78d37afccc
The apparmor systemd unit file simply calls an old SysV init script to load AppArmor profiles. The init script exits and systemd has no idea if it's still running or not. This causes Ansible to start the apparmor unit each time the playbook runs, which breaks the idempotency checks. This patch checks the apparmor_status output directly to see what the status of AppArmor actually is. If the module is loaded, then we should not try to start AppArmor with the unit file again. This patch also includes the updates from the openstack-ansible-tests repository that were included in https://review.openstack.org/#/c/488489/ so that the gate can be unblocked. Partial-Bug: 1710675 Change-Id: If253714d0ca4b5a3d324255751e6f6615ca75dde
66 lines
2.5 KiB
Plaintext
66 lines
2.5 KiB
Plaintext
# This file facilitates OpenStack-CI package installation
|
|
# before the execution of any tests.
|
|
#
|
|
# See the following for details:
|
|
# - http://docs.openstack.org/infra/bindep/
|
|
# - https://git.openstack.org/cgit/openstack-infra/bindep
|
|
#
|
|
# Even if the role does not make use of this facility, it
|
|
# is better to have this file empty, otherwise OpenStack-CI
|
|
# will fall back to installing its default packages which
|
|
# will potentially be detrimental to the tests executed.
|
|
#
|
|
# Note:
|
|
# This file is maintained in the openstack-ansible-tests repository.
|
|
# https://git.openstack.org/cgit/openstack/openstack-ansible-tests/tree/bindep.txt
|
|
# If you need to remove or add extra dependencies, you should modify
|
|
# the central file instead and once your change is accepted then update
|
|
# this file as well. The purpose of this file is to ensure that Python and
|
|
# Ansible have all their necessary binary requirements on the test host before
|
|
# tox executes. Any binary requirements needed by services/roles should be
|
|
# installed by those roles in their applicable package install tasks, not through
|
|
# using this file.
|
|
#
|
|
|
|
# Base requirements for Ubuntu
|
|
build-essential [platform:dpkg]
|
|
git-core [platform:dpkg]
|
|
libssl-dev [platform:dpkg]
|
|
libffi-dev [platform:dpkg]
|
|
python2.7 [platform:dpkg]
|
|
python-apt [platform:dpkg]
|
|
python-dev [platform:dpkg]
|
|
python3 [platform:dpkg]
|
|
python3-apt [platform:dpkg]
|
|
python3-dev [platform:dpkg]
|
|
|
|
# Base requirements for RPM distros
|
|
gcc [platform:rpm]
|
|
gcc-c++ [platform:rpm]
|
|
git [platform:rpm]
|
|
libffi-devel [platform:rpm !platform:opensuseproject-42]
|
|
libffi-devel-gcc5 [platform:opensuseproject-42]
|
|
openssl-devel [platform:redhat]
|
|
libopenssl-devel [platform:suse]
|
|
python-devel [platform:rpm]
|
|
python2-dnf [platform:fedora]
|
|
|
|
# For SELinux
|
|
libselinux-python [platform:redhat]
|
|
libsemanage-python [platform:redhat]
|
|
|
|
# For SSL SNI support
|
|
python-pyasn1 [platform:dpkg platform:suse]
|
|
python-openssl [platform:dpkg]
|
|
python-ndg-httpsclient [platform:ubuntu !platform:ubuntu-14]
|
|
python2-pyasn1 [platform:redhat]
|
|
pyOpenSSL [platform:redhat]
|
|
python-pyOpenSSL [platform:opensuseproject-42]
|
|
python2-pyOpenSSL [platform:suse !platform:opensuseproject-42]
|
|
python-ndg_httpsclient [platform:redhat !platform:fedora]
|
|
python2-ndg_httpsclient [platform:fedora]
|
|
python-ndg-httpsclient [platform:suse]
|
|
|
|
# Required for compressing collected log files in CI
|
|
gzip
|