* [stable-2.10] [dnf] Some fixes around filtering (#72483) Change: - Docs: Add note that security/bugfix apply to dependencies too, like the dnf command. - dnf: security/bugfix only makes sense for updates, so limit the package query sack to available updates. - tests: Limit tests to our known-good test packages, so that RHEL packages marked security/bugfix without similarly marked dependencies don't fail our tests. Test Plan: - Tested with `dnf upgrade-minimal --bugfix` and reproduced the same error currently seen in CI, showing that we are consistent with what dnf does. Tickets: - Likely fixes #72316 Signed-off-by: Rick Elrod <rick@elrod.me> (cherry picked from commitd8c637da37
) Co-authored-by: Rick Elrod <rick@elrod.me> * Add changelog (#72502) (cherry picked from commitb33d7e2e29
) Co-authored-by: Rick Elrod <rick@elrod.me>
This commit is contained in:
parent
31ab3d8a64
commit
8c5910efe7
3 changed files with 18 additions and 6 deletions
2
changelogs/fragments/72316-dnf-filtering.yml
Normal file
2
changelogs/fragments/72316-dnf-filtering.yml
Normal file
|
@ -0,0 +1,2 @@
|
|||
bugfixes:
|
||||
- dnf - fix filtering to avoid dependncy conflicts (https://github.com/ansible/ansible/issues/72316)
|
|
@ -117,12 +117,14 @@ options:
|
|||
security:
|
||||
description:
|
||||
- If set to C(yes), and C(state=latest) then only installs updates that have been marked security related.
|
||||
- Note that, similar to ``dnf upgrade-minimal``, this filter applies to dependencies as well.
|
||||
type: bool
|
||||
default: "no"
|
||||
version_added: "2.7"
|
||||
bugfix:
|
||||
description:
|
||||
- If set to C(yes), and C(state=latest) then only installs updates that have been marked bugfix related.
|
||||
- Note that, similar to ``dnf upgrade-minimal``, this filter applies to dependencies as well.
|
||||
default: "no"
|
||||
type: bool
|
||||
version_added: "2.7"
|
||||
|
@ -646,10 +648,10 @@ class DnfModule(YumDnf):
|
|||
filters = []
|
||||
if self.bugfix:
|
||||
key = {'advisory_type__eq': 'bugfix'}
|
||||
filters.append(base.sack.query().filter(**key))
|
||||
filters.append(base.sack.query().upgrades().filter(**key))
|
||||
if self.security:
|
||||
key = {'advisory_type__eq': 'security'}
|
||||
filters.append(base.sack.query().filter(**key))
|
||||
filters.append(base.sack.query().upgrades().filter(**key))
|
||||
if filters:
|
||||
base._update_security_filters = filters
|
||||
|
||||
|
|
|
@ -20,7 +20,9 @@
|
|||
|
||||
- name: Ask for pending updates (check_mode)
|
||||
dnf:
|
||||
name: '*'
|
||||
name:
|
||||
- toaster
|
||||
- oven
|
||||
state: latest
|
||||
update_only: true
|
||||
disable_gpg_check: true
|
||||
|
@ -38,7 +40,9 @@
|
|||
|
||||
- name: Ask for pending updates with security=true (check_mode)
|
||||
dnf:
|
||||
name: '*'
|
||||
name:
|
||||
- toaster
|
||||
- oven
|
||||
state: latest
|
||||
update_only: true
|
||||
disable_gpg_check: true
|
||||
|
@ -57,7 +61,9 @@
|
|||
|
||||
- name: Ask for pending updates with bugfix=true (check_mode)
|
||||
dnf:
|
||||
name: '*'
|
||||
name:
|
||||
- toaster
|
||||
- oven
|
||||
state: latest
|
||||
update_only: true
|
||||
disable_gpg_check: true
|
||||
|
@ -76,7 +82,9 @@
|
|||
|
||||
- name: Ask for pending updates with bugfix=true and security=true (check_mode)
|
||||
dnf:
|
||||
name: '*'
|
||||
name:
|
||||
- toaster
|
||||
- oven
|
||||
state: latest
|
||||
update_only: true
|
||||
disable_gpg_check: true
|
||||
|
|
Loading…
Reference in a new issue