From 5306637da7d7a85e96ba51de6303d9d8dc4bd83e Mon Sep 17 00:00:00 2001
From: nghazalibeiklar <nghazalibeiklar@atlassian.com>
Date: Tue, 3 Nov 2020 14:43:33 +1100
Subject: [PATCH] Added Ansible playbook to upgrade ZDU bitbucket

---
 ansible.cfg                                  |  3 +
 aws_bitbucket_cluster_zdu.yml                | 62 ++++++++++++++++++++
 aws_bitbucket_dc_upgrade_node.yml            | 39 ++++++++++++
 inv/alt_cluster_aws_ec2.yml                  | 16 +++++
 roles/bitbucket_zdu_finish/defaults/main.yml |  2 +
 roles/bitbucket_zdu_finish/tasks/main.yml    | 35 +++++++++++
 roles/bitbucket_zdu_init/defaults/main.yml   |  2 +
 roles/bitbucket_zdu_init/tasks/main.yml      | 32 ++++++++++
 8 files changed, 191 insertions(+)
 create mode 100644 aws_bitbucket_cluster_zdu.yml
 create mode 100644 aws_bitbucket_dc_upgrade_node.yml
 create mode 100644 inv/alt_cluster_aws_ec2.yml
 create mode 100644 roles/bitbucket_zdu_finish/defaults/main.yml
 create mode 100644 roles/bitbucket_zdu_finish/tasks/main.yml
 create mode 100644 roles/bitbucket_zdu_init/defaults/main.yml
 create mode 100644 roles/bitbucket_zdu_init/tasks/main.yml

diff --git a/ansible.cfg b/ansible.cfg
index bb157df..72c8e9b 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,3 +1,6 @@
 [defaults]
 retry_files_enabled = False
 callback_whitelist = profile_tasks
+
+[inventory]
+enable_plugin = aws_ec2
diff --git a/aws_bitbucket_cluster_zdu.yml b/aws_bitbucket_cluster_zdu.yml
new file mode 100644
index 0000000..6ac4d79
--- /dev/null
+++ b/aws_bitbucket_cluster_zdu.yml
@@ -0,0 +1,62 @@
+---
+
+- hosts: localhost
+  connection: local
+  vars_files: group_vars/aws_node_local.yml
+  roles:
+    - role: bitbucket_zdu_init
+
+- hosts: all
+  serial: 1
+  any_errors_fatal: true
+  vars_files: group_vars/aws_node_local.yml
+  vars:
+    # See group_vars/aws_node_local.yml, which pull vars from the environment.
+    atl_product_family: "stash"
+    atl_product_edition: "bitbucket"
+    atl_product_user: "bitbucket"
+
+    atl_product_home: "{{ atl_shared_mountpoint }}/{{ atl_product_edition }}"
+
+    atl_nfs_mountpoint: "{{ atl_shared_mountpoint }}/bitbucket/shared"
+    atl_nfs_target: "{{ atl_shared_mountpoint }}/bitbucket/shared"
+    atl_nfs_version: "3"
+
+    atl_startup_systemd_params:
+      - "UMask=0027"
+      - "LimitNOFILE=4096"
+      - "Environment=BITBUCKET_HOME={{ atl_product_home }}"
+      - "Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }}"
+      - "Environment=JVM_MINIMUM_MEMORY={{ atl_jvm_heap }}"
+      - "Environment=JVM_SUPPORT_RECOMMENDED_ARGS={{ atl_jvm_opts }}"
+    atl_startup_exec_options:
+      - "-fg"
+      - "--no-search"
+  pre_tasks:
+    - name: Stop bitbucket
+      service:
+        name: "{{ atl_systemd_service_name }}"
+        state: stopped
+  roles:
+    - role: aws_common
+    - role: product_common
+    - role: product_install
+    - role: bitbucket_config
+    - role: product_startup
+  post_tasks:
+    - name: Wait for node to finish startup
+      uri:
+        url: "{{ atl_tomcat_scheme }}://127.0.0.1:{{ atl_tomcat_port }}{{ atl_tomcat_contextpath }}/status"
+        method: GET
+        status_code: 200
+      register: bitbucket_state
+      failed_when: bitbucket_state.json is not defined or (bitbucket_state.json is defined and bitbucket_state.json.state != 'RUNNING')
+      until: bitbucket_state.json is defined and bitbucket_state.json.state == 'RUNNING'
+      retries: 120
+      delay: 5
+
+- hosts: localhost
+  connection: local
+  vars_files: group_vars/aws_node_local.yml
+  roles:
+    - role: bitbucket_zdu_finish
\ No newline at end of file
diff --git a/aws_bitbucket_dc_upgrade_node.yml b/aws_bitbucket_dc_upgrade_node.yml
new file mode 100644
index 0000000..832fc50
--- /dev/null
+++ b/aws_bitbucket_dc_upgrade_node.yml
@@ -0,0 +1,39 @@
+---
+- hosts: aws_node_local
+  become: true
+
+  vars:
+    # See group_vars/aws_node_local.yml, which pull vars from the environment.
+    atl_product_family: "stash"
+    atl_product_edition: "bitbucket"
+    atl_product_user: "bitbucket"
+
+    atl_product_home: "{{ atl_shared_mountpoint }}/{{ atl_product_edition }}"
+
+    atl_nfs_mountpoint: "{{ atl_shared_mountpoint }}/bitbucket/shared"
+    atl_nfs_target: "{{ atl_shared_mountpoint }}/bitbucket/shared"
+    atl_nfs_version: "3"
+
+    atl_startup_systemd_params:
+      - "UMask=0027"
+      - "LimitNOFILE=4096"
+      - "Environment=BITBUCKET_HOME={{ atl_product_home }}"
+      - "Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }}"
+      - "Environment=JVM_MINIMUM_MEMORY={{ atl_jvm_heap }}"
+      - "Environment=JVM_SUPPORT_RECOMMENDED_ARGS={{ atl_jvm_opts }}"
+    atl_startup_exec_options:
+      - "-fg"
+      - "--no-search"
+  pre_tasks:
+    - name: Stop bitbucket
+      service:
+        name: "{{ atl_systemd_service_name }}"
+        state: stopped
+
+  roles:
+    # This is needed because it sets the node ID
+    - role: aws_common
+    - role: product_common
+    - role: product_install
+    - role: bitbucket_config
+    - role: product_startup
\ No newline at end of file
diff --git a/inv/alt_cluster_aws_ec2.yml b/inv/alt_cluster_aws_ec2.yml
new file mode 100644
index 0000000..642f3a8
--- /dev/null
+++ b/inv/alt_cluster_aws_ec2.yml
@@ -0,0 +1,16 @@
+## Creates an inventory from your application cluster autoscaling group
+## You need to provide the following environment variables
+#  AWS_ACCESS_KEY_ID
+#  AWS_SECRET_ACCESS_KEY
+#
+# Replace "your_autoscaling_group" with the name of the EC2 autoscaling group your application cluster is running in
+# Replace "your deployment region" with the AWS region your cluster is running in
+# The Ansible controller node will need to have SSH access to the autoscaling group so ensure its private key is authorised and there
+# the security group allows SSH connection
+
+plugin: aws_ec2
+
+filters:
+  tag:aws:autoscaling:groupName: test-nghazali-Bitbucket
+regions:
+  - ap-southeast-2
\ No newline at end of file
diff --git a/roles/bitbucket_zdu_finish/defaults/main.yml b/roles/bitbucket_zdu_finish/defaults/main.yml
new file mode 100644
index 0000000..a6424ee
--- /dev/null
+++ b/roles/bitbucket_zdu_finish/defaults/main.yml
@@ -0,0 +1,2 @@
+atl_bitbucket_baseurl: "{{ atl_tomcat_scheme }}://{{ atl_proxy_name }}{{ atl_tomcat_contextpath }}"
+atl_bitbucket_zdu_rest_endpoint: "rest/api/2/cluster/zdu"
\ No newline at end of file
diff --git a/roles/bitbucket_zdu_finish/tasks/main.yml b/roles/bitbucket_zdu_finish/tasks/main.yml
new file mode 100644
index 0000000..cfb1c6e
--- /dev/null
+++ b/roles/bitbucket_zdu_finish/tasks/main.yml
@@ -0,0 +1,35 @@
+---
+
+- name: Assert cluster is ready to finalise upgrade
+  uri:
+    url: "{{ atl_bitbucket_baseurl }}/{{ atl_bitbucket_zdu_rest_endpoint }}/state"
+    force_basic_auth: yes
+    user: "{{ bitbucket_admin_username }}"
+    password: "{{ bitbucket_admin_password }}"
+    method: GET
+    status_code: 200
+  register: upgrade_cluster_state
+  failed_when: upgrade_cluster_state.json is not defined or upgrade_cluster_state.json.state != 'READY_TO_RUN_UPGRADE_TASKS'
+
+- name: Approve cluster upgrade
+  uri:
+    url: "{{ atl_bitbucket_baseurl }}/{{ atl_bitbucket_zdu_rest_endpoint }}/approve"
+    force_basic_auth: yes
+    user: "{{ bitbucket_admin_username }}"
+    password: "{{ bitbucket_admin_password }}"
+    method: POST
+    status_code: 200
+
+- name: Wait for cluster to finish running upgrade tasks
+  uri:
+    url: "{{ atl_bitbucket_baseurl }}/{{ atl_bitbucket_zdu_rest_endpoint }}/state"
+    force_basic_auth: yes
+    user: "{{ bitbucket_admin_username }}"
+    password: "{{ bitbucket_admin_password }}"
+    method: GET
+    status_code: 200
+  register: post_upgrade_cluster_state
+  failed_when: post_upgrade_cluster_state.json is not defined or post_upgrade_cluster_state.json.state == 'READY_TO_UPGRADE' or post_upgrade_cluster_state.json.state == 'READY_TO_RUN_UPGRADE_TASKS' or post_upgrade_cluster_state.json.state == 'MIXED'
+  until: post_upgrade_cluster_state.json is defined and post_upgrade_cluster_state.json.state == 'STABLE'
+  retries: 120
+  delay: 5
\ No newline at end of file
diff --git a/roles/bitbucket_zdu_init/defaults/main.yml b/roles/bitbucket_zdu_init/defaults/main.yml
new file mode 100644
index 0000000..a6424ee
--- /dev/null
+++ b/roles/bitbucket_zdu_init/defaults/main.yml
@@ -0,0 +1,2 @@
+atl_bitbucket_baseurl: "{{ atl_tomcat_scheme }}://{{ atl_proxy_name }}{{ atl_tomcat_contextpath }}"
+atl_bitbucket_zdu_rest_endpoint: "rest/api/2/cluster/zdu"
\ No newline at end of file
diff --git a/roles/bitbucket_zdu_init/tasks/main.yml b/roles/bitbucket_zdu_init/tasks/main.yml
new file mode 100644
index 0000000..68784bb
--- /dev/null
+++ b/roles/bitbucket_zdu_init/tasks/main.yml
@@ -0,0 +1,32 @@
+---
+
+- name: Assert cluster is ready for upgrade
+  uri:
+    url: "{{ atl_bitbucket_baseurl }}/{{ atl_jira_zdu_rest_endpoint }}/state"
+    force_basic_auth: yes
+    user: "{{ bitbucket_admin_username }}"
+    password: "{{ bitbucket_admin_password }}"
+    method: GET
+    status_code: 200
+  register: pre_upgrade_cluster_state
+
+- name: Begin cluster upgrade
+  uri:
+    url: "{{ atl_bitbucket_baseurl }}/{{ atl_bitbucket_zdu_rest_endpoint }}/start"
+    force_basic_auth: yes
+    user: "{{ bitbucket_admin_username }}"
+    password: "{{ bitbucket_admin_password }}"
+    method: POST
+    status_code: 201
+  when: pre_upgrade_cluster_state.json is defined and pre_upgrade_cluster_state.json.state == 'STABLE'
+
+- name: Verify cluster ready to upgrade
+  uri:
+    url: "{{ atl_bitbucket_baseurl }}/{{ atl_bitbucket_zdu_rest_endpoint }}/state"
+    force_basic_auth: yes
+    user: "{{ bitbucket_admin_username }}"
+    password: "{{ bitbucket_admin_password }}"
+    method: GET
+    status_code: 200
+  register: upgrade_cluster_state
+  failed_when: upgrade_cluster_state.json is not defined or upgrade_cluster_state.json.state != 'READY_TO_UPGRADE'
\ No newline at end of file