Move Debian to Python 3 packages #130
Conversation
The python 2 packages don't exist any more in current stable Debian 11 and Ubuntu 22.04 LTS. Use the python3-* packages (vars/main.yml has the correct ones).
The current LTS 22.04 is the more interesting target. This detects bugs like [1]. Keep 20.04 running as well for the time being. [1] linux-system-roles/certificate#130
|
I'll have to defer to @rjeffman about Debian support |
|
@rjeffman Friendly review ping? Thanks! |
| __certificate_packages: | ||
| - python-pyasn1 | ||
| - python-cryptography | ||
| - python-dbus |
There was a problem hiding this comment.
FTR: The python3 packages have existed for ages, at least since stretch. cryptography, pyasn1, dbus
|
Hi @martinpitt, I'm getting back from PTO today, and will look at this soon (please ping me if I don't answer during this week). On ansible-freeipa we've had some issues with Debian/Ubuntu support regarding Python 2/3 changes, due to packaging on Debian side. I'd like to have support for Ubuntu 20.04+ if Debian/Ubuntu is to be supported, and if at all possible. Another issue is that freeipa server is currently required (as it is the only available provider, IIRC), but the server is not available in any recent Ubuntu version (last I know of is 18.04). Anyway, I'll get back to you later this week. |
|
@rjeffman : FreeIPA is available in all Ubuntu releases. You probably meant that it is not available in some Debians? The tracker shows that it is not present in Debian 11 (latest stable release), but at least it's in backports. It tends to fall out of testing as it keeps getting release-critical bugs.
Right, me too. And the way to do that is to use the Python 3 packages, they have worked since oldstable and Ubuntu 18.04 at least. |
|
I've tested this changes against Debian 10 and Ubuntu 18.04, 20.04, 22.04, and it worked well. Although I was not able to test against Debian 11 (due to issues deploying IPA client with ansible-freeipa), I don't think it will be a problem. |
|
FTR: Tested with Debian 11, and it also worked. |
The current LTS 22.04 is the more interesting target. This detects bugs like [1]. Keep 20.04 running as well for the time being. [1] linux-system-roles/certificate#130 Co-authored-by: Richard Megginson <rmeggins@redhat.com>
[1.4.0] - 2022-11-01 -------------------- ### New Features - Use the firewall role and the selinux role from the cockpit role (linux-system-roles#76) Since cockpit_port is a public api of the cockpit role, define it in defaults/main.yml as null. - Introduce cockpit_manage_firewall to use the firewall role to manage the cockpit service. Default to false - means the firewall role is not used. - Add the test check task tasks/check_port.yml for verifying the ports status. - Add meta/collection-requirements.yml. - Introduce cockpit_manage_selinux to use the selinux role to manage the ports in the cockpit service. Assign websm_port_t to the cockpit service ports. Default to false - means the selinux role is not used. - Use the certificate role to create the cert and the key (linux-system-roles#78) - Introduce a variable cockpit_certificates to set the certificate_requests. - Update README so that using the certificate role is recommended. Add a check and README note for not supporting creating a self-signed certificate on RHEL/CentOS-7. ### Bug Fixes - none ### Other Changes - workflows: Add integration-tests for Ubuntu 22.04 (linux-system-roles#68) The current LTS 22.04 is the more interesting target. This detects bugs like [1]. Keep 20.04 running as well for the time being. [1] linux-system-roles/certificate#130 - Clone the certificate role in the temporary dir. (linux-system-roles#77) Signed-off-by: Rich Megginson <rmeggins@redhat.com>
[1.4.0] - 2022-11-01 -------------------- ### New Features - Use the firewall role and the selinux role from the cockpit role (#76) Since cockpit_port is a public api of the cockpit role, define it in defaults/main.yml as null. - Introduce cockpit_manage_firewall to use the firewall role to manage the cockpit service. Default to false - means the firewall role is not used. - Add the test check task tasks/check_port.yml for verifying the ports status. - Add meta/collection-requirements.yml. - Introduce cockpit_manage_selinux to use the selinux role to manage the ports in the cockpit service. Assign websm_port_t to the cockpit service ports. Default to false - means the selinux role is not used. - Use the certificate role to create the cert and the key (#78) - Introduce a variable cockpit_certificates to set the certificate_requests. - Update README so that using the certificate role is recommended. Add a check and README note for not supporting creating a self-signed certificate on RHEL/CentOS-7. ### Bug Fixes - none ### Other Changes - workflows: Add integration-tests for Ubuntu 22.04 (#68) The current LTS 22.04 is the more interesting target. This detects bugs like [1]. Keep 20.04 running as well for the time being. [1] linux-system-roles/certificate#130 - Clone the certificate role in the temporary dir. (#77) Signed-off-by: Rich Megginson <rmeggins@redhat.com> Signed-off-by: Rich Megginson <rmeggins@redhat.com>
The python 2 packages don't exist any more in current stable Debian 11
and Ubuntu 22.04 LTS. Use the python3-* packages (vars/main.yml has the
correct ones).
Spotted in linux-system-roles/cockpit#68 , this role does not work at all any more in current Debian/Ubuntu.