[FEATURE REQUEST] Upgrade Ansible to the latest version in V2.0.x

[seriva]

Is your feature request related to a problem? Please describe. The current version of Ansible has a bunch of security issues:

• CVE-2022-3697 High severity
• CVE-2022-3697 High severity
• CVE-2023-5115 Moderate severity
• CVE-2023-5115 Moderate severity

Describe the solution you'd like Upgrade Ansible to the latest version.

Describe alternatives you've considered None

Additional context None

---

DoD checklist

• Changelog
  • [ ] updated
  • [ ] not needed
• COMPONENTS.md
  • [ ] updated
  • [ ] not needed
• Schema
  • [ ] updated
  • [ ] not needed
• Backport tasks
  • [ ] created
  • [ ] not needed
• Documentation
  • [ ] added
  • [ ] updated
  • [ ] not needed
• [ ] Feature has automated tests
• [ ] Automated tests passed (QA pipelines)
  • [ ] apply
  • [ ] upgrade
  • [ ] backup/restore
• [ ] Idempotency tested
• [ ] All conversations in PR resolved
• [ ] Solution meets requirements and is done according to design doc
• [ ] Usage compliant with license

[seriva]

Should be Ansible 10.3.0 as its supported to EOL of Epiphany. Branch with update can be found here: https://github.com/seriva/epiphany/tree/ansible-upgrade

[tomasz-baran]

ansible-core 2.17 (ansible 10.x) is incompatible with RHEL 8 (due to Python 3.6 dnf bindings).

We have the following options: 1) Upgrade to Ansible 9 instead of 10 (ansible-core 2.16 works with Python 3.6) 2) Use unofficial packages to provide dnf bindings for Python 3.11 - they were created by a RedHat employee but hard to say if they will be updated and continuously available.

• https://github.com/ktdreyer/python-311-copr
• https://copr.fedorainfracloud.org/coprs/ktdreyer/python3.11/packages/ 3) Release two versions of Epiphany: for Ubuntu with Ansible 10, for RHEL with Ansible 9 4) Upgrade RHEL from 8 to 9

More info here: https://github.com/ansible/ansible/issues/83357#issuecomment-2150254754 https://www.jeffgeerling.com/blog/2024/newer-versions-ansible-dont-work-rhel-8

We decided to choose option 1.

[seriva]

Option 1 will fix all open CV issues and while the main Ansible package is EOL from November 2024, ansible-core will be supported till EOL Epiphany in May 2025