.RHEL System Roles now handle multi-line `ansible_managed` comments in generated files
Previously, some of the RHEL System Roles were using `# {{ ansible_managed }}` to generate some of the files. As a consequence, if a customer had a custom multi-line `ansible_managed` setting, the files would be generated incorrectly. With this fix, all of the system roles use the equivalent of `{{ ansible_managed | comment }}` when generating files so that the `ansible_managed` string is always properly commented, including multi-line `ansible_managed` values. Consequently, generated files have the correct multi-line `ansible_managed` value.
DescriptionSergei Petrosian
2021-09-21 09:24:21 UTC
Description of problem:
An upstream user requested us to replace `# {{ ansible_managed }}` with `{{ ansible_managed | comment }}` in https://github.com/linux-system-roles/timesync/issues/123.
This issue persists in the following roles:
timesync
ansible-sshd
bootloader
cockpit
kdump
kernal_settings
ssh
template
The issue is that when a user has the `ansible_managed` variable set to a multi-line entry, `# {{ ansible_managed }}` in templates expands to the ansible_managed variable with only the first line commented out.
For example, consider ansible_managed set to the following in ansible.cfg:
user@ansiblemaster:~# cat ansible.cfg|grep -A 4 ansible_managed
ansible_managed = WARNING: This file is managed by ANSIBLE.
template: {file}
modified on: %Y-%m-%d %H:%M:%S
by user: {uid}
from ansiblemaster: {host}
In this case, `# {{ ansible_managed }}` expands to the following:
root@andrea2:~# cat /etc/chrony.conf
# WARNING: This file is managed by ANSIBLE.
template: /usr/share/ansible/roles/rhel-system-roles.timesync/templates/chrony.conf.j2
modified on: 2021-09-15 13:35:58
by user: root
from ansiblemaster: ansiblemaster.mydomain.com
Because only the first line is commented out, the config file reads incorrectly and services fail to start.
The request is to replace `# {{ ansible_managed }}` with `{{ ansible_managed | comment }}` so that all lines are commented out.
Version-Release number of selected component (if applicable):
9.0
How reproducible:
When ansible_managed is set to a multi-line entry.
Steps to Reproduce:
1. In ansible.cfg, set the ansible_managed setting to a multi-line entry, e.g.:
ansible_managed = WARNING: This file is managed by ANSIBLE.
template: {file}
modified on: %Y-%m-%d %H:%M:%S
by user: {uid}
from ansiblemaster: {host}
2. Run one of the above roles.
Actual results:
Because only the first line is commented out, the config file reads incorrectly and services fail to start, hence the role fails.
Expected results:
The role runs successfully.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (new packages: rhel-system-roles), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2022:2443
Description of problem: An upstream user requested us to replace `# {{ ansible_managed }}` with `{{ ansible_managed | comment }}` in https://github.com/linux-system-roles/timesync/issues/123. This issue persists in the following roles: timesync ansible-sshd bootloader cockpit kdump kernal_settings ssh template The issue is that when a user has the `ansible_managed` variable set to a multi-line entry, `# {{ ansible_managed }}` in templates expands to the ansible_managed variable with only the first line commented out. For example, consider ansible_managed set to the following in ansible.cfg: user@ansiblemaster:~# cat ansible.cfg|grep -A 4 ansible_managed ansible_managed = WARNING: This file is managed by ANSIBLE. template: {file} modified on: %Y-%m-%d %H:%M:%S by user: {uid} from ansiblemaster: {host} In this case, `# {{ ansible_managed }}` expands to the following: root@andrea2:~# cat /etc/chrony.conf # WARNING: This file is managed by ANSIBLE. template: /usr/share/ansible/roles/rhel-system-roles.timesync/templates/chrony.conf.j2 modified on: 2021-09-15 13:35:58 by user: root from ansiblemaster: ansiblemaster.mydomain.com Because only the first line is commented out, the config file reads incorrectly and services fail to start. The request is to replace `# {{ ansible_managed }}` with `{{ ansible_managed | comment }}` so that all lines are commented out. Version-Release number of selected component (if applicable): 9.0 How reproducible: When ansible_managed is set to a multi-line entry. Steps to Reproduce: 1. In ansible.cfg, set the ansible_managed setting to a multi-line entry, e.g.: ansible_managed = WARNING: This file is managed by ANSIBLE. template: {file} modified on: %Y-%m-%d %H:%M:%S by user: {uid} from ansiblemaster: {host} 2. Run one of the above roles. Actual results: Because only the first line is commented out, the config file reads incorrectly and services fail to start, hence the role fails. Expected results: The role runs successfully.