From: Anil Belur Date: Thu, 11 Dec 2025 23:28:30 +0000 (+1000) Subject: Fix: Update support CentOS9 and rm EOL CentOS 7/8 X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=commitdiff_plain;h=0820ada83f086aa91239d69f5a489a61ded0b0f7;p=ansible%2Froles%2Fpython-install.git Fix: Update support CentOS9 and rm EOL CentOS 7/8 - Remove CentOS 7/8 from molecule platforms and workflows - Add CentOS 9 (stream9) support to molecule and workflows - Update tasks to remove CentOS 7/8 specific SSL workarounds - Simplify version conditionals for Ubuntu 22.04+ and CentOS 9+ - Remove CentOS-8.yml vars file - Update CentOS-9.yml and CentOS Stream-9.yml to not include virtualenv package - Install virtualenv via pip on CentOS 9 (broken RPM deps) - Update molecule prepare.yml to only configure EPEL for CentOS 9 Change-Id: I724192d7c84c2364b71811eff3fb535ab3cd2a0e Signed-off-by: Anil Belur --- diff --git a/.github/workflows/gerrit-verify.yaml b/.github/workflows/gerrit-verify.yaml index 2eae8b1..2253324 100644 --- a/.github/workflows/gerrit-verify.yaml +++ b/.github/workflows/gerrit-verify.yaml @@ -111,6 +111,7 @@ jobs: strategy: matrix: distro: + - centos9 - ubuntu2204 - ubuntu2404 fail-fast: false diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 66ec485..84011b4 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -4,14 +4,8 @@ dependency: driver: name: podman platforms: - - name: centos7 - image: centos:7 - - name: centos8 - image: quay.io/centos/centos:stream8 - - name: ubuntu1804 - image: ubuntu:18.04 - - name: ubuntu2004 - image: ubuntu:20.04 + - name: centos9 + image: quay.io/centos/centos:stream9 - name: ubuntu2204 image: ubuntu:22.04 - name: ubuntu2404 diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 00bac50..5840866 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -3,37 +3,11 @@ hosts: all gather_facts: true tasks: - - ansible.builtin.rpm_key: + - name: Install EPEL for CentOS 9 + ansible.builtin.dnf: + name: epel-release state: present - key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8 - when: ansible_os_family == 'RedHat' - become: true - - - name: Re-configure yum repositories for CentOS 7 and 8 to point to vault - become: true - when: - - (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '8') or - (ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7') - block: - - name: Disable default CentOS mirrors (backup original) - ansible.builtin.lineinfile: - path: /etc/yum.repos.d/CentOS-* - regexp: '^mirrorlist' - replace: '#mirrorlist' - backup: yes - - - name: Update CentOS mirrors to vault.centos.org (backup original) - ansible.builtin.lineinfile: - path: /etc/yum.repos.d/CentOS-* - regexp: '^baseurl=http://mirror.centos.org' - replace: 'baseurl=http://vault.centos.org' - backup: yes - - - name: Install Fedora EPEL repo - ansible.builtin.yum: - name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm - state: present - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == '9' become: true - name: Update APT cache diff --git a/tasks/main.yml b/tasks/main.yml index 0ec5bfb..3634eee 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -21,32 +21,12 @@ when: - ansible_distribution == 'CentOS' and ansible_distribution_major_version | int >= 9 -- name: Set Python version on Ubuntu >= 18.04 or CentOS 7 +- name: Set Python version on Ubuntu >= 22.04 or CentOS 9 ansible.builtin.set_fact: pyenv_cmd: "{{ python_versions | join(' ') }}" when: - - (ansible_distribution == 'Ubuntu' and ansible_distribution_version >= '18.04') or - (ansible_distribution == 'CentOS') - -# Ref: https://github.com/pyenv/pyenv/issues/950 -# ERROR: The Python ssl extension was not compiled. Missing the OpenSSL lib? -# The compat-openssl libs are available only for CentOS8, so python 3.10x will -# be available for >= CentOS8 -- name: Install SSL dependencies required pyenv for python 3.10.x - become: true - block: - - name: Update SSL dependencies for CentOS # noqa no-changed-when - ansible.builtin.command: "dnf install compat-openssl10* -y" - when: ansible_distribution == 'CentOS' and ansible_distribution_major_version >= '8' - - - name: Install SSL dependencies required pyenv for python 3.10.x for CentOS 7 # noqa no-changed-when - when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' - ansible.builtin.yum: - name: - - openssl11 - - openssl11-devel - update_cache: yes - state: present + - (ansible_distribution == 'Ubuntu' and ansible_distribution_version >= '22.04') or + (ansible_distribution == 'CentOS' and ansible_distribution_major_version | int >= 9) - name: Install Python 3.x versions via pyenv become: true @@ -71,20 +51,11 @@ changed_when: "'already installed' not in pyenv_install_result.stdout" tags: - molecule-idempotence-notest - - name: 'Install Python on CentOS 7 {{ python310_version }}' - ansible.builtin.shell: | - CPPFLAGS=$(pkg-config --cflags openssl11) LDFLAGS=$(pkg-config --libs openssl11) pyenv install -s {{ python310_version }} - when: - - ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' - register: pyenv_centos7_result - changed_when: "'already installed' not in pyenv_centos7_result.stdout" - tags: - - molecule-idempotence-notest - name: 'Install Python {{ python310_version }}' ansible.builtin.command: pyenv install -s {{ python310_version }} when: - - (ansible_distribution == 'Ubuntu' and ansible_distribution_version >= '18.04') or - (ansible_distribution == 'CentOS' and ansible_distribution_major_version >= '7') + - (ansible_distribution == 'Ubuntu' and ansible_distribution_version >= '22.04') or + (ansible_distribution == 'CentOS' and ansible_distribution_major_version | int >= 9) register: pyenv310_result changed_when: "'already installed' not in pyenv310_result.stdout" tags: @@ -92,8 +63,8 @@ - name: 'Install Python {{ python311_version }}' ansible.builtin.command: pyenv install -s {{ python311_version }} when: - - (ansible_distribution == 'Ubuntu' and ansible_distribution_version >= '18.04') or - (ansible_distribution == 'CentOS' and ansible_distribution_major_version >= '8') + - (ansible_distribution == 'Ubuntu' and ansible_distribution_version >= '22.04') or + (ansible_distribution == 'CentOS' and ansible_distribution_major_version | int >= 9) register: pyenv311_result changed_when: "'already installed' not in pyenv311_result.stdout" tags: diff --git a/vars/CentOS Stream-9.yml b/vars/CentOS Stream-9.yml index 0e61a5b..6687ddb 100644 --- a/vars/CentOS Stream-9.yml +++ b/vars/CentOS Stream-9.yml @@ -1,8 +1,9 @@ --- +# CentOS Stream 9 uses Python 3.9+ as default +# python3-virtualenv from EPEL has broken deps; install via pip instead python_packages_distro: - libffi-devel - python3 - python3-devel - python3-pip - python3-setuptools - - python3-virtualenv diff --git a/vars/CentOS-8.yml b/vars/CentOS-8.yml deleted file mode 100644 index 3e9a103..0000000 --- a/vars/CentOS-8.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -python_packages_distro: - - libffi-devel - - python38 - - python38-devel - - python3-pip - - python3-setuptools - - python3-virtualenv diff --git a/vars/CentOS-9.yml b/vars/CentOS-9.yml index a26d301..996dd99 100644 --- a/vars/CentOS-9.yml +++ b/vars/CentOS-9.yml @@ -1,6 +1,5 @@ --- -# CentOS Stream 9 uses Python 3.9+ as default -# No python36, python38, or openssl11 packages available +# CentOS 9 uses Python 3.9+ as default # python3-virtualenv from EPEL has broken deps; install via pip instead python_packages_distro: - libffi-devel