Merge pull request #813 from slagle/bootc

Initial bootc support

roles/edpm_bootc/meta/argument_specs.yml

@@ -0,0 +1,7 @@
+---
+argument_specs:
+  # ./roles/edpm_bootc/tasks/main.yml entry point
+  main:
+    short_description: The main entry point for the edpm_bootc role.
+    description: Multiple lines description
+    options: {}

roles/edpm_bootc/meta/main.yml

@@ -0,0 +1,43 @@
+---
+# Copyright 2024 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+galaxy_info:
+  author: OpenStack
+  description: EDPM OpenStack Role -- edpm_bootc
+  company: Red Hat
+  license: Apache-2.0
+  min_ansible_version: '2.14'
+  namespace: osp
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  platforms:
+    - name: 'EL'
+      versions:
+        - '8'
+        - '9'
+
+  galaxy_tags:
+    - edpm
+
+
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
+dependencies: []

roles/edpm_bootc/molecule/default/collections.yml

@@ -0,0 +1,3 @@
+---
+collections:
+- name: community.general

roles/edpm_bootc/molecule/default/converge.yml

@@ -0,0 +1,21 @@
+---
+# Copyright 2024 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+- name: Converge
+  hosts: all
+  roles:
+    - role: "edpm_bootc"

roles/edpm_bootc/molecule/default/molecule.yml

@@ -0,0 +1,30 @@
+---
+dependency:
+  name: galaxy
+  options:
+    role-file: collections.yml
+driver:
+  name: podman
+platforms:
+- command: /sbin/init
+  dockerfile: ../../../../molecule/common/Containerfile.j2
+  image: ${EDPM_ANSIBLE_MOLECULE_IMAGE:-"ubi9/ubi-init"}
+  name: instance
+  privileged: true
+  registry:
+    url: ${EDPM_ANSIBLE_MOLECULE_REGISTRY:-"registry.access.redhat.com"}
+  ulimits:
+  - host
+provisioner:
+  log: true
+  name: ansible
+scenario:
+  test_sequence:
+  - dependency
+  - destroy
+  - create
+  - prepare
+  - converge
+  - destroy
+verifier:
+  name: ansible

roles/edpm_bootc/molecule/default/prepare.yml

@@ -0,0 +1,22 @@
+---
+# Copyright 2024 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+- name: Prepare
+  hosts: all
+  roles:
+    - role: ../../../../molecule/common/test_deps
+    - role: env_data

roles/edpm_bootc/tasks/main.yml

@@ -0,0 +1,24 @@
+---
+# Copyright 2024 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Check for /bin/bootc
+  ansible.builtin.stat:
+    path: /bin/bootc
+  register: bootc_stat
+
+- name: Set fact for bootc
+  ansible.builtin.set_fact:
+    bootc: "{{ bootc_stat.stat.exists }}"

roles/edpm_bootstrap/tasks/bootstrap-common-post-packages.yml

@@ -0,0 +1,59 @@
+---
+# Copyright 2024 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Set selinux state
+  ansible.posix.selinux:
+    policy: targeted
+    state: "{{ edpm_bootstrap_selinux_mode }}"
+  become: true
+
+- name: Stop NetworkManager from updating resolv.conf
+  when: ( edpm_bootstrap_network_service == 'NetworkManager' ) and ( not edpm_bootstrap_network_resolvconf_update )
+  become: true
+  block:
+    - name: Set 'dns=none' in /etc/NetworkManager/NetworkManager.conf
+      community.general.ini_file:
+        path: /etc/NetworkManager/NetworkManager.conf
+        state: present
+        no_extra_spaces: true
+        section: main
+        option: dns
+        value: none
+        backup: true
+        mode: '0644'
+    - name: Set 'rc-manager=unmanaged' in /etc/NetworkManager/NetworkManager.conf
+      community.general.ini_file:
+        path: /etc/NetworkManager/NetworkManager.conf
+        state: present
+        no_extra_spaces: true
+        section: main
+        option: rc-manager
+        value: unmanaged
+        backup: true
+        mode: '0644'
+    - name: Reload NetworkManager
+      ansible.builtin.systemd:
+        name: NetworkManager
+        state: reloaded
+
+- name: Stop dhclient from updating resolv.conf
+  become: true
+  ansible.builtin.copy:
+    dest: /etc/dhcp/dhclient-enter-hooks
+    mode: "0755"
+    content: |
+      #!/bin/sh
+      make_resolv_conf() { : ; }

roles/edpm_bootstrap/tasks/bootstrap-common-pre-packages.yml

@@ -0,0 +1,61 @@
+---
+# Copyright 2024 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Ensure /var/log/journal exists
+  ansible.builtin.file:
+    path: /var/log/journal
+    state: directory
+    mode: '0750'
+    owner: root
+    group: root
+    setype: var_log_t
+  become: true
+
+- name: Gather services facts
+  ansible.builtin.service_facts:
+
+- name: Print cloud-init service status
+  ansible.builtin.debug:
+    var: ansible_facts.services["cloud-init.service"]
+
+- name: Check if cloud-init is disabled via kernel args
+  ansible.builtin.lineinfile:
+    path: /proc/cmdline
+    line: "cloud-init=disabled"
+    state: present
+  check_mode: true
+  register: cloud_init_vendor_disabled
+
+- name: Wait for cloud-init to finish, if enabled
+  community.general.cloud_init_data_facts:
+    filter: status
+  register: res
+  until: >
+    res.cloud_init_data_facts.status.v1.stage is defined and
+    not res.cloud_init_data_facts.status.v1.stage
+  retries: 50
+  delay: 5
+  when:
+    - not ansible_check_mode
+    - ansible_facts.services["cloud-init.service"] is defined
+    - ansible_facts.services["cloud-init.service"]["status"] != "not-found"
+    - ansible_facts.services["cloud-init.service"]["state"] == "running"
+    - ansible_facts.services["cloud-init.service"]["status"] == "enabled"
+    - cloud_init_vendor_disabled is changed
+  become: true
+
+- name: Execute bootstrap command
+  ansible.builtin.import_tasks: bootstrap_command.yml

roles/edpm_bootstrap/tasks/bootstrap.yml

@@ -14,102 +14,24 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-- name: Ensure /var/log/journal exists
-  ansible.builtin.file:
-    path: /var/log/journal
-    state: directory
-    mode: '0750'
-    owner: root
-    group: root
-    setype: var_log_t
-  become: true
+- name: Import edpm_bootc role
+  ansible.builtin.import_role:
+    name: edpm_bootc
 
-- name: Gather services facts
-  ansible.builtin.service_facts:
+- name: Import common pre packages tasks
+  ansible.builtin.import_tasks: bootstrap-common-pre-packages.yml
 
-- name: Print cloud-init service status
-  ansible.builtin.debug:
-    var: ansible_facts.services["cloud-init.service"]
+- name: Include packages tasks
+  ansible.builtin.include_tasks: packages.yml
+  when: not bootc
 
-- name: Check if cloud-init is disabled via kernel args
-  ansible.builtin.lineinfile:
-    path: /proc/cmdline
-    line: "cloud-init=disabled"
-    state: present
-  check_mode: true
-  register: cloud_init_vendor_disabled
+- name: Import common post packages tasks
+  ansible.builtin.import_tasks: bootstrap-common-post-packages.yml
 
-- name: Wait for cloud-init to finish, if enabled
-  community.general.cloud_init_data_facts:
-    filter: status
-  register: res
-  until: >
-    res.cloud_init_data_facts.status.v1.stage is defined and
-    not res.cloud_init_data_facts.status.v1.stage
-  retries: 50
-  delay: 5
-  when:
-    - not ansible_check_mode
-    - ansible_facts.services["cloud-init.service"] is defined
-    - ansible_facts.services["cloud-init.service"]["status"] != "not-found"
-    - ansible_facts.services["cloud-init.service"]["state"] == "running"
-    - ansible_facts.services["cloud-init.service"]["status"] == "enabled"
-    - cloud_init_vendor_disabled is changed
-  become: true
+- name: Include swap tasks
+  ansible.builtin.include_tasks: swap.yml
+  when: not bootc
 
-- name: Execute bootstrap command
-  ansible.builtin.import_tasks: bootstrap_command.yml
-
-- name: Import packages tasks
-  ansible.builtin.import_tasks: packages.yml
-
-- name: Set selinux state
-  ansible.posix.selinux:
-    policy: targeted
-    state: "{{ edpm_bootstrap_selinux_mode }}"
-  become: true
-
-- name: Stop NetworkManager from updating resolv.conf
-  when: ( edpm_bootstrap_network_service == 'NetworkManager' ) and ( not edpm_bootstrap_network_resolvconf_update )
-  become: true
-  block:
-    - name: Set 'dns=none' in /etc/NetworkManager/NetworkManager.conf
-      community.general.ini_file:
-        path: /etc/NetworkManager/NetworkManager.conf
-        state: present
-        no_extra_spaces: true
-        section: main
-        option: dns
-        value: none
-        backup: true
-        mode: '0644'
-    - name: Set 'rc-manager=unmanaged' in /etc/NetworkManager/NetworkManager.conf
-      community.general.ini_file:
-        path: /etc/NetworkManager/NetworkManager.conf
-        state: present
-        no_extra_spaces: true
-        section: main
-        option: rc-manager
-        value: unmanaged
-        backup: true
-        mode: '0644'
-    - name: Reload NetworkManager
-      ansible.builtin.systemd:
-        name: NetworkManager
-        state: reloaded
-
-- name: Stop dhclient from updating resolv.conf
-  become: true
-  ansible.builtin.copy:
-    dest: /etc/dhcp/dhclient-enter-hooks
-    mode: "0755"
-    content: |
-      #!/bin/sh
-      make_resolv_conf() { : ; }
-
-- name: Configure swap
-  ansible.builtin.import_tasks: swap.yml
-
-- name: FIPS tasks
+- name: Import FIPS tasks
   ansible.builtin.import_tasks: fips.yml
   when: edpm_bootstrap_fips_mode != 'check'