From 94fc4df80c6f9a70fc33b453c32f3b1cac3f1712 Mon Sep 17 00:00:00 2001
From: Dmitry Tantsur <dtantsur@protonmail.com>
Date: Mon, 24 Jun 2024 11:01:43 +0200
Subject: [PATCH] Another attempt to update Ansible and metal3-dev-env (#1666)

* Reapply "Upgrade to Ansible 7 (#1523)" (#1665)

This reverts commit 258ee3341819ea76cc9e05fe2a1e07ebd2788fd4.

* Pass the right interface name to metal3-dev-env firewall config

The variable got changed upstream but we're still passing the old one.

Remove no longer valid firewalld commands using even older interface
names.
---
 01_install_requirements.sh | 4 ++--
 02_configure_host.sh       | 8 ++------
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/01_install_requirements.sh b/01_install_requirements.sh
index 0fa9f79a1..774b95102 100755
--- a/01_install_requirements.sh
+++ b/01_install_requirements.sh
@@ -19,13 +19,13 @@ if [ -z "${METAL3_DEV_ENV}" ]; then
   # TODO -- come up with a plan for continuously updating this
   # Note we only do this in the case where METAL3_DEV_ENV is
   # unset, to enable developer testing of local checkouts
-  git reset 6a8fb0d5543970b5d628e1204a3b3d3f9f70a63f --hard
+  git reset a994b1447f89e20ec9cc161700a9e829fd5d4b89 --hard
   popd
 fi
 
 # This must be aligned with the metal3-dev-env pinned version above, see
 # https://github.com/metal3-io/metal3-dev-env/blob/master/lib/common.sh
-export ANSIBLE_VERSION=${ANSIBLE_VERSION:-"5.9.0"}
+export ANSIBLE_VERSION=${ANSIBLE_VERSION:-"7.1.0"}
 
 # Speed up dnf downloads
 sudo sh -c "echo 'fastestmirror=1' >> /etc/dnf/dnf.conf"
diff --git a/02_configure_host.sh b/02_configure_host.sh
index f87c67c77..15caa4885 100755
--- a/02_configure_host.sh
+++ b/02_configure_host.sh
@@ -330,17 +330,13 @@ fi
 ANSIBLE_FORCE_COLOR=true ansible-playbook \
     -e "{use_firewalld: True}" \
     -e "provisioning_interface=$PROVISIONING_NETWORK_NAME" \
-    -e "baremetal_interface=$BAREMETAL_NETWORK_NAME" \
-    -e "{provisioning_host_ports: [80, ${LOCAL_REGISTRY_PORT}, 8000, ${INSTALLER_PROXY_PORT}, ${AGENT_PXE_SERVER_PORT}]}" \
+    -e "external_interface=$BAREMETAL_NETWORK_NAME" \
+    -e "{vm_host_ports: [80, ${LOCAL_REGISTRY_PORT}, 8000, ${INSTALLER_PROXY_PORT}, ${AGENT_PXE_SERVER_PORT}]}" \
     -e "vbmc_port_range=$VBMC_BASE_PORT:$VBMC_MAX_PORT" \
     $ALMA_PYTHON_OVERRIDE \
     -i ${VM_SETUP_PATH}/inventory.ini \
     -b -vvv ${VM_SETUP_PATH}/firewall.yml
 
-# FIXME(stbenjam): ansbile firewalld module doesn't seem to be doing the right thing
-sudo firewall-cmd --zone=libvirt --change-interface=provisioning
-sudo firewall-cmd --zone=libvirt --change-interface=baremetal
-
 # Need to route traffic from the provisioning host.
 if [ "$EXT_IF" ]; then
   sudo $IPTABLES -t nat -A POSTROUTING --out-interface $EXT_IF -j MASQUERADE