diff --git a/.azure-pipelines/azure-pipelines.yml b/.azure-pipelines/azure-pipelines.yml index 4337ae95523..f0301a66dd5 100644 --- a/.azure-pipelines/azure-pipelines.yml +++ b/.azure-pipelines/azure-pipelines.yml @@ -83,8 +83,10 @@ stages: test: rhel/9.3@3.9 - name: RHEL 9.3 py311 test: rhel/9.3@3.11 - - name: FreeBSD 13.2 - test: freebsd/13.2 + - name: FreeBSD 13.3 + test: freebsd/13.3 + - name: FreeBSD 14.0 + test: freebsd/14.0 groups: - 1 - 2 @@ -95,8 +97,10 @@ stages: test: macos/14.3 - name: RHEL 9.3 test: rhel/9.3 - - name: FreeBSD 13.2 - test: freebsd/13.2 + - name: FreeBSD 13.3 + test: freebsd/13.3 + - name: FreeBSD 14.0 + test: freebsd/14.0 groups: - 3 - 4 diff --git a/changelogs/fragments/ansible_test_fbsd_add.yml b/changelogs/fragments/ansible_test_fbsd_add.yml new file mode 100644 index 00000000000..cd13b9bd695 --- /dev/null +++ b/changelogs/fragments/ansible_test_fbsd_add.yml @@ -0,0 +1,2 @@ +minor_changes: + - ansible-test now has FreeBSD 13.3 and 14.0 support diff --git a/test/integration/targets/get_url/tasks/main.yml b/test/integration/targets/get_url/tasks/main.yml index c26cc08b188..ba1c9332fe6 100644 --- a/test/integration/targets/get_url/tasks/main.yml +++ b/test/integration/targets/get_url/tasks/main.yml @@ -667,6 +667,7 @@ environment: KRB5_CONFIG: '{{ krb5_config }}' KRB5CCNAME: FILE:{{ remote_tmp_dir }}/krb5.cc + OPENSSL_CONF: '{{ krb5_openssl_conf }}' when: krb5_config is defined - name: Test ciphers diff --git a/test/integration/targets/prepare_http_tests/files/openssl_legacy.cnf b/test/integration/targets/prepare_http_tests/files/openssl_legacy.cnf new file mode 100644 index 00000000000..adfa225f64a --- /dev/null +++ b/test/integration/targets/prepare_http_tests/files/openssl_legacy.cnf @@ -0,0 +1,14 @@ +openssl_conf = openssl_init + +[openssl_init] +providers = provider_sect + +[provider_sect] +default = default_sect +legacy = legacy_sect + +[default_sect] +activate = 1 + +[legacy_sect] +activate = 1 diff --git a/test/integration/targets/prepare_http_tests/tasks/kerberos.yml b/test/integration/targets/prepare_http_tests/tasks/kerberos.yml index 6055e71b90e..4b3d4887e77 100644 --- a/test/integration/targets/prepare_http_tests/tasks/kerberos.yml +++ b/test/integration/targets/prepare_http_tests/tasks/kerberos.yml @@ -2,6 +2,17 @@ krb5_config: '{{ remote_tmp_dir }}/krb5.conf' krb5_realm: '{{ httpbin_host.split(".")[1:] | join(".") | upper }}' krb5_provider: '{{ (ansible_facts.os_family == "FreeBSD" or ansible_facts.distribution == "MacOSX") | ternary("Heimdal", "MIT") }}' + # FreeBSD needs to enable the OpenSSL legacy providers for RC4 support. + # While RC4 isn't used Heimdal is currently requiring it as part of a + # runtime test, until that is removed we need this hack. + # https://github.com/heimdal/heimdal/issues/1224 + krb5_openssl_conf: >- + {{ + (ansible_facts.os_family == "FreeBSD" and ansible_facts.distribution_major_version == "14") | ternary( + remote_tmp_dir ~ "/openssl_legacy.cnf", + "" + ) + }} - set_fact: krb5_username: admin@{{ krb5_realm }} @@ -11,6 +22,12 @@ src: krb5.conf.j2 dest: '{{ krb5_config }}' +- name: Create openssl.cnf to enable Legacy providers + copy: + src: openssl_legacy.cnf + dest: '{{ krb5_openssl_conf }}' + when: krb5_openssl_conf | default(False, True) + - name: Include distribution specific variables include_vars: '{{ lookup("first_found", params) }}' vars: @@ -54,6 +71,7 @@ environment: KRB5_CONFIG: '{{ krb5_config }}' KRB5CCNAME: FILE:{{ remote_tmp_dir }}/krb5.cc + OPENSSL_CONF: '{{ krb5_openssl_conf }}' - name: remove test credential cache file: diff --git a/test/integration/targets/unarchive/tasks/test_missing_binaries.yml b/test/integration/targets/unarchive/tasks/test_missing_binaries.yml index 04254ad6289..39bf4df5edc 100644 --- a/test/integration/targets/unarchive/tasks/test_missing_binaries.yml +++ b/test/integration/targets/unarchive/tasks/test_missing_binaries.yml @@ -39,7 +39,7 @@ environment: PATH: "{{ ENV_PATH }}" vars: - ENV_PATH: "{{ lookup('env', 'PATH') | regex_replace(re, '') }}" + ENV_PATH: "{{ ansible_env['PATH']| regex_replace(re, '') }}" re: "[^A-Za-z](\/usr\/bin:?)" - name: Ensure tasks worked as expected diff --git a/test/integration/targets/uri/tasks/main.yml b/test/integration/targets/uri/tasks/main.yml index c4795117b9c..a818107d99c 100644 --- a/test/integration/targets/uri/tasks/main.yml +++ b/test/integration/targets/uri/tasks/main.yml @@ -715,6 +715,7 @@ environment: KRB5_CONFIG: '{{ krb5_config }}' KRB5CCNAME: FILE:{{ remote_tmp_dir }}/krb5.cc + OPENSSL_CONF: '{{ krb5_openssl_conf }}' when: krb5_config is defined - name: Test ciphers diff --git a/test/integration/targets/wait_for/tasks/main.yml b/test/integration/targets/wait_for/tasks/main.yml index 8fadbf38a03..eb186b3ab11 100644 --- a/test/integration/targets/wait_for/tasks/main.yml +++ b/test/integration/targets/wait_for/tasks/main.yml @@ -114,7 +114,7 @@ path: "{{remote_tmp_dir}}/utf16.txt" search_regex: completed -- name: test non mmapable file +- name: test non mmapable file, skip OSs w/o /sys wait_for: path: "/sys/class/net/lo/carrier" search_regex: "1" @@ -165,9 +165,9 @@ - waitfor is not changed - "waitfor.port == {{ http_port }}" -- name: install psutil using pip (non-Linux only) +- name: install psutil using pip (non-Linux) pip: - name: psutil==5.8.0 + name: psutil==5.9.8 when: ansible_system != 'Linux' - name: Copy zombie.py diff --git a/test/lib/ansible_test/_data/completion/remote.txt b/test/lib/ansible_test/_data/completion/remote.txt index 00b660dbc74..b9edba5cc1e 100644 --- a/test/lib/ansible_test/_data/completion/remote.txt +++ b/test/lib/ansible_test/_data/completion/remote.txt @@ -3,6 +3,8 @@ alpine become=doas_sudo provider=aws arch=x86_64 fedora/39 python=3.12 become=sudo provider=aws arch=x86_64 fedora become=sudo provider=aws arch=x86_64 freebsd/13.2 python=3.9,3.11 python_dir=/usr/local/bin become=su_sudo provider=aws arch=x86_64 +freebsd/13.3 python=3.9,3.11 python_dir=/usr/local/bin become=su_sudo provider=aws arch=x86_64 +freebsd/14.0 python=3.9,3.11 python_dir=/usr/local/bin become=su_sudo provider=aws arch=x86_64 freebsd python_dir=/usr/local/bin become=su_sudo provider=aws arch=x86_64 macos/13.2 python=3.11 python_dir=/usr/local/bin become=sudo provider=parallels arch=x86_64 macos/14.3 python=3.11 python_dir=/usr/local/bin become=sudo provider=parallels arch=x86_64 diff --git a/test/lib/ansible_test/_util/target/setup/bootstrap.sh b/test/lib/ansible_test/_util/target/setup/bootstrap.sh index e38b585b191..279ce4036df 100644 --- a/test/lib/ansible_test/_util/target/setup/bootstrap.sh +++ b/test/lib/ansible_test/_util/target/setup/bootstrap.sh @@ -144,19 +144,39 @@ bootstrap_remote_freebsd() jinja2_pkg="py${python_package_version}-jinja2" cryptography_pkg="py${python_package_version}-cryptography" pyyaml_pkg="py${python_package_version}-yaml" + packaging_pkg="py${python_package_version}-packaging" # Declare platform/python version combinations which do not have supporting OS packages available. # For these combinations ansible-test will use pip to install the requirements instead. case "${platform_version}/${python_version}" in + 13.3/3.9) + # defaults above 'just work'TM + ;; + 13.3/3.11) + jinja2_pkg="" # not available + cryptography_pkg="" # not available + pyyaml_pkg="" # not available + ;; + 14.0/3.9) + # defaults above 'just work'TM + ;; + 14.0/3.11) + cryptography_pkg="" # not available + jinja2_pkg="" # not available + pyyaml_pkg="" # not available + ;; *) + # just assume nothing is available jinja2_pkg="" # not available cryptography_pkg="" # not available pyyaml_pkg="" # not available + packaging_pkg="" # not available ;; esac packages=" ${packages} + ${packaging_pkg} libyaml ${pyyaml_pkg} ${jinja2_pkg}