[ansible] JFrog Platform 7.19.4 (#124)

Ansible/ansible_collections/jfrog/platform/CHANGELOG.md

@@ -1,9 +1,14 @@
 # JFrog Platform Ansible Collection Changelog
 All changes to this collection will be documented in this file.
 
+## [7.9.4] - May 31, 2021
+* Moved product versions from `groups_vars/all/package_version.yml` to roles/<product>/defaults
+* Added variable to configure postgres apt key (`postgres_apt_key_url`) and id (`postgres_apt_key_id`)
+* Squashed bugs from previous release
+
 ## [7.8.6] - May 10, 2021
 * Fixed broken URLs in ansible galaxy - [108](https://github.com/jfrog/JFrog-Cloud-Installers/issues/108)
-* Added option to configure system.yaml (using `<product>_systemyaml` variable)  and binarystore.xml (using `artifactory_binarystore` variable)
+* Added variable to configure system.yaml (using `<product>_systemyaml`)  and binarystore.xml (using `artifactory_binarystore`)
 
 ## [7.8.5] - May 3, 2021
 * Added new `jfrog.platform` collection with Artifactory, Distribution, Missioncontrol and Xray roles

Ansible/ansible_collections/jfrog/platform/README.md

@@ -2,8 +2,8 @@
 
 This Ansible directory consists of the following directories that support the JFrog Platform collection.
  
- * [ansible_collections directory](ansible_collections) - This directory contains the Ansible collection package that has the Ansible roles for Artifactory, Distribution, Missioncontrol and Xray. See the roles README for details on the product roles and variables.
+ * ansible_collections directory - This directory contains the Ansible collection package that has the Ansible roles for Artifactory, Distribution, Missioncontrol and Xray. See the roles README for details on the product roles and variables.
- * [examples directory](examples) - This directory contains example playbooks for various architectures.
+ * examples directory - This directory contains example playbooks for various architectures.
  
 
  ## Getting Started
@@ -28,9 +28,9 @@ This Ansible directory consists of the following directories that support the JF
     
  2. Ansible uses SSH to connect to hosts. Ensure that your SSH private key is on your client and the public keys are installed on your Ansible hosts. 
  
- 3. Create your inventory file. Use one of the examples from the [examples directory](examples) to construct an inventory file (hosts.ini) with the host addresses
+ 3. Create your inventory file. Use one of the examples from the examples directory to construct an inventory file (hosts.ini) with the host addresses
  
- 4. Create your playbook. Use one of the examples from the [examples directory](examples) to construct a playbook using the JFrog Ansible roles. These roles will be applied to your inventory and provision software.
+ 4. Create your playbook. Use one of the examples from the examples directory to construct a playbook using the JFrog Ansible roles. These roles will be applied to your inventory and provision software.
  
  5. Then execute with the following command to provision the JFrog Platform with Ansible.
  
@@ -89,7 +89,7 @@ All JFrog product roles support software updates. To use a role to perform a sof
 ```
 
 ## Building the Collection Archive
-1. Go to the [ansible_collections/jfrog/platform directory](ansible_collections/jfrog/platform).
+1. Go to the ansible_collections/jfrog/platform directory.
 2. Update the galaxy.yml meta file as needed. Update the version.
 3. Build the archive. (Requires Ansible 2.9+)
 ```

Ansible/ansible_collections/jfrog/platform/galaxy.yml

@@ -9,7 +9,7 @@ namespace: "jfrog"
 name: "platform"
 
 # The version of the collection. Must be compatible with semantic versioning
-version: "7.18.6"
+version: "7.19.4"
 
 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
 readme: "README.md"
@@ -23,7 +23,7 @@ authors:
 ### OPTIONAL but strongly recommended
 
 # A short summary description of the collection
-description: "This collection provides roles for installing JFrog Platform which includes Artifactory, Distribution, Mission-control and  Xray. Additionally, it provides optional SSL and Postgresql roles if these are needed for your deployment."
+description: "This collection provides roles for installing JFrog Platform which includes Artifactory, Distribution, Missioncontrol and  Xray. Additionally, it provides optional SSL and Postgresql roles if these are needed for your deployment."
 
 # Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only
 # accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file'

Ansible/ansible_collections/jfrog/platform/group_vars/all/package_version.yml

@@ -1,8 +0,0 @@
-# The version of products to install
-artifactory_version: 7.18.6
-xray_version: 3.24.2
-distribution_version: 2.7.1
-missioncontrol_version: 4.7.3
-
-# platform collection version
-platform_collection_version: 7.18.6

Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml

@@ -1,7 +1,8 @@
 ---
 # defaults file for artifactory
-# indicates where this collection was downloaded from (galaxy, automation_hub, standalone)
+
-ansible_marketplace: standalone
+# The version of artifactory to install
+artifactory_version: 7.19.4
 
 # Set this to true when SSL is enabled (to use artifactory_nginx_ssl role), default to false (implies artifactory uses artifactory_nginx role )
 artifactory_nginx_ssl_enabled: false
@@ -30,9 +31,6 @@ artifactory_taskAffinity: any
 # The location where Artifactory should install.
 jfrog_home_directory: /opt/jfrog
 
-# The location where Artifactory should store data.
-artifactory_file_store_dir: /data
-
 # Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro.
 artifactory_flavour: pro
 
@@ -42,7 +40,8 @@ artifactory_tar: https://releases.jfrog.io/artifactory/artifactory-pro/org/artif
 artifactory_home: "{{ jfrog_home_directory }}/artifactory"
 artifactory_untar_home: "{{ jfrog_home_directory }}/artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}"
 
-postgres_driver_download_url: https://repo1.maven.org/maven2/org/postgresql/postgresql/42.2.20/postgresql-42.2.20.jar
+postgres_driver_version: 42.2.20
+postgres_driver_download_url: https://repo1.maven.org/maven2/org/postgresql/postgresql/{{ postgres_driver_version }}/postgresql-{{ postgres_driver_version }}.jar
 
 artifactory_user: artifactory
 artifactory_group: artifactory
@@ -59,6 +58,7 @@ artifactory_upgrade_only: false
 artifactory_admin_username: admin
 artifactory_admin_password: password
 
+artifactory_service_file : /lib/systemd/system/artifactory.service
 
 # Provide binarystore XML content below with 2-space indentation
 artifactory_binarystore: |-
@@ -71,6 +71,8 @@ artifactory_binarystore: |-
 artifactory_systemyaml: |-
   configVersion: 1
   shared:
+    security:
+      joinKey: "{{ join_key }}"
     extraJavaOpts: "{{ artifactory_extra_java_opts }}"
     node:
       id: {{ ansible_hostname }}
@@ -86,3 +88,6 @@ artifactory_systemyaml: |-
   router:
     entrypoints:
       internalPort: 8046
+
+# Note: artifactory_systemyaml_override is by default false,  if you want to change default artifactory_systemyaml
+artifactory_systemyaml_override: false

Ansible/ansible_collections/jfrog/platform/roles/artifactory/meta/main.yml

@@ -1,6 +1,6 @@
 galaxy_info:
   author: "JFrog Maintainers Team <installers@jfrog.com>"
-  description: "The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory_nginx to install nginx."
+  description: "The artifactory role installs the Artifactory Pro software onto the host."
   company: JFrog
 
   issue_tracker_url: "https://github.com/jfrog/JFrog-Cloud-Installers/issues"

Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml

@@ -5,12 +5,16 @@
 - name: install nginx
   include_role:
     name: artifactory_nginx
-  when: artifactory_nginx_enabled == true
+  when: 
+    - artifactory_nginx_enabled | bool
+    - not artifactory_nginx_ssl_enabled | bool
 
 - name: install nginx with SSL
   include_role:
     name: artifactory_nginx_ssl
-  when: artifactory_nginx_ssl_enabled == true
+  when: 
+    - not artifactory_nginx_enabled | bool
+    - artifactory_nginx_ssl_enabled | bool
 
 - name: Ensure group artifactory exist
   become: yes
@@ -64,40 +68,37 @@
     owner: "{{ artifactory_user }}"
     group: "{{ artifactory_group }}"
   loop:
-    - "{{ artifactory_file_store_dir }}"
     - "{{ artifactory_home }}/var/data"
     - "{{ artifactory_home }}/var/etc"
     - "{{ artifactory_home }}/var/etc/security/"
     - "{{ artifactory_home }}/var/etc/artifactory/info/"
 
+- name: Check if systemyaml exists
+  become: yes
+  stat:
+    path: "{{ artifactory_home }}/var/etc/system.yaml"
+  register: systemyaml
+
 - name: Configure systemyaml
   become: yes
   template:
     src: "{{ artifactory_system_yaml_template }}"
     dest: "{{ artifactory_home }}/var/etc/system.yaml"
+  when: 
+    - artifactory_systemyaml is defined  
+    - artifactory_systemyaml|length > 0
+    - artifactory_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart artifactory
 
 - name: Configure master key
   become: yes
   copy:
     dest: "{{ artifactory_home }}/var/etc/security/master.key"
-    content: |
+    content: "{{ master_key }}"
-      {{ master_key }}
     owner: "{{ artifactory_user }}"
     group: "{{ artifactory_group }}"
     mode: 0640
 
-- name: Configure join key
-  become: yes
-  copy:
-    dest: "{{ artifactory_home }}/var/etc/security/join.key"
-    content: |
-      {{ join_key }}
-    owner: "{{ artifactory_user }}"
-    group: "{{ artifactory_group }}"
-    mode: 0640
-  notify: restart artifactory
-
 - name: Configure installer info
   become: yes
   template:
@@ -110,6 +111,9 @@
   template:
     src: binarystore.xml.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/binarystore.xml"
+  when: 
+    - artifactory_binarystore is defined  
+    - artifactory_binarystore|length > 0
   notify: restart artifactory
 
 - name: Configure single license
@@ -117,7 +121,9 @@
   template:
     src: artifactory.lic.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.lic"
-  when: artifactory_single_license is defined
+  when: 
+    - artifactory_single_license is defined  
+    - artifactory_single_license|length > 0
   notify: restart artifactory
 
 - name: Configure HA licenses
@@ -125,9 +131,17 @@
   template:
     src: artifactory.cluster.license.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
-  when: artifactory_licenses is defined
+  when:
+   - artifactory_licenses is defined 
+   - artifactory_licenses|length > 0
   notify: restart artifactory
 
+- name: Check if database driver exists
+  become: yes
+  stat:
+    path: "{{ artifactory_home }}/app/artifactory/tomcat/lib/jf_postgresql-{{ postgres_driver_version }}.jar"
+  register: database_driver
+
 - name: Download database driver
   become: yes
   get_url:
@@ -135,12 +149,16 @@
     dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
     owner: "{{ artifactory_user }}"
     group: "{{ artifactory_group }}"
-  when: postgres_driver_download_url is defined
+  when: 
+    - postgres_driver_download_url is defined
+    - not database_driver.stat.exists
   notify: restart artifactory
 
 - name: Create artifactory service
   become: yes
   shell: "{{ artifactory_home }}/app/bin/installService.sh"
+  args:
+    creates: "{{ artifactory_service_file }}"
 
 - name: Ensure permissions are correct
   become: yes
@@ -159,3 +177,4 @@
   until: result.status == 200
   retries: 25
   delay: 5
+  when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml

@@ -2,18 +2,6 @@
 - debug:
     msg: "Performing upgrade of Artifactory version to : {{ artifactory_version }} "
 
-- name: Stop artifactory
-  become: yes
-  systemd:
-    name: "{{ artifactory_daemon }}"
-    state: stopped
-
-- name: Ensure jfrog_home_directory exists
-  become: yes
-  file:
-    path: "{{ jfrog_home_directory }}"
-    state: directory
-
 - name: Download artifactory for upgrade
   become: yes
   unarchive:
@@ -28,33 +16,39 @@
   until: downloadartifactory is succeeded
   retries: 3
 
+- name: Stop artifactory
+  become: yes
+  systemd:
+    name: "{{ artifactory_daemon }}"
+    state: stopped
+  when: downloadartifactory.changed
+
+- name: Ensure jfrog_home_directory exists
+  become: yes
+  file:
+    path: "{{ jfrog_home_directory }}"
+    state: directory
+
 - name: Delete artifactory app directory
   become: yes
   file:
     path: "{{ artifactory_home }}/app"
     state: absent
+  when: downloadartifactory.changed
 
 - name: Copy new app to artifactory app
   become: yes
   command: "cp -r {{ artifactory_untar_home }}/app/. {{ artifactory_home }}/app"
-
+  when: downloadartifactory.changed
-- name: Configure join key
-  become: yes
-  copy:
-    dest: "{{ artifactory_home }}/var/etc/security/join.key"
-    content: |
-      {{ join_key }}
-    owner: "{{ artifactory_user }}"
-    group: "{{ artifactory_group }}"
-    mode: 0640
-  notify: restart artifactory
 
 - name: Configure single license
   become: yes
   template:
     src: artifactory.lic.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.lic"
-  when: artifactory_single_license is defined
+  when: 
+    - artifactory_single_license is defined  
+    - artifactory_single_license|length > 0
   notify: restart artifactory
 
 - name: Configure HA licenses
@@ -62,7 +56,27 @@
   template:
     src: artifactory.cluster.license.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
-  when: artifactory_licenses is defined
+  when:
+   - artifactory_licenses is defined 
+   - artifactory_licenses|length > 0
+  notify: restart artifactory
+
+- name: Check if database driver exists
+  become: yes
+  stat:
+    path: "{{ artifactory_home }}/app/artifactory/tomcat/lib/jf_postgresql-{{ postgres_driver_version }}.jar"
+  register: database_driver
+
+- name: Download database driver
+  become: yes
+  get_url:
+    url: "{{ postgres_driver_download_url }}"
+    dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  when: 
+    - postgres_driver_download_url is defined
+    - not database_driver.stat.exists
   notify: restart artifactory
 
 - name: Configure installer info
@@ -77,13 +91,26 @@
   template:
     src: binarystore.xml.j2
     dest: "{{ artifactory_home }}/var/etc/artifactory/binarystore.xml"
+  when: 
+    - artifactory_binarystore is defined  
+    - artifactory_binarystore|length > 0
   notify: restart artifactory
 
+- name: Check if systemyaml exists
+  become: yes
+  stat:
+    path: "{{ artifactory_home }}/var/etc/system.yaml"
+  register: systemyaml
+
 - name: Configure systemyaml
   become: yes
   template:
     src: "{{ artifactory_system_yaml_template }}"
     dest: "{{ artifactory_home }}/var/etc/system.yaml"
+  when: 
+    - artifactory_systemyaml is defined  
+    - artifactory_systemyaml|length > 0
+    - artifactory_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart artifactory
 
 - name: Ensure permissions are correct
@@ -103,3 +130,4 @@
   until: result.status == 200
   retries: 25
   delay: 5
+  when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/artifactory/templates/artifactory.cluster.license.j2

@@ -1,3 +1 @@
-{% if (artifactory_licenses) and (artifactory_licenses|length > 0) %}
 {{ artifactory_licenses }}
-{% endif %}

Ansible/ansible_collections/jfrog/platform/roles/artifactory/templates/artifactory.lic.j2

@@ -1,3 +1 @@
-{% if (artifactory_single_license) and (artifactory_single_license|length > 0) %}
 {{ artifactory_single_license }}
-{% endif %}

Ansible/ansible_collections/jfrog/platform/roles/artifactory/templates/binarystore.xml.j2

@@ -1,3 +1 @@
-{% if (artifactory_binarystore) and (artifactory_binarystore|length > 0) %}
 {{ artifactory_binarystore }}
-{% endif %}

Ansible/ansible_collections/jfrog/platform/roles/artifactory/templates/system.yaml.j2

@@ -1,3 +1 @@
-{% if (artifactory_systemyaml) and (artifactory_systemyaml|length > 0) %}
 {{ artifactory_systemyaml }}
-{% endif %}

Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml

@@ -0,0 +1,6 @@
+---
+# platform collection version
+platform_collection_version: 7.19.4
+
+# indicates where this collection was downloaded from (galaxy, automation_hub, standalone)
+ansible_marketplace: galaxy

Ansible/ansible_collections/jfrog/platform/roles/distribution/defaults/main.yml

@@ -1,7 +1,8 @@
 ---
 # defaults file for distribution
-# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
+
-ansible_marketplace: standalone
+# The version of distribution to install
+distribution_version: 2.7.1
 
 # whether to enable HA
 distribution_ha_enabled: false
@@ -21,6 +22,7 @@ distribution_home: "{{ jfrog_home_directory }}/distribution"
 distribution_install_script_path: "{{ distribution_home }}/app/bin"
 distribution_thirdparty_path: "{{ distribution_home }}/app/third-party"
 distribution_archive_service_cmd: "{{ distribution_install_script_path }}/installService.sh"
+distribution_service_file: /lib/systemd/system/distribution.service
 
 #distribution users and groups
 distribution_user: distribution
@@ -64,3 +66,6 @@ distribution_systemyaml: |-
   router:
     entrypoints:
       internalPort: 8046
+
+# Note: distribution_systemyaml_override is by default false,  if you want to change default distribution_systemyaml
+distribution_systemyaml_override: false

Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/install.yml

@@ -17,7 +17,7 @@
   become: yes
   when: ansible_os_family == 'Debian'
 
-- name: Ensure group jfdistribution exist
+- name: Ensure group distribution exist
   become: yes
   group:
     name: "{{ distribution_group }}"
@@ -77,8 +77,7 @@
   become: yes
   copy:
     dest: "{{ distribution_home }}/var/etc/security/master.key"
-    content: |
+    content: "{{ master_key }}"
-      {{ master_key }}
     owner: "{{ distribution_user }}"
     group: "{{ distribution_group }}"
     mode: 0640
@@ -111,11 +110,21 @@
     dest: "{{ distribution_home }}/var/etc/redis/redis.conf"
   notify: restart distribution
 
+- name: Check if systemyaml exists
+  become: yes
+  stat:
+    path: "{{ distribution_home }}/var/etc/system.yaml"
+  register: systemyaml
+
 - name: Configure systemyaml
   become: yes
   template:
     src: "{{ distribution_system_yaml_template }}"
     dest: "{{ distribution_home }}/var/etc/system.yaml"
+  when: 
+    - distribution_systemyaml is defined  
+    - distribution_systemyaml|length > 0
+    - distribution_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart distribution
 
 - name: Configure installer info
@@ -133,7 +142,6 @@
     recurse: yes
     owner: "{{ distribution_user }}"
     group: "{{ distribution_group }}"
-    mode: '0755'
 
 - name: Install Distribution as a service
   become: yes
@@ -141,8 +149,17 @@
     {{ distribution_archive_service_cmd }}
   args:
     chdir: "{{ distribution_install_script_path }}"
+    creates: "{{ distribution_service_file }}"
   register: check_service_status_result
-  ignore_errors: yes
+
+- name: Update distribution permissions
+  become: yes
+  file:
+    path: "{{ distribution_home }}"
+    state: directory
+    recurse: yes
+    owner: "{{ distribution_user }}"
+    group: "{{ distribution_group }}"
 
 - name: Restart distribution
   meta: flush_handlers
@@ -153,3 +170,4 @@
   until: result.status == 200
   retries: 25
   delay: 5
+  when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/distribution/tasks/upgrade.yml

@@ -2,12 +2,6 @@
 - debug:
     msg: "Performing upgrade of Distribution version to {{ distribution_version }} "
 
-- name: Stop distribution
-  become: yes
-  systemd:
-    name: "{{ distribution_daemon }}"
-    state: stopped
-
 - name: Download distribution for upgrade
   become: yes
   unarchive:
@@ -21,21 +15,31 @@
   until: downloaddistribution is succeeded
   retries: 3
 
+- name: Stop distribution
+  become: yes
+  systemd:
+    name: "{{ distribution_daemon }}"
+    state: stopped
+  when: downloaddistribution.changed
+
 - name: Delete distribution app
   become: yes
   file:
     path: "{{ distribution_home }}/app"
     state: absent
+  when: downloaddistribution.changed
 
 - name: Copy new app to distribution app
   become: yes
   command: "cp -r {{ distribution_untar_home }}/app/. {{ distribution_home }}/app"
+  when: downloaddistribution.changed
 
 - name: Check if install.sh wrapper script exist
   become: yes
   stat:
     path: "{{ distribution_install_script_path }}/install.sh"
   register: install_wrapper_script
+  when: downloaddistribution.changed
 
 - name: Include interactive installer scripts
   include_vars: script/archive.yml
@@ -50,7 +54,9 @@
     apply:
       environment:
         YQ_PATH: "{{ distribution_thirdparty_path }}/yq"
-  when: install_wrapper_script.stat.exists
+  when:
+    - install_wrapper_script.stat.exists
+    - downloaddistribution.changed
 
 - name: Ensure {{ distribution_home }}/var/etc/redis exists
   become: yes
@@ -74,14 +80,24 @@
     dest: "{{ distribution_home }}/var/etc/info/installer-info.json"
   notify: restart distribution
 
+- name: Check if systemyaml exists
+  become: yes
+  stat:
+    path: "{{ distribution_home }}/var/etc/system.yaml"
+  register: systemyaml
+
 - name: Configure systemyaml
   become: yes
   template:
     src: "{{ distribution_system_yaml_template }}"
     dest: "{{ distribution_home }}/var/etc/system.yaml"
+  when: 
+    - distribution_systemyaml is defined  
+    - distribution_systemyaml|length > 0
+    - distribution_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart distribution
 
-- name: Update Distribution base dir owner and group
+- name: Update distribution permissions
   become: yes
   file:
     path: "{{ distribution_home }}"
@@ -89,16 +105,6 @@
     recurse: yes
     owner: "{{ distribution_user }}"
     group: "{{ distribution_group }}"
-    mode: '0755'
-
-- name: Install Distribution as a service
-  become: yes
-  shell: |
-    {{ distribution_archive_service_cmd }}
-  args:
-    chdir: "{{ distribution_install_script_path }}"
-  register: check_service_status_result
-  ignore_errors: yes
 
 - name: Restart distribution
   meta: flush_handlers
@@ -109,3 +115,4 @@
   until: result.status == 200
   retries: 25
   delay: 5
+  when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/distribution/templates/system.yaml.j2

@@ -1,3 +1 @@
-{% if (distribution_systemyaml) and (distribution_systemyaml|length > 0) %}
 {{ distribution_systemyaml }}
-{% endif %}

Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml

@@ -1,2 +1,6 @@
 ---
+# platform collection version
+platform_collection_version: 7.19.4
 
+# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
+ansible_marketplace: galaxy

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/defaults/main.yml

@@ -1,7 +1,8 @@
 ---
 # defaults file for mc
-# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
+
-ansible_marketplace: standalone
+# The version of missioncontrol to install
+missioncontrol_version: 4.7.4
 
 # whether to enable HA
 mc_ha_enabled: false
@@ -12,16 +13,16 @@ mc_ha_node_type : master
 jfrog_home_directory: /opt/jfrog
 
 # The remote mc download file
-mc_tar: https://releases.jfrog.io/artifactory/jfrog-mc/linux/{{ missionControl_version }}/jfrog-mc-{{ missionControl_version }}-linux.tar.gz
+mc_tar: https://releases.jfrog.io/artifactory/jfrog-mc/linux/{{ missioncontrol_version }}/jfrog-mc-{{ missioncontrol_version }}-linux.tar.gz
-
 
 #The mc install directory
-mc_untar_home: "{{ jfrog_home_directory }}/jfrog-mc-{{ missionControl_version }}-linux"
+mc_untar_home: "{{ jfrog_home_directory }}/jfrog-mc-{{ missioncontrol_version }}-linux"
 mc_home: "{{ jfrog_home_directory }}/mc"
 
 mc_install_script_path: "{{ mc_home }}/app/bin"
 mc_thirdparty_path: "{{ mc_home }}/app/third-party"
 mc_archive_service_cmd: "{{ mc_install_script_path }}/installService.sh"
+mc_service_file : /lib/systemd/system/mc.service
 
 #mc users and groups
 mc_user: jfmc
@@ -94,3 +95,6 @@ mc_systemyaml: |-
   router:
     entrypoints:
       internalPort: 8046
+
+# Note: mc_systemyaml_override is by default false,  if you want to change default mc_systemyaml
+mc_systemyaml_override: false

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/meta/main.yml

@@ -1,6 +1,6 @@
 galaxy_info:
   author: "JFrog Maintainers Team <installers@jfrog.com>"
-  description: "The missionControl role will install missionControl software onto the host. An Artifactory server and Postgress database is required."
+  description: "The missioncontrol role will install missioncontrol software onto the host. An Artifactory server and Postgress database is required."
   company: JFrog
 
   issue_tracker_url: "https://github.com/jfrog/JFrog-Cloud-Installers/issues"
@@ -10,7 +10,7 @@ galaxy_info:
   min_ansible_version: 2.9
 
   galaxy_tags:
-    - missionControl
+    - missioncontrol
     - jfrog
 
 dependencies: []

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/install.yml

@@ -76,8 +76,7 @@
   become: yes
   copy:
     dest: "{{ mc_home }}/var/etc/security/master.key"
-    content: |
+    content: "{{ master_key }}"
-      {{ master_key }}
     owner: "{{ mc_user }}"
     group: "{{ mc_group }}"
     mode: 0640
@@ -113,11 +112,21 @@
     dest: "{{ mc_home }}/var/etc/info/installer-info.json"
   notify: restart missioncontrol
 
+- name: Check if systemyaml exists
+  become: yes
+  stat:
+    path: "{{ mc_home }}/var/etc/system.yaml"
+  register: systemyaml
+
 - name: Configure systemyaml
   become: yes
   template:
     src: "{{ mc_system_yaml_template }}"
     dest: "{{ mc_home }}/var/etc/system.yaml"
+  when: 
+    - mc_systemyaml is defined  
+    - mc_systemyaml|length > 0
+    - mc_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart missioncontrol
 
 - name: Update correct permissions
@@ -128,7 +137,6 @@
     recurse: yes
     owner: "{{ mc_user }}"
     group: "{{ mc_group }}"
-    mode: '0755'
 
 - name: Install mc as a service
   become: yes
@@ -136,8 +144,8 @@
     {{ mc_archive_service_cmd }}
   args:
     chdir: "{{ mc_install_script_path }}"
+    creates: "{{ mc_service_file }}"
   register: check_service_status_result
-  ignore_errors: yes
 
 - name: Restart missioncontrol
   meta: flush_handlers
@@ -148,3 +156,4 @@
   until: result.status == 200
   retries: 25
   delay: 5
+  when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/setup-elasticsearch.yml

@@ -69,16 +69,15 @@
   when: check_elasticsearch_package_result.matched > 0
 
 - name: Ensure /usr/share/elasticsearch  exists
+  become: yes
   file:
     path: "{{ mc_es_home }}"
     state: directory
     owner: elasticsearch
     group: elasticsearch
-  become: yes
 
 - name: Extract elasticsearch package
   become: yes
-  become_user: elasticsearch
   ignore_errors: yes
   unarchive:
     src: "{{ mc_elasticsearch_package }}"
@@ -88,18 +87,21 @@
       - --strip-components=1
     owner: elasticsearch
     group: elasticsearch
+    creates: "{{ mc_es_java_home }}"
   register: unarchive_result
   when: check_elasticsearch_package_result.matched > 0
 
 - name: Copy elasticsearch config files to ES_PATH_CONF dir
   become: yes
   command: "cp -r {{ mc_es_home }}/config/. {{ mc_es_conf_base }}/"
+  when: unarchive_result.changed
 
 - name: Remove elasticsearch config dir
   become: yes
   file:
     path: "{{ mc_es_home }}/config"
     state: absent
+  when: unarchive_result.changed
 
 - name: Generate HA elasticsearch.yml template file
   become: yes

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/setup-searchguard.yml

@@ -1,31 +1,18 @@
-- name: Copy elasticsearch certificate
+- name: Copy elasticsearch cert files
   become: yes
   copy:
     mode: 0600
-    src: files/searchguard/localhost.pem
+    src: "files/searchguard/{{ item }}"
-    dest: "{{ mc_es_conf_base }}/localhost.pem"
+    dest: "{{ mc_es_conf_base }}/{{ item }}"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy elasticsearch private key
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/localhost.key
-    dest: "{{ mc_es_conf_base }}/localhost.key"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy searchguard root ca
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/root-ca.pem
-    dest: "{{ mc_es_conf_base }}/root-ca.pem"
     owner: elasticsearch
     group: elasticsearch
+  loop:
+    - "localhost.pem"
+    - "localhost.key"
+    - "root-ca.pem"
 
 - name: Find searchguard bundle
+  become: yes
   find:
     paths: "{{ mc_home }}/app/third-party/elasticsearch/"
     patterns: "^search-guard-.+\\.zip$"
@@ -46,50 +33,30 @@
   register: install_searchguard_result
   when: check_searchguard_bundle_result.matched == 1
 
-- name: Copy searchguard admin certificate
+- name: Copy searchguard certificate files
   become: yes
   copy:
     mode: 0600
-    src: files/searchguard/sgadmin.pem
+    src: "files/searchguard/{{ item }}"
-    dest: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.pem"
+    dest: "{{ mc_es_searchgaurd_home }}/tools/{{ item }}"
     owner: elasticsearch
     group: elasticsearch
+  loop:
+    - "sgadmin.pem"
+    - "sgadmin.key"
+    - "root-ca.pem"
 
-- name: Copy searchguard admin private key
+- name: Copy SG roles files
   become: yes
   copy:
     mode: 0600
-    src: files/searchguard/sgadmin.key
+    src: "files/searchguard/{{ item }}"
-    dest: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.key"
+    dest: "{{ mc_es_searchgaurd_home }}/sgconfig/{{ item }}"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy searchguard root ca
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/root-ca.pem
-    dest: "{{ mc_es_searchgaurd_home }}/tools/root-ca.pem"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy roles template
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/sg_roles.yml
-    dest: "{{ mc_es_searchgaurd_home }}/sgconfig/sg_roles.yml"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy roles template
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/sg_roles_mapping.yml
-    dest: "{{ mc_es_searchgaurd_home }}/sgconfig/sg_roles_mapping.yml"
     owner: elasticsearch
     group: elasticsearch
+  loop:
+    - "sg_roles.yml"
+    - "sg_roles_mapping.yml"
 
 - name: Check execution bit
   become: yes

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade-elasticsearch.yml

@@ -65,7 +65,6 @@
 
 - name: Extract elasticsearch package
   become: yes
-  become_user: elasticsearch
   ignore_errors: yes
   unarchive:
     src: "{{ mc_elasticsearch_package }}"

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade-searchguard.yml

@@ -1,58 +1,27 @@
 - name: Create elasticsearch config path folder
   become: yes
   file:
-    path: "{{ mc_es_conf_base }}/searchguard"
+    path: "{{ mc_es_conf_base }}"
     state: directory
     mode: 0755
     owner: elasticsearch
     group: elasticsearch
 
-- name: Copy elasticsearch certificate
+- name: Copy elasticsearch cert files
   become: yes
   copy:
     mode: 0600
-    src: files/searchguard/localhost.pem
+    src: "files/searchguard/{{ item }}"
-    dest: "{{ mc_es_conf_base }}/localhost.pem"
+    dest: "{{ mc_es_conf_base }}/{{ item }}"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy elasticsearch private key
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/localhost.key
-    dest: "{{ mc_es_conf_base }}/localhost.key"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy searchguard admin certificate
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/sgadmin.pem
-    dest: "{{ mc_es_conf_base }}/searchguard/sgadmin.pem"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy searchguard admin private key
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/sgadmin.key
-    dest: "{{ mc_es_conf_base }}/searchguard/sgadmin.key"
-    owner: elasticsearch
-    group: elasticsearch
-
-- name: Copy searchguard root ca
-  become: yes
-  copy:
-    mode: 0600
-    src: files/searchguard/root-ca.pem
-    dest: "{{ mc_es_conf_base }}/root-ca.pem"
     owner: elasticsearch
     group: elasticsearch
+  loop:
+    - "localhost.pem"
+    - "localhost.key"
+    - "root-ca.pem"
 
 - name: Find searchguard bundle
+  become: yes
   find:
     paths: "{{ mc_home }}/app/third-party/elasticsearch/"
     patterns: "^search-guard-.+\\.zip$"
@@ -66,35 +35,42 @@
   ignore_errors: yes
   shell: |
     {{ mc_es_script_path }}/elasticsearch-plugin install \
-        -b file://{{ check_searchguard_bundle_result.files[0].path }}
+    -b file://{{ check_searchguard_bundle_result.files[0].path }}
   environment:
     JAVA_HOME: "{{ mc_es_java_home }}"
     ES_PATH_CONF: "{{ mc_es_conf_base }}/"
   register: install_searchguard_result
   when: check_searchguard_bundle_result.matched == 1
 
-- name: Copy roles template
+- name: Copy searchguard cert files
   become: yes
   copy:
     mode: 0600
-    src: files/searchguard/sg_roles.yml
+    src: "files/searchguard/{{ item }}"
-    dest: "{{ mc_es_home }}/plugins/search-guard-7/sgconfig/sg_roles.yml"
+    dest: "{{ mc_es_searchgaurd_home }}/tools/{{ item }}"
     owner: elasticsearch
     group: elasticsearch
+  loop:
+    - "sgadmin.pem"
+    - "sgadmin.key"
+    - "root-ca.pem"
 
-- name: Copy roles template
+- name: Copy SG roles files
   become: yes
   copy:
     mode: 0600
-    src: files/searchguard/sg_roles_mapping.yml
+    src: "files/searchguard/{{ item }}"
-    dest: "{{ mc_es_home }}/plugins/search-guard-7/sgconfig/sg_roles_mapping.yml"
+    dest: "{{ mc_es_searchgaurd_home }}/sgconfig/{{ item }}"
     owner: elasticsearch
     group: elasticsearch
+  loop:
+    - "sg_roles.yml"
+    - "sg_roles_mapping.yml"
 
 - name: Check execution bit
   become: yes
   file:
-    path: "{{ mc_es_home }}/plugins/search-guard-7/tools/sgadmin.sh"
+    path: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.sh"
     owner: elasticsearch
     group: elasticsearch
     mode: 0700

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/tasks/upgrade.yml

@@ -2,12 +2,6 @@
 - debug:
     msg: "Performing Upgrade of missionControl version - {{ missioncontrol_version }}"
 
-- name: Stop mc service
-  become: yes
-  systemd:
-    name: "{{ mc_daemon }}"
-    state: stopped
-
 - name: Download mc for upgrade
   unarchive:
     src: "{{ mc_tar }}"
@@ -21,30 +15,42 @@
   until: downloadmc is succeeded
   retries: 3
 
+- name: Stop mc service
+  become: yes
+  systemd:
+    name: "{{ mc_daemon }}"
+    state: stopped
+  when: downloadmc.changed
+
 - name: Delete current app folder
   become: yes
   file:
     path: "{{ mc_home }}/app"
     state: absent
+  when: downloadmc.changed
 
 - name: Copy new app to mc app
   command: "cp -r {{ mc_untar_home }}/app/. {{ mc_home }}/app"
   become: yes
+  when: downloadmc.changed
 
 - name: Delete untar directory
   file:
     path: "{{ mc_untar_home }}"
     state: absent
   become: yes
+  when: downloadmc.changed
 
 - name: Upgrade elasticsearch
   import_tasks: upgrade-elasticsearch.yml
+  when: downloadmc.changed
 
 - name: Check if install.sh wrapper script exist
   become: yes
   stat:
     path: "{{ mc_install_script_path }}/install.sh"
   register: upgrade_wrapper_script
+  when: downloadmc.changed
 
 - name: Include interactive installer scripts
   include_vars: script/archive.yml
@@ -59,7 +65,9 @@
     apply:
       environment:
         YQ_PATH: "{{ mc_thirdparty_path }}/yq"
-  when: upgrade_wrapper_script.stat.exists
+  when: 
+    - upgrade_wrapper_script.stat.exists
+    - downloadmc.changed
 
 - name: Configure installer info
   become: yes
@@ -68,11 +76,21 @@
     dest: "{{ mc_home }}/var/etc/info/installer-info.json"
   notify: restart missioncontrol
 
+- name: Check if systemyaml exists
+  become: yes
+  stat:
+    path: "{{ mc_home }}/var/etc/system.yaml"
+  register: systemyaml
+
 - name: Configure systemyaml
+  become: yes
   template:
     src: "{{ mc_system_yaml_template }}"
     dest: "{{ mc_home }}/var/etc/system.yaml"
-  become: yes
+  when: 
+    - mc_systemyaml is defined  
+    - mc_systemyaml|length > 0
+    - mc_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart missioncontrol
 
 - name: Update correct permissions
@@ -83,7 +101,6 @@
     recurse: yes
     owner: "{{ mc_user }}"
     group: "{{ mc_group }}"
-    mode: '0755'
 
 - name: Restart missioncontrol
   meta: flush_handlers
@@ -94,3 +111,4 @@
   until: result.status == 200
   retries: 25
   delay: 5
+  when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/templates/installer-info.json.j2

@@ -1,6 +1,6 @@
 {{ ansible_managed | comment }}
 {
-  "productId": "Ansible_MissionControl/{{ platform_collection_version }}-{{ missionControl_version }}",
+  "productId": "Ansible_Missioncontrol/{{ platform_collection_version }}-{{ missioncontrol_version }}",
   "features": [
     {
       "featureId": "Channel/{{ ansible_marketplace }}"

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/templates/system.yaml.j2

@@ -1,3 +1 @@
-{% if (mc_systemyaml) and (mc_systemyaml|length > 0) %}
 {{ mc_systemyaml }}
-{% endif %}

Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/vars/main.yml

@@ -1 +1,6 @@
 ---
+# platform collection version
+platform_collection_version: 7.19.4
+
+# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
+ansible_marketplace: galaxy

Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/Debian.yml

@@ -12,15 +12,15 @@
 - name: add postgres apt key
   become: yes
   apt_key:
-    url: https://www.postgresql.org/media/keys/ACCC4CF8.asc
+    url: "{{ postgres_apt_key_url }}"
-    id: "0x7FCC7D46ACCC4CF8"
+    id: "{{ postgres_apt_key_id }}"
     validate_certs: no
     state: present
 
 - name: register APT repository
   become: yes
   apt_repository:
-    repo: deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main
+    repo: "{{ postgres_apt_repository_repo }}"
     state: present
     filename: pgdg
 

Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/main.yml

@@ -96,7 +96,7 @@
   become: yes
   become_user: postgres
   postgresql_privs:
-    database: "{{ mc_db_name}}"
+    database: "{{ mc_db_name }}"
     privs: ALL
     type: schema
     roles: "{{ mc_db_user }}"

Ansible/ansible_collections/jfrog/platform/roles/postgres/vars/Debian.yml

@@ -4,3 +4,6 @@ postgresql_bin_path: "/usr/lib/postgresql/{{ postgres_version }}/bin"
 postgresql_config_path: "/etc/postgresql/{{ postgres_version }}/main"
 postgresql_daemon: postgresql@{{ postgres_version}}-main
 postgresql_external_pid_file: "/var/run/postgresql/{{ postgres_version }}-main.pid"
+postgres_apt_key_url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc"
+postgres_apt_key_id: "0x7FCC7D46ACCC4CF8"
+postgres_apt_repository_repo: "deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"

Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml

@@ -1,7 +1,8 @@
 ---
 # defaults file for xray
-# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
+
-ansible_marketplace: standalone
+# The version of xray to install
+xray_version: 3.25.1
 
 # whether to enable HA
 xray_ha_enabled: false
@@ -21,6 +22,7 @@ xray_home: "{{ jfrog_home_directory }}/xray"
 xray_install_script_path: "{{ xray_home }}/app/bin"
 xray_thirdparty_path: "{{ xray_home }}/app/third-party"
 xray_archive_service_cmd: "{{ xray_install_script_path }}/installService.sh"
+xray_service_file : /lib/systemd/system/xray.service
 
 #xray users and groups
 xray_user: xray
@@ -102,3 +104,6 @@ xray_systemyaml: |-
   router:
     entrypoints:
       internalPort: 8046
+
+# Note: xray_systemyaml_override is by default false,  if you want to change default xray_systemyaml
+xray_systemyaml_override: false

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/install.yml

@@ -79,8 +79,7 @@
   become: yes
   copy:
     dest: "{{ xray_home }}/var/etc/security/master.key"
-    content: |
+    content: "{{ master_key }}"
-      {{ master_key }}
     owner: "{{ xray_user }}"
     group: "{{ xray_group }}"
     mode: 0640
@@ -113,7 +112,6 @@
       environment:
         YQ_PATH: "{{ xray_thirdparty_path }}/yq"
   when: install_wrapper_script.stat.exists
-  ignore_errors: yes
 
 - name: Configure rabbitmq config
   become: yes
@@ -122,11 +120,21 @@
     dest: "{{ xray_home }}/app/bin/rabbitmq/rabbitmq.conf"
   notify: restart xray
 
+- name: Check if systemyaml exists
+  become: yes
+  stat:
+    path: "{{ xray_home }}/var/etc/system.yaml"
+  register: systemyaml
+
 - name: Configure systemyaml
   become: yes
   template:
     src: "{{ xray_system_yaml_template }}"
     dest: "{{ xray_home }}/var/etc/system.yaml"
+  when: 
+    - xray_systemyaml is defined  
+    - xray_systemyaml|length > 0
+    - xray_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart xray
 
 - name: Configure installer info
@@ -151,8 +159,8 @@
     {{ xray_archive_service_cmd }}
   args:
     chdir: "{{ xray_install_script_path }}"
+    creates: "{{ xray_service_file }}"
   register: check_service_status_result
-  ignore_errors: yes
 
 - name: Restart xray
   meta: flush_handlers
@@ -163,3 +171,4 @@
   until: result.status == 200
   retries: 25
   delay: 5
+  when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/upgrade.yml

@@ -2,12 +2,6 @@
 - debug:
     msg: "Performing upgrade of Xray version to {{ xray_version }}..."
 
-- name: stop xray
-  become: yes
-  systemd:
-    name: "{{ xray_daemon }}"   
-    state: stopped
-
 - name: download xray for upgrade
   become: yes
   unarchive:
@@ -17,28 +11,40 @@
     owner: "{{ xray_user }}"
     group: "{{ xray_group }}"
     creates: "{{ xray_untar_home }}"
-
   register: downloadxray
   until: downloadxray is succeeded
   retries: 3
 
+- name: stop xray
+  become: yes
+  systemd:
+    name: "{{ xray_daemon }}"   
+    state: stopped
+  when: downloadxray.changed
+
 - name: Delete xray app
   become: yes
   file:
     path: "{{ xray_home }}/app"
     state: absent
+  when: downloadxray.changed
 
 - name: Copy new app to xray app
   become: yes
   command: "cp -r {{ xray_untar_home }}/app/. {{ xray_home }}/app"
+  when: downloadxray.changed
 
 - name: Upgrade rabbitmq
   import_tasks: rabbitmq/upgrade/RedHat.yml
-  when: ansible_os_family == 'RedHat'
+  when:
+    - ansible_os_family == 'RedHat'
+    - downloadxray.changed
 
 - name: Upgrade rabbitmq
   import_tasks: rabbitmq/upgrade/Debian.yml
-  when: ansible_os_family == 'Debian'
+  when:
+    - ansible_os_family == 'Debian'
+    - downloadxray.changed
 
 - name: Check if install.sh wrapper script exist
   become: yes
@@ -59,21 +65,34 @@
     apply:
       environment:
         YQ_PATH: "{{ xray_thirdparty_path }}/yq"
-  when: install_wrapper_script.stat.exists
+  when:
-  ignore_errors: yes
+    - install_wrapper_script.stat.exists
+    - downloadxray.changed
 
 - name: Configure rabbitmq config
   become: yes
   template:
     src: "rabbitmq.conf.j2"
     dest: "{{ xray_home }}/app/bin/rabbitmq/rabbitmq.conf"
+  when:
+    - downloadxray.changed
   notify: restart xray
 
+- name: Check if systemyaml exists
+  become: yes
+  stat:
+    path: "{{ xray_home }}/var/etc/system.yaml"
+  register: systemyaml
+
 - name: Configure systemyaml
   become: yes
   template:
     src: "{{ xray_system_yaml_template }}"
     dest: "{{ xray_home }}/var/etc/system.yaml"
+  when: 
+    - xray_systemyaml is defined  
+    - xray_systemyaml|length > 0
+    - xray_systemyaml_override or (not systemyaml.stat.exists) 
   notify: restart xray
 
 - name: configure installer info
@@ -92,15 +111,6 @@
     group: "{{ xray_group }}"
     recurse: yes
 
-- name: Install xray as a service
-  become: yes
-  shell: |
-    {{ xray_archive_service_cmd }}
-  args:
-    chdir: "{{ xray_install_script_path }}"
-  register: check_service_status_result
-  ignore_errors: yes
-
 - name: Restart xray
   meta: flush_handlers
 
@@ -110,3 +120,4 @@
   until: result.status == 200
   retries: 25
   delay: 5
+  when: not ansible_check_mode

Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml

@@ -1,2 +1,6 @@
 ---
-# vars file for xray
+# platform collection version
+platform_collection_version: 7.19.4
+
+# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
+ansible_marketplace: galaxy