # Deprecated
|
||||
- wondershaper # Deprecated
|
||||
- dansguardian # Deprecated
|
||||
#- xo_services # Unmaintained
|
||||
#- activity_server # Unmaintained
|
||||
#- ejabberd_xs # Unmaintained
|
||||
#- idmgr # Unmaintained
|
||||
#- dokuwiki # Unmaintained
|
||||
#- ejabberd # Unmaintained
|
||||
#- elgg # Unmaintained
|
||||
|
||||
- name: 'DISALLOW "XYZ_install: True" if deprecated'
|
||||
assert:
|
||||
that: "{{ item }}_install is undefined or not {{ item }}_install"
|
||||
fail_msg: "DISALLOWED: '{{ item }}_install: True' (e.g. in /etc/iiab/local_vars.yml)"
|
||||
quiet: yes
|
||||
with_items:
|
||||
- dhcpd # Deprecated
|
||||
- named # Deprecated
|
||||
- wondershaper # Deprecated
|
||||
- dansguardian # Deprecated
|
||||
#- xo_services # Unmaintained
|
||||
#- activity_server # Unmaintained
|
||||
#- ejabberd_xs # Unmaintained
|
||||
#- idmgr # Unmaintained
|
||||
#- dokuwiki # Unmaintained
|
||||
#- ejabberd # Unmaintained
|
||||
#- elgg # Unmaintained
|
||||
loop: "{{ vars_deprecated_list }}"
|
||||
# 2023-12-04: ansible-core 2.16.1 suddenly no longer allows 'assert' with
|
||||
# 'with_items' below (whereas 'loop' construct above works!) BACKGROUND:
|
||||
#
|
||||
# 'due to mitigation of security issue CVE-2023-5764 in ansible-core 2.16.1,
|
||||
# conditional expressions with embedded template blocks can fail with the
|
||||
# message “Conditional is marked as unsafe, and cannot be evaluated.”'
|
||||
# https://docs.ansible.com/ansible-core/2.16/porting_guides/porting_guide_core_2.16.html#playbook
|
||||
#
|
||||
# with_items:
|
||||
# - dhcpd # Deprecated
|
||||
# - named # Deprecated
|
||||
# - wondershaper # Deprecated
|
||||
# - dansguardian # Deprecated
|
||||
|
|
|
@ -7,8 +7,8 @@
|
|||
# https://github.com/iiab/iiab/wiki/Technical-Contributors-Guide#female_detective-understanding-ansible
|
||||
|
||||
APT_PATH=/usr/bin # Avoids problematic /usr/local/bin/apt on Linux Mint
|
||||
CURR_VER=undefined # Ansible version you have installed, e.g. [core 2.16.0]
|
||||
GOOD_VER=2.16.0 # Orig for 'yum install [rpm]' & XO laptops (pip install)
|
||||
CURR_VER=undefined # Ansible version you have installed, e.g. [core 2.16.1]
|
||||
GOOD_VER=2.16.1 # Orig for 'yum install [rpm]' & XO laptops (pip install)
|
||||
|
||||
# 2021-06-22: The apt approach (with PPA source in /etc/apt/sources.list.d/ and
|
||||
# .gpg key etc) are commented out with ### below. Associated guidance/comments
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue