linux-system-roles · richm · Nov 22, 2023 · Nov 21, 2023
diff --git a/.ostree/get_ostree_data.sh b/.ostree/get_ostree_data.sh
@@ -2,7 +2,6 @@
 
 set -euo pipefail
 
-role_collection_dir="${ROLE_COLLECTION_DIR:-fedora/linux_system_roles}"
 ostree_dir="${OSTREE_DIR:-"$(dirname "$(realpath "$0")")"}"
 
 if [ -z "${4:-}" ] || [ "${1:-}" = help ] || [ "${1:-}" = -h ]; then
@@ -29,24 +28,40 @@ if [ "$pkgtype" = testing ]; then
 fi
 
 get_rolepath() {
-    local ostree_dir role rolesdir
+    local ostree_dir role rolesdir roles_parent_dir coll_path pth
     ostree_dir="$1"
     role="$2"
-    rolesdir="$(dirname "$(dirname "$ostree_dir")")/$role/.ostree"
+    roles_parent_dir="$(dirname "$(dirname "$ostree_dir")")"
+    rolesdir="$roles_parent_dir/$role/.ostree"
+    # assumes collection format
     if [ -d "$rolesdir" ]; then
         echo "$rolesdir"
         return 0
     fi
-    if [ -n "${ANSIBLE_COLLECTIONS_PATHS:-}" ]; then
-        for pth in ${ANSIBLE_COLLECTIONS_PATHS//:/ }; do
-            rolesdir="$pth/ansible_collections/$role_collection_dir/roles/$role/.ostree"
-            if [ -d "$rolesdir" ]; then
-                echo "$rolesdir"
-                return 0
-            fi
+    # assumes legacy role format like linux-system-roles.$role/
+    for rolesdir in "$roles_parent_dir"/*-system-roles."$role"/.ostree; do
+        if [ -d "$rolesdir" ]; then
+          echo "$rolesdir"
+          return 0
+        fi
+    done
+    # look elsewhere
+    coll_path="${ANSIBLE_COLLECTIONS_PATH:-}"
+    if [ -z "$coll_path" ]; then
+        coll_path="${ANSIBLE_COLLECTIONS_PATHS:-}"
+    fi
+    if [ -n "${coll_path}" ]; then
+        for pth in ${coll_path//:/ }; do
+            for rolesdir in "$pth"/ansible_collections/*/*_system_roles/roles/"$role"/.ostree; do
+                if [ -d "$rolesdir" ]; then
+                    echo "$rolesdir"
+                    return 0
+                fi
+            done
         done
     fi
-    return 1
+    1>&2 echo ERROR - could not find role "$role" - please use ANSIBLE_COLLECTIONS_PATH
+    exit 2
 }
 
 get_packages() {
@@ -65,6 +80,10 @@ get_packages() {
             roles="$(cat "$rolefile")"
             for role in $roles; do
                 rolepath="$(get_rolepath "$ostree_dir" "$role")"
+                if [ -z "$rolepath" ]; then
+                    1>&2 echo ERROR - could not find role "$role" - please use ANSIBLE_COLLECTIONS_PATH
+                    exit 2
+                fi
                 get_packages "$rolepath"
             done
         fi

diff --git a/meta/collection-requirements.yml b/meta/collection-requirements.yml
@@ -1,4 +1,3 @@
 ---
 collections:
   - name: ansible.posix
-  - name: ansible.utils
diff --git a/tasks/firewalld.yml b/tasks/firewalld.yml
@@ -5,25 +5,21 @@
   when: __firewall_required_facts |
     difference(ansible_facts.keys() | list) | length > 0
 
-- name: Ensure correct package manager for ostree systems
-  vars:
-    ostree_pkg_mgr: ansible.posix.rhel_rpm_ostree
-    ostree_booted_file: /run/ostree-booted
-  when: ansible_facts.pkg_mgr | d("") != ostree_pkg_mgr
+- name: Determine if system is ostree and set flag
+  when: not __firewall_is_ostree is defined
   block:
     - name: Check if system is ostree
       stat:
-        path: "{{ ostree_booted_file }}"
+        path: /run/ostree-booted
       register: __ostree_booted_stat
 
-    - name: Set package manager to use for ostree
-      ansible.utils.update_fact:
-        updates:
-          - path: ansible_facts.pkg_mgr
-            value: "{{ ostree_pkg_mgr }}"
-      when: __ostree_booted_stat.stat.exists
+    - name: Set flag to indicate system is ostree
+      set_fact:
+        __firewall_is_ostree: "{{ __ostree_booted_stat.stat.exists }}"
 
 - name: Install firewalld
   package:
     name: "{{ __firewall_packages_base }}"
     state: present
+    use: "{{ (__firewall_is_ostree | d(false)) |
+             ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
diff --git a/tests/tests_reload_on_reset.yml b/tests/tests_reload_on_reset.yml
@@ -9,30 +9,24 @@
         - ansible_distribution in ['RedHat', 'CentOS']
         - ansible_distribution_major_version | int < 8
   tasks:
-    - name: Ensure correct package manager for ostree systems
-      vars:
-        ostree_pkg_mgr: ansible.posix.rhel_rpm_ostree
-        ostree_booted_file: /run/ostree-booted
-      when: ansible_facts.pkg_mgr | d("") != ostree_pkg_mgr
+    - name: Determine if system is ostree and set flag
+      when: not __firewall_is_ostree is defined
       block:
         - name: Check if system is ostree
           stat:
-            path: "{{ ostree_booted_file }}"
+            path: /run/ostree-booted
           register: __ostree_booted_stat
 
-        - name: Set package manager to use for ostree
+        - name: Set flag to indicate system is ostree
           set_fact:
-            ansible_facts: "{{ ansible_facts |
-              combine(new_facts, recursive=True) }}"
-          vars:
-            new_facts:
-              pkg_mgr: "{{ ostree_pkg_mgr }}"
-          when: __ostree_booted_stat.stat.exists
+            __firewall_is_ostree: "{{ __ostree_booted_stat.stat.exists }}"
 
     - name: Install podman
       package:
         name: podman
         state: present
+        use: "{{ (__firewall_is_ostree | d(false)) |
+                ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
 
     - name: Run test
       script:

diff --git a/tests/tests_startup_conflicts.yml b/tests/tests_startup_conflicts.yml
@@ -16,30 +16,24 @@
       include_role:
         name: linux-system-roles.firewall
 
-    - name: Ensure correct package manager for ostree systems
-      vars:
-        ostree_pkg_mgr: ansible.posix.rhel_rpm_ostree
-        ostree_booted_file: /run/ostree-booted
-      when: ansible_facts.pkg_mgr | d("") != ostree_pkg_mgr
+    - name: Determine if system is ostree and set flag
+      when: not __firewall_is_ostree is defined
       block:
         - name: Check if system is ostree
           stat:
-            path: "{{ ostree_booted_file }}"
+            path: /run/ostree-booted
           register: __ostree_booted_stat
 
-        - name: Set package manager to use for ostree
+        - name: Set flag to indicate system is ostree
           set_fact:
-            ansible_facts: "{{ ansible_facts |
-              combine(new_facts, recursive=True) }}"
-          vars:
-            new_facts:
-              pkg_mgr: "{{ ostree_pkg_mgr }}"
-          when: __ostree_booted_stat.stat.exists
+            __firewall_is_ostree: "{{ __ostree_booted_stat.stat.exists }}"
 
     - name: Install conflicting service
       package:
         name: nftables
         state: present
+        use: "{{ (__firewall_is_ostree | d(false)) |
+                ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
 
     - name: Enable conflicting service
       service: