diff --git a/ansible/inventory/group_vars/all/dnf b/ansible/inventory/group_vars/all/dnf index f8a7fade4..d9f2507ce 100644 --- a/ansible/inventory/group_vars/all/dnf +++ b/ansible/inventory/group_vars/all/dnf @@ -42,6 +42,13 @@ dnf_custom_repos: {} # systems only. Default value is 'false'. dnf_install_epel: false +# Override the state of repositories. Expected to be used with repositories not +# managed by dnf_custom_repos. For example: +# dnf_repo_state_overrides: +# crb: enabled +# Default value is {}. +dnf_repo_state_overrides: {} + ############################################################################### # DNF Automatic configuration. diff --git a/ansible/inventory/group_vars/all/ipa b/ansible/inventory/group_vars/all/ipa index e021de913..d8542b929 100644 --- a/ansible/inventory/group_vars/all/ipa +++ b/ansible/inventory/group_vars/all/ipa @@ -23,16 +23,16 @@ ipa_builder_source_version: "{{ openstack_branch }}" ipa_build_dib_host_packages_extra: [ 'zstd' ] # List of default Diskimage Builder (DIB) elements to use when building IPA -# images. Default is ["centos", "dynamic-login", "enable-serial-console", -# "ironic-python-agent-ramdisk"] when os_distribution is "rocky", and -# ["ubuntu", "dynamic-login", "enable-serial-console", +# images. Default is ["rocky-container", "dynamic-login", +# "enable-serial-console", "ironic-python-agent-ramdisk"] when os_distribution +# is "rocky", and ["ubuntu", "dynamic-login", "enable-serial-console", # "ironic-python-agent-ramdisk"] otherwise. ipa_build_dib_elements_default: - # TODO(mattcrees): Use {{ os_distribution }} here when Rocky IPA builds work. - - "{{ 'centos' if os_distribution == 'rocky' else os_distribution }}" + - "{{ 'rocky-container' if os_distribution == 'rocky' else os_distribution }}" - dynamic-login - enable-serial-console - ironic-python-agent-ramdisk + - baremetal # List of additional Diskimage Builder (DIB) elements to use when building IPA # images. Default is none. @@ -48,8 +48,9 @@ ipa_build_dib_elements: > # Dictionary of default environment variables to provide to Diskimage Builder # (DIB) during IPA image build. ipa_build_dib_env_default: - # TODO(mattcrees): Use {{ os_release }} here when Rocky IPA builds work. - DIB_RELEASE: "{{ '9-stream' if os_distribution == 'rocky' else os_release }}" + DIB_RELEASE: "{{ os_release }}" + DIB_CONTAINERFILE_RUNTIME: "{{ container_engine }}" + DIB_CONTAINERFILE_RUNTIME_ROOT: "{{ (container_engine == 'podman') | int }}" DIB_REPOLOCATION_ironic_python_agent: "{{ ipa_build_source_url }}" DIB_REPOREF_ironic_python_agent: "{{ ipa_build_source_version }}" DIB_REPOREF_requirements: "{{ ipa_build_source_version }}" @@ -84,8 +85,10 @@ ipa_build_dib_git_elements_extra: [] ipa_build_dib_git_elements: >- {{ ipa_build_dib_git_elements_default + ipa_build_dib_git_elements_extra }} -# List of DIB packages to install. Default is empty list. -ipa_build_dib_packages: [] +# List of DIB packages to install. Default is ["python3-yaml"] when +# when os_distribution is "rocky", otherwise []. +ipa_build_dib_packages: >- + {{ ["python3-yaml"] if os_distribution == 'rocky' else [] }} # Upper constraints file for installing packages in the virtual environment # used for building IPA images. Default is {{ pip_upper_constraints_file }}. diff --git a/ansible/roles/dnf/tasks/local-mirror.yml b/ansible/roles/dnf/tasks/local-mirror.yml index 33aaa4384..3204ccbab 100644 --- a/ansible/roles/dnf/tasks/local-mirror.yml +++ b/ansible/roles/dnf/tasks/local-mirror.yml @@ -9,9 +9,12 @@ group: root mode: 0664 become: True + when: (role_path ~ '/templates/' ~ item ~ '.j2') is exists loop: - "{{ repo_file_prefix }}.repo" - "{{ repo_file_prefix }}-extras.repo" + - "{{ repo_file_prefix }}-addons.repo" + - "{{ repo_file_prefix }}-devel.repo" - name: Update cache dnf: diff --git a/ansible/roles/dnf/tasks/main.yml b/ansible/roles/dnf/tasks/main.yml index d39b8a145..516884b67 100644 --- a/ansible/roles/dnf/tasks/main.yml +++ b/ansible/roles/dnf/tasks/main.yml @@ -13,3 +13,12 @@ when: dnf_use_local_mirror | bool - import_tasks: custom-repo.yml + +- name: Configure repository overrides + become: true + community.general.dnf_config_manager: + name: "{{ item }}" + state: "{{ dnf_repo_state_overrides[item] }}" + # NOTE(wszumski): Ignore repos managed with dnf_custom_repos as enabled state + # is set in definition. + loop: "{{ dnf_repo_state_overrides.keys() | difference(dnf_custom_repos.keys()) }}" diff --git a/ansible/roles/dnf/templates/centos-addons.repo.j2 b/ansible/roles/dnf/templates/centos-addons.repo.j2 new file mode 100644 index 000000000..88d33e84e --- /dev/null +++ b/ansible/roles/dnf/templates/centos-addons.repo.j2 @@ -0,0 +1,130 @@ +[highavailability] +name=CentOS Stream $releasever - HighAvailability +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/HighAvailability/$basearch/os/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +countme=1 +enabled=0 + +[highavailability-debuginfo] +name=CentOS Stream $releasever - HighAvailability - Debug +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/HighAvailability/debug/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[highavailability-source] +name=CentOS Stream $releasever - HighAvailability - Source +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/HighAvailability/source/tree/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[nfv] +name=CentOS Stream $releasever - NFV +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/NFV/$basearch/os/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +countme=1 +enabled=0 + +[nfv-debuginfo] +name=CentOS Stream $releasever - NFV - Debug +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/NFV/debug/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[nfv-source] +name=CentOS Stream $releasever - NFV - Source +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/NFV/source/tree/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[rt] +name=CentOS Stream $releasever - RT +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/RT/$basearch/os/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +countme=1 +enabled=0 + +[rt-debuginfo] +name=CentOS Stream $releasever - RT - Debug +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/RT/debug/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[rt-source] +name=CentOS Stream $releasever - RT - Source +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/RT/source/tree/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[resilientstorage] +name=CentOS Stream $releasever - ResilientStorage +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/ResilientStorage/$basearch/os/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +countme=1 +enabled=0 + +[resilientstorage-debuginfo] +name=CentOS Stream $releasever - ResilientStorage - Debug +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/ResilientStorage/debug/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[resilientstorage-source] +name=CentOS Stream $releasever - ResilientStorage - Source +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/ResilientStorage/source/tree/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[extras-common] +name=CentOS Stream $releasever - Extras packages +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/SIGs/$stream/extras/$basearch/extras-common/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +countme=1 +enabled=1 + +[extras-common-source] +name=CentOS Stream $releasever - Extras packages - Source +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/SIGs/$stream/extras/source/extras-common/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 diff --git a/ansible/roles/dnf/templates/centos-extras.repo.j2 b/ansible/roles/dnf/templates/centos-extras.repo.j2 deleted file mode 100644 index 399bf2028..000000000 --- a/ansible/roles/dnf/templates/centos-extras.repo.j2 +++ /dev/null @@ -1,17 +0,0 @@ -# CentOS-Stream-Extras.repo -# -# The mirrorlist system uses the connecting IP address of the client and the -# update status of each mirror to pick current mirrors that are geographically -# close to the client. You should use this for CentOS updates unless you are -# manually picking other mirrors. -# -# If the mirrorlist does not work for you, you can try the commented out -# baseurl line instead. - -[extras] -name=CentOS Stream $releasever - Extras -baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/SIGs/$stream/extras/$basearch/extras-common/ -gpgcheck=1 -enabled=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial -fastestmirror=0 diff --git a/ansible/roles/dnf/templates/centos.repo.j2 b/ansible/roles/dnf/templates/centos.repo.j2 index b6fb3f97d..2451bc9cb 100644 --- a/ansible/roles/dnf/templates/centos.repo.j2 +++ b/ansible/roles/dnf/templates/centos.repo.j2 @@ -1,25 +1,83 @@ -# centos.repo -# -# The mirrorlist system uses the connecting IP address of the client and the -# update status of each mirror to pick current mirrors that are geographically -# close to the client. You should use this for CentOS updates unless you are -# manually picking other mirrors. -# -# If the mirrorlist does not work for you, you can try the commented out -# baseurl line instead. - [baseos] name=CentOS Stream $releasever - BaseOS baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/BaseOS/$basearch/os/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +countme=1 enabled=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial -fastestmirror=0 + +[baseos-debuginfo] +name=CentOS Stream $releasever - BaseOS - Debug +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/BaseOS/debug/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[baseos-source] +name=CentOS Stream $releasever - BaseOS - Source +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/BaseOS/source/tree/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 [appstream] name=CentOS Stream $releasever - AppStream baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/AppStream/$basearch/os/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +countme=1 enabled=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial -fastestmirror=0 + +[appstream-debuginfo] +name=CentOS Stream $releasever - AppStream - Debug +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/AppStream/debug/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[appstream-source] +name=CentOS Stream $releasever - AppStream - Source +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/AppStream/source/tree/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[crb] +name=CentOS Stream $releasever - CRB +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/CRB/$basearch/os/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +countme=1 +enabled=0 + +[crb-debuginfo] +name=CentOS Stream $releasever - CRB - Debug +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/CRB/debug/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 + +[crb-source] +name=CentOS Stream $releasever - CRB - Source +baseurl=http://{{ dnf_centos_mirror_host }}/{{ dnf_centos_mirror_directory }}/$stream/CRB/source/tree/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial-SHA256 +gpgcheck=1 +repo_gpgcheck=0 +metadata_expire=6h +enabled=0 diff --git a/ansible/roles/dnf/templates/rocky-addons.repo.j2 b/ansible/roles/dnf/templates/rocky-addons.repo.j2 new file mode 100644 index 000000000..57f522ca0 --- /dev/null +++ b/ansible/roles/dnf/templates/rocky-addons.repo.j2 @@ -0,0 +1,149 @@ +# rocky-addons.repo +# +# The mirrorlist system uses the connecting IP address of the client and the +# update status of each mirror to pick current mirrors that are geographically +# close to the client. You should use this for Rocky updates unless you are +# manually picking other mirrors. +# +# If the mirrorlist does not work for you, you can try the commented out +# baseurl line instead. + +[highavailability] +name=Rocky Linux $releasever - High Availability +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=HighAvailability-$releasever$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/HighAvailability/$basearch/os/ +gpgcheck=1 +enabled=0 +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[highavailability-debuginfo] +name=Rocky Linux $releasever - High Availability - Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=HighAvailability-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/HighAvailability/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[highavailability-source] +name=Rocky Linux $releasever - High Availability - Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=HighAvailability-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/HighAvailability/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[nfv] +name=Rocky Linux $releasever - NFV +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=NFV-$releasever$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/NFV/$basearch/os/ +gpgcheck=1 +enabled=0 +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[nfv-debuginfo] +name=Rocky Linux $releasever - NFV Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/NFV/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[nfv-source] +name=Rocky Linux $releasever - NFV Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/NFV/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[rt] +name=Rocky Linux $releasever - Realtime +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/RT/$basearch/os/ +gpgcheck=1 +enabled=0 +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[rt-debuginfo] +name=Rocky Linux $releasever - Realtime Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/RT/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[rt-source] +name=Rocky Linux $releasever - Realtime Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/RT/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[sap] +name=Rocky Linux $releasever - SAP +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAP-$releasever$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/SAP/$basearch/os/ +gpgcheck=1 +enabled=0 +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[sap-debuginfo] +name=Rocky Linux $releasever - SAP Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAP-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/SAP/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[sap-source] +name=Rocky Linux $releasever - SAP Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAP-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/SAP/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[saphana] +name=Rocky Linux $releasever - SAPHANA +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAPHANA-$releasever$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/SAPHANA/$basearch/os/ +gpgcheck=1 +enabled=0 +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[saphana-debuginfo] +name=Rocky Linux $releasever - SAPHANA Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAPHANA-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/SAPHANA/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[saphana-source] +name=Rocky Linux $releasever - SAPHANA Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAPHANA-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/SAPHANA/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 diff --git a/ansible/roles/dnf/templates/rocky-devel.repo.j2 b/ansible/roles/dnf/templates/rocky-devel.repo.j2 new file mode 100644 index 000000000..8d1eb1586 --- /dev/null +++ b/ansible/roles/dnf/templates/rocky-devel.repo.j2 @@ -0,0 +1,30 @@ +# rocky-devel.repo +# +# devel and no-package-left-behind + +[devel] +name=Rocky Linux $releasever - Devel WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=devel-$releasever$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/devel/$basearch/os/ +gpgcheck=1 +enabled=0 +countme=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[devel-debuginfo] +name=Rocky Linux $releasever - Devel Debug WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=devel-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/devel/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +countme=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[devel-source] +name=Rocky Linux $releasever - Devel Source WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=devel-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/devel/source/tree/ +gpgcheck=1 +enabled=0 +countme=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 diff --git a/ansible/roles/dnf/templates/rocky-extras.repo.j2 b/ansible/roles/dnf/templates/rocky-extras.repo.j2 index 7ea0fa6bf..ed9896972 100644 --- a/ansible/roles/dnf/templates/rocky-extras.repo.j2 +++ b/ansible/roles/dnf/templates/rocky-extras.repo.j2 @@ -10,7 +10,56 @@ [extras] name=Rocky Linux $releasever - Extras +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=extras-$releasever$rltype baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/extras/$basearch/os/ gpgcheck=1 enabled=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-{{ ansible_facts.distribution_major_version }} + +[extras-debuginfo] +name=Rocky Linux $releasever - Extras Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=extras-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/extras/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-{{ ansible_facts.distribution_major_version }} + +[extras-source] +name=Rocky Linux $releasever - Extras Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=extras-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/extras/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-{{ ansible_facts.distribution_major_version }} + +[plus] +name=Rocky Linux $releasever - Plus +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=plus-$releasever$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/plus/$basearch/os/ +gpgcheck=1 +enabled=0 +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-{{ ansible_facts.distribution_major_version }} + +[plus-debuginfo] +name=Rocky Linux $releasever - Plus - Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=plus-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/plus/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-{{ ansible_facts.distribution_major_version }} + +[plus-source] +name=Rocky Linux $releasever - Plus - Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=plus-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/plus/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-{{ ansible_facts.distribution_major_version }} diff --git a/ansible/roles/dnf/templates/rocky.repo.j2 b/ansible/roles/dnf/templates/rocky.repo.j2 index 0c4b990c7..5d5ea0da9 100644 --- a/ansible/roles/dnf/templates/rocky.repo.j2 +++ b/ansible/roles/dnf/templates/rocky.repo.j2 @@ -10,14 +10,84 @@ [baseos] name=Rocky Linux $releasever - BaseOS +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-$releasever$rltype baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/BaseOS/$basearch/os/ gpgcheck=1 enabled=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[baseos-debuginfo] +name=Rocky Linux $releasever - BaseOS - Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/BaseOS/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[baseos-source] +name=Rocky Linux $releasever - BaseOS - Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=BaseOS-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/BaseOS/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 [appstream] name=Rocky Linux $releasever - AppStream +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=AppStream-$releasever$rltype baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/AppStream/$basearch/os/ gpgcheck=1 enabled=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[appstream-debuginfo] +name=Rocky Linux $releasever - AppStream - Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=AppStream-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/AppStream/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[appstream-source] +name=Rocky Linux $releasever - AppStream - Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=AppStream-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/AppStream/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[crb] +name=Rocky Linux $releasever - CRB +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=CRB-$releasever$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/CRB/$basearch/os/ +gpgcheck=1 +enabled=0 +countme=1 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[crb-debuginfo] +name=Rocky Linux $releasever - CRB - Debug +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=CRB-$releasever-debug$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/CRB/$basearch/debug/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 + +[crb-source] +name=Rocky Linux $releasever - CRB - Source +#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=CRB-$releasever-source$rltype +baseurl=http://{{ dnf_rocky_mirror_host }}/{{ dnf_rocky_mirror_directory }}/$releasever/CRB/source/tree/ +gpgcheck=1 +enabled=0 +metadata_expire=6h +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-10 diff --git a/doc/source/configuration/reference/hosts.rst b/doc/source/configuration/reference/hosts.rst index da2a1467f..95ce37523 100644 --- a/doc/source/configuration/reference/hosts.rst +++ b/doc/source/configuration/reference/hosts.rst @@ -301,6 +301,25 @@ however this is no longer the case. It is possible to enable or disable the EPEL DNF repository by setting ``dnf_install_epel`` to ``true`` or ``false`` respectively. +Enabling or disabling additional repositories +--------------------------------------------- + +The variable ``dnf_repo_state_overrides`` allows you to enable or disable +repositories. It should be defined as a dictionary where each key corresponds +to a repository identifier (i.e. the section label in the repository +definition), and each value specifies the desired state of that repository. +This variable is useful for enabling additional repositories defined in the +default repository files. Repositories defined in ``dnf_custom_repos`` are +ignored, as their state is already managed through this variable. + +For example, to enable the CodeReady Linux Builder (CRB) repository: + +.. code-block:: yaml + :caption: ``dnf.yml`` + + dnf_repo_state_overrides: + crb: enabled + DNF Automatic ------------- diff --git a/etc/kayobe/dnf.yml b/etc/kayobe/dnf.yml index da4ea22eb..f418d1a13 100644 --- a/etc/kayobe/dnf.yml +++ b/etc/kayobe/dnf.yml @@ -47,6 +47,13 @@ # systems only. Default value is 'false'. #dnf_install_epel: +# Override the state of repositories. Expected to be used with repositories not +# managed by dnf_custom_repos. For example: +# dnf_repo_state_overrides: +# crb: enabled +# Default value is {}. +#dnf_repo_state_overrides: + ############################################################################### # DNF Automatic configuration. diff --git a/etc/kayobe/ipa.yml b/etc/kayobe/ipa.yml index b64320685..bfe675d97 100644 --- a/etc/kayobe/ipa.yml +++ b/etc/kayobe/ipa.yml @@ -23,9 +23,9 @@ #ipa_build_dib_host_packages_extra: # List of default Diskimage Builder (DIB) elements to use when building IPA -# images. Default is ["centos", "dynamic-login", "enable-serial-console", -# "ironic-python-agent-ramdisk"] when os_distribution is "rocky", and -# ["ubuntu", "dynamic-login", "enable-serial-console", +# images. Default is ["rocky-container", "dynamic-login", +# "enable-serial-console", "ironic-python-agent-ramdisk"] when os_distribution +# is "rocky", and ["ubuntu", "dynamic-login", "enable-serial-console", # "ironic-python-agent-ramdisk"] otherwise. #ipa_build_dib_elements_default: @@ -64,7 +64,8 @@ # ipa_build_dib_git_elements_default and ipa_build_dib_git_elements_extra. #ipa_build_dib_git_elements: -# List of DIB packages to install. Default is empty list. +# List of DIB packages to install. Default is ["python3-yaml"] when +# when os_distribution is "rocky", otherwise []. #ipa_build_dib_packages: # Upper constraints file for installing packages in the virtual environment diff --git a/releasenotes/notes/adds-dnf-repos-to-enable-314da49e0aaa0b37.yaml b/releasenotes/notes/adds-dnf-repos-to-enable-314da49e0aaa0b37.yaml new file mode 100644 index 000000000..b26050ba7 --- /dev/null +++ b/releasenotes/notes/adds-dnf-repos-to-enable-314da49e0aaa0b37.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + Adds variable ``dnf_repo_state_overrides`` to enable repositories that are + defined but not enabled by default. This only works on RHEL-based + distributions that use ``dnf``. diff --git a/releasenotes/notes/build-rocky-ipa-f59e45e6fea6a4c4.yaml b/releasenotes/notes/build-rocky-ipa-f59e45e6fea6a4c4.yaml new file mode 100644 index 000000000..6d165b117 --- /dev/null +++ b/releasenotes/notes/build-rocky-ipa-f59e45e6fea6a4c4.yaml @@ -0,0 +1,11 @@ +--- +upgrade: + - | + Rocky Linux based Ironic Python Agent images are now built in Rocky Linux + based deployments rather than CentOS Stream: + ``ipa_build_dib_elements_default`` uses ``rocky-container`` element; + ``ipa_build_dib_packages`` includes the ``python3-yaml`` package; + ``ipa_build_dib_env_default`` uses specified ``os_release``; + and container runtime is set to ``container_engine``. + - | + ``baremetal`` element now included in ``ipa_build_dib_elements_default``