feat(validate): package check for iptables on debian

This commit is contained in:
Xan Manning 2021-12-19 21:41:59 +00:00 committed by Curtis John
parent 592b294ad8
commit cc8ba00de2
11 changed files with 39 additions and 18 deletions

View file

@ -3,8 +3,10 @@
hosts: node* hosts: node*
become: true become: true
tasks: tasks:
- name: Ensure apt cache is updated - name: Ensure apt cache is updated and iptables is installed
ansible.builtin.apt: ansible.builtin.apt:
name: iptables
state: present
update_cache: true update_cache: true
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'

View file

@ -2,7 +2,9 @@
- name: Prepare - name: Prepare
hosts: all hosts: all
tasks: tasks:
- name: Ensure apt cache is updated - name: Ensure apt cache is updated and iptables is installed
ansible.builtin.apt: ansible.builtin.apt:
name: iptables
state: present
update_cache: true update_cache: true
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'

View file

@ -2,7 +2,9 @@
- name: Prepare - name: Prepare
hosts: all hosts: all
tasks: tasks:
- name: Ensure apt cache is updated - name: Ensure apt cache is updated and iptables is installed
ansible.builtin.apt: ansible.builtin.apt:
name: iptables
state: present
update_cache: true update_cache: true
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'

View file

@ -2,7 +2,9 @@
- name: Prepare - name: Prepare
hosts: all hosts: all
tasks: tasks:
- name: Ensure apt cache is updated - name: Ensure apt cache is updated and iptables is installed
ansible.builtin.apt: ansible.builtin.apt:
name: iptables
state: present
update_cache: true update_cache: true
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'

View file

@ -33,8 +33,10 @@
- name: Prepare nodes - name: Prepare nodes
hosts: node* hosts: node*
tasks: tasks:
- name: Ensure apt cache is updated - name: Ensure apt cache is updated and iptables is installed
ansible.builtin.apt: ansible.builtin.apt:
name: iptables
state: present
update_cache: true update_cache: true
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'

View file

@ -33,8 +33,10 @@
- name: Prepare nodes - name: Prepare nodes
hosts: node* hosts: node*
tasks: tasks:
- name: Ensure apt cache is updated - name: Ensure apt cache is updated and iptables is installed
ansible.builtin.apt: ansible.builtin.apt:
name: iptables
state: present
update_cache: true update_cache: true
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'

View file

@ -2,7 +2,9 @@
- name: Prepare - name: Prepare
hosts: all hosts: all
tasks: tasks:
- name: Ensure apt cache is updated - name: Ensure apt cache is updated and iptables is installed
ansible.builtin.apt: ansible.builtin.apt:
name: iptables
state: present
update_cache: true update_cache: true
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'

View file

@ -18,7 +18,8 @@
Documentation: {{ package.documentation }} Documentation: {{ package.documentation }}
{% endif %} {% endif %}
when: when:
- check_k3s_required_package.rc is defined
- (package.until is not defined - (package.until is not defined
or k3s_release_version is version_compare(package.until, '>=')) or (k3s_release_version | replace('v', '')) is version_compare(package.until, '>='))
- (package.from is not defined - (package.from is not defined
or k3s_release_version is version_compare(package.from, '>=')) or (k3s_release_version | replace('v', '')) is version_compare(package.from, '>='))

View file

@ -1,5 +1,14 @@
--- ---
- include_tasks: environment/remote/packages.yml
loop: "{{ k3s_check_packages[ansible_distribution | replace(' ', '-') | lower] }}"
loop_control:
loop_var: package
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- k3s_check_packages[ansible_distribution | replace(' ', '-') | lower] is defined
- import_tasks: configuration/variables.yml - import_tasks: configuration/variables.yml
- import_tasks: configuration/experimental-variables.yml - import_tasks: configuration/experimental-variables.yml

View file

@ -21,14 +21,6 @@
- not k3s_skip_validation - not k3s_skip_validation
- not k3s_skip_env_checks - not k3s_skip_env_checks
- include_tasks: environment/remote/packages.yml
loop: "{{ k3s_check_packages }}"
loop_control:
loop_var: package
when:
- not k3s_skip_validation
- not k3s_skip_env_checks
- include_tasks: environment/local/issue-data.yml - include_tasks: environment/local/issue-data.yml
when: when:
- pyratlabs_issue_controller_dump is defined - pyratlabs_issue_controller_dump is defined

View file

@ -92,7 +92,12 @@ k3s_server_manifests_dir: "{{ k3s_data_dir }}/server/manifests"
k3s_server_pod_manifests_dir: "{{ k3s_data_dir }}/agent/pod-manifests" k3s_server_pod_manifests_dir: "{{ k3s_data_dir }}/agent/pod-manifests"
# Packages that we need to check are installed # Packages that we need to check are installed
k3s_check_packages: [] k3s_check_packages:
debian:
- name: iptables
from: 1.19.2
until: 1.22.2
documentation: https://rancher.com/docs/k3s/latest/en/advanced/#enabling-legacy-iptables-on-raspbian-buster
# - name: dummy # - name: dummy
# from: 1.19.2 # from: 1.19.2
# until: 1.21.0 # until: 1.21.0