[Ansible] JFrog Platform 7.24.3 (#153)

Ansible/ansible_collections/jfrog/platform/CHANGELOG.md

@@ -1,6 +1,11 @@
 # JFrog Platform Ansible Collection Changelog
 All changes to this collection will be documented in this file.
 
+## [7.24.3] - Aug 17, 2021 
+* Added required variables check when using `artifactory_nginx_ssl` role
+* Missioncontrol's Elasticsearch to use default ES JAVA_HOME
+* Bug Fixes
+
 ## [7.23.3] - Aug 5, 2021
 * Missioncontrol's Elasticsearch to use new JAVA_HOME path
 * Missioncontrol's Elasticsearch searchguard plugin to use by default `anonymous_auth_enabled: true`

Ansible/ansible_collections/jfrog/platform/ansible.cfg

@@ -1,5 +1,5 @@
 [defaults]
 host_key_checking = false
 stdout_callback = debug
-remote_tmp = /tmp/.ansible/tmp
+remote_tmp = /tmp/${USER}/ansible
-timeout = 20
+timeout = 20

Ansible/ansible_collections/jfrog/platform/galaxy.yml

@@ -9,7 +9,7 @@ namespace: "jfrog"
 name: "platform"
 
 # The version of the collection. Must be compatible with semantic versioning
-version: "7.23.3"
+version: "7.24.3"
 
 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
 readme: "README.md"

Ansible/ansible_collections/jfrog/platform/group_vars/all/vars.yml

@@ -1,7 +1,6 @@
----
 # Defaults
-## Note : These values are global and can be overridden in role/<product>/defaults/main.yaml file
+## Note: These values are global and have precedence over role/<product>/defaults/main.yaml
-## For production deployments,You may want to generate your master amd join keys and apply it to all the nodes.
+## For production deployments, You may want to generate your master amd join keys and apply it to all the nodes.
 master_key: ee69d96880726d3abf6b42b97d2ae589111ea95c2a8bd5876ec5cd9e8ee34f86
 join_key: 83da88eaaa08dfed5b86888fcec85f19ace0c3ff8747bcefcec2c9769ad4043d
 
@@ -62,12 +61,12 @@ mc_db_url: >-
     {%- endfor -%}
 
 # Postgresql users and databases/schemas
-db_users: 
+db_users:
   - { db_user: "{{ artifactory_db_user }}", db_password: "{{ artifactory_db_password }}" }
   - { db_user: "{{ xray_db_user }}", db_password: "{{ xray_db_password }}" }
   - { db_user: "{{ distribution_db_user }}", db_password: "{{ distribution_db_password }}" }
   - { db_user: "{{ mc_db_user }}", db_password: "{{ mc_db_password }}" }
-dbs: 
+dbs:
   - { db_name: "{{ artifactory_db_name }}", db_owner: "{{ artifactory_db_user }}" }
   - { db_name: "{{ xray_db_name }}", db_owner: "{{ xray_db_user }}" }
   - { db_name: "{{ distribution_db_name }}", db_owner: "{{ distribution_db_user }}" }
@@ -78,4 +77,4 @@ mc_schemas:
   - insight_scheduler
 
 # For Centos/RHEL-7, Set this to "/usr/bin/python"
-ansible_python_interpreter: "/usr/bin/python3"
+ansible_python_interpreter: "/usr/bin/python3"

Ansible/ansible_collections/jfrog/platform/platform.yml

@@ -13,4 +13,4 @@
     - distribution
 - hosts: missioncontrol_servers
   roles:
-    - missioncontrol
+    - missioncontrol

Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml

@@ -1,8 +1,7 @@
----
 # defaults file for artifactory
 
 # The version of artifactory to install
-artifactory_version: 7.23.3
+artifactory_version: 7.24.3
 
 # Set this to true when SSL is enabled (to use artifactory_nginx_ssl role), default to false (implies artifactory uses artifactory_nginx role )
 artifactory_nginx_ssl_enabled: false
@@ -28,10 +27,10 @@ artifactory_ha_enabled: false
 # By default, all nodes are primary (CNHA) - https://www.jfrog.com/confluence/display/JFROG/High+Availability#HighAvailability-Cloud-NativeHighAvailability
 artifactory_taskAffinity: any
 
-# The location where Artifactory should install.
+# The location where Artifactory should install
 jfrog_home_directory: /opt/jfrog
 
-# Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro.
+# Pick the Artifactory flavour to install, can be also cpp-ce/jcr/pro
 artifactory_flavour: pro
 
 artifactory_extra_java_opts: -server -Xms512m -Xmx2g -Xss256k -XX:+UseG1GC
@@ -62,7 +61,7 @@ artifactory_upgrade_only: false
 artifactory_admin_username: admin
 artifactory_admin_password: password
 
-artifactory_service_file : /lib/systemd/system/artifactory.service
+artifactory_service_file: /lib/systemd/system/artifactory.service
 
 # Provide binarystore XML content below with 2-space indentation
 artifactory_binarystore: |-

Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/Debian.yml

@@ -0,0 +1,13 @@
+- name: Install prerequisite packages
+  become: yes
+  apt:
+    name: ["net-tools", "locales"]
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
+
+- name: Ensure UTF-8 locale exists
+  become: yes
+  locale_gen:
+    name: en_US.UTF-8
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/RedHat.yml

@@ -0,0 +1,5 @@
+- name: Install prerequisite packages
+  become: yes
+  yum:
+    name: net-tools
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml

@@ -1,18 +1,20 @@
----
 - debug:
     msg: "Performing installation of Artifactory version : {{ artifactory_version }} "
 
-- name: install nginx
+- name: Install prerequisite packages
+  include_tasks: "{{ ansible_os_family }}.yml"
+
+- name: Install nginx
   include_role:
     name: artifactory_nginx
-  when: 
+  when:
     - artifactory_nginx_enabled | bool
     - not artifactory_nginx_ssl_enabled | bool
 
-- name: install nginx with SSL
+- name: Install nginx with SSL
   include_role:
     name: artifactory_nginx_ssl
-  when: 
+  when:
     - not artifactory_nginx_enabled | bool
     - artifactory_nginx_ssl_enabled | bool
 
@@ -20,13 +22,11 @@
   become: yes
   group:
     name: "{{ artifactory_group }}"
-    gid: "{{ artifactory_gid }}"
     state: present
 
 - name: Ensure user artifactory exist
   become: yes
   user:
-    uid: "{{ artifactory_uid }}"
     name: "{{ artifactory_user }}"
     group: "{{ artifactory_group }}"
     create_home: yes
@@ -98,8 +98,8 @@
   template:
     src: "{{ artifactory_system_yaml_template }}"
     dest: "{{ artifactory_home }}/var/etc/system.yaml"
-  when: 
+  when:
-    - artifactory_systemyaml is defined  
+    - artifactory_systemyaml is defined
     - artifactory_systemyaml|length > 0
     - artifactory_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart artifactory
@@ -125,9 +125,9 @@
   template:
     src: binarystore.xml.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/binarystore.xml"
-  when: 
+  when:
-    - artifactory_binarystore is defined  
+    - artifactory_binarystore is defined
-    - artifactory_binarystore|length > 0
+    - artifactory_binarystore | length > 0
   notify: restart artifactory
 
 - name: Configure single license
@@ -135,8 +135,8 @@
   template:
     src: artifactory.lic.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.lic"
-  when: 
+  when:
-    - artifactory_single_license is defined  
+    - artifactory_single_license is defined
     - artifactory_single_license|length > 0
   notify: restart artifactory
 
@@ -146,7 +146,7 @@
     src: artifactory.cluster.license.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
   when:
-   - artifactory_licenses is defined 
+   - artifactory_licenses is defined
    - artifactory_licenses|length > 0
   notify: restart artifactory
 
@@ -163,7 +163,7 @@
     dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
     owner: "{{ artifactory_user }}"
     group: "{{ artifactory_group }}"
-  when: 
+  when:
     - postgres_driver_download_url is defined
     - not database_driver.stat.exists
   notify: restart artifactory
@@ -185,10 +185,13 @@
 - name: Restart artifactory
   meta: flush_handlers
 
-- name : Wait for artifactory to be fully deployed
+- name: Make sure artifactory is up and running
-  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  uri:
+    url: http://127.0.0.1:8082/router/api/v1/system/health
+    timeout: 130
+    status_code: 200
   register: result
-  until: result.status == 200
+  until: result is succeeded
   retries: 25
   delay: 5
   when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/main.yml

@@ -1,10 +1,11 @@
-- name: perform installation
+- name: Perform installation
   include_tasks: "install.yml"
   when:
     - artifactory_enabled
     - not artifactory_upgrade_only
-- name: perform upgrade
+
+- name: Perform upgrade
   include_tasks: "upgrade.yml"
   when:
     - artifactory_enabled
-    - artifactory_upgrade_only
+    - artifactory_upgrade_only

Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml

@@ -1,4 +1,3 @@
----
 - debug:
     msg: "Performing upgrade of Artifactory version to : {{ artifactory_version }} "
 
@@ -60,8 +59,8 @@
   template:
     src: artifactory.lic.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.lic"
-  when: 
+  when:
-    - artifactory_single_license is defined  
+    - artifactory_single_license is defined
     - artifactory_single_license|length > 0
   notify: restart artifactory
 
@@ -71,8 +70,8 @@
     src: artifactory.cluster.license.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
   when:
-   - artifactory_licenses is defined 
+   - artifactory_licenses is defined
-   - artifactory_licenses|length > 0
+   - artifactory_licenses | length > 0
   notify: restart artifactory
 
 - name: Check if database driver exists
@@ -88,7 +87,7 @@
     dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
     owner: "{{ artifactory_user }}"
     group: "{{ artifactory_group }}"
-  when: 
+  when:
     - postgres_driver_download_url is defined
     - not database_driver.stat.exists
   notify: restart artifactory
@@ -105,8 +104,8 @@
   template:
     src: binarystore.xml.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/binarystore.xml"
-  when: 
+  when:
-    - artifactory_binarystore is defined  
+    - artifactory_binarystore is defined
     - artifactory_binarystore|length > 0
   notify: restart artifactory
 
@@ -121,10 +120,10 @@
   template:
     src: "{{ artifactory_system_yaml_template }}"
     dest: "{{ artifactory_home }}/var/etc/system.yaml"
-  when: 
+  when:
-    - artifactory_systemyaml is defined  
+    - artifactory_systemyaml is defined
     - artifactory_systemyaml|length > 0
-    - artifactory_systemyaml_override or (not systemyaml.stat.exists) 
+    - artifactory_systemyaml_override or (not systemyaml.stat.exists)
   notify: restart artifactory
 
 - name: Ensure permissions are correct
@@ -138,10 +137,13 @@
 - name: Restart artifactory
   meta: flush_handlers
 
-- name : Wait for artifactory to be fully deployed
+- name: Make sure artifactory is up and running
-  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  uri:
+    url: http://127.0.0.1:8082/router/api/v1/system/health
+    timeout: 130
+    status_code: 200
   register: result
-  until: result.status == 200
+  until: result is succeeded
   retries: 25
   delay: 5
   when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml

@@ -1,6 +1,5 @@
----
 # platform collection version
-platform_collection_version: 7.23.3
+platform_collection_version: 7.24.3
 
 # indicates where this collection was downloaded from (galaxy, automation_hub, standalone)
-ansible_marketplace: galaxy
+ansible_marketplace: galaxy

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/defaults/main.yml

@@ -4,4 +4,3 @@
 server_name: test.artifactory.com
 
 nginx_daemon: nginx
-

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/tasks/Debian.yml

@@ -1,9 +1,9 @@
----
+- name: Update apt cache
-- name: apt-get update
   become: yes
   apt:
     update_cache: yes
-  register: package_res
+    cache_valid_time: 3600
+  register: apt_update_cache
   retries: 5
   delay: 60
-  until: package_res is success
+  until: apt_update_cache is succeeded

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/tasks/RedHat.yml

@@ -1,6 +1,15 @@
----
+- name: Import EPEL GPG public key
-- name: epel-release
+  become: yes
+  rpm_key:
+    key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ version }}
+    state: present
+  vars:
+    version: "{{ ansible_distribution_major_version }}"
+
+- name: Install EPEL repository
   become: yes
   yum:
-    name: epel-release
+    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ version }}.noarch.rpm
-    state: present
+    state: present
+  vars:
+    version: "{{ ansible_distribution_major_version }}"

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/tasks/main.yml

@@ -1,5 +1,4 @@
----
+- name: Install prerequisite packages
-- name: Install dependencies
   include_tasks: "{{ ansible_os_family }}.yml"
 
 - name: Install nginx after dependency installation
@@ -7,12 +6,12 @@
   package:
     name: nginx
     state: present
-  register: package_res
+  register: install_nginx
   retries: 5
   delay: 60
-  until: package_res is success
+  until: install_nginx is succeeded
 
-- name: Configure main nginx conf file.
+- name: Copy nginx.conf file
   become: yes
   copy:
     src: nginx.conf
@@ -21,7 +20,7 @@
     group: root
     mode: '0755'
 
-- name: Configure the artifactory nginx conf
+- name: Generate artifactory.conf
   become: yes
   template:
     src: artifactory.conf.j2
@@ -32,4 +31,4 @@
   notify: restart nginx
 
 - name: Restart nginx
-  meta: flush_handlers
+  meta: flush_handlers

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx/vars/main.yml

@@ -1,2 +1 @@
----
+# vars file for artifactory_nginx
-# vars file for artifactory_nginx

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/defaults/main.yml

@@ -1,7 +1,8 @@
----
+# defaults file for artifactory_nginx_ssl
-# defaults file for artifactory_nginx
 
 ## For production deployments,You SHOULD change it.
 # server_name: test.artifactory.com
 
 nginx_daemon: nginx
+
+redirect_http_to_https_enabled: true

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/files/nginx.conf

@@ -0,0 +1,37 @@
+#user  nobody;
+worker_processes  1;
+error_log  /var/log/nginx/error.log  info;
+#pid        logs/nginx.pid;
+events {
+    worker_connections  1024;
+}
+http {
+    include       mime.types;
+    variables_hash_max_size 1024;
+    variables_hash_bucket_size 64;
+    server_names_hash_max_size 4096;
+    server_names_hash_bucket_size 128;
+    types_hash_max_size 2048;
+    types_hash_bucket_size 64;
+    proxy_read_timeout 2400s;
+    client_header_timeout 2400s;
+    client_body_timeout 2400s;
+    proxy_connect_timeout 75s;
+    proxy_send_timeout 2400s;
+    proxy_buffer_size 32k;
+    proxy_buffers 40 32k;
+    proxy_busy_buffers_size 64k;
+    proxy_temp_file_write_size 250m;
+    proxy_http_version 1.1;
+    client_body_buffer_size 128k;
+    include    /etc/nginx/conf.d/*.conf;
+    default_type  application/octet-stream;
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+'$status $body_bytes_sent "$http_referer" '
+'"$http_user_agent" "$http_x_forwarded_for"';
+    access_log  /var/log/nginx/access.log  main;
+    sendfile        on;
+    #tcp_nopush     on;
+   #keepalive_timeout  0;
+    keepalive_timeout  65;
+}

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/files/redirect_http_to_https.conf

@@ -0,0 +1,5 @@
+server {
+    listen 80;
+    server_name _;
+    return 301 https://$host$request_uri;
+}

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/tasks/Debian.yml

@@ -0,0 +1,9 @@
+- name: Update apt cache
+  become: yes
+  apt:
+    update_cache: yes
+    cache_valid_time: 3600
+  register: apt_update_cache
+  retries: 5
+  delay: 60
+  until: apt_update_cache is succeeded

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/tasks/RedHat.yml

@@ -0,0 +1,15 @@
+- name: Import EPEL GPG public key
+  become: yes
+  rpm_key:
+    key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ version }}
+    state: present
+  vars:
+    version: "{{ ansible_distribution_major_version }}"
+
+- name: Install EPEL repository
+  become: yes
+  yum:
+    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ version }}.noarch.rpm
+    state: present
+  vars:
+    version: "{{ ansible_distribution_major_version }}"

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/tasks/main.yml

@@ -1,5 +1,44 @@
----
+- name: "Check required variables"
-# tasks file for artifactory_nginx
+  fail: msg="Variable '{{ item }}' is not defined"
+  when: item not in vars
+  with_items: 
+  - certificate
+  - certificate_key
+  - server_name
+
+- name: Install prerequisite packages
+  include_tasks: "{{ ansible_os_family }}.yml"
+
+- name: Install nginx after dependency installation
+  become: yes
+  package:
+    name: nginx
+    state: present
+  register: install_nginx
+  retries: 5
+  delay: 60
+  until: install_nginx is success
+
+- name: Configure main nginx conf file.
+  become: yes
+  copy:
+    src: nginx.conf
+    dest: /etc/nginx/nginx.conf
+    owner: root
+    group: root
+    mode: '0755'
+
+- name: Configure redirect nginx conf
+  become: yes
+  copy:
+    src: redirect_http_to_https.conf
+    dest: /etc/nginx/conf.d/redirect_http_to_https.conf
+    owner: root
+    group: root
+    mode: '0755'
+  when: redirect_http_to_https_enabled | bool
+  notify: restart nginx
+
 - name: Configure the artifactory nginx conf
   become: yes
   template:

Ansible/ansible_collections/jfrog/platform/roles/artifactory_nginx_ssl/vars/main.yml

@@ -1,2 +1 @@
----
+# vars file for artifactory_nginx_ssl
-# vars file for artifactory_nginx

Ansible/ansible_collections/jfrog/platform/roles/distribution/defaults/main.yml

@@ -1,4 +1,3 @@
----
 # defaults file for distribution
 
 # The version of distribution to install
@@ -7,9 +6,9 @@ distribution_version: 2.9.0
 # whether to enable HA
 distribution_ha_enabled: false
 
-distribution_ha_node_type : master
+distribution_ha_node_type: master
 
-# The location where distribution should install.
+# The location where distribution should install
 jfrog_home_directory: /opt/jfrog
 
 # The remote distribution download file
@@ -37,8 +36,6 @@ distribution_gid: 1040
 
 distribution_daemon: distribution
 
-flow_type: archive
-
 # Redis details
 distribution_redis_url: "redis://localhost:6379"
 distribution_redis_password: password

Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/Debian.yml

@@ -0,0 +1,13 @@
+- name: Install prerequisite packages
+  become: yes
+  apt:
+    name: ["expect", "locales"]
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
+
+- name: Ensure UTF-8 locale exists
+  become: yes
+  locale_gen:
+    name: en_US.UTF-8
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/RedHat.yml

@@ -0,0 +1,5 @@
+- name: Install prerequisite packages
+  become: yes
+  yum:
+    name: expect
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/install.yml

@@ -1,33 +1,18 @@
----
 - debug:
     msg: "Performing installation of Distribution version - {{ distribution_version }}"
 
-- name: Install expect dependency
+- name: Install prerequisite packages
-  yum:
+  include_tasks: "{{ ansible_os_family }}.yml"
-    name: expect
-    state: present
-  become: yes
-  when: ansible_os_family == 'RedHat'
-
-- name: Install expect dependency
-  apt:
-    name: expect
-    state: present
-    update_cache: yes
-  become: yes
-  when: ansible_os_family == 'Debian'
 
 - name: Ensure group distribution exist
   become: yes
   group:
     name: "{{ distribution_group }}"
-    gid: "{{ distribution_gid }}"
     state: present
 
 - name: Ensure user distribution exist
   become: yes
   user:
-    uid: "{{ distribution_uid }}"
     name: "{{ distribution_user }}"
     group: "{{ distribution_group }}"
     create_home: yes
@@ -136,10 +121,10 @@
   template:
     src: "{{ distribution_system_yaml_template }}"
     dest: "{{ distribution_home }}/var/etc/system.yaml"
-  when: 
+  when:
-    - distribution_systemyaml is defined  
+    - distribution_systemyaml is defined
     - distribution_systemyaml|length > 0
-    - distribution_systemyaml_override or (not systemyaml.stat.exists) 
+    - distribution_systemyaml_override or (not systemyaml.stat.exists)
   notify: restart distribution
 
 - name: Configure installer info
@@ -160,8 +145,7 @@
 
 - name: Install Distribution as a service
   become: yes
-  shell: |
+  shell: "{{ distribution_archive_service_cmd }}"
-    {{ distribution_archive_service_cmd }}
   args:
     chdir: "{{ distribution_install_script_path }}"
     creates: "{{ distribution_service_file }}"
@@ -179,10 +163,13 @@
 - name: Restart distribution
   meta: flush_handlers
 
-- name : Wait for distribution to be fully deployed
+- name: Make sure distribution is up and running
-  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  uri:
+    url: http://127.0.0.1:8082/router/api/v1/system/health
+    timeout: 130
+    status_code: 200
   register: result
-  until: result.status == 200
+  until: result is succeeded
   retries: 25
   delay: 5
   when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/main.yml

@@ -1,10 +1,11 @@
-- name: perform installation
+- name: Perform installation
   include_tasks: "install.yml"
   when:
     - distribution_enabled
     - not distribution_upgrade_only
-- name: perform upgrade
+
+- name: Perform upgrade
   include_tasks: "upgrade.yml"
   when:
     - distribution_enabled
-    - distribution_upgrade_only
+    - distribution_upgrade_only

Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/upgrade.yml

@@ -1,4 +1,3 @@
----
 - debug:
     msg: "Performing upgrade of Distribution version to {{ distribution_version }} "
 
@@ -60,8 +59,8 @@
   template:
     src: "{{ distribution_system_yaml_template }}"
     dest: "{{ distribution_home }}/var/etc/system.yaml"
-  when: 
+  when:
-    - distribution_systemyaml is defined  
+    - distribution_systemyaml is defined
     - distribution_systemyaml|length > 0
     - distribution_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart distribution
@@ -124,10 +123,13 @@
 - name: Restart distribution
   meta: flush_handlers
 
-- name : Wait for distribution to be fully deployed
+- name: Make sure distribution is up and running
-  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  uri:
+    url: http://127.0.0.1:8082/router/api/v1/system/health
+    timeout: 130
+    status_code: 200
   register: result
-  until: result.status == 200
+  until: result is succeeded
   retries: 25
   delay: 5
   when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml

@@ -1,6 +1,5 @@
----
 # platform collection version
-platform_collection_version: 7.23.3
+platform_collection_version: 7.24.3
 
 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
 ansible_marketplace: galaxy

Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/script/archive.yml

@@ -1,40 +1,40 @@
 distribution_installer_scenario:
   main:
-    - { 
+    - {
         "expecting": "(data|installation) directory \\(",
-        "sending": "{{ distribution_home }}" 
+        "sending": "{{ distribution_home }}"
       }
-    - { 
+    - {
       "expecting": "join key.*:",
-      "sending": "{{ join_key }}" 
+      "sending": "{{ join_key }}"
       }
-    - { 
+    - {
         "expecting": "jfrog url:",
-        "sending": "{{ jfrog_url }}" 
+        "sending": "{{ jfrog_url }}"
       }
-    - { 
+    - {
         "expecting": "do you want to continue",
-        "sending": "y" 
+        "sending": "y"
       }
-    - { 
+    - {
         "expecting": "please specify the ip address of this machine",
         "sending": "{% if distribution_ha_node_type is defined and distribution_ha_node_type == 'master' %}{{ ansible_host }}{% else %}{{ ansible_host }}{% endif %}"
       }
-    - { 
+    - {
         "expecting": "are you adding an additional node",
         "sending": "{% if distribution_ha_node_type is defined and distribution_ha_node_type == 'master' %}n{% else %}y{% endif %}"
       }
-    - { 
+    - {
         "expecting": "do you want to install postgresql",
         "sending": "n"
       }
-    - { 
+    - {
         "expecting": "postgresql url.*example",
-        "sending": "{{ distribution_db_url }}" 
+        "sending": "{{ distribution_db_url }}"
       }
-    - { 
+    - {
         "expecting": "(postgresql|database)?\\s?username.*",
-        "sending": "{{ distribution_db_user }}" 
+        "sending": "{{ distribution_db_user }}"
       }
     - { 
         "expecting": "(confirm\\s?)?(postgresql|database)?\\s?password.*:",

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/defaults/main.yml

@@ -1,4 +1,3 @@
----
 # defaults file for mc
 
 # The version of missioncontrol to install
@@ -7,9 +6,9 @@ missioncontrol_version: 4.7.10
 # whether to enable HA
 mc_ha_enabled: false
 
-mc_ha_node_type : master
+mc_ha_node_type: master
 
-# The location where mc should install.
+# The location where mc should install
 jfrog_home_directory: /opt/jfrog
 
 # The remote mc download file
@@ -26,7 +25,7 @@ mc_home: "{{ jfrog_home_directory }}/mc"
 mc_install_script_path: "{{ mc_home }}/app/bin"
 mc_thirdparty_path: "{{ mc_home }}/app/third-party"
 mc_archive_service_cmd: "{{ mc_install_script_path }}/installService.sh"
-mc_service_file : /lib/systemd/system/mc.service
+mc_service_file: /lib/systemd/system/mc.service
 
 #mc users and groups
 mc_user: jfmc
@@ -51,12 +50,10 @@ mc_es_transport_port: 9300
 mc_es_home: "/usr/share/elasticsearch"
 mc_es_data_dir: "/var/lib/elasticsearch"
 mc_es_log_dir: "/var/log/elasticsearch"
-mc_es_java_home: "{{ mc_thirdparty_path }}/java"
+mc_es_java_home: "/usr/share/elasticsearch/jdk"
 mc_es_script_path: "/usr/share/elasticsearch/bin"
 mc_es_searchgaurd_home: "/usr/share/elasticsearch/plugins/search-guard-7"
 
-flow_type: archive
-
 # if this is an upgrade
 mc_upgrade_only: false
 

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/Debian.yml

@@ -0,0 +1,13 @@
+- name: Install prerequisite packages
+  become: yes
+  apt:
+    name: ["expect", "locales"]
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
+
+- name: Ensure UTF-8 locale exists
+  become: yes
+  locale_gen:
+    name: en_US.UTF-8
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/RedHat.yml

@@ -0,0 +1,5 @@
+- name: Install prerequisite packages
+  become: yes
+  yum:
+    name: expect
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/install.yml

@@ -1,33 +1,18 @@
----
 - debug:
     msg: "Performing installation of missionControl version - {{ missioncontrol_version }}"
 
-- name: Install expect dependency
+- name: Install prerequisite packages
-  become: yes
+  include_tasks: "{{ ansible_os_family }}.yml"
-  yum:
-    name: expect
-    state: present
-  when: ansible_os_family == 'RedHat'
-
-- name: Install expect dependency
-  become: yes
-  apt:
-    name: expect
-    state: present
-    update_cache: yes
-  when: ansible_os_family == 'Debian'
 
 - name: Ensure group jfmc exist
   become: yes
   group:
     name: "{{ mc_group }}"
-    gid: "{{ mc_gid }}"
     state: present
 
 - name: Ensure user jfmc exist
   become: yes
   user:
-    uid: "{{ mc_uid }}"
     name: "{{ mc_user }}"
     group: "{{ mc_group }}"
     create_home: yes
@@ -138,10 +123,10 @@
   template:
     src: "{{ mc_system_yaml_template }}"
     dest: "{{ mc_home }}/var/etc/system.yaml"
-  when: 
+  when:
-    - mc_systemyaml is defined  
+    - mc_systemyaml is defined
     - mc_systemyaml|length > 0
-    - mc_systemyaml_override or (not systemyaml.stat.exists) 
+    - mc_systemyaml_override or (not systemyaml.stat.exists)
   notify: restart missioncontrol
 
 - name: Update correct permissions
@@ -155,8 +140,7 @@
 
 - name: Install mc as a service
   become: yes
-  shell: |
+  shell: "{{ mc_archive_service_cmd }}"
-    {{ mc_archive_service_cmd }}
   args:
     chdir: "{{ mc_install_script_path }}"
     creates: "{{ mc_service_file }}"
@@ -165,10 +149,13 @@
 - name: Restart missioncontrol
   meta: flush_handlers
 
-- name : Wait for missionControl to be fully deployed
+- name: Make sure missionControl is up and running
-  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  uri:
+    url: http://127.0.0.1:8082/router/api/v1/system/health
+    timeout: 130
+    status_code: 200
   register: result
-  until: result.status == 200
+  until: result is succeeded
   retries: 25
   delay: 5
   when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/main.yml

@@ -1,10 +1,11 @@
-- name: perform installation
+- name: Perform installation
   include_tasks: "install.yml"
-  when: 
+  when:
     - mc_enabled
     - not mc_upgrade_only
-- name: perform upgrade
+
+- name: Perform upgrade
   include_tasks: "upgrade.yml"
   when:
     - mc_enabled
-    - mc_upgrade_only
+    - mc_upgrade_only

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/setup-elasticsearch.yml

@@ -2,14 +2,12 @@
   become: yes
   group:
     name: elasticsearch
-    gid: "{{ es_gid }}"
     state: present
 
 - name: Ensure user elasticsearch exists
   become: yes
   user:
     name: elasticsearch
-    uid: "{{ es_uid }}"
     group: elasticsearch
     create_home: yes
     home: "{{ mc_es_home }}"
@@ -47,12 +45,13 @@
     limit_item: nproc
     value: '4096'
 
-- name: Setting sysctl values
+- name: Set vm.max_map_count in /etc/sysctl.conf
   become: yes
-  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
-  loop:
-    - { name: "vm.max_map_count", value: 262144}
   ignore_errors: yes
+  sysctl:
+    name: vm.max_map_count
+    value: '262144'
+    sysctl_set: yes
 
 - name: Find elasticsearch package
   become: yes
@@ -87,7 +86,7 @@
       - --strip-components=1
     owner: elasticsearch
     group: elasticsearch
-    creates: "{{ mc_es_script_path }}"
+    creates: "{{ mc_es_java_home }}"
   register: unarchive_result
   when: check_elasticsearch_package_result.matched > 0
 
@@ -111,9 +110,7 @@
     dest: "{{ mc_es_conf_base }}/elasticsearch.yml"
     owner: elasticsearch
     group: elasticsearch
-  when:
+  when: unarchive_result.extract_results.rc | default(128) == 0
-    - unarchive_result.extract_results.rc | default(128) == 0
-    - flow_type in ["ha-cluster", "ha-upgrade"]
 
 - name: Generate elasticsearch.yml template file
   become: yes
@@ -122,9 +119,7 @@
     dest: "{{ mc_es_conf_base }}/elasticsearch.yml"
     owner: elasticsearch
     group: elasticsearch
-  when:
+  when: unarchive_result.extract_results.rc | default(128) == 0
-    - unarchive_result.extract_results.rc | default(128) == 0
-    - flow_type in ["archive", "upgrade"]
 
 - name: Create empty unicast_hosts.txt file
   become: yes
@@ -168,7 +163,7 @@
   when: start_elasticsearch.changed
 
 - name: Check if elasticsearch is running
-  wait_for: 
+  wait_for:
     host: localhost
     port: "{{ mc_es_transport_port }}"
     delay: 5
@@ -176,7 +171,6 @@
 
 - name: Init searchguard plugin
   become: yes
-  become_user: elasticsearch
   shell: |
     ./sgadmin.sh -p {{ mc_es_transport_port }} -cacert root-ca.pem \
     -cert sgadmin.pem -key sgadmin.key -cd {{ mc_es_searchgaurd_home }}/sgconfig/ -nhnv -icl
@@ -185,4 +179,4 @@
   environment:
     JAVA_HOME: "{{ mc_es_java_home }}"
   register: install_searchguard_result
-  when: check_searchguard_bundle_result.matched == 1
+  when: check_searchguard_bundle_result.matched == 1

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/setup-searchguard.yml

@@ -64,4 +64,4 @@
     path: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.sh"
     owner: elasticsearch
     group: elasticsearch
-    mode: 0700
+    mode: 0700

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade-elasticsearch.yml

@@ -1,17 +1,13 @@
-- name: Get elasticsearch pid
+- name: Kill elasticsearch process
-  shell: "ps -ef | grep -v grep | grep -w elasticsearch | awk '{print $2}'"
-  register: elasticsearch_pid
-
-- name: Stop elasticsearch before upgrade
   become: yes
-  shell: kill -9 {{ elasticsearch_pid.stdout }}
+  ignore_errors: yes
-  when: elasticsearch_pid.stdout | length > 0
+  shell: |
-
+    ps -ef | grep -v grep | grep -w elasticsearch | awk '{print $2}' | while read curr_ps_id
-- name: Waiting until all running processes are killed
+    do
-  wait_for:
+        echo "process ${curr_ps_id} still running"
-    path: "/proc/{{ elasticsearch_pid.stdout }}/status"
+        echo "$(ps -ef | grep -v grep | grep ${curr_ps_id})"
-    state: absent
+        kill -9 ${curr_ps_id}
-  when: elasticsearch_pid.stdout | length > 0
+    done
 
 - name: Find searchguard bundle for removal
   become: yes
@@ -75,7 +71,7 @@
       - --exclude=config
     owner: elasticsearch
     group: elasticsearch
-    creates: "{{ mc_es_script_path }}"
+    creates: "{{ mc_es_java_home }}"
   register: unarchive_result
   when: check_elasticsearch_package_result.matched > 0
 
@@ -107,8 +103,8 @@
   environment:
     ES_JAVA_HOME: "{{ mc_es_java_home }}"
     ES_PATH_CONF: "{{ mc_es_conf_base }}/"
-  when: unarchive_result.extract_results.rc | default(128) == 0
   register: start_elastcsearch
+  when: unarchive_result.extract_results.rc | default(128) == 0
 
 - name: Wait for elasticsearch to start
   pause:
@@ -116,8 +112,21 @@
   when: start_elasticsearch.changed
 
 - name: Check if elasticsearch is running
-  wait_for: 
+  wait_for:
     host: localhost
     port: "{{ mc_es_transport_port }}"
     delay: 5
     connect_timeout: 1
+
+- name: Init searchguard plugin
+  become: yes
+  become_user: elasticsearch
+  shell: |
+    ./sgadmin.sh -p {{ mc_es_transport_port }} -cacert root-ca.pem \
+    -cert sgadmin.pem -key sgadmin.key -cd {{ mc_es_searchgaurd_home }}/sgconfig/ -nhnv -icl
+  args:
+    chdir: "{{ mc_es_searchgaurd_home }}/tools/"
+  environment:
+    JAVA_HOME: "{{ mc_es_java_home }}"
+  register: install_searchguard_result
+  when: check_searchguard_bundle_result.matched == 1

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade-searchguard.yml

@@ -65,6 +65,7 @@
   loop:
     - "sg_roles.yml"
     - "sg_roles_mapping.yml"
+    - "sg_config.yml"
 
 - name: Check execution bit
   become: yes

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade.yml

@@ -1,4 +1,3 @@
----
 - debug:
     msg: "Performing Upgrade of missionControl version - {{ missioncontrol_version }}"
 
@@ -71,10 +70,10 @@
   template:
     src: "{{ mc_system_yaml_template }}"
     dest: "{{ mc_home }}/var/etc/system.yaml"
-  when: 
+  when:
-    - mc_systemyaml is defined  
+    - mc_systemyaml is defined
     - mc_systemyaml|length > 0
-    - mc_systemyaml_override or (not systemyaml.stat.exists) 
+    - mc_systemyaml_override or (not systemyaml.stat.exists)
   notify: restart missioncontrol
 
 - name: Check if install.sh wrapper script exist
@@ -97,7 +96,7 @@
     apply:
       environment:
         YQ_PATH: "{{ mc_thirdparty_path }}/yq"
-  when: 
+  when:
     - upgrade_wrapper_script.stat.exists
     - download_mc.changed
 
@@ -120,10 +119,13 @@
 - name: Restart missioncontrol
   meta: flush_handlers
 
-- name : Wait for missionControl to be fully deployed
+- name: Make sure missionControl is up and running
-  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  uri:
+    url: http://127.0.0.1:8082/router/api/v1/system/health
+    timeout: 130
+    status_code: 200
   register: result
-  until: result.status == 200
+  until: result is succeeded
   retries: 25
   delay: 5
   when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/vars/main.yml

@@ -1,6 +1,5 @@
----
 # platform collection version
-platform_collection_version: 7.23.3
+platform_collection_version: 7.24.3
 
 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
-ansible_marketplace: galaxy
+ansible_marketplace: galaxy

Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/Debian.yml

@@ -1,33 +1,36 @@
----
+- name: Install prerequisite packages
-- name: install acl, python3-psycopg2
   become: yes
   apt:
-    name:
+    name: ['acl', 'apt-transport-https', 'locales', 'python3-psycopg2']
-      - acl
-      - python3-psycopg2
     state: present
     update_cache: yes
-  ignore_errors: yes
 
-- name: add postgres apt key
+- name: Ensure UTF-8 locale exists
+  become: yes
+  locale_gen:
+    name: en_US.UTF-8
+    state: present
+
+- name: Import PostgreSQL repository key
   become: yes
   apt_key:
     url: "{{ postgres_apt_key_url }}"
     id: "{{ postgres_apt_key_id }}"
-    validate_certs: no
     state: present
 
-- name: register APT repository
+- name: Register PostgreSQL repository
   become: yes
   apt_repository:
     repo: "{{ postgres_apt_repository_repo }}"
     state: present
     filename: pgdg
 
-- name: install postgres packages
+- name: Install postgres packages
   become: yes
   apt:
     name:
       - postgresql-{{ postgres_version }}
       - postgresql-contrib-{{ postgres_version }}
     state: present
+    update_cache: yes
+    cache_valid_time: 3600

Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/RedHat.yml

@@ -1,14 +1,23 @@
----
+- name: Import EPEL GPG public key
-
-- name: install EPEL repository
   become: yes
-  yum: name=epel-release state=present
+  rpm_key:
-  when: >  # not for Fedora
+    key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ version }}
-    ansible_distribution == 'CentOS' or
+    state: present
-    ansible_distribution == 'Red Hat Enterprise Linux'
+  vars:
+    version: "{{ ansible_distribution_major_version }}"
 
-- name: install acl
+- name: Install EPEL repository
   become: yes
+  yum:
+    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ version }}.noarch.rpm
+    state: present
+  vars:
+    version: "{{ ansible_distribution_major_version }}"
+  when: ansible_distribution in ['CentOS', 'RedHat']
+
+- name: Install prerequisite packages
+  become: yes
+  ignore_errors: yes
   yum:
     name:
       - acl
@@ -16,66 +25,46 @@
       - wget
       - perl
     state: present
-  ignore_errors: yes
 
-- name: install python3-psycopg2
+- name: Install python3-psycopg2
   become: yes
   yum:
-    name:
+    name: python3-psycopg2
-      - python3-psycopg2
     state: present
   when: ansible_distribution_major_version == '8'
 
-- name: install python2-psycopg2
+- name: Install python2-psycopg2
   become: yes
   yum:
-    name:
+    name: python-psycopg2
-      - python-psycopg2
     state: present
   when: ansible_distribution_major_version == '7'
 
-- name: fixup some locale issues
+- name: Fixup some locale issues
   become: yes
   lineinfile:
-    dest: /etc/default/locale
+    dest: /etc/locale.conf
-    line: 'LANGUAGE="{{ item }}"'
+    line: "{{ item }}"
     state: present
     create: yes
   loop:
-    - 'en_US:en'
+    - LANG=en_us.UTF-8
-    - 'en_us.UTF-8'
+    - LANGUAGE=en_us.UTF-8
 
-- name: get latest version
+- name: Install postgres repository
-  vars:
-    base: http://download.postgresql.org/pub/repos/yum
-    ver: "{{ ansible_distribution_major_version }}"
-  shell: |
-    set -eo pipefail
-    wget -O - {{ base }}/reporpms/EL-{{ ver }}-x86_64/ 2>/dev/null | \
-    grep 'pgdg-redhat-repo-latest' | \
-    perl -pe 's/^.*rpm">//g' | \
-    perl -pe 's/<\/a>.*//g' | \
-    tail -n 1
-  args:
-    executable: /bin/bash
-  changed_when: false
-  check_mode: false
-  register: latest_version
-  tags: [skip_ansible_lint]
-
-- name: config postgres repository
   become: yes
-  vars:
-    base: http://download.postgresql.org/pub/repos/yum
-    ver: "{{ ansible_distribution_major_version }}"
   yum:
-    name: "{{ base }}/reporpms/EL-{{ ver }}-x86_64/{{ latest_version.stdout }}"
+    name: "{{ base }}/reporpms/EL-{{ version }}-x86_64/{{ repo_file_name }}"
     state: present
+  vars:
+    base: https://download.postgresql.org/pub/repos/yum
+    version: "{{ ansible_distribution_major_version }}"
+    repo_file_name: pgdg-redhat-repo-latest.noarch.rpm
 
-- name: install postgres packages
+- name: Install postgres packages
   become: yes
   yum:
     name:
       - postgresql{{ postgres_server_pkg_version }}-server
       - postgresql{{ postgres_server_pkg_version }}-contrib
-    state: present
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/install.yml

@@ -1,11 +1,10 @@
----
+- name: Define OS-specific variables
-- name: define OS-specific variables
   include_vars: "{{ ansible_os_family }}.yml"
 
-- name: perform installation
+- name: Install prerequisite packages
   include_tasks: "{{ ansible_os_family }}.yml"
 
-- name: Set PostgreSQL environment variables.
+- name: Set PostgreSQL environment variables
   become: yes
   template:
     src: postgres.sh.j2
@@ -13,7 +12,7 @@
     mode: 0644
   notify: restart postgresql
 
-- name: Ensure PostgreSQL data directory exists.
+- name: Ensure PostgreSQL data directory exists
   become: yes
   become_user: postgres
   file:
@@ -40,7 +39,7 @@
     dest: "{{ postgresql_config_path }}/{{ item }}"
     owner: postgres
     group: postgres
-    mode: u=rw,go=r
+    mode: 0644
   loop:
     - pg_hba.conf
     - postgresql.conf
@@ -56,6 +55,8 @@
 - name: Hold until Postgresql is up and running
   wait_for:
     port: "{{ postgres_port }}"
+    timeout: 120
+    sleep: 10
 
 - name: Create users
   become: yes
@@ -64,7 +65,7 @@
     name: "{{ item.db_user }}"
     password: "{{ item.db_password }}"
     conn_limit: "-1"
-  loop: "{{ db_users|default([]) }}"
+  loop: "{{ db_users | default([]) }}"
   no_log: true  # secret passwords
 
 - name: Create a database
@@ -77,7 +78,7 @@
     lc_collate: "{{ postgres_locale }}"
     lc_ctype: "{{ postgres_locale }}"
     template: template0
-  loop: "{{ dbs|default([]) }}"
+  loop: "{{ dbs | default([]) }}"
 
 - name: Check if MC schemas already exists
   become: yes
@@ -85,15 +86,17 @@
   command: psql -d {{ mc_db_name }} -t -c "\dn"
   register: mc_schemas_loaded
   when: mc_enabled
+  changed_when: false
 
 - name: Create schemas for mission-control
   become: yes
   become_user: postgres
   command: psql -d {{ mc_db_name }} -c 'CREATE SCHEMA {{ item }} authorization {{ mc_db_user }}'
-  loop: "{{  mc_schemas|default([]) }}"
+  loop: "{{  mc_schemas | default([]) }}"
-  when: 
+  when:
     - mc_enabled
-    - "mc_schemas_loaded.stdout is defined and '{{ item }}' not in mc_schemas_loaded.stdout"
+    - mc_schemas_loaded.stdout is defined
+    - item not in mc_schemas_loaded.stdout
 
 - name: Grant all privileges to mc user on its schema
   become: yes
@@ -104,7 +107,7 @@
     type: schema
     roles: "{{ mc_db_user }}"
     objs: "{{ item }}"
-  loop: "{{ mc_schemas|default([]) }}"
+  loop: "{{ mc_schemas | default([]) }}"
   when: mc_enabled
 
 - name: Grant privs on db
@@ -116,7 +119,7 @@
     state: present
     privs: ALL
     type: database
-  loop: "{{ dbs|default([]) }}"
+  loop: "{{ dbs | default([]) }}"
 
 - debug:
     msg: "Restarted postgres systemd {{ postgresql_daemon }}"

Ansible/ansible_collections/jfrog/platform/roles/postgres/vars/Debian.yml

@@ -1,9 +1,8 @@
----
 postgresql_data_dir: "/var/lib/postgresql/{{ postgres_version }}/main"
 postgresql_bin_path: "/usr/lib/postgresql/{{ postgres_version }}/bin"
 postgresql_config_path: "/etc/postgresql/{{ postgres_version }}/main"
-postgresql_daemon: postgresql@{{ postgres_version}}-main
+postgresql_daemon: postgresql@{{ postgres_version }}-main
 postgresql_external_pid_file: "/var/run/postgresql/{{ postgres_version }}-main.pid"
 postgres_apt_key_url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc"
 postgres_apt_key_id: "0x7FCC7D46ACCC4CF8"
-postgres_apt_repository_repo: "deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"
+postgres_apt_repository_repo: "deb https://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"

Ansible/ansible_collections/jfrog/platform/roles/postgres/vars/RedHat.yml

@@ -1,6 +1,5 @@
----
 postgresql_bin_path: "/usr/pgsql-{{ postgres_version }}/bin"
-postgresql_data_dir: "/var/lib/pgsql/{{ postgres_version}}/data"
+postgresql_data_dir: "/var/lib/pgsql/{{ postgres_version }}/data"
-postgresql_config_path: "/var/lib/pgsql/{{ postgres_version}}/data"
+postgresql_config_path: "/var/lib/pgsql/{{ postgres_version }}/data"
-postgresql_daemon: postgresql-{{ postgres_version}}.service
+postgresql_daemon: postgresql-{{ postgres_version }}.service
 postgresql_external_pid_file: "/var/run/postgresql/{{ postgres_version }}-main.pid"

Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml

@@ -1,15 +1,14 @@
----
 # defaults file for xray
 
 # The version of xray to install
-xray_version: 3.29.0
+xray_version: 3.30.1
 
 # whether to enable HA
 xray_ha_enabled: false
 
-xray_ha_node_type : master
+xray_ha_node_type: master
 
-# The location where xray should install.
+# The location where xray should install
 jfrog_home_directory: /opt/jfrog
 
 # The remote xray download file
@@ -26,7 +25,7 @@ xray_home: "{{ jfrog_home_directory }}/xray"
 xray_install_script_path: "{{ xray_home }}/app/bin"
 xray_thirdparty_path: "{{ xray_home }}/app/third-party"
 xray_archive_service_cmd: "{{ xray_install_script_path }}/installService.sh"
-xray_service_file : /lib/systemd/system/xray.service
+xray_service_file: /lib/systemd/system/xray.service
 
 #xray users and groups
 xray_user: xray
@@ -37,8 +36,6 @@ xray_gid: 1035
 
 xray_daemon: xray
 
-flow_type: archive
-
 #rabbitmq user
 xray_rabbitmq_user: guest
 xray_rabbitmq_password: guest
@@ -50,21 +47,18 @@ xray_upgrade_only: false
 
 xray_system_yaml_template: system.yaml.j2
 
-linux_distro: "{{ ansible_distribution | lower }}{{ansible_distribution_major_version}}"
+linux_distro: "{{ ansible_distribution | lower }}{{ ansible_distribution_major_version }}"
 
 xray_db_util_search_filter:
   ubuntu16:
     db5: 'db5.3-util.*ubuntu.*amd64\.deb'
     db: 'db-util.*ubuntu.*all.deb'
   ubuntu18:
-    db5: 'db5.3-util.*ubuntu.*amd64\.deb'
+    db5: 'db5.3-util.*ubuntu1.1.*amd64\.deb'
     db: 'db-util.*ubuntu.*all.deb'
   ubuntu20:
-    db5: 'db5.3-util.*ubuntu.*amd64\.deb'
+    db5: 'db5.3-util.*dfsg.*ubuntu.*amd64\.deb'
     db: 'db-util.*ubuntu.*all.deb'
-  debian8:
-    db5: 'db5.3-util.*deb8.*amd64\.deb'
-    db: 'db-util_([0-9]{1,3}\.?){3}_all\.deb'
   debian9:
     db5: 'db5.3-util.*deb9.*amd64\.deb'
     db: 'db-util_([0-9]{1,3}\.?){3}_all\.deb'
@@ -76,7 +70,7 @@ xray_db_util_search_filter:
 yum_python_interpreter: >-
     {%- if linux_distro is not defined -%}
         /usr/bin/python3
-    {%- elif linux_distro in ['centos7', 'rhel7'] -%}
+    {%- elif linux_distro in ['centos7', 'redhat7'] -%}
         /usr/bin/python
     {%- else -%}
         /usr/bin/python3

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/Debian.yml

@@ -0,0 +1,13 @@
+- name: Install prerequisite packages
+  become: yes
+  apt:
+    name: ["expect", "locales"]
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
+
+- name: Ensure UTF-8 locale exists
+  become: yes
+  locale_gen:
+    name: en_US.UTF-8
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/RedHat.yml

@@ -0,0 +1,5 @@
+- name: Install prerequisite packages
+  become: yes
+  yum:
+    name: expect
+    state: present

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/install.yml

@@ -1,33 +1,18 @@
----
 - debug:
     msg: "Performing installation of Xray version : {{ xray_version }}"
 
-- name: Install expect dependency
+- name: Install prerequisite packages
-  become: yes
+  include_tasks: "{{ ansible_os_family }}.yml"
-  yum:
-    name: expect
-    state: present
-  when: ansible_os_family == 'RedHat'
-
-- name: Install expect dependency
-  become: yes
-  apt:
-    name: expect
-    state: present
-    update_cache: yes
-  when: ansible_os_family == 'Debian'
 
 - name: Ensure group xray exist
   become: yes
   group:
     name: "{{ xray_group }}"
-    gid: "{{ xray_gid }}"
     state: present
 
 - name: Ensure user xray exist
   become: yes
   user:
-    uid: "{{ xray_uid }}"
     name: "{{ xray_user }}"
     group: "{{ xray_group }}"
     create_home: yes
@@ -150,10 +135,10 @@
   template:
     src: "{{ xray_system_yaml_template }}"
     dest: "{{ xray_home }}/var/etc/system.yaml"
-  when: 
+  when:
-    - xray_systemyaml is defined  
+    - xray_systemyaml is defined
     - xray_systemyaml|length > 0
-    - xray_systemyaml_override or (not systemyaml.stat.exists) 
+    - xray_systemyaml_override or (not systemyaml.stat.exists)
   notify: restart xray
 
 - name: Ensure permissions are correct
@@ -167,8 +152,7 @@
 
 - name: Install xray as a service
   become: yes
-  shell: |
+  shell: "{{ xray_archive_service_cmd }}"
-    {{ xray_archive_service_cmd }}
   args:
     chdir: "{{ xray_install_script_path }}"
     creates: "{{ xray_service_file }}"
@@ -177,10 +161,13 @@
 - name: Restart xray
   meta: flush_handlers
 
-- name : Wait for xray to be fully deployed
+- name: Make sure xray is up and running
-  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  uri:
+    url: http://127.0.0.1:8082/router/api/v1/system/health
+    timeout: 130
+    status_code: 200
   register: result
-  until: result.status == 200
+  until: result is succeeded
   retries: 25
   delay: 5
   when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/main.yml

@@ -1,10 +1,11 @@
-- name: perform installation
+- name: Perform installation
   include_tasks: "install.yml"
   when:
     - xray_enabled
     - not xray_upgrade_only
-- name: perform upgrade
+
+- name: Perform upgrade
   include_tasks: "upgrade.yml"
   when:
     - xray_enabled
-    - xray_upgrade_only
+    - xray_upgrade_only

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/rabbitmq/setup/RedHat.yml

@@ -1,15 +1,12 @@
 - name: Set package prefix
   set_fact:
     rhel_package_prefix: >-
-        {%- if linux_distro in ['centos7','rhel7'] -%}
+        {%- if linux_distro in ['centos7','redhat7'] -%}
             el7
-        {%- elif linux_distro in ['centos8','rhel8'] -%}
+        {%- elif linux_distro in ['centos8','redhat8'] -%}
             el8
         {%- endif -%}
 
-- debug:
-    msg: "rhel_package_prefix: {{ rhel_package_prefix }}"
-
 - name: Find socat package
   become: yes
   find:

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/rabbitmq/upgrade/RedHat.yml

@@ -1,9 +1,9 @@
 - name: Set package prefix
   set_fact:
     rhel_package_prefix: >-
-        {%- if linux_distro in ['centos7','rhel7'] -%}
+        {%- if linux_distro in ['centos7','redhat7'] -%}
             el7
-        {%- elif linux_distro in ['centos8','rhel8'] -%}
+        {%- elif linux_distro in ['centos8','redhat8'] -%}
             el8
         {%- endif -%}
 

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/upgrade.yml

@@ -1,4 +1,3 @@
----
 - debug:
     msg: "Performing upgrade of Xray version to {{ xray_version }}..."
 
@@ -33,7 +32,7 @@
 - name: stop xray
   become: yes
   systemd:
-    name: "{{ xray_daemon }}"   
+    name: "{{ xray_daemon }}"
     state: stopped
   when: download_xray.changed
 
@@ -104,10 +103,10 @@
   template:
     src: "{{ xray_system_yaml_template }}"
     dest: "{{ xray_home }}/var/etc/system.yaml"
-  when: 
+  when:
-    - xray_systemyaml is defined  
+    - xray_systemyaml is defined
     - xray_systemyaml|length > 0
-    - xray_systemyaml_override or (not systemyaml.stat.exists) 
+    - xray_systemyaml_override or (not systemyaml.stat.exists)
   notify: restart xray
 
 - name: configure installer info
@@ -129,10 +128,13 @@
 - name: Restart xray
   meta: flush_handlers
 
-- name : wait for xray to be fully deployed
+- name: Make sure xray is up and running
-  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  uri:
+    url: http://127.0.0.1:8082/router/api/v1/system/health
+    timeout: 130
+    status_code: 200
   register: result
-  until: result.status == 200
+  until: result is succeeded
   retries: 25
   delay: 5
   when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml

@@ -1,6 +1,5 @@
----
 # platform collection version
-platform_collection_version: 7.23.3
+platform_collection_version: 7.24.3
 
 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
-ansible_marketplace: galaxy
+ansible_marketplace: galaxy

Ansible/examples/playbook-rt-xray.yml

@@ -1,18 +1,18 @@
 ---
-- hosts: postgres-servers
+- hosts: postgres_servers
   collections:
     - jfrog.platform
   roles:
     - postgres
 
-- hosts: artifactory-servers
+- hosts: artifactory_servers
   collections:
     - jfrog.platform
   roles:
     - artifactory
 
-- hosts: xray-servers
+- hosts: xray_servers
   collections:
     - jfrog.platform
   roles:
-    - xray
+    - xray