OpenStack-Ansible

file perms test in ansible-security RHEL7 fails due to bad jinja test

Bug #1660060 reported by gregus
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack-Ansible
Fix Released
Undecided
Major Hayden

Bug Description

Line 110 of openstack-ansible-security/tasks/rhel7stig/file_perms.yml should be "greaterthan" instead of "greater_than" to conform with jinja 2.8+ testing template syntax

Revision history for this message
gregus (harrisog) wrote :
Jimmy McCrory (jimmy-mccrory)
affects: openstack-community → openstack-ansible
OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: nobody → Major Hayden (rackerhacker)
status: New → In Progress
Revision history for this message
Major Hayden (rackerhacker) wrote :

So `greater_than` comes from the patch I made to openstack-ansible-plugins to enable this functionality for the security role. I was able to get a PR into jinja to create a `greatherthan` test, and it looks like this test *just* made it into jinja 2.9.5.

I've had a patch proposed that has been waiting for 2.9.5 to be released:

  https://review.openstack.org/421526

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-security (master)

Fix proposed to branch: master
Review: https://review.openstack.org/426855

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-security (master)

Reviewed: https://review.openstack.org/426855
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-security/commit/?id=8d223feb2c249c30fd2c187a2285fae2cffe5e09
Submitter: Jenkins
Branch: master

commit 8d223feb2c249c30fd2c187a2285fae2cffe5e09
Author: Major Hayden <email address hidden>
Date: Mon Jan 30 11:16:07 2017 -0600

    Move test plugins into security role

    The greaterthan/lessthan test plugins were added into
    openstack-ansible-plugins a month ago, but they are needed in the
    security role to ensure that the role can run on a system without
    openstack-ansible-plugins installed.

    The test plugins in this role should be removed once jinja 2.9.5 is
    available for use in OpenStack (likely after Ocata release).

    Closes-bug: 1660060
    Change-Id: Ic86dc9a9e8ae8d03fe52a7c3fc52e580b9936711

Changed in openstack-ansible:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible-security (master)

Change abandoned by Major Hayden (<email address hidden>) on branch: master
Review: https://review.openstack.org/421526
Reason: Abandoned in favor of https://review.openstack.org/#/c/426855/

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/openstack-ansible-security 15.0.0.0rc1

This issue was fixed in the openstack/openstack-ansible-security 15.0.0.0rc1 release candidate.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible-security (master)

Change abandoned by Major Hayden (<email address hidden>) on branch: master
Review: https://review.openstack.org/426519
Reason: This repo is being retired -- see the ansible-hardening role instead.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.