Fix failed Ubuntu 24.04 tests (#630)

Signed-off-by: Sebastian Neumann <neumann@b1-systems.de>

molecule/delegated/prepare/docker_compose.yml

@@ -42,8 +42,8 @@
         name: docker-ce
         description: Docker CE Stable - $basearch
         baseurl: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/{{ ansible_distribution_version }}/{{ 'aarch64' if ansible_architecture == 'arm64' else ansible_architecture }}/stable"
-        gpgcheck: yes
-        enabled: yes
+        gpgcheck: true
+        enabled: true
         gpgkey: https://download.docker.com/linux/centos/gpg
 
     - name: Remove moby-compose package

molecule/delegated/tests/resolvconf.py

@@ -1,3 +1,5 @@
+import pytest
+
 from .util.util import (
     get_ansible,
     get_variable,
@@ -19,8 +21,14 @@ def test_resolvconf_service_disabled(host):
     """Check if the resolvconf service is disabled."""
 
     service = host.service("resolvconf")
-    assert not service.is_enabled
-    assert not service.is_running
+    cmd = host.run(
+        f'systemctl list-units --all | grep -q "^[[:space:]]*{service.name}"'
+    )
+    if cmd.rc == 0:
+        assert not service.is_enabled
+        assert not service.is_running
+    else:
+        pytest.skip("The resolvconf service does not exist")
 
 
 def test_resolved_conf_file(host):

molecule/delegated/tests/trivy/debian.py

@@ -10,6 +10,17 @@
 testinfra_runner, testinfra_hosts = get_ansible()
 
 
+def check_ansible_distribution(host):
+    """Test on Ubuntu 24.04 skipped, because the repository
+    'https://aquasecurity.github.io/trivy-repo/deb noble Release'
+    does not have a release file yet."""
+    if (
+        get_variable(host, "ansible_distribution", True) == "Ubuntu"
+        and get_variable(host, "ansible_distribution_version", True) == "24.04"
+    ):
+        pytest.skip("Skipping this test on Ubuntu 24.04")
+
+
 def check_ansible_os_family(host):
     if get_variable(host, "ansible_os_family", True) != "Debian":
         pytest.skip("ansible_os_family mismatch")
@@ -22,6 +33,7 @@ def check_configure_repository(host):
 
 def test_package(host):
     """Check if the packages are installed."""
+    check_ansible_distribution(host)
     check_ansible_os_family(host)
 
     if get_variable(host, "trivy_configure_repository"):
@@ -36,6 +48,7 @@ def test_package(host):
 
 def test_trivy_gpg_key_present(host):
     """Check if the GPG key for the trivy repository is correctly added."""
+    check_ansible_distribution(host)
     check_ansible_os_family(host)
     check_configure_repository(host)
 
@@ -55,6 +68,7 @@ def test_trivy_gpg_key_present(host):
 
 def test_trivy_repository_configured(host):
     """Check if the Trivy repository is correctly configured."""
+    check_ansible_distribution(host)
     check_ansible_os_family(host)
     check_configure_repository(host)
 

roles/kubectl/tasks/install-RedHat-family.yml

@@ -5,8 +5,8 @@
     name: kubectl
     description: "K8s repository"
     baseurl: "{{ kubectl_redhat_repository }}"
-    gpgcheck: yes
-    enabled: yes
+    gpgcheck: true
+    enabled: true
     gpgkey: "{{ kubectl_redhat_repository_key }}"
     file: /etc/yum.repos.d/kubernetes
     mode: 0644

roles/lynis/tasks/install-RedHat-family.yml

@@ -2,7 +2,7 @@
 - name: Update package cache
   become: true
   ansible.builtin.dnf:
-    update_cache: yes
+    update_cache: true
 
 - name: Install epel-release
   become: true

roles/microcode/tasks/main.yml

@@ -4,7 +4,7 @@
     dest: /etc/apt/sources.list.d/default.list
     regexp: '(.*)\s+non-free-firmware\s*(.*)$'
     state: absent
-  check_mode: yes
+  check_mode: true
   register: debian_repo_existing
   when: "ansible_distribution == 'Debian'"
 

roles/network/tasks/netplan-RedHat-family.yml

@@ -88,23 +88,23 @@
   when: network_interfaces_path_stat.stat.isdir is defined and network_interfaces_path_stat.stat.isdir
 
 # networkd-dispatcher is currently not being installed on CentOS
-#- name: Copy dispatcher scripts
-#  become: true
-#  ansible.builtin.template:
-#    src: "{{ item.src }}"
-#    dest: "/etc/networkd-dispatcher/{{ item.dest }}"
-#    mode: 0755
-#    owner: root
-#    group: root
-#  loop: "{{ network_dispatcher_scripts }}"
+# - name: Copy dispatcher scripts
+#   become: true
+#   ansible.builtin.template:
+#     src: "{{ item.src }}"
+#     dest: "/etc/networkd-dispatcher/{{ item.dest }}"
+#     mode: 0755
+#     owner: root
+#     group: root
+#   loop: "{{ network_dispatcher_scripts }}"
 
-#- name: "Manage service {{ network_dispatcher_service_name }}"
-#  become: true
-#  ansible.builtin.service:
-#    name: "{{ network_dispatcher_service_name }}"
-#    enabled: true
-#    state: started
-#  register: network_service
+# - name: "Manage service {{ network_dispatcher_service_name }}"
+#   become: true
+#   ansible.builtin.service:
+#     name: "{{ network_dispatcher_service_name }}"
+#     enabled: true
+#     state: started
+#   register: network_service
 
 - name: Include cleanup tasks
   ansible.builtin.include_tasks: cleanup-netplan.yml

roles/network/vars/Debian-family.yml

@@ -1,3 +1,4 @@
+---
 network_interface_required_packages:
   - bridge-utils
   - ifenslave

roles/network/vars/RedHat-family.yml

@@ -1,3 +1,4 @@
+---
 network_interface_required_packages:
   - bridge-utils
   - teamd

roles/systohc/tasks/main.yml

@@ -1,4 +1,14 @@
 ---
+- name: Install util-linux-extra package
+  ansible.builtin.apt:
+    name: util-linux-extra
+    state: present
+    update_cache: true
+  become: true
+  when:
+    - ansible_distribution == 'Ubuntu'
+    - ansible_distribution_version == '24.04'
+
 - name: Sync hardware clock
   become: true
   ansible.builtin.command: hwclock --systohc

roles/trivy/tasks/install-Debian-family.yml

@@ -1,45 +1,50 @@
 ---
-- name: Remove old architecture-dependent repository
-  become: true
-  ansible.builtin.apt_repository:
-    repo: "deb [ arch=amd64 ] https://aquasecurity.github.io/trivy-repo/deb {{ ansible_distribution_release }} main"
-    state: absent
-    filename: trivy
-  when: trivy_configure_repository|bool
+# Installation on Ubuntu 24.04 skipped, because the repository
+# 'https://aquasecurity.github.io/trivy-repo/deb noble Release'
+# does not have a release file yet.
+- name: Trivy installation
+  when: not ansible_distribution_version == '24.04'
+  block:  # noqa osism-fqcn
+    - name: Remove old architecture-dependent repository
+      become: true
+      ansible.builtin.apt_repository:
+        repo: "deb [ arch=amd64 ] https://aquasecurity.github.io/trivy-repo/deb {{ ansible_distribution_release }} main"
+        state: absent
+        filename: trivy
+      when: trivy_configure_repository|bool
 
-- name: Install apt-transport-https package
-  become: true
-  ansible.builtin.apt:
-    name: apt-transport-https
-    state: present
-    lock_timeout: "{{ apt_lock_timeout | default(300) }}"
-  when: trivy_configure_repository | bool
-  changed_when: false
+    - name: Install apt-transport-https package
+      become: true
+      ansible.builtin.apt:
+        name: apt-transport-https
+        state: present
+        lock_timeout: "{{ apt_lock_timeout | default(300) }}"
+      when: trivy_configure_repository | bool
+      changed_when: false
 
-- name: Add repository gpg key
-  become: true
-  ansible.builtin.get_url:
-    url: "{{ trivy_debian_repository_key }}"
-    dest: /etc/apt/trusted.gpg.d/trivy.asc
-    mode: 0644
-    owner: root
-    group: root
-  when:
-    - trivy_configure_repository | bool
+    - name: Add repository gpg key
+      become: true
+      ansible.builtin.get_url:
+        url: "{{ trivy_debian_repository_key }}"
+        dest: /etc/apt/trusted.gpg.d/trivy.asc
+        mode: 0644
+        owner: root
+        group: root
+      when: trivy_configure_repository | bool
 
-- name: Add repository
-  become: true
-  ansible.builtin.apt_repository:
-    repo: "{{ trivy_debian_repository }}"
-    state: present
-    filename: trivy
-    update_cache: true
-    mode: 0600
-  when: trivy_configure_repository | bool
+    - name: Add repository
+      become: true
+      ansible.builtin.apt_repository:
+        repo: "{{ trivy_debian_repository }}"
+        state: present
+        filename: trivy
+        update_cache: true
+        mode: 0600
+      when: trivy_configure_repository | bool
 
-- name: Install trivy package
-  become: true
-  ansible.builtin.apt:
-    name: "{{ trivy_package_name }}"
-    state: present
-    lock_timeout: "{{ apt_lock_timeout | default(300) }}"
+    - name: Install trivy package
+      become: true
+      ansible.builtin.apt:
+        name: "{{ trivy_package_name }}"
+        state: present
+        lock_timeout: "{{ apt_lock_timeout | default(300) }}"