Updates to support certification and RedHat Automation Hub.

2026-01-22 08:07:00 -06:00 · 2020-06-18 17:07:29 -07:00
parent 49cf1503de
commit 5ce8d505d1
168 changed files with 8183 additions and 71 deletions
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/README.md
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/README.md
@@ -0,0 +1,32 @@
+# artifactory
+The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory_nginx to install nginx.
+
+## Role Variables
+* _artifactory_version_: The version of Artifactory to install. eg. "7.4.1"
+* _master_key_: This is the Artifactory [Master Key](https://www.jfrog.com/confluence/display/JFROG/Managing+Keys). See below to [autogenerate this key](#autogenerating-master-and-join-keys).
+* _join_key_: This is the Artifactory [Join Key](https://www.jfrog.com/confluence/display/JFROG/Managing+Keys). See below to [autogenerate this key](#autogenerating-master-and-join-keys).
+* _db_download_url_: This is the download URL for the JDBC driver for your database. eg. "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar"
+* _db_type_: This is the database type. eg. "postgresql"
+* _db_driver_: This is the JDBC driver class. eg. "org.postgresql.Driver"
+* _db_url_: This is the JDBC database url. eg. "jdbc:postgresql://10.0.0.120:5432/artifactory"
+* _db_user_: The database user to configure. eg. "artifactory"
+* _db_password_: The database password to configure. "Art1fact0ry"
+* _server_name_: This is the server name. eg. "artifactory.54.175.51.178.xip.io"
+* _system_file_: Your own [system YAML](https://www.jfrog.com/confluence/display/JFROG/System+YAML+Configuration+File) file can be specified and used. **If specified, this file will be used rather than constructing a file from the parameters above.**
+* _binary_store_file_: Your own [binary store file](https://www.jfrog.com/confluence/display/JFROG/Configuring+the+Filestore) can be used. If specified, the default cluster-file-system will not be used.
+
+### primary vars (vars used by the primary Artifactory server)
+* _artifactory_is_primary_: For the primary node this must be set to **true**.
+* _artifactory_license1 - 5_: These are the cluster licenses.
+* _artifactory_license_file_: Your own license file can be used. **If specified, a license file constructed from the licenses above will not be used.**
+
+### secondary vars (vars used by the secondary Artifactory server)
+* _artifactory_is_primary_: For the secondary node(s) this must be set to **false**.
+
+## Example Playbook
+```
+---
+- hosts: primary
+  roles:
+    - artifactory
+```
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/defaults/main.yml
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/defaults/main.yml
@@ -0,0 +1,48 @@
+---
+# defaults file for artifactory
+# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
+ansible_marketplace: standalone
+
+# The version of Artifactory to install
+artifactory_version: 7.4.1
+
+# licenses file - specify a licenses file or specify up to 5 licenses
+artifactory_license1:
+artifactory_license2:
+artifactory_license3:
+artifactory_license4:
+artifactory_license5:
+
+# whether to enable HA
+artifactory_ha_enabled: true
+
+# value for whether a host is primary. this should be set in host vars
+artifactory_is_primary: true
+
+# The location where Artifactory should install.
+artifactory_download_directory: /opt/jfrog
+
+# The location where Artifactory should store data.
+artifactory_file_store_dir: /data
+
+# Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro.
+artifactory_flavour: pro
+
+extra_java_opts: -server -Xms2g -Xmx14g -Xss256k -XX:+UseG1GC
+
+artifactory_tar: https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz
+artifactory_home: "{{ artifactory_download_directory }}/artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}"
+
+artifactory_user: artifactory
+artifactory_group: artifactory
+
+# Set the parameters required for the service.
+service_list:
+  - name: artifactory
+    description: Start script for Artifactory
+    start_command: "{{ artifactory_home }}/bin/artifactory.sh start"
+    stop_command: "{{ artifactory_home }}/bin/artifactory.sh stop"
+    type: forking
+    status_pattern: artifactory
+    user_name: "{{ artifactory_user }}"
+    group_name: "{{ artifactory_group }}"
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/handlers/main.yml
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/handlers/main.yml
@@ -0,0 +1,10 @@
+---
+# handlers file for artifactory
+- name: systemctl daemon-reload
+  systemd:
+    daemon_reload: yes
+
+- name: restart artifactory
+  service:
+    name: artifactory
+    state: restarted
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/meta/main.yml
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/meta/main.yml
@@ -0,0 +1,16 @@
+galaxy_info:
+  author: "Jeff Fry <jefff@jfrog.com>"
+  description: "The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory_nginx to install nginx."
+  company: JFrog
+
+  issue_tracker_url: "https://github.com/jfrog/JFrog-Cloud-Installers/issues"
+
+  license: license (Apache-2.0)
+
+  min_ansible_version: 2.9
+
+  galaxy_tags:
+    - artifactory
+    - jfrog
+
+dependencies: []
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/tasks/main.yml
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/tasks/main.yml
@@ -0,0 +1,160 @@
+---
+# tasks file for artifactory
+- name: install nginx
+  include_role:
+    name: artifactory_nginx
+
+- name: create group for artifactory
+  group:
+    name: "{{ artifactory_group }}"
+    state: present
+  become: yes
+
+- name: create user for artifactory
+  user:
+    name: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+    system: yes
+  become: yes
+
+- name: ensure artifactory_download_directory exists
+  file:
+    path: "{{ artifactory_download_directory }}"
+    state: directory
+  become: yes
+
+- name: download artifactory
+  unarchive:
+    src: "{{ artifactory_tar }}"
+    dest: "{{ artifactory_download_directory }}"
+    remote_src: yes
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+    creates: "{{ artifactory_home }}"
+  become: yes
+  register: downloadartifactory
+  until: downloadartifactory is succeeded
+  retries: 3
+
+- name: ensure artifactory_file_store_dir exists
+  file:
+    path: "{{ artifactory_file_store_dir }}"
+    state: directory
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: yes
+
+- name: ensure etc exists
+  file:
+    path: "{{ artifactory_home }}/var/etc"
+    state: directory
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: yes
+
+- name: use specified system yaml
+  copy:
+    src: "{{ system_file }}"
+    dest: "{{ artifactory_home }}/var/etc/system.yaml"
+  become: yes
+  when: system_file is defined
+
+- name: configure system yaml
+  template:
+    src: system.yaml.j2
+    dest: "{{ artifactory_home }}/var/etc/system.yaml"
+  become: yes
+  when: system_file is not defined
+
+- name: ensure {{ artifactory_home }}/var/etc/security/ exists
+  file:
+    path: "{{ artifactory_home }}/var/etc/security/"
+    state: directory
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: yes
+
+- name: configure master key
+  template:
+    src: master.key.j2
+    dest: "{{ artifactory_home }}/var/etc/security/master.key"
+  become: yes
+
+- name: configure join key
+  template:
+    src: join.key.j2
+    dest: "{{ artifactory_home }}/var/etc/security/join.key"
+  become: yes
+
+- name: ensure {{ artifactory_home }}/var/etc/info/ exists
+  file:
+    path: "{{ artifactory_home }}/var/etc/info/"
+    state: directory
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: yes
+
+- name: configure installer info
+  template:
+    src: installer-info.json.j2
+    dest: "{{ artifactory_home }}/var/etc/info/installer-info.json"
+  become: yes
+
+- name: use specified binary store
+  copy:
+    src: "{{ binary_store_file }}"
+    dest: "{{ artifactory_home }}/var/etc/binarystore.xml"
+  become: yes
+  when: binary_store_file is defined
+
+- name: use default binary store
+  template:
+    src: binarystore.xml.j2
+    dest: "{{ artifactory_home }}/var/etc/binarystore.xml"
+  become: yes
+  when: binary_store_file is not defined
+
+- name: use license file
+  copy:
+    src: "{{ artifactory_license_file }}"
+    dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
+  become: yes
+  when: artifactory_license_file is defined and artifactory_is_primary == true
+
+- name: use license strings
+  template:
+    src: artifactory.cluster.license.j2
+    dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
+  become: yes
+  when: artifactory_license_file is not defined and artifactory_is_primary == true
+
+- name: download database driver
+  get_url:
+    url: "{{ db_download_url }}"
+    dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: yes
+
+- name: create artifactory service
+  shell: "{{ artifactory_home }}/app/bin/installService.sh"
+  become: yes
+
+- name: start and enable the primary node
+  service:
+    name: artifactory
+    state: restarted
+  become: yes
+  when: artifactory_is_primary == true
+
+- name: random wait before restarting to prevent secondary nodes from hitting DB first
+  pause:
+    seconds: "{{ 120 | random + 10}}"
+  when: artifactory_is_primary == false
+
+- name: start and enable the secondary nodes
+  service:
+    name: artifactory
+    state: restarted
+  become: yes
+  when: artifactory_is_primary == false
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/artifactory.cluster.license.j2
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/artifactory.cluster.license.j2
@@ -0,0 +1,31 @@
+{% if artifactory_license1 %}
+{% if artifactory_license1|length %}
+{{ artifactory_license1 }}
+{% endif %}
+{% endif %}
+{% if artifactory_license2 %}
+
+
+{% if artifactory_license2|length %}
+{{ artifactory_license2 }}
+{% endif %}
+{% endif %}
+{% if artifactory_license3 %}
+
+
+{% if artifactory_license3|length %}
+{{ artifactory_license3 }}
+{% endif %}
+{% endif %}
+{% if artifactory_license4 %}
+
+{% if artifactory_license4|length %}
+{{ artifactory_license4 }}
+{% endif %}
+{% endif %}
+{% if artifactory_license5 %}
+
+{% if artifactory_license5|length %}
+{{ artifactory_license5 }}
+{% endif %}
+{% endif %}
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/binarystore.xml.j2
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/binarystore.xml.j2
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<config version="2">
+    <chain template="cluster-file-system"/>
+</config>
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/installer-info.json.j2
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/installer-info.json.j2
@@ -0,0 +1,12 @@
+{
+  "productId": "Ansible_artifactory/1.0.0",
+  "features": [
+    {
+      "featureId": "Partner/ACC-006973"
+    },
+    {
+      "featureId": "Channel/{{ ansible_marketplace }}"
+    }
+  ]
+}
+
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/join.key.j2
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/join.key.j2
@@ -0,0 +1 @@
+{{ join_key }}
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/master.key.j2
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/master.key.j2
@@ -0,0 +1 @@
+{{ master_key }}
--- a/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/system.yaml.j2
+++ b/Ansible/ansible_collections/jfrog/installers/roles/artifactory/templates/system.yaml.j2
@@ -0,0 +1,38 @@
+## @formatter:off
+## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE
+## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character.
+configVersion: 1
+
+## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products.
+## Replace JFROG_HOME with the real path! For example, in RPM install, JFROG_HOME=/opt/jfrog
+
+## NOTE: Sensitive information such as passwords and join key are encrypted on first read.
+## NOTE: The provided commented key and value is the default.
+
+## SHARED CONFIGURATIONS
+## A shared section for keys across all services in this config
+shared:
+
+  ## Node Settings
+  node:
+    ## A unique id to identify this node.
+    ## Default: auto generated at startup.
+    id: {{ ansible_machine_id }}
+
+    ## Sets this node as primary in HA installation
+    primary: {{ artifactory_is_primary }}
+
+    ## Sets this node as part of HA installation
+    haEnabled: {{ artifactory_ha_enabled }}
+
+  ## Database Configuration
+  database:
+    ## One of: mysql, oracle, mssql, postgresql, mariadb
+    ## Default: Embedded derby
+
+    ## Example for mysql/postgresql
+    type: "{{ db_type }}"
+    driver: "{{ db_driver }}"
+    url: "{{ db_url }}"
+    username: "{{ db_user }}"
+    password: "{{ db_password }}"