From 4a0e42b25a9060ab806e37f1db1c5a24ba50bb41 Mon Sep 17 00:00:00 2001 From: Murat Aybars <39916128+aybarsm@users.noreply.github.com> Date: Sun, 7 Jul 2024 14:21:33 +0100 Subject: [PATCH] Role: package_manager:: upgrade completed --- roles/package_manager/defaults/main.yml | 2 +- .../package_manager/tasks/common_packages.yml | 8 +- roles/package_manager/tasks/deb_packages.yml | 2 +- roles/package_manager/tasks/deb_repo.yml | 6 +- roles/package_manager/tasks/deb_upgrade.yml | 13 ---- roles/package_manager/tasks/main.yml | 63 +++++++-------- roles/package_manager/tasks/rpm_packages.yml | 2 +- roles/package_manager/tasks/rpm_upgrade.yml | 7 -- roles/package_manager/tasks/set_facts.yml | 21 ----- roles/package_manager/tasks/upgrade.yml | 8 +- roles/package_manager/vars/debian.yml | 2 - roles/package_manager/vars/redhat.yml | 2 +- roles/package_manager/vars/test.yml | 76 ------------------- roles/posix/tasks/main.yml | 4 +- roles/posix/tasks/sysctl.yml | 2 +- .../{role_repo.list.j2 => role_repo.j2} | 0 16 files changed, 48 insertions(+), 170 deletions(-) delete mode 100644 roles/package_manager/tasks/deb_upgrade.yml delete mode 100644 roles/package_manager/tasks/rpm_upgrade.yml delete mode 100644 roles/package_manager/tasks/set_facts.yml delete mode 100644 roles/package_manager/vars/test.yml rename roles/proxmox/templates/{role_repo.list.j2 => role_repo.j2} (100%) diff --git a/roles/package_manager/defaults/main.yml b/roles/package_manager/defaults/main.yml index a0240f5..7cacfa7 100644 --- a/roles/package_manager/defaults/main.yml +++ b/roles/package_manager/defaults/main.yml @@ -32,4 +32,4 @@ package_manager__repo_list_use_regex: true package_manager__default: [] package_manager__group: [] package_manager__host: [] -package_manager__all: "{{ package_manager__default + package_manager__group + package_manager__host }}" +package_manager__all: "{{ package_manager__host + package_manager__group + package_manager__default }}" diff --git a/roles/package_manager/tasks/common_packages.yml b/roles/package_manager/tasks/common_packages.yml index f065ecd..c17188f 100644 --- a/roles/package_manager/tasks/common_packages.yml +++ b/roles/package_manager/tasks/common_packages.yml @@ -4,8 +4,8 @@ name: "{{ item.name }}" state: "{{ item.state | default(omit) }}" use: "{{ item.use | default(omit) }}" - register: package_manager__common_packages_apply + register: package_manager__packages_common_apply when: - - linux_packages_all | type_debug == 'list' - - linux_packages_all | length > 0 - loop: "{{ linux_packages_all }}" + - package_manager__packages_all | type_debug == 'list' + - package_manager__packages_all | length > 0 + loop: "{{ package_manager__packages_all }}" diff --git a/roles/package_manager/tasks/deb_packages.yml b/roles/package_manager/tasks/deb_packages.yml index 9359144..d5a38bb 100644 --- a/roles/package_manager/tasks/deb_packages.yml +++ b/roles/package_manager/tasks/deb_packages.yml @@ -27,7 +27,7 @@ update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}" upgrade: "{{ item.upgrade | default(omit) }}" loop: "{{ package_manager__packages_all }}" - register: package_manager__deb_packages_apply + register: package_manager__packages_deb_apply when: - package_manager__packages_all | type_debug == 'list' - package_manager__packages_all | length > 0 diff --git a/roles/package_manager/tasks/deb_repo.yml b/roles/package_manager/tasks/deb_repo.yml index 50241f7..751d6db 100644 --- a/roles/package_manager/tasks/deb_repo.yml +++ b/roles/package_manager/tasks/deb_repo.yml @@ -9,7 +9,7 @@ url: "{{ item.url | default(omit) }}" validate_certs: "{{ item.validate_certs | default(omit) | bool }}" loop: "{{ package_manager__repo_keys_all }}" - register: package_manager__deb_repo_keys_apply + register: package_manager__repo_keys_deb_apply when: - package_manager__repo_keys_all | type_debug == 'list' - package_manager__repo_keys_all | length > 0 @@ -28,7 +28,7 @@ update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}" validate_certs: "{{ item.validate_certs | default(omit) | bool }}" loop: "{{ package_manager__repos_all }}" - register: package_manager__deb_repos_apply + register: package_manager__repos_deb_apply when: - package_manager__repos_all | type_debug == 'list' - - package_manager__repos_all | length > 0 \ No newline at end of file + - package_manager__repos_all | length > 0 diff --git a/roles/package_manager/tasks/deb_upgrade.yml b/roles/package_manager/tasks/deb_upgrade.yml deleted file mode 100644 index b13589b..0000000 --- a/roles/package_manager/tasks/deb_upgrade.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Perform DEB package upgrade via APT - become: true - ansible.builtin.apt: - update_cache: "{{ package_manager__upgrade_update_repo_cache | default(omit) | bool }}" - upgrade: "{{ upgrade_mode }}" - dpkg_options: "{{ package_manager__upgrade_dpkg_options | default(omit) }}" - vars: - upgrade_mode: "{{ package_manager__upgrade_mode | regex_replace('clean_', '') }}" - register: package_manager__deb_upgrade - when: - - package_manager__upgrade_mode is defined - - upgrade_mode in __package_manager__upgrade_modes \ No newline at end of file diff --git a/roles/package_manager/tasks/main.yml b/roles/package_manager/tasks/main.yml index 73398c4..249aa7c 100644 --- a/roles/package_manager/tasks/main.yml +++ b/roles/package_manager/tasks/main.yml @@ -1,37 +1,26 @@ --- -- name: Import aybarsm linux ansible role - ansible.builtin.import_role: - name: aybarsm.linux.ansible - - name: Load OS family related variables ansible.builtin.include_vars: "{{ ansible_os_family | lower }}.yml" - name: Load common variables structured on OS related variables ansible.builtin.include_vars: common.yml -# FIXME: Commented out for testing. Uncomment after testing. -# - name: Set facts for package manager -# ansible.builtin.import_tasks: -# file: set_facts.yml -# when: package_manager__role_enabled | default(false) | bool - -- name: Include DEB repository and repository key tasks (APT) +- name: Include DEB repository key and repository tasks (APT) ansible.builtin.include_tasks: file: deb_repo.yml when: - package_manager__role_enabled | default(false) | bool - ansible_os_family | default('') | lower == 'debian' -# FIXME: Commented out for testing. Uncomment after testing. -# - name: Check upgrade strategy once compliance -# ansible.builtin.fail: -# msg: "Upgrade strategy has been set to 'once' but the required conditions are not met. Please enable the role and manage local facts to use 'once' strategy." +# TODO: Implement RPM repository tasks +# - name: Include RPM repository repository tasks (YUM) +# ansible.builtin.include_tasks: +# file: rpm_repo.yml # when: -# - package_manager__upgrade_strategy == 'once' -# - __package_manager__upgrade_once_eligible is defined -# - not __package_manager__upgrade_once_eligible +# - package_manager__role_enabled | default(false) | bool +# - ansible_os_family | default('') | lower == 'redhat' -- name: Import upgrade tasks +- name: Include upgrade tasks ansible.builtin.include_tasks: file: upgrade.yml when: @@ -42,19 +31,25 @@ skipping: [{{ inventory_hostname }}] msg: {{ __package_manager__upgrade_execute.reason }} -# FIXME: Commented out for testing. Uncomment after testing. -# - name: Import DEB package tasks (APT) -# ansible.builtin.import_tasks: -# file: deb_packages.yml -# when: -# - package_manager__role_enabled | default(false) | bool -# - package_manager__package_strategy | lower == 'specific' -# - ansible_os_family | default('') | lower == 'debian' +- name: Include DEB package tasks (APT) + ansible.builtin.include_tasks: + file: deb_packages.yml + when: + - package_manager__role_enabled | default(false) | bool + - package_manager__package_strategy | lower == 'specific' + - ansible_os_family | default('') | lower == 'debian' -# FIXME: Commented out for testing. Uncomment after testing. -# - name: Import common package manager tasks -# ansible.builtin.import_tasks: -# file: common_packages.yml -# when: -# - package_manager__role_enabled | default(false) | bool -# - package_manager__package_strategy | lower == 'common' +- name: Include RPM package tasks (DNF) + ansible.builtin.include_tasks: + file: rpm_packages.yml + when: + - package_manager__role_enabled | default(false) | bool + - package_manager__package_strategy | lower == 'specific' + - ansible_os_family | default('') | lower == 'redhat' + +- name: Include common package manager tasks + ansible.builtin.include_tasks: + file: common_packages.yml + when: + - package_manager__role_enabled | default(false) | bool + - package_manager__package_strategy | lower == 'common' diff --git a/roles/package_manager/tasks/rpm_packages.yml b/roles/package_manager/tasks/rpm_packages.yml index 478509c..27ccb08 100644 --- a/roles/package_manager/tasks/rpm_packages.yml +++ b/roles/package_manager/tasks/rpm_packages.yml @@ -35,7 +35,7 @@ use_backend: "{{ item.use_backend | default(omit) }}" validate_certs: "{{ item.validate_certs | default(omit) | bool }}" loop: "{{ package_manager__packages_all }}" - register: package_manager__rpm_packages_apply + register: package_manager__packages_rpm_apply when: - package_manager__packages_all | type_debug == 'list' - package_manager__packages_all | length > 0 diff --git a/roles/package_manager/tasks/rpm_upgrade.yml b/roles/package_manager/tasks/rpm_upgrade.yml deleted file mode 100644 index c344e6b..0000000 --- a/roles/package_manager/tasks/rpm_upgrade.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Perform RPM package upgrade via DNF - become: true - ansible.builtin.dnf: - name: "*" - state: latest - register: package_manager__rpm_upgrade \ No newline at end of file diff --git a/roles/package_manager/tasks/set_facts.yml b/roles/package_manager/tasks/set_facts.yml deleted file mode 100644 index 8b4f164..0000000 --- a/roles/package_manager/tasks/set_facts.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Set facts for package manager role - ansible.builtin.set_fact: - __package_manager__upgrade_once_eligible: "{{ upgrade_once_eligible }}" - __package_manager__upgrade_perform: "{{ is_upgrade_always or (is_upgrade_once and upgrade_once_eligible and not is_upgrade_defined) }}" - __package_manager__upgrade_clean: "{{ package_manager__upgrade_mode in __package_manager__clean_upgrade_modes }}" - __package_manager_default_repo_list_templates: "{{ repo_list_templates | - aybarsm.helper.selectattr([{when: ['type', 'defined'], ['type', 'equalto', 'default']}]) | default([]) }}" - __package_manager_repo_list_templates: "{{ repo_list_templates | - aybarsm.helper.rejectattr([{when: ['type', 'defined'], ['type', 'equalto', 'default']}]) | default([]) }}" - vars: - is_upgrade_once: "{{ package_manager__upgrade_strategy == 'once' }}" - is_upgrade_always: "{{ package_manager__upgrade_strategy == 'always' }}" - is_ansible_role: "{{ ansible__role_enabled | default(false) | bool }}" - is_manage_local_facts: "{{ ansible__manage_local_facts | default(false) | bool }}" - is_local_facts_defined: "{{ __ansible__local_facts is defined }}" - is_upgrade_defined: "{{ __ansible__local_facts.package_manager.upgrade is defined }}" - upgrade_once_eligible: "{{ is_ansible_role and is_manage_local_facts and is_local_facts_defined }}" - repo_list_templates: "{{ package_manager__repo_list_templates | - aybarsm.helper.selectattr([{when: [['src', 'defined'], ['dest', 'defined']]}]) | default([]) }}" - register: package_manager__set_facts \ No newline at end of file diff --git a/roles/package_manager/tasks/upgrade.yml b/roles/package_manager/tasks/upgrade.yml index c57cb8c..21fd495 100644 --- a/roles/package_manager/tasks/upgrade.yml +++ b/roles/package_manager/tasks/upgrade.yml @@ -82,8 +82,8 @@ state: latest register: package_manager__rpm_upgrade when: ansible_os_family | lower == 'redhat' - - - name: Include update local facts tasks + + - name: Include update local facts tasks when upgrade is successful ansible.builtin.include_role: name: aybarsm.linux.ansible tasks_from: update_local_facts.yml @@ -91,9 +91,11 @@ ansible__local_fact_updates: package_manager: upgrade: ["{{ now().utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ') }}"] + is_deb_upgrade_success: "{{ ansible_os_family | lower == 'debian' and not package_manager__upgrade_deb.failed }}" + is_rpm_upgrade_success: "{{ ansible_os_family | lower == 'redhat' and not package_manager__rpm_upgrade.failed }}" when: - __package_manager__upgrade_once - - package_manager__upgrade_deb.success or package_manager__rpm_upgrade.success + - is_deb_upgrade_success or is_rpm_upgrade_success rescue: - name: Inform when errors ansible.builtin.debug: diff --git a/roles/package_manager/vars/debian.yml b/roles/package_manager/vars/debian.yml index 900f008..9963b7e 100644 --- a/roles/package_manager/vars/debian.yml +++ b/roles/package_manager/vars/debian.yml @@ -2,8 +2,6 @@ __package_manager__upgrade_modes: ['full', 'safe', 'yes', 'dist'] package_manager__repo_list_dir: /etc/apt/sources.list.d package_manager__repo_list_patterns: [".*\\.list$"] -package_manager__upgrade_dpkg_options: '' -__package_manager__upgrade_update_cache_handler: package_manager__deb_update_repo_cache __package_manager__config: packages: diff --git a/roles/package_manager/vars/redhat.yml b/roles/package_manager/vars/redhat.yml index 6de9908..fe9fd7d 100644 --- a/roles/package_manager/vars/redhat.yml +++ b/roles/package_manager/vars/redhat.yml @@ -1,10 +1,10 @@ +# TODO: Implement all redhat family variables __package_manager__upgrade_modes: ['full'] __package_manager__has_main_repo_list: false package_manager__repo_list_dir: /etc/yum.repos.d package_manager__repo_list_use_regex: true package_manager__repo_list_patterns: [".*\\.repo$"] -__package_manager__upgrade_update_cache_handler: package_manager__rpm_clean_metadata_cache __package_manager__clean_upgrade_modes: "{{ ['clean_'] | product(__package_manager__upgrade_modes) | map('join') }}" diff --git a/roles/package_manager/vars/test.yml b/roles/package_manager/vars/test.yml deleted file mode 100644 index 6f698a0..0000000 --- a/roles/package_manager/vars/test.yml +++ /dev/null @@ -1,76 +0,0 @@ -# FIXME: This is a test file. It should be removed after the role is tested. - -package_manager__repo_list_templates: - - type: default - dest: /etc/apt/sources.list - src: etc/apt/default.sources.list.j2 - -package_manager__repo_list_dir: /etc/apt/sources.list.d -package_manager__repo_list_use_regex: true -package_manager__repo_list_patterns: [".*\\.list$"] - -package_manager__upgrade_dpkg_options: '' -package_manager__upgrade_update_repo_cache: true - -__package_manager__upgrade_modes: ['full', 'safe', 'yes', 'dist'] -__package_manager__clean_upgrade_modes: "{{ ['clean_'] | product(__package_manager__upgrade_modes) | map('join') }}" - -__package_manager__uniques_package: ['name', 'package', 'pkg'] -__package_manager__uniques_repo: ['repo'] -__package_manager__uniques_repo_key: ['keyserver', 'url', 'id', 'data', 'file'] - -__package_manager__package_config: - uniques: "{{ __package_manager__uniques_package }}" - selectattr: - - when: - - ['type', 'defined'] - - ['type', 'equalto', 'package'] - - when: "{{ __package_manager__uniques_package | product(['defined']) | list }}" - logic: or - replace_keys: - - before: package - after: name - - before: pkg - after: name - setattr: - - attribute: state - value: present - when: - - ['state', 'undefined'] - splitattr: - - srcAttr: name - dstAttr: version - search: '=' - overwrite: true - joinattr: - - leftAttr: name - rightAttr: version - join: '=' - overwrite: true - deleteSrcAttrs: true - -__package_manager__repo_config: - uniques: "{{ __package_manager__uniques_repo }}" - selectattr: - - when: - - ['type', 'defined'] - - ['type', 'equalto', 'repo'] - - when: "{{ __package_manager__uniques_repo | product(['defined']) }}" - logic: or - setattr: - - attribute: state - value: present - overwrite: false - -__package_manager__repo_key_config: - uniques: "{{ __package_manager__uniques_repo_key }}" - selectattr: - - when: - - ['type', 'defined'] - - ['type', 'equalto', 'repo_key'] - - when: "{{ __package_manager__uniques_repo_key | product(['defined']) }}" - logic: or - setattr: - - attribute: state - value: present - overwrite: false diff --git a/roles/posix/tasks/main.yml b/roles/posix/tasks/main.yml index 4ce77ab..92864b7 100644 --- a/roles/posix/tasks/main.yml +++ b/roles/posix/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Import posix sysctl tasks - ansible.builtin.import_tasks: +- name: Include posix sysctl tasks + ansible.builtin.include_tasks: file: sysctl.yml when: posix_sysctl__role_enabled | bool diff --git a/roles/posix/tasks/sysctl.yml b/roles/posix/tasks/sysctl.yml index 160fded..163fea3 100644 --- a/roles/posix/tasks/sysctl.yml +++ b/roles/posix/tasks/sysctl.yml @@ -10,7 +10,7 @@ sysctl_file: "{{ item.sysctl_file | default(omit) }}" sysctl_set: "{{ item.sysctl_set | default(omit) | bool }}" loop: "{{ posix__sysctl_all }}" - register: posix__sysctl_deploy + register: posix__sysctl_apply when: - posix__sysctl_all | type_debug == 'list' - posix__sysctl_all | length > 0 diff --git a/roles/proxmox/templates/role_repo.list.j2 b/roles/proxmox/templates/role_repo.j2 similarity index 100% rename from roles/proxmox/templates/role_repo.list.j2 rename to roles/proxmox/templates/role_repo.j2