Implemented comprehensive container detection logic to ensure proper task execution across container and physical environments, resolving compatibility issues with Molecule testing in Podman containers.
- Advanced Container Detection: Multi-criteria detection using virtualization type, environment variables, filesystem analysis, and SELinux context checking
- Performance Optimization Guards: Added
when: not is_container_environmentconditions to 20+ KVM-specific tasks - Dynamic GPG Verification: Container-aware GPG checking with fallback mechanisms for EPEL repositories
- Enhanced Role Coordination: Improved main task flow with container-specific package management
- Molecule Prepare Phases: Added comprehensive prepare.yml files across all test scenarios (default, idempotency, modular, rhel8, validation)
- EPEL GPG Handling: Research-based workarounds for container GPG verification challenges
- Container Test Validation: New test_container_detection.yml for validation across multiple container platforms
- Research Documentation: Added detailed analysis of EPEL GPG verification challenges in container environments
- Container Testing Guide: Comprehensive documentation of container compatibility improvements
- Compliance Reports: Added security assessment and structure validation reports
- Updated Testing Guide: Enhanced testing.md with container-specific testing procedures
is_container_environment: >-
{{
ansible_virtualization_type in ['container', 'docker', 'podman', 'lxc'] or
ansible_env.container is defined or
ansible_facts.get('ansible_proc_cmdline', {}).get('init', '') == '/usr/sbin/init' or
(ansible_mounts | selectattr('mount', 'equalto', '/') | first).fstype in ['overlay', 'tmpfs'] or
ansible_facts.get('ansible_selinux', {}).get('type', '') == 'docker_t'
}}- Dynamic
disable_gpg_checkbased on container detection - Multi-strategy GPG key import with fallback mechanisms
- Container-specific workarounds for RHEL 8/9/10 compatibility
- ✅ Rocky Linux 9 container: Proper task skipping confirmed
- ✅ AlmaLinux 9 container: Container detection working correctly
- ✅ RHEL 9 container: GPG verification bypassed appropriately
- ✅ RHEL 10 container: Advanced detection logic functioning
- ✅ Physical/VM hosts: Full KVM optimization applied
None - All changes are backward compatible and improve existing functionality.
roles/kvmhost_setup/tasks/performance_optimization.yml- Added advanced container detection and task guardsroles/kvmhost_setup/tasks/main.yml- Enhanced with container-aware GPG verificationroles/kvmhost_setup/tasks/gpg_verification.yml- Improved error handling and container compatibility
molecule/*/prepare.yml- Added comprehensive prepare phases for all test scenariosmolecule/default/converge.yml- Enhanced with container detection validationtest_container_detection.yml- New validation playbook for container testing
docs/research/epel-gpg-verification-in-container-testing.md- Research findings and solutionsdocs/container-testing-improvements-2025-07-16.md- Implementation guidetesting.md- Updated with container testing proceduresTODO.md- Updated progress tracking
.gitignore- Enhanced for testing artifactsscripts/test-local-molecule.sh- Improved local testing support
- ADR-0011: Local Testing Standards (Enhanced with container compatibility)
- ADR-0012: Container Security (Implemented GPG verification strategies)
Resolves compatibility issues with Molecule testing in containerized environments while maintaining full functionality for physical/VM deployments.
Tested-by: Molecule v6.0.3 with Podman driver across Rocky 9, AlmaLinux 9, RHEL 9, RHEL 10 Validated-on: 2025-07-16