diff --git a/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md b/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md index 2755d84..46e5ed3 100644 --- a/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md +++ b/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md @@ -1,6 +1,11 @@ # JFrog Platform Ansible Collection Changelog All changes to this collection will be documented in this file. +## [7.21.12] - July 30, 2021 +* Added variable `postgres_enabled` to enable/disable default postgres role in `groups_vars/all/vars.yml` +* Added documentation to used external database +* Added support to override default systemyaml using `_systemyaml_override` + ## [7.21.7] - July 16, 2021 * Added variable to enable/disable each product in `groups_vars/all/vars.yml` * Added variable download Timeout in seconds for URL request diff --git a/Ansible/ansible_collections/jfrog/platform/README.md b/Ansible/ansible_collections/jfrog/platform/README.md index 319753f..d1cb7f5 100644 --- a/Ansible/ansible_collections/jfrog/platform/README.md +++ b/Ansible/ansible_collections/jfrog/platform/README.md @@ -88,6 +88,25 @@ All JFrog product roles support software updates. To use a role to perform a sof - xray ``` +## Using External Database +If an external database for one or more products is to be used, you don't need to run `postgres` role as part of platform.yml.This can also be done by setting `postgres_enabled` should be set to `false` in `group_vars/all/vars.yml` + +Create an external database as documented [here](https://www.jfrog.com/confluence/display/JFROG/PostgreSQL#PostgreSQL-CreatingtheArtifactoryPostgreSQLDatabase) and change corresponding product values in `group_vars/all/vars.yml` + +For example, for artifactory, these below values needs to be set for using external postgresql + +``` +postgres_enabled: false + +artifactory_db_type: postgresql +artifactory_db_driver: org.postgresql.Driver +artifactory_db_name: +artifactory_db_user: +artifactory_db_password: +artifactory_db_url: jdbc:postgresql://:5432/{{ artifactory_db_name }} + +``` + ## Building the Collection Archive 1. Go to the ansible_collections/jfrog/platform directory. 2. Update the galaxy.yml meta file as needed. Update the version. diff --git a/Ansible/ansible_collections/jfrog/platform/galaxy.yml b/Ansible/ansible_collections/jfrog/platform/galaxy.yml index ca32096..ed9aba5 100644 --- a/Ansible/ansible_collections/jfrog/platform/galaxy.yml +++ b/Ansible/ansible_collections/jfrog/platform/galaxy.yml @@ -9,7 +9,7 @@ namespace: "jfrog" name: "platform" # The version of the collection. Must be compatible with semantic versioning -version: "7.21.7" +version: "7.21.12" # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: "README.md" diff --git a/Ansible/ansible_collections/jfrog/platform/group_vars/all/vars.yml b/Ansible/ansible_collections/jfrog/platform/group_vars/all/vars.yml index d0090e0..2028c52 100755 --- a/Ansible/ansible_collections/jfrog/platform/group_vars/all/vars.yml +++ b/Ansible/ansible_collections/jfrog/platform/group_vars/all/vars.yml @@ -15,6 +15,7 @@ artifactory_enabled: true xray_enabled: true distribution_enabled: true mc_enabled: true +postgres_enabled: true # Artifactory DB details artifactory_db_type: postgresql diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml index 0c471a9..0deb592 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml @@ -2,7 +2,7 @@ # defaults file for artifactory # The version of artifactory to install -artifactory_version: 7.21.7 +artifactory_version: 7.21.12 # Set this to true when SSL is enabled (to use artifactory_nginx_ssl role), default to false (implies artifactory uses artifactory_nginx role ) artifactory_nginx_ssl_enabled: false diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml index 9339eba..9d62b2e 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/vars/main.yml @@ -1,6 +1,6 @@ --- # platform collection version -platform_collection_version: 7.21.7 +platform_collection_version: 7.21.12 # indicates where this collection was downloaded from (galaxy, automation_hub, standalone) ansible_marketplace: galaxy \ No newline at end of file diff --git a/Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml index b90e6df..0052425 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/distribution/vars/main.yml @@ -1,6 +1,6 @@ --- # platform collection version -platform_collection_version: 7.21.7 +platform_collection_version: 7.21.12 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) ansible_marketplace: galaxy diff --git a/Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/vars/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/vars/main.yml index 7ad6956..a1f294e 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/vars/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/missioncontrol/vars/main.yml @@ -1,6 +1,6 @@ --- # platform collection version -platform_collection_version: 7.21.7 +platform_collection_version: 7.21.12 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) ansible_marketplace: galaxy \ No newline at end of file diff --git a/Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/install.yml b/Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/install.yml new file mode 100644 index 0000000..07e9b44 --- /dev/null +++ b/Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/install.yml @@ -0,0 +1,122 @@ +--- +- name: define OS-specific variables + include_vars: "{{ ansible_os_family }}.yml" + +- name: perform installation + include_tasks: "{{ ansible_os_family }}.yml" + +- name: Set PostgreSQL environment variables. + become: yes + template: + src: postgres.sh.j2 + dest: /etc/profile.d/postgres.sh + mode: 0644 + notify: restart postgresql + +- name: Ensure PostgreSQL data directory exists. + become: yes + become_user: postgres + file: + path: "{{ postgresql_data_dir }}" + owner: postgres + group: postgres + state: directory + mode: 0700 + +- name: Initialize PostgreSQL database cluster + become: yes + become_user: postgres + command: "{{ postgresql_bin_path }}/initdb -D {{ postgresql_data_dir }}" + args: + creates: "{{ postgresql_data_dir }}/PG_VERSION" + environment: + LC_ALL: "{{ postgres_locale }}" + +- name: Setup postgres configuration files + become: yes + become_user: postgres + template: + src: "{{ item }}.j2" + dest: "{{ postgresql_config_path }}/{{ item }}" + owner: postgres + group: postgres + mode: u=rw,go=r + loop: + - pg_hba.conf + - postgresql.conf + notify: restart postgresql + +- name: Ensure PostgreSQL is started and enabled on boot + become: yes + systemd: + name: "{{ postgresql_daemon }}" + state: started + enabled: yes + +- name: Hold until Postgresql is up and running + wait_for: + port: "{{ postgres_port }}" + +- name: Create users + become: yes + become_user: postgres + postgresql_user: + name: "{{ item.db_user }}" + password: "{{ item.db_password }}" + conn_limit: "-1" + loop: "{{ db_users|default([]) }}" + no_log: true # secret passwords + +- name: Create a database + become: yes + become_user: postgres + postgresql_db: + name: "{{ item.db_name }}" + owner: "{{ item.db_owner }}" + encoding: UTF-8 + lc_collate: "{{ postgres_locale }}" + lc_ctype: "{{ postgres_locale }}" + template: template0 + loop: "{{ dbs|default([]) }}" + +- name: Check if MC schemas already exists + become: yes + become_user: postgres + command: psql -d {{ mc_db_name }} -t -c "\dn" + register: mc_schemas_loaded + when: mc_enabled + +- name: Create schemas for mission-control + become: yes + become_user: postgres + command: psql -d {{ mc_db_name }} -c 'CREATE SCHEMA {{ item }} authorization {{ mc_db_user }}' + loop: "{{ mc_schemas|default([]) }}" + when: + - mc_enabled + - "mc_schemas_loaded.stdout is defined and '{{ item }}' not in mc_schemas_loaded.stdout" + +- name: Grant all privileges to mc user on its schema + become: yes + become_user: postgres + postgresql_privs: + database: "{{ mc_db_name }}" + privs: ALL + type: schema + roles: "{{ mc_db_user }}" + objs: "{{ item }}" + loop: "{{ mc_schemas|default([]) }}" + when: mc_enabled + +- name: Grant privs on db + become: yes + become_user: postgres + postgresql_privs: + database: "{{ item.db_name }}" + role: "{{ item.db_owner }}" + state: present + privs: ALL + type: database + loop: "{{ dbs|default([]) }}" + +- debug: + msg: "Restarted postgres systemd {{ postgresql_daemon }}" diff --git a/Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/main.yml index 07e9b44..a6a5ffa 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/postgres/tasks/main.yml @@ -1,122 +1,4 @@ ---- -- name: define OS-specific variables - include_vars: "{{ ansible_os_family }}.yml" - -- name: perform installation - include_tasks: "{{ ansible_os_family }}.yml" - -- name: Set PostgreSQL environment variables. - become: yes - template: - src: postgres.sh.j2 - dest: /etc/profile.d/postgres.sh - mode: 0644 - notify: restart postgresql - -- name: Ensure PostgreSQL data directory exists. - become: yes - become_user: postgres - file: - path: "{{ postgresql_data_dir }}" - owner: postgres - group: postgres - state: directory - mode: 0700 - -- name: Initialize PostgreSQL database cluster - become: yes - become_user: postgres - command: "{{ postgresql_bin_path }}/initdb -D {{ postgresql_data_dir }}" - args: - creates: "{{ postgresql_data_dir }}/PG_VERSION" - environment: - LC_ALL: "{{ postgres_locale }}" - -- name: Setup postgres configuration files - become: yes - become_user: postgres - template: - src: "{{ item }}.j2" - dest: "{{ postgresql_config_path }}/{{ item }}" - owner: postgres - group: postgres - mode: u=rw,go=r - loop: - - pg_hba.conf - - postgresql.conf - notify: restart postgresql - -- name: Ensure PostgreSQL is started and enabled on boot - become: yes - systemd: - name: "{{ postgresql_daemon }}" - state: started - enabled: yes - -- name: Hold until Postgresql is up and running - wait_for: - port: "{{ postgres_port }}" - -- name: Create users - become: yes - become_user: postgres - postgresql_user: - name: "{{ item.db_user }}" - password: "{{ item.db_password }}" - conn_limit: "-1" - loop: "{{ db_users|default([]) }}" - no_log: true # secret passwords - -- name: Create a database - become: yes - become_user: postgres - postgresql_db: - name: "{{ item.db_name }}" - owner: "{{ item.db_owner }}" - encoding: UTF-8 - lc_collate: "{{ postgres_locale }}" - lc_ctype: "{{ postgres_locale }}" - template: template0 - loop: "{{ dbs|default([]) }}" - -- name: Check if MC schemas already exists - become: yes - become_user: postgres - command: psql -d {{ mc_db_name }} -t -c "\dn" - register: mc_schemas_loaded - when: mc_enabled - -- name: Create schemas for mission-control - become: yes - become_user: postgres - command: psql -d {{ mc_db_name }} -c 'CREATE SCHEMA {{ item }} authorization {{ mc_db_user }}' - loop: "{{ mc_schemas|default([]) }}" - when: - - mc_enabled - - "mc_schemas_loaded.stdout is defined and '{{ item }}' not in mc_schemas_loaded.stdout" - -- name: Grant all privileges to mc user on its schema - become: yes - become_user: postgres - postgresql_privs: - database: "{{ mc_db_name }}" - privs: ALL - type: schema - roles: "{{ mc_db_user }}" - objs: "{{ item }}" - loop: "{{ mc_schemas|default([]) }}" - when: mc_enabled - -- name: Grant privs on db - become: yes - become_user: postgres - postgresql_privs: - database: "{{ item.db_name }}" - role: "{{ item.db_owner }}" - state: present - privs: ALL - type: database - loop: "{{ dbs|default([]) }}" - -- debug: - msg: "Restarted postgres systemd {{ postgresql_daemon }}" +- name: Install postgres + include_tasks: "install.yml" + when: + - postgres_enabled \ No newline at end of file diff --git a/Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml index d20cf73..03b5ed7 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/xray/defaults/main.yml @@ -2,7 +2,7 @@ # defaults file for xray # The version of xray to install -xray_version: 3.27.4 +xray_version: 3.29.0 # whether to enable HA xray_ha_enabled: false diff --git a/Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml index 7ad6956..a1f294e 100644 --- a/Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml +++ b/Ansible/ansible_collections/jfrog/platform/roles/xray/vars/main.yml @@ -1,6 +1,6 @@ --- # platform collection version -platform_collection_version: 7.21.7 +platform_collection_version: 7.21.12 # indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) ansible_marketplace: galaxy \ No newline at end of file