[ansible] JFrog Platform 7.18.5 release (#106)

* [ansible] JFrog Platform 7.18.5 release

Ansible/ansible_collections/jfrog/platform/roles/missionControl/tasks/expect.yml

@@ -0,0 +1,44 @@
+- name: Prepare expect scenario script
+  set_fact:
+    expect_scenario: |
+        set timeout 300
+        spawn {{ exp_executable_cmd }}
+        expect_before timeout { exit 1 }
+        set CYCLE_END 0
+        set count 0
+
+        while { $CYCLE_END == 0 } {
+            expect {
+                {% for each_request in exp_scenarios %}
+                    -nocase -re {{ '{' }}{{ each_request.expecting }}.*} {
+                        send "{{ each_request.sending }}\n"
+                    }
+                {% endfor %}
+                eof {
+                    set CYCLE_END 1
+                }
+            }
+            set count "[expr $count + 1]"
+            if { $count > 16} {
+                exit 128
+            }
+        }
+
+        expect eof
+        lassign [wait] pid spawnid os_error_flag value
+
+        if {$os_error_flag == 0} {
+            puts "INSTALLER_EXIT_STATUS-$value"
+        } else {
+            puts "INSTALLER_EXIT_STATUS-$value"
+        }
+
+- name: Interactive with expect
+  become: yes
+  ignore_errors: yes
+  shell: |
+    {{ expect_scenario }}
+  args:
+    executable: /usr/bin/expect
+    chdir: "{{ exp_dir }}"
+  register: exp_result

Ansible/ansible_collections/jfrog/platform/roles/missionControl/tasks/install.yml

@@ -0,0 +1,150 @@
+---
+- debug:
+    msg: "Performing installation of missionControl version - {{ missioncontrol_version }}"
+
+- name: Install expect dependency
+  become: yes
+  yum:
+    name: expect
+    state: present
+  when: ansible_os_family == 'Redhat'
+
+- name: Install expect dependency 
+  become: yes
+  apt:
+    name: expect
+    state: present
+    update_cache: yes
+  when: ansible_os_family == 'Debian'
+
+- name: Ensure group jfmc exist
+  become: yes
+  group:
+    name: "{{ mc_group }}"
+    gid: "{{ mc_gid }}"
+    state: present
+
+- name: Ensure user jfmc exist
+  become: yes
+  user:
+    uid: "{{ mc_uid }}"
+    name: "{{ mc_user }}"
+    group: "{{ mc_group }}"
+    create_home: yes
+    home: "{{ mc_home }}"
+    shell: /bin/bash
+    state: present
+
+- name: Download mc
+  become: yes
+  unarchive:
+    src: "{{ mc_tar }}"
+    dest: "{{ jfrog_home_directory }}"
+    remote_src: yes
+    owner: "{{ mc_user }}"
+    group: "{{ mc_group }}"
+    creates: "{{ mc_untar_home }}"
+  register: downloadmc
+  until: downloadmc is succeeded
+  retries: 3
+
+- name: Check if app directory exists
+  become: yes
+  stat:
+    path: "{{ mc_home }}/app"
+  register: app_dir_check
+
+- name: Copy untar directory to mc home
+  become: yes
+  command: "cp -r {{ mc_untar_home }}/. {{ mc_home }}"
+  when: not app_dir_check.stat.exists
+
+- name: Create required directories 
+  become: yes
+  file:
+    path: "{{ item }}"
+    state: directory
+    recurse: yes
+    owner: "{{ mc_user }}"
+    group: "{{ mc_group }}"
+  loop:
+    - "{{ mc_home }}/var/etc"
+    - "{{ mc_home }}/var/etc/security/"
+    - "{{ mc_home }}/var/etc/info/"
+
+- name: Configure master key
+  become: yes
+  copy:
+    dest: "{{ mc_home }}/var/etc/security/master.key"
+    content: |
+      {{ master_key }}
+    owner: "{{ mc_user }}"
+    group: "{{ mc_group }}"
+    mode: 0640
+
+- name: Setup elasticsearch
+  import_tasks: setup-elasticsearch.yml
+
+- name: Check if install.sh wrapper script exist
+  become: yes
+  stat:
+    path: "{{ mc_install_script_path }}/install.sh"
+  register: install_wrapper_script
+
+- name: Include interactive installer scripts
+  include_vars: script/archive.yml
+
+- name: Install JFMC
+  include_tasks: expect.yml
+  vars:
+    exp_executable_cmd: "./install.sh -u {{ mc_user }} -g {{ mc_group }}"
+    exp_dir: "{{ mc_install_script_path }}"
+    exp_scenarios: "{{ mc_installer_scenario['main'] }}"
+  args: 
+    apply:
+      environment: 
+        YQ_PATH: "{{ mc_thirdparty_path }}/yq" 
+  when: install_wrapper_script.stat.exists
+
+- name: Configure installer info
+  become: yes
+  template:
+    src: installer-info.json.j2
+    dest: "{{ mc_home }}/var/etc/info/installer-info.json"
+  notify: restart missioncontrol
+
+- name: Configure systemyaml
+  become: yes
+  template:
+    src: "{{ mc_system_yaml_template }}"
+    dest: "{{ mc_home }}/var/etc/system.yaml"
+  notify: restart missioncontrol
+
+- name: Update correct permissions
+  become: yes
+  file:
+    path: "{{ mc_home }}"
+    state: directory
+    recurse: yes
+    owner: "{{ mc_user }}"
+    group: "{{ mc_group }}"
+    mode: '0755'
+
+- name: Install mc as a service
+  become: yes
+  shell: |
+    {{ mc_archive_service_cmd }}
+  args:
+    chdir: "{{ mc_install_script_path }}"
+  register: check_service_status_result
+  ignore_errors: yes
+
+- name: Restart missioncontrol
+  meta: flush_handlers
+
+- name : Wait for missionControl to be fully deployed  
+  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  register: result
+  until: result.status == 200
+  retries: 25
+  delay: 5

Ansible/ansible_collections/jfrog/platform/roles/missionControl/tasks/main.yml

@@ -0,0 +1,6 @@
+- name: perform installation
+  include_tasks: "install.yml"
+  when: not mc_upgrade_only
+- name: perform upgrade
+  include_tasks: "upgrade.yml"
+  when: mc_upgrade_only

Ansible/ansible_collections/jfrog/platform/roles/missionControl/tasks/setup-elasticsearch.yml

@@ -0,0 +1,179 @@
+- name: Ensure group elasticsearch exists
+  become: yes
+  group:
+    name: elasticsearch
+    gid: "{{ es_gid }}"
+    state: present
+
+- name: Ensure user elasticsearch exists
+  become: yes
+  user:
+    name: elasticsearch
+    uid: "{{ es_uid }}"
+    group: elasticsearch
+    create_home: yes
+    home: "{{ mc_es_home }}"
+    shell: /bin/bash
+    state: present
+
+- name: Create required directories 
+  become: yes
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0755
+    recurse: yes
+    owner: elasticsearch
+    group: elasticsearch
+  loop:
+    - "{{ mc_es_conf_base }}"
+    - "{{ mc_es_data_dir }}"
+    - "{{ mc_es_log_dir }}"
+    - "{{ mc_es_home }}"
+
+- name: Set max file descriptors limit
+  become: yes
+  pam_limits:
+    domain: 'elasticsearch'
+    limit_type: '-'
+    limit_item: nofile
+    value: '65536'
+
+- name: Update nproc limit
+  become: yes
+  pam_limits:
+    domain: 'elasticsearch'
+    limit_type: '-'
+    limit_item: nproc
+    value: '4096'
+
+- name: Setting sysctl values
+  become: yes
+  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
+  loop:
+    - { name: "vm.max_map_count", value: 262144}
+  ignore_errors: yes
+
+- name: Find elasticsearch package
+  become: yes
+  find:
+    paths: "{{ mc_home }}/app/third-party/elasticsearch"
+    patterns: "^elasticsearch-oss-.+\\.tar.gz$"
+    use_regex: yes
+    file_type: file
+  register: check_elasticsearch_package_result
+
+- name: Set elasticsearch package file name
+  set_fact:
+    mc_elasticsearch_package: "{{ check_elasticsearch_package_result.files[0].path }}"
+  when: check_elasticsearch_package_result.matched > 0
+
+- name: Ensure /usr/share/elasticsearch  exists
+  file:
+    path: "{{ mc_es_home }}"
+    state: directory
+    owner: elasticsearch
+    group: elasticsearch
+  become: yes
+
+- name: Extract elasticsearch package
+  become: yes
+  become_user: elasticsearch
+  ignore_errors: yes
+  unarchive:
+    src: "{{ mc_elasticsearch_package }}"
+    dest: "{{ mc_es_home }}"
+    remote_src: yes
+    extra_opts:
+      - --strip-components=1
+    owner: elasticsearch
+    group: elasticsearch
+  register: unarchive_result
+  when: check_elasticsearch_package_result.matched > 0
+
+- name: Copy elasticsearch config files to ES_PATH_CONF dir
+  become: yes
+  command: "cp -r {{ mc_es_home }}/config/. {{ mc_es_conf_base }}/"
+
+- name: Remove elasticsearch config dir
+  become: yes
+  file:
+    path: "{{ mc_es_home }}/config"
+    state: absent
+
+- name: Generate HA elasticsearch.yml template file
+  become: yes
+  ignore_errors: yes
+  template:
+    src: templates/ha/{{ mc_ha_node_type }}.elasticsearch.yml.j2
+    dest: "{{ mc_es_conf_base }}/elasticsearch.yml"
+    owner: elasticsearch
+    group: elasticsearch
+  when:
+    - unarchive_result.extract_results.rc | default(128) == 0
+    - flow_type in ["ha-cluster", "ha-upgrade"]
+
+- name: Generate elasticsearch.yml template file
+  become: yes
+  template:
+    src: templates/elasticsearch.yml.j2
+    dest: "{{ mc_es_conf_base }}/elasticsearch.yml"
+    owner: elasticsearch
+    group: elasticsearch
+  when:
+    - unarchive_result.extract_results.rc | default(128) == 0
+    - flow_type in ["archive", "upgrade"]
+
+- name: Create empty unicast_hosts.txt file
+  become: yes
+  file:
+    path: "{{ mc_es_conf_base }}/unicast_hosts.txt"
+    state: touch
+    mode: 0664
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Setup searchguard plugin
+  import_tasks: setup-searchguard.yml
+
+- name: Update directories permissions
+  become: yes
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0755
+    recurse: yes
+    owner: elasticsearch
+    group: elasticsearch
+  loop:
+    - "{{ mc_es_conf_base }}"
+    - "{{ mc_es_data_dir }}"
+    - "{{ mc_es_log_dir }}"
+    - "{{ mc_es_home }}"
+    
+- name: Start elasticsearch
+  become: yes
+  become_user: elasticsearch
+  shell: "{{ mc_es_script_path }}/elasticsearch -d"
+  environment:
+    JAVA_HOME: "{{ mc_es_java_home }}"
+    ES_PATH_CONF: "{{ mc_es_conf_base }}/"
+  register: start_elasticsearch_result
+  when: unarchive_result.extract_results.rc | default(128) == 0
+
+- name: Wait for elasticsearch to start
+  pause:
+    seconds: 15
+
+- name: Init searchguard plugin
+  become: yes
+  become_user: elasticsearch
+  shell: |
+    ./sgadmin.sh -p {{ mc_es_transport_port }} -cacert root-ca.pem \
+    -cert sgadmin.pem -key sgadmin.key -cd {{ mc_es_searchgaurd_home }}/sgconfig/ -nhnv -icl
+  args:
+    chdir: "{{ mc_es_searchgaurd_home }}/tools/"
+  environment:
+    JAVA_HOME: "{{ mc_es_java_home }}"
+  register: install_searchguard_result
+  when: check_searchguard_bundle_result.matched == 1

Ansible/ansible_collections/jfrog/platform/roles/missionControl/tasks/setup-searchguard.yml

@@ -0,0 +1,100 @@
+- name: Copy elasticsearch certificate
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/localhost.pem
+    dest: "{{ mc_es_conf_base }}/localhost.pem"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy elasticsearch private key
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/localhost.key
+    dest: "{{ mc_es_conf_base }}/localhost.key"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy searchguard root ca
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/root-ca.pem
+    dest: "{{ mc_es_conf_base }}/root-ca.pem"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Find searchguard bundle
+  find:
+    paths: "{{ mc_home }}/app/third-party/elasticsearch/"
+    patterns: "^search-guard-.+\\.zip$"
+    use_regex: yes
+    file_type: file
+  register: check_searchguard_bundle_result
+
+- name: Install searchguard plugin
+  become: yes
+  become_user: elasticsearch
+  ignore_errors: yes
+  shell: |
+    {{ mc_es_script_path }}/elasticsearch-plugin install \
+    -b file://{{ check_searchguard_bundle_result.files[0].path }}
+  environment:
+    JAVA_HOME: "{{ mc_es_java_home }}"
+    ES_PATH_CONF: "{{ mc_es_conf_base }}/"
+  register: install_searchguard_result
+  when: check_searchguard_bundle_result.matched == 1
+
+- name: Copy searchguard admin certificate
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/sgadmin.pem
+    dest: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.pem"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy searchguard admin private key
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/sgadmin.key
+    dest: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.key"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy searchguard root ca
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/root-ca.pem
+    dest: "{{ mc_es_searchgaurd_home }}/tools/root-ca.pem"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy roles template
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/sg_roles.yml
+    dest: "{{ mc_es_searchgaurd_home }}/sgconfig/sg_roles.yml"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy roles template
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/sg_roles_mapping.yml
+    dest: "{{ mc_es_searchgaurd_home }}/sgconfig/sg_roles_mapping.yml"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Check execution bit
+  become: yes
+  file:
+    path: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.sh"
+    owner: elasticsearch
+    group: elasticsearch
+    mode: 0700

Ansible/ansible_collections/jfrog/platform/roles/missionControl/tasks/upgrade-elasticsearch.yml

@@ -0,0 +1,113 @@
+- name: Get elasticsearch pid
+  shell: "ps -ef | grep -v grep | grep -w elasticsearch | awk '{print $2}'"
+  register: elasticsearch_pid
+
+- name: Stop elasticsearch before upgrade
+  become: yes
+  shell: kill -9 {{ elasticsearch_pid.stdout }}
+  when: elasticsearch_pid.stdout | length > 0
+
+- name: Waiting until all running processes are killed
+  wait_for:
+    path: "/proc/{{ elasticsearch_pid.stdout }}/status"
+    state: absent
+  when: elasticsearch_pid.stdout | length > 0
+
+- name: Find searchguard bundle for removal
+  become: yes
+  find:
+    paths: "{{ mc_home }}/app/third-party/elasticsearch/"
+    patterns: "^search-guard-.+\\.zip$"
+    use_regex: yes
+    file_type: file
+  register: check_searchguard_bundle_result
+
+- name: Remove searchguard plugin
+  become: yes
+  become_user: elasticsearch
+  ignore_errors: yes
+  shell: |
+    {{ mc_es_script_path }}/elasticsearch-plugin remove {{ check_searchguard_bundle_result.files[0].path }}
+  environment:
+    JAVA_HOME: "{{ mc_es_java_home }}"
+    ES_PATH_CONF: "{{ mc_es_conf_base }}/config"
+  register: remove_searchguard_result
+  when: check_searchguard_bundle_result.matched == 1
+
+- name: Delete elasticsearch home dir
+  become: yes
+  file:
+    path: "{{ mc_es_home }}"
+    state: absent
+
+- name: Create elasticsearch home dir
+  become: yes
+  file:
+    path: "{{ mc_es_home }}"
+    state: directory
+    mode: 0755
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Find elasticsearch package
+  become: yes
+  find:
+    paths: "{{ mc_home }}/app/third-party/elasticsearch"
+    patterns: "^elasticsearch-oss-.+\\.tar.gz$"
+    use_regex: yes
+    file_type: file
+  register: check_elasticsearch_package_result
+
+- name: Set elasticsearch package file name
+  set_fact:
+    mc_elasticsearch_package: "{{ check_elasticsearch_package_result.files[0].path }}"
+  when: check_elasticsearch_package_result.matched > 0
+
+- name: Extract elasticsearch package
+  become: yes
+  become_user: elasticsearch
+  ignore_errors: yes
+  unarchive:
+    src: "{{ mc_elasticsearch_package }}"
+    dest: "{{ mc_es_home }}"
+    remote_src: yes
+    extra_opts:
+      - --strip-components=1
+      - --exclude=config
+    owner: elasticsearch
+    group: elasticsearch
+  register: unarchive_result
+  when: check_elasticsearch_package_result.matched > 0
+
+- name: Generate HA elasticsearch.yml template file
+  become: yes
+  ignore_errors: yes
+  template:
+    src: templates/ha/{{ mc_ha_node_type }}.elasticsearch.yml.j2
+    dest: "{{ mc_es_conf_base }}/elasticsearch.yml"
+    owner: elasticsearch
+    group: elasticsearch
+  when: unarchive_result.extract_results.rc | default(128) == 0
+
+- name: Create empty unicast_hosts.txt file
+  become: yes
+  file:
+    path: "{{ mc_es_conf_base }}/unicast_hosts.txt"
+    state: touch
+    mode: 0644
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Upgrade searchguard plugin
+  import_tasks: upgrade-searchguard.yml
+
+- name: Start elasticsearch
+  become: yes
+  become_user: elasticsearch
+  ignore_errors: yes
+  shell: "{{ mc_es_script_path }}/elasticsearch -d"
+  environment:
+    JAVA_HOME: "{{ mc_es_java_home }}"
+    ES_PATH_CONF: "{{ mc_es_conf_base }}/"
+  when: unarchive_result.extract_results.rc | default(128) == 0
+  register: start_elastcsearch_upgraded

Ansible/ansible_collections/jfrog/platform/roles/missionControl/tasks/upgrade-searchguard.yml

@@ -0,0 +1,100 @@
+- name: Create elasticsearch config path folder
+  become: yes
+  file:
+    path: "{{ mc_es_conf_base }}/searchguard"
+    state: directory
+    mode: 0755
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy elasticsearch certificate
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/localhost.pem
+    dest: "{{ mc_es_conf_base }}/localhost.pem"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy elasticsearch private key
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/localhost.key
+    dest: "{{ mc_es_conf_base }}/localhost.key"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy searchguard admin certificate
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/sgadmin.pem
+    dest: "{{ mc_es_conf_base }}/searchguard/sgadmin.pem"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy searchguard admin private key
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/sgadmin.key
+    dest: "{{ mc_es_conf_base }}/searchguard/sgadmin.key"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy searchguard root ca
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/root-ca.pem
+    dest: "{{ mc_es_conf_base }}/root-ca.pem"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Find searchguard bundle
+  find:
+    paths: "{{ mc_home }}/app/third-party/elasticsearch/"
+    patterns: "^search-guard-.+\\.zip$"
+    use_regex: yes
+    file_type: file
+  register: check_searchguard_bundle_result
+
+- name: Install searchguard plugin
+  become: yes
+  become_user: elasticsearch
+  ignore_errors: yes
+  shell: |
+    {{ mc_es_script_path }}/elasticsearch-plugin install \
+        -b file://{{ check_searchguard_bundle_result.files[0].path }}
+  environment:
+    JAVA_HOME: "{{ mc_es_java_home }}"
+    ES_PATH_CONF: "{{ mc_es_conf_base }}/"
+  register: install_searchguard_result
+  when: check_searchguard_bundle_result.matched == 1
+
+- name: Copy roles template
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/sg_roles.yml
+    dest: "{{ mc_es_home }}/plugins/search-guard-7/sgconfig/sg_roles.yml"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Copy roles template
+  become: yes
+  copy:
+    mode: 0600
+    src: files/searchguard/sg_roles_mapping.yml
+    dest: "{{ mc_es_home }}/plugins/search-guard-7/sgconfig/sg_roles_mapping.yml"
+    owner: elasticsearch
+    group: elasticsearch
+
+- name: Check execution bit
+  become: yes
+  file:
+    path: "{{ mc_es_home }}/plugins/search-guard-7/tools/sgadmin.sh"
+    owner: elasticsearch
+    group: elasticsearch
+    mode: 0700

Ansible/ansible_collections/jfrog/platform/roles/missionControl/tasks/upgrade.yml

@@ -0,0 +1,96 @@
+---
+- debug:
+    msg: "Performing Upgrade of missionControl version - {{ missioncontrol_version }}"
+
+- name: Stop mc service
+  become: yes
+  systemd:
+    name: "{{ mc_daemon }}"
+    state: stopped
+
+- name: Download mc for upgrade
+  unarchive:
+    src: "{{ mc_tar }}"
+    dest: "{{ jfrog_home_directory }}"
+    remote_src: yes
+    owner: "{{ mc_user }}"
+    group: "{{ mc_group }}"
+    creates: "{{ mc_untar_home }}"
+  become: yes
+  register: downloadmc
+  until: downloadmc is succeeded
+  retries: 3
+
+- name: Delete current app folder
+  become: yes
+  file:
+    path: "{{ mc_home }}/app"
+    state: absent
+
+- name: Copy new app to mc app
+  command: "cp -r {{ mc_untar_home }}/app/. {{ mc_home }}/app"
+  become: yes
+
+- name: Delete untar directory
+  file:
+    path: "{{ mc_untar_home }}"
+    state: absent
+  become: yes
+
+- name: Upgrade elasticsearch
+  import_tasks: upgrade-elasticsearch.yml
+
+- name: Check if install.sh wrapper script exist
+  become: yes
+  stat:
+    path: "{{ mc_install_script_path }}/install.sh"
+  register: upgrade_wrapper_script
+
+- name: Include interactive installer scripts
+  include_vars: script/archive.yml
+
+- name: Upgrade JFMC
+  include_tasks: expect.yml
+  vars:
+    exp_executable_cmd: "./install.sh -u {{ mc_user }} -g {{ mc_group }}"
+    exp_dir: "{{ mc_install_script_path }}"
+    exp_scenarios: "{{ mc_installer_scenario['main'] }}"
+  args: 
+    apply:
+      environment: 
+        YQ_PATH: "{{ mc_thirdparty_path }}/yq" 
+  when: upgrade_wrapper_script.stat.exists
+
+- name: Configure installer info
+  become: yes
+  template:
+    src: installer-info.json.j2
+    dest: "{{ mc_home }}/var/etc/info/installer-info.json"
+  notify: restart missioncontrol
+
+- name: Configure systemyaml
+  template:
+    src: "{{ mc_system_yaml_template }}"
+    dest: "{{ mc_home }}/var/etc/system.yaml"
+  become: yes
+  notify: restart missioncontrol
+
+- name: Update correct permissions
+  become: yes
+  file:
+    path: "{{ mc_home }}"
+    state: directory
+    recurse: yes
+    owner: "{{ mc_user }}"
+    group: "{{ mc_group }}"
+    mode: '0755'
+
+- name: Restart missioncontrol
+  meta: flush_handlers
+
+- name : Wait for missionControl to be fully deployed  
+  uri: url=http://127.0.0.1:8082/router/api/v1/system/health timeout=130
+  register: result
+  until: result.status == 200
+  retries: 25
+  delay: 5