From b5b3933072f7c9ce5456199e7f5f7ce3af5bc0a2 Mon Sep 17 00:00:00 2001
From: Rich Megginson <rmeggins@redhat.com>
Date: Tue, 2 Jul 2024 10:36:12 -0600
Subject: [PATCH] fix: add support for EL10

According to the Ansible team, support for listing platforms in
role `meta/main.yml` files is being removed.
Instead, they recommend using `galaxy_tags`

https://github.com/ansible/ansible/blob/stable-2.17/changelogs/CHANGELOG-v2.17.rst
"Remove the galaxy_info field platforms from the role templates"
https://github.com/ansible/ansible/issues/82453

For each version listed under `platforms.EL` - add a tag like `elN`.

Q: Why not use a delimiter between the platform and the version e.g. `el-10`?

This is not allowed by ansible-lint:

```
meta-no-tags: Tags must contain lowercase letters and digits only., invalid: 'el-10'
meta/main.yml:1
```

So we cannot use uppercase letters either.

Q: Why not use our own meta/main.yml field?

No other fields are allowed by ansible-lint:

```
syntax-check[specific]: 'myfield' is not a valid attribute for a RoleMetadata
```

Q: Why not use some other field?

There are no other applicable or suitable fields.

Q: What happens when we want to support versions like `N.M`?

Use the word "dot" instead of "." e.g. `el10dot3`.
Similarly - use "dash" instead of "-".

We do not need tags such as `fedoraall`.
The `fedora` tag implies that the role works on all supported versions of fedora.
Otherwise, use tags such as `fedora40` if the role only supports specific versions.

In addition - for roles that have different variable files for EL9, create
the corresponding EL10 files, and update the variables for EL10.

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
---
 .ostree/packages-runtime-CentOS-10.txt |  1 +
 .ostree/packages-runtime-CentOS-6.txt  |  3 +--
 .ostree/packages-runtime-CentOS-7.txt  |  3 +--
 .ostree/packages-runtime-CentOS-8.txt  |  3 +--
 .ostree/packages-runtime-CentOS-9.txt  |  3 +--
 .ostree/packages-runtime-RedHat-10.txt |  2 ++
 .ostree/packages-testing-CentOS.txt    |  2 +-
 meta/main.yml                          |  6 +++++
 vars/RedHat_10.yml                     | 33 ++++++++++++++++++++++++++
 9 files changed, 47 insertions(+), 9 deletions(-)
 create mode 120000 .ostree/packages-runtime-CentOS-10.txt
 mode change 100644 => 120000 .ostree/packages-runtime-CentOS-6.txt
 mode change 100644 => 120000 .ostree/packages-runtime-CentOS-7.txt
 mode change 100644 => 120000 .ostree/packages-runtime-CentOS-8.txt
 mode change 100644 => 120000 .ostree/packages-runtime-CentOS-9.txt
 create mode 100644 .ostree/packages-runtime-RedHat-10.txt
 mode change 100644 => 120000 .ostree/packages-testing-CentOS.txt
 create mode 100644 vars/RedHat_10.yml

diff --git a/.ostree/packages-runtime-CentOS-10.txt b/.ostree/packages-runtime-CentOS-10.txt
new file mode 120000
index 0000000..155c478
--- /dev/null
+++ b/.ostree/packages-runtime-CentOS-10.txt
@@ -0,0 +1 @@
+packages-runtime-RedHat-10.txt
\ No newline at end of file
diff --git a/.ostree/packages-runtime-CentOS-6.txt b/.ostree/packages-runtime-CentOS-6.txt
deleted file mode 100644
index a725f65..0000000
--- a/.ostree/packages-runtime-CentOS-6.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-openssh
-openssh-server
diff --git a/.ostree/packages-runtime-CentOS-6.txt b/.ostree/packages-runtime-CentOS-6.txt
new file mode 120000
index 0000000..788aef2
--- /dev/null
+++ b/.ostree/packages-runtime-CentOS-6.txt
@@ -0,0 +1 @@
+packages-runtime-RedHat-6.txt
\ No newline at end of file
diff --git a/.ostree/packages-runtime-CentOS-7.txt b/.ostree/packages-runtime-CentOS-7.txt
deleted file mode 100644
index a725f65..0000000
--- a/.ostree/packages-runtime-CentOS-7.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-openssh
-openssh-server
diff --git a/.ostree/packages-runtime-CentOS-7.txt b/.ostree/packages-runtime-CentOS-7.txt
new file mode 120000
index 0000000..ad88054
--- /dev/null
+++ b/.ostree/packages-runtime-CentOS-7.txt
@@ -0,0 +1 @@
+packages-runtime-RedHat-7.txt
\ No newline at end of file
diff --git a/.ostree/packages-runtime-CentOS-8.txt b/.ostree/packages-runtime-CentOS-8.txt
deleted file mode 100644
index a725f65..0000000
--- a/.ostree/packages-runtime-CentOS-8.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-openssh
-openssh-server
diff --git a/.ostree/packages-runtime-CentOS-8.txt b/.ostree/packages-runtime-CentOS-8.txt
new file mode 120000
index 0000000..a038eda
--- /dev/null
+++ b/.ostree/packages-runtime-CentOS-8.txt
@@ -0,0 +1 @@
+packages-runtime-RedHat-8.txt
\ No newline at end of file
diff --git a/.ostree/packages-runtime-CentOS-9.txt b/.ostree/packages-runtime-CentOS-9.txt
deleted file mode 100644
index a725f65..0000000
--- a/.ostree/packages-runtime-CentOS-9.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-openssh
-openssh-server
diff --git a/.ostree/packages-runtime-CentOS-9.txt b/.ostree/packages-runtime-CentOS-9.txt
new file mode 120000
index 0000000..d66f809
--- /dev/null
+++ b/.ostree/packages-runtime-CentOS-9.txt
@@ -0,0 +1 @@
+packages-runtime-RedHat-9.txt
\ No newline at end of file
diff --git a/.ostree/packages-runtime-RedHat-10.txt b/.ostree/packages-runtime-RedHat-10.txt
new file mode 100644
index 0000000..a725f65
--- /dev/null
+++ b/.ostree/packages-runtime-RedHat-10.txt
@@ -0,0 +1,2 @@
+openssh
+openssh-server
diff --git a/.ostree/packages-testing-CentOS.txt b/.ostree/packages-testing-CentOS.txt
deleted file mode 100644
index 35562c2..0000000
--- a/.ostree/packages-testing-CentOS.txt
+++ /dev/null
@@ -1 +0,0 @@
-man-db
diff --git a/.ostree/packages-testing-CentOS.txt b/.ostree/packages-testing-CentOS.txt
new file mode 120000
index 0000000..4ec7d39
--- /dev/null
+++ b/.ostree/packages-testing-CentOS.txt
@@ -0,0 +1 @@
+packages-testing-RedHat.txt
\ No newline at end of file
diff --git a/meta/main.yml b/meta/main.yml
index c8e199c..8a776e8 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -58,7 +58,13 @@ galaxy_info:
     - debian
     - centos
     - redhat
+    - fedora
     - freebsd
     - openbsd
     - aix
+    - el6
+    - el7
+    - el8
+    - el9
+    - el10
 dependencies: []
diff --git a/vars/RedHat_10.yml b/vars/RedHat_10.yml
new file mode 100644
index 0000000..c9d7919
--- /dev/null
+++ b/vars/RedHat_10.yml
@@ -0,0 +1,33 @@
+---
+__sshd_os_supported: true
+
+__sshd_packages:
+  - openssh
+  - openssh-server
+__sshd_sftp_server: /usr/libexec/openssh/sftp-server
+# RHEL 10 ships with drop-in directory support so we touch
+# just included file with highest priority by default
+__sshd_config_file: /etc/ssh/sshd_config.d/00-ansible_system_role.conf
+# the defaults here represent the defaults shipped in the main sshd_config
+__sshd_defaults:
+  Include: /etc/ssh/sshd_config.d/*.conf
+  AuthorizedKeysFile: .ssh/authorized_keys
+  Subsystem: "sftp {{ __sshd_sftp_server }}"
+
+__sshd_verify_hostkeys_default:
+  - /etc/ssh/ssh_host_rsa_key
+  - /etc/ssh/ssh_host_ecdsa_key
+  - /etc/ssh/ssh_host_ed25519_key
+__sshd_hostkeys_nofips:
+  - /etc/ssh/ssh_host_ed25519_key
+
+__sshd_drop_in_dir_mode: '0700'
+__sshd_main_config_file: /etc/ssh/sshd_config
+
+__sshd_environment_file: /etc/sysconfig/sshd
+__sshd_environment_variable: $OPTIONS
+__sshd_service_after: sshd-keygen.target
+__sshd_service_wants:
+  - sshd-keygen.target
+  - ssh-host-keys-migration.service
+__sshd_service_restart_timeout: 42s