From 5097e3507560ccb5572ae4c8d834fa8cc0199365 Mon Sep 17 00:00:00 2001 From: Ram Mohan Rao Chukka <1331672+chukka@users.noreply.github.com> Date: Tue, 10 May 2022 15:28:01 +0530 Subject: [PATCH] [ansible] JFrog Platform 10.6.0 release (#216) --- .../jfrog/platform/CHANGELOG.md | 5 +++++ .../jfrog/platform/galaxy.yml | 2 +- .../roles/artifactory/defaults/main.yml | 2 +- .../shared/selinux_configure_context.yml | 8 ++++++++ .../shared/selinux_restore_context.yml | 6 ++++++ .../roles/artifactory/tasks/RedHat.yml | 7 +------ .../roles/artifactory/tasks/install.yml | 19 ++++++++++++------- .../roles/artifactory/tasks/upgrade.yml | 9 ++++++++- .../platform/roles/artifactory/vars/main.yml | 2 +- .../roles/distribution/defaults/main.yml | 2 +- .../platform/roles/distribution/vars/main.yml | 2 +- .../platform/roles/insight/defaults/main.yml | 2 +- .../platform/roles/insight/vars/main.yml | 2 +- .../platform/roles/xray/defaults/main.yml | 2 +- .../jfrog/platform/roles/xray/vars/main.yml | 2 +- 15 files changed, 49 insertions(+), 23 deletions(-) create mode 100644 Ansible/ansible_collections/jfrog/platform/roles/artifactory/shared/selinux_configure_context.yml create mode 100644 Ansible/ansible_collections/jfrog/platform/roles/artifactory/shared/selinux_restore_context.yml diff --git a/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md b/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md index 61a4ecd..8f0cb87 100644 --- a/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md +++ b/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md @@ -1,6 +1,11 @@ # JFrog Platform Ansible Collection Changelog All changes to this collection will be documented in this file. +## [10.6.0] - May 10, 2022 +* Keep SELinux settings on upgrade + check mode [GH-214](https://github.com/jfrog/JFrog-Cloud-Installers/pull/214) +* Artifactory - Add support for default database driver [GH-213](https://github.com/jfrog/JFrog-Cloud-Installers/pull/213) +* Product Updates/fixes + ## [10.5.2] - Apr 27, 2022 * Product Updates/fixes diff --git a/Ansible/ansible_collections/jfrog/platform/galaxy.yml b/Ansible/ansible_collections/jfrog/platform/galaxy.yml index e87b5e0..b7846b6 100644 --- a/Ansible/ansible_collections/jfrog/platform/galaxy.yml +++ b/Ansible/ansible_collections/jfrog/platform/galaxy.yml @@ -9,7 +9,7 @@ namespace: "jfrog" name: "platform" # The version of the collection. Must be compatible with semantic versioning -version: "10.5.2" +version: "10.6.0" # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: "README.md" diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml index eefc2eb..5e0709f 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml @@ -1,7 +1,7 @@ # defaults file for artifactory # The version of artifactory to install -artifactory_version: 7.37.15 +artifactory_version: 7.38.7 # Set this to true when SSL is enabled (to use artifactory_nginx_ssl role), default to false (implies artifactory uses artifactory_nginx role ) artifactory_nginx_ssl_enabled: false diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/shared/selinux_configure_context.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/shared/selinux_configure_context.yml new file mode 100644 index 0000000..cf3f95b --- /dev/null +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/shared/selinux_configure_context.yml @@ -0,0 +1,8 @@ +--- +- name: Configure SELinux context + become: yes + sefcontext: + target: "{{ jfrog_home_directory }}/artifactory/app/bin(/.*)?" + setype: bin_t + state: present + when: ansible_selinux.status == 'enabled' diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/shared/selinux_restore_context.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/shared/selinux_restore_context.yml new file mode 100644 index 0000000..a1b64d7 --- /dev/null +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/shared/selinux_restore_context.yml @@ -0,0 +1,6 @@ +--- +- name: Restore SELinux content + become: yes + ansible.builtin.command: restorecon -R -v "{{ jfrog_home_directory }}/artifactory/app/bin" + when: ansible_distribution == 'RedHat' + changed_when: false diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/RedHat.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/RedHat.yml index e7422cf..8fd4b10 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/RedHat.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/RedHat.yml @@ -5,9 +5,4 @@ state: present - name: Configure SELinux context - become: yes - sefcontext: - target: "{{ jfrog_home_directory }}/artifactory/app/bin(/.*)?" - setype: bin_t - state: present - when: ansible_selinux.status == 'enabled' + include_tasks: shared/selinux_configure_context.yml diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml index 9ff7f33..f224ff1 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml @@ -68,7 +68,7 @@ group: "{{ artifactory_group }}" creates: "{{ artifactory_untar_home }}" remote_src: true - when: download_artifactory is succeeded + when: (download_artifactory is succeeded) and (not ansible_check_mode) - name: Check if app directory exists become: yes @@ -158,10 +158,18 @@ - artifactory_licenses | length > 0 notify: restart artifactory +- name: Check if included database driver is the correct version + become: yes + stat: + path: "{{ artifactory_home }}/app/artifactory/tomcat/lib/postgresql-{{ postgres_driver_version }}.jar" + register: included_database_driver + - name: Check if database driver exists become: yes stat: path: "{{ artifactory_home }}/app/artifactory/tomcat/lib/jf_postgresql-{{ postgres_driver_version }}.jar" + when: + - not included_database_driver.stat.exists register: database_driver - name: Download database driver @@ -174,14 +182,11 @@ when: - postgres_driver_download_url is defined - not database_driver.stat.exists + - not included_database_driver.stat.exists notify: restart artifactory -- name: Run restore context to reload selinux - become: yes - shell: | - restorecon -R -v "{{ jfrog_home_directory }}/artifactory/app/bin" - when: ansible_distribution == 'RedHat' - changed_when: false +- name: Restore SELinux content + include_tasks: shared/selinux_restore_context.yml - name: Create artifactory service become: yes diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml index 3a93359..48f80dd 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml @@ -1,3 +1,6 @@ +- name: Configure SELinux context + include_tasks: shared/selinux_configure_context.yml + - name: Check if artifactory tar already exists become: yes stat: @@ -24,7 +27,7 @@ owner: "{{ artifactory_user }}" group: "{{ artifactory_group }}" creates: "{{ artifactory_untar_home }}" - when: download_artifactory is succeeded + when: (download_artifactory is succeeded) and (not ansible_check_mode) - name: Stop artifactory meta: flush_handlers @@ -47,6 +50,7 @@ become: yes command: "cp -r {{ artifactory_untar_home }}/app/. {{ artifactory_home }}/app" when: download_artifactory.changed + notify: restart artifactory - name: Configure artifactory license(s) become: yes @@ -114,6 +118,9 @@ - artifactory_systemyaml_override or (not systemyaml.stat.exists) notify: restart artifactory +- name: Restore SELinux content + include_tasks: shared/selinux_restore_context.yml + - name: Ensure permissions are correct include_tasks: shared/ensure_permissions_correct.yml diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml index 9d6ece5..f6d9a98 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml @@ -1,5 +1,5 @@ # platform collection version -platform_collection_version: 10.5.2 +platform_collection_version: 10.6.0 # indicates where this collection was downloaded from (galaxy, automation_hub, standalone) ansible_marketplace: galaxy diff --git a/Ansible/ansible_collections/jfrog/platform/roles/distribution/defaults/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/distribution/defaults/main.yml index 2eb25d5..2131a25 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/distribution/defaults/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/distribution/defaults/main.yml @@ -1,7 +1,7 @@ # defaults file for distribution # The version of distribution to install -distribution_version: 2.12.1 +distribution_version: 2.12.2 # whether to enable HA distribution_ha_enabled: false diff --git a/Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml index fce7882..1249ae8 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml @@ -1,5 +1,5 @@ # platform collection version -platform_collection_version: 10.5.2 +platform_collection_version: 10.6.0 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) ansible_marketplace: galaxy diff --git a/Ansible/ansible_collections/jfrog/platform/roles/insight/defaults/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/insight/defaults/main.yml index f131355..ef6c8c2 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/insight/defaults/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/insight/defaults/main.yml @@ -1,7 +1,7 @@ # defaults file for insight # The version of insight to install -insight_version: 1.9.0 +insight_version: 1.10.2 # whether to enable HA insight_ha_enabled: false diff --git a/Ansible/ansible_collections/jfrog/platform/roles/insight/vars/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/insight/vars/main.yml index fce7882..1249ae8 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/insight/vars/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/insight/vars/main.yml @@ -1,5 +1,5 @@ # platform collection version -platform_collection_version: 10.5.2 +platform_collection_version: 10.6.0 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) ansible_marketplace: galaxy diff --git a/Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml index ab37ee9..64a453c 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml @@ -1,7 +1,7 @@ # defaults file for xray # The version of xray to install -xray_version: 3.47.3 +xray_version: 3.48.2 # whether to enable HA xray_ha_enabled: false diff --git a/Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml index fce7882..1249ae8 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml @@ -1,5 +1,5 @@ # platform collection version -platform_collection_version: 10.5.2 +platform_collection_version: 10.6.0 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) ansible_marketplace: galaxy