From: Luis Chamberlain <mcgrof@kernel.org>
To: Chuck Lever <cel@kernel.org>, Daniel Gomez <da.gomez@kruces.com>,
kdevops@lists.linux.dev
Cc: Chuck Lever <chuck.lever@oracle.com>
Subject: [PATCH 27/40] bootlinux: Harden update-grub/install.yml
Date: Sun, 27 Jul 2025 17:17:46 -0700 [thread overview]
Message-ID: <20250728001800.3188617-28-mcgrof@kernel.org> (raw)
In-Reply-To: <20250728001800.3188617-1-mcgrof@kernel.org>
From: Chuck Lever <chuck.lever@oracle.com>
After the kernel_release_file variable is set, ensure that
subsequent tasks check whether the release file exists so
they don't crap out.
Address some ansible-lint complaints:
- fqcn[action-core]: Use FQCN for builtin module actions (set_fact).
- fqcn[action-core]: Use FQCN for builtin module actions (stat).
- name[template]: Jinja templates should only be at the end of 'name'
- command-instead-of-shell: Use shell only when shell functionality is required.
- fqcn[action-core]: Use FQCN for builtin module actions (shell).
- no-changed-when: Commands should not change things if nothing needs doing.
- fqcn[action-core]: Use FQCN for builtin module actions (set_fact).
- fqcn[action-core]: Use FQCN for builtin module actions (set_fact).
To address "command-instead-of-shell", replace
shell: cat {{ kernelrelease_file }}"
with the Ansible slurp module to pull the kernel release name
directly into a simple string variable.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
.../bootlinux/tasks/update-grub/install.yml | 59 +++++++++++++------
1 file changed, 41 insertions(+), 18 deletions(-)
diff --git a/playbooks/roles/bootlinux/tasks/update-grub/install.yml b/playbooks/roles/bootlinux/tasks/update-grub/install.yml
index 8402c09b..af90008b 100644
--- a/playbooks/roles/bootlinux/tasks/update-grub/install.yml
+++ b/playbooks/roles/bootlinux/tasks/update-grub/install.yml
@@ -93,39 +93,62 @@
tags: [ 'uninstall-linux', 'manual-update-grub' ]
import_tasks: update-grub/main.yml
-- name: Set file used to extract KERNELRELEASE variable
- set_fact:
+- name: Set the pathname used to extract the kernel release
+ tags:
+ - vars
+ ansible.builtin.set_fact:
kernelrelease_file: "{{ target_linux_dir_path }}/include/config/kernel.release"
- tags: vars
-- name: Check if {{ kernelrelease_file }} exists
- stat:
+- name: Stat {{ kernelrelease_file }}
+ tags:
+ - vars
+ ansible.builtin.stat:
+ get_checksum: false
+ get_mime: false
path: "{{ kernelrelease_file }}"
register: kernel_release_file
- tags: vars
-- name: Get Linux build KERNELRELEASE varible which is set in include/config/kernel.release
- shell: cat {{ kernelrelease_file }}
- register: kernelrelease
- when: kernel_release_file.stat.exists
+- name: Slurp {{ kernelrelease_file }}
+ tags:
+ - vars
+ ansible.builtin.slurp:
+ src: "{{ kernelrelease_file }}"
+ register: slurped_kernel_release
+ when:
+ - kernel_release_file.stat.exists
-- name: Construct command line to determine default kernel ID
- set_fact:
+- name: Get the kernel release of the kernel to be installed
+ tags:
+ - vars
+ ansible.builtin.set_fact:
+ kernelrelease: "{{ slurped_kernel_release.content | b64decode | trim }}"
+ when:
+ - kernel_release_file.stat.exists
+
+- name: Construct the command line to determine the default boot entry
+ tags:
+ - saved
+ ansible.builtin.set_fact:
determine_default_kernel_id: >-
awk -F\' '/menuentry / {print $2}'
/boot/grub/grub.cfg | awk '{print NR-1" ... "$0}' |
- grep {{ kernelrelease.stdout }} | head -1 | awk '{print $1}'
+ grep {{ kernelrelease }} | head -1 | awk '{print $1}'
when:
- ansible_facts['os_family']|lower != 'redhat' or ansible_facts['distribution_major_version'] | int < 8
+ - kernel_release_file.stat.exists
+ - ansible_os_family != "RedHat" or ansible_distribution_major_version | int < 8
-- name: Construct command line to determine default kernel ID for RHEL >= 8
- set_fact:
+- name: Construct the command line to determine default boot entry for RHEL >= 8
+ tags:
+ - saved
+ ansible.builtin.set_fact:
determine_default_kernel_id: >-
for f in $(ls -1 /boot/loader/entries/*.conf); do
cat $f;
- done | grep title | awk '{ gsub("title ", "", $0); print }' | grep '{{ kernelrelease.stdout }}';
+ done | grep title | awk '{ gsub("title ", "", $0); print }' | grep '{{ kernelrelease }}';
when:
- ansible_facts['os_family']|lower == 'redhat' and ansible_facts['distribution_major_version'] | int >= 8
+ - kernel_release_file.stat.exists
+ - ansible_os_family == "RedHat"
+ - ansible_distribution_major_version | int >= 8
# If this fails then grub-set-default won't be run, and the assumption here
# is either you do the work to enhance the heuristic or live happy with the
--
2.47.2
next prev parent reply other threads:[~2025-07-28 0:18 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-28 0:17 [PATCH 00/40] remove vagrant and bootlinux shape up Luis Chamberlain
2025-07-28 0:17 ` [PATCH 01/40] vagrant: remove entire vagrant configuration directory Luis Chamberlain
2025-07-28 0:17 ` [PATCH 02/40] kconfigs: fix Kconfig references after vagrant removal Luis Chamberlain
2025-07-28 0:17 ` [PATCH 03/40] scripts: remove Vagrant-specific scripts and Makefiles Luis Chamberlain
2025-07-28 0:17 ` [PATCH 04/40] playbooks: remove Vagrant-specific playbooks and roles Luis Chamberlain
2025-07-28 0:17 ` [PATCH 05/40] gitignore: remove Vagrant-specific ignore patterns Luis Chamberlain
2025-07-28 0:17 ` [PATCH 06/40] docs: remove Vagrant-specific documentation files Luis Chamberlain
2025-07-28 0:17 ` [PATCH 07/40] Remove all remaining Vagrant references from codebase Luis Chamberlain
2025-07-28 0:17 ` [PATCH 08/40] AuthorDate: Fri Jul 25 14:23:00 2025 -0400 Luis Chamberlain
2025-07-28 0:17 ` [PATCH 09/40] ansible.cfg: Explicitly set the ssh user Luis Chamberlain
2025-07-28 0:24 ` Chuck Lever
2025-07-28 0:27 ` Luis Chamberlain
2025-07-28 0:36 ` Chuck Lever
2025-07-28 0:17 ` [PATCH 10/40] fstests: local NFS list Luis Chamberlain
2025-07-28 0:17 ` [PATCH 11/40] terraform: Clean up the destroy tasks Luis Chamberlain
2025-07-28 0:17 ` [PATCH 12/40] Switch to the cloud.terraform.terraform module Luis Chamberlain
2025-07-28 0:17 ` [PATCH 13/40] terraform: Make use of the new "terraform_output" module Luis Chamberlain
2025-07-28 0:17 ` [PATCH 14/40] terraform: Move "wait_for_connection" out of the terraform playbook Luis Chamberlain
2025-07-28 0:17 ` [PATCH 15/40] terraform: Remove "delegate_to: localhost" Luis Chamberlain
2025-07-28 0:17 ` [PATCH 16/40] terraform: Replace scripts/status_terraform.sh Luis Chamberlain
2025-07-28 0:17 ` [PATCH 17/40] Kconfig: Convert the 9p option to a choice menu Luis Chamberlain
2025-07-28 0:17 ` [PATCH 18/40] bootlinux: fix making 9p default if using libvirt Luis Chamberlain
2025-07-28 0:17 ` [PATCH 19/40] bootlinux: Relocate tasks that select a kernel .config Luis Chamberlain
2025-07-28 0:17 ` [PATCH 20/40] bootlinux: Simplify tasks that select the kernel .config to build Luis Chamberlain
2025-07-28 0:17 ` [PATCH 21/40] bootlinux: Select the kernel .config earlier Luis Chamberlain
2025-07-28 0:17 ` [PATCH 22/40] bootlinux: Move 9p build tasks to a subrole Luis Chamberlain
2025-07-28 0:17 ` [PATCH 23/40] bootlinux: fix missing make command when using 9P builds Luis Chamberlain
2025-07-28 0:17 ` [PATCH 24/40] guestsfs: ensure linux directory exists Luis Chamberlain
2025-07-28 0:17 ` [PATCH 25/40] bootlinux: Move tasks for building on target nodes to a subrole Luis Chamberlain
2025-07-28 0:17 ` [PATCH 26/40] bootlinux: Clean up a grub set-up task Luis Chamberlain
2025-07-28 0:17 ` Luis Chamberlain [this message]
2025-07-28 0:17 ` [PATCH 28/40] bootlinux: fix grub_boot_number_cmd undefined error in update-grub Luis Chamberlain
2025-07-28 0:17 ` [PATCH 29/40] bootlinux: fix kernel_release_file.stat " Luis Chamberlain
2025-07-28 0:17 ` [PATCH 30/40] Add a guest/instance for building the test kernel Luis Chamberlain
2025-07-28 0:17 ` [PATCH 31/40] bootlinux: Add a new builder choice Luis Chamberlain
2025-07-28 0:17 ` [PATCH 32/40] workflows: Add a kconfig setting for installing kernels via package Luis Chamberlain
2025-07-28 0:17 ` [PATCH 33/40] bootlinux: Enclose tasks to find kernel release name in a block: Luis Chamberlain
2025-07-28 0:17 ` [PATCH 34/40] bootlinux: Pick up kernel release info for pre-built packages Luis Chamberlain
2025-07-28 0:17 ` [PATCH 35/40] bootlinux: Install pre-built kernels from packages Luis Chamberlain
2025-07-28 0:17 ` [PATCH 36/40] bootlinux: Add an option to build with clang instead of gcc Luis Chamberlain
2025-07-28 0:17 ` [PATCH 37/40] Makefile: add make style for style checking Luis Chamberlain
2025-07-28 0:17 ` [PATCH 38/40] CLAUDE.md: new workflow guide for hosts and nodes Luis Chamberlain
2025-07-28 0:17 ` [PATCH 39/40] CLAUDE.md: add don't BS rules Luis Chamberlain
2025-07-28 0:17 ` [PATCH 40/40] gen_nodes/gen_hosts: avoid usage of fs_config_path on task names Luis Chamberlain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250728001800.3188617-28-mcgrof@kernel.org \
--to=mcgrof@kernel.org \
--cc=cel@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=da.gomez@kruces.com \
--cc=kdevops@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox