1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

[PR #6713/f6ee2177 backport][stable-7] pacman: support yay as root (#6896)

pacman: support yay as root (#6713)

* pacman: support yay as root

* make pylint happy

* minor adjustments

* rollback some test actions

* removal of user and pkgs in handlers

* add comment to note

* add changelog frag

* fix doc

* Update tests/integration/targets/pacman/tasks/yay-become.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update tests/integration/targets/pacman/tasks/yay-become.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* simplify pkg install in int. tests

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f6ee2177a2)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
This commit is contained in:
patchback[bot] 2023-07-08 18:09:52 +02:00 committed by GitHub
parent e69ea28662
commit 9027c367d4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 116 additions and 12 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- pacman - module recognizes the output of ``yay`` running as ``root`` (https://github.com/ansible-collections/community.general/pull/6713).

View file

@ -133,6 +133,9 @@ notes:
it is much more efficient to pass the list directly to the O(name) option. it is much more efficient to pass the list directly to the O(name) option.
- To use an AUR helper (O(executable) option), a few extra setup steps might be required beforehand. - To use an AUR helper (O(executable) option), a few extra setup steps might be required beforehand.
For example, a dedicated build user with permissions to install packages could be necessary. For example, a dedicated build user with permissions to install packages could be necessary.
- >
In the tests, while using C(yay) as the O(executable) option, the module failed to install AUR packages
with the error: C(error: target not found: <pkg>).
""" """
RETURN = """ RETURN = """
@ -263,6 +266,7 @@ EXAMPLES = """
reason_for: all reason_for: all
""" """
import re
import shlex import shlex
from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import AnsibleModule
from collections import defaultdict, namedtuple from collections import defaultdict, namedtuple
@ -418,7 +422,7 @@ class Pacman(object):
for p in name_ver: for p in name_ver:
# With Pacman v6.0.1 - libalpm v13.0.1, --upgrade outputs "loading packages..." on stdout. strip that. # With Pacman v6.0.1 - libalpm v13.0.1, --upgrade outputs "loading packages..." on stdout. strip that.
# When installing from URLs, pacman can also output a 'nothing to do' message. strip that too. # When installing from URLs, pacman can also output a 'nothing to do' message. strip that too.
if "loading packages" in p or "there is nothing to do" in p: if "loading packages" in p or "there is nothing to do" in p or 'Avoid running' in p:
continue continue
name, version = p.split() name, version = p.split()
if name in self.inventory["installed_pkgs"]: if name in self.inventory["installed_pkgs"]:
@ -706,11 +710,12 @@ class Pacman(object):
installed_pkgs = {} installed_pkgs = {}
dummy, stdout, dummy = self.m.run_command([self.pacman_path, "--query"], check_rc=True) dummy, stdout, dummy = self.m.run_command([self.pacman_path, "--query"], check_rc=True)
# Format of a line: "pacman 6.0.1-2" # Format of a line: "pacman 6.0.1-2"
query_re = re.compile(r'^\s*(?P<pkg>\S+)\s+(?P<ver>\S+)\s*$')
for l in stdout.splitlines(): for l in stdout.splitlines():
l = l.strip() query_match = query_re.match(l)
if not l: if not query_match:
continue continue
pkg, ver = l.split() pkg, ver = query_match.groups()
installed_pkgs[pkg] = ver installed_pkgs[pkg] = ver
installed_groups = defaultdict(set) installed_groups = defaultdict(set)
@ -721,11 +726,12 @@ class Pacman(object):
# base-devel file # base-devel file
# base-devel findutils # base-devel findutils
# ... # ...
query_groups_re = re.compile(r'^\s*(?P<group>\S+)\s+(?P<pkg>\S+)\s*$')
for l in stdout.splitlines(): for l in stdout.splitlines():
l = l.strip() query_groups_match = query_groups_re.match(l)
if not l: if not query_groups_match:
continue continue
group, pkgname = l.split() group, pkgname = query_groups_match.groups()
installed_groups[group].add(pkgname) installed_groups[group].add(pkgname)
available_pkgs = {} available_pkgs = {}
@ -747,11 +753,12 @@ class Pacman(object):
# vim-plugins vim-airline-themes # vim-plugins vim-airline-themes
# vim-plugins vim-ale # vim-plugins vim-ale
# ... # ...
sync_groups_re = re.compile(r'^\s*(?P<group>\S+)\s+(?P<pkg>\S+)\s*$')
for l in stdout.splitlines(): for l in stdout.splitlines():
l = l.strip() sync_groups_match = sync_groups_re.match(l)
if not l: if not sync_groups_match:
continue continue
group, pkg = l.split() group, pkg = sync_groups_match.groups()
available_groups[group].add(pkg) available_groups[group].add(pkg)
upgradable_pkgs = {} upgradable_pkgs = {}
@ -759,9 +766,14 @@ class Pacman(object):
[self.pacman_path, "--query", "--upgrades"], check_rc=False [self.pacman_path, "--query", "--upgrades"], check_rc=False
) )
stdout = stdout.splitlines()
if stdout and "Avoid running" in stdout[0]:
stdout = stdout[1:]
stdout = "\n".join(stdout)
# non-zero exit with nothing in stdout -> nothing to upgrade, all good # non-zero exit with nothing in stdout -> nothing to upgrade, all good
# stderr can have warnings, so not checked here # stderr can have warnings, so not checked here
if rc == 1 and stdout == "": if rc == 1 and not stdout:
pass # nothing to upgrade pass # nothing to upgrade
elif rc == 0: elif rc == 0:
# Format of lines: # Format of lines:
@ -771,7 +783,7 @@ class Pacman(object):
l = l.strip() l = l.strip()
if not l: if not l:
continue continue
if "[ignored]" in l: if "[ignored]" in l or "Avoid running" in l:
continue continue
s = l.split() s = l.split()
if len(s) != 4: if len(s) != 4:

View file

@ -0,0 +1,23 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
- name: Remove user yaybuilder
ansible.builtin.user:
name: yaybuilder
state: absent
- name: Remove yay
ansible.builtin.package:
name: yay
state: absent
- name: Remove packages for yay-become
ansible.builtin.package:
name:
- base-devel
- yay
- git
- nmap
state: absent

View file

@ -17,3 +17,4 @@
- include_tasks: 'update_cache.yml' - include_tasks: 'update_cache.yml'
- include_tasks: 'locally_installed_package.yml' - include_tasks: 'locally_installed_package.yml'
- include_tasks: 'reason.yml' - include_tasks: 'reason.yml'
- include_tasks: 'yay-become.yml'

View file

@ -0,0 +1,66 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
# This is more convoluted that one might expect, because:
# - yay is not available or installation in ArchLinux (as it is in Manjaro - issue 6184 reports using it)
# - to install yay in ArchLinux requires building the package
# - makepkg cannot be run as root, but the user running it must have sudo to install the resulting package
- name: create user
ansible.builtin.user:
name: yaybuilder
state: present
notify: Remove user yaybuilder
- name: grant sudo powers to builder
community.general.sudoers:
name: yaybuilder
user: yaybuilder
commands: ALL
nopassword: true
- name: Install base packages
ansible.builtin.package:
name:
- base-devel
- git
- go
state: present
notify: Remove packages for yay-become
- name: Hack permssions for the remote_tmp_dir
ansible.builtin.file:
path: "{{ remote_tmp_dir }}"
mode: '0777'
- name: Create temp directory for builder
ansible.builtin.file:
path: "{{ remote_tmp_dir }}/builder"
owner: yaybuilder
state: directory
mode: '0755'
- name: clone yay git repo
become: true
become_user: yaybuilder
ansible.builtin.git:
repo: https://aur.archlinux.org/yay.git
dest: "{{ remote_tmp_dir }}/builder/yay"
depth: 1
- name: make package
become: true
become_user: yaybuilder
ansible.builtin.command:
chdir: "{{ remote_tmp_dir }}/builder/yay"
cmd: makepkg -si --noconfirm
notify: Remove yay
- name: Install nmap
community.general.pacman:
name: nmap
state: present
executable: yay
extra_args: --builddir /var/cache/yay