From 4c9ae058a1e1710a6a045c5d5dbfb3bb8d0a0bf8 Mon Sep 17 00:00:00 2001 From: jefferyfry Date: Tue, 21 Apr 2020 07:19:12 -0700 Subject: [PATCH 01/10] Added Ansible for Artifactory 7 --- .gitignore | 8 + Ansible/artifactory7/.ansible-lint | 8 + Ansible/artifactory7/.yamllint | 12 + Ansible/artifactory7/README.md | 50 ++ Ansible/artifactory7/ansible.cfg | 8 + Ansible/artifactory7/hosts.yml | 95 +++ .../artifactory7/jfrog/rt7ansible/README.md | 3 + .../artifactory7/jfrog/rt7ansible/galaxy.yml | 57 ++ .../jfrog/rt7ansible/plugins/README.md | 31 + .../roles/artifactory-java/.travis.yml | 33 + .../roles/artifactory-java/.yamllint | 6 + .../roles/artifactory-java/defaults/main.yml | 6 + .../roles/artifactory-java/meta/main.yml | 42 ++ .../roles/artifactory-java/tasks/main.yml | 41 ++ .../artifactory-java/tasks/setup-Debian.yml | 17 + .../artifactory-java/tasks/setup-FreeBSD.yml | 12 + .../artifactory-java/tasks/setup-RedHat.yml | 6 + .../templates/java_home.sh.j2 | 1 + .../roles/artifactory-java/vars/Debian-10.yml | 6 + .../roles/artifactory-java/vars/Debian-8.yml | 7 + .../roles/artifactory-java/vars/Debian-9.yml | 6 + .../roles/artifactory-java/vars/Fedora.yml | 6 + .../roles/artifactory-java/vars/FreeBSD.yml | 7 + .../roles/artifactory-java/vars/RedHat-6.yml | 7 + .../roles/artifactory-java/vars/RedHat-7.yml | 8 + .../roles/artifactory-java/vars/RedHat-8.yml | 7 + .../roles/artifactory-java/vars/Ubuntu-12.yml | 7 + .../roles/artifactory-java/vars/Ubuntu-14.yml | 7 + .../roles/artifactory-java/vars/Ubuntu-16.yml | 7 + .../roles/artifactory-java/vars/Ubuntu-18.yml | 6 + .../roles/artifactory-postgres/.travis.yml | 30 + .../artifactory-postgres/defaults/main.yml | 84 +++ .../artifactory-postgres/handlers/main.yml | 4 + .../roles/artifactory-postgres/meta/main.yml | 25 + .../artifactory-postgres/tasks/Debian.yml | 33 + .../artifactory-postgres/tasks/RedHat.yml | 64 ++ .../roles/artifactory-postgres/tasks/main.yml | 107 +++ .../templates/pg_hba.conf.j2 | 7 + .../templates/postgresql.conf.j2 | 681 ++++++++++++++++++ .../artifactory-postgres/vars/Debian.yml | 12 + .../artifactory-postgres/vars/RedHat.yml | 11 + .../vars/RedHat_pg-9.6.yml | 4 + .../vars/RedHat_pg-default.yml | 4 + .../rt7ansible/roles/artifactory/.travis.yml | 29 + .../roles/artifactory/defaults/main.yml | 29 + .../roles/artifactory/files/nginx.conf | 37 + .../roles/artifactory/handlers/main.yml | 10 + .../roles/artifactory/meta/exception.yml | 6 + .../roles/artifactory/meta/main.yml | 35 + .../roles/artifactory/meta/preferences.yml | 2 + .../roles/artifactory/meta/version.yml | 6 + .../roles/artifactory/tasks/main.yml | 184 +++++ .../templates/artifactory.cluster.license.j2 | 26 + .../artifactory/templates/artifactory.conf.j2 | 49 ++ .../artifactory/templates/binarystore.xml.j2 | 4 + .../artifactory/templates/certificate.key.j2 | 4 + .../artifactory/templates/certificate.pem.j2 | 4 + .../templates/installer-info.json.j2 | 8 + .../roles/artifactory/templates/join.key.j2 | 1 + .../roles/artifactory/templates/master.key.j2 | 1 + .../artifactory/templates/system.yaml.j2 | 38 + .../roles/artifactory/vars/main.yml | 17 + Ansible/artifactory7/rt7provision.yml | 10 + 63 files changed, 2083 insertions(+) create mode 100644 .gitignore create mode 100644 Ansible/artifactory7/.ansible-lint create mode 100644 Ansible/artifactory7/.yamllint create mode 100644 Ansible/artifactory7/README.md create mode 100644 Ansible/artifactory7/ansible.cfg create mode 100644 Ansible/artifactory7/hosts.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/README.md create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/galaxy.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/plugins/README.md create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.travis.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.yamllint create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/defaults/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/meta/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-FreeBSD.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-RedHat.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/templates/java_home.sh.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-10.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-8.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-9.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Fedora.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/FreeBSD.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-6.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-7.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-8.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-12.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-14.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-16.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-18.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/.travis.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/defaults/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/handlers/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/meta/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/Debian.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/RedHat.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/pg_hba.conf.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/postgresql.conf.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/Debian.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-9.6.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-default.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/.travis.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/defaults/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/files/nginx.conf create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/handlers/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/exception.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/preferences.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/version.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.cluster.license.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.conf.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/binarystore.xml.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.key.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.pem.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/installer-info.json.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/join.key.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/master.key.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/system.yaml.j2 create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml create mode 100644 Ansible/artifactory7/rt7provision.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1e6e65c --- /dev/null +++ b/.gitignore @@ -0,0 +1,8 @@ +.molecule +*.log +*.swp +.tox +./idea +.idea/ +.DS_Store + diff --git a/Ansible/artifactory7/.ansible-lint b/Ansible/artifactory7/.ansible-lint new file mode 100644 index 0000000..a59f903 --- /dev/null +++ b/Ansible/artifactory7/.ansible-lint @@ -0,0 +1,8 @@ +# +# Ansible managed +# +exclude_paths: + - ./meta/version.yml + - ./meta/exception.yml + - ./meta/preferences.yml + - ./molecule/default/verify.yml diff --git a/Ansible/artifactory7/.yamllint b/Ansible/artifactory7/.yamllint new file mode 100644 index 0000000..c5ae64b --- /dev/null +++ b/Ansible/artifactory7/.yamllint @@ -0,0 +1,12 @@ +--- +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/Ansible/artifactory7/README.md b/Ansible/artifactory7/README.md new file mode 100644 index 0000000..c06be0c --- /dev/null +++ b/Ansible/artifactory7/README.md @@ -0,0 +1,50 @@ +# rt7ansible +This repo contains the Ansible collection for JFrog Artifactory Pro 7 roles. These roles allow you to provision Artifactory for High-Availability using a Primary node and multiple Secondary nodes. Additionally, a Postgresql role is provided for installing an Artifactory Postgresql database. + +## Roles Provided +### artifactory +The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. + +### artifactory-postgres +The artifactory-postgres role will install Postgresql software and configure an artifactory database and user. + +### artifactory-java +The artifactory-java role ensures that the correct version of Java is installed for Artifactory. + +## Vars Required +The following Vars must be configured. + +### all +* ansible_user: The SSH user to access the hosts. eg. "ubuntu" +* ansible_ssh_private_key_file: The SSH key to use. eg. "/Users/jefff/.ssh/jeff-ec2-us-east.pem" +* db_user: The Artifactory database user to configure. eg. "artifactory" +* db_password: The Artifactory database password to configure. "Art1fact0ry" +* server_name: This is the LB DNS or IP. eg. "ansibleelb-623062857.us-east-1.elb.amazonaws.com" +* certificate: This is the SSL cert. +* certificate_key: This is the SSL private key. + +### artifactory +* master_key: This is the Artifactory Master Key. +* join_key: This is the Artifactory Join Key. +* db_download_url: This is the download URL for the JDBC driver for your database. eg. "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" +* db_type: This is the database type. eg. "postgresql" +* db_driver: This is the JDBC driver class. eg. "org.postgresql.Driver" +* db_url: This is the JDBC database url. eg. "jdbc:postgresql://10.0.0.120:5432/artifactory" + +### primary +* artifactory_is_primary: For the primary node this must be set to **true**. +* artifactory_license1 - 5: These are the cluster licenses. + +### secondary +* artifactory_is_primary: For the primary node this must be set to **false**. + +### Example Inventory YAML +An example inventory YAM is [here](hosts.yml). + +### Example Playbook +An playbook is [here](rt7provision.yml). + +## Executing a Playbook +``` +ansible-playbook -i hosts.yml rt7provision.yml +``` \ No newline at end of file diff --git a/Ansible/artifactory7/ansible.cfg b/Ansible/artifactory7/ansible.cfg new file mode 100644 index 0000000..fd33dd1 --- /dev/null +++ b/Ansible/artifactory7/ansible.cfg @@ -0,0 +1,8 @@ +[defaults] +# Installs collections into [current dir]/ansible_collections/namespace/collection_name +collections_paths = ./ + +# Installs roles into [current dir]/roles/namespace.rolename +roles_path = ./jfrog/rt7ansible/roles + +host_key_checking = false \ No newline at end of file diff --git a/Ansible/artifactory7/hosts.yml b/Ansible/artifactory7/hosts.yml new file mode 100644 index 0000000..573e205 --- /dev/null +++ b/Ansible/artifactory7/hosts.yml @@ -0,0 +1,95 @@ +--- +all: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/jeff-ec2-us-east.pem" + db_user: "artifactory" + db_password: "xxxxxx" + children: + database: + hosts: + 54.80.0.91: + artifactory: + vars: + master_key: "xxxxxx788ac56159890975bcf" + join_key: "xxxxxx4bbac87970282fdeb" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "jdbc:postgresql://10.0.0.70:5432/artifactory" + server_name: "ansibleelb-623062857.us-east-1.elb.amazonaws.com" + certificate: | + -----BEGIN CERTIFICATE----- + MIID6DCCAtACCQCd6u7IjLN0hjANBgkqhkiG9w0BAQsFADCBtTELMAkGA1UEBhMC + VVMxCzAJBgNVBAgMAldBMRAwDgYDVQQHDAdCb3RoZWxsMQ4wDAYDVQQKDAVKRnJv + ZzEcMBoGA1UECwwTUGFydG5lciBFbmdpbmVlcmluZzE5MDcGA1UEAwwwYW5zaWJs + ZWVsYi02MjMwNjI4NTcudXMtZWFzdC0xLmVsYi5hbWF6b25hd3MuY29tMR4wHAYJ + KoZIhvcNAQkBFg9qZWZmZkBqZnJvZy5jb20wHhcNMjAwNDIxMDcyODU2WhcNMjEw + NDIxMDcyODU2WjCBtTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAldBMRAwDgYDVQQH + DAdCb3RoZWxsMQ4wDAYDVQQKDAVKRnJvZzEcMBoGA1UECwwTUGFydG5lciBFbmdp + bmVlcmluZzE5MDcGA1UEAwwwYW5zaWJsZWVsYi02MjMwNjI4NTcudXMtZWFzdC0x + LmVsYi5hbWF6b25hd3MuY29tMR4wHAYJKoZIhvcNAQkBFg9qZWZmZkBqZnJvZy5j + b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcHjL1Epz/hWLBV0g7 + MOhTiPktZ5Y8TNiJCEuoPFCeFx0bcdWC2Wvly8OyAW7NXhWyscyi+vwDw4ix6SlE + WNApxRb0F3vRNGL7PwTYfNM5XI7LRSZTE3cU7UEXMZh5Hyeqc0aRSbGTAsw8HUag + 7gzk//WIMWcSCWHuz4GubvvqlLpSgc/XSPLP59JZYDOGbDTF8Qh8x8j1cSPQ5NnA + sGUqMloQOPEtG7KIXYt4uWT26zwdSjphUckqbX/bguknrAiffLZW7+j2SsoScJSf + DWQgZLf8L7yVJKVSv9yzYyPMp054XnUTtwRY7W0KPCb2FiUM6RpcHXuNG8H2p7wL + cizRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBABzCfNNLxqYONvhA1t26WwBRzqgA + G6pI8krV1mVf2WzGBxemkFOZnc7f3E7Lq710np6TZuPVFs9kHqg3ajd6JEdOpPLs + kUpOXGSesBmCjDnaBtF5g2kAjaRjur50lc6Kc7+sGs5WqR94TUd8s1Gt92tsS69p + UG2p05HETTZaVMPi4FhkGlCMFk2MCS8hyCqyu9TYiD2YvK3yY7OKFK9MYcmNdVXX + cwsM2jIyu4g3w7KN9FeR/6ZXbkTF25162tientaxKQQfABOzVn8u5vaUyEAIASS5 + uQmfTevyClGg4Rp8iZeXywF7k0Fd8OulJy5GPACs9yps5VC/14Gv/9bswqI= + -----END CERTIFICATE----- + + certificate_key: | + -----BEGIN RSA PRIVATE KEY----- + MIIEogIBAAKCAQEAnB4y9RKc/4ViwVdIOzDoU4j5LWeWPEzYiQhLqDxQnhcdG3HV + gtlr5cvDsgFuzV4VsrHMovr8A8OIsekpRFjQKcUW9Bd70TRi+z8E2HzTOVyOy0Um + UxN3FO1BFzGYeR8nqnNGkUmxkwLMPB1GoO4M5P/1iDFnEglh7s+Brm776pS6UoHP + 10jyz+fSWWAzhmw0xfEIfMfI9XEj0OTZwLBlKjJaEDjxLRuyiF2LeLlk9us8HUo6 + YVHJKm1/24LpJ6wIn3y2Vu/o9krKEnCUnw1kIGS3/C+8lSSlUr/cs2MjzKdOeF51 + E7cEWO1tCjwm9hYlDOkaXB17jRvB9qe8C3Is0QIDAQABAoIBAArIrz5shbnEzfiK + /etQyouSp5uyTxdlO4Pjtc4uNGdnM1SE/XmnaSObeq4eGThIanlIfNk5OxVLeXLI + p1gYRnDMM3Sy9pOR6dBvHveRT8njkd2KrkYIzy374YYnn9+l/khw5Av/Kiv8gn0Y + jJtrNirPX3eD6hm92izz2oJhGjeu6L18PVuQ9yxhyWSZMq6klLpzMvTaKQxs6inj + IBfb8cBZIU0zJFNSKOW0aCHDtLyRiakoTiZehbe3GjDMVVTVF6hi4voP+MjGA48f + fjJFS5vybWucSB80EHMgMTEZ7PGtZUMO+WGUrsEIwi97Zk2ru/JpC212dzgZy3EQ + rD4Fm8ECgYEAyCdzvdpqPtg95GdadgyC6/Kb/PJEUrbv92yIgoH9hmSTmZzhZ9n1 + g196C0ODhIb5pjTdduUV8phseXwakTh0vV5Uo5mj29RTWodzz0WzvnePnAoU33px + OldogCs1tT5PPZeT+g8UZwOePrAczr0OivhYwY8dK+B13RUP39Zi4ekCgYEAx61Y + qwWd6XGWQ1BB1iQN2d+bihidtN4z5LLHVW+rJRplCNC8ng1lZPIwIn7Y4X8G5E2J + liai3doO8QCoSzOPe821QcqlS5Ps5hAooqQUuE6iQBQqJa/BSstZ1OjQZ7xpqAJs + skrPRRNJdQaCUYvCdp2VgIbFzOZT7EwR0f0yeqkCgYA5kneNXZz/9K1g3IW9vP2P + ptpNmNYkQLCnp9VgTMnC9X0rS1/ewmgHYNg3EzVqUnTO5Rfq0hxNCqDxFMyDhwy1 + R8Pqxw/F9L4BJUMflLoOCFALny6/1XVqRagubb9mIcUjP012OQ4yT20eNQQkR2c+ + fA7zphnK/CaK8Dr/tKf+uQKBgBI1JFiz8mpPCTyqHNbCAuFTGoPFKtxLRsAb7UFF + JX4EoiHjps9iuVQzIWCD4JLvWlmHGHywmTlRoPso7C+vS+4mG9kb+Wai3n88CfiK + rbkAsprVO+Kj3CRN1qsrb5WGALxpPDAl0jCiSZh6N3foHptiUzedEnxUpGJvrVBQ + nkHBAoGAMODLk99r/9v/z95FcZwpPdT+YaOJdkW1f4ZS+c7qpp+uxTibx9IUYdEZ + 0FF3MDzfdltCIN9jzBdnX3yT+X6c/HLMqSTa7eohciTPZ1aJr1GiLUUwf3oGhs09 + 8uIBNLYW1f/GOCIRlaRrNAzfy9dagyiy/mwROQslovT3XgYmnlE= + -----END RSA PRIVATE KEY----- + children: + primary: + hosts: + 52.91.142.46: + vars: + artifactory_is_primary: true + artifactory_license1: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHSTJaakk0TURsakxXVXhNakV0TkdOa01TMWlNRGczTFdVMk5tSmlNVGxrTlRjMlpRcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBd09Gb0sKICAgIHNpZ25hdHVyZTogU20vVlV1a3dnVTRlaEtHVmpwbE9XUHB5SzJpcS9pUVdjNklPOXdhNCtYdUR6SERrTFlPRFpkdm80bWxtU0d3NFVlak1mUXRiczFQbW8rTndnZERJbHVHQWpzMXZsbEpuVU5mRzZNQmYxTG5OMTg3RnpmNUswL0Q2WWFuUWI2Q1FYQ0x3T1FxK1VNYWpOcVh2eURoU1RDZHE3VjJtcXl6bDQ2bGFoWDB6VXQvYmM2UnQyNGFZS3ZSc2hxcmZ5eFNLWVY0YXBFeXJuRnZsYWZ5aFVaalJseGxubDJlUkRlVEI1cFZibXRSb2pTVU9oNExNMDg1Rm96QTB4dUxOdkEwbUhDYmtnTWlFRHdaOHJoK3F5SDYvUEFiaEdBWmlQbWY5WVZnM3FydUJkc1p6UmNiTytEUmIwZnZKeXB3NmVIVW4vd0dZd0daTkZEdmJZUlhGYjVaSkRRPT0KdmVyc2lvbjogMQo= + artifactory_license2: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHWTJaVGsyTXpSaExUa3laR0V0TkRSbE9DMDVPVFkyTFRGallUQTNNakk0WVRObE1ncHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBeU5sb0sKICAgIHNpZ25hdHVyZTogaTh0Vys0T3ZUVDErUTBpSmZPalgyOTRUa0YyTFhhYWtsbDZRSlJSYVVZVlpVejhaVTlKRXB3RWZaMnZPYTdvVkQ4ZUJGSTArSVRjQTZBNFVJcCsrZjJleTJIdVdDNU50NFFiTWxPSS9sdzY1Yk9SNHdsN0tML1EvVURsb3gzaENvVkRaSFpTVDdzdGVoVkJHVzdBMUVaVXBGc3hhaHZzaWNxSHJSMzNudGhyWGY0TllrS2g1TmVWYlhFYTRFSWgrak1ycnhsM1ZmODZHMm8vSDR1Y2dxb2dxYjZDSUk0TUhMYWE0Wk9BU0ZGVkpaWU1KZkxjS3ZDSzVxMlJ5bDUwVFR1aVQ5UVJld21yamFTS1ByamRsNk52ckFYTDEzd2xjSmFGd2FnTDJSblYzd3VTVTNqWkg1Z3ZEQzJscjJtZGh1eVdKbjBFRXhnMGZBTFVtM1VXNHRnPT0KdmVyc2lvbjogMQo= + artifactory_license3: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHSm1ZMk00TVRReUxUYzBNamt0TkRFd1l5MDVZV1prTFRFM09UWXlaV016TWpJNFpBcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBME5Gb0sKICAgIHNpZ25hdHVyZToga2JiUUJ0NW55WkpiOERtZTJCR0F5eXRNOEkyZ1dWQW8yRlBLVEFUKzQyY3NMaGcwcjJCL0xtNnZmOGRML3g5WVluNTA0d1ZEVnd2ZGFBbG5kamJONjZzSXJieWptN2Q4VVpzUXMyL3lUdlk2b3VzMVdibU8rTER2SVpGbDFkQ2hHTnc5Rk82NmhPT0lYdUpxU3BUczdYMVlnMS9vZ1pUbS9ZQnJQamlWb1duVVJJUENhSzhWYStSRDhUREExTXdwZitrNXdhQ3h1QWt0b1FwdVJYVUQzUlFXTGdyd1BxZEhXUnhHN2NTZWh0ZjU0dEJmRHNLUzMvUUVQQXNjSXI5RVM5ZFRzVzlSL1NBZFBVLzRsUWE0aFpOdVprS2d5aXdoOE1ybnlxYWRKVXRhSzUvRnAyTHMxSk5NQVg2NERqbU1kdURrS1I0NGlPQVFGeGcwTjlURE5RPT0KdmVyc2lvbjogMQo= + artifactory_license4: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklEWmhPVE0yWW1NMExUQTROVGd0TkRCak5pMDRNemd3TFdNNE9XSmlaVGsxWlROak1RcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBMk1sb0sKICAgIHNpZ25hdHVyZTogZmRlTG95bzc1VTdKYW1JZ00ycVAwMUZWbEE5cHZXbUJXbGNqamJnNGZTQ0UzcVExSDNtTDlkdkJmYTZMTmV1QmxXTTdtWkdTTEhzZzlnc1ZabmduZFR2emFndEtHY3VndlpRQ3puamFERU1QL2JiU3VYWW52UEVDRGFBek5hVm9lakM5VWxialUzK0xPZSt5MC9xU1NiMFlXdDBGSGxydEZObGVlWDFWSGdqN3MwdzRYS1lJWDFBWGdhVTY4ODZZZWdvOTJrSHB1cjIrUmQrUUNLaHAwTzIxdGliVlFMSjZrSEQyZXlKa3J1R0JmWmVhdlZVbkNrVTR6ck1lTlhjNlI4RVlqUGFFTGVZMm02VFBGZWc5OG5JRjVFOS9LZ0VBYUNEeG1CZ3RFaWR0UVJCNVBMa2RxSm53VWxPR1d1UjB3UldBODV5eFhkWTJwdWRJc2lRdXh3PT0KdmVyc2lvbjogMQo= + artifactory_license5: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklEY3pPR1prWWpVM0xXRXhZbVV0TkRZM015MWhabUV3TFRobFlUUmtZVFZrTnpnd01RcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBM09Wb0sKICAgIHNpZ25hdHVyZTogYytEdkJWNXdiRlRnUEFxT0VFWDU0S3IwQWlMWUVNNTJuRHNUcGI4OHNXdmIxTGl1YlRvdXA0NXNMVU9aTnZvVlFuM2szREw4MTFQdHU1WUM5T3dVNXdTNDVkTkQrZHNLREN3eTE4T0c3SU05ZHZ6bml2RU5mb2xsL2VFMTNtazZVS0RLQmhXUkxlYjVvM0tIbkZGRTRTZ004UVNRNGFsWnA5cjA3aUJTUVRrVkxPVnliTUJtSFpkMVJlSmUwcTN0TXZGUVNFNTJHU3FzaURkZ0lVQTVjL1lUQVVnclRoc1lCRVpJQmJCTXVITnNSay9rZHRobmRHWitsQnB0bzlHR25HQ3EzZ0lOQU94Q2tHSnlvMWpGK28xMi9tR3Q1NnVocXVJN2s3SzMzMUpvMGl1L2VWWkxOWEtGNjl5OEE2K0dyMnVheExEajQwaGYwU0pHZ3FESVdBPT0KdmVyc2lvbjogMQo= + secondary: + hosts: + 54.175.150.158: + 18.208.198.226: + vars: + artifactory_is_primary: false + + + + + diff --git a/Ansible/artifactory7/jfrog/rt7ansible/README.md b/Ansible/artifactory7/jfrog/rt7ansible/README.md new file mode 100644 index 0000000..823595b --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/README.md @@ -0,0 +1,3 @@ +# Ansible Collection - jfrog.rt7ansible + +Documentation for the collection. \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/galaxy.yml b/Ansible/artifactory7/jfrog/rt7ansible/galaxy.yml new file mode 100644 index 0000000..3bba7ee --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/galaxy.yml @@ -0,0 +1,57 @@ +### REQUIRED + +# The namespace of the collection. This can be a company/brand/organization or product namespace under which all +# content lives. May only contain alphanumeric lowercase characters and underscores. Namespaces cannot start with +# underscores or numbers and cannot contain consecutive underscores +namespace: jfrog + +# The name of the collection. Has the same character restrictions as 'namespace' +name: rt7ansible + +# The version of the collection. Must be compatible with semantic versioning +version: 1.0.0 + +# The path to the Markdown (.md) readme file. This path is relative to the root of the collection +readme: README.md + +# A list of the collection's content authors. Can be just the name or in the format 'Full Name (url) +# @nicks:irc/im.site#channel' +authors: +- your name + + +### OPTIONAL but strongly recommended + +# A short summary description of the collection +description: your collection description + +# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only +# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file' +license: +- GPL-2.0-or-later + +# The path to the license file for the collection. This path is relative to the root of the collection. This key is +# mutually exclusive with 'license' +license_file: '' + +# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character +# requirements as 'namespace' and 'name' +tags: [] + +# Collections that this collection requires to be installed for it to be usable. The key of the dict is the +# collection label 'namespace.name'. The value is a version range +# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version +# range specifiers can be set and are separated by ',' +dependencies: {} + +# The URL of the originating SCM repository +repository: http://example.com/repository + +# The URL to any online docs +documentation: http://docs.example.com + +# The URL to the homepage of the collection/project +homepage: http://example.com + +# The URL to the collection issue tracker +issues: http://example.com/issue/tracker diff --git a/Ansible/artifactory7/jfrog/rt7ansible/plugins/README.md b/Ansible/artifactory7/jfrog/rt7ansible/plugins/README.md new file mode 100644 index 0000000..6541cf7 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/plugins/README.md @@ -0,0 +1,31 @@ +# Collections Plugins Directory + +This directory can be used to ship various plugins inside an Ansible collection. Each plugin is placed in a folder that +is named after the type of plugin it is in. It can also include the `module_utils` and `modules` directory that +would contain module utils and modules respectively. + +Here is an example directory of the majority of plugins currently supported by Ansible: + +``` +└── plugins + ├── action + ├── become + ├── cache + ├── callback + ├── cliconf + ├── connection + ├── filter + ├── httpapi + ├── inventory + ├── lookup + ├── module_utils + ├── modules + ├── netconf + ├── shell + ├── strategy + ├── terminal + ├── test + └── vars +``` + +A full list of plugin types can be found at [Working With Plugins](https://docs.ansible.com/ansible/2.9/plugins/plugins.html). \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.travis.yml new file mode 100644 index 0000000..0a639b7 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.travis.yml @@ -0,0 +1,33 @@ +--- +language: python +services: docker + +env: + global: + - ROLE_NAME: java + matrix: + - MOLECULE_DISTRO: centos8 + - MOLECULE_DISTRO: centos7 + - MOLECULE_DISTRO: centos6 + - MOLECULE_DISTRO: fedora31 + - MOLECULE_DISTRO: ubuntu1804 + - MOLECULE_DISTRO: ubuntu1604 + - MOLECULE_DISTRO: debian10 + - MOLECULE_DISTRO: debian9 + +install: + # Install test dependencies. + - pip install molecule yamllint ansible-lint docker + +before_script: + # Use actual Ansible Galaxy role name for the project directory. + - cd ../ + - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME + - cd geerlingguy.$ROLE_NAME + +script: + # Run tests. + - molecule test + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.yamllint b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.yamllint new file mode 100644 index 0000000..a3dbc38 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.yamllint @@ -0,0 +1,6 @@ +--- +extends: default +rules: + line-length: + max: 120 + level: warning diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/defaults/main.yml new file mode 100644 index 0000000..3f51462 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/defaults/main.yml @@ -0,0 +1,6 @@ +--- +# Set java_packages if you would like to use a different version than the +# default for the OS (see defaults per OS in `vars` directory). +# java_packages: [] + +java_home: "" diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/meta/main.yml new file mode 100644 index 0000000..20b9f75 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/meta/main.yml @@ -0,0 +1,42 @@ +--- +dependencies: [] + +galaxy_info: + role_name: java + author: geerlingguy + description: Java for Linux + company: "Midwestern Mac, LLC" + license: "license (BSD, MIT)" + min_ansible_version: 2.4 + platforms: + - name: EL + versions: + - 6 + - 7 + - 8 + - name: Fedora + versions: + - all + - name: Debian + versions: + - wheezy + - jessie + - stretch + - buster + - name: Ubuntu + versions: + - precise + - trusty + - xenial + - bionic + - name: FreeBSD + versions: + - 10.2 + galaxy_tags: + - development + - system + - web + - java + - jdk + - openjdk + - oracle diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/main.yml new file mode 100644 index 0000000..b2a6ded --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/main.yml @@ -0,0 +1,41 @@ +--- +- name: Include OS-specific variables for Fedora or FreeBSD. + include_vars: "{{ ansible_distribution }}.yml" + when: ansible_distribution == 'FreeBSD' or ansible_distribution == 'Fedora' + +- name: Include version-specific variables for CentOS/RHEL. + include_vars: "RedHat-{{ ansible_distribution_version.split('.')[0] }}.yml" + when: ansible_distribution == 'CentOS' or + ansible_distribution == 'Red Hat Enterprise Linux' or + ansible_distribution == 'RedHat' + +- name: Include version-specific variables for Ubuntu. + include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_version.split('.')[0] }}.yml" + when: ansible_distribution == 'Ubuntu' + +- name: Include version-specific variables for Debian. + include_vars: "{{ ansible_distribution|title }}-{{ ansible_distribution_version.split('.')[0] }}.yml" + when: ansible_os_family == 'Debian' + +- name: Define java_packages. + set_fact: + java_packages: "{{ __java_packages | list }}" + when: java_packages is not defined + +# Setup/install tasks. +- include_tasks: setup-RedHat.yml + when: ansible_os_family == 'RedHat' + +- include_tasks: setup-Debian.yml + when: ansible_os_family == 'Debian' + +- include_tasks: setup-FreeBSD.yml + when: ansible_os_family == 'FreeBSD' + +# Environment setup. +- name: Set JAVA_HOME if configured. + template: + src: java_home.sh.j2 + dest: /etc/profile.d/java_home.sh + mode: 0644 + when: java_home is defined and java_home diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml new file mode 100644 index 0000000..4d9fc0a --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml @@ -0,0 +1,17 @@ +--- +# See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199 and +# https://github.com/geerlingguy/ansible-role-java/issues/64 +- name: Ensure 'man' directory exists. + file: + path: /usr/share/man/man1 + state: directory + recurse: true + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_version == '18.04' + +- name: Ensure Java is installed. + apt: + name: "{{ java_packages }}" + state: present + become: true diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-FreeBSD.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-FreeBSD.yml new file mode 100644 index 0000000..ca356b3 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-FreeBSD.yml @@ -0,0 +1,12 @@ +--- +- name: Ensure Java is installed. + pkgng: + name: "{{ java_packages }}" + state: present + become: true + +- name: ensure proc is mounted + mount: name=/proc fstype=procfs src=proc opts=rw state=mounted + +- name: ensure fdesc is mounted + mount: name=/dev/fd fstype=fdescfs src=fdesc opts=rw state=mounted diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-RedHat.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-RedHat.yml new file mode 100644 index 0000000..cdd912d --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-RedHat.yml @@ -0,0 +1,6 @@ +--- +- name: Ensure Java is installed. + package: + name: "{{ java_packages }}" + state: present + become: true diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/templates/java_home.sh.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/templates/java_home.sh.j2 new file mode 100644 index 0000000..4859c4a --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/templates/java_home.sh.j2 @@ -0,0 +1 @@ +export JAVA_HOME={{ java_home }} diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-10.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-10.yml new file mode 100644 index 0000000..bd058c2 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-10.yml @@ -0,0 +1,6 @@ +--- +# JDK version options include: +# - java +# - openjdk-11-jdk +__java_packages: + - openjdk-11-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-8.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-8.yml new file mode 100644 index 0000000..8d620e4 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-8.yml @@ -0,0 +1,7 @@ +--- +# JDK version options include: +# - java +# - openjdk-6-jdk +# - openjdk-7-jdk +__java_packages: + - openjdk-7-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-9.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-9.yml new file mode 100644 index 0000000..17e49bf --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-9.yml @@ -0,0 +1,6 @@ +--- +# JDK version options include: +# - java +# - openjdk-8-jdk +__java_packages: + - openjdk-8-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Fedora.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Fedora.yml new file mode 100644 index 0000000..47c5a01 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Fedora.yml @@ -0,0 +1,6 @@ +--- +# JDK version options include: +# - java +# - java-1.8.0-openjdk +__java_packages: + - java-1.8.0-openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/FreeBSD.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/FreeBSD.yml new file mode 100644 index 0000000..0d712eb --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/FreeBSD.yml @@ -0,0 +1,7 @@ +--- +# JDK version options for FreeBSD include: +# - openjdk +# - openjdk6 +# - openjdk8 +__java_packages: + - openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-6.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-6.yml new file mode 100644 index 0000000..70694b7 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-6.yml @@ -0,0 +1,7 @@ +--- +# JDK version options include: +# - java +# - java-1.6.0-openjdk +# - java-1.7.0-openjdk +__java_packages: + - java-1.7.0-openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-7.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-7.yml new file mode 100644 index 0000000..64db579 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-7.yml @@ -0,0 +1,8 @@ +--- +# JDK version options include: +# - java +# - java-1.6.0-openjdk +# - java-1.7.0-openjdk +# - java-1.8.0-openjdk +__java_packages: + - java-1.8.0-openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-8.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-8.yml new file mode 100644 index 0000000..d49b6f4 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-8.yml @@ -0,0 +1,7 @@ +--- +# JDK version options include: +# - java-1.8.0-openjdk +# - java-11-openjdk +# - java-latest-openjdk +__java_packages: + - java-11-openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-12.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-12.yml new file mode 100644 index 0000000..8d620e4 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-12.yml @@ -0,0 +1,7 @@ +--- +# JDK version options include: +# - java +# - openjdk-6-jdk +# - openjdk-7-jdk +__java_packages: + - openjdk-7-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-14.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-14.yml new file mode 100644 index 0000000..8d620e4 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-14.yml @@ -0,0 +1,7 @@ +--- +# JDK version options include: +# - java +# - openjdk-6-jdk +# - openjdk-7-jdk +__java_packages: + - openjdk-7-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-16.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-16.yml new file mode 100644 index 0000000..0a0bd82 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-16.yml @@ -0,0 +1,7 @@ +--- +# JDK version options include: +# - java +# - openjdk-8-jdk +# - openjdk-9-jdk +__java_packages: + - openjdk-8-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-18.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-18.yml new file mode 100644 index 0000000..bd058c2 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-18.yml @@ -0,0 +1,6 @@ +--- +# JDK version options include: +# - java +# - openjdk-11-jdk +__java_packages: + - openjdk-11-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/.travis.yml new file mode 100644 index 0000000..9d4d136 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/.travis.yml @@ -0,0 +1,30 @@ +--- +language: python + +services: + - docker + +env: + global: + - DEBUG=--debug + matrix: + - MOLECULE_DISTRO=centos7 MOLECULE_SCENARIO=default + - MOLECULE_DISTRO=centos7 MOLECULE_SCENARIO=version11 + # - MOLECULE_DISTRO: fedora27 + # - MOLECULE_DISTRO: fedora29 + - MOLECULE_DISTRO=ubuntu1604 MOLECULE_SCENARIO=default + - MOLECULE_DISTRO=ubuntu1604 MOLECULE_SCENARIO=version11 + - MOLECULE_DISTRO=ubuntu1804 MOLECULE_SCENARIO=default + - MOLECULE_DISTRO=ubuntu1804 MOLECULE_SCENARIO=version11 + # - MOLECULE_DISTRO: debian9 + +before_install: + - sudo apt-get -qq update + - sudo apt-get install -y net-tools +install: + - pip install molecule docker-py + +script: + - molecule --version + - ansible --version + - molecule $DEBUG test -s $MOLECULE_SCENARIO diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/defaults/main.yml new file mode 100644 index 0000000..9f7a0ad --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/defaults/main.yml @@ -0,0 +1,84 @@ +--- +# Put database into alternative location with a bind mount. +postgres_server_bind_mount_var_lib_pgsql: false + +# Where to put database. +postgres_server_bind_mount_var_lib_pgsql_target: "" + +# Default version of Postgres server to install. +postgres_server_version: "9.6" + +# Server version in package: +postgres_server_pkg_version: "{{ postgres_server_version|replace('.', '') }}" + +# Whether or not the files are on ZFS. +postgres_server_volume_is_zfs: false + +# Postgres setting max_connections. +postgres_server_max_connections: 100 + +# Postgres setting shared_buffers. +postgres_server_shared_buffers: 128MB + +# Postgres setting maintenance_work_mem. +postgres_server_maintenance_work_mem: 64MB + +# Postgres setting effective_io_concurrency. +postgres_server_effective_io_concurrency: 1 + +# Postgres setting max_worker_processes. +postgres_server_max_worker_processes: 8 + +# Postgres setting max_parallel_maintenance_workers. +postgres_server_max_parallel_maintenance_workers: 2 + +# Postgres setting max_parallel_workers_per_gather. +postgres_server_max_parallel_workers_per_gather: 2 + +# Postgres setting parallel_leader_participation. +postgres_server_parallel_leader_participation: true + +# Postgres setting max_parallel_workers. +postgres_server_max_parallel_workers: 8 + +# Postgres setting max_locks_per_transaction. +postgres_server_max_locks_per_transaction: 64 + +# Configuration for "random access" cost. +postgres_server_random_page_cost: "4.0" + +# User name that the postgres user runs as. +postgres_server_user: postgres + +# Whether or not to lock checkpoints. +postgres_server_log_checkpoints: false + +# Whether or not to lock connects. +postgres_server_log_connections: false + +# Whether or not to lock disconnects. +postgres_server_log_disconnections: false + +# Whether or not to log duration +postgres_server_log_duration: false + +# Error logging verbosity. +postgres_server_log_error_verbosity: "default" + +# Whether or not to log the host name. +postgres_server_log_hostname: false + +# Whether or not to lock waits. +postgres_server_log_lock_waits: false + +# Which statements to log. +postgres_server_log_statements: "none" + +# Whether or not to enable the auto_explain module. +postgres_server_auto_explain_enabled: false + +# Minimal duration to log auto explain for. +postgres_server_auto_explain_log_min_duration: -1 + +# Whether or not to use EXPLAIN ANALYZE. +postgres_server_auto_explain_log_analyze: true diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/handlers/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/handlers/main.yml new file mode 100644 index 0000000..5341b3d --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/handlers/main.yml @@ -0,0 +1,4 @@ +--- + +- name: restart postgres + systemd: name={{ postgres_server_service_name }} state=restarted diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/meta/main.yml new file mode 100644 index 0000000..cc79dee --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/meta/main.yml @@ -0,0 +1,25 @@ +--- + +galaxy_info: + role_name: postgres_server + author: Jeff Fry + description: Installation of Postgres for Artifactory HA + company: JFrog + min_ansible_version: 2.8 + platforms: + - name: Fedora + versions: + - 27 + - 29 + - name: Ubuntu + versions: + - xenial + - bionic + - name: Debian + versions: + - stretch + galaxy_tags: + - postgres + - postgresql + +dependencies: [] diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/Debian.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/Debian.yml new file mode 100644 index 0000000..7ab9455 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/Debian.yml @@ -0,0 +1,33 @@ +--- + +- name: install ansible-related package + yum: + name: + - python3-psycopg2 + - sudo + - wget + state: present + become: True + +- name: add postgres apt key + apt_key: + url: https://www.postgresql.org/media/keys/ACCC4CF8.asc + id: "0x7FCC7D46ACCC4CF8" + state: present + become: True + +- name: register APT repository + apt_repository: + repo: deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main + state: present + filename: pgdg + become: True + +- name: install postgres packages + apt: + name: + - postgresql-{{ postgres_server_version }} + - postgresql-server-dev-{{ postgres_server_version }} + - postgresql-contrib-{{ postgres_server_version }} + state: present + become: True diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/RedHat.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/RedHat.yml new file mode 100644 index 0000000..4be0aed --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/RedHat.yml @@ -0,0 +1,64 @@ +--- + +- name: install EPEL repository + yum: name=epel-release state=present + when: > # not for Fedora + ansible_distribution == 'CentOS' or + ansible_distribution == 'Red Hat Enterprise Linux' + become: True + +- name: install ansible-related package + yum: + name: + - python-psycopg2 + - sudo + - wget + - perl + state: present + become: True + +- name: fixup some locale issues + lineinfile: + dest: /etc/default/locale + line: 'LANGUAGE="{{ item }}"' + state: present + create: yes + loop: + - 'en_US:en' + - 'en_us.UTF-8' + +- name: get latest version + vars: + base: http://download.postgresql.org/pub/repos/yum + ver: "{{ ansible_distribution_version }}" + shell: | + set -eo pipefail + wget -O - {{ base }}/{{ postgres_server_version }}/redhat/rhel-{{ ver }}-x86_64/ 2>/dev/null | \ + grep 'pgdg-redhat' | \ + perl -pe 's/^.*rpm">//g' | \ + perl -pe 's/<\/a>.*//g' | \ + tail -n 1 + args: + executable: /bin/bash + changed_when: false + check_mode: false + register: latest_version + tags: [skip_ansible_lint] # yes, I want wget here + +- name: config postgres repository + vars: + base: http://download.postgresql.org/pub/repos/yum + ver: "{{ ansible_distribution_version }}" + yum: + name: "{{ base }}/{{ postgres_server_version }}/redhat/rhel-{{ ver }}-x86_64/{{ latest_version.stdout }}" + state: present + become: True + +- name: install postgres packages + yum: + name: + - postgresql{{ postgres_server_pkg_version }}-server + - postgresql{{ postgres_server_pkg_version }}-contrib + - postgresql{{ postgres_server_pkg_version }}-devel + state: present + become: True diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/main.yml new file mode 100644 index 0000000..4fad4e1 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/main.yml @@ -0,0 +1,107 @@ +--- +- name: define distribution-specific variables + include_vars: "{{ ansible_os_family }}.yml" + +#- name: define postgres version-specific variables +# include_vars: "{{ lookup('first_found', params) }}" +# vars: +# params: +# files: +# - "{{ ansible_os_family }}_pg-{{ postgres_server_version }}.yml" +# - "{{ ansible_os_family }}_pg-default.yml" +# paths: +# - "vars" +# skip: true +# ignore_errors: true + +- name: create directory for bind mount if necessary + file: + path: "{{ postgres_server_bind_mount_var_lib_pgsql_target }}" + state: directory + become: true + when: postgres_server_bind_mount_var_lib_pgsql + + +- name: perform bind mount if necessary + mount: + path: "/var/lib/pgsql" + src: "{{ postgres_server_bind_mount_var_lib_pgsql_target }}" + opts: bind + state: mounted + fstype: none + become: true + when: postgres_server_bind_mount_var_lib_pgsql + +- name: perform installation + include_tasks: "{{ ansible_os_family }}.yml" + +- name: extend path + copy: + dest: /etc/profile.d/postgres-path.sh + mode: a=rx + content: "export PATH=$PATH:/usr/pgsql-{{ postgres_server_version }}/bin" + become: true + +- name: initialize PostgreSQL database cluster + environment: + LC_ALL: "en_US.UTF-8" + vars: + ansible_become: "{{ postgres_server_initdb_become }}" + ansible_become_user: "{{ postgres_server_user }}" + command: "{{ postgres_server_cmd_initdb }} {{ postgres_server_data_location }}" + args: + creates: "{{ postgres_server_data_location }}/PG_VERSION" + +- name: install postgres configuration + template: + src: "{{ item }}.j2" + dest: "{{ postgres_server_config_location }}/{{ item }}" + owner: postgres + group: postgres + mode: u=rw,go=r + vars: + ansible_become: "{{ postgres_server_initdb_become }}" + ansible_become_user: "{{ postgres_server_user }}" + loop: + - pg_hba.conf + - postgresql.conf + +- name: enable postgres service + systemd: + name: "{{ postgres_server_service_name }}" + state: started + enabled: yes + become: true + +- name: Create artifactory users + become_user: postgres + become: true + postgresql_user: + name: "{{ db_user }}" + password: "{{ db_password }}" + conn_limit: "-1" + no_log: true # secret passwords + +- name: Create a artifactory database + become_user: postgres + become: true + postgresql_db: + name: artifactory + owner: "{{ db_user }}" + encoding: UTF-8 + +- name: Grant privs to artifactory on artifactory db + become_user: postgres + become: true + postgresql_privs: + database: artifactory + role: artifactory + state: present + privs: ALL + type: database + +- name: restart postgres + service: + name: "{{ postgres_server_service_name }}" + state: restarted + become: true \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/pg_hba.conf.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/pg_hba.conf.j2 new file mode 100644 index 0000000..7f0bc2c --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/pg_hba.conf.j2 @@ -0,0 +1,7 @@ +# TYPE DATABASE USER ADDRESS METHOD +## localhost connections through Unix port (user name), IPv4, IPv6 (MD5 pw). +local all all peer +host all all 127.0.0.1/32 md5 +host all all ::1/128 md5 +## remote connections IPv4 +host all all 0.0.0.0/0 trust diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/postgresql.conf.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/postgresql.conf.j2 new file mode 100644 index 0000000..c213a99 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/postgresql.conf.j2 @@ -0,0 +1,681 @@ +# ----------------------------- +# PostgreSQL configuration file +# ----------------------------- +# +# This file consists of lines of the form: +# +# name = value +# +# (The "=" is optional.) Whitespace may be used. Comments are introduced with +# "#" anywhere on a line. The complete list of parameter names and allowed +# values can be found in the PostgreSQL documentation. +# +# The commented-out settings shown in this file represent the default values. +# Re-commenting a setting is NOT sufficient to revert it to the default value; +# you need to reload the server. +# +# This file is read on server startup and when the server receives a SIGHUP +# signal. If you edit the file on a running system, you have to SIGHUP the +# server for the changes to take effect, or use "pg_ctl reload". Some +# parameters, which are marked below, require a server shutdown and restart to +# take effect. +# +# Any parameter can also be given as a command-line option to the server, e.g., +# "postgres -c log_connections=on". Some parameters can be changed at run time +# with the "SET" SQL command. +# +# Memory units: kB = kilobytes Time units: ms = milliseconds +# MB = megabytes s = seconds +# GB = gigabytes min = minutes +# TB = terabytes h = hours +# d = days + + +#------------------------------------------------------------------------------ +# FILE LOCATIONS +#------------------------------------------------------------------------------ + +# The default values of these variables are driven from the -D command-line +# option or PGDATA environment variable, represented here as ConfigDir. + +{% if postgres_server_config_data_directory is not none %} +data_directory = '{{ postgres_server_config_data_directory }}' +{% else %} +#data_directory = 'ConfigDir' # use data in another directory + # (change requires restart) +{% endif %} + +{% if postgres_server_config_data_directory %} +hba_file = '{{ postgres_server_config_hba_file }}' +{% else %} +#hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file + # (change requires restart) +{% endif %} + +{% if postgres_server_config_data_directory %} +ident_file = '{{ postgres_server_config_ident_file }}' +{% else %} +#ident_file = 'ConfigDir/pg_ident.conf' # host-based authentication file + # (change requires restart) +{% endif %} + +{% if postgres_server_config_external_pid_file %} +external_pid_file = '{{ postgres_server_config_external_pid_file }}' +{% else %} +# If external_pid_file is not explicitly set, no extra PID file is written. +#external_pid_file = '' # write an extra PID file + # (change requires restart) +{% endif %} + + +#------------------------------------------------------------------------------ +# CONNECTIONS AND AUTHENTICATION +#------------------------------------------------------------------------------ + +# - Connection Settings - + +listen_addresses = '0.0.0.0' # what IP address(es) to listen on; + # comma-separated list of addresses; + # defaults to 'localhost'; use '*' for all + # (change requires restart) +#port = 5432 # (change requires restart) +max_connections = {{ postgres_server_max_connections }} # (change requires restart) +#superuser_reserved_connections = 3 # (change requires restart) +#unix_socket_directories = '/var/run/postgresql, /tmp' # comma-separated list of directories + # (change requires restart) +#unix_socket_group = '' # (change requires restart) +#unix_socket_permissions = 0777 # begin with 0 to use octal notation + # (change requires restart) +#bonjour = off # advertise server via Bonjour + # (change requires restart) +#bonjour_name = '' # defaults to the computer name + # (change requires restart) + +# - Security and Authentication - + +#authentication_timeout = 1min # 1s-600s +#ssl = off # (change requires restart) +#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers + # (change requires restart) +#ssl_prefer_server_ciphers = on # (change requires restart) +#ssl_ecdh_curve = 'prime256v1' # (change requires restart) +#ssl_cert_file = 'server.crt' # (change requires restart) +#ssl_key_file = 'server.key' # (change requires restart) +#ssl_ca_file = '' # (change requires restart) +#ssl_crl_file = '' # (change requires restart) +#password_encryption = on +#db_user_namespace = off +#row_security = on + +# GSSAPI using Kerberos +#krb_server_keyfile = '' +#krb_caseins_users = off + +# - TCP Keepalives - +# see "man 7 tcp" for details + +#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; + # 0 selects the system default +#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; + # 0 selects the system default +#tcp_keepalives_count = 0 # TCP_KEEPCNT; + # 0 selects the system default + + +#------------------------------------------------------------------------------ +# RESOURCE USAGE (except WAL) +#------------------------------------------------------------------------------ + +# - Memory - + +shared_buffers = {{ postgres_server_shared_buffers }} # min 128kB + # (change requires restart) +#huge_pages = try # on, off, or try + # (change requires restart) +#temp_buffers = 8MB # min 800kB +#max_prepared_transactions = 0 # zero disables the feature + # (change requires restart) +# Caution: it is not advisable to set max_prepared_transactions nonzero unless +# you actively intend to use prepared transactions. +#work_mem = 4MB # min 64kB +maintenance_work_mem = {{ postgres_server_maintenance_work_mem }} # min 1MB +#replacement_sort_tuples = 150000 # limits use of replacement selection sort +#autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem +#max_stack_depth = 2MB # min 100kB +dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # use none to disable dynamic shared memory + # (change requires restart) + +# - Disk - + +#temp_file_limit = -1 # limits per-process temp file space + # in kB, or -1 for no limit + +# - Kernel Resource Usage - + +#max_files_per_process = 1000 # min 25 + # (change requires restart) +shared_preload_libraries = 'pg_stat_statements' # restart on change + +# - Cost-Based Vacuum Delay - + +#vacuum_cost_delay = 0 # 0-100 milliseconds +#vacuum_cost_page_hit = 1 # 0-10000 credits +#vacuum_cost_page_miss = 10 # 0-10000 credits +#vacuum_cost_page_dirty = 20 # 0-10000 credits +#vacuum_cost_limit = 200 # 1-10000 credits + +# - Background Writer - + +#bgwriter_delay = 200ms # 10-10000ms between rounds +#bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round +#bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round +#bgwriter_flush_after = 512kB # measured in pages, 0 disables + +# - Asynchronous Behavior - + +effective_io_concurrency = {{ postgres_server_effective_io_concurrency }} +max_worker_processes = {{ postgres_server_max_worker_processes }} +max_parallel_workers_per_gather = {{ postgres_server_max_parallel_maintenance_workers }} +max_parallel_workers_per_gather = {{ postgres_server_max_parallel_workers_per_gather }} +#old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) +#backend_flush_after = 0 # measured in pages, 0 disables +{% if postgres_server_version|string != "9.6" %} +parallel_leader_participation = {{ "on" if postgres_server_parallel_leader_participation else "off" }} +max_parallel_maintenance_workers = {{ postgres_server_max_parallel_maintenance_workers }} +{% endif %} + +#------------------------------------------------------------------------------ +# WRITE AHEAD LOG +#------------------------------------------------------------------------------ + +# - Settings - + +#wal_level = minimal # minimal, replica, or logical + # (change requires restart) +#fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) +#synchronous_commit = on # synchronization level; + # off, local, remote_write, remote_apply, or on +#wal_sync_method = fsync # the default is the first option + # supported by the operating system: + # open_datasync + # fdatasync (default on Linux) + # fsync + # fsync_writethrough + # open_sync +full_page_writes = {{ "off" if postgres_server_volume_is_zfs else "on" }} # off OK on ZFS # recover from partial page writes + +wal_compression = off # enable compression of full-page writes +#wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) +#wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers + # (change requires restart) +#wal_writer_delay = 200ms # 1-10000 milliseconds +#wal_writer_flush_after = 1MB # measured in pages, 0 disables + +commit_delay = 100000 # range 0-100000, in microseconds +#commit_siblings = 5 # range 1-1000 + +# - Checkpoints - + +checkpoint_timeout = 4h # range 30s-1d +max_wal_size = 100GB +min_wal_size = 1GB +checkpoint_completion_target = 0.8 # checkpoint target duration, 0.0 - 1.0 +#checkpoint_flush_after = 256kB # measured in pages, 0 disables +#checkpoint_warning = 30s # 0 disables + +# - Archiving - + +#archive_mode = off # enables archiving; off, on, or always + # (change requires restart) +#archive_command = '' # command to use to archive a logfile segment + # placeholders: %p = path of file to archive + # %f = file name only + # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' +#archive_timeout = 0 # force a logfile segment switch after this + # number of seconds; 0 disables + + +#------------------------------------------------------------------------------ +# REPLICATION +#------------------------------------------------------------------------------ + +# - Sending Server(s) - + +# Set these on the master and on any standby that will send replication data. + +#max_wal_senders = 0 # max number of walsender processes + # (change requires restart) +#wal_keep_segments = 0 # in logfile segments, 16MB each; 0 disables +#wal_sender_timeout = 60s # in milliseconds; 0 disables + +#max_replication_slots = 0 # max number of replication slots + # (change requires restart) +#track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + +# - Master Server - + +# These settings are ignored on a standby server. + +#synchronous_standby_names = '' # standby servers that provide sync rep + # number of sync standbys and comma-separated list of application_name + # from standby(s); '*' = all +#vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed + +# - Standby Servers - + +# These settings are ignored on a master server. + +#hot_standby = off # "on" allows queries during recovery + # (change requires restart) +#max_standby_archive_delay = 30s # max delay before canceling queries + # when reading WAL from archive; + # -1 allows indefinite delay +#max_standby_streaming_delay = 30s # max delay before canceling queries + # when reading streaming WAL; + # -1 allows indefinite delay +#wal_receiver_status_interval = 10s # send replies at least this often + # 0 disables +#hot_standby_feedback = off # send info from standby to prevent + # query conflicts +#wal_receiver_timeout = 60s # time that receiver waits for + # communication from master + # in milliseconds; 0 disables +#wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + + +#------------------------------------------------------------------------------ +# QUERY TUNING +#------------------------------------------------------------------------------ + +# - Planner Method Configuration - + +#enable_bitmapscan = on +#enable_hashagg = on +#enable_hashjoin = on +#enable_indexscan = on +#enable_indexonlyscan = on +#enable_material = on +#enable_mergejoin = on +#enable_nestloop = on +#enable_seqscan = on +#enable_sort = on +#enable_tidscan = on + +# - Planner Cost Constants - + +#seq_page_cost = 1.0 # measured on an arbitrary scale +random_page_cost = {{ postgres_server_random_page_cost }} +#cpu_tuple_cost = 0.01 # same scale as above +#cpu_index_tuple_cost = 0.005 # same scale as above +#cpu_operator_cost = 0.0025 # same scale as above +#parallel_tuple_cost = 0.1 # same scale as above +#parallel_setup_cost = 1000.0 # same scale as above +#min_parallel_relation_size = 8MB +#effective_cache_size = 4GB + +# - Genetic Query Optimizer - + +#geqo = on +#geqo_threshold = 12 +#geqo_effort = 5 # range 1-10 +#geqo_pool_size = 0 # selects default based on effort +#geqo_generations = 0 # selects default based on effort +#geqo_selection_bias = 2.0 # range 1.5-2.0 +#geqo_seed = 0.0 # range 0.0-1.0 + +# - Other Planner Options - + +#default_statistics_target = 100 # range 1-10000 +#constraint_exclusion = partition # on, off, or partition +#cursor_tuple_fraction = 0.1 # range 0.0-1.0 +#from_collapse_limit = 8 +#join_collapse_limit = 8 # 1 disables collapsing of explicit + # JOIN clauses +#force_parallel_mode = off + + +#------------------------------------------------------------------------------ +# ERROR REPORTING AND LOGGING +#------------------------------------------------------------------------------ + +# - Where to Log - + +log_destination = 'stderr' # Valid values are combinations of + # stderr, csvlog, syslog, and eventlog, + # depending on platform. csvlog + # requires logging_collector to be on. + +# This is used when logging to stderr: +logging_collector = on # Enable capturing of stderr and csvlog + # into log files. Required to be on for + # csvlogs. + # (change requires restart) + +# These are only used if logging_collector is on: +log_directory = 'pg_log' # directory where log files are written, + # can be absolute or relative to PGDATA +log_filename = 'postgresql-%a.log' # log file name pattern, + # can include strftime() escapes +#log_file_mode = 0600 # creation mode for log files, + # begin with 0 to use octal notation +log_truncate_on_rotation = on # If on, an existing log file with the + # same name as the new log file will be + # truncated rather than appended to. + # But such truncation only occurs on + # time-driven rotation, not on restarts + # or size-driven rotation. Default is + # off, meaning append to existing files + # in all cases. +log_rotation_age = 1d # Automatic rotation of logfiles will + # happen after that time. 0 disables. +log_rotation_size = 0 # Automatic rotation of logfiles will + # happen after that much log output. + # 0 disables. + +# These are relevant when logging to syslog: +#syslog_facility = 'LOCAL0' +#syslog_ident = 'postgres' +#syslog_sequence_numbers = on +#syslog_split_messages = on + +# This is only relevant when logging to eventlog (win32): +# (change requires restart) +#event_source = 'PostgreSQL' + +# - When to Log - + +#client_min_messages = notice # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # log + # notice + # warning + # error + +#log_min_messages = warning # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic + +#log_min_error_statement = error # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic (effectively off) + +#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements + # and their durations, > 0 logs only + # statements running at least this number + # of milliseconds + + +# - What to Log - + +#debug_print_parse = off +#debug_print_rewritten = off +#debug_print_plan = off +#debug_pretty_print = on +log_checkpoints = {{ "on" if postgres_server_log_checkpoints else "off" }} +log_connections = {{ "on" if postgres_server_log_connections else "off" }} +log_disconnections = {{ "on" if postgres_server_log_disconnections else "off" }} +log_duration = {{ "on" if postgres_server_log_duration else "off" }} +log_error_verbosity = {{ postgres_server_log_error_verbosity }} # terse, default, or verbose messages +log_hostname = {{ "on" if postgres_server_log_hostname else "off" }} +log_line_prefix = '< %m > ' # special values: + # %a = application name + # %u = user name + # %d = database name + # %r = remote host and port + # %h = remote host + # %p = process ID + # %t = timestamp without milliseconds + # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) + # %i = command tag + # %e = SQL state + # %c = session ID + # %l = session line number + # %s = session start timestamp + # %v = virtual transaction ID + # %x = transaction ID (0 if none) + # %q = stop here in non-session + # processes + # %% = '%' + # e.g. '<%u%%%d> ' +log_lock_waits = {{ "on" if postgres_server_log_lock_waits else "off" }} # log lock waits >= deadlock_timeout +log_statement = '{{ postgres_server_log_statements }}' # none, ddl, mod, all +#log_replication_commands = off +#log_temp_files = -1 # log temporary files equal or larger + # than the specified size in kilobytes; + # -1 disables, 0 logs all temp files +log_timezone = 'Europe/Berlin' + + +# - Process Title - + +#cluster_name = '' # added to process titles if nonempty + # (change requires restart) +#update_process_title = on + + +#------------------------------------------------------------------------------ +# RUNTIME STATISTICS +#------------------------------------------------------------------------------ + +# - Query/Index Statistics Collector - + +#track_activities = on +#track_counts = on +#track_io_timing = off +#track_functions = none # none, pl, all +track_activity_query_size = 102400 # (change requires restart) +#stats_temp_directory = 'pg_stat_tmp' + +# Track statements generated by stored procedures as well +pg_stat_statements.track = all + + +# - Statistics Monitoring - + +#log_parser_stats = off +#log_planner_stats = off +#log_executor_stats = off +#log_statement_stats = off + + +#------------------------------------------------------------------------------ +# AUTOVACUUM PARAMETERS +#------------------------------------------------------------------------------ + +#autovacuum = on # Enable autovacuum subprocess? 'on' + # requires track_counts to also be on. +#log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. +#autovacuum_max_workers = 3 # max number of autovacuum subprocesses + # (change requires restart) +#autovacuum_naptime = 1min # time between autovacuum runs +#autovacuum_vacuum_threshold = 50 # min number of row updates before + # vacuum +#autovacuum_analyze_threshold = 50 # min number of row updates before + # analyze +#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum +#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze +#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum + # (change requires restart) +#autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age + # before forced vacuum + # (change requires restart) +#autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for + # autovacuum, in milliseconds; + # -1 means use vacuum_cost_delay +#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for + # autovacuum, -1 means use + # vacuum_cost_limit + + +#------------------------------------------------------------------------------ +# CLIENT CONNECTION DEFAULTS +#------------------------------------------------------------------------------ + +# - Statement Behavior - + +#search_path = '"$user", public' # schema names +#default_tablespace = '' # a tablespace name, '' uses the default +#temp_tablespaces = '' # a list of tablespace names, '' uses + # only default tablespace +#check_function_bodies = on +#default_transaction_isolation = 'read committed' +#default_transaction_read_only = off +#default_transaction_deferrable = off +#session_replication_role = 'origin' +#statement_timeout = 0 # in milliseconds, 0 is disabled +#lock_timeout = 0 # in milliseconds, 0 is disabled +#idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled +#vacuum_freeze_min_age = 50000000 +#vacuum_freeze_table_age = 150000000 +#vacuum_multixact_freeze_min_age = 5000000 +#vacuum_multixact_freeze_table_age = 150000000 +#bytea_output = 'hex' # hex, escape +#xmlbinary = 'base64' +#xmloption = 'content' +#gin_fuzzy_search_limit = 0 +#gin_pending_list_limit = 4MB + +# - Locale and Formatting - + +datestyle = 'iso, mdy' +#intervalstyle = 'postgres' +timezone = 'Europe/Berlin' +#timezone_abbreviations = 'Default' # Select the set of available time zone + # abbreviations. Currently, there are + # Default + # Australia (historical usage) + # India + # You can create your own file in + # share/timezonesets/. +#extra_float_digits = 0 # min -15, max 3 +#client_encoding = sql_ascii # actually, defaults to database + # encoding + +# These settings are initialized by initdb, but they can be changed. +lc_messages = 'en_US.UTF-8' # locale for system error message + # strings +lc_monetary = 'en_US.UTF-8' # locale for monetary formatting +lc_numeric = 'en_US.UTF-8' # locale for number formatting +lc_time = 'en_US.UTF-8' # locale for time formatting + +# default configuration for text search +default_text_search_config = 'pg_catalog.english' + +# - Other Defaults - + +#dynamic_library_path = '$libdir' +#local_preload_libraries = '' +{% set preload_libraries = [] %} +{% if postgres_server_auto_explain_enabled %} + {{ preload_libraries.append("auto_explain") }} +{% endif %} + +session_preload_libraries = '{{ ",".join(preload_libraries) }}' + +#------------------------------------------------------------------------------ +# auto_explain SETTINGS +#------------------------------------------------------------------------------ + +auto_explain.log_min_duration = {{ "on" if postgres_server_auto_explain_log_min_duration else "off" }} +auto_explain.log_analyze = {{ "on" if postgres_server_auto_explain_log_analyze else "off" }} + +#------------------------------------------------------------------------------ +# LOCK MANAGEMENT +#------------------------------------------------------------------------------ + +#deadlock_timeout = 1s +max_locks_per_transaction = {{ postgres_server_max_locks_per_transaction }} # min 10 + # (change requires restart) +#max_pred_locks_per_transaction = 64 # min 10 + # (change requires restart) + + +#------------------------------------------------------------------------------ +# VERSION/PLATFORM COMPATIBILITY +#------------------------------------------------------------------------------ + +# - Previous PostgreSQL Versions - + +#array_nulls = on +#backslash_quote = safe_encoding # on, off, or safe_encoding +#default_with_oids = off +#escape_string_warning = on +#lo_compat_privileges = off +#operator_precedence_warning = off +#quote_all_identifiers = off +#sql_inheritance = on +#standard_conforming_strings = on +#synchronize_seqscans = on + +# - Other Platforms and Clients - + +#transform_null_equals = off + + +#------------------------------------------------------------------------------ +# ERROR HANDLING +#------------------------------------------------------------------------------ + +#exit_on_error = off # terminate session on any error? +#restart_after_crash = on # reinitialize after backend crash? + + +#------------------------------------------------------------------------------ +# CONFIG FILE INCLUDES +#------------------------------------------------------------------------------ + +# These options allow settings to be loaded from files other than the +# default postgresql.conf. + +#include_dir = 'conf.d' # include files ending in '.conf' from + # directory 'conf.d' +#include_if_exists = 'exists.conf' # include file only if it exists +#include = 'special.conf' # include file + + +#------------------------------------------------------------------------------ +# CUSTOMIZED OPTIONS +#------------------------------------------------------------------------------ + +# Add settings for extensions here + diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/Debian.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/Debian.yml new file mode 100644 index 0000000..7317089 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/Debian.yml @@ -0,0 +1,12 @@ +--- + +postgres_server_cmd_initdb: /usr/lib/postgresql/{{ postgres_server_version }}/bin/initdb -D +postgres_server_initdb_become: True +postgres_server_data_location: /var/lib/postgresql/{{ postgres_server_version }}/main +postgres_server_config_location: /etc/postgresql/{{ postgres_server_version }}/main +postgres_server_service_name: postgresql@{{ postgres_server_version }}-main + +postgres_server_config_data_directory: "/var/lib/postgresql/{{ postgres_server_version }}/main" +postgres_server_config_hba_file: "/etc/postgresql/{{ postgres_server_version }}/main/pg_hba.conf" +postgres_server_config_ident_file: "/etc/postgresql/{{ postgres_server_version }}/main/pg_ident.conf" +postgres_server_config_external_pid_file: "/var/run/postgresql/{{ postgres_server_version }}-main.pid" diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat.yml new file mode 100644 index 0000000..f6faafd --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat.yml @@ -0,0 +1,11 @@ +--- + +postgres_server_cmd_initdb: /usr/pgsql-{{ postgres_server_version }}/bin/postgresql{{ postgres_server_pkg_version }}-setup initdb -D +postgres_server_data_location: /var/lib/pgsql/{{ postgres_server_version }}/data +postgres_server_config_location: "{{ postgres_server_data_location }}" +postgres_server_service_name: postgresql-{{ postgres_server_version }} + +postgres_server_config_data_directory: null +postgres_server_config_hba_file: null +postgres_server_config_ident_file: null +postgres_server_config_external_pid_file: null diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-9.6.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-9.6.yml new file mode 100644 index 0000000..56d0263 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-9.6.yml @@ -0,0 +1,4 @@ +--- + +postgres_server_cmd_initdb: /usr/pgsql-{{ postgres_server_version }}/bin/postgresql{{ postgres_server_pkg_version }}-setup initdb +postgres_server_initdb_become: false diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-default.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-default.yml new file mode 100644 index 0000000..337fd62 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-default.yml @@ -0,0 +1,4 @@ +--- + +postgres_server_cmd_initdb: /usr/pgsql-{{ postgres_server_version }}/bin/initdb -D /var/lib/pgsql/{{ postgres_server_version }}/data +postgres_server_initdb_become: true diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/defaults/main.yml new file mode 100644 index 0000000..02e5cc3 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/defaults/main.yml @@ -0,0 +1,29 @@ +--- +# defaults file for artifactory +# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) +ansible_marketplace: standalone + +# The version of Artifactory to install +artifactory_version: 7.4.1 + +# whether to enable HA +artifactory_ha_enabled: true + +# value for whether a host is primary. this should be set in host vars +artifactory_is_primary: false + +# The location where Artifactory should install. +artifactory_download_directory: /opt/jfrog + +# The location where Artifactory should store data. +artifactory_file_store_dir: /data + +# Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro. +# note that for "pro" version, the artifactory_zip URL would need to be overridden to e.g.: +# https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}.zip +# https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz +artifactory_flavour: pro + +java_version: java-1.8.0 + +extra_java_opts: -server -Xms2g -Xmx14g -Xss256k -XX:+UseG1GC diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/files/nginx.conf b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/files/nginx.conf new file mode 100644 index 0000000..19f9422 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/files/nginx.conf @@ -0,0 +1,37 @@ +#user nobody; +worker_processes 1; +error_log /var/log/nginx/error.log info; +#pid logs/nginx.pid; +events { + worker_connections 1024; +} +http { + include mime.types; + variables_hash_max_size 1024; + variables_hash_bucket_size 64; + server_names_hash_max_size 4096; + server_names_hash_bucket_size 128; + types_hash_max_size 2048; + types_hash_bucket_size 64; + proxy_read_timeout 2400s; + client_header_timeout 2400s; + client_body_timeout 2400s; + proxy_connect_timeout 75s; + proxy_send_timeout 2400s; + proxy_buffer_size 32k; + proxy_buffers 40 32k; + proxy_busy_buffers_size 64k; + proxy_temp_file_write_size 250m; + proxy_http_version 1.1; + client_body_buffer_size 128k; + include /etc/nginx/conf.d/*.conf; + default_type application/octet-stream; + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' +'$status $body_bytes_sent "$http_referer" ' +'"$http_user_agent" "$http_x_forwarded_for"'; + access_log /var/log/nginx/access.log main; + sendfile on; + #tcp_nopush on; + #keepalive_timeout 0; + keepalive_timeout 65; +} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/handlers/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/handlers/main.yml new file mode 100644 index 0000000..6f8fcda --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/handlers/main.yml @@ -0,0 +1,10 @@ +--- +# handlers file for artifactory +- name: systemctl daemon-reload + systemd: + daemon_reload: yes + +- name: restart artifactory + service: + name: artifactory + state: restarted diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/exception.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/exception.yml new file mode 100644 index 0000000..7de46df --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/exception.yml @@ -0,0 +1,6 @@ +--- +exceptions: + - variation: Alpine + reason: Artifactory start/stop scripts don't properly work. + - variation: amazonlinux:1 + reason: "Shutting down artifactory: /usr/bin/java\nfinding\nUsing the default catalina management port (8015) to test shutdown\nArtifactory Tomcat already stopped" diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/main.yml new file mode 100644 index 0000000..0dc573a --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/main.yml @@ -0,0 +1,35 @@ +--- +galaxy_info: + author: Robert de Bock + role_name: artifactory + description: Install and configure artifactory on your system. + license: Apache-2.0 + company: none + min_ansible_version: 2.8 + + platforms: + - name: Debian + versions: + - all + - name: EL + versions: + - 7 + - 8 + - name: Fedora + versions: + - all + - name: OpenSUSE + versions: + - all + - name: Ubuntu + versions: + - bionic + + galaxy_tags: + - artifactory + - centos + - redhat + - server + - system + +dependencies: [] diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/preferences.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/preferences.yml new file mode 100644 index 0000000..e7fdebf --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/preferences.yml @@ -0,0 +1,2 @@ +--- +tox_parallel: yes diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/version.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/version.yml new file mode 100644 index 0000000..ea2ef8f --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/version.yml @@ -0,0 +1,6 @@ +--- +project_name: JFrog +reference: "https://github.com/robertdebock/ansible-role-artifactory/blob/master/defaults/main.yml" +versions: + - name: Artifactory + url: "https://dl.bintray.com/jfrog/artifactory/" diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml new file mode 100644 index 0000000..9bb00a2 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml @@ -0,0 +1,184 @@ +--- +# tasks file for artifactory +- name: install java + include_role: + name: artifactory-java + +#- name: install nginx +# package: +# name: nginx +# state: present +# become: true +# +#- name: configure main nginx conf file. +# copy: +# src: nginx.conf +# dest: /etc/nginx/nginx.conf +# owner: root +# group: root +# mode: '0755' +# become: true +# +#- name: configure the artifactory nginx conf +# template: +# src: artifactory.conf.j2 +# dest: /etc/nginx/conf.d/artifactory.conf +# owner: root +# group: root +# mode: '0755' +# become: true +# +#- name: ensure nginx dir exists +# file: +# path: "/var/opt/jfrog/nginx/ssl" +# state: directory +# become: true +# +#- name: configure certificate +# template: +# src: certificate.pem.j2 +# dest: "/var/opt/jfrog/nginx/ssl/cert.pem" +# become: true +# +#- name: ensure pki exists +# file: +# path: "/etc/pki/tls" +# state: directory +# become: true +# +#- name: configure key +# template: +# src: certificate.key.j2 +# dest: "/etc/pki/tls/cert.key" +# become: true +# +#- name: restart nginx +# service: +# name: nginx +# state: started +# enabled: yes +# become: true + +- name: create group for artifactory + group: + name: "{{ artifactory_group }}" + state: present + become: true + +- name: create user for artifactory + user: + name: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + system: yes + become: true + +- name: ensure artifactory_download_directory exists + file: + path: "{{ artifactory_download_directory }}" + state: directory + become: true + +- name: download artifactory + unarchive: + src: "{{ artifactory_tar }}" + dest: "{{ artifactory_download_directory }}" + remote_src: yes + owner: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + creates: "{{ artifactory_home }}" + become: true + register: downloadartifactory + until: downloadartifactory is succeeded + retries: 3 + +- name: ensure artifactory_file_store_dir exists + file: + path: "{{ artifactory_file_store_dir }}" + state: directory + owner: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + become: true + +- name: ensure etc exists + file: + path: "{{ artifactory_home }}/etc" + state: directory + owner: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + become: true + +- name: configure system yaml + template: + src: system.yaml.j2 + dest: "{{ artifactory_home }}/var/etc/system.yaml" + become: true + +- name: configure master key + template: + src: master.key.j2 + dest: "{{ artifactory_home }}/var/etc/security/master.key" + become: true + +- name: configure join key + template: + src: join.key.j2 + dest: "{{ artifactory_home }}/var/etc/security/join.key" + become: true + +- name: ensure {{ artifactory_home }}/var/etc/info/ exists + file: + path: "{{ artifactory_home }}/var/etc/info/" + state: directory + owner: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + become: true + +- name: configure installer info + template: + src: installer-info.json.j2 + dest: "{{ artifactory_home }}/var/etc/info/installer-info.json" + become: true + +- name: configure binary store + template: + src: binarystore.xml.j2 + dest: "{{ artifactory_home }}/var/etc/binarystore.xml" + become: true + +- name: configure cluster license + template: + src: artifactory.cluster.license.j2 + dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license" + become: true + when: artifactory_is_primary == true + +- name: download database driver + get_url: + url: "{{ db_download_url }}" + dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib" + owner: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + become: true + +- name: create artifactory service + shell: "{{ artifactory_home }}/app/bin/installService.sh" + become: true + +- name: start and enable the primary node + service: + name: artifactory + state: started + become: true + when: artifactory_is_primary == true + +- name: random wait before restarting to prevent secondary nodes from hitting DB first + pause: + seconds: "{{ 120 | random + 10}}" + when: artifactory_is_primary == false + +- name: start and enable the secondary nodes + service: + name: artifactory + state: started + become: true + when: artifactory_is_primary == false diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.cluster.license.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.cluster.license.j2 new file mode 100644 index 0000000..54c879a --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.cluster.license.j2 @@ -0,0 +1,26 @@ +{% if artifactory_license1 %} +{% if artifactory_license1|length %} +{{ artifactory_license1 }} +{% endif %} +{% endif %} +{% if artifactory_license2 %} + + +{% if artifactory_license2|length %} +{{ artifactory_license2 }} +{% endif %} +{% endif %} +{% if artifactory_license3 %} + + +{% if artifactory_license3|length %} +{{ artifactory_license3 }} +{% endif %} +{% endif %} +{% if artifactory_license4 %} + + +{% if artifactory_license4|length %} +{{ artifactory_license4 }} +{% endif %} +{% endif %} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.conf.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.conf.j2 new file mode 100644 index 0000000..38c058d --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.conf.j2 @@ -0,0 +1,49 @@ +########################################################### +## this configuration was generated by JFrog Artifactory ## + ########################################################### + + ## add HA entries when ha is configure + upstream artifactory { + server 127.0.0.1:8082; +} + upstream artifactory-direct { + server 127.0.0.1:8081; +} + ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; + ssl_certificate /var/opt/jfrog/nginx/ssl/cert.pem; + ssl_certificate_key /etc/pki/tls/cert.key; + ssl_session_cache shared:SSL:1m; + ssl_prefer_server_ciphers on; + ## server configuration + server { + listen 443 ssl; + listen 80 ; + server_name {{ server_name }}; + if ($http_x_forwarded_proto = '') { + set $http_x_forwarded_proto $scheme; + } + ## Application specific logs + ## access_log /var/log/nginx/artifactory-access.log timing; + ## error_log /var/log/nginx/artifactory-error.log; + rewrite ^/$ /ui/ redirect; + rewrite ^/ui$ /ui/ redirect; + chunked_transfer_encoding on; + client_max_body_size 0; + location / { + proxy_read_timeout 2400s; + proxy_pass_header Server; + proxy_cookie_path ~*^/.* /; + proxy_pass http://artifactory; + proxy_next_upstream error timeout non_idempotent; + proxy_next_upstream_tries 1; + proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + location ~ ^/artifactory/ { + proxy_pass http://artifactory-direct; + } + } +} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/binarystore.xml.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/binarystore.xml.j2 new file mode 100644 index 0000000..f85f16f --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/binarystore.xml.j2 @@ -0,0 +1,4 @@ + + + + diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.key.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.key.j2 new file mode 100644 index 0000000..2c46be0 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.key.j2 @@ -0,0 +1,4 @@ +{% set cert = certificate_key.split('|') %} +{% for line in cert %} +{{ line }} +{% endfor %} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.pem.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.pem.j2 new file mode 100644 index 0000000..71e936d --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.pem.j2 @@ -0,0 +1,4 @@ +{% set cert = certificate.split('|') %} +{% for line in cert %} +{{ line }} +{% endfor %} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/installer-info.json.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/installer-info.json.j2 new file mode 100644 index 0000000..2d818d1 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/installer-info.json.j2 @@ -0,0 +1,8 @@ +{ + "productId": "Ansible_{{ ansible_marketplace }}_artifactory-pro-{{artifactory_version}}/1.0.0", + "features": [ + { + "featureId": "Partner/ACC-006973" + } + ] +} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/join.key.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/join.key.j2 new file mode 100644 index 0000000..17d05d2 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/join.key.j2 @@ -0,0 +1 @@ +{{ join_key }} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/master.key.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/master.key.j2 new file mode 100644 index 0000000..0462a64 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/master.key.j2 @@ -0,0 +1 @@ +{{ master_key }} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/system.yaml.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/system.yaml.j2 new file mode 100644 index 0000000..5b30963 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/system.yaml.j2 @@ -0,0 +1,38 @@ +## @formatter:off +## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE +## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character. +configVersion: 1 + +## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products. +## Replace JFROG_HOME with the real path! For example, in RPM install, JFROG_HOME=/opt/jfrog + +## NOTE: Sensitive information such as passwords and join key are encrypted on first read. +## NOTE: The provided commented key and value is the default. + +## SHARED CONFIGURATIONS +## A shared section for keys across all services in this config +shared: + + ## Node Settings + node: + ## A unique id to identify this node. + ## Default: auto generated at startup. + id: {{ ansible_machine_id }} + + ## Sets this node as primary in HA installation + primary: {{ artifactory_is_primary }} + + ## Sets this node as part of HA installation + haEnabled: {{ true }} + + ## Database Configuration + database: + ## One of: mysql, oracle, mssql, postgresql, mariadb + ## Default: Embedded derby + + ## Example for mysql/postgresql + type: "{{ db_type }}" + driver: "{{ db_driver }}" + url: "{{ db_url }}" + username: "{{ db_user }}" + password: "{{ db_password }}" \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml new file mode 100644 index 0000000..86ad0fd --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml @@ -0,0 +1,17 @@ +--- +artifactory_tar: https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz +artifactory_home: "{{ artifactory_download_directory }}/artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}" + +artifactory_user: artifactory +artifactory_group: artifactory + +# Set the parameters required for the service. +service_list: + - name: artifactory + description: Start script for Artifactory + start_command: "{{ artifactory_home }}/bin/artifactory.sh start" + stop_command: "{{ artifactory_home }}/bin/artifactory.sh stop" + type: forking + status_pattern: artifactory + user_name: "{{ artifactory_user }}" + group_name: "{{ artifactory_group }}" diff --git a/Ansible/artifactory7/rt7provision.yml b/Ansible/artifactory7/rt7provision.yml new file mode 100644 index 0000000..ecb976a --- /dev/null +++ b/Ansible/artifactory7/rt7provision.yml @@ -0,0 +1,10 @@ +--- +- hosts: database + gather_facts: true + roles: + - jfrog/rt7ansible/roles/artifactory-postgres + +- hosts: primary:secondary + gather_facts: true + roles: + - jfrog/rt7ansible/roles/artifactory \ No newline at end of file From 31f267d4c5486219071046224222a5a562f2f0b6 Mon Sep 17 00:00:00 2001 From: jefferyfry Date: Tue, 21 Apr 2020 07:27:54 -0700 Subject: [PATCH 02/10] Updated hosts vars. --- Ansible/artifactory7/hosts.yml | 59 +++------------------------------- 1 file changed, 4 insertions(+), 55 deletions(-) diff --git a/Ansible/artifactory7/hosts.yml b/Ansible/artifactory7/hosts.yml index 573e205..0231d0e 100644 --- a/Ansible/artifactory7/hosts.yml +++ b/Ansible/artifactory7/hosts.yml @@ -2,7 +2,7 @@ all: vars: ansible_user: "ubuntu" - ansible_ssh_private_key_file: "/Users/jefff/.ssh/jeff-ec2-us-east.pem" + ansible_ssh_private_key_file: "ssh.pem" db_user: "artifactory" db_password: "xxxxxx" children: @@ -17,60 +17,9 @@ all: db_type: "postgresql" db_driver: "org.postgresql.Driver" db_url: "jdbc:postgresql://10.0.0.70:5432/artifactory" - server_name: "ansibleelb-623062857.us-east-1.elb.amazonaws.com" - certificate: | - -----BEGIN CERTIFICATE----- - MIID6DCCAtACCQCd6u7IjLN0hjANBgkqhkiG9w0BAQsFADCBtTELMAkGA1UEBhMC - VVMxCzAJBgNVBAgMAldBMRAwDgYDVQQHDAdCb3RoZWxsMQ4wDAYDVQQKDAVKRnJv - ZzEcMBoGA1UECwwTUGFydG5lciBFbmdpbmVlcmluZzE5MDcGA1UEAwwwYW5zaWJs - ZWVsYi02MjMwNjI4NTcudXMtZWFzdC0xLmVsYi5hbWF6b25hd3MuY29tMR4wHAYJ - KoZIhvcNAQkBFg9qZWZmZkBqZnJvZy5jb20wHhcNMjAwNDIxMDcyODU2WhcNMjEw - NDIxMDcyODU2WjCBtTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAldBMRAwDgYDVQQH - DAdCb3RoZWxsMQ4wDAYDVQQKDAVKRnJvZzEcMBoGA1UECwwTUGFydG5lciBFbmdp - bmVlcmluZzE5MDcGA1UEAwwwYW5zaWJsZWVsYi02MjMwNjI4NTcudXMtZWFzdC0x - LmVsYi5hbWF6b25hd3MuY29tMR4wHAYJKoZIhvcNAQkBFg9qZWZmZkBqZnJvZy5j - b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcHjL1Epz/hWLBV0g7 - MOhTiPktZ5Y8TNiJCEuoPFCeFx0bcdWC2Wvly8OyAW7NXhWyscyi+vwDw4ix6SlE - WNApxRb0F3vRNGL7PwTYfNM5XI7LRSZTE3cU7UEXMZh5Hyeqc0aRSbGTAsw8HUag - 7gzk//WIMWcSCWHuz4GubvvqlLpSgc/XSPLP59JZYDOGbDTF8Qh8x8j1cSPQ5NnA - sGUqMloQOPEtG7KIXYt4uWT26zwdSjphUckqbX/bguknrAiffLZW7+j2SsoScJSf - DWQgZLf8L7yVJKVSv9yzYyPMp054XnUTtwRY7W0KPCb2FiUM6RpcHXuNG8H2p7wL - cizRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBABzCfNNLxqYONvhA1t26WwBRzqgA - G6pI8krV1mVf2WzGBxemkFOZnc7f3E7Lq710np6TZuPVFs9kHqg3ajd6JEdOpPLs - kUpOXGSesBmCjDnaBtF5g2kAjaRjur50lc6Kc7+sGs5WqR94TUd8s1Gt92tsS69p - UG2p05HETTZaVMPi4FhkGlCMFk2MCS8hyCqyu9TYiD2YvK3yY7OKFK9MYcmNdVXX - cwsM2jIyu4g3w7KN9FeR/6ZXbkTF25162tientaxKQQfABOzVn8u5vaUyEAIASS5 - uQmfTevyClGg4Rp8iZeXywF7k0Fd8OulJy5GPACs9yps5VC/14Gv/9bswqI= - -----END CERTIFICATE----- - - certificate_key: | - -----BEGIN RSA PRIVATE KEY----- - MIIEogIBAAKCAQEAnB4y9RKc/4ViwVdIOzDoU4j5LWeWPEzYiQhLqDxQnhcdG3HV - gtlr5cvDsgFuzV4VsrHMovr8A8OIsekpRFjQKcUW9Bd70TRi+z8E2HzTOVyOy0Um - UxN3FO1BFzGYeR8nqnNGkUmxkwLMPB1GoO4M5P/1iDFnEglh7s+Brm776pS6UoHP - 10jyz+fSWWAzhmw0xfEIfMfI9XEj0OTZwLBlKjJaEDjxLRuyiF2LeLlk9us8HUo6 - YVHJKm1/24LpJ6wIn3y2Vu/o9krKEnCUnw1kIGS3/C+8lSSlUr/cs2MjzKdOeF51 - E7cEWO1tCjwm9hYlDOkaXB17jRvB9qe8C3Is0QIDAQABAoIBAArIrz5shbnEzfiK - /etQyouSp5uyTxdlO4Pjtc4uNGdnM1SE/XmnaSObeq4eGThIanlIfNk5OxVLeXLI - p1gYRnDMM3Sy9pOR6dBvHveRT8njkd2KrkYIzy374YYnn9+l/khw5Av/Kiv8gn0Y - jJtrNirPX3eD6hm92izz2oJhGjeu6L18PVuQ9yxhyWSZMq6klLpzMvTaKQxs6inj - IBfb8cBZIU0zJFNSKOW0aCHDtLyRiakoTiZehbe3GjDMVVTVF6hi4voP+MjGA48f - fjJFS5vybWucSB80EHMgMTEZ7PGtZUMO+WGUrsEIwi97Zk2ru/JpC212dzgZy3EQ - rD4Fm8ECgYEAyCdzvdpqPtg95GdadgyC6/Kb/PJEUrbv92yIgoH9hmSTmZzhZ9n1 - g196C0ODhIb5pjTdduUV8phseXwakTh0vV5Uo5mj29RTWodzz0WzvnePnAoU33px - OldogCs1tT5PPZeT+g8UZwOePrAczr0OivhYwY8dK+B13RUP39Zi4ekCgYEAx61Y - qwWd6XGWQ1BB1iQN2d+bihidtN4z5LLHVW+rJRplCNC8ng1lZPIwIn7Y4X8G5E2J - liai3doO8QCoSzOPe821QcqlS5Ps5hAooqQUuE6iQBQqJa/BSstZ1OjQZ7xpqAJs - skrPRRNJdQaCUYvCdp2VgIbFzOZT7EwR0f0yeqkCgYA5kneNXZz/9K1g3IW9vP2P - ptpNmNYkQLCnp9VgTMnC9X0rS1/ewmgHYNg3EzVqUnTO5Rfq0hxNCqDxFMyDhwy1 - R8Pqxw/F9L4BJUMflLoOCFALny6/1XVqRagubb9mIcUjP012OQ4yT20eNQQkR2c+ - fA7zphnK/CaK8Dr/tKf+uQKBgBI1JFiz8mpPCTyqHNbCAuFTGoPFKtxLRsAb7UFF - JX4EoiHjps9iuVQzIWCD4JLvWlmHGHywmTlRoPso7C+vS+4mG9kb+Wai3n88CfiK - rbkAsprVO+Kj3CRN1qsrb5WGALxpPDAl0jCiSZh6N3foHptiUzedEnxUpGJvrVBQ - nkHBAoGAMODLk99r/9v/z95FcZwpPdT+YaOJdkW1f4ZS+c7qpp+uxTibx9IUYdEZ - 0FF3MDzfdltCIN9jzBdnX3yT+X6c/HLMqSTa7eohciTPZ1aJr1GiLUUwf3oGhs09 - 8uIBNLYW1f/GOCIRlaRrNAzfy9dagyiy/mwROQslovT3XgYmnlE= - -----END RSA PRIVATE KEY----- + server_name: "some-server.com" + certificate: xxxxx + certificate_key: xxxxx children: primary: hosts: From 1f962770b43ce2b5c47e0835c1b5728145ff759a Mon Sep 17 00:00:00 2001 From: Vinay Aggarwal Date: Tue, 21 Apr 2020 07:33:08 -0700 Subject: [PATCH 03/10] Update hosts.yml made it little more obvious how to include a cert and key --- Ansible/artifactory7/hosts.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/Ansible/artifactory7/hosts.yml b/Ansible/artifactory7/hosts.yml index 0231d0e..5429242 100644 --- a/Ansible/artifactory7/hosts.yml +++ b/Ansible/artifactory7/hosts.yml @@ -18,8 +18,17 @@ all: db_driver: "org.postgresql.Driver" db_url: "jdbc:postgresql://10.0.0.70:5432/artifactory" server_name: "some-server.com" - certificate: xxxxx - certificate_key: xxxxx + certificate: | + -----BEGIN CERTIFICATE----- + Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + -----END CERTIFICATE----- + + certificate_key: | + -----BEGIN RSA PRIVATE KEY----- + Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + -----END RSA PRIVATE KEY----- children: primary: hosts: @@ -37,8 +46,3 @@ all: 18.208.198.226: vars: artifactory_is_primary: false - - - - - From b26b808906d642dee386661c932acb05d4d00f2b Mon Sep 17 00:00:00 2001 From: Vinay Aggarwal Date: Tue, 21 Apr 2020 07:34:12 -0700 Subject: [PATCH 04/10] Update hosts.yml --- Ansible/artifactory7/hosts.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Ansible/artifactory7/hosts.yml b/Ansible/artifactory7/hosts.yml index 5429242..e2c7f87 100644 --- a/Ansible/artifactory7/hosts.yml +++ b/Ansible/artifactory7/hosts.yml @@ -20,14 +20,14 @@ all: server_name: "some-server.com" certificate: | -----BEGIN CERTIFICATE----- - Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X - Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X -----END CERTIFICATE----- certificate_key: | -----BEGIN RSA PRIVATE KEY----- - Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X - Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X -----END RSA PRIVATE KEY----- children: primary: From 7627b2afb101d9f2b4bcb46835ed47f04c0a7651 Mon Sep 17 00:00:00 2001 From: jefferyfry Date: Tue, 21 Apr 2020 07:38:05 -0700 Subject: [PATCH 05/10] More hosts vars updates. --- Ansible/artifactory7/hosts.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Ansible/artifactory7/hosts.yml b/Ansible/artifactory7/hosts.yml index e2c7f87..2e479ad 100644 --- a/Ansible/artifactory7/hosts.yml +++ b/Ansible/artifactory7/hosts.yml @@ -8,7 +8,7 @@ all: children: database: hosts: - 54.80.0.91: + 10.0.0.70: artifactory: vars: master_key: "xxxxxx788ac56159890975bcf" @@ -32,17 +32,17 @@ all: children: primary: hosts: - 52.91.142.46: + 10.0.0.71: vars: artifactory_is_primary: true - artifactory_license1: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHSTJaakk0TURsakxXVXhNakV0TkdOa01TMWlNRGczTFdVMk5tSmlNVGxrTlRjMlpRcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBd09Gb0sKICAgIHNpZ25hdHVyZTogU20vVlV1a3dnVTRlaEtHVmpwbE9XUHB5SzJpcS9pUVdjNklPOXdhNCtYdUR6SERrTFlPRFpkdm80bWxtU0d3NFVlak1mUXRiczFQbW8rTndnZERJbHVHQWpzMXZsbEpuVU5mRzZNQmYxTG5OMTg3RnpmNUswL0Q2WWFuUWI2Q1FYQ0x3T1FxK1VNYWpOcVh2eURoU1RDZHE3VjJtcXl6bDQ2bGFoWDB6VXQvYmM2UnQyNGFZS3ZSc2hxcmZ5eFNLWVY0YXBFeXJuRnZsYWZ5aFVaalJseGxubDJlUkRlVEI1cFZibXRSb2pTVU9oNExNMDg1Rm96QTB4dUxOdkEwbUhDYmtnTWlFRHdaOHJoK3F5SDYvUEFiaEdBWmlQbWY5WVZnM3FydUJkc1p6UmNiTytEUmIwZnZKeXB3NmVIVW4vd0dZd0daTkZEdmJZUlhGYjVaSkRRPT0KdmVyc2lvbjogMQo= - artifactory_license2: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHWTJaVGsyTXpSaExUa3laR0V0TkRSbE9DMDVPVFkyTFRGallUQTNNakk0WVRObE1ncHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBeU5sb0sKICAgIHNpZ25hdHVyZTogaTh0Vys0T3ZUVDErUTBpSmZPalgyOTRUa0YyTFhhYWtsbDZRSlJSYVVZVlpVejhaVTlKRXB3RWZaMnZPYTdvVkQ4ZUJGSTArSVRjQTZBNFVJcCsrZjJleTJIdVdDNU50NFFiTWxPSS9sdzY1Yk9SNHdsN0tML1EvVURsb3gzaENvVkRaSFpTVDdzdGVoVkJHVzdBMUVaVXBGc3hhaHZzaWNxSHJSMzNudGhyWGY0TllrS2g1TmVWYlhFYTRFSWgrak1ycnhsM1ZmODZHMm8vSDR1Y2dxb2dxYjZDSUk0TUhMYWE0Wk9BU0ZGVkpaWU1KZkxjS3ZDSzVxMlJ5bDUwVFR1aVQ5UVJld21yamFTS1ByamRsNk52ckFYTDEzd2xjSmFGd2FnTDJSblYzd3VTVTNqWkg1Z3ZEQzJscjJtZGh1eVdKbjBFRXhnMGZBTFVtM1VXNHRnPT0KdmVyc2lvbjogMQo= - artifactory_license3: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHSm1ZMk00TVRReUxUYzBNamt0TkRFd1l5MDVZV1prTFRFM09UWXlaV016TWpJNFpBcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBME5Gb0sKICAgIHNpZ25hdHVyZToga2JiUUJ0NW55WkpiOERtZTJCR0F5eXRNOEkyZ1dWQW8yRlBLVEFUKzQyY3NMaGcwcjJCL0xtNnZmOGRML3g5WVluNTA0d1ZEVnd2ZGFBbG5kamJONjZzSXJieWptN2Q4VVpzUXMyL3lUdlk2b3VzMVdibU8rTER2SVpGbDFkQ2hHTnc5Rk82NmhPT0lYdUpxU3BUczdYMVlnMS9vZ1pUbS9ZQnJQamlWb1duVVJJUENhSzhWYStSRDhUREExTXdwZitrNXdhQ3h1QWt0b1FwdVJYVUQzUlFXTGdyd1BxZEhXUnhHN2NTZWh0ZjU0dEJmRHNLUzMvUUVQQXNjSXI5RVM5ZFRzVzlSL1NBZFBVLzRsUWE0aFpOdVprS2d5aXdoOE1ybnlxYWRKVXRhSzUvRnAyTHMxSk5NQVg2NERqbU1kdURrS1I0NGlPQVFGeGcwTjlURE5RPT0KdmVyc2lvbjogMQo= - artifactory_license4: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklEWmhPVE0yWW1NMExUQTROVGd0TkRCak5pMDRNemd3TFdNNE9XSmlaVGsxWlROak1RcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBMk1sb0sKICAgIHNpZ25hdHVyZTogZmRlTG95bzc1VTdKYW1JZ00ycVAwMUZWbEE5cHZXbUJXbGNqamJnNGZTQ0UzcVExSDNtTDlkdkJmYTZMTmV1QmxXTTdtWkdTTEhzZzlnc1ZabmduZFR2emFndEtHY3VndlpRQ3puamFERU1QL2JiU3VYWW52UEVDRGFBek5hVm9lakM5VWxialUzK0xPZSt5MC9xU1NiMFlXdDBGSGxydEZObGVlWDFWSGdqN3MwdzRYS1lJWDFBWGdhVTY4ODZZZWdvOTJrSHB1cjIrUmQrUUNLaHAwTzIxdGliVlFMSjZrSEQyZXlKa3J1R0JmWmVhdlZVbkNrVTR6ck1lTlhjNlI4RVlqUGFFTGVZMm02VFBGZWc5OG5JRjVFOS9LZ0VBYUNEeG1CZ3RFaWR0UVJCNVBMa2RxSm53VWxPR1d1UjB3UldBODV5eFhkWTJwdWRJc2lRdXh3PT0KdmVyc2lvbjogMQo= - artifactory_license5: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklEY3pPR1prWWpVM0xXRXhZbVV0TkRZM015MWhabUV3TFRobFlUUmtZVFZrTnpnd01RcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBM09Wb0sKICAgIHNpZ25hdHVyZTogYytEdkJWNXdiRlRnUEFxT0VFWDU0S3IwQWlMWUVNNTJuRHNUcGI4OHNXdmIxTGl1YlRvdXA0NXNMVU9aTnZvVlFuM2szREw4MTFQdHU1WUM5T3dVNXdTNDVkTkQrZHNLREN3eTE4T0c3SU05ZHZ6bml2RU5mb2xsL2VFMTNtazZVS0RLQmhXUkxlYjVvM0tIbkZGRTRTZ004UVNRNGFsWnA5cjA3aUJTUVRrVkxPVnliTUJtSFpkMVJlSmUwcTN0TXZGUVNFNTJHU3FzaURkZ0lVQTVjL1lUQVVnclRoc1lCRVpJQmJCTXVITnNSay9rZHRobmRHWitsQnB0bzlHR25HQ3EzZ0lOQU94Q2tHSnlvMWpGK28xMi9tR3Q1NnVocXVJN2s3SzMzMUpvMGl1L2VWWkxOWEtGNjl5OEE2K0dyMnVheExEajQwaGYwU0pHZ3FESVdBPT0KdmVyc2lvbjogMQo= + artifactory_license1: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + artifactory_license2: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + artifactory_license3: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + artifactory_license4: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + artifactory_license5: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx secondary: hosts: - 54.175.150.158: - 18.208.198.226: + 10.0.0.72: + 10.0.0.73: vars: artifactory_is_primary: false From 915413e3ca368ceb921b81f5d56da7c648a5d459 Mon Sep 17 00:00:00 2001 From: Vinay Aggarwal Date: Tue, 21 Apr 2020 07:39:57 -0700 Subject: [PATCH 06/10] Update README.md Clarified 'artifactory_is_primary' for secondary node(s) --- Ansible/artifactory7/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Ansible/artifactory7/README.md b/Ansible/artifactory7/README.md index c06be0c..4ea9270 100644 --- a/Ansible/artifactory7/README.md +++ b/Ansible/artifactory7/README.md @@ -36,7 +36,7 @@ The following Vars must be configured. * artifactory_license1 - 5: These are the cluster licenses. ### secondary -* artifactory_is_primary: For the primary node this must be set to **false**. +* artifactory_is_primary: For the secondary node(s) this must be set to **false**. ### Example Inventory YAML An example inventory YAM is [here](hosts.yml). @@ -47,4 +47,4 @@ An playbook is [here](rt7provision.yml). ## Executing a Playbook ``` ansible-playbook -i hosts.yml rt7provision.yml -``` \ No newline at end of file +``` From 8d112dcc6e70e9d26b9fedff99941c740f647a38 Mon Sep 17 00:00:00 2001 From: jefferyfry Date: Fri, 24 Apr 2020 13:23:35 -0700 Subject: [PATCH 07/10] Created initial nginx, xray, xray-postgres roles. --- .../roles/artifactory-nginx/.travis.yml | 29 ++++++++++ .../roles/artifactory-nginx/README.md | 38 +++++++++++++ .../roles/artifactory-nginx/defaults/main.yml | 2 + .../files}/artifactory.conf.j2 | 0 .../files/nginx.conf | 0 .../roles/artifactory-nginx/handlers/main.yml | 2 + .../roles/artifactory-nginx/meta/main.yml | 53 +++++++++++++++++++ .../roles/artifactory-nginx/tasks/main.yml | 2 + .../roles/artifactory-nginx/tests/inventory | 2 + .../roles/artifactory-nginx/tests/test.yml | 5 ++ .../roles/artifactory-nginx/vars/main.yml | 2 + .../roles/xray-postgres/.travis.yml | 29 ++++++++++ .../rt7ansible/roles/xray-postgres/README.md | 38 +++++++++++++ .../roles/xray-postgres/defaults/main.yml | 2 + .../roles/xray-postgres/handlers/main.yml | 2 + .../roles/xray-postgres/meta/main.yml | 53 +++++++++++++++++++ .../roles/xray-postgres/tasks/main.yml | 2 + .../roles/xray-postgres/tests/inventory | 2 + .../roles/xray-postgres/tests/test.yml | 5 ++ .../roles/xray-postgres/vars/main.yml | 2 + .../jfrog/rt7ansible/roles/xray/.travis.yml | 29 ++++++++++ .../jfrog/rt7ansible/roles/xray/README.md | 38 +++++++++++++ .../rt7ansible/roles/xray/defaults/main.yml | 2 + .../rt7ansible/roles/xray/handlers/main.yml | 2 + .../jfrog/rt7ansible/roles/xray/meta/main.yml | 53 +++++++++++++++++++ .../rt7ansible/roles/xray/tasks/main.yml | 2 + .../rt7ansible/roles/xray/tests/inventory | 2 + .../rt7ansible/roles/xray/tests/test.yml | 5 ++ .../jfrog/rt7ansible/roles/xray/vars/main.yml | 2 + 29 files changed, 405 insertions(+) create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/.travis.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/README.md create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/defaults/main.yml rename Ansible/artifactory7/jfrog/rt7ansible/roles/{artifactory/templates => artifactory-nginx/files}/artifactory.conf.j2 (100%) rename Ansible/artifactory7/jfrog/rt7ansible/roles/{artifactory => artifactory-nginx}/files/nginx.conf (100%) create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/handlers/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/meta/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/inventory create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/test.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/vars/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/.travis.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/README.md create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/defaults/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/handlers/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/meta/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tasks/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/inventory create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/test.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/vars/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/.travis.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/README.md create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/defaults/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/handlers/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/meta/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tasks/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/inventory create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/test.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/vars/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/README.md b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/defaults/main.yml new file mode 100644 index 0000000..6b28347 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.conf.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/artifactory.conf.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.conf.j2 rename to Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/artifactory.conf.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/files/nginx.conf b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/nginx.conf similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/files/nginx.conf rename to Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/nginx.conf diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/handlers/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/handlers/main.yml new file mode 100644 index 0000000..d212386 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml new file mode 100644 index 0000000..4719929 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml @@ -0,0 +1,2 @@ +--- +# tasks file for artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/inventory b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/test.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/test.yml new file mode 100644 index 0000000..7560bbb --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/vars/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/vars/main.yml new file mode 100644 index 0000000..7465197 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/README.md b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/defaults/main.yml new file mode 100644 index 0000000..6667258 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/handlers/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/handlers/main.yml new file mode 100644 index 0000000..2770023 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tasks/main.yml new file mode 100644 index 0000000..c76e6e4 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tasks/main.yml @@ -0,0 +1,2 @@ +--- +# tasks file for xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/inventory b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/test.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/test.yml new file mode 100644 index 0000000..642a7c9 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/vars/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/vars/main.yml new file mode 100644 index 0000000..10cff70 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/README.md b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/defaults/main.yml new file mode 100644 index 0000000..8e55c59 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for xray \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/handlers/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/handlers/main.yml new file mode 100644 index 0000000..f236fe3 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for xray \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tasks/main.yml new file mode 100644 index 0000000..cf85f8b --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tasks/main.yml @@ -0,0 +1,2 @@ +--- +# tasks file for xray \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/inventory b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/test.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/test.yml new file mode 100644 index 0000000..f296da6 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - xray \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/vars/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/vars/main.yml new file mode 100644 index 0000000..55363e6 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for xray \ No newline at end of file From 38d2524ee14b2e72d1f61cb1e4f8f3716ea4ab1a Mon Sep 17 00:00:00 2001 From: jefferyfry Date: Tue, 28 Apr 2020 21:08:09 -0700 Subject: [PATCH 08/10] Added nginx roles. --- Ansible/artifactory7/README.md | 16 ++- Ansible/artifactory7/hosts.yml | 129 ++++++++++++++---- .../artifactory7/jfrog/rt7ansible/README.md | 3 - .../artifactory-java/tasks/setup-Debian.yml | 1 + .../roles/artifactory-nginx-ssl/.travis.yml | 29 ++++ .../artifactory-nginx-ssl/defaults/main.yml | 2 + .../artifactory-nginx-ssl/handlers/main.yml | 2 + .../roles/artifactory-nginx-ssl/meta/main.yml | 53 +++++++ .../artifactory-nginx-ssl/tasks/main.yml | 41 ++++++ .../templates}/artifactory.conf.j2 | 11 +- .../templates/certificate.key.j2 | 0 .../templates/certificate.pem.j2 | 0 .../artifactory-nginx-ssl/tests/inventory | 2 + .../artifactory-nginx-ssl/tests/test.yml | 5 + .../roles/artifactory-nginx-ssl/vars/main.yml | 2 + .../roles/artifactory-nginx/README.md | 38 ------ .../roles/artifactory-nginx/tasks/main.yml | 32 ++++- .../templates/artifactory.conf.j2 | 43 ++++++ .../roles/artifactory/tasks/main.yml | 57 +------- Ansible/artifactory7/rt7provision.yml | 3 +- 20 files changed, 333 insertions(+), 136 deletions(-) delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/README.md create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/.travis.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/defaults/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/handlers/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/meta/main.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tasks/main.yml rename Ansible/artifactory7/jfrog/rt7ansible/roles/{artifactory-nginx/files => artifactory-nginx-ssl/templates}/artifactory.conf.j2 (85%) rename Ansible/artifactory7/jfrog/rt7ansible/roles/{artifactory => artifactory-nginx-ssl}/templates/certificate.key.j2 (100%) rename Ansible/artifactory7/jfrog/rt7ansible/roles/{artifactory => artifactory-nginx-ssl}/templates/certificate.pem.j2 (100%) create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/inventory create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/test.yml create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/vars/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/README.md create mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/templates/artifactory.conf.j2 diff --git a/Ansible/artifactory7/README.md b/Ansible/artifactory7/README.md index 4ea9270..d2cda81 100644 --- a/Ansible/artifactory7/README.md +++ b/Ansible/artifactory7/README.md @@ -3,14 +3,14 @@ This repo contains the Ansible collection for JFrog Artifactory Pro 7 roles. The ## Roles Provided ### artifactory -The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. +The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory-nginx and artifactory-java to install nginx and java dependencies. + +### artifactory-nginx-ssl +The artifactory-nginx-ssl role installs and configures nginx for SSL. ### artifactory-postgres The artifactory-postgres role will install Postgresql software and configure an artifactory database and user. -### artifactory-java -The artifactory-java role ensures that the correct version of Java is installed for Artifactory. - ## Vars Required The following Vars must be configured. @@ -19,9 +19,7 @@ The following Vars must be configured. * ansible_ssh_private_key_file: The SSH key to use. eg. "/Users/jefff/.ssh/jeff-ec2-us-east.pem" * db_user: The Artifactory database user to configure. eg. "artifactory" * db_password: The Artifactory database password to configure. "Art1fact0ry" -* server_name: This is the LB DNS or IP. eg. "ansibleelb-623062857.us-east-1.elb.amazonaws.com" -* certificate: This is the SSL cert. -* certificate_key: This is the SSL private key. +* server_name: This is the server name. eg. "artifactory.54.175.51.178.xip.io" ### artifactory * master_key: This is the Artifactory Master Key. @@ -38,6 +36,10 @@ The following Vars must be configured. ### secondary * artifactory_is_primary: For the secondary node(s) this must be set to **false**. +### SSL Config (Used with artifactory-nginx-ssl role) +* certificate: This is the SSL cert. +* certificate_key: This is the SSL private key. + ### Example Inventory YAML An example inventory YAM is [here](hosts.yml). diff --git a/Ansible/artifactory7/hosts.yml b/Ansible/artifactory7/hosts.yml index 2e479ad..cb62a86 100644 --- a/Ansible/artifactory7/hosts.yml +++ b/Ansible/artifactory7/hosts.yml @@ -2,47 +2,124 @@ all: vars: ansible_user: "ubuntu" - ansible_ssh_private_key_file: "ssh.pem" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/jeff-ansible-ec2.pem" db_user: "artifactory" - db_password: "xxxxxx" + db_password: "Art1fAct0ry" children: database: hosts: - 10.0.0.70: + 100.26.167.170: artifactory: vars: - master_key: "xxxxxx788ac56159890975bcf" - join_key: "xxxxxx4bbac87970282fdeb" + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" db_type: "postgresql" db_driver: "org.postgresql.Driver" - db_url: "jdbc:postgresql://10.0.0.70:5432/artifactory" - server_name: "some-server.com" + db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory" + server_name: "ec2-100-25-104-198.compute-1.amazonaws.com" certificate: | -----BEGIN CERTIFICATE----- - Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X - Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X + MIIF8zCCA9ugAwIBAgIJAK/iP1hhhVNKMA0GCSqGSIb3DQEBCwUAMHUxCzAJBgNV + BAYTAlVTMQswCQYDVQQIDAJXQTEQMA4GA1UEBwwHU2VhdHRsZTESMBAGA1UECgwJ + Q2xvdWRCZWVzMTMwMQYDVQQDDCplYzItMTAwLTI1LTEwNC0xOTguY29tcHV0ZS0x + LmFtYXpvbmF3cy5jb20wHhcNMjAwNDI5MDM1OTIxWhcNMjIwODAyMDM1OTIxWjB1 + MQswCQYDVQQGEwJVUzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1NlYXR0bGUxEjAQ + BgNVBAoMCUNsb3VkQmVlczEzMDEGA1UEAwwqZWMyLTEwMC0yNS0xMDQtMTk4LmNv + bXB1dGUtMS5hbWF6b25hd3MuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC + CgKCAgEAn92BnDtr7fUbtGF0uPmsk7OWDtyY+ElLvq9Borp10AUtLllXGB4Ap6Xf + HoZy943wi+d+pVf3S/oElnAsRlbEUwOSLSiBzxOef94sVe+f4FX9IhCnMsQQJSSy + QlpLEYzPvLXa6Z3dYgGqHIvJUtrrVeT1s81swZ7Mh7BLIrjg0yMykemiDst1HM+1 + fo0tuNQUO4AUjNNOWcNCLQiIXUIztdTRSEqDmZ8LfTv4IRV4mewE8HdT1PkmF+55 + FIKZZWxL7+jTuRUU4QAEOcxmrK5b69+npVvLPeo8w9swwrqpZM0XG3xpe4Djtw61 + DpASS1iOWmbdYOvMUq+7535UU9aE7cifEgMvtJ1n0BT5JCvYMmSb9QbL5iD6pKfA + PwA/SEA4sH5ppUYB+gMeh7DCMtRO0Ac6BcQ5LxJovrelG4BCpFd9rU/fcIsKxvSC + 4XrNqpK8UDdb3zjS9vBE2cbjqJVj37D2NsNY9NBc+UyNRrfssRZkzcEEqzXFWBrZ + 30YZ9Dwd2h2mtxNn4/L/j3wJDwfLctsWPtv+FJaCZ9j750YWkIA35ry6eq0yifxk + 3dm7mXkize3W3upCFEqjUOmVtaJsKi38dFLgIddEOM+JyRpQEULTZ4V0ZHYAWd9C + 1s+7tinypx3yhOHmLvbKQZZu5oF9BrGYCVqfghTjR1XxLPTV66MCAwEAAaOBhTCB + gjBhBgNVHREEWjBYgiplYzItMTAwLTI1LTEwNC0xOTguY29tcHV0ZS0xLmFtYXpv + bmF3cy5jb22CKmVjMi0xMDAtMjUtMTA0LTE5OC5jb21wdXRlLTEuYW1hem9uYXdz + LmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQEL + BQADggIBAB/qktMXhgiIz68+KxnQFwgx7xsjTzsfG8USfdkBqoj+vFbIkuk6U4t0 + DQZbRzPeK/RxrkYKxVt5TO2bdgpXaV9stud1jd5cDqvb7F8Q9/D56BVHCjJ9AmLM + qH1GUl+4txM+rRP93zpmpY804SZa8CqljF4nP7QqqxbCrkExOAADd9+D0wAKBSMl + kswoG6AK45POYg6a+qZI4qWJv4W5lx1HuDP/e4W7J0FIKiWcUHsgLHWvRa5rEzNW + kofZ3vJ0XXmO7fs9WuB0DllY+Vim25Xjfs+iS4Qa02GF9Bz11e9cv34b6l92levy + O+2ntCsh77+NBRFF74GGyWqqvsjhm6AI3A0i7efXybKeCIEQ1g+/18gDT+OHRrU3 + zqfXIRZmmLAEG9xeWzQiNVZj/QX+6WWjFG4+BkUqrjRqD5b8G64XfmzPXwndMaLR + ZIGbAEWur9128GMyNeq+G1PpDJZOS5iFlqY8Wn0b5g8PaKpCpORSwdLOxdPthSeE + E4a/S1H3FfXGPYRjupkIRBLUF7XEBlU27Q8kzB7UYxJfzw6Pa05Pn3IO8IQtsYyu + Dq9V9Fbw3eE0lSWd+HkeYjA0GiXVXFY0qbJwV0tEgEEboMs0Z+gRykrmD2JN15Mn + e/FHoOCfDqjzeFHCmc+pBWUnibiFE5hIWP4ofAAKg24CMzaqDxLg -----END CERTIFICATE----- - certificate_key: | - -----BEGIN RSA PRIVATE KEY----- - Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X - Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0Xx0X - -----END RSA PRIVATE KEY----- + -----BEGIN PRIVATE KEY----- + MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCf3YGcO2vt9Ru0 + YXS4+ayTs5YO3Jj4SUu+r0GiunXQBS0uWVcYHgCnpd8ehnL3jfCL536lV/dL+gSW + cCxGVsRTA5ItKIHPE55/3ixV75/gVf0iEKcyxBAlJLJCWksRjM+8tdrpnd1iAaoc + i8lS2utV5PWzzWzBnsyHsEsiuODTIzKR6aIOy3Ucz7V+jS241BQ7gBSM005Zw0It + CIhdQjO11NFISoOZnwt9O/ghFXiZ7ATwd1PU+SYX7nkUgpllbEvv6NO5FRThAAQ5 + zGasrlvr36elW8s96jzD2zDCuqlkzRcbfGl7gOO3DrUOkBJLWI5aZt1g68xSr7vn + flRT1oTtyJ8SAy+0nWfQFPkkK9gyZJv1BsvmIPqkp8A/AD9IQDiwfmmlRgH6Ax6H + sMIy1E7QBzoFxDkvEmi+t6UbgEKkV32tT99wiwrG9ILhes2qkrxQN1vfONL28ETZ + xuOolWPfsPY2w1j00Fz5TI1Gt+yxFmTNwQSrNcVYGtnfRhn0PB3aHaa3E2fj8v+P + fAkPB8ty2xY+2/4UloJn2PvnRhaQgDfmvLp6rTKJ/GTd2buZeSLN7dbe6kIUSqNQ + 6ZW1omwqLfx0UuAh10Q4z4nJGlARQtNnhXRkdgBZ30LWz7u2KfKnHfKE4eYu9spB + lm7mgX0GsZgJWp+CFONHVfEs9NXrowIDAQABAoICACCo80rExQcHVVKjumHz+DLw + tI5yuPm4l7XsPh+NsnX+KL3YWLe/oWietZeZ5jD3GZarg68p6obmHDvTzOfN4CwJ + hbqeFO8GVhJPhIVGAEanqqBkAJSZg6bi+Vwe8Ek0mFg4WvHxY4IbTvKoCEhaG0wg + C6ZhKH/h/m0WMjN0y9G21iUDMy2MmW96a9zf4OBqy3tgblJa9R3Xi1SB8sICvWe/ + g8YeGwaufH1oXAf+R/ZCRrwN1N2kzQiEms365HXZCyaHTYH5cZuKElLwlGVg9byZ + o7lfqIUMrr9gr3SJCARk9fySjUZDDcKfSZQhEOu9us9zRnT/l22pI11m7Ll4EQ3k + jGSOz4+LSZdS4mnD3vGCCUtS5tz9uJ4IU1CErLeNb3Mb4LvbUBo97SyXf4s7TLdv + O889e+tDR39qLYt94Dtl9On/td8j+AsgXr5AbQH7Ha7Y6rKmKOL1Hos2w0GycwXL + 1g4Y6FpC35Ao93GI8VgBupJBI8jZa84CLV1ZVkNb0X1gp1ExA08Pji5OsQNn2Mww + 2PJ0+1gKXBBeO8IakNAPmi3/CK+FFQ6B4v5VwjgDJM+gUtV7Jrtp7xoodGzQTuhw + jY045PghFgAVafDWKwRqG6EC0fKz1TOLdTSoqpWvIy7ElP6/5XNquWH9eML2h3PZ + K+1H9fFaEk0+Qjv5LwDhAoIBAQDNYZReYNk60e+Lgd+VDL/qdgtknoG06mZpUBVL + 3IBHVwa6l8iw0DnxL97slketzVSWqR8oYO5JOMj3OQ24TDE0rB2cPY6v4OdzSxOT + 2Ki6+QEJ7ybLPUVoEvchglcQ2xfvh8f3so1ULR4c64gZCvB55iq/2ylmOTADcUwa + KK7OWJzaK4JWk1VYjw4pmVGcxK/wM587FUkxEJjgqychjPNAlpFlUr2Sp8Fy1on2 + 6OcqbB4afXqCCxNzi0dlEEWb4RXxhWEIkBaQVKE3X3aWYwH2yGW1f+ilgIF0MT0o + mDPE7x1s75pQvXZftyXS1B/7OSwyKpejtrmQIoWaYcMIrrixAoIBAQDHRB+bXENT + RIJSol8acVOZM/pq0iI8bGg2ud/JR5tmcKcLKP9SwKTSwFI3LUMbMAkLb0wwSmyp + s3SLMTo1VdqrCzqHS465gi/0XLamGLJghE8bzflTHLfIwQ0CrXcdFJUSGivlDVgR + 5riMnuyisGd4v34gk2n2xQMEjILAzOkTqPTyx+ZlXXTBYfUT9vmcbdZoYy6IueRu + JGpL7O/SfpbMEDMmhWIsLdQzo7MlwI5MGPgKNx0NBtQpqf+yx+nOmlxjDMCbKxCv + 4lHMP4p6XmSb3m+Iz0QLi1k33qSI4szL5uqxTX9rbl6vCTqRyDwlbrubVAF2TEdX + p7QND3UF9z6TAoIBAD6sW1ldloyjicT5sd/LDzmeIiXnVM9/hBb5EDahKCgc/3mr + XdvO/w+BuzZZObBo6zo6i76Hrc98W59NsskdvxpCt5p5EnTLXfXJ4ESKphrAZ7e/ + WghFP0veFboNC0KiiTBYMAZ/Xy9jwT+0BEkYFIAuY7c+Sujd5K/4P+/voEBpvBu7 + kT+YIEAxD3JUThpXzxSuvBWMjlRBq1VMBVnwqD56dA4GbME3HgpMO7e0JO7GJX2R + 8vOCK8JjqzrE92j1C/wy5oR1a91JZhT+tbJ4rh2/04HKcZUnnNl3OSGNKKcdDM60 + Y1PmLRxSSGGIx+Wi8cCxTKrx1LiOQFT3Jkwc/VECggEBAJjaSOSEAaD+DHoW050V + EWuT06PdTSXMgqR4MJHVu/74qyqEaFayL7z6ihaJQdC5KDb9SRRCAtiqL9wWBvCi + yvopwtvFudXTZ7Wq6PDAQRSIaaaKeZankNMOQ0yqg5RrFW6tZL5vXf9dXHOB9UNW + zghx2+5hJgeFWKtEnYgHp0LNeBhD/xgCeG1fFwAZk5/LIY0xh6CZ+AAFLwTO26g8 + MrCWPKZv6r646O4zxFhRPNZi0OIFJOO5OUY8gUhC0bcJ8ZSJU7Wzczl4AgcLNs5n + WgW2uxfW5ft1CRsyTkQytaYznBQlvnhKUZczHRp23qxYJNEhv31fRdqXaiYalUne + PsECggEAOJZJwvvxi74HZI5rkdJBN3fXfo1zaZuTs+wDUXhcQreLy3sBSoX3eSVm + grnrIBsxw3oDqp+Mg++aCrr4GM2Jiymbogg1aN11MT7oFLhKWLKW6JrUT9Av4KYp + LFbXCuaEgMk60bKNbNcAI378gEHq8I352q/ezWnQys/PtVuUx3VwsPnuvUypEAuL + 90RgMx7g46Q3GC7TQmlqNyaEDaVGY2PYSQZjNje8TTf7pJopue/9KF1cTyN2pgpz + i6ZGjYpEzFf484iIOxv1HWndfvcQg6y+rw1n08sR8bh759YFrv8fz/vxou7m9BUL + wE0kp6bIPqO7luLz5sqjxGiSRTiWSQ== + -----END PRIVATE KEY----- children: primary: hosts: - 10.0.0.71: + 100.25.104.198: vars: artifactory_is_primary: true - artifactory_license1: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - artifactory_license2: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - artifactory_license3: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - artifactory_license4: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - artifactory_license5: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - secondary: - hosts: - 10.0.0.72: - 10.0.0.73: - vars: - artifactory_is_primary: false + artifactory_license1: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHSTJaakk0TURsakxXVXhNakV0TkdOa01TMWlNRGczTFdVMk5tSmlNVGxrTlRjMlpRcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBd09Gb0sKICAgIHNpZ25hdHVyZTogU20vVlV1a3dnVTRlaEtHVmpwbE9XUHB5SzJpcS9pUVdjNklPOXdhNCtYdUR6SERrTFlPRFpkdm80bWxtU0d3NFVlak1mUXRiczFQbW8rTndnZERJbHVHQWpzMXZsbEpuVU5mRzZNQmYxTG5OMTg3RnpmNUswL0Q2WWFuUWI2Q1FYQ0x3T1FxK1VNYWpOcVh2eURoU1RDZHE3VjJtcXl6bDQ2bGFoWDB6VXQvYmM2UnQyNGFZS3ZSc2hxcmZ5eFNLWVY0YXBFeXJuRnZsYWZ5aFVaalJseGxubDJlUkRlVEI1cFZibXRSb2pTVU9oNExNMDg1Rm96QTB4dUxOdkEwbUhDYmtnTWlFRHdaOHJoK3F5SDYvUEFiaEdBWmlQbWY5WVZnM3FydUJkc1p6UmNiTytEUmIwZnZKeXB3NmVIVW4vd0dZd0daTkZEdmJZUlhGYjVaSkRRPT0KdmVyc2lvbjogMQo= + artifactory_license2: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHWTJaVGsyTXpSaExUa3laR0V0TkRSbE9DMDVPVFkyTFRGallUQTNNakk0WVRObE1ncHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBeU5sb0sKICAgIHNpZ25hdHVyZTogaTh0Vys0T3ZUVDErUTBpSmZPalgyOTRUa0YyTFhhYWtsbDZRSlJSYVVZVlpVejhaVTlKRXB3RWZaMnZPYTdvVkQ4ZUJGSTArSVRjQTZBNFVJcCsrZjJleTJIdVdDNU50NFFiTWxPSS9sdzY1Yk9SNHdsN0tML1EvVURsb3gzaENvVkRaSFpTVDdzdGVoVkJHVzdBMUVaVXBGc3hhaHZzaWNxSHJSMzNudGhyWGY0TllrS2g1TmVWYlhFYTRFSWgrak1ycnhsM1ZmODZHMm8vSDR1Y2dxb2dxYjZDSUk0TUhMYWE0Wk9BU0ZGVkpaWU1KZkxjS3ZDSzVxMlJ5bDUwVFR1aVQ5UVJld21yamFTS1ByamRsNk52ckFYTDEzd2xjSmFGd2FnTDJSblYzd3VTVTNqWkg1Z3ZEQzJscjJtZGh1eVdKbjBFRXhnMGZBTFVtM1VXNHRnPT0KdmVyc2lvbjogMQo= + artifactory_license3: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHSm1ZMk00TVRReUxUYzBNamt0TkRFd1l5MDVZV1prTFRFM09UWXlaV016TWpJNFpBcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBME5Gb0sKICAgIHNpZ25hdHVyZToga2JiUUJ0NW55WkpiOERtZTJCR0F5eXRNOEkyZ1dWQW8yRlBLVEFUKzQyY3NMaGcwcjJCL0xtNnZmOGRML3g5WVluNTA0d1ZEVnd2ZGFBbG5kamJONjZzSXJieWptN2Q4VVpzUXMyL3lUdlk2b3VzMVdibU8rTER2SVpGbDFkQ2hHTnc5Rk82NmhPT0lYdUpxU3BUczdYMVlnMS9vZ1pUbS9ZQnJQamlWb1duVVJJUENhSzhWYStSRDhUREExTXdwZitrNXdhQ3h1QWt0b1FwdVJYVUQzUlFXTGdyd1BxZEhXUnhHN2NTZWh0ZjU0dEJmRHNLUzMvUUVQQXNjSXI5RVM5ZFRzVzlSL1NBZFBVLzRsUWE0aFpOdVprS2d5aXdoOE1ybnlxYWRKVXRhSzUvRnAyTHMxSk5NQVg2NERqbU1kdURrS1I0NGlPQVFGeGcwTjlURE5RPT0KdmVyc2lvbjogMQo= + artifactory_license4: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklEWmhPVE0yWW1NMExUQTROVGd0TkRCak5pMDRNemd3TFdNNE9XSmlaVGsxWlROak1RcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBMk1sb0sKICAgIHNpZ25hdHVyZTogZmRlTG95bzc1VTdKYW1JZ00ycVAwMUZWbEE5cHZXbUJXbGNqamJnNGZTQ0UzcVExSDNtTDlkdkJmYTZMTmV1QmxXTTdtWkdTTEhzZzlnc1ZabmduZFR2emFndEtHY3VndlpRQ3puamFERU1QL2JiU3VYWW52UEVDRGFBek5hVm9lakM5VWxialUzK0xPZSt5MC9xU1NiMFlXdDBGSGxydEZObGVlWDFWSGdqN3MwdzRYS1lJWDFBWGdhVTY4ODZZZWdvOTJrSHB1cjIrUmQrUUNLaHAwTzIxdGliVlFMSjZrSEQyZXlKa3J1R0JmWmVhdlZVbkNrVTR6ck1lTlhjNlI4RVlqUGFFTGVZMm02VFBGZWc5OG5JRjVFOS9LZ0VBYUNEeG1CZ3RFaWR0UVJCNVBMa2RxSm53VWxPR1d1UjB3UldBODV5eFhkWTJwdWRJc2lRdXh3PT0KdmVyc2lvbjogMQo= + artifactory_license5: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklEY3pPR1prWWpVM0xXRXhZbVV0TkRZM015MWhabUV3TFRobFlUUmtZVFZrTnpnd01RcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBM09Wb0sKICAgIHNpZ25hdHVyZTogYytEdkJWNXdiRlRnUEFxT0VFWDU0S3IwQWlMWUVNNTJuRHNUcGI4OHNXdmIxTGl1YlRvdXA0NXNMVU9aTnZvVlFuM2szREw4MTFQdHU1WUM5T3dVNXdTNDVkTkQrZHNLREN3eTE4T0c3SU05ZHZ6bml2RU5mb2xsL2VFMTNtazZVS0RLQmhXUkxlYjVvM0tIbkZGRTRTZ004UVNRNGFsWnA5cjA3aUJTUVRrVkxPVnliTUJtSFpkMVJlSmUwcTN0TXZGUVNFNTJHU3FzaURkZ0lVQTVjL1lUQVVnclRoc1lCRVpJQmJCTXVITnNSay9rZHRobmRHWitsQnB0bzlHR25HQ3EzZ0lOQU94Q2tHSnlvMWpGK28xMi9tR3Q1NnVocXVJN2s3SzMzMUpvMGl1L2VWWkxOWEtGNjl5OEE2K0dyMnVheExEajQwaGYwU0pHZ3FESVdBPT0KdmVyc2lvbjogMQo= +# secondary: +# hosts: +# 54.160.107.157: +# 35.153.79.44: +# vars: +# artifactory_is_primary: false diff --git a/Ansible/artifactory7/jfrog/rt7ansible/README.md b/Ansible/artifactory7/jfrog/rt7ansible/README.md deleted file mode 100644 index 823595b..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Ansible Collection - jfrog.rt7ansible - -Documentation for the collection. \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml index 4d9fc0a..ac77b7a 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml @@ -12,6 +12,7 @@ - name: Ensure Java is installed. apt: + update_cache: yes name: "{{ java_packages }}" state: present become: true diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/defaults/main.yml new file mode 100644 index 0000000..6b28347 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/handlers/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/handlers/main.yml new file mode 100644 index 0000000..d212386 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tasks/main.yml new file mode 100644 index 0000000..c0e955d --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tasks/main.yml @@ -0,0 +1,41 @@ +--- +# tasks file for artifactory-nginx +- name: configure the artifactory nginx conf + template: + src: artifactory.conf.j2 + dest: /etc/nginx/conf.d/artifactory.conf + owner: root + group: root + mode: '0755' + become: true + +- name: ensure nginx dir exists + file: + path: "/var/opt/jfrog/nginx/ssl" + state: directory + become: true + +- name: configure certificate + template: + src: certificate.pem.j2 + dest: "/var/opt/jfrog/nginx/ssl/cert.pem" + become: true + +- name: ensure pki exists + file: + path: "/etc/pki/tls" + state: directory + become: true + +- name: configure key + template: + src: certificate.key.j2 + dest: "/etc/pki/tls/cert.key" + become: true + +- name: restart nginx + service: + name: nginx + state: restarted + enabled: yes + become: true \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/artifactory.conf.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 similarity index 85% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/artifactory.conf.j2 rename to Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 index 38c058d..315a601 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/artifactory.conf.j2 +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 @@ -9,22 +9,21 @@ upstream artifactory-direct { server 127.0.0.1:8081; } - ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; + ssl_protocols TLSv1.1 TLSv1.2; ssl_certificate /var/opt/jfrog/nginx/ssl/cert.pem; ssl_certificate_key /etc/pki/tls/cert.key; ssl_session_cache shared:SSL:1m; ssl_prefer_server_ciphers on; ## server configuration server { - listen 443 ssl; - listen 80 ; + listen 443 ssl http2; server_name {{ server_name }}; if ($http_x_forwarded_proto = '') { set $http_x_forwarded_proto $scheme; } ## Application specific logs - ## access_log /var/log/nginx/artifactory-access.log timing; - ## error_log /var/log/nginx/artifactory-error.log; + access_log /var/log/nginx/artifactory-access.log; + error_log /var/log/nginx/artifactory-error.log; rewrite ^/$ /ui/ redirect; rewrite ^/ui$ /ui/ redirect; chunked_transfer_encoding on; @@ -33,7 +32,7 @@ proxy_read_timeout 2400s; proxy_pass_header Server; proxy_cookie_path ~*^/.* /; - proxy_pass http://artifactory; + proxy_pass "http://artifactory"; proxy_next_upstream error timeout non_idempotent; proxy_next_upstream_tries 1; proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.key.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/certificate.key.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.key.j2 rename to Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/certificate.key.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.pem.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.pem.j2 rename to Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/inventory b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/test.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/test.yml new file mode 100644 index 0000000..7560bbb --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/vars/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/vars/main.yml new file mode 100644 index 0000000..7465197 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for artifactory-nginx \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/README.md b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/README.md deleted file mode 100644 index 225dd44..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml index 4719929..01dce50 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml @@ -1,2 +1,32 @@ --- -# tasks file for artifactory-nginx \ No newline at end of file +# tasks file for artifactory-nginx +- name: install nginx + package: + name: nginx + state: present + become: true + +- name: configure main nginx conf file. + copy: + src: nginx.conf + dest: /etc/nginx/nginx.conf + owner: root + group: root + mode: '0755' + become: true + +- name: configure the artifactory nginx conf + template: + src: artifactory.conf.j2 + dest: /etc/nginx/conf.d/artifactory.conf + owner: root + group: root + mode: '0755' + become: true + +- name: restart nginx + service: + name: nginx + state: restarted + enabled: yes + become: true \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/templates/artifactory.conf.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/templates/artifactory.conf.j2 new file mode 100644 index 0000000..58280d9 --- /dev/null +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/templates/artifactory.conf.j2 @@ -0,0 +1,43 @@ +########################################################### +## this configuration was generated by JFrog Artifactory ## + ########################################################### + + ## add HA entries when ha is configure + upstream artifactory { + server 127.0.0.1:8082; +} + upstream artifactory-direct { + server 127.0.0.1:8081; +} + ## server configuration + server { + listen 80 ; + server_name {{ server_name }}; + if ($http_x_forwarded_proto = '') { + set $http_x_forwarded_proto $scheme; + } + ## Application specific logs + access_log /var/log/nginx/artifactory-access.log; + error_log /var/log/nginx/artifactory-error.log; + rewrite ^/$ /ui/ redirect; + rewrite ^/ui$ /ui/ redirect; + chunked_transfer_encoding on; + client_max_body_size 0; + location / { + proxy_read_timeout 2400s; + proxy_pass_header Server; + proxy_cookie_path ~*^/.* /; + proxy_pass "http://artifactory"; + proxy_next_upstream error timeout non_idempotent; + proxy_next_upstream_tries 1; + proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + location ~ ^/artifactory/ { + proxy_pass http://artifactory-direct; + } + } +} \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml index 9bb00a2..2568e2d 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml +++ b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml @@ -4,60 +4,9 @@ include_role: name: artifactory-java -#- name: install nginx -# package: -# name: nginx -# state: present -# become: true -# -#- name: configure main nginx conf file. -# copy: -# src: nginx.conf -# dest: /etc/nginx/nginx.conf -# owner: root -# group: root -# mode: '0755' -# become: true -# -#- name: configure the artifactory nginx conf -# template: -# src: artifactory.conf.j2 -# dest: /etc/nginx/conf.d/artifactory.conf -# owner: root -# group: root -# mode: '0755' -# become: true -# -#- name: ensure nginx dir exists -# file: -# path: "/var/opt/jfrog/nginx/ssl" -# state: directory -# become: true -# -#- name: configure certificate -# template: -# src: certificate.pem.j2 -# dest: "/var/opt/jfrog/nginx/ssl/cert.pem" -# become: true -# -#- name: ensure pki exists -# file: -# path: "/etc/pki/tls" -# state: directory -# become: true -# -#- name: configure key -# template: -# src: certificate.key.j2 -# dest: "/etc/pki/tls/cert.key" -# become: true -# -#- name: restart nginx -# service: -# name: nginx -# state: started -# enabled: yes -# become: true +- name: install nginx + include_role: + name: artifactory-nginx - name: create group for artifactory group: diff --git a/Ansible/artifactory7/rt7provision.yml b/Ansible/artifactory7/rt7provision.yml index ecb976a..8acff9e 100644 --- a/Ansible/artifactory7/rt7provision.yml +++ b/Ansible/artifactory7/rt7provision.yml @@ -7,4 +7,5 @@ - hosts: primary:secondary gather_facts: true roles: - - jfrog/rt7ansible/roles/artifactory \ No newline at end of file + - jfrog/rt7ansible/roles/artifactory + - jfrog/rt7ansible/roles/artifactory-nginx-ssl \ No newline at end of file From 4e9153dffaa37a84d2f4952c0483b57f49f7ca17 Mon Sep 17 00:00:00 2001 From: jefferyfry Date: Tue, 28 Apr 2020 21:10:29 -0700 Subject: [PATCH 09/10] Added ARM, AWS templates and pipelines. --- Ansible/artifactory7/README.md | 52 -- Ansible/artifactory7/ansible.cfg | 8 - Ansible/artifactory7/hosts.yml | 125 --- .../roles/artifactory-java/.travis.yml | 33 - .../roles/artifactory-java/.yamllint | 6 - .../roles/artifactory-java/defaults/main.yml | 6 - .../roles/artifactory-java/meta/main.yml | 42 - .../roles/artifactory-java/tasks/main.yml | 41 - .../artifactory-java/tasks/setup-Debian.yml | 18 - .../artifactory-java/tasks/setup-FreeBSD.yml | 12 - .../artifactory-java/tasks/setup-RedHat.yml | 6 - .../templates/java_home.sh.j2 | 1 - .../roles/artifactory-java/vars/Debian-10.yml | 6 - .../roles/artifactory-java/vars/Debian-8.yml | 7 - .../roles/artifactory-java/vars/Debian-9.yml | 6 - .../roles/artifactory-java/vars/Fedora.yml | 6 - .../roles/artifactory-java/vars/FreeBSD.yml | 7 - .../roles/artifactory-java/vars/RedHat-6.yml | 7 - .../roles/artifactory-java/vars/RedHat-7.yml | 8 - .../roles/artifactory-java/vars/RedHat-8.yml | 7 - .../roles/artifactory-java/vars/Ubuntu-12.yml | 7 - .../roles/artifactory-java/vars/Ubuntu-14.yml | 7 - .../roles/artifactory-java/vars/Ubuntu-16.yml | 7 - .../roles/artifactory-java/vars/Ubuntu-18.yml | 6 - .../roles/artifactory/vars/main.yml | 17 - .../rt7ansible/roles/xray-postgres/README.md | 38 - .../roles/xray-postgres/defaults/main.yml | 2 - .../roles/xray-postgres/handlers/main.yml | 2 - .../roles/xray-postgres/tasks/main.yml | 2 - .../roles/xray-postgres/tests/test.yml | 5 - .../roles/xray-postgres/vars/main.yml | 2 - .../jfrog/rt7ansible/roles/xray/.travis.yml | 29 - .../jfrog/rt7ansible/roles/xray/README.md | 38 - .../rt7ansible/roles/xray/defaults/main.yml | 2 - .../jfrog/rt7ansible/roles/xray/meta/main.yml | 53 -- .../rt7ansible/roles/xray/tasks/main.yml | 2 - .../rt7ansible/roles/xray/tests/inventory | 2 - Ansible/artifactory7/rt7provision.yml | 11 - Ansible/awsPipelines.yaml | 54 ++ Ansible/azurePipelines.yaml | 57 ++ .../.ansible-lint | 0 .../{artifactory7 => collection}/.yamllint | 0 Ansible/collection/README.md | 77 ++ .../jfrog/ansible}/galaxy.yml | 2 +- .../jfrog/ansible}/plugins/README.md | 0 .../roles/artifactory-nginx-ssl/.travis.yml | 0 .../artifactory-nginx-ssl/defaults/main.yml | 0 .../artifactory-nginx-ssl/handlers/main.yml | 0 .../roles/artifactory-nginx-ssl/meta/main.yml | 0 .../artifactory-nginx-ssl/tasks/main.yml | 12 +- .../templates/artifactory.conf.j2 | 0 .../templates/certificate.key.j2 | 0 .../templates/certificate.pem.j2 | 0 .../artifactory-nginx-ssl/tests/inventory | 0 .../artifactory-nginx-ssl/tests/test.yml | 0 .../roles/artifactory-nginx-ssl/vars/main.yml | 0 .../roles/artifactory-nginx/.travis.yml | 0 .../roles/artifactory-nginx/defaults/main.yml | 0 .../roles/artifactory-nginx/files/nginx.conf | 0 .../roles/artifactory-nginx/handlers/main.yml | 0 .../roles/artifactory-nginx/meta/main.yml | 0 .../roles/artifactory-nginx/tasks/main.yml | 13 +- .../templates/artifactory.conf.j2 | 0 .../roles/artifactory-nginx/tests/inventory | 0 .../roles/artifactory-nginx/tests/test.yml | 0 .../roles/artifactory-nginx/vars/main.yml | 0 .../ansible}/roles/artifactory/.travis.yml | 0 .../roles/artifactory/defaults/main.yml | 28 +- .../roles/artifactory/handlers/main.yml | 0 .../roles/artifactory/meta/exception.yml | 0 .../ansible}/roles/artifactory/meta/main.yml | 0 .../roles/artifactory/meta/preferences.yml | 0 .../roles/artifactory/meta/version.yml | 0 .../ansible}/roles/artifactory/tasks/main.yml | 52 +- .../templates/artifactory.cluster.license.j2 | 9 +- .../artifactory/templates/binarystore.xml.j2 | 0 .../templates/installer-info.json.j2 | 0 .../roles/artifactory/templates/join.key.j2 | 0 .../roles/artifactory/templates/master.key.j2 | 0 .../artifactory/templates/system.yaml.j2 | 2 +- .../ansible/roles/artifactory/vars/main.yml | 2 + .../jfrog/ansible/roles/postgres}/.travis.yml | 0 .../ansible/roles/postgres}/defaults/main.yml | 0 .../ansible/roles/postgres}/handlers/main.yml | 0 .../ansible/roles/postgres}/meta/main.yml | 0 .../ansible/roles/postgres}/tasks/Debian.yml | 24 +- .../ansible/roles/postgres}/tasks/RedHat.yml | 18 +- .../ansible/roles/postgres}/tasks/main.yml | 56 +- .../roles/postgres}/templates/pg_hba.conf.j2 | 0 .../postgres}/templates/postgresql.conf.j2 | 0 .../ansible/roles/postgres}/vars/Debian.yml | 2 +- .../ansible/roles/postgres}/vars/RedHat.yml | 0 .../roles/postgres}/vars/RedHat_pg-9.6.yml | 0 .../postgres}/vars/RedHat_pg-default.yml | 2 +- .../jfrog/ansible/roles/xray}/.travis.yml | 0 .../ansible/roles/xray/defaults/main.yml | 23 + .../ansible}/roles/xray/handlers/main.yml | 0 .../jfrog/ansible/roles/xray}/meta/main.yml | 0 .../jfrog/ansible/roles/xray/tasks/Debian.yml | 37 + .../jfrog/ansible/roles/xray/tasks/RedHat.yml | 16 + .../jfrog/ansible/roles/xray/tasks/main.yml | 93 +++ .../xray/templates/installer-info.json.j2 | 8 + .../ansible/roles/xray/templates/join.key.j2 | 1 + .../roles/xray/templates/master.key.j2 | 1 + .../roles/xray/templates/system.yaml.j2 | 36 + .../jfrog/ansible/roles/xray}/tests/inventory | 0 .../jfrog/ansible}/roles/xray/tests/test.yml | 0 .../jfrog/ansible}/roles/xray/vars/main.yml | 0 Ansible/infra/aws/lb-rt-xray-ha.json | 769 ++++++++++++++++++ Ansible/infra/azure/lb-rt-xray-ha.json | 679 ++++++++++++++++ Ansible/pipelines.yaml | 57 ++ Ansible/project/rt-ha/hosts.yml | 51 ++ Ansible/project/rt-ha/playbook.yml | 11 + .../project/rt-xray-ha-ssh-proxy/hosts.yml | 60 ++ .../project/rt-xray-ha-ssh-proxy/playbook.yml | 15 + Ansible/project/rt-xray-ha/hosts.yml | 55 ++ Ansible/project/rt-xray-ha/playbook.yml | 15 + Ansible/project/rt-xray/hosts.yml | 43 + Ansible/project/rt-xray/playbook.yml | 15 + Ansible/project/rt/hosts.yml | 31 + Ansible/project/rt/playbook.yml | 10 + Ansible/project/ssl/hosts.yml | 39 + Ansible/project/ssl/playbook.yml | 11 + Ansible/test/aws/playbook.yaml | 147 ++++ Ansible/test/aws/runAws.sh | 3 + Ansible/test/azure/playbook.yaml | 161 ++++ Ansible/test/azure/runAzure.sh | 3 + Ansible/test/tests/README.md | 19 + Ansible/test/tests/build.gradle | 63 ++ .../tests/gradle/wrapper/gradle-wrapper.jar | Bin 0 -> 55190 bytes .../gradle/wrapper/gradle-wrapper.properties | 6 + Ansible/test/tests/gradlew | 172 ++++ Ansible/test/tests/gradlew.bat | 84 ++ Ansible/test/tests/settings.gradle | 2 + .../test/groovy/steps/RepositorySteps.groovy | 139 ++++ .../test/groovy/steps/SecuritytSteps.groovy | 196 +++++ .../src/test/groovy/steps/XraySteps.groovy | 585 +++++++++++++ Ansible/test/tests/src/test/groovy/testng.xml | 25 + .../test/groovy/tests/HealthCheckTest.groovy | 57 ++ .../test/groovy/tests/RepositoryTest.groovy | 302 +++++++ .../src/test/groovy/tests/SecurityTest.groovy | 153 ++++ .../src/test/groovy/tests/XrayTest.groovy | 332 ++++++++ .../groovy/utils/ConfigurationUtil.groovy | 19 + .../tests/src/test/groovy/utils/DSL.groovy | 81 ++ .../groovy/utils/EnvironmentConfig.groovy | 10 + .../groovy/utils/ProcessOutputStream.groovy | 32 + .../tests/src/test/groovy/utils/Shell.groovy | 17 + .../test/groovy/utils/WorkSpaceManager.groovy | 32 + .../src/test/resources/enableRabbitMQ.json | 11 + .../tests/src/test/resources/integration.json | 9 + .../resources/repositories/CreateDefault.yaml | 554 +++++++++++++ .../resources/repositories/CreateJCR.yaml | 119 +++ .../test/resources/repositories/artifact.zip | Bin 0 -> 519 bytes .../tests/src/test/resources/testenv.yaml | 6 + JFrog-Cloud-Installers.iml | 11 + ansible.cfg | 10 + 156 files changed, 5757 insertions(+), 725 deletions(-) delete mode 100644 Ansible/artifactory7/README.md delete mode 100644 Ansible/artifactory7/ansible.cfg delete mode 100644 Ansible/artifactory7/hosts.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.travis.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.yamllint delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/defaults/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/meta/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-FreeBSD.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-RedHat.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/templates/java_home.sh.j2 delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-10.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-8.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-9.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Fedora.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/FreeBSD.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-6.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-7.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-8.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-12.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-14.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-16.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-18.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/README.md delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/defaults/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/handlers/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tasks/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/test.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/vars/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/.travis.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/README.md delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/defaults/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/meta/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tasks/main.yml delete mode 100644 Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/inventory delete mode 100644 Ansible/artifactory7/rt7provision.yml create mode 100644 Ansible/awsPipelines.yaml create mode 100644 Ansible/azurePipelines.yaml rename Ansible/{artifactory7 => collection}/.ansible-lint (100%) rename Ansible/{artifactory7 => collection}/.yamllint (100%) create mode 100644 Ansible/collection/README.md rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/galaxy.yml (99%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/plugins/README.md (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/.travis.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/defaults/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/handlers/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/meta/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/tasks/main.yml (88%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/templates/certificate.key.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/tests/inventory (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/tests/test.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx-ssl/vars/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/.travis.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/defaults/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/files/nginx.conf (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/handlers/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/meta/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/tasks/main.yml (78%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/templates/artifactory.conf.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/tests/inventory (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/tests/test.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory-nginx/vars/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/.travis.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/defaults/main.yml (55%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/handlers/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/meta/exception.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/meta/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/meta/preferences.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/meta/version.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/tasks/main.yml (84%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/templates/artifactory.cluster.license.j2 (78%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/templates/binarystore.xml.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/templates/installer-info.json.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/templates/join.key.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/templates/master.key.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/artifactory/templates/system.yaml.j2 (96%) create mode 100644 Ansible/collection/jfrog/ansible/roles/artifactory/vars/main.yml rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/.travis.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/defaults/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/handlers/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/meta/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/tasks/Debian.yml (70%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/tasks/RedHat.yml (88%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/tasks/main.yml (72%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/templates/pg_hba.conf.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/templates/postgresql.conf.j2 (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/vars/Debian.yml (95%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/vars/RedHat.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/vars/RedHat_pg-9.6.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/artifactory-postgres => collection/jfrog/ansible/roles/postgres}/vars/RedHat_pg-default.yml (79%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/xray-postgres => collection/jfrog/ansible/roles/xray}/.travis.yml (100%) create mode 100644 Ansible/collection/jfrog/ansible/roles/xray/defaults/main.yml rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/xray/handlers/main.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible/roles/xray-postgres => collection/jfrog/ansible/roles/xray}/meta/main.yml (100%) create mode 100644 Ansible/collection/jfrog/ansible/roles/xray/tasks/Debian.yml create mode 100644 Ansible/collection/jfrog/ansible/roles/xray/tasks/RedHat.yml create mode 100644 Ansible/collection/jfrog/ansible/roles/xray/tasks/main.yml create mode 100644 Ansible/collection/jfrog/ansible/roles/xray/templates/installer-info.json.j2 create mode 100644 Ansible/collection/jfrog/ansible/roles/xray/templates/join.key.j2 create mode 100644 Ansible/collection/jfrog/ansible/roles/xray/templates/master.key.j2 create mode 100644 Ansible/collection/jfrog/ansible/roles/xray/templates/system.yaml.j2 rename Ansible/{artifactory7/jfrog/rt7ansible/roles/xray-postgres => collection/jfrog/ansible/roles/xray}/tests/inventory (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/xray/tests/test.yml (100%) rename Ansible/{artifactory7/jfrog/rt7ansible => collection/jfrog/ansible}/roles/xray/vars/main.yml (100%) create mode 100644 Ansible/infra/aws/lb-rt-xray-ha.json create mode 100644 Ansible/infra/azure/lb-rt-xray-ha.json create mode 100644 Ansible/pipelines.yaml create mode 100644 Ansible/project/rt-ha/hosts.yml create mode 100644 Ansible/project/rt-ha/playbook.yml create mode 100644 Ansible/project/rt-xray-ha-ssh-proxy/hosts.yml create mode 100644 Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml create mode 100644 Ansible/project/rt-xray-ha/hosts.yml create mode 100644 Ansible/project/rt-xray-ha/playbook.yml create mode 100644 Ansible/project/rt-xray/hosts.yml create mode 100644 Ansible/project/rt-xray/playbook.yml create mode 100644 Ansible/project/rt/hosts.yml create mode 100644 Ansible/project/rt/playbook.yml create mode 100644 Ansible/project/ssl/hosts.yml create mode 100644 Ansible/project/ssl/playbook.yml create mode 100644 Ansible/test/aws/playbook.yaml create mode 100755 Ansible/test/aws/runAws.sh create mode 100644 Ansible/test/azure/playbook.yaml create mode 100755 Ansible/test/azure/runAzure.sh create mode 100755 Ansible/test/tests/README.md create mode 100644 Ansible/test/tests/build.gradle create mode 100644 Ansible/test/tests/gradle/wrapper/gradle-wrapper.jar create mode 100644 Ansible/test/tests/gradle/wrapper/gradle-wrapper.properties create mode 100755 Ansible/test/tests/gradlew create mode 100644 Ansible/test/tests/gradlew.bat create mode 100644 Ansible/test/tests/settings.gradle create mode 100644 Ansible/test/tests/src/test/groovy/steps/RepositorySteps.groovy create mode 100644 Ansible/test/tests/src/test/groovy/steps/SecuritytSteps.groovy create mode 100644 Ansible/test/tests/src/test/groovy/steps/XraySteps.groovy create mode 100644 Ansible/test/tests/src/test/groovy/testng.xml create mode 100644 Ansible/test/tests/src/test/groovy/tests/HealthCheckTest.groovy create mode 100644 Ansible/test/tests/src/test/groovy/tests/RepositoryTest.groovy create mode 100644 Ansible/test/tests/src/test/groovy/tests/SecurityTest.groovy create mode 100644 Ansible/test/tests/src/test/groovy/tests/XrayTest.groovy create mode 100644 Ansible/test/tests/src/test/groovy/utils/ConfigurationUtil.groovy create mode 100644 Ansible/test/tests/src/test/groovy/utils/DSL.groovy create mode 100644 Ansible/test/tests/src/test/groovy/utils/EnvironmentConfig.groovy create mode 100644 Ansible/test/tests/src/test/groovy/utils/ProcessOutputStream.groovy create mode 100644 Ansible/test/tests/src/test/groovy/utils/Shell.groovy create mode 100644 Ansible/test/tests/src/test/groovy/utils/WorkSpaceManager.groovy create mode 100644 Ansible/test/tests/src/test/resources/enableRabbitMQ.json create mode 100644 Ansible/test/tests/src/test/resources/integration.json create mode 100644 Ansible/test/tests/src/test/resources/repositories/CreateDefault.yaml create mode 100644 Ansible/test/tests/src/test/resources/repositories/CreateJCR.yaml create mode 100644 Ansible/test/tests/src/test/resources/repositories/artifact.zip create mode 100644 Ansible/test/tests/src/test/resources/testenv.yaml create mode 100644 JFrog-Cloud-Installers.iml create mode 100644 ansible.cfg diff --git a/Ansible/artifactory7/README.md b/Ansible/artifactory7/README.md deleted file mode 100644 index d2cda81..0000000 --- a/Ansible/artifactory7/README.md +++ /dev/null @@ -1,52 +0,0 @@ -# rt7ansible -This repo contains the Ansible collection for JFrog Artifactory Pro 7 roles. These roles allow you to provision Artifactory for High-Availability using a Primary node and multiple Secondary nodes. Additionally, a Postgresql role is provided for installing an Artifactory Postgresql database. - -## Roles Provided -### artifactory -The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory-nginx and artifactory-java to install nginx and java dependencies. - -### artifactory-nginx-ssl -The artifactory-nginx-ssl role installs and configures nginx for SSL. - -### artifactory-postgres -The artifactory-postgres role will install Postgresql software and configure an artifactory database and user. - -## Vars Required -The following Vars must be configured. - -### all -* ansible_user: The SSH user to access the hosts. eg. "ubuntu" -* ansible_ssh_private_key_file: The SSH key to use. eg. "/Users/jefff/.ssh/jeff-ec2-us-east.pem" -* db_user: The Artifactory database user to configure. eg. "artifactory" -* db_password: The Artifactory database password to configure. "Art1fact0ry" -* server_name: This is the server name. eg. "artifactory.54.175.51.178.xip.io" - -### artifactory -* master_key: This is the Artifactory Master Key. -* join_key: This is the Artifactory Join Key. -* db_download_url: This is the download URL for the JDBC driver for your database. eg. "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" -* db_type: This is the database type. eg. "postgresql" -* db_driver: This is the JDBC driver class. eg. "org.postgresql.Driver" -* db_url: This is the JDBC database url. eg. "jdbc:postgresql://10.0.0.120:5432/artifactory" - -### primary -* artifactory_is_primary: For the primary node this must be set to **true**. -* artifactory_license1 - 5: These are the cluster licenses. - -### secondary -* artifactory_is_primary: For the secondary node(s) this must be set to **false**. - -### SSL Config (Used with artifactory-nginx-ssl role) -* certificate: This is the SSL cert. -* certificate_key: This is the SSL private key. - -### Example Inventory YAML -An example inventory YAM is [here](hosts.yml). - -### Example Playbook -An playbook is [here](rt7provision.yml). - -## Executing a Playbook -``` -ansible-playbook -i hosts.yml rt7provision.yml -``` diff --git a/Ansible/artifactory7/ansible.cfg b/Ansible/artifactory7/ansible.cfg deleted file mode 100644 index fd33dd1..0000000 --- a/Ansible/artifactory7/ansible.cfg +++ /dev/null @@ -1,8 +0,0 @@ -[defaults] -# Installs collections into [current dir]/ansible_collections/namespace/collection_name -collections_paths = ./ - -# Installs roles into [current dir]/roles/namespace.rolename -roles_path = ./jfrog/rt7ansible/roles - -host_key_checking = false \ No newline at end of file diff --git a/Ansible/artifactory7/hosts.yml b/Ansible/artifactory7/hosts.yml deleted file mode 100644 index cb62a86..0000000 --- a/Ansible/artifactory7/hosts.yml +++ /dev/null @@ -1,125 +0,0 @@ ---- -all: - vars: - ansible_user: "ubuntu" - ansible_ssh_private_key_file: "/Users/jefff/.ssh/jeff-ansible-ec2.pem" - db_user: "artifactory" - db_password: "Art1fAct0ry" - children: - database: - hosts: - 100.26.167.170: - artifactory: - vars: - master_key: "c97b862469de0d94fbb7d48130637a5a" - join_key: "9bcca98f375c0728d907cc6ee39d4f02" - db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" - db_type: "postgresql" - db_driver: "org.postgresql.Driver" - db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory" - server_name: "ec2-100-25-104-198.compute-1.amazonaws.com" - certificate: | - -----BEGIN CERTIFICATE----- - MIIF8zCCA9ugAwIBAgIJAK/iP1hhhVNKMA0GCSqGSIb3DQEBCwUAMHUxCzAJBgNV - BAYTAlVTMQswCQYDVQQIDAJXQTEQMA4GA1UEBwwHU2VhdHRsZTESMBAGA1UECgwJ - Q2xvdWRCZWVzMTMwMQYDVQQDDCplYzItMTAwLTI1LTEwNC0xOTguY29tcHV0ZS0x - LmFtYXpvbmF3cy5jb20wHhcNMjAwNDI5MDM1OTIxWhcNMjIwODAyMDM1OTIxWjB1 - MQswCQYDVQQGEwJVUzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1NlYXR0bGUxEjAQ - BgNVBAoMCUNsb3VkQmVlczEzMDEGA1UEAwwqZWMyLTEwMC0yNS0xMDQtMTk4LmNv - bXB1dGUtMS5hbWF6b25hd3MuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC - CgKCAgEAn92BnDtr7fUbtGF0uPmsk7OWDtyY+ElLvq9Borp10AUtLllXGB4Ap6Xf - HoZy943wi+d+pVf3S/oElnAsRlbEUwOSLSiBzxOef94sVe+f4FX9IhCnMsQQJSSy - QlpLEYzPvLXa6Z3dYgGqHIvJUtrrVeT1s81swZ7Mh7BLIrjg0yMykemiDst1HM+1 - fo0tuNQUO4AUjNNOWcNCLQiIXUIztdTRSEqDmZ8LfTv4IRV4mewE8HdT1PkmF+55 - FIKZZWxL7+jTuRUU4QAEOcxmrK5b69+npVvLPeo8w9swwrqpZM0XG3xpe4Djtw61 - DpASS1iOWmbdYOvMUq+7535UU9aE7cifEgMvtJ1n0BT5JCvYMmSb9QbL5iD6pKfA - PwA/SEA4sH5ppUYB+gMeh7DCMtRO0Ac6BcQ5LxJovrelG4BCpFd9rU/fcIsKxvSC - 4XrNqpK8UDdb3zjS9vBE2cbjqJVj37D2NsNY9NBc+UyNRrfssRZkzcEEqzXFWBrZ - 30YZ9Dwd2h2mtxNn4/L/j3wJDwfLctsWPtv+FJaCZ9j750YWkIA35ry6eq0yifxk - 3dm7mXkize3W3upCFEqjUOmVtaJsKi38dFLgIddEOM+JyRpQEULTZ4V0ZHYAWd9C - 1s+7tinypx3yhOHmLvbKQZZu5oF9BrGYCVqfghTjR1XxLPTV66MCAwEAAaOBhTCB - gjBhBgNVHREEWjBYgiplYzItMTAwLTI1LTEwNC0xOTguY29tcHV0ZS0xLmFtYXpv - bmF3cy5jb22CKmVjMi0xMDAtMjUtMTA0LTE5OC5jb21wdXRlLTEuYW1hem9uYXdz - LmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQEL - BQADggIBAB/qktMXhgiIz68+KxnQFwgx7xsjTzsfG8USfdkBqoj+vFbIkuk6U4t0 - DQZbRzPeK/RxrkYKxVt5TO2bdgpXaV9stud1jd5cDqvb7F8Q9/D56BVHCjJ9AmLM - qH1GUl+4txM+rRP93zpmpY804SZa8CqljF4nP7QqqxbCrkExOAADd9+D0wAKBSMl - kswoG6AK45POYg6a+qZI4qWJv4W5lx1HuDP/e4W7J0FIKiWcUHsgLHWvRa5rEzNW - kofZ3vJ0XXmO7fs9WuB0DllY+Vim25Xjfs+iS4Qa02GF9Bz11e9cv34b6l92levy - O+2ntCsh77+NBRFF74GGyWqqvsjhm6AI3A0i7efXybKeCIEQ1g+/18gDT+OHRrU3 - zqfXIRZmmLAEG9xeWzQiNVZj/QX+6WWjFG4+BkUqrjRqD5b8G64XfmzPXwndMaLR - ZIGbAEWur9128GMyNeq+G1PpDJZOS5iFlqY8Wn0b5g8PaKpCpORSwdLOxdPthSeE - E4a/S1H3FfXGPYRjupkIRBLUF7XEBlU27Q8kzB7UYxJfzw6Pa05Pn3IO8IQtsYyu - Dq9V9Fbw3eE0lSWd+HkeYjA0GiXVXFY0qbJwV0tEgEEboMs0Z+gRykrmD2JN15Mn - e/FHoOCfDqjzeFHCmc+pBWUnibiFE5hIWP4ofAAKg24CMzaqDxLg - -----END CERTIFICATE----- - certificate_key: | - -----BEGIN PRIVATE KEY----- - MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCf3YGcO2vt9Ru0 - YXS4+ayTs5YO3Jj4SUu+r0GiunXQBS0uWVcYHgCnpd8ehnL3jfCL536lV/dL+gSW - cCxGVsRTA5ItKIHPE55/3ixV75/gVf0iEKcyxBAlJLJCWksRjM+8tdrpnd1iAaoc - i8lS2utV5PWzzWzBnsyHsEsiuODTIzKR6aIOy3Ucz7V+jS241BQ7gBSM005Zw0It - CIhdQjO11NFISoOZnwt9O/ghFXiZ7ATwd1PU+SYX7nkUgpllbEvv6NO5FRThAAQ5 - zGasrlvr36elW8s96jzD2zDCuqlkzRcbfGl7gOO3DrUOkBJLWI5aZt1g68xSr7vn - flRT1oTtyJ8SAy+0nWfQFPkkK9gyZJv1BsvmIPqkp8A/AD9IQDiwfmmlRgH6Ax6H - sMIy1E7QBzoFxDkvEmi+t6UbgEKkV32tT99wiwrG9ILhes2qkrxQN1vfONL28ETZ - xuOolWPfsPY2w1j00Fz5TI1Gt+yxFmTNwQSrNcVYGtnfRhn0PB3aHaa3E2fj8v+P - fAkPB8ty2xY+2/4UloJn2PvnRhaQgDfmvLp6rTKJ/GTd2buZeSLN7dbe6kIUSqNQ - 6ZW1omwqLfx0UuAh10Q4z4nJGlARQtNnhXRkdgBZ30LWz7u2KfKnHfKE4eYu9spB - lm7mgX0GsZgJWp+CFONHVfEs9NXrowIDAQABAoICACCo80rExQcHVVKjumHz+DLw - tI5yuPm4l7XsPh+NsnX+KL3YWLe/oWietZeZ5jD3GZarg68p6obmHDvTzOfN4CwJ - hbqeFO8GVhJPhIVGAEanqqBkAJSZg6bi+Vwe8Ek0mFg4WvHxY4IbTvKoCEhaG0wg - C6ZhKH/h/m0WMjN0y9G21iUDMy2MmW96a9zf4OBqy3tgblJa9R3Xi1SB8sICvWe/ - g8YeGwaufH1oXAf+R/ZCRrwN1N2kzQiEms365HXZCyaHTYH5cZuKElLwlGVg9byZ - o7lfqIUMrr9gr3SJCARk9fySjUZDDcKfSZQhEOu9us9zRnT/l22pI11m7Ll4EQ3k - jGSOz4+LSZdS4mnD3vGCCUtS5tz9uJ4IU1CErLeNb3Mb4LvbUBo97SyXf4s7TLdv - O889e+tDR39qLYt94Dtl9On/td8j+AsgXr5AbQH7Ha7Y6rKmKOL1Hos2w0GycwXL - 1g4Y6FpC35Ao93GI8VgBupJBI8jZa84CLV1ZVkNb0X1gp1ExA08Pji5OsQNn2Mww - 2PJ0+1gKXBBeO8IakNAPmi3/CK+FFQ6B4v5VwjgDJM+gUtV7Jrtp7xoodGzQTuhw - jY045PghFgAVafDWKwRqG6EC0fKz1TOLdTSoqpWvIy7ElP6/5XNquWH9eML2h3PZ - K+1H9fFaEk0+Qjv5LwDhAoIBAQDNYZReYNk60e+Lgd+VDL/qdgtknoG06mZpUBVL - 3IBHVwa6l8iw0DnxL97slketzVSWqR8oYO5JOMj3OQ24TDE0rB2cPY6v4OdzSxOT - 2Ki6+QEJ7ybLPUVoEvchglcQ2xfvh8f3so1ULR4c64gZCvB55iq/2ylmOTADcUwa - KK7OWJzaK4JWk1VYjw4pmVGcxK/wM587FUkxEJjgqychjPNAlpFlUr2Sp8Fy1on2 - 6OcqbB4afXqCCxNzi0dlEEWb4RXxhWEIkBaQVKE3X3aWYwH2yGW1f+ilgIF0MT0o - mDPE7x1s75pQvXZftyXS1B/7OSwyKpejtrmQIoWaYcMIrrixAoIBAQDHRB+bXENT - RIJSol8acVOZM/pq0iI8bGg2ud/JR5tmcKcLKP9SwKTSwFI3LUMbMAkLb0wwSmyp - s3SLMTo1VdqrCzqHS465gi/0XLamGLJghE8bzflTHLfIwQ0CrXcdFJUSGivlDVgR - 5riMnuyisGd4v34gk2n2xQMEjILAzOkTqPTyx+ZlXXTBYfUT9vmcbdZoYy6IueRu - JGpL7O/SfpbMEDMmhWIsLdQzo7MlwI5MGPgKNx0NBtQpqf+yx+nOmlxjDMCbKxCv - 4lHMP4p6XmSb3m+Iz0QLi1k33qSI4szL5uqxTX9rbl6vCTqRyDwlbrubVAF2TEdX - p7QND3UF9z6TAoIBAD6sW1ldloyjicT5sd/LDzmeIiXnVM9/hBb5EDahKCgc/3mr - XdvO/w+BuzZZObBo6zo6i76Hrc98W59NsskdvxpCt5p5EnTLXfXJ4ESKphrAZ7e/ - WghFP0veFboNC0KiiTBYMAZ/Xy9jwT+0BEkYFIAuY7c+Sujd5K/4P+/voEBpvBu7 - kT+YIEAxD3JUThpXzxSuvBWMjlRBq1VMBVnwqD56dA4GbME3HgpMO7e0JO7GJX2R - 8vOCK8JjqzrE92j1C/wy5oR1a91JZhT+tbJ4rh2/04HKcZUnnNl3OSGNKKcdDM60 - Y1PmLRxSSGGIx+Wi8cCxTKrx1LiOQFT3Jkwc/VECggEBAJjaSOSEAaD+DHoW050V - EWuT06PdTSXMgqR4MJHVu/74qyqEaFayL7z6ihaJQdC5KDb9SRRCAtiqL9wWBvCi - yvopwtvFudXTZ7Wq6PDAQRSIaaaKeZankNMOQ0yqg5RrFW6tZL5vXf9dXHOB9UNW - zghx2+5hJgeFWKtEnYgHp0LNeBhD/xgCeG1fFwAZk5/LIY0xh6CZ+AAFLwTO26g8 - MrCWPKZv6r646O4zxFhRPNZi0OIFJOO5OUY8gUhC0bcJ8ZSJU7Wzczl4AgcLNs5n - WgW2uxfW5ft1CRsyTkQytaYznBQlvnhKUZczHRp23qxYJNEhv31fRdqXaiYalUne - PsECggEAOJZJwvvxi74HZI5rkdJBN3fXfo1zaZuTs+wDUXhcQreLy3sBSoX3eSVm - grnrIBsxw3oDqp+Mg++aCrr4GM2Jiymbogg1aN11MT7oFLhKWLKW6JrUT9Av4KYp - LFbXCuaEgMk60bKNbNcAI378gEHq8I352q/ezWnQys/PtVuUx3VwsPnuvUypEAuL - 90RgMx7g46Q3GC7TQmlqNyaEDaVGY2PYSQZjNje8TTf7pJopue/9KF1cTyN2pgpz - i6ZGjYpEzFf484iIOxv1HWndfvcQg6y+rw1n08sR8bh759YFrv8fz/vxou7m9BUL - wE0kp6bIPqO7luLz5sqjxGiSRTiWSQ== - -----END PRIVATE KEY----- - children: - primary: - hosts: - 100.25.104.198: - vars: - artifactory_is_primary: true - artifactory_license1: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHSTJaakk0TURsakxXVXhNakV0TkdOa01TMWlNRGczTFdVMk5tSmlNVGxrTlRjMlpRcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBd09Gb0sKICAgIHNpZ25hdHVyZTogU20vVlV1a3dnVTRlaEtHVmpwbE9XUHB5SzJpcS9pUVdjNklPOXdhNCtYdUR6SERrTFlPRFpkdm80bWxtU0d3NFVlak1mUXRiczFQbW8rTndnZERJbHVHQWpzMXZsbEpuVU5mRzZNQmYxTG5OMTg3RnpmNUswL0Q2WWFuUWI2Q1FYQ0x3T1FxK1VNYWpOcVh2eURoU1RDZHE3VjJtcXl6bDQ2bGFoWDB6VXQvYmM2UnQyNGFZS3ZSc2hxcmZ5eFNLWVY0YXBFeXJuRnZsYWZ5aFVaalJseGxubDJlUkRlVEI1cFZibXRSb2pTVU9oNExNMDg1Rm96QTB4dUxOdkEwbUhDYmtnTWlFRHdaOHJoK3F5SDYvUEFiaEdBWmlQbWY5WVZnM3FydUJkc1p6UmNiTytEUmIwZnZKeXB3NmVIVW4vd0dZd0daTkZEdmJZUlhGYjVaSkRRPT0KdmVyc2lvbjogMQo= - artifactory_license2: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHWTJaVGsyTXpSaExUa3laR0V0TkRSbE9DMDVPVFkyTFRGallUQTNNakk0WVRObE1ncHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBeU5sb0sKICAgIHNpZ25hdHVyZTogaTh0Vys0T3ZUVDErUTBpSmZPalgyOTRUa0YyTFhhYWtsbDZRSlJSYVVZVlpVejhaVTlKRXB3RWZaMnZPYTdvVkQ4ZUJGSTArSVRjQTZBNFVJcCsrZjJleTJIdVdDNU50NFFiTWxPSS9sdzY1Yk9SNHdsN0tML1EvVURsb3gzaENvVkRaSFpTVDdzdGVoVkJHVzdBMUVaVXBGc3hhaHZzaWNxSHJSMzNudGhyWGY0TllrS2g1TmVWYlhFYTRFSWgrak1ycnhsM1ZmODZHMm8vSDR1Y2dxb2dxYjZDSUk0TUhMYWE0Wk9BU0ZGVkpaWU1KZkxjS3ZDSzVxMlJ5bDUwVFR1aVQ5UVJld21yamFTS1ByamRsNk52ckFYTDEzd2xjSmFGd2FnTDJSblYzd3VTVTNqWkg1Z3ZEQzJscjJtZGh1eVdKbjBFRXhnMGZBTFVtM1VXNHRnPT0KdmVyc2lvbjogMQo= - artifactory_license3: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklHSm1ZMk00TVRReUxUYzBNamt0TkRFd1l5MDVZV1prTFRFM09UWXlaV016TWpJNFpBcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBME5Gb0sKICAgIHNpZ25hdHVyZToga2JiUUJ0NW55WkpiOERtZTJCR0F5eXRNOEkyZ1dWQW8yRlBLVEFUKzQyY3NMaGcwcjJCL0xtNnZmOGRML3g5WVluNTA0d1ZEVnd2ZGFBbG5kamJONjZzSXJieWptN2Q4VVpzUXMyL3lUdlk2b3VzMVdibU8rTER2SVpGbDFkQ2hHTnc5Rk82NmhPT0lYdUpxU3BUczdYMVlnMS9vZ1pUbS9ZQnJQamlWb1duVVJJUENhSzhWYStSRDhUREExTXdwZitrNXdhQ3h1QWt0b1FwdVJYVUQzUlFXTGdyd1BxZEhXUnhHN2NTZWh0ZjU0dEJmRHNLUzMvUUVQQXNjSXI5RVM5ZFRzVzlSL1NBZFBVLzRsUWE0aFpOdVprS2d5aXdoOE1ybnlxYWRKVXRhSzUvRnAyTHMxSk5NQVg2NERqbU1kdURrS1I0NGlPQVFGeGcwTjlURE5RPT0KdmVyc2lvbjogMQo= - artifactory_license4: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklEWmhPVE0yWW1NMExUQTROVGd0TkRCak5pMDRNemd3TFdNNE9XSmlaVGsxWlROak1RcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBMk1sb0sKICAgIHNpZ25hdHVyZTogZmRlTG95bzc1VTdKYW1JZ00ycVAwMUZWbEE5cHZXbUJXbGNqamJnNGZTQ0UzcVExSDNtTDlkdkJmYTZMTmV1QmxXTTdtWkdTTEhzZzlnc1ZabmduZFR2emFndEtHY3VndlpRQ3puamFERU1QL2JiU3VYWW52UEVDRGFBek5hVm9lakM5VWxialUzK0xPZSt5MC9xU1NiMFlXdDBGSGxydEZObGVlWDFWSGdqN3MwdzRYS1lJWDFBWGdhVTY4ODZZZWdvOTJrSHB1cjIrUmQrUUNLaHAwTzIxdGliVlFMSjZrSEQyZXlKa3J1R0JmWmVhdlZVbkNrVTR6ck1lTlhjNlI4RVlqUGFFTGVZMm02VFBGZWc5OG5JRjVFOS9LZ0VBYUNEeG1CZ3RFaWR0UVJCNVBMa2RxSm53VWxPR1d1UjB3UldBODV5eFhkWTJwdWRJc2lRdXh3PT0KdmVyc2lvbjogMQo= - artifactory_license5: cHJvZHVjdHM6CiAgYXJ0aWZhY3Rvcnk6CiAgICBwcm9kdWN0OiBaWGh3YVhKbGN6b2dNakF5TUMwd055MHdNbFF3TURvd01Eb3dNRm9LYVdRNklEY3pPR1prWWpVM0xXRXhZbVV0TkRZM015MWhabUV3TFRobFlUUmtZVFZrTnpnd01RcHZkMjVsY2pvZ1NrWnliMmNnVkVWVFZBcHdjbTl3WlhKMGFXVnpPaUI3ZlFwemFXZHVZWFIxY21VNklHNTFiR3dLZEhKcFlXdzZJSFJ5ZFdVS2RIbHdaVG9nVkZKSlFVd0tkbUZzYVdSR2NtOXRPaUF5TURJd0xUQXhMVEF5VkRJeE9qQXdPalE1TGpBM09Wb0sKICAgIHNpZ25hdHVyZTogYytEdkJWNXdiRlRnUEFxT0VFWDU0S3IwQWlMWUVNNTJuRHNUcGI4OHNXdmIxTGl1YlRvdXA0NXNMVU9aTnZvVlFuM2szREw4MTFQdHU1WUM5T3dVNXdTNDVkTkQrZHNLREN3eTE4T0c3SU05ZHZ6bml2RU5mb2xsL2VFMTNtazZVS0RLQmhXUkxlYjVvM0tIbkZGRTRTZ004UVNRNGFsWnA5cjA3aUJTUVRrVkxPVnliTUJtSFpkMVJlSmUwcTN0TXZGUVNFNTJHU3FzaURkZ0lVQTVjL1lUQVVnclRoc1lCRVpJQmJCTXVITnNSay9rZHRobmRHWitsQnB0bzlHR25HQ3EzZ0lOQU94Q2tHSnlvMWpGK28xMi9tR3Q1NnVocXVJN2s3SzMzMUpvMGl1L2VWWkxOWEtGNjl5OEE2K0dyMnVheExEajQwaGYwU0pHZ3FESVdBPT0KdmVyc2lvbjogMQo= -# secondary: -# hosts: -# 54.160.107.157: -# 35.153.79.44: -# vars: -# artifactory_is_primary: false diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.travis.yml deleted file mode 100644 index 0a639b7..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.travis.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -language: python -services: docker - -env: - global: - - ROLE_NAME: java - matrix: - - MOLECULE_DISTRO: centos8 - - MOLECULE_DISTRO: centos7 - - MOLECULE_DISTRO: centos6 - - MOLECULE_DISTRO: fedora31 - - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: ubuntu1604 - - MOLECULE_DISTRO: debian10 - - MOLECULE_DISTRO: debian9 - -install: - # Install test dependencies. - - pip install molecule yamllint ansible-lint docker - -before_script: - # Use actual Ansible Galaxy role name for the project directory. - - cd ../ - - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME - - cd geerlingguy.$ROLE_NAME - -script: - # Run tests. - - molecule test - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.yamllint b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.yamllint deleted file mode 100644 index a3dbc38..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/.yamllint +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 120 - level: warning diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/defaults/main.yml deleted file mode 100644 index 3f51462..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/defaults/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# Set java_packages if you would like to use a different version than the -# default for the OS (see defaults per OS in `vars` directory). -# java_packages: [] - -java_home: "" diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/meta/main.yml deleted file mode 100644 index 20b9f75..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/meta/main.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - role_name: java - author: geerlingguy - description: Java for Linux - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 2.4 - platforms: - - name: EL - versions: - - 6 - - 7 - - 8 - - name: Fedora - versions: - - all - - name: Debian - versions: - - wheezy - - jessie - - stretch - - buster - - name: Ubuntu - versions: - - precise - - trusty - - xenial - - bionic - - name: FreeBSD - versions: - - 10.2 - galaxy_tags: - - development - - system - - web - - java - - jdk - - openjdk - - oracle diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/main.yml deleted file mode 100644 index b2a6ded..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/main.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -- name: Include OS-specific variables for Fedora or FreeBSD. - include_vars: "{{ ansible_distribution }}.yml" - when: ansible_distribution == 'FreeBSD' or ansible_distribution == 'Fedora' - -- name: Include version-specific variables for CentOS/RHEL. - include_vars: "RedHat-{{ ansible_distribution_version.split('.')[0] }}.yml" - when: ansible_distribution == 'CentOS' or - ansible_distribution == 'Red Hat Enterprise Linux' or - ansible_distribution == 'RedHat' - -- name: Include version-specific variables for Ubuntu. - include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_version.split('.')[0] }}.yml" - when: ansible_distribution == 'Ubuntu' - -- name: Include version-specific variables for Debian. - include_vars: "{{ ansible_distribution|title }}-{{ ansible_distribution_version.split('.')[0] }}.yml" - when: ansible_os_family == 'Debian' - -- name: Define java_packages. - set_fact: - java_packages: "{{ __java_packages | list }}" - when: java_packages is not defined - -# Setup/install tasks. -- include_tasks: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- include_tasks: setup-Debian.yml - when: ansible_os_family == 'Debian' - -- include_tasks: setup-FreeBSD.yml - when: ansible_os_family == 'FreeBSD' - -# Environment setup. -- name: Set JAVA_HOME if configured. - template: - src: java_home.sh.j2 - dest: /etc/profile.d/java_home.sh - mode: 0644 - when: java_home is defined and java_home diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml deleted file mode 100644 index ac77b7a..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-Debian.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199 and -# https://github.com/geerlingguy/ansible-role-java/issues/64 -- name: Ensure 'man' directory exists. - file: - path: /usr/share/man/man1 - state: directory - recurse: true - when: - - ansible_distribution == 'Ubuntu' - - ansible_distribution_version == '18.04' - -- name: Ensure Java is installed. - apt: - update_cache: yes - name: "{{ java_packages }}" - state: present - become: true diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-FreeBSD.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-FreeBSD.yml deleted file mode 100644 index ca356b3..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-FreeBSD.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Ensure Java is installed. - pkgng: - name: "{{ java_packages }}" - state: present - become: true - -- name: ensure proc is mounted - mount: name=/proc fstype=procfs src=proc opts=rw state=mounted - -- name: ensure fdesc is mounted - mount: name=/dev/fd fstype=fdescfs src=fdesc opts=rw state=mounted diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-RedHat.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-RedHat.yml deleted file mode 100644 index cdd912d..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/tasks/setup-RedHat.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Ensure Java is installed. - package: - name: "{{ java_packages }}" - state: present - become: true diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/templates/java_home.sh.j2 b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/templates/java_home.sh.j2 deleted file mode 100644 index 4859c4a..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/templates/java_home.sh.j2 +++ /dev/null @@ -1 +0,0 @@ -export JAVA_HOME={{ java_home }} diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-10.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-10.yml deleted file mode 100644 index bd058c2..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-10.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-11-jdk -__java_packages: - - openjdk-11-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-8.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-8.yml deleted file mode 100644 index 8d620e4..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-8.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-6-jdk -# - openjdk-7-jdk -__java_packages: - - openjdk-7-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-9.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-9.yml deleted file mode 100644 index 17e49bf..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Debian-9.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-8-jdk -__java_packages: - - openjdk-8-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Fedora.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Fedora.yml deleted file mode 100644 index 47c5a01..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Fedora.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# JDK version options include: -# - java -# - java-1.8.0-openjdk -__java_packages: - - java-1.8.0-openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/FreeBSD.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/FreeBSD.yml deleted file mode 100644 index 0d712eb..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/FreeBSD.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options for FreeBSD include: -# - openjdk -# - openjdk6 -# - openjdk8 -__java_packages: - - openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-6.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-6.yml deleted file mode 100644 index 70694b7..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-6.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - java-1.6.0-openjdk -# - java-1.7.0-openjdk -__java_packages: - - java-1.7.0-openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-7.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-7.yml deleted file mode 100644 index 64db579..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-7.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# JDK version options include: -# - java -# - java-1.6.0-openjdk -# - java-1.7.0-openjdk -# - java-1.8.0-openjdk -__java_packages: - - java-1.8.0-openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-8.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-8.yml deleted file mode 100644 index d49b6f4..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/RedHat-8.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java-1.8.0-openjdk -# - java-11-openjdk -# - java-latest-openjdk -__java_packages: - - java-11-openjdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-12.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-12.yml deleted file mode 100644 index 8d620e4..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-12.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-6-jdk -# - openjdk-7-jdk -__java_packages: - - openjdk-7-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-14.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-14.yml deleted file mode 100644 index 8d620e4..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-14.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-6-jdk -# - openjdk-7-jdk -__java_packages: - - openjdk-7-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-16.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-16.yml deleted file mode 100644 index 0a0bd82..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-16.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-8-jdk -# - openjdk-9-jdk -__java_packages: - - openjdk-8-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-18.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-18.yml deleted file mode 100644 index bd058c2..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-java/vars/Ubuntu-18.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-11-jdk -__java_packages: - - openjdk-11-jdk diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml deleted file mode 100644 index 86ad0fd..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -artifactory_tar: https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz -artifactory_home: "{{ artifactory_download_directory }}/artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}" - -artifactory_user: artifactory -artifactory_group: artifactory - -# Set the parameters required for the service. -service_list: - - name: artifactory - description: Start script for Artifactory - start_command: "{{ artifactory_home }}/bin/artifactory.sh start" - stop_command: "{{ artifactory_home }}/bin/artifactory.sh stop" - type: forking - status_pattern: artifactory - user_name: "{{ artifactory_user }}" - group_name: "{{ artifactory_group }}" diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/README.md b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/README.md deleted file mode 100644 index 225dd44..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/defaults/main.yml deleted file mode 100644 index 6667258..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# defaults file for xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/handlers/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/handlers/main.yml deleted file mode 100644 index 2770023..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tasks/main.yml deleted file mode 100644 index c76e6e4..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# tasks file for xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/test.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/test.yml deleted file mode 100644 index 642a7c9..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/vars/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/vars/main.yml deleted file mode 100644 index 10cff70..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for xray-postgres \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/.travis.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/.travis.yml deleted file mode 100644 index 36bbf62..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/.travis.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -language: python -python: "2.7" - -# Use the new container infrastructure -sudo: false - -# Install ansible -addons: - apt: - packages: - - python-pip - -install: - # Install ansible - - pip install ansible - - # Check ansible version - - ansible --version - - # Create ansible.cfg with correct roles_path - - printf '[defaults]\nroles_path=../' >ansible.cfg - -script: - # Basic role syntax check - - ansible-playbook tests/test.yml -i tests/inventory --syntax-check - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/README.md b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/README.md deleted file mode 100644 index 225dd44..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/defaults/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/defaults/main.yml deleted file mode 100644 index 8e55c59..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# defaults file for xray \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/meta/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/meta/main.yml deleted file mode 100644 index 227ad9c..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/meta/main.yml +++ /dev/null @@ -1,53 +0,0 @@ -galaxy_info: - author: your name - description: your role description - company: your company (optional) - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - # issue_tracker_url: http://example.com/issue/tracker - - # Choose a valid license ID from https://spdx.org - some suggested licenses: - # - BSD-3-Clause (default) - # - MIT - # - GPL-2.0-or-later - # - GPL-3.0-only - # - Apache-2.0 - # - CC-BY-4.0 - license: license (GPL-2.0-or-later, MIT, etc) - - min_ansible_version: 2.9 - - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - # - # Provide a list of supported platforms, and for each platform a list of versions. - # If you don't wish to enumerate all versions for a particular platform, use 'all'. - # To view available platforms and versions (or releases), visit: - # https://galaxy.ansible.com/api/v1/platforms/ - # - # platforms: - # - name: Fedora - # versions: - # - all - # - 25 - # - name: SomePlatform - # versions: - # - all - # - 1.0 - # - 7 - # - 99.99 - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. - \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tasks/main.yml b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tasks/main.yml deleted file mode 100644 index cf85f8b..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# tasks file for xray \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/inventory b/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/Ansible/artifactory7/rt7provision.yml b/Ansible/artifactory7/rt7provision.yml deleted file mode 100644 index 8acff9e..0000000 --- a/Ansible/artifactory7/rt7provision.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- hosts: database - gather_facts: true - roles: - - jfrog/rt7ansible/roles/artifactory-postgres - -- hosts: primary:secondary - gather_facts: true - roles: - - jfrog/rt7ansible/roles/artifactory - - jfrog/rt7ansible/roles/artifactory-nginx-ssl \ No newline at end of file diff --git a/Ansible/awsPipelines.yaml b/Ansible/awsPipelines.yaml new file mode 100644 index 0000000..3141c08 --- /dev/null +++ b/Ansible/awsPipelines.yaml @@ -0,0 +1,54 @@ +resources: + - name: ansibleRepo + type: GitRepo + configuration: + gitProvider: jefferyfryGithub + path: jefferyfry/JFrog-Cloud-Installers +pipelines: + - name: ansible_aws_automation_pipeline + steps: + - name: execute_aws_ansible_playbook + type: Bash + configuration: + runtime: + type: image + image: + auto: + language: java + versions: + - "8" + integrations: + - name: ansibleAwsKeys + - name: ansibleEnvVars + - name: ansiblePrivateKey + inputResources: + - name: ansibleRepo + execution: + onStart: + - echo "Executing AWS Ansible playbook..." + onExecute: + - sudo apt-get update + - sudo apt-get install gnupg2 + - sudo apt-get install software-properties-common + - sudo apt-add-repository --yes --update ppa:ansible/ansible + - sudo apt -y --allow-unauthenticated install ansible + - sudo pip install packaging + - sudo pip install boto3 botocore + - cd ../dependencyState/resources/ansibleRepo + - echo 'Setting environment variables...' + - export artifactory_license1="$int_ansibleEnvVars_artifactory_license1" + - export artifactory_license2="$int_ansibleEnvVars_artifactory_license2" + - export artifactory_license3="$int_ansibleEnvVars_artifactory_license3" + - export master_key="$int_ansibleEnvVars_master_key" + - export join_key="$int_ansibleEnvVars_join_key" + - export ssh_public_key_name="$int_ansibleEnvVars_ssh_public_key_name" + - export cfn_template="$int_ansibleEnvVars_cfn_template" + - export stack_name="$int_ansibleEnvVars_stack_name" + - export AWS_ACCESS_KEY_ID="$int_ansibleEnvVars_AWS_ACCESS_KEY_ID" + - export AWS_SECRET_KEY="$int_ansibleEnvVars_AWS_SECRET_KEY" + - printenv + - eval $(ssh-agent -s) + - ssh-add <(echo "$int_ansiblePrivateKey_key") + - ansible-playbook Ansible/test/aws/playbook.yaml + onComplete: + - echo "AWS Ansible playbook complete." \ No newline at end of file diff --git a/Ansible/azurePipelines.yaml b/Ansible/azurePipelines.yaml new file mode 100644 index 0000000..f857fe6 --- /dev/null +++ b/Ansible/azurePipelines.yaml @@ -0,0 +1,57 @@ +resources: + - name: ansibleRepo + type: GitRepo + configuration: + gitProvider: jefferyfryGithub + path: jefferyfry/JFrog-Cloud-Installers +pipelines: + - name: ansible_azure_automation_pipeline + steps: + - name: execute_azure_ansible_playbook + type: Bash + configuration: + runtime: + type: image + image: + auto: + language: java + versions: + - "8" + integrations: + - name: ansibleAzureKeys + - name: ansibleEnvVars + - name: ansiblePrivateKey + inputResources: + - name: ansibleRepo + execution: + onStart: + - echo "Executing Azure Ansible playbook..." + onExecute: + - sudo apt-get update + - sudo apt-get install gnupg2 + - sudo apt-get install software-properties-common + - sudo apt-add-repository --yes --update ppa:ansible/ansible + - sudo apt -y --allow-unauthenticated install ansible + - sudo pip install packaging + - sudo pip install msrestazure + - sudo pip install ansible[azure] + - cd ../dependencyState/resources/ansibleRepo + - echo 'Setting environment variables...' + - export artifactory_license1="$int_ansibleEnvVars_artifactory_license1" + - export artifactory_license2="$int_ansibleEnvVars_artifactory_license2" + - export artifactory_license3="$int_ansibleEnvVars_artifactory_license3" + - export master_key="$int_ansibleEnvVars_master_key" + - export join_key="$int_ansibleEnvVars_join_key" + - export ssh_public_key="$int_ansibleEnvVars_ssh_public_key" + - export arm_template="$int_ansibleEnvVars_arm_template" + - export azure_resource_group="$int_ansibleEnvVars_azure_resource_group" + - export clientId="$int_ansibleAzureKeys_appId" + - export clientSecret="$int_ansibleAzureKeys_password" + - export tenantId="$int_ansibleAzureKeys_tenant" + - printenv + - eval $(ssh-agent -s) + - ssh-add <(echo "$int_ansiblePrivateKey_key") + - az login --service-principal -u "$clientId" -p "$clientSecret" --tenant "$tenantId" + - ansible-playbook Ansible/test/azure/playbook.yaml + onComplete: + - echo "Azure Ansible playbook complete." \ No newline at end of file diff --git a/Ansible/artifactory7/.ansible-lint b/Ansible/collection/.ansible-lint similarity index 100% rename from Ansible/artifactory7/.ansible-lint rename to Ansible/collection/.ansible-lint diff --git a/Ansible/artifactory7/.yamllint b/Ansible/collection/.yamllint similarity index 100% rename from Ansible/artifactory7/.yamllint rename to Ansible/collection/.yamllint diff --git a/Ansible/collection/README.md b/Ansible/collection/README.md new file mode 100644 index 0000000..2ab5fa1 --- /dev/null +++ b/Ansible/collection/README.md @@ -0,0 +1,77 @@ +# Ansible +This repo contains the Ansible collection for JFrog roles. These roles allow you to provision Artifactory for High-Availability using a Primary node and multiple Secondary nodes. Additionally, a Postgresql role is provided for installing an Artifactory Postgresql database. + +## Roles Provided +### artifactory +The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory-nginx to install nginx. + +### artifactory-nginx-ssl +The artifactory-nginx-ssl role installs and configures nginx for SSL. + +### postgres +The postgres role will install Postgresql software and configure a database and user to support an Artifactory or Xray server. + +### xray +The xray role will install Xray software onto the host. An Artifactory server and Postgress database is required. + +## Vars Required +The following Vars must be configured. + +### databsase vars +* db_users: This is a list of database users to create. eg. db_users: - { db_user: "artifactory", db_password: "Art1fAct0ry" } +* dbs: This is the database to create. eg. dbs: - { db_name: "artifactory", db_owner: "artifactory" } + +### artifactory vars +* artifactory_version: The version of Artifactory to install. eg. "7.4.1" +* master_key: This is the Artifactory Master Key. +* join_key: This is the Artifactory Join Key. +* db_download_url: This is the download URL for the JDBC driver for your database. eg. "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" +* db_type: This is the database type. eg. "postgresql" +* db_driver: This is the JDBC driver class. eg. "org.postgresql.Driver" +* db_url: This is the JDBC database url. eg. "jdbc:postgresql://10.0.0.120:5432/artifactory" +* db_user: The database user to configure. eg. "artifactory" +* db_password: The database password to configure. "Art1fact0ry" +* server_name: This is the server name. eg. "artifactory.54.175.51.178.xip.io" + +### primary vars +* artifactory_is_primary: For the primary node this must be set to **true**. +* artifactory_license1 - 5: These are the cluster licenses. + +### secondary vars +* artifactory_is_primary: For the secondary node(s) this must be set to **false**. + +### ssl vars (Used with artifactory-nginx-ssl role) +* certificate: This is the SSL cert. +* certificate_key: This is the SSL private key. + +### xray vars +* xray_version: The version of Artifactory to install. eg. "3.3.0" +* jfrog_url: This is the URL to the Artifactory base URL. eg. "http://ec2-54-237-207-135.compute-1.amazonaws.com" +* master_key: This is the Artifactory Master Key. +* join_key: This is the Artifactory Join Key. +* db_type: This is the database type. eg. "postgresql" +* db_driver: This is the JDBC driver class. eg. "org.postgresql.Driver" +* db_url: This is the database url. eg. "postgres://10.0.0.59:5432/xraydb?sslmode=disable" +* db_user: The database user to configure. eg. "xray" +* db_password: The database password to configure. "xray" + +## Example Inventory and Playbooks +Example playbooks are located in the [project](../project) directory. This directory contains several example inventory and plaaybooks for different Artifactory, HA and Xray architectures. + +## Executing a Playbook +``` +ansible-playbook -i + +eg. + ansible-playbook -i example-playbooks/rt-xray-ha/hosts.yml example-playbooks/rt-xray-ha/playbook.yml +``` + +## Bastion Hosts +In many cases, you may want to run this Ansible collection through a Bastion host to provision JFrog servers. You can include the following Var for a host or group of hosts: + +``` +ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A user@host -W %h:%p"' + +eg. +ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' +``` \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/galaxy.yml b/Ansible/collection/jfrog/ansible/galaxy.yml similarity index 99% rename from Ansible/artifactory7/jfrog/rt7ansible/galaxy.yml rename to Ansible/collection/jfrog/ansible/galaxy.yml index 3bba7ee..2b44148 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/galaxy.yml +++ b/Ansible/collection/jfrog/ansible/galaxy.yml @@ -6,7 +6,7 @@ namespace: jfrog # The name of the collection. Has the same character restrictions as 'namespace' -name: rt7ansible +name: ansible # The version of the collection. Must be compatible with semantic versioning version: 1.0.0 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/plugins/README.md b/Ansible/collection/jfrog/ansible/plugins/README.md similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/plugins/README.md rename to Ansible/collection/jfrog/ansible/plugins/README.md diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/.travis.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/.travis.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/.travis.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/.travis.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/defaults/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/defaults/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/defaults/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/defaults/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/handlers/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/handlers/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/handlers/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/handlers/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/meta/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/meta/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/meta/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/meta/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tasks/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/tasks/main.yml similarity index 88% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tasks/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/tasks/main.yml index c0e955d..ba37c53 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tasks/main.yml +++ b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/tasks/main.yml @@ -7,35 +7,35 @@ owner: root group: root mode: '0755' - become: true + become: yes - name: ensure nginx dir exists file: path: "/var/opt/jfrog/nginx/ssl" state: directory - become: true + become: yes - name: configure certificate template: src: certificate.pem.j2 dest: "/var/opt/jfrog/nginx/ssl/cert.pem" - become: true + become: yes - name: ensure pki exists file: path: "/etc/pki/tls" state: directory - become: true + become: yes - name: configure key template: src: certificate.key.j2 dest: "/etc/pki/tls/cert.key" - become: true + become: yes - name: restart nginx service: name: nginx state: restarted enabled: yes - become: true \ No newline at end of file + become: yes \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/certificate.key.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/templates/certificate.key.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/certificate.key.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/templates/certificate.key.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/inventory b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/tests/inventory similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/inventory rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/tests/inventory diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/test.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/tests/test.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/tests/test.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/tests/test.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/vars/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/vars/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx-ssl/vars/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx-ssl/vars/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/.travis.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/.travis.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/.travis.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/.travis.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/defaults/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/defaults/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/defaults/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/defaults/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/nginx.conf b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/files/nginx.conf similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/files/nginx.conf rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/files/nginx.conf diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/handlers/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/handlers/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/handlers/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/handlers/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/meta/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/meta/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/meta/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/meta/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/main.yml similarity index 78% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/main.yml index 01dce50..5146b14 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tasks/main.yml +++ b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/main.yml @@ -1,10 +1,13 @@ --- -# tasks file for artifactory-nginx - name: install nginx package: name: nginx state: present - become: true + register: package_res + retries: 5 + delay: 60 + become: yes + until: package_res is success - name: configure main nginx conf file. copy: @@ -13,7 +16,7 @@ owner: root group: root mode: '0755' - become: true + become: yes - name: configure the artifactory nginx conf template: @@ -22,11 +25,11 @@ owner: root group: root mode: '0755' - become: true + become: yes - name: restart nginx service: name: nginx state: restarted enabled: yes - become: true \ No newline at end of file + become: yes diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/templates/artifactory.conf.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/templates/artifactory.conf.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/templates/artifactory.conf.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/templates/artifactory.conf.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/inventory b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tests/inventory similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/inventory rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tests/inventory diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/test.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tests/test.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/tests/test.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tests/test.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/vars/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/vars/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-nginx/vars/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory-nginx/vars/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/.travis.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/.travis.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/.travis.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory/.travis.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/defaults/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/defaults/main.yml similarity index 55% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/defaults/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory/defaults/main.yml index 02e5cc3..dd8cac9 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/defaults/main.yml +++ b/Ansible/collection/jfrog/ansible/roles/artifactory/defaults/main.yml @@ -6,11 +6,18 @@ ansible_marketplace: standalone # The version of Artifactory to install artifactory_version: 7.4.1 +# licenses +artifactory_license1: +artifactory_license2: +artifactory_license3: +artifactory_license4: +artifactory_license5: + # whether to enable HA artifactory_ha_enabled: true # value for whether a host is primary. this should be set in host vars -artifactory_is_primary: false +artifactory_is_primary: true # The location where Artifactory should install. artifactory_download_directory: /opt/jfrog @@ -24,6 +31,21 @@ artifactory_file_store_dir: /data # https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz artifactory_flavour: pro -java_version: java-1.8.0 - extra_java_opts: -server -Xms2g -Xmx14g -Xss256k -XX:+UseG1GC + +artifactory_tar: https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz +artifactory_home: "{{ artifactory_download_directory }}/artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}" + +artifactory_user: artifactory +artifactory_group: artifactory + +# Set the parameters required for the service. +service_list: + - name: artifactory + description: Start script for Artifactory + start_command: "{{ artifactory_home }}/bin/artifactory.sh start" + stop_command: "{{ artifactory_home }}/bin/artifactory.sh stop" + type: forking + status_pattern: artifactory + user_name: "{{ artifactory_user }}" + group_name: "{{ artifactory_group }}" diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/handlers/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/handlers/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/handlers/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory/handlers/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/exception.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/meta/exception.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/exception.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory/meta/exception.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/meta/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory/meta/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/preferences.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/meta/preferences.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/preferences.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory/meta/preferences.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/version.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/meta/version.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/version.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory/meta/version.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/tasks/main.yml similarity index 84% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml rename to Ansible/collection/jfrog/ansible/roles/artifactory/tasks/main.yml index 2568e2d..a23a047 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml +++ b/Ansible/collection/jfrog/ansible/roles/artifactory/tasks/main.yml @@ -1,9 +1,5 @@ --- # tasks file for artifactory -- name: install java - include_role: - name: artifactory-java - - name: install nginx include_role: name: artifactory-nginx @@ -12,20 +8,20 @@ group: name: "{{ artifactory_group }}" state: present - become: true + become: yes - name: create user for artifactory user: name: "{{ artifactory_user }}" group: "{{ artifactory_group }}" system: yes - become: true + become: yes - name: ensure artifactory_download_directory exists file: path: "{{ artifactory_download_directory }}" state: directory - become: true + become: yes - name: download artifactory unarchive: @@ -35,7 +31,7 @@ owner: "{{ artifactory_user }}" group: "{{ artifactory_group }}" creates: "{{ artifactory_home }}" - become: true + become: yes register: downloadartifactory until: downloadartifactory is succeeded retries: 3 @@ -46,33 +42,41 @@ state: directory owner: "{{ artifactory_user }}" group: "{{ artifactory_group }}" - become: true + become: yes - name: ensure etc exists file: - path: "{{ artifactory_home }}/etc" + path: "{{ artifactory_home }}/var/etc" state: directory owner: "{{ artifactory_user }}" group: "{{ artifactory_group }}" - become: true + become: yes - name: configure system yaml template: src: system.yaml.j2 dest: "{{ artifactory_home }}/var/etc/system.yaml" - become: true + become: yes + +- name: ensure {{ artifactory_home }}/var/etc/security/ exists + file: + path: "{{ artifactory_home }}/var/etc/security/" + state: directory + owner: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + become: yes - name: configure master key template: src: master.key.j2 dest: "{{ artifactory_home }}/var/etc/security/master.key" - become: true + become: yes - name: configure join key template: src: join.key.j2 dest: "{{ artifactory_home }}/var/etc/security/join.key" - become: true + become: yes - name: ensure {{ artifactory_home }}/var/etc/info/ exists file: @@ -80,25 +84,25 @@ state: directory owner: "{{ artifactory_user }}" group: "{{ artifactory_group }}" - become: true + become: yes - name: configure installer info template: src: installer-info.json.j2 dest: "{{ artifactory_home }}/var/etc/info/installer-info.json" - become: true + become: yes - name: configure binary store template: src: binarystore.xml.j2 dest: "{{ artifactory_home }}/var/etc/binarystore.xml" - become: true + become: yes - name: configure cluster license template: src: artifactory.cluster.license.j2 dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license" - become: true + become: yes when: artifactory_is_primary == true - name: download database driver @@ -107,17 +111,17 @@ dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib" owner: "{{ artifactory_user }}" group: "{{ artifactory_group }}" - become: true + become: yes - name: create artifactory service shell: "{{ artifactory_home }}/app/bin/installService.sh" - become: true + become: yes - name: start and enable the primary node service: name: artifactory - state: started - become: true + state: restarted + become: yes when: artifactory_is_primary == true - name: random wait before restarting to prevent secondary nodes from hitting DB first @@ -128,6 +132,6 @@ - name: start and enable the secondary nodes service: name: artifactory - state: started - become: true + state: restarted + become: yes when: artifactory_is_primary == false diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.cluster.license.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory/templates/artifactory.cluster.license.j2 similarity index 78% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.cluster.license.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory/templates/artifactory.cluster.license.j2 index 54c879a..3f674f6 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.cluster.license.j2 +++ b/Ansible/collection/jfrog/ansible/roles/artifactory/templates/artifactory.cluster.license.j2 @@ -19,8 +19,13 @@ {% endif %} {% if artifactory_license4 %} - {% if artifactory_license4|length %} {{ artifactory_license4 }} {% endif %} -{% endif %} \ No newline at end of file +{% endif %} +{% if artifactory_license5 %} + +{% if artifactory_license5|length %} +{{ artifactory_license5 }} +{% endif %} +{% endif %} diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/binarystore.xml.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory/templates/binarystore.xml.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/binarystore.xml.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory/templates/binarystore.xml.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/installer-info.json.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory/templates/installer-info.json.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/installer-info.json.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory/templates/installer-info.json.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/join.key.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory/templates/join.key.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/join.key.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory/templates/join.key.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/master.key.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory/templates/master.key.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/master.key.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory/templates/master.key.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/system.yaml.j2 b/Ansible/collection/jfrog/ansible/roles/artifactory/templates/system.yaml.j2 similarity index 96% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/system.yaml.j2 rename to Ansible/collection/jfrog/ansible/roles/artifactory/templates/system.yaml.j2 index 5b30963..419a0c3 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/system.yaml.j2 +++ b/Ansible/collection/jfrog/ansible/roles/artifactory/templates/system.yaml.j2 @@ -23,7 +23,7 @@ shared: primary: {{ artifactory_is_primary }} ## Sets this node as part of HA installation - haEnabled: {{ true }} + haEnabled: {{ artifactory_ha_enabled }} ## Database Configuration database: diff --git a/Ansible/collection/jfrog/ansible/roles/artifactory/vars/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory/vars/main.yml new file mode 100644 index 0000000..cd21505 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/artifactory/vars/main.yml @@ -0,0 +1,2 @@ +--- + diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/.travis.yml b/Ansible/collection/jfrog/ansible/roles/postgres/.travis.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/.travis.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/.travis.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/defaults/main.yml b/Ansible/collection/jfrog/ansible/roles/postgres/defaults/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/defaults/main.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/defaults/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/handlers/main.yml b/Ansible/collection/jfrog/ansible/roles/postgres/handlers/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/handlers/main.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/handlers/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/meta/main.yml b/Ansible/collection/jfrog/ansible/roles/postgres/meta/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/meta/main.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/meta/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/Debian.yml b/Ansible/collection/jfrog/ansible/roles/postgres/tasks/Debian.yml similarity index 70% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/Debian.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/tasks/Debian.yml index 7ab9455..611332e 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/Debian.yml +++ b/Ansible/collection/jfrog/ansible/roles/postgres/tasks/Debian.yml @@ -1,27 +1,29 @@ --- +- name: install python2 psycopg2 + apt: + name: python-psycopg2 + update_cache: yes + become: yes -- name: install ansible-related package - yum: - name: - - python3-psycopg2 - - sudo - - wget - state: present - become: True +- name: install python3 psycopg2 + apt: + name: python3-psycopg2 + update_cache: yes + become: yes - name: add postgres apt key apt_key: url: https://www.postgresql.org/media/keys/ACCC4CF8.asc id: "0x7FCC7D46ACCC4CF8" state: present - become: True + become: yes - name: register APT repository apt_repository: repo: deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main state: present filename: pgdg - become: True + become: yes - name: install postgres packages apt: @@ -30,4 +32,4 @@ - postgresql-server-dev-{{ postgres_server_version }} - postgresql-contrib-{{ postgres_server_version }} state: present - become: True + become: yes diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/RedHat.yml b/Ansible/collection/jfrog/ansible/roles/postgres/tasks/RedHat.yml similarity index 88% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/RedHat.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/tasks/RedHat.yml index 4be0aed..a30eba9 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/RedHat.yml +++ b/Ansible/collection/jfrog/ansible/roles/postgres/tasks/RedHat.yml @@ -5,9 +5,9 @@ when: > # not for Fedora ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux' - become: True + become: yes -- name: install ansible-related package +- name: install python2 psycopg2 yum: name: - python-psycopg2 @@ -15,7 +15,15 @@ - wget - perl state: present - become: True + +- name: install python3 psycopg2 + yum: + name: + - python3-psycopg2 + - sudo + - wget + - perl + state: present - name: fixup some locale issues lineinfile: @@ -52,7 +60,7 @@ yum: name: "{{ base }}/{{ postgres_server_version }}/redhat/rhel-{{ ver }}-x86_64/{{ latest_version.stdout }}" state: present - become: True + become: yes - name: install postgres packages yum: @@ -61,4 +69,4 @@ - postgresql{{ postgres_server_pkg_version }}-contrib - postgresql{{ postgres_server_pkg_version }}-devel state: present - become: True + become: yes diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/main.yml b/Ansible/collection/jfrog/ansible/roles/postgres/tasks/main.yml similarity index 72% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/main.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/tasks/main.yml index 4fad4e1..c267ba9 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/tasks/main.yml +++ b/Ansible/collection/jfrog/ansible/roles/postgres/tasks/main.yml @@ -2,23 +2,11 @@ - name: define distribution-specific variables include_vars: "{{ ansible_os_family }}.yml" -#- name: define postgres version-specific variables -# include_vars: "{{ lookup('first_found', params) }}" -# vars: -# params: -# files: -# - "{{ ansible_os_family }}_pg-{{ postgres_server_version }}.yml" -# - "{{ ansible_os_family }}_pg-default.yml" -# paths: -# - "vars" -# skip: true -# ignore_errors: true - - name: create directory for bind mount if necessary file: path: "{{ postgres_server_bind_mount_var_lib_pgsql_target }}" state: directory - become: true + become: yes when: postgres_server_bind_mount_var_lib_pgsql @@ -29,7 +17,7 @@ opts: bind state: mounted fstype: none - become: true + become: yes when: postgres_server_bind_mount_var_lib_pgsql - name: perform installation @@ -40,7 +28,7 @@ dest: /etc/profile.d/postgres-path.sh mode: a=rx content: "export PATH=$PATH:/usr/pgsql-{{ postgres_server_version }}/bin" - become: true + become: yes - name: initialize PostgreSQL database cluster environment: @@ -71,37 +59,47 @@ name: "{{ postgres_server_service_name }}" state: started enabled: yes - become: true + become: yes -- name: Create artifactory users +- name: Hold until Postgresql is up and running + wait_for: + port: 5432 + +- name: Create users become_user: postgres - become: true + become: yes postgresql_user: - name: "{{ db_user }}" - password: "{{ db_password }}" + name: "{{ item.db_user }}" + password: "{{ item.db_password }}" conn_limit: "-1" + loop: "{{ db_users|default([]) }}" no_log: true # secret passwords -- name: Create a artifactory database +- name: Create a database become_user: postgres - become: true + become: yes postgresql_db: - name: artifactory - owner: "{{ db_user }}" + name: "{{ item.db_name }}" + owner: "{{ item.db_owner }}" encoding: UTF-8 + loop: "{{ dbs|default([]) }}" -- name: Grant privs to artifactory on artifactory db +- name: Grant privs on db become_user: postgres - become: true + become: yes postgresql_privs: - database: artifactory - role: artifactory + database: "{{ item.db_name }}" + role: "{{ item.db_owner }}" state: present privs: ALL type: database + loop: "{{ dbs|default([]) }}" - name: restart postgres service: name: "{{ postgres_server_service_name }}" state: restarted - become: true \ No newline at end of file + become: yes + +- debug: + msg: "Restarted postgres service {{ postgres_server_service_name }}" \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/pg_hba.conf.j2 b/Ansible/collection/jfrog/ansible/roles/postgres/templates/pg_hba.conf.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/pg_hba.conf.j2 rename to Ansible/collection/jfrog/ansible/roles/postgres/templates/pg_hba.conf.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/postgresql.conf.j2 b/Ansible/collection/jfrog/ansible/roles/postgres/templates/postgresql.conf.j2 similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/templates/postgresql.conf.j2 rename to Ansible/collection/jfrog/ansible/roles/postgres/templates/postgresql.conf.j2 diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/Debian.yml b/Ansible/collection/jfrog/ansible/roles/postgres/vars/Debian.yml similarity index 95% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/Debian.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/vars/Debian.yml index 7317089..1c1a7f4 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/Debian.yml +++ b/Ansible/collection/jfrog/ansible/roles/postgres/vars/Debian.yml @@ -1,7 +1,7 @@ --- postgres_server_cmd_initdb: /usr/lib/postgresql/{{ postgres_server_version }}/bin/initdb -D -postgres_server_initdb_become: True +postgres_server_initdb_become: yes postgres_server_data_location: /var/lib/postgresql/{{ postgres_server_version }}/main postgres_server_config_location: /etc/postgresql/{{ postgres_server_version }}/main postgres_server_service_name: postgresql@{{ postgres_server_version }}-main diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat.yml b/Ansible/collection/jfrog/ansible/roles/postgres/vars/RedHat.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/vars/RedHat.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-9.6.yml b/Ansible/collection/jfrog/ansible/roles/postgres/vars/RedHat_pg-9.6.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-9.6.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/vars/RedHat_pg-9.6.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-default.yml b/Ansible/collection/jfrog/ansible/roles/postgres/vars/RedHat_pg-default.yml similarity index 79% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-default.yml rename to Ansible/collection/jfrog/ansible/roles/postgres/vars/RedHat_pg-default.yml index 337fd62..3d974c2 100644 --- a/Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory-postgres/vars/RedHat_pg-default.yml +++ b/Ansible/collection/jfrog/ansible/roles/postgres/vars/RedHat_pg-default.yml @@ -1,4 +1,4 @@ --- postgres_server_cmd_initdb: /usr/pgsql-{{ postgres_server_version }}/bin/initdb -D /var/lib/pgsql/{{ postgres_server_version }}/data -postgres_server_initdb_become: true +postgres_server_initdb_become: yes diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/.travis.yml b/Ansible/collection/jfrog/ansible/roles/xray/.travis.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/.travis.yml rename to Ansible/collection/jfrog/ansible/roles/xray/.travis.yml diff --git a/Ansible/collection/jfrog/ansible/roles/xray/defaults/main.yml b/Ansible/collection/jfrog/ansible/roles/xray/defaults/main.yml new file mode 100644 index 0000000..b8aad42 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/xray/defaults/main.yml @@ -0,0 +1,23 @@ +--- +# defaults file for xray +# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) +ansible_marketplace: standalone + +# The version of xray to install +xray_version: 3.3.0 + +# whether to enable HA +xray_ha_enabled: true + +# The location where xray should install. +xray_download_directory: /opt/jfrog + +# The remote xray download file +xray_tar: https://bintray.com/standAloneDownload/downloadArtifact?agree=true&artifactPath=/jfrog/jfrog-xray/xray-linux/{{ xray_version }}/jfrog-xray-{{ xray_version }}-linux.tar.gz&callback_id=anonymous&product=xray + +#The xray install directory +xray_home: "{{ xray_download_directory }}/jfrog-xray-{{ xray_version }}-linux" + +#xray users and groups +xray_user: xray +xray_group: xray diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/handlers/main.yml b/Ansible/collection/jfrog/ansible/roles/xray/handlers/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/xray/handlers/main.yml rename to Ansible/collection/jfrog/ansible/roles/xray/handlers/main.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/meta/main.yml b/Ansible/collection/jfrog/ansible/roles/xray/meta/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/meta/main.yml rename to Ansible/collection/jfrog/ansible/roles/xray/meta/main.yml diff --git a/Ansible/collection/jfrog/ansible/roles/xray/tasks/Debian.yml b/Ansible/collection/jfrog/ansible/roles/xray/tasks/Debian.yml new file mode 100644 index 0000000..420c2d0 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/xray/tasks/Debian.yml @@ -0,0 +1,37 @@ +--- +- name: Install db5.3-util + apt: + deb: "{{ xray_home }}/app/third-party/misc/db5.3-util_5.3.28-3ubuntu3_amd64.deb" + ignore_errors: yes + become: yes + +- name: Install db-util + apt: + deb: "{{ xray_home }}/app/third-party/misc/db-util_1_3a5.3.21exp1ubuntu1_all.deb" + ignore_errors: yes + become: yes + +- name: Install libssl + apt: + deb: "{{ xray_home }}/app/third-party/rabbitmq/libssl1.1_1.1.0j-1_deb9u1_amd64.deb" + ignore_errors: yes + become: yes + +- name: Install socat + apt: + deb: "{{ xray_home }}/app/third-party/rabbitmq/socat_1.7.3.1-2+deb9u1_amd64.deb" + become: yes + +- name: Install libwxbase3.0-0v5 + apt: + name: libwxbase3.0-0v5 + update_cache: yes + state: present + ignore_errors: yes + become: yes + +- name: Install erlang + apt: + deb: "{{ xray_home }}/app/third-party/rabbitmq/esl-erlang_21.2.1-1~ubuntu~xenial_amd64.deb" + become: yes + diff --git a/Ansible/collection/jfrog/ansible/roles/xray/tasks/RedHat.yml b/Ansible/collection/jfrog/ansible/roles/xray/tasks/RedHat.yml new file mode 100644 index 0000000..8d24eb7 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/xray/tasks/RedHat.yml @@ -0,0 +1,16 @@ +--- +- name: Install db-utl + yum: + name: "{{ xray_home }}/app/third-party/misc/db4-utils-4.7.25-20.el6_7.x86_64.rpm" + state: present + +- name: Install socat + yum: + name: "{{ xray_home }}/app/third-party/rabbitmq/socat-1.7.3.2-2.el7.x86_64.rpm" + state: present + +- name: Install erlang + yum: + name: "{{ xray_home }}/app/third-party/rabbitmq/erlang-21.1.4-1.el7.centos.x86_64.rpm" + state: present + diff --git a/Ansible/collection/jfrog/ansible/roles/xray/tasks/main.yml b/Ansible/collection/jfrog/ansible/roles/xray/tasks/main.yml new file mode 100644 index 0000000..16810f6 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/xray/tasks/main.yml @@ -0,0 +1,93 @@ +--- +- name: create group for xray + group: + name: "{{ xray_group }}" + state: present + become: yes + +- name: create user for xray + user: + name: "{{ xray_user }}" + group: "{{ xray_group }}" + system: yes + become: yes + +- name: ensure xray_download_directory exists + file: + path: "{{ xray_download_directory }}" + state: directory + become: yes + +- name: download xray + unarchive: + src: "{{ xray_tar }}" + dest: "{{ xray_download_directory }}" + remote_src: yes + owner: "{{ xray_user }}" + group: "{{ xray_group }}" + creates: "{{ xray_home }}" + become: yes + register: downloadxray + until: downloadxray is succeeded + retries: 3 + +- name: perform prerequisite installation + include_tasks: "{{ ansible_os_family }}.yml" + +- name: ensure etc exists + file: + path: "{{ xray_home }}/var/etc" + state: directory + owner: "{{ xray_user }}" + group: "{{ xray_group }}" + become: yes + +- name: configure system yaml + template: + src: system.yaml.j2 + dest: "{{ xray_home }}/var/etc/system.yaml" + become: yes + +- name: ensure {{ xray_home }}/var/etc/security/ exists + file: + path: "{{ xray_home }}/var/etc/security/" + state: directory + owner: "{{ xray_user }}" + group: "{{ xray_group }}" + become: yes + +- name: configure master key + template: + src: master.key.j2 + dest: "{{ xray_home }}/var/etc/security/master.key" + become: yes + +- name: configure join key + template: + src: join.key.j2 + dest: "{{ xray_home }}/var/etc/security/join.key" + become: yes + +- name: ensure {{ xray_home }}/var/etc/info/ exists + file: + path: "{{ xray_home }}/var/etc/info/" + state: directory + owner: "{{ xray_user }}" + group: "{{ xray_group }}" + become: yes + +- name: configure installer info + template: + src: installer-info.json.j2 + dest: "{{ xray_home }}/var/etc/info/installer-info.json" + become: yes + +- name: create xray service + shell: "{{ xray_home }}/app/bin/installService.sh" + become: yes + +- name: start and enable xray + service: + name: xray + state: restarted + become: yes \ No newline at end of file diff --git a/Ansible/collection/jfrog/ansible/roles/xray/templates/installer-info.json.j2 b/Ansible/collection/jfrog/ansible/roles/xray/templates/installer-info.json.j2 new file mode 100644 index 0000000..35bf1d0 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/xray/templates/installer-info.json.j2 @@ -0,0 +1,8 @@ +{ + "productId": "Ansible_{{ ansible_marketplace }}_xray-{{xray_version}}/1.0.0", + "features": [ + { + "featureId": "Partner/ACC-006973" + } + ] +} \ No newline at end of file diff --git a/Ansible/collection/jfrog/ansible/roles/xray/templates/join.key.j2 b/Ansible/collection/jfrog/ansible/roles/xray/templates/join.key.j2 new file mode 100644 index 0000000..17d05d2 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/xray/templates/join.key.j2 @@ -0,0 +1 @@ +{{ join_key }} \ No newline at end of file diff --git a/Ansible/collection/jfrog/ansible/roles/xray/templates/master.key.j2 b/Ansible/collection/jfrog/ansible/roles/xray/templates/master.key.j2 new file mode 100644 index 0000000..0462a64 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/xray/templates/master.key.j2 @@ -0,0 +1 @@ +{{ master_key }} \ No newline at end of file diff --git a/Ansible/collection/jfrog/ansible/roles/xray/templates/system.yaml.j2 b/Ansible/collection/jfrog/ansible/roles/xray/templates/system.yaml.j2 new file mode 100644 index 0000000..206eb77 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/xray/templates/system.yaml.j2 @@ -0,0 +1,36 @@ +## @formatter:off +## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE +## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character. +configVersion: 1 + +## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products. +## Replace JFROG_HOME with the real path! For example, in RPM install, JFROG_HOME=/opt/jfrog + +## NOTE: Sensitive information such as passwords and join key are encrypted on first read. +## NOTE: The provided commented key and value is the default. + +## SHARED CONFIGURATIONS +## A shared section for keys across all services in this config +shared: + ## Base URL of the JFrog Platform Deployment (JPD) + ## This is the URL to the machine where JFrog Artifactory is deployed, or the load balancer pointing to it. It is recommended to use DNS names rather than direct IPs. + ## Examples: "http://jfrog.acme.com" or "http://10.20.30.40:8082" + jfrogUrl: {{ jfrog_url }} + + ## Node Settings + node: + ## A unique id to identify this node. + ## Default: auto generated at startup. + id: {{ ansible_machine_id }} + + ## Database Configuration + database: + ## One of: mysql, oracle, mssql, postgresql, mariadb + ## Default: Embedded derby + + ## Example for mysql/postgresql + type: "{{ db_type }}" + driver: "{{ db_driver }}" + url: "{{ db_url }}" + username: "{{ db_user }}" + password: "{{ db_password }}" \ No newline at end of file diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/inventory b/Ansible/collection/jfrog/ansible/roles/xray/tests/inventory similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/xray-postgres/tests/inventory rename to Ansible/collection/jfrog/ansible/roles/xray/tests/inventory diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/test.yml b/Ansible/collection/jfrog/ansible/roles/xray/tests/test.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/xray/tests/test.yml rename to Ansible/collection/jfrog/ansible/roles/xray/tests/test.yml diff --git a/Ansible/artifactory7/jfrog/rt7ansible/roles/xray/vars/main.yml b/Ansible/collection/jfrog/ansible/roles/xray/vars/main.yml similarity index 100% rename from Ansible/artifactory7/jfrog/rt7ansible/roles/xray/vars/main.yml rename to Ansible/collection/jfrog/ansible/roles/xray/vars/main.yml diff --git a/Ansible/infra/aws/lb-rt-xray-ha.json b/Ansible/infra/aws/lb-rt-xray-ha.json new file mode 100644 index 0000000..867e1df --- /dev/null +++ b/Ansible/infra/aws/lb-rt-xray-ha.json @@ -0,0 +1,769 @@ +{ + "Description": "This template deploys a VPC, with a pair of public and private subnets spread across two Availability Zones. It deploys an internet gateway, with a default route on the public subnets. It deploys a pair of NAT gateways (one in each AZ), and default routes for them in the private subnets.", + "Parameters": { + "SSHKeyName": { + "Description": "Name of the ec2 key you need one to use this template", + "Type": "AWS::EC2::KeyPair::KeyName", + "Default": "choose-key" + }, + "EnvironmentName": { + "Description": "An environment name that is prefixed to resource names", + "Type": "String", + "Default": "Ansible" + }, + "VpcCIDR": { + "Description": "Please enter the IP range (CIDR notation) for this VPC", + "Type": "String", + "Default": "10.192.0.0/16" + }, + "PublicSubnet1CIDR": { + "Description": "Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone", + "Type": "String", + "Default": "10.192.10.0/24" + }, + "PublicSubnet2CIDR": { + "Description": "Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone", + "Type": "String", + "Default": "10.192.11.0/24" + }, + "PrivateSubnet1CIDR": { + "Description": "Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone", + "Type": "String", + "Default": "10.192.20.0/24" + }, + "PrivateSubnet2CIDR": { + "Description": "Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone", + "Type": "String", + "Default": "10.192.21.0/24" + } + }, + "Mappings": { + "RegionToAmazonAMI": { + "us-east-1": { + "HVM64": "ami-03e33c1cefd1d3d74" + }, + "us-east-2": { + "HVM64": "ami-07d9419c80dc1113c" + }, + "us-west-1": { + "HVM64": "ami-0ee1a20d6b0c6a347" + }, + "us-west-2": { + "HVM64": "ami-0813245c0939ab3ca" + } + } + }, + "Resources": { + "VPC": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": { + "Ref": "VpcCIDR" + }, + "EnableDnsSupport": true, + "EnableDnsHostnames": true, + "Tags": [ + { + "Key": "Name", + "Value": { + "Ref": "EnvironmentName" + } + } + ] + } + }, + "InternetGateway": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": { + "Ref": "EnvironmentName" + } + } + ] + } + }, + "InternetGatewayAttachment": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "InternetGateway" + }, + "VpcId": { + "Ref": "VPC" + } + } + }, + "PublicSubnet1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": { + "Ref": "PublicSubnet1CIDR" + }, + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "Name", + "Value": { + "Fn::Sub": "${EnvironmentName} Public Subnet (AZ1)" + } + } + ] + } + }, + "PublicSubnet2": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": { + "Ref": "PublicSubnet2CIDR" + }, + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "Name", + "Value": { + "Fn::Sub": "${EnvironmentName} Public Subnet (AZ2)" + } + } + ] + } + }, + "PrivateSubnet1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": { + "Ref": "PrivateSubnet1CIDR" + }, + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "Name", + "Value": { + "Fn::Sub": "${EnvironmentName} Private Subnet (AZ1)" + } + } + ] + } + }, + "PrivateSubnet2": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": { + "Ref": "PrivateSubnet2CIDR" + }, + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "Name", + "Value": { + "Fn::Sub": "${EnvironmentName} Private Subnet (AZ2)" + } + } + ] + } + }, + "NatGateway1EIP": { + "Type": "AWS::EC2::EIP", + "DependsOn": "InternetGatewayAttachment", + "Properties": { + "Domain": "vpc" + } + }, + "NatGateway2EIP": { + "Type": "AWS::EC2::EIP", + "DependsOn": "InternetGatewayAttachment", + "Properties": { + "Domain": "vpc" + } + }, + "NatGateway1": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "NatGateway1EIP", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "PublicSubnet1" + } + } + }, + "NatGateway2": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "NatGateway2EIP", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "PublicSubnet2" + } + } + }, + "PublicRouteTable": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "Tags": [ + { + "Key": "Name", + "Value": { + "Fn::Sub": "${EnvironmentName} Public Routes" + } + } + ] + } + }, + "DefaultPublicRoute": { + "Type": "AWS::EC2::Route", + "DependsOn": "InternetGatewayAttachment", + "Properties": { + "RouteTableId": { + "Ref": "PublicRouteTable" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "InternetGateway" + } + } + }, + "PublicSubnet1RouteTableAssociation": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "PublicRouteTable" + }, + "SubnetId": { + "Ref": "PublicSubnet1" + } + } + }, + "PublicSubnet2RouteTableAssociation": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "PublicRouteTable" + }, + "SubnetId": { + "Ref": "PublicSubnet2" + } + } + }, + "PrivateRouteTable1": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "Tags": [ + { + "Key": "Name", + "Value": { + "Fn::Sub": "${EnvironmentName} Private Routes (AZ1)" + } + } + ] + } + }, + "DefaultPrivateRoute1": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "PrivateRouteTable1" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "NatGateway1" + } + } + }, + "PrivateSubnet1RouteTableAssociation": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "PrivateRouteTable1" + }, + "SubnetId": { + "Ref": "PrivateSubnet1" + } + } + }, + "PrivateRouteTable2": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "Tags": [ + { + "Key": "Name", + "Value": { + "Fn::Sub": "${EnvironmentName} Private Routes (AZ2)" + } + } + ] + } + }, + "DefaultPrivateRoute2": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "PrivateRouteTable2" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "NatGateway2" + } + } + }, + "PrivateSubnet2RouteTableAssociation": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "PrivateRouteTable2" + }, + "SubnetId": { + "Ref": "PrivateSubnet2" + } + } + }, + "EC2SecurityGroup": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "SSH, Port 80, Database", + "VpcId": { + "Ref": "VPC" + }, + "SecurityGroupIngress": [ + { + "IpProtocol": "tcp", + "FromPort": 22, + "ToPort": 22, + "CidrIp": "0.0.0.0/0" + }, + { + "IpProtocol": "tcp", + "FromPort": 5432, + "ToPort": 5432, + "CidrIp": "0.0.0.0/0" + }, + { + "IpProtocol": "tcp", + "FromPort": 8082, + "ToPort": 8082, + "CidrIp": "0.0.0.0/0" + }, + { + "IpProtocol": "tcp", + "FromPort": 80, + "ToPort": 80, + "SourceSecurityGroupId": { + "Ref": "ELBSecurityGroup" + } + } + ] + } + }, + "ELBSecurityGroup": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "SSH and Port 80", + "VpcId": { + "Ref": "VPC" + }, + "SecurityGroupIngress": [ + { + "IpProtocol": "tcp", + "FromPort": 80, + "ToPort": 80, + "CidrIp": "0.0.0.0/0" + } + ] + } + }, + "BastionInstance": { + "Type": "AWS::EC2::Instance", + "Properties": { + "ImageId": { + "Fn::FindInMap": [ + "RegionToAmazonAMI", + { + "Ref": "AWS::Region" + }, + "HVM64" + ] + }, + "InstanceInitiatedShutdownBehavior": "stop", + "InstanceType": "t2.medium", + "KeyName": { + "Ref": "SSHKeyName" + }, + "Monitoring": "true", + "NetworkInterfaces": [ + { + "AssociatePublicIpAddress": "true", + "DeviceIndex": "0", + "GroupSet": [ + { + "Ref": "EC2SecurityGroup" + } + ], + "SubnetId": { + "Ref": "PublicSubnet1" + } + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "bastion" + } + ], + "Tenancy": "default" + } + }, + "RTPriInstance": { + "Type": "AWS::EC2::Instance", + "Properties": { + "ImageId": { + "Fn::FindInMap": [ + "RegionToAmazonAMI", + { + "Ref": "AWS::Region" + }, + "HVM64" + ] + }, + "InstanceInitiatedShutdownBehavior": "stop", + "InstanceType": "t2.medium", + "KeyName": { + "Ref": "SSHKeyName" + }, + "Monitoring": "true", + "NetworkInterfaces": [ + { + "AssociatePublicIpAddress": "false", + "DeviceIndex": "0", + "GroupSet": [ + { + "Ref": "EC2SecurityGroup" + } + ], + "SubnetId": { + "Ref": "PrivateSubnet1" + } + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "rtprimary" + } + ], + "Tenancy": "default" + } + }, + "RTSecInstance": { + "Type": "AWS::EC2::Instance", + "Properties": { + "ImageId": { + "Fn::FindInMap": [ + "RegionToAmazonAMI", + { + "Ref": "AWS::Region" + }, + "HVM64" + ] + }, + "InstanceInitiatedShutdownBehavior": "stop", + "InstanceType": "t2.medium", + "KeyName": { + "Ref": "SSHKeyName" + }, + "Monitoring": "true", + "NetworkInterfaces": [ + { + "AssociatePublicIpAddress": "false", + "DeviceIndex": "0", + "GroupSet": [ + { + "Ref": "EC2SecurityGroup" + } + ], + "SubnetId": { + "Ref": "PrivateSubnet2" + } + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "rtsecondary" + } + ], + "Tenancy": "default" + } + }, + "XrayInstance": { + "Type": "AWS::EC2::Instance", + "Properties": { + "ImageId": { + "Fn::FindInMap": [ + "RegionToAmazonAMI", + { + "Ref": "AWS::Region" + }, + "HVM64" + ] + }, + "InstanceInitiatedShutdownBehavior": "stop", + "InstanceType": "t2.medium", + "KeyName": { + "Ref": "SSHKeyName" + }, + "Monitoring": "true", + "NetworkInterfaces": [ + { + "AssociatePublicIpAddress": "false", + "DeviceIndex": "0", + "GroupSet": [ + { + "Ref": "EC2SecurityGroup" + } + ], + "SubnetId": { + "Ref": "PrivateSubnet1" + } + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "xray" + } + ], + "Tenancy": "default" + } + }, + "DBInstance": { + "Type": "AWS::EC2::Instance", + "Properties": { + "ImageId": { + "Fn::FindInMap": [ + "RegionToAmazonAMI", + { + "Ref": "AWS::Region" + }, + "HVM64" + ] + }, + "InstanceInitiatedShutdownBehavior": "stop", + "InstanceType": "t2.medium", + "KeyName": { + "Ref": "SSHKeyName" + }, + "Monitoring": "true", + "NetworkInterfaces": [ + { + "AssociatePublicIpAddress": "false", + "DeviceIndex": "0", + "GroupSet": [ + { + "Ref": "EC2SecurityGroup" + } + ], + "SubnetId": { + "Ref": "PrivateSubnet1" + } + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "database" + } + ], + "Tenancy": "default" + } + }, + "EC2TargetGroup": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": 30, + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": 15, + "HealthyThresholdCount": 2, + "Matcher": { + "HttpCode": "200,302" + }, + "Name": "EC2TargetGroup", + "Port": 80, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "deregistration_delay.timeout_seconds", + "Value": "20" + } + ], + "Targets": [ + { + "Id": { + "Ref": "RTPriInstance" + } + }, + { + "Id": { + "Ref": "RTSecInstance" + }, + "Port": 80 + } + ], + "UnhealthyThresholdCount": 3, + "VpcId": { + "Ref": "VPC" + }, + "Tags": [ + { + "Key": "Name", + "Value": "EC2TargetGroup" + }, + { + "Key": "Port", + "Value": 80 + } + ] + } + }, + "ALBListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "Type": "forward", + "TargetGroupArn": { + "Ref": "EC2TargetGroup" + } + } + ], + "LoadBalancerArn": { + "Ref": "ApplicationLoadBalancer" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "ApplicationLoadBalancer": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "Scheme": "internet-facing", + "Subnets": [ + { + "Ref": "PublicSubnet1" + }, + { + "Ref": "PublicSubnet2" + } + ], + "SecurityGroups": [ + { + "Ref": "ELBSecurityGroup" + } + ] + } + } + }, + + "Outputs": { + "VPC": { + "Description": "Virtual Private Cloud", + "Value": { + "Ref": "VPC" + } + }, + "ALBHostName": { + "Description": "Application Load Balancer Hostname", + "Value": { + "Fn::GetAtt": [ + "ApplicationLoadBalancer", + "DNSName" + ] + } + }, + "BastionInstancePublic": { + "Description": "Bastion", + "Value": { "Fn::GetAtt" : [ "BastionInstance", "PublicIp" ]} + }, + "BastionInstancePrivate": { + "Description": "Bastion", + "Value": { "Fn::GetAtt" : [ "BastionInstance", "PrivateIp" ]} + }, + "RTPriInstancePrivate": { + "Description": "RTPriInstance", + "Value": { "Fn::GetAtt" : [ "RTPriInstance", "PrivateIp" ]} + }, + "RTSecInstancePrivate": { + "Description": "RTSecInstance", + "Value": { "Fn::GetAtt" : [ "RTSecInstance", "PrivateIp" ]} + }, + "XrayInstancePrivate": { + "Description": "XrayInstance", + "Value": { "Fn::GetAtt" : [ "XrayInstance", "PrivateIp" ]} + }, + "DBInstancePrivate": { + "Description": "DBInstance", + "Value": { "Fn::GetAtt" : [ "DBInstance", "PrivateIp" ]} + } + } +} \ No newline at end of file diff --git a/Ansible/infra/azure/lb-rt-xray-ha.json b/Ansible/infra/azure/lb-rt-xray-ha.json new file mode 100644 index 0000000..1211d17 --- /dev/null +++ b/Ansible/infra/azure/lb-rt-xray-ha.json @@ -0,0 +1,679 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "vnetName": { + "type": "string", + "defaultValue": "vnet01", + "metadata": { + "description": "Name of new vnet to deploy into." + } + }, + "vnetAddressRange": { + "type": "string", + "defaultValue": "10.0.0.0/16", + "metadata": { + "description": "IP prefix for available addresses in vnet address space." + } + }, + "subnetAddressRange": { + "type": "string", + "defaultValue": "10.0.0.0/24", + "metadata": { + "description": "Subnet IP prefix MUST be within vnet IP prefix address space." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Location for all resources." + } + }, + "adminPublicKey": { + "type": "string", + "metadata": { + "description": "The ssh public key for the VMs." + } + }, + "sizeOfDiskInGB": { + "type": "int", + "defaultValue": 128, + "minValue": 128, + "maxValue": 1024, + "metadata": { + "description": "Size of data disk in GB 128-1024" + } + }, + "vmSize": { + "type": "string", + "defaultValue": "Standard_D2s_v3", + "metadata": { + "description": "Size of the VMs" + } + }, + "numberOfArtifactory": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "maxValue": 5, + "metadata": { + "description": "Number of Artifactory servers." + } + }, + "numberOfXray": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "maxValue": 5, + "metadata": { + "description": "Number of Xray servers." + } + }, + "numberOfDb": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "maxValue": 2, + "metadata": { + "description": "Number of database servers." + } + } + }, + "variables": { + "vnetName": "[parameters('vnetName')]", + "vnetAddressRange": "[parameters('vnetAddressRange')]", + "subnetAddressRange": "[parameters('subnetAddressRange')]", + "subnetName": "mainSubnet", + "loadBalancerName": "LB", + "loadBalancerIp": "lbIp", + "numberOfArtifactory": "[parameters('numberOfArtifactory')]", + "numberOfXray": "[parameters('numberOfXray')]", + "numberOfDb": "[parameters('numberOfDb')]", + "availabilitySetName": "availSet", + "vmArtPri": "vmArtPri", + "vmArtSec": "vmArtSec", + "vmXray": "vmXray", + "vmDb": "vmDb", + "storageAccountNameDiag": "[concat('diag',uniqueString(resourceGroup().id))]", + "subnet-id": "[resourceId('Microsoft.Network/virtualNetworks/subnets',variables('vnetName'),variables('subnetName'))]", + "imagePublisher": "Canonical", + "imageOffer": "UbuntuServer", + "imageSku": "16.04-LTS", + "mainNsg": "mainNsg", + "adminUsername": "ubuntu" + }, + "resources": [ + { + "apiVersion": "2019-08-01", + "type": "Microsoft.Network/publicIPAddresses", + "name": "[variables('loadBalancerIp')]", + "location": "[parameters('location')]", + "properties": { + "publicIPAllocationMethod": "Static" + } + }, + { + "type": "Microsoft.Compute/availabilitySets", + "name": "[variables('availabilitySetName')]", + "apiVersion": "2019-12-01", + "location": "[parameters('location')]", + "sku": { + "name": "Aligned" + }, + "properties": { + "platformFaultDomainCount": 2, + "platformUpdateDomainCount": 2 + } + }, + { + "apiVersion": "2019-06-01", + "type": "Microsoft.Storage/storageAccounts", + "name": "[variables('storageAccountNameDiag')]", + "location": "[parameters('location')]", + "kind": "StorageV2", + "sku": { + "name": "Standard_LRS" + } + }, + { + "comments": "Simple Network Security Group for subnet [Subnet]", + "type": "Microsoft.Network/networkSecurityGroups", + "apiVersion": "2019-08-01", + "name": "[variables('mainNsg')]", + "location": "[parameters('location')]", + "properties": { + "securityRules": [ + { + "name": "allow-ssh", + "properties": { + "description": "Allow SSH", + "protocol": "TCP", + "sourcePortRange": "*", + "destinationPortRange": "22", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 100, + "direction": "Inbound", + "sourcePortRanges": [], + "destinationPortRanges": [], + "sourceAddressPrefixes": [], + "destinationAddressPrefixes": [] + } + }, + { + "name": "allow-http", + "properties": { + "description": "Allow HTTP", + "protocol": "TCP", + "sourcePortRange": "*", + "destinationPortRange": "80", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 110, + "direction": "Inbound", + "sourcePortRanges": [], + "destinationPortRanges": [], + "sourceAddressPrefixes": [], + "destinationAddressPrefixes": [] + } + } + ] + } + }, + { + "apiVersion": "2019-08-01", + "type": "Microsoft.Network/virtualNetworks", + "name": "[variables('vnetName')]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.Network/networkSecurityGroups', variables('mainNsg'))]" + ], + "properties": { + "addressSpace": { + "addressPrefixes": [ + "[variables('vnetAddressRange')]" + ] + }, + "subnets": [ + { + "name": "[variables('subnetName')]", + "properties": { + "addressPrefix": "[variables('subnetAddressRange')]", + "networkSecurityGroup": { + "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('mainNsg'))]" + } + } + } + ] + } + }, + { + "apiVersion": "2018-10-01", + "name": "[variables('loadBalancerName')]", + "type": "Microsoft.Network/loadBalancers", + "location": "[parameters('location')]", + "dependsOn": [ + "[concat('Microsoft.Network/publicIPAddresses/',variables('loadBalancerIp'))]" + ], + "properties": { + "frontendIpConfigurations": [ + { + "name": "LBFE", + "properties": { + "publicIPAddress": { + "id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('loadBalancerIp'))]" + } + } + } + ], + "backendAddressPools": [ + { + "name": "LBArt" + } + ], + "inboundNatRules": [ + { + "name": "ssh", + "properties": { + "frontendIPConfiguration": { + "id": "[resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations',variables('loadBalancerName'),'LBFE')]" + }, + "frontendPort": 22, + "backendPort": 22, + "enableFloatingIP": false, + "idleTimeoutInMinutes": 4, + "protocol": "Tcp", + "enableTcpReset": false + } + } + ], + "loadBalancingRules": [ + { + "properties": { + "frontendIPConfiguration": { + "id": "[resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations', variables('loadBalancerName'), 'LBFE')]" + }, + "backendAddressPool": { + "id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('loadBalancerName'), 'LBArt')]" + }, + "probe": { + "id": "[resourceId('Microsoft.Network/loadBalancers/probes', variables('loadBalancerName'), 'lbprobe')]" + }, + "protocol": "Tcp", + "frontendPort": 80, + "backendPort": 80, + "idleTimeoutInMinutes": 15 + }, + "name": "lbrule" + } + ], + "probes": [ + { + "properties": { + "protocol": "Tcp", + "port": 80, + "intervalInSeconds": 15, + "numberOfProbes": 2 + }, + "name": "lbprobe" + } + ] + } + }, + { + "apiVersion": "2019-08-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[variables('vmArtPri')]", + "location": "[parameters('location')]", + "dependsOn": [ + "[variables('vnetName')]", + "[variables('loadBalancerName')]" + ], + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[variables('subnet-id')]" + }, + "loadBalancerBackendAddressPools": [ + { + "id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',variables('loadBalancerName'),'LBArt')]" + } + ], + "loadBalancerInboundNatRules": [ + { + "id": "[resourceId('Microsoft.Network/loadBalancers/inboundNatRules', variables('loadBalancerName'), 'ssh')]" + } + ] + } + } + ] + } + }, + { + "apiVersion": "2019-08-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[concat(variables('vmArtSec'),copyindex())]", + "copy": { + "name": "netIntLoop", + "count": "[sub(variables('numberOfArtifactory'),1)]" + }, + "location": "[parameters('location')]", + "dependsOn": [ + "[variables('vnetName')]", + "[variables('loadBalancerName')]" + ], + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[variables('subnet-id')]" + }, + "loadBalancerBackendAddressPools": [ + { + "id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',variables('loadBalancerName'),'LBArt')]" + } + ] + } + } + ] + } + }, + { + "apiVersion": "2019-08-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[concat(variables('vmXray'),copyindex())]", + "copy": { + "name": "netXrLoop", + "count": "[variables('numberOfXray')]" + }, + "location": "[parameters('location')]", + "dependsOn": [ + "[variables('vnetName')]" + ], + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[variables('subnet-id')]" + } + } + } + ] + } + }, + { + "apiVersion": "2019-08-01", + "type": "Microsoft.Network/networkInterfaces", + "name": "[concat(variables('vmDb'),copyindex())]", + "copy": { + "name": "netDbLoop", + "count": "[variables('numberOfDb')]" + }, + "location": "[parameters('location')]", + "dependsOn": [ + "[variables('vnetName')]" + ], + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig", + "properties": { + "privateIPAllocationMethod": "Dynamic", + "subnet": { + "id": "[variables('subnet-id')]" + } + } + } + ] + } + }, + { + "apiVersion": "2019-12-01", + "type": "Microsoft.Compute/virtualMachines", + "name": "[variables('vmArtPri')]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameDiag'))]", + "[resourceId('Microsoft.Network/networkInterfaces', variables('vmArtPri'))]", + "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]" + ], + "properties": { + "availabilitySet": { + "id": "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]" + }, + "hardwareProfile": { + "vmSize": "[parameters('vmSize')]" + }, + "osProfile": { + "computerName": "[variables('vmArtPri')]", + "adminUsername": "[variables('adminUsername')]", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "ssh": { + "publicKeys": [ + { + "path": "[concat('/home/', variables('adminUsername'), '/.ssh/authorized_keys')]", + "keyData": "[parameters('adminPublicKey')]" + } + ] + } + } + }, + "storageProfile": { + "imageReference": { + "publisher": "[variables('imagePublisher')]", + "offer": "[variables('imageOffer')]", + "sku": "[variables('imageSku')]", + "version": "latest" + }, + "osDisk": { + "createOption": "FromImage" + } + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[resourceId('Microsoft.Network/networkInterfaces',variables('vmArtPri'))]" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "[reference(variables('storageAccountNameDiag'), '2019-06-01').primaryEndpoints.blob]" + } + } + } + }, + { + "apiVersion": "2019-12-01", + "type": "Microsoft.Compute/virtualMachines", + "name": "[concat(variables('vmArtSec'), copyindex())]", + "copy": { + "name": "virtualMachineLoop", + "count": "[sub(variables('numberOfArtifactory'),1)]" + }, + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameDiag'))]", + "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('vmArtSec'),copyindex()))]", + "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]" + ], + "properties": { + "availabilitySet": { + "id": "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]" + }, + "hardwareProfile": { + "vmSize": "[parameters('vmSize')]" + }, + "osProfile": { + "computerName": "[concat(variables('vmArtSec'), copyindex())]", + "adminUsername": "[variables('adminUsername')]", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "ssh": { + "publicKeys": [ + { + "path": "[concat('/home/', variables('adminUsername'), '/.ssh/authorized_keys')]", + "keyData": "[parameters('adminPublicKey')]" + } + ] + } + } + }, + "storageProfile": { + "imageReference": { + "publisher": "[variables('imagePublisher')]", + "offer": "[variables('imageOffer')]", + "sku": "[variables('imageSku')]", + "version": "latest" + }, + "osDisk": { + "createOption": "FromImage" + } + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[resourceId('Microsoft.Network/networkInterfaces',concat(variables('vmArtSec'),copyindex()))]" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "[reference(variables('storageAccountNameDiag'), '2019-06-01').primaryEndpoints.blob]" + } + } + } + }, + { + "apiVersion": "2019-12-01", + "type": "Microsoft.Compute/virtualMachines", + "name": "[concat(variables('vmXray'), copyindex())]", + "copy": { + "name": "virtualMachineLoop", + "count": "[variables('numberOfXray')]" + }, + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameDiag'))]", + "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('vmXray'),copyindex()))]", + "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]" + ], + "properties": { + "availabilitySet": { + "id": "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]" + }, + "hardwareProfile": { + "vmSize": "[parameters('vmSize')]" + }, + "osProfile": { + "computerName": "[concat(variables('vmXray'), copyindex())]", + "adminUsername": "[variables('adminUsername')]", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "ssh": { + "publicKeys": [ + { + "path": "[concat('/home/', variables('adminUsername'), '/.ssh/authorized_keys')]", + "keyData": "[parameters('adminPublicKey')]" + } + ] + } + } + }, + "storageProfile": { + "imageReference": { + "publisher": "[variables('imagePublisher')]", + "offer": "[variables('imageOffer')]", + "sku": "[variables('imageSku')]", + "version": "latest" + }, + "osDisk": { + "createOption": "FromImage" + } + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[resourceId('Microsoft.Network/networkInterfaces',concat(variables('vmXray'),copyindex()))]" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "[reference(variables('storageAccountNameDiag'), '2019-06-01').primaryEndpoints.blob]" + } + } + } + }, + { + "apiVersion": "2019-12-01", + "type": "Microsoft.Compute/virtualMachines", + "name": "[concat(variables('vmDb'), copyindex())]", + "copy": { + "name": "virtualMachineLoop", + "count": "[variables('numberOfDb')]" + }, + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameDiag'))]", + "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('vmDb'),copyindex()))]", + "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]" + ], + "properties": { + "availabilitySet": { + "id": "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]" + }, + "hardwareProfile": { + "vmSize": "[parameters('vmSize')]" + }, + "osProfile": { + "computerName": "[concat(variables('vmDb'), copyindex())]", + "adminUsername": "[variables('adminUsername')]", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "ssh": { + "publicKeys": [ + { + "path": "[concat('/home/', variables('adminUsername'), '/.ssh/authorized_keys')]", + "keyData": "[parameters('adminPublicKey')]" + } + ] + } + } + }, + "storageProfile": { + "imageReference": { + "publisher": "[variables('imagePublisher')]", + "offer": "[variables('imageOffer')]", + "sku": "[variables('imageSku')]", + "version": "latest" + }, + "osDisk": { + "createOption": "FromImage" + } + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[resourceId('Microsoft.Network/networkInterfaces',concat(variables('vmDb'),copyindex()))]" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "[reference(variables('storageAccountNameDiag'), '2019-06-01').primaryEndpoints.blob]" + } + } + } + } + ], + "outputs": { + "lbIp": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses', variables('loadBalancerIp'))).ipAddress]" + }, + "vmArtPriIp": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Network/networkInterfaces', variables('vmArtPri'))).ipConfigurations[0].properties.privateIPAddress]" + }, + "vmArtSecArrIp": { + "type": "array", + "copy": { + "count": "[sub(variables('numberOfArtifactory'),1)]", + "input": "[reference(resourceId('Microsoft.Network/networkInterfaces', concat(variables('vmArtSec'),copyindex()))).ipConfigurations[0].properties.privateIPAddress]" + } + }, + "vmXrayArrIp": { + "type": "array", + "copy": { + "count": "[variables('numberOfXray')]", + "input": "[reference(resourceId('Microsoft.Network/networkInterfaces', concat(variables('vmXray'),copyindex()))).ipConfigurations[0].properties.privateIPAddress]" + } + }, + "vmDbArrIp": { + "type": "array", + "copy": { + "count": "[variables('numberOfDb')]", + "input": "[reference(resourceId('Microsoft.Network/networkInterfaces', concat(variables('vmDb'),copyindex()))).ipConfigurations[0].properties.privateIPAddress]" + } + } + } +} \ No newline at end of file diff --git a/Ansible/pipelines.yaml b/Ansible/pipelines.yaml new file mode 100644 index 0000000..f857fe6 --- /dev/null +++ b/Ansible/pipelines.yaml @@ -0,0 +1,57 @@ +resources: + - name: ansibleRepo + type: GitRepo + configuration: + gitProvider: jefferyfryGithub + path: jefferyfry/JFrog-Cloud-Installers +pipelines: + - name: ansible_azure_automation_pipeline + steps: + - name: execute_azure_ansible_playbook + type: Bash + configuration: + runtime: + type: image + image: + auto: + language: java + versions: + - "8" + integrations: + - name: ansibleAzureKeys + - name: ansibleEnvVars + - name: ansiblePrivateKey + inputResources: + - name: ansibleRepo + execution: + onStart: + - echo "Executing Azure Ansible playbook..." + onExecute: + - sudo apt-get update + - sudo apt-get install gnupg2 + - sudo apt-get install software-properties-common + - sudo apt-add-repository --yes --update ppa:ansible/ansible + - sudo apt -y --allow-unauthenticated install ansible + - sudo pip install packaging + - sudo pip install msrestazure + - sudo pip install ansible[azure] + - cd ../dependencyState/resources/ansibleRepo + - echo 'Setting environment variables...' + - export artifactory_license1="$int_ansibleEnvVars_artifactory_license1" + - export artifactory_license2="$int_ansibleEnvVars_artifactory_license2" + - export artifactory_license3="$int_ansibleEnvVars_artifactory_license3" + - export master_key="$int_ansibleEnvVars_master_key" + - export join_key="$int_ansibleEnvVars_join_key" + - export ssh_public_key="$int_ansibleEnvVars_ssh_public_key" + - export arm_template="$int_ansibleEnvVars_arm_template" + - export azure_resource_group="$int_ansibleEnvVars_azure_resource_group" + - export clientId="$int_ansibleAzureKeys_appId" + - export clientSecret="$int_ansibleAzureKeys_password" + - export tenantId="$int_ansibleAzureKeys_tenant" + - printenv + - eval $(ssh-agent -s) + - ssh-add <(echo "$int_ansiblePrivateKey_key") + - az login --service-principal -u "$clientId" -p "$clientSecret" --tenant "$tenantId" + - ansible-playbook Ansible/test/azure/playbook.yaml + onComplete: + - echo "Azure Ansible playbook complete." \ No newline at end of file diff --git a/Ansible/project/rt-ha/hosts.yml b/Ansible/project/rt-ha/hosts.yml new file mode 100644 index 0000000..6246c53 --- /dev/null +++ b/Ansible/project/rt-ha/hosts.yml @@ -0,0 +1,51 @@ +--- +all: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" + children: + database: + hosts: + #artifactory database + 52.86.32.79: + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + artifactory: + vars: + artifactory_ha_enabled: true + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory" + db_user: "artifactory" + db_password: "Art1fAct0ry" + server_name: "ec2-100-25-104-198.compute-1.amazonaws.com" + certificate: | + -----BEGIN CERTIFICATE----- + x + -----END CERTIFICATE----- + certificate_key: | + -----BEGIN PRIVATE KEY----- + x + -----END PRIVATE KEY----- + children: + primary: + hosts: + 100.25.104.198: + artifactory_is_primary: true + artifactory_license1: x + artifactory_license2: x + artifactory_license3: x + artifactory_license4: x + artifactory_license5: x + secondary: + hosts: + 54.160.107.157: + 35.153.79.44: + vars: + artifactory_is_primary: false + diff --git a/Ansible/project/rt-ha/playbook.yml b/Ansible/project/rt-ha/playbook.yml new file mode 100644 index 0000000..ae9639e --- /dev/null +++ b/Ansible/project/rt-ha/playbook.yml @@ -0,0 +1,11 @@ +--- +- hosts: database + gather_facts: true + roles: + - jfrog/ansible/roles/postgres + +- hosts: primary:secondary + gather_facts: true + roles: + - jfrog/ansible/roles/artifactory + - jfrog/ansible/roles/artifactory-nginx-ssl \ No newline at end of file diff --git a/Ansible/project/rt-xray-ha-ssh-proxy/hosts.yml b/Ansible/project/rt-xray-ha-ssh-proxy/hosts.yml new file mode 100644 index 0000000..8651299 --- /dev/null +++ b/Ansible/project/rt-xray-ha-ssh-proxy/hosts.yml @@ -0,0 +1,60 @@ +--- +all: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@13.82.225.20 -W %h:%p"' + children: + database: + hosts: + #artifactory database + 10.0.0.6: + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + #xray database + 10.0.0.4: + dbs: + - { db_name: "xraydb", db_owner: "xray" } + db_users: + - { db_user: "xray", db_password: "xray" } + artifactory: + vars: + artifactory_ha_enabled: true + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "jdbc:postgresql://10.0.0.6:5432/artifactory" + db_user: "artifactory" + db_password: "Art1fAct0ry" + server_name: "rt.13.82.225.208.xip.io" + children: + primary: + hosts: + 10.0.0.8: + artifactory_is_primary: true + artifactory_license1: x + artifactory_license2: x + artifactory_license3: x + artifactory_license4: x + artifactory_license5: x + secondary: + hosts: + 10.0.0.9: + vars: + artifactory_is_primary: false + xray: + vars: + jfrog_url: http://rt.13.82.225.208.xip.io/ + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "postgres://10.0.0.4:5432/xraydb?sslmode=disable" + db_user: "xray" + db_password: "xray" + hosts: + 10.0.0.5: diff --git a/Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml b/Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml new file mode 100644 index 0000000..e47c473 --- /dev/null +++ b/Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml @@ -0,0 +1,15 @@ +--- +- hosts: database + gather_facts: true + roles: + - jfrog/ansible/roles/postgres + +- hosts: primary:secondary + gather_facts: true + roles: + - jfrog/ansible/roles/artifactory + +- hosts: xray + gather_facts: true + roles: + - jfrog/ansible/roles/xray \ No newline at end of file diff --git a/Ansible/project/rt-xray-ha/hosts.yml b/Ansible/project/rt-xray-ha/hosts.yml new file mode 100644 index 0000000..0a79555 --- /dev/null +++ b/Ansible/project/rt-xray-ha/hosts.yml @@ -0,0 +1,55 @@ +--- +all: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" + children: + database: + hosts: + #artifactory database + 52.86.32.79: + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + #xray database + 100.25.152.93: + dbs: + - { db_name: "xraydb", db_owner: "xray" } + db_users: + - { db_user: "xray", db_password: "xray" } + artifactory: + vars: + artifactory_ha_enabled: true + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "jdbc:postgresql://10.0.0.51:5432/artifactory" + db_user: "artifactory" + db_password: "Art1fAct0ry" + server_name: "ec2-18-210-33-94.compute-1.amazonaws.com" + children: + primary: + hosts: + 18.210.33.94: + artifactory_is_primary: true + artifactory_license1: x + artifactory_license2: x + artifactory_license3: x + artifactory_license4: x + artifactory_license5: x + xray: + vars: + jfrog_url: http://ec2-18-210-33-94.compute-1.amazonaws.com + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "postgres://10.0.0.5:5432/xraydb?sslmode=disable" + db_user: "xray" + db_password: "xray" + hosts: +# 34.229.56.166: + 54.237.68.180 diff --git a/Ansible/project/rt-xray-ha/playbook.yml b/Ansible/project/rt-xray-ha/playbook.yml new file mode 100644 index 0000000..1f55bcf --- /dev/null +++ b/Ansible/project/rt-xray-ha/playbook.yml @@ -0,0 +1,15 @@ +--- +- hosts: database + gather_facts: true + roles: + - jfrog/ansible/roles/postgres + +- hosts: primary + gather_facts: true + roles: + - jfrog/ansible/roles/artifactory + +- hosts: xray + gather_facts: true + roles: + - jfrog/ansible/roles/xray \ No newline at end of file diff --git a/Ansible/project/rt-xray/hosts.yml b/Ansible/project/rt-xray/hosts.yml new file mode 100644 index 0000000..c553954 --- /dev/null +++ b/Ansible/project/rt-xray/hosts.yml @@ -0,0 +1,43 @@ +--- +all: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" + children: + database: + hosts: + 34.239.107.0: + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + - { db_name: "xraydb", db_owner: "xray" } + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + - { db_user: "xray", db_password: "xray" } + artifactory: + hosts: + 54.237.207.135: + artifactory_license1: x + artifactory_license2: x + artifactory_license3: x + artifactory_license4: x + artifactory_license5: x + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "jdbc:postgresql://10.0.0.59:5432/artifactory" + db_user: "artifactory" + db_password: "Art1fAct0ry" + server_name: "ec2-54-237-207-135.compute-1.amazonaws.com" + xray: + hosts: + 100.25.104.174: + jfrog_url: "http://ec2-54-237-207-135.compute-1.amazonaws.com" + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "postgres://10.0.0.59:5432/xraydb?sslmode=disable" + db_user: "xray" + db_password: "xray" diff --git a/Ansible/project/rt-xray/playbook.yml b/Ansible/project/rt-xray/playbook.yml new file mode 100644 index 0000000..9dea61f --- /dev/null +++ b/Ansible/project/rt-xray/playbook.yml @@ -0,0 +1,15 @@ +--- +- hosts: database + gather_facts: true + roles: + - jfrog/ansible/roles/postgres + +- hosts: artifactory + gather_facts: true + roles: + - jfrog/ansible/roles/artifactory + +- hosts: xray + gather_facts: true + roles: + - jfrog/ansible/roles/xray \ No newline at end of file diff --git a/Ansible/project/rt/hosts.yml b/Ansible/project/rt/hosts.yml new file mode 100644 index 0000000..79cf45d --- /dev/null +++ b/Ansible/project/rt/hosts.yml @@ -0,0 +1,31 @@ +--- +all: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" + children: + database: + hosts: + 52.86.32.79: + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + primary: + hosts: + 100.25.104.198: + artifactory_is_primary: true + artifactory_license1: x + artifactory_license2: x + artifactory_license3: x + artifactory_license4: x + artifactory_license5: x + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory" + db_user: "artifactory" + db_password: "Art1fAct0ry" + server_name: "ec2-100-25-104-198.compute-1.amazonaws.com" \ No newline at end of file diff --git a/Ansible/project/rt/playbook.yml b/Ansible/project/rt/playbook.yml new file mode 100644 index 0000000..472706a --- /dev/null +++ b/Ansible/project/rt/playbook.yml @@ -0,0 +1,10 @@ +--- +- hosts: database + gather_facts: true + roles: + - jfrog/ansible/roles/postgres + +- hosts: primary + gather_facts: true + roles: + - jfrog/ansible/roles/artifactory diff --git a/Ansible/project/ssl/hosts.yml b/Ansible/project/ssl/hosts.yml new file mode 100644 index 0000000..c6c8f9f --- /dev/null +++ b/Ansible/project/ssl/hosts.yml @@ -0,0 +1,39 @@ +--- +all: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" + children: + database: + hosts: + 52.86.32.79: + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + primary: + hosts: + 100.25.104.198: + artifactory_is_primary: true + artifactory_license1: x + artifactory_license2: x + artifactory_license3: x + artifactory_license4: x + artifactory_license5: x + master_key: "c97b862469de0d94fbb7d48130637a5a" + join_key: "9bcca98f375c0728d907cc6ee39d4f02" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory" + db_user: "artifactory" + db_password: "Art1fAct0ry" + server_name: "ec2-100-25-104-198.compute-1.amazonaws.com" + certificate: | + -----BEGIN CERTIFICATE----- + x + -----END CERTIFICATE----- + certificate_key: | + -----BEGIN PRIVATE KEY----- + x + -----END PRIVATE KEY----- diff --git a/Ansible/project/ssl/playbook.yml b/Ansible/project/ssl/playbook.yml new file mode 100644 index 0000000..6f1ba22 --- /dev/null +++ b/Ansible/project/ssl/playbook.yml @@ -0,0 +1,11 @@ +--- +- hosts: database + gather_facts: true + roles: + - jfrog/ansible/roles/postgres + +- hosts: primary + gather_facts: true + roles: + - jfrog/ansible/roles/artifactory + - jfrog/ansible/roles/artifactory-nginx-ssl diff --git a/Ansible/test/aws/playbook.yaml b/Ansible/test/aws/playbook.yaml new file mode 100644 index 0000000..8474438 --- /dev/null +++ b/Ansible/test/aws/playbook.yaml @@ -0,0 +1,147 @@ +--- +- name: Provision AWS test infrastructure + hosts: localhost + tasks: + - shell: 'pwd' + register: cmd + + - debug: + msg: "{{ cmd.stdout }}" + - name: Create AWS test system + cloudformation: + stack_name: "{{ lookup('env', 'stack_name') }}" + state: "present" + region: "us-east-1" + disable_rollback: true + template: "{{ lookup('env', 'cfn_template') }}" + template_parameters: + SSHKeyName: "{{ lookup('env', 'ssh_public_key_name') }}" + tags: + Stack: "{{ lookup('env', 'stack_name') }}" + register: AWSDeployment + - name: Get AWS deployment details + debug: + var: AWSDeployment + + - name: Add bastion + add_host: + hostname: "{{ AWSDeployment.stack_outputs.BastionInstancePublic }}" + groups: bastion + ansible_user: "ubuntu" + - name: Add new RT primary to host group + add_host: + hostname: "{{ AWSDeployment.stack_outputs.RTPriInstancePrivate }}" + ansible_user: "ubuntu" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ AWSDeployment.stack_outputs.BastionInstancePublic }} -W %h:%p"' + db_url: "jdbc:postgresql://{{ AWSDeployment.stack_outputs.DBInstancePrivate }}:5432/artifactory" + server_name: "{{ AWSDeployment.stack_outputs.ALBHostName }}" + artifactory_is_primary: true + artifactory_license1: "{{ lookup('env', 'artifactory_license1') }}" + artifactory_license2: "{{ lookup('env', 'artifactory_license2') }}" + artifactory_license3: "{{ lookup('env', 'artifactory_license3') }}" + groups: + - artifactory + + - name: Add RT secondaries to host group + add_host: + hostname: "{{ AWSDeployment.stack_outputs.RTSecInstancePrivate }}" + ansible_user: "ubuntu" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ AWSDeployment.stack_outputs.BastionInstancePublic }} -W %h:%p"' + db_url: "jdbc:postgresql://{{ AWSDeployment.stack_outputs.DBInstancePrivate }}:5432/artifactory" + server_name: "{{ AWSDeployment.stack_outputs.ALBHostName }}" + artifactory_is_primary: false + groups: + - artifactory + + - name: Add xrays to host group + add_host: + hostname: "{{ AWSDeployment.stack_outputs.XrayInstancePrivate }}" + ansible_user: "ubuntu" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ AWSDeployment.stack_outputs.BastionInstancePublic }} -W %h:%p"' + jfrog_url: "http://{{ AWSDeployment.stack_outputs.ALBHostName }}" + master_key: "{{ lookup('env', 'master_key') }}" + join_key: "{{ lookup('env', 'join_key') }}" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_user: "xray" + db_password: "xray" + db_url: "postgres://{{ AWSDeployment.stack_outputs.DBInstancePrivate }}:5432/xraydb?sslmode=disable" + groups: xray + + - name: Add DBs to host group + add_host: + hostname: "{{ AWSDeployment.stack_outputs.DBInstancePrivate }}" + ansible_user: "ubuntu" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ AWSDeployment.stack_outputs.BastionInstancePublic }} -W %h:%p"' + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + - { db_user: "xray", db_password: "xray" } + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + - { db_name: "xraydb", db_owner: "xray" } + groups: database + + - name: Set up test environment url + replace: + path: ../tests/src/test/resources/testenv.yaml + regexp: 'urlval' + replace: "http://{{ AWSDeployment.stack_outputs.ALBHostName }}" + + - name: Set up test environment external_ip + replace: + path: ../tests/src/test/resources/testenv.yaml + regexp: 'ipval' + replace: "{{ AWSDeployment.stack_outputs.ALBHostName }}" + + - name: Set up test environment rt_password + replace: + path: ../tests/src/test/resources/testenv.yaml + regexp: 'passval' + replace: "password" + + - name: show testenv.yaml + debug: var=item + with_file: + - ../tests/src/test/resources/testenv.yaml + + - name: Wait 300 seconds for port 22 + wait_for: + port: 22 + host: "{{ AWSDeployment.stack_outputs.BastionInstancePublic }}" + delay: 10 + + - debug: + msg: "Unified URL is at http://{{ AWSDeployment.stack_outputs.ALBHostName }}" + +- hosts: database + roles: + - postgres + +- hosts: artifactory + vars: + artifactory_ha_enabled: true + master_key: "{{ lookup('env', 'master_key') }}" + join_key: "{{ lookup('env', 'join_key') }}" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_user: "artifactory" + db_password: "Art1fAct0ry" + roles: + - artifactory + +- hosts: xray + roles: + - xray + +- name: Test + hosts: localhost + tasks: + - name: Run tests + shell: + cmd: ./gradlew clean unified_test + chdir: ../tests/ + - name: Cleanup and delete stack + cloudformation: + stack_name: "{{ lookup('env', 'stack_name') }}" + state: "absent" \ No newline at end of file diff --git a/Ansible/test/aws/runAws.sh b/Ansible/test/aws/runAws.sh new file mode 100755 index 0000000..fa8da2a --- /dev/null +++ b/Ansible/test/aws/runAws.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +ansible-playbook Ansible/test/aws/playbook.yaml \ No newline at end of file diff --git a/Ansible/test/azure/playbook.yaml b/Ansible/test/azure/playbook.yaml new file mode 100644 index 0000000..ae9625d --- /dev/null +++ b/Ansible/test/azure/playbook.yaml @@ -0,0 +1,161 @@ +--- +- name: Provision Azure test infrastructure + hosts: localhost + tasks: + - name: Create azure test system + azure_rm_deployment: + resource_group: "{{ lookup('env', 'azure_resource_group') }}" + location: eastus + name: AzureAnsibleInfra + parameters: + vnetName: + value: "vnetAnsible" + vnetAddressRange: + value: "10.0.0.0/16" + subnetAddressRange: + value: "10.0.0.0/24" + location: + value: "eastus" + adminPublicKey: + value: "{{ lookup('env', 'ssh_public_key') }}" + sizeOfDiskInGB: + value: 128 + vmSize: + value: Standard_D2s_v3 + numberOfArtifactory: + value: 2 + numberOfXray: + value: 1 + numberOfDb: + value: 1 + template_link: "{{ lookup('env', 'arm_template') }}" + register: azureDeployment + - name: Get Azure deployment details + debug: + var: azureDeployment + + - name: Add bastion + add_host: + hostname: "{{ azureDeployment.deployment.outputs.lbIp.value }}" + groups: bastion + ansible_user: "ubuntu" + - name: Add new RT primary to host group + add_host: + hostname: "{{ azureDeployment.deployment.outputs.vmArtPriIp.value }}" + ansible_user: "ubuntu" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' + db_url: "jdbc:postgresql://{{ azureDeployment.deployment.outputs.vmDbArrIp.value[0] }}:5432/artifactory" + server_name: "rt.{{ azureDeployment.deployment.outputs.lbIp.value }}.xip.io" + artifactory_is_primary: true + artifactory_license1: "{{ lookup('env', 'artifactory_license1') }}" + artifactory_license2: "{{ lookup('env', 'artifactory_license2') }}" + artifactory_license3: "{{ lookup('env', 'artifactory_license3') }}" + groups: + - artifactory + + - name: Add RT secondaries to host group + add_host: + hostname: "{{ item }}" + ansible_user: "ubuntu" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' + db_url: "jdbc:postgresql://{{ azureDeployment.deployment.outputs.vmDbArrIp.value[0] }}:5432/artifactory" + server_name: "rt.{{ azureDeployment.deployment.outputs.lbIp.value }}.xip.io" + artifactory_is_primary: false + groups: + - artifactory + loop: "{{ azureDeployment.deployment.outputs.vmArtSecArrIp.value }}" + + - name: Add xrays to host group + add_host: + hostname: "{{ item }}" + ansible_user: "ubuntu" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' + jfrog_url: "http://rt.{{ azureDeployment.deployment.outputs.lbIp.value }}.xip.io" + master_key: "{{ lookup('env', 'master_key') }}" + join_key: "{{ lookup('env', 'join_key') }}" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_user: "xray" + db_password: "xray" + db_url: "postgres://{{ azureDeployment.deployment.outputs.vmDbArrIp.value[0] }}:5432/xraydb?sslmode=disable" + groups: xray + loop: "{{ azureDeployment.deployment.outputs.vmXrayArrIp.value }}" + + - name: Add DBs to host group + add_host: + hostname: "{{ item }}" + ansible_user: "ubuntu" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + - { db_user: "xray", db_password: "xray" } + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + - { db_name: "xraydb", db_owner: "xray" } + groups: database + loop: "{{ azureDeployment.deployment.outputs.vmDbArrIp.value }}" + + - name: Set up test environment url + replace: + path: ../tests/src/test/resources/testenv.yaml + regexp: 'urlval' + replace: "http://rt.{{ azureDeployment.deployment.outputs.lbIp.value }}.xip.io" + + - name: Set up test environment external_ip + replace: + path: ../tests/src/test/resources/testenv.yaml + regexp: 'ipval' + replace: "{{ azureDeployment.deployment.outputs.lbIp.value }}" + + - name: Set up test environment rt_password + replace: + path: ../tests/src/test/resources/testenv.yaml + regexp: 'passval' + replace: "password" + + - name: show testenv.yaml + debug: var=item + with_file: + - ../tests/src/test/resources/testenv.yaml + + - name: Wait 300 seconds for port 22 + wait_for: + port: 22 + host: "{{ azureDeployment.deployment.outputs.lbIp.value }}" + delay: 10 + + - debug: + msg: "Unified URL is at http://rt.{{ azureDeployment.deployment.outputs.lbIp.value }}.xip.io" + +- hosts: database + roles: + - postgres + +- hosts: artifactory + vars: + artifactory_ha_enabled: true + master_key: "{{ lookup('env', 'master_key') }}" + join_key: "{{ lookup('env', 'join_key') }}" + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_user: "artifactory" + db_password: "Art1fAct0ry" + roles: + - artifactory + +- hosts: xray + roles: + - xray + +- name: Test + hosts: localhost + tasks: + - name: Run tests + shell: + cmd: ./gradlew clean unified_test + chdir: ../tests/ + - name: Cleanup and delete a resource group + azure_rm_resourcegroup: + name: "{{ lookup('env', 'azure_resource_group') }}" + state: absent \ No newline at end of file diff --git a/Ansible/test/azure/runAzure.sh b/Ansible/test/azure/runAzure.sh new file mode 100755 index 0000000..c9d7e80 --- /dev/null +++ b/Ansible/test/azure/runAzure.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +ansible-playbook Ansible/test/azure/playbook.yaml \ No newline at end of file diff --git a/Ansible/test/tests/README.md b/Ansible/test/tests/README.md new file mode 100755 index 0000000..21db3cf --- /dev/null +++ b/Ansible/test/tests/README.md @@ -0,0 +1,19 @@ +## Test framework + +### How to run it locally + +``` +./gradlew clean commonTests +``` + +### Adding new tests + +### Gradle cleanup. Delete the folder: +``` + ~/.gradle/caches/ + ./gradlew clean +``` +### Or run +``` + ./gradlew clean +``` \ No newline at end of file diff --git a/Ansible/test/tests/build.gradle b/Ansible/test/tests/build.gradle new file mode 100644 index 0000000..1a41ee3 --- /dev/null +++ b/Ansible/test/tests/build.gradle @@ -0,0 +1,63 @@ +plugins { + id 'groovy' +} + +group 'org.example' +version '1.0-SNAPSHOT' + +repositories { + mavenCentral() +} + +dependencies { + compile 'org.codehaus.groovy:groovy-all:3.0.0' + testCompile 'io.rest-assured:rest-assured:4.1.1' + testCompile 'org.testng:testng:6.14.3' + testCompile 'org.yaml:snakeyaml:1.17' +} + +test { + outputs.upToDateWhen { false } + useTestNG(){ + suites("src/test/groovy/testng.xml") + } + //maxParallelForks = Runtime.runtime.availableProcessors().intdiv(2) ?: 1 + testLogging { + showStandardStreams = true + } + +} + +task artifactory_jcr_test(type: Test) { + useTestNG() { + useDefaultListeners = true + suites 'src/test/groovy/testng.xml' + includeGroups ('common', 'jcr') + } + testLogging { + showStandardStreams = true + } +} + +task artifactory_ha_test(type: Test) { + useTestNG() { + useDefaultListeners = true + suites 'src/test/groovy/testng.xml' + includeGroups('common','pro') + } + testLogging { + showStandardStreams = true + } +} + +task unified_test(type: Test) { + useTestNG() { + useDefaultListeners = true + suites 'src/test/groovy/testng.xml' + includeGroups('common','pro','xray') + } + testLogging { + showStandardStreams = true + } +} + diff --git a/Ansible/test/tests/gradle/wrapper/gradle-wrapper.jar b/Ansible/test/tests/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000000000000000000000000000000000000..87b738cbd051603d91cc39de6cb000dd98fe6b02 GIT binary patch literal 55190 zcmafaW0WS*vSoFbZQHhO+s0S6%`V%vZQJa!ZQHKus_B{g-pt%P_q|ywBQt-*Stldc z$+IJ3?^KWm27v+sf`9-50uuadKtMnL*BJ;1^6ynvR7H?hQcjE>7)art9Bu0Pcm@7C z@c%WG|JzYkP)<@zR9S^iR_sA`azaL$mTnGKnwDyMa;8yL_0^>Ba^)phg0L5rOPTbm7g*YIRLg-2^{qe^`rb!2KqS zk~5wEJtTdD?)3+}=eby3x6%i)sb+m??NHC^u=tcG8p$TzB<;FL(WrZGV&cDQb?O0GMe6PBV=V z?tTO*5_HTW$xea!nkc~Cnx#cL_rrUGWPRa6l+A{aiMY=<0@8y5OC#UcGeE#I>nWh}`#M#kIn-$A;q@u-p71b#hcSItS!IPw?>8 zvzb|?@Ahb22L(O4#2Sre&l9H(@TGT>#Py)D&eW-LNb!=S;I`ZQ{w;MaHW z#to!~TVLgho_Pm%zq@o{K3Xq?I|MVuVSl^QHnT~sHlrVxgsqD-+YD?Nz9@HA<;x2AQjxP)r6Femg+LJ-*)k%EZ}TTRw->5xOY z9#zKJqjZgC47@AFdk1$W+KhTQJKn7e>A&?@-YOy!v_(}GyV@9G#I?bsuto4JEp;5|N{orxi_?vTI4UF0HYcA( zKyGZ4<7Fk?&LZMQb6k10N%E*$gr#T&HsY4SPQ?yerqRz5c?5P$@6dlD6UQwZJ*Je9 z7n-@7!(OVdU-mg@5$D+R%gt82Lt%&n6Yr4=|q>XT%&^z_D*f*ug8N6w$`woqeS-+#RAOfSY&Rz z?1qYa5xi(7eTCrzCFJfCxc%j{J}6#)3^*VRKF;w+`|1n;Xaojr2DI{!<3CaP`#tXs z*`pBQ5k@JLKuCmovFDqh_`Q;+^@t_;SDm29 zCNSdWXbV?9;D4VcoV`FZ9Ggrr$i<&#Dx3W=8>bSQIU_%vf)#(M2Kd3=rN@^d=QAtC zI-iQ;;GMk|&A++W5#hK28W(YqN%?!yuW8(|Cf`@FOW5QbX|`97fxmV;uXvPCqxBD zJ9iI37iV)5TW1R+fV16y;6}2tt~|0J3U4E=wQh@sx{c_eu)t=4Yoz|%Vp<#)Qlh1V z0@C2ZtlT>5gdB6W)_bhXtcZS)`9A!uIOa`K04$5>3&8An+i9BD&GvZZ=7#^r=BN=k za+=Go;qr(M)B~KYAz|<^O3LJON}$Q6Yuqn8qu~+UkUKK~&iM%pB!BO49L+?AL7N7o z(OpM(C-EY753=G=WwJHE`h*lNLMNP^c^bBk@5MyP5{v7x>GNWH>QSgTe5 z!*GPkQ(lcbEs~)4ovCu!Zt&$${9$u(<4@9%@{U<-ksAqB?6F`bQ;o-mvjr)Jn7F&j$@`il1Mf+-HdBs<-`1FahTxmPMMI)@OtI&^mtijW6zGZ67O$UOv1Jj z;a3gmw~t|LjPkW3!EZ=)lLUhFzvO;Yvj9g`8hm%6u`;cuek_b-c$wS_0M4-N<@3l|88 z@V{Sd|M;4+H6guqMm4|v=C6B7mlpP(+It%0E;W`dxMOf9!jYwWj3*MRk`KpS_jx4c z=hrKBkFK;gq@;wUV2eqE3R$M+iUc+UD0iEl#-rECK+XmH9hLKrC={j@uF=f3UiceB zU5l$FF7#RKjx+6!JHMG5-!@zI-eG=a-!Bs^AFKqN_M26%cIIcSs61R$yuq@5a3c3& z4%zLs!g}+C5%`ja?F`?5-og0lv-;(^e<`r~p$x%&*89_Aye1N)9LNVk?9BwY$Y$$F^!JQAjBJvywXAesj7lTZ)rXuxv(FFNZVknJha99lN=^h`J2> zl5=~(tKwvHHvh|9-41@OV`c;Ws--PE%{7d2sLNbDp;A6_Ka6epzOSFdqb zBa0m3j~bT*q1lslHsHqaHIP%DF&-XMpCRL(v;MV#*>mB^&)a=HfLI7efblG z(@hzN`|n+oH9;qBklb=d^S0joHCsArnR1-h{*dIUThik>ot^!6YCNjg;J_i3h6Rl0ji)* zo(tQ~>xB!rUJ(nZjCA^%X;)H{@>uhR5|xBDA=d21p@iJ!cH?+%U|VSh2S4@gv`^)^ zNKD6YlVo$%b4W^}Rw>P1YJ|fTb$_(7C;hH+ z1XAMPb6*p^h8)e5nNPKfeAO}Ik+ZN_`NrADeeJOq4Ak;sD~ zTe77no{Ztdox56Xi4UE6S7wRVxJzWxKj;B%v7|FZ3cV9MdfFp7lWCi+W{}UqekdpH zdO#eoOuB3Fu!DU`ErfeoZWJbWtRXUeBzi zBTF-AI7yMC^ntG+8%mn(I6Dw}3xK8v#Ly{3w3_E?J4(Q5JBq~I>u3!CNp~Ekk&YH` z#383VO4O42NNtcGkr*K<+wYZ>@|sP?`AQcs5oqX@-EIqgK@Pmp5~p6O6qy4ml~N{D z{=jQ7k(9!CM3N3Vt|u@%ssTw~r~Z(}QvlROAkQQ?r8OQ3F0D$aGLh zny+uGnH5muJ<67Z=8uilKvGuANrg@s3Vu_lU2ajb?rIhuOd^E@l!Kl0hYIxOP1B~Q zggUmXbh$bKL~YQ#!4fos9UUVG#}HN$lIkM<1OkU@r>$7DYYe37cXYwfK@vrHwm;pg zbh(hEU|8{*d$q7LUm+x&`S@VbW*&p-sWrplWnRM|I{P;I;%U`WmYUCeJhYc|>5?&& zj}@n}w~Oo=l}iwvi7K6)osqa;M8>fRe}>^;bLBrgA;r^ZGgY@IC^ioRmnE&H4)UV5 zO{7egQ7sBAdoqGsso5q4R(4$4Tjm&&C|7Huz&5B0wXoJzZzNc5Bt)=SOI|H}+fbit z-PiF5(NHSy>4HPMrNc@SuEMDuKYMQ--G+qeUPqO_9mOsg%1EHpqoX^yNd~~kbo`cH zlV0iAkBFTn;rVb>EK^V6?T~t~3vm;csx+lUh_%ROFPy0(omy7+_wYjN!VRDtwDu^h4n|xpAMsLepm% zggvs;v8+isCW`>BckRz1MQ=l>K6k^DdT`~sDXTWQ<~+JtY;I~I>8XsAq3yXgxe>`O zZdF*{9@Z|YtS$QrVaB!8&`&^W->_O&-JXn1n&~}o3Z7FL1QE5R*W2W@=u|w~7%EeC1aRfGtJWxImfY-D3t!!nBkWM> zafu>^Lz-ONgT6ExjV4WhN!v~u{lt2-QBN&UxwnvdH|I%LS|J-D;o>@@sA62@&yew0 z)58~JSZP!(lX;da!3`d)D1+;K9!lyNlkF|n(UduR-%g>#{`pvrD^ClddhJyfL7C-(x+J+9&7EsC~^O`&}V%)Ut8^O_7YAXPDpzv8ir4 zl`d)(;imc6r16k_d^)PJZ+QPxxVJS5e^4wX9D=V2zH&wW0-p&OJe=}rX`*->XT=;_qI&)=WHkYnZx6bLoUh_)n-A}SF_ z9z7agNTM5W6}}ui=&Qs@pO5$zHsOWIbd_&%j^Ok5PJ3yUWQw*i4*iKO)_er2CDUME ztt+{Egod~W-fn^aLe)aBz)MOc_?i-stTj}~iFk7u^-gGSbU;Iem06SDP=AEw9SzuF zeZ|hKCG3MV(z_PJg0(JbqTRf4T{NUt%kz&}4S`)0I%}ZrG!jgW2GwP=WTtkWS?DOs znI9LY!dK+1_H0h+i-_~URb^M;4&AMrEO_UlDV8o?E>^3x%ZJyh$JuDMrtYL8|G3If zPf2_Qb_W+V?$#O; zydKFv*%O;Y@o_T_UAYuaqx1isMKZ^32JtgeceA$0Z@Ck0;lHbS%N5)zzAW9iz; z8tTKeK7&qw!8XVz-+pz>z-BeIzr*#r0nB^cntjQ9@Y-N0=e&ZK72vlzX>f3RT@i7@ z=z`m7jNk!9%^xD0ug%ptZnM>F;Qu$rlwo}vRGBIymPL)L|x}nan3uFUw(&N z24gdkcb7!Q56{0<+zu zEtc5WzG2xf%1<@vo$ZsuOK{v9gx^0`gw>@h>ZMLy*h+6ueoie{D#}}` zK2@6Xxq(uZaLFC%M!2}FX}ab%GQ8A0QJ?&!vaI8Gv=vMhd);6kGguDmtuOElru()) zuRk&Z{?Vp!G~F<1#s&6io1`poBqpRHyM^p;7!+L??_DzJ8s9mYFMQ0^%_3ft7g{PD zZd}8E4EV}D!>F?bzcX=2hHR_P`Xy6?FOK)mCj)Ym4s2hh z0OlOdQa@I;^-3bhB6mpw*X5=0kJv8?#XP~9){G-+0ST@1Roz1qi8PhIXp1D$XNqVG zMl>WxwT+K`SdO1RCt4FWTNy3!i?N>*-lbnn#OxFJrswgD7HjuKpWh*o@QvgF&j+CT z{55~ZsUeR1aB}lv#s_7~+9dCix!5(KR#c?K?e2B%P$fvrsZxy@GP#R#jwL{y#Ld$} z7sF>QT6m|}?V;msb?Nlohj7a5W_D$y+4O6eI;Zt$jVGymlzLKscqer9#+p2$0It&u zWY!dCeM6^B^Z;ddEmhi?8`scl=Lhi7W%2|pT6X6^%-=q90DS(hQ-%c+E*ywPvmoF(KqDoW4!*gmQIklm zk#!GLqv|cs(JRF3G?=AYY19{w@~`G3pa z@xR9S-Hquh*&5Yas*VI};(%9%PADn`kzm zeWMJVW=>>wap*9|R7n#!&&J>gq04>DTCMtj{P^d12|2wXTEKvSf?$AvnE!peqV7i4 zE>0G%CSn%WCW1yre?yi9*aFP{GvZ|R4JT}M%x_%Hztz2qw?&28l&qW<6?c6ym{f$d z5YCF+k#yEbjCN|AGi~-NcCG8MCF1!MXBFL{#7q z)HO+WW173?kuI}^Xat;Q^gb4Hi0RGyB}%|~j8>`6X4CPo+|okMbKy9PHkr58V4bX6<&ERU)QlF8%%huUz&f+dwTN|tk+C&&o@Q1RtG`}6&6;ncQuAcfHoxd5AgD7`s zXynq41Y`zRSiOY@*;&1%1z>oNcWTV|)sjLg1X8ijg1Y zbIGL0X*Sd}EXSQ2BXCKbJmlckY(@EWn~Ut2lYeuw1wg?hhj@K?XB@V_ZP`fyL~Yd3n3SyHU-RwMBr6t-QWE5TinN9VD4XVPU; zonIIR!&pGqrLQK)=#kj40Im%V@ij0&Dh0*s!lnTw+D`Dt-xmk-jmpJv$1-E-vfYL4 zqKr#}Gm}~GPE+&$PI@4ag@=M}NYi7Y&HW82Q`@Y=W&PE31D110@yy(1vddLt`P%N^ z>Yz195A%tnt~tvsSR2{m!~7HUc@x<&`lGX1nYeQUE(%sphTi>JsVqSw8xql*Ys@9B z>RIOH*rFi*C`ohwXjyeRBDt8p)-u{O+KWP;$4gg||%*u{$~yEj+Al zE(hAQRQ1k7MkCq9s4^N3ep*$h^L%2Vq?f?{+cicpS8lo)$Cb69b98au+m2J_e7nYwID0@`M9XIo1H~|eZFc8Hl!qly612ADCVpU zY8^*RTMX(CgehD{9v|^9vZ6Rab`VeZ2m*gOR)Mw~73QEBiktViBhR!_&3l$|be|d6 zupC`{g89Y|V3uxl2!6CM(RNpdtynaiJ~*DqSTq9Mh`ohZnb%^3G{k;6%n18$4nAqR zjPOrP#-^Y9;iw{J@XH9=g5J+yEVh|e=4UeY<^65`%gWtdQ=-aqSgtywM(1nKXh`R4 zzPP&7r)kv_uC7X9n=h=!Zrf<>X=B5f<9~Q>h#jYRD#CT7D~@6@RGNyO-#0iq0uHV1 zPJr2O4d_xLmg2^TmG7|dpfJ?GGa`0|YE+`2Rata9!?$j#e9KfGYuLL(*^z z!SxFA`$qm)q-YKh)WRJZ@S+-sD_1E$V?;(?^+F3tVcK6 z2fE=8hV*2mgiAbefU^uvcM?&+Y&E}vG=Iz!%jBF7iv){lyC`)*yyS~D8k+Mx|N3bm zI~L~Z$=W9&`x)JnO;8c>3LSDw!fzN#X3qi|0`sXY4?cz{*#xz!kvZ9bO=K3XbN z5KrgN=&(JbXH{Wsu9EdmQ-W`i!JWEmfI;yVTT^a-8Ch#D8xf2dtyi?7p z%#)W3n*a#ndFpd{qN|+9Jz++AJQO#-Y7Z6%*%oyEP5zs}d&kKIr`FVEY z;S}@d?UU=tCdw~EJ{b}=9x}S2iv!!8<$?d7VKDA8h{oeD#S-$DV)-vPdGY@x08n)@ zag?yLF_E#evvRTj4^CcrLvBL=fft&@HOhZ6Ng4`8ijt&h2y}fOTC~7GfJi4vpomA5 zOcOM)o_I9BKz}I`q)fu+Qnfy*W`|mY%LO>eF^a z;$)?T4F-(X#Q-m}!-k8L_rNPf`Mr<9IWu)f&dvt=EL+ESYmCvErd@8B9hd)afc(ZL94S z?rp#h&{7Ah5IJftK4VjATklo7@hm?8BX*~oBiz)jyc9FuRw!-V;Uo>p!CWpLaIQyt zAs5WN)1CCeux-qiGdmbIk8LR`gM+Qg=&Ve}w?zA6+sTL)abU=-cvU`3E?p5$Hpkxw znu0N659qR=IKnde*AEz_7z2pdi_Bh-sb3b=PdGO1Pdf_q2;+*Cx9YN7p_>rl``knY zRn%aVkcv1(W;`Mtp_DNOIECtgq%ufk-mu_<+Fu3Q17Tq4Rr(oeq)Yqk_CHA7LR@7@ zIZIDxxhS&=F2IQfusQ+Nsr%*zFK7S4g!U0y@3H^Yln|i;0a5+?RPG;ZSp6Tul>ezM z`40+516&719qT)mW|ArDSENle5hE2e8qY+zfeZoy12u&xoMgcP)4=&P-1Ib*-bAy` zlT?>w&B|ei-rCXO;sxo7*G;!)_p#%PAM-?m$JP(R%x1Hfas@KeaG%LO?R=lmkXc_MKZW}3f%KZ*rAN?HYvbu2L$ zRt_uv7~-IejlD1x;_AhwGXjB94Q=%+PbxuYzta*jw?S&%|qb=(JfJ?&6P=R7X zV%HP_!@-zO*zS}46g=J}#AMJ}rtWBr21e6hOn&tEmaM%hALH7nlm2@LP4rZ>2 zebe5aH@k!e?ij4Zwak#30|}>;`bquDQK*xmR=zc6vj0yuyC6+U=LusGnO3ZKFRpen z#pwzh!<+WBVp-!$MAc<0i~I%fW=8IO6K}bJ<-Scq>e+)951R~HKB?Mx2H}pxPHE@} zvqpq5j81_jtb_WneAvp<5kgdPKm|u2BdQx9%EzcCN&U{l+kbkhmV<1}yCTDv%&K^> zg;KCjwh*R1f_`6`si$h6`jyIKT7rTv5#k~x$mUyIw)_>Vr)D4fwIs@}{FSX|5GB1l z4vv;@oS@>Bu7~{KgUa_8eg#Lk6IDT2IY$41$*06{>>V;Bwa(-@N;ex4;D`(QK*b}{ z{#4$Hmt)FLqERgKz=3zXiV<{YX6V)lvYBr3V>N6ajeI~~hGR5Oe>W9r@sg)Na(a4- zxm%|1OKPN6^%JaD^^O~HbLSu=f`1px>RawOxLr+1b2^28U*2#h*W^=lSpSY4(@*^l z{!@9RSLG8Me&RJYLi|?$c!B0fP=4xAM4rerxX{xy{&i6=AqXueQAIBqO+pmuxy8Ib z4X^}r!NN3-upC6B#lt7&x0J;)nb9O~xjJMemm$_fHuP{DgtlU3xiW0UesTzS30L+U zQzDI3p&3dpONhd5I8-fGk^}@unluzu%nJ$9pzoO~Kk!>dLxw@M)M9?pNH1CQhvA`z zV;uacUtnBTdvT`M$1cm9`JrT3BMW!MNVBy%?@ZX%;(%(vqQAz<7I!hlDe|J3cn9=} zF7B;V4xE{Ss76s$W~%*$JviK?w8^vqCp#_G^jN0j>~Xq#Zru26e#l3H^{GCLEXI#n z?n~F-Lv#hU(bZS`EI9(xGV*jT=8R?CaK)t8oHc9XJ;UPY0Hz$XWt#QyLBaaz5+}xM zXk(!L_*PTt7gwWH*HLWC$h3Ho!SQ-(I||nn_iEC{WT3S{3V{8IN6tZ1C+DiFM{xlI zeMMk{o5;I6UvaC)@WKp9D+o?2Vd@4)Ue-nYci()hCCsKR`VD;hr9=vA!cgGL%3k^b(jADGyPi2TKr(JNh8mzlIR>n(F_hgiV(3@Ds(tjbNM7GoZ;T|3 zWzs8S`5PrA!9){jBJuX4y`f<4;>9*&NY=2Sq2Bp`M2(fox7ZhIDe!BaQUb@P(ub9D zlP8!p(AN&CwW!V&>H?yPFMJ)d5x#HKfwx;nS{Rr@oHqpktOg)%F+%1#tsPtq7zI$r zBo-Kflhq-=7_eW9B2OQv=@?|y0CKN77)N;z@tcg;heyW{wlpJ1t`Ap!O0`Xz{YHqO zI1${8Hag^r!kA<2_~bYtM=<1YzQ#GGP+q?3T7zYbIjN6Ee^V^b&9en$8FI*NIFg9G zPG$OXjT0Ku?%L7fat8Mqbl1`azf1ltmKTa(HH$Dqlav|rU{zP;Tbnk-XkGFQ6d+gi z-PXh?_kEJl+K98&OrmzgPIijB4!Pozbxd0H1;Usy!;V>Yn6&pu*zW8aYx`SC!$*ti zSn+G9p=~w6V(fZZHc>m|PPfjK6IN4(o=IFu?pC?+`UZAUTw!e`052{P=8vqT^(VeG z=psASIhCv28Y(;7;TuYAe>}BPk5Qg=8$?wZj9lj>h2kwEfF_CpK=+O6Rq9pLn4W)# zeXCKCpi~jsfqw7Taa0;!B5_C;B}e56W1s8@p*)SPzA;Fd$Slsn^=!_&!mRHV*Lmt| zBGIDPuR>CgS4%cQ4wKdEyO&Z>2aHmja;Pz+n|7(#l%^2ZLCix%>@_mbnyPEbyrHaz z>j^4SIv;ZXF-Ftzz>*t4wyq)ng8%0d;(Z_ExZ-cxwei=8{(br-`JYO(f23Wae_MqE z3@{Mlf^%M5G1SIN&en1*| zH~ANY1h3&WNsBy$G9{T=`kcxI#-X|>zLX2r*^-FUF+m0{k)n#GTG_mhG&fJfLj~K& zU~~6othMlvMm9<*SUD2?RD+R17|Z4mgR$L*R3;nBbo&Vm@39&3xIg;^aSxHS>}gwR zmzs?h8oPnNVgET&dx5^7APYx6Vv6eou07Zveyd+^V6_LzI$>ic+pxD_8s~ zC<}ucul>UH<@$KM zT4oI=62M%7qQO{}re-jTFqo9Z;rJKD5!X5$iwUsh*+kcHVhID08MB5cQD4TBWB(rI zuWc%CA}}v|iH=9gQ?D$1#Gu!y3o~p7416n54&Hif`U-cV?VrUMJyEqo_NC4#{puzU zzXEE@UppeeRlS9W*^N$zS`SBBi<@tT+<%3l@KhOy^%MWB9(A#*J~DQ;+MK*$rxo6f zcx3$3mcx{tly!q(p2DQrxcih|)0do_ZY77pyHGE#Q(0k*t!HUmmMcYFq%l$-o6%lS zDb49W-E?rQ#Hl``C3YTEdGZjFi3R<>t)+NAda(r~f1cT5jY}s7-2^&Kvo&2DLTPYP zhVVo-HLwo*vl83mtQ9)PR#VBg)FN}+*8c-p8j`LnNUU*Olm1O1Qqe62D#$CF#?HrM zy(zkX|1oF}Z=T#3XMLWDrm(|m+{1&BMxHY7X@hM_+cV$5-t!8HT(dJi6m9{ja53Yw z3f^`yb6Q;(e|#JQIz~B*=!-GbQ4nNL-NL z@^NWF_#w-Cox@h62;r^;Y`NX8cs?l^LU;5IWE~yvU8TqIHij!X8ydbLlT0gwmzS9} z@5BccG?vO;rvCs$mse1*ANi-cYE6Iauz$Fbn3#|ToAt5v7IlYnt6RMQEYLldva{~s zvr>1L##zmeoYgvIXJ#>bbuCVuEv2ZvZ8I~PQUN3wjP0UC)!U+wn|&`V*8?)` zMSCuvnuGec>QL+i1nCPGDAm@XSMIo?A9~C?g2&G8aNKjWd2pDX{qZ?04+2 zeyLw}iEd4vkCAWwa$ zbrHlEf3hfN7^1g~aW^XwldSmx1v~1z(s=1az4-wl} z`mM+G95*N*&1EP#u3}*KwNrPIgw8Kpp((rdEOO;bT1;6ea~>>sK+?!;{hpJ3rR<6UJb`O8P4@{XGgV%63_fs%cG8L zk9Fszbdo4tS$g0IWP1>t@0)E%-&9yj%Q!fiL2vcuL;90fPm}M==<>}Q)&sp@STFCY z^p!RzmN+uXGdtPJj1Y-khNyCb6Y$Vs>eZyW zPaOV=HY_T@FwAlleZCFYl@5X<<7%5DoO(7S%Lbl55?{2vIr_;SXBCbPZ(up;pC6Wx={AZL?shYOuFxLx1*>62;2rP}g`UT5+BHg(ju z&7n5QSvSyXbioB9CJTB#x;pexicV|9oaOpiJ9VK6EvKhl4^Vsa(p6cIi$*Zr0UxQ z;$MPOZnNae2Duuce~7|2MCfhNg*hZ9{+8H3?ts9C8#xGaM&sN;2lriYkn9W>&Gry! z3b(Xx1x*FhQkD-~V+s~KBfr4M_#0{`=Yrh90yj}Ph~)Nx;1Y^8<418tu!$1<3?T*~ z7Dl0P3Uok-7w0MPFQexNG1P5;y~E8zEvE49>$(f|XWtkW2Mj`udPn)pb%} zrA%wRFp*xvDgC767w!9`0vx1=q!)w!G+9(-w&p*a@WXg{?T&%;qaVcHo>7ca%KX$B z^7|KBPo<2;kM{2mRnF8vKm`9qGV%|I{y!pKm8B(q^2V;;x2r!1VJ^Zz8bWa)!-7a8 zSRf@dqEPlsj!7}oNvFFAA)75})vTJUwQ03hD$I*j6_5xbtd_JkE2`IJD_fQ;a$EkO z{fQ{~e%PKgPJsD&PyEvDmg+Qf&p*-qu!#;1k2r_(H72{^(Z)htgh@F?VIgK#_&eS- z$~(qInec>)XIkv@+{o6^DJLpAb>!d}l1DK^(l%#OdD9tKK6#|_R?-%0V!`<9Hj z3w3chDwG*SFte@>Iqwq`J4M&{aHXzyigT620+Vf$X?3RFfeTcvx_e+(&Q*z)t>c0e zpZH$1Z3X%{^_vylHVOWT6tno=l&$3 z9^eQ@TwU#%WMQaFvaYp_we%_2-9=o{+ck zF{cKJCOjpW&qKQquyp2BXCAP920dcrZ}T1@piukx_NY;%2W>@Wca%=Ch~x5Oj58Hv z;D-_ALOZBF(Mqbcqjd}P3iDbek#Dwzu`WRs`;hRIr*n0PV7vT+%Io(t}8KZ zpp?uc2eW!v28ipep0XNDPZt7H2HJ6oey|J3z!ng#1H~x_k%35P+Cp%mqXJ~cV0xdd z^4m5^K_dQ^Sg?$P`))ccV=O>C{Ds(C2WxX$LMC5vy=*44pP&)X5DOPYfqE${)hDg< z3hcG%U%HZ39=`#Ko4Uctg&@PQLf>?0^D|4J(_1*TFMOMB!Vv1_mnOq$BzXQdOGqgy zOp#LBZ!c>bPjY1NTXksZmbAl0A^Y&(%a3W-k>bE&>K?px5Cm%AT2E<&)Y?O*?d80d zgI5l~&Mve;iXm88Q+Fw7{+`PtN4G7~mJWR^z7XmYQ>uoiV!{tL)hp|= zS(M)813PM`d<501>{NqaPo6BZ^T{KBaqEVH(2^Vjeq zgeMeMpd*1tE@@);hGjuoVzF>Cj;5dNNwh40CnU+0DSKb~GEMb_# zT8Z&gz%SkHq6!;_6dQFYE`+b`v4NT7&@P>cA1Z1xmXy<2htaDhm@XXMp!g($ zw(7iFoH2}WR`UjqjaqOQ$ecNt@c|K1H1kyBArTTjLp%-M`4nzOhkfE#}dOpcd;b#suq8cPJ&bf5`6Tq>ND(l zib{VrPZ>{KuaIg}Y$W>A+nrvMg+l4)-@2jpAQ5h(Tii%Ni^-UPVg{<1KGU2EIUNGaXcEkOedJOusFT9X3%Pz$R+-+W+LlRaY-a$5r?4V zbPzgQl22IPG+N*iBRDH%l{Zh$fv9$RN1sU@Hp3m=M}{rX%y#;4(x1KR2yCO7Pzo>rw(67E{^{yUR`91nX^&MxY@FwmJJbyPAoWZ9Z zcBS$r)&ogYBn{DOtD~tIVJUiq|1foX^*F~O4hlLp-g;Y2wKLLM=?(r3GDqsPmUo*? zwKMEi*%f)C_@?(&&hk>;m07F$X7&i?DEK|jdRK=CaaNu-)pX>n3}@%byPKVkpLzBq z{+Py&!`MZ^4@-;iY`I4#6G@aWMv{^2VTH7|WF^u?3vsB|jU3LgdX$}=v7#EHRN(im zI(3q-eU$s~r=S#EWqa_2!G?b~ z<&brq1vvUTJH380=gcNntZw%7UT8tLAr-W49;9y^=>TDaTC|cKA<(gah#2M|l~j)w zY8goo28gj$n&zcNgqX1Qn6=<8?R0`FVO)g4&QtJAbW3G#D)uNeac-7cH5W#6i!%BH z=}9}-f+FrtEkkrQ?nkoMQ1o-9_b+&=&C2^h!&mWFga#MCrm85hW;)1pDt;-uvQG^D zntSB?XA*0%TIhtWDS!KcI}kp3LT>!(Nlc(lQN?k^bS8Q^GGMfo}^|%7s;#r+pybl@?KA++|FJ zr%se9(B|g*ERQU96az%@4gYrxRRxaM2*b}jNsG|0dQi;Rw{0WM0E>rko!{QYAJJKY z)|sX0N$!8d9E|kND~v|f>3YE|uiAnqbkMn)hu$if4kUkzKqoNoh8v|S>VY1EKmgO} zR$0UU2o)4i4yc1inx3}brso+sio{)gfbLaEgLahj8(_Z#4R-v) zglqwI%`dsY+589a8$Mu7#7_%kN*ekHupQ#48DIN^uhDxblDg3R1yXMr^NmkR z7J_NWCY~fhg}h!_aXJ#?wsZF$q`JH>JWQ9`jbZzOBpS`}-A$Vgkq7+|=lPx9H7QZG z8i8guMN+yc4*H*ANr$Q-3I{FQ-^;8ezWS2b8rERp9TMOLBxiG9J*g5=?h)mIm3#CGi4JSq1ohFrcrxx@`**K5%T}qbaCGldV!t zVeM)!U3vbf5FOy;(h08JnhSGxm)8Kqxr9PsMeWi=b8b|m_&^@#A3lL;bVKTBx+0v8 zLZeWAxJ~N27lsOT2b|qyp$(CqzqgW@tyy?CgwOe~^i;ZH zlL``i4r!>i#EGBNxV_P@KpYFQLz4Bdq{#zA&sc)*@7Mxsh9u%e6Ke`?5Yz1jkTdND zR8!u_yw_$weBOU}24(&^Bm|(dSJ(v(cBct}87a^X(v>nVLIr%%D8r|&)mi+iBc;B;x;rKq zd8*X`r?SZsTNCPQqoFOrUz8nZO?225Z#z(B!4mEp#ZJBzwd7jW1!`sg*?hPMJ$o`T zR?KrN6OZA1H{9pA;p0cSSu;@6->8aJm1rrO-yDJ7)lxuk#npUk7WNER1Wwnpy%u zF=t6iHzWU(L&=vVSSc^&D_eYP3TM?HN!Tgq$SYC;pSIPWW;zeNm7Pgub#yZ@7WPw#f#Kl)W4%B>)+8%gpfoH1qZ;kZ*RqfXYeGXJ_ zk>2otbp+1By`x^1V!>6k5v8NAK@T;89$`hE0{Pc@Q$KhG0jOoKk--Qx!vS~lAiypV zCIJ&6B@24`!TxhJ4_QS*S5;;Pk#!f(qIR7*(c3dN*POKtQe)QvR{O2@QsM%ujEAWEm) z+PM=G9hSR>gQ`Bv2(k}RAv2+$7qq(mU`fQ+&}*i%-RtSUAha>70?G!>?w%F(b4k!$ zvm;E!)2`I?etmSUFW7WflJ@8Nx`m_vE2HF#)_BiD#FaNT|IY@!uUbd4v$wTglIbIX zblRy5=wp)VQzsn0_;KdM%g<8@>#;E?vypTf=F?3f@SSdZ;XpX~J@l1;p#}_veWHp>@Iq_T z@^7|h;EivPYv1&u0~l9(a~>dV9Uw10QqB6Dzu1G~-l{*7IktljpK<_L8m0|7VV_!S zRiE{u97(%R-<8oYJ{molUd>vlGaE-C|^<`hppdDz<7OS13$#J zZ+)(*rZIDSt^Q$}CRk0?pqT5PN5TT`Ya{q(BUg#&nAsg6apPMhLTno!SRq1e60fl6GvpnwDD4N> z9B=RrufY8+g3_`@PRg+(+gs2(bd;5#{uTZk96CWz#{=&h9+!{_m60xJxC%r&gd_N! z>h5UzVX%_7@CUeAA1XFg_AF%(uS&^1WD*VPS^jcC!M2v@RHZML;e(H-=(4(3O&bX- zI6>usJOS+?W&^S&DL{l|>51ZvCXUKlH2XKJPXnHjs*oMkNM#ZDLx!oaM5(%^)5XaP zk6&+P16sA>vyFe9v`Cp5qnbE#r#ltR5E+O3!WnKn`56Grs2;sqr3r# zp@Zp<^q`5iq8OqOlJ`pIuyK@3zPz&iJ0Jcc`hDQ1bqos2;}O|$i#}e@ua*x5VCSx zJAp}+?Hz++tm9dh3Fvm_bO6mQo38al#>^O0g)Lh^&l82+&x)*<n7^Sw-AJo9tEzZDwyJ7L^i7|BGqHu+ea6(&7jKpBq>~V z8CJxurD)WZ{5D0?s|KMi=e7A^JVNM6sdwg@1Eg_+Bw=9j&=+KO1PG|y(mP1@5~x>d z=@c{EWU_jTSjiJl)d(>`qEJ;@iOBm}alq8;OK;p(1AdH$)I9qHNmxxUArdzBW0t+Qeyl)m3?D09770g z)hzXEOy>2_{?o%2B%k%z4d23!pZcoxyW1Ik{|m7Q1>fm4`wsRrl)~h z_=Z*zYL+EG@DV1{6@5@(Ndu!Q$l_6Qlfoz@79q)Kmsf~J7t1)tl#`MD<;1&CAA zH8;i+oBm89dTTDl{aH`cmTPTt@^K-%*sV+t4X9q0Z{A~vEEa!&rRRr=0Rbz4NFCJr zLg2u=0QK@w9XGE=6(-JgeP}G#WG|R&tfHRA3a9*zh5wNTBAD;@YYGx%#E4{C#Wlfo z%-JuW9=FA_T6mR2-Vugk1uGZvJbFvVVWT@QOWz$;?u6+CbyQsbK$>O1APk|xgnh_8 zc)s@Mw7#0^wP6qTtyNq2G#s?5j~REyoU6^lT7dpX{T-rhZWHD%dik*=EA7bIJgOVf_Ga!yC8V^tkTOEHe+JK@Fh|$kfNxO^= z#lpV^(ZQ-3!^_BhV>aXY~GC9{8%1lOJ}6vzXDvPhC>JrtXwFBC+!3a*Z-%#9}i z#<5&0LLIa{q!rEIFSFc9)>{-_2^qbOg5;_A9 ztQ))C6#hxSA{f9R3Eh^`_f${pBJNe~pIQ`tZVR^wyp}=gLK}e5_vG@w+-mp#Fu>e| z*?qBp5CQ5zu+Fi}xAs)YY1;bKG!htqR~)DB$ILN6GaChoiy%Bq@i+1ZnANC0U&D z_4k$=YP47ng+0NhuEt}6C;9-JDd8i5S>`Ml==9wHDQFOsAlmtrVwurYDw_)Ihfk35 zJDBbe!*LUpg%4n>BExWz>KIQ9vexUu^d!7rc_kg#Bf= z7TLz|l*y*3d2vi@c|pX*@ybf!+Xk|2*z$@F4K#MT8Dt4zM_EcFmNp31#7qT6(@GG? zdd;sSY9HHuDb=w&|K%sm`bYX#%UHKY%R`3aLMO?{T#EI@FNNFNO>p@?W*i0z(g2dt z{=9Ofh80Oxv&)i35AQN>TPMjR^UID-T7H5A?GI{MD_VeXZ%;uo41dVm=uT&ne2h0i zv*xI%9vPtdEK@~1&V%p1sFc2AA`9?H)gPnRdlO~URx!fiSV)j?Tf5=5F>hnO=$d$x zzaIfr*wiIc!U1K*$JO@)gP4%xp!<*DvJSv7p}(uTLUb=MSb@7_yO+IsCj^`PsxEl& zIxsi}s3L?t+p+3FXYqujGhGwTx^WXgJ1}a@Yq5mwP0PvGEr*qu7@R$9j>@-q1rz5T zriz;B^(ex?=3Th6h;7U`8u2sDlfS{0YyydK=*>-(NOm9>S_{U|eg(J~C7O zIe{|LK=Y`hXiF_%jOM8Haw3UtaE{hWdzo3BbD6ud7br4cODBtN(~Hl+odP0SSWPw;I&^m)yLw+nd#}3#z}?UIcX3=SssI}`QwY=% zAEXTODk|MqTx}2DVG<|~(CxgLyi*A{m>M@1h^wiC)4Hy>1K7@|Z&_VPJsaQoS8=ex zDL&+AZdQa>ylxhT_Q$q=60D5&%pi6+qlY3$3c(~rsITX?>b;({FhU!7HOOhSP7>bmTkC8KM%!LRGI^~y3Ug+gh!QM=+NZXznM)?L3G=4=IMvFgX3BAlyJ z`~jjA;2z+65D$j5xbv9=IWQ^&-K3Yh`vC(1Qz2h2`o$>Cej@XRGff!it$n{@WEJ^N z41qk%Wm=}mA*iwCqU_6}Id!SQd13aFER3unXaJJXIsSnxvG2(hSCP{i&QH$tL&TPx zDYJsuk+%laN&OvKb-FHK$R4dy%M7hSB*yj#-nJy?S9tVoxAuDei{s}@+pNT!vLOIC z8g`-QQW8FKp3cPsX%{)0B+x+OhZ1=L7F-jizt|{+f1Ga7%+!BXqjCjH&x|3%?UbN# zh?$I1^YokvG$qFz5ySK+Ja5=mkR&p{F}ev**rWdKMko+Gj^?Or=UH?SCg#0F(&a_y zXOh}dPv0D9l0RVedq1~jCNV=8?vZfU-Xi|nkeE->;ohG3U7z+^0+HV17~-_Mv#mV` zzvwUJJ15v5wwKPv-)i@dsEo@#WEO9zie7mdRAbgL2kjbW4&lk$vxkbq=w5mGKZK6@ zjXWctDkCRx58NJD_Q7e}HX`SiV)TZMJ}~zY6P1(LWo`;yDynY_5_L?N-P`>ALfmyl z8C$a~FDkcwtzK9m$tof>(`Vu3#6r#+v8RGy#1D2)F;vnsiL&P-c^PO)^B-4VeJteLlT@25sPa z%W~q5>YMjj!mhN})p$47VA^v$Jo6_s{!y?}`+h+VM_SN`!11`|;C;B};B&Z<@%FOG z_YQVN+zFF|q5zKab&e4GH|B;sBbKimHt;K@tCH+S{7Ry~88`si7}S)1E{21nldiu5 z_4>;XTJa~Yd$m4A9{Qbd)KUAm7XNbZ4xHbg3a8-+1uf*$1PegabbmCzgC~1WB2F(W zYj5XhVos!X!QHuZXCatkRsdEsSCc+D2?*S7a+(v%toqyxhjz|`zdrUvsxQS{J>?c& zvx*rHw^8b|v^7wq8KWVofj&VUitbm*a&RU_ln#ZFA^3AKEf<#T%8I!Lg3XEsdH(A5 zlgh&M_XEoal)i#0tcq8c%Gs6`xu;vvP2u)D9p!&XNt z!TdF_H~;`g@fNXkO-*t<9~;iEv?)Nee%hVe!aW`N%$cFJ(Dy9+Xk*odyFj72T!(b%Vo5zvCGZ%3tkt$@Wcx8BWEkefI1-~C_3y*LjlQ5%WEz9WD8i^ z2MV$BHD$gdPJV4IaV)G9CIFwiV=ca0cfXdTdK7oRf@lgyPx;_7*RRFk=?@EOb9Gcz zg~VZrzo*Snp&EE{$CWr)JZW)Gr;{B2ka6B!&?aknM-FENcl%45#y?oq9QY z3^1Y5yn&^D67Da4lI}ljDcphaEZw2;tlYuzq?uB4b9Mt6!KTW&ptxd^vF;NbX=00T z@nE1lIBGgjqs?ES#P{ZfRb6f!At51vk%<0X%d_~NL5b8UyfQMPDtfU@>ijA0NP3UU zh{lCf`Wu7cX!go`kUG`1K=7NN@SRGjUKuo<^;@GS!%iDXbJs`o6e`v3O8-+7vRkFm z)nEa$sD#-v)*Jb>&Me+YIW3PsR1)h=-Su)))>-`aRcFJG-8icomO4J@60 zw10l}BYxi{eL+Uu0xJYk-Vc~BcR49Qyyq!7)PR27D`cqGrik=?k1Of>gY7q@&d&Ds zt7&WixP`9~jjHO`Cog~RA4Q%uMg+$z^Gt&vn+d3&>Ux{_c zm|bc;k|GKbhZLr-%p_f%dq$eiZ;n^NxoS-Nu*^Nx5vm46)*)=-Bf<;X#?`YC4tLK; z?;u?shFbXeks+dJ?^o$l#tg*1NA?(1iFff@I&j^<74S!o;SWR^Xi);DM%8XiWpLi0 zQE2dL9^a36|L5qC5+&Pf0%>l&qQ&)OU4vjd)%I6{|H+pw<0(a``9w(gKD&+o$8hOC zNAiShtc}e~ob2`gyVZx59y<6Fpl*$J41VJ-H*e-yECWaDMmPQi-N8XI3 z%iI@ljc+d}_okL1CGWffeaejlxWFVDWu%e=>H)XeZ|4{HlbgC-Uvof4ISYQzZ0Um> z#Ov{k1c*VoN^f(gfiueuag)`TbjL$XVq$)aCUBL_M`5>0>6Ska^*Knk__pw{0I>jA zzh}Kzg{@PNi)fcAk7jMAdi-_RO%x#LQszDMS@_>iFoB+zJ0Q#CQJzFGa8;pHFdi`^ zxnTC`G$7Rctm3G8t8!SY`GwFi4gF|+dAk7rh^rA{NXzc%39+xSYM~($L(pJ(8Zjs* zYdN_R^%~LiGHm9|ElV4kVZGA*T$o@YY4qpJOxGHlUi*S*A(MrgQ{&xoZQo+#PuYRs zv3a$*qoe9gBqbN|y|eaH=w^LE{>kpL!;$wRahY(hhzRY;d33W)m*dfem@)>pR54Qy z ze;^F?mwdU?K+=fBabokSls^6_6At#1Sh7W*y?r6Ss*dmZP{n;VB^LDxM1QWh;@H0J z!4S*_5j_;+@-NpO1KfQd&;C7T`9ak;X8DTRz$hDNcjG}xAfg%gwZSb^zhE~O);NMO zn2$fl7Evn%=Lk!*xsM#(y$mjukN?A&mzEw3W5>_o+6oh62kq=4-`e3B^$rG=XG}Kd zK$blh(%!9;@d@3& zGFO60j1Vf54S}+XD?%*uk7wW$f`4U3F*p7@I4Jg7f`Il}2H<{j5h?$DDe%wG7jZQL zI{mj?t?Hu>$|2UrPr5&QyK2l3mas?zzOk0DV30HgOQ|~xLXDQ8M3o#;CNKO8RK+M; zsOi%)js-MU>9H4%Q)#K_me}8OQC1u;f4!LO%|5toa1|u5Q@#mYy8nE9IXmR}b#sZK z3sD395q}*TDJJA9Er7N`y=w*S&tA;mv-)Sx4(k$fJBxXva0_;$G6!9bGBw13c_Uws zXks4u(8JA@0O9g5f?#V~qR5*u5aIe2HQO^)RW9TTcJk28l`Syl>Q#ZveEE4Em+{?%iz6=V3b>rCm9F zPQQm@-(hfNdo2%n?B)u_&Qh7^^@U>0qMBngH8}H|v+Ejg*Dd(Y#|jgJ-A zQ_bQscil%eY}8oN7ZL+2r|qv+iJY?*l)&3W_55T3GU;?@Om*(M`u0DXAsQ7HSl56> z4P!*(%&wRCb?a4HH&n;lAmr4rS=kMZb74Akha2U~Ktni>>cD$6jpugjULq)D?ea%b zk;UW0pAI~TH59P+o}*c5Ei5L-9OE;OIBt>^(;xw`>cN2`({Rzg71qrNaE=cAH^$wP zNrK9Glp^3a%m+ilQj0SnGq`okjzmE7<3I{JLD6Jn^+oas=h*4>Wvy=KXqVBa;K&ri z4(SVmMXPG}0-UTwa2-MJ=MTfM3K)b~DzSVq8+v-a0&Dsv>4B65{dBhD;(d44CaHSM zb!0ne(*<^Q%|nuaL`Gb3D4AvyO8wyygm=1;9#u5x*k0$UOwx?QxR*6Od8>+ujfyo0 zJ}>2FgW_iv(dBK2OWC-Y=Tw!UwIeOAOUUC;h95&S1hn$G#if+d;*dWL#j#YWswrz_ zMlV=z+zjZJ%SlDhxf)vv@`%~$Afd)T+MS1>ZE7V$Rj#;J*<9Ld=PrK0?qrazRJWx) z(BTLF@Wk279nh|G%ZY7_lK7=&j;x`bMND=zgh_>>-o@6%8_#Bz!FnF*onB@_k|YCF z?vu!s6#h9bL3@tPn$1;#k5=7#s*L;FLK#=M89K^|$3LICYWIbd^qguQp02w5>8p-H z+@J&+pP_^iF4Xu>`D>DcCnl8BUwwOlq6`XkjHNpi@B?OOd`4{dL?kH%lt78(-L}eah8?36zw9d-dI6D{$s{f=M7)1 zRH1M*-82}DoFF^Mi$r}bTB5r6y9>8hjL54%KfyHxn$LkW=AZ(WkHWR;tIWWr@+;^^ zVomjAWT)$+rn%g`LHB6ZSO@M3KBA? z+W7ThSBgpk`jZHZUrp`F;*%6M5kLWy6AW#T{jFHTiKXP9ITrMlEdti7@&AT_a-BA!jc(Kt zWk>IdY-2Zbz?U1)tk#n_Lsl?W;0q`;z|t9*g-xE!(}#$fScX2VkjSiboKWE~afu5d z2B@9mvT=o2fB_>Mnie=TDJB+l`GMKCy%2+NcFsbpv<9jS@$X37K_-Y!cvF5NEY`#p z3sWEc<7$E*X*fp+MqsOyMXO=<2>o8)E(T?#4KVQgt=qa%5FfUG_LE`n)PihCz2=iNUt7im)s@;mOc9SR&{`4s9Q6)U31mn?}Y?$k3kU z#h??JEgH-HGt`~%)1ZBhT9~uRi8br&;a5Y3K_Bl1G)-y(ytx?ok9S*Tz#5Vb=P~xH z^5*t_R2It95=!XDE6X{MjLYn4Eszj9Y91T2SFz@eYlx9Z9*hWaS$^5r7=W5|>sY8}mS(>e9Ez2qI1~wtlA$yv2e-Hjn&K*P z2zWSrC~_8Wrxxf#%QAL&f8iH2%R)E~IrQLgWFg8>`Vnyo?E=uiALoRP&qT{V2{$79 z%9R?*kW-7b#|}*~P#cA@q=V|+RC9=I;aK7Pju$K-n`EoGV^-8Mk=-?@$?O37evGKn z3NEgpo_4{s>=FB}sqx21d3*=gKq-Zk)U+bM%Q_}0`XGkYh*+jRaP+aDnRv#Zz*n$pGp zEU9omuYVXH{AEx>=kk}h2iKt!yqX=EHN)LF}z1j zJx((`CesN1HxTFZ7yrvA2jTPmKYVij>45{ZH2YtsHuGzIRotIFj?(8T@ZWUv{_%AI zgMZlB03C&FtgJqv9%(acqt9N)`4jy4PtYgnhqev!r$GTIOvLF5aZ{tW5MN@9BDGu* zBJzwW3sEJ~Oy8is`l6Ly3an7RPtRr^1Iu(D!B!0O241Xua>Jee;Rc7tWvj!%#yX#m z&pU*?=rTVD7pF6va1D@u@b#V@bShFr3 zMyMbNCZwT)E-%L-{%$3?n}>EN>ai7b$zR_>=l59mW;tfKj^oG)>_TGCJ#HbLBsNy$ zqAqPagZ3uQ(Gsv_-VrZmG&hHaOD#RB#6J8&sL=^iMFB=gH5AIJ+w@sTf7xa&Cnl}@ zxrtzoNq>t?=(+8bS)s2p3>jW}tye0z2aY_Dh@(18-vdfvn;D?sv<>UgL{Ti08$1Q+ zZI3q}yMA^LK=d?YVg({|v?d1|R?5 zL0S3fw)BZazRNNX|7P4rh7!+3tCG~O8l+m?H} z(CB>8(9LtKYIu3ohJ-9ecgk+L&!FX~Wuim&;v$>M4 zUfvn<=Eok(63Ubc>mZrd8d7(>8bG>J?PtOHih_xRYFu1Hg{t;%+hXu2#x%a%qzcab zv$X!ccoj)exoOnaco_jbGw7KryOtuf(SaR-VJ0nAe(1*AA}#QV1lMhGtzD>RoUZ;WA?~!K{8%chYn?ttlz17UpDLlhTkGcVfHY6R<2r4E{mU zq-}D?+*2gAkQYAKrk*rB%4WFC-B!eZZLg4(tR#@kUQHIzEqV48$9=Q(~J_0 zy1%LSCbkoOhRO!J+Oh#;bGuXe;~(bIE*!J@i<%_IcB7wjhB5iF#jBn5+u~fEECN2* z!QFh!m<(>%49H12Y33+?$JxKV3xW{xSs=gxkxW-@Xds^|O1`AmorDKrE8N2-@ospk z=Au%h=f!`_X|G^A;XWL}-_L@D6A~*4Yf!5RTTm$!t8y&fp5_oqvBjW{FufS`!)5m% z2g(=9Ap6Y2y(9OYOWuUVGp-K=6kqQ)kM0P^TQT{X{V$*sN$wbFb-DaUuJF*!?EJPl zJev!UsOB^UHZ2KppYTELh+kqDw+5dPFv&&;;C~=u$Mt+Ywga!8YkL2~@g67}3wAQP zrx^RaXb1(c7vwU8a2se75X(cX^$M{FH4AHS7d2}heqqg4F0!1|Na>UtAdT%3JnS!B)&zelTEj$^b0>Oyfw=P-y-Wd^#dEFRUN*C{!`aJIHi<_YA2?piC%^ zj!p}+ZnBrM?ErAM+D97B*7L8U$K zo(IR-&LF(85p+fuct9~VTSdRjs`d-m|6G;&PoWvC&s8z`TotPSoksp;RsL4VL@CHf z_3|Tn%`ObgRhLmr60<;ya-5wbh&t z#ycN_)3P_KZN5CRyG%LRO4`Ot)3vY#dNX9!f!`_>1%4Q`81E*2BRg~A-VcN7pcX#j zrbl@7`V%n z6J53(m?KRzKb)v?iCuYWbH*l6M77dY4keS!%>}*8n!@ROE4!|7mQ+YS4dff1JJC(t z6Fnuf^=dajqHpH1=|pb(po9Fr8it^;2dEk|Ro=$fxqK$^Yix{G($0m-{RCFQJ~LqUnO7jJcjr zl*N*!6WU;wtF=dLCWzD6kW;y)LEo=4wSXQDIcq5WttgE#%@*m><@H;~Q&GniA-$in z`sjWFLgychS1kIJmPtd-w6%iKkj&dGhtB%0)pyy0M<4HZ@ZY0PWLAd7FCrj&i|NRh?>hZj*&FYnyu%Ur`JdiTu&+n z78d3n)Rl6q&NwVj_jcr#s5G^d?VtV8bkkYco5lV0LiT+t8}98LW>d)|v|V3++zLbHC(NC@X#Hx?21J0M*gP2V`Yd^DYvVIr{C zSc4V)hZKf|OMSm%FVqSRC!phWSyuUAu%0fredf#TDR$|hMZihJ__F!)Nkh6z)d=NC z3q4V*K3JTetxCPgB2_)rhOSWhuXzu+%&>}*ARxUaDeRy{$xK(AC0I=9%X7dmc6?lZNqe-iM(`?Xn3x2Ov>sej6YVQJ9Q42>?4lil?X zew-S>tm{=@QC-zLtg*nh5mQojYnvVzf3!4TpXPuobW_*xYJs;9AokrXcs!Ay z;HK>#;G$*TPN2M!WxdH>oDY6k4A6S>BM0Nimf#LfboKxJXVBC=RBuO&g-=+@O-#0m zh*aPG16zY^tzQLNAF7L(IpGPa+mDsCeAK3k=IL6^LcE8l0o&)k@?dz!79yxUquQIe($zm5DG z5RdXTv)AjHaOPv6z%99mPsa#8OD@9=URvHoJ1hYnV2bG*2XYBgB!-GEoP&8fLmWGg z9NG^xl5D&3L^io&3iYweV*qhc=m+r7C#Jppo$Ygg;jO2yaFU8+F*RmPL` zYxfGKla_--I}YUT353k}nF1zt2NO?+kofR8Efl$Bb^&llgq+HV_UYJUH7M5IoN0sT z4;wDA0gs55ZI|FmJ0}^Pc}{Ji-|#jdR$`!s)Di4^g3b_Qr<*Qu2rz}R6!B^;`Lj3sKWzjMYjexX)-;f5Y+HfkctE{PstO-BZan0zdXPQ=V8 zS8cBhnQyy4oN?J~oK0zl!#S|v6h-nx5to7WkdEk0HKBm;?kcNO*A+u=%f~l&aY*+J z>%^Dz`EQ6!+SEX$>?d(~|MNWU-}JTrk}&`IR|Ske(G^iMdk04)Cxd@}{1=P0U*%L5 zMFH_$R+HUGGv|ju2Z>5x(-aIbVJLcH1S+(E#MNe9g;VZX{5f%_|Kv7|UY-CM(>vf= z!4m?QS+AL+rUyfGJ;~uJGp4{WhOOc%2ybVP68@QTwI(8kDuYf?#^xv zBmOHCZU8O(x)=GVFn%tg@TVW1)qJJ_bU}4e7i>&V?r zh-03>d3DFj&@}6t1y3*yOzllYQ++BO-q!)zsk`D(z||)y&}o%sZ-tUF>0KsiYKFg6 zTONq)P+uL5Vm0w{D5Gms^>H1qa&Z##*X31=58*r%Z@Ko=IMXX{;aiMUp-!$As3{sq z0EEk02MOsgGm7$}E%H1ys2$yftNbB%1rdo@?6~0!a8Ym*1f;jIgfcYEF(I_^+;Xdr z2a>&oc^dF3pm(UNpazXgVzuF<2|zdPGjrNUKpdb$HOgNp*V56XqH`~$c~oSiqx;8_ zEz3fHoU*aJUbFJ&?W)sZB3qOSS;OIZ=n-*#q{?PCXi?Mq4aY@=XvlNQdA;yVC0Vy+ z{Zk6OO!lMYWd`T#bS8FV(`%flEA9El;~WjZKU1YmZpG#49`ku`oV{Bdtvzyz3{k&7 zlG>ik>eL1P93F zd&!aXluU_qV1~sBQf$F%sM4kTfGx5MxO0zJy<#5Z&qzNfull=k1_CZivd-WAuIQf> zBT3&WR|VD|=nKelnp3Q@A~^d_jN3@$x2$f@E~e<$dk$L@06Paw$);l*ewndzL~LuU zq`>vfKb*+=uw`}NsM}~oY}gW%XFwy&A>bi{7s>@(cu4NM;!%ieP$8r6&6jfoq756W z$Y<`J*d7nK4`6t`sZ;l%Oen|+pk|Ry2`p9lri5VD!Gq`U#Ms}pgX3ylAFr8(?1#&dxrtJgB>VqrlWZf61(r`&zMXsV~l{UGjI7R@*NiMJLUoK*kY&gY9kC@^}Fj* zd^l6_t}%Ku<0PY71%zQL`@}L}48M!@=r)Q^Ie5AWhv%#l+Rhu6fRpvv$28TH;N7Cl z%I^4ffBqx@Pxpq|rTJV)$CnxUPOIn`u278s9#ukn>PL25VMv2mff)-RXV&r`Dwid7}TEZxXX1q(h{R6v6X z&x{S_tW%f)BHc!jHNbnrDRjGB@cam{i#zZK*_*xlW@-R3VDmp)<$}S%t*@VmYX;1h zFWmpXt@1xJlc15Yjs2&e%)d`fimRfi?+fS^BoTcrsew%e@T^}wyVv6NGDyMGHSKIQ zC>qFr4GY?#S#pq!%IM_AOf`#}tPoMn7JP8dHXm(v3UTq!aOfEXNRtEJ^4ED@jx%le zvUoUs-d|2(zBsrN0wE(Pj^g5wx{1YPg9FL1)V1JupsVaXNzq4fX+R!oVX+q3tG?L= z>=s38J_!$eSzy0m?om6Wv|ZCbYVHDH*J1_Ndajoh&?L7h&(CVii&rmLu+FcI;1qd_ zHDb3Vk=(`WV?Uq;<0NccEh0s`mBXcEtmwt6oN99RQt7MNER3`{snV$qBTp={Hn!zz z1gkYi#^;P8s!tQl(Y>|lvz{5$uiXsitTD^1YgCp+1%IMIRLiSP`sJru0oY-p!FPbI)!6{XM%)(_Dolh1;$HlghB-&e><;zU&pc=ujpa-(+S&Jj zX1n4T#DJDuG7NP;F5TkoG#qjjZ8NdXxF0l58RK?XO7?faM5*Z17stidTP|a%_N z^e$D?@~q#Pf+708cLSWCK|toT1YSHfXVIs9Dnh5R(}(I;7KhKB7RD>f%;H2X?Z9eR z{lUMuO~ffT!^ew= z7u13>STI4tZpCQ?yb9;tSM-(EGb?iW$a1eBy4-PVejgMXFIV_Ha^XB|F}zK_gzdhM z!)($XfrFHPf&uyFQf$EpcAfk83}91Y`JFJOiQ;v5ca?)a!IxOi36tGkPk4S6EW~eq z>WiK`Vu3D1DaZ}515nl6>;3#xo{GQp1(=uTXl1~ z4gdWxr-8a$L*_G^UVd&bqW_nzMM&SlNW$8|$lAfo@zb+P>2q?=+T^qNwblP*RsN?N zdZE%^Zs;yAwero1qaoqMp~|KL=&npffh981>2om!fseU(CtJ=bW7c6l{U5(07*e0~ zJRbid6?&psp)ilmYYR3ZIg;t;6?*>hoZ3uq7dvyyq-yq$zH$yyImjfhpQb@WKENSP zl;KPCE+KXzU5!)mu12~;2trrLfs&nlEVOndh9&!SAOdeYd}ugwpE-9OF|yQs(w@C9 zoXVX`LP~V>%$<(%~tE*bsq(EFm zU5z{H@Fs^>nm%m%wZs*hRl=KD%4W3|(@j!nJr{Mmkl`e_uR9fZ-E{JY7#s6i()WXB0g-b`R{2r@K{2h3T+a>82>722+$RM*?W5;Bmo6$X3+Ieg9&^TU(*F$Q3 zT572!;vJeBr-)x?cP;^w1zoAM`nWYVz^<6N>SkgG3s4MrNtzQO|A?odKurb6DGZffo>DP_)S0$#gGQ_vw@a9JDXs2}hV&c>$ zUT0;1@cY5kozKOcbN6)n5v)l#>nLFL_x?2NQgurQH(KH@gGe>F|$&@ zq@2A!EXcIsDdzf@cWqElI5~t z4cL9gg7{%~4@`ANXnVAi=JvSsj95-7V& zME3o-%9~2?cvlH#twW~99=-$C=+b5^Yv}Zh4;Mg-!LS zw>gqc=}CzS9>v5C?#re>JsRY!w|Mtv#%O3%Ydn=S9cQarqkZwaM4z(gL~1&oJZ;t; zA5+g3O6itCsu93!G1J_J%Icku>b3O6qBW$1Ej_oUWc@MI)| zQ~eyS-EAAnVZp}CQnvG0N>Kc$h^1DRJkE7xZqJ0>p<>9*apXgBMI-v87E0+PeJ-K& z#(8>P_W^h_kBkI;&e_{~!M+TXt@z8Po*!L^8XBn{of)knd-xp{heZh~@EunB2W)gd zAVTw6ZZasTi>((qpBFh(r4)k zz&@Mc@ZcI-4d639AfcOgHOU+YtpZ)rC%Bc5gw5o~+E-i+bMm(A6!uE>=>1M;V!Wl4 z<#~muol$FsY_qQC{JDc8b=$l6Y_@_!$av^08`czSm!Xan{l$@GO-zPq1s>WF)G=wv zDD8j~Ht1pFj)*-b7h>W)@O&m&VyYci&}K|0_Z*w`L>1jnGfCf@6p}Ef*?wdficVe_ zmPRUZ(C+YJU+hIj@_#IiM7+$4kH#VS5tM!Ksz01siPc-WUe9Y3|pb4u2qnn zRavJiRpa zq?tr&YV?yKt<@-kAFl3s&Kq#jag$hN+Y%%kX_ytvpCsElgFoN3SsZLC>0f|m#&Jhu zp7c1dV$55$+k78FI2q!FT}r|}cIV;zp~#6X2&}22$t6cHx_95FL~T~1XW21VFuatb zpM@6w>c^SJ>Pq6{L&f9()uy)TAWf;6LyHH3BUiJ8A4}od)9sriz~e7}l7Vr0e%(=>KG1Jay zW0azuWC`(|B?<6;R)2}aU`r@mt_#W2VrO{LcX$Hg9f4H#XpOsAOX02x^w9+xnLVAt z^~hv2guE-DElBG+`+`>PwXn5kuP_ZiOO3QuwoEr)ky;o$n7hFoh}Aq0@Ar<8`H!n} zspCC^EB=6>$q*gf&M2wj@zzfBl(w_@0;h^*fC#PW9!-kT-dt*e7^)OIU{Uw%U4d#g zL&o>6`hKQUps|G4F_5AuFU4wI)(%9(av7-u40(IaI|%ir@~w9-rLs&efOR@oQy)}{ z&T#Qf`!|52W0d+>G!h~5A}7VJky`C3^fkJzt3|M&xW~x-8rSi-uz=qBsgODqbl(W#f{Ew#ui(K)(Hr&xqZs` zfrK^2)tF#|U=K|_U@|r=M_Hb;qj1GJG=O=d`~#AFAccecIaq3U`(Ds1*f*TIs=IGL zp_vlaRUtFNK8(k;JEu&|i_m39c(HblQkF8g#l|?hPaUzH2kAAF1>>Yykva0;U@&oRV8w?5yEK??A0SBgh?@Pd zJg{O~4xURt7!a;$rz9%IMHQeEZHR8KgFQixarg+MfmM_OeX#~#&?mx44qe!wt`~dd zqyt^~ML>V>2Do$huU<7}EF2wy9^kJJSm6HoAD*sRz%a|aJWz_n6?bz99h)jNMp}3k ztPVbos1$lC1nX_OK0~h>=F&v^IfgBF{#BIi&HTL}O7H-t4+wwa)kf3AE2-Dx@#mTA z!0f`>vz+d3AF$NH_-JqkuK1C+5>yns0G;r5ApsU|a-w9^j4c+FS{#+7- zH%skr+TJ~W_8CK_j$T1b;$ql_+;q6W|D^BNK*A+W5XQBbJy|)(IDA=L9d>t1`KX2b zOX(Ffv*m?e>! zS3lc>XC@IqPf1g-%^4XyGl*1v0NWnwZTW?z4Y6sncXkaA{?NYna3(n@(+n+#sYm}A zGQS;*Li$4R(Ff{obl3#6pUsA0fKuWurQo$mWXMNPV5K66V!XYOyc})^>889Hg3I<{V^Lj9($B4Zu$xRr=89-lDz9x`+I8q(vEAimx1K{sTbs|5x7S zZ+7o$;9&9>@3K;5-DVzGw=kp7ez%1*kxhGytdLS>Q)=xUWv3k_x(IsS8we39Tijvr z`GKk>gkZTHSht;5q%fh9z?vk%sWO}KR04G9^jleJ^@ovWrob7{1xy7V=;S~dDVt%S za$Q#Th%6g1(hiP>hDe}7lcuI94K-2~Q0R3A1nsb7Y*Z!DtQ(Ic<0;TDKvc6%1kBdJ z$hF!{uALB0pa?B^TC}#N5gZ|CKjy|BnT$7eaKj;f>Alqdb_FA3yjZ4CCvm)D&ibL) zZRi91HC!TIAUl<|`rK_6avGh`!)TKk=j|8*W|!vb9>HLv^E%t$`@r@piI(6V8pqDG zBON7~=cf1ZWF6jc{qkKm;oYBtUpIdau6s+<-o^5qNi-p%L%xAtn9OktFd{@EjVAT% z#?-MJ5}Q9QiK_jYYWs+;I4&!N^(mb!%4zx7qO6oCEDn=8oL6#*9XIJ&iJ30O`0vsFy|fEVkw}*jd&B6!IYi+~Y)qv6QlM&V9g0 zh)@^BVDB|P&#X{31>G*nAT}Mz-j~zd>L{v{9AxrxKFw8j;ccQ$NE0PZCc(7fEt1xd z`(oR2!gX6}R+Z77VkDz^{I)@%&HQT5q+1xlf*3R^U8q%;IT8-B53&}dNA7GW`Ki&= z$lrdH zDCu;j$GxW<&v_4Te7=AE2J0u1NM_7Hl9$u{z(8#%8vvrx2P#R7AwnY|?#LbWmROa; zOJzU_*^+n(+k;Jd{e~So9>OF>fPx$Hb$?~K1ul2xr>>o@**n^6IMu8+o3rDp(X$cC z`wQt9qIS>yjA$K~bg{M%kJ00A)U4L+#*@$8UlS#lN3YA{R{7{-zu#n1>0@(#^eb_% zY|q}2)jOEM8t~9p$X5fpT7BZQ1bND#^Uyaa{mNcFWL|MoYb@>y`d{VwmsF&haoJuS2W7azZU0{tu#Jj_-^QRc35tjW~ae&zhKk!wD}#xR1WHu z_7Fys#bp&R?VXy$WYa$~!dMxt2@*(>@xS}5f-@6eoT%rwH zv_6}M?+piNE;BqaKzm1kK@?fTy$4k5cqYdN8x-<(o6KelwvkTqC3VW5HEnr+WGQlF zs`lcYEm=HPpmM4;Ich7A3a5Mb3YyQs7(Tuz-k4O0*-YGvl+2&V(B&L1F8qfR0@vQM-rF<2h-l9T12eL}3LnNAVyY_z51xVr$%@VQ-lS~wf3mnHc zoM({3Z<3+PpTFCRn_Y6cbxu9v>_>eTN0>hHPl_NQQuaK^Mhrv zX{q#80ot;ptt3#js3>kD&uNs{G0mQp>jyc0GG?=9wb33hm z`y2jL=J)T1JD7eX3xa4h$bG}2ev=?7f>-JmCj6){Upo&$k{2WA=%f;KB;X5e;JF3IjQBa4e-Gp~xv- z|In&Rad7LjJVz*q*+splCj|{7=kvQLw0F@$vPuw4m^z=B^7=A4asK_`%lEf_oIJ-O z{L)zi4bd#&g0w{p1$#I&@bz3QXu%Y)j46HAJKWVfRRB*oXo4lIy7BcVl4hRs<%&iQ zr|)Z^LUJ>qn>{6y`JdabfNNFPX7#3`x|uw+z@h<`x{J4&NlDjnknMf(VW_nKWT!Jh zo1iWBqT6^BR-{T=4Ybe+?6zxP_;A5Uo{}Xel%*=|zRGm1)pR43K39SZ=%{MDCS2d$~}PE-xPw4ZK6)H;Zc&0D5p!vjCn0wCe&rVIhchR9ql!p2`g0b@JsC^J#n_r*4lZ~u0UHKwo(HaHUJDHf^gdJhTdTW z3i7Zp_`xyKC&AI^#~JMVZj^9WsW}UR#nc#o+ifY<4`M+?Y9NTBT~p`ONtAFf8(ltr*ER-Ig!yRs2xke#NN zkyFcaQKYv>L8mQdrL+#rjgVY>Z2_$bIUz(kaqL}cYENh-2S6BQK-a(VNDa_UewSW` zMgHi<3`f!eHsyL6*^e^W7#l?V|42CfAjsgyiJsA`yNfAMB*lAsJj^K3EcCzm1KT zDU2+A5~X%ax-JJ@&7>m`T;;}(-e%gcYQtj}?ic<*gkv)X2-QJI5I0tA2`*zZRX(;6 zJ0dYfMbQ+{9Rn3T@Iu4+imx3Y%bcf2{uT4j-msZ~eO)5Z_T7NC|Nr3)|NWjomhv=E zXaVin)MY)`1QtDyO7mUCjG{5+o1jD_anyKn73uflH*ASA8rm+S=gIfgJ);>Zx*hNG z!)8DDCNOrbR#9M7Ud_1kf6BP)x^p(|_VWCJ+(WGDbYmnMLWc?O4zz#eiP3{NfP1UV z(n3vc-axE&vko^f+4nkF=XK-mnHHQ7>w05$Q}iv(kJc4O3TEvuIDM<=U9@`~WdKN* zp4e4R1ncR_kghW}>aE$@OOc~*aH5OOwB5U*Z)%{LRlhtHuigxH8KuDwvq5{3Zg{Vr zrd@)KPwVKFP2{rXho(>MTZZfkr$*alm_lltPob4N4MmhEkv`J(9NZFzA>q0Ch;!Ut zi@jS_=0%HAlN+$-IZGPi_6$)ap>Z{XQGt&@ZaJ(es!Po5*3}>R4x66WZNsjE4BVgn z>}xm=V?F#tx#e+pimNPH?Md5hV7>0pAg$K!?mpt@pXg6UW9c?gvzlNe0 z3QtIWmw$0raJkjQcbv-7Ri&eX6Ks@@EZ&53N|g7HU<;V1pkc&$3D#8k!coJ=^{=vf z-pCP;vr2#A+i#6VA?!hs6A4P@mN62XYY$#W9;MwNia~89i`=1GoFESI+%Mbrmwg*0 zbBq4^bA^XT#1MAOum)L&ARDXJ6S#G>&*72f50M1r5JAnM1p7GFIv$Kf9eVR(u$KLt z9&hQ{t^i16zL1c(tRa~?qr?lbSN;1k;%;p*#gw_BwHJRjcYPTj6>y-rw*dFTnEs95 z`%-AoPL!P16{=#RI0 zUb6#`KR|v^?6uNnY`zglZ#Wd|{*rZ(x&Hk8N6ob6mpX~e^qu5kxvh$2TLJA$M=rx zc!#ot+sS+-!O<0KR6+Lx&~zgEhCsbFY{i_DQCihspM?e z-V}HemMAvFzXR#fV~a=Xf-;tJ1edd}Mry@^=9BxON;dYr8vDEK<<{ zW~rg(ZspxuC&aJo$GTM!9_sXu(EaQJNkV9AC(ob#uA=b4*!Uf}B*@TK=*dBvKKPAF z%14J$S)s-ws9~qKsf>DseEW(ssVQ9__YNg}r9GGx3AJiZR@w_QBlGP>yYh0lQCBtf zx+G;mP+cMAg&b^7J!`SiBwC81M_r0X9kAr2y$0(Lf1gZK#>i!cbww(hn$;fLIxRf? z!AtkSZc-h76KGSGz%48Oe`8ZBHkSXeVb!TJt_VC>$m<#}(Z}!(3h631ltKb3CDMw^fTRy%Ia!b&at`^g7Ew-%WLT9(#V0OP9CE?uj62s>`GI3NA z!`$U+i<`;IQyNBkou4|-7^9^ylac-Xu!M+V5p5l0Ve?J0wTSV+$gYtoc=+Ve*OJUJ z$+uIGALW?}+M!J9+M&#bT=Hz@{R2o>NtNGu1yS({pyteyb>*sg4N`KAD?`u3F#C1y z2K4FKOAPASGZTep54PqyCG(h3?kqQQAxDSW@>T2d!n;9C8NGS;3A8YMRcL>b=<<%M zMiWf$jY;`Ojq5S{kA!?28o)v$;)5bTL<4eM-_^h4)F#eeC2Dj*S`$jl^yn#NjJOYT zx%yC5Ww@eX*zsM)P(5#wRd=0+3~&3pdIH7CxF_2iZSw@>kCyd z%M}$1p((Bidw4XNtk&`BTkU{-PG)SXIZ)yQ!Iol6u8l*SQ1^%zC72FP zLvG>_Z0SReMvB%)1@+et0S{<3hV@^SY3V~5IY(KUtTR{*^xJ^2NN{sIMD9Mr9$~(C$GLNlSpzS=fsbw-DtHb_T|{s z9OR|sx!{?F``H!gVUltY7l~dx^a(2;OUV^)7 z%@hg`8+r&xIxmzZ;Q&v0X%9P)U0SE@r@(lKP%TO(>6I_iF{?PX(bez6v8Gp!W_nd5 z<8)`1jcT)ImNZp-9rr4_1MQ|!?#8sJQx{`~7)QZ75I=DPAFD9Mt{zqFrcrXCU9MG8 zEuGcy;nZ?J#M3!3DWW?Zqv~dnN6ijlIjPfJx(#S0cs;Z=jDjKY|$w2s4*Xa1Iz953sN2Lt!Vmk|%ZwOOqj`sA--5Hiaq8!C%LV zvWZ=bxeRV(&%BffMJ_F~~*FdcjhRVNUXu)MS(S#67rDe%Ler=GS+WysC1I2=Bmbh3s6wdS}o$0 zz%H08#SPFY9JPdL6blGD$D-AaYi;X!#zqib`(XX*i<*eh+2UEPzU4}V4RlC3{<>-~ zadGA8lSm>b7Z!q;D_f9DT4i)Q_}ByElGl*Cy~zX%IzHp)@g-itZB6xM70psn z;AY8II99e6P2drgtTG5>`^|7qg`9MTp%T~|1N3tBqV}2zgow3TFAH{XPor0%=HrkXnKyxyozHlJ6 zd3}OWkl?H$l#yZqOzZbMI+lDLoH48;s10!m1!K87g;t}^+A3f3e&w{EYhVPR0Km*- zh5-ku$Z|Ss{2?4pGm(Rz!0OQb^_*N`)rW{z)^Cw_`a(_L9j=&HEJl(!4rQy1IS)>- zeTIr>hOii`gc(fgYF(cs$R8l@q{mJzpoB5`5r>|sG zBpsY}RkY(g5`bj~D>(;F8v*DyjX(#nVLSs>)XneWI&%Wo>a0u#4A?N<1SK4D}&V1oN)76 z%S>a2n3n>G`YY1>0Hvn&AMtMuI_?`5?4y3w2Hnq4Qa2YH5 zxKdfM;k467djL31Y$0kd9FCPbU=pHBp@zaIi`Xkd80;%&66zvSqsq6%aY)jZacfvw ztkWE{ZV6V2WL9e}Dvz|!d96KqVkJU@5ryp#rReeWu>mSrOJxY^tWC9wd0)$+lZc%{ zY=c4#%OSyQJvQUuy^u}s8DN8|8T%TajOuaY^)R-&8s@r9D`(Ic4NmEu)fg1f!u`xUb;9t#rM z>}cY=648@d5(9A;J)d{a^*ORdVtJrZ77!g~^lZ9@)|-ojvW#>)Jhe8$7W3mhmQh@S zU=CSO+1gSsQ+Tv=x-BD}*py_Ox@;%#hPb&tqXqyUW9jV+fonnuCyVw=?HR>dAB~Fg z^vl*~y*4|)WUW*9RC%~O1gHW~*tJb^a-j;ae2LRNo|0S2`RX>MYqGKB^_ng7YRc@! zFxg1X!VsvXkNuv^3mI`F2=x6$(pZdw=jfYt1ja3FY7a41T07FPdCqFhU6%o|Yb6Z4 zpBGa=(ao3vvhUv#*S{li|EyujXQPUV;0sa5!0Ut)>tPWyC9e0_9(=v*z`TV5OUCcx zT=w=^8#5u~7<}8Mepqln4lDv*-~g^VoV{(+*4w(q{At6d^E-Usa2`JXty++Oh~on^ z;;WHkJsk2jvh#N|?(2PLl+g!M0#z_A;(#Uy=TzL&{Ei5G9#V{JbhKV$Qmkm%5tn!CMA? z@hM=b@2DZWTQ6>&F6WCq6;~~WALiS#@{|I+ucCmD6|tBf&e;$_)%JL8$oIQ%!|Xih1v4A$=7xNO zZVz$G8;G5)rxyD+M0$20L$4yukA_D+)xmK3DMTH3Q+$N&L%qB)XwYx&s1gkh=%qGCCPwnwhbT4p%*3R)I}S#w7HK3W^E%4w z2+7ctHPx3Q97MFYB48HfD!xKKb(U^K_4)Bz(5dvwyl*R?)k;uHEYVi|{^rvh)w7}t z`tnH{v9nlVHj2ign|1an_wz0vO)*`3RaJc#;(W-Q6!P&>+@#fptCgtUSn4!@b7tW0&pE2Qj@7}f#ugu4*C)8_}AMRuz^WG zc)XDcOPQjRaGptRD^57B83B-2NKRo!j6TBAJntJPHNQG;^Oz}zt5F^kId~miK3J@l ztc-IKp6qL!?u~q?qfGP0I~$5gvq#-0;R(oLU@sYayr*QH95fnrYA*E|n%&FP@Cz`a zSdJ~(c@O^>qaO`m9IQ8sd8!L<+)GPJDrL7{4{ko2gWOZel^3!($Gjt|B&$4dtfTmBmC>V`R&&6$wpgvdmns zxcmfS%9_ZoN>F~azvLFtA(9Q5HYT#A(byGkESnt{$Tu<73$W~reB4&KF^JBsoqJ6b zS?$D7DoUgzLO-?P`V?5_ub$nf1p0mF?I)StvPomT{uYjy!w&z$t~j&en=F~hw|O(1 zlV9$arQmKTc$L)Kupwz_zA~deT+-0WX6NzFPh&d+ly*3$%#?Ca9Z9lOJsGVoQ&1HNg+)tJ_sw)%oo*DK)iU~n zvL``LqTe=r=7SwZ@LB)9|3QB5`0(B9r(iR}0nUwJss-v=dXnwMRQFYSRK1blS#^g(3@z{`=8_CGDm!LESTWig zzm1{?AG&7`uYJ;PoFO$o8RWuYsV26V{>D-iYTnvq7igWx9@w$EC*FV^vpvDl@i9yp zPIqiX@hEZF4VqzI3Y)CHhR`xKN8poL&~ak|wgbE4zR%Dm(a@?bw%(7(!^>CM!^4@J z6Z)KhoQP;WBq_Z_&<@i2t2&xq>N>b;Np2rX?yK|-!14iE2T}E|jC+=wYe~`y38g3J z8QGZquvqBaG!vw&VtdXWX5*i5*% zJP~7h{?&E|<#l{klGPaun`IgAJ4;RlbRqgJz5rmHF>MtJHbfqyyZi53?Lhj=(Ku#& z__ubmZIxzSq3F90Xur!1)Vqe6b@!ueHA!93H~jdHmaS5Q^CULso}^poy)0Op6!{^9 zWyCyyIrdBP4fkliZ%*g+J-A!6VFSRF6Liu6G^^=W>cn81>4&7(c7(6vCGSAJ zQZ|S3mb|^Wf=yJ(h~rq`iiW~|n#$+KcblIR<@|lDtm!&NBzSG-1;7#YaU+-@=xIm4 zE}edTYd~e&_%+`dIqqgFntL-FxL3!m4yTNt<(^Vt9c6F(`?9`u>$oNxoKB29<}9FE zgf)VK!*F}nW?}l95%RRk8N4^Rf8)Xf;drT4<|lUDLPj^NPMrBPL;MX&0oGCsS za3}vWcF(IPx&W6{s%zwX{UxHX2&xLGfT{d9bWP!g;Lg#etpuno$}tHoG<4Kd*=kpU z;4%y(<^yj(UlG%l-7E9z_Kh2KoQ19qT3CR@Ghr>BAgr3Vniz3LmpC4g=g|A3968yD2KD$P7v$ zx9Q8`2&qH3&y-iv0#0+jur@}k`6C%7fKbCr|tHX2&O%r?rBpg`YNy~2m+ z*L7dP$RANzVUsG_Lb>=__``6vA*xpUecuGsL+AW?BeSwyoQfDlXe8R1*R1M{0#M?M zF+m19`3<`gM{+GpgW^=UmuK*yMh3}x)7P738wL8r@(Na6%ULPgbPVTa6gh5Q(SR0f znr6kdRpe^(LVM;6Rt(Z@Lsz3EX*ry6(WZ?w>#ZRelx)N%sE+MN>5G|Z8{%@b&D+Ov zPU{shc9}%;G7l;qbonIb_1m^Qc8ez}gTC-k02G8Rl?7={9zBz8uRX2{XJQ{vZhs67avlRn| zgRtWl0Lhjet&!YC47GIm%1gdq%T24_^@!W3pCywc89X4I5pnBCZDn(%!$lOGvS*`0!AoMtqxNPFgaMR zwoW$p;8l6v%a)vaNsesED3f}$%(>zICnoE|5JwP&+0XI}JxPccd+D^gx`g`=GsUc0 z9Uad|C+_@_0%JmcObGnS@3+J^0P!tg+fUZ_w#4rk#TlJYPXJiO>SBxzs9(J;XV9d{ zmTQE1(K8EYaz9p^XLbdWudyIPJlGPo0U*)fAh-jnbfm@SYD_2+?|DJ-^P+ojG{2{6 z>HJtedEjO@j_tqZ4;Zq1t5*5cWm~W?HGP!@_f6m#btM@46cEMhhK{(yI&jG)fwL1W z^n_?o@G8a-jYt!}$H*;{0#z8lANlo!9b@!c5K8<(#lPlpE!z86Yq#>WT&2} z;;G1$pD%iNoj#Z=&kij5&V1KHIhN-h<;{HC5wD)PvkF>CzlQOEx_0;-TJ*!#&{Wzt zKcvq^SZIdop}y~iouNqtU7K7+?eIz-v_rfNM>t#i+dD$s_`M;sjGubTdP)WI*uL@xPOLHt#~T<@Yz>xt50ZoTw;a(a}lNiDN-J${gOdE zx?8LOA|tv{Mb}=TTR=LcqMqbCJkKj+@;4Mu)Cu0{`~ohix6E$g&tff)aHeUAQQ%M? zIN4uSUTzC1iMEWL*W-in1y)C`E+R8j?4_?X4&2Zv5?QdkNMz(k} zw##^Ikx`#_s>i&CO_mu@vJJ*|3ePRDl5pq$9V^>D;g0R%l>lw;ttyM6Sy`NBF{)Lr zSk)V>mZr96+aHY%vTLLt%vO-+juw6^SO_ zYGJaGeWX6W(TOQx=5oTGXOFqMMU*uZyt>MR-Y`vxW#^&)H zk0!F8f*@v6NO@Z*@Qo)+hlX40EWcj~j9dGrLaq%1;DE_%#lffXCcJ;!ZyyyZTz74Q zb2WSly6sX{`gQeToQsi1-()5EJ1nJ*kXGD`xpXr~?F#V^sxE3qSOwRSaC9x9oa~jJ zTG9`E|q zC5Qs1xh}jzb5UPYF`3N9YuMnI7xsZ41P;?@c|%w zl=OxLr6sMGR+`LStLvh)g?fA5p|xbUD;yFAMQg&!PEDYxVYDfA>oTY;CFt`cg?Li1 z0b})!9Rvw&j#*&+D2))kXLL z0+j=?7?#~_}N-qdEIP>DQaZh#F(#e0WNLzwUAj@r694VJ8?Dr5_io2X49XYsG^ zREt0$HiNI~6VV!ycvao+0v7uT$_ilKCvsC+VDNg7yG1X+eNe^3D^S==F3ByiW0T^F zH6EsH^}Uj^VPIE&m)xlmOScYR(w750>hclqH~~dM2+;%GDXT`u4zG!p((*`Hwx41M z4KB+`hfT(YA%W)Ve(n+Gu9kuXWKzxg{1ff^xNQw>w%L-)RySTk9kAS92(X0Shg^Q? zx1YXg_TLC^?h6!4mBqZ9pKhXByu|u~gF%`%`vdoaGBN3^j4l!4x?Bw4Jd)Z4^di}! zXlG1;hFvc>H?bmmu1E7Vx=%vahd!P1#ZGJOJYNbaek^$DHt`EOE|Hlij+hX>ocQFSLVu|wz`|KVl@Oa;m2k6b*mNK2Vo{~l9>Qa3@B7G7#k?)aLx;w6U ze8bBq%vF?5v>#TspEoaII!N}sRT~>bh-VWJ7Q*1qsz%|G)CFmnttbq$Ogb{~YK_=! z{{0vhlW@g!$>|}$&4E3@k`KPElW6x#tSX&dfle>o!irek$NAbDzdd2pVeNzk4&qgJ zXvNF0$R96~g0x+R1igR=Xu&X_Hc5;!Ze&C)eUTB$9wW&?$&o8Yxhm5s(S`;?{> z*F?9Gr0|!OiKA>Rq-ae=_okB6&yMR?!JDer{@iQgIn=cGxs-u^!8Q$+N&pfg2WM&Z zulHu=Uh~U>fS{=Nm0x>ACvG*4R`Dx^kJ65&Vvfj`rSCV$5>c04N26Rt2S?*kh3JKq z9(3}5T?*x*AP(X2Ukftym0XOvg~r6Ms$2x&R&#}Sz23aMGU&7sU-cFvE3Eq`NBJe84VoftWF#v7PDAp`@V zRFCS24_k~;@~R*L)eCx@Q9EYmM)Sn}HLbVMyxx%{XnMBDc-YZ<(DXDBYUt8$u5Zh} zBK~=M9cG$?_m_M61YG+#|9Vef7LfbH>(C21&aC)x$^Lg}fa#SF){RX|?-xZjSOrn# z2ZAwUF)$VB<&S;R3FhNSQOV~8w%A`V9dWyLiy zgt7G=Z4t|zU3!dh5|s(@XyS|waBr$>@=^Dspmem8)@L`Ns{xl%rGdX!R(BiC5C7Vo zXetb$oC_iXS}2x_Hy}T(hUUNbO47Q@+^4Q`h>(R-;OxCyW#eoOeC51jzxnM1yxBrp zz6}z`(=cngs6X05e79o_B7@3K|Qpe3n38Py_~ zpi?^rj!`pq!7PHGliC$`-8A^Ib?2qgJJCW+(&TfOnFGJ+@-<<~`7BR0f4oSINBq&R z2CM`0%WLg_Duw^1SPwj-{?BUl2Y=M4e+7yL1{C&&f&zjF06#xf>VdLozgNye(BNgSD`=fFbBy0HIosLl@JwCQl^s;eTnc( z3!r8G=K>zb`|bLLI0N|eFJk%s)B>oJ^M@AQzqR;HUjLsOqW<0v>1ksT_#24*U@R3HJu*A^#1o#P3%3_jq>icD@<`tqU6ICEgZrME(xX#?i^Z z%Id$_uyQGlFD-CcaiRtRdGn|K`Lq5L-rx7`vYYGH7I=eLfHRozPiUtSe~Tt;IN2^gCXmf2#D~g2@9bhzK}3nphhG%d?V7+Zq{I2?Gt*!NSn_r~dd$ zqkUOg{U=MI?Ehx@`(X%rQB?LP=CjJ*V!rec{#0W2WshH$X#9zep!K)tzZoge*LYd5 z@g?-j5_mtMp>_WW`p*UNUZTFN{_+#m*bJzt{hvAdkF{W40{#L3w6gzPztnsA_4?&0 z(+>pv!zB16rR-(nm(^c>Z(its{ny677vT8sF564^mlZvJ!h65}OW%Hn|2OXbOQM%b z{6C54Z2v;^hyMQ;UH+HwFD2!F!VlQ}6Z{L0_9g5~CH0@Mqz?ZC`^QkhOU#$Lx<4`B zyZsa9uPF!rZDo8ZVfzzR#raQ>5|)k~_Ef*wDqG^76o)j!C4 zykvT*o$!-MBko@?{b~*Zf2*YMlImrK`cEp|#D7f%Twm<|C|dWD \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`"/$link" + fi +done +SAVED="`pwd`" +cd "`dirname \"$PRG\"`/" >/dev/null +APP_HOME="`pwd -P`" +cd "$SAVED" >/dev/null + +APP_NAME="Gradle" +APP_BASE_NAME=`basename "$0"` + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m"' + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD="maximum" + +warn () { + echo "$*" +} + +die () { + echo + echo "$*" + echo + exit 1 +} + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "`uname`" in + CYGWIN* ) + cygwin=true + ;; + Darwin* ) + darwin=true + ;; + MINGW* ) + msys=true + ;; + NONSTOP* ) + nonstop=true + ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD="java" + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." +fi + +# Increase the maximum file descriptors if we can. +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then + MAX_FD_LIMIT=`ulimit -H -n` + if [ $? -eq 0 ] ; then + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then + MAX_FD="$MAX_FD_LIMIT" + fi + ulimit -n $MAX_FD + if [ $? -ne 0 ] ; then + warn "Could not set maximum file descriptor limit: $MAX_FD" + fi + else + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" + fi +fi + +# For Darwin, add options to specify how the application appears in the dock +if $darwin; then + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" +fi + +# For Cygwin, switch paths to Windows format before running java +if $cygwin ; then + APP_HOME=`cygpath --path --mixed "$APP_HOME"` + CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` + JAVACMD=`cygpath --unix "$JAVACMD"` + + # We build the pattern for arguments to be converted via cygpath + ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` + SEP="" + for dir in $ROOTDIRSRAW ; do + ROOTDIRS="$ROOTDIRS$SEP$dir" + SEP="|" + done + OURCYGPATTERN="(^($ROOTDIRS))" + # Add a user-defined pattern to the cygpath arguments + if [ "$GRADLE_CYGPATTERN" != "" ] ; then + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" + fi + # Now convert the arguments - kludge to limit ourselves to /bin/sh + i=0 + for arg in "$@" ; do + CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` + CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option + + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition + eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` + else + eval `echo args$i`="\"$arg\"" + fi + i=$((i+1)) + done + case $i in + (0) set -- ;; + (1) set -- "$args0" ;; + (2) set -- "$args0" "$args1" ;; + (3) set -- "$args0" "$args1" "$args2" ;; + (4) set -- "$args0" "$args1" "$args2" "$args3" ;; + (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + esac +fi + +# Escape application args +save () { + for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done + echo " " +} +APP_ARGS=$(save "$@") + +# Collect all arguments for the java command, following the shell quoting and substitution rules +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" + +# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong +if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then + cd "$(dirname "$0")" +fi + +exec "$JAVACMD" "$@" diff --git a/Ansible/test/tests/gradlew.bat b/Ansible/test/tests/gradlew.bat new file mode 100644 index 0000000..6d57edc --- /dev/null +++ b/Ansible/test/tests/gradlew.bat @@ -0,0 +1,84 @@ +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/Ansible/test/tests/settings.gradle b/Ansible/test/tests/settings.gradle new file mode 100644 index 0000000..d30fe0d --- /dev/null +++ b/Ansible/test/tests/settings.gradle @@ -0,0 +1,2 @@ +rootProject.name = 'fozzie_jfrog_tests' + diff --git a/Ansible/test/tests/src/test/groovy/steps/RepositorySteps.groovy b/Ansible/test/tests/src/test/groovy/steps/RepositorySteps.groovy new file mode 100644 index 0000000..3ae8b07 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/steps/RepositorySteps.groovy @@ -0,0 +1,139 @@ +package steps + + +import static io.restassured.RestAssured.given + +class RepositorySteps { + + def getHealthCheckResponse(artifactoryURL) { + return given() + .when() + .get("http://" + artifactoryURL + "/router/api/v1/system/health") + .then() + .extract().response() + } + + def ping() { + return given() + .when() + .get("/api/system/ping") + .then() + .extract().response() + } + + def createRepositories(File body, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/yaml") + .body(body) + .when() + .patch("/api/system/configuration") + .then() + .extract().response() + } + // https://www.jfrog.com/confluence/display/JFROG/Artifactory+REST+API#ArtifactoryRESTAPI-GetRepositories + def getRepos() { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/yaml") + .when() + .get("/api/repositories") + .then() + .extract().response() + + } + // https://www.jfrog.com/confluence/display/JFROG/Artifactory+REST+API#ArtifactoryRESTAPI-DeleteRepository + def deleteRepository(repoName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/yaml") + .when() + .delete("/api/repositories/" + repoName) + .then() + .extract().response() + + } + + def createDirectory(repoName, directoryName) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/yaml") + .when() + .put("/" + repoName + "/" + directoryName) + .then() + .extract().response() + + } + + def deployArtifact(repoName, directoryName, artifact, filename) { + return given() + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .body(artifact) + .when() + .put("/" + repoName + "/" + directoryName + "/" + filename) + .then() + .extract().response() + + } + + def deleteItem(repoName, directoryName, artifact, filename) { + return given() + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .body(artifact) + .when() + .delete("/" + repoName + "/" + directoryName + "/" + filename) + .then() + .extract().response() + + } + + def getInfo(repoName, directoryName, artifact, filename) { + return given() + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .body(artifact) + .when() + .get("/api/storage/" + repoName + "/" + directoryName + "/" + filename) + .then() + .extract().response() + + } + + def createSupportBundle(name, startDate, endDate) { + return given() + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .body("{ \n" + + " \"name\":\"${name}\",\n" + + " \"description\":\"desc\",\n" + + " \"parameters\":{ \n" + + " \"configuration\": \"true\",\n" + + " \"system\": \"true\", \n" + + " \"logs\":{ \n" + + " \"include\": \"true\", \n" + + " \"start_date\":\"${startDate}\",\n" + + " \"end_date\":\"${endDate}\"\n" + + " },\n" + + " \"thread_dump\":{ \n" + + " \"count\": 1,\n" + + " \"interval\": 0\n" + + " }\n" + + " }\n" + + "}") + .when() + .post("/api/system/support/bundle") + .then() + .extract().response() + + } + + +} \ No newline at end of file diff --git a/Ansible/test/tests/src/test/groovy/steps/SecuritytSteps.groovy b/Ansible/test/tests/src/test/groovy/steps/SecuritytSteps.groovy new file mode 100644 index 0000000..4450b39 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/steps/SecuritytSteps.groovy @@ -0,0 +1,196 @@ +package steps + +import org.testng.annotations.DataProvider + +import static io.restassured.RestAssured.given + + +class SecuritytSteps { + + def createUser(usernameRt, emailRt, passwordRt) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"email\" : \"${emailRt}\",\n" + + " \"password\": \"${passwordRt}\"\n" + + "}") + .when() + .put("/api/security/users/${usernameRt}") + .then() + .extract().response() + } + + def getUserDetails(usernameRt) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/api/security/users/${usernameRt}") + .then() + .extract().response() + } + + def deleteUser(usernameRt) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .delete("/api/security/users/${usernameRt}") + .then() + .extract().response() + } + + def generateAPIKey(usernameRt, passwordRt) { + return given() + .auth() + .preemptive() + .basic("${usernameRt}", "${passwordRt}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .post("/api/security/apiKey") + .then() + .extract().response() + } + + def getAPIKey(usernameRt, passwordRt) { + return given() + .auth() + .preemptive() + .basic("${usernameRt}", "${passwordRt}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/api/security/apiKey") + .then() + .extract().response() + } + + def regenerateAPIKey(usernameRt, passwordRt) { + return given() + .auth() + .preemptive() + .basic("${usernameRt}", "${passwordRt}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .put("/api/security/apiKey") + .then() + .extract().response() + } + + def createGroup(groupName) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\"name\": \"${groupName}\"}") + .when() + .put("/api/security/groups/${groupName}") + .then() + .extract().response() + } + + def getGroup(groupName) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\"name\": \"${groupName}\"}") + .when() + .get("/api/security/groups/${groupName}") + .then() + .extract().response() + } + + def deleteGroup(groupName) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .delete("/api/security/groups/${groupName}") + .then() + .extract().response() + } + + def createPermissions(permissionName, repository, user1, user2, + group1, group2, action1, action2, action3) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"name\": \"${permissionName}\",\n" + + " \"repo\": {\n" + + " \"repositories\": [ \"${repository}\" ],\n" + + " \"actions\": {\n" + + " \"users\" : {\n" + + " \"${user1}\": [ \"${action1}\",\"${action2}\",\"${action3}\" ], \n" + + " \"${user2}\" : [ \"${action1}\",\"${action2}\",\"${action3}\" ]\n" + + " },\n" + + " \"groups\" : {\n" + + " \"${group1}\" : [ \"${action1}\",\"${action2}\",\"${action3}\" ],\n" + + " \"${group2}\" : [ \"${action1}\",\"${action2}\" ]\n" + + " }\n" + + " }\n" + + " }\n" + + "}") + .when() + .put("/api/v2/security/permissions/testPermission") + .then() + .extract().response() + } + + def getPermissions( permissionName) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/api/v2/security/permissions/${permissionName}") + .then() + .extract().response() + } + + def deletePermissions(permissionName) { + return given() + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .delete("/api/v2/security/permissions/${permissionName}") + .then() + .extract().response() + } + + + // Data providers + + @DataProvider(name="users") + public Object[][] users() { + return new Object[][]{ + ["testuser0", "email0@jfrog.com", "password123"], + ["testuser1", "email1@jfrog.com", "password123"], + ["testuser2", "email2@jfrog.com", "password123"], + ["testuser3", "email3@jfrog.com", "password123"], + ["testuser4", "email4@jfrog.com", "password123"], + ["testuser5", "email5@jfrog.com", "password123"], + ["testuser6", "email6@jfrog.com", "password123"], + ["testuser7", "email7@jfrog.com", "password123"], + ["testuser8", "email8@jfrog.com", "password123"], + ["testuser9", "email9@jfrog.com", "password123"] + } + } + + @DataProvider(name="groups") + public Object[][] groups() { + return new Object[][]{ + ["test-group-0"], + ["test-group-1"], + ["test-group-2"], + ["test-group-3"], + ["test-group-4"], + ["test-group-5"], + ["test-group-6"], + ["test-group-7"], + ["test-group-8"], + ["test-group-9"] + } + } +} diff --git a/Ansible/test/tests/src/test/groovy/steps/XraySteps.groovy b/Ansible/test/tests/src/test/groovy/steps/XraySteps.groovy new file mode 100644 index 0000000..552ba93 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/steps/XraySteps.groovy @@ -0,0 +1,585 @@ +package steps + +import org.testng.annotations.DataProvider + +import static io.restassured.RestAssured.given + +class XraySteps { + + def createIssueEvent(issueID, cve, summary, description, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"id\": \"${issueID}\",\n" + + " \"type\": \"Security\",\n" + + " \"provider\": \"JFrog\",\n" + + " \"package_type\": \"maven\",\n" + + " \"severity\": \"High\",\n" + + " \"components\": [\n" + + " {\n" + + " \"id\": \"aero:aero\",\n" + + " \"vulnerable_versions\": [\n" + + " \"[0.2.3]\"\n" + + " ]\n" + + " }\n" + + " ],\n" + + " \"cves\": [\n" + + " {\n" + + " \"cve\": \"${cve}\",\n" + + " \"cvss_v2\": \"2.4\"\n" + + " }\n" + + " ],\n" + + " \"summary\": \"${summary}\",\n" + + " \"description\": \"${description}\",\n" + + " \"sources\": [\n" + + " {\n" + + " \"source_id\": \"${cve}\"\n" + + " }\n" + + " ]\n" + + "}") + .when() + .post("/v1/events") + .then() + .extract().response() + } + + def updateIssueEvent(issueID, cve, summary, description, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"type\": \"Security\",\n" + + " \"provider\": \"JFrog\",\n" + + " \"package_type\": \"maven\",\n" + + " \"severity\": \"High\",\n" + + " \"components\": [\n" + + " {\n" + + " \"id\": \"aero:aero\",\n" + + " \"vulnerable_versions\": [\n" + + " \"[0.2.3]\"\n" + + " ]\n" + + " }\n" + + " ],\n" + + " \"cves\": [\n" + + " {\n" + + " \"cve\": \"${cve}\",\n" + + " \"cvss_v2\": \"2.4\"\n" + + " }\n" + + " ],\n" + + " \"summary\": \"${summary}\",\n" + + " \"description\": \"${description}\",\n" + + " \"sources\": [\n" + + " {\n" + + " \"source_id\": \"${cve}\"\n" + + " }\n" + + " ]\n" + + "}") + .when() + .put("/v1/events/${issueID}") + .then() + .extract().response() + } + + def createPolicy(policyName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"name\": \"${policyName}\",\n" + + " \"type\": \"security\",\n" + + " \"description\": \"some description\",\n" + + " \"rules\": [\n" + + " {\n" + + " \"name\": \"securityRule\",\n" + + " \"priority\": 1,\n" + + " \"criteria\": {\n" + + " \"min_severity\": \"High\"\n" + + " },\n" + + " \"actions\": {\n" + + " \"mails\": [\n" + + " \"mail1@example.com\",\n" + + " \"mail2@example.com\"\n" + + " ],\n" + + " \"fail_build\": true,\n" + + " \"block_download\": {\n" + + " \"unscanned\": true,\n" + + " \"active\": true\n" + + " }\n" + + " }\n" + + " }\n" + + " ]\n" + + "}") + .when() + .post("/v1/policies") + .then() + .extract().response() + } + + def updatePolicy(policyName, description, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"name\": \"${policyName}\",\n" + + " \"type\": \"security\",\n" + + " \"description\": \"${description}\",\n" + + " \"rules\": [\n" + + " {\n" + + " \"name\": \"securityRule\",\n" + + " \"priority\": 1,\n" + + " \"criteria\": {\n" + + " \"min_severity\": \"High\"\n" + + " },\n" + + " \"actions\": {\n" + + " \"mails\": [\n" + + " \"mail1@example.com\",\n" + + " \"mail2@example.com\"\n" + + " ],\n" + + " \"fail_build\": true,\n" + + " \"block_download\": {\n" + + " \"unscanned\": true,\n" + + " \"active\": true\n" + + " }\n" + + " }\n" + + " }\n" + + " ]\n" + + "}") + .when() + .put("/v1/policies/${policyName}") + .then() + .extract().response() + } + + def getPolicy(policyName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/v1/policies/${policyName}") + .then() + .extract().response() + } + + def getPolicies(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/v1/policies") + .then() + .extract().response() + } + + def deletePolicy(policyName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .delete("/v1/policies/${policyName}") + .then() + .extract().response() + } + + def getIssueEvent(issueID, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/v1/events/${issueID}") + .then() + .extract().response() + } + + def createWatchEvent(watchName, policyName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"general_data\": {\n" + + " \"name\": \"${watchName}\",\n" + + " \"description\": \"This is a new watch created using API V2\",\n" + + " \"active\": true\n" + + " },\n" + + " \"project_resources\": {\n" + + " \"resources\": [\n" + + " {\n" + + " \"type\": \"all-repos\",\n" + + " \"filters\": [\n" + + " {\n" + + " \"type\": \"package-type\",\n" + + " \"value\": \"Docker\"\n" + + " },\n" + + " {\n" + + " \"type\": \"package-type\",\n" + + " \"value\": \"Debian\"\n" + + " }\n" + + " ]\n" + + " }\n" + + " ]\n" + + " },\n" + + " \"assigned_policies\": [\n" + + " {\n" + + " \"name\": \"${policyName}\",\n" + + " \"type\": \"security\"\n" + + " }\n" + + " ]\n" + + "}") + .when() + .post("/v2/watches") + .then() + .extract().response() + } + + def updateWatchEvent(watchName, description, policyName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"general_data\": {\n" + + " \"name\": \"${watchName}\",\n" + + " \"description\": \"${description}\",\n" + + " \"active\": true\n" + + " },\n" + + " \"project_resources\": {\n" + + " \"resources\": [\n" + + " {\n" + + " \"type\": \"all-repos\",\n" + + " \"filters\": [\n" + + " {\n" + + " \"type\": \"package-type\",\n" + + " \"value\": \"Docker\"\n" + + " },\n" + + " {\n" + + " \"type\": \"package-type\",\n" + + " \"value\": \"Debian\"\n" + + " }\n" + + " ]\n" + + " }\n" + + " ]\n" + + " },\n" + + " \"assigned_policies\": [\n" + + " {\n" + + " \"name\": \"${policyName}\",\n" + + " \"type\": \"security\"\n" + + " }\n" + + " ]\n" + + "}") + .when() + .put("/v2/watches/${watchName}") + .then() + .extract().response() + } + + def getWatchEvent(watchName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/v2/watches/${watchName}") + .then() + .extract().response() + } + + def deleteWatchEvent(watchName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .delete("/v2/watches/${watchName}") + .then() + .extract().response() + } + + def assignPolicy(watchName, policyName, username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"watches\": [\n" + + " \"${watchName}\"\n" + + " ]\n" + + "}") + .when() + .post("/v1/policies/${policyName}/assign") + .then() + .extract().response() + } + + def getIntegrationConfiguration(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/v1/integration") + .then() + .extract().response() + } + + def addtIntegrationConfiguration(username, password, vendorName) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"vendor\": \"${vendorName}\",\n" + + " \"api_key\": \"12345\",\n" + + " \"enabled\": true,\n" + + " \"context\": \"project_id\",\n" + + " \"url\": \"https://saas.whitesourcesoftware.com/xray\",\n" + + " \"description\": \"WhiteSource provides a simple yet powerful open source security and licenses management solution. More details at http://www.whitesourcesoftware.com.\",\n" + + " \"test_url\": \"https://saas.whitesourcesoftware.com/xray/api/checkauth\"\n" + + "}") + .when() + .post("/v1/integration") + .then() + .extract().response() + } + + def postSystemParameters(username, password, body) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body(body) + .when() + .put("/v1/configuration/systemParameters") + .then() + .extract().response() + } + + def getSystemParameters(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/v1/configuration/systemParameters") + .then() + .extract().response() + } + + def getBinaryManager(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/v1/binMgr/default") + .then() + .extract().response() + } + + + def getIndexingConfiguration(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .when() + .get("/v1/binMgr/default/repos") + .then() + .extract().response() + } + + def updateIndexingConfiguration(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"indexed_repos\": [\n" + + " {\n" + + " \"name\": \"docker-local\",\n" + + " \"type\": \"local\",\n" + + " \"pkg_type\": \"Docker\"\n" + + " },\n" + + " {\n" + + " \"name\": \"generic-dev-local\",\n" + + " \"type\": \"local\",\n" + + " \"pkg_type\": \"Generic\"\n" + + " }\n" + + " ],\n" + + " \"non_indexed_repos\": []\n" + + "}") + .when() + .put("/v1/binMgr/default/repos") + .then() + .extract().response() + } + + + + def startScan(username, password, componentID) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .body("{\n" + + " \"componentID\": \"${componentID}\"\n" + + "}") + .when() + .post("/v1/scanArtifact") + .then() + .extract().response() + } + + + def artifactSummary(username, password, artifactPath) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("content-Type", "application/json") + .body("{\n" + + " \"checksums\": [\n" + + " \"\"\n" + + " ],\n" + + " \"paths\": [\n" + + " \"${artifactPath}\"\n" + + " ]\n" + + "}") + .when() + .post("/v1/summary/artifact") + .then() + .extract().response() + } + + def createSupportBundle(username, password, name, startDate, endDate) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .body("{ \n" + + " \"name\":\"${name}\",\n" + + " \"description\":\"desc\",\n" + + " \"parameters\":{ \n" + + " \"configuration\": true,\n" + + " \"system\": true, \n" + + " \"logs\":{ \n" + + " \"include\": true, \n" + + " \"start_date\":\"${startDate}\",\n" + + " \"end_date\":\"${endDate}\"\n" + + " },\n" + + " \"thread_dump\":{ \n" + + " \"count\": 1,\n" + + " \"interval\": 0\n" + + " }\n" + + " }\n" + + "}") + .when() + .post("/v1/system/support/bundle") + .then() + .extract().response() + + } + + def getSystemMonitoringStatus(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .when() + .get("/v1/monitor") + .then() + .extract().response() + } + + def xrayPingRequest(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .when() + .get("/v1/system/ping") + .then() + .extract().response() + } + + def xrayGetVersion(username, password) { + return given() + .auth() + .preemptive() + .basic("${username}", "${password}") + .header("Cache-Control", "no-cache") + .header("Content-Type", "application/json") + .when() + .get("/v1/system/version") + .then() + .extract().response() + } + + // Data providers + + @DataProvider(name = "issueEvents") + public Object[][] issueEvents() { + return new Object[][]{ + ["XRAY-", "CVE-2017-2000386", "A very important custom issue", "A very important custom issue"] + + } + } + +} \ No newline at end of file diff --git a/Ansible/test/tests/src/test/groovy/testng.xml b/Ansible/test/tests/src/test/groovy/testng.xml new file mode 100644 index 0000000..5342660 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/testng.xml @@ -0,0 +1,25 @@ + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Ansible/test/tests/src/test/groovy/tests/HealthCheckTest.groovy b/Ansible/test/tests/src/test/groovy/tests/HealthCheckTest.groovy new file mode 100644 index 0000000..4e7fcce --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/tests/HealthCheckTest.groovy @@ -0,0 +1,57 @@ +package tests + +import io.restassured.RestAssured +import io.restassured.path.json.JsonPath +import io.restassured.response.Response +import org.hamcrest.Matchers +import org.testng.Reporter +import org.testng.annotations.BeforeSuite +import org.testng.annotations.Test +import steps.RepositorySteps +import org.yaml.snakeyaml.Yaml +import utils.Shell + +class HealthCheckTest extends RepositorySteps{ + Yaml yaml = new Yaml() + def configFile = new File("./src/test/resources/testenv.yaml") + def config = yaml.load(configFile.text) + def artifactoryURL + + + @BeforeSuite(alwaysRun = true) + def setUp() { + artifactoryURL = config.artifactory.external_ip + RestAssured.baseURI = "http://${artifactoryURL}/artifactory" + } + + + @Test(priority=0, groups="common", testName = "Health check for all 4 services") + void healthCheckTest(){ + Response response = getHealthCheckResponse(artifactoryURL) + response.then().assertThat().statusCode(200). + body("router.state", Matchers.equalTo("HEALTHY")) + + int bodySize = response.body().jsonPath().getList("services").size() + for (int i = 0; i < bodySize; i++) { + JsonPath jsonPathEvaluator = response.jsonPath() + String serviceID = jsonPathEvaluator.getString("services[" + i + "].service_id") + String nodeID = jsonPathEvaluator.getString("services[" + i + "].node_id") + response.then(). + body("services[" + i + "].state", Matchers.equalTo("HEALTHY")) + + Reporter.log("- Health check. Service \"" + serviceID + "\" on node \"" + nodeID + "\" is healthy", true) + } + + } + + @Test(priority=1, groups=["ping","common"], testName = "Ping (In HA 200 only when licences were added)") + void pingTest() { + Response response = ping() + response.then().assertThat().statusCode(200). + body(Matchers.hasToString("OK")) + Reporter.log("- Ping test. Service is OK", true) + } + + + +} diff --git a/Ansible/test/tests/src/test/groovy/tests/RepositoryTest.groovy b/Ansible/test/tests/src/test/groovy/tests/RepositoryTest.groovy new file mode 100644 index 0000000..e6c6c3a --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/tests/RepositoryTest.groovy @@ -0,0 +1,302 @@ +package tests + +import io.restassured.RestAssured +import io.restassured.path.json.JsonPath +import io.restassured.response.Response +import org.hamcrest.Matchers +import org.testng.Reporter +import org.testng.annotations.BeforeTest +import org.testng.annotations.Test +import org.yaml.snakeyaml.Yaml +import steps.RepositorySteps + +import java.time.LocalDate + +import static org.hamcrest.Matchers.containsString +import static org.hamcrest.Matchers.containsStringIgnoringCase +import static org.hamcrest.Matchers.equalTo +import static org.hamcrest.Matchers.equalToIgnoringCase +import static org.hamcrest.Matchers.greaterThanOrEqualTo + + +class RepositoryTest extends RepositorySteps{ + Yaml yaml = new Yaml() + def configFile = new File("./src/test/resources/testenv.yaml") + def repoListHA = new File("./src/test/resources/repositories/CreateDefault.yaml") + def repoListJCR = new File("./src/test/resources/repositories/CreateJCR.yaml") + def artifact = new File("./src/test/resources/repositories/artifact.zip") + def config = yaml.load(configFile.text) + def artifactoryURL + def username + def password + + @BeforeTest(groups=["jcr", "pro"]) + def setUp() { + artifactoryURL = config.artifactory.external_ip + username = config.artifactory.rt_username + password = config.artifactory.rt_password + RestAssured.baseURI = "http://${artifactoryURL}/artifactory" + RestAssured.authentication = RestAssured.basic(username, password); + RestAssured.useRelaxedHTTPSValidation(); + } + + + @Test(priority=1, groups=["pro"], testName = "Delete sample repositories") + void deleteReposTest(){ + Response getRepoResponse = getRepos() + JsonPath jsonPathEvaluator = getRepoResponse.jsonPath() + List repoNames = jsonPathEvaluator.getList("key", String.class) + for (int i = 0; i < repoNames.size(); i ++){ + Response delete = deleteRepository(repoNames[i], username, password) + delete.then().statusCode(200) + } + + Reporter.log("- Delete sample HA repositories. All repositories were successfully deleted", true) + } + + @Test(priority=1, groups=["jcr",], testName = "Delete sample repositories JCR") + void deleteDefaultJCRReposTest(){ + Response getRepoResponse = getRepos() + JsonPath jsonPathEvaluator = getRepoResponse.jsonPath() + List repoNames = jsonPathEvaluator.getList("key", String.class) + for (int i = 0; i < repoNames.size(); i ++){ + Response delete = deleteRepository(repoNames[i], username, password) + delete.then().statusCode(400).body("errors[0].message", + containsStringIgnoringCase("This REST API is available only in Artifactory Pro")) + } + + Reporter.log("- Delete sample JCR repositories. " + + "Verified - this REST API is available only in Artifactory Pro", true) + } + + @Test(priority=2, groups=["pro"], testName = "Create a list of repositories for HA, specified in YAML file") + void createDefaultHAReposTest(){ + def body + def expectedMessage + body = repoListHA + expectedMessage = "383 changes to config merged successfully" + Response response = createRepositories(body, username, password) + response.then().assertThat().statusCode(200) + .body(Matchers.hasToString(expectedMessage)) + .log().body() + + Reporter.log("- Create repositories for HA distribution. Successfully created", true) + } + + @Test(priority=2, groups=["jcr"], testName = "Create a list of repositories for JCR, specified in YAML file") + void createDefaultJCRReposTest(){ + def body + def expectedMessage + body = repoListJCR + expectedMessage = "82 changes to config merged successfully" + Response response = createRepositories(body, username, password) + response.then().assertThat().statusCode(200) + .body(Matchers.hasToString(expectedMessage)) + .log().body() + + Reporter.log("- Create repositories for JCR. Successfully created", true) + } + + @Test(priority=3, groups=["pro"], testName = "Verify HA repositories were created successfully") + void checkDefaultHAReposTest(){ + Response response = getRepos() + def numberOfRepos = response.then().extract().path("size()") + def expectedReposNumber = 84 + println("Number of created repositories is ${numberOfRepos}") + response.then().assertThat().statusCode(200) + .body("size()", greaterThanOrEqualTo(expectedReposNumber)) + + Reporter.log("- Verify HA repos were created. ${numberOfRepos} repositories were created", true) + } + + @Test(priority=3, groups=["jcr"], testName = "Verify JCR repositories were created successfully") + void checkDefaultJCRReposTest(){ + Response response = getRepos() + def numberOfRepos = response.then().extract().path("size()") + def expectedReposNumber = 17 + response.then().assertThat().statusCode(200) + .body("size()", greaterThanOrEqualTo(expectedReposNumber)) + + Reporter.log("- Verify JCR repos were created. ${numberOfRepos} repositories were created", true) + } + + @Test(priority=4, groups=["jcr","pro"], testName = "Create a directory in generic repo") + void createDirectoryTest(){ + def repoName = "generic-dev-local" + def directoryName = "test-directory/" + Response response = createDirectory(repoName, directoryName) + response.then().assertThat().statusCode(201) + .body("repo", equalTo(repoName)) + .body("path", equalTo("/" + directoryName)) + .body("uri", equalTo("http://" + artifactoryURL + ":80/artifactory/" + repoName + "/" + directoryName)) + + Reporter.log("- Create folder. Folder successfully created", true) + } + + @Test(priority=5, groups=["jcr","pro"], testName = "Deploy file to generic repo") + void deployArtifactToGenericTest(){ + def repoName = "generic-dev-local" + def directoryName = "test-directory" + def filename = "artifact.zip" + Response response = deployArtifact(repoName, directoryName, artifact, filename) + response.then().assertThat().statusCode(201) + .body("repo", equalTo(repoName)) + .body("path", equalTo("/" + directoryName + "/" + filename)) + .body("downloadUri", equalTo("http://" + artifactoryURL + ":80/artifactory/" + repoName + "/" + + directoryName + "/" + filename)) + + Reporter.log("- Deploy artifact. Artifact successfully deployed", true) + } + + @Test(priority=6, groups=["jcr", "pro"], testName = "Get the artifact info") + void getArtifactinfoTest(){ + def repoName = "generic-dev-local" + def directoryName = "test-directory" + def filename = "artifact.zip" + Response response = getInfo(repoName, directoryName, artifact, filename) + response.then().assertThat().statusCode(200) + .body("repo", equalTo(repoName)) + .body("path", equalTo("/" + directoryName + "/" + filename)) + .body("downloadUri", equalTo("http://" + artifactoryURL + ":80/artifactory/" + repoName + "/" + + directoryName + "/" + filename)) + + Reporter.log("- Get the artifact info. Artifact info is successfully returned", true) + } + + @Test(priority=7, groups=["jcr", "pro"], testName = "Delete item") + void deleteJCRItemTest(){ + def repoName = "generic-dev-local" + def directoryName = "test-directory" + def filename = "artifact.zip" + Response response = deleteItem(repoName, directoryName, artifact, filename) + response.then().assertThat().statusCode(204) + + Response verification = getInfo(repoName, directoryName, artifact, filename) + verification.then().statusCode(404) + .body("errors[0].message", equalToIgnoringCase("Unable to find item")) + + Reporter.log("- Delete item. File has been deleted successfully", true) + } + + @Test(priority=8, groups=["pro"], testName = "Create support bundle") + void createSupportBundleHATest(){ + def name = "Support Bundle" + LocalDate startDate = LocalDate.now().minusDays(5) + LocalDate endDate = LocalDate.now() + Response response = createSupportBundle(name, startDate, endDate) + response.then().assertThat().statusCode(200) + .body("artifactory.bundle_url", containsString(artifactoryURL)) + + Reporter.log("- Create support bundle. Successfully created", true) + } + + @Test(priority=8, groups=["jcr"], testName = "Create support bundle") + void createSupportBundleJCATest(){ + def name = "Support Bundle" + LocalDate startDate = LocalDate.now().minusDays(5) + LocalDate endDate = LocalDate.now() + Response response = createSupportBundle(name, startDate, endDate) + response.then().assertThat().statusCode(400) + .body("errors[0].message", + containsStringIgnoringCase("This REST API is available only in Artifactory Pro")) + + Reporter.log("- Create support bundle, JCR. " + + "Call is not supported in JCR version, error message is correct", true) + } + + @Test(priority=9, groups=["pro"], testName = "Delete created repositories") + void deleteDefaultReposTest(){ + Response getRepoResponse = getRepos() + JsonPath jsonPathEvaluator = getRepoResponse.jsonPath() + List repoNames = jsonPathEvaluator.getList("key", String.class) + for (int i = 0; i < repoNames.size(); i ++){ + Response delete = deleteRepository(repoNames[i], username, password) + delete.then().statusCode(200) + } + + Reporter.log("- Delete HA repositories. All repositories were successfully deleted", true) + } + + @Test(priority=9, groups=["jcr",], testName = "Delete sample repositories JCR") + void deleteJCRReposTest(){ + Response getRepoResponse = getRepos() + JsonPath jsonPathEvaluator = getRepoResponse.jsonPath() + List repoNames = jsonPathEvaluator.getList("key", String.class) + for (int i = 0; i < repoNames.size(); i ++){ + Response delete = deleteRepository(repoNames[i], username, password) + delete.then().statusCode(400).body("errors[0].message", + containsStringIgnoringCase("This REST API is available only in Artifactory Pro")) + } + + Reporter.log("- Delete sample JCR repositories. All repositories were successfully deleted", true) + } + + @Test(priority=10, groups=["pro"], testName = "Verify repositories were deleted successfully") + void checkReposAreDeleted(){ + Response response = getRepos() + def numberOfRepos = response.then().extract().path("size()") + def expectedReposNumber = 0 + response.then().assertThat().statusCode(200) + .body("size()", equalTo(expectedReposNumber)) + + Reporter.log("- Verify repo were deleted. ${numberOfRepos} repositories remain", true) + } + + @Test(priority=11, groups=["pro"], testName = "Re-Create a list of repositories, for the next tests") + void reCreateDefaultHAReposTest(){ + def body + def expectedMessage + body = repoListHA + expectedMessage = "383 changes to config merged successfully" + Response response = createRepositories(body, username, password) + response.then().assertThat().statusCode(200) + .body(Matchers.hasToString(expectedMessage)) + .log().body() + + Reporter.log("- Re-create repositories for HA distribution. Successfully created", true) + } + + @Test(priority=12, groups=["jcr"], testName = "Re-Create a list of repositories, for the next tests") + void reCreateDefaultJCRReposTest(){ + def body + def expectedMessage + body = repoListJCR + expectedMessage = "82 changes to config merged successfully" + Response response = createRepositories(body, username, password) + response.then().assertThat().statusCode(200) + .body(Matchers.hasToString(expectedMessage)) + .log().body() + + Reporter.log("- Re-create repositories for JCR distribution. Successfully created", true) + } + + @Test(priority=13, groups=["jcr","pro"], testName = "Create a directory in generic repo") + void reCreateDirectoryTest(){ + def repoName = "generic-dev-local" + def directoryName = "test-directory/" + Response response = createDirectory(repoName, directoryName) + response.then().assertThat().statusCode(201) + .body("repo", equalTo(repoName)) + .body("path", equalTo("/" + directoryName)) + .body("uri", equalTo("http://" + artifactoryURL + ":80/artifactory/" + repoName + "/" + directoryName)) + + Reporter.log("- Create folder. Folder successfully created", true) + } + + @Test(priority=14, groups=["jcr","pro"], testName = "Deploy file to generic repo") + void reDeployArtifactToGenericTest(){ + def repoName = "generic-dev-local" + def directoryName = "test-directory" + def filename = "artifact.zip" + Response response = deployArtifact(repoName, directoryName, artifact, filename) + response.then().assertThat().statusCode(201) + .body("repo", equalTo(repoName)) + .body("path", equalTo("/" + directoryName + "/" + filename)) + .body("downloadUri", equalTo("http://" + artifactoryURL + ":80/artifactory/" + repoName + "/" + + directoryName + "/" + filename)) + + Reporter.log("- Deploy artifact. Artifact successfully deployed", true) + } + + +} diff --git a/Ansible/test/tests/src/test/groovy/tests/SecurityTest.groovy b/Ansible/test/tests/src/test/groovy/tests/SecurityTest.groovy new file mode 100644 index 0000000..a166cd0 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/tests/SecurityTest.groovy @@ -0,0 +1,153 @@ +package tests + +import io.restassured.RestAssured +import io.restassured.response.Response +import org.hamcrest.Matchers +import org.junit.Assert +import org.testng.Reporter +import org.testng.annotations.BeforeSuite +import org.testng.annotations.Test +import org.yaml.snakeyaml.Yaml +import steps.SecuritytSteps + + +class SecurityTest extends SecuritytSteps{ + + Yaml yaml = new Yaml() + def configFile = new File("./src/test/resources/testenv.yaml") + def config = yaml.load(configFile.text) + def artifactoryURL + def distribution + def username + def password + + @BeforeSuite(groups=["jcr","pro"]) + def setUp() { + artifactoryURL = config.artifactory.external_ip + distribution = config.artifactory.distribution + username = config.artifactory.rt_username + password = config.artifactory.rt_password + RestAssured.baseURI = "http://${artifactoryURL}/artifactory" + RestAssured.authentication = RestAssured.basic(username, password); + RestAssured.useRelaxedHTTPSValidation(); + } + + @Test(priority=1, groups=["pro"], dataProvider = "users", testName = "Create users") + void createUsersTest(usernameRt, emailRt, passwordRt){ + Response response = createUser(usernameRt, emailRt, passwordRt) + response.then().statusCode(201) + + Reporter.log("- Create users. User ${usernameRt} created successfully", true) + } + + @Test(priority=2, groups=["pro"], dataProvider = "users", testName = "Verify users were created successfully") + void verifyUsersTest(usernameRt, emailRt, passwordRt){ + Response response = getUserDetails(usernameRt) + response.then().statusCode(200). + body("name", Matchers.equalTo(usernameRt)). + body("email", Matchers.equalTo(emailRt)). + body("admin", Matchers.equalTo(false)). + body("groups[0]", Matchers.equalTo("readers")) + + Reporter.log("- Verify created users. User ${usernameRt} was successfully verified", true) + } + + @Test(priority=3, groups=["pro"], dataProvider = "users", testName = "Generate API keys") + void generateAPIKeysTest(usernameRt, emailRt, passwordRt) { + Response createKey = generateAPIKey(usernameRt, passwordRt) + def errorMessage = createKey.then().extract().path("error") + if (errorMessage == null) { + def key = createKey.then().extract().path("apiKey") + Response getKey = getAPIKey(usernameRt, passwordRt) + def keyVerification = getKey.then().extract().path("apiKey") + Assert.assertTrue(key == keyVerification) + Reporter.log("- Generate API keys. Key for ${usernameRt} created successfully", true) + } else if (errorMessage.toString().contains("Api key already exists for user:")){ + Reporter.log("- Generate API keys. Key for ${usernameRt} already exists, skipped", true) + } + } + + @Test(priority=4, groups=["pro"], dataProvider = "users", testName = "Re-generate API keys") + void regenerateAPIKeysTest(usernameRt, emailRt, passwordRt){ + Response regenerated = regenerateAPIKey(usernameRt, passwordRt) + regenerated.then().statusCode(200) + def key = regenerated.then().extract().path("apiKey") + Response getKey = getAPIKey(usernameRt, passwordRt) + getKey.then().statusCode(200) + def keyVerification = getKey.then().extract().path("apiKey") + Assert.assertTrue(key == keyVerification) + + Reporter.log("- Re-generate API keys. Key for ${usernameRt} re-generated successfully", true) + } + + @Test(priority=5, groups=["pro"], dataProvider = "groups", testName = "Create a group") + void createGroupTest(groupName){ + Response create = createGroup(groupName) + create.then().statusCode(201) + + Response get = getGroup(groupName) + get.then().statusCode(200) + def name = get.then().extract().path("name") + def adminPrivileges = get.then().extract().path("adminPrivileges") + Assert.assertTrue(name == groupName) + Assert.assertTrue(adminPrivileges == false) + + Reporter.log("- Create group. Group ${groupName} was successfully created", true) + } + + @Test(priority=6, groups=["pro"], testName = "Create and verify permissions") + void createPermissionsTest(){ + def permissionName = "testPermission" + def repository = "ANY" + def user1 = "testuser0" + def user2 = "testuser1" + def group1 = "test-group-0" + def group2 = "test-group-1" + def action1 = "read" + def action2 = "write" + def action3 = "manage" + Response create = createPermissions(permissionName, repository, user1, user2, + group1, group2, action1, action2, action3) + create.then().statusCode(200) + + Response get = getPermissions(permissionName) + get.then().statusCode(200) + Assert.assertTrue(permissionName == get.then().extract().path("name")) + Assert.assertTrue(repository == get.then().extract().path("repo.repositories[0]")) + Assert.assertTrue(action1 == get.then().extract().path("repo.actions.users.${user1}[0]")) + Assert.assertTrue(action2 == get.then().extract().path("repo.actions.users.${user1}[1]")) + Assert.assertTrue(action3 == get.then().extract().path("repo.actions.users.${user1}[2]")) + Assert.assertTrue(action1 == get.then().extract().path("repo.actions.users.${user2}[0]")) + Assert.assertTrue(action2 == get.then().extract().path("repo.actions.users.${user2}[1]")) + Assert.assertTrue(action3 == get.then().extract().path("repo.actions.users.${user2}[2]")) + Assert.assertTrue(action1 == get.then().extract().path("repo.actions.groups.${group1}[0]")) + Assert.assertTrue(action2 == get.then().extract().path("repo.actions.groups.${group2}[1]")) + Assert.assertTrue(action1 == get.then().extract().path("repo.actions.groups.${group2}[0]")) + Assert.assertTrue(action2 == get.then().extract().path("repo.actions.groups.${group2}[1]")) + + Reporter.log("- Create permissions. Permissions successfully created and verified", true) + } + + @Test(priority=7, groups=["pro"], testName = "Delete permissions") + void deletePermissionsTest(){ + def permissionName = "testPermission" + Response delete = deletePermissions(permissionName) + delete.then().statusCode(200) + Reporter.log("- Delete permissions. User ${permissionName} has been removed successfully", true) + } + + @Test(priority=8, groups=["pro"], dataProvider = "users", testName = "Delete non-default users") + void deleteUserTest(usernameRt, email, passwordRt){ + Response delete = deleteUser(usernameRt) + delete.then().statusCode(200).body(Matchers.containsString("${usernameRt}")) + Reporter.log("- Delete user. User ${usernameRt} has been removed successfully", true) + } + + @Test(priority=9, groups=["pro"], dataProvider = "groups", testName = "Delete non-default groups") + void deleteGroupTest(groupName){ + Response delete = deleteGroup(groupName) + delete.then().statusCode(200).body(Matchers.containsString("${groupName}")) + Reporter.log("- Delete group. Group ${groupName} has been removed successfully", true) + } + +} diff --git a/Ansible/test/tests/src/test/groovy/tests/XrayTest.groovy b/Ansible/test/tests/src/test/groovy/tests/XrayTest.groovy new file mode 100644 index 0000000..ef6e4c4 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/tests/XrayTest.groovy @@ -0,0 +1,332 @@ +package tests + +import io.restassured.RestAssured +import io.restassured.response.Response +import org.testng.Assert +import org.testng.Reporter +import org.testng.annotations.BeforeSuite +import org.testng.annotations.BeforeTest +import org.testng.annotations.Test +import org.yaml.snakeyaml.Yaml +import steps.XraySteps + +import java.time.LocalDate + +import static org.hamcrest.Matchers.containsStringIgnoringCase +import static org.hamcrest.Matchers.emptyArray +import static org.hamcrest.Matchers.equalTo +import static org.hamcrest.Matchers.hasItem +import static org.hamcrest.Matchers.is +import static org.hamcrest.Matchers.isA +import static org.hamcrest.Matchers.not +import static org.hamcrest.Matchers.notNullValue +import static org.hamcrest.Matchers.nullValue + + +class XrayTest extends XraySteps{ + + Yaml yaml = new Yaml() + def configFile = new File("./src/test/resources/testenv.yaml") + def config = yaml.load(configFile.text) + def artifactoryURL + def distribution + def username + def password + def randomIndex + def policyName + def watchName + + @BeforeSuite(groups=["xray"]) + def setUp() { + artifactoryURL = config.artifactory.external_ip + distribution = config.artifactory.distribution + username = config.artifactory.rt_username + password = config.artifactory.rt_password + RestAssured.authentication = RestAssured.basic(username, password) + RestAssured.useRelaxedHTTPSValidation() + Random random = new Random() + randomIndex = random.nextInt(10000000) + policyName = "security_policy_${randomIndex}" + watchName = "all-repositories_${randomIndex}" + } + @BeforeTest(groups=["xray"]) + def testSetUp() { + RestAssured.baseURI = "http://${artifactoryURL}/xray/api" + } + + @Test(priority=1, groups=["xray"], dataProvider = "issueEvents", testName = "Create Issue Event") + void createIssueEventTest(issueID, cve, summary, description){ + Response create = createIssueEvent(issueID+randomIndex, cve, summary, description, username, password) + create.then().statusCode(201) + Response get = getIssueEvent(issueID+randomIndex, username, password) + get.then().statusCode(200) + def issueIDverification = get.then().extract().path("id") + def cveVerification = get.then().extract().path("source_id") + def summaryVerification = get.then().extract().path("summary") + def descriptionVerification = get.then().extract().path("description") + Assert.assertTrue(issueID+randomIndex == issueIDverification) + Assert.assertTrue(cve == cveVerification) + Assert.assertTrue(summary == summaryVerification) + Assert.assertTrue(description == descriptionVerification) + + Reporter.log("- Create issue event. Issue event with ID ${issueID+randomIndex} created and verified successfully", true) + } + + @Test(priority=2, groups=["xray"], dataProvider = "issueEvents", testName = "Update Issue Event", + dependsOnMethods = "createIssueEventTest") + void updateIssueEventTest(issueID, cve, summary, description){ + cve = "CVE-2017-0000000" + summary = "Updated" + description = "Updated" + Response update = updateIssueEvent(issueID+randomIndex, cve, summary, description, username, password) + update.then().statusCode(200) + Response get = getIssueEvent(issueID+randomIndex, username, password) + get.then().statusCode(200) + def cveVerification = get.then().extract().path("source_id") + def summaryVerification = get.then().extract().path("summary") + def descriptionVerification = get.then().extract().path("description") + Assert.assertTrue(cve == cveVerification) + Assert.assertTrue(summary == summaryVerification) + Assert.assertTrue(description == descriptionVerification) + + Reporter.log("- Update issue event. Issue event with ID ${issueID+randomIndex} updated and verified successfully", true) + } + + @Test(priority=3, groups=["xray"], testName = "Create policy") + void createPolicyTest(){ + Response create = createPolicy(policyName, username, password) + create.then().statusCode(201) + + Response get = getPolicy(policyName, username, password) + get.then().statusCode(200) + def policyNameVerification = get.then().extract().path("name") + Assert.assertTrue(policyName == policyNameVerification) + + Reporter.log("- Create policy. Policy with name ${policyName} created and verified successfully", true) + } + + @Test(priority=4, groups=["xray"], testName = "Update policy", dependsOnMethods = "createPolicyTest") + void updatePolicyTest(){ + def description = "Updated description" + Response update = updatePolicy(policyName, description, username, password) + update.then().statusCode(200) + + Response get = getPolicy(policyName, username, password) + get.then().statusCode(200) + def descriptionVerification = get.then().extract().path("description") + Assert.assertTrue(description == descriptionVerification) + + Reporter.log("- Update policy. Policy with name ${policyName} updated and verified successfully", true) + } + + @Test(priority=4, groups=["xray"], testName = "Get policies") + void getPoliciesTest(){ + Response response = getPolicies(username, password) + response.then().statusCode(200) + .body("name", notNullValue()) + .body("type", notNullValue()) + .body("description", notNullValue()) + .body("author", notNullValue()) + .body("rules", notNullValue()) + .body("created", notNullValue()) + .body("modified", notNullValue()) + def policies = response.then().extract().path("name") + Reporter.log("- Get policies. Policies list is returned successfully. " + + "Policies returned: ${policies}", true) + } + + @Test(priority=5, groups=["xray"], testName = "Create watch for the repositories", dependsOnMethods = "createPolicyTest") + void createWatchTest(){ + Response create = createWatchEvent(watchName, policyName, username, password) + create.then().statusCode(201) + .body("info", + equalTo("Watch has been successfully created")) + + Response get = getWatchEvent(watchName, username, password) + get.then().statusCode(200) + .body("general_data.name", equalTo((watchName).toString())) + + Reporter.log("- Create watch. Watch with name ${watchName} has been created and verified successfully", true) + } + + @Test(priority=6, groups=["xray"], testName = "Update watch for the repositories", dependsOnMethods = "createWatchTest") + void updateWatchTest(){ + def description = "Updated watch" + Response create = updateWatchEvent(watchName, description, policyName, username, password) + create.then().statusCode(200) + .body("info", + equalTo("Watch was successfully updated")) + + Response get = getWatchEvent(watchName, username, password) + get.then().statusCode(200) + .body("general_data.description", equalTo(description)) + + Reporter.log("- Update watch. Watch with name ${watchName} has been updated and verified successfully", true) + } + + @Test(priority=7, groups=["xray"], testName = "Assign policy to watches") + void assignPolicyToWatchTest(){ + Response response = assignPolicy(watchName, policyName, username, password) + response.then().statusCode(200) + .body("result.${watchName}", + equalTo("Policy assigned successfully to Watch")) + + Reporter.log("- Assign policy to watch. Policy assigned successfully to Watch", true) + } + + @Test(priority=8, groups=["xray"], testName = "Delete watch") + void deleteWatchTest(){ + Response response = deleteWatchEvent(watchName, username, password) + response.then().statusCode(200) + .body("info", + equalTo("Watch was deleted successfully")) + + Reporter.log("- Delete watch. Watch ${watchName} has been successfully deleted", true) + } + + @Test(priority=9, groups=["xray"], testName = "Delete policy") + void deletePolicyTest(){ + + Response response = deletePolicy(policyName, username, password) + response.then().statusCode(200) + .body("info", + equalTo(("Policy ${policyName} was deleted successfully").toString())) + + Reporter.log("- Delete policy. Policy ${policyName} has been successfully deleted", true) + } + +/* @Test(priority=10, groups=["xray"], testName = "Start scan") + void startScanTest(){ + def artifactPath = "default/generic-dev-local/test-directory/artifact.zip" + Response getSha = artifactSummary(username, password, artifactPath) + def componentID = getSha.then().extract().path("artifacts[0].licenses[0].components[0]") + + Response scan = startScan(username, password, componentID) + scan.then().statusCode(200) + .body("info", + equalTo(("Scan of artifact is in progress").toString())) + + Reporter.log("- Start scan. Scan of ${componentID} has been started successfully", true) + }*/ + + @Test(priority=11, groups=["xray"], testName = "Create and get integration configuration") + void integrationConfigurationTest(){ + def vendorName = "vendor_${randomIndex}" + Response post = addtIntegrationConfiguration(username, password, vendorName) + post.then().statusCode(200) + + Response get = getIntegrationConfiguration(username, password) + int bodySize = get.body().jsonPath().getList(".").size() + get.then().statusCode(200) + .body("[" + (bodySize-1) + "].vendor", equalTo(vendorName.toString())) + + Reporter.log("- Integration configuration. " + + "Configuration for vendor ${vendorName} has been successfully added and verified", true) + } + + @Test(priority=12, groups=["xray"], testName = "Enable TLS for RabbitMQ") + void enableTLSRabbitMQTest(){ + File body = new File("./src/test/resources/enableRabbitMQ.json") + Response post = postSystemParameters(username, password, body) + post.then().statusCode(200) + + Response get = getSystemParameters(username, password) + get.then().statusCode(200).body("enableTlsConnectionToRabbitMQ", equalTo(true)) + + Reporter.log("- Enable TLS for RabbitMQ. TLS for RabbitMQ has been successfully enabled and verified", true) + } + + @Test(priority=13, groups=["xray"], testName = "Get binary manager") + void getBinaryManagerTest(){ + Response response = getBinaryManager(username, password) + response.then().statusCode(200) + .body("binMgrId", equalTo("default")) + .body("license_valid", equalTo(true)) + .body("binMgrId", equalTo("default")) + def version = response.then().extract().path("version") + + Reporter.log("- Get binary manager. Binary manager is verified, connected RT version: ${version}", true) + } + + @Test(priority=14, groups=["xray"], testName = "Get repo indexing configuration") + void getIndexingConfigurationTest(){ + Response response = getIndexingConfiguration(username, password) + response.then().statusCode(200) + .body("bin_mgr_id", equalTo("default")) + .body("indexed_repos.name", hasItem("generic-dev-local")) + + Reporter.log("- Get repo indexing configuration.", true) + } + + @Test(priority=15, groups=["xray"], testName = "Update repo indexing configuration") + void updateIndexingConfigurationTest(){ + Response response = updateIndexingConfiguration(username, password) + response.then().statusCode(200) + .body("info", equalTo("Repositories list has been successfully sent to Artifactory")) + + Reporter.log("- Update repo indexing configuration. Successfully updated", true) + } + + // Force reindex test, add in latest versions of X-ray + +/* @Test(priority=16, groups=["xray"], testName = "Get artifact summary") + void artifactSummaryTest(){ + def artifactPath = "default/generic-dev-local/test-directory/artifact.zip" + Response post = artifactSummary(username, password, artifactPath) + post.then().statusCode(200) + .body("artifacts[0].general.path", equalTo(artifactPath)) + + Reporter.log("- Get artifact summary. Artifact summary has been returned successfully", true) + }*/ + + @Test(priority=17, groups=["xray"], testName = "Create support bundle") + void createSupportBundleTest(){ + def name = "Support Bundle" + LocalDate startDate = LocalDate.now().minusDays(5) + LocalDate endDate = LocalDate.now() + Response response = createSupportBundle(username, password, name, startDate, endDate) + def bundle_url = response.then().extract().path("artifactory.bundle_url") + if ((bundle_url.toString()).contains(artifactoryURL)) { + Reporter.log("- Create support bundle. Successfully created using X-ray API", true) + } else if (((bundle_url.toString()).contains("localhost"))){ + Reporter.log("- Create support bundle. Created with a bug, localhost instead of the hostname", true) + } + } + + @Test(priority=18, groups=["xray"], testName = "Get system monitoring status") + void getSystemMonitoringTest(){ + Response response = getSystemMonitoringStatus(username, password) + response.then().statusCode(200) + + Reporter.log("- Get system monitoring status. Data returned successfully", true) + } + + @Test(priority=19, groups=["xray"], testName = "X-ray ping request") + void xrayPingRequestTest(){ + Response response = xrayPingRequest(username, password) + response.then().statusCode(200) + .body("status", equalTo("pong")) + + Reporter.log("- Get system monitoring status. Data returned successfully", true) + } + + @Test(priority=20, groups=["xray"], testName = "X-ray version") + void xrayGetVersionTest(){ + Response response = xrayGetVersion(username, password) + response.then().statusCode(200) + .body("xray_version", notNullValue()) + .body("xray_revision", notNullValue()) + def version = response.then().extract().path("xray_version") + def revision = response.then().extract().path("xray_revision") + + Reporter.log("- Get X-ray version. Version: ${version}, revision: ${revision}", true) + } + + + + +} + + + + diff --git a/Ansible/test/tests/src/test/groovy/utils/ConfigurationUtil.groovy b/Ansible/test/tests/src/test/groovy/utils/ConfigurationUtil.groovy new file mode 100644 index 0000000..208bf29 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/utils/ConfigurationUtil.groovy @@ -0,0 +1,19 @@ +package utils + +class ConfigurationUtil { + + static def getEnvironmentVariableValue(def name) { + def value = System.getProperty(name) + if (value == null) { + value = System.getenv(name) + if (value == null) { + throw new Exception("Environment variable $name not set!"); + } + } + return value + } + + + + +} diff --git a/Ansible/test/tests/src/test/groovy/utils/DSL.groovy b/Ansible/test/tests/src/test/groovy/utils/DSL.groovy new file mode 100644 index 0000000..6a14f48 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/utils/DSL.groovy @@ -0,0 +1,81 @@ +package utils + +import utils.ProcessOutputStream + +/** + * Created by eliom on 6/19/18. + */ +class DSL { + + /** + * Run shell command + */ + static def sh = { command, outputBuffer = null, folder = null, silent = false, customEnvVariables = null, errorBuffer = null -> + //def workdir = ConfigurationUtil.getEnvironmentVariableValue("KERMIT_WORKSPACE_DIR") + def workdir = "/Users/danielmi/projects/soldev/.kermit-workspace" + def commandFolder + if (folder != null) { + commandFolder = new File(folder, workdir) + } else { + commandFolder = workdir + } + + if (!silent) { + println "Running command at ${commandFolder}: $command" + } + def proc = null + try { + def env = System.getenv().collect { k, v -> "$k=$v" } + + if (customEnvVariables != null) { + env.addAll( customEnvVariables.collect { k, v -> "$k=$v" }) + } + + if (command instanceof List && command.size() > 0 && command[0] instanceof List) { + //Pipe Commands + command.each { + if (proc != null) { + proc = proc | it.execute(env, commandFolder) + } else { + proc = it.execute(env, commandFolder) + } + } + } else { + proc = command.execute(env, commandFolder) + } + } catch (IOException e) { + println "Failed to execute command: ${e.getMessage()}" + return -1 + } + def processOutput = new ProcessOutputStream(silent, outputBuffer == null) + def errorOutput = processOutput + if (errorBuffer != null) { + errorOutput = new ProcessOutputStream(silent, errorBuffer == null) + } + + proc.consumeProcessOutput(processOutput, errorOutput) + def exitStatus = proc.waitFor() + if (!silent) { + println "Exit: $exitStatus" + } + if (outputBuffer != null) { + outputBuffer.append(processOutput.toString()) + } + + processOutput.close() + + if (errorBuffer != null) { + errorBuffer.append(errorOutput.toString()) + errorOutput.close() + } + + return exitStatus + } + + + //... + + + + +} diff --git a/Ansible/test/tests/src/test/groovy/utils/EnvironmentConfig.groovy b/Ansible/test/tests/src/test/groovy/utils/EnvironmentConfig.groovy new file mode 100644 index 0000000..db7d017 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/utils/EnvironmentConfig.groovy @@ -0,0 +1,10 @@ +package utils + + + +class EnvironmentConfig { + + + + +} diff --git a/Ansible/test/tests/src/test/groovy/utils/ProcessOutputStream.groovy b/Ansible/test/tests/src/test/groovy/utils/ProcessOutputStream.groovy new file mode 100644 index 0000000..aff11c2 --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/utils/ProcessOutputStream.groovy @@ -0,0 +1,32 @@ +package utils + +public class ProcessOutputStream extends ByteArrayOutputStream{ + + private boolean silent = false; + private boolean discardOutput = false; + + public ProcessOutputStream(boolean silent, boolean discardOutput) { + this.silent = silent; + this.discardOutput = discardOutput; + } + + @Override + public synchronized void write(int b) { + if (!silent) { + System.out.write(b); + } + if (!discardOutput) { + super.write(b); + } + } + + @Override + public synchronized void write(byte[] b, int off, int len) { + if (!silent) { + System.out.write(b, off, len); + } + if (!discardOutput) { + super.write(b, off, len); + } + } +} \ No newline at end of file diff --git a/Ansible/test/tests/src/test/groovy/utils/Shell.groovy b/Ansible/test/tests/src/test/groovy/utils/Shell.groovy new file mode 100644 index 0000000..87d4aaf --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/utils/Shell.groovy @@ -0,0 +1,17 @@ +package utils + +class Shell { + + def executeProc(cmd) { + println(cmd) + def proc = cmd.execute() + + proc.in.eachLine {line -> + println line + } + + println proc.err.text + + proc.exitValue() + } +} diff --git a/Ansible/test/tests/src/test/groovy/utils/WorkSpaceManager.groovy b/Ansible/test/tests/src/test/groovy/utils/WorkSpaceManager.groovy new file mode 100644 index 0000000..f1262bb --- /dev/null +++ b/Ansible/test/tests/src/test/groovy/utils/WorkSpaceManager.groovy @@ -0,0 +1,32 @@ +package utils + +/** + * Created by eliom on 6/26/18. + */ +class WorkspaceManager { + + //TODO: Make it Thread safe + def static currentPath = [] + + def static pushPath(path) { + currentPath.push(path) + } + + def static popPath() { + currentPath.pop() + } + + def static getCurrentDir() { + def workspaceRoot = ConfigurationUtil.getWorkspaceDir() + if (currentPath.size() > 0) { + def currentDir = new File(currentPath.join('/'), workspaceRoot) + if (!currentDir.exists()) { + currentDir.mkdirs() + } + return currentDir + } else { + return workspaceRoot + } + } + +} diff --git a/Ansible/test/tests/src/test/resources/enableRabbitMQ.json b/Ansible/test/tests/src/test/resources/enableRabbitMQ.json new file mode 100644 index 0000000..c6e54d4 --- /dev/null +++ b/Ansible/test/tests/src/test/resources/enableRabbitMQ.json @@ -0,0 +1,11 @@ +{ + "sslInsecure": false, + "maxDiskDataUsage": 80, + "monitorSamplingInterval": 300, + "mailNoSsl": false, + "messageMaxTTL": 7, + "jobInterval": 86400, + "allowSendingAnalytics": true, + "httpsPort": 443, + "enableTlsConnectionToRabbitMQ": true +} \ No newline at end of file diff --git a/Ansible/test/tests/src/test/resources/integration.json b/Ansible/test/tests/src/test/resources/integration.json new file mode 100644 index 0000000..08ba303 --- /dev/null +++ b/Ansible/test/tests/src/test/resources/integration.json @@ -0,0 +1,9 @@ +{ + "vendor": "whitesource5", + "api_key": "12345", + "enabled": true, + "context": "project_id", + "url": "https://saas.whitesourcesoftware.com/xray", + "description": "WhiteSource provides a simple yet powerful open source security and licenses management solution. More details at http://www.whitesourcesoftware.com.", + "test_url": "https://saas.whitesourcesoftware.com/xray/api/checkauth" +} \ No newline at end of file diff --git a/Ansible/test/tests/src/test/resources/repositories/CreateDefault.yaml b/Ansible/test/tests/src/test/resources/repositories/CreateDefault.yaml new file mode 100644 index 0000000..ef1f5fd --- /dev/null +++ b/Ansible/test/tests/src/test/resources/repositories/CreateDefault.yaml @@ -0,0 +1,554 @@ +localRepositories: + libs-release-local: + type: maven + description: "production deployment" + repoLayout: maven-2-default + xray: + enabled: true + libs-snapshot-local: + type: maven + description: "snapshot deployment" + repoLayout: maven-2-default + xray: + enabled: true + maven-prod-local: + type: maven + description: "production release deployment" + repoLayout: maven-2-default + xray: + enabled: true + maven-dev-local: + type: maven + description: "development release deployment" + repoLayout: maven-2-default + xray: + enabled: true + maven-release-local: + type: maven + description: "development release deployment" + repoLayout: maven-2-default + xray: + enabled: true + maven-snapshot-local: + type: maven + description: "development release deployment" + repoLayout: maven-2-default + xray: + enabled: true + gradle-prod-local: + type: gradle + description: "production deployment" + repoLayout: gradle-default + xray: + enabled: true + gradle-dev-local: + type: gradle + description: "development deployment" + repoLayout: gradle-default + xray: + enabled: true + tomcat-local: + type: generic + description: "used by demo" + repoLayout: simple-default + xray: + enabled: true + generic-prod-local: + type: generic + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + generic-dev-local: + type: generic + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + ivy-prod-local: + type: ivy + description: "production deployment" + repoLayout: "ivy-default" + xray: + enabled: true + ivy-dev-local: + type: ivy + description: "development deployment" + repoLayout: ivy-default + xray: + enabled: true + helm-prod-local: + type: helm + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + helm-dev-local: + type: helm + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + sbt-prod-local: + type: sbt + description: "production deployment" + repoLayout: sbt-default + xray: + enabled: true + sbt-dev-local: + type: sbt + description: "development deployment" + repoLayout: sbt-default + xray: + enabled: true + nuget-prod-local: + type: nuget + description: "production deployment" + repoLayout: nuget-default + xray: + enabled: true + nuget-dev-local: + type: nuget + description: "development deployment" + repoLayout: nuget-default + xray: + enabled: true + gems-prod-local: + type: gems + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + gems-dev-local: + type: gems + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + npm-prod-local: + type: npm + description: "production deployment" + repoLayout: npm-default + xray: + enabled: true + npm-dev-local: + type: npm + description: "development deployment" + repoLayout: npm-default + xray: + enabled: true + bower-prod-local: + type: bower + description: "production deployment" + repoLayout: bower-default + xray: + enabled: true + bower-dev-local: + type: bower + description: "development deployment" + repoLayout: bower-default + xray: + enabled: true + debian-prod-local: + type: debian + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + debian-dev-local: + type: debian + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + php-prod-local: + type: composer + description: "production deployment" + repoLayout: composer-default + xray: + enabled: true + php-dev-local: + type: composer + description: "development deployment" + repoLayout: composer-default + xray: + enabled: true + pypi-prod-local: + type: pypi + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + pypi-dev-local: + type: pypi + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + docker-prod-local: + type: docker + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + docker-stage-local: + type: docker + description: "stage deployment" + repoLayout: simple-default + xray: + enabled: true + docker-dev-local: + type: docker + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + docker-local: + type: docker + description: "docker deployment" + repoLayout: simple-default + xray: + enabled: true + docker-push: + type: docker + description: "docker push repo for push replication testing" + repoLayout: simple-default + xray: + enabled: true + vagrant-prod-local: + type: vagrant + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + vagrant-dev-local: + type: vagrant + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + gitlfs-prod-local: + type: gitlfs + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + gitlfs-dev-local: + type: gitlfs + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + rpm-prod-local: + type: yum + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + rpm-dev-local: + type: yum + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + conan-prod-local: + type: conan + description: "production deployment" + repoLayout: conan-default + xray: + enabled: true + conan-dev-local: + type: conan + description: "development deployment" + repoLayout: conan-default + xray: + enabled: true + chef-prod-local: + type: chef + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + chef-dev-local: + type: chef + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + puppet-prod-local: + type: puppet + description: "production deployment" + repoLayout: puppet-default + xray: + enabled: true + puppet-dev-local: + type: puppet + description: "development deployment" + repoLayout: puppet-default + xray: + enabled: true + go-prod-local: + type: go + description: "production deployment" + repoLayout: go-default + xray: + enabled: true + go-staging-local: + type: go + description: "production deployment" + repoLayout: go-default + xray: + enabled: true +remoteRepositories: + docker-remote: + type: docker + url: https://registry-1.docker.io + repoLayout: simple-default + enableTokenAuthentication: true + xray: + enabled: true + helm-remote: + type: helm + url: https://storage.googleapis.com/kubernetes-charts + repoLayout: simple-default + xray: + enabled: true + jcenter: + type: maven + url: https://jcenter.bintray.com + repoLayout: maven-2-default + xray: + enabled: true + npm-remote: + type: npm + url: https://registry.npmjs.org + repoLayout: npm-default + xray: + enabled: true + nuget-remote: + type: nuget + url: https://www.nuget.org/ + repoLayout: nuget-default + xray: + enabled: true + bower-remote: + type: bower + url: https://github.com/ + repoLayout: bower-default + xray: + enabled: true + gems-remote: + type: gems + url: https://rubygems.org/ + repoLayout: simple-default + xray: + enabled: true + debian-remote: + type: debian + url: http://archive.ubuntu.com/ubuntu/ + repoLayout: simple-default + xray: + enabled: true + php-remote: + type: composer + url: https://github.com/ + repoLayout: composer-default + xray: + enabled: true + pypi-remote: + type: pypi + url: https://files.pythonhosted.org + repoLayout: simple-default + xray: + enabled: true + rpm-remote: + type: yum + url: http://mirror.centos.org/centos/ + repoLayout: simple-default + xray: + enabled: true + chef-remote: + type: chef + url: https://supermarket.chef.io + repoLayout: simple-default + xray: + enabled: true + puppet-remote: + type: puppet + url: https://forgeapi.puppetlabs.com/ + repoLayout: puppet-default + xray: + enabled: true +virtualRepositories: + maven-release-virtual: + type: maven + repositories: + - maven-prod-local + - jcenter + - maven-release-local + - libs-release-local + description: "maven release virtual repositories" + defaultDeploymentRepo: maven-release-local + maven-snapshot-virtual: + type: maven + repositories: + - maven-snapshot-local + - jcenter + - maven-dev-local + - libs-snapshot-local + description: "maven snapshot virtual repositories" + defaultDeploymentRepo: maven-snapshot-local + gradle-virtual: + type: gradle + repositories: + - gradle-dev-local + - jcenter + - gradle-prod-local + - libs-release-local + description: "gradle virtual repositories" + defaultDeploymentRepo: gradle-dev-local + docker-PLACEHOLDERFORBUILDSTEP: + type: docker + repositories: + - docker-local + - docker-remote + - docker-dev-local + - docker-prod-local + - docker-stage-local + - docker-push + description: "docker virtual" + defaultDeploymentRepo: docker-stage-local + docker-virtual: + type: docker + repositories: + - docker-local + - docker-remote + - docker-dev-local + - docker-prod-local + - docker-stage-local + - docker-push + description: "docker virtual" + defaultDeploymentRepo: docker-stage-local + libs-release: + type: maven + repositories: + - libs-release-local + - jcenter + description: "maven libraries virtual" + defaultDeploymentRepo: libs-release-local + libs-snapshot: + type: maven + repositories: + - libs-snapshot-local + - jcenter + description: "maven libraries virtual" + defaultDeploymentRepo: libs-snapshot-local + ivy-virtual: + type: ivy + repositories: + - ivy-prod-local + - ivy-dev-local + - jcenter + description: "ivy virtual" + defaultDeploymentRepo: ivy-dev-local + generic-virtual: + type: generic + repositories: + - generic-prod-local + - generic-dev-local + description: "generic virtual" + defaultDeploymentRepo: generic-dev-local + helm-virtual: + type: helm + repositories: + - helm-prod-local + - helm-dev-local + - helm-remote + description: "helm virtual" + defaultDeploymentRepo: helm-dev-local + nuget-virtual: + type: nuget + repositories: + - nuget-prod-local + - nuget-dev-local + - nuget-remote + description: "nuget virtual" + defaultDeploymentRepo: nuget-dev-local + npm-virtual: + type: npm + repositories: + - npm-dev-local + - npm-remote + - npm-prod-local + description: "npm virtual" + defaultDeploymentRepo: npm-dev-local + chef-virtual: + type: chef + repositories: + - chef-dev-local + - chef-remote + - chef-prod-local + description: "chef virtual" + defaultDeploymentRepo: chef-dev-local + puppet-virtual: + type: puppet + repositories: + - puppet-dev-local + - puppet-remote + - puppet-prod-local + description: "puppet virtual" + defaultDeploymentRepo: puppet-dev-local + rpm-virtual: + type: yum + repositories: + - rpm-dev-local + - rpm-remote + - rpm-prod-local + description: "rpm virtual" + defaultDeploymentRepo: rpm-dev-local + gitlfs-virtual: + type: gitlfs + repositories: + - gitlfs-dev-local + - gitlfs-prod-local + description: "gitlfs virtual" + defaultDeploymentRepo: gitlfs-dev-local + pypi-virtual: + type: pypi + repositories: + - pypi-dev-local + - pypi-prod-local + - pypi-remote + description: "pypi virtual" + defaultDeploymentRepo: pypi-dev-local + bower-virtual: + type: bower + repositories: + - bower-dev-local + - bower-prod-local + - bower-remote + description: "bower virtual" + defaultDeploymentRepo: bower-dev-local + gems-virtual: + type: gems + repositories: + - gems-dev-local + - gems-prod-local + - gems-remote + description: "gems virtual" + defaultDeploymentRepo: gems-dev-local + sbt-virtual: + type: sbt + repositories: + - sbt-dev-local + - sbt-prod-local + - jcenter + description: "sbt virtual" + defaultDeploymentRepo: sbt-dev-local + go-staging: + type: go + repositories: + - go-staging-local + - go-prod-local + description: "go virtual" + defaultDeploymentRepo: go-staging-local diff --git a/Ansible/test/tests/src/test/resources/repositories/CreateJCR.yaml b/Ansible/test/tests/src/test/resources/repositories/CreateJCR.yaml new file mode 100644 index 0000000..38a5feb --- /dev/null +++ b/Ansible/test/tests/src/test/resources/repositories/CreateJCR.yaml @@ -0,0 +1,119 @@ +localRepositories: + tomcat-local: + type: generic + description: "used by demo" + repoLayout: simple-default + xray: + enabled: true + generic-prod-local: + type: generic + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + generic-dev-local: + type: generic + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + helm-prod-local: + type: helm + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + helm-dev-local: + type: helm + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + docker-generator: + type: docker + description: "docker generator repo for generation testing" + repoLayout: simple-default + xray: + enabled: true + docker-prod-local: + type: docker + description: "production deployment" + repoLayout: simple-default + xray: + enabled: true + docker-stage-local: + type: docker + description: "stage deployment" + repoLayout: simple-default + xray: + enabled: true + docker-dev-local: + type: docker + description: "development deployment" + repoLayout: simple-default + xray: + enabled: true + docker-local: + type: docker + description: "docker deployment" + repoLayout: simple-default + xray: + enabled: true + docker-push: + type: docker + description: "docker push repo for push replication testing" + repoLayout: simple-default + xray: + enabled: true +virtualRepositories: + generic-virtual: + type: generic + repositories: + - generic-prod-local + - generic-dev-local + description: "generic virtual" + defaultDeploymentRepo: generic-dev-local + helm-virtual: + type: helm + repositories: + - helm-prod-local + - helm-dev-local + - helm-remote + description: "helm virtual" + defaultDeploymentRepo: helm-dev-local + docker-PLACEHOLDERFORBUILDSTEP: + type: docker + repositories: + - docker-local + - docker-remote + - docker-dev-local + - docker-prod-local + - docker-stage-local + - docker-push + description: "docker virtual" + defaultDeploymentRepo: docker-stage-local + docker-virtual: + type: docker + repositories: + - docker-local + - docker-remote + - docker-dev-local + - docker-prod-local + - docker-stage-local + - docker-push + description: "docker virtual" + defaultDeploymentRepo: docker-stage-local +remoteRepositories: + helm-remote: + type: helm + url: https://storage.googleapis.com/kubernetes-charts + repoLayout: simple-default + xray: + enabled: true + docker-remote: + type: docker + url: https://registry-1.docker.io + repoLayout: simple-default + enableTokenAuthentication: true + xray: + enabled: true \ No newline at end of file diff --git a/Ansible/test/tests/src/test/resources/repositories/artifact.zip b/Ansible/test/tests/src/test/resources/repositories/artifact.zip new file mode 100644 index 0000000000000000000000000000000000000000..0e86cb54fe2c3d52b3946278043f30b86a274eaa GIT binary patch literal 519 zcmWIWW@Zs#-~d9!MSTGbP@o8;IT;ifN>YnU^ePi`b3#LS8Q9m?Op62Itw3B_!Og(P z@|BT+0jQmU!COb`q>s0c-bwvcTOI`kc&yd%)IH^Wrt`ech9DqQ?;#UIfHymbnd!_w z%0T5H^8>Kjya6a90<<|k-q+FDKR7~PFCM!ic40aqIYBfzJs~OKgRf862mY{*fCi=s z63prX(u{?&0?j|9B|4b;6crr<)I5$eDTp})ALiYS5 zdg^$F@^P?f#zYwF^0|D^y|;#A5hKX;*BWA4Vu0=gxiP?-kx7IZ5pu{r1BDz6ENKL> puzLYZIHDViY$YgIU|>mO6_80zAO(1{vVlxt0>Yg@+JX_p0|0lTf`|YB literal 0 HcmV?d00001 diff --git a/Ansible/test/tests/src/test/resources/testenv.yaml b/Ansible/test/tests/src/test/resources/testenv.yaml new file mode 100644 index 0000000..55ff648 --- /dev/null +++ b/Ansible/test/tests/src/test/resources/testenv.yaml @@ -0,0 +1,6 @@ +artifactory: + url: urlval + external_ip: ipval + distribution: artifactory_ha + rt_username: admin + rt_password: passval \ No newline at end of file diff --git a/JFrog-Cloud-Installers.iml b/JFrog-Cloud-Installers.iml new file mode 100644 index 0000000..bbd4172 --- /dev/null +++ b/JFrog-Cloud-Installers.iml @@ -0,0 +1,11 @@ + + + + + + + + + + + \ No newline at end of file diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..f0524a4 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,10 @@ +[defaults] +# Installs collections into [current dir]/ansible_collections/namespace/collection_name +collections_paths = ~/.ansible/collections:/usr/share/ansible/collections:collection + +# Installs roles into [current dir]/roles/namespace.rolename +roles_path = Ansible/collection/jfrog/ansible/roles + +host_key_checking = false + +deprecation_warnings=False \ No newline at end of file From 1f321502be9a861b11a5da570f7daf1b19f8219a Mon Sep 17 00:00:00 2001 From: jefferyfry Date: Thu, 21 May 2020 19:23:09 -0700 Subject: [PATCH 10/10] Combined pipelines. Added force delete. Updates. Added region. --- Ansible/awsPipelines.yaml | 54 ------------------ Ansible/azurePipelines.yaml | 57 ------------------- Ansible/collection/README.md | 7 +++ Ansible/pipelines.yaml | 47 ++++++++++++++- Ansible/project/rt-xray-auto-keys/hosts.yml | 40 +++++++++++++ .../project/rt-xray-auto-keys/playbook.yml | 21 +++++++ .../rt-xray-auto-keys/runAutoKeysPlaybook.sh | 3 + Ansible/test/aws/playbook.yaml | 1 + Ansible/test/azure/playbook.yaml | 3 +- .../test/groovy/tests/RepositoryTest.groovy | 20 +++---- 10 files changed, 130 insertions(+), 123 deletions(-) delete mode 100644 Ansible/awsPipelines.yaml delete mode 100644 Ansible/azurePipelines.yaml create mode 100644 Ansible/project/rt-xray-auto-keys/hosts.yml create mode 100644 Ansible/project/rt-xray-auto-keys/playbook.yml create mode 100755 Ansible/project/rt-xray-auto-keys/runAutoKeysPlaybook.sh diff --git a/Ansible/awsPipelines.yaml b/Ansible/awsPipelines.yaml deleted file mode 100644 index 3141c08..0000000 --- a/Ansible/awsPipelines.yaml +++ /dev/null @@ -1,54 +0,0 @@ -resources: - - name: ansibleRepo - type: GitRepo - configuration: - gitProvider: jefferyfryGithub - path: jefferyfry/JFrog-Cloud-Installers -pipelines: - - name: ansible_aws_automation_pipeline - steps: - - name: execute_aws_ansible_playbook - type: Bash - configuration: - runtime: - type: image - image: - auto: - language: java - versions: - - "8" - integrations: - - name: ansibleAwsKeys - - name: ansibleEnvVars - - name: ansiblePrivateKey - inputResources: - - name: ansibleRepo - execution: - onStart: - - echo "Executing AWS Ansible playbook..." - onExecute: - - sudo apt-get update - - sudo apt-get install gnupg2 - - sudo apt-get install software-properties-common - - sudo apt-add-repository --yes --update ppa:ansible/ansible - - sudo apt -y --allow-unauthenticated install ansible - - sudo pip install packaging - - sudo pip install boto3 botocore - - cd ../dependencyState/resources/ansibleRepo - - echo 'Setting environment variables...' - - export artifactory_license1="$int_ansibleEnvVars_artifactory_license1" - - export artifactory_license2="$int_ansibleEnvVars_artifactory_license2" - - export artifactory_license3="$int_ansibleEnvVars_artifactory_license3" - - export master_key="$int_ansibleEnvVars_master_key" - - export join_key="$int_ansibleEnvVars_join_key" - - export ssh_public_key_name="$int_ansibleEnvVars_ssh_public_key_name" - - export cfn_template="$int_ansibleEnvVars_cfn_template" - - export stack_name="$int_ansibleEnvVars_stack_name" - - export AWS_ACCESS_KEY_ID="$int_ansibleEnvVars_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_KEY="$int_ansibleEnvVars_AWS_SECRET_KEY" - - printenv - - eval $(ssh-agent -s) - - ssh-add <(echo "$int_ansiblePrivateKey_key") - - ansible-playbook Ansible/test/aws/playbook.yaml - onComplete: - - echo "AWS Ansible playbook complete." \ No newline at end of file diff --git a/Ansible/azurePipelines.yaml b/Ansible/azurePipelines.yaml deleted file mode 100644 index f857fe6..0000000 --- a/Ansible/azurePipelines.yaml +++ /dev/null @@ -1,57 +0,0 @@ -resources: - - name: ansibleRepo - type: GitRepo - configuration: - gitProvider: jefferyfryGithub - path: jefferyfry/JFrog-Cloud-Installers -pipelines: - - name: ansible_azure_automation_pipeline - steps: - - name: execute_azure_ansible_playbook - type: Bash - configuration: - runtime: - type: image - image: - auto: - language: java - versions: - - "8" - integrations: - - name: ansibleAzureKeys - - name: ansibleEnvVars - - name: ansiblePrivateKey - inputResources: - - name: ansibleRepo - execution: - onStart: - - echo "Executing Azure Ansible playbook..." - onExecute: - - sudo apt-get update - - sudo apt-get install gnupg2 - - sudo apt-get install software-properties-common - - sudo apt-add-repository --yes --update ppa:ansible/ansible - - sudo apt -y --allow-unauthenticated install ansible - - sudo pip install packaging - - sudo pip install msrestazure - - sudo pip install ansible[azure] - - cd ../dependencyState/resources/ansibleRepo - - echo 'Setting environment variables...' - - export artifactory_license1="$int_ansibleEnvVars_artifactory_license1" - - export artifactory_license2="$int_ansibleEnvVars_artifactory_license2" - - export artifactory_license3="$int_ansibleEnvVars_artifactory_license3" - - export master_key="$int_ansibleEnvVars_master_key" - - export join_key="$int_ansibleEnvVars_join_key" - - export ssh_public_key="$int_ansibleEnvVars_ssh_public_key" - - export arm_template="$int_ansibleEnvVars_arm_template" - - export azure_resource_group="$int_ansibleEnvVars_azure_resource_group" - - export clientId="$int_ansibleAzureKeys_appId" - - export clientSecret="$int_ansibleAzureKeys_password" - - export tenantId="$int_ansibleAzureKeys_tenant" - - printenv - - eval $(ssh-agent -s) - - ssh-add <(echo "$int_ansiblePrivateKey_key") - - az login --service-principal -u "$clientId" -p "$clientSecret" --tenant "$tenantId" - - ansible-playbook Ansible/test/azure/playbook.yaml - onComplete: - - echo "Azure Ansible playbook complete." \ No newline at end of file diff --git a/Ansible/collection/README.md b/Ansible/collection/README.md index 2ab5fa1..edae0e5 100644 --- a/Ansible/collection/README.md +++ b/Ansible/collection/README.md @@ -66,6 +66,13 @@ eg. ansible-playbook -i example-playbooks/rt-xray-ha/hosts.yml example-playbooks/rt-xray-ha/playbook.yml ``` +## Autogenerating Master and Join Keys +You may want to auto-generate your master amd join keys and apply it to all the nodes. + +``` +ansible-playbook -i hosts.yml playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)" +``` + ## Bastion Hosts In many cases, you may want to run this Ansible collection through a Bastion host to provision JFrog servers. You can include the following Var for a host or group of hosts: diff --git a/Ansible/pipelines.yaml b/Ansible/pipelines.yaml index f857fe6..3fd14a5 100644 --- a/Ansible/pipelines.yaml +++ b/Ansible/pipelines.yaml @@ -5,8 +5,53 @@ resources: gitProvider: jefferyfryGithub path: jefferyfry/JFrog-Cloud-Installers pipelines: - - name: ansible_azure_automation_pipeline + - name: ansible_aws_azure_automation_pipeline steps: + - name: execute_aws_ansible_playbook + type: Bash + configuration: + runtime: + type: image + image: + auto: + language: java + versions: + - "8" + integrations: + - name: ansibleAwsKeys + - name: ansibleEnvVars + - name: ansiblePrivateKey + inputResources: + - name: ansibleRepo + execution: + onStart: + - echo "Executing AWS Ansible playbook..." + onExecute: + - sudo apt-get update + - sudo apt-get install gnupg2 + - sudo apt-get install software-properties-common + - sudo apt-add-repository --yes --update ppa:ansible/ansible + - sudo apt -y --allow-unauthenticated install ansible + - sudo pip install packaging + - sudo pip install boto3 botocore + - cd ../dependencyState/resources/ansibleRepo + - echo 'Setting environment variables...' + - export artifactory_license1="$int_ansibleEnvVars_artifactory_license1" + - export artifactory_license2="$int_ansibleEnvVars_artifactory_license2" + - export artifactory_license3="$int_ansibleEnvVars_artifactory_license3" + - export master_key="$int_ansibleEnvVars_master_key" + - export join_key="$int_ansibleEnvVars_join_key" + - export ssh_public_key_name="$int_ansibleEnvVars_ssh_public_key_name" + - export cfn_template="$int_ansibleEnvVars_cfn_template" + - export stack_name="$int_ansibleEnvVars_stack_name" + - export AWS_ACCESS_KEY_ID="$int_ansibleEnvVars_AWS_ACCESS_KEY_ID" + - export AWS_SECRET_KEY="$int_ansibleEnvVars_AWS_SECRET_KEY" + - printenv + - eval $(ssh-agent -s) + - ssh-add <(echo "$int_ansiblePrivateKey_key") + - ansible-playbook Ansible/test/aws/playbook.yaml + onComplete: + - echo "AWS Ansible playbook complete." - name: execute_azure_ansible_playbook type: Bash configuration: diff --git a/Ansible/project/rt-xray-auto-keys/hosts.yml b/Ansible/project/rt-xray-auto-keys/hosts.yml new file mode 100644 index 0000000..76babec --- /dev/null +++ b/Ansible/project/rt-xray-auto-keys/hosts.yml @@ -0,0 +1,40 @@ +--- +all: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" + ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@13.82.225.20 -W %h:%p"' + children: + database: + hosts: + 34.239.107.0: + dbs: + - { db_name: "artifactory", db_owner: "artifactory" } + - { db_name: "xraydb", db_owner: "xray" } + db_users: + - { db_user: "artifactory", db_password: "Art1fAct0ry" } + - { db_user: "xray", db_password: "xray" } + artifactory: + hosts: + 54.237.207.135: + artifactory_license1: x + artifactory_license2: x + artifactory_license3: x + artifactory_license4: x + artifactory_license5: x + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "jdbc:postgresql://10.0.0.59:5432/artifactory" + db_user: "artifactory" + db_password: "Art1fAct0ry" + server_name: "ec2-54-237-207-135.compute-1.amazonaws.com" + xray: + hosts: + 100.25.104.174: + jfrog_url: "http://ec2-54-237-207-135.compute-1.amazonaws.com" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + db_url: "postgres://10.0.0.59:5432/xraydb?sslmode=disable" + db_user: "xray" + db_password: "xray" diff --git a/Ansible/project/rt-xray-auto-keys/playbook.yml b/Ansible/project/rt-xray-auto-keys/playbook.yml new file mode 100644 index 0000000..10dc19d --- /dev/null +++ b/Ansible/project/rt-xray-auto-keys/playbook.yml @@ -0,0 +1,21 @@ +--- +- debug: + var: master_key + +- debug: + var: join_key + +- hosts: database + gather_facts: true + roles: + - jfrog/ansible/roles/postgres + +- hosts: artifactory + gather_facts: true + roles: + - jfrog/ansible/roles/artifactory + +- hosts: xray + gather_facts: true + roles: + - jfrog/ansible/roles/xray \ No newline at end of file diff --git a/Ansible/project/rt-xray-auto-keys/runAutoKeysPlaybook.sh b/Ansible/project/rt-xray-auto-keys/runAutoKeysPlaybook.sh new file mode 100755 index 0000000..0949cb0 --- /dev/null +++ b/Ansible/project/rt-xray-auto-keys/runAutoKeysPlaybook.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +ansible-playbook -i hosts.yml playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)" \ No newline at end of file diff --git a/Ansible/test/aws/playbook.yaml b/Ansible/test/aws/playbook.yaml index 8474438..fafe557 100644 --- a/Ansible/test/aws/playbook.yaml +++ b/Ansible/test/aws/playbook.yaml @@ -144,4 +144,5 @@ - name: Cleanup and delete stack cloudformation: stack_name: "{{ lookup('env', 'stack_name') }}" + region: "us-east-1" state: "absent" \ No newline at end of file diff --git a/Ansible/test/azure/playbook.yaml b/Ansible/test/azure/playbook.yaml index ae9625d..f4eb24a 100644 --- a/Ansible/test/azure/playbook.yaml +++ b/Ansible/test/azure/playbook.yaml @@ -155,7 +155,8 @@ shell: cmd: ./gradlew clean unified_test chdir: ../tests/ - - name: Cleanup and delete a resource group + - name: Cleanup and delete resource group azure_rm_resourcegroup: name: "{{ lookup('env', 'azure_resource_group') }}" + force_delete_nonempty: yes state: absent \ No newline at end of file diff --git a/Ansible/test/tests/src/test/groovy/tests/RepositoryTest.groovy b/Ansible/test/tests/src/test/groovy/tests/RepositoryTest.groovy index e6c6c3a..3deb72a 100644 --- a/Ansible/test/tests/src/test/groovy/tests/RepositoryTest.groovy +++ b/Ansible/test/tests/src/test/groovy/tests/RepositoryTest.groovy @@ -120,7 +120,7 @@ class RepositoryTest extends RepositorySteps{ Reporter.log("- Verify JCR repos were created. ${numberOfRepos} repositories were created", true) } - @Test(priority=4, groups=["jcr","pro"], testName = "Create a directory in generic repo") + /*@Test(priority=4, groups=["jcr","pro"], testName = "Create a directory in generic repo") void createDirectoryTest(){ def repoName = "generic-dev-local" def directoryName = "test-directory/" @@ -161,9 +161,9 @@ class RepositoryTest extends RepositorySteps{ + directoryName + "/" + filename)) Reporter.log("- Get the artifact info. Artifact info is successfully returned", true) - } + }*/ - @Test(priority=7, groups=["jcr", "pro"], testName = "Delete item") +/* @Test(priority=7, groups=["jcr", "pro"], testName = "Delete item") void deleteJCRItemTest(){ def repoName = "generic-dev-local" def directoryName = "test-directory" @@ -176,9 +176,9 @@ class RepositoryTest extends RepositorySteps{ .body("errors[0].message", equalToIgnoringCase("Unable to find item")) Reporter.log("- Delete item. File has been deleted successfully", true) - } + }*/ - @Test(priority=8, groups=["pro"], testName = "Create support bundle") + /*@Test(priority=8, groups=["pro"], testName = "Create support bundle") void createSupportBundleHATest(){ def name = "Support Bundle" LocalDate startDate = LocalDate.now().minusDays(5) @@ -188,7 +188,7 @@ class RepositoryTest extends RepositorySteps{ .body("artifactory.bundle_url", containsString(artifactoryURL)) Reporter.log("- Create support bundle. Successfully created", true) - } + }*/ @Test(priority=8, groups=["jcr"], testName = "Create support bundle") void createSupportBundleJCATest(){ @@ -270,7 +270,7 @@ class RepositoryTest extends RepositorySteps{ Reporter.log("- Re-create repositories for JCR distribution. Successfully created", true) } - @Test(priority=13, groups=["jcr","pro"], testName = "Create a directory in generic repo") +/* @Test(priority=13, groups=["jcr","pro"], testName = "Create a directory in generic repo") void reCreateDirectoryTest(){ def repoName = "generic-dev-local" def directoryName = "test-directory/" @@ -281,9 +281,9 @@ class RepositoryTest extends RepositorySteps{ .body("uri", equalTo("http://" + artifactoryURL + ":80/artifactory/" + repoName + "/" + directoryName)) Reporter.log("- Create folder. Folder successfully created", true) - } + }*/ - @Test(priority=14, groups=["jcr","pro"], testName = "Deploy file to generic repo") +/* @Test(priority=14, groups=["jcr","pro"], testName = "Deploy file to generic repo") void reDeployArtifactToGenericTest(){ def repoName = "generic-dev-local" def directoryName = "test-directory" @@ -296,7 +296,7 @@ class RepositoryTest extends RepositorySteps{ + directoryName + "/" + filename)) Reporter.log("- Deploy artifact. Artifact successfully deployed", true) - } + }*/ }