From 1fe55f1c67fa0b283be0967970c88b2b08d87aa3 Mon Sep 17 00:00:00 2001 From: Alex Willmer Date: Wed, 26 Nov 2025 14:08:35 +0000 Subject: [PATCH] CI: Add OS release coverage: CentOS 5 Only the Mitogen unit tests will run against CentOS 5, providing atleast some Python 2.4test coverage. There is no version of Ansible that supports Python 2.4 that is also supported by Mitogen 0.3. The SSH key exchange argument is to persuade newer SSH clients to talk with such an old SSH server. See https://www.openssh.org/legacy.html --- .ci/ci_lib.py | 2 +- docs/changelog.rst | 1 + tests/ansible/ansible.cfg | 1 + .../connection_delegation/delegate_to_template.yml | 2 ++ .../connection_delegation/stack_construction.yml | 7 +++++++ tests/ansible/integration/process/unix_socket_cleanup.yml | 2 +- tests/ansible/integration/ssh/variables.yml | 4 ++-- tests/data/plain_old_module.py | 8 ++++++-- tests/testlib.py | 3 ++- 9 files changed, 23 insertions(+), 7 deletions(-) diff --git a/.ci/ci_lib.py b/.ci/ci_lib.py index 7289f173..82a78b02 100644 --- a/.ci/ci_lib.py +++ b/.ci/ci_lib.py @@ -34,7 +34,7 @@ ANSIBLE_TESTS_HOSTS_DIR = os.path.join(GIT_ROOT, 'tests/ansible/hosts') ANSIBLE_TESTS_TEMPLATES_DIR = os.path.join(GIT_ROOT, 'tests/ansible/templates') DISTRO_SPECS = os.environ.get( 'MITOGEN_TEST_DISTRO_SPECS', - 'alma9-py3 centos6 centos8-py3 debian9 debian11 ubuntu1604 ubuntu2004', + 'alma9-py3 centos5 centos8-py3 debian9 debian11 ubuntu1604 ubuntu2004', ) IMAGE_PREP_DIR = os.path.join(GIT_ROOT, 'tests/image_prep') IMAGE_TEMPLATE = os.environ.get( diff --git a/docs/changelog.rst b/docs/changelog.rst index 2692cc07..db6c1c38 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -24,6 +24,7 @@ In progress (unreleased) * :gh:issue:`1118` CI: Use 2025.02 test images, keeping same OS releases * :gh:issue:`1358` CI: Bump deprecated macOS 13 runner to macOS 15 * :gh:issue:`1118` CI: Add OS release coverage: AlmaLinux 9 +* :gh:issue:`1118` CI: Add OS release coverage: CentOS 5 v0.3.33 (2025-11-22) diff --git a/tests/ansible/ansible.cfg b/tests/ansible/ansible.cfg index 4060d9ea..533c58a9 100644 --- a/tests/ansible/ansible.cfg +++ b/tests/ansible/ansible.cfg @@ -76,6 +76,7 @@ ssh_args = -o ControlPersist=60s -o ForwardAgent=yes -o HostKeyAlgorithms=+ssh-rsa + -o KexAlgorithms=+diffie-hellman-group1-sha1 -o PubkeyAcceptedKeyTypes=+ssh-rsa -o UserKnownHostsFile=/dev/null pipelining = True diff --git a/tests/ansible/integration/connection_delegation/delegate_to_template.yml b/tests/ansible/integration/connection_delegation/delegate_to_template.yml index 8cd50f98..d46103d6 100644 --- a/tests/ansible/integration/connection_delegation/delegate_to_template.yml +++ b/tests/ansible/integration/connection_delegation/delegate_to_template.yml @@ -47,6 +47,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], @@ -75,6 +76,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], diff --git a/tests/ansible/integration/connection_delegation/stack_construction.yml b/tests/ansible/integration/connection_delegation/stack_construction.yml index 58abac7b..b38d835b 100644 --- a/tests/ansible/integration/connection_delegation/stack_construction.yml +++ b/tests/ansible/integration/connection_delegation/stack_construction.yml @@ -84,6 +84,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], @@ -128,6 +129,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], @@ -183,6 +185,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], @@ -227,6 +230,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], @@ -255,6 +259,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], @@ -309,6 +314,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], @@ -354,6 +360,7 @@ -o, ControlPersist=60s, -o, ForwardAgent=yes, -o, HostKeyAlgorithms=+ssh-rsa, + -o, KexAlgorithms=+diffie-hellman-group1-sha1, -o, PubkeyAcceptedKeyTypes=+ssh-rsa, -o, UserKnownHostsFile=/dev/null, ], diff --git a/tests/ansible/integration/process/unix_socket_cleanup.yml b/tests/ansible/integration/process/unix_socket_cleanup.yml index 4466aa2e..4dce1d41 100644 --- a/tests/ansible/integration/process/unix_socket_cleanup.yml +++ b/tests/ansible/integration/process/unix_socket_cleanup.yml @@ -14,7 +14,7 @@ ANSIBLE_CALLBACK_RESULT_FORMAT=json ANSIBLE_LOAD_CALLBACK_PLUGINS=false ANSIBLE_STRATEGY=mitogen_linear - ANSIBLE_SSH_ARGS="-o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa" + ANSIBLE_SSH_ARGS="-o HostKeyAlgorithms=+ssh-rsa -o KexAlgorithms=+diffie-hellman-group1-sha1 -o PubkeyAcceptedKeyTypes=+ssh-rsa" ANSIBLE_VERBOSITY="{{ ansible_verbosity }}" ansible -m shell -c local -a whoami {% for inv in ansible_inventory_sources %} diff --git a/tests/ansible/integration/ssh/variables.yml b/tests/ansible/integration/ssh/variables.yml index 5eb54dde..17d53350 100644 --- a/tests/ansible/integration/ssh/variables.yml +++ b/tests/ansible/integration/ssh/variables.yml @@ -22,7 +22,7 @@ ANSIBLE_CALLBACK_RESULT_FORMAT=json ANSIBLE_LOAD_CALLBACK_PLUGINS=false ANSIBLE_STRATEGY=mitogen_linear - ANSIBLE_SSH_ARGS="-o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa" + ANSIBLE_SSH_ARGS="-o HostKeyAlgorithms=+ssh-rsa -o KexAlgorithms=+diffie-hellman-group1-sha1 -o PubkeyAcceptedKeyTypes=+ssh-rsa" ANSIBLE_VERBOSITY="{{ ansible_verbosity }}" ansible -m shell -a whoami {% for inv in ansible_inventory_sources %} @@ -42,7 +42,7 @@ ANSIBLE_CALLBACK_RESULT_FORMAT=json ANSIBLE_LOAD_CALLBACK_PLUGINS=false ANSIBLE_STRATEGY=mitogen_linear - ANSIBLE_SSH_ARGS="-o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa" + ANSIBLE_SSH_ARGS="-o HostKeyAlgorithms=+ssh-rsa -o KexAlgorithms=+diffie-hellman-group1-sha1 -o PubkeyAcceptedKeyTypes=+ssh-rsa" ANSIBLE_VERBOSITY="{{ ansible_verbosity }}" ansible -m shell -a whoami {% for inv in ansible_inventory_sources %} diff --git a/tests/data/plain_old_module.py b/tests/data/plain_old_module.py index 7239f76a..2c14e0ff 100755 --- a/tests/data/plain_old_module.py +++ b/tests/data/plain_old_module.py @@ -12,8 +12,12 @@ class MyError(Exception): def get_sentinel_value(): # Some proof we're even talking to the mitogen-test Docker image - with open('/etc/sentinel', 'rb') as f: - return f.read().decode() + f = open('/etc/sentinel', 'rb') + try: + value = f.read().decode() + finally: + f.close() + return value def add(x, y): diff --git a/tests/testlib.py b/tests/testlib.py index 6577f30b..da0c17f2 100644 --- a/tests/testlib.py +++ b/tests/testlib.py @@ -53,7 +53,7 @@ LOG = logging.getLogger(__name__) DISTRO_SPECS = os.environ.get( 'MITOGEN_TEST_DISTRO_SPECS', - 'alma9-py3 centos6 centos8-py3 debian9 debian11 ubuntu1604 ubuntu2004', + 'alma9-py3 centos5 centos8-py3 debian9 debian11 ubuntu1604 ubuntu2004', ) IMAGE_TEMPLATE = os.environ.get( 'MITOGEN_TEST_IMAGE_TEMPLATE', @@ -725,6 +725,7 @@ class DockerMixin(RouterMixin): # - tests/testlib.py 'ssh_args': [ '-o', 'HostKeyAlgorithms +ssh-rsa', + '-o', 'KexAlgorithms +diffie-hellman-group1-sha1', '-o', 'PubkeyAcceptedKeyTypes +ssh-rsa', ], 'python_path': self.dockerized_ssh.python_path,