zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 00:06:55 -06:00
Code Issues Packages Projects Releases Wiki Activity

[Ansible] JFrog Platform 7.24.3 (#153)

Browse Source
This commit is contained in:
Ram Mohan Rao Chukka
2021-08-17 09:43:00 +05:30
committed by GitHub
parent 16ce388773
commit 55a3842fac
58 changed files with 493 additions and 353 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Ansible/ansible_collections/jfrog/platform/CHANGELOG.md
View File

@@ -1,6 +1,11 @@
# JFrog Platform Ansible Collection Changelog
All changes to this collection will be documented in this file.
## [7.24.3] - Aug 17, 2021
* Added required variables check when using `artifactory_nginx_ssl` role
* Missioncontrol's Elasticsearch to use default ES JAVA_HOME
* Bug Fixes
## [7.23.3] - Aug 5, 2021
* Missioncontrol's Elasticsearch to use new JAVA_HOME path
* Missioncontrol's Elasticsearch searchguard plugin to use by default `anonymous_auth_enabled: true`

4
Ansible/ansible_collections/jfrog/platform/ansible.cfg
View File

@@ -1,5 +1,5 @@
[defaults]
host_key_checking = false
stdout_callback = debug
remote_tmp = /tmp/.ansible/tmp
timeout = 20
remote_tmp = /tmp/${USER}/ansible
timeout = 20

2
Ansible/ansible_collections/jfrog/platform/galaxy.yml
View File

@@ -9,7 +9,7 @@ namespace: "jfrog"
name: "platform"
# The version of the collection. Must be compatible with semantic versioning
version: "7.23.3"
version: "7.24.3"
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
readme: "README.md"

11
Ansible/ansible_collections/jfrog/platform/group_vars/all/vars.yml
View File

@@ -1,7 +1,6 @@
---
# Defaults
## Note : These values are global and can be overridden in role/<product>/defaults/main.yaml file
## For production deployments,You may want to generate your master amd join keys and apply it to all the nodes.
## Note: These values are global and have precedence over role/<product>/defaults/main.yaml
## For production deployments, You may want to generate your master amd join keys and apply it to all the nodes.
master_key: ee69d96880726d3abf6b42b97d2ae589111ea95c2a8bd5876ec5cd9e8ee34f86
join_key: 83da88eaaa08dfed5b86888fcec85f19ace0c3ff8747bcefcec2c9769ad4043d
@@ -62,12 +61,12 @@ mc_db_url: >-
{%- endfor -%}
# Postgresql users and databases/schemas
db_users:
db_users:
- { db_user: "{{ artifactory_db_user }}", db_password: "{{ artifactory_db_password }}" }
- { db_user: "{{ xray_db_user }}", db_password: "{{ xray_db_password }}" }
- { db_user: "{{ distribution_db_user }}", db_password: "{{ distribution_db_password }}" }
- { db_user: "{{ mc_db_user }}", db_password: "{{ mc_db_password }}" }
dbs:
dbs:
- { db_name: "{{ artifactory_db_name }}", db_owner: "{{ artifactory_db_user }}" }
- { db_name: "{{ xray_db_name }}", db_owner: "{{ xray_db_user }}" }
- { db_name: "{{ distribution_db_name }}", db_owner: "{{ distribution_db_user }}" }
@@ -78,4 +77,4 @@ mc_schemas:
- insight_scheduler
# For Centos/RHEL-7, Set this to "/usr/bin/python"
ansible_python_interpreter: "/usr/bin/python3"
ansible_python_interpreter: "/usr/bin/python3"

2
Ansible/ansible_collections/jfrog/platform/platform.yml
View File

@@ -13,4 +13,4 @@
- distribution
- hosts: missioncontrol_servers
roles:
- missioncontrol
- missioncontrol

9
Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml
View File

@@ -1,8 +1,7 @@
---
# defaults file for artifactory
# The version of artifactory to install
artifactory_version: 7.23.3
artifactory_version: 7.24.3
# Set this to true when SSL is enabled (to use artifactory_nginx_ssl role), default to false (implies artifactory uses artifactory_nginx role )
artifactory_nginx_ssl_enabled: false
@@ -28,10 +27,10 @@ artifactory_ha_enabled: false
# By default, all nodes are primary (CNHA) - https://www.jfrog.com/confluence/display/JFROG/High+Availability#HighAvailability-Cloud-NativeHighAvailability
artifactory_taskAffinity: any
# The location where Artifactory should install.
# The location where Artifactory should install
jfrog_home_directory: /opt/jfrog
# Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro.
# Pick the Artifactory flavour to install, can be also cpp-ce/jcr/pro
artifactory_flavour: pro
artifactory_extra_java_opts: -server -Xms512m -Xmx2g -Xss256k -XX:+UseG1GC
@@ -62,7 +61,7 @@ artifactory_upgrade_only: false
artifactory_admin_username: admin
artifactory_admin_password: password
artifactory_service_file : /lib/systemd/system/artifactory.service
artifactory_service_file: /lib/systemd/system/artifactory.service
# Provide binarystore XML content below with 2-space indentation
artifactory_binarystore: |-

13
Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,13 @@
- name: Install prerequisite packages
become: yes
apt:
name: ["net-tools", "locales"]
state: present
update_cache: yes
cache_valid_time: 3600
- name: Ensure UTF-8 locale exists
become: yes
locale_gen:
name: en_US.UTF-8
state: present

5
Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,5 @@
- name: Install prerequisite packages
become: yes
yum:
name: net-tools
state: present

41
Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml
View File

@@ -1,18 +1,20 @@
---
- debug:
msg: "Performing installation of Artifactory version : {{ artifactory_version }} "
- name: install nginx
- name: Install prerequisite packages
include_tasks: "{{ ansible_os_family }}.yml"
- name: Install nginx
include_role:
name: artifactory_nginx
when:
when:
- artifactory_nginx_enabled | bool
- not artifactory_nginx_ssl_enabled | bool
- name: install nginx with SSL
- name: Install nginx with SSL
include_role:
name: artifactory_nginx_ssl
when:
when:
- not artifactory_nginx_enabled | bool
- artifactory_nginx_ssl_enabled | bool
@@ -20,13 +22,11 @@
become: yes
group:
name: "{{ artifactory_group }}"
gid: "{{ artifactory_gid }}"
state: present
- name: Ensure user artifactory exist
become: yes
user:
uid: "{{ artifactory_uid }}"
name: "{{ artifactory_user }}"
group: "{{ artifactory_group }}"
create_home: yes
@@ -98,8 +98,8 @@
template:
src: "{{ artifactory_system_yaml_template }}"
dest: "{{ artifactory_home }}/var/etc/system.yaml"
when:
- artifactory_systemyaml is defined
when:
- artifactory_systemyaml is defined
- artifactory_systemyaml|length > 0
- artifactory_systemyaml_override or (not systemyaml.stat.exists)
notify: restart artifactory
@@ -125,9 +125,9 @@
template:
src: binarystore.xml.j2
dest: "{{ artifactory_home }}/var/etc/artifactory/binarystore.xml"
when:
- artifactory_binarystore is defined
- artifactory_binarystore|length > 0
when:
- artifactory_binarystore is defined
- artifactory_binarystore | length > 0
notify: restart artifactory
- name: Configure single license
@@ -135,8 +135,8 @@
template:
src: artifactory.lic.j2
dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.lic"
when:
- artifactory_single_license is defined
when:
- artifactory_single_license is defined
- artifactory_single_license|length > 0
notify: restart artifactory
@@ -146,7 +146,7 @@
src: artifactory.cluster.license.j2
dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
when:
- artifactory_licenses is defined
- artifactory_licenses is defined
- artifactory_licenses|length > 0
notify: restart artifactory
@@ -163,7 +163,7 @@
dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
owner: "{{ artifactory_user }}"
group: "{{ artifactory_group }}"
when:
when:
- postgres_driver_download_url is defined
- not database_driver.stat.exists
notify: restart artifactory
@@ -185,10 +185,13 @@
- name: Restart artifactory
meta: flush_handlers
- name : Wait for artifactory to be fully deployed
uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
- name: Make sure artifactory is up and running
uri:
url: http://127.0.0.1:8082/router/api/v1/system/health
timeout: 130
status_code: 200
register: result
until: result.status == 200
until: result is succeeded
retries: 25
delay: 5
when: not ansible_check_mode

7
Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/main.yml
View File

@@ -1,10 +1,11 @@
- name: perform installation
- name: Perform installation
include_tasks: "install.yml"
when:
- artifactory_enabled
- not artifactory_upgrade_only
- name: perform upgrade
- name: Perform upgrade
include_tasks: "upgrade.yml"
when:
- artifactory_enabled
- artifactory_upgrade_only
- artifactory_upgrade_only

30
Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml
View File

@@ -1,4 +1,3 @@
---
- debug:
msg: "Performing upgrade of Artifactory version to : {{ artifactory_version }} "
@@ -60,8 +59,8 @@
template:
src: artifactory.lic.j2
dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.lic"
when:
- artifactory_single_license is defined
when:
- artifactory_single_license is defined
- artifactory_single_license|length > 0
notify: restart artifactory
@@ -71,8 +70,8 @@
src: artifactory.cluster.license.j2
dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
when:
- artifactory_licenses is defined
- artifactory_licenses|length > 0
- artifactory_licenses is defined
- artifactory_licenses | length > 0
notify: restart artifactory
- name: Check if database driver exists
@@ -88,7 +87,7 @@
dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
owner: "{{ artifactory_user }}"
group: "{{ artifactory_group }}"
when:
when:
- postgres_driver_download_url is defined
- not database_driver.stat.exists
notify: restart artifactory
@@ -105,8 +104,8 @@
template:
src: binarystore.xml.j2
dest: "{{ artifactory_home }}/var/etc/artifactory/binarystore.xml"
when:
- artifactory_binarystore is defined
when:
- artifactory_binarystore is defined
- artifactory_binarystore|length > 0
notify: restart artifactory
@@ -121,10 +120,10 @@
template:
src: "{{ artifactory_system_yaml_template }}"
dest: "{{ artifactory_home }}/var/etc/system.yaml"
when:
- artifactory_systemyaml is defined
when:
- artifactory_systemyaml is defined
- artifactory_systemyaml|length > 0
- artifactory_systemyaml_override or (not systemyaml.stat.exists)
- artifactory_systemyaml_override or (not systemyaml.stat.exists)
notify: restart artifactory
- name: Ensure permissions are correct
@@ -138,10 +137,13 @@
- name: Restart artifactory
meta: flush_handlers
- name : Wait for artifactory to be fully deployed
uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
- name: Make sure artifactory is up and running
uri:
url: http://127.0.0.1:8082/router/api/v1/system/health
timeout: 130
status_code: 200
register: result
until: result.status == 200
until: result is succeeded
retries: 25
delay: 5
when: not ansible_check_mode

5
Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml
View File

@@ -1,6 +1,5 @@
---
# platform collection version
platform_collection_version: 7.23.3
platform_collection_version: 7.24.3
# indicates where this collection was downloaded from (galaxy, automation_hub, standalone)
ansible_marketplace: galaxy
ansible_marketplace: galaxy

1
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/defaults/main.yml
View File

@@ -4,4 +4,3 @@
server_name: test.artifactory.com
nginx_daemon: nginx

8
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/tasks/Debian.yml
View File

@@ -1,9 +1,9 @@
---
- name: apt-get update
- name: Update apt cache
become: yes
apt:
update_cache: yes
register: package_res
cache_valid_time: 3600
register: apt_update_cache
retries: 5
delay: 60
until: package_res is success
until: apt_update_cache is succeeded

17
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/tasks/RedHat.yml
View File

@@ -1,6 +1,15 @@
---
- name: epel-release
- name: Import EPEL GPG public key
become: yes
rpm_key:
key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ version }}
state: present
vars:
version: "{{ ansible_distribution_major_version }}"
- name: Install EPEL repository
become: yes
yum:
name: epel-release
state: present
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ version }}.noarch.rpm
state: present
vars:
version: "{{ ansible_distribution_major_version }}"

13
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/tasks/main.yml
View File

@@ -1,5 +1,4 @@
---
- name: Install dependencies
- name: Install prerequisite packages
include_tasks: "{{ ansible_os_family }}.yml"
- name: Install nginx after dependency installation
@@ -7,12 +6,12 @@
package:
name: nginx
state: present
register: package_res
register: install_nginx
retries: 5
delay: 60
until: package_res is success
until: install_nginx is succeeded
- name: Configure main nginx conf file.
- name: Copy nginx.conf file
become: yes
copy:
src: nginx.conf
@@ -21,7 +20,7 @@
group: root
mode: '0755'
- name: Configure the artifactory nginx conf
- name: Generate artifactory.conf
become: yes
template:
src: artifactory.conf.j2
@@ -32,4 +31,4 @@
notify: restart nginx
- name: Restart nginx
meta: flush_handlers
meta: flush_handlers

3
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/vars/main.yml
View File

@@ -1,2 +1 @@
---
# vars file for artifactory_nginx
# vars file for artifactory_nginx

5
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/defaults/main.yml
View File

@@ -1,7 +1,8 @@
---
# defaults file for artifactory_nginx
# defaults file for artifactory_nginx_ssl
## For production deployments,You SHOULD change it.
# server_name: test.artifactory.com
nginx_daemon: nginx
redirect_http_to_https_enabled: true

37
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/files/nginx.conf Normal file
View File

@@ -0,0 +1,37 @@
#user nobody;
worker_processes 1;
error_log /var/log/nginx/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
variables_hash_max_size 1024;
variables_hash_bucket_size 64;
server_names_hash_max_size 4096;
server_names_hash_bucket_size 128;
types_hash_max_size 2048;
types_hash_bucket_size 64;
proxy_read_timeout 2400s;
client_header_timeout 2400s;
client_body_timeout 2400s;
proxy_connect_timeout 75s;
proxy_send_timeout 2400s;
proxy_buffer_size 32k;
proxy_buffers 40 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 250m;
proxy_http_version 1.1;
client_body_buffer_size 128k;
include /etc/nginx/conf.d/*.conf;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
}

5
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/files/redirect_http_to_https.conf Normal file
View File

@@ -0,0 +1,5 @@
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}

9
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,9 @@
- name: Update apt cache
become: yes
apt:
update_cache: yes
cache_valid_time: 3600
register: apt_update_cache
retries: 5
delay: 60
until: apt_update_cache is succeeded

15
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,15 @@
- name: Import EPEL GPG public key
become: yes
rpm_key:
key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ version }}
state: present
vars:
version: "{{ ansible_distribution_major_version }}"
- name: Install EPEL repository
become: yes
yum:
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ version }}.noarch.rpm
state: present
vars:
version: "{{ ansible_distribution_major_version }}"

43
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/tasks/main.yml
View File

@@ -1,5 +1,44 @@
---
# tasks file for artifactory_nginx
- name: "Check required variables"
fail: msg="Variable '{{ item }}' is not defined"
when: item not in vars
with_items:
- certificate
- certificate_key
- server_name
- name: Install prerequisite packages
include_tasks: "{{ ansible_os_family }}.yml"
- name: Install nginx after dependency installation
become: yes
package:
name: nginx
state: present
register: install_nginx
retries: 5
delay: 60
until: install_nginx is success
- name: Configure main nginx conf file.
become: yes
copy:
src: nginx.conf
dest: /etc/nginx/nginx.conf
owner: root
group: root
mode: '0755'
- name: Configure redirect nginx conf
become: yes
copy:
src: redirect_http_to_https.conf
dest: /etc/nginx/conf.d/redirect_http_to_https.conf
owner: root
group: root
mode: '0755'
when: redirect_http_to_https_enabled | bool
notify: restart nginx
- name: Configure the artifactory nginx conf
become: yes
template:

3
Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/vars/main.yml
View File

@@ -1,2 +1 @@
---
# vars file for artifactory_nginx
# vars file for artifactory_nginx_ssl

7
Ansible/ansible_collections/jfrog/platform/roles/distribution/defaults/main.yml
View File

@@ -1,4 +1,3 @@
---
# defaults file for distribution
# The version of distribution to install
@@ -7,9 +6,9 @@ distribution_version: 2.9.0
# whether to enable HA
distribution_ha_enabled: false
distribution_ha_node_type : master
distribution_ha_node_type: master
# The location where distribution should install.
# The location where distribution should install
jfrog_home_directory: /opt/jfrog
# The remote distribution download file
@@ -37,8 +36,6 @@ distribution_gid: 1040
distribution_daemon: distribution
flow_type: archive
# Redis details
distribution_redis_url: "redis://localhost:6379"
distribution_redis_password: password

13
Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,13 @@
- name: Install prerequisite packages
become: yes
apt:
name: ["expect", "locales"]
state: present
update_cache: yes
cache_valid_time: 3600
- name: Ensure UTF-8 locale exists
become: yes
locale_gen:
name: en_US.UTF-8
state: present

5
Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,5 @@
- name: Install prerequisite packages
become: yes
yum:
name: expect
state: present

37
Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/install.yml
View File

@@ -1,33 +1,18 @@
---
- debug:
msg: "Performing installation of Distribution version - {{ distribution_version }}"
- name: Install expect dependency
yum:
name: expect
state: present
become: yes
when: ansible_os_family == 'RedHat'
- name: Install expect dependency
apt:
name: expect
state: present
update_cache: yes
become: yes
when: ansible_os_family == 'Debian'
- name: Install prerequisite packages
include_tasks: "{{ ansible_os_family }}.yml"
- name: Ensure group distribution exist
become: yes
group:
name: "{{ distribution_group }}"
gid: "{{ distribution_gid }}"
state: present
- name: Ensure user distribution exist
become: yes
user:
uid: "{{ distribution_uid }}"
name: "{{ distribution_user }}"
group: "{{ distribution_group }}"
create_home: yes
@@ -136,10 +121,10 @@
template:
src: "{{ distribution_system_yaml_template }}"
dest: "{{ distribution_home }}/var/etc/system.yaml"
when:
- distribution_systemyaml is defined
when:
- distribution_systemyaml is defined
- distribution_systemyaml|length > 0
- distribution_systemyaml_override or (not systemyaml.stat.exists)
- distribution_systemyaml_override or (not systemyaml.stat.exists)
notify: restart distribution
- name: Configure installer info
@@ -160,8 +145,7 @@
- name: Install Distribution as a service
become: yes
shell: |
{{ distribution_archive_service_cmd }}
shell: "{{ distribution_archive_service_cmd }}"
args:
chdir: "{{ distribution_install_script_path }}"
creates: "{{ distribution_service_file }}"
@@ -179,10 +163,13 @@
- name: Restart distribution
meta: flush_handlers
- name : Wait for distribution to be fully deployed
uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
- name: Make sure distribution is up and running
uri:
url: http://127.0.0.1:8082/router/api/v1/system/health
timeout: 130
status_code: 200
register: result
until: result.status == 200
until: result is succeeded
retries: 25
delay: 5
when: not ansible_check_mode

7
Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/main.yml
View File

@@ -1,10 +1,11 @@
- name: perform installation
- name: Perform installation
include_tasks: "install.yml"
when:
- distribution_enabled
- not distribution_upgrade_only
- name: perform upgrade
- name: Perform upgrade
include_tasks: "upgrade.yml"
when:
- distribution_enabled
- distribution_upgrade_only
- distribution_upgrade_only

14
Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/upgrade.yml
View File

@@ -1,4 +1,3 @@
---
- debug:
msg: "Performing upgrade of Distribution version to {{ distribution_version }} "
@@ -60,8 +59,8 @@
template:
src: "{{ distribution_system_yaml_template }}"
dest: "{{ distribution_home }}/var/etc/system.yaml"
when:
- distribution_systemyaml is defined
when:
- distribution_systemyaml is defined
- distribution_systemyaml|length > 0
- distribution_systemyaml_override or (not systemyaml.stat.exists)
notify: restart distribution
@@ -124,10 +123,13 @@
- name: Restart distribution
meta: flush_handlers
- name : Wait for distribution to be fully deployed
uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
- name: Make sure distribution is up and running
uri:
url: http://127.0.0.1:8082/router/api/v1/system/health
timeout: 130
status_code: 200
register: result
until: result.status == 200
until: result is succeeded
retries: 25
delay: 5
when: not ansible_check_mode

3
Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml
View File

@@ -1,6 +1,5 @@
---
# platform collection version
platform_collection_version: 7.23.3
platform_collection_version: 7.24.3
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
ansible_marketplace: galaxy

30
Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/script/archive.yml
View File

@@ -1,40 +1,40 @@
distribution_installer_scenario:
main:
- {
- {
"expecting": "(data|installation) directory \\(",
"sending": "{{ distribution_home }}"
"sending": "{{ distribution_home }}"
}
- {
- {
"expecting": "join key.*:",
"sending": "{{ join_key }}"
"sending": "{{ join_key }}"
}
- {
- {
"expecting": "jfrog url:",
"sending": "{{ jfrog_url }}"
"sending": "{{ jfrog_url }}"
}
- {
- {
"expecting": "do you want to continue",
"sending": "y"
"sending": "y"
}
- {
- {
"expecting": "please specify the ip address of this machine",
"sending": "{% if distribution_ha_node_type is defined and distribution_ha_node_type == 'master' %}{{ ansible_host }}{% else %}{{ ansible_host }}{% endif %}"
}
- {
- {
"expecting": "are you adding an additional node",
"sending": "{% if distribution_ha_node_type is defined and distribution_ha_node_type == 'master' %}n{% else %}y{% endif %}"
}
- {
- {
"expecting": "do you want to install postgresql",
"sending": "n"
}
- {
- {
"expecting": "postgresql url.*example",
"sending": "{{ distribution_db_url }}"
"sending": "{{ distribution_db_url }}"
}
- {
- {
"expecting": "(postgresql|database)?\\s?username.*",
"sending": "{{ distribution_db_user }}"
"sending": "{{ distribution_db_user }}"
}
- {
"expecting": "(confirm\\s?)?(postgresql|database)?\\s?password.*:",

11
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/defaults/main.yml
View File

@@ -1,4 +1,3 @@
---
# defaults file for mc
# The version of missioncontrol to install
@@ -7,9 +6,9 @@ missioncontrol_version: 4.7.10
# whether to enable HA
mc_ha_enabled: false
mc_ha_node_type : master
mc_ha_node_type: master
# The location where mc should install.
# The location where mc should install
jfrog_home_directory: /opt/jfrog
# The remote mc download file
@@ -26,7 +25,7 @@ mc_home: "{{ jfrog_home_directory }}/mc"
mc_install_script_path: "{{ mc_home }}/app/bin"
mc_thirdparty_path: "{{ mc_home }}/app/third-party"
mc_archive_service_cmd: "{{ mc_install_script_path }}/installService.sh"
mc_service_file : /lib/systemd/system/mc.service
mc_service_file: /lib/systemd/system/mc.service
#mc users and groups
mc_user: jfmc
@@ -51,12 +50,10 @@ mc_es_transport_port: 9300
mc_es_home: "/usr/share/elasticsearch"
mc_es_data_dir: "/var/lib/elasticsearch"
mc_es_log_dir: "/var/log/elasticsearch"
mc_es_java_home: "{{ mc_thirdparty_path }}/java"
mc_es_java_home: "/usr/share/elasticsearch/jdk"
mc_es_script_path: "/usr/share/elasticsearch/bin"
mc_es_searchgaurd_home: "/usr/share/elasticsearch/plugins/search-guard-7"
flow_type: archive
# if this is an upgrade
mc_upgrade_only: false

13
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,13 @@
- name: Install prerequisite packages
become: yes
apt:
name: ["expect", "locales"]
state: present
update_cache: yes
cache_valid_time: 3600
- name: Ensure UTF-8 locale exists
become: yes
locale_gen:
name: en_US.UTF-8
state: present

5
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,5 @@
- name: Install prerequisite packages
become: yes
yum:
name: expect
state: present

37
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/install.yml
View File

@@ -1,33 +1,18 @@
---
- debug:
msg: "Performing installation of missionControl version - {{ missioncontrol_version }}"
- name: Install expect dependency
become: yes
yum:
name: expect
state: present
when: ansible_os_family == 'RedHat'
- name: Install expect dependency
become: yes
apt:
name: expect
state: present
update_cache: yes
when: ansible_os_family == 'Debian'
- name: Install prerequisite packages
include_tasks: "{{ ansible_os_family }}.yml"
- name: Ensure group jfmc exist
become: yes
group:
name: "{{ mc_group }}"
gid: "{{ mc_gid }}"
state: present
- name: Ensure user jfmc exist
become: yes
user:
uid: "{{ mc_uid }}"
name: "{{ mc_user }}"
group: "{{ mc_group }}"
create_home: yes
@@ -138,10 +123,10 @@
template:
src: "{{ mc_system_yaml_template }}"
dest: "{{ mc_home }}/var/etc/system.yaml"
when:
- mc_systemyaml is defined
when:
- mc_systemyaml is defined
- mc_systemyaml|length > 0
- mc_systemyaml_override or (not systemyaml.stat.exists)
- mc_systemyaml_override or (not systemyaml.stat.exists)
notify: restart missioncontrol
- name: Update correct permissions
@@ -155,8 +140,7 @@
- name: Install mc as a service
become: yes
shell: |
{{ mc_archive_service_cmd }}
shell: "{{ mc_archive_service_cmd }}"
args:
chdir: "{{ mc_install_script_path }}"
creates: "{{ mc_service_file }}"
@@ -165,10 +149,13 @@
- name: Restart missioncontrol
meta: flush_handlers
- name : Wait for missionControl to be fully deployed
uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
- name: Make sure missionControl is up and running
uri:
url: http://127.0.0.1:8082/router/api/v1/system/health
timeout: 130
status_code: 200
register: result
until: result.status == 200
until: result is succeeded
retries: 25
delay: 5
when: not ansible_check_mode

9
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/main.yml
View File

@@ -1,10 +1,11 @@
- name: perform installation
- name: Perform installation
include_tasks: "install.yml"
when:
when:
- mc_enabled
- not mc_upgrade_only
- name: perform upgrade
- name: Perform upgrade
include_tasks: "upgrade.yml"
when:
- mc_enabled
- mc_upgrade_only
- mc_upgrade_only

26
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/setup-elasticsearch.yml
View File

@@ -2,14 +2,12 @@
become: yes
group:
name: elasticsearch
gid: "{{ es_gid }}"
state: present
- name: Ensure user elasticsearch exists
become: yes
user:
name: elasticsearch
uid: "{{ es_uid }}"
group: elasticsearch
create_home: yes
home: "{{ mc_es_home }}"
@@ -47,12 +45,13 @@
limit_item: nproc
value: '4096'
- name: Setting sysctl values
- name: Set vm.max_map_count in /etc/sysctl.conf
become: yes
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
loop:
- { name: "vm.max_map_count", value: 262144}
ignore_errors: yes
sysctl:
name: vm.max_map_count
value: '262144'
sysctl_set: yes
- name: Find elasticsearch package
become: yes
@@ -87,7 +86,7 @@
- --strip-components=1
owner: elasticsearch
group: elasticsearch
creates: "{{ mc_es_script_path }}"
creates: "{{ mc_es_java_home }}"
register: unarchive_result
when: check_elasticsearch_package_result.matched > 0
@@ -111,9 +110,7 @@
dest: "{{ mc_es_conf_base }}/elasticsearch.yml"
owner: elasticsearch
group: elasticsearch
when:
- unarchive_result.extract_results.rc | default(128) == 0
- flow_type in ["ha-cluster", "ha-upgrade"]
when: unarchive_result.extract_results.rc | default(128) == 0
- name: Generate elasticsearch.yml template file
become: yes
@@ -122,9 +119,7 @@
dest: "{{ mc_es_conf_base }}/elasticsearch.yml"
owner: elasticsearch
group: elasticsearch
when:
- unarchive_result.extract_results.rc | default(128) == 0
- flow_type in ["archive", "upgrade"]
when: unarchive_result.extract_results.rc | default(128) == 0
- name: Create empty unicast_hosts.txt file
become: yes
@@ -168,7 +163,7 @@
when: start_elasticsearch.changed
- name: Check if elasticsearch is running
wait_for:
wait_for:
host: localhost
port: "{{ mc_es_transport_port }}"
delay: 5
@@ -176,7 +171,6 @@
- name: Init searchguard plugin
become: yes
become_user: elasticsearch
shell: |
./sgadmin.sh -p {{ mc_es_transport_port }} -cacert root-ca.pem \
-cert sgadmin.pem -key sgadmin.key -cd {{ mc_es_searchgaurd_home }}/sgconfig/ -nhnv -icl
@@ -185,4 +179,4 @@
environment:
JAVA_HOME: "{{ mc_es_java_home }}"
register: install_searchguard_result
when: check_searchguard_bundle_result.matched == 1
when: check_searchguard_bundle_result.matched == 1

2
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/setup-searchguard.yml
View File

@@ -64,4 +64,4 @@
path: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.sh"
owner: elasticsearch
group: elasticsearch
mode: 0700
mode: 0700

41
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade-elasticsearch.yml
View File

@@ -1,17 +1,13 @@
- name: Get elasticsearch pid
shell: "ps -ef | grep -v grep | grep -w elasticsearch | awk '{print $2}'"
register: elasticsearch_pid
- name: Stop elasticsearch before upgrade
- name: Kill elasticsearch process
become: yes
shell: kill -9 {{ elasticsearch_pid.stdout }}
when: elasticsearch_pid.stdout | length > 0
- name: Waiting until all running processes are killed
wait_for:
path: "/proc/{{ elasticsearch_pid.stdout }}/status"
state: absent
when: elasticsearch_pid.stdout | length > 0
ignore_errors: yes
shell: |
ps -ef | grep -v grep | grep -w elasticsearch | awk '{print $2}' | while read curr_ps_id
do
echo "process ${curr_ps_id} still running"
echo "$(ps -ef | grep -v grep | grep ${curr_ps_id})"
kill -9 ${curr_ps_id}
done
- name: Find searchguard bundle for removal
become: yes
@@ -75,7 +71,7 @@
- --exclude=config
owner: elasticsearch
group: elasticsearch
creates: "{{ mc_es_script_path }}"
creates: "{{ mc_es_java_home }}"
register: unarchive_result
when: check_elasticsearch_package_result.matched > 0
@@ -107,8 +103,8 @@
environment:
ES_JAVA_HOME: "{{ mc_es_java_home }}"
ES_PATH_CONF: "{{ mc_es_conf_base }}/"
when: unarchive_result.extract_results.rc | default(128) == 0
register: start_elastcsearch
when: unarchive_result.extract_results.rc | default(128) == 0
- name: Wait for elasticsearch to start
pause:
@@ -116,8 +112,21 @@
when: start_elasticsearch.changed
- name: Check if elasticsearch is running
wait_for:
wait_for:
host: localhost
port: "{{ mc_es_transport_port }}"
delay: 5
connect_timeout: 1
- name: Init searchguard plugin
become: yes
become_user: elasticsearch
shell: |
./sgadmin.sh -p {{ mc_es_transport_port }} -cacert root-ca.pem \
-cert sgadmin.pem -key sgadmin.key -cd {{ mc_es_searchgaurd_home }}/sgconfig/ -nhnv -icl
args:
chdir: "{{ mc_es_searchgaurd_home }}/tools/"
environment:
JAVA_HOME: "{{ mc_es_java_home }}"
register: install_searchguard_result
when: check_searchguard_bundle_result.matched == 1

1
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade-searchguard.yml
View File

@@ -65,6 +65,7 @@
loop:
- "sg_roles.yml"
- "sg_roles_mapping.yml"
- "sg_config.yml"
- name: Check execution bit
become: yes

18
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade.yml
View File

@@ -1,4 +1,3 @@
---
- debug:
msg: "Performing Upgrade of missionControl version - {{ missioncontrol_version }}"
@@ -71,10 +70,10 @@
template:
src: "{{ mc_system_yaml_template }}"
dest: "{{ mc_home }}/var/etc/system.yaml"
when:
- mc_systemyaml is defined
when:
- mc_systemyaml is defined
- mc_systemyaml|length > 0
- mc_systemyaml_override or (not systemyaml.stat.exists)
- mc_systemyaml_override or (not systemyaml.stat.exists)
notify: restart missioncontrol
- name: Check if install.sh wrapper script exist
@@ -97,7 +96,7 @@
apply:
environment:
YQ_PATH: "{{ mc_thirdparty_path }}/yq"
when:
when:
- upgrade_wrapper_script.stat.exists
- download_mc.changed
@@ -120,10 +119,13 @@
- name: Restart missioncontrol
meta: flush_handlers
- name : Wait for missionControl to be fully deployed
uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
- name: Make sure missionControl is up and running
uri:
url: http://127.0.0.1:8082/router/api/v1/system/health
timeout: 130
status_code: 200
register: result
until: result.status == 200
until: result is succeeded
retries: 25
delay: 5
when: not ansible_check_mode

5
Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/vars/main.yml
View File

@@ -1,6 +1,5 @@
---
# platform collection version
platform_collection_version: 7.23.3
platform_collection_version: 7.24.3
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
ansible_marketplace: galaxy
ansible_marketplace: galaxy

23
Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/Debian.yml
View File

@@ -1,33 +1,36 @@
---
- name: install acl, python3-psycopg2
- name: Install prerequisite packages
become: yes
apt:
name:
- acl
- python3-psycopg2
name: ['acl', 'apt-transport-https', 'locales', 'python3-psycopg2']
state: present
update_cache: yes
ignore_errors: yes
- name: add postgres apt key
- name: Ensure UTF-8 locale exists
become: yes
locale_gen:
name: en_US.UTF-8
state: present
- name: Import PostgreSQL repository key
become: yes
apt_key:
url: "{{ postgres_apt_key_url }}"
id: "{{ postgres_apt_key_id }}"
validate_certs: no
state: present
- name: register APT repository
- name: Register PostgreSQL repository
become: yes
apt_repository:
repo: "{{ postgres_apt_repository_repo }}"
state: present
filename: pgdg
- name: install postgres packages
- name: Install postgres packages
become: yes
apt:
name:
- postgresql-{{ postgres_version }}
- postgresql-contrib-{{ postgres_version }}
state: present
update_cache: yes
cache_valid_time: 3600

79
Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/RedHat.yml
View File

@@ -1,14 +1,23 @@
---
- name: install EPEL repository
- name: Import EPEL GPG public key
become: yes
yum: name=epel-release state=present
when: > # not for Fedora
ansible_distribution == 'CentOS' or
ansible_distribution == 'Red Hat Enterprise Linux'
rpm_key:
key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ version }}
state: present
vars:
version: "{{ ansible_distribution_major_version }}"
- name: install acl
- name: Install EPEL repository
become: yes
yum:
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ version }}.noarch.rpm
state: present
vars:
version: "{{ ansible_distribution_major_version }}"
when: ansible_distribution in ['CentOS', 'RedHat']
- name: Install prerequisite packages
become: yes
ignore_errors: yes
yum:
name:
- acl
@@ -16,66 +25,46 @@
- wget
- perl
state: present
ignore_errors: yes
- name: install python3-psycopg2
- name: Install python3-psycopg2
become: yes
yum:
name:
- python3-psycopg2
name: python3-psycopg2
state: present
when: ansible_distribution_major_version == '8'
- name: install python2-psycopg2
- name: Install python2-psycopg2
become: yes
yum:
name:
- python-psycopg2
name: python-psycopg2
state: present
when: ansible_distribution_major_version == '7'
- name: fixup some locale issues
- name: Fixup some locale issues
become: yes
lineinfile:
dest: /etc/default/locale
line: 'LANGUAGE="{{ item }}"'
dest: /etc/locale.conf
line: "{{ item }}"
state: present
create: yes
loop:
- 'en_US:en'
- 'en_us.UTF-8'
- LANG=en_us.UTF-8
- LANGUAGE=en_us.UTF-8
- name: get latest version
vars:
base: http://download.postgresql.org/pub/repos/yum
ver: "{{ ansible_distribution_major_version }}"
shell: |
set -eo pipefail
wget -O - {{ base }}/reporpms/EL-{{ ver }}-x86_64/ 2>/dev/null | \
grep 'pgdg-redhat-repo-latest' | \
perl -pe 's/^.*rpm">//g' | \
perl -pe 's/<\/a>.*//g' | \
tail -n 1
args:
executable: /bin/bash
changed_when: false
check_mode: false
register: latest_version
tags: [skip_ansible_lint]
- name: config postgres repository
- name: Install postgres repository
become: yes
vars:
base: http://download.postgresql.org/pub/repos/yum
ver: "{{ ansible_distribution_major_version }}"
yum:
name: "{{ base }}/reporpms/EL-{{ ver }}-x86_64/{{ latest_version.stdout }}"
name: "{{ base }}/reporpms/EL-{{ version }}-x86_64/{{ repo_file_name }}"
state: present
vars:
base: https://download.postgresql.org/pub/repos/yum
version: "{{ ansible_distribution_major_version }}"
repo_file_name: pgdg-redhat-repo-latest.noarch.rpm
- name: install postgres packages
- name: Install postgres packages
become: yes
yum:
name:
- postgresql{{ postgres_server_pkg_version }}-server
- postgresql{{ postgres_server_pkg_version }}-contrib
state: present
state: present

29
Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/install.yml
View File

@@ -1,11 +1,10 @@
---
- name: define OS-specific variables
- name: Define OS-specific variables
include_vars: "{{ ansible_os_family }}.yml"
- name: perform installation
- name: Install prerequisite packages
include_tasks: "{{ ansible_os_family }}.yml"
- name: Set PostgreSQL environment variables.
- name: Set PostgreSQL environment variables
become: yes
template:
src: postgres.sh.j2
@@ -13,7 +12,7 @@
mode: 0644
notify: restart postgresql
- name: Ensure PostgreSQL data directory exists.
- name: Ensure PostgreSQL data directory exists
become: yes
become_user: postgres
file:
@@ -40,7 +39,7 @@
dest: "{{ postgresql_config_path }}/{{ item }}"
owner: postgres
group: postgres
mode: u=rw,go=r
mode: 0644
loop:
- pg_hba.conf
- postgresql.conf
@@ -56,6 +55,8 @@
- name: Hold until Postgresql is up and running
wait_for:
port: "{{ postgres_port }}"
timeout: 120
sleep: 10
- name: Create users
become: yes
@@ -64,7 +65,7 @@
name: "{{ item.db_user }}"
password: "{{ item.db_password }}"
conn_limit: "-1"
loop: "{{ db_users|default([]) }}"
loop: "{{ db_users | default([]) }}"
no_log: true # secret passwords
- name: Create a database
@@ -77,7 +78,7 @@
lc_collate: "{{ postgres_locale }}"
lc_ctype: "{{ postgres_locale }}"
template: template0
loop: "{{ dbs|default([]) }}"
loop: "{{ dbs | default([]) }}"
- name: Check if MC schemas already exists
become: yes
@@ -85,15 +86,17 @@
command: psql -d {{ mc_db_name }} -t -c "\dn"
register: mc_schemas_loaded
when: mc_enabled
changed_when: false
- name: Create schemas for mission-control
become: yes
become_user: postgres
command: psql -d {{ mc_db_name }} -c 'CREATE SCHEMA {{ item }} authorization {{ mc_db_user }}'
loop: "{{ mc_schemas|default([]) }}"
when:
loop: "{{ mc_schemas | default([]) }}"
when:
- mc_enabled
- "mc_schemas_loaded.stdout is defined and '{{ item }}' not in mc_schemas_loaded.stdout"
- mc_schemas_loaded.stdout is defined
- item not in mc_schemas_loaded.stdout
- name: Grant all privileges to mc user on its schema
become: yes
@@ -104,7 +107,7 @@
type: schema
roles: "{{ mc_db_user }}"
objs: "{{ item }}"
loop: "{{ mc_schemas|default([]) }}"
loop: "{{ mc_schemas | default([]) }}"
when: mc_enabled
- name: Grant privs on db
@@ -116,7 +119,7 @@
state: present
privs: ALL
type: database
loop: "{{ dbs|default([]) }}"
loop: "{{ dbs | default([]) }}"
- debug:
msg: "Restarted postgres systemd {{ postgresql_daemon }}"

5
Ansible/ansible_collections/jfrog/platform/roles/postgres/vars/Debian.yml
View File

@@ -1,9 +1,8 @@
---
postgresql_data_dir: "/var/lib/postgresql/{{ postgres_version }}/main"
postgresql_bin_path: "/usr/lib/postgresql/{{ postgres_version }}/bin"
postgresql_config_path: "/etc/postgresql/{{ postgres_version }}/main"
postgresql_daemon: postgresql@{{ postgres_version}}-main
postgresql_daemon: postgresql@{{ postgres_version }}-main
postgresql_external_pid_file: "/var/run/postgresql/{{ postgres_version }}-main.pid"
postgres_apt_key_url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc"
postgres_apt_key_id: "0x7FCC7D46ACCC4CF8"
postgres_apt_repository_repo: "deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"
postgres_apt_repository_repo: "deb https://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"

7
Ansible/ansible_collections/jfrog/platform/roles/postgres/vars/RedHat.yml
View File

@@ -1,6 +1,5 @@
---
postgresql_bin_path: "/usr/pgsql-{{ postgres_version }}/bin"
postgresql_data_dir: "/var/lib/pgsql/{{ postgres_version}}/data"
postgresql_config_path: "/var/lib/pgsql/{{ postgres_version}}/data"
postgresql_daemon: postgresql-{{ postgres_version}}.service
postgresql_data_dir: "/var/lib/pgsql/{{ postgres_version }}/data"
postgresql_config_path: "/var/lib/pgsql/{{ postgres_version }}/data"
postgresql_daemon: postgresql-{{ postgres_version }}.service
postgresql_external_pid_file: "/var/run/postgresql/{{ postgres_version }}-main.pid"

22
Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml
View File

@@ -1,15 +1,14 @@
---
# defaults file for xray
# The version of xray to install
xray_version: 3.29.0
xray_version: 3.30.1
# whether to enable HA
xray_ha_enabled: false
xray_ha_node_type : master
xray_ha_node_type: master
# The location where xray should install.
# The location where xray should install
jfrog_home_directory: /opt/jfrog
# The remote xray download file
@@ -26,7 +25,7 @@ xray_home: "{{ jfrog_home_directory }}/xray"
xray_install_script_path: "{{ xray_home }}/app/bin"
xray_thirdparty_path: "{{ xray_home }}/app/third-party"
xray_archive_service_cmd: "{{ xray_install_script_path }}/installService.sh"
xray_service_file : /lib/systemd/system/xray.service
xray_service_file: /lib/systemd/system/xray.service
#xray users and groups
xray_user: xray
@@ -37,8 +36,6 @@ xray_gid: 1035
xray_daemon: xray
flow_type: archive
#rabbitmq user
xray_rabbitmq_user: guest
xray_rabbitmq_password: guest
@@ -50,21 +47,18 @@ xray_upgrade_only: false
xray_system_yaml_template: system.yaml.j2
linux_distro: "{{ ansible_distribution | lower }}{{ansible_distribution_major_version}}"
linux_distro: "{{ ansible_distribution | lower }}{{ ansible_distribution_major_version }}"
xray_db_util_search_filter:
ubuntu16:
db5: 'db5.3-util.*ubuntu.*amd64\.deb'
db: 'db-util.*ubuntu.*all.deb'
ubuntu18:
db5: 'db5.3-util.*ubuntu.*amd64\.deb'
db5: 'db5.3-util.*ubuntu1.1.*amd64\.deb'
db: 'db-util.*ubuntu.*all.deb'
ubuntu20:
db5: 'db5.3-util.*ubuntu.*amd64\.deb'
db5: 'db5.3-util.*dfsg.*ubuntu.*amd64\.deb'
db: 'db-util.*ubuntu.*all.deb'
debian8:
db5: 'db5.3-util.*deb8.*amd64\.deb'
db: 'db-util_([0-9]{1,3}\.?){3}_all\.deb'
debian9:
db5: 'db5.3-util.*deb9.*amd64\.deb'
db: 'db-util_([0-9]{1,3}\.?){3}_all\.deb'
@@ -76,7 +70,7 @@ xray_db_util_search_filter:
yum_python_interpreter: >-
{%- if linux_distro is not defined -%}
/usr/bin/python3
{%- elif linux_distro in ['centos7', 'rhel7'] -%}
{%- elif linux_distro in ['centos7', 'redhat7'] -%}
/usr/bin/python
{%- else -%}
/usr/bin/python3

13
Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,13 @@
- name: Install prerequisite packages
become: yes
apt:
name: ["expect", "locales"]
state: present
update_cache: yes
cache_valid_time: 3600
- name: Ensure UTF-8 locale exists
become: yes
locale_gen:
name: en_US.UTF-8
state: present

5
Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,5 @@
- name: Install prerequisite packages
become: yes
yum:
name: expect
state: present

37
Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/install.yml
View File

@@ -1,33 +1,18 @@
---
- debug:
msg: "Performing installation of Xray version : {{ xray_version }}"
- name: Install expect dependency
become: yes
yum:
name: expect
state: present
when: ansible_os_family == 'RedHat'
- name: Install expect dependency
become: yes
apt:
name: expect
state: present
update_cache: yes
when: ansible_os_family == 'Debian'
- name: Install prerequisite packages
include_tasks: "{{ ansible_os_family }}.yml"
- name: Ensure group xray exist
become: yes
group:
name: "{{ xray_group }}"
gid: "{{ xray_gid }}"
state: present
- name: Ensure user xray exist
become: yes
user:
uid: "{{ xray_uid }}"
name: "{{ xray_user }}"
group: "{{ xray_group }}"
create_home: yes
@@ -150,10 +135,10 @@
template:
src: "{{ xray_system_yaml_template }}"
dest: "{{ xray_home }}/var/etc/system.yaml"
when:
- xray_systemyaml is defined
when:
- xray_systemyaml is defined
- xray_systemyaml|length > 0
- xray_systemyaml_override or (not systemyaml.stat.exists)
- xray_systemyaml_override or (not systemyaml.stat.exists)
notify: restart xray
- name: Ensure permissions are correct
@@ -167,8 +152,7 @@
- name: Install xray as a service
become: yes
shell: |
{{ xray_archive_service_cmd }}
shell: "{{ xray_archive_service_cmd }}"
args:
chdir: "{{ xray_install_script_path }}"
creates: "{{ xray_service_file }}"
@@ -177,10 +161,13 @@
- name: Restart xray
meta: flush_handlers
- name : Wait for xray to be fully deployed
uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
- name: Make sure xray is up and running
uri:
url: http://127.0.0.1:8082/router/api/v1/system/health
timeout: 130
status_code: 200
register: result
until: result.status == 200
until: result is succeeded
retries: 25
delay: 5
when: not ansible_check_mode

7
Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/main.yml
View File

@@ -1,10 +1,11 @@
- name: perform installation
- name: Perform installation
include_tasks: "install.yml"
when:
- xray_enabled
- not xray_upgrade_only
- name: perform upgrade
- name: Perform upgrade
include_tasks: "upgrade.yml"
when:
- xray_enabled
- xray_upgrade_only
- xray_upgrade_only

7
Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/rabbitmq/setup/RedHat.yml
View File

@@ -1,15 +1,12 @@
- name: Set package prefix
set_fact:
rhel_package_prefix: >-
{%- if linux_distro in ['centos7','rhel7'] -%}
{%- if linux_distro in ['centos7','redhat7'] -%}
el7
{%- elif linux_distro in ['centos8','rhel8'] -%}
{%- elif linux_distro in ['centos8','redhat8'] -%}
el8
{%- endif -%}
- debug:
msg: "rhel_package_prefix: {{ rhel_package_prefix }}"
- name: Find socat package
become: yes
find:

4
Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/rabbitmq/upgrade/RedHat.yml
View File

@@ -1,9 +1,9 @@
- name: Set package prefix
set_fact:
rhel_package_prefix: >-
{%- if linux_distro in ['centos7','rhel7'] -%}
{%- if linux_distro in ['centos7','redhat7'] -%}
el7
{%- elif linux_distro in ['centos8','rhel8'] -%}
{%- elif linux_distro in ['centos8','redhat8'] -%}
el8
{%- endif -%}

18
Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/upgrade.yml
View File

@@ -1,4 +1,3 @@
---
- debug:
msg: "Performing upgrade of Xray version to {{ xray_version }}..."
@@ -33,7 +32,7 @@
- name: stop xray
become: yes
systemd:
name: "{{ xray_daemon }}"
name: "{{ xray_daemon }}"
state: stopped
when: download_xray.changed
@@ -104,10 +103,10 @@
template:
src: "{{ xray_system_yaml_template }}"
dest: "{{ xray_home }}/var/etc/system.yaml"
when:
- xray_systemyaml is defined
when:
- xray_systemyaml is defined
- xray_systemyaml|length > 0
- xray_systemyaml_override or (not systemyaml.stat.exists)
- xray_systemyaml_override or (not systemyaml.stat.exists)
notify: restart xray
- name: configure installer info
@@ -129,10 +128,13 @@
- name: Restart xray
meta: flush_handlers
- name : wait for xray to be fully deployed
uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
- name: Make sure xray is up and running
uri:
url: http://127.0.0.1:8082/router/api/v1/system/health
timeout: 130
status_code: 200
register: result
until: result.status == 200
until: result is succeeded
retries: 25
delay: 5
when: not ansible_check_mode

5
Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml
View File

@@ -1,6 +1,5 @@
---
# platform collection version
platform_collection_version: 7.23.3
platform_collection_version: 7.24.3
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
ansible_marketplace: galaxy
ansible_marketplace: galaxy