From b5c16eaacdee469f264b3acb53f8cfe39e2f4f3c Mon Sep 17 00:00:00 2001 From: mg Date: Fri, 17 Feb 2023 12:17:12 +0100 Subject: [PATCH] Rolle aktualisiert: unattended upgrades (#461) Co-authored-by: Michael Grote Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/461 --- playbooks/base/unattended_upgrades.yml | 2 +- .../on-off/delete_old_upgrades_config.yml | 11 + .../.editorconfig | 0 .../.github/CODEOWNERS | 6 + .../.github/dependabot.yml | 19 + .../.github/workflows/ci.yml | 74 ++ .../workflows/prepare-action/action.yml | 20 + .../.github_changelog_generator | 3 + .../.gitignore | 1 + .../hifis-net.unattended_upgrades/.travis.yml | 16 + roles/hifis-net.unattended_upgrades/.yamllint | 41 + .../CHANGELOG.md | 99 ++ .../CONTRIBUTING.md | 189 ++++ .../LICENSE | 0 roles/hifis-net.unattended_upgrades/Pipfile | 16 + .../Pipfile.lock | 894 ++++++++++++++++++ roles/hifis-net.unattended_upgrades/README.md | 237 +++++ .../defaults/main.yml | 17 + .../handlers/main.yml | 0 .../meta/main.yml | 23 + .../molecule/default/converge.yml | 10 + .../molecule/default/molecule.yml | 55 ++ .../molecule/default/prepare.yml | 11 + .../molecule/default/verify.yml | 32 + .../tasks/main.yml | 4 + .../tasks/reboot.yml | 10 +- .../tasks/unattended-upgrades.yml | 38 + .../templates/unattended-upgrades.j2 | 53 +- .../tests/ansible.cfg | 0 .../tests/inventory | 0 .../tests/requirements.yml | 3 + .../tests/test.sh | 0 .../tests/test.yml | 62 +- .../vars/Debian-bullseye.yml | 9 + .../vars/Debian.yml | 0 .../vars/Ubuntu.yml | 0 roles/jnv.unattended_upgrades/.ansible-lint | 2 - .../workflows/ansible-linting-check.yml | 17 - roles/jnv.unattended_upgrades/.travis.yml | 16 - roles/jnv.unattended_upgrades/README.md | 199 ---- roles/jnv.unattended_upgrades/meta/main.yml | 38 - roles/jnv.unattended_upgrades/tasks/main.yml | 2 - .../tasks/unattended-upgrades.yml | 34 - .../templates/auto-upgrades.j2 | 27 - .../tests/requirements.yml | 3 - .../vars/Debian-wheezy.yml | 11 - 46 files changed, 1916 insertions(+), 388 deletions(-) create mode 100644 playbooks/on-off/delete_old_upgrades_config.yml rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/.editorconfig (100%) create mode 100644 roles/hifis-net.unattended_upgrades/.github/CODEOWNERS create mode 100644 roles/hifis-net.unattended_upgrades/.github/dependabot.yml create mode 100644 roles/hifis-net.unattended_upgrades/.github/workflows/ci.yml create mode 100644 roles/hifis-net.unattended_upgrades/.github/workflows/prepare-action/action.yml create mode 100644 roles/hifis-net.unattended_upgrades/.github_changelog_generator rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/.gitignore (73%) create mode 100644 roles/hifis-net.unattended_upgrades/.travis.yml create mode 100644 roles/hifis-net.unattended_upgrades/.yamllint create mode 100644 roles/hifis-net.unattended_upgrades/CHANGELOG.md create mode 100644 roles/hifis-net.unattended_upgrades/CONTRIBUTING.md rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/LICENSE (100%) create mode 100644 roles/hifis-net.unattended_upgrades/Pipfile create mode 100644 roles/hifis-net.unattended_upgrades/Pipfile.lock create mode 100644 roles/hifis-net.unattended_upgrades/README.md rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/defaults/main.yml (88%) rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/handlers/main.yml (100%) create mode 100644 roles/hifis-net.unattended_upgrades/meta/main.yml create mode 100644 roles/hifis-net.unattended_upgrades/molecule/default/converge.yml create mode 100644 roles/hifis-net.unattended_upgrades/molecule/default/molecule.yml create mode 100644 roles/hifis-net.unattended_upgrades/molecule/default/prepare.yml create mode 100644 roles/hifis-net.unattended_upgrades/molecule/default/verify.yml create mode 100644 roles/hifis-net.unattended_upgrades/tasks/main.yml rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/tasks/reboot.yml (50%) create mode 100644 roles/hifis-net.unattended_upgrades/tasks/unattended-upgrades.yml rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/templates/unattended-upgrades.j2 (71%) rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/tests/ansible.cfg (100%) rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/tests/inventory (100%) create mode 100644 roles/hifis-net.unattended_upgrades/tests/requirements.yml rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/tests/test.sh (100%) rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/tests/test.yml (55%) create mode 100644 roles/hifis-net.unattended_upgrades/vars/Debian-bullseye.yml rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/vars/Debian.yml (100%) rename roles/{jnv.unattended_upgrades => hifis-net.unattended_upgrades}/vars/Ubuntu.yml (100%) delete mode 100644 roles/jnv.unattended_upgrades/.ansible-lint delete mode 100644 roles/jnv.unattended_upgrades/.github/workflows/ansible-linting-check.yml delete mode 100644 roles/jnv.unattended_upgrades/.travis.yml delete mode 100644 roles/jnv.unattended_upgrades/README.md delete mode 100644 roles/jnv.unattended_upgrades/meta/main.yml delete mode 100644 roles/jnv.unattended_upgrades/tasks/main.yml delete mode 100644 roles/jnv.unattended_upgrades/tasks/unattended-upgrades.yml delete mode 100644 roles/jnv.unattended_upgrades/templates/auto-upgrades.j2 delete mode 100644 roles/jnv.unattended_upgrades/tests/requirements.yml delete mode 100644 roles/jnv.unattended_upgrades/vars/Debian-wheezy.yml diff --git a/playbooks/base/unattended_upgrades.yml b/playbooks/base/unattended_upgrades.yml index a66a4105..8e40280a 100644 --- a/playbooks/base/unattended_upgrades.yml +++ b/playbooks/base/unattended_upgrades.yml @@ -1,7 +1,7 @@ --- - hosts: all:!proxmox roles: - - { role: jnv.unattended_upgrades, + - { role: hifis-net.unattended_upgrades, become: true, tags: unattended, when: "ansible_facts['distribution'] == 'Ubuntu'"} diff --git a/playbooks/on-off/delete_old_upgrades_config.yml b/playbooks/on-off/delete_old_upgrades_config.yml new file mode 100644 index 00000000..16e0f316 --- /dev/null +++ b/playbooks/on-off/delete_old_upgrades_config.yml @@ -0,0 +1,11 @@ +--- +- hosts: all + tasks: + - name: delete_old_upgrades_config + become: yes + ansible.builtin.file: + name: "{{ item }}" + state: absent + loop: + - /etc/apt/apt.conf.d/20auto-upgrades + - /etc/apt/apt.conf.d/50unattended-upgrades diff --git a/roles/jnv.unattended_upgrades/.editorconfig b/roles/hifis-net.unattended_upgrades/.editorconfig similarity index 100% rename from roles/jnv.unattended_upgrades/.editorconfig rename to roles/hifis-net.unattended_upgrades/.editorconfig diff --git a/roles/hifis-net.unattended_upgrades/.github/CODEOWNERS b/roles/hifis-net.unattended_upgrades/.github/CODEOWNERS new file mode 100644 index 00000000..2890f25d --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/.github/CODEOWNERS @@ -0,0 +1,6 @@ +# SPDX-FileCopyrightText: 2022 Helmholtz Centre for Environmental Research (UFZ) +# SPDX-FileCopyrightText: 2022 Helmholtz-Zentrum Dresden-Rossendorf (HZDR) +# +# SPDX-License-Identifier: Apache-2.0 + +* @hifis-net/hifis-software-technology diff --git a/roles/hifis-net.unattended_upgrades/.github/dependabot.yml b/roles/hifis-net.unattended_upgrades/.github/dependabot.yml new file mode 100644 index 00000000..806c3042 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/.github/dependabot.yml @@ -0,0 +1,19 @@ +--- +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every weekday + interval: "daily" + + - package-ecosystem: "pip" + directory: "/" + schedule: + # Check for updates to pip packages every weekday + interval: "daily" + ignore: + - dependency-name: "python" + update-types: ["version-update:semver-major"] +... diff --git a/roles/hifis-net.unattended_upgrades/.github/workflows/ci.yml b/roles/hifis-net.unattended_upgrades/.github/workflows/ci.yml new file mode 100644 index 00000000..f8be6f8e --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/.github/workflows/ci.yml @@ -0,0 +1,74 @@ +--- +name: "CI" +on: + pull_request: + push: + branches: + - "main" + tags: + - "v*.*.*" + schedule: + - cron: '0 0 * * *' + +env: + PY_COLORS: 1 + ANSIBLE_FORCE_COLOR: 1 + +jobs: + + lint: + name: "Lint" + runs-on: "ubuntu-22.04" + steps: + - name: "Check out the codebase." + uses: "actions/checkout@v3" + + - name: "Prepare the job environment." + uses: "./.github/workflows/prepare-action" + + - name: "Lint code." + run: "pipenv run molecule lint" + + test: + name: "Run Molecule tests." + runs-on: "ubuntu-22.04" + strategy: + fail-fast: false + matrix: + image: + - "ghcr.io/hifis-net/ubuntu-systemd:22.04" + - "ghcr.io/hifis-net/ubuntu-systemd:20.04" + - "ghcr.io/hifis-net/ubuntu-systemd:18.04" + - "ghcr.io/hifis-net/debian-systemd:11" + - "ghcr.io/hifis-net/debian-systemd:10" + + steps: + - name: "Check out the codebase." + uses: "actions/checkout@v3" + + - name: "Enable lingering required for podman and systemd in GH Actions." + run: | # Compare with https://github.com/eriksjolund/user-systemd-service-actions-workflow/blob/efe872924fd2dd35bb482544126ce751303e14c2/README.md + sudo loginctl enable-linger $UID + sleep 1 + + - name: "Prepare the job environment." + uses: "./.github/workflows/prepare-action" + + - name: "Run Molecule tests." + run: "pipenv run molecule test" + env: + MOLECULE_IMAGE: "${{ matrix.image }}" + + release: + name: "Release new version on Ansible Galaxy" + runs-on: "ubuntu-22.04" + if: "startsWith(github.ref, 'refs/tags/v')" + needs: ["lint", "test"] + steps: + - name: "checkout" + uses: "actions/checkout@v3" + - name: "galaxy" + uses: "robertdebock/galaxy-action@1.2.1" + with: + galaxy_api_key: "${{ secrets.galaxy_api_key }}" + git_branch: "main" diff --git a/roles/hifis-net.unattended_upgrades/.github/workflows/prepare-action/action.yml b/roles/hifis-net.unattended_upgrades/.github/workflows/prepare-action/action.yml new file mode 100644 index 00000000..8e066632 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/.github/workflows/prepare-action/action.yml @@ -0,0 +1,20 @@ +--- +name: "Install dependencies and prepare the environment." +description: "Install the necessary dependencies for jobs." +runs: + using: "composite" + steps: + - name: "Install pipenv." + run: "pipx install pipenv" + shell: "bash" + + - name: "Set up Python 3." + uses: "actions/setup-python@v4" + id: "setup-python" + with: + python-version: "3.10" + cache: "pipenv" + + - name: "Install dependencies via pipenv." + run: "pipenv install --dev" + shell: "bash" diff --git a/roles/hifis-net.unattended_upgrades/.github_changelog_generator b/roles/hifis-net.unattended_upgrades/.github_changelog_generator new file mode 100644 index 00000000..5ec5ffcf --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/.github_changelog_generator @@ -0,0 +1,3 @@ +user=hifis-net +project=ansible-role-unattended-upgrades +since-tag=v1.12.2 diff --git a/roles/jnv.unattended_upgrades/.gitignore b/roles/hifis-net.unattended_upgrades/.gitignore similarity index 73% rename from roles/jnv.unattended_upgrades/.gitignore rename to roles/hifis-net.unattended_upgrades/.gitignore index d9ff546d..b0543243 100644 --- a/roles/jnv.unattended_upgrades/.gitignore +++ b/roles/hifis-net.unattended_upgrades/.gitignore @@ -1,3 +1,4 @@ .vagrant/ *~ *.log +.idea/ diff --git a/roles/hifis-net.unattended_upgrades/.travis.yml b/roles/hifis-net.unattended_upgrades/.travis.yml new file mode 100644 index 00000000..798f5d03 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/.travis.yml @@ -0,0 +1,16 @@ +sudo: "required" +language: "python" +services: "docker" + +cache: "pip" + +install: + - "pip install ansible docker" + - "ansible-galaxy install -r tests/requirements.yml -p tests/roles/" + +script: + - "ansible --version" + - "tests/test.sh" + +notifications: + webhooks: "https://galaxy.ansible.com/api/v1/notifications/" diff --git a/roles/hifis-net.unattended_upgrades/.yamllint b/roles/hifis-net.unattended_upgrades/.yamllint new file mode 100644 index 00000000..93651348 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/.yamllint @@ -0,0 +1,41 @@ +--- +# Based on ansible-lint config +extends: "default" + +ignore: | + .cache/ + +rules: + braces: + max-spaces-inside: 1 + level: "error" + brackets: + max-spaces-inside: 1 + level: "error" + colons: + max-spaces-after: -1 + level: "error" + commas: + max-spaces-after: -1 + level: "error" + comments: "disable" + comments-indentation: "disable" + document-start: "disable" + empty-lines: + max: 3 + level: "error" + hyphens: + level: "error" + indentation: "disable" + key-duplicates: "enable" + line-length: "disable" + new-line-at-end-of-file: "disable" + new-lines: + type: "unix" + quoted-strings: + quote-type: "any" + required: True + extra-required: [ ] + extra-allowed: [ ] + trailing-spaces: "disable" + truthy: "disable" diff --git a/roles/hifis-net.unattended_upgrades/CHANGELOG.md b/roles/hifis-net.unattended_upgrades/CHANGELOG.md new file mode 100644 index 00000000..3e57ae5e --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/CHANGELOG.md @@ -0,0 +1,99 @@ +# Changelog + +## [v2.0.1](https://github.com/hifis-net/ansible-role-unattended-upgrades/tree/v2.0.1) (2022-12-15) + +[Full Changelog](https://github.com/hifis-net/ansible-role-unattended-upgrades/compare/v2.0.0...v2.0.1) + +**Fixed bugs:** + +- Fix minimum specification of Ansible version [\#77](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/77) ([tobiashuste](https://github.com/tobiashuste)) + +**Closed issues:** + +- `unattended_dl_limit` doesn't work [\#76](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/76) +- ansible.builtin.import\_tasks problem [\#75](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/75) +- Detach fork [\#66](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/66) + +**Merged pull requests:** + +- Bump ansible-lint from 6.9.1 to 6.10.0 [\#79](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/79) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Prepare release v2.0.1 [\#78](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/78) ([Normo](https://github.com/Normo)) +- Bump ansible from 7.0.0 to 7.1.0 [\#74](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/74) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump molecule from 4.0.3 to 4.0.4 [\#73](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/73) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump ansible-lint from 6.9.0 to 6.9.1 [\#72](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/72) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Leave a hint about the original fork [\#71](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/71) ([Normo](https://github.com/Normo)) +- Make sure GitHub Actions runs on the main branch [\#70](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/70) ([tobiashuste](https://github.com/tobiashuste)) +- Fix deprecation warning in GitHub Actions [\#69](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/69) ([tobiashuste](https://github.com/tobiashuste)) + +## [v2.0.0](https://github.com/hifis-net/ansible-role-unattended-upgrades/tree/v2.0.0) (2022-12-02) + +[Full Changelog](https://github.com/hifis-net/ansible-role-unattended-upgrades/compare/v1.12.2...v2.0.0) + +**Implemented enhancements:** + +- \[Feature Request\] Use force\_apt\_get [\#32](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/32) +- Override configuration in a separate apt.conf.d file [\#10](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/10) +- Test role via Molecule [\#8](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/8) + +**Fixed bugs:** + +- Molecule folder not linted by molecule [\#48](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/48) +- Change caused by indentation [\#53](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/53) +- Fix installation of powermgmt-base package [\#35](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/35) + +**Closed issues:** + +- Documentation role name mismatch [\#41](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/41) +- Some configurations options are missing [\#56](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/56) +- Remove support for OS that reached EOL [\#38](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/38) +- Add changelog [\#33](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/33) +- Add contribution guide [\#16](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/16) +- Rename default branch to `main` [\#13](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/13) + +**Merged pull requests:** + +- Bump ansible-lint from 6.8.6 to 6.9.0 [\#62](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/62) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump ansible from 6.5.0 to 7.0.0 [\#60](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/60) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Add missing option Unattended-Upgrade::MailReport [\#57](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/57) ([nono-lqdn](https://github.com/nono-lqdn)) +- Bump ansible-lint from 6.8.2 to 6.8.6 [\#54](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/54) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump molecule from 4.0.2 to 4.0.3 [\#49](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/49) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump molecule from 4.0.1 to 4.0.2 [\#47](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/47) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump ansible-lint from 6.8.1 to 6.8.2 [\#46](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/46) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump ansible from 6.4.0 to 6.5.0 [\#45](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/45) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump ansible-lint from 6.8.0 to 6.8.1 [\#44](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/44) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump ansible-lint from 6.5.0 to 6.8.0 [\#43](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/43) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Fix role name in README [\#42](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/42) ([lukashass](https://github.com/lukashass)) +- Bump molecule-podman from 2.0.2 to 2.0.3 [\#40](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/40) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump ansible from 6.2.0 to 6.4.0 [\#25](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/25) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump yamllint from 1.27.1 to 1.28.0 [\#24](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/24) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Update README.md [\#19](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/19) ([Normo](https://github.com/Normo)) +- Bump ansible-lint from 6.4.0 to 6.5.0 [\#15](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/15) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Prepare release version 2.0.0 [\#67](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/67) ([Normo](https://github.com/Normo)) +- Add codeowners to autoassign reviewers [\#65](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/65) ([Normo](https://github.com/Normo)) +- Ensure new default branch main is used by Galaxy [\#64](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/64) ([Normo](https://github.com/Normo)) +- Lint molecule folder [\#63](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/63) ([Normo](https://github.com/Normo)) +- Fix indentation for unattended\_origins\_patterns in template file [\#61](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/61) ([Normo](https://github.com/Normo)) +- Remove support for OS that reached EOL [\#39](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/39) ([Normo](https://github.com/Normo)) +- Add changelog [\#37](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/37) ([Normo](https://github.com/Normo)) +- Fix installation of powermgmt-base [\#36](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/36) ([Normo](https://github.com/Normo)) +- Force usage of apt-get instead of aptitude [\#34](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/34) ([Normo](https://github.com/Normo)) +- Test Remove-Unused-Kernel-Packages option [\#31](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/31) ([Normo](https://github.com/Normo)) +- Add options for controlling the removal of unused kernel packages [\#29](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/29) ([gcotelli](https://github.com/gcotelli)) +- Stop overwriting default config [\#28](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/28) ([alpha0010](https://github.com/alpha0010)) +- Add contribution guide [\#22](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/22) ([Normo](https://github.com/Normo)) +- Remove custom ansible-lint config [\#18](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/18) ([Normo](https://github.com/Normo)) +- Fix 'All names should start with an uppercase letter' warnings [\#17](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/17) ([Normo](https://github.com/Normo)) +- Fix CI badge in README [\#14](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/14) ([tobiashuste](https://github.com/tobiashuste)) +- Replace deprecated include with import\_tasks [\#12](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/12) ([Normo](https://github.com/Normo)) +- Update README.md [\#11](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/11) ([Normo](https://github.com/Normo)) +- Test the role via molecule and update supported OS [\#9](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/9) ([tobiashuste](https://github.com/tobiashuste)) +- Bump actions/checkout from 2 to 3 [\#6](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/6) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump ansible/ansible-lint-action from 6.0.2 to 6.3.0 [\#5](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/5) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Add dependabot config to daily check for GitHub actions updates [\#4](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/4) ([Normo](https://github.com/Normo)) +- Force quoted strings [\#3](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/3) ([Normo](https://github.com/Normo)) +- Add yamllint configuration [\#2](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/2) ([Normo](https://github.com/Normo)) +- Fork https://github.com/jnv/ansible-role-unattended-upgrades [\#1](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/1) ([Normo](https://github.com/Normo)) + + + +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* diff --git a/roles/hifis-net.unattended_upgrades/CONTRIBUTING.md b/roles/hifis-net.unattended_upgrades/CONTRIBUTING.md new file mode 100644 index 00000000..f056c7e6 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/CONTRIBUTING.md @@ -0,0 +1,189 @@ + + +# Contributing + +## Please Help to Improve this Project + +You would like to contribute to this project and want to know how to do that? +Let me tell you first that you are awesome because you take care! +Let's make this Ansible role even better. +Any contributions and help to improve this project via issues, pull requests +and more are most welcome and much appreciated. +We are here to help you with your contributions at any time. +Please mention us in issues and pull requests if you need help or if you have +questions. + +## Why Do We Need Contributors and Contributions + +Coding is team-work and open-source software is community-work. +In order to enhance the project or correct bugs and regressions in the project +we need you and your support because the project benefits from your expertise, +knowledge, opinions, perspectives, and labour. +Together we are improving this Ansible role step-by-step. +Please follow these guidelines and be respectful as we respect your work and +your contributions in the same manner and support you and help you with your +contributions. +Feel free to get into contact with us or with other contributors as the +community will help you with your questions and contributions. + +## Contributions We are Looking For + +There are different ways to contribute to this project: + +1. Discuss issues and pull requests +2. Submit bug reports or contribute new feature proposals +3. Contribute fixes or implement new features +4. Do testing + +### Investigate Before Contributing + +Before you start contributing and create issues and pull requests we ask you +to first check whether an issue or pull request already exists for the error, +enhancement, feature or test case you have in mind. + +### Discuss Issues and Pull Requests + +You can contribute by participating in discussions you find in issues and +pull requests or by starting your own discussions. + +### Submit Bug Reports or Contribute New Feature Proposals + +If you found a bug in the Ansible role or a typo in the documentation or +if you would like to discuss or suggest functional or quality aspects of the +role you are welcome to create issues to get in contact with us. + +### Contribute Fixes or Implement New Features + +If you would like to provide a fix for a bug or a typo in the documentation or +even add or change specific features of the role or specific parts of the +documentation, you are welcome to fork this repository, create a separate +branch, create a pull request and add your contributions. +Please also label the pull request, refer to related issues and assign +reviewers that take care of reviewing your suggested changes. +We would like you to check that the CI pipeline passes before asking reviewers +to review your suggestions. + +### Do Testing + +While automated tests are by far our preferred testing method we also +acknowledge contributors doing exploratory testing. +Sometimes the existing automated tests are not sufficient to account for +specific corner cases and to reveal hidden bugs. +Testing the role manually is always a good approach to make sure that the role +passes a particular additional test case. +Even more valuable are automated tests because they are repeatable. +That is why these test methods work best in combination. +Once a bug is revealed in an exploratory test, additional automated test-cases +need to be added that mark this behaviour as a defect. +As a consequence, a fix need to be developed that makes the CI pipeline and +the new regression tests pass again. +Please feel free to support the project by providing automated test cases. +In order to do so you need to fork the repository, create a separate branch, +create a pull request and add the test cases and fixes to that new branch. +Please also use labels for your pull request, name issues that you refer to +and assign reviewers who would be able to review your suggested test cases and +fixes. +Please make sure that the CI pipeline passes before you name reviewers for your +pull request. + +### GitHub Actions CI Pipeline and Code Reviews + +Finally, as soon as your changes are ready and you would like to ask someone +to review your contributions you need to check that all GitHub Actions CI +pipeline jobs pass in your pull request before assigning reviewers to your +pull request. + +## Contributions Workflow via Pull Requests + +In summary, if you would like to contribute with pull requests for +enhancements, bug-fixes or test cases, we kindly ask you to follow this +workflow: + +![Workflow Blockdiagram with Kroki](https://kroki.hzdr.de/blockdiag/svg/eNqNU8tO5DAQvPMVrTmRwwrYF7tCcNkT30A4dJyejDXGDm0bNkL8-7YfM3I0WsEpUXd1uV1VHoxT-1HjBG9nAHokhAeDAxm4hc1VB4uLDJZec2vzeJNA9oV80BMGarBfO1A7UnvQW9DeR4KL3s7RGGB6jjLQWzRMOC5Af7UPvpBtHe8blm9dqTDNzuvgeCmwgdGqXQP8LscJm6yAtVmA9bAG-eOAXK9T4DiODfRnlwvpzr1VzgbWQwza2QIOa-LrDoy2AdCOudXbLFY711uRF41Z4NzNqYCmK1xKN0y_OnjCPYGPLFuGHQb4cw8zek_-cK0XTa_EzdDvsuyhc-4rs4_TlPxx1rdWXnZinHI8O85alLkWXcafiKfW1ysJQa6dylcDk6YmdnHOEQI4js7iIjKtFNncZIxjTTZgqgjSiIRe4Uyl2Qbsy10JhHxrBuSv7pDQ7_87_MSLz5ycBBX-8BG5uJNcLxr6zzCL33nxaqP8N8ofzso6H3VNoNVb2zoz0riKuUByhJtWqPWUsKbcxkK61eYj4Pj4lTOO0x2NnnZhMJHa8K-7E9OySs1Jm_LTeT_7B8Nka6c=) + +For those of you who want to know how forked-based contributions work on +_GitHub_, we would like to point to the _GitHub Docs_ about +[contributing to projects](https://docs.github.com/en/get-started/quickstart/contributing-to-projects). + +## Set Up a Local Development Environment (Optional) + +In order to add contributions via pull requests you most probably need to +create a local development environment to make sure that your changes +work as expected. +After cloning the project locally the _Python_ dependencies need to be +installed: + +```shell +$ pipenv install --dev +``` + +As mentioned in the suggested contribution workflow above, linting and testing +your contributions locally is optional, but we encourage you to do so. +The following sections show how to lint and test your contributions locally. + +### Linting the Project + +This role is linted via +[Ansible Lint](https://ansible-lint.readthedocs.io/en/latest/) +and +[yamllint](https://yamllint.readthedocs.io/en/stable/) +which guarantees that the role adheres to a set of +[Ansible Lint rules](https://ansible-lint.readthedocs.io/en/latest/default_rules/) +and +[yamllint rules](https://yamllint.readthedocs.io/en/stable/rules.html): + +```shell +$ pipenv run molecule lint +``` + +### REUSE Specification Compliance + +Each file in this project needs to have a proper license and copyright header. +Please check that each file you add to the project contains license and +copyright information and that it thereby meets the +[REUSE Specification](https://reuse.software/spec/): + +```shell +$ pipenv run reuse lint +``` + +### Testing the Ansible Role + +This role is tested via +[Ansible Molecule](https://molecule.readthedocs.io/en/latest/). +During development of your changes we would like you to use _Molecule_ and +the existing automated test cases to verify that your changes do not break +existing test cases: + +```shell +$ pipenv run molecule test +```` + +## How are Contributors Given Credit for Their Valuable Work? + +Please add yourself to the list of contributors in file +[README.md](README.md#contributors) +via a pull request if you made significant contributions to this role. +Significant contributions are done by suggesting pull requests that fix +bugs or add features or test cases to the project. +Since all other contributions are welcome and may be significant as well +you can request to be added as a contributor which is then decided on a +case-by-case basis. + +## Ground Rules and Contributions We are Not Looking For + +While we welcome and appreciate all contributions we want people to be kind, +respectful and mindful and won't support people who aren't. +Please help and support each other. +In order to get an idea what this actually means and involves we would like to +ask you to read the Codes of Conduct of +[The Carpentries](https://docs.carpentries.org/topic_folders/policies/code-of-conduct.html#code-of-conduct-detailed-view), +the +[Ansible Community](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html#community-code-of-conduct), +and the +[GitLab Community](https://about.gitlab.com/community/contribute/code-of-conduct/). diff --git a/roles/jnv.unattended_upgrades/LICENSE b/roles/hifis-net.unattended_upgrades/LICENSE similarity index 100% rename from roles/jnv.unattended_upgrades/LICENSE rename to roles/hifis-net.unattended_upgrades/LICENSE diff --git a/roles/hifis-net.unattended_upgrades/Pipfile b/roles/hifis-net.unattended_upgrades/Pipfile new file mode 100644 index 00000000..c7370178 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/Pipfile @@ -0,0 +1,16 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] +yamllint = "~=1.28.0" +ansible-lint = "~=6.10.2" +molecule = {extras = ["podman"], version = "~=4.0.4"} +molecule-podman = "~=2.0.3" + +[packages] +ansible = "~=7.1.0" + +[requires] +python_version = "3.10" diff --git a/roles/hifis-net.unattended_upgrades/Pipfile.lock b/roles/hifis-net.unattended_upgrades/Pipfile.lock new file mode 100644 index 00000000..c21890b9 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/Pipfile.lock @@ -0,0 +1,894 @@ +{ + "_meta": { + "hash": { + "sha256": "475c26d38b8fceb1a54ab74fb47ca2c616b45afff15c599df9fcb6c2216c0b44" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.10" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "ansible": { + "hashes": [ + "sha256:1e47238c4aa9e68c0c5367a3fd707ba6c3949b4aaf912b06440ad78dd2bf018d", + "sha256:dd6d24dab08793e416eb1564ea716c586caeb104d4abbcada05bed94f9cd01cc" + ], + "index": "pypi", + "version": "==7.1.0" + }, + "ansible-core": { + "hashes": [ + "sha256:06e136c8eda4d8695251995d3c3efa612ebb3ac66948bf42492d4c7b46a75ff2", + "sha256:589257f2560fffd5d4465352cd4504e2cbfc418ba49e0c4265cd54e16070c938" + ], + "markers": "python_version >= '3.9'", + "version": "==2.14.1" + }, + "cffi": { + "hashes": [ + "sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5", + "sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef", + "sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104", + "sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426", + "sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405", + "sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375", + "sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a", + "sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e", + "sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc", + "sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf", + "sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185", + "sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497", + "sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3", + "sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35", + "sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c", + "sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83", + "sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21", + "sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca", + "sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984", + "sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac", + "sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd", + "sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee", + "sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a", + "sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2", + "sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192", + "sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7", + "sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585", + "sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f", + "sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e", + "sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27", + "sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b", + "sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e", + "sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e", + "sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d", + "sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c", + "sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415", + "sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82", + "sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02", + "sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314", + "sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325", + "sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c", + "sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3", + "sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914", + "sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045", + "sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d", + "sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9", + "sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5", + "sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2", + "sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c", + "sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3", + "sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2", + "sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8", + "sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d", + "sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d", + "sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9", + "sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162", + "sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76", + "sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4", + "sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e", + "sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9", + "sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6", + "sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b", + "sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01", + "sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0" + ], + "version": "==1.15.1" + }, + "cryptography": { + "hashes": [ + "sha256:1a6915075c6d3a5e1215eab5d99bcec0da26036ff2102a1038401d6ef5bef25b", + "sha256:1ee1fd0de9851ff32dbbb9362a4d833b579b4a6cc96883e8e6d2ff2a6bc7104f", + "sha256:407cec680e811b4fc829de966f88a7c62a596faa250fc1a4b520a0355b9bc190", + "sha256:50386acb40fbabbceeb2986332f0287f50f29ccf1497bae31cf5c3e7b4f4b34f", + "sha256:6f97109336df5c178ee7c9c711b264c502b905c2d2a29ace99ed761533a3460f", + "sha256:754978da4d0457e7ca176f58c57b1f9de6556591c19b25b8bcce3c77d314f5eb", + "sha256:76c24dd4fd196a80f9f2f5405a778a8ca132f16b10af113474005635fe7e066c", + "sha256:7dacfdeee048814563eaaec7c4743c8aea529fe3dd53127313a792f0dadc1773", + "sha256:80ee674c08aaef194bc4627b7f2956e5ba7ef29c3cc3ca488cf15854838a8f72", + "sha256:844ad4d7c3850081dffba91cdd91950038ee4ac525c575509a42d3fc806b83c8", + "sha256:875aea1039d78557c7c6b4db2fe0e9d2413439f4676310a5f269dd342ca7a717", + "sha256:887cbc1ea60786e534b00ba8b04d1095f4272d380ebd5f7a7eb4cc274710fad9", + "sha256:ad04f413436b0781f20c52a661660f1e23bcd89a0e9bb1d6d20822d048cf2856", + "sha256:bae6c7f4a36a25291b619ad064a30a07110a805d08dc89984f4f441f6c1f3f96", + "sha256:c52a1a6f81e738d07f43dab57831c29e57d21c81a942f4602fac7ee21b27f288", + "sha256:e0a05aee6a82d944f9b4edd6a001178787d1546ec7c6223ee9a848a7ade92e39", + "sha256:e324de6972b151f99dc078defe8fb1b0a82c6498e37bff335f5bc6b1e3ab5a1e", + "sha256:e5d71c5d5bd5b5c3eebcf7c5c2bb332d62ec68921a8c593bea8c394911a005ce", + "sha256:f3ed2d864a2fa1666e749fe52fb8e23d8e06b8012e8bd8147c73797c506e86f1", + "sha256:f671c1bb0d6088e94d61d80c606d65baacc0d374e67bf895148883461cd848de", + "sha256:f6c0db08d81ead9576c4d94bbb27aed8d7a430fa27890f39084c2d0e2ec6b0df", + "sha256:f964c7dcf7802d133e8dbd1565914fa0194f9d683d82411989889ecd701e8adf", + "sha256:fec8b932f51ae245121c4671b4bbc030880f363354b2f0e0bd1366017d891458" + ], + "markers": "python_version >= '3.6'", + "version": "==39.0.0" + }, + "jinja2": { + "hashes": [ + "sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852", + "sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61" + ], + "markers": "python_version >= '3.7'", + "version": "==3.1.2" + }, + "markupsafe": { + "hashes": [ + "sha256:0212a68688482dc52b2d45013df70d169f542b7394fc744c02a57374a4207003", + "sha256:089cf3dbf0cd6c100f02945abeb18484bd1ee57a079aefd52cffd17fba910b88", + "sha256:10c1bfff05d95783da83491be968e8fe789263689c02724e0c691933c52994f5", + "sha256:33b74d289bd2f5e527beadcaa3f401e0df0a89927c1559c8566c066fa4248ab7", + "sha256:3799351e2336dc91ea70b034983ee71cf2f9533cdff7c14c90ea126bfd95d65a", + "sha256:3ce11ee3f23f79dbd06fb3d63e2f6af7b12db1d46932fe7bd8afa259a5996603", + "sha256:421be9fbf0ffe9ffd7a378aafebbf6f4602d564d34be190fc19a193232fd12b1", + "sha256:43093fb83d8343aac0b1baa75516da6092f58f41200907ef92448ecab8825135", + "sha256:46d00d6cfecdde84d40e572d63735ef81423ad31184100411e6e3388d405e247", + "sha256:4a33dea2b688b3190ee12bd7cfa29d39c9ed176bda40bfa11099a3ce5d3a7ac6", + "sha256:4b9fe39a2ccc108a4accc2676e77da025ce383c108593d65cc909add5c3bd601", + "sha256:56442863ed2b06d19c37f94d999035e15ee982988920e12a5b4ba29b62ad1f77", + "sha256:671cd1187ed5e62818414afe79ed29da836dde67166a9fac6d435873c44fdd02", + "sha256:694deca8d702d5db21ec83983ce0bb4b26a578e71fbdbd4fdcd387daa90e4d5e", + "sha256:6a074d34ee7a5ce3effbc526b7083ec9731bb3cbf921bbe1d3005d4d2bdb3a63", + "sha256:6d0072fea50feec76a4c418096652f2c3238eaa014b2f94aeb1d56a66b41403f", + "sha256:6fbf47b5d3728c6aea2abb0589b5d30459e369baa772e0f37a0320185e87c980", + "sha256:7f91197cc9e48f989d12e4e6fbc46495c446636dfc81b9ccf50bb0ec74b91d4b", + "sha256:86b1f75c4e7c2ac2ccdaec2b9022845dbb81880ca318bb7a0a01fbf7813e3812", + "sha256:8dc1c72a69aa7e082593c4a203dcf94ddb74bb5c8a731e4e1eb68d031e8498ff", + "sha256:8e3dcf21f367459434c18e71b2a9532d96547aef8a871872a5bd69a715c15f96", + "sha256:8e576a51ad59e4bfaac456023a78f6b5e6e7651dcd383bcc3e18d06f9b55d6d1", + "sha256:96e37a3dc86e80bf81758c152fe66dbf60ed5eca3d26305edf01892257049925", + "sha256:97a68e6ada378df82bc9f16b800ab77cbf4b2fada0081794318520138c088e4a", + "sha256:99a2a507ed3ac881b975a2976d59f38c19386d128e7a9a18b7df6fff1fd4c1d6", + "sha256:a49907dd8420c5685cfa064a1335b6754b74541bbb3706c259c02ed65b644b3e", + "sha256:b09bf97215625a311f669476f44b8b318b075847b49316d3e28c08e41a7a573f", + "sha256:b7bd98b796e2b6553da7225aeb61f447f80a1ca64f41d83612e6139ca5213aa4", + "sha256:b87db4360013327109564f0e591bd2a3b318547bcef31b468a92ee504d07ae4f", + "sha256:bcb3ed405ed3222f9904899563d6fc492ff75cce56cba05e32eff40e6acbeaa3", + "sha256:d4306c36ca495956b6d568d276ac11fdd9c30a36f1b6eb928070dc5360b22e1c", + "sha256:d5ee4f386140395a2c818d149221149c54849dfcfcb9f1debfe07a8b8bd63f9a", + "sha256:dda30ba7e87fbbb7eab1ec9f58678558fd9a6b8b853530e176eabd064da81417", + "sha256:e04e26803c9c3851c931eac40c695602c6295b8d432cbe78609649ad9bd2da8a", + "sha256:e1c0b87e09fa55a220f058d1d49d3fb8df88fbfab58558f1198e08c1e1de842a", + "sha256:e72591e9ecd94d7feb70c1cbd7be7b3ebea3f548870aa91e2732960fa4d57a37", + "sha256:e8c843bbcda3a2f1e3c2ab25913c80a3c5376cd00c6e8c4a86a89a28c8dc5452", + "sha256:efc1913fd2ca4f334418481c7e595c00aad186563bbc1ec76067848c7ca0a933", + "sha256:f121a1420d4e173a5d96e47e9a0c0dcff965afdf1626d28de1460815f7c4ee7a", + "sha256:fc7b548b17d238737688817ab67deebb30e8073c95749d55538ed473130ec0c7" + ], + "markers": "python_version >= '3.7'", + "version": "==2.1.1" + }, + "packaging": { + "hashes": [ + "sha256:2198ec20bd4c017b8f9717e00f0c8714076fc2fd93816750ab48e2c41de2cfd3", + "sha256:957e2148ba0e1a3b282772e791ef1d8083648bc131c8ab0c1feba110ce1146c3" + ], + "markers": "python_version >= '3.7'", + "version": "==22.0" + }, + "pycparser": { + "hashes": [ + "sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9", + "sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206" + ], + "version": "==2.21" + }, + "pyyaml": { + "hashes": [ + "sha256:01b45c0191e6d66c470b6cf1b9531a771a83c1c4208272ead47a3ae4f2f603bf", + "sha256:0283c35a6a9fbf047493e3a0ce8d79ef5030852c51e9d911a27badfde0605293", + "sha256:055d937d65826939cb044fc8c9b08889e8c743fdc6a32b33e2390f66013e449b", + "sha256:07751360502caac1c067a8132d150cf3d61339af5691fe9e87803040dbc5db57", + "sha256:0b4624f379dab24d3725ffde76559cff63d9ec94e1736b556dacdfebe5ab6d4b", + "sha256:0ce82d761c532fe4ec3f87fc45688bdd3a4c1dc5e0b4a19814b9009a29baefd4", + "sha256:1e4747bc279b4f613a09eb64bba2ba602d8a6664c6ce6396a4d0cd413a50ce07", + "sha256:213c60cd50106436cc818accf5baa1aba61c0189ff610f64f4a3e8c6726218ba", + "sha256:231710d57adfd809ef5d34183b8ed1eeae3f76459c18fb4a0b373ad56bedcdd9", + "sha256:277a0ef2981ca40581a47093e9e2d13b3f1fbbeffae064c1d21bfceba2030287", + "sha256:2cd5df3de48857ed0544b34e2d40e9fac445930039f3cfe4bcc592a1f836d513", + "sha256:40527857252b61eacd1d9af500c3337ba8deb8fc298940291486c465c8b46ec0", + "sha256:432557aa2c09802be39460360ddffd48156e30721f5e8d917f01d31694216782", + "sha256:473f9edb243cb1935ab5a084eb238d842fb8f404ed2193a915d1784b5a6b5fc0", + "sha256:48c346915c114f5fdb3ead70312bd042a953a8ce5c7106d5bfb1a5254e47da92", + "sha256:50602afada6d6cbfad699b0c7bb50d5ccffa7e46a3d738092afddc1f9758427f", + "sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2", + "sha256:77f396e6ef4c73fdc33a9157446466f1cff553d979bd00ecb64385760c6babdc", + "sha256:81957921f441d50af23654aa6c5e5eaf9b06aba7f0a19c18a538dc7ef291c5a1", + "sha256:819b3830a1543db06c4d4b865e70ded25be52a2e0631ccd2f6a47a2822f2fd7c", + "sha256:897b80890765f037df3403d22bab41627ca8811ae55e9a722fd0392850ec4d86", + "sha256:98c4d36e99714e55cfbaaee6dd5badbc9a1ec339ebfc3b1f52e293aee6bb71a4", + "sha256:9df7ed3b3d2e0ecfe09e14741b857df43adb5a3ddadc919a2d94fbdf78fea53c", + "sha256:9fa600030013c4de8165339db93d182b9431076eb98eb40ee068700c9c813e34", + "sha256:a80a78046a72361de73f8f395f1f1e49f956c6be882eed58505a15f3e430962b", + "sha256:afa17f5bc4d1b10afd4466fd3a44dc0e245382deca5b3c353d8b757f9e3ecb8d", + "sha256:b3d267842bf12586ba6c734f89d1f5b871df0273157918b0ccefa29deb05c21c", + "sha256:b5b9eccad747aabaaffbc6064800670f0c297e52c12754eb1d976c57e4f74dcb", + "sha256:bfaef573a63ba8923503d27530362590ff4f576c626d86a9fed95822a8255fd7", + "sha256:c5687b8d43cf58545ade1fe3e055f70eac7a5a1a0bf42824308d868289a95737", + "sha256:cba8c411ef271aa037d7357a2bc8f9ee8b58b9965831d9e51baf703280dc73d3", + "sha256:d15a181d1ecd0d4270dc32edb46f7cb7733c7c508857278d3d378d14d606db2d", + "sha256:d4b0ba9512519522b118090257be113b9468d804b19d63c71dbcf4a48fa32358", + "sha256:d4db7c7aef085872ef65a8fd7d6d09a14ae91f691dec3e87ee5ee0539d516f53", + "sha256:d4eccecf9adf6fbcc6861a38015c2a64f38b9d94838ac1810a9023a0609e1b78", + "sha256:d67d839ede4ed1b28a4e8909735fc992a923cdb84e618544973d7dfc71540803", + "sha256:daf496c58a8c52083df09b80c860005194014c3698698d1a57cbcfa182142a3a", + "sha256:dbad0e9d368bb989f4515da330b88a057617d16b6a8245084f1b05400f24609f", + "sha256:e61ceaab6f49fb8bdfaa0f92c4b57bcfbea54c09277b1b4f7ac376bfb7a7c174", + "sha256:f84fbc98b019fef2ee9a1cb3ce93e3187a6df0b2538a651bfb890254ba9f90b5" + ], + "markers": "python_version >= '3.6'", + "version": "==6.0" + }, + "resolvelib": { + "hashes": [ + "sha256:c6ea56732e9fb6fca1b2acc2ccc68a0b6b8c566d8f3e78e0443310ede61dbd37", + "sha256:d9b7907f055c3b3a2cfc56c914ffd940122915826ff5fb5b1de0c99778f4de98" + ], + "version": "==0.8.1" + } + }, + "develop": { + "ansible-compat": { + "hashes": [ + "sha256:08deddcd0a1dc6baabe674b07c6ff882118492c123d281f56f01905271a7ffc4", + "sha256:77fd80841279d8b0664df61faab65c32275d1a2b0079f60bf30c3d44251f6301" + ], + "markers": "python_version >= '3.8'", + "version": "==2.2.7" + }, + "ansible-core": { + "hashes": [ + "sha256:06e136c8eda4d8695251995d3c3efa612ebb3ac66948bf42492d4c7b46a75ff2", + "sha256:589257f2560fffd5d4465352cd4504e2cbfc418ba49e0c4265cd54e16070c938" + ], + "markers": "python_version >= '3.9'", + "version": "==2.14.1" + }, + "ansible-lint": { + "hashes": [ + "sha256:9cba1b5fabb2f418d861f90f192c11bd84c5755cf092d9a136eb261ed1bbe94c", + "sha256:e228449ac2f10d1c16df35c4769282b529ac1fe2b50767333fad1c85a62df671" + ], + "index": "pypi", + "version": "==6.10.2" + }, + "arrow": { + "hashes": [ + "sha256:3934b30ca1b9f292376d9db15b19446088d12ec58629bc3f0da28fd55fb633a1", + "sha256:5a49ab92e3b7b71d96cd6bfcc4df14efefc9dfa96ea19045815914a6ab6b1fe2" + ], + "markers": "python_full_version >= '3.6.0'", + "version": "==1.2.3" + }, + "attrs": { + "hashes": [ + "sha256:29e95c7f6778868dbd49170f98f8818f78f3dc5e0e37c0b1f474e3561b240836", + "sha256:c9227bfc2f01993c03f68db37d1d15c9690188323c067c641f1a35ca58185f99" + ], + "markers": "python_full_version >= '3.6.0'", + "version": "==22.2.0" + }, + "binaryornot": { + "hashes": [ + "sha256:359501dfc9d40632edc9fac890e19542db1a287bbcfa58175b66658392018061", + "sha256:b8b71173c917bddcd2c16070412e369c3ed7f0528926f70cac18a6c97fd563e4" + ], + "version": "==0.4.4" + }, + "black": { + "hashes": [ + "sha256:101c69b23df9b44247bd88e1d7e90154336ac4992502d4197bdac35dd7ee3320", + "sha256:159a46a4947f73387b4d83e87ea006dbb2337eab6c879620a3ba52699b1f4351", + "sha256:1f58cbe16dfe8c12b7434e50ff889fa479072096d79f0a7f25e4ab8e94cd8350", + "sha256:229351e5a18ca30f447bf724d007f890f97e13af070bb6ad4c0a441cd7596a2f", + "sha256:436cc9167dd28040ad90d3b404aec22cedf24a6e4d7de221bec2730ec0c97bcf", + "sha256:559c7a1ba9a006226f09e4916060982fd27334ae1998e7a38b3f33a37f7a2148", + "sha256:7412e75863aa5c5411886804678b7d083c7c28421210180d67dfd8cf1221e1f4", + "sha256:77d86c9f3db9b1bf6761244bc0b3572a546f5fe37917a044e02f3166d5aafa7d", + "sha256:82d9fe8fee3401e02e79767016b4907820a7dc28d70d137eb397b92ef3cc5bfc", + "sha256:9eedd20838bd5d75b80c9f5487dbcb06836a43833a37846cf1d8c1cc01cef59d", + "sha256:c116eed0efb9ff870ded8b62fe9f28dd61ef6e9ddd28d83d7d264a38417dcee2", + "sha256:d30b212bffeb1e252b31dd269dfae69dd17e06d92b87ad26e23890f3efea366f" + ], + "markers": "python_version >= '3.7'", + "version": "==22.12.0" + }, + "bracex": { + "hashes": [ + "sha256:351b7f20d56fb9ea91f9b9e9e7664db466eb234188c175fd943f8f755c807e73", + "sha256:e7b23fc8b2cd06d3dec0692baabecb249dda94e06a617901ff03a6c56fd71693" + ], + "markers": "python_version >= '3.7'", + "version": "==2.3.post1" + }, + "certifi": { + "hashes": [ + "sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3", + "sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18" + ], + "markers": "python_full_version >= '3.6.0'", + "version": "==2022.12.7" + }, + "cffi": { + "hashes": [ + "sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5", + "sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef", + "sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104", + "sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426", + "sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405", + "sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375", + "sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a", + "sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e", + "sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc", + "sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf", + "sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185", + "sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497", + "sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3", + "sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35", + "sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c", + "sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83", + "sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21", + "sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca", + "sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984", + "sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac", + "sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd", + "sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee", + "sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a", + "sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2", + "sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192", + "sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7", + "sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585", + "sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f", + "sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e", + "sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27", + "sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b", + "sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e", + "sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e", + "sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d", + "sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c", + "sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415", + "sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82", + "sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02", + "sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314", + "sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325", + "sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c", + "sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3", + "sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914", + "sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045", + "sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d", + "sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9", + "sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5", + "sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2", + "sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c", + "sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3", + "sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2", + "sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8", + "sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d", + "sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d", + "sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9", + "sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162", + "sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76", + "sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4", + "sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e", + "sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9", + "sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6", + "sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b", + "sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01", + "sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0" + ], + "version": "==1.15.1" + }, + "chardet": { + "hashes": [ + "sha256:0d62712b956bc154f85fb0a266e2a3c5913c2967e00348701b32411d6def31e5", + "sha256:362777fb014af596ad31334fde1e8c327dfdb076e1960d1694662d46a6917ab9" + ], + "markers": "python_version >= '3.7'", + "version": "==5.1.0" + }, + "charset-normalizer": { + "hashes": [ + "sha256:5a3d016c7c547f69d6f81fb0db9449ce888b418b5b9952cc5e6e66843e9dd845", + "sha256:83e9a75d1911279afd89352c68b45348559d1fc0506b054b346651b5e7fee29f" + ], + "markers": "python_full_version >= '3.6.0'", + "version": "==2.1.1" + }, + "click": { + "hashes": [ + "sha256:7682dc8afb30297001674575ea00d1814d808d6a36af415a82bd481d37ba7b8e", + "sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48" + ], + "markers": "python_version >= '3.7'", + "version": "==8.1.3" + }, + "click-help-colors": { + "hashes": [ + "sha256:25a6bd22d8abbc72c18a416a1cf21ab65b6120bee48e9637829666cbad22d51d", + "sha256:78cbcf30cfa81c5fc2a52f49220121e1a8190cd19197d9245997605d3405824d" + ], + "version": "==0.9.1" + }, + "commonmark": { + "hashes": [ + "sha256:452f9dc859be7f06631ddcb328b6919c67984aca654e5fefb3914d54691aed60", + "sha256:da2f38c92590f83de410ba1a3cbceafbc74fee9def35f9251ba9a971d6d66fd9" + ], + "version": "==0.9.1" + }, + "cookiecutter": { + "hashes": [ + "sha256:9f3ab027cec4f70916e28f03470bdb41e637a3ad354b4d65c765d93aad160022", + "sha256:f3982be8d9c53dac1261864013fdec7f83afd2e42ede6f6dd069c5e149c540d5" + ], + "markers": "python_version >= '3.7'", + "version": "==2.1.1" + }, + "cryptography": { + "hashes": [ + "sha256:1a6915075c6d3a5e1215eab5d99bcec0da26036ff2102a1038401d6ef5bef25b", + "sha256:1ee1fd0de9851ff32dbbb9362a4d833b579b4a6cc96883e8e6d2ff2a6bc7104f", + "sha256:407cec680e811b4fc829de966f88a7c62a596faa250fc1a4b520a0355b9bc190", + "sha256:50386acb40fbabbceeb2986332f0287f50f29ccf1497bae31cf5c3e7b4f4b34f", + "sha256:6f97109336df5c178ee7c9c711b264c502b905c2d2a29ace99ed761533a3460f", + "sha256:754978da4d0457e7ca176f58c57b1f9de6556591c19b25b8bcce3c77d314f5eb", + "sha256:76c24dd4fd196a80f9f2f5405a778a8ca132f16b10af113474005635fe7e066c", + "sha256:7dacfdeee048814563eaaec7c4743c8aea529fe3dd53127313a792f0dadc1773", + "sha256:80ee674c08aaef194bc4627b7f2956e5ba7ef29c3cc3ca488cf15854838a8f72", + "sha256:844ad4d7c3850081dffba91cdd91950038ee4ac525c575509a42d3fc806b83c8", + "sha256:875aea1039d78557c7c6b4db2fe0e9d2413439f4676310a5f269dd342ca7a717", + "sha256:887cbc1ea60786e534b00ba8b04d1095f4272d380ebd5f7a7eb4cc274710fad9", + "sha256:ad04f413436b0781f20c52a661660f1e23bcd89a0e9bb1d6d20822d048cf2856", + "sha256:bae6c7f4a36a25291b619ad064a30a07110a805d08dc89984f4f441f6c1f3f96", + "sha256:c52a1a6f81e738d07f43dab57831c29e57d21c81a942f4602fac7ee21b27f288", + "sha256:e0a05aee6a82d944f9b4edd6a001178787d1546ec7c6223ee9a848a7ade92e39", + "sha256:e324de6972b151f99dc078defe8fb1b0a82c6498e37bff335f5bc6b1e3ab5a1e", + "sha256:e5d71c5d5bd5b5c3eebcf7c5c2bb332d62ec68921a8c593bea8c394911a005ce", + "sha256:f3ed2d864a2fa1666e749fe52fb8e23d8e06b8012e8bd8147c73797c506e86f1", + "sha256:f671c1bb0d6088e94d61d80c606d65baacc0d374e67bf895148883461cd848de", + "sha256:f6c0db08d81ead9576c4d94bbb27aed8d7a430fa27890f39084c2d0e2ec6b0df", + "sha256:f964c7dcf7802d133e8dbd1565914fa0194f9d683d82411989889ecd701e8adf", + "sha256:fec8b932f51ae245121c4671b4bbc030880f363354b2f0e0bd1366017d891458" + ], + "markers": "python_version >= '3.6'", + "version": "==39.0.0" + }, + "distro": { + "hashes": [ + "sha256:02e111d1dc6a50abb8eed6bf31c3e48ed8b0830d1ea2a1b78c61765c2513fdd8", + "sha256:99522ca3e365cac527b44bde033f64c6945d90eb9f769703caaec52b09bbd3ff" + ], + "markers": "python_full_version >= '3.6.0'", + "version": "==1.8.0" + }, + "enrich": { + "hashes": [ + "sha256:0a2ab0d2931dff8947012602d1234d2a3ee002d9a355b5d70be6bf5466008893", + "sha256:f29b2c8c124b4dbd7c975ab5c3568f6c7a47938ea3b7d2106c8a3bd346545e4f" + ], + "markers": "python_full_version >= '3.6.0'", + "version": "==1.2.7" + }, + "filelock": { + "hashes": [ + "sha256:7b319f24340b51f55a2bf7a12ac0755a9b03e718311dac567a0f4f7fabd2f5de", + "sha256:f58d535af89bb9ad5cd4df046f741f8553a418c01a7856bf0d173bbc9f6bd16d" + ], + "markers": "python_version >= '3.7'", + "version": "==3.9.0" + }, + "idna": { + "hashes": [ + "sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4", + "sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2" + ], + "markers": "python_version >= '3.5'", + "version": "==3.4" + }, + "jinja2": { + "hashes": [ + "sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852", + "sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61" + ], + "markers": "python_version >= '3.7'", + "version": "==3.1.2" + }, + "jinja2-time": { + "hashes": [ + "sha256:d14eaa4d315e7688daa4969f616f226614350c48730bfa1692d2caebd8c90d40", + "sha256:d3eab6605e3ec8b7a0863df09cc1d23714908fa61aa6986a845c20ba488b4efa" + ], + "version": "==0.2.0" + }, + "jsonschema": { + "hashes": [ + "sha256:0f864437ab8b6076ba6707453ef8f98a6a0d512a80e93f8abdb676f737ecb60d", + "sha256:a870ad254da1a8ca84b6a2905cac29d265f805acc57af304784962a2aa6508f6" + ], + "markers": "python_version >= '3.7'", + "version": "==4.17.3" + }, + "markupsafe": { + "hashes": [ + "sha256:0212a68688482dc52b2d45013df70d169f542b7394fc744c02a57374a4207003", + "sha256:089cf3dbf0cd6c100f02945abeb18484bd1ee57a079aefd52cffd17fba910b88", + "sha256:10c1bfff05d95783da83491be968e8fe789263689c02724e0c691933c52994f5", + "sha256:33b74d289bd2f5e527beadcaa3f401e0df0a89927c1559c8566c066fa4248ab7", + "sha256:3799351e2336dc91ea70b034983ee71cf2f9533cdff7c14c90ea126bfd95d65a", + "sha256:3ce11ee3f23f79dbd06fb3d63e2f6af7b12db1d46932fe7bd8afa259a5996603", + "sha256:421be9fbf0ffe9ffd7a378aafebbf6f4602d564d34be190fc19a193232fd12b1", + "sha256:43093fb83d8343aac0b1baa75516da6092f58f41200907ef92448ecab8825135", + "sha256:46d00d6cfecdde84d40e572d63735ef81423ad31184100411e6e3388d405e247", + "sha256:4a33dea2b688b3190ee12bd7cfa29d39c9ed176bda40bfa11099a3ce5d3a7ac6", + "sha256:4b9fe39a2ccc108a4accc2676e77da025ce383c108593d65cc909add5c3bd601", + "sha256:56442863ed2b06d19c37f94d999035e15ee982988920e12a5b4ba29b62ad1f77", + "sha256:671cd1187ed5e62818414afe79ed29da836dde67166a9fac6d435873c44fdd02", + "sha256:694deca8d702d5db21ec83983ce0bb4b26a578e71fbdbd4fdcd387daa90e4d5e", + "sha256:6a074d34ee7a5ce3effbc526b7083ec9731bb3cbf921bbe1d3005d4d2bdb3a63", + "sha256:6d0072fea50feec76a4c418096652f2c3238eaa014b2f94aeb1d56a66b41403f", + "sha256:6fbf47b5d3728c6aea2abb0589b5d30459e369baa772e0f37a0320185e87c980", + "sha256:7f91197cc9e48f989d12e4e6fbc46495c446636dfc81b9ccf50bb0ec74b91d4b", + "sha256:86b1f75c4e7c2ac2ccdaec2b9022845dbb81880ca318bb7a0a01fbf7813e3812", + "sha256:8dc1c72a69aa7e082593c4a203dcf94ddb74bb5c8a731e4e1eb68d031e8498ff", + "sha256:8e3dcf21f367459434c18e71b2a9532d96547aef8a871872a5bd69a715c15f96", + "sha256:8e576a51ad59e4bfaac456023a78f6b5e6e7651dcd383bcc3e18d06f9b55d6d1", + "sha256:96e37a3dc86e80bf81758c152fe66dbf60ed5eca3d26305edf01892257049925", + "sha256:97a68e6ada378df82bc9f16b800ab77cbf4b2fada0081794318520138c088e4a", + "sha256:99a2a507ed3ac881b975a2976d59f38c19386d128e7a9a18b7df6fff1fd4c1d6", + "sha256:a49907dd8420c5685cfa064a1335b6754b74541bbb3706c259c02ed65b644b3e", + "sha256:b09bf97215625a311f669476f44b8b318b075847b49316d3e28c08e41a7a573f", + "sha256:b7bd98b796e2b6553da7225aeb61f447f80a1ca64f41d83612e6139ca5213aa4", + "sha256:b87db4360013327109564f0e591bd2a3b318547bcef31b468a92ee504d07ae4f", + "sha256:bcb3ed405ed3222f9904899563d6fc492ff75cce56cba05e32eff40e6acbeaa3", + "sha256:d4306c36ca495956b6d568d276ac11fdd9c30a36f1b6eb928070dc5360b22e1c", + "sha256:d5ee4f386140395a2c818d149221149c54849dfcfcb9f1debfe07a8b8bd63f9a", + "sha256:dda30ba7e87fbbb7eab1ec9f58678558fd9a6b8b853530e176eabd064da81417", + "sha256:e04e26803c9c3851c931eac40c695602c6295b8d432cbe78609649ad9bd2da8a", + "sha256:e1c0b87e09fa55a220f058d1d49d3fb8df88fbfab58558f1198e08c1e1de842a", + "sha256:e72591e9ecd94d7feb70c1cbd7be7b3ebea3f548870aa91e2732960fa4d57a37", + "sha256:e8c843bbcda3a2f1e3c2ab25913c80a3c5376cd00c6e8c4a86a89a28c8dc5452", + "sha256:efc1913fd2ca4f334418481c7e595c00aad186563bbc1ec76067848c7ca0a933", + "sha256:f121a1420d4e173a5d96e47e9a0c0dcff965afdf1626d28de1460815f7c4ee7a", + "sha256:fc7b548b17d238737688817ab67deebb30e8073c95749d55538ed473130ec0c7" + ], + "markers": "python_version >= '3.7'", + "version": "==2.1.1" + }, + "molecule": { + "extras": [ + "podman" + ], + "hashes": [ + "sha256:437a0829c3273f542e0db09516ae743607e6a2eda4d8cbdfb407edda3e0facb2", + "sha256:aab00c1ba62a42d77edd1a51528dfbb46abca70df7c7147fda0925ee4fe7deda" + ], + "index": "pypi", + "version": "==4.0.4" + }, + "molecule-podman": { + "hashes": [ + "sha256:85d928ab36ab0a2fae57e03eb549dd523c9be36b4b904d050748c27ca72ac07f", + "sha256:cea2eacac54f129824530d35469ddd7bff109a94ebcd8408828af8c0dabf5c7a" + ], + "index": "pypi", + "version": "==2.0.3" + }, + "mypy-extensions": { + "hashes": [ + "sha256:090fedd75945a69ae91ce1303b5824f428daf5a028d2f6ab8a299250a846f15d", + "sha256:2d82818f5bb3e369420cb3c4060a7970edba416647068eb4c5343488a6c604a8" + ], + "version": "==0.4.3" + }, + "packaging": { + "hashes": [ + "sha256:2198ec20bd4c017b8f9717e00f0c8714076fc2fd93816750ab48e2c41de2cfd3", + "sha256:957e2148ba0e1a3b282772e791ef1d8083648bc131c8ab0c1feba110ce1146c3" + ], + "markers": "python_version >= '3.7'", + "version": "==22.0" + }, + "pathspec": { + "hashes": [ + "sha256:3c95343af8b756205e2aba76e843ba9520a24dd84f68c22b9f93251507509dd6", + "sha256:56200de4077d9d0791465aa9095a01d421861e405b5096955051deefd697d6f6" + ], + "markers": "python_version >= '3.7'", + "version": "==0.10.3" + }, + "platformdirs": { + "hashes": [ + "sha256:83c8f6d04389165de7c9b6f0c682439697887bca0aa2f1c87ef1826be3584490", + "sha256:e1fea1fe471b9ff8332e229df3cb7de4f53eeea4998d3b6bfff542115e998bd2" + ], + "markers": "python_version >= '3.7'", + "version": "==2.6.2" + }, + "pluggy": { + "hashes": [ + "sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159", + "sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3" + ], + "markers": "python_full_version >= '3.6.0'", + "version": "==1.0.0" + }, + "pycparser": { + "hashes": [ + "sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9", + "sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206" + ], + "version": "==2.21" + }, + "pygments": { + "hashes": [ + "sha256:b3ed06a9e8ac9a9aae5a6f5dbe78a8a58655d17b43b93c078f094ddc476ae297", + "sha256:fa7bd7bd2771287c0de303af8bfdfc731f51bd2c6a47ab69d117138893b82717" + ], + "markers": "python_full_version >= '3.6.0'", + "version": "==2.14.0" + }, + "pyrsistent": { + "hashes": [ + "sha256:016ad1afadf318eb7911baa24b049909f7f3bb2c5b1ed7b6a8f21db21ea3faa8", + "sha256:1a2994773706bbb4995c31a97bc94f1418314923bd1048c6d964837040376440", + "sha256:20460ac0ea439a3e79caa1dbd560344b64ed75e85d8703943e0b66c2a6150e4a", + "sha256:3311cb4237a341aa52ab8448c27e3a9931e2ee09561ad150ba94e4cfd3fc888c", + "sha256:3a8cb235fa6d3fd7aae6a4f1429bbb1fec1577d978098da1252f0489937786f3", + "sha256:3ab2204234c0ecd8b9368dbd6a53e83c3d4f3cab10ecaf6d0e772f456c442393", + "sha256:42ac0b2f44607eb92ae88609eda931a4f0dfa03038c44c772e07f43e738bcac9", + "sha256:49c32f216c17148695ca0e02a5c521e28a4ee6c5089f97e34fe24163113722da", + "sha256:4b774f9288dda8d425adb6544e5903f1fb6c273ab3128a355c6b972b7df39dcf", + "sha256:4c18264cb84b5e68e7085a43723f9e4c1fd1d935ab240ce02c0324a8e01ccb64", + "sha256:5a474fb80f5e0d6c9394d8db0fc19e90fa540b82ee52dba7d246a7791712f74a", + "sha256:64220c429e42a7150f4bfd280f6f4bb2850f95956bde93c6fda1b70507af6ef3", + "sha256:878433581fc23e906d947a6814336eee031a00e6defba224234169ae3d3d6a98", + "sha256:99abb85579e2165bd8522f0c0138864da97847875ecbd45f3e7e2af569bfc6f2", + "sha256:a2471f3f8693101975b1ff85ffd19bb7ca7dd7c38f8a81701f67d6b4f97b87d8", + "sha256:aeda827381f5e5d65cced3024126529ddc4289d944f75e090572c77ceb19adbf", + "sha256:b735e538f74ec31378f5a1e3886a26d2ca6351106b4dfde376a26fc32a044edc", + "sha256:c147257a92374fde8498491f53ffa8f4822cd70c0d85037e09028e478cababb7", + "sha256:c4db1bd596fefd66b296a3d5d943c94f4fac5bcd13e99bffe2ba6a759d959a28", + "sha256:c74bed51f9b41c48366a286395c67f4e894374306b197e62810e0fdaf2364da2", + "sha256:c9bb60a40a0ab9aba40a59f68214eed5a29c6274c83b2cc206a359c4a89fa41b", + "sha256:cc5d149f31706762c1f8bda2e8c4f8fead6e80312e3692619a75301d3dbb819a", + "sha256:ccf0d6bd208f8111179f0c26fdf84ed7c3891982f2edaeae7422575f47e66b64", + "sha256:e42296a09e83028b3476f7073fcb69ffebac0e66dbbfd1bd847d61f74db30f19", + "sha256:e8f2b814a3dc6225964fa03d8582c6e0b6650d68a232df41e3cc1b66a5d2f8d1", + "sha256:f0774bf48631f3a20471dd7c5989657b639fd2d285b861237ea9e82c36a415a9", + "sha256:f0e7c4b2f77593871e918be000b96c8107da48444d57005b6a6bc61fb4331b2c" + ], + "markers": "python_version >= '3.7'", + "version": "==0.19.3" + }, + "python-dateutil": { + "hashes": [ + "sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86", + "sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.8.2" + }, + "python-slugify": { + "hashes": [ + "sha256:003aee64f9fd955d111549f96c4b58a3f40b9319383c70fad6277a4974bbf570", + "sha256:7a0f21a39fa6c1c4bf2e5984c9b9ae944483fd10b54804cb0e23a3ccd4954f0b" + ], + "markers": "python_version >= '3.7'", + "version": "==7.0.0" + }, + "pyyaml": { + "hashes": [ + "sha256:01b45c0191e6d66c470b6cf1b9531a771a83c1c4208272ead47a3ae4f2f603bf", + "sha256:0283c35a6a9fbf047493e3a0ce8d79ef5030852c51e9d911a27badfde0605293", + "sha256:055d937d65826939cb044fc8c9b08889e8c743fdc6a32b33e2390f66013e449b", + "sha256:07751360502caac1c067a8132d150cf3d61339af5691fe9e87803040dbc5db57", + "sha256:0b4624f379dab24d3725ffde76559cff63d9ec94e1736b556dacdfebe5ab6d4b", + "sha256:0ce82d761c532fe4ec3f87fc45688bdd3a4c1dc5e0b4a19814b9009a29baefd4", + "sha256:1e4747bc279b4f613a09eb64bba2ba602d8a6664c6ce6396a4d0cd413a50ce07", + "sha256:213c60cd50106436cc818accf5baa1aba61c0189ff610f64f4a3e8c6726218ba", + "sha256:231710d57adfd809ef5d34183b8ed1eeae3f76459c18fb4a0b373ad56bedcdd9", + "sha256:277a0ef2981ca40581a47093e9e2d13b3f1fbbeffae064c1d21bfceba2030287", + "sha256:2cd5df3de48857ed0544b34e2d40e9fac445930039f3cfe4bcc592a1f836d513", + "sha256:40527857252b61eacd1d9af500c3337ba8deb8fc298940291486c465c8b46ec0", + "sha256:432557aa2c09802be39460360ddffd48156e30721f5e8d917f01d31694216782", + "sha256:473f9edb243cb1935ab5a084eb238d842fb8f404ed2193a915d1784b5a6b5fc0", + "sha256:48c346915c114f5fdb3ead70312bd042a953a8ce5c7106d5bfb1a5254e47da92", + "sha256:50602afada6d6cbfad699b0c7bb50d5ccffa7e46a3d738092afddc1f9758427f", + "sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2", + "sha256:77f396e6ef4c73fdc33a9157446466f1cff553d979bd00ecb64385760c6babdc", + "sha256:81957921f441d50af23654aa6c5e5eaf9b06aba7f0a19c18a538dc7ef291c5a1", + "sha256:819b3830a1543db06c4d4b865e70ded25be52a2e0631ccd2f6a47a2822f2fd7c", + "sha256:897b80890765f037df3403d22bab41627ca8811ae55e9a722fd0392850ec4d86", + "sha256:98c4d36e99714e55cfbaaee6dd5badbc9a1ec339ebfc3b1f52e293aee6bb71a4", + "sha256:9df7ed3b3d2e0ecfe09e14741b857df43adb5a3ddadc919a2d94fbdf78fea53c", + "sha256:9fa600030013c4de8165339db93d182b9431076eb98eb40ee068700c9c813e34", + "sha256:a80a78046a72361de73f8f395f1f1e49f956c6be882eed58505a15f3e430962b", + "sha256:afa17f5bc4d1b10afd4466fd3a44dc0e245382deca5b3c353d8b757f9e3ecb8d", + "sha256:b3d267842bf12586ba6c734f89d1f5b871df0273157918b0ccefa29deb05c21c", + "sha256:b5b9eccad747aabaaffbc6064800670f0c297e52c12754eb1d976c57e4f74dcb", + "sha256:bfaef573a63ba8923503d27530362590ff4f576c626d86a9fed95822a8255fd7", + "sha256:c5687b8d43cf58545ade1fe3e055f70eac7a5a1a0bf42824308d868289a95737", + "sha256:cba8c411ef271aa037d7357a2bc8f9ee8b58b9965831d9e51baf703280dc73d3", + "sha256:d15a181d1ecd0d4270dc32edb46f7cb7733c7c508857278d3d378d14d606db2d", + "sha256:d4b0ba9512519522b118090257be113b9468d804b19d63c71dbcf4a48fa32358", + "sha256:d4db7c7aef085872ef65a8fd7d6d09a14ae91f691dec3e87ee5ee0539d516f53", + "sha256:d4eccecf9adf6fbcc6861a38015c2a64f38b9d94838ac1810a9023a0609e1b78", + "sha256:d67d839ede4ed1b28a4e8909735fc992a923cdb84e618544973d7dfc71540803", + "sha256:daf496c58a8c52083df09b80c860005194014c3698698d1a57cbcfa182142a3a", + "sha256:dbad0e9d368bb989f4515da330b88a057617d16b6a8245084f1b05400f24609f", + "sha256:e61ceaab6f49fb8bdfaa0f92c4b57bcfbea54c09277b1b4f7ac376bfb7a7c174", + "sha256:f84fbc98b019fef2ee9a1cb3ce93e3187a6df0b2538a651bfb890254ba9f90b5" + ], + "markers": "python_version >= '3.6'", + "version": "==6.0" + }, + "requests": { + "hashes": [ + "sha256:7c5599b102feddaa661c826c56ab4fee28bfd17f5abca1ebbe3e7f19d7c97983", + "sha256:8fefa2a1a1365bf5520aac41836fbee479da67864514bdb821f31ce07ce65349" + ], + "markers": "python_version >= '3.7' and python_version < '4'", + "version": "==2.28.1" + }, + "resolvelib": { + "hashes": [ + "sha256:c6ea56732e9fb6fca1b2acc2ccc68a0b6b8c566d8f3e78e0443310ede61dbd37", + "sha256:d9b7907f055c3b3a2cfc56c914ffd940122915826ff5fb5b1de0c99778f4de98" + ], + "version": "==0.8.1" + }, + "rich": { + "hashes": [ + "sha256:12b1d77ee7edf251b741531323f0d990f5f570a4e7c054d0bfb59fb7981ad977", + "sha256:3aa9eba7219b8c575c6494446a59f702552efe1aa261e7eeb95548fa586e1950" + ], + "markers": "python_version >= '3.7'", + "version": "==13.0.0" + }, + "ruamel.yaml": { + "hashes": [ + "sha256:742b35d3d665023981bd6d16b3d24248ce5df75fdb4e2924e93a05c1f8b61ca7", + "sha256:8b7ce697a2f212752a35c1ac414471dc16c424c9573be4926b56ff3f5d23b7af" + ], + "markers": "python_version >= '3'", + "version": "==0.17.21" + }, + "ruamel.yaml.clib": { + "hashes": [ + "sha256:045e0626baf1c52e5527bd5db361bc83180faaba2ff586e763d3d5982a876a9e", + "sha256:15910ef4f3e537eea7fe45f8a5d19997479940d9196f357152a09031c5be59f3", + "sha256:184faeaec61dbaa3cace407cffc5819f7b977e75360e8d5ca19461cd851a5fc5", + "sha256:1f08fd5a2bea9c4180db71678e850b995d2a5f4537be0e94557668cf0f5f9497", + "sha256:2aa261c29a5545adfef9296b7e33941f46aa5bbd21164228e833412af4c9c75f", + "sha256:3110a99e0f94a4a3470ff67fc20d3f96c25b13d24c6980ff841e82bafe827cac", + "sha256:3243f48ecd450eddadc2d11b5feb08aca941b5cd98c9b1db14b2fd128be8c697", + "sha256:370445fd795706fd291ab00c9df38a0caed0f17a6fb46b0f607668ecb16ce763", + "sha256:40d030e2329ce5286d6b231b8726959ebbe0404c92f0a578c0e2482182e38282", + "sha256:41d0f1fa4c6830176eef5b276af04c89320ea616655d01327d5ce65e50575c94", + "sha256:4a4d8d417868d68b979076a9be6a38c676eca060785abaa6709c7b31593c35d1", + "sha256:4b3a93bb9bc662fc1f99c5c3ea8e623d8b23ad22f861eb6fce9377ac07ad6072", + "sha256:5bc0667c1eb8f83a3752b71b9c4ba55ef7c7058ae57022dd9b29065186a113d9", + "sha256:721bc4ba4525f53f6a611ec0967bdcee61b31df5a56801281027a3a6d1c2daf5", + "sha256:763d65baa3b952479c4e972669f679fe490eee058d5aa85da483ebae2009d231", + "sha256:7bdb4c06b063f6fd55e472e201317a3bb6cdeeee5d5a38512ea5c01e1acbdd93", + "sha256:8831a2cedcd0f0927f788c5bdf6567d9dc9cc235646a434986a852af1cb54b4b", + "sha256:91a789b4aa0097b78c93e3dc4b40040ba55bef518f84a40d4442f713b4094acb", + "sha256:92460ce908546ab69770b2e576e4f99fbb4ce6ab4b245345a3869a0a0410488f", + "sha256:99e77daab5d13a48a4054803d052ff40780278240a902b880dd37a51ba01a307", + "sha256:a234a20ae07e8469da311e182e70ef6b199d0fbeb6c6cc2901204dd87fb867e8", + "sha256:a7b301ff08055d73223058b5c46c55638917f04d21577c95e00e0c4d79201a6b", + "sha256:be2a7ad8fd8f7442b24323d24ba0b56c51219513cfa45b9ada3b87b76c374d4b", + "sha256:bf9a6bc4a0221538b1a7de3ed7bca4c93c02346853f44e1cd764be0023cd3640", + "sha256:c3ca1fbba4ae962521e5eb66d72998b51f0f4d0f608d3c0347a48e1af262efa7", + "sha256:d000f258cf42fec2b1bbf2863c61d7b8918d31ffee905da62dede869254d3b8a", + "sha256:d5859983f26d8cd7bb5c287ef452e8aacc86501487634573d260968f753e1d71", + "sha256:d5e51e2901ec2366b79f16c2299a03e74ba4531ddcfacc1416639c557aef0ad8", + "sha256:debc87a9516b237d0466a711b18b6ebeb17ba9f391eb7f91c649c5c4ec5006c7", + "sha256:df5828871e6648db72d1c19b4bd24819b80a755c4541d3409f0f7acd0f335c80", + "sha256:ecdf1a604009bd35c674b9225a8fa609e0282d9b896c03dd441a91e5f53b534e", + "sha256:efa08d63ef03d079dcae1dfe334f6c8847ba8b645d08df286358b1f5293d24ab", + "sha256:f01da5790e95815eb5a8a138508c01c758e5f5bc0ce4286c4f7028b8dd7ac3d0", + "sha256:f34019dced51047d6f70cb9383b2ae2853b7fc4dce65129a5acd49f4f9256646" + ], + "markers": "python_version < '3.11' and platform_python_implementation == 'CPython'", + "version": "==0.2.7" + }, + "selinux": { + "hashes": [ + "sha256:2a88b337ac46ad0f06f557b2806c3df62421972f766673dd8bf26732fb75a9ea", + "sha256:ecf7add45c939e9dda682c390a2cd0a845c94a4793a2cce9e8870d4ee9501f99" + ], + "markers": "sys_platform == 'linux'", + "version": "==0.3.0" + }, + "setuptools": { + "hashes": [ + "sha256:57f6f22bde4e042978bcd50176fdb381d7c21a9efa4041202288d3737a0c6a54", + "sha256:a7620757bf984b58deaf32fc8a4577a9bbc0850cf92c20e1ce41c38c19e5fb75" + ], + "markers": "python_version >= '3.7'", + "version": "==65.6.3" + }, + "six": { + "hashes": [ + "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926", + "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.16.0" + }, + "subprocess-tee": { + "hashes": [ + "sha256:b3c124993f8b88d1eb1c2fde0bc2069787eac720ba88771cba17e8c93324825d", + "sha256:eca56973a1c1237093c2055b2731bcaab784683b83f22c76f26e4c5763402e28" + ], + "markers": "python_version >= '3.8'", + "version": "==0.4.1" + }, + "text-unidecode": { + "hashes": [ + "sha256:1311f10e8b895935241623731c2ba64f4c455287888b18189350b67134a822e8", + "sha256:bad6603bb14d279193107714b288be206cac565dfa49aa5b105294dd5c4aab93" + ], + "version": "==1.3" + }, + "tomli": { + "hashes": [ + "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", + "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" + ], + "markers": "python_full_version < '3.11.0a7'", + "version": "==2.0.1" + }, + "urllib3": { + "hashes": [ + "sha256:47cc05d99aaa09c9e72ed5809b60e7ba354e64b59c9c173ac3018642d8bb41fc", + "sha256:c083dd0dce68dbfbe1129d5271cb90f9447dea7d52097c6e0126120c521ddea8" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==1.26.13" + }, + "wcmatch": { + "hashes": [ + "sha256:3476cd107aba7b25ba1d59406938a47dc7eec6cfd0ad09ff77193f21a964dee7", + "sha256:b1f042a899ea4c458b7321da1b5e3331e3e0ec781583434de1301946ceadb943" + ], + "markers": "python_version >= '3.7'", + "version": "==8.4.1" + }, + "yamllint": { + "hashes": [ + "sha256:89bb5b5ac33b1ade059743cf227de73daa34d5e5a474b06a5e17fc16583b0cf2", + "sha256:9e3d8ddd16d0583214c5fdffe806c9344086721f107435f68bad990e5a88826b" + ], + "index": "pypi", + "version": "==1.28.0" + } + } +} diff --git a/roles/hifis-net.unattended_upgrades/README.md b/roles/hifis-net.unattended_upgrades/README.md new file mode 100644 index 00000000..9fe105f4 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/README.md @@ -0,0 +1,237 @@ +# Unattended-Upgrades Role for Ansible + +[![CI status](https://github.com/hifis-net/ansible-role-unattended-upgrades/actions/workflows/ci.yml/badge.svg)](https://github.com/hifis-net/ansible-role-unattended-upgrades/actions/workflows/ci.yml) +[![Ansible Role: hifis.unattended_upgrades](https://img.shields.io/ansible/role/59313)](https://galaxy.ansible.com/hifis/unattended_upgrades) +[![Ansible Quality Score](https://img.shields.io/ansible/quality/59313)](https://galaxy.ansible.com/hifis/unattended_upgrades) +[![Ansible Role Downloads](https://img.shields.io/ansible/role/d/59313)](https://galaxy.ansible.com/hifis/unattended_upgrades) +[![Latest release](https://img.shields.io/github/v/release/hifis-net/ansible-role-unattended-upgrades)](https://github.com/hifis-net/ansible-role-unattended-upgrades/releases) + +Install and setup [unattended-upgrades](https://launchpad.net/unattended-upgrades) for Ubuntu and Debian, to periodically install security upgrades. + +### Notes + +1. If you have used version `0.0.1` of the role, you can delete the file `/etc/apt/apt.conf.d/10periodic` as it is not needed anymore. You can use the following one-shot command: + * `ansible -m file -a "state=absent path=/etc/apt/apt.conf.d/10periodic" ` +1. If you have used this role before version `2.0.0`, the files `20auto-upgrades` and `50unattended-upgrades` will differ from the system defaults (instead of configuration being placed in a separate file, as we do now). These can be left as-is as they will be overridden. During OS upgrades, when asked if these files should be overwritten by the maintainer's package, say yes. They will then be reset to their default states, and you won't be asked these questions again. + +## Requirements + +The role uses [apt module](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html) which has additional dependencies. + +If you set `unattended_mail` to an e-mail address, make sure `mailx` command is available and your system is able to send e-mails. + +The role requires unattended-upgrades version 0.70 and newer, which is available since Debian Wheezy and Ubuntu 12.04 respectively. This is due to [Origins Patterns](#origins-patterns) usage; if this is not available on your system, you may use [the first version of the role](https://github.com/hifis-net/ansible-role-unattended-upgrades/tree/v0.1). + +### Automatic Reboot + +If you enable automatic reboot feature (`unattended_automatic_reboot`), the role will attempt to install `update-notifier-common` package, which is required on some systems for detecting and executing reboot after the upgrade. You may optionally define a specific time for rebooting (`unattended_automatic_reboot_time`). + +This feature was broken in Debian Jessie, but eventually was rolled into the unattended-upgrades package; see [the discussion in #6](https://github.com/jnv/ansible-role-unattended-upgrades/issues/6) for more details. + +## Disabled Cron Jobs + +On some hosts you may find that the unattended-upgrade's cron file `/etc/cron.daily/apt` file has been renamed to `apt.disabled`. This is possibly provider's decision, to save some CPU cycles. Use [enable-standard-cronjobs](https://github.com/Yannik/ansible-role-enable-standard-cronjobs) role to re-enable unattended-upgrades. See also discussion in [#9](https://github.com/jnv/ansible-role-unattended-upgrades/issues/9). + +## Role Variables + +* `unattended_cache_valid_time`: + * Default: `3600` + * Description: Update the apt cache if it's older than the given time in seconds; passed to the [apt module](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html) during package installation. +* `unattended_origins_patterns`: + * Default: + * Debian: `['origin=Debian,codename=${distro_codename},label=Debian-Security']` + * Ubuntu: `['origin=Ubuntu,archive=${distro_codename}-security,label=Ubuntu']` + * Description: Array of origins patterns to determine whether the package can be automatically installed, for more details see [Origins Patterns](#origins-patterns) below. +* `unattended_package_blacklist`: + * Default: `[]` + * Description: Packages which won't be automatically upgraded. +* `unattended_autofix_interrupted_dpkg`: + * Default: `true` + * Description: Whether on unclean dpkg exit to run `dpkg --force-confold --configure -a`. +* `unattended_minimal_steps`: + * Default: `true` + * Description: Split the upgrade into the smallest possible chunks so that they can be interrupted with SIGUSR1. +* `unattended_install_on_shutdown`: + * Default: `false` + * Description: Install all unattended-upgrades when the machine is shutting down. +* `unattended_mail`: + * Default: `false` (don't send any e-mail) + * Description: E-mail address to send information about upgrades or problems with unattended upgrades. +* `unattended_mail_only_on_error`: + * Default: `false` + * Description: Send e-mail only on errors, otherwise e-mail will be sent every time there's a package upgrade. +* `unattended_mail_report`: + * Default: `false` + * Description: Choose on what event to send an email. Possible values are "always", "only-on-error" or "on-change". +* `unattended_remove_unused_dependencies`: + * Default: `false` + * Description: Do automatic removal of all unused dependencies after the upgrade. +* `unattended_remove_new_unused_dependencies`: + * Default: `true` + * Description: Do automatic removal of new unused dependencies after the upgrade. +* `unattended_remove_unused_kernel_packages`: + * Default: `false` + * Description: Remove unused automatically installed kernel-related packages (kernel images, kernel headers and kernel version locked tools) +* `unattended_automatic_reboot`: + * Default: `false` + * Description: Automatically reboot system if any upgraded package requires it, immediately after the upgrade. +* `unattended_automatic_reboot_time`: + * Default: `false` + * Description: Automatically reboot system if any upgraded package requires it, at the specific time (_HH:MM_) instead of immediately after the upgrade. +* `unattended_update_days`: + * Default: `None` + * Description: Set the days of the week that updates should be applied. The days can be specified as localized abbreviated or full names. Or as integers where "0" is Sunday, "1" is Monday etc. Example: `{"Mon";"Fri"};` +* `unattended_ignore_apps_require_restart`: + * Default: `false` + * Description: Unattended-upgrades won't automatically upgrade some critical packages requiring restart after an upgrade (i.e. there is `XB-Upgrade-Requires: app-restart` directive in their debian/control file). With this option set to `true`, unattended-upgrades will upgrade these packages regardless of the directive. +* `unattended_syslog_enable`: + * Default: `false` + * Description: Write events to syslog, which is useful in environments where syslog messages are sent to a central store. +* `unattended_syslog_facility`: + * Default: `None` + * Description: Write events to the specified syslog facility, or the daemon facility if not specified. Will only have affect if `unattended_syslog_enable` is set to `true`. +* `unattended_verbose`: + * Default: `0` (no report) + * Description: Define verbosity level of APT for periodic runs. The output will be sent to root. + * Possible options: + * `0`: no report + * `1`: progress report + * `2`: + command outputs + * `3`: + trace on +* `unattended_update_package_list`: + * Default: `1` + * Description: Do "apt-get update" automatically every n-days (0=disable). +* `unattended_download_upgradeable`: + * Default: `0` + * Description: Do "apt-get upgrade --download-only" every n-days (0=disable). +* `unattended_autoclean_interval`: + * Default: `7` + * Description: Do "apt-get autoclean" every n-days (0=disable). +* `unattended_clean_interval`: + * Default: `0` + * Description: Do "apt-get clean" every n-days (0=disable). +* `unattended_random_sleep`: + * Default: `1800` (30 minutes) + * Description: Define maximum for a random interval in seconds after which the apt job starts (only for systems without systemd). +* `unattended_dpkg_options`: + * Default: `[]` + * Description: Array of dpkg command-line options used during unattended-upgrades runs, e.g. `["--force-confdef"]`, `["--force-confold"]`. +* `unattended_dl_limit`: + * Default: `None` + * Description: Limit the download speed in kb/sec using apt bandwidth limit feature. +* `unattended_only_on_ac_power`: + * Default: `false` + * Description: Download and install upgrades only on AC power. It will also install the debian package `powermgmt-base`. + +## Origins Patterns + +Origins Pattern is a more powerful alternative to the Allowed Origins option used in previous versions of unattended-upgrade. + +Pattern is composed of specific keywords: + +* `a`,`archive`,`suite` – e.g. `stable`, `trusty-security` (`archive=stable`) +* `c`,`component` – e.g. `main`, `crontrib`, `non-free` (`component=main`) +* `l`,`label` – e.g. `Debian`, `Debian-Security`, `Ubuntu` +* `o`,`origin` – e.g. `Debian`, `Unofficial Multimedia Packages`, `Ubuntu` +* `n`,`codename` – e.g. `jessie`, `jessie-updates`, `trusty` (this is only supported with `unattended-upgrades` >= 0.80) +* `site` – e.g. `http.debian.net` + +You can review the available repositories using `apt-cache policy` and debug your choice using `unattended-upgrades -d` command on a target system. + +Additionally, unattended-upgrades support two macros (variables), derived from `/etc/debian_version`: + +* `${distro_id}` – Installed distribution name, e.g. `Debian` or `Ubuntu`. +* `${distro_codename}` – Installed codename, e.g. `bullseye` or `jammy`. + +Using `${distro_codename}` should be preferred over using `stable` or `oldstable` as a selected, as once `stable` moves to `oldstable`, no security updates will be installed at all, or worse, package from a newer distro release will be installed by accident. The same goes for upgrading your installation from `oldstable` to `stable`, if you forget to change this in your origin patterns, you may not receive the security updates for your newer distro release. With `${distro_codename}`, both cases can never happen. + +## Role Usage Examples + +Example for Ubuntu, with custom [origins patterns](#patterns-examples), blacklisted packages and e-mail notification: + +```yaml +- hosts: all + roles: + - role: hifis.unattended_upgrades + unattended_origins_patterns: + - 'origin=Ubuntu,archive=${distro_codename}-security' + - 'o=Ubuntu,a=${distro_codename}-updates' + unattended_package_blacklist: [cowsay, vim] + unattended_mail: 'root@example.com' +``` + +_Note:_ You don't need to specify `unattended_origins_patterns`, the role will use distribution's default if the variable is not set. + +### Running Only on Debian-based Systems + +If you manage multiple distribution with the same playbook, you may want to skip running this role on non-Debian systems. You can [use `when` conditional with role](https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html#conditionals-with-roles) to limit the role to particular systems: + +```yaml +- hosts: all + roles: + - role: hifis.unattended_upgrades + when: ansible_facts['os_family'] == 'Debian' +``` + +See [#38](https://github.com/jnv/ansible-role-unattended-upgrades/pull/38) for discussion. + +### Patterns Examples + +By default, only security updates are allowed for both Ubuntu and Debian. You can add more patterns to allow unattended-updates install more packages automatically, however be aware that automated major updates may potentially break your system. + +#### For Debian + +```yaml +unattended_origins_patterns: + - 'origin=Debian,codename=${distro_codename},label=Debian-Security' # security updates + - 'o=Debian,codename=${distro_codename},label=Debian' # updates including non-security updates + - 'o=Debian,codename=${distro_codename},a=proposed-updates' +``` + +#### For Ubuntu + +In Ubuntu, archive always contains the distribution codename + +```yaml +unattended_origins_patterns: + - 'origin=Ubuntu,archive=${distro_codename}-security' + - 'o=Ubuntu,a=${distro_codename}' + - 'o=Ubuntu,a=${distro_codename}-updates' + - 'o=Ubuntu,a=${distro_codename}-proposed-updates' +``` + +#### For Raspbian + +In Raspbian, it is only possible to update all packages from the default repository, including non-security updates, or updating none. + +Updating all, including non-security: + +```yaml +unattended_origins_patterns: + - 'origin=Raspbian,codename=${distro_codename},label=Raspbian' +``` + +To not install any updates on a raspbian host, just set `unattended_origins_patterns` to an empty list: +``` +unattended_origins_patterns: [] +``` + +## License + +GPL-2.0-or-later + +## Author + +This role is maintained by [HIFIS Software Services](https://www.hifis.net/) +and was originally forked from [jnv/ansible-role-unattended-upgrades](https://github.com/jnv/ansible-role-unattended-upgrades), +created by [Jan Vlnas](https://github.com/jnv). + +## Contributors + +We would like to thank and give credits to the following contributors of this +project: + +* [alpha0010](https://github.com/alpha0010) +* [gcotelli](https://github.com/gcotelli) +* [lukashass](https://github.com/lukashass) +* [nono-lqdn](https://github.com/nono-lqdn) diff --git a/roles/jnv.unattended_upgrades/defaults/main.yml b/roles/hifis-net.unattended_upgrades/defaults/main.yml similarity index 88% rename from roles/jnv.unattended_upgrades/defaults/main.yml rename to roles/hifis-net.unattended_upgrades/defaults/main.yml index a62ee01a..abceb72a 100644 --- a/roles/jnv.unattended_upgrades/defaults/main.yml +++ b/roles/hifis-net.unattended_upgrades/defaults/main.yml @@ -47,6 +47,13 @@ unattended_mail: false # is to always send a mail if Unattended-Upgrade::Mail is set unattended_mail_only_on_error: false +#Unattended-Upgrade::MailReport +# Set this value to one of: +# "always", "only-on-error" or "on-change" +# If this is not set, then any legacy MailOnlyOnError (boolean) value +# is used to chose between "only-on-error" and "on-change" +unattended_mail_report: false + #Unattended-Upgrade::Remove-Unused-Dependencies # Do automatic removal of all unused dependencies after the upgrade # (equivalent to apt-get autoremove) @@ -56,6 +63,11 @@ unattended_remove_unused_dependencies: false # Remove any new unused dependencies after the upgrade unattended_remove_new_unused_dependencies: true +#Unattended-Upgrade::Remove-Unused-Kernel-Packages +# Remove unused automatically installed kernel-related packages +# (kernel images, kernel headers and kernel version locked tools) +unattended_remove_unused_kernel_packages: false + #Unattended-Upgrade::Automatic-Reboot # Automatically reboot *WITHOUT CONFIRMATION* if a # the file /var/run/reboot-required is found after the upgrade @@ -135,3 +147,8 @@ unattended_dpkg_options: [] # Use apt bandwidth limit feature, this example limits the download speed to 70kb/sec #unattended_dl_limit: 70 + +# Unattended-Upgrade::OnlyOnACPower +# Download and install upgrades only on AC power +# (i.e. skip or gracefully stop updates on battery) +unattended_only_on_ac_power: false diff --git a/roles/jnv.unattended_upgrades/handlers/main.yml b/roles/hifis-net.unattended_upgrades/handlers/main.yml similarity index 100% rename from roles/jnv.unattended_upgrades/handlers/main.yml rename to roles/hifis-net.unattended_upgrades/handlers/main.yml diff --git a/roles/hifis-net.unattended_upgrades/meta/main.yml b/roles/hifis-net.unattended_upgrades/meta/main.yml new file mode 100644 index 00000000..6dd33e4a --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/meta/main.yml @@ -0,0 +1,23 @@ +--- +galaxy_info: + standalone: true + role_name: "unattended_upgrades" + author: "hifis" + description: "Setup unattended-upgrades on Debian-based systems" + license: "GPLv2" + min_ansible_version: "2.12" + platforms: + - name: "Ubuntu" + versions: + - "jammy" + - "focal" + - "bionic" + - name: "Debian" + versions: + - "buster" + - "bullseye" + + galaxy_tags: + - "system" + +dependencies: [] diff --git a/roles/hifis-net.unattended_upgrades/molecule/default/converge.yml b/roles/hifis-net.unattended_upgrades/molecule/default/converge.yml new file mode 100644 index 00000000..0d2db5b2 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/molecule/default/converge.yml @@ -0,0 +1,10 @@ +--- +# Play to create and provision instance. +- name: "Converge" + hosts: "all" + tasks: + - name: "Include unattended_upgrades role" + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + +... diff --git a/roles/hifis-net.unattended_upgrades/molecule/default/molecule.yml b/roles/hifis-net.unattended_upgrades/molecule/default/molecule.yml new file mode 100644 index 00000000..74d98aac --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/molecule/default/molecule.yml @@ -0,0 +1,55 @@ +--- +dependency: + name: "galaxy" +driver: + name: "podman" +platforms: + - name: "instance" + image: "${MOLECULE_IMAGE:-ghcr.io/hifis-net/ubuntu-systemd:22.04}" + pre_build_image: true + privileged: true + override_command: false + systemd: true + tty: true +lint: | + set -e && + yamllint --strict --format colored . && + ansible-lint -v --force-color --offline --exclude .pipenv/ . ./molecule +provisioner: + name: "ansible" + inventory: + hosts: + all: + vars: + unattended_autofix_interrupted_dpkg: false + unattended_minimal_steps: true + unattended_install_on_shutdown: true + unattended_automatic_reboot: true + unattended_update_days: '{"Sat"}' + unattended_remove_unused_kernel_packages: true + unattended_only_on_ac_power: true + playbooks: + prepare: "prepare.yml" + check: "converge.yml" + converge: "converge.yml" + verify: "verify.yml" +verifier: + name: "ansible" +scenario: + name: "default" + test_sequence: + - "lint" + - "destroy" + - "dependency" + - "syntax" + - "create" + - "prepare" + - "check" + - "converge" + - "idempotence" + - "check" + - "side_effect" + - "verify" + - "destroy" + +... diff --git a/roles/hifis-net.unattended_upgrades/molecule/default/prepare.yml b/roles/hifis-net.unattended_upgrades/molecule/default/prepare.yml new file mode 100644 index 00000000..96bbaeb8 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/molecule/default/prepare.yml @@ -0,0 +1,11 @@ +--- +# Play to install dependencies. +- name: "Prepare" + hosts: "all" + tasks: + - name: "Install dependencies" + ansible.builtin.apt: + update_cache: "yes" + force_apt_get: "yes" + +... diff --git a/roles/hifis-net.unattended_upgrades/molecule/default/verify.yml b/roles/hifis-net.unattended_upgrades/molecule/default/verify.yml new file mode 100644 index 00000000..7f4d4f8d --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/molecule/default/verify.yml @@ -0,0 +1,32 @@ +--- +- name: "Verify unattended upgrades installation" + hosts: "all" + tasks: + - name: "Get apt-config variables" + ansible.builtin.command: "apt-config dump" + register: "aptconfig" + changed_when: false + + - name: "Check for registered variables" + ansible.builtin.assert: + that: "item in aptconfig.stdout" + with_items: + - 'APT::Periodic::Unattended-Upgrade "1"' + - 'Unattended-Upgrade::AutoFixInterruptedDpkg "false"' + - 'Unattended-Upgrade::MinimalSteps "true"' + - 'Unattended-Upgrade::InstallOnShutdown "true"' + - 'Unattended-Upgrade::Automatic-Reboot "true"' + # NOTE: this uses the array syntax, which requires one + # top-level record, then one item per line + - 'Unattended-Upgrade::Update-Days "";' + - 'Unattended-Upgrade::Update-Days:: "Sat";' + - 'Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";' + - 'Unattended-Upgrade::OnlyOnACPower "true";' + + - name: "Dry run unattended-upgrades" + ansible.builtin.command: "/usr/bin/unattended-upgrades --dry-run" + register: "dry_run" + failed_when: "dry_run.rc != 0" + changed_when: false + +... diff --git a/roles/hifis-net.unattended_upgrades/tasks/main.yml b/roles/hifis-net.unattended_upgrades/tasks/main.yml new file mode 100644 index 00000000..946ed65d --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- name: "Import tasks from the unattended-upgrades playbook" + ansible.builtin.import_tasks: "unattended-upgrades.yml" + tags: "unattended" diff --git a/roles/jnv.unattended_upgrades/tasks/reboot.yml b/roles/hifis-net.unattended_upgrades/tasks/reboot.yml similarity index 50% rename from roles/jnv.unattended_upgrades/tasks/reboot.yml rename to roles/hifis-net.unattended_upgrades/tasks/reboot.yml index faa71498..0a28b00f 100644 --- a/roles/jnv.unattended_upgrades/tasks/reboot.yml +++ b/roles/hifis-net.unattended_upgrades/tasks/reboot.yml @@ -1,9 +1,9 @@ --- # Ignored, since newer distros don't need this package # https://github.com/jnv/ansible-role-unattended-upgrades/issues/6 -- name: install update-notifier-common - apt: - pkg: update-notifier-common - state: present +- name: "Install update-notifier-common" + ansible.builtin.apt: + name: "update-notifier-common" + state: "present" + force_apt_get: "yes" failed_when: false - diff --git a/roles/hifis-net.unattended_upgrades/tasks/unattended-upgrades.yml b/roles/hifis-net.unattended_upgrades/tasks/unattended-upgrades.yml new file mode 100644 index 00000000..657c36ed --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/tasks/unattended-upgrades.yml @@ -0,0 +1,38 @@ +--- +- name: "Add distribution-specific variables" + ansible.builtin.include_vars: "{{ ansible_distribution }}.yml" + +- name: "Add Debian Bullseye workaround" + ansible.builtin.include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml" + when: + - "ansible_distribution == 'Debian'" + - "ansible_distribution_release == 'bullseye'" + +- name: "Install powermgmt-base" + ansible.builtin.apt: + name: "powermgmt-base" + state: "present" + cache_valid_time: "{{ unattended_cache_valid_time }}" + update_cache: "yes" + force_apt_get: "yes" + when: "unattended_only_on_ac_power" + +- name: "Install unattended-upgrades" + ansible.builtin.apt: + name: "unattended-upgrades" + state: "present" + cache_valid_time: "{{ unattended_cache_valid_time }}" + update_cache: "yes" + force_apt_get: "yes" + +- name: "Install reboot dependencies" + ansible.builtin.import_tasks: "reboot.yml" + when: "unattended_automatic_reboot | bool" + +- name: "Create Apt auto-upgrades & unattended-upgrades configuration" + ansible.builtin.template: + src: "unattended-upgrades.j2" + dest: "/etc/apt/apt.conf.d/90-ansible-unattended-upgrades" + owner: "root" + group: "root" + mode: "0644" diff --git a/roles/jnv.unattended_upgrades/templates/unattended-upgrades.j2 b/roles/hifis-net.unattended_upgrades/templates/unattended-upgrades.j2 similarity index 71% rename from roles/jnv.unattended_upgrades/templates/unattended-upgrades.j2 rename to roles/hifis-net.unattended_upgrades/templates/unattended-upgrades.j2 index 9338c496..1c1d01ae 100644 --- a/roles/jnv.unattended_upgrades/templates/unattended-upgrades.j2 +++ b/roles/hifis-net.unattended_upgrades/templates/unattended-upgrades.j2 @@ -1,11 +1,42 @@ -// {{ ansible_managed }} +{{ ansible_managed | comment('c') }} + +// Overrides for `20auto-upgrades`. ////////////////////////////////////////// + +APT::Periodic::Unattended-Upgrade "1"; + +{% if unattended_update_package_list is defined %} +APT::Periodic::Update-Package-Lists "{{unattended_update_package_list}}"; +{% endif %} + +{% if unattended_download_upgradeable is defined %} +APT::Periodic::Download-Upgradeable-Packages "{{unattended_download_upgradeable}}"; +{% endif %} + +{% if unattended_autoclean_interval is defined %} +APT::Periodic::AutocleanInterval "{{unattended_autoclean_interval}}"; +{% endif %} + +{% if unattended_clean_interval is defined %} +APT::Periodic::CleanInterval "{{unattended_clean_interval}}"; +{% endif %} + +{% if unattended_verbose is defined %} +APT::Periodic::Verbose "{{unattended_verbose}}"; +{% endif %} + +{% if unattended_random_sleep is defined %} +APT::Periodic::RandomSleep "{{unattended_random_sleep}}"; +{% endif %} + + +// Overrides for `50unattended-upgrades`. //////////////////////////////////// // Unattended-Upgrade::Origins-Pattern controls which packages are // upgraded. Unattended-Upgrade::Origins-Pattern { {% if unattended_origins_patterns is defined %} {% for origin in unattended_origins_patterns %} - "{{ origin }}"; + "{{ origin }}"; {% endfor %} {% else %} {% for origin in __unattended_origins_patterns %} @@ -56,6 +87,14 @@ Unattended-Upgrade::Mail "{{unattended_mail}}"; Unattended-Upgrade::MailOnlyOnError "true"; {% endif %} +{% if unattended_mail_report %} +// Set this value to one of: +// "always", "only-on-error" or "on-change" +// If this is not set, then any legacy MailOnlyOnError (boolean) value +// is used to chose between "only-on-error" and "on-change" +Unattended-Upgrade::MailReport "{{ unattended_mail_report }}"; +{% endif %} + {% if unattended_remove_unused_dependencies %} // Do automatic removal of all unused dependencies after the upgrade // (equivalent to apt-get autoremove) @@ -67,6 +106,12 @@ Unattended-Upgrade::Remove-Unused-Dependencies "true"; Unattended-Upgrade::Remove-New-Unused-Dependencies "false"; {% endif %} +{% if unattended_remove_unused_kernel_packages %} +// Remove unused automatically installed kernel-related packages +// (kernel images, kernel headers and kernel version locked tools). +Unattended-Upgrade::Remove-Unused-Kernel-Packages "true"; +{% endif %} + {% if unattended_automatic_reboot %} // Automatically reboot *WITHOUT CONFIRMATION* if a // the file /var/run/reboot-required is found after the upgrade @@ -121,3 +166,7 @@ Dpkg::Options { // speed to 70kb/sec Acquire::http::Dl-Limit "{{ unattended_dl_limit }}"; {% endif %} + +// Download and install upgrades only on AC power +// (i.e. skip or gracefully stop updates on battery) +Unattended-Upgrade::OnlyOnACPower "{{ unattended_only_on_ac_power | to_json }}"; diff --git a/roles/jnv.unattended_upgrades/tests/ansible.cfg b/roles/hifis-net.unattended_upgrades/tests/ansible.cfg similarity index 100% rename from roles/jnv.unattended_upgrades/tests/ansible.cfg rename to roles/hifis-net.unattended_upgrades/tests/ansible.cfg diff --git a/roles/jnv.unattended_upgrades/tests/inventory b/roles/hifis-net.unattended_upgrades/tests/inventory similarity index 100% rename from roles/jnv.unattended_upgrades/tests/inventory rename to roles/hifis-net.unattended_upgrades/tests/inventory diff --git a/roles/hifis-net.unattended_upgrades/tests/requirements.yml b/roles/hifis-net.unattended_upgrades/tests/requirements.yml new file mode 100644 index 00000000..79d7bd93 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/tests/requirements.yml @@ -0,0 +1,3 @@ +--- +- src: "chrismeyersfsu.provision_docker" + name: "provision_docker" diff --git a/roles/jnv.unattended_upgrades/tests/test.sh b/roles/hifis-net.unattended_upgrades/tests/test.sh similarity index 100% rename from roles/jnv.unattended_upgrades/tests/test.sh rename to roles/hifis-net.unattended_upgrades/tests/test.sh diff --git a/roles/jnv.unattended_upgrades/tests/test.yml b/roles/hifis-net.unattended_upgrades/tests/test.yml similarity index 55% rename from roles/jnv.unattended_upgrades/tests/test.yml rename to roles/hifis-net.unattended_upgrades/tests/test.yml index d73b9a49..2c48bee9 100644 --- a/roles/jnv.unattended_upgrades/tests/test.yml +++ b/roles/hifis-net.unattended_upgrades/tests/test.yml @@ -1,39 +1,39 @@ --- -- name: Bring up Docker containers - hosts: localhost +- name: "Bring up Docker containers" + hosts: "localhost" gather_facts: false vars: inventory: - - name: ubuntu_latest + - name: "ubuntu_latest" image: "ubuntu:latest" - - name: ubuntu_bionic + - name: "ubuntu_bionic" image: "ubuntu:bionic" - - name: ubuntu_xenial + - name: "ubuntu_xenial" image: "ubuntu:xenial" - - name: ubuntu_trusty + - name: "ubuntu_trusty" image: "ubuntu:trusty" # 6/2020: Disabled Debian Testing due to missing python packages (python-apt) #- name: debian_testing # image: "debian:testing" - - name: debian_stable + - name: "debian_stable" image: "debian:stable" - - name: debian_oldstable + - name: "debian_oldstable" image: "debian:oldstable" roles: - - role: provision_docker + - role: "provision_docker" provision_docker_inventory: "{{ inventory }}" provision_docker_privileged: true provision_docker_use_docker_connection: true -- name: Test role - hosts: docker_containers +- name: "Test role" + hosts: "docker_containers" gather_facts: false pre_tasks: - - name: Provision Python - raw: bash -c "test -e /usr/bin/python || (apt-get -y update && apt-get install -y python)" - register: output - changed_when: output.stdout - - name: Gather facts + - name: "Provision Python" + raw: 'bash -c "test -e /usr/bin/python || (apt-get -y update && apt-get install -y python)"' + register: "output" + changed_when: "output.stdout" + - name: "Gather facts" setup: vars: unattended_autofix_interrupted_dpkg: false @@ -43,24 +43,24 @@ unattended_update_days: '{"Sat"}' roles: # Searched for in ../.. (see ansible.cfg) - - ansible-role-unattended-upgrades + - "ansible-role-unattended-upgrades" tasks: - - name: Idempotency check + - name: "Idempotency check" include_role: - name: ansible-role-unattended-upgrades - register: idempotency - - name: fail when idempotency.changed + name: "ansible-role-unattended-upgrades" + register: "idempotency" + - name: "fail when idempotency.changed" fail: - msg: Role failed idempotency check - when: idempotency.changed + msg: "Role failed idempotency check" + when: "idempotency.changed" - - name: Get apt-config variables - command: apt-config dump - register: aptconfig + - name: "Get apt-config variables" + command: "apt-config dump" + register: "aptconfig" changed_when: false - - name: Check for registered variables + - name: "Check for registered variables" assert: - that: item in aptconfig.stdout + that: "item in aptconfig.stdout" with_items: - 'APT::Periodic::Unattended-Upgrade "1"' - 'Unattended-Upgrade::AutoFixInterruptedDpkg "false"' @@ -72,6 +72,6 @@ - 'Unattended-Upgrade::Update-Days "";' - 'Unattended-Upgrade::Update-Days:: "Sat";' - - name: Dry run unattended-upgrades - command: /usr/bin/unattended-upgrades --dry-run - changed_when: idempotency.changed|bool + - name: "Dry run unattended-upgrades" + command: "/usr/bin/unattended-upgrades --dry-run" + changed_when: "idempotency.changed | bool" diff --git a/roles/hifis-net.unattended_upgrades/vars/Debian-bullseye.yml b/roles/hifis-net.unattended_upgrades/vars/Debian-bullseye.yml new file mode 100644 index 00000000..5390b454 --- /dev/null +++ b/roles/hifis-net.unattended_upgrades/vars/Debian-bullseye.yml @@ -0,0 +1,9 @@ +--- +# From https://metadata.ftp-master.debian.org/changelogs//main/u/unattended-upgrades/unattended-upgrades_2.8_changelog +# Allow both ${distro_codename} or ${distro_codename}-security on Debian +# as security update codenames. The latter will be used starting with +# Bullseye, but to help backporting and testing the configuration file keeps +# working on Buster and older releases. (Closes: #933138) +__unattended_origins_patterns: + - 'origin=Debian,codename=${distro_codename},label=Debian-Security' + - 'origin=Debian,codename=${distro_codename}-security,label=Debian-Security' diff --git a/roles/jnv.unattended_upgrades/vars/Debian.yml b/roles/hifis-net.unattended_upgrades/vars/Debian.yml similarity index 100% rename from roles/jnv.unattended_upgrades/vars/Debian.yml rename to roles/hifis-net.unattended_upgrades/vars/Debian.yml diff --git a/roles/jnv.unattended_upgrades/vars/Ubuntu.yml b/roles/hifis-net.unattended_upgrades/vars/Ubuntu.yml similarity index 100% rename from roles/jnv.unattended_upgrades/vars/Ubuntu.yml rename to roles/hifis-net.unattended_upgrades/vars/Ubuntu.yml diff --git a/roles/jnv.unattended_upgrades/.ansible-lint b/roles/jnv.unattended_upgrades/.ansible-lint deleted file mode 100644 index d09fda88..00000000 --- a/roles/jnv.unattended_upgrades/.ansible-lint +++ /dev/null @@ -1,2 +0,0 @@ -skip_list: - - '503' diff --git a/roles/jnv.unattended_upgrades/.github/workflows/ansible-linting-check.yml b/roles/jnv.unattended_upgrades/.github/workflows/ansible-linting-check.yml deleted file mode 100644 index 35c1fac3..00000000 --- a/roles/jnv.unattended_upgrades/.github/workflows/ansible-linting-check.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: Ansible Lint check -# visit https://github.com/marketplace/actions/ansible-lint for infos - -on: [push, pull_request] - -jobs: - build: - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Lint Ansible Playbook - uses: ansible/ansible-lint-action@master - with: - targets: "." diff --git a/roles/jnv.unattended_upgrades/.travis.yml b/roles/jnv.unattended_upgrades/.travis.yml deleted file mode 100644 index 32fdb5d1..00000000 --- a/roles/jnv.unattended_upgrades/.travis.yml +++ /dev/null @@ -1,16 +0,0 @@ -sudo: required -language: python -services: docker - -cache: pip - -install: - - pip install ansible docker - - ansible-galaxy install -r tests/requirements.yml -p tests/roles/ - -script: - - ansible --version - - tests/test.sh - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/jnv.unattended_upgrades/README.md b/roles/jnv.unattended_upgrades/README.md deleted file mode 100644 index 0be991bc..00000000 --- a/roles/jnv.unattended_upgrades/README.md +++ /dev/null @@ -1,199 +0,0 @@ -# Unattended-Upgrades Role for Ansible - -[![Build Status of branch master](https://img.shields.io/travis/jnv/ansible-role-unattended-upgrades/master.svg?style=flat-square)](https://travis-ci.org/jnv/ansible-role-unattended-upgrades) -[![Ansible Role: jnv.unattended-upgrades](https://img.shields.io/ansible/role/8068.svg?style=flat-square)](https://galaxy.ansible.com/jnv/unattended-upgrades/) - -Install and setup [unattended-upgrades](https://launchpad.net/unattended-upgrades) for Ubuntu and Debian (since Wheezy), to periodically install security upgrades. - -**NOTE:** If you have used version 0.0.1 of the role, you can delete the file `/etc/apt/apt.conf.d/10periodic` as it is not needed anymore. You can use the following one-shot command: - - ansible -m file -a "state=absent path=/etc/apt/apt.conf.d/10periodic" - -## Requirements - -The role uses [apt module](http://docs.ansible.com/apt_repository_module.html) which has additional dependencies. - -If you set `unattended_mail` to an e-mail address, make sure `mailx` command is available and your system is able to send e-mails. - -The role requires unattended-upgrades version 0.70 and newer, which is available since Debian Wheezy and Ubuntu 12.04 respectively. This is due to [Origins Patterns](#origins-patterns) usage; if this is not available on your system, you may use [the first version of the role](https://github.com/jnv/ansible-role-unattended-upgrades/tree/v0.1). - -### Automatic Reboot - -If you enable automatic reboot feature (`unattended_automatic_reboot`), the role will attempt to install `update-notifier-common` package, which is required on some systems for detecting and executing reboot after the upgrade. You may optionally define a specific time for rebooting (`unattended_automatic_reboot_time`). - -This feature was broken in Debian Jessie, but eventually was rolled into the unattended-upgrades package; see [the discussion in #6](https://github.com/jnv/ansible-role-unattended-upgrades/issues/6) for more details. - -## Disabled Cron Jobs - -On some hosts you may find that the unattended-upgrade's cronfile `/etc/cron.daily/apt` file has been renamed to `apt.disabled`. This is possibly provider's decision, to save some CPU cycles. Use [enable-standard-cronjobs](https://github.com/Yannik/ansible-role-enable-standard-cronjobs) role to reenable unattended-upgrades. See also discussion in [#9](https://github.com/jnv/ansible-role-unattended-upgrades/issues/9). - -## Role Variables - -* `unattended_cache_valid_time`: Update the apt cache if its older than the given time in seconds; passed to the [apt module](https://docs.ansible.com/ansible/latest/apt_module.html) during package installation. - * Default: `3600` -* `unattended_origins_patterns`: array of origins patterns to determine whether the package can be automatically installed, for more details see [Origins Patterns](#origins-patterns) below. - * Default for Debian: `['origin=Debian,codename=${distro_codename},label=Debian-Security']` - * Default for Ubuntu: `['origin=Ubuntu,archive=${distro_codename}-security,label=Ubuntu']` -* `unattended_package_blacklist`: packages which won't be automatically upgraded - * Default: `[]` -* `unattended_autofix_interrupted_dpkg`: whether on unclean dpkg exit to run `dpkg --force-confold --configure -a` - * Default: `true` -* `unattended_minimal_steps`: split the upgrade into the smallest possible chunks so that they can be interrupted with SIGUSR1. - * Default: `true` -* `unattended_install_on_shutdown`: install all unattended-upgrades when the machine is shuting down. - * Default: `false` -* `unattended_mail`: e-mail address to send information about upgrades or problems with unattended upgrades - * Default: `false` (don't send any e-mail) -* `unattended_mail_only_on_error`: send e-mail only on errors, otherwise e-mail will be sent every time there's a package upgrade. - * Default: `false` -* `unattended_remove_unused_dependencies`: do automatic removal of all unused dependencies after the upgrade. - * Default: `false` -* `unattended_remove_new_unused_dependencies`: do automatic removal of new unused dependencies after the upgrade. - * Default: `true` -* `unattended_automatic_reboot`: Automatically reboot system if any upgraded package requires it, immediately after the upgrade. - * Default: `false` -* `unattended_automatic_reboot_time`: Automatically reboot system if any upgraded package requires it, at the specific time (_HH:MM_) instead of immediately after the upgrade. - * Default: `false` -* `unattended_update_days`: Set the days of the week that updates should be applied. The days can be specified as localized abbreviated or full names. Or as integers where "0" is Sunday, "1" is Monday etc. Example: `{"Mon";"Fri"};` - * Default: disabled -* `unattended_ignore_apps_require_restart`: unattended-upgrades won't automatically upgrade some critical packages requiring restart after an upgrade (i.e. there is `XB-Upgrade-Requires: app-restart` directive in their debian/control file). With this option set to `true`, unattended-upgrades will upgrade these packages regardless of the directive. - * Default: `false` -* `unattended_syslog_enable`: Write events to syslog, which is useful in environments where syslog messages are sent to a central store. - * Default: `false` -* `unattended_syslog_facility`: Write events to the specified syslog facility, or the daemon facility if not specified. Will only have affect if `unattended_syslog_enable` is set to `true`. - * Default: `daemon` -* `unattended_verbose`: Define verbosity level of APT for periodic runs. The output will be sent to root. - * Possible options: - * `0`: no report - * `1`: progress report - * `2`: + command outputs - * `3`: + trace on - * Default: `0` (no report) -* `unattended_update_package_list`: Do "apt-get update" automatically every n-days (0=disable) - * Default: `1` -* `unattended_download_upgradeable`: Do "apt-get upgrade --download-only" every n-days (0=disable) - * Default: `0` -* `unattended_autoclean_interval`: Do "apt-get autoclean" every n-days (0=disable) - * Default: `7` -* `unattended_clean_interval`: Do "apt-get clean" every n-days (0=disable) - * Default: `0` -* `unattended_random_sleep`: Define maximum for a random interval in seconds after which the apt job starts (only for systems without systemd) - * Default: `1800` (30 minutes) -* `unattended_dpkg_options`: Array of dpkg command-line options used during unattended-upgrades runs, e.g. `["--force-confdef"]`, `["--force-confold"]` - * Default: `[]` -* `unattended_dl_limit`: Limit the download speed in kb/sec using apt bandwidth limit feature. - * Default: disabled - -## Origins Patterns - -Origins Pattern is a more powerful alternative to the Allowed Origins option used in previous versions of unattended-upgrade. - -Pattern is composed from specific keywords: - -* `a`,`archive`,`suite` – e.g. `stable`, `trusty-security` (`archive=stable`) -* `c`,`component` – e.g. `main`, `crontrib`, `non-free` (`component=main`) -* `l`,`label` – e.g. `Debian`, `Debian-Security`, `Ubuntu` -* `o`,`origin` – e.g. `Debian`, `Unofficial Multimedia Packages`, `Ubuntu` -* `n`,`codename` – e.g. `jessie`, `jessie-updates`, `trusty` (this is only supported with `unattended-upgrades` >= 0.80) -* `site` – e.g. `http.debian.net` - -You can review the available repositories using `apt-cache policy` and debug your choice using `unattended-upgrades -d` command on a target system. - -Additionally unattended-upgrades support two macros (variables), derived from `/etc/debian_version`: - -* `${distro_id}` – Installed distribution name, e.g. `Debian` or `Ubuntu`. -* `${distro_codename}` – Installed codename, e.g. `jessie` or `trusty`. - -Using `${distro_codename}` should be preferred over using `stable` or `oldstable` as a selected, as once `stable` moves to `oldstable`, no security updates will be installed at all, or worse, package from a newer distro release will be installed by accident. The same goes for upgrading your installation from `oldstable` to `stable`, if you forget to change this in your origin patterns, you may not receive the security updates for your newer distro release. With `${distro_codename}`, both cases can never happen. - -## Role Usage Examples - -Example for Ubuntu, with custom [origins patterns](#patterns-examples), blacklisted packages and e-mail notification: - -```yaml -- hosts: all - roles: - - role: jnv.unattended-upgrades - unattended_origins_patterns: - - 'origin=Ubuntu,archive=${distro_codename}-security' - - 'o=Ubuntu,a=${distro_codename}-updates' - unattended_package_blacklist: [cowsay, vim] - unattended_mail: 'root@example.com' -``` - -_Note:_ You don't need to specify `unattended_origins_patterns`, the role will use distribution's default if the variable is not set. - -### Running Only on Debian-based Systems - -If you manage multiple distribution with the same playbook, you may want to skip running this role on non-Debian systems. You can [use `when` conditional with role](https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html#conditionals-with-roles) to limit the role to particular systems: - -```yaml -- hosts: all - roles: - - role: jnv.unattended-upgrades - when: ansible_facts['os_family'] == 'Debian' -``` - -See [#38](https://github.com/jnv/ansible-role-unattended-upgrades/pull/38) for discussion. - -### Patterns Examples - -By default, only security updates are allowed for both Ubuntu and Debian. You can add more patterns to allow unattended-updates install more packages automatically, however be aware that automated major updates may potentially break your system. - -#### For Debian - -```yaml -unattended_origins_patterns: - - 'origin=Debian,codename=${distro_codename},label=Debian-Security' # security updates - - 'o=Debian,codename=${distro_codename},label=Debian' # updates including non-security updates - - 'o=Debian,codename=${distro_codename},a=proposed-updates' -``` - -On debian wheezy, due to `unattended-upgrades` being `0.79.5`, you cannot use the `codename` directive. - -You will have to do archive based matching instead: - -```yaml -unattended_origins_patterns: - - 'origin=Debian,a=stable,label=Debian-Security' # security updates - - 'o=Debian,a=stable,l=Debian' # updates including non-security updates - - 'o=Debian,a=proposed-updates' -``` - -Please be sure to read about the issues regarding this in the origin pattern documentation above. - -#### For Ubuntu - -In Ubuntu, archive always contains the distribution codename - -```yaml -unattended_origins_patterns: - - 'origin=Ubuntu,archive=${distro_codename}-security' - - 'o=Ubuntu,a=${distro_codename}' - - 'o=Ubuntu,a=${distro_codename}-updates' - - 'o=Ubuntu,a=${distro_codename}-proposed-updates' -``` - - -#### For Raspbian - -In Raspbian, it is only possible to update all packages from the default repository, including non-security updates, or updating none. - -Updating all, including non-security: - -```yaml -unattended_origins_patterns: - - 'origin=Raspbian,codename=${distro_codename},label=Raspbian' -``` - -You can not use the `codename` directive on raspbian wheezy, the same as with debian wheezy above. - -To not install any updates on a raspbian host, just set `unattended_origins_patterns` to an empty list: -``` -unattended_origins_patterns: [] -``` - - -## License - -GPLv2 diff --git a/roles/jnv.unattended_upgrades/meta/main.yml b/roles/jnv.unattended_upgrades/meta/main.yml deleted file mode 100644 index f7aa9f08..00000000 --- a/roles/jnv.unattended_upgrades/meta/main.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -galaxy_info: - author: Jan Vlnas - description: Setup unattended-upgrades on Debian-based systems - license: GPLv2 - min_ansible_version: 1.4 - platforms: - - name: Ubuntu - versions: - - precise - - raring - - saucy - - trusty - - utopic - - name: Debian - versions: - - wheezy - - jessie - # - # Below are all categories currently available. Just as with - # the platforms above, uncomment those that apply to your role. - # - galaxy_tags: - #- cloud - #- cloud:ec2 - #- cloud:gce - #- cloud:rax - #- database - #- database:nosql - #- database:sql - #- development - #- monitoring - #- networking - #- packaging - - system - #- web -dependencies: [] - diff --git a/roles/jnv.unattended_upgrades/tasks/main.yml b/roles/jnv.unattended_upgrades/tasks/main.yml deleted file mode 100644 index 9a924fa1..00000000 --- a/roles/jnv.unattended_upgrades/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ - - include: unattended-upgrades.yml - tags: unattended diff --git a/roles/jnv.unattended_upgrades/tasks/unattended-upgrades.yml b/roles/jnv.unattended_upgrades/tasks/unattended-upgrades.yml deleted file mode 100644 index 2b911fe6..00000000 --- a/roles/jnv.unattended_upgrades/tasks/unattended-upgrades.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -- name: add distribution-specific variables - include_vars: "{{ ansible_distribution }}.yml" - -- name: add Debian Wheezy workaround - include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml" - when: (ansible_distribution == "Debian") and (ansible_distribution_release == "wheezy") - -- name: install unattended-upgrades - apt: - pkg: unattended-upgrades - state: present - cache_valid_time: "{{ unattended_cache_valid_time }}" - update_cache: yes - -- name: install reboot dependencies - include: reboot.yml - when: unattended_automatic_reboot|bool - -- name: create APT auto-upgrades configuration - template: - src: auto-upgrades.j2 - dest: /etc/apt/apt.conf.d/20auto-upgrades - owner: root - group: root - mode: 0644 - -- name: create unattended-upgrades configuration - template: - src: unattended-upgrades.j2 - dest: /etc/apt/apt.conf.d/50unattended-upgrades - owner: root - group: root - mode: 0644 diff --git a/roles/jnv.unattended_upgrades/templates/auto-upgrades.j2 b/roles/jnv.unattended_upgrades/templates/auto-upgrades.j2 deleted file mode 100644 index 5a64ed5c..00000000 --- a/roles/jnv.unattended_upgrades/templates/auto-upgrades.j2 +++ /dev/null @@ -1,27 +0,0 @@ -// {{ ansible_managed }} - -APT::Periodic::Unattended-Upgrade "1"; - -{% if unattended_update_package_list is defined %} -APT::Periodic::Update-Package-Lists "{{unattended_update_package_list}}"; -{% endif %} - -{% if unattended_download_upgradeable is defined %} -APT::Periodic::Download-Upgradeable-Packages "{{unattended_download_upgradeable}}"; -{% endif %} - -{% if unattended_autoclean_interval is defined %} -APT::Periodic::AutocleanInterval "{{unattended_autoclean_interval}}"; -{% endif %} - -{% if unattended_clean_interval is defined %} -APT::Periodic::CleanInterval "{{unattended_clean_interval}}"; -{% endif %} - -{% if unattended_verbose is defined %} -APT::Periodic::Verbose "{{unattended_verbose}}"; -{% endif %} - -{% if unattended_random_sleep is defined %} -APT::Periodic::RandomSleep "{{unattended_random_sleep}}"; -{% endif %} diff --git a/roles/jnv.unattended_upgrades/tests/requirements.yml b/roles/jnv.unattended_upgrades/tests/requirements.yml deleted file mode 100644 index 562771a1..00000000 --- a/roles/jnv.unattended_upgrades/tests/requirements.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- src: chrismeyersfsu.provision_docker - name: provision_docker diff --git a/roles/jnv.unattended_upgrades/vars/Debian-wheezy.yml b/roles/jnv.unattended_upgrades/vars/Debian-wheezy.yml deleted file mode 100644 index 57afa2dc..00000000 --- a/roles/jnv.unattended_upgrades/vars/Debian-wheezy.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -# This workaround for Debian Wheezy which doesn't support ${distro_codename} macro -# See -# https://github.com/jnv/ansible-role-unattended-upgrades/issues/19 -# https://github.com/jnv/ansible-role-unattended-upgrades/pull/20 -# for details - -__unattended_origins_patterns: - - 'origin=Debian,archive=stable,label=Debian-Security' - - 'origin=Debian,archive=oldstable,label=Debian-Security'