From fbba8620f0b720500814c3ba5904a98d1420127f Mon Sep 17 00:00:00 2001 From: Vinay Aggarwal Date: Sun, 11 Jul 2021 15:54:45 -0700 Subject: [PATCH] upgraded to artifactory 7.21.5 and xray 3.27.2 --- .../tasks/custom-data-directory.yml | 44 - .../xray/tasks/custom-data-directory.yml | 44 - .../cloudInstallerScripts/artifactory-ami.yml | 0 .../roles/artifactory-ami/.travis.yml | 0 .../roles/artifactory-ami/defaults/main.yml | 51 ++ .../artifactory-ami/defaults/main.yml.bak} | 0 .../roles/artifactory-ami/handlers/main.yml | 0 .../roles/artifactory-ami/meta/exception.yml | 0 .../roles/artifactory-ami/meta/main.yml | 0 .../artifactory-ami/meta/preferences.yml | 0 .../roles/artifactory-ami/meta/version.yml | 0 .../roles/artifactory-ami/tasks/main.yml | 2 +- .../templates/artifactory.cluster.license.j2 | 0 .../templates/binarystore.xml.j2 | 0 .../templates/installer-info.json.j2 | 0 .../artifactory-ami/templates/join.key.j2 | 0 .../artifactory-ami/templates/master.key.j2 | 0 .../artifactory-ami/templates/system.yaml.j2 | 3 +- .../roles/artifactory-ami/vars/main.yml | 0 .../roles/artifactory-nginx-ami/.travis.yml | 0 .../artifactory-nginx-ami/defaults/main.yml | 0 .../artifactory-nginx-ami/files/nginx.conf | 0 .../artifactory-nginx-ami/handlers/main.yml | 0 .../roles/artifactory-nginx-ami/meta/main.yml | 0 .../artifactory-nginx-ami/tasks/main.yml | 0 .../templates/artifactory.conf.j2 | 0 .../artifactory-nginx-ami/tests/inventory | 0 .../artifactory-nginx-ami/tests/test.yml | 0 .../roles/artifactory-nginx-ami/vars/main.yml | 0 .../roles/artifactory-nginx-ssl/.travis.yml | 0 .../artifactory-nginx-ssl/defaults/main.yml | 0 .../artifactory-nginx-ssl/handlers/main.yml | 0 .../roles/artifactory-nginx-ssl/meta/main.yml | 0 .../artifactory-nginx-ssl/tasks/main.yml | 0 .../templates/artifactory.conf.j2 | 0 .../templates/certificate.key.j2 | 0 .../templates/certificate.pem.j2 | 0 .../artifactory-nginx-ssl/tests/inventory | 0 .../artifactory-nginx-ssl/tests/test.yml | 0 .../roles/artifactory-nginx-ssl/vars/main.yml | 0 .../roles/artifactory-nginx/.travis.yml | 0 .../roles/artifactory-nginx/defaults/main.yml | 0 .../roles/artifactory-nginx/files/nginx.conf | 0 .../roles/artifactory-nginx/handlers/main.yml | 0 .../roles/artifactory-nginx/meta/main.yml | 0 .../roles/artifactory-nginx/tasks/main.yml | 0 .../templates/artifactory.conf.j2 | 0 .../roles/artifactory-nginx/tests/inventory | 0 .../roles/artifactory-nginx/tests/test.yml | 0 .../roles/artifactory-nginx/vars/main.yml | 0 .../roles/artifactory/.travis.yml | 0 .../roles/artifactory/defaults/main.yml | 15 +- .../roles/artifactory/handlers/main.yml | 0 .../roles/artifactory/meta/exception.yml | 0 .../roles/artifactory/meta/main.yml | 0 .../roles/artifactory/meta/preferences.yml | 0 .../roles/artifactory/meta/version.yml | 0 .../artifactory/tasks/configure-licenses.yml | 0 .../roles/artifactory/tasks/main.yml | 49 +- .../templates/artifactory.cluster.license.j2 | 0 .../templates/artifactory.pro.license.j2 | 0 .../artifactory/templates/binarystore.xml.j2 | 0 .../templates/installer-info.json.j2 | 0 .../roles/artifactory/templates/join.key.j2 | 0 .../roles/artifactory/templates/master.key.j2 | 0 .../artifactory/templates/system.yaml.j2 | 5 +- .../roles/artifactory/vars/main.yml | 0 .../roles/xray-ami/.travis.yml | 0 .../roles/xray-ami/defaults/main.yml | 0 .../roles/xray-ami/handlers/main.yml | 0 .../roles/xray-ami/meta/main.yml | 0 .../roles/xray-ami/tasks/Debian.yml | 0 .../roles/xray-ami/tasks/RedHat.yml | 2 +- .../roles/xray-ami/tasks/main.yml | 0 .../xray-ami/templates/installer-info.json.j2 | 0 .../roles/xray-ami/templates/join.key.j2 | 0 .../roles/xray-ami/templates/master.key.j2 | 0 .../roles/xray-ami/templates/system.yaml.j2 | 0 .../roles/xray-ami/tests/inventory | 0 .../roles/xray-ami/tests/test.yml | 0 .../roles/xray-ami/vars/main.yml | 0 .../roles/xray/.travis.yml | 0 .../roles/xray/defaults/main.yml | 6 - .../roles/xray/handlers/main.yml | 0 .../roles/xray/meta/main.yml | 0 .../roles/xray/tasks/Debian.yml | 0 .../roles/xray/tasks/RedHat.yml | 2 +- .../roles/xray/tasks/initialize-pg-db.yml | 0 .../roles/xray/tasks/main.yml | 4 - .../xray/templates/installer-info.json.j2 | 0 .../roles/xray/templates/join.key.j2 | 0 .../roles/xray/templates/master.key.j2 | 0 .../roles/xray/templates/system.yaml.j2 | 0 .../roles/xray/tests/inventory | 0 .../roles/xray/tests/test.yml | 0 .../roles/xray/vars/main.yml | 0 .../site-artifactory.yml | 0 .../cloudInstallerScripts/site-xray.yml | 0 .../cloudInstallerScripts/xray-ami.yml | 0 ...ifactory-core-infrastructure.template.yaml | 442 ++++++++++ ...artifactory-ec2-existing-vpc.template.yaml | 240 ++++-- ...rog-artifactory-ec2-instance.template.yaml | 466 ++++++++++ .../jfrog-artifactory-ec2-main.template.yaml} | 89 +- ...y-pro-ec2-existing-vpc-main.template.yaml} | 26 +- ...actory-pro-ec2-new-vpc-main.template.yaml} | 23 +- .../jfrog-xray-ec2-instance.template.yaml | 68 +- ...ifactory-core-infrastructure.template.yaml | 115 +-- ...artifactory-ec2-existing-vpc.template.yaml | 802 ++++++++++++++++++ ...rog-artifactory-ec2-instance.template.yaml | 187 ++-- .../jfrog-xray-ec2-instance.template.yaml | 255 ++++++ 110 files changed, 2378 insertions(+), 562 deletions(-) delete mode 100644 Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/custom-data-directory.yml delete mode 100644 Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/custom-data-directory.yml rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/artifactory-ami.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/.travis.yml (100%) create mode 100644 Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml rename Amazon/artifactory7/{latest/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml => v7215/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml.bak} (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/handlers/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/meta/exception.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/meta/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/meta/preferences.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/meta/version.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/tasks/main.yml (97%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/templates/artifactory.cluster.license.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/templates/binarystore.xml.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/templates/installer-info.json.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/templates/join.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/templates/master.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/templates/system.yaml.j2 (95%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-ami/vars/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/.travis.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/defaults/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/files/nginx.conf (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/handlers/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/meta/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/tasks/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/templates/artifactory.conf.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/inventory (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/test.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ami/vars/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/.travis.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/defaults/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/handlers/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/meta/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/tasks/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/inventory (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/test.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx-ssl/vars/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/.travis.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/defaults/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/files/nginx.conf (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/handlers/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/meta/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/tasks/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/templates/artifactory.conf.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/tests/inventory (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/tests/test.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory-nginx/vars/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/.travis.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/defaults/main.yml (69%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/handlers/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/meta/exception.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/meta/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/meta/preferences.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/meta/version.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/tasks/configure-licenses.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/tasks/main.yml (75%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/templates/artifactory.cluster.license.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/templates/artifactory.pro.license.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/templates/binarystore.xml.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/templates/installer-info.json.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/templates/join.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/templates/master.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/templates/system.yaml.j2 (95%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/artifactory/vars/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/.travis.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/defaults/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/handlers/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/meta/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/tasks/Debian.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/tasks/RedHat.yml (96%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/tasks/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/templates/installer-info.json.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/templates/join.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/templates/master.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/templates/system.yaml.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/tests/inventory (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/tests/test.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray-ami/vars/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/.travis.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/defaults/main.yml (78%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/handlers/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/meta/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/tasks/Debian.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/tasks/RedHat.yml (96%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/tasks/initialize-pg-db.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/tasks/main.yml (90%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/templates/installer-info.json.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/templates/join.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/templates/master.key.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/templates/system.yaml.j2 (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/tests/inventory (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/tests/test.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/roles/xray/vars/main.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/site-artifactory.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/site-xray.yml (100%) rename Amazon/artifactory7/{latest => v7215}/cloudInstallerScripts/xray-ami.yml (100%) create mode 100644 Amazon/artifactory7/v7215/templates/jfrog-artifactory-core-infrastructure.template.yaml rename Amazon/artifactory7/{latest => v7215}/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml (85%) create mode 100644 Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml rename Amazon/artifactory7/{latest/templates/jfrog-artifactory-ec2-master.template.yaml => v7215/templates/jfrog-artifactory-ec2-main.template.yaml} (92%) rename Amazon/artifactory7/{latest/templates/jfrog-artifactory-pro-ec2-existing-vpc-master.template.yaml => v7215/templates/jfrog-artifactory-pro-ec2-existing-vpc-main.template.yaml} (96%) rename Amazon/artifactory7/{latest/templates/jfrog-artifactory-pro-ec2-new-vpc-master.template.yaml => v7215/templates/jfrog-artifactory-pro-ec2-new-vpc-main.template.yaml} (95%) rename Amazon/artifactory7/{latest => v7215}/templates/jfrog-xray-ec2-instance.template.yaml (88%) rename Amazon/{artifactory7/latest => marketplace-jfrog-artifactory/v7215}/templates/jfrog-artifactory-core-infrastructure.template.yaml (75%) create mode 100644 Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml rename Amazon/{artifactory7/latest => marketplace-jfrog-artifactory/v7215}/templates/jfrog-artifactory-ec2-instance.template.yaml (67%) create mode 100644 Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-xray-ec2-instance.template.yaml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/custom-data-directory.yml b/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/custom-data-directory.yml deleted file mode 100644 index 4799a8b..0000000 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/custom-data-directory.yml +++ /dev/null @@ -1,44 +0,0 @@ -- name: setup directory symlink for using custom data directory/volume - block: - - name: Create a xfs filesystem on /dev/nvme1n1 - # First non-root device is always mapped to /dev/nvme1n1 - # See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nvme-ebs-volumes.html - community.general.filesystem: - dev: /dev/nvme1n1 - fstype: xfs - - - name: ensure external data directory exists - file: - path: "{{ custom_data_directory }}" - state: directory - - - name: Mount the EBS volume - ansible.posix.mount: - path: "{{ custom_data_directory }}" - src: /dev/nvme1n1 - state: mounted - fstype: xfs - - - name: set custom data directory permission - file: - path: "{{ custom_data_directory }}" - state: directory - recurse: yes - owner: "{{ artifactory_user }}" - group: "{{ artifactory_group }}" - mode: "u=rwX,g=rwX,o=rwX" - - - name: remove var directory if exists - file: - path: "{{ artifactory_home }}/var" - state: absent - - - name: symlink custom data directory to var - file: - src: "{{ custom_data_directory }}" - path: "{{ artifactory_home }}/var" - state: link - owner: "{{ artifactory_user }}" - group: "{{ artifactory_group }}" - become: yes - when: use_custom_data_directory and custom_data_directory is defined diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/custom-data-directory.yml b/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/custom-data-directory.yml deleted file mode 100644 index 8f359ca..0000000 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/custom-data-directory.yml +++ /dev/null @@ -1,44 +0,0 @@ -- name: setup directory symlink for using custom data directory/volume - block: - - name: Create a xfs filesystem on /dev/nvme1n1 - # First non-root device is always mapped to /dev/nvme1n1 - # See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nvme-ebs-volumes.html - community.general.filesystem: - dev: /dev/nvme1n1 - fstype: xfs - - - name: ensure external data directory exists - file: - path: "{{ custom_data_directory }}" - state: directory - - - name: Mount the EBS volume - ansible.posix.mount: - path: "{{ custom_data_directory }}" - src: /dev/nvme1n1 - state: mounted - fstype: xfs - - - name: set custom data directory permission - file: - path: "{{ custom_data_directory }}" - state: directory - recurse: yes - owner: "{{ xray_user }}" - group: "{{ xray_group }}" - mode: "u=rwX,g=rwX,o=rwX" - - - name: remove var directory if exists - file: - path: "{{ xray_home }}/var" - state: absent - - - name: symlink custom data directory to var - file: - src: "{{ custom_data_directory }}" - path: "{{ xray_home }}/var" - state: link - owner: "{{ xray_user }}" - group: "{{ xray_group }}" - become: yes - when: use_custom_data_directory and custom_data_directory is defined diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/artifactory-ami.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/artifactory-ami.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/artifactory-ami.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/artifactory-ami.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/.travis.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/.travis.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/.travis.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/.travis.yml diff --git a/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml new file mode 100644 index 0000000..c86e6ed --- /dev/null +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml @@ -0,0 +1,51 @@ +--- +# defaults file for artifactory +# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone) +ansible_marketplace: standalone + +# whether we are creating a AMI for Marketplace or just for configuring EC2 instance +ami_creation: false + +# The version of Artifactory to install +artifactory_version: 7.15.3 + +# licenses file - specify a licenses file or specify up to 5 licenses +artifactory_license1: +artifactory_license2: +artifactory_license3: +artifactory_license4: +artifactory_license5: +artifactory_license6: + +# whether to enable HA +artifactory_ha_enabled: true + +# value for whether a host is primary. this should be set in host vars +artifactory_is_primary: true + +# The location where Artifactory should install. +artifactory_download_directory: /opt/jfrog + +# The location where Artifactory should store data. +artifactory_file_store_dir: /data + +extra_java_opts: -server -Xms2g -Xmx14g -Xss256k -XX:+UseG1GC + +artifactory_tar: https://releases.jfrog.io/artifactory/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz + +artifactory_home: "{{ artifactory_download_directory }}/artifactory-pro-{{ artifactory_version }}" +db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + +artifactory_user: artifactory +artifactory_group: artifactory + +# Set the parameters required for the service. +service_list: + - name: artifactory + description: Start script for Artifactory + start_command: "{{ artifactory_home }}/bin/artifactory.sh start" + stop_command: "{{ artifactory_home }}/bin/artifactory.sh stop" + type: forking + status_pattern: artifactory + user_name: "{{ artifactory_user }}" + group_name: "{{ artifactory_group }}" diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml.bak similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/defaults/main.yml.bak diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/handlers/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/handlers/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/handlers/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/handlers/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/meta/exception.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/meta/exception.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/meta/exception.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/meta/exception.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/meta/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/meta/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/meta/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/meta/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/meta/preferences.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/meta/preferences.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/meta/preferences.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/meta/preferences.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/meta/version.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/meta/version.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/meta/version.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/meta/version.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/tasks/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/tasks/main.yml similarity index 97% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/tasks/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/tasks/main.yml index 68dc835..1ecd05d 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/tasks/main.yml +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/tasks/main.yml @@ -51,7 +51,7 @@ owner: "{{ artifactory_user }}" group: "{{ artifactory_group }}" loop: - - "bootstrap" + - "bootstrap/artifactory/tomcat/lib" - "etc" become: yes diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/artifactory.cluster.license.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/artifactory.cluster.license.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/artifactory.cluster.license.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/artifactory.cluster.license.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/binarystore.xml.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/binarystore.xml.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/binarystore.xml.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/binarystore.xml.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/installer-info.json.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/installer-info.json.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/installer-info.json.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/installer-info.json.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/join.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/join.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/join.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/join.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/master.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/master.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/master.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/master.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/system.yaml.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/system.yaml.j2 similarity index 95% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/system.yaml.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/system.yaml.j2 index 419a0c3..162bae8 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/templates/system.yaml.j2 +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/templates/system.yaml.j2 @@ -20,7 +20,8 @@ shared: id: {{ ansible_machine_id }} ## Sets this node as primary in HA installation - primary: {{ artifactory_is_primary }} + # primary: {{ artifactory_is_primary }} + Affinity: "any" ## Sets this node as part of HA installation haEnabled: {{ artifactory_ha_enabled }} diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/vars/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/vars/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-ami/vars/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-ami/vars/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/.travis.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/.travis.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/.travis.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/.travis.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/defaults/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/defaults/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/defaults/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/defaults/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/files/nginx.conf b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/files/nginx.conf similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/files/nginx.conf rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/files/nginx.conf diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/handlers/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/handlers/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/handlers/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/handlers/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/meta/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/meta/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/meta/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/meta/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/tasks/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/tasks/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/tasks/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/tasks/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/templates/artifactory.conf.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/templates/artifactory.conf.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/templates/artifactory.conf.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/templates/artifactory.conf.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/inventory b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/inventory similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/inventory rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/inventory diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/test.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/test.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/test.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/tests/test.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/vars/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/vars/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ami/vars/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ami/vars/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/.travis.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/.travis.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/.travis.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/.travis.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/defaults/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/defaults/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/defaults/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/defaults/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/handlers/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/handlers/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/handlers/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/handlers/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/meta/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/meta/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/meta/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/meta/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/tasks/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/tasks/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/tasks/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/tasks/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/artifactory.conf.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/templates/certificate.pem.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/inventory b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/inventory similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/inventory rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/inventory diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/test.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/test.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/test.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/tests/test.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/vars/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/vars/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx-ssl/vars/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx-ssl/vars/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/.travis.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/.travis.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/.travis.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/.travis.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/defaults/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/defaults/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/defaults/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/defaults/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/files/nginx.conf b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/files/nginx.conf similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/files/nginx.conf rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/files/nginx.conf diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/handlers/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/handlers/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/handlers/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/handlers/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/meta/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/meta/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/meta/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/meta/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/tasks/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/tasks/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/tasks/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/tasks/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/templates/artifactory.conf.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/templates/artifactory.conf.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/templates/artifactory.conf.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/templates/artifactory.conf.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/tests/inventory b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/tests/inventory similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/tests/inventory rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/tests/inventory diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/tests/test.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/tests/test.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/tests/test.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/tests/test.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/vars/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/vars/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory-nginx/vars/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory-nginx/vars/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/.travis.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/.travis.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/.travis.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/.travis.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/defaults/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/defaults/main.yml similarity index 69% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/defaults/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/defaults/main.yml index bbcfe91..a900841 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/defaults/main.yml +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/defaults/main.yml @@ -4,7 +4,7 @@ ansible_marketplace: standalone # The version of Artifactory to install -artifactory_version: 7.15.3 +artifactory_version: 7.19.4 # licenses - cluster license content in json artifactory_licenses: @@ -21,19 +21,10 @@ artifactory_download_directory: /opt/jfrog # The location where Artifactory should store data. artifactory_file_store_dir: /data -# whether to customer data directory -use_custom_data_directory: false - -# location for customer directory. Will be symlink to as artifactory/var -custom_data_directory: /artifactory-user-data - -# Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro. -artifactory_flavour: pro - extra_java_opts: -server -Xms2g -Xmx14g -Xss256k -XX:+UseG1GC -artifactory_tar: https://releases.jfrog.io/artifactory/artifactory-pro/org/artifactory/{{ artifactory_flavour }}/jfrog-artifactory-{{ artifactory_flavour }}/{{ artifactory_version }}/jfrog-artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}-linux.tar.gz -artifactory_home: "{{ artifactory_download_directory }}/artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}" +artifactory_tar: https://releases.jfrog.io/artifactory/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz +artifactory_home: "{{ artifactory_download_directory }}/artifactory-pro-{{ artifactory_version }}" artifactory_user: artifactory artifactory_group: artifactory diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/handlers/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/handlers/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/handlers/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/handlers/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/meta/exception.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/meta/exception.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/meta/exception.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/meta/exception.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/meta/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/meta/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/meta/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/meta/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/meta/preferences.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/meta/preferences.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/meta/preferences.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/meta/preferences.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/meta/version.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/meta/version.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/meta/version.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/meta/version.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/configure-licenses.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/tasks/configure-licenses.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/configure-licenses.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/tasks/configure-licenses.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/tasks/main.yml similarity index 75% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/tasks/main.yml index 25b1143..e435c20 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/tasks/main.yml +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/tasks/main.yml @@ -31,10 +31,6 @@ group: "{{ artifactory_group }}" become: yes -- name: setup directory symlink for using custom data directory/volume - include_tasks: custom-data-directory.yml - when: use_custom_data_directory and custom_data_directory is defined - - name: ensure data subdirectories exist and have correct ownership file: path: "{{ artifactory_home }}/var/{{ item }}" @@ -112,21 +108,44 @@ shell: "{{ artifactory_home }}/app/bin/installService.sh" become: yes +- name: Delete plugin folder + file: + state: absent + path: "{{ artifactory_home }}/var/etc/artifactory/plugins" + +- name: symlink plugin folder to EFS + file: + src: "/efsmount/plugins" + path: "{{ artifactory_home }}/var/etc/artifactory/plugins" + state: link + owner: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + +- name: ensure data subdirectories exist and have correct ownership + file: + path: "{{ artifactory_home }}/var/{{ item }}" + state: directory + owner: "{{ artifactory_user }}" + group: "{{ artifactory_group }}" + loop: + - "etc/artifactory/plugins" + become: yes + - name: start and enable the primary node service: name: artifactory state: restarted become: yes - when: artifactory_is_primary == true +# when: artifactory_is_primary == true -- name: random wait before restarting to prevent secondary nodes from hitting DB first - pause: - seconds: "{{ 120 | random + 10}}" - when: artifactory_is_primary == false +# - name: random wait before restarting to prevent secondary nodes from hitting DB first +# pause: +# seconds: "{{ 120 | random + 10}}" +# when: artifactory_is_primary == false -- name: start and enable the secondary nodes - service: - name: artifactory - state: restarted - become: yes - when: artifactory_is_primary == false +# - name: start and enable the secondary nodes +# service: +# name: artifactory +# state: restarted +# become: yes +# when: artifactory_is_primary == false diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/artifactory.cluster.license.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/artifactory.cluster.license.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/artifactory.cluster.license.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/artifactory.cluster.license.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/artifactory.pro.license.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/artifactory.pro.license.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/artifactory.pro.license.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/artifactory.pro.license.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/binarystore.xml.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/binarystore.xml.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/binarystore.xml.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/binarystore.xml.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/installer-info.json.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/installer-info.json.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/installer-info.json.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/installer-info.json.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/join.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/join.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/join.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/join.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/master.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/master.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/master.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/master.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/system.yaml.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/system.yaml.j2 similarity index 95% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/system.yaml.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/system.yaml.j2 index dc58c2c..7cefa6a 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/templates/system.yaml.j2 +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/templates/system.yaml.j2 @@ -22,8 +22,9 @@ shared: id: {{ ansible_machine_id }} ## Sets this node as primary in HA installation - primary: {{ artifactory_is_primary }} - + # primary: {{ artifactory_is_primary }} + Affinity: "any" + ## Sets this node as part of HA installation haEnabled: {{ artifactory_ha_enabled }} diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/vars/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/vars/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/artifactory/vars/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/artifactory/vars/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/.travis.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/.travis.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/.travis.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/.travis.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/defaults/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/defaults/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/defaults/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/defaults/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/handlers/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/handlers/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/handlers/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/handlers/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/meta/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/meta/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/meta/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/meta/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tasks/Debian.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tasks/Debian.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tasks/Debian.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tasks/Debian.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tasks/RedHat.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tasks/RedHat.yml similarity index 96% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tasks/RedHat.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tasks/RedHat.yml index 8435a82..4d8fbb3 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tasks/RedHat.yml +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tasks/RedHat.yml @@ -1,7 +1,7 @@ --- - name: Install db-utl yum: - name: "{{ xray_home }}/app/third-party/misc/libdb-utils-5.3.21-19.el7.x86_64.rpm" + name: "{{ xray_home }}/app/third-party/misc/libdb-utils-5.3.21-25.el7.x86_64.rpm" state: present vars: ansible_python_interpreter: /bin/python2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tasks/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tasks/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tasks/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tasks/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/templates/installer-info.json.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/templates/installer-info.json.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/templates/installer-info.json.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/templates/installer-info.json.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/templates/join.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/templates/join.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/templates/join.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/templates/join.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/templates/master.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/templates/master.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/templates/master.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/templates/master.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/templates/system.yaml.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/templates/system.yaml.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/templates/system.yaml.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/templates/system.yaml.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tests/inventory b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tests/inventory similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tests/inventory rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tests/inventory diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tests/test.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tests/test.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/tests/test.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/tests/test.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/vars/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/vars/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray-ami/vars/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray-ami/vars/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/.travis.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/.travis.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/.travis.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/.travis.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/defaults/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/defaults/main.yml similarity index 78% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/defaults/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/defaults/main.yml index 77a3f0c..c928913 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/defaults/main.yml +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/defaults/main.yml @@ -12,12 +12,6 @@ xray_ha_enabled: true # The location where xray should install. xray_download_directory: /opt/jfrog -# whether to customer data directory -use_custom_data_directory: false - -# location for customer directory. Will be symlink to as artifactory/var -custom_data_directory: /xray-user-data - # The remote xray download file xray_tar: https://releases.jfrog.io/artifactory/jfrog-xray/xray-linux/{{ xray_version }}/jfrog-xray-{{ xray_version }}-linux.tar.gz diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/handlers/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/handlers/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/handlers/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/handlers/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/meta/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/meta/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/meta/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/meta/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/Debian.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/Debian.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/Debian.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/Debian.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/RedHat.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/RedHat.yml similarity index 96% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/RedHat.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/RedHat.yml index 8435a82..4d8fbb3 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/RedHat.yml +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/RedHat.yml @@ -1,7 +1,7 @@ --- - name: Install db-utl yum: - name: "{{ xray_home }}/app/third-party/misc/libdb-utils-5.3.21-19.el7.x86_64.rpm" + name: "{{ xray_home }}/app/third-party/misc/libdb-utils-5.3.21-25.el7.x86_64.rpm" state: present vars: ansible_python_interpreter: /bin/python2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/initialize-pg-db.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/initialize-pg-db.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/initialize-pg-db.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/initialize-pg-db.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/main.yml similarity index 90% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/main.yml index 4ae86d6..896aff4 100644 --- a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tasks/main.yml +++ b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tasks/main.yml @@ -24,10 +24,6 @@ - name: perform prerequisite installation include_tasks: "{{ ansible_os_family }}.yml" -- name: setup directory symlink for using custom data directory/volume - include_tasks: custom-data-directory.yml - when: use_custom_data_directory and custom_data_directory is defined - - name: ensure data subdirectories exist and have correct ownership file: path: "{{ xray_home }}/var/{{ item }}" diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/templates/installer-info.json.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/templates/installer-info.json.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/templates/installer-info.json.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/templates/installer-info.json.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/templates/join.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/templates/join.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/templates/join.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/templates/join.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/templates/master.key.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/templates/master.key.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/templates/master.key.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/templates/master.key.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/templates/system.yaml.j2 b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/templates/system.yaml.j2 similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/templates/system.yaml.j2 rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/templates/system.yaml.j2 diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tests/inventory b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tests/inventory similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tests/inventory rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tests/inventory diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tests/test.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tests/test.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/tests/test.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/tests/test.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/vars/main.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/vars/main.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/roles/xray/vars/main.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/roles/xray/vars/main.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/site-artifactory.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/site-artifactory.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/site-artifactory.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/site-artifactory.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/site-xray.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/site-xray.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/site-xray.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/site-xray.yml diff --git a/Amazon/artifactory7/latest/cloudInstallerScripts/xray-ami.yml b/Amazon/artifactory7/v7215/cloudInstallerScripts/xray-ami.yml similarity index 100% rename from Amazon/artifactory7/latest/cloudInstallerScripts/xray-ami.yml rename to Amazon/artifactory7/v7215/cloudInstallerScripts/xray-ami.yml diff --git a/Amazon/artifactory7/v7215/templates/jfrog-artifactory-core-infrastructure.template.yaml b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-core-infrastructure.template.yaml new file mode 100644 index 0000000..c7b2b86 --- /dev/null +++ b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-core-infrastructure.template.yaml @@ -0,0 +1,442 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh61)' +Metadata: + cfn-lint: + config: + ignore_checks: + - W9006 + - W9002 + - W9003 + - W9004 +Parameters: + # AvailabilityZones: + # Description: List of Availability Zones to use for the subnets in the VPC. Two + # Availability Zones are used for this deployment. + # Type: List + VpcId: + Type: AWS::EC2::VPC::Id + VpcCidr: + Description: CIDR block for the VPC + AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ + ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 + Default: 10.0.0.0/16 + Type: String + PrivateSubnet1Cidr: + AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ + ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 + Default: 10.0.0.0/19 + Type: String + PrivateSubnet2Cidr: + AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ + ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 + Default: 10.0.32.0/19 + Type: String + PrivateSubnet3Cidr: + AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ + ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 + Default: 10.0.64.0/19 + Type: String + SubnetIds: + Type: List + DatabaseAllocatedStorage: + Type: Number + DatabasePreferredAz: + Type: String + MultiAzDatabase: + Description: Choose false to create an Amazon RDS instance in a single Availability Zone. + ConstraintDescription: True or False + AllowedValues: + - "true" + - "false" + Type: String + DatabaseUser: + Type: String + DatabasePassword: + NoEcho: 'true' + Type: String + DatabaseInstance: + Type: String + DatabaseName: + Type: String + InstanceType: + Default: m5.xlarge + Type: String + ArtifactoryHostRole: + Type: String + # VolumeSize: + # Type: Number + EfsSecurityGroup: + Type: String + +Mappings: + DatabaseMap: + Postgres: + Name: postgresql + DatabaseVersion: 11.5 + Driver: "org.postgresql.Driver" + Plugin: postgresql-42.2.9.jar + PluginURL: https://jdbc.postgresql.org/download/ + port: "5432" + extraDatabaseOps: "" + JavaOptionstoInstance: + c5.2xlarge: + Min: 8 + Max: 12 + DeploymentSize: Small + c5.4xlarge: + Min: 16 + Max: 24 + DeploymentSize: Large + m5.large: + Min: 4 + Max: 4 + DeploymentSize: xxSmall + m5.xlarge: + Min: 8 + Max: 12 + DeploymentSize: xSmall + m5.2xlarge: + Min: 16 + Max: 24 + DeploymentSize: Small + m5.4xlarge: + Min: 32 + Max: 48 + DeploymentSize: Medium + m5.8xlarge: + Min: 64 + Max: 96 + DeploymentSize: Large + m5.12xlarge: + Min: 96 + Max: 144 + DeploymentSize: xLarge + m5.16xlarge: + Min: 128 + Max: 192 + DeploymentSize: xxLarge + m5.24xlarge: + Min: 192 + Max: 288 + DeploymentSize: xxxLarge + m5.metal: + Min: 192 + Max: 288 + DeploymentSize: xxxLarge + m5d.large: + Min: 4 + Max: 4 + DeploymentSize: xxSmall + m5d.xlarge: + Min: 8 + Max: 12 + DeploymentSize: xSmall + m5d.2xlarge: + Min: 16 + Max: 24 + DeploymentSize: Small + m5d.4xlarge: + Min: 32 + Max: 48 + DeploymentSize: Medium + m5d.8xlarge: + Min: 64 + Max: 96 + DeploymentSize: Large + m5d.12xlarge: + Min: 96 + Max: 144 + DeploymentSize: xLarge + m5d.16xlarge: + Min: 128 + Max: 192 + DeploymentSize: xxLarge + m5d.24xlarge: + Min: 192 + Max: 288 + DeploymentSize: xxxLarge + m5d.metal: + Min: 192 + Max: 288 + DeploymentSize: xxxLarge + m5a.large: + Min: 4 + Max: 4 + DeploymentSize: xxSmall + m5a.xlarge: + Min: 8 + Max: 12 + DeploymentSize: xSmall + m5a.2xlarge: + Min: 16 + Max: 24 + DeploymentSize: Small + m5a.4xlarge: + Min: 32 + Max: 48 + DeploymentSize: Medium + m5a.8xlarge: + Min: 64 + Max: 96 + DeploymentSize: Large + m5a.12xlarge: + Min: 96 + Max: 144 + DeploymentSize: xLarge + m5a.16xlarge: + Min: 128 + Max: 192 + DeploymentSize: xxLarge + m5a.24xlarge: + Min: 192 + Max: 288 + DeploymentSize: xxxLarge + +Conditions: + IsMultiAzDatabase: !Equals [!Ref MultiAzDatabase, 'true'] + +Resources: + ArtifactoryDatabaseSubnetGroup: + Type: AWS::RDS::DBSubnetGroup + Properties: + DBSubnetGroupDescription: Private Subnets available to the RDS Instance(s) + SubnetIds: !Ref SubnetIds + ArtifactoryDatabase: + Type: AWS::RDS::DBInstance + Properties: + AllocatedStorage: !Ref DatabaseAllocatedStorage + AvailabilityZone: !If [IsMultiAzDatabase, !Ref AWS::NoValue, !Ref DatabasePreferredAz] + BackupRetentionPeriod: 30 + DBInstanceClass: !Ref DatabaseInstance + DBName: !Ref DatabaseName + DBSubnetGroupName: !Ref ArtifactoryDatabaseSubnetGroup + Engine: "Postgres" + EngineVersion: !FindInMap + - DatabaseMap + - "Postgres" + - DatabaseVersion + MasterUsername: !Ref DatabaseUser + MasterUserPassword: !Ref DatabasePassword + MultiAZ: !Ref MultiAzDatabase + StorageEncrypted: true + VPCSecurityGroups: + - !Ref ArtifactoryDatabaseSG + ArtifactoryDatabaseSG: + Type: AWS::EC2::SecurityGroup + Properties: + Tags: + - Key: Name + Value: artifactory-rds-sg + GroupDescription: SG for RDS Instance to allow communication from the Bastion and Artifactory servers. + VpcId: !Ref VpcId + SecurityGroupIngress: + - IpProtocol: tcp + FromPort: 22 + ToPort: 22 + CidrIp: !Ref VpcCidr + - IpProtocol: tcp + FromPort: !FindInMap + - DatabaseMap + - "Postgres" + - port + ToPort: !FindInMap + - DatabaseMap + - "Postgres" + - port + CidrIp: !Ref PrivateSubnet1Cidr + - IpProtocol: tcp + FromPort: !FindInMap + - DatabaseMap + - "Postgres" + - port + ToPort: !FindInMap + - DatabaseMap + - "Postgres" + - port + CidrIp: !Ref PrivateSubnet2Cidr + - IpProtocol: tcp + FromPort: !FindInMap + - DatabaseMap + - "Postgres" + - port + ToPort: !FindInMap + - DatabaseMap + - "Postgres" + - port + CidrIp: !Ref PrivateSubnet3Cidr + SecurityGroupEgress: + - IpProtocol: tcp + FromPort: 22 + ToPort: 22 + CidrIp: 0.0.0.0/0 + - IpProtocol: tcp + FromPort: 80 + ToPort: 80 + CidrIp: 0.0.0.0/0 + - IpProtocol: tcp + FromPort: 443 + ToPort: 443 + CidrIp: 0.0.0.0/0 + ArtifactoryS3Bucket: + Type: AWS::S3::Bucket + Properties: + AccessControl: Private + BucketEncryption: + ServerSideEncryptionConfiguration: + - ServerSideEncryptionByDefault: + SSEAlgorithm: AES256 + ArtifactoryS3IAMPolicy: + Type: AWS::IAM::Policy + Metadata: + cfn-lint: + config: + ignore_checks: + - EIAMPolicyActionWildcard + ignore_reasons: + - EIAMPolicyWildcardResource: excluding for s3:Get*, s3:Put*, s3:List* + Properties: + PolicyName: S3BucketPermissions + PolicyDocument: + Version: 2012-10-17 + Statement: + - Sid: S3BucketPermissions + Effect: Allow + Action: + - s3:AbortMultipartUpload + - s3:BypassGovernanceRetention + - s3:CreateAccessPoint + - s3:CreateAccessPointForObjectLambda + - s3:CreateBucket + - s3:CreateJob + - s3:DeleteAccessPoint + - s3:DeleteAccessPointForObjectLambda + - s3:DeleteAccessPointPolicy + - s3:DeleteAccessPointPolicyForObjectLambda + - s3:DeleteBucket + - s3:DeleteBucketOwnershipControls + - s3:DeleteBucketPolicy + - s3:DeleteBucketWebsite + - s3:DeleteJobTagging + - s3:DeleteObject + - s3:DeleteObjectTagging + - s3:DeleteObjectVersion + - s3:DeleteObjectVersionTagging + - s3:DeleteStorageLensConfiguration + - s3:DeleteStorageLensConfigurationTagging + - s3:DescribeJob + - s3:Get* + - s3:List* + - s3:ObjectOwnerOverrideToBucketOwner + - s3:Put* + - s3:ReplicateDelete + - s3:ReplicateObject + - s3:ReplicateTags + - s3:RestoreObject + - s3:UpdateJobPriority + - s3:UpdateJobStatus + Resource: + - Fn::Join: + - '' + - - !Sub "arn:${AWS::Partition}:s3:::" + - !Ref ArtifactoryS3Bucket + - Fn::Join: + - '' + - - !Sub "arn:${AWS::Partition}:s3:::" + - !Ref ArtifactoryS3Bucket + - "/*" + Roles: + - !Ref ArtifactoryHostRole + # ArtifactoryEbsVolume: + # Type: AWS::EC2::Volume + # Properties: + # AvailabilityZone: + # !If + # - IsMultiAzDatabase + # - !Select + # - '0' + # - !Ref AvailabilityZones + # - !Ref DatabasePreferredAz + # Encrypted: false + # Size: !Ref VolumeSize + # Tags: + # - Key: Name + # Value: !Sub "Artifactory-${AWS::StackName}" + # VolumeType: gp2 + # DeletionPolicy: Snapshot + # UpdateReplacePolicy: Snapshot + ArtifactoryEfsFileSystem: + Type: AWS::EFS::FileSystem + Properties: + BackupPolicy: + Status: DISABLED + Encrypted: true + FileSystemTags: + - Key: Name + Value: !Sub "Artifactory-${AWS::StackName}" + PerformanceMode: generalPurpose + ThroughputMode: bursting + ArtifactoryEfsMountTarget1: + Type: AWS::EFS::MountTarget + Properties: + FileSystemId: !Ref ArtifactoryEfsFileSystem + SecurityGroups: + - !Ref EfsSecurityGroup + SubnetId: !Select ['0', !Ref SubnetIds] + ArtifactoryEfsMountTarget2: + Type: AWS::EFS::MountTarget + Properties: + FileSystemId: !Ref ArtifactoryEfsFileSystem + SecurityGroups: + - !Ref EfsSecurityGroup + SubnetId: !Select ['1', !Ref SubnetIds] +Outputs: + S3Bucket: + Value: !Ref ArtifactoryS3Bucket + Description: Actual S3 bucket created for Artifactory + DatabaseDriver: + Value: !FindInMap [DatabaseMap, "Postgres", Driver] + DatabasePlugin: + Value: !FindInMap [DatabaseMap, "Postgres", Plugin] + DatabasePluginUrl: + Value: !Sub + - "${MainURL}${PluginVersion}" + - { + MainURL: !FindInMap [DatabaseMap, "Postgres", PluginURL], + PluginVersion: !FindInMap [DatabaseMap, "Postgres", Plugin] + } + DatabaseType: + Value: !FindInMap [DatabaseMap, "Postgres", Name] + DatabaseUrl: + Value: !Sub + - "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}" + - { + DatabaseType: !FindInMap [DatabaseMap, "Postgres", Name], + ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address, + port: !FindInMap [DatabaseMap, "Postgres", port], + extraDatabaseOps: !FindInMap [DatabaseMap, "Postgres", extraDatabaseOps], + } + XrayMasterDatabaseUrl: + Value: !Sub + - "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable" + - { + ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address, + port: !FindInMap [DatabaseMap, "Postgres", port], + } + XrayDatabaseUrl: + Value: !Sub + - "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable" + - { + ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address, + port: !FindInMap [DatabaseMap, "Postgres", port], + } + JavaOpts: + Value: !Sub + - "-Xms${min}g -Xmx${max}g" + - { + min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min], + max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max] + } + DeploymentSize: + Value: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, DeploymentSize] + ArtifactoryEfsFileSystem: + Value: !Ref ArtifactoryEfsFileSystem diff --git a/Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml similarity index 85% rename from Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml rename to Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml index 5b629f0..cd7ff5a 100644 --- a/Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml +++ b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml @@ -1,6 +1,12 @@ AWSTemplateFormatVersion: '2010-09-09' Description: 'JFrog Artifactory Quick Start Deployment into an Existing VPC (qs-1q037efj0)' Metadata: + cfn-lint: + config: + ignore_checks: + - E9101 + ignore_reasons: + - E9101: "'master' is part of the product naming conventions for now" QuickStartDocumentation: EntrypointName: "Parameters for launching into an existing VPC" Order: "2" @@ -15,7 +21,7 @@ Metadata: - Label: default: Network configuration Parameters: - - AvailabilityZones + # - AvailabilityZones - VpcId - VpcCidr - PublicSubnet1Id @@ -43,7 +49,6 @@ Metadata: - Label: default: JFrog Artifactory configuration Parameters: - - ArtifactoryProduct - ArtifactoryVersion - NumberOfSecondary - SmLicenseName @@ -56,7 +61,6 @@ Metadata: default: Amazon RDS configuration Parameters: - DatabaseName - - DatabaseEngine - DatabaseUser - DatabasePassword - DatabaseInstance @@ -74,13 +78,13 @@ Metadata: Parameters: - InstallXray - XrayVersion - - XrayNumberOfInstances + - XrayNumberOfSecondary - XrayInstanceType - XrayDatabaseUser - XrayDatabasePassword ParameterLabels: - AvailabilityZones: - default: Availability Zones + # AvailabilityZones: + # default: Availability Zones KeyPairName: default: SSH key name VpcId: @@ -125,8 +129,6 @@ Metadata: default: EC2 instance type NumberOfSecondary: default: Secondary instances - ArtifactoryProduct: - default: Artifactory product to install ArtifactoryVersion: default: Artifactory version SmLicenseName: @@ -143,8 +145,6 @@ Metadata: default: Default Java memory settings DatabaseName: default: Database name - DatabaseEngine: - default: Database engine DatabaseUser: default: Database user DatabasePassword: @@ -167,8 +167,8 @@ Metadata: default: Install JFrog Xray XrayVersion: default: Version of Xray to install - XrayNumberOfInstances: - default: Number of JFrog Xray instances + XrayNumberOfSecondary: + default: Number of JFrog Xray secondary instances XrayInstanceType: default: Xray instance type XrayDatabaseUser: @@ -176,10 +176,10 @@ Metadata: XrayDatabasePassword: default: Xray Database password Parameters: - AvailabilityZones: - Description: List of Availability Zones to use for the subnets in the VPC. Two - Availability Zones are used for this deployment. - Type: List + # AvailabilityZones: + # Description: List of Availability Zones to use for the subnets in the VPC. Two + # Availability Zones are used for this deployment. + # Type: List KeyPairName: Description: Name of an existing key pair, which allows you to connect securely to your instance after it launches. @@ -352,21 +352,13 @@ Parameters: - 7 Default: 2 Type: Number - ArtifactoryProduct: - Description: JFrog Artifactory product you want to install into an AMI. - AllowedValues: - - JFrog-Artifactory-Pro - - JFrog-Artifactory-Enterprise - - JFrog-Container-Registry - Default: JFrog-Artifactory-Enterprise - Type: String ArtifactoryVersion: Description: Version of Artifactory that you want to deploy into the Quick Start. See the release notes to select the version you want to deploy at https://www.jfrog.com/confluence/display/RTF/Release+Notes. AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$ ConstraintDescription: A version that matches X.X.X per Artifactory releases - Default: 7.18.6 + Default: 7.21.5 Type: String SmLicenseName: Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses. @@ -412,12 +404,6 @@ Parameters: ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter. Default: artdb Type: String - DatabaseEngine: - Description: Database engine that you want to run, which is currently locked to MySQL. - AllowedValues: - - Postgres - Default: Postgres - Type: String DatabaseUser: Description: Login ID for the master user of your database instance. MinLength: '1' @@ -428,27 +414,23 @@ Parameters: Type: String DatabasePassword: Description: Password for the Artifactory database user. - AllowedPattern: ^[^ \\']+$ + AllowedPattern: ^[^ \\'"]+$ MinLength: '8' - MaxLength: '12' - ConstraintDescription: Must be at least 8 and no more than - 12 characters containing letters and (minimum 1 capital letter), numbers and - symbols. + MaxLength: '20' + ConstraintDescription: Must be at least 8 and no more than 20 printable ASCII characters (letters, numbers and symbols. + Can't contain any of / (slash), '(single quote), "(double quote) and @ (at sign). NoEcho: 'true' Type: String DatabaseInstance: Description: Size of the database to be deployed as part of the Quick Start. AllowedValues: - - db.m5.large - - db.m5.xlarge - - db.m5.2xlarge - - db.m5.10xlarge - - db.m5.16xlarge - db.m5.large - db.m5.xlarge - db.m5.2xlarge - db.m5.4xlarge + - db.m5.8xlarge - db.m5.12xlarge + - db.m5.16xlarge - db.m5.24xlarge ConstraintDescription: Must be a valid database Instance Type. Default: db.m5.large @@ -505,15 +487,15 @@ Parameters: Description: The version of Xray that you want to deploy into the Quick Start. AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$ ConstraintDescription: A version that matches X.X.X per Xray releases. - Default: 3.24.2 + Default: 3.27.2 Type: String - XrayNumberOfInstances: - Description: The number of Xray instances servers to complete your - HA deployment. The minimum number is one; the maximum is seven. + XrayNumberOfSecondary: + Description: The number of Xray secondary instances servers to complete your + HA deployment. The minimum number is zero; the maximum is six. Do not select more than instances than you have licenses for. - MinValue: 1 - MaxValue: 7 - Default: 1 + MinValue: 0 + MaxValue: 6 + Default: 0 Type: Number XrayInstanceType: Description: The EC2 instance type for the Xray instances. @@ -533,29 +515,35 @@ Parameters: Type: String XrayDatabasePassword: Description: The password for the Xray database user. - AllowedPattern: ^[^ \\']+$ + AllowedPattern: ^[^ \\'"]+$ MinLength: '8' - MaxLength: '12' - ConstraintDescription: Must be at least 8 and no more than - 12 characters containing letters and (minimum 1 capital letter), numbers and - symbols. + MaxLength: '20' + ConstraintDescription: Must be at least 8 and no more than 20 printable ASCII characters (letters, numbers and symbols. + Can't contain any of / (slash), '(single quote), "(double quote) and @ (at sign). NoEcho: 'true' Type: String Conditions: EnableBastion: !Equals [!Ref 'ProvisionBastionHost', 'Enabled'] - IsArtifactory: !Not [!Equals [!Ref ArtifactoryProduct, 'JFrog-Container-Registry']] HasSecondaryNodes: !Not [!Equals [!Ref NumberOfSecondary, '0']] DefaultJava: !Equals [!Ref DefaultJavaMemSettings, "true"] UsingDefaultBucket: !Equals [!Ref QsS3BucketName, 'aws-quickstart'] EnableXray: !Equals [!Ref InstallXray, 'true'] SmCertNameNotExists: !Equals [!Ref 'SmCertName', ''] SmCertNameExists: !Not [!Equals [!Ref 'SmCertName', '']] + XrayHasSecondaryNodes: !Not [!Equals [!Ref XrayNumberOfSecondary, '0']] Resources: BastionRole: Condition: EnableBastion Type: "AWS::IAM::Role" + Metadata: + cfn-lint: + config: + ignore_checks: + - EIAMPolicyWildcardResource + ignore_reasons: + EIAMPolicyWildcardResource: EC2 ec2:Describe* , ec2:AssociateAddress API actions do not support resource-level permission Properties: AssumeRolePolicyDocument: Version: 2012-10-17 @@ -621,10 +609,10 @@ Resources: - S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName'] S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion'] Parameters: - AvailabilityZones: - Fn::Join: - - ',' - - Ref: AvailabilityZones + # AvailabilityZones: + # Fn::Join: + # - ',' + # - Ref: AvailabilityZones VpcId: !Ref VpcId VpcCidr: !Ref VpcCidr PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr @@ -634,14 +622,14 @@ Resources: DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage DatabasePreferredAz: !Ref DatabasePreferredAz MultiAzDatabase: !Ref MultiAzDatabase - DatabaseEngine: !Ref DatabaseEngine DatabaseUser: !Ref DatabaseUser DatabasePassword: !Ref DatabasePassword DatabaseInstance: !Ref DatabaseInstance DatabaseName: !Ref DatabaseName InstanceType: !Ref InstanceType ArtifactoryHostRole: !Ref ArtifactoryHostRole - VolumeSize: !Ref VolumeSize + # VolumeSize: !Ref VolumeSize + EfsSecurityGroup: !Ref ArtifactoryEc2Sg ArtifactoryElb: Type: AWS::ElasticLoadBalancingV2::LoadBalancer Properties: @@ -738,7 +726,7 @@ Resources: Properties: Tags: - Key: Name - Value: !Sub ${ArtifactoryProduct}-ec2-instances-sg + Value: artifactory-ec2-instances-sg GroupDescription: SG for EC2 instances (also permits access using SSH from the bastion host) VpcId: !Ref VpcId SecurityGroupIngress: @@ -770,11 +758,26 @@ Resources: FromPort: 8046 ToPort: 8046 CidrIp: !Ref VpcCidr +# as per https://stackoverflow.com/questions/38632222/aws-efs-connection-timeout-at-mount/57141195 +# we need to open 2049 ingress for EFS to work + - IpProtocol: tcp + FromPort: 2049 + ToPort: 2049 + CidrIp: !Ref VpcCidr SecurityGroupEgress: - IpProtocol: "-1" CidrIp: 0.0.0.0/0 ArtifactoryHostRole: Type: AWS::IAM::Role + Metadata: + cfn-lint: + config: + ignore_checks: + - EIAMPolicyWildcardResource + - EIAMPolicyActionWildcard + ignore_reasons: + EIAMPolicyWildcardResource: EC2 ec2:Describe* API actions do not support resource-level permission. Autoscaling has instance names changing, so needs to be * + EIAMPolicyActionWildcard: EC2 ec2:Describe* API actions do not support resource-level permission. Properties: Path: / AssumeRolePolicyDocument: @@ -818,7 +821,7 @@ Resources: - "logs:CreateLogStream" - "logs:PutLogEvents" - "logs:DescribeLogStreams" - Resource: "arn:aws:logs:*:*:*" + Resource: !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*" - Effect: "Allow" Action: - "s3:GetObject" @@ -830,7 +833,7 @@ Resources: - Effect: "Allow" Action: - "secretsmanager:GetSecretValue" - Resource: "arn:aws:secretsmanager:*:*:secret:*" + Resource: !Sub "arn:${AWS::Partition}:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:*" ArtifactoryHostProfile: Type: AWS::IAM::InstanceProfile Properties: @@ -849,7 +852,7 @@ Resources: PrivateSubnetIds: !Join [',', [!Ref PrivateSubnet1Id]] MinScalingNodes: '1' # Always have 1 PrimaryNode MaxScalingNodes: '1' # Always have 1 PrimaryNode - DeploymentTag: !If [IsArtifactory, "ArtifactoryPrimary", "JcrPrimary"] + DeploymentTag: Artifactory HostRole: !Ref ArtifactoryHostRole QsS3BucketName: !Ref QsS3BucketName QsS3KeyPrefix: !Ref QsS3KeyPrefix @@ -863,7 +866,6 @@ Resources: - UsingDefaultBucket - !Ref 'AWS::Region' - !Ref 'QsS3BucketRegion' - ArtifactoryProduct: !Ref ArtifactoryProduct ArtifactoryLicensesSecretName: !Ref SmLicenseName ArtifactoryServerName: !Ref ArtifactoryServerName EnableSSL: !If [SmCertNameExists, true, false] @@ -878,7 +880,6 @@ Resources: DatabaseType: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseType DatabaseUser: !Ref DatabaseUser DatabasePassword: !Ref DatabasePassword - ArtifactoryPrimary: true MasterKey: !Ref MasterKey ExtraJavaOptions: !If [DefaultJava, !Sub "${ArtifactoryCoreInfraStack.Outputs.JavaOpts} ${ExtraJavaOptions}", !Ref ExtraJavaOptions] ArtifactoryVersion: !Ref ArtifactoryVersion @@ -886,8 +887,9 @@ Resources: HostProfile: !Ref ArtifactoryHostProfile SecurityGroups: !Ref ArtifactoryEc2Sg InstanceType: !Ref InstanceType - PrimaryVolume: !GetAtt ArtifactoryCoreInfraStack.Outputs.ArtifactoryEbsVolume - VolumeSize: !Ref VolumeSize + # PrimaryVolume: !GetAtt ArtifactoryCoreInfraStack.Outputs.ArtifactoryEbsVolume + # VolumeSize: !Ref VolumeSize + ArtifactoryEfsFileSystem: !GetAtt ArtifactoryCoreInfraStack.Outputs.ArtifactoryEfsFileSystem TargetGroupARN: !Ref ArtifactoryTargetGroup SSLTargetGroupARN: !Ref ArtifactorySslTargetGroup InternalTargetGroupARN: !Ref ArtifactoryInternalTargetGroup @@ -905,9 +907,20 @@ Resources: PrivateSubnetIds: !Join [',', [!Ref PrivateSubnet1Id, !Ref PrivateSubnet2Id]] MinScalingNodes: !Ref NumberOfSecondary MaxScalingNodes: !Ref NumberOfSecondary - DeploymentTag: ArtifactorySecondary + DeploymentTag: Artifactory HostRole: !Ref ArtifactoryHostRole - ArtifactoryProduct: !Ref ArtifactoryProduct + QsS3BucketName: !Ref QsS3BucketName + QsS3KeyPrefix: !Ref QsS3KeyPrefix + QsS3Uri: !Sub + - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix} + - S3Bucket: !If + - UsingDefaultBucket + - !Sub 'aws-quickstart-${AWS::Region}' + - !Ref 'QsS3BucketName' + S3Region: !If + - UsingDefaultBucket + - !Ref 'AWS::Region' + - !Ref 'QsS3BucketRegion' ArtifactoryLicensesSecretName: !Ref SmLicenseName ArtifactoryServerName: !Ref ArtifactoryServerName EnableSSL: !If [SmCertNameExists, true, false] @@ -922,7 +935,6 @@ Resources: DatabaseType: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseType DatabaseUser: !Ref DatabaseUser DatabasePassword: !Ref DatabasePassword - ArtifactoryPrimary: false MasterKey: !Ref MasterKey ExtraJavaOptions: !If [DefaultJava, !Sub "${ArtifactoryCoreInfraStack.Outputs.JavaOpts} ${ExtraJavaOptions}", !Ref ExtraJavaOptions] ArtifactoryVersion: !Ref ArtifactoryVersion @@ -930,26 +942,24 @@ Resources: HostProfile: !Ref ArtifactoryHostProfile SecurityGroups: !Ref ArtifactoryEc2Sg InstanceType: !Ref InstanceType - PrimaryVolume: !GetAtt ArtifactoryCoreInfraStack.Outputs.ArtifactoryEbsVolume - VolumeSize: !Ref VolumeSize + # PrimaryVolume: !GetAtt ArtifactoryCoreInfraStack.Outputs.ArtifactoryEbsVolume + # VolumeSize: !Ref VolumeSize + ArtifactoryEfsFileSystem: !GetAtt ArtifactoryCoreInfraStack.Outputs.ArtifactoryEfsFileSystem TargetGroupARN: !Ref ArtifactoryTargetGroup SSLTargetGroupARN: !Ref ArtifactorySslTargetGroup InternalTargetGroupARN: !Ref ArtifactoryInternalTargetGroup - QsS3BucketName: !Ref QsS3BucketName - QsS3KeyPrefix: !Ref QsS3KeyPrefix - QsS3Uri: !Sub - - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix} - - S3Bucket: !If - - UsingDefaultBucket - - !Sub 'aws-quickstart-${AWS::Region}' - - !Ref 'QsS3BucketName' - S3Region: !If - - UsingDefaultBucket - - !Ref 'AWS::Region' - - !Ref 'QsS3BucketRegion' XrayHostRole: Condition: EnableXray Type: AWS::IAM::Role + Metadata: + cfn-lint: + config: + ignore_checks: + - EIAMPolicyWildcardResource + - EIAMPolicyActionWildcard + ignore_reasons: + EIAMPolicyWildcardResource: Autoscaling has instance names changing, so needs to be * for ec2:AttachVolume/ec2:DetachVolume + EIAMPolicyActionWildcard: EC2 ec2:Describe* API actions do not support resource-level permission. Properties: Path: / AssumeRolePolicyDocument: @@ -982,7 +992,9 @@ Resources: - "s3:GetObject" - "s3:ListObject" - "s3:ListBucket" - Resource: "*" + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${QsS3BucketName}/*" + - !Sub "arn:${AWS::Partition}:s3:::${QsS3BucketName}" - PolicyName: 'CloudWatch-policy' PolicyDocument: Version: "2012-10-17" @@ -993,11 +1005,11 @@ Resources: - "logs:CreateLogStream" - "logs:PutLogEvents" - "logs:DescribeLogStreams" - Resource: "arn:aws:logs:*:*:*" + Resource: !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*" - Effect: "Allow" Action: - "s3:GetObject" - Resource: "*" + Resource: !Sub "arn:${AWS::Partition}:s3:::${QsS3BucketName}/*" XrayHostProfile: Condition: EnableXray Type: AWS::IAM::InstanceProfile @@ -1006,7 +1018,7 @@ Resources: Roles: - !Ref XrayHostRole Path: / - XrayExistingVpcStack: + XrayPrimary: Condition: EnableXray DependsOn: ArtifactoryPrimary Type: AWS::CloudFormation::Stack @@ -1019,10 +1031,54 @@ Resources: PrivateSubnet1Id: !Ref PrivateSubnet1Id PrivateSubnet2Id: !Ref PrivateSubnet2Id KeyPairName: !Ref KeyPairName - MinScalingNodes: !Ref XrayNumberOfInstances - MaxScalingNodes: !Ref XrayNumberOfInstances + MinScalingNodes: 1 + MaxScalingNodes: 1 + DeploymentTag: 'xray' + QsS3BucketName: !Ref QsS3BucketName + QsS3KeyPrefix: !Ref QsS3KeyPrefix + QsS3Uri: !Sub + - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix} + - S3Bucket: !If + - UsingDefaultBucket + - !Sub 'aws-quickstart-${AWS::Region}' + - !Ref 'QsS3BucketName' + S3Region: !If + - UsingDefaultBucket + - !Ref 'AWS::Region' + - !Ref 'QsS3BucketRegion' + DatabaseDriver: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseDriver + DatabaseType: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseType + DatabaseUser: !Ref DatabaseUser + DatabasePassword: !Ref DatabasePassword + MasterKey: !Ref MasterKey + SecurityGroups: !Ref ArtifactoryEc2Sg + VolumeSize: !Ref VolumeSize + ExtraJavaOptions: !GetAtt ArtifactoryCoreInfraStack.Outputs.JavaOpts + XrayInstanceType: !Ref XrayInstanceType + JfrogInternalUrl: !Sub "http://${ArtifactoryInternalElb.DNSName}" + XrayDatabaseUser: !Ref XrayDatabaseUser + XrayDatabasePassword: !Ref XrayDatabasePassword + XrayMasterDatabaseUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayMasterDatabaseUrl + XrayDatabaseUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayDatabaseUrl + XrayVersion: !Ref XrayVersion + XrayHostRole: !Ref XrayHostRole + XrayHostProfile: !Ref XrayHostProfile + XraySecondary: + Condition: EnableXray + DependsOn: XrayPrimary + Type: AWS::CloudFormation::Stack + Properties: + TemplateURL: !Sub + - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}templates/jfrog-xray-ec2-instance.template.yaml + - S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName'] + S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion'] + Parameters: + PrivateSubnet1Id: !Ref PrivateSubnet1Id + PrivateSubnet2Id: !Ref PrivateSubnet2Id + KeyPairName: !Ref KeyPairName + MinScalingNodes: !Ref XrayNumberOfSecondary + MaxScalingNodes: !Ref XrayNumberOfSecondary DeploymentTag: 'xray' - ArtifactoryProduct: !Ref ArtifactoryProduct QsS3BucketName: !Ref QsS3BucketName QsS3KeyPrefix: !Ref QsS3KeyPrefix QsS3Uri: !Sub diff --git a/Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml new file mode 100644 index 0000000..d78c7b6 --- /dev/null +++ b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml @@ -0,0 +1,466 @@ +AWSTemplateFormatVersion: "2010-09-09" +Description: "Artifactory: Deploys the EC2 Autoscaling, LaunchConfig and instances (qs-1qpmmjh5o)" +Metadata: + cfn-lint: + config: + ignore_checks: + - W9006 + - W9002 + - W9003 + - W9004 + - E9101 + ignore_reasons: + - E9101: "'master' is part of the product naming conventions for now" +Parameters: + PrivateSubnetIds: + Type: List + MinScalingNodes: + Type: Number + MaxScalingNodes: + Type: Number + DeploymentTag: + Type: String + HostRole: + Type: String + QsS3BucketName: + Type: String + QsS3KeyPrefix: + Type: String + QsS3Uri: + Type: String + ArtifactoryLicensesSecretName: + Type: String + ArtifactoryServerName: + Type: String + Certificate: + Type: String + CertificateKey: + Type: String + NoEcho: 'true' + CertificateDomain: + Type: String + EnableSSL: + Type: String + ArtifactoryS3Bucket: + Type: String + DatabaseUrl: + Type: String + DatabaseDriver: + Type: String + DatabasePluginUrl: + Type: String + DatabasePlugin: + Type: String + DatabaseType: + Type: String + DatabaseUser: + Type: String + DatabasePassword: + Type: String + NoEcho: 'true' + MasterKey: + Type: String + NoEcho: 'true' + ExtraJavaOptions: + Type: String + ArtifactoryVersion: + Type: String + KeyPairName: + Type: AWS::EC2::KeyPair::KeyName + TargetGroupARN: + Type: String + SSLTargetGroupARN: + Type: String + InternalTargetGroupARN: + Type: String + HostProfile: + Type: String + SecurityGroups: + Type: String + InstanceType: + Type: String + # PrimaryVolume: + # Type: String + # VolumeSize: + # Type: Number + ArtifactoryEfsFileSystem: + Type: String + +# To populate additional mappings use following link +# https://raw.githubusercontent.com/aws-quickstart/quickstart-linux-bastion/master/templates/linux-bastion.template +Mappings: + AWSAMIRegionMap: + ap-northeast-1: + CentOS7HVM: "ami-06a46da680048c8ae" + ap-northeast-2: + CentOS7HVM: "ami-06e83aceba2cb0907" + ap-south-1: + CentOS7HVM: "ami-026f33d38b6410e30" + ap-southeast-1: + CentOS7HVM: "ami-07f65177cb990d65b" + ap-southeast-2: + CentOS7HVM: "ami-0b2045146eb00b617" + ca-central-1: + CentOS7HVM: "ami-04a25c39dc7a8aebb" + eu-central-1: + CentOS7HVM: "ami-0e8286b71b81c3cc1" + me-south-1: + CentOS7HVM: "ami-011c71a894b10f35b" + ap-east-1: + CentOS7HVM: "ami-0e5c29e6c87a9644f" + eu-north-1: + CentOS7HVM: "ami-05788af9005ef9a93" + eu-south-1: + CentOS7HVM: "ami-0a84267606bcea16b" + eu-west-1: + CentOS7HVM: "ami-0b850cf02cc00fdc8" + eu-west-2: + CentOS7HVM: "ami-09e5afc68eed60ef4" + eu-west-3: + CentOS7HVM: "ami-0cb72d2e599cffbf9" + sa-east-1: + CentOS7HVM: "ami-0b30f38d939dd4b54" + us-east-1: + CentOS7HVM: "ami-0affd4508a5d2481b" + us-east-2: + CentOS7HVM: "ami-01e36b7901e884a10" + us-west-1: + CentOS7HVM: "ami-098f55b4287a885ba" + us-west-2: + CentOS7HVM: "ami-0bc06212a56393ee1" + cn-north-1: + CentOS7HVM: "ami-0e02aaefeb74c3373" + cn-northwest-1: + CentOS7HVM: "ami-07183a7702633260b" + us-gov-east-1: + CentOS7HVM: "ami-00e30c71" + us-gov-west-1: + CentOS7HVM: "ami-bbba86da" + +Resources: + ArtifactoryScalingGroup: + Type: AWS::AutoScaling::AutoScalingGroup + Properties: + LaunchConfigurationName: !Ref ArtifactoryLaunchConfiguration + VPCZoneIdentifier: !Ref PrivateSubnetIds + MinSize: !Ref MinScalingNodes + MaxSize: !Ref MaxScalingNodes + Cooldown: '300' + DesiredCapacity: !Ref MinScalingNodes + TargetGroupARNs: + - !Ref TargetGroupARN + - !Ref SSLTargetGroupARN + - !Ref InternalTargetGroupARN + HealthCheckType: ELB + HealthCheckGracePeriod: 1800 + Tags: + - Key: Name + Value: !Ref DeploymentTag + PropagateAtLaunch: true + - Key: ArtifactoryVersion + Value: !Ref ArtifactoryVersion + PropagateAtLaunch: true + TerminationPolicies: + - OldestInstance + - Default + CreationPolicy: + ResourceSignal: + Count: !Ref MinScalingNodes + Timeout: PT60M + + ArtifactoryLaunchConfiguration: + Type: AWS::AutoScaling::LaunchConfiguration + Metadata: + AWS::CloudFormation::Authentication: + S3AccessCreds: + type: S3 + roleName: + - !Ref HostRole # !Ref ArtifactoryHostRole + buckets: + - !Ref QsS3BucketName + AWS::CloudFormation::Init: + configSets: + jfrog_ami_setup: + - "config-cloudwatch" + - "config-ansible-art-ami" + - "config-artifactory" + - "secure-artifactory" + artifactory_install: + - "config-cloudwatch" + - "config-artifactory" + - "secure-artifactory" + config-cloudwatch: + files: + /root/cloudwatch.conf: + content: | + [general] + state_file = /var/awslogs/state/agent-state + + [/var/log/messages] + file = /var/log/messages + log_group_name = /artifactory/instances/{instance_id} + log_stream_name = /var/log/messages/ + datetime_format = %b %d %H:%M:%S + + [/var/log/amazon/efs] + file = /var/log/amazon/efs + log_group_name = /artifactory/instances/{instance_id} + log_stream_name = /var/log/amazon/efs/ + datetime_format = %b %d %H:%M:%S + + [/var/log/jfrog-ami-setup.log] + file = /var/log/messages + log_group_name = /artifactory/instances/{instance_id} + log_stream_name = /var/log/jfrog-ami-setup.log + datetime_format = %b %d %H:%M:%S + + [/var/log/jfrog-ami-artifactory.log] + file = /var/log/messages + log_group_name = /artifactory/instances/{instance_id} + log_stream_name = /var/log/jfrog-ami-artifactory.log + datetime_format = %b %d %H:%M:%S + mode: "0400" + config-ansible-art-ami: + files: + /root/.jfrog_ami/jfrog-ami-setup.yml: + content: !Sub | + # Base install for JFrogAMIInstance + - import_playbook: artifactory-ami.yml + vars: + ami_creation: false + artifactory_ha_enabled: false + artifactory_tar: "https://releases.jfrog.io/artifactory/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/${ArtifactoryVersion}/jfrog-artifactory-pro-${ArtifactoryVersion}-linux.tar.gz" + artifactory_version: ${ArtifactoryVersion} + db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" + db_type: "postgresql" + db_driver: "org.postgresql.Driver" + mode: "0400" + # config-artifactory-primary: + # files: + # /root/attach_volume.sh: + # content: !Sub | + # #!/usr/bin/env bash + + # echo "Using primary volume ID ${PrimaryVolume}" + # VOLUME_ID="${PrimaryVolume}" + # echo "VOLUME_ID: $VOLUME_ID" + # if [[ -z "$VOLUME_ID" ]]; then + # echo 'Invalid $VOLUME_ID' + # exit 1 + # fi + + # # Get instance id from AWS + # INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id) + + # # Attach the volume created by another CFT + # # the device name should become /dev/nvme1n1 + # # See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nvme-ebs-volumes.html + # echo "Attaching volume $VOLUME_ID to instance $INSTANCE_ID" + # /var/awslogs/bin/aws ec2 attach-volume --volume-id $VOLUME_ID --instance-id $INSTANCE_ID --device /dev/xvdf --region ${AWS::Region} + + # echo "Wait for volume $VOLUME_ID to attach" + # sleep 30 # Give volume time to attach + # lsblk # debug + # mode: "0770" + config-artifactory: + files: + /root/mount_efs.sh: + content: !Sub | + #!/usr/bin/env bash + + ARTIFACTORY_HOME="/opt/jfrog/artifactory-pro-${ArtifactoryVersion}" + # Get instance id from AWS + INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id) + + EFS_FILE_SYSTEM_ID="${ArtifactoryEfsFileSystem}" + EFS_MOUNT_POINT="/efsmount" + EFS_MOUNT_TARGET_DNS="$EFS_FILE_SYSTEM_ID.efs.${AWS::Region}.amazonaws.com" + + echo "before mounting efs" + ls -l / + mkdir -p $EFS_MOUNT_POINT + mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport $EFS_MOUNT_TARGET_DNS:/ $EFS_MOUNT_POINT + chmod go+rw $EFS_MOUNT_POINT + echo "after mounting efs" + ls -l / + + # mkdir -p $EFS_MOUNT_POINT/$INSTANCE_ID/var + # mkdir -p $ARTIFACTORY_HOME + # ln -s $EFS_MOUNT_POINT/$INSTANCE_ID/var $ARTIFACTORY_HOME + + echo "before creating plugins folder" + echo ls -l $EFS_MOUNT_POINT + ls -l $EFS_MOUNT_POINT + mkdir -p $EFS_MOUNT_POINT/plugins + echo ls -l $ARTIFACTORY_HOME/var/etc/artifactory + ls -l $ARTIFACTORY_HOME/var/etc/artifactory + + # mkdir -p $ARTIFACTORY_HOME/var/etc/artifactory + # ln -s $EFS_MOUNT_POINT/plugins $ARTIFACTORY_HOME/var/etc/artifactory + # echo ls -l $ARTIFACTORY_HOME/var/etc/artifactory + # ls -l $ARTIFACTORY_HOME/var/etc/artifactory + + mode: "0770" + /root/.jfrog_ami/artifactory.yml: + content: !Sub | + # Base install for Artifactory + - import_playbook: site-artifactory.yml + vars: + artifactory_download_directory: "/opt/jfrog" + artifactory_home: "/opt/jfrog/artifactory-pro-${ArtifactoryVersion}" + artifactory_ha_enabled: true + artifactory_server_name: ${ArtifactoryServerName} + server_name: ${ArtifactoryServerName}.${CertificateDomain} + s3_region: ${AWS::Region} + s3_bucket: ${ArtifactoryS3Bucket} + certificate: ${Certificate} + certificate_key: ${CertificateKey} + certificate_domain: ${CertificateDomain} + enable_ssl: ${EnableSSL} + ssl_dir: /etc/pki/tls/certs + db_type: ${DatabaseType} + db_driver: ${DatabaseDriver} + db_url: ${DatabaseUrl} + db_user: ${DatabaseUser} + db_password: ${DatabasePassword} + master_key: ${MasterKey} + join_key: ${MasterKey} + extra_java_opts: ${ExtraJavaOptions} + artifactory_version: ${ArtifactoryVersion} + artifactory_keystore: + path: /opt/jfrog/artifactory/app/third-party/java/lib/security/cacerts + default_password: changeit + new_keystore_pass: ${DatabasePassword} + artifactory_java_db_drivers: + - name: ${DatabasePlugin} + url: ${DatabasePluginUrl} + owner: artifactory + group: artifactory + product_id: 'CloudFormation_SP_EC2/1.0.0' + mode: "0400" + /root/.vault_pass.txt: + content: !Sub | + ${DatabasePassword} + mode: "0400" + /root/.secureit.sh: + content: + ansible-vault encrypt /root/.jfrog_ami/artifactory.yml --vault-id /root/.vault_pass.txt + mode: "0770" + secure-artifactory: + commands: + 'secure ansible playbook': + command: '/root/.secureit.sh' + ignoreErrors: 'false' + Properties: + KeyName: !Ref KeyPairName + IamInstanceProfile: !Ref HostProfile + ImageId: !FindInMap + - AWSAMIRegionMap + - !Ref AWS::Region + - 'CentOS7HVM' + SecurityGroups: + - !Ref SecurityGroups + InstanceType: !Ref InstanceType + # BlockDeviceMappings: + # - DeviceName: /dev/xvda + # Ebs: + # VolumeSize: !Ref VolumeSize + # VolumeType: gp2 + # DeleteOnTermination: true + # Encrypted: true + UserData: + Fn::Base64: + !Sub | + #!/bin/bash -x + + #CFN Functions + + function cfn_fail + + { + + cfn-signal -e 1 --stack ${AWS::StackName} --region ${AWS::Region} --resource ArtifactoryScalingGroup + + exit 1 + + } + + function cfn_success + + { + + cfn-signal -e 0 --stack ${AWS::StackName} --region ${AWS::Region} --resource ArtifactoryScalingGroup + + exit 0 + + } + + S3URI=${QsS3Uri} + + # Update OS + yum update -y + + # Install EPEL Repository + yum install -y epel-release + + # Install git, jq, nfs-utils, policycoreutils python + yum install -y git jq nfs-utils policycoreutils-python + + yum update --security -y 2>&1 | tee /var/log/userdata.yum_security_update.log + + yum install -y python3 libselinux-python3 + + echo $PATH + + PATH=/opt/aws/bin:$PATH + + echo $PATH + + # Create virtual env and activate + python3 -m venv ~/venv --system-site-packages + source ~/venv/bin/activate + + pip install --upgrade pip + pip install wheel + + # Install Cloudformation helper scripts + pip install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz 2>&1 | tee /var/log/userdata.aws_cfn_bootstrap_install.log + + pip install awscli 2>&1 | tee /var/log/userdata.awscli_install.log + + pip install ansible 2>&1 | tee /var/log/userdata.ansible_install.log + + mkdir ~/.jfrog_ami + + aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.jfrog_ami/ || cfn_fail + + setsebool httpd_can_network_connect 1 -P + + # CentOS cloned virtual machines do not create a new machine id + # https://www.thegeekdiary.com/centos-rhel-7-how-to-change-the-machine-id/ + rm -f /etc/machine-id + systemd-machine-id-setup + + cfn-init -v --stack ${AWS::StackName} --resource ArtifactoryLaunchConfiguration --configsets jfrog_ami_setup --region ${AWS::Region} || cfn_fail + + # Setup CloudWatch Agent + curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O + chmod +x ./awslogs-agent-setup.py + ./awslogs-agent-setup.py -n -r ${AWS::Region} -c /root/cloudwatch.conf 2>&1 | tee /var/log/userdata.cloudwatch_agent_install.log + + /root/mount_efs.sh 2>&1 | tee /var/log/jfrog-efs-mount.log || cfn_fail + + #/root/attach_volume.sh || cfn_fail + + ansible-galaxy collection install community.general ansible.posix + + setsebool httpd_can_network_connect 1 -P + aws secretsmanager get-secret-value --secret-id ${ArtifactoryLicensesSecretName} --region ${AWS::Region} | jq -r '{"artifactory_licenses":(.SecretString | fromjson )}' > ~/.jfrog_ami/licenses.json || cfn_fail + + ansible-playbook /root/.jfrog_ami/jfrog-ami-setup.yml --vault-id /root/.vault_pass.txt 2>&1 | tee /var/log/jfrog-ami-setup.log || cfn_fail + ansible-playbook /root/.jfrog_ami/artifactory.yml -e "@~/.jfrog_ami/licenses.json" --vault-id /root/.vault_pass.txt 2>&1 | tee /var/log/jfrog-ami-artifactory.log || cfn_fail + + rm -rf /root/.secureit.sh + + cfn_success &> /var/log/cfn_success.log + cfn_success || cfn_fail diff --git a/Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-master.template.yaml b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-main.template.yaml similarity index 92% rename from Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-master.template.yaml rename to Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-main.template.yaml index 933220c..9c66a0c 100644 --- a/Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-master.template.yaml +++ b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-ec2-main.template.yaml @@ -1,6 +1,12 @@ AWSTemplateFormatVersion: '2010-09-09' Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh2f)' Metadata: + cfn-lint: + config: + ignore_checks: + - E9101 + ignore_reasons: + - E9101: "'master' is part of the product naming conventions for now" QuickStartDocumentation: EntrypointName: "Parameters for launching into a new VPC" Order: "1" @@ -39,7 +45,6 @@ Metadata: - Label: default: JFrog Artifactory configuration Parameters: - - ArtifactoryProduct - ArtifactoryVersion - NumberOfSecondary - SmLicenseName @@ -52,7 +57,6 @@ Metadata: default: Amazon RDS configuration Parameters: - DatabaseName - - DatabaseEngine - DatabaseUser - DatabasePassword - DatabaseInstance @@ -70,7 +74,7 @@ Metadata: Parameters: - InstallXray - XrayVersion - - XrayNumberOfInstances + - XrayNumberOfSecondary - XrayInstanceType - XrayDatabaseUser - XrayDatabasePassword @@ -113,8 +117,6 @@ Metadata: default: EC2 instance type NumberOfSecondary: default: Secondary instances - ArtifactoryProduct: - default: Artifactory product to install ArtifactoryVersion: default: Artifactory version SmLicenseName: @@ -131,8 +133,6 @@ Metadata: default: Default Java memory settings DatabaseName: default: Database name - DatabaseEngine: - default: Database engine DatabaseUser: default: Database user DatabasePassword: @@ -155,8 +155,8 @@ Metadata: default: Install JFrog Xray XrayVersion: default: Version of Xray to install - XrayNumberOfInstances: - default: Number of JFrog XrayNumberOfInstances + XrayNumberOfSecondary: + default: Number of JFrog Xray secondary instances XrayInstanceType: default: Xray instance type XrayDatabaseUser: @@ -332,19 +332,11 @@ Parameters: - 7 Default: 2 Type: Number - ArtifactoryProduct: - Description: JFrog Artifactory product you want to install into an AMI. - AllowedValues: - - JFrog-Artifactory-Pro - - JFrog-Artifactory-Enterprise - - JFrog-Container-Registry - Default: JFrog-Artifactory-Enterprise - Type: String ArtifactoryVersion: Description: Version of Artifactory that you want to deploy into the Quick Start. To select the correct version, see the release notes at https://www.jfrog.com/confluence/display/RTF/Release+Notes. - Default: 7.18.6 + Default: 7.21.5 Type: String SmLicenseName: Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses. @@ -390,12 +382,6 @@ Parameters: ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter. Default: artdb Type: String - DatabaseEngine: - Description: Database engine that you want to run. - AllowedValues: - - Postgres - Default: Postgres - Type: String DatabaseUser: Description: Login ID for the master user of your database instance. MinLength: '1' @@ -406,27 +392,23 @@ Parameters: Type: String DatabasePassword: Description: Password for the Artifactory database user. - AllowedPattern: ^[^ \\']+$ + AllowedPattern: ^[^ \\'"]+$ MinLength: '8' - MaxLength: '12' - ConstraintDescription: Must be at least 8 and no more than - 12 characters containing letters and (minimum 1 capital letter), numbers and - symbols. + MaxLength: '20' + ConstraintDescription: Must be at least 8 and no more than 20 printable ASCII characters (letters, numbers and symbols. + Can't contain any of / (slash), '(single quote), "(double quote) and @ (at sign). NoEcho: 'true' Type: String DatabaseInstance: Description: Size of the database to be deployed as part of the Quick Start. AllowedValues: - - db.m5.large - - db.m5.xlarge - - db.m5.2xlarge - - db.m5.10xlarge - - db.m5.16xlarge - db.m5.large - db.m5.xlarge - db.m5.2xlarge - db.m5.4xlarge + - db.m5.8xlarge - db.m5.12xlarge + - db.m5.16xlarge - db.m5.24xlarge ConstraintDescription: Must be a valid database Instance Type. Default: db.m5.large @@ -481,15 +463,15 @@ Parameters: Type: String XrayVersion: Description: The version of Xray that you want to deploy into the Quick Start. - Default: 3.24.2 + Default: 3.27.2 Type: String - XrayNumberOfInstances: - Description: The number of Xray instances servers to complete your - HA deployment. The minimum number is one; the maximum is seven. + XrayNumberOfSecondary: + Description: The number of Xray secondary instances servers to complete your + HA deployment. The minimum number is zero; the maximum is six. Do not select more than instances than you have licenses for. - MinValue: 1 - MaxValue: 7 - Default: 1 + MinValue: 0 + MaxValue: 6 + Default: 0 Type: Number XrayInstanceType: Description: The EC2 instance type for the Xray instances. @@ -509,12 +491,11 @@ Parameters: Type: String XrayDatabasePassword: Description: The password for the Xray database user. - AllowedPattern: ^[^ \\']+$ + AllowedPattern: ^[^ \\'"]+$ MinLength: '8' - MaxLength: '12' - ConstraintDescription: Must be at least 8 and no more than - 12 characters containing letters and (minimum 1 capital letter), numbers and - symbols. + MaxLength: '20' + ConstraintDescription: Must be at least 8 and no more than 20 printable ASCII characters (letters, numbers and symbols. + Can't contain any of / (slash), '(single quote), "(double quote) and @ (at sign). NoEcho: 'true' Type: String Conditions: @@ -525,7 +506,7 @@ Resources: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template + - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml - S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName'] S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion'] Parameters: @@ -533,8 +514,6 @@ Resources: Fn::Join: - ',' - Ref: AvailabilityZones - KeyPairName: - Ref: KeyPairName NumberOfAZs: '2' PrivateSubnet1ACIDR: Ref: PrivateSubnet1Cidr @@ -554,10 +533,10 @@ Resources: - S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName'] S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion'] Parameters: - AvailabilityZones: - Fn::Join: - - ',' - - Ref: AvailabilityZones + # AvailabilityZones: + # Fn::Join: + # - ',' + # - Ref: AvailabilityZones KeyPairName: !Ref KeyPairName VpcId: !GetAtt ArtifactoryVpcStack.Outputs.VPCID VpcCidr: !Ref VpcCidr @@ -579,7 +558,6 @@ Resources: VolumeSize: !Ref VolumeSize InstanceType: !Ref InstanceType NumberOfSecondary: !Ref NumberOfSecondary - ArtifactoryProduct: !Ref ArtifactoryProduct ArtifactoryVersion: !Ref ArtifactoryVersion SmLicenseName: !Ref SmLicenseName SmCertName: !Ref SmCertName @@ -588,7 +566,6 @@ Resources: ExtraJavaOptions: !Ref ExtraJavaOptions DefaultJavaMemSettings: !Ref DefaultJavaMemSettings DatabaseName: !Ref DatabaseName - DatabaseEngine: !Ref DatabaseEngine DatabaseUser: !Ref DatabaseUser DatabasePassword: !Ref DatabasePassword DatabaseInstance: !Ref DatabaseInstance @@ -600,7 +577,7 @@ Resources: QsS3BucketRegion: !Ref QsS3BucketRegion InstallXray: !Ref InstallXray XrayVersion: !Ref XrayVersion - XrayNumberOfInstances: !Ref XrayNumberOfInstances + XrayNumberOfSecondary: !Ref XrayNumberOfSecondary XrayInstanceType: !Ref XrayInstanceType XrayDatabaseUser: !Ref XrayDatabaseUser XrayDatabasePassword: !Ref XrayDatabasePassword diff --git a/Amazon/artifactory7/latest/templates/jfrog-artifactory-pro-ec2-existing-vpc-master.template.yaml b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-pro-ec2-existing-vpc-main.template.yaml similarity index 96% rename from Amazon/artifactory7/latest/templates/jfrog-artifactory-pro-ec2-existing-vpc-master.template.yaml rename to Amazon/artifactory7/v7215/templates/jfrog-artifactory-pro-ec2-existing-vpc-main.template.yaml index e628d06..bdb25cd 100644 --- a/Amazon/artifactory7/latest/templates/jfrog-artifactory-pro-ec2-existing-vpc-master.template.yaml +++ b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-pro-ec2-existing-vpc-main.template.yaml @@ -156,13 +156,13 @@ Parameters: Description: CIDR of the private subnet 1 in Availability Zone 1 of your existing VPC (e.g., 10.0.0.0/19). AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 - Default: 10.0.128.0/20 + Default: 10.0.0.0/19 Type: String PrivateSubnet2Cidr: Description: CIDR of the private subnet 2 in Availability Zone 1 of your existing VPC (e.g., 10.0.0.0/19). AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 - Default: 10.0.144.0/20 + Default: 10.0.32.0/19 Type: String AccessCidr: Description: CIDR IP range that is permitted to access Artifactory. @@ -220,7 +220,7 @@ Parameters: https://www.jfrog.com/confluence/display/RTF/Release+Notes. AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$ ConstraintDescription: A version that matches X.X.X per Artifactory releases. - Default: 7.18.6 + Default: 7.21.5 Type: String SmLicenseName: Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses. @@ -245,27 +245,23 @@ Parameters: Type: String DatabasePassword: Description: Password for the Artifactory database user. - AllowedPattern: ^[^ \\']+$ + AllowedPattern: ^[^ \\'"]+$ MinLength: '8' - MaxLength: '12' - ConstraintDescription: Must be at least 8 and no more than - 12 characters containing letters and (minimum 1 capital letter), numbers and - symbols. + MaxLength: '20' + ConstraintDescription: Must be at least 8 and no more than 20 printable ASCII characters (letters, numbers and symbols. + Can't contain any of / (slash), '(single quote), "(double quote) and @ (at sign). NoEcho: 'true' Type: String DatabaseInstance: Description: Size of the database to be deployed as part of the Quick Start. AllowedValues: - - db.m5.large - - db.m5.xlarge - - db.m5.2xlarge - - db.m5.10xlarge - - db.m5.16xlarge - db.m5.large - db.m5.xlarge - db.m5.2xlarge - db.m5.4xlarge + - db.m5.8xlarge - db.m5.12xlarge + - db.m5.16xlarge - db.m5.24xlarge ConstraintDescription: Must be a valid database Instance Type. Default: db.m5.large @@ -292,7 +288,7 @@ Parameters: Description: The version of Xray that you want to deploy into the Quick Start. AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$ ConstraintDescription: A version that matches X.X.X per Xray releases. - Default: 3.24.2 + Default: 3.27.2 Type: String XrayInstanceType: Description: The EC2 instance type for the Xray instances. @@ -313,12 +309,10 @@ Resources: - S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName'] S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion'] Parameters: - AvailabilityZones: !Join [',', [!Ref DatabasePreferredAz]] KeyPairName: !Ref KeyPairName ProvisionBastionHost: "Enabled" AccessCidr: !Ref AccessCidr RemoteAccessCidr: !Ref RemoteAccessCidr - ArtifactoryProduct: 'JFrog-Artifactory-Pro' ArtifactoryVersion: !Ref ArtifactoryVersion VolumeSize: !Ref VolumeSize InstanceType: !Ref InstanceType diff --git a/Amazon/artifactory7/latest/templates/jfrog-artifactory-pro-ec2-new-vpc-master.template.yaml b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-pro-ec2-new-vpc-main.template.yaml similarity index 95% rename from Amazon/artifactory7/latest/templates/jfrog-artifactory-pro-ec2-new-vpc-master.template.yaml rename to Amazon/artifactory7/v7215/templates/jfrog-artifactory-pro-ec2-new-vpc-main.template.yaml index 26ecf01..8aaadcf 100644 --- a/Amazon/artifactory7/latest/templates/jfrog-artifactory-pro-ec2-new-vpc-master.template.yaml +++ b/Amazon/artifactory7/v7215/templates/jfrog-artifactory-pro-ec2-new-vpc-main.template.yaml @@ -174,7 +174,7 @@ Parameters: Description: Version of Artifactory that you want to deploy into the Quick Start. To select the correct version, see the release notes at https://www.jfrog.com/confluence/display/RTF/Release+Notes. - Default: 7.18.6 + Default: 7.21.5 Type: String SmLicenseName: Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses. @@ -199,27 +199,23 @@ Parameters: Type: String DatabasePassword: Description: Password for the Artifactory database user. - AllowedPattern: ^[^ \\']+$ + AllowedPattern: ^[^ \\'"]+$ MinLength: '8' - MaxLength: '12' - ConstraintDescription: Must be at least 8 and no more than - 12 characters containing letters and (minimum 1 capital letter), numbers and - symbols. + MaxLength: '20' + ConstraintDescription: Must be at least 8 and no more than 20 printable ASCII characters (letters, numbers and symbols. + Can't contain any of / (slash), '(single quote), "(double quote) and @ (at sign). NoEcho: 'true' Type: String DatabaseInstance: Description: Size of the database to be deployed as part of the Quick Start. AllowedValues: - - db.m5.large - - db.m5.xlarge - - db.m5.2xlarge - - db.m5.10xlarge - - db.m5.16xlarge - db.m5.large - db.m5.xlarge - db.m5.2xlarge - db.m5.4xlarge + - db.m5.8xlarge - db.m5.12xlarge + - db.m5.16xlarge - db.m5.24xlarge ConstraintDescription: Must be a valid database Instance Type. Default: db.m5.large @@ -240,7 +236,7 @@ Parameters: Type: String XrayVersion: Description: The version of Xray that you want to deploy into the Quick Start. - Default: 3.24.2 + Default: 3.27.2 Type: String XrayInstanceType: Description: The EC2 instance type for the Xray instances. @@ -257,7 +253,7 @@ Resources: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}templates/jfrog-artifactory-ec2-master.template.yaml + - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}templates/jfrog-artifactory-ec2-main.template.yaml - S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName'] S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion'] Parameters: @@ -265,7 +261,6 @@ Resources: ProvisionBastionHost: "Enabled" AccessCidr: !Ref AccessCidr RemoteAccessCidr: !Ref RemoteAccessCidr - ArtifactoryProduct: 'JFrog-Artifactory-Pro' ArtifactoryVersion: !Ref ArtifactoryVersion VolumeSize: !Ref VolumeSize InstanceType: !Ref InstanceType diff --git a/Amazon/artifactory7/latest/templates/jfrog-xray-ec2-instance.template.yaml b/Amazon/artifactory7/v7215/templates/jfrog-xray-ec2-instance.template.yaml similarity index 88% rename from Amazon/artifactory7/latest/templates/jfrog-xray-ec2-instance.template.yaml rename to Amazon/artifactory7/v7215/templates/jfrog-xray-ec2-instance.template.yaml index 11c93e6..4259b66 100644 --- a/Amazon/artifactory7/latest/templates/jfrog-xray-ec2-instance.template.yaml +++ b/Amazon/artifactory7/v7215/templates/jfrog-xray-ec2-instance.template.yaml @@ -1,5 +1,16 @@ AWSTemplateFormatVersion: "2010-09-09" -Description: "Xray: Deploys the EC2 Autoscaling, LaunchConfig and instances" +Description: "Xray: Deploys the EC2 Autoscaling, LaunchConfig and instances (qs-1rtidak0g)" +Metadata: + cfn-lint: + config: + ignore_checks: + - W9006 + - W9002 + - W9003 + - W9004 + - E9101 + ignore_reasons: + - E9101: "'master' is part of the product naming conventions for now" Parameters: PrivateSubnet1Id: Type: 'AWS::EC2::Subnet::Id' @@ -13,14 +24,6 @@ Parameters: Type: Number DeploymentTag: Type: String - ArtifactoryProduct: - Description: JFrog Artifactory product you want to install into an AMI. - AllowedValues: - - JFrog-Artifactory-Pro - - JFrog-Artifactory-Enterprise - - JFrog-Container-Registry - Default: JFrog-Artifactory-Enterprise - Type: String QsS3BucketName: Type: String QsS3KeyPrefix: @@ -64,33 +67,41 @@ Parameters: Type: String XrayVersion: Type: String - UserDataDirectory: - Description: Directory to store Artifactory data. Can be used to store data (via symlink) in detachable volume - Type: String - Default: '/xray-user-data' # To populate additional mappings use the following with the desired --region # aws --region us-west-2 ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId' Mappings: AWSAMIRegionMap: ap-northeast-1: - CentOS7HVM: "ami-00a5245b4816c38e6" + CentOS7HVM: "ami-06a46da680048c8ae" ap-northeast-2: - CentOS7HVM: "ami-00dc207f8ba6dc919" + CentOS7HVM: "ami-06e83aceba2cb0907" ap-south-1: - CentOS7HVM: "ami-0ad42f4f66f6c1cc9" + CentOS7HVM: "ami-026f33d38b6410e30" ap-southeast-1: - CentOS7HVM: "ami-05b3bcf7f311194b3" + CentOS7HVM: "ami-07f65177cb990d65b" ap-southeast-2: - CentOS7HVM: "ami-02fd0b06f06d93dfc" + CentOS7HVM: "ami-0b2045146eb00b617" ca-central-1: - CentOS7HVM: "ami-07423fb63ea0a0930" + CentOS7HVM: "ami-04a25c39dc7a8aebb" eu-central-1: - CentOS7HVM: "ami-0cfbf4f6db41068ac" + CentOS7HVM: "ami-0e8286b71b81c3cc1" + me-south-1: + CentOS7HVM: "ami-011c71a894b10f35b" + ap-east-1: + CentOS7HVM: "ami-0e5c29e6c87a9644f" + eu-north-1: + CentOS7HVM: "ami-05788af9005ef9a93" + eu-south-1: + CentOS7HVM: "ami-0a84267606bcea16b" eu-west-1: - CentOS7HVM: "ami-08935252a36e25f85" + CentOS7HVM: "ami-0b850cf02cc00fdc8" + eu-west-2: + CentOS7HVM: "ami-09e5afc68eed60ef4" + eu-west-3: + CentOS7HVM: "ami-0cb72d2e599cffbf9" sa-east-1: - CentOS7HVM: "ami-05145e0b28ad8e0b2" + CentOS7HVM: "ami-0b30f38d939dd4b54" us-east-1: CentOS7HVM: "ami-0affd4508a5d2481b" us-east-2: @@ -99,9 +110,16 @@ Mappings: CentOS7HVM: "ami-098f55b4287a885ba" us-west-2: CentOS7HVM: "ami-0bc06212a56393ee1" - + cn-north-1: + CentOS7HVM: "ami-0e02aaefeb74c3373" + cn-northwest-1: + CentOS7HVM: "ami-07183a7702633260b" + us-gov-east-1: + CentOS7HVM: "ami-00e30c71" + us-gov-west-1: + CentOS7HVM: "ami-bbba86da" Conditions: - IsArtifactoryPro: !Equals [!Ref ArtifactoryProduct, 'JFrog-Artifactory-Pro'] + IsArtifactoryPro: !Equals [!Ref MaxScalingNodes, '1'] Resources: XrayScalingGroup: @@ -196,8 +214,6 @@ Resources: - import_playbook: site-xray.yml vars: jfrog_url: ${JfrogInternalUrl} - use_custom_data_directory: true - custom_data_directory: "${UserDataDirectory}" master_key: ${MasterKey} join_key: ${MasterKey} extra_java_opts: ${ExtraJavaOptions} diff --git a/Amazon/artifactory7/latest/templates/jfrog-artifactory-core-infrastructure.template.yaml b/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-core-infrastructure.template.yaml similarity index 75% rename from Amazon/artifactory7/latest/templates/jfrog-artifactory-core-infrastructure.template.yaml rename to Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-core-infrastructure.template.yaml index da6c649..90f0ea8 100644 --- a/Amazon/artifactory7/latest/templates/jfrog-artifactory-core-infrastructure.template.yaml +++ b/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-core-infrastructure.template.yaml @@ -32,8 +32,6 @@ Parameters: Type: List DatabaseAllocatedStorage: Type: Number - DatabasePreferredAz: - Type: String MultiAzDatabase: Description: Choose false to create an Amazon RDS instance in a single Availability Zone. ConstraintDescription: True or False @@ -41,8 +39,6 @@ Parameters: - "true" - "false" Type: String - DatabaseEngine: - Type: String DatabaseUser: Type: String DatabasePassword: @@ -67,15 +63,6 @@ Parameters: Type: Number Mappings: - DatabaseMap: - Postgres: - Name: postgresql - DatabaseVersion: 11.5 - Driver: "org.postgresql.Driver" - Plugin: postgresql-42.2.9.jar - PluginURL: https://jdbc.postgresql.org/download/ - port: "5432" - extraDatabaseOps: "" ReleaseStageMap: BETA: ProDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/artifactory-pro" @@ -91,14 +78,6 @@ Mappings: JFrog-Artifactory-Pro: RepoName: ProDockerRepo JavaOptionstoInstance: - c5.2xlarge: - Min: 8 - Max: 12 - DeploymentSize: Small - c5.4xlarge: - Min: 16 - Max: 24 - DeploymentSize: Large m5.large: Min: 4 Max: 4 @@ -228,9 +207,6 @@ Mappings: Max: 288 DeploymentSize: xxxLarge -Conditions: - IsMultiAzDatabase: !Equals [!Ref MultiAzDatabase, 'true'] - Resources: ArtifactoryDatabaseSubnetGroup: Type: AWS::RDS::DBSubnetGroup @@ -241,19 +217,14 @@ Resources: Type: AWS::RDS::DBInstance Properties: AllocatedStorage: !Ref DatabaseAllocatedStorage - AvailabilityZone: !If [IsMultiAzDatabase, !Ref AWS::NoValue, !Ref DatabasePreferredAz] - BackupRetentionPeriod: 30 + MultiAZ: !Ref MultiAzDatabase + Engine: Postgres + EngineVersion: "11.5" + MasterUsername: !Ref DatabaseUser + MasterUserPassword: !Ref DatabasePassword DBInstanceClass: !Ref DatabaseInstance DBName: !Ref DatabaseName DBSubnetGroupName: !Ref ArtifactoryDatabaseSubnetGroup - Engine: !Ref DatabaseEngine - EngineVersion: !FindInMap - - DatabaseMap - - !Ref DatabaseEngine - - DatabaseVersion - MasterUsername: !Ref DatabaseUser - MasterUserPassword: !Ref DatabasePassword - MultiAZ: !Ref MultiAzDatabase StorageEncrypted: true VPCSecurityGroups: - !Ref ArtifactoryDatabaseSG @@ -271,34 +242,16 @@ Resources: ToPort: 22 CidrIp: !Ref VpcCidr - IpProtocol: tcp - FromPort: !FindInMap - - DatabaseMap - - !Ref DatabaseEngine - - port - ToPort: !FindInMap - - DatabaseMap - - !Ref DatabaseEngine - - port + FromPort: 5432 + ToPort: 5432 CidrIp: !Ref PrivateSubnet1Cidr - IpProtocol: tcp - FromPort: !FindInMap - - DatabaseMap - - !Ref DatabaseEngine - - port - ToPort: !FindInMap - - DatabaseMap - - !Ref DatabaseEngine - - port + FromPort: 5432 + ToPort: 5432 CidrIp: !Ref PrivateSubnet2Cidr - IpProtocol: tcp - FromPort: !FindInMap - - DatabaseMap - - !Ref DatabaseEngine - - port - ToPort: !FindInMap - - DatabaseMap - - !Ref DatabaseEngine - - port + FromPort: 5432 + ToPort: 5432 CidrIp: !Ref PrivateSubnet3Cidr SecurityGroupEgress: - IpProtocol: tcp @@ -348,12 +301,9 @@ Resources: Type: AWS::EC2::Volume Properties: AvailabilityZone: - !If - - IsMultiAzDatabase - - !Select - - '0' - - !Ref AvailabilityZones - - !Ref DatabasePreferredAz + !Select + - '0' + - !Ref AvailabilityZones Encrypted: false Size: !Ref VolumeSize Tags: @@ -362,46 +312,31 @@ Resources: VolumeType: gp2 DeletionPolicy: Snapshot UpdateReplacePolicy: Snapshot + Outputs: S3Bucket: Value: !Ref ArtifactoryS3Bucket Description: Actual S3 bucket created for Artifactory DatabaseDriver: - Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver] + Value: "org.postgresql.Driver" DatabasePlugin: - Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin] + Value: postgresql-42.2.9.jar DatabasePluginUrl: - Value: !Sub - - "${MainURL}${PluginVersion}" - - { - MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL], - PluginVersion: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin] - } + Value: https://jdbc.postgresql.org/download/postgresql-42.2.9.jar" DatabaseType: - Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name] + Value: postgresql DatabaseUrl: Value: !Sub - - "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}" - - { - DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name], - ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address, - port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], - extraDatabaseOps: !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps], - } + - "jdbc:postgresql://${ArtifactoryDatabaseEndpointAddress}:5432/${DatabaseName}" + - ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address XrayMasterDatabaseUrl: Value: !Sub - - "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable" - - { - ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address, - port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], - } + - "${ArtifactoryDatabaseEndpointAddress}:5432/${DatabaseName}?sslmode=disable" + - ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address XrayDatabaseUrl: Value: !Sub - - "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable" - - { - ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address, - port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], - } + - "${ArtifactoryDatabaseEndpointAddress}:5432/xraydb?sslmode=disable" + - ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address ProDockerRepo: Value: !FindInMap - ReleaseStageMap diff --git a/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml b/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml new file mode 100644 index 0000000..bda386a --- /dev/null +++ b/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml @@ -0,0 +1,802 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: 'JFrog Artifactory Quick Start Deployment into an Existing VPC (qs-1q037efj0)' +Metadata: + QuickStartDocumentation: + EntrypointName: "Launch into an existing VPC" + AWS::CloudFormation::Interface: + ParameterGroups: + - Label: + default: Security configuration + Parameters: + - KeyPairName + - AccessCidr + - Label: + default: Network configuration + Parameters: + - AvailabilityZones + - VpcId + - VpcCidr + - PublicSubnet1Id + - PublicSubnet2Id + - PrivateSubnet1Id + - PrivateSubnet2Id + - PrivateSubnet1Cidr + - PrivateSubnet2Cidr + - ELBScheme + - Label: + default: Amazon EC2 configuration + Parameters: + - VolumeSize + - InstanceType + - Label: + default: JFrog Artifactory configuration + Parameters: + - NumberOfSecondary + - SmLicenseName + - SmCertName + - ArtifactoryServerName + - MasterKey + - ExtraJavaOptions + - DefaultJavaMemSettings + - Label: + default: Amazon RDS configuration + Parameters: + - DatabaseName + - DatabaseUser + - DatabasePassword + - DatabaseInstance + - DatabaseAllocatedStorage + - MultiAzDatabase + - Label: + default: JFrog Xray Configuration + Parameters: + - InstallXray + - XrayNumberOfInstances + - XrayInstanceType + - XrayDatabaseUser + - XrayDatabasePassword + ParameterLabels: + AvailabilityZones: + default: Availability Zones + KeyPairName: + default: SSH key name + VpcId: + default: VPC ID + VpcCidr: + default: VPC CIDR + PublicSubnet1Id: + default: Public subnet 1 ID + PublicSubnet2Id: + default: Public subnet 2 ID + PrivateSubnet1Id: + default: Private subnet 1 ID + PrivateSubnet2Id: + default: Private subnet 2 ID + PrivateSubnet1Cidr: + default: Private subnet 1 CIDR + PrivateSubnet2Cidr: + default: Private subnet 2 CIDR + AccessCidr: + default: Permitted IP range + ELBScheme: + default: Elastic Load Balancing scheme + VolumeSize: + default: EBS root volume size + InstanceType: + default: EC2 instance type + NumberOfSecondary: + default: Secondary instances + SmLicenseName: + default: Artifactory licenses secret name + SmCertName: + default: Artifactory certificate secret name + ArtifactoryServerName: + default: Artifactory server name + MasterKey: + default: Master server key + ExtraJavaOptions: + default: Extra Java options + DefaultJavaMemSettings: + default: Default Java memory settings + DatabaseName: + default: Database name + DatabaseUser: + default: Database user + DatabasePassword: + default: Database password + DatabaseInstance: + default: Database instance type + DatabaseAllocatedStorage: + default: Database allocated storage + MultiAzDatabase: + default: High-availability database + InstallXray: + default: Install JFrog Xray + XrayNumberOfInstances: + default: Number of JFrog Xray instances + XrayInstanceType: + default: Xray instance type + XrayDatabaseUser: + default: Xray Database user + XrayDatabasePassword: + default: Xray Database password +Parameters: + AvailabilityZones: + Description: List of Availability Zones to use for the subnets in the VPC. Two + Availability Zones are used for this deployment. + Type: List + KeyPairName: + Description: Name of an existing key pair, + which allows you to connect securely to your instance after it launches. + This is the key pair you created in your preferred Region. + Type: AWS::EC2::KeyPair::KeyName + VpcId: + Description: ID of your existing VPC (e.g., vpc-0343606e). + Type: "AWS::EC2::VPC::Id" + VpcCidr: + Description: CIDR block for the VPC. + AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ + ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 + Default: 10.0.0.0/16 + Type: String + PublicSubnet1Id: + Description: ID of the public subnet in Availability Zone 1 of your existing VPC (e.g., subnet-z0376dab). + Type: "AWS::EC2::Subnet::Id" + PublicSubnet2Id: + Description: ID of the public subnet in Availability Zone 2 of your existing VPC (e.g., subnet-a29c3d84). + Type: "AWS::EC2::Subnet::Id" + PrivateSubnet1Id: + Description: ID of the private subnet in Availability Zone 1 of your existing VPC (e.g., subnet-a0246dcd). + Type: "AWS::EC2::Subnet::Id" + PrivateSubnet2Id: + Description: ID of the private subnet in Availability Zone 2 of your existing VPC (e.g., subnet-b58c3d67). + Type: "AWS::EC2::Subnet::Id" + PrivateSubnet1Cidr: + Description: CIDR of the private subnet in Availability Zone 1 of your existing VPC (e.g., 10.0.0.0/19). + AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ + ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 + Default: 10.0.0.0/19 + Type: String + PrivateSubnet2Cidr: + Description: CIDR of the private subnet in Availability Zone 2 of your existing VPC (e.g., 10.0.32.0/19). + AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ + ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 + Default: 10.0.32.0/19 + Type: String + AccessCidr: + Description: CIDR IP range that is permitted to access Artifactory. + We recommend that you set this value to a trusted IP range. + For example, you might want to grant only your corporate network access to the software. + AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ + Type: String + ELBScheme: + Description: Choose whether this is internet facing or internal. + AllowedValues: + - internal + - internet-facing + Default: internet-facing + Type: String + VolumeSize: + Description: Size in gigabytes of the available storage (min 10GB); the Quick Start will create an + Amazon Elastic Block Store (Amazon EBS) volumes of this size. + Default: 200 + Type: Number + InstanceType: + Description: EC2 type for the Artifactory instances. + AllowedValues: + - m5.large + - m5.xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.metal + - m5d.large + - m5d.xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.metal + - m5a.large + - m5a.xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + ConstraintDescription: Must contain valid instance type. + Default: m5.xlarge + Type: String + NumberOfSecondary: + Description: Number of secondary Artifactory servers to complete your + HA deployment. To align with Artifactory best practices, the minimum number + is two and the maximum is seven. Do not select more instances than you + have licenses for. + AllowedValues: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + Default: 2 + Type: Number + SmLicenseName: + Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses. + Default: '' + Type: String + SmCertName: + Description: Secret name created in AWS Secrets Manager, which contains the SSL certificate and certificate key. + Default: '' + Type: String + ArtifactoryServerName: + Description: Name of your Artifactory server. Ensure that this matches your certificate. + Type: String + MasterKey: + Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'. + AllowedPattern: ^[a-zA-Z0-9]+$ + MinLength: '1' + MaxLength: '64' + ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters. + NoEcho: 'true' + Type: String + ExtraJavaOptions: + Description: Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory + system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware. + Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings. + Default: -Xss256k -XX:+UseG1GC + Type: String + DefaultJavaMemSettings: + Description: Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM. + If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing. + ConstraintDescription: True or False + AllowedValues: + - "true" + - "false" + Default: "true" + Type: String + DatabaseName: + Description: Name of your database instance. The name must be unique across all instances + owned by your AWS account in the current Region. The database instance identifier is case-insensitive, + but it's stored in lowercase (as in "mydbinstance"). + AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ + MinLength: '1' + MaxLength: '60' + ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter. + Default: artdb + Type: String + DatabaseUser: + Description: Login ID for the master user of your database instance. + MinLength: '1' + MaxLength: '16' + AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ + ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter. + Default: artifactory + Type: String + DatabasePassword: + Description: Password for the Artifactory database user. + AllowedPattern: ^[^ \\']+$ + MinLength: '8' + MaxLength: '12' + ConstraintDescription: Must be at least 8 and no more than + 12 characters containing letters and (minimum 1 capital letter), numbers and + symbols. + NoEcho: 'true' + Type: String + DatabaseInstance: + Description: Size of the database to be deployed as part of the Quick Start. + AllowedValues: + - db.m5.large + - db.m5.xlarge + - db.m5.2xlarge + - db.m5.10xlarge + - db.m5.16xlarge + - db.m5.large + - db.m5.xlarge + - db.m5.2xlarge + - db.m5.4xlarge + - db.m5.12xlarge + - db.m5.24xlarge + ConstraintDescription: Must be a valid database Instance Type. + Default: db.m5.large + Type: String + DatabaseAllocatedStorage: + Description: Size in gigabytes of the available storage for the database instance. + MinValue: 5 + MaxValue: 1024 + Default: 10 + Type: Number + MultiAzDatabase: + Description: Choose false to create an Amazon RDS instance in a single Availability Zone. + ConstraintDescription: True or False + AllowedValues: + - "true" + - "false" + Default: "true" + Type: String + InstallXray: + Description: Choose true to install JFrog Xray instance(s). + ConstraintDescription: True or False + AllowedValues: + - "true" + - "false" + Default: "true" + Type: String + XrayNumberOfInstances: + Description: The number of Xray instances servers to complete your + HA deployment. The minimum number is one; the maximum is seven. + Do not select more than instances than you have licenses for. + MinValue: 1 + MaxValue: 7 + Default: 1 + Type: Number + XrayInstanceType: + Description: The EC2 instance type for the Xray instances. + AllowedValues: + - c5.2xlarge + - c5.4xlarge + ConstraintDescription: Must contain valid instance type. + Default: c5.2xlarge + Type: String + XrayDatabaseUser: + Description: The login ID for the Xray database user. + MinLength: '1' + MaxLength: '16' + AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ + ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter. + Default: xray + Type: String + XrayDatabasePassword: + Description: The password for the Xray database user. + AllowedPattern: ^[^ \\']+$ + MinLength: '8' + MaxLength: '12' + ConstraintDescription: Must be at least 8 and no more than + 12 characters containing letters and (minimum 1 capital letter), numbers and + symbols. + NoEcho: 'true' + Type: String + +Conditions: + HasSecondaryNodes: !Not [!Equals [!Ref NumberOfSecondary, '0']] + DefaultJava: !Equals [!Ref DefaultJavaMemSettings, "true"] + EnableXray: !Equals [!Ref InstallXray, 'true'] + SmCertNameExists: !Not [!Equals [!Ref 'SmCertName', '']] + +Resources: + ArtifactoryCoreInfraStack: + Type: AWS::CloudFormation::Stack + Properties: + TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-core-infrastructure.template.yaml + Parameters: + AvailabilityZones: + Fn::Join: + - ',' + - Ref: AvailabilityZones + VpcId: !Ref VpcId + VpcCidr: !Ref VpcCidr + PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr + PrivateSubnet2Cidr: !Ref PrivateSubnet2Cidr + PrivateSubnet3Cidr: !Ref PrivateSubnet2Cidr # This should end up in no new rule but required for EKS + SubnetIds: !Join [",", [!Ref PrivateSubnet1Id, !Ref PrivateSubnet2Id]] + DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage + MultiAzDatabase: !Ref MultiAzDatabase + DatabaseUser: !Ref DatabaseUser + DatabasePassword: !Ref DatabasePassword + DatabaseInstance: !Ref DatabaseInstance + DatabaseName: !Ref DatabaseName + InstanceType: !Ref InstanceType + ArtifactoryHostRole: !Ref ArtifactoryHostRole + VolumeSize: !Ref VolumeSize + ArtifactoryElb: + Type: AWS::ElasticLoadBalancingV2::LoadBalancer + Properties: + IpAddressType: ipv4 + Scheme: !Ref ELBScheme + Subnets: + - !Ref PublicSubnet1Id + - !Ref PublicSubnet2Id + Type: network + ArtifactorySslTargetGroup: + Type: AWS::ElasticLoadBalancingV2::TargetGroup + Properties: + HealthCheckEnabled: True + HealthCheckIntervalSeconds: 30 + HealthCheckProtocol: TCP + HealthCheckTimeoutSeconds: 10 + HealthyThresholdCount: 3 + HealthCheckPort: "8082" + Port: 443 + Protocol: TCP + TargetType: instance + UnhealthyThresholdCount: 3 + VpcId: !Ref VpcId + ArtifactoryTargetGroup: + Type: AWS::ElasticLoadBalancingV2::TargetGroup + Properties: + HealthCheckEnabled: True + HealthCheckIntervalSeconds: 30 + HealthCheckProtocol: TCP + HealthCheckTimeoutSeconds: 10 + HealthyThresholdCount: 3 + HealthCheckPort: "8082" + Port: 80 + Protocol: TCP + TargetType: instance + UnhealthyThresholdCount: 3 + VpcId: !Ref VpcId + ArtifactorySslElbListener: + Type: AWS::ElasticLoadBalancingV2::Listener + Properties: + DefaultActions: + - TargetGroupArn: !Ref ArtifactorySslTargetGroup + Type: forward + LoadBalancerArn: !Ref ArtifactoryElb + Port: 443 + Protocol: TCP + ArtifactoryElbListener: + Type: AWS::ElasticLoadBalancingV2::Listener + Properties: + DefaultActions: + - TargetGroupArn: !Ref ArtifactoryTargetGroup + Type: forward + LoadBalancerArn: !Ref ArtifactoryElb + Port: 80 + Protocol: TCP + ArtifactoryInternalElb: + Type: AWS::ElasticLoadBalancingV2::LoadBalancer + Properties: + IpAddressType: ipv4 + Scheme: internal + Subnets: + - !Ref PrivateSubnet1Id + - !Ref PrivateSubnet2Id + Type: network + ArtifactoryInternalTargetGroup: + Type: AWS::ElasticLoadBalancingV2::TargetGroup + Properties: + HealthCheckEnabled: True + HealthCheckIntervalSeconds: 30 + HealthCheckProtocol: TCP + HealthCheckTimeoutSeconds: 10 + HealthyThresholdCount: 3 + HealthCheckPort: "8082" + Port: 80 + Protocol: TCP + TargetType: instance + UnhealthyThresholdCount: 3 + VpcId: !Ref VpcId + ArtifactoryInternalElbListener: + Type: AWS::ElasticLoadBalancingV2::Listener + Properties: + DefaultActions: + - TargetGroupArn: !Ref ArtifactoryInternalTargetGroup + Type: forward + LoadBalancerArn: !Ref ArtifactoryInternalElb + Port: 80 + Protocol: TCP + ArtifactoryEc2Sg: + Type: AWS::EC2::SecurityGroup + Properties: + Tags: + - Key: Name + Value: "JFrog-Artifactory-Pro-ec2-instances-sg" + GroupDescription: SG for EC2 instances + VpcId: !Ref VpcId + SecurityGroupIngress: + - IpProtocol: tcp + FromPort: 22 + ToPort: 22 + CidrIp: !Ref VpcCidr + - IpProtocol: tcp + FromPort: 80 + ToPort: 80 + CidrIp: !Ref VpcCidr + - IpProtocol: tcp + FromPort: 80 + ToPort: 80 + CidrIp: !Ref AccessCidr + - IpProtocol: tcp + FromPort: 443 + ToPort: 443 + CidrIp: !Ref AccessCidr + - IpProtocol: tcp + FromPort: 443 + ToPort: 443 + CidrIp: !Ref VpcCidr + - IpProtocol: tcp + FromPort: 8081 + ToPort: 8082 + CidrIp: !Ref VpcCidr + - IpProtocol: tcp + FromPort: 8046 + ToPort: 8046 + CidrIp: !Ref VpcCidr + SecurityGroupEgress: + - IpProtocol: "-1" + CidrIp: 0.0.0.0/0 + ArtifactoryHostRole: + Type: 'AWS::IAM::Role' + Properties: + Path: / + AssumeRolePolicyDocument: + Statement: + - Action: + - 'sts:AssumeRole' + Principal: + Service: + - ec2.amazonaws.com + Effect: Allow + Version: 2012-10-17 + ManagedPolicyArns: + - !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonEC2RoleforSSM' + Policies: + - PolicyName: "JFrogAMI-policy" + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Action: "ec2:Describe*" + Resource: "*" + - Effect: "Allow" + Action: "ec2:AttachVolume" + Resource: "*" + - Effect: "Allow" + Action: "ec2:DetachVolume" + Resource: "*" + - Effect: "Allow" + Action: + - "s3:GetObject" + - "s3:ListObject" + - "s3:ListBucket" + Resource: "*" + - PolicyName: 'CloudWatch-policy' + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Action: + - "logs:CreateLogGroup" + - "logs:CreateLogStream" + - "logs:PutLogEvents" + - "logs:DescribeLogStreams" + Resource: !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*" + - PolicyName: 'SecretsManager-policy' + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Action: + - "secretsmanager:GetSecretValue" + Resource: !Sub "arn:${AWS::Partition}:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:*" + ArtifactoryHostProfile: + Type: AWS::IAM::InstanceProfile + Properties: + Roles: + - !Ref ArtifactoryHostRole + Path: / + ArtifactoryPrimary: + Type: AWS::CloudFormation::Stack + Properties: + TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml + Parameters: + PrivateSubnetIds: !Join [',', [!Ref PrivateSubnet1Id]] + MinScalingNodes: '1' # Always have 1 Primary Node + MaxScalingNodes: '1' # Always have 1 Primary Node + DeploymentTag: "ArtifactoryPrimary" + HostRole: !Ref ArtifactoryHostRole + ArtifactoryProduct: "JFrog-Artifactory-Pro" + ArtifactoryLicensesSecretName: !Ref SmLicenseName + ArtifactoryServerName: !Ref ArtifactoryServerName + EnableSSL: !If [SmCertNameExists, true, false] + Certificate: !If [SmCertNameExists, !Sub '{{resolve:secretsmanager:${SmCertName}:SecretString:Certificate}}', ''] + CertificateKey: !If [SmCertNameExists, !Sub '{{resolve:secretsmanager:${SmCertName}:SecretString:CertificateKey}}', ''] + CertificateDomain: !If [SmCertNameExists, !Sub '{{resolve:secretsmanager:${SmCertName}:SecretString:CertificateDomain}}', ''] + ArtifactoryS3Bucket: !GetAtt ArtifactoryCoreInfraStack.Outputs.S3Bucket + DatabaseUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseUrl + DatabaseDriver: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseDriver + DatabasePlugin: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabasePlugin + DatabasePluginUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabasePluginUrl + DatabaseType: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseType + DatabaseUser: !Ref DatabaseUser + DatabasePassword: !Ref DatabasePassword + ArtifactoryPrimary: true + MasterKey: !Ref MasterKey + ExtraJavaOptions: !If [DefaultJava, !Sub "${ArtifactoryCoreInfraStack.Outputs.JavaOpts} ${ExtraJavaOptions}", !Ref ExtraJavaOptions] + AmiId: "7215" + ArtifactoryVersion: "7.21.5" + KeyPairName: !Ref KeyPairName + HostProfile: !Ref ArtifactoryHostProfile + SecurityGroups: !Ref ArtifactoryEc2Sg + InstanceType: !Ref InstanceType + PrimaryVolume: !GetAtt ArtifactoryCoreInfraStack.Outputs.ArtifactoryEbsVolume + VolumeSize: !Ref VolumeSize + TargetGroupARN: !Ref ArtifactoryTargetGroup + SSLTargetGroupARN: !Ref ArtifactorySslTargetGroup + InternalTargetGroupARN: !Ref ArtifactoryInternalTargetGroup + + ArtifactorySecondary: + Condition: HasSecondaryNodes + DependsOn: ArtifactoryPrimary + Type: AWS::CloudFormation::Stack + Properties: + TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml + Parameters: + PrivateSubnetIds: !Join [',', [!Ref PrivateSubnet1Id, !Ref PrivateSubnet2Id]] + MinScalingNodes: !Ref NumberOfSecondary + MaxScalingNodes: !Ref NumberOfSecondary + DeploymentTag: ArtifactorySecondary + HostRole: !Ref ArtifactoryHostRole + ArtifactoryProduct: "JFrog-Artifactory-Pro" + ArtifactoryLicensesSecretName: !Ref SmLicenseName + ArtifactoryServerName: !Ref ArtifactoryServerName + EnableSSL: !If [SmCertNameExists, true, false] + Certificate: !If [SmCertNameExists, !Sub '{{resolve:secretsmanager:${SmCertName}:SecretString:Certificate}}', ''] + CertificateKey: !If [SmCertNameExists, !Sub '{{resolve:secretsmanager:${SmCertName}:SecretString:CertificateKey}}', ''] + CertificateDomain: !If [SmCertNameExists, !Sub '{{resolve:secretsmanager:${SmCertName}:SecretString:CertificateDomain}}', ''] + ArtifactoryS3Bucket: !GetAtt ArtifactoryCoreInfraStack.Outputs.S3Bucket + DatabaseUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseUrl + DatabaseDriver: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseDriver + DatabasePlugin: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabasePlugin + DatabasePluginUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabasePluginUrl + DatabaseType: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseType + DatabaseUser: !Ref DatabaseUser + DatabasePassword: !Ref DatabasePassword + ArtifactoryPrimary: false + MasterKey: !Ref MasterKey + ExtraJavaOptions: !If [DefaultJava, !Sub "${ArtifactoryCoreInfraStack.Outputs.JavaOpts} ${ExtraJavaOptions}", !Ref ExtraJavaOptions] + AmiId: "7215" + ArtifactoryVersion: "7.21.5" + KeyPairName: !Ref KeyPairName + HostProfile: !Ref ArtifactoryHostProfile + SecurityGroups: !Ref ArtifactoryEc2Sg + InstanceType: !Ref InstanceType + PrimaryVolume: !GetAtt ArtifactoryCoreInfraStack.Outputs.ArtifactoryEbsVolume + VolumeSize: !Ref VolumeSize + TargetGroupARN: !Ref ArtifactoryTargetGroup + SSLTargetGroupARN: !Ref ArtifactorySslTargetGroup + InternalTargetGroupARN: !Ref ArtifactoryInternalTargetGroup + XrayHostRole: + Condition: EnableXray + Type: AWS::IAM::Role + Properties: + Path: / + AssumeRolePolicyDocument: + Statement: + - Action: + - 'sts:AssumeRole' + Principal: + Service: + - ec2.amazonaws.com + Effect: Allow + Version: 2012-10-17 + ManagedPolicyArns: + - !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonEC2RoleforSSM' + Policies: + - PolicyName: "JFrogAMI-policy" + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Action: "ec2:Describe*" + Resource: "*" + - Effect: "Allow" + Action: "ec2:AttachVolume" + Resource: "*" + - Effect: "Allow" + Action: "ec2:DetachVolume" + Resource: "*" + - Effect: "Allow" + Action: + - "s3:GetObject" + - "s3:ListObject" + - "s3:ListBucket" + Resource: "*" + - PolicyName: 'CloudWatch-policy' + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Action: + - "logs:CreateLogGroup" + - "logs:CreateLogStream" + - "logs:PutLogEvents" + - "logs:DescribeLogStreams" + Resource: !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*" + XrayHostProfile: + Condition: EnableXray + Type: 'AWS::IAM::InstanceProfile' + Properties: + Roles: + - !Ref XrayHostRole + Path: / + XrayExistingVpcStack: + Condition: EnableXray + DependsOn: ArtifactoryPrimary + Type: AWS::CloudFormation::Stack + Properties: + TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/v7215/templates/jfrog-xray-ec2-instance.template.yaml + Parameters: + PrivateSubnet1Id: !Ref PrivateSubnet1Id + PrivateSubnet2Id: !Ref PrivateSubnet2Id + KeyPairName: !Ref KeyPairName + MinScalingNodes: !Ref XrayNumberOfInstances + MaxScalingNodes: !Ref XrayNumberOfInstances + DeploymentTag: 'xray' + DatabaseDriver: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseDriver + DatabaseType: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseType + DatabaseUser: !Ref DatabaseUser + DatabasePassword: !Ref DatabasePassword + MasterKey: !Ref MasterKey + SecurityGroups: !Ref ArtifactoryEc2Sg + VolumeSize: !Ref VolumeSize + ExtraJavaOptions: !GetAtt ArtifactoryCoreInfraStack.Outputs.JavaOpts + XrayInstanceType: !Ref XrayInstanceType + JfrogInternalUrl: !Sub "http://${ArtifactoryInternalElb.DNSName}" + XrayDatabaseUser: !Ref XrayDatabaseUser + XrayDatabasePassword: !Ref XrayDatabasePassword + XrayMasterDatabaseUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayMasterDatabaseUrl + XrayDatabaseUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayDatabaseUrl + XrayVersion: "3.27.2" + XrayAmiId: "3272" + XrayHostRole: !Ref XrayHostRole + XrayHostProfile: !Ref XrayHostProfile +Outputs: + ArtifactoryUrl: + Description: URL of the ELB to access Artifactory + Value: !If [SmCertNameExists, !Sub "https://${ArtifactoryElb.DNSName}", !Sub "http://${ArtifactoryElb.DNSName}"] + Export: + Name: !Sub '${AWS::StackName}-ArtifactoryUrl' + ArtifactoryInternalUrl: + Description: URL of the internal ELB to access Artifactory + Value: !Sub "http://${ArtifactoryInternalElb.DNSName}" + Export: + Name: !Sub '${AWS::StackName}-ArtifactoryInternalUrl' + DatabaseType: + Description: Type of database + Value: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseType + Export: + Name: !Sub '${AWS::StackName}-DatabaseType' + DatabaseDriver: + Description: Database driver + Value: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseDriver + Export: + Name: !Sub '${AWS::StackName}-DatabaseDriver' + DatabaseUrl: + Description: Database driver + Value: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseUrl + Export: + Name: !Sub '${AWS::StackName}-DatabaseUrl' + ArtifactoryTargetGroup: + Description: Artifactory target group + Value: !Ref ArtifactoryTargetGroup + Export: + Name: !Sub '${AWS::StackName}-ArtifactoryTargetGroup' + ArtifactorySslTargetGroup: + Description: Artifactory SSL target group + Value: !Ref ArtifactorySslTargetGroup + Export: + Name: !Sub '${AWS::StackName}-ArtifactorySslTargetGroup' + ArtifactoryEc2Sg: + Description: Artifactory EC2 sercurity group + Value: !Ref ArtifactoryEc2Sg + Export: + Name: !Sub '${AWS::StackName}-ArtifactoryEc2Sg' + XrayMasterDatabaseUrl: + Description: Database driver + Value: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayMasterDatabaseUrl + Export: + Name: !Sub '${AWS::StackName}-XrayMasterDatabaseUrl' + XrayDatabaseUrl: + Description: Database driver + Value: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayDatabaseUrl + Export: + Name: !Sub '${AWS::StackName}-XrayDatabaseUrl' diff --git a/Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-instance.template.yaml b/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml similarity index 67% rename from Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-instance.template.yaml rename to Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml index 54adb68..423510b 100644 --- a/Amazon/artifactory7/latest/templates/jfrog-artifactory-ec2-instance.template.yaml +++ b/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-artifactory-ec2-instance.template.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: "2010-09-09" -Description: "Artifactory: Deploys the EC2 Autoscaling, LaunchConfig and instances (qs-1qpmmjh5o)" +Description: "Deploys the EC2 Autoscaling, LaunchConfig and Instance for Artifactory (qs-1qpmmjh5o)" Parameters: PrivateSubnetIds: Type: List @@ -11,19 +11,9 @@ Parameters: Type: String HostRole: Type: String + AmiId: + Type: String ArtifactoryProduct: - Description: JFrog Artifactory product you want to install into an AMI. - AllowedValues: - - JFrog-Artifactory-Pro - - JFrog-Artifactory-Enterprise - - JFrog-Container-Registry - Default: JFrog-Artifactory-Enterprise - Type: String - QsS3BucketName: - Type: String - QsS3KeyPrefix: - Type: String - QsS3Uri: Type: String ArtifactoryLicensesSecretName: Type: String @@ -87,72 +77,45 @@ Parameters: Type: String Default: '/artifactory-user-data' -# To populate additional mappings use following link -# https://raw.githubusercontent.com/aws-quickstart/quickstart-linux-bastion/master/templates/linux-bastion.template Mappings: AWSAMIRegionMap: - ap-northeast-1: - CentOS7HVM: "ami-06a46da680048c8ae" - ap-northeast-2: - CentOS7HVM: "ami-06e83aceba2cb0907" - ap-south-1: - CentOS7HVM: "ami-026f33d38b6410e30" - ap-southeast-1: - CentOS7HVM: "ami-07f65177cb990d65b" - ap-southeast-2: - CentOS7HVM: "ami-0b2045146eb00b617" - ca-central-1: - CentOS7HVM: "ami-04a25c39dc7a8aebb" - eu-central-1: - CentOS7HVM: "ami-0e8286b71b81c3cc1" - me-south-1: - CentOS7HVM: "ami-011c71a894b10f35b" - ap-east-1: - CentOS7HVM: "ami-0e5c29e6c87a9644f" - eu-north-1: - CentOS7HVM: "ami-05788af9005ef9a93" - eu-south-1: - CentOS7HVM: "ami-0a84267606bcea16b" - eu-west-1: - CentOS7HVM: "ami-0b850cf02cc00fdc8" - eu-west-2: - CentOS7HVM: "ami-09e5afc68eed60ef4" - eu-west-3: - CentOS7HVM: "ami-0cb72d2e599cffbf9" - sa-east-1: - CentOS7HVM: "ami-0b30f38d939dd4b54" us-east-1: - CentOS7HVM: "ami-0affd4508a5d2481b" + "Artifactory7215": ami-05e8b9cdd7e0e226a us-east-2: - CentOS7HVM: "ami-01e36b7901e884a10" + "Artifactory7215": xxxxxxx us-west-1: - CentOS7HVM: "ami-098f55b4287a885ba" + "Artifactory7215": xxxxxxx us-west-2: - CentOS7HVM: "ami-0bc06212a56393ee1" - cn-north-1: - CentOS7HVM: "ami-0e02aaefeb74c3373" - cn-northwest-1: - CentOS7HVM: "ami-07183a7702633260b" + "Artifactory7215": xxxxxxx + ca-central-1: + "Artifactory7215": xxxxxxx + eu-central-1: + "Artifactory7215": xxxxxxx + eu-west-1: + "Artifactory7215": xxxxxxx + eu-west-2: + "Artifactory7215": xxxxxxx + eu-west-3: + "Artifactory7215": xxxxxxx + ap-southeast-1: + "Artifactory7215": xxxxxxx + ap-southeast-2: + "Artifactory7215": xxxxxxx + ap-south-1: + "Artifactory7215": xxxxxxx + ap-northeast-1: + "Artifactory7215": xxxxxxx + ap-northeast-2: + "Artifactory7215": xxxxxxx + sa-east-1: + "Artifactory7215": xxxxxxx us-gov-east-1: - CentOS7HVM: "ami-00e30c71" + "Artifactory7215": ami-030fd4959fa1cc6e8 us-gov-west-1: - CentOS7HVM: "ami-bbba86da" - + "Artifactory7215": xxxxxxx ArtifactoryProductMap: - JFrog-Container-Registry: - "7153": "Jcr7153" - flavor: "jcr" - haEabled: false - product: "jcr" - JFrog-Artifactory-Enterprise: - "7153": "Artifactory7153" - flavor: "pro" - haEabled: true - product: "artifactory" JFrog-Artifactory-Pro: - "7153": "Artifactory7153" - flavor: "pro" - haEabled: false + "7215": "Artifactory7215" product: "artifactory" Conditions: @@ -190,22 +153,10 @@ Resources: Timeout: PT60M ArtifactoryLaunchConfiguration: - Type: AWS::AutoScaling::LaunchConfiguration + Type: 'AWS::AutoScaling::LaunchConfiguration' Metadata: - AWS::CloudFormation::Authentication: - S3AccessCreds: - type: S3 - roleName: - - !Ref HostRole # !Ref ArtifactoryHostRole - buckets: - - !Ref QsS3BucketName AWS::CloudFormation::Init: configSets: - jfrog_ami_setup: - - "config-cloudwatch" - - "config-ansible-art-ami" - - "config-artifactory-primary" - - "secure-artifactory" artifactory_install: - "config-cloudwatch" - "config-artifactory-primary" @@ -235,22 +186,6 @@ Resources: log_stream_name = /var/log/jfrog-ami-artifactory.log datetime_format = %b %d %H:%M:%S mode: "0400" - config-ansible-art-ami: - files: - /root/.jfrog_ami/jfrog-ami-setup.yml: - content: !Sub | - # Base install for JFrogAMIInstance - - import_playbook: artifactory-ami.yml - vars: - ami_creation: false - artifactory_flavour: "pro" - artifactory_ha_enabled: false - artifactory_tar: "https://releases.jfrog.io/artifactory/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/${ArtifactoryVersion}/jfrog-artifactory-pro-${ArtifactoryVersion}-linux.tar.gz" - artifactory_version: ${ArtifactoryVersion} - db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" - db_type: "postgresql" - db_driver: "org.postgresql.Driver" - mode: "0400" config-artifactory-primary: files: /root/attach_volume.sh: @@ -292,8 +227,8 @@ Resources: - import_playbook: site-artifactory.yml vars: artifactory_product: ${product} - artifactory_flavour: ${flavor} - artifactory_ha_enabled: ${ha_enabled} + artifactory_flavour: "{{ 'pro' if '${product}' == 'artifactory' else 'jcr' if '${product}' == 'jcr' }}" + artifactory_ha_enabled: true artifactory_is_primary: ${ArtifactoryPrimary} artifactory_server_name: ${ArtifactoryServerName} server_name: ${ArtifactoryServerName}.${CertificateDomain} @@ -311,6 +246,8 @@ Resources: db_url: ${DatabaseUrl} db_user: ${DatabaseUser} db_password: ${DatabasePassword} + # db_download_url: https://jdbc.postgresql.org/download/postgresql-42.2.12.jar + art_primary: ${ArtifactoryPrimary} master_key: ${MasterKey} join_key: ${MasterKey} extra_java_opts: ${ExtraJavaOptions} @@ -324,10 +261,7 @@ Resources: url: ${DatabasePluginUrl} owner: artifactory group: artifactory - product_id: 'CloudFormation_SP_EC2/1.0.0' - - flavor: !FindInMap [ArtifactoryProductMap, !Ref ArtifactoryProduct, flavor] - ha_enabled: !FindInMap [ArtifactoryProductMap, !Ref ArtifactoryProduct, haEabled] - product: !FindInMap [ArtifactoryProductMap, !Ref ArtifactoryProduct, product] + - product: !FindInMap [ArtifactoryProductMap, !Ref ArtifactoryProduct, product] mode: "0400" /root/.vault_pass.txt: content: !Sub | @@ -347,10 +281,14 @@ Resources: IamInstanceProfile: !Ref HostProfile ImageId: !FindInMap - AWSAMIRegionMap - - !Ref AWS::Region - - 'CentOS7HVM' + - !Ref 'AWS::Region' + - !FindInMap + - ArtifactoryProductMap + - !Ref ArtifactoryProduct + - !Ref AmiId SecurityGroups: - !Ref SecurityGroups + InstanceType: !Ref InstanceType BlockDeviceMappings: !If - IsSecondary @@ -361,7 +299,6 @@ Resources: DeleteOnTermination: true Encrypted: true - !Ref AWS::NoValue - InstanceType: !Ref InstanceType UserData: Fn::Base64: !Sub | @@ -389,17 +326,9 @@ Resources: } - S3URI=${QsS3Uri} - - # Update OS - yum update -y - - # Install git - yum install -y epel-release git policycoreutils-python - - yum update --security -y 2>&1 | tee /var/log/userdata.yum_security_update.log - - yum install -y jq python3 libselinux-python3 + # Install jq + yum install -y epel-release + yum install -y jq echo $PATH @@ -407,24 +336,9 @@ Resources: echo $PATH - # Create virtual env and activate - python3 -m venv ~/venv --system-site-packages + # Activate virtual env source ~/venv/bin/activate - pip install --upgrade pip - pip install wheel - - # Install Cloudformation helper scripts - pip install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz 2>&1 | tee /var/log/userdata.aws_cfn_bootstrap_install.log - - pip install awscli 2>&1 | tee /var/log/userdata.awscli_install.log - - pip install ansible 2>&1 | tee /var/log/userdata.ansible_install.log - - mkdir ~/.jfrog_ami - - aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.jfrog_ami/ || cfn_fail - setsebool httpd_can_network_connect 1 -P # CentOS cloned virtual machines do not create a new machine id @@ -432,7 +346,7 @@ Resources: rm -f /etc/machine-id systemd-machine-id-setup - cfn-init -v --stack ${AWS::StackName} --resource ArtifactoryLaunchConfiguration --configsets jfrog_ami_setup --region ${AWS::Region} || cfn_fail + cfn-init -v --stack ${AWS::StackName} --resource ArtifactoryLaunchConfiguration --configsets artifactory_install --region ${AWS::Region} || cfn_fail # Setup CloudWatch Agent curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O @@ -441,11 +355,10 @@ Resources: /root/attach_volume.sh || cfn_fail - ansible-galaxy collection install community.general ansible.posix + setsebool httpd_can_network_connect 1 -P aws secretsmanager get-secret-value --secret-id ${ArtifactoryLicensesSecretName} --region ${AWS::Region} | jq -r '{"artifactory_licenses":(.SecretString | fromjson )}' > ~/.jfrog_ami/licenses.json || cfn_fail - ansible-playbook /root/.jfrog_ami/jfrog-ami-setup.yml --vault-id /root/.vault_pass.txt 2>&1 | tee /var/log/jfrog-ami-setup.log || cfn_fail ansible-playbook /root/.jfrog_ami/artifactory.yml -e "@~/.jfrog_ami/licenses.json" --vault-id /root/.vault_pass.txt 2>&1 | tee /var/log/jfrog-ami-artifactory.log || cfn_fail rm -rf /root/.secureit.sh diff --git a/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-xray-ec2-instance.template.yaml b/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-xray-ec2-instance.template.yaml new file mode 100644 index 0000000..c2e6159 --- /dev/null +++ b/Amazon/marketplace-jfrog-artifactory/v7215/templates/jfrog-xray-ec2-instance.template.yaml @@ -0,0 +1,255 @@ +AWSTemplateFormatVersion: "2010-09-09" +Description: "Deploys the EC2 Autoscaling, LaunchConfig and Instance for Xray" +Parameters: + PrivateSubnet1Id: + Type: AWS::EC2::Subnet::Id + PrivateSubnet2Id: + Type: AWS::EC2::Subnet::Id + KeyPairName: + Type: AWS::EC2::KeyPair::KeyName + MinScalingNodes: + Type: Number + MaxScalingNodes: + Type: Number + DeploymentTag: + Type: String + DatabaseDriver: + Type: String + DatabaseType: + Type: String + DatabaseUser: + Type: String + DatabasePassword: + Type: String + NoEcho: 'true' + MasterKey: + Type: String + NoEcho: 'true' + ExtraJavaOptions: + Type: String + SecurityGroups: + Type: String + VolumeSize: + Type: Number + XrayHostProfile: + Type: String + XrayHostRole: + Type: String + XrayInstanceType: + Type: String + JfrogInternalUrl: + Type: String + XrayDatabaseUser: + Type: String + XrayDatabasePassword: + Type: String + NoEcho: 'true' + XrayMasterDatabaseUrl: + Type: String + XrayDatabaseUrl: + Type: String + XrayVersion: + Type: String + XrayAmiId: + Type: String + +# To populate additional mappings use the following with the desired --region +# aws --region us-west-2 ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2' 'Name=state,Values=available' --output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId' +Mappings: + AWSAMIRegionMap: + us-east-1: + "3272": ami-07bdf7d3f7f07ca69 + us-east-2: + "3272": xxxxxxxxxx + us-west-1: + "3272": xxxxxxxxxx + us-west-2: + "3272": xxxxxxxxxx + ca-central-1: + "3272": xxxxxxxxxx + eu-central-1: + "3272": xxxxxxxxxx + eu-west-1: + "3272": xxxxxxxxxx + eu-west-2: + "3272": xxxxxxxxxx + eu-west-3: + "3272": xxxxxxxxxx + ap-southeast-1: + "3272": xxxxxxxxxx + ap-southeast-2: + "3272": xxxxxxxxxx + ap-south-1: + "3272": xxxxxxxxxx + ap-northeast-1: + "3272": xxxxxxxxxx + ap-northeast-2: + "3272": xxxxxxxxxx + sa-east-1: + "3272": xxxxxxxxxx + us-gov-east-1: + "3272": ami-0d50b035c31036c39 + us-gov-west-1: + "3272": xxxxxxxxxx + +Resources: + XrayScalingGroup: + Type: AWS::AutoScaling::AutoScalingGroup + Properties: + LaunchConfigurationName: !Ref XrayLaunchConfiguration + VPCZoneIdentifier: + - !Ref PrivateSubnet1Id + - !Ref PrivateSubnet2Id + MinSize: !Ref MinScalingNodes + MaxSize: !Ref MaxScalingNodes + Cooldown: '300' + DesiredCapacity: !Ref MinScalingNodes + HealthCheckType: EC2 + HealthCheckGracePeriod: 1800 + Tags: + - Key: Name + Value: !Ref DeploymentTag + PropagateAtLaunch: true + - Key: XrayVersion + Value: !Ref XrayVersion + PropagateAtLaunch: true + TerminationPolicies: + - OldestInstance + - Default + CreationPolicy: + ResourceSignal: + Count: !Ref MinScalingNodes + Timeout: PT60M + XrayLaunchConfiguration: + Type: AWS::AutoScaling::LaunchConfiguration + Metadata: + AWS::CloudFormation::Init: + configSets: + xray_install: + - "config-cloudwatch" + - "config-xray" + config-cloudwatch: + files: + /root/cloudwatch.conf: + content: | + [general] + state_file = /var/awslogs/state/agent-state + + [/var/log/messages] + file = /var/log/messages + log_group_name = /xray/instances/{instance_id} + log_stream_name = /var/log/messages/ + datetime_format = %b %d %H:%M:%S + + [/var/log/xray-ami-setup.log] + file = /var/log/messages + log_group_name = /xray/instances/{instance_id} + log_stream_name = /var/log/xray-ami-setup.log + datetime_format = %b %d %H:%M:%S + + [/var/log/xray.log] + file = /var/log/messages + log_group_name = /xray/instances/{instance_id} + log_stream_name = /var/log/xray.log + datetime_format = %b %d %H:%M:%S + mode: "0400" + config-xray: + files: + /root/.xray_ami/xray.yml: + content: !Sub | + # Base install for Xray + - import_playbook: site-xray.yml + vars: + jfrog_url: ${JfrogInternalUrl} + master_key: ${MasterKey} + join_key: ${MasterKey} + extra_java_opts: ${ExtraJavaOptions} + db_type: ${DatabaseType} + db_driver: ${DatabaseDriver} + db_master_url: postgresql://${DatabaseUser}:${DatabasePassword}@${XrayMasterDatabaseUrl} + db_url: postgres://${XrayDatabaseUrl} + db_master_user: ${DatabaseUser} + db_user: ${XrayDatabaseUser} + db_password: ${XrayDatabasePassword} + xray_version: ${XrayVersion} + mode: "0400" + /root/.vault_pass.txt: + content: !Sub | + ${DatabasePassword} + mode: "0400" + Properties: + KeyName: !Ref KeyPairName + IamInstanceProfile: !Ref XrayHostProfile + ImageId: !FindInMap + - AWSAMIRegionMap + - !Ref AWS::Region + - !Ref XrayAmiId + SecurityGroups: + - !Ref SecurityGroups + InstanceType: !Ref XrayInstanceType + BlockDeviceMappings: + - DeviceName: /dev/xvda + Ebs: + VolumeSize: !Ref VolumeSize + VolumeType: gp2 + DeleteOnTermination: true + Encrypted: true + UserData: + Fn::Base64: + !Sub | + #!/bin/bash -x + exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 + + #CFN Functions + + function cfn_fail + + { + + cfn-signal -e 1 --stack ${AWS::StackName} --region ${AWS::Region} --resource XrayScalingGroup + + exit 1 + + } + + function cfn_success + + { + + cfn-signal -e 0 --stack ${AWS::StackName} --region ${AWS::Region} --resource XrayScalingGroup + + exit 0 + + } + + echo $PATH + + PATH=/opt/aws/bin:$PATH + + echo $PATH + + # Activate virtual env + source ~/venv/bin/activate + + setsebool httpd_can_network_connect 1 -P + + # CentOS cloned virtual machines do not create a new machine id + # https://www.thegeekdiary.com/centos-rhel-7-how-to-change-the-machine-id/ + rm -f /etc/machine-id + systemd-machine-id-setup + + cfn-init -v --stack ${AWS::StackName} --resource XrayLaunchConfiguration --configsets xray_install --region ${AWS::Region} || cfn_fail + + # Setup CloudWatch Agent + curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O + chmod +x ./awslogs-agent-setup.py + ./awslogs-agent-setup.py -n -r ${AWS::Region} -c /root/cloudwatch.conf + + lsblk # debug + + ansible-playbook /root/.xray_ami/xray.yml --vault-id /root/.vault_pass.txt 2>&1 | tee /var/log/xray.log || cfn_fail + + rm -rf /root/.secureit.sh + + cfn_success &> /var/log/cfn_success.log + cfn_success || cfn_fail