From 1f522c414e37664f0589a2b1c299947407d36ffb Mon Sep 17 00:00:00 2001 From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com> Date: Fri, 18 Feb 2022 23:19:39 +0100 Subject: [PATCH] [PR #4183/f5ec7373 backport][stable-4] yum_versionlock: Fix entry matching (#4228) * yum_versionlock: Fix entry matching (#4183) As an input the module receives names of packages to lock. Those never matched existing entries and therefore always reported changes. For compatibility yum is symlinked to dnf on newer systems, but versionlock entries defer. Try to parse both formats. Signed-off-by: Florian Achleitner (cherry picked from commit f5ec73735f83acdc85d22fafaba80993c3f9e3e8) * Empty commit to trigger CI. Co-authored-by: fachleitner Co-authored-by: Felix Fontein --- .../fragments/4183-fix-yum_versionlock.yaml | 2 ++ .../modules/packaging/os/yum_versionlock.py | 26 +++++++++++++++---- 2 files changed, 23 insertions(+), 5 deletions(-) create mode 100644 changelogs/fragments/4183-fix-yum_versionlock.yaml diff --git a/changelogs/fragments/4183-fix-yum_versionlock.yaml b/changelogs/fragments/4183-fix-yum_versionlock.yaml new file mode 100644 index 0000000000..07b525cc59 --- /dev/null +++ b/changelogs/fragments/4183-fix-yum_versionlock.yaml @@ -0,0 +1,2 @@ +bugfixes: + - "yum_versionlock - fix matching of existing entries with names passed to the module. Match yum and dnf lock format (https://github.com/ansible-collections/community.general/pull/4183)." diff --git a/plugins/modules/packaging/os/yum_versionlock.py b/plugins/modules/packaging/os/yum_versionlock.py index 62110bf00a..a0d9ed2e76 100644 --- a/plugins/modules/packaging/os/yum_versionlock.py +++ b/plugins/modules/packaging/os/yum_versionlock.py @@ -17,7 +17,7 @@ description: options: name: description: - - Package name or a list of packages. + - Package name or a list of package names with optional wildcards. type: list required: true elements: str @@ -74,10 +74,17 @@ state: sample: present ''' +import re from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.common.text.converters import to_native from fnmatch import fnmatch +# on DNF-based distros, yum is a symlink to dnf, so we try to handle their different entry formats. +NEVRA_RE_YUM = re.compile(r'^(?P!)?(?P\d+):(?P.+)-' + r'(?P.+)-(?P.+)\.(?P.+)$') +NEVRA_RE_DNF = re.compile(r"^(?P!)?(?P.+)-(?P\d+):(?P.+)-" + r"(?P.+)\.(?P.+)$") + class YumVersionLock: def __init__(self, module): @@ -102,6 +109,15 @@ class YumVersionLock: self.module.fail_json(msg="Error: " + to_native(err) + to_native(out)) +def match(entry, name): + m = NEVRA_RE_YUM.match(entry) + if not m: + m = NEVRA_RE_DNF.match(entry) + if not m: + return False + return fnmatch(m.group("name"), name) + + def main(): """ start main program to add/remove a package to yum versionlock""" module = AnsibleModule( @@ -123,20 +139,20 @@ def main(): # Ensure versionlock state of packages packages_list = [] - if state in ('present'): + if state in ('present', ): command = 'add' for single_pkg in packages: - if not any(fnmatch(pkg.split(":", 1)[-1], single_pkg) for pkg in versionlock_packages.split()): + if not any(match(pkg, single_pkg) for pkg in versionlock_packages.split()): packages_list.append(single_pkg) if packages_list: if module.check_mode: changed = True else: changed = yum_v.ensure_state(packages_list, command) - elif state in ('absent'): + elif state in ('absent', ): command = 'delete' for single_pkg in packages: - if any(fnmatch(pkg, single_pkg) for pkg in versionlock_packages.split()): + if any(match(pkg, single_pkg) for pkg in versionlock_packages.split()): packages_list.append(single_pkg) if packages_list: if module.check_mode: