docs(changelog): version 1.17.9 [citest skip]

Update changelog and .README.html for version 1.17.9

Signed-off-by: Rich Megginson <rmeggins@redhat.com>

.codespell_ignores

@@ -1 +1,2 @@
 iif
+passt

.github/CODEOWNERS

@@ -1,3 +1,2 @@
 # https://help.github.com/en/articles/about-code-owners
 # Default reviewers for everything
-* @liangwen12year

.github/Dockerfile.c7-network-role

@@ -1,12 +0,0 @@
-FROM quay.io/centos/centos:centos7
-
-RUN yum -y install https://dl.fedoraproject.org/pub/archive/epel/7/x86_64/Packages/e/epel-release-7-14.noarch.rpm && \
-    sed -i '/^mirror/d;s/#\?\(baseurl=http:\/\/\)mirror/\1vault/' /etc/yum.repos.d/*.repo && \
-    yum -y upgrade && \
-    yum -y install NetworkManager NetworkManager-wifi \
-    procps-ng iproute ansible openssh-server openssh-clients \
-    dnsmasq hostapd wpa_supplicant openssl ethtool iputils && yum clean all
-
-VOLUME [ "/sys/fs/cgroup" ]
-
-CMD ["/usr/sbin/init"]

.github/Dockerfile.c8s-network-role

@@ -1,13 +0,0 @@
-FROM quay.io/centos/centos:stream8
-
-RUN sed -i '/^mirror/d;s/#\(baseurl=http:\/\/\)mirror/\1vault/' /etc/yum.repos.d/*.repo && \
-    dnf -y install dnf-plugins-core epel-release && \
-    dnf config-manager --set-enabled powertools && \
-    dnf -y upgrade && \
-    dnf -y install NetworkManager NetworkManager-wifi \
-    procps-ng iproute ansible openssh-server openssh-clients systemd-udev \
-    dnsmasq hostapd wpa_supplicant openssl ethtool iputils python3-gobject-base
-
-VOLUME [ "/sys/fs/cgroup" ]
-
-CMD ["/usr/sbin/init"]

.github/Dockerfile.c9s-network-role

@@ -1,14 +0,0 @@
-FROM quay.io/centos/centos:stream9-development
-
-RUN dnf -y install dnf-plugins-core && \
-    dnf config-manager --set-enabled crb && \
-    dnf -y upgrade && \
-    dnf -y install NetworkManager NetworkManager-wifi \
-        procps-ng iproute openssh-server openssh-clients systemd-udev \
-        dnsmasq wpa_supplicant openssl ethtool iputils python3-gobject-base \
-        python3-pip python3-jmespath && \
-    pip3 install ansible==2.9.*
-
-VOLUME [ "/sys/fs/cgroup" ]
-
-CMD ["/usr/sbin/init"]

.github/run_test.sh

@@ -1,193 +0,0 @@
-#!/usr/bin/env bash
-
-set -euxo pipefail
-
-TEST_SOURCE_DIR="/network-role"
-C8S_CONTAINER_IMAGE="quay.io/linux-system-roles/c8s-network-role"
-C7_CONTAINER_IMAGE="quay.io/linux-system-roles/c7-network-role"
-C9S_CONTAINER_IMAGE="quay.io/linux-system-roles/c9s-network-role"
-PODMAN_OPTS="--systemd=true --privileged"
-
-# exclude bond tests since missing the bonding kernel module
-# exclude tests/tests_wireless_nm.yml since failing to load mac80211_hwsim kernel
-# module to mock a wifi network
-# exclude tests/tests_infiniband_nm.yml since missing the infiniband device
-EXCLUDE_TESTS_C7='
--e tests/tests_auto_gateway_initscripts.yml
--e tests/tests_bond_deprecated_initscripts.yml
--e tests/tests_bond_initscripts.yml
--e tests/tests_bond_cloned_mac_initscripts.yml
--e tests/tests_bond_removal_initscripts.yml
--e tests/tests_infiniband_nm.yml
--e tests/tests_team_nm.yml
--e tests/tests_team_plugin_installation_nm.yml
--e tests/tests_unit.yml
--e tests/tests_wireless_nm.yml
-'
-
-# exclude bond tests since missing the bonding kernel module
-# exclude tests/tests_wireless_wpa3_owe_nm.yml and tests/tests_wireless_wpa3_sae_nm.yml
-# since failing to install mac80211_hwsim kernel module
-# exclude tests/tests_infiniband_nm.yml since missing the infiniband device
-EXCLUDE_TESTS_C8S='
--e tests/tests_auto_gateway_initscripts.yml
--e tests/tests_bond_deprecated_initscripts.yml
--e tests/tests_bond_initscripts.yml
--e tests/tests_bond_cloned_mac_initscripts.yml
--e tests/tests_bond_removal_initscripts.yml
--e tests/tests_infiniband_nm.yml
--e tests/tests_integration_pytest.yml
--e tests/tests_team_nm.yml
--e tests/tests_team_plugin_installation_nm.yml
--e tests/tests_unit.yml
--e tests/tests_wireless_wpa3_owe_nm.yml
--e tests/tests_wireless_wpa3_sae_nm.yml
-'
-
-# exclude tests_provider_nm.yml and tests_regression_nm.yml since no package
-# network-scripts available
-# exclude tests/tests_wireless_wpa3_owe_nm.yml and tests/tests_wireless_wpa3_sae_nm.yml
-# since failing to install mac80211_hwsim kernel module
-# exclude tests/tests_infiniband_nm.yml since missing the infiniband device
-EXCLUDE_TESTS_C9S='
--e tests/tests_infiniband_nm.yml
--e tests/tests_provider_nm.yml
--e tests/tests_regression_nm.yml
--e tests/tests_team_nm.yml
--e tests/tests_team_plugin_installation_nm.yml
--e tests/tests_unit.yml
--e tests/tests_wireless_wpa3_owe_nm.yml
--e tests/tests_wireless_wpa3_sae_nm.yml
-'
-
-EXEC_PATH=$(dirname "$(realpath "$0")")
-PROJECT_PATH=$(dirname "$(realpath "$EXEC_PATH../")")
-
-# Default
-OS_TYPE=c8s
-
-while [[ $# -gt 0 ]]; do
-    key="$1"
-
-    case $key in
-        --os)
-            OS_TYPE=$2
-            shift # past argument
-            shift # past value
-            ;;
-        *)    # unknown option
-            echo "Unknown option, please try $1 --os c8s"
-            exit 1
-            ;;
-    esac
-done
-
-case $OS_TYPE in
-"c8s")
-    CONTAINER_IMAGE=$C8S_CONTAINER_IMAGE
-    # shellcheck disable=SC2086
-    read -r -d '' TEST_FILES <<EOF || :
-    $(find tests/tests_*.yml | grep -E -v ${EXCLUDE_TESTS_C8S})
-EOF
-    ;;
-"c7")
-    CONTAINER_IMAGE=$C7_CONTAINER_IMAGE
-    # shellcheck disable=SC2086
-    read -r -d '' TEST_FILES <<EOF || :
-    $(find tests/tests_*.yml | grep -E -v ${EXCLUDE_TESTS_C7})
-EOF
-    ;;
-"c9s")
-    CONTAINER_IMAGE=$C9S_CONTAINER_IMAGE
-    # shellcheck disable=SC2086
-    read -r -d '' TEST_FILES <<EOF || :
-    $(find tests/tests_*.yml | grep -E -v ${EXCLUDE_TESTS_C9S})
-EOF
-    ;;
-*)
-    echo "Unsupported OS type $OS_TYPE"
-    exit 1
-    ;;
-esac
-
-echo "::group::Start test container"
-
-# shellcheck disable=SC2086
-CONTAINER_ID=$(podman run -d $PODMAN_OPTS \
-    -v "$PROJECT_PATH":$TEST_SOURCE_DIR $CONTAINER_IMAGE)
-
-if [ -z "$CONTAINER_ID" ];then
-    echo "Failed to start container"
-    exit 1
-fi
-
-echo ::endgroup::
-
-function clean_up {
-    podman rm -f "$CONTAINER_ID" || true
-}
-
-if [ -z "${DEBUG:-}" ];then
-    trap clean_up ERR EXIT
-fi
-
-echo "::group::Set up container for testing"
-
-# Ensure we are testing the latest packages and ignore upgrade failure
-sudo podman exec -i "$CONTAINER_ID" /bin/bash -c  'dnf upgrade -y' || true
-
-podman exec -i "$CONTAINER_ID" \
-    /bin/bash -c  \
-        'while ! systemctl is-active dbus; do sleep 1; done'
-
-podman exec -i "$CONTAINER_ID" \
-    /bin/bash -c  'sysctl -w net.ipv6.conf.all.disable_ipv6=0'
-
-sudo podman exec -i "$CONTAINER_ID" \
-        /bin/bash -c  \
-                'systemctl start systemd-udevd;
-        while ! systemctl is-active systemd-udevd; do sleep 1; done'
-
-
-podman exec -i "$CONTAINER_ID" \
-    /bin/bash -c  \
-        'systemctl restart NetworkManager;
-         while ! systemctl is-active NetworkManager; do sleep 1; done'
-
-podman exec -i "$CONTAINER_ID" \
-    /bin/bash -c  \
-        'systemctl restart sshd;
-         while ! systemctl is-active sshd; do sleep 1; done'
-
-podman exec -i "$CONTAINER_ID" \
-    /bin/bash -c  \
-        'cat /dev/zero | ssh-keygen -q -N "";
-         cp -v /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys'
-
-for req in meta/collection-requirements.yml tests/collection-requirements.yml; do
-    podman exec -i "$CONTAINER_ID" \
-        /bin/bash -c  \
-            "if [ -f $TEST_SOURCE_DIR/$req ]; then \
-                 ansible-galaxy collection install -vv -r $TEST_SOURCE_DIR/$req; \
-             fi"
-done
-
-echo ::endgroup::
-
-for test_file in $TEST_FILES; do
-    echo "::group::Test $test_file"
-    podman exec -i "$CONTAINER_ID" \
-        /bin/bash -c  \
-            "cd $TEST_SOURCE_DIR;
-             env ANSIBLE_HOST_KEY_CHECKING=False \
-                 ansible-playbook -i localhost, \
-                 $test_file"
-    echo ::endgroup::
-done
-
-if [ -n "${DEBUG:-}" ];then
-    echo "::group::Cleanup"
-    podman exec -it "$CONTAINER_ID" bash
-    clean_up
-    echo ::endgroup::
-fi

.github/workflows/ansible-lint.yml

@@ -27,12 +27,12 @@ jobs:
           sudo apt install -y git
 
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install tox, tox-lsr
         run: |
           set -euxo pipefail
-          pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.6.0"
+          pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.14.0"
 
       - name: Convert role to collection format
         id: collection

.github/workflows/ansible-managed-var-comment.yml

@@ -25,12 +25,12 @@ jobs:
           sudo apt install -y git
 
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install tox, tox-lsr
         run: |
           set -euxo pipefail
-          pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.6.0"
+          pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.14.0"
 
       - name: Run ansible-plugin-scan
         run: |

.github/workflows/ansible-test.yml

@@ -28,12 +28,12 @@ jobs:
           sudo apt install -y git
 
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install tox, tox-lsr
         run: |
           set -euxo pipefail
-          pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.6.0"
+          pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.14.0"
 
       - name: Convert role to collection format
         run: |

.github/workflows/build_docs.yml

@@ -25,7 +25,7 @@ jobs:
           sudo apt install -y git
 
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - name: Ensure the docs branch
@@ -48,12 +48,12 @@ jobs:
           fi
 
       - name: Checkout the docs branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           ref: docs
 
       - name: Fetch README.md and .pandoc_template.html5 template from the workflow branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           sparse-checkout: |
             README.md
@@ -90,6 +90,12 @@ jobs:
         if: env.RELEASE_VERSION == 'latest'
         run: cp ${{ env.RELEASE_VERSION }}/README.html docs/index.html
 
+      - name: Upload README.html as an artifact
+        uses: actions/upload-artifact@v6
+        with:
+          name: README.html
+          path: ${{ env.RELEASE_VERSION }}/README.html
+
       - name: Commit changes
         run: |
           git config --global user.name "${{ github.actor }}"

.github/workflows/changelog_to_tag.yml

@@ -22,7 +22,7 @@ jobs:
           sudo apt install -y git
 
       - name: checkout PR
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Get tag and message from the latest CHANGELOG.md commit
         id: tag

.github/workflows/codeql.yml

@@ -31,18 +31,18 @@ jobs:
           sudo apt update
           sudo apt install -y git
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
           queries: +security-and-quality
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
+        uses: github/codeql-action/autobuild@v4
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           category: "/language:${{ matrix.language }}"

.github/workflows/codespell.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Codespell
         uses: codespell-project/actions-codespell@v2

.github/workflows/integration.yml

@@ -1,30 +0,0 @@
-name: integration
-
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-  merge_group:
-    branches:
-      - main
-    types:
-      - checks_requested
-  push:
-    branches:
-      - main
-
-jobs:
-  integration:
-    runs-on: ubuntu-20.04
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - os: "c7"
-          - os: "c8s"
-          - os: "c9s"
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Run tests
-        run: sudo .github/run_test.sh --os ${{ matrix.os }}

.github/workflows/markdownlint.yml

@@ -25,7 +25,7 @@ jobs:
           sudo apt install -y git
 
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       # CHANGELOG.md is generated automatically from PR titles and descriptions
       # It might have issues but they are not critical

.github/workflows/pr-title-lint.yml

@@ -18,7 +18,7 @@ jobs:
   commit-checks:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
 

.github/workflows/python-unit-test.yml

@@ -29,6 +29,8 @@ jobs:
             os: ubuntu-latest
           - ver: "3.12"
             os: ubuntu-latest
+          - ver: "3.13"
+            os: ubuntu-latest
     runs-on: ${{ matrix.pyver_os.os }}
     steps:
       - name: Update git
@@ -38,7 +40,7 @@ jobs:
           sudo apt install -y git
 
       - name: checkout PR
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Set up Python 2.7
         if: ${{ matrix.pyver_os.ver == '2.7' }}
@@ -48,7 +50,7 @@ jobs:
 
       - name: Set up Python 3
         if: ${{ matrix.pyver_os.ver != '2.7' }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.pyver_os.ver }}
 
@@ -65,7 +67,7 @@ jobs:
             tox=tox
             virtualenv=virtualenv
           fi
-          pip install "$tox" "$virtualenv" "git+https://github.com/linux-system-roles/tox-lsr@3.6.0"
+          pip install "$tox" "$virtualenv" "git+https://github.com/linux-system-roles/tox-lsr@3.14.0"
           # If you have additional OS dependency packages e.g. libcairo2-dev
           # then put them in .github/config/ubuntu-requirements.txt, one
           # package per line.
@@ -81,7 +83,7 @@ jobs:
           # NOTE: The use of flake8, pylint, black with specific
           # python envs is arbitrary and must be changed in tox-lsr
           case "$toxpyver" in
-          310) toxenvs="${toxenvs},coveralls,flake8,pylint,black" ;;
+          311) toxenvs="${toxenvs},coveralls,flake8,pylint,black" ;;
           *) toxenvs="${toxenvs},coveralls" ;;
           esac
           TOXENV="$toxenvs" lsr_ci_runtox
@@ -93,7 +95,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout PR
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Run py26 tests
         uses: linux-system-roles/lsr-gh-action-py26@1.0.2

.github/workflows/qemu-kvm-integration-tests.yml

@@ -1,5 +1,5 @@
 ---
-name: QEMU/KVM Integration tests
+name: Test
 on:  # yamllint disable-line rule:truthy
   pull_request:
   merge_group:
@@ -17,27 +17,45 @@ permissions:
   # This is required for the ability to create/update the Pull request status
   statuses: write
 jobs:
-  qemu_kvm:
+  scenario:
     runs-on: ubuntu-latest
 
     strategy:
       fail-fast: false
       matrix:
         scenario:
+          # QEMU
           - { image: "centos-9", env: "qemu-ansible-core-2.16" }
           - { image: "centos-10", env: "qemu-ansible-core-2.17" }
-          # ansible/libdnf5 bug: https://issues.redhat.com/browse/RHELMISC-10110
-          # - { image: "fedora-41", env: "qemu-ansible-core-2.17" }
-          - { image: "fedora-42", env: "qemu-ansible-core-2.17" }
+          - { image: "fedora-42", env: "qemu-ansible-core-2.19" }
+          - { image: "fedora-43", env: "qemu-ansible-core-2.19" }
+          - { image: "leap-15.6", env: "qemu-ansible-core-2.18" }
+
+          # container
+          - { image: "centos-9", env: "container-ansible-core-2.16" }
+          - { image: "centos-9-bootc", env: "container-ansible-core-2.16" }
+          # broken on non-running dbus
+          # - { image: "centos-10", env: "container-ansible-core-2.17" }
+          - { image: "centos-10-bootc", env: "container-ansible-core-2.17" }
+          - { image: "fedora-42", env: "container-ansible-core-2.17" }
+          - { image: "fedora-43", env: "container-ansible-core-2.19" }
+          - { image: "fedora-42-bootc", env: "container-ansible-core-2.17" }
+          - { image: "fedora-43-bootc", env: "container-ansible-core-2.19" }
+
+    env:
+      TOX_ARGS: "--skip-tags tests::infiniband,tests::nvme,tests::scsi"
+      ANSIBLE_INJECT_FACT_VARS: "false"
+
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Check if platform is supported
         id: check_platform
         run: |
           set -euxo pipefail
           image="${{ matrix.scenario.image }}"
+          image="${image%-bootc}"
 
           # convert image to tag formats
           platform=
@@ -45,12 +63,27 @@ jobs:
           case "$image" in
           centos-*) platform=el; platform_version=el"${image#centos-}" ;;
           fedora-*) platform=fedora; platform_version="${image/-/}" ;;
+          leap-*) platform=leap; platform_version="${image}" ;;
           esac
           supported=
           if yq -e '.galaxy_info.galaxy_tags[] | select(. == "'${platform_version}'" or . == "'${platform}'")' meta/main.yml; then
             supported=true
           fi
 
+          # bootc build support (in buildah) has a separate flag
+          if [ "${{ matrix.scenario.image }}" != "$image" ]; then
+          if ! yq -e '.galaxy_info.galaxy_tags[] | select(. == "containerbuild")' meta/main.yml; then
+              supported=
+            fi
+          else
+            # roles need to opt into support for running in a system container
+            env="${{ matrix.scenario.env }}"
+            if [ "${env#container}" != "$env" ] &&
+              ! yq -e '.galaxy_info.galaxy_tags[] | select(. == "container")' meta/main.yml; then
+              supported=
+            fi
+          fi
+
           echo "supported=$supported" >> "$GITHUB_OUTPUT"
 
       - name: Set up /dev/kvm
@@ -74,7 +107,29 @@ jobs:
           python3 -m pip install --upgrade pip
           sudo apt update
           sudo apt install -y --no-install-recommends git ansible-core genisoimage qemu-system-x86
-          pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.6.0"
+          pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.14.0"
+
+      # HACK: Drop this when moving this workflow to 26.04 LTS
+      - name: Update podman to 5.x for compatibility with bootc-image-builder's podman 5
+        if: steps.check_platform.outputs.supported && endsWith(matrix.scenario.image, '-bootc')
+        run: |
+          sed 's/noble/plucky/g' /etc/apt/sources.list.d/ubuntu.sources | sudo tee /etc/apt/sources.list.d/plucky.sources >/dev/null
+          cat <<EOF | sudo tee /etc/apt/preferences.d/podman.pref >/dev/null
+          Package: podman buildah golang-github-containers-common crun libgpgme11t64 libgpg-error0 golang-github-containers-image catatonit conmon containers-storage
+          Pin: release n=plucky
+          Pin-Priority: 991
+
+          Package: libsubid4 netavark passt aardvark-dns containernetworking-plugins libslirp0 slirp4netns
+          Pin: release n=plucky
+          Pin-Priority: 991
+
+          Package: *
+          Pin: release n=plucky
+          Pin-Priority: 400
+          EOF
+
+          sudo apt update
+          sudo apt install -y podman crun conmon containers-storage
 
       - name: Configure tox-lsr
         if: steps.check_platform.outputs.supported
@@ -82,36 +137,82 @@ jobs:
           curl -o ~/.config/linux-system-roles.json
           https://raw.githubusercontent.com/linux-system-roles/linux-system-roles.github.io/master/download/linux-system-roles.json
 
-      - name: Run qemu/kvm tox integration tests
-        if: steps.check_platform.outputs.supported
+      - name: Run qemu integration tests
+        if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'qemu')
         run: >-
           tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} --make-batch
-          --log-level=debug --skip-tags tests::infiniband,tests::nvme,tests::scsi --
+          --log-level debug $TOX_ARGS --skip-tags tests::bootc-e2e
+          --lsr-report-errors-url DEFAULT --
 
-      - name: Test result summary
-        if: steps.check_platform.outputs.supported && always()
+      - name: Qemu result summary
+        if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'qemu') && always()
         run: |
           set -euo pipefail
           # some platforms may have setup/cleanup playbooks - need to find the
           # actual test playbook that starts with tests_
           while read code start end test_files; do
               for f in $test_files; do
-                  f="$(basename $f)"
+                  test_file="$f"
+                  f="$(basename $test_file)"
                   if [[ "$f" =~ ^tests_ ]]; then
                       break
                   fi
               done
               if [ "$code" = "0" ]; then
                   echo -n "PASS: "
+                  mv "$test_file.log" "${test_file}-SUCCESS.log"
               else
                   echo -n "FAIL: "
+                  mv "$test_file.log" "${test_file}-FAIL.log"
               fi
               echo "$f"
           done < batch.report
 
+      - name: Run container tox integration tests
+        if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'container')
+        run: |
+          set -euo pipefail
+          # HACK: debug.py/profile.py setup is broken
+          export LSR_CONTAINER_PROFILE=false
+          export LSR_CONTAINER_PRETTY=false
+          rc=0
+          for t in tests/tests_*.yml; do
+              if tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} $t > ${t}.log 2>&1; then
+                  echo "PASS: $(basename $t)"
+                  mv "${t}.log" "${t}-SUCCESS.log"
+              else
+                  echo "FAIL: $(basename $t)"
+                  mv "${t}.log" "${t}-FAIL.log"
+                  rc=1
+              fi
+          done
+          exit $rc
+
+      - name: Run bootc validation tests in QEMU
+        if: steps.check_platform.outputs.supported &&
+            startsWith(matrix.scenario.env, 'container') &&
+            endsWith(matrix.scenario.image, '-bootc')
+        run: |
+          set -euxo pipefail
+          env=$(echo "${{ matrix.scenario.env }}" | sed 's/^container-/qemu-/')
+
+          for image_file in $(ls tests/tmp/*/qcow2/disk.qcow2 2>/dev/null); do
+              test="tests/$(basename $(dirname $(dirname $image_file))).yml"
+              if tox -e "$env" -- --image-file "$(pwd)/$image_file" \
+                     --log-level debug $TOX_ARGS \
+                     --lsr-report-errors-url DEFAULT \
+                     -e '{"__bootc_validation": true}' \
+                     -- "$test" >out 2>&1; then
+                  mv out "${test}-PASS.log"
+              else
+                  mv out "${test}-FAIL.log"
+                  exit 1
+              fi
+          done
+
       - name: Upload test logs on failure
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
         with:
           name: "logs-${{ matrix.scenario.image }}-${{ matrix.scenario.env }}"
           path: |
@@ -126,19 +227,20 @@ jobs:
         if: steps.check_platform.outputs.supported && failure()
         run: |
           set -euo pipefail
-          for f in tests/*.log; do
-              if FAIL=$(grep -B100 -A30 "fatal:" "$f"); then
-                  echo "::group::$(basename $f)"
-                  echo "$FAIL"
-                  echo "::endgroup::"
-              fi
+          # grab check_logs.py script
+          curl -s -L -o check_logs.py https://raw.githubusercontent.com/linux-system-roles/auto-maintenance/refs/heads/main/check_logs.py
+          chmod +x check_logs.py
+          declare -a cmdline=(./check_logs.py --github-action-format)
+          for log in tests/*-FAIL.log; do
+              cmdline+=(--lsr-error-log "$log")
           done
+          "${cmdline[@]}"
 
       - name: Set commit status as success with a description that platform is skipped
         if: ${{ steps.check_platform.outputs.supported == '' }}
         uses: myrotvorets/set-commit-status-action@master
         with:
           status: success
-          context: "${{ github.workflow }} / qemu_kvm (${{ matrix.scenario.image }}, ${{ matrix.scenario.env }}) (pull_request)"
+          context: "${{ github.workflow }} / scenario (${{ matrix.scenario.image }}, ${{ matrix.scenario.env }}) (pull_request)"
           description: The role does not support this platform. Skipping.
           targetUrl: ""

.github/workflows/shellcheck.yml

@@ -27,7 +27,7 @@ jobs:
           sudo apt install -y git
 
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Run ShellCheck
         id: shellcheck_id

.github/workflows/test_converting_readme.yml

@@ -26,7 +26,7 @@ jobs:
           sudo apt install -y git
 
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Remove badges from README.md prior to converting to HTML
         run: sed -i '1,8 {/^\[\!.*actions\/workflows/d}' README.md
@@ -40,7 +40,7 @@ jobs:
             --output README.html README.md
 
       - name: Upload README.html as an artifact
-        uses: actions/upload-artifact@master
+        uses: actions/upload-artifact@v6
         with:
           name: README.html
           path: README.html

.github/workflows/tft.yml

@@ -36,7 +36,7 @@ jobs:
           GITHUB_CONTEXT: ${{ toJson(github) }}
 
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Get head sha of the PR
         id: head_sha
@@ -49,7 +49,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Checkout PR
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           ref: ${{ steps.head_sha.outputs.head_sha }}
 
@@ -72,8 +72,8 @@ jobs:
           meta_main=meta/main.yml
           # All Fedora are supported, add latest Fedora versions to supported_platforms
           if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi fedora$; then
-            supported_platforms+=" Fedora-40"
             supported_platforms+=" Fedora-41"
+            supported_platforms+=" Fedora-42"
           fi
           # Specific Fedora versions supported
           if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qiP 'fedora\d+$'; then
@@ -98,10 +98,10 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - platform: Fedora-40
-            ansible_version: 2.17
           - platform: Fedora-41
             ansible_version: 2.17
+          - platform: Fedora-42
+            ansible_version: 2.19
           - platform: CentOS-7-latest
             ansible_version: 2.9
           - platform: CentOS-Stream-8
@@ -154,7 +154,7 @@ jobs:
           targetUrl: ""
 
       - name: Run test in testing farm
-        uses: sclorg/testing-farm-as-github-action@v3
+        uses: sclorg/testing-farm-as-github-action@v4
         if: contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)
         with:
           git_ref: main
@@ -168,6 +168,7 @@ jobs:
             SR_ARTIFACTS_DIR=${{ steps.set_vars.outputs.ARTIFACTS_DIR }};\
             SR_TEST_LOCAL_CHANGES=false;\
             SR_LSR_USER=${{ vars.SR_LSR_USER }};\
+            SR_ANSIBLE_INJECT_FACT_VARS=false;\
             SR_ARTIFACTS_URL=${{ steps.set_vars.outputs.ARTIFACTS_URL }}"
           # Note that LINUXSYSTEMROLES_SSH_KEY must be single-line, TF doesn't read multi-line variables fine.
           secrets: "SR_LSR_DOMAIN=${{ secrets.SR_LSR_DOMAIN }};\

.github/workflows/tft_citest_bad.yml

@@ -33,8 +33,9 @@ jobs:
             echo "The workflow $PENDING_RUN is still running, wait for it to finish to re-run"
             exit 1
           fi
+          # TF tests can fail or can be cancelled due to TF internal issues
           RUN_ID=$(gh api "repos/$REPO/actions/workflows/tft.yml/runs?event=issue_comment" \
-            | jq -r "[.workflow_runs[] | select( .display_title == \"$PR_TITLE\" ) | select( .conclusion == \"failure\" ) | .id][0]")
+            | jq -r "[.workflow_runs[] | select( .display_title == \"$PR_TITLE\" ) | select( .conclusion == \"failure\" or .conclusion == \"cancelled\" ) | .id][0]")
           if [ "$RUN_ID" = "null" ]; then
             echo "Failed workflow not found, exiting"
             exit 1

.github/workflows/weekly_ci.yml

@@ -30,7 +30,7 @@ jobs:
           sudo apt install -y git
 
       - name: Checkout latest code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - name: Create or rebase commit, add dump_packages callback
@@ -50,7 +50,7 @@ jobs:
           git push -f --set-upstream origin ${{ env.BRANCH_NAME }}
 
       - name: Create and comment pull request
-        uses: actions/github-script@v7
+        uses: actions/github-script@v8
         with:
           github-token: ${{ secrets.GH_PUSH_TOKEN }}
           script: |

.github/workflows/woke.yml

@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Run lsr-woke-action
         # Originally, uses: get-woke/woke-action@v0

.sanity-ansible-ignore-2.18.txt

@@ -0,0 +1,3 @@
+plugins/modules/network_connections.py validate-modules:missing-gplv3-license
+plugins/modules/network_state.py validate-modules:missing-gplv3-license
+tests/network/ensure_provider_tests.py shebang!skip

.sanity-ansible-ignore-2.19.txt

@@ -0,0 +1,3 @@
+plugins/modules/network_connections.py validate-modules:missing-gplv3-license
+plugins/modules/network_state.py validate-modules:missing-gplv3-license
+tests/network/ensure_provider_tests.py shebang!skip

CHANGELOG.md

@@ -1,6 +1,91 @@
 Changelog
 =========
 
+[1.17.9] - 2026-01-13
+--------------------
+
+### Other Changes
+
+- style: Use conscious language for profile list (#834)
+- refactor: use the warn module method on newer Ansible (#835)
+- ci: use ANSIBLE_INJECT_FACT_VARS=false by default for testing (#836)
+
+[1.17.8] - 2026-01-07
+--------------------
+
+### Other Changes
+
+- ci: bump actions/checkout from 5 to 6 (#826)
+- ci: add qemu tests for Fedora 43, drop Fedora 41 (#827)
+- ci: bump actions/upload-artifact from 5 to 6 (#831)
+- refactor: handle INJECT_FACTS_AS_VARS=false by using ansible_facts instead (#832)
+
+[1.17.7] - 2025-11-17
+--------------------
+
+### Bug Fixes
+
+- fix: cannot use community-general version 12 - no py27 and py36 support (#824)
+
+### Other Changes
+
+- ci: bump actions/upload-artifact from 4 to 5 (#819)
+- ci: bump github/codeql-action from 3 to 4 (#820)
+- ci: use versioned upload-artifact instead of master; bump codeql-action to v4; bump upload-artifact to v5 (#821)
+- ci: bump tox-lsr to 3.13.0 (#822)
+- ci: bump tox-lsr to 3.14.0 - this moves standard-inventory-qcow2 to tox-lsr (#823)
+
+[1.17.6] - 2025-10-21
+--------------------
+
+### Bug Fixes
+
+- fix: allow use of built-in routing tables (#804)
+- fix: Skip the loopback profile when deleting all profiles except the ones explicitly included (#813)
+
+### Other Changes
+
+- test: ensure NetworkManager, ensure eth1 is active (#801)
+- test: skip 802_1x tests on el7, RHEL other than 8 (#802)
+- ci: bump actions/checkout from 4 to 5 (#803)
+- ci: rollout several recent changes to CI testing (#806)
+- ci: support openSUSE Leap in qemu/kvm test matrix (#808)
+- ci: use the new epel feature to enable EPEL for testing farm (#809)
+- ci: use tox-lsr 3.12.0 for osbuild_config.yml feature (#811)
+- ci: use JSON format for __bootc_validation (#812)
+- remove wen from CODEOWNERS (#815)
+- ci: bump actions/setup-python from 5 to 6 (#816)
+- ci: bump actions/github-script from 7 to 8 (#817)
+
+[1.17.5] - 2025-08-01
+--------------------
+
+### Other Changes
+
+- test: ensure /etc/pki/tls/cert.pem exists for 802 tests on EL10 (#798)
+
+[1.17.4] - 2025-07-09
+--------------------
+
+### Other Changes
+
+- tests: Assert ethernet profile and device state (#793)
+- docs: Add guide for running CI tests locally with tox-lsr (#796)
+
+[1.17.3] - 2025-07-02
+--------------------
+
+### Other Changes
+
+- ci: bump sclorg/testing-farm-as-github-action from 3 to 4 (#785)
+- ci: bump tox-lsr to 3.8.0; rename qemu/kvm tests (#786)
+- ci: Add Fedora 42; use tox-lsr 3.9.0; use lsr-report-errors for qemu tests (#788)
+- ci: get rid of integration tests - broken, unmaintained (#789)
+- ci: Add support for bootc end-to-end validation tests (#790)
+- ci: Use ansible 2.19 for fedora 42 testing; support python 3.13 (#791)
+- test: improve method for finding secondary interface (#792)
+- refactor: support Ansible 2.19 (#794)
+
 [1.17.2] - 2025-04-23
 --------------------
 

README-ostree.md

@@ -20,8 +20,8 @@ Usage:
 .ostree/get_ostree_data.sh packages runtime DISTRO-VERSION FORMAT
 ```
 
-`DISTRO-VERSION` is in the format that Ansible uses for `ansible_distribution`
-and `ansible_distribution_version` - for example, `Fedora-38`, `CentOS-8`,
+`DISTRO-VERSION` is in the format that Ansible uses for `ansible_facts["distribution"]`
+and `ansible_facts["distribution_version"]` - for example, `Fedora-38`, `CentOS-8`,
 `RedHat-9.4`
 
 `FORMAT` is one of `toml`, `json`, `yaml`, `raw`

README.md

@@ -1,6 +1,6 @@
 # linux-system-roles/network
 
-[![ansible-lint.yml](https://github.com/linux-system-roles/network/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/network/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/ansible-test.yml) [![codeql.yml](https://github.com/linux-system-roles/network/actions/workflows/codeql.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/codeql.yml) [![codespell.yml](https://github.com/linux-system-roles/network/actions/workflows/codespell.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/codespell.yml) [![integration.yml](https://github.com/linux-system-roles/network/actions/workflows/integration.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/integration.yml) [![markdownlint.yml](https://github.com/linux-system-roles/network/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/markdownlint.yml) [![python-unit-test.yml](https://github.com/linux-system-roles/network/actions/workflows/python-unit-test.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/python-unit-test.yml) [![qemu-kvm-integration-tests.yml](https://github.com/linux-system-roles/network/actions/workflows/qemu-kvm-integration-tests.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/qemu-kvm-integration-tests.yml) [![shellcheck.yml](https://github.com/linux-system-roles/network/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/shellcheck.yml) [![tft.yml](https://github.com/linux-system-roles/network/actions/workflows/tft.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/tft.yml) [![tft_citest_bad.yml](https://github.com/linux-system-roles/network/actions/workflows/tft_citest_bad.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/tft_citest_bad.yml) [![woke.yml](https://github.com/linux-system-roles/network/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/woke.yml) [![Coverage Status](https://coveralls.io/repos/github/linux-system-roles/network/badge.svg)](https://coveralls.io/github/linux-system-roles/network) [![Code Style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/ambv/black) [![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/linux-system-roles/network.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/linux-system-roles/network/context:python)
+[![ansible-lint.yml](https://github.com/linux-system-roles/network/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/network/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/ansible-test.yml) [![codeql.yml](https://github.com/linux-system-roles/network/actions/workflows/codeql.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/codeql.yml) [![codespell.yml](https://github.com/linux-system-roles/network/actions/workflows/codespell.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/codespell.yml) [![markdownlint.yml](https://github.com/linux-system-roles/network/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/markdownlint.yml) [![python-unit-test.yml](https://github.com/linux-system-roles/network/actions/workflows/python-unit-test.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/python-unit-test.yml) [![qemu-kvm-integration-tests.yml](https://github.com/linux-system-roles/network/actions/workflows/qemu-kvm-integration-tests.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/qemu-kvm-integration-tests.yml) [![shellcheck.yml](https://github.com/linux-system-roles/network/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/shellcheck.yml) [![tft.yml](https://github.com/linux-system-roles/network/actions/workflows/tft.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/tft.yml) [![tft_citest_bad.yml](https://github.com/linux-system-roles/network/actions/workflows/tft_citest_bad.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/tft_citest_bad.yml) [![woke.yml](https://github.com/linux-system-roles/network/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/woke.yml) [![Coverage Status](https://coveralls.io/repos/github/linux-system-roles/network/badge.svg)](https://coveralls.io/github/linux-system-roles/network) [![Code Style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/ambv/black) [![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/linux-system-roles/network.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/linux-system-roles/network/context:python)
 
 ## Overview
 

contributing.md

@@ -118,3 +118,50 @@ explanation about the NetworkManager API.
     podman stop lsr-ci-c7
     podman rm lsr-ci-c7
     ```
+
+## Running CI Tests Locally
+
+### Use tox-lsr with qemu
+
+The latest version of tox-lsr supports qemu testing.
+<https://github.com/linux-system-roles/tox-lsr#qemu-testing>
+
+**Steps:**
+
+1. If you are using RHEL or CentOS, enable the EPEL repository for your
+   platform - <https://docs.fedoraproject.org/en-US/epel/>
+
+2. Use yum or dnf to install `standard-test-roles-inventory-qemu`
+   * If for some reason dnf/yum do not work, just download the script from
+     <https://pagure.io/standard-test-roles/raw/master/f/inventory/standard-inventory-qcow2> <!--- wokeignore:rule=master -->
+     * copy to your `$PATH`, and make sure it is executable
+
+3. Install tox
+   * Use yum/dnf to install `python3-tox` - if that does not work, then use
+     `pip install --user tox`, then make sure `~/.local/bin` is in your `$PATH`
+
+4. Install tox-lsr <https://github.com/linux-system-roles/tox-lsr#how-to-get-it>
+
+   ```bash
+   pip install --user git+https://github.com/linux-system-roles/tox-lsr@main
+   ```
+
+5. Download the config file to `~/.config/linux-system-roles.json` from
+   <https://github.com/linux-system-roles/linux-system-roles.github.io/blob/main/download/linux-system-roles.json>
+
+6. Assuming you are in a git clone of a role repo which has a tox.ini file -
+   you can use e.g.
+
+   ```bash
+   tox -e qemu-ansible-core-2.14 -- --image-name centos-9 tests/tests_default.yml
+   ```
+
+There are many command line options and environment variables which can be used
+to control the behavior, and you can customize the testenv in tox.ini. See
+<https://github.com/linux-system-roles/tox-lsr#qemu-testing>
+
+This method supports RHEL also - will download the latest image for a compose,
+and will set up the yum repos to point to internal composes.
+
+See <https://linux-system-roles.github.io/contribute.html> for general
+development guidelines.

defaults/main.yml

@@ -19,16 +19,16 @@ __network_rh_distros:
 __network_rh_distros_fedora: "{{ __network_rh_distros + ['Fedora'] }}"
 
 # Use this in conditionals to check if distro is Red Hat or clone
-__network_is_rh_distro: "{{ ansible_distribution in __network_rh_distros }}"
+__network_is_rh_distro: "{{ ansible_facts['distribution'] in __network_rh_distros }}"
 
 # Use this in conditionals to check if distro is Red Hat or clone, or Fedora
-__network_is_rh_distro_fedora: "{{ ansible_distribution in __network_rh_distros_fedora }}"
+__network_is_rh_distro_fedora: "{{ ansible_facts['distribution'] in __network_rh_distros_fedora }}"
 # END - DO NOT EDIT THIS BLOCK - rh distros variables
 
 # Use initscripts for RHEL/CentOS < 7, nm otherwise
 network_provider_os_default: "{{
-    'initscripts' if ansible_distribution in __network_rh_distros and
-        ansible_distribution_major_version is version('7', '<')
+    'initscripts' if ansible_facts['distribution'] in __network_rh_distros and
+        ansible_facts['distribution_major_version'] is version('7', '<')
         else 'nm' }}"
 # If NetworkManager.service is running, assume that 'nm' is currently in-use,
 # otherwise initscripts
@@ -76,7 +76,7 @@ __network_packages_default_wpa_supplicant: ["{%
 # - python-gobject-base on RHEL7 (no python2-gobject-base :-/)
 # - python3-gobject-base on Fedora 28+
 __network_packages_default_gobject_packages: ["python{{
-      ansible_python['version']['major'] | replace('2', '') }}-gobject-base"]
+      ansible_facts['python']['version']['major'] | replace('2', '') }}-gobject-base"]
 
 __network_service_name_default_nm: NetworkManager
 __network_packages_default_nm: "{{ ['NetworkManager']
@@ -92,18 +92,18 @@ __network_service_name_default_initscripts: network
 __network_packages_default_initscripts_bridge: ["{%
 if network_connections | selectattr('type', 'defined') |
    selectattr('type', 'match', '^bridge$') | list | count > 0 and
-   ansible_distribution in __network_rh_distros and
-   ansible_distribution_major_version is version('7', '<=')
+   ansible_facts['distribution'] in __network_rh_distros and
+   ansible_facts['distribution_major_version'] is version('7', '<=')
 %}bridge-utils{% endif %}"]
 __network_packages_default_initscripts_network_scripts: ["{%
-if ansible_distribution in __network_rh_distros and
-    ansible_distribution_major_version is version('7', '<=')
+if ansible_facts['distribution'] in __network_rh_distros and
+    ansible_facts['distribution_major_version'] is version('7', '<=')
 %}initscripts{% else %}network-scripts{% endif %}"]
 # Initscripts provider requires `/sbin/dhclient` to obtain DHCP address,
 # which is provided by the dhcp client package
 __network_packages_default_initscripts_dhcp_client: ["{%
-if ansible_distribution in __network_rh_distros and
-    ansible_distribution_major_version is version('7', '<=')
+if ansible_facts['distribution'] in __network_rh_distros and
+    ansible_facts['distribution_major_version'] is version('7', '<=')
 %}dhclient{% else %}dhcp-client{% endif %}"]
 # convert _network_packages_default_initscripts_bridge to an empty list if it
 # contains only the empty string and add it to the default package list

examples/down_profile.yml

@@ -1 +0,0 @@
-../tests/playbooks/down_profile.yml

examples/network_state_example.yml

@@ -176,13 +176,13 @@
         network_state:
           routes:
             config:
-            - destination: ::/0
-              next-hop-interface: eth1
-              next-hop-address: fe80::1
+              - destination: ::/0
+                next-hop-interface: eth1
+                next-hop-address: fe80::1
       ansible.builtin.include_role:
         name: linux-system-roles.network
 
-    - name: Configure the ethernet device eth1 with dhcp4 configured
+    - name: Configure the ethernet device eth1 with dhcp4 configured again
       vars:
         network_state:
           interfaces:

examples/remove+down_profile.yml

@@ -1,11 +0,0 @@
-# SPDX-License-Identifier: BSD-3-Clause
----
-- name: Set down profile {{ profile }}
-  hosts: all
-  vars:
-    network_connections:
-      - name: "{{ profile }}"
-        persistent_state: absent
-        state: down
-  roles:
-    - linux-system-roles.network

examples/remove_profile.yml

@@ -1 +0,0 @@
-../tests/playbooks/remove_profile.yml

library/network_connections.py

@@ -1851,7 +1851,7 @@ class RunEnvironmentAnsible(RunEnvironment):
             )
 
     def _complete_kwargs(self, connections, kwargs, traceback_msg=None, fail=False):
-        warning_logs = kwargs.get("warnings", [])
+        warning_logs = kwargs.pop("warnings", [])
         debug_logs = []
         loglines = []
         for res in self._run_results:
@@ -1866,7 +1866,12 @@ class RunEnvironmentAnsible(RunEnvironment):
                 warning_logs.append(log_line)
         if traceback_msg is not None:
             warning_logs.append(traceback_msg)
-        kwargs["warnings"] = warning_logs
+        # see if the module object has the "warn" function
+        if callable(getattr(self.module, "warn", None)):
+            for msg in warning_logs:
+                self.module.warn(msg)
+        else:
+            kwargs["warnings"] = warning_logs
         stderr = "\n".join(debug_logs) + "\n"
         kwargs["stderr"] = stderr
         kwargs["_invocation"] = {"module_args": self.module.params}
@@ -2402,15 +2407,19 @@ class Cmd_nm(Cmd):
         profile_uuids = set()
 
         if name:
-            black_list_names = []
+            kept_profiles = []
         else:
             # Delete all profiles except explicitly included
-            black_list_names = ArgUtil.connection_get_non_absent_names(self.connections)
+            kept_profiles = ArgUtil.connection_get_non_absent_names(self.connections)
+
+            # Keep loopback device too. Deleting it would trigger a 'changed' state
+            # every time the playbook is run as the device is recreated
+            kept_profiles.add("lo")
 
         for nm_profile in self._nm_provider.get_connections():
             if name and nm_profile.get_id() != name:
                 continue
-            if nm_profile.get_id() not in black_list_names:
+            if nm_profile.get_id() not in kept_profiles:
                 profile_uuids.add(nm_profile.get_uuid())
 
         if not profile_uuids:

meta/collection-requirements.yml

@@ -1,3 +1,4 @@
+# DO NOT EDIT THIS FILE - managed by linux-system-roles/.github
 ---
 collections:
   - name: ansible.posix

module_utils/network_lsr/argument_validator.py

@@ -2771,6 +2771,11 @@ class IPRouteUtils(object):
     def get_route_tables_mapping(cls):
         if not hasattr(cls, "_cached_rt_tables"):
             mapping = {}
+            # look in static built-in route tables file first
+            cls._parse_route_tables_mapping_from_file(
+                "/usr/share/iproute2/rt_tables", mapping
+            )
+            # then look in the user-defined route tables file
             cls._parse_route_tables_mapping_from_file(
                 "/etc/iproute2/rt_tables", mapping
             )

plans/test_playbooks_parallel.fmf

@@ -69,15 +69,6 @@ prepare:
       if grep -q 'CentOS Linux release 7.9' /etc/redhat-release; then
         sed -i '/^mirror/d;s/#\?\(baseurl=http:\/\/\)mirror/\1vault/' /etc/yum.repos.d/*.repo
       fi
-  # Replace with feature: epel: enabled once https://github.com/teemtee/tmt/pull/3128 is merged
-  - name: Enable epel to install beakerlib
-    script: |
-      # CS 10 and Fedora doesn't require epel
-      if grep -q -e 'CentOS Stream release 10' -e 'Fedora release' /etc/redhat-release; then
-        exit 0
-      fi
-      yum install epel-release yum-utils -y
-      yum-config-manager --enable epel epel-debuginfo epel-source
 discover:
   - name: Prepare managed node
     how: fmf
@@ -100,5 +91,11 @@ discover:
   #   filter: tag:reserve_system
   #   url: https://github.com/linux-system-roles/tft-tests
   #   ref: main
+adjust:
+  - when: distro == rhel-9 or distro == centos-stream-9 or distro == rhel-10 or distro == centos-stream-10
+    prepare+:
+      - how: feature
+        epel: enabled
+        order: 10
 execute:
-    how: tmt
+  how: tmt

tasks/main.yml

@@ -23,18 +23,18 @@
       supported since RHEL-8
   when:
     - network_state != {}
-    - ansible_distribution_major_version | int < 8
+    - ansible_facts["distribution_major_version"] | int < 8
 
 - name: Abort applying teaming configuration if the system version
     of the managed host is EL10 or later
   fail:
     msg: >-
       Teaming is not supported in
-      {{ ansible_distribution }}-{{ ansible_distribution_major_version }} -
+      {{ ansible_facts["distribution"] }}-{{ ansible_facts["distribution_major_version"] }} -
       use bonding instead
   when:
-    - ansible_distribution_major_version | int > 9
-    - ansible_distribution in __network_rh_distros
+    - ansible_facts["distribution_major_version"] | int > 9
+    - ansible_facts["distribution"] in __network_rh_distros
     - network_connections | selectattr("type", "defined") |
       selectattr("type", "match", "^team$") | list | length > 0 or
       network_state.get("interfaces", []) | selectattr("type", "defined") |
@@ -49,8 +49,8 @@
   register: dnf_package_update_info
   check_mode: true
   when:
-    - ansible_distribution == 'Fedora' or
-      ansible_distribution_major_version | int > 7
+    - ansible_facts["distribution"] == 'Fedora' or
+      ansible_facts["distribution_major_version"] | int > 7
     - __network_wireless_connections_defined
       or __network_team_connections_defined
     - not __network_is_ostree
@@ -64,7 +64,7 @@
   register: yum_package_update_info
   check_mode: true
   when:
-    - ansible_distribution_major_version | int < 8
+    - ansible_facts["distribution_major_version"] | int < 8
     - __network_wireless_connections_defined
       or __network_team_connections_defined
     - not __network_is_ostree
@@ -112,10 +112,10 @@
       ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
   when:
     - network_state != {}
-    - ansible_distribution == 'Fedora' and
-      ansible_distribution_major_version | int > 27 or
-      ansible_distribution != 'Fedora' and
-      ansible_distribution_major_version | int > 7
+    - ansible_facts["distribution"] == 'Fedora' and
+      ansible_facts["distribution_major_version"] | int > 27 or
+      ansible_facts["distribution"] != 'Fedora' and
+      ansible_facts["distribution_major_version"] | int > 7
 
 - name: Install python3-libnmstate when using network_state variable
   package:
@@ -126,10 +126,10 @@
       ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
   when:
     - network_state != {}
-    - ansible_distribution == 'Fedora' and
-      ansible_distribution_major_version | int > 34 or
-      ansible_distribution != 'Fedora' and
-      ansible_distribution_major_version | int > 8
+    - ansible_facts["distribution"] == 'Fedora' and
+      ansible_facts["distribution_major_version"] | int > 34 or
+      ansible_facts["distribution"] != 'Fedora' and
+      ansible_facts["distribution_major_version"] | int > 8
 
 # If network packages changed and wireless or team connections are specified,
 # NetworkManager must be restarted, and the user needs to explicitly consent

tests/ensure_provider_tests.py

@@ -12,7 +12,7 @@ import sys
 GET_NM_VERSION = """
     - name: Install NetworkManager and get NetworkManager version
       when:
-        - ansible_distribution_major_version != '6'
+        - ansible_facts['distribution_major_version'] != '6'
       tags:
         - always
       block:
@@ -58,19 +58,25 @@ RUN_PLAYBOOK_WITH_NM = """# SPDX-License-Identifier: BSD-3-Clause
 {comment}- name: Import the playbook '{test_playbook}'
   import_playbook: {test_playbook}
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'
 {minimum_nm_version_check}{extra_run_condition}"""
 
 MINIMUM_VERSION = "minimum_version"
 EXTRA_RUN_CONDITION = "extra_run_condition"
 NM_ONLY_TESTS = {
     "playbooks/tests_802_1x_updated.yml": {
-        EXTRA_RUN_CONDITION: "ansible_distribution != 'RedHat' or\n      ansible_distr\
-ibution_major_version | int < 9",
+        EXTRA_RUN_CONDITION: (
+            "(ansible_facts['distribution'] != 'RedHat' and\n"
+            "       ansible_facts['distribution_major_version'] | int > 7) or\n"
+            "      ansible_facts['distribution_major_version'] | int == 8"
+        ),
     },
     "playbooks/tests_802_1x.yml": {
-        EXTRA_RUN_CONDITION: "ansible_distribution != 'RedHat' or\n      ansible_distr\
-ibution_major_version | int < 9",
+        EXTRA_RUN_CONDITION: (
+            "(ansible_facts['distribution'] != 'RedHat' and\n"
+            "       ansible_facts['distribution_major_version'] | int > 7) or\n"
+            "      ansible_facts['distribution_major_version'] | int == 8"
+        ),
     },
     "playbooks/tests_ignore_auto_dns.yml": {},
     "playbooks/tests_bond_options.yml": {},
@@ -80,15 +86,18 @@ ibution_major_version | int < 9",
     "playbooks/tests_infiniband.yml": {},
     "playbooks/tests_ipv6_disabled.yml": {},
     "playbooks/tests_ipv6_dns_search.yml": {},
-    "playbooks/tests_mac_address_match.yml": {},
+    "playbooks/tests_mac_address_match.yml": {
+        MINIMUM_VERSION: "'1.18.0'",
+        "comment": "# needs any old version of NM",
+    },
     "playbooks/tests_provider.yml": {
         MINIMUM_VERSION: "'1.20.0'",
         "comment": "# NetworKmanager 1.20.0 added support for forgetting profiles",
         EXTRA_RUN_CONDITION: (
-            "(ansible_distribution == 'Fedora'\n"
-            "       and ansible_distribution_major_version | int < 41)\n"
-            "      or ansible_distribution not in ['RedHat', 'CentOS', 'Fedora']\n"
-            "      or ansible_distribution_major_version | int < 9"
+            "(ansible_facts['distribution'] == 'Fedora'\n"
+            "       and ansible_facts['distribution_major_version'] | int < 41)\n"
+            "      or ansible_facts['distribution'] not in ['RedHat', 'CentOS', 'Fedora']\n"
+            "      or ansible_facts['distribution_major_version'] | int < 9"
         ),
     },
     "playbooks/tests_eth_pci_address_match.yml": {
@@ -96,7 +105,7 @@ ibution_major_version | int < 9",
         "comment": "# NetworkManager 1.26.0 added support for match.path setting",
     },
     "playbooks/tests_network_state.yml": {
-        EXTRA_RUN_CONDITION: "ansible_distribution_major_version | int > 7",
+        EXTRA_RUN_CONDITION: "ansible_facts['distribution_major_version'] | int > 7",
     },
     "playbooks/tests_reapply.yml": {},
     "playbooks/tests_route_table.yml": {},
@@ -108,32 +117,30 @@ blackhole, prohibit and unreachable",
     "playbooks/tests_routing_rules.yml": {},
     # teaming support dropped in EL10
     "playbooks/tests_team.yml": {
-        EXTRA_RUN_CONDITION: "ansible_distribution not in ['RedHat', 'CentOS'] or\n      ansible_distr\
-ibution_major_version | int < 10",
+        EXTRA_RUN_CONDITION: "ansible_facts['distribution'] not in ['RedHat', 'CentOS'] or\n      ansible_facts['distribution_major_version'] | int < 10",
     },
     "playbooks/tests_team_plugin_installation.yml": {
-        EXTRA_RUN_CONDITION: "ansible_distribution not in ['RedHat', 'CentOS'] or\n      ansible_distr\
-ibution_major_version | int < 10",
+        EXTRA_RUN_CONDITION: "ansible_facts['distribution'] not in ['RedHat', 'CentOS'] or\n      ansible_facts['distribution_major_version'] | int < 10",
     },
     # mac80211_hwsim (used for tests_wireless) only seems to be available
     # and working on RHEL/CentOS 7
     "playbooks/tests_wireless.yml": {
-        EXTRA_RUN_CONDITION: "ansible_distribution_major_version == '7'",
+        EXTRA_RUN_CONDITION: "ansible_facts['distribution_major_version'] == '7'",
     },
     "playbooks/tests_wireless_and_network_restart.yml": {},
     "playbooks/tests_wireless_plugin_installation.yml": {},
     "playbooks/tests_wireless_wpa3_owe.yml": {
         "comment": "# OWE has not been supported by NetworkManager 1.18.8 on \
 RHEL 7(dist-tag). Failed in setting up mock wifi on RHEL 8",
-        EXTRA_RUN_CONDITION: "ansible_distribution_major_version > '7' and \
-ansible_distribution == 'CentOS' or\n     ansible_distribution_major_version > '32' \
-and ansible_distribution == 'Fedora'",
+        EXTRA_RUN_CONDITION: "ansible_facts['distribution_major_version'] > '7' and \
+ansible_facts['distribution'] == 'CentOS' or\n     ansible_facts['distribution_major_version'] > '32' \
+and ansible_facts['distribution'] == 'Fedora'",
     },
     "playbooks/tests_wireless_wpa3_sae.yml": {
         "comment": "# SAE has not been supported by NetworkManager 1.18.8 on \
 RHEL 7. Failed in setting up mock wifi on RHEL 8",
-        EXTRA_RUN_CONDITION: "ansible_distribution_major_version != '7' and \
-ansible_distribution != 'RedHat'",
+        EXTRA_RUN_CONDITION: "ansible_facts['distribution_major_version'] != '7' and \
+ansible_facts['distribution'] != 'RedHat'",
     },
 }
 # NM_CONDITIONAL_TESTS is used to store the test playbooks which are demanding for NM
@@ -178,8 +185,8 @@ RUN_PLAYBOOK_WITH_INITSCRIPTS = """# SPDX-License-Identifier: BSD-3-Clause
 
 - name: Import the playbook '{test_playbook}'
   import_playbook: {test_playbook}
-  when: (ansible_distribution in ['CentOS','RedHat'] and\n    \
-ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and\n    \
+ansible_facts['distribution_major_version'] | int < 9)
 """
 
 

tests/get_coverage.yml

@@ -45,7 +45,7 @@
         hidden: true
       register: files_to_delete
 
-    - name: Remove old data
+    - name: Remove old data from files_to_delete
       file:
         path: "{{ item.path }}"
         state: absent

tests/playbooks/down_profile+delete_interface.yml

@@ -1,9 +0,0 @@
-# SPDX-License-Identifier: BSD-3-Clause
----
-- name: Import the playbook 'down_profile.yml'
-  import_playbook: down_profile.yml
-- name: Delete the interface
-  hosts: all
-  tasks:
-    - name: Include the task 'delete_interface.yml'
-      include_tasks: tasks/delete_interface.yml

tests/playbooks/remove_profile.yml

@@ -1,10 +0,0 @@
-# SPDX-License-Identifier: BSD-3-Clause
----
-- name: Remove {{ profile }}
-  hosts: all
-  vars:
-    network_connections:
-      - name: "{{ profile }}"
-        persistent_state: absent
-  roles:
-    - linux-system-roles.network

tests/playbooks/run_tasks.yml

@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: BSD-3-Clause
 ---
-- name: Run the tasklist {{ task }}
+- name: Run the tasklist
   hosts: all
   tasks:
     - name: Include the task '{{ task }}'

tests/playbooks/tests_802_1x.yml

@@ -68,6 +68,16 @@
         - name: Update ca trust
           command: update-ca-trust
           changed_when: false
+        - name: Workaround for EL10 CA trust location
+          shell:
+            cmd: |
+              set -euxo pipefail
+              exec 1>&2
+              if [ ! -f /etc/pki/tls/cert.pem ]; then
+                ln -s /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/pki/tls/cert.pem
+              fi
+            executable: /bin/bash
+          changed_when: false
         - name: Import network role
           import_role:
             name: linux-system-roles.network

tests/playbooks/tests_auto_gateway.yml

@@ -39,7 +39,7 @@
               # not take precedence over other routes or not ignore other
               # routes
               route_metric4: 65535
-    - name: Include the task 'assert_device_present.yml'
+    - name: Include the task 'assert_device_present.yml' again
       include_tasks: tasks/assert_device_present.yml
     - name: Include the task 'assert_profile_present.yml'
       include_tasks: tasks/assert_profile_present.yml
@@ -67,7 +67,7 @@
     - name: "TEARDOWN: remove profiles."
       debug:
         msg: "##################################################"
-    - name: Import network role
+    - name: Import network role to remove interface
       import_role:
         name: linux-system-roles.network
       vars:
@@ -76,7 +76,7 @@
             persistent_state: absent
             state: down
       ignore_errors: true  # noqa ignore-errors
-    - name: Include the task 'manage_test_interface.yml'
+    - name: Include the task 'manage_test_interface.yml' to remove interface
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: absent
@@ -84,11 +84,11 @@
         TEST: I can configure an interface with auto_gateway disabled
       debug:
         msg: "##################################################"
-    - name: Include the task 'manage_test_interface.yml'
+    - name: Include the task 'manage_test_interface.yml' to disable auto_gateway
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: present
-    - name: Import network role
+    - name: Import network role to disable auto_gateway
       import_role:
         name: linux-system-roles.network
       vars:
@@ -105,13 +105,13 @@
                 - "203.0.113.2/24"
               gateway6: "2001:db8::1"
               gateway4: "203.0.113.1"
-    - name: Include the task 'assert_device_present.yml'
+    - name: Include the task 'assert_device_present.yml' - 3
       include_tasks: tasks/assert_device_present.yml
-    - name: Include the task 'assert_profile_present.yml'
+    - name: Include the task 'assert_profile_present.yml' again
       include_tasks: tasks/assert_profile_present.yml
       vars:
         profile: "{{ interface }}"
-    - name: "Show ipv4 routes"
+    - name: "Show ipv4 routes again"
       command: "ip route"
       register: ipv4_routes
       changed_when: false
@@ -120,7 +120,7 @@
         that: __test_str not in ipv4_routes.stdout
       vars:
         __test_str: default via 203.0.113.1 dev {{ interface }}
-    - name: "Get ipv6 routes"
+    - name: "Get ipv6 routes again"
       command: "ip -6 route"
       register: ipv6_route
       changed_when: false
@@ -130,10 +130,10 @@
       vars:
         __test_str: default via 2001:db8::1 dev {{ interface }}
       when: network_provider == "nm"
-    - name: "TEARDOWN: remove profiles."
+    - name: "TEARDOWN: remove profiles. again"
       debug:
         msg: "##################################################"
-    - name: Import network role
+    - name: Import network role to remove interface again
       import_role:
         name: linux-system-roles.network
       vars:
@@ -142,7 +142,7 @@
             persistent_state: absent
             state: down
       ignore_errors: true  # noqa ignore-errors
-    - name: Include the task 'manage_test_interface.yml'
+    - name: Include the task 'manage_test_interface.yml' to remove interface again
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: absent

tests/playbooks/tests_bridge.yml

@@ -4,65 +4,52 @@
   hosts: all
   vars:
     interface: LSR-TST-br31
-
   tasks:
-    - name: "Set interface={{ interface }}"
-      set_fact:
-        interface: "{{ interface }}"
     - name: Include the task 'show_interfaces.yml'
       include_tasks: tasks/show_interfaces.yml
+
     - name: Include the task 'assert_device_absent.yml'
       include_tasks: tasks/assert_device_absent.yml
 
-- name: Add test bridge
-  hosts: all
-  vars:
-    network_connections:
-      - name: "{{ interface }}"
-        interface_name: "{{ interface }}"
-        state: up
-        type: bridge
-        ip:
-          dhcp4: false
-          auto6: true
-  roles:
-    - linux-system-roles.network
+    - name: Add test bridge
+      include_role:
+        name: linux-system-roles.network
+      vars:
+        network_connections:
+          - name: "{{ interface }}"
+            interface_name: "{{ interface }}"
+            state: up
+            type: bridge
+            ip:
+              dhcp4: false
+              auto6: true
 
-- name: Import the playbook 'run_tasks.yml'
-  import_playbook: run_tasks.yml
-  vars:
-    task: tasks/assert_device_present.yml
+    - name: Assert device present
+      include_tasks: tasks/assert_device_present.yml
 
-- name: Import the playbook 'run_tasks.yml'
-  import_playbook: run_tasks.yml
-  vars:
-    profile: "{{ interface }}"
-    task: tasks/assert_profile_present.yml
+    - name: Assert profile present
+      include_tasks: tasks/assert_profile_present.yml
+      vars:
+        profile: "{{ interface }}"
 
-- name: Import the playbook 'down_profile+delete_interface.yml'
-  import_playbook: down_profile+delete_interface.yml
-  vars:
-    profile: "{{ interface }}"
-# FIXME: assert profile/device down
+    - name: Include the task 'down_profile+delete_interface.yml'
+      include_tasks: tasks/down_profile+delete_interface.yml
+      vars:
+        profile: "{{ interface }}"
+    # FIXME: assert profile/device down
 
-- name: Import the playbook 'remove_profile.yml'
-  import_playbook: remove_profile.yml
-  vars:
-    profile: "{{ interface }}"
+    - name: Include the task 'remove_profile.yml'
+      include_tasks: tasks/remove_profile.yml
+      vars:
+        profile: "{{ interface }}"
 
-- name: Import the playbook 'run_tasks.yml'
-  import_playbook: run_tasks.yml
-  vars:
-    profile: "{{ interface }}"
-    task: tasks/assert_profile_absent.yml
+    - name: Assert profile absent
+      include_tasks: tasks/assert_profile_absent.yml
+      vars:
+        profile: "{{ interface }}"
 
-- name: Import the playbook 'run_tasks.yml'
-  import_playbook: run_tasks.yml
-  vars:
-    task: tasks/assert_device_absent.yml
+    - name: Assert device absent
+      include_tasks: tasks/assert_device_absent.yml
 
-- name: Verify that cleanup restored state to default
-  hosts: all
-  tasks:
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml

tests/playbooks/tests_bridge_cloned_mac.yml

@@ -1,28 +1,25 @@
 # SPDX-License-Identifier: BSD-3-Clause
 ---
 - name: Test configuring bridges
-  hosts: all
-  tasks:
-    - name: Define vars
-      set_fact:
-        interface: "LSR-TST-br31"
-        cloned_mac: "12:23:34:45:56:70"
-
-- name: Add test bridge
   hosts: all
   vars:
-    network_connections:
-      - name: "{{ interface }}"
-        interface_name: "{{ interface }}"
-        state: up
-        type: bridge
-        ip:
-          dhcp4: false
-          auto6: true
-        cloned_mac: "{{ cloned_mac }}"
-  roles:
-    - linux-system-roles.network
+    interface: "LSR-TST-br31"
+    cloned_mac: "12:23:34:45:56:70"
   tasks:
+    - name: Add test bridge
+      include_role:
+        name: linux-system-roles.network
+      vars:
+        network_connections:
+          - name: "{{ interface }}"
+            interface_name: "{{ interface }}"
+            state: up
+            type: bridge
+            ip:
+              dhcp4: false
+              auto6: true
+            cloned_mac: "{{ cloned_mac }}"
+
     - name: Verify ifcfg MACADDR entry
       command: >-
         grep ^MACADDR= /etc/sysconfig/network-scripts/ifcfg-{{ interface }}
@@ -51,18 +48,15 @@
             cloned_mac_address_nm.stdout.find(cloned_mac) != -1
         msg: "cloned-mac-address is configured incorrectly"
 
-- name: Import the playbook 'down_profile+delete_interface.yml'
-  import_playbook: down_profile+delete_interface.yml
-  vars:
-    profile: "{{ interface }}"
+    - name: Include the tasks 'down_profile+delete_interface.yml'
+      include_tasks: tasks/down_profile+delete_interface.yml
+      vars:
+        profile: "{{ interface }}"
 
-- name: Import the playbook 'remove_profile.yml'
-  import_playbook: remove_profile.yml
-  vars:
-    profile: "{{ interface }}"
+    - name: Include the task 'remove_profile.yml'
+      include_tasks: tasks/remove_profile.yml
+      vars:
+        profile: "{{ interface }}"
 
-- name: Verify that cleanup restored state to default
-  hosts: all
-  tasks:
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml

tests/playbooks/tests_eth_dns_support.yml

@@ -5,24 +5,20 @@
   vars:
     type: veth
     interface: ethtest0
-
-
   tasks:
-    - name: "Set type={{ type }} and interface={{ interface }}"  # noqa name
-      set_fact:
-        type: "{{ type }}"
-        interface: "{{ interface }}"
     - name: Include the task 'show_interfaces.yml'
       include_tasks: tasks/show_interfaces.yml
+
     - name: Include the task 'manage_test_interface.yml'
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: present
+
     - name: Include the task 'assert_device_present.yml'
       include_tasks: tasks/assert_device_present.yml
 
-    - name: Import network role
-      import_role:
+    - name: Include network role
+      include_role:
         name: linux-system-roles.network
       vars:
         network_connections:
@@ -120,24 +116,24 @@
           - "'9999' in ipv6_dns.stdout"
         msg: "DNS priority is configured incorrectly"
 
-- name: Import the playbook 'down_profile+delete_interface.yml'
-  import_playbook: down_profile+delete_interface.yml
-  vars:
-    profile: "{{ interface }}"
-# FIXME: assert profile/device down
-- name: Import the playbook 'remove_profile.yml'
-  import_playbook: remove_profile.yml
-  vars:
-    profile: "{{ interface }}"
-- name: Assert profile and device are absent
-  hosts: all
-  tasks:
+    - name: Include the tasks 'down_profile+delete_interface.yml'
+      include_tasks: tasks/down_profile+delete_interface.yml
+      vars:
+        profile: "{{ interface }}"
+
+    # FIXME: assert profile/device down
+    - name: Include the task 'remove_profile.yml'
+      include_tasks: tasks/remove_profile.yml
+      vars:
+        profile: "{{ interface }}"
+
     - name: Include the task 'assert_profile_absent.yml'
       include_tasks: tasks/assert_profile_absent.yml
       vars:
         profile: "{{ interface }}"
+
     - name: Include the task 'assert_device_absent.yml'
       include_tasks: tasks/assert_device_absent.yml
+
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml
-...

tests/playbooks/tests_ethernet.yml

@@ -1,81 +1,115 @@
 # SPDX-License-Identifier: BSD-3-Clause
 ---
-- name: Play for showing the network provider
-  hosts: all
-  tasks:
-    - name: Show inside ethernet tests
-      debug:
-        msg: Inside ethernet tests
-    - name: Show network_provider
-      debug:
-        var: network_provider
-
 - name: Test configuring ethernet devices
   hosts: all
   vars:
     type: veth
     interface: lsr27
-
   tasks:
-    - name: "Set type={{ type }} and interface={{ interface }}"  # noqa name
-      set_fact:
-        type: "{{ type }}"
-        interface: "{{ interface }}"
-    - name: Include the task 'show_interfaces.yml'
-      include_tasks: tasks/show_interfaces.yml
-    - name: Include the task 'manage_test_interface.yml'
-      include_tasks: tasks/manage_test_interface.yml
-      vars:
-        state: present
-    - name: Include the task 'assert_device_present.yml'
-      include_tasks: tasks/assert_device_present.yml
+    - name: Show inside ethernet tests
+      debug:
+        msg: Inside ethernet tests
 
-- name: Test static interface up
-  hosts: all
-  vars:
-    network_connections:
-      - name: "{{ interface }}"
-        interface_name: "{{ interface }}"
-        state: up
-        type: ethernet
-        autoconnect: true
-        ip:
-          address: 192.0.2.1/24
-  roles:
-    - linux-system-roles.network
-  tasks:
-    - name: Include the task 'assert_output_in_stderr_without_warnings.yml'
-      include_tasks: tasks/assert_output_in_stderr_without_warnings.yml
-
-- name: Play for cleaning up the test device and the connection profile
-  hosts: all
-  tasks:
     - name: Show network_provider
       debug:
         var: network_provider
 
-# FIXME: assert profile present
-# FIXME: assert profile/device up + IP address
-- name: Import the playbook 'down_profile+delete_interface.yml'
-  import_playbook: down_profile+delete_interface.yml
-  vars:
-    profile: "{{ interface }}"
-# FIXME: assert profile/device down
-- name: Import the playbook 'remove_profile.yml'
-  import_playbook: remove_profile.yml
-  vars:
-    profile: "{{ interface }}"
-- name: Assert device and profile are absent
-  hosts: all
-  tasks:
+    - name: Include the task 'show_interfaces.yml'
+      include_tasks: tasks/show_interfaces.yml
+
+    - name: Include the task 'manage_test_interface.yml'
+      include_tasks: tasks/manage_test_interface.yml
+      vars:
+        state: present
+
+    - name: Include the task 'assert_device_present.yml'
+      include_tasks: tasks/assert_device_present.yml
+
+    - name: Test static interface up
+      include_role:
+        name: linux-system-roles.network
+      vars:
+        network_connections:
+          - name: "{{ interface }}"
+            interface_name: "{{ interface }}"
+            state: up
+            type: ethernet
+            autoconnect: true
+            ip:
+              address: 192.0.2.1/24
+
+    - name: Include the task 'assert_output_in_stderr_without_warnings.yml'
+      include_tasks: tasks/assert_output_in_stderr_without_warnings.yml
+
+    - name: Show network_provider after running role
+      debug:
+        var: network_provider
+
+    - name: Get NM connection file
+      slurp:
+        src: "/etc/NetworkManager/system-connections/{{ interface }}.nmconnection"
+      register: nm_connection_file
+      when:
+        - network_provider == 'nm'
+        # RHEL up to 8 uses initscripts backend
+        - ansible_facts["distribution_major_version"] | int >= 9
+
+    - name: Assert settings in NM connection file
+      assert:
+        that:
+          - "('interface-name=' + interface) in nm_connection_file.content | b64decode"
+          - "'type=ethernet' in nm_connection_file.content | b64decode"
+          - "'address1=192.0.2.1/24' in nm_connection_file.content | b64decode"
+          - "'method=manual' in nm_connection_file.content | b64decode"
+      when:
+        - network_provider == 'nm'
+        # RHEL up to 8 uses initscripts backend
+        - ansible_facts["distribution_major_version"] | int >= 9
+
+    - name: Get NM connection status
+      command: "nmcli connection show {{ interface }}"
+      changed_when: false
+      register: nm_connection_status
+      when: network_provider == 'nm'
+
+    - name: Assert NM connection status
+      assert:
+        that:
+          - nm_connection_status.stdout is search("ipv4.addresses:\s+192.0.2.1/24")
+      when: network_provider == 'nm'
+
+    - name: Get initscripts connection file
+      slurp:
+        src: "/etc/sysconfig/network-scripts/ifcfg-{{ interface }}"
+      register: initscripts_connection_file
+      when: network_provider == 'initscripts' or ansible_facts["distribution_major_version"] | int < 9
+
+    - name: Assert settings in initscripts connection file
+      assert:
+        that:
+          - "'TYPE=Ethernet' in initscripts_connection_file.content | b64decode"
+          - "'DEVICE={{ interface }}' in initscripts_connection_file.content | b64decode"
+          - "'IPADDR=192.0.2.1' in initscripts_connection_file.content | b64decode"
+          - "'PREFIX=24' in initscripts_connection_file.content | b64decode"
+      when: network_provider == 'initscripts' or ansible_facts["distribution_major_version"] | int < 9
+
+    - name: Include the tasks 'down_profile+delete_interface.yml'
+      include_tasks: tasks/down_profile+delete_interface.yml
+      vars:
+        profile: "{{ interface }}"
+
+    # FIXME: assert profile/device down
+    - name: Include the task 'remove_profile.yml'
+      include_tasks: tasks/remove_profile.yml
+      vars:
+        profile: "{{ interface }}"
+
     - name: Include the task 'assert_profile_absent.yml'
       include_tasks: tasks/assert_profile_absent.yml
       vars:
         profile: "{{ interface }}"
     - name: Include the task 'assert_device_absent.yml'
       include_tasks: tasks/assert_device_absent.yml
-- name: Verify that cleanup restored state to default
-  hosts: all
-  tasks:
+
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml

tests/playbooks/tests_ipv6.yml

@@ -20,7 +20,7 @@
         ip netns exec ns1 ip link set peer{{ interface }} up
       when:
         # netns not available on RHEL/CentOS 6
-        - ansible_distribution_major_version != '6'
+        - ansible_facts['distribution_major_version'] != '6'
       changed_when: false
     - name: Test IPv6 config
       block:
@@ -87,7 +87,7 @@
         - name: Test gateway can be pinged
           command: ping6 -c1 2001:db8::1
           when:
-            - ansible_distribution_major_version != '6'
+            - ansible_facts['distribution_major_version'] != '6'
           changed_when: false
       always:
         - name: "TEARDOWN: remove profiles."
@@ -109,7 +109,7 @@
         - name: Clean up namespace
           command: ip netns delete ns1
           when:
-            - ansible_distribution_major_version != '6'
+            - ansible_facts['distribution_major_version'] != '6'
           changed_when: false
         - name: Verify network state restored to default
           include_tasks: tasks/check_network_dns.yml

tests/playbooks/tests_ipv6_disabled.yml

@@ -5,18 +5,15 @@
   vars:
     type: veth
     interface: ethtest0
-
   tasks:
-    - name: "Set type={{ type }} and interface={{ interface }}"  # noqa name
-      set_fact:
-        type: "{{ type }}"
-        interface: "{{ interface }}"
     - name: Include the task 'show_interfaces.yml'
       include_tasks: tasks/show_interfaces.yml
+
     - name: Include the task 'manage_test_interface.yml'
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: present
+
     - name: Include the task 'assert_device_present.yml'
       include_tasks: tasks/assert_device_present.yml
 
@@ -24,31 +21,28 @@
       set_fact:
         connection_failed: false
 
-    - name: Import network role
-      import_role:
-        name: linux-system-roles.network
-      vars:
-        network_connections:
-          - name: "{{ interface }}"
-            interface_name: "{{ interface }}"
-            type: ethernet
-            ip:
-              ipv6_disabled: true
-        __header: "# Ansible managed test header"
-      ignore_errors: true  # noqa ignore-errors
-      changed_when: false
+    - name: Try configuration
+      block:
+        - name: Include network role
+          include_role:
+            name: linux-system-roles.network
+          vars:
+            network_connections:
+              - name: "{{ interface }}"
+                interface_name: "{{ interface }}"
+                type: ethernet
+                ip:
+                  ipv6_disabled: true
+            __header: "# Ansible managed test header"
 
-    - name: Assert that configuring `ipv6_disabled` will only fail when the
-            running version of NetworKManager does not support it
-      assert:
-        that:
-          - __network_connections_result.stderr is
-            search("ip.ipv6_disabled is not supported by the running version
-            of NetworkManager")
-        msg: Reconfiguring network connection is not failed with the error
-             "ip.ipv6_disabled is not supported by the running version of
-             NetworkManger"
-      when: __network_connections_result.failed
+      rescue:
+        - name: Assert that configuring `ipv6_disabled` will only fail when the
+                running version of NetworkManager does not support it
+          assert:
+            that: ansible_failed_result.stderr is search(errmsg)
+            msg: Reconfiguring network connection is not failed with the error {{ errmsg }}
+          vars:
+            errmsg: ip.ipv6_disabled is not supported by the running version of NetworkManager
 
     - name: Verify nmcli connection ipv6.method
       shell: |
@@ -71,28 +65,28 @@
         connection_failed: true
       when: __network_connections_result.failed
 
-- name: Import the playbook 'down_profile.yml'
-  import_playbook: down_profile.yml
-  vars:
-    profile: "{{ interface }}"
-  when: not connection_failed
+    - name: Include the task 'down_profile.yml'
+      include_tasks: tasks/down_profile.yml
+      vars:
+        profile: "{{ interface }}"
+      when: not connection_failed
+
+    # FIXME: assert profile/device down
+    - name: Include the tasks 'remove_profile.yml'
+      include_tasks: tasks/remove_profile.yml
+      vars:
+        profile: "{{ interface }}"
 
-# FIXME: assert profile/device down
-- name: Import the playbook 'remove_profile.yml'
-  import_playbook: remove_profile.yml
-  vars:
-    profile: "{{ interface }}"
-- name: Delete the interface, then assert that device and profile are absent
-  hosts: all
-  tasks:
     - name: Include the task 'delete_interface.yml'
       include_tasks: tasks/delete_interface.yml
+
     - name: Include the task 'assert_profile_absent.yml'
       include_tasks: tasks/assert_profile_absent.yml
       vars:
         profile: "{{ interface }}"
+
     - name: Include the task 'assert_device_absent.yml'
       include_tasks: tasks/assert_device_absent.yml
+
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml
-...

tests/playbooks/tests_ipv6_dns_search.yml

@@ -126,14 +126,14 @@
                 state: up
           ignore_errors: true  # noqa ignore-errors
           changed_when: false
-          when: ansible_distribution_major_version | int > 7
+          when: ansible_facts["distribution_major_version"] | int > 7
 
         - name: Assert that reconfiguring network connection is failed
           assert:
             that:
               - __network_connections_result.failed
             msg: reconfiguring network connection is not failed
-          when: ansible_distribution_major_version | int > 7
+          when: ansible_facts["distribution_major_version"] | int > 7
 
         - name: Assert that configuring DNS search setting is not allowed when
             both IPv4 and IPv6 are disabled
@@ -145,7 +145,7 @@
             msg: Reconfiguring network connection is not failed with the error
               "Setting 'dns_search', 'dns_options', and 'dns_priority' are not
               allowed when both IPv4 and IPv6 are disabled."
-          when: ansible_distribution_major_version | int > 7
+          when: ansible_facts["distribution_major_version"] | int > 7
 
       always:
         - name: Clean up the test device and the connection profile

tests/playbooks/tests_mac_address_match.yml

@@ -18,6 +18,7 @@
     # - `vlan_profile2` (e.g., `120-vlan`) has a fixed name, designed to test a scenario
     #   where lexicographic sorting causes the VLAN to appear before its parent interface.
     default_interface: "{{ lookup('env', 'MAC_ADDR_MATCH_INTERFACE') | default('eth1', true) }}"
+    interfaces_to_check: "{{ [default_interface] + ['eth1', 'ens4', 'ens6'] | unique | list }}"
     profile: "{{ interface }}"
     vlan_profile1: "{{ interface }}.3732"
     vlan_profile2: "120-vlan"
@@ -32,6 +33,11 @@
       tags:
         - always
 
+    - name: Ensure NetworkManager is running
+      service:
+        name: NetworkManager
+        state: started
+
     - name: Install ethtool (test dependency)
       package:
         name: ethtool
@@ -44,12 +50,18 @@
         executable: /bin/bash
         cmd: |
           set -euxo pipefail
-          for iface in '{{ default_interface }}' ens4; do
+          for iface in {{ interfaces_to_check | join(" ") }}; do
             if ip addr show "$iface" 1>&2; then
+              # interface exists, but may be an alias or altname
+              # find the real name
+              real_iface="$(ip addr show "$iface" | awk -F'[ :]'  '/^[^ ]/ {print $3}')"
               break
             fi
           done
-          echo "$iface"
+          if [ -z "${real_iface:-}" ]; then
+            real_iface=UNKNOWN_DEVICE
+          fi
+          echo "$real_iface"
       changed_when: false
       register: __network_interface_cmd
 

tests/playbooks/tests_network_state.yml

@@ -25,13 +25,13 @@
       set_fact:
         type: "{{ type }}"
         interface: "{{ interface1 }}"
-    - name: Include the task 'show_interfaces.yml'
+    - name: Include the task 'show_interfaces.yml' again
       include_tasks: tasks/show_interfaces.yml
-    - name: Include the task 'manage_test_interface.yml'
+    - name: Include the task 'manage_test_interface.yml' after changing interface
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: present
-    - name: Include the task 'assert_device_present.yml'
+    - name: Include the task 'assert_device_present.yml' after changing interface
       include_tasks: tasks/assert_device_present.yml
 
 
@@ -189,9 +189,9 @@
       set_fact:
         type: "{{ type }}"
         interface: "{{ interface0 }}"
-    - name: Include the task 'delete_interface.yml'
+    - name: Include the task 'delete_interface.yml' again
       include_tasks: tasks/delete_interface.yml
-    - name: Include the task 'assert_device_absent.yml'
+    - name: Include the task 'assert_device_absent.yml' again
       include_tasks: tasks/assert_device_absent.yml
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml

tests/playbooks/tests_route_device.yml

@@ -23,13 +23,13 @@
     - name: Set interface1
       set_fact:
         interface: "{{ interface1 }}"
-    - name: Show interfaces
+    - name: Show interfaces again
       include_tasks: tasks/show_interfaces.yml
-    - name: Manage test interface
+    - name: Manage test interface with second interface
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: present
-    - name: Assert device is present
+    - name: Assert device is present with second interface
       include_tasks: tasks/assert_device_present.yml
     - name: Test the route or the warning log when configuring the route with
         or without the interface name

tests/playbooks/tests_route_table.yml

@@ -5,25 +5,21 @@
   vars:
     type: veth
     interface: ethtest0
-
-
   tasks:
-    - name: "Set type={{ type }} and interface={{ interface }}"  # noqa name
-      set_fact:
-        type: "{{ type }}"
-        interface: "{{ interface }}"
     - name: Include the task 'show_interfaces.yml'
       include_tasks: tasks/show_interfaces.yml
+
     - name: Include the task 'manage_test_interface.yml'
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: present
+
     - name: Include the task 'assert_device_present.yml'
       include_tasks: tasks/assert_device_present.yml
 
     - name: Configure connection profile and specify the numeric table in
         static routes
-      import_role:
+      include_role:
         name: linux-system-roles.network
       vars:
         network_connections:
@@ -53,6 +49,11 @@
                   metric: 50
                   table: 30200
                   src: 198.51.100.3
+                - network: 198.51.101.128
+                  prefix: 26
+                  gateway: 198.51.101.1
+                  metric: 2
+                  table: main
 
     - name: Get the routes from the route table 30200
       command: ip route show table 30200
@@ -66,6 +67,12 @@
       ignore_errors: true
       changed_when: false
 
+    - name: Get the routes from the route table main
+      command: ip route show table main
+      register: route_table_main
+      ignore_errors: true
+      changed_when: false
+
     - name: Assert that the route table 30200 contains the specified route
       assert:
         that:
@@ -77,7 +84,6 @@
         msg: "the route table 30200 does not exist or does not contain the
           specified route"
 
-
     - name: Assert that the route table 30400 contains the specified route
       assert:
         that:
@@ -86,6 +92,14 @@
         msg: "the route table 30400 does not exist or does not contain the
           specified route"
 
+    - name: Assert that the route table main contains the specified route
+      assert:
+        that:
+          - route_table_main.stdout is search("198.51.101.128/26 via
+            198.51.101.1 dev ethtest0 proto static metric 2")
+        msg: "the route table main does not exist or does not contain the
+          specified route"
+
     - name: Create a dedicated test file in `/etc/iproute2/rt_tables.d/` and
             add a new routing table
       lineinfile:
@@ -96,7 +110,7 @@
 
     - name: Reconfigure connection profile and specify the named table in
         static routes
-      import_role:
+      include_role:
         name: linux-system-roles.network
       vars:
         network_connections:
@@ -126,6 +140,11 @@
                   metric: 50
                   table: custom
                   src: 198.51.100.3
+                - network: 198.51.101.128
+                  prefix: 26
+                  gateway: 198.51.101.1
+                  metric: 2
+                  table: custom
 
     - name: Get the routes from the named route table 'custom'
       command: ip route show table custom
@@ -144,6 +163,8 @@
           - route_table_custom.stdout is search("192.0.2.64/26 via
             198.51.100.8 dev ethtest0 proto static src 198.51.100.3
             metric 50")
+          - route_table_custom.stdout is search("198.51.101.128/26 via
+            198.51.101.1 dev ethtest0 proto static metric 2")
         msg: "the named route table 'custom' does not exist or does not contain
           the specified route"
 
@@ -152,24 +173,24 @@
         state: absent
         path: /etc/iproute2/rt_tables.d/table.conf
 
-- name: Import the playbook 'down_profile+delete_interface.yml'
-  import_playbook: down_profile+delete_interface.yml
-  vars:
-    profile: "{{ interface }}"
-# FIXME: assert profile/device down
-- name: Import the playbook 'remove_profile.yml'
-  import_playbook: remove_profile.yml
-  vars:
-    profile: "{{ interface }}"
-- name: Assert device and profile are absent
-  hosts: all
-  tasks:
+    - name: Include the tasks 'down_profile+delete_interface.yml'
+      include_tasks: tasks/down_profile+delete_interface.yml
+      vars:
+        profile: "{{ interface }}"
+
+    # FIXME: assert profile/device down
+    - name: Include the task 'remove_profile.yml'
+      include_tasks: tasks/remove_profile.yml
+      vars:
+        profile: "{{ interface }}"
+
     - name: Include the task 'assert_profile_absent.yml'
       include_tasks: tasks/assert_profile_absent.yml
       vars:
         profile: "{{ interface }}"
+
     - name: Include the task 'assert_device_absent.yml'
       include_tasks: tasks/assert_device_absent.yml
+
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml
-...

tests/playbooks/tests_route_type.yml

@@ -6,22 +6,20 @@
     type: veth
     interface: ethtest0
   tasks:
-    - name: "Set type={{ type }} and interface={{ interface }}"  # noqa name
-      set_fact:
-        type: "{{ type }}"
-        interface: "{{ interface }}"
     - name: Include the task 'show_interfaces.yml'
       include_tasks: tasks/show_interfaces.yml
+
     - name: Include the task 'manage_test_interface.yml'
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: present
+
     - name: Include the task 'assert_device_present.yml'
       include_tasks: tasks/assert_device_present.yml
 
     - name: Configure connection profile and specify the route types in
         static routes
-      import_role:
+      include_role:
         name: linux-system-roles.network
       vars:
         network_connections:
@@ -102,7 +100,7 @@
           specified route"
 
     - name: Removing some routes
-      import_role:
+      include_role:
         name: linux-system-roles.network
       vars:
         network_connections:
@@ -173,24 +171,24 @@
         msg: "the route table 30600 does not exist or does not contain the
           type routes"
 
-- name: Import the playbook 'down_profile+delete_interface.yml'
-  import_playbook: down_profile+delete_interface.yml
-  vars:
-    profile: "{{ interface }}"
-# FIXME: assert profile/device down
-- name: Import the playbook 'remove_profile.yml'
-  import_playbook: remove_profile.yml
-  vars:
-    profile: "{{ interface }}"
-- name: Assert device and profile are absent
-  hosts: all
-  tasks:
+    - name: Include the tasks 'down_profile+delete_interface.yml'
+      include_tasks: tasks/down_profile+delete_interface.yml
+      vars:
+        profile: "{{ interface }}"
+
+    # FIXME: assert profile/device down
+    - name: Include the task 'remove_profile.yml'
+      include_tasks: tasks/remove_profile.yml
+      vars:
+        profile: "{{ interface }}"
+
     - name: Include the task 'assert_profile_absent.yml'
       include_tasks: tasks/assert_profile_absent.yml
       vars:
         profile: "{{ interface }}"
+
     - name: Include the task 'assert_device_absent.yml'
       include_tasks: tasks/assert_device_absent.yml
+
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml
-...

tests/playbooks/tests_routing_rules.yml

@@ -5,18 +5,15 @@
   vars:
     type: veth
     interface: ethtest0
-
   tasks:
-    - name: "Set type={{ type }} and interface={{ interface }}"  # noqa name
-      set_fact:
-        type: "{{ type }}"
-        interface: "{{ interface }}"
     - name: Include the task 'show_interfaces.yml'
       include_tasks: tasks/show_interfaces.yml
+
     - name: Include the task 'manage_test_interface.yml'
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: present
+
     - name: Include the task 'assert_device_present.yml'
       include_tasks: tasks/assert_device_present.yml
 
@@ -36,7 +33,7 @@
       block:
         - name: Configure connection profile and specify the numeric table in
             static routes
-          import_role:
+          include_role:
             name: linux-system-roles.network
           vars:
             network_connections:
@@ -144,7 +141,7 @@
                 until NM 1.20")
             msg: The routing rule attribute 'suppress_prefixlength' validation
               failure is not raised when the distro's major version is 7
-          when: ansible_distribution_major_version == "7"
+          when: ansible_facts['distribution_major_version'] == "7"
 
         - name: Clear errors
           meta: clear_host_errors
@@ -164,28 +161,28 @@
       register: route_rule_table_30200
       ignore_errors: true
       changed_when: false
-      when: ansible_distribution_major_version != "7"
+      when: ansible_facts['distribution_major_version'] != "7"
 
     - name: Get the routing rule for looking up the table 30400
       command: ip rule list table 30400
       register: route_rule_table_30400
       ignore_errors: true
       changed_when: false
-      when: ansible_distribution_major_version != "7"
+      when: ansible_facts['distribution_major_version'] != "7"
 
     - name: Get the routing rule for looking up the table 30600
       command: ip -6 rule list table 30600
       register: route_rule_table_30600
       ignore_errors: true
       changed_when: false
-      when: ansible_distribution_major_version != "7"
+      when: ansible_facts['distribution_major_version'] != "7"
 
     - name: Get the routing rule for looking up the table 'custom'
       command: ip rule list table custom
       register: route_rule_table_custom
       ignore_errors: true
       changed_when: false
-      when: ansible_distribution_major_version != "7"
+      when: ansible_facts['distribution_major_version'] != "7"
 
     - name: Get the IPv4 routing rule for the connection "{{ interface }}"
       command: nmcli -f ipv4.routing-rules c show "{{ interface }}"
@@ -219,7 +216,7 @@
             30200 suppress_prefixlength 8")
         msg: "the routing rule with table lookup 30200 does not match the
           specified rule"
-      when: ansible_distribution_major_version != "7"
+      when: ansible_facts['distribution_major_version'] != "7"
 
     - name: Assert that the routing rule with table lookup 30400 matches the
         specified rule
@@ -233,7 +230,7 @@
             oiftest \[detached\] lookup 30400")
         msg: "the routing rule with table lookup 30400 does not match the
           specified rule"
-      when: ansible_distribution_major_version != "7"
+      when: ansible_facts['distribution_major_version'] != "7"
 
     - name: Assert that the routing rule with table lookup 30600 matches the
         specified rule
@@ -249,7 +246,7 @@
             lookup 30600 suppress_prefixlength 24")
         msg: "the routing rule with table lookup 30600 does not match the
           specified rule"
-      when: ansible_distribution_major_version != "7"
+      when: ansible_facts['distribution_major_version'] != "7"
 
     - name: Assert that the routing rule with 'custom' table lookup matches the
         specified rule
@@ -259,7 +256,7 @@
             198.51.100.56/26 lookup custom")
         msg: "the routing rule with 'custom' table lookup does not match the
           specified rule"
-      when: ansible_distribution_major_version != "7"
+      when: ansible_facts['distribution_major_version'] != "7"
 
     - name: Assert that the specified IPv4 routing rule was configured in the
         connection "{{ interface }}"
@@ -311,26 +308,27 @@
         msg: "the specified IPv6 routing rule was not configured in the
           connection '{{ interface }}'"
 
-- name: Remove profile and device, assert device and profile are absent
-  hosts: all
-  tasks:
     - name: Remove the dedicated test file in `/etc/iproute2/rt_tables.d/`
       file:
         state: absent
         path: /etc/iproute2/rt_tables.d/table.conf
+
     - name: Include the task 'remove+down_profile.yml'
       include_tasks: tasks/remove+down_profile.yml
       vars:
         profile: "{{ interface }}"
       when: not __network_end_play | d(false)
+
     - name: Include the task 'delete_interface.yml'
       include_tasks: tasks/delete_interface.yml
+
     - name: Include the task 'assert_profile_absent.yml'
       include_tasks: tasks/assert_profile_absent.yml
       vars:
         profile: "{{ interface }}"
+
     - name: Include the task 'assert_device_absent.yml'
       include_tasks: tasks/assert_device_absent.yml
+
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml
-...

tests/playbooks/tests_states.yml

@@ -14,7 +14,6 @@
       tags:
         - always
 
-
     - name: Test creating the bridge connection
       tags:
         - tests::states:create

tests/playbooks/tests_switch_provider.yml

@@ -4,13 +4,10 @@
 # set network provider and gather facts
 - name: Switch initscripts provider to nm
   hosts: all
+  vars:
+    network_provider: initscripts
+    interface: LST-TST-br34
   tasks:
-    - name: Set fact to use initscripts network_provider
-      set_fact:
-        network_provider: initscripts
-        interface: LST-TST-br34
-      tags:
-        - always
     - name: "Through the initscripts provider, create test bridge
         {{ interface }}"
       include_role:
@@ -23,20 +20,25 @@
             ip:
               dhcp4: false
               auto6: false
+
     - name: Include the task 'assert_device_present.yml'
       include_tasks: tasks/assert_device_present.yml
+
     - name: Include the task 'remove+down_profile.yml'
       include_tasks: tasks/remove+down_profile.yml
       vars:
         profile: "{{ interface }}"
     # The initscripts should not remove the interface for down/absent
-    - name: Include the task 'assert_device_present.yml'
+
+    - name: Include the task 'assert_device_present.yml' with new profile
       include_tasks: tasks/assert_device_present.yml
+
     - name: Set fact to use nm network_provider
       set_fact:
         network_provider: nm
       tags:
         - always
+
     - name: "Through the nm provider, create test bridge {{ interface }}"
       include_role:
         name: linux-system-roles.network
@@ -48,18 +50,24 @@
             ip:
               dhcp4: false
               auto6: false
-    - name: Include the task 'assert_device_present.yml'
+
+    - name: Include the task 'assert_device_present.yml' with nm provider
       include_tasks: tasks/assert_device_present.yml
-    - name: Include the task 'remove+down_profile.yml'
+
+    - name: Include the task 'remove+down_profile.yml' with nm provider
       include_tasks: tasks/remove+down_profile.yml
       vars:
         profile: "{{ interface }}"
+
     # NetworkManager should not remove pre-exist interface for down/absent
-    - name: Include the task 'assert_device_present.yml'
+    - name: Include the task 'assert_device_present.yml' with nm provider again
       include_tasks: tasks/assert_device_present.yml
+
     - name: Include the task 'delete_interface.yml'
       include_tasks: tasks/delete_interface.yml
+
     - name: Include the task 'assert_device_absent.yml'
       include_tasks: tasks/assert_device_absent.yml
+
     - name: Verify network state restored to default
       include_tasks: tasks/check_network_dns.yml

tests/playbooks/tests_team_plugin_installation.yml

@@ -55,7 +55,7 @@
               - tasks/cleanup_profile+device.yml
               - tasks/check_network_dns.yml
 
-    - name: "Get the rpm package facts"
+    - name: "Get the rpm package facts again"
       package_facts:
         manager: "auto"
 

tests/playbooks/tests_vlan_mtu.yml

@@ -43,7 +43,7 @@
             ip:
               dhcp4: false
               auto6: false
-    - name: Include the task 'assert_device_present.yml'
+    - name: Include the task 'assert_device_present.yml' after running role
       include_tasks: tasks/assert_device_present.yml
       vars:
         interface: "{{ vlan_interface }}"
@@ -58,7 +58,7 @@
     - name: "TEARDOWN: remove profiles."
       debug:
         msg: "##################################################"
-    - name: Import network role
+    - name: Import network role to remove interfaces
       import_role:
         name: linux-system-roles.network
       vars:
@@ -70,7 +70,7 @@
             persistent_state: absent
             state: down
       ignore_errors: true  # noqa ignore-errors
-    - name: Include the task 'manage_test_interface.yml'
+    - name: Include the task 'manage_test_interface.yml' to remove interfaces
       include_tasks: tasks/manage_test_interface.yml
       vars:
         state: absent

tests/playbooks/tests_wireless_plugin_installation.yml

@@ -36,7 +36,7 @@
               key_mgmt: "wpa-psk"
               password: "p@55w0rD"
 
-    - name: "Get the rpm package facts"
+    - name: "Get the rpm package facts again"
       package_facts:
         manager: "auto"
 

tests/playbooks/tests_wireless_wpa3_sae.yml

@@ -7,7 +7,7 @@
   tasks:
     - name: "INIT: wireless tests"
       include_tasks: tasks/setup_mock_wifi_wpa3_sae.yml
-      when: ansible_distribution in ['CentOS', 'Fedora']
+      when: ansible_facts['distribution'] in ['CentOS', 'Fedora']
 
     - name: Test wireless connection with WPA3 Personal
       block:
@@ -20,7 +20,7 @@
               - name: "{{ interface }}"
                 # set `state: down` on RHEL 8 since we failed in setting up mock
                 # wifi on RHEL 8
-                state: "{{ 'down' if ansible_distribution == 'RedHat' else 'up' }}"
+                state: "{{ 'down' if ansible_facts['distribution'] == 'RedHat' else 'up' }}"
                 type: wireless
                 ip:
                   address:

tests/tasks/assert_output_in_stderr_without_warnings.yml

@@ -1,10 +1,16 @@
 # SPDX-License-Identifier: BSD-3-Clause
 ---
+# module_warning - see https://github.com/ansible/ansible/issues/85394
 - name: "Assert that warnings is empty"
   assert:
     that:
-      - "'warnings' not in __network_connections_result"
+      - "'warnings' not in __network_connections_result or
+         __network_connections_result.warnings | reject('match', module_warning ~ '$') | list | length == 0"
     msg: "There are unexpected warnings"
+  vars:
+    module_warning: >-
+      Error loading plugin 'ansible.netcommon.network': No module named 'ansible_collections.ansible.netcommon'
+
 - name: "Assert that there is output in stderr"
   assert:
     that:

tests/tasks/create_test_interfaces_with_dhcp.yml

@@ -22,8 +22,8 @@
     use: "{{ (__network_is_ostree | d(false)) |
       ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
   when:
-    - ansible_os_family == 'RedHat'
-    - ansible_distribution_major_version is version('6', '<=')
+    - ansible_facts['os_family'] == 'RedHat'
+    - ansible_facts['distribution_major_version'] is version('6', '<=')
 
 - name: Install pgrep, sysctl
   package:
@@ -32,8 +32,8 @@
     use: "{{ (__network_is_ostree | d(false)) |
       ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
   when:
-    - ansible_os_family == 'RedHat'
-    - ansible_distribution_major_version is version('7', '>=')
+    - ansible_facts['os_family'] == 'RedHat'
+    - ansible_facts['distribution_major_version'] is version('7', '>=')
 
 - name: Create test interfaces
   shell: |

tests/tasks/down_profile+delete_interface.yml

@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: BSD-3-Clause
+---
+- name: Include the task 'down_profile.yml'
+  include_tasks: down_profile.yml
+
+- name: Include the task 'delete_interface.yml'
+  include_tasks: tasks/delete_interface.yml

tests/tasks/down_profile.yml

@@ -1,10 +1,9 @@
 # SPDX-License-Identifier: BSD-3-Clause
 ---
 - name: Set down {{ profile }}
-  hosts: all
+  include_role:
+    name: linux-system-roles.network
   vars:
     network_connections:
       - name: "{{ profile }}"
         state: down
-  roles:
-    - linux-system-roles.network

tests/tasks/el_repo_setup.yml

@@ -48,5 +48,5 @@
       gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
     mode: "0644"
   when:
-    - ansible_distribution == 'CentOS'
-    - ansible_distribution_major_version == '6'
+    - ansible_facts['distribution'] == 'CentOS'
+    - ansible_facts['distribution_major_version'] == '6'

tests/tasks/find+remove_profile.yml

@@ -1,10 +1,64 @@
 # SPDX-License-Identifier: BSD-3-Clause
 ---
 - name: Get connection profile for '{{ interface }}'
-  command: "nmcli -g GENERAL.CONNECTION device show {{ interface }}"
+  shell:
+    executable: /bin/bash
+    cmd: |
+      set -euo pipefail
+      connection="$(nmcli -g GENERAL.CONNECTION device show {{ interface | quote }})" || :
+      if [ -z "$connection" ]; then
+        nmcli device connect {{ interface | quote }} 1>&2
+      fi
+      nmcli -g GENERAL.CONNECTION device show {{ interface | quote }}
   register: connection_name
   changed_when: false
 
+- name: Debug
+  shell: |
+    set -x
+    exec 1>&2
+    systemctl status NetworkManager || :
+    nmcli || :
+    nmcli device status || :
+    nmcli device show || :
+    nmcli connection show || :
+    nmcli connection show '{{ interface }}' || :
+    ip a
+    echo connection_name: {{ connection_name | to_nice_json | quote }} || :
+    ls -alrtF /etc/sysconfig/network-scripts || :
+    for file in /etc/sysconfig/network-scripts/ifcfg-*; do
+      if [ -f "$file" ]; then
+        echo "file: $file"
+        cat "$file" || :
+      fi
+    done
+    cat /etc/NetworkManager/NetworkManager.conf || :
+    find /etc/NetworkManager -type f -ls || :
+    for file in /etc/NetworkManager/system-connections/*.nmconnection; do
+      if [ -f "$file" ]; then
+        echo "file: $file"
+        cat "$file" || :
+      fi
+    done
+    for file in /etc/NetworkManager/conf.d/*; do
+      if [ -f "$file" ]; then
+        echo "file: $file"
+        cat "$file" || :
+      fi
+    done
+    find /usr/lib/NetworkManager -type f -ls || :
+    for file in /usr/lib/NetworkManager/conf.d/*; do
+      if [ -f "$file" ]; then
+        echo "file: $file"
+        cat "$file" || :
+      fi
+    done
+    NetworkManager --print-config
+    journalctl -u NetworkManager || :
+  changed_when: false
+  when: connection_name is failed or connection_name.stdout | length == 0
+  failed_when: connection_name is failed or connection_name.stdout | length == 0
+
 - name: Bring down and delete the connection profile for '{{ interface }}'
   include_role:
     name: linux-system-roles.network

tests/tasks/remove_profile.yml

@@ -1,10 +1,9 @@
 # SPDX-License-Identifier: BSD-3-Clause
 ---
-- name: Include network role
+- name: Remove {{ profile }}
   include_role:
     name: linux-system-roles.network
   vars:
     network_connections:
-      - name: "{{ interface }}"
+      - name: "{{ profile }}"
         persistent_state: absent
-...

tests/tasks/setup_802_1x_server.yml

@@ -8,9 +8,9 @@
 - name: Install hostapd via CentOS Stream
   command: dnf -y install http://mirror.centos.org/centos/8-stream/AppStream/x86_64/os/Packages/hostapd-2.10-1.el8.x86_64.rpm  # noqa yaml[line-length]
   when:
-    - ansible_distribution_version is version('8.6', '<')
-    - ansible_distribution_major_version == '8'
-    - ansible_distribution == 'RedHat'
+    - ansible_facts['distribution_version'] is version('8.6', '<')
+    - ansible_facts['distribution_major_version'] == '8'
+    - ansible_facts['distribution'] == 'RedHat'
   changed_when: false
 
 - name: Install hostapd

tests/tasks/setup_mock_wifi_wpa3_owe.yml

@@ -14,7 +14,7 @@
   delay: 10
 
 - name: Check if can test on CentOS and setup if possible
-  when: ansible_distribution == 'CentOS'
+  when: ansible_facts['distribution'] == 'CentOS'
   block:
     # It is currently too difficult to install the required kernel
     # if using rpm ostree - so just skip this test
@@ -48,7 +48,7 @@
     dnf -y copr enable liangwen12year/hostapd-owe
     dnf -y install hostapd
   when:
-    - ansible_distribution == 'Fedora'
+    - ansible_facts['distribution'] == 'Fedora'
   changed_when: false
 
 - name: Install mac80211_hwsim kernel modules in Fedora
@@ -57,7 +57,7 @@
     koji download-build --arch=$(uname -m) kernel-modules-internal-$(uname -r)
     dnf -y install kernel-modules*.rpm
   when:
-    - ansible_distribution == 'Fedora'
+    - ansible_facts['distribution'] == 'Fedora'
   changed_when: false
 
 - name: Create hostapd config

tests/tasks/setup_mock_wifi_wpa3_sae.yml

@@ -14,7 +14,7 @@
   delay: 10
 
 - name: Configure CentOS system for testing, if possible
-  when: ansible_distribution == 'CentOS'
+  when: ansible_facts['distribution'] == 'CentOS'
   block:
     # It is currently too difficult to install the required kernel
     # if using rpm ostree - so just skip this test
@@ -49,7 +49,7 @@
       - hostapd
     state: present
   when:
-    - ansible_distribution == 'Fedora'
+    - ansible_facts['distribution'] == 'Fedora'
   register: __install_status
   until: __install_status is success
   retries: 6
@@ -64,7 +64,7 @@
     koji download-build --arch=$(uname -m) kernel-modules-internal-$(uname -r)
     dnf -y install kernel-modules*.rpm
   when:
-    - ansible_distribution == 'Fedora'
+    - ansible_facts['distribution'] == 'Fedora'
   changed_when: false
 
 - name: Create hostapd config

tests/tasks/test_802.1x_capath.yml

@@ -16,9 +16,6 @@
       - NetworkManager-1.18.4-3.el7.x86_64
       - NetworkManager-1.20.0-3.el8.x86_64
       - NetworkManager-1.22.8-4.el8.x86_64
-      - NetworkManager-1.20.4-1.fc31.x86_64
-      - NetworkManager-1.22.10-1.fc32.x86_64
-      - NetworkManager-1.22.12-1.fc32.x86_64
 - name: Create directory for ca_path test
   file:
     path: "/etc/pki/tls/my_ca_certs"
@@ -90,23 +87,22 @@
   rescue:
     - name: Show failed item
       debug:
-        var: "{{ item }}"
-      with_items:
-        - ansible_failed_result
-        - ansible_failed_task
-        - __network_nm_nvr.stdout
-        - __NM_capath_ignored_NVRs
+        msg: item {{ item }}
+      loop:
+        - "{{ ansible_failed_result }}"
+        - "{{ ansible_failed_task }}"
+        - "{{ __network_nm_nvr.stdout }}"
+        - "{{ __NM_capath_ignored_NVRs }}"
       changed_when: false
 
     - name: Assert role behavior
       vars:
-        expected_failure: __network_nm_nvr.stdout in __NM_capath_ignored_NVRs
-        failure: __network_connections_result.failed
+        expected_failure: "{{ __network_nm_nvr.stdout in __NM_capath_ignored_NVRs }}"
+        failure: "{{ __network_connections_result is failed }}"
       assert:
-        that: (failure and expected_failure) or
-          (not failure and not expected_failure)
-        msg: "Role {{ failure and 'failed' or 'did not fail' }} but was expected
-          {{ expected_failure and '' or 'not' }} to fail.
+        that: failure == expected_failure
+        msg: "Role {{ failure | ternary('failed', 'did not fail') }} but was expected
+          {{ expected_failure | ternary('', 'not') }} to fail.
           NM NVR: {{ __network_nm_nvr.stdout }}"
     - name: Assert role failure
       assert:

tests/tests_802_1x_nm.yml

@@ -20,6 +20,7 @@
 - name: Import the playbook 'playbooks/tests_802_1x.yml'
   import_playbook: playbooks/tests_802_1x.yml
   when:
-    - ansible_distribution_major_version != '6'
-    - ansible_distribution != 'RedHat' or
-      ansible_distribution_major_version | int < 9
+    - ansible_facts['distribution_major_version'] != '6'
+    - (ansible_facts['distribution'] != 'RedHat' and
+       ansible_facts['distribution_major_version'] | int > 7) or
+      ansible_facts['distribution_major_version'] | int == 8

tests/tests_802_1x_updated_nm.yml

@@ -20,6 +20,7 @@
 - name: Import the playbook 'playbooks/tests_802_1x_updated.yml'
   import_playbook: playbooks/tests_802_1x_updated.yml
   when:
-    - ansible_distribution_major_version != '6'
-    - ansible_distribution != 'RedHat' or
-      ansible_distribution_major_version | int < 9
+    - ansible_facts['distribution_major_version'] != '6'
+    - (ansible_facts['distribution'] != 'RedHat' and
+       ansible_facts['distribution_major_version'] | int > 7) or
+      ansible_facts['distribution_major_version'] | int == 8

tests/tests_auto_gateway_initscripts.yml

@@ -15,5 +15,5 @@
 
 - name: Import the playbook 'playbooks/tests_auto_gateway.yml'
   import_playbook: playbooks/tests_auto_gateway.yml
-  when: (ansible_distribution in ['CentOS','RedHat'] and
-    ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and
+    ansible_facts['distribution_major_version'] | int < 9)

tests/tests_auto_gateway_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_auto_gateway.yml'
   import_playbook: playbooks/tests_auto_gateway.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_bond_cloned_mac_initscripts.yml

@@ -15,5 +15,5 @@
 
 - name: Import the playbook 'playbooks/tests_bond_cloned_mac.yml'
   import_playbook: playbooks/tests_bond_cloned_mac.yml
-  when: (ansible_distribution in ['CentOS','RedHat'] and
-    ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and
+    ansible_facts['distribution_major_version'] | int < 9)

tests/tests_bond_cloned_mac_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_bond_cloned_mac.yml'
   import_playbook: playbooks/tests_bond_cloned_mac.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_bond_deprecated_initscripts.yml

@@ -15,5 +15,5 @@
 
 - name: Import the playbook 'playbooks/tests_bond_deprecated.yml'
   import_playbook: playbooks/tests_bond_deprecated.yml
-  when: (ansible_distribution in ['CentOS','RedHat'] and
-    ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and
+    ansible_facts['distribution_major_version'] | int < 9)

tests/tests_bond_deprecated_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_bond_deprecated.yml'
   import_playbook: playbooks/tests_bond_deprecated.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_bond_initscripts.yml

@@ -15,5 +15,5 @@
 
 - name: Import the playbook 'playbooks/tests_bond.yml'
   import_playbook: playbooks/tests_bond.yml
-  when: (ansible_distribution in ['CentOS','RedHat'] and
-    ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and
+    ansible_facts['distribution_major_version'] | int < 9)

tests/tests_bond_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_bond.yml'
   import_playbook: playbooks/tests_bond.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_bond_options_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_bond_options.yml'
   import_playbook: playbooks/tests_bond_options.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_bond_port_match_by_mac_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_bond_port_match_by_mac.yml'
   import_playbook: playbooks/tests_bond_port_match_by_mac.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_bond_removal_initscripts.yml

@@ -15,5 +15,5 @@
 
 - name: Import the playbook 'playbooks/tests_bond_removal.yml'
   import_playbook: playbooks/tests_bond_removal.yml
-  when: (ansible_distribution in ['CentOS','RedHat'] and
-    ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and
+    ansible_facts['distribution_major_version'] | int < 9)

tests/tests_bond_removal_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_bond_removal.yml'
   import_playbook: playbooks/tests_bond_removal.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_bridge_cloned_mac_initscripts.yml

@@ -15,5 +15,5 @@
 
 - name: Import the playbook 'playbooks/tests_bridge_cloned_mac.yml'
   import_playbook: playbooks/tests_bridge_cloned_mac.yml
-  when: (ansible_distribution in ['CentOS','RedHat'] and
-    ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and
+    ansible_facts['distribution_major_version'] | int < 9)

tests/tests_bridge_cloned_mac_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_bridge_cloned_mac.yml'
   import_playbook: playbooks/tests_bridge_cloned_mac.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_bridge_initscripts.yml

@@ -15,5 +15,5 @@
 
 - name: Import the playbook 'playbooks/tests_bridge.yml'
   import_playbook: playbooks/tests_bridge.yml
-  when: (ansible_distribution in ['CentOS','RedHat'] and
-    ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and
+    ansible_facts['distribution_major_version'] | int < 9)

tests/tests_bridge_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_bridge.yml'
   import_playbook: playbooks/tests_bridge.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_default.yml

@@ -8,8 +8,14 @@
   tasks:
     - name: Include the task 'el_repo_setup.yml'
       include_tasks: tasks/el_repo_setup.yml
+
+    # module_warning - see https://github.com/ansible/ansible/issues/85394
     - name: Test warning and info logs
       assert:
         that:
-          - "'warnings' not in __network_connections_result"
+          - "'warnings' not in __network_connections_result or
+             __network_connections_result.warnings | reject('match', module_warning ~ '$') | list | length == 0"
         msg: "There are warnings"
+      vars:
+        module_warning: >-
+          Error loading plugin 'ansible.netcommon.network': No module named 'ansible_collections.ansible.netcommon'

tests/tests_default_initscripts.yml

@@ -11,5 +11,5 @@
 
 - name: Import the playbook 'tests_default.yml'
   import_playbook: tests_default.yml
-  when: (ansible_distribution in ['CentOS','RedHat'] and
-    ansible_distribution_major_version | int < 9)
+  when: (ansible_facts['distribution'] in ['CentOS','RedHat'] and
+    ansible_facts['distribution_major_version'] | int < 9)

tests/tests_default_nm.yml

@@ -14,4 +14,4 @@
 - name: Import the playbook 'tests_default.yml'
   import_playbook: tests_default.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_dummy_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_dummy.yml'
   import_playbook: playbooks/tests_dummy.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'

tests/tests_eth_dns_support_nm.yml

@@ -20,4 +20,4 @@
 - name: Import the playbook 'playbooks/tests_eth_dns_support.yml'
   import_playbook: playbooks/tests_eth_dns_support.yml
   when:
-    - ansible_distribution_major_version != '6'
+    - ansible_facts['distribution_major_version'] != '6'