diff --git a/roles/aws_common/handlers/main.yml b/roles/aws_common/handlers/main.yml index 0e43a13..74c5079 100644 --- a/roles/aws_common/handlers/main.yml +++ b/roles/aws_common/handlers/main.yml @@ -1,14 +1,14 @@ --- - name: Enable CloudWatch Agent - systemd: + ansible.builtin.systemd: name: "amazon-cloudwatch-agent.service" daemon_reload: true enabled: true when: atl_aws_agent_restart - name: Restart CloudWatch Agent - systemd: + ansible.builtin.systemd: name: "amazon-cloudwatch-agent.service" enabled: true state: restarted diff --git a/roles/aws_common/tasks/amazon.yml b/roles/aws_common/tasks/amazon.yml index b4b597f..de1195a 100644 --- a/roles/aws_common/tasks/amazon.yml +++ b/roles/aws_common/tasks/amazon.yml @@ -1,18 +1,22 @@ --- - name: Install AWS support packages - yum: + ansible.builtin.yum: name: - amazon-efs-utils - amazon-ssm-agent - awscli - git - ec2-utils + vars: + ansible_python_interpreter: /usr/bin/python2 - name: Install CloudWatch Agent - yum: + ansible.builtin.yum: name: - "{{ aws_cloudwatch_agent_rpm }}" when: atl_aws_enable_cloudwatch is defined and atl_aws_enable_cloudwatch notify: - Enable CloudWatch Agent + vars: + ansible_python_interpreter: /usr/bin/python2 diff --git a/roles/aws_common/tasks/main.yml b/roles/aws_common/tasks/main.yml index 9c90622..dce57fb 100644 --- a/roles/aws_common/tasks/main.yml +++ b/roles/aws_common/tasks/main.yml @@ -1,20 +1,20 @@ --- - name: Fetch local EC2 metadata - ec2_metadata_facts: + amazon.aws.ec2_metadata_facts: tags: - notest - name: Install distro-specific prerequisites - include_tasks: "{{ ansible_distribution|lower }}.yml" + ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}.yml" - name: Use EC2 instance ID for cluster node ID - set_fact: + ansible.builtin.set_fact: atl_cluster_node_id: "{{ ansible_ec2_instance_id }}" atl_local_ipv4: "{{ ansible_ec2_local_ipv4 | default(ansible_default_ipv4.address) }}" - name: Generate CloudWatch config - template: + ansible.builtin.template: src: "amazon-cloudwatch-agent.json.j2" dest: "/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json" owner: root @@ -25,7 +25,7 @@ - Restart CloudWatch Agent - name: Store some metadata about this run - include_tasks: "write-tags.yml" + ansible.builtin.include_tasks: "write-tags.yml" - name: Initiate the startup of any new AWS services now - meta: flush_handlers + ansible.builtin.meta: flush_handlers diff --git a/roles/aws_common/tasks/write-tags.yml b/roles/aws_common/tasks/write-tags.yml index d1df291..3c43498 100644 --- a/roles/aws_common/tasks/write-tags.yml +++ b/roles/aws_common/tasks/write-tags.yml @@ -1,7 +1,7 @@ --- - name: Retrieve all available EC2 tags - ec2_tag: + amazon.aws.ec2_tag: region: "{{ ansible_ec2_placement_region }}" resource: "{{ ansible_ec2_instance_id }}" state: list @@ -11,18 +11,18 @@ - notest - name: Retrieve autoscaling group - set_fact: + ansible.builtin.set_fact: ec2_autoscaling_group: "{{ ec2_instance_tags.tags['aws:autoscaling:groupName'] | default('') }}" - block: # No existing timestamp, so this is a first run. Persist some metadata into the ASG. - name: Fetch the git revision for this repo - command: + ansible.builtin.command: cmd: git rev-parse HEAD register: git_out - name: Setup the new ASG tags - set_fact: + ansible.builtin.set_fact: deployment_firstrun_meta: - ResourceType: "auto-scaling-group" ResourceId: "{{ ec2_autoscaling_group }}" @@ -41,14 +41,14 @@ # ignore errors as it's possible we don't have the permissions, # and we can't check up-front. - name: Set the first-run tags on the ASG ("FAIL" is not critical) - command: "aws autoscaling + ansible.builtin.command: "aws autoscaling create-or-update-tags --region {{ ansible_ec2_placement_region }} --tags '{{ deployment_firstrun_meta | to_json }}'" ignore_errors: true - name: Set the tags on the local instance ("FAIL" is not critical) - ec2_tag: + amazon.aws.ec2_tag: region: "{{ ansible_ec2_placement_region }}" resource: "{{ ansible_ec2_instance_id }}" tags: diff --git a/roles/aws_shared_fs_config/tasks/main.yml b/roles/aws_shared_fs_config/tasks/main.yml index 589383c..c906926 100644 --- a/roles/aws_shared_fs_config/tasks/main.yml +++ b/roles/aws_shared_fs_config/tasks/main.yml @@ -1,13 +1,13 @@ --- - name: Create mountpoint - file: + ansible.builtin.file: state: directory path: "{{ atl_shared_mountpoint }}" mode: 0755 - name: Enable mountpoint in fstab - mount: + ansible.posix.mount: path: "{{ atl_shared_mountpoint }}" src: "{{ efs_target }}:{{ efs_src_dir }}" fstype: "{{ efs_type }}" diff --git a/roles/bitbucket_config/tasks/main.yml b/roles/bitbucket_config/tasks/main.yml index 4de771b..7ee24cd 100644 --- a/roles/bitbucket_config/tasks/main.yml +++ b/roles/bitbucket_config/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Create Bitbucket shared dir if necessary - file: + ansible.builtin.file: path: "{{ atl_product_home_shared }}" owner: "{{ atl_product_user }}" group: "{{ atl_product_user }}" @@ -9,14 +9,14 @@ state: directory - name: Create Bitbucket config file - template: + ansible.builtin.template: src: bitbucket.properties.j2 dest: "{{ atl_product_home_shared }}/bitbucket.properties" owner: "{{ atl_product_user }}" group: "{{ atl_product_user }}" - name: Remove write permissions from installation directory - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}" owner: "root" group: "root" @@ -25,7 +25,7 @@ changed_when: false # For Molecule idempotence check - name: Create conf/Catalina directory so catalina.out logging works - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}/conf/Catalina" state: directory mode: "u=rwX,g=rX,o-rwx" diff --git a/roles/bitbucket_dataset_restore/tasks/main.yml b/roles/bitbucket_dataset_restore/tasks/main.yml index 0204079..2f0fb68 100644 --- a/roles/bitbucket_dataset_restore/tasks/main.yml +++ b/roles/bitbucket_dataset_restore/tasks/main.yml @@ -1,24 +1,24 @@ --- - name: Force all notified handlers to run at this point, not waiting for normal sync points - meta: flush_handlers + ansible.builtin.meta: flush_handlers - name: wait for port 7990 to be up - wait_for: + ansible.builtin.wait_for: port: 7990 delay: 60 - name: wait for path to become available - wait_for: + ansible.builtin.wait_for: path: "{{ atl_product_home_shared }}/data/migration/import" delay: 60 - name: Copy Bitbucket dataset from s3 - get_url: + ansible.builtin.get_url: url: "{{ atl_bitbucket_dataset_url }}" dest: "{{ atl_product_home_shared }}/data/migration/import" - name: Invoke Import API - uri: + ansible.builtin.uri: url: "{{ atl_bitbucket_baseurl }}/rest/api/1.0/migration/imports" user: admin password: "{{ atl_bitbucket_admin_password }}" @@ -36,7 +36,7 @@ failed_when: output is defined and output.json is defined and output.json.state != 'INITIALISING' - name: get import status - uri: + ansible.builtin.uri: url: "{{ atl_bitbucket_baseurl }}/rest/api/1.0/migration/imports/{{ output.json.id }}" user: admin password: "{{ atl_bitbucket_admin_password }}" @@ -50,7 +50,7 @@ delay: 10 - name: create lock file - file: + ansible.builtin.file: path: "{{ atl_product_home_shared }}/data/migration/import/lock.file" state: touch when: import_status.json.state == 'COMPLETED' diff --git a/roles/confluence_config/tasks/amazon_fonts.yml b/roles/confluence_config/tasks/amazon_fonts.yml index 8fa2bda..eaa1993 100644 --- a/roles/confluence_config/tasks/amazon_fonts.yml +++ b/roles/confluence_config/tasks/amazon_fonts.yml @@ -1,13 +1,15 @@ --- - name: Install Google Noto fonts for language coverage - yum: + ansible.builtin.yum: name: - "google-noto-*" + vars: + ansible_python_interpreter: /usr/bin/python2 - name: Link the language fonts into the JDK # Not idiomatic, but cleaner than messing with nested lookups... - shell: + ansible.builtin.shell: cmd: "ln -sf /usr/share/fonts/google-noto*/* {{ item }}/" creates: "{{ item }}/NotoSansJavanese-Regular.ttf" warn: false diff --git a/roles/confluence_config/tasks/main.yml b/roles/confluence_config/tasks/main.yml index ea807bb..c23377f 100644 --- a/roles/confluence_config/tasks/main.yml +++ b/roles/confluence_config/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Create application directories - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: 0750 @@ -17,7 +17,7 @@ # Create symlink to force single (unclustered) Confluence to store # shared-data and attachments in the shared drive. - name: Symlink local attachments to shared storage - file: + ansible.builtin.file: src: "{{ item.0 }}" dest: "{{ item.1 }}" force: false @@ -33,12 +33,12 @@ - "{{ links }}" - name: Create Tomcat server config - template: + ansible.builtin.template: src: server.xml.j2 dest: "{{ atl_product_installation_versioned }}/conf/server.xml" - name: Override JVM memory settings. - replace: + ansible.builtin.replace: path: "{{ atl_product_installation_versioned }}/bin/setenv.sh" regexp: "-{{ item }}\\d+m " replace: "-{{ item }}{{ atl_jvm_heap }} " @@ -47,30 +47,30 @@ - 'Xms' - name: Set the Tomcat environment - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/bin/setenv.sh" insertafter: "EOF" line: 'export CATALINA_OPTS="${CATALINA_OPTS} {{ atl_catalina_opts }} {{ atl_catalina_opts_extra }}"' - name: Configure login properties - template: + ansible.builtin.template: src: seraph-config.xml.j2 dest: "{{ atl_product_installation_versioned }}/confluence/WEB-INF/classes/seraph-config.xml" - name: Configure Confluence home directory - template: + ansible.builtin.template: src: confluence-init.properties.j2 dest: "{{ atl_product_installation_versioned }}/confluence/WEB-INF/classes/confluence-init.properties" - name: Create Confluence configuration - template: + ansible.builtin.template: src: confluence.cfg.xml.j2 dest: "{{ atl_product_home }}/confluence.cfg.xml" owner: "{{ atl_product_user }}" group: "{{ atl_product_user }}" - name: Limit permissions on the installation directory - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}" owner: "root" group: "root" @@ -83,7 +83,7 @@ changed_when: false # For Molecule idempotence check - name: Grant access to the product working directories - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: "u=rwX,g=rX,o-rwx" @@ -97,7 +97,7 @@ changed_when: false # For Molecule idempotence check - name: Create conf/Catalina directory owned by product so catalina.out logging works - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}/conf/Catalina" state: directory mode: "u=rwX,g=rX,o-rwx" @@ -106,7 +106,7 @@ changed_when: false # For Molecule idempotence check - name: Assert baseurl to same as atl_proxy_name - postgresql_query: + community.postgresql.postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_jdbc_user }}" login_password: "{{ atl_jdbc_password }}" @@ -126,11 +126,11 @@ ignore_errors: yes # For Molecule as it has no db test framework included - name: Create JVM font fallback directories - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: 0755 with_items: "{{ atl_fonts_fallback_dirs }}" - name: Install & configure distro language fonts - include_tasks: "{{ ansible_distribution|lower }}_fonts.yml" + ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}_fonts.yml" diff --git a/roles/confluence_config/tasks/ubuntu_fonts.yml b/roles/confluence_config/tasks/ubuntu_fonts.yml index 20fcbb1..89949d6 100644 --- a/roles/confluence_config/tasks/ubuntu_fonts.yml +++ b/roles/confluence_config/tasks/ubuntu_fonts.yml @@ -1,13 +1,13 @@ --- - name: Install Google Noto fonts for language coverage - package: + ansible.builtin.package: name: - "fonts-noto" - name: Link the language fonts into the JDK # Not idiomatic, but cleaner than messing with nested lookups... - shell: + ansible.builtin.shell: cmd: "ln -sf /usr/share/fonts/truetype/noto/* {{ item }}/" creates: "{{ item }}/NotoSansJavanese-Regular.ttf" warn: false diff --git a/roles/crowd_config/tasks/main.yml b/roles/crowd_config/tasks/main.yml index 3cb975a..46cf6e3 100644 --- a/roles/crowd_config/tasks/main.yml +++ b/roles/crowd_config/tasks/main.yml @@ -1,60 +1,60 @@ --- - name: Create server config - template: + ansible.builtin.template: src: server.xml.j2 dest: "{{ atl_product_installation_versioned }}/apache-tomcat/conf/server.xml" - name: Set the minimum heap size (Xms) - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh" regexp: '^(.*)Xms(\d+\w)(\s.*)$' line: '\1Xms{{ atl_jvm_heap }}\3' backrefs: yes - name: Set the maxmimum heap size (Xmx) - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh" regexp: '^(.*)Xmx(\d+\w)(\s.*)$' line: '\1Xmx{{ atl_jvm_heap }}\3' backrefs: yes - name: Set Crowd home directory in crowd-init.properties file - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/crowd-webapp/WEB-INF/classes/crowd-init.properties" line: 'crowd.home={{ atl_product_home }}' - name: Export CATALINA_OPTS in setenv.sh - lineinfile: + ansible.builtin.lineinfile: path: '{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh' line: 'export CATALINA_OPTS' - name: CATALINA_OPTS to list - set_fact: + ansible.builtin.set_fact: catalina_ops_list: "{{ catalina_ops_list|default([]) }} + {{ (item | trim | regex_replace('^-')).split(' -') }}" loop: - '{{ atl_catalina_opts }}' - '{{ atl_catalina_opts_extra }}' - name: CATALINA_OPTS unique and sorted - set_fact: + ansible.builtin.set_fact: catalina_opts: "{{ query('flattened', catalina_ops_list) | reject('equalto', '') | unique | sort }}" - name: Set CATALINA_OPTS in setenv.sh - blockinfile: + ansible.builtin.blockinfile: block: "{{ lookup('template', 'templates/catalina_opts.j2') }}" path: "{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh" insertbefore: "^export CATALINA_OPTS$" marker: "# {mark} ANSIBLE MANAGED CATALINA_OPTS" - name: Set JAVA_HOME - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh" insertafter: "EOF" line: "export JAVA_HOME={{ atl_java_home }}" - name: Create application directories - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: 0750 @@ -67,7 +67,7 @@ changed_when: false # For Molecule idempotence check - name: Limit permissions on the installation directory - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}" owner: "{{ atl_product_user }}" group: "{{ atl_product_user }}" @@ -80,7 +80,7 @@ changed_when: false # For Molecule idempotence check - name: Grant access to the product working directories - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: "u=rwX,g=rX,o-rwx" @@ -94,7 +94,7 @@ changed_when: false # For Molecule idempotence check - name: Create conf/Catalina directory owned by product so catalina.out logging works - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}/conf/Catalina" state: directory mode: "u=rwX,g=rX,o-rwx" @@ -103,7 +103,7 @@ changed_when: false # For Molecule idempotence check - name: Symlink Crowd shared home directory - file: + ansible.builtin.file: src: "{{ atl_product_home_shared }}" dest: "{{ atl_product_home }}/shared" state: link @@ -112,7 +112,7 @@ changed_when: false # For Molecule idempotence check - name: Assert baseurl to same as atl_proxy_name - postgresql_query: + community.postgresql.postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_jdbc_user }}" login_password: "{{ atl_jdbc_password }}" @@ -131,32 +131,32 @@ ignore_errors: yes # For Molecule as it has no db test framework included - name: Check that crowd.cfg.xml exists - stat: + ansible.builtin.stat: path: "{{ atl_product_home_shared }}/crowd.cfg.xml" register: crowd_cfg_stat_result - block: - name: Assert JDBC password to same as atl_jdbc_password - xml: + community.general.xml: path: "{{ atl_product_home_shared }}/crowd.cfg.xml" xpath: "/application-configuration/properties/property[@name='hibernate.connection.password']" value: "{{ atl_jdbc_password }}" - name: Assert JDBC url to same as atl_jdbc_url - xml: + community.general.xml: path: "{{ atl_product_home_shared }}/crowd.cfg.xml" xpath: "/application-configuration/properties/property[@name='hibernate.connection.url']" value: "{{ atl_jdbc_url }}?reWriteBatchedInserts=true" - name: Assert hibernate.c3p0.max_size to same as atl_db_poolmaxsize - xml: + community.general.xml: path: "{{ atl_product_home_shared }}/crowd.cfg.xml" xpath: "/application-configuration/properties/property[@name='hibernate.c3p0.max_size']" value: "{{ atl_db_poolmaxsize }}" when: atl_db_poolmaxsize is defined - name: Assert hibernate.c3p0.min_size to same as atl_db_poolminsize - xml: + community.general.xml: path: "{{ atl_product_home_shared }}/crowd.cfg.xml" xpath: "/application-configuration/properties/property[@name='hibernate.c3p0.min_size']" value: "{{ atl_db_poolminsize }}" @@ -165,6 +165,6 @@ when: crowd_cfg_stat_result.stat.exists - name: Remove crowd.xml to prevent duplicates from appearing in cluster reporting - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}/apache-tomcat/conf/Catalina/localhost/crowd.xml" state: absent diff --git a/roles/database_init/tasks/main.yml b/roles/database_init/tasks/main.yml index e065a0a..24903bb 100644 --- a/roles/database_init/tasks/main.yml +++ b/roles/database_init/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Create application DB user - postgresql_user: + community.postgresql.postgresql_user: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" @@ -11,7 +11,7 @@ expires: 'infinity' - name: Collect dbcluster db_names - postgresql_query: + community.postgresql.postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" @@ -22,7 +22,7 @@ - block: - name: Update root privs for new user - postgresql_privs: + community.postgresql.postgresql_privs: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" @@ -33,7 +33,7 @@ # RDS does not allow changing the collation on an existing DB, it only allows collation change on creation of db. If the db already exists, we need the “create new application database” task to be skipped, idempotence can not be relied upon as we cant be certain the collation of the existing db - name: Create new application database - postgresql_db: + community.postgresql.postgresql_db: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" @@ -51,7 +51,7 @@ - new_only - name: Assert ownership of public schema - postgresql_query: + community.postgresql.postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" @@ -59,7 +59,7 @@ query: "ALTER SCHEMA public OWNER to {{ atl_db_root_user }};" - name: Grant privs to root user on public schema - postgresql_query: + community.postgresql.postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" @@ -67,7 +67,7 @@ query: "GRANT ALL ON SCHEMA public TO {{ atl_db_root_user }};" - name: Grant privs to application user on public schema - postgresql_query: + community.postgresql.postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" diff --git a/roles/diy_backup/molecule/default/converge.yml b/roles/diy_backup/molecule/default/converge.yml index a5cecc3..56c2b25 100644 --- a/roles/diy_backup/molecule/default/converge.yml +++ b/roles/diy_backup/molecule/default/converge.yml @@ -20,12 +20,12 @@ pre_tasks: - name: Create base dir - file: + ansible.builtin.file: path: '/opt/atlassian/bin' state: directory - name: Install git - package: + ansible.builtin.package: name: git roles: diff --git a/roles/diy_backup/tasks/main.yml b/roles/diy_backup/tasks/main.yml index 3f1b1be..46dc3c9 100644 --- a/roles/diy_backup/tasks/main.yml +++ b/roles/diy_backup/tasks/main.yml @@ -2,19 +2,19 @@ - name: Fetch the DIY backups repository - git: + ansible.builtin.git: repo: "{{ atl_diy_backup_repo }}" dest: "{{ atl_diy_backup_dir }}" version: "master" - name: Configure DIY backup for BB on AWS - template: + ansible.builtin.template: src: "bitbucket.diy-backup.vars.sh.j2" dest: "{{ atl_diy_backup_dir }}/bitbucket.diy-backup.vars.sh" mode: 0640 - name: Install backup wrapper script - template: + ansible.builtin.template: src: "run-backup.j2" dest: "{{ atl_installation_base }}/bin/run-backup" mode: 0750 diff --git a/roles/jira_config/molecule/jira_config_props/converge.yml b/roles/jira_config/molecule/jira_config_props/converge.yml index 7e86b81..e0b51fa 100644 --- a/roles/jira_config/molecule/jira_config_props/converge.yml +++ b/roles/jira_config/molecule/jira_config_props/converge.yml @@ -30,11 +30,11 @@ pre_tasks: - name: Create shared home - file: + ansible.builtin.file: path: '/media/atl/jira/shared/' state: directory - name: Create jira-config.properties to check copy - copy: + ansible.builtin.copy: dest: '/media/atl/jira/shared/jira-config.properties' content: "jira.projectkey.warning = testwarning" force: false # For idempotency check diff --git a/roles/jira_config/tasks/main.yml b/roles/jira_config/tasks/main.yml index 9f03d5b..b514c53 100644 --- a/roles/jira_config/tasks/main.yml +++ b/roles/jira_config/tasks/main.yml @@ -2,29 +2,29 @@ - name: Create database config - template: + ansible.builtin.template: src: dbconfig.xml.j2 dest: "{{ atl_product_home }}/dbconfig.xml" owner: "{{ atl_product_user }}" - name: Create cluster config - template: + ansible.builtin.template: src: cluster.properties.j2 dest: "{{ atl_product_home }}/cluster.properties" owner: "{{ atl_product_user }}" - name: Create server config - template: + ansible.builtin.template: src: server.xml.j2 dest: "{{ atl_product_installation_versioned }}/conf/server.xml" - name: Check for a jira-config.properties in the shared home - stat: + ansible.builtin.stat: path: "{{ atl_product_home_shared }}/jira-config.properties" register: jira_config_properties - name: Copy jira-config.properties if exists - copy: + ansible.builtin.copy: remote_src: true src: "{{ atl_product_home_shared }}/jira-config.properties" dest: "{{ atl_product_home }}/jira-config.properties" @@ -35,7 +35,7 @@ - name: Override JVM memory settings. # Ugly but necessary as the product installs this file so we need to make the change here. - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/bin/setenv.sh" backrefs: true regexp: "^{{ item }}=" @@ -45,25 +45,25 @@ - 'JVM_MAXIMUM_MEMORY' - name: Set Jira home directory - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/bin/setenv.sh" regexp: "JIRA_HOME=" line: 'JIRA_HOME="{{ atl_product_home }}"' - name: Set the Tomcat environment - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/bin/setenv.sh" insertafter: "EOF" line: 'export CATALINA_OPTS="${CATALINA_OPTS} {{ atl_catalina_opts }} {{ atl_catalina_opts_extra }}"' - name: Set support recommended JVM args - lineinfile: + ansible.builtin.lineinfile: path: "{{ atl_product_installation_versioned }}/bin/setenv.sh" regexp: "JVM_SUPPORT_RECOMMENDED_ARGS=" line: 'JVM_SUPPORT_RECOMMENDED_ARGS="{{ atl_jvm_opts }}"' - name: Create application directories - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: 0750 @@ -77,7 +77,7 @@ - name: Limit permissions on the installation directory - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}" owner: "root" group: "root" @@ -90,7 +90,7 @@ changed_when: false # For Molecule idempotence check - name: Grant access to the product working directories - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: "u=rwX,g=rX,o-rwx" @@ -104,7 +104,7 @@ changed_when: false # For Molecule idempotence check - name: Create conf/Catalina directory owned by product so catalina.out logging works - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}/conf/Catalina" state: directory mode: "u=rwX,g=rX,o-rwx" @@ -113,7 +113,7 @@ changed_when: false # For Molecule idempotence check - name: Assert baseurl to same as atl_proxy_name - postgresql_query: + community.postgresql.postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_jdbc_user }}" login_password: "{{ atl_jdbc_password }}" diff --git a/roles/linux_common/tasks/amazon.yml b/roles/linux_common/tasks/amazon.yml index 325397c..859057b 100644 --- a/roles/linux_common/tasks/amazon.yml +++ b/roles/linux_common/tasks/amazon.yml @@ -1,16 +1,18 @@ --- - name: Install Amazon-Linux-specific support packages - yum: + ansible.builtin.yum: name: - dejavu-sans-fonts - file - git-{{ git_version }} - libxml2 - shadow-utils + vars: + ansible_python_interpreter: /usr/bin/python2 - name: Limit the SSH ciphers - lineinfile: + ansible.builtin.lineinfile: path: "/etc/ssh/sshd_config" # Drop insecure ciphers, currently 3des-cbc only. You can get the # full list with `sshd -T | grep -i ciphers` diff --git a/roles/linux_common/tasks/main.yml b/roles/linux_common/tasks/main.yml index 2fadb06..01ccf8b 100644 --- a/roles/linux_common/tasks/main.yml +++ b/roles/linux_common/tasks/main.yml @@ -3,10 +3,10 @@ # Note: Try and limit these to packages that are distro-specific, and # place commonly-named ones below. - name: Install distro-specific prerequisites - include_tasks: "{{ ansible_distribution|lower }}.yml" + ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}.yml" - name: Install common support packages - package: + ansible.builtin.package: name: - jq - tar @@ -16,19 +16,19 @@ - python-psycopg2 - name: Create product group - group: + ansible.builtin.group: name: "{{ atl_product_user }}" gid: "{{ atl_product_user_uid }}" - name: Create product user - user: + ansible.builtin.user: name: "{{ atl_product_user }}" uid: "{{ atl_product_user_uid }}" group: "{{ atl_product_user }}" comment: "Product runtime user" - name: Stop systemd-cleanup deleting the jvm socket file - copy: + ansible.builtin.copy: src: java.conf dest: "/usr/lib/tmpfiles.d/java.conf" owner: root @@ -37,7 +37,7 @@ register: systemd_config_changed - name: Force systemd to reload daemon configuration - systemd: + ansible.builtin.systemd: daemon_reload: yes when: - systemd_config_changed is defined diff --git a/roles/linux_common/tasks/ubuntu.yml b/roles/linux_common/tasks/ubuntu.yml index 0ea8343..0bb54cf 100644 --- a/roles/linux_common/tasks/ubuntu.yml +++ b/roles/linux_common/tasks/ubuntu.yml @@ -1,7 +1,7 @@ --- - name: Install common Ubuntu support packages - apt: + ansible.builtin.apt: name: - python3-psycopg2 - libxml2-utils diff --git a/roles/nfs_mount/tasks/main.yml b/roles/nfs_mount/tasks/main.yml index dfe6a27..bcdff26 100644 --- a/roles/nfs_mount/tasks/main.yml +++ b/roles/nfs_mount/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Create mountpoint - file: + ansible.builtin.file: state: directory path: "{{ atl_shared_mountpoint }}" mode: 0755 @@ -9,7 +9,7 @@ group: "{{ atl_product_user }}" - name: Enable mountpoint in fstab - mount: + ansible.posix.mount: src: "{{ atl_fileserver_host }}:{{ atl_nfs_target }}" path: "{{ atl_nfs_mountpoint }}" fstype: nfs diff --git a/roles/nfs_server/handlers/main.yml b/roles/nfs_server/handlers/main.yml index 3936144..8a65b54 100644 --- a/roles/nfs_server/handlers/main.yml +++ b/roles/nfs_server/handlers/main.yml @@ -1,6 +1,6 @@ --- - name: Restart NFS - service: + ansible.builtin.service: name: "nfs.service" state: restarted diff --git a/roles/nfs_server/tasks/amazon.yml b/roles/nfs_server/tasks/amazon.yml index ad2adee..17de77d 100644 --- a/roles/nfs_server/tasks/amazon.yml +++ b/roles/nfs_server/tasks/amazon.yml @@ -1,6 +1,8 @@ --- - name: Install Amazon-Linux-specific NFS packages - yum: + ansible.builtin.yum: name: - nfs-utils + vars: + ansible_python_interpreter: /usr/bin/python2 diff --git a/roles/nfs_server/tasks/main.yml b/roles/nfs_server/tasks/main.yml index 44fc8b0..51953b3 100644 --- a/roles/nfs_server/tasks/main.yml +++ b/roles/nfs_server/tasks/main.yml @@ -1,16 +1,16 @@ --- - name: Install distro-specific NFS packages - include_tasks: "{{ ansible_distribution|lower }}.yml" + ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}.yml" - name: Create mountpoint - file: + ansible.builtin.file: path: "{{ atl_shared_mountpoint }}" state: directory - name: Setup the disk partition - parted: + community.general.parted: device: "{{ atl_nfs_server_device }}" label: gpt name: "{{ atl_nfs_fs_label }}" @@ -22,7 +22,7 @@ - name: Create the filesystem - filesystem: + community.general.filesystem: dev: "{{ atl_nfs_server_device }}" fstype: "{{ atl_nfs_fs_type }}" opts: "-L {{ atl_nfs_fs_label }}" @@ -30,7 +30,7 @@ - new_only - name: Setup fstab and mount the filesystem - mount: + ansible.posix.mount: path: "{{ atl_shared_mountpoint }}" src: "LABEL={{ atl_nfs_fs_label }}" fstype: "{{ atl_nfs_fs_type }}" @@ -40,7 +40,7 @@ - name: Create the shared home - file: + ansible.builtin.file: path: "{{ atl_shared_mountpoint }}/{{ atl_product_user }}/shared" state: directory owner: "{{ atl_product_user }}" @@ -51,14 +51,14 @@ - name: Create the NFS export file - template: + ansible.builtin.template: src: "media-atl.exports.j2" dest: "/etc/exports.d/20-media-atl.exports" notify: - Restart NFS - name: Enable NFS - service: + ansible.builtin.service: name: nfs.service enabled: true state: started diff --git a/roles/nfs_server/tasks/ubuntu.yml b/roles/nfs_server/tasks/ubuntu.yml index becb1d8..e263578 100644 --- a/roles/nfs_server/tasks/ubuntu.yml +++ b/roles/nfs_server/tasks/ubuntu.yml @@ -1,7 +1,7 @@ --- - name: Install Ubuntu-specific NFS packages - apt: + ansible.builtin.apt: name: - nfs-kernel-server - libnfs-utils diff --git a/roles/product_common/tasks/amazon.yml b/roles/product_common/tasks/amazon.yml index 41e75e1..c47dfb2 100644 --- a/roles/product_common/tasks/amazon.yml +++ b/roles/product_common/tasks/amazon.yml @@ -4,7 +4,7 @@ block: - name: Add Adoptium yum repository - yum_repository: + ansible.builtin.yum_repository: name: Adoptium file: adoptium description: Adoptium Repo @@ -14,12 +14,14 @@ state: present - name: Install Eclipse Temurin JDK - yum: + ansible.builtin.yum: name: "temurin-{{ java_major_version }}-jdk" state: present + vars: + ansible_python_interpreter: /usr/bin/python2 - name: Ensure common JDK symlink exists - alternatives: + community.general.alternatives: link: "/usr/lib/jvm/java" name: "java_sdk" path: "/usr/lib/jvm/temurin-{{ java_major_version }}-jdk" @@ -30,6 +32,8 @@ - runtime_pkg - name: Install other base packages on Amazon Linux - yum: + ansible.builtin.yum: name: - dejavu-fonts-common # Required by the installer + vars: + ansible_python_interpreter: /usr/bin/python2 diff --git a/roles/product_common/tasks/main.yml b/roles/product_common/tasks/main.yml index 071ef0e..2e8e4d7 100644 --- a/roles/product_common/tasks/main.yml +++ b/roles/product_common/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: Perform distro-specific tasks - include_tasks: "{{ ansible_distribution|lower }}.yml" + ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}.yml" diff --git a/roles/product_common/tasks/ubuntu.yml b/roles/product_common/tasks/ubuntu.yml index 7a8a9b1..ab69770 100644 --- a/roles/product_common/tasks/ubuntu.yml +++ b/roles/product_common/tasks/ubuntu.yml @@ -4,29 +4,29 @@ block: - name: Install gnupg - apt: + ansible.builtin.apt: name: gnupg state: present - name: Add Adoptium debian repo public key - apt_key: + ansible.builtin.apt_key: url: https://packages.adoptium.net/artifactory/api/gpg/key/public state: present - name: Add Adoptium debian repository - apt_repository: + ansible.builtin.apt_repository: repo: "deb https://packages.adoptium.net/artifactory/deb {{ ansible_distribution_release }} main" state: present filename: adoptium - name: Install Eclipse Temurin JDK - apt: + ansible.builtin.apt: name: "temurin-{{ java_major_version }}-jdk" update_cache: yes state: present - name: Ensure common JDK symlink exists - alternatives: + community.general.alternatives: link: "/usr/lib/jvm/java" name: "java_sdk" path: "/usr/lib/jvm/temurin-{{ java_major_version }}-jdk-{{ debian_architecture }}" @@ -37,6 +37,6 @@ - runtime_pkg - name: Install other base packages on Ubuntu - package: + ansible.builtin.package: name: - fonts-dejavu-core # Required by installer diff --git a/roles/product_install/molecule/jira_all/converge.yml b/roles/product_install/molecule/jira_all/converge.yml index 7dd8f2d..7043280 100644 --- a/roles/product_install/molecule/jira_all/converge.yml +++ b/roles/product_install/molecule/jira_all/converge.yml @@ -16,11 +16,11 @@ atl_jdbc_template: 'template0' pre_tasks: - name: Create cache dir - file: + ansible.builtin.file: path: '/media/atl/jira/shared/' state: directory - name: Seed version - copy: + ansible.builtin.copy: dest: '/media/atl/jira/shared/jira-core.version' content: "8.14.0" force: false # For idempotency check diff --git a/roles/product_install/molecule/jira_cached_with_downgrade/converge.yml b/roles/product_install/molecule/jira_cached_with_downgrade/converge.yml index ed658e6..c9cf986 100644 --- a/roles/product_install/molecule/jira_cached_with_downgrade/converge.yml +++ b/roles/product_install/molecule/jira_cached_with_downgrade/converge.yml @@ -10,11 +10,11 @@ pre_tasks: - name: Create cache dir - file: + ansible.builtin.file: path: '/media/atl/jira/shared/' state: directory - name: Seed version - copy: + ansible.builtin.copy: dest: '/media/atl/jira/shared/jira-core.version' content: "7.10.2" force: false # For idempotency check diff --git a/roles/product_install/molecule/jira_cached_with_upgrade/converge.yml b/roles/product_install/molecule/jira_cached_with_upgrade/converge.yml index dcf29a6..f87088e 100644 --- a/roles/product_install/molecule/jira_cached_with_upgrade/converge.yml +++ b/roles/product_install/molecule/jira_cached_with_upgrade/converge.yml @@ -10,11 +10,11 @@ pre_tasks: - name: Create cache dir - file: + ansible.builtin.file: path: '/media/atl/jira/shared/' state: directory - name: Seed version - copy: + ansible.builtin.copy: dest: '/media/atl/jira/shared/jira-core.version' content: "7.9.0" force: false # For idempotency check diff --git a/roles/product_install/molecule/jira_version_from_file/converge.yml b/roles/product_install/molecule/jira_version_from_file/converge.yml index 271343f..0391262 100644 --- a/roles/product_install/molecule/jira_version_from_file/converge.yml +++ b/roles/product_install/molecule/jira_version_from_file/converge.yml @@ -10,11 +10,11 @@ pre_tasks: - name: Create cache dir - file: + ansible.builtin.file: path: '/media/atl/jira/shared/' state: directory - name: Seed version - copy: + ansible.builtin.copy: dest: '/media/atl/jira/shared/jira-core.version' content: "7.9.0" force: false # For idempotency check diff --git a/roles/product_install/tasks/jira-core_version_latest.yml b/roles/product_install/tasks/jira-core_version_latest.yml index 0112206..9c423a8 100644 --- a/roles/product_install/tasks/jira-core_version_latest.yml +++ b/roles/product_install/tasks/jira-core_version_latest.yml @@ -1,9 +1,9 @@ --- - name: Fetch the latest version from URL - set_fact: + ansible.builtin.set_fact: atl_product_version_json: "{{ lookup('url', 'https://marketplace.atlassian.com/rest/2/products/key/jira-software/versions') }}" - name: Set the local var to retrieved version - set_fact: + ansible.builtin.set_fact: atl_latest_version: "{{ atl_product_version_json._embedded.versions[0].name }}" \ No newline at end of file diff --git a/roles/product_install/tasks/jira-servicedesk_as_obr.yml b/roles/product_install/tasks/jira-servicedesk_as_obr.yml index 73e7c3b..43d1a85 100644 --- a/roles/product_install/tasks/jira-servicedesk_as_obr.yml +++ b/roles/product_install/tasks/jira-servicedesk_as_obr.yml @@ -1,7 +1,7 @@ --- - name: Check for alternate obr download url - set_fact: + ansible.builtin.set_fact: atl_source_obr_from_marketplace: false when: - atl_obr_download_url is defined @@ -10,40 +10,40 @@ block: - name: Marketplace OBR - Get the installer product version info - uri: + ansible.builtin.uri: url: "{{ atl_mpac_products }}/key/jira/versions/name/{{ atl_product_version }}" return_content: yes register: atl_product_version_info - name: Marketplace OBR - Show the returned build number - debug: + ansible.builtin.debug: msg="buildNumber={{ atl_product_version_info.json.buildNumber }}" - name: Marketplace OBR - Get the JSD build version info - uri: + ansible.builtin.uri: url: "{{ atl_mpac_products }}/key/jira-servicedesk/versions/latest?application=\ jira&applicationBuild={{ atl_product_version_info.json.buildNumber }}" return_content: yes register: atl_jsd_build_info - name: Marketplace OBR - Show the returned obr binary href - debug: + ansible.builtin.debug: msg="obr_ref={{ atl_jsd_build_info.json._embedded.artifact._links.binary.href }}" - name: Marketplace OBR - Set atl_obr_download_url - set_fact: + ansible.builtin.set_fact: atl_obr_download_url: "{{ atl_jsd_build_info.json._embedded.artifact._links.binary.href }}" - name: Marketplace OBR - Set atl_jsd_build - set_fact: + ansible.builtin.set_fact: atl_jsd_build: "{{ atl_jsd_build_info.json.name }}" - name: Marketplace OBR - Show the obr filename - debug: + ansible.builtin.debug: msg="obr_name=jira-servicedesk-application-{{ atl_jsd_build }}.obr" - name: Marketplace OBR - Set the obr filename - set_fact: + ansible.builtin.set_fact: atl_obr_filename: "jira-servicedesk-application-{{ atl_jsd_build }}.obr" when: @@ -56,18 +56,18 @@ block: - name: Alternate URL OBR - Show the obr filename - debug: + ansible.builtin.debug: msg="obr_name=jira-servicedesk-application-{{ atl_jsd_build }}.obr" - name: Alternate OBR - Set the obr filename - set_fact: + ansible.builtin.set_fact: atl_obr_filename: "jira-servicedesk-application-{{ atl_jsd_build }}.obr" when: - not atl_source_obr_from_marketplace | bool - name: is shared_home set ? - debug: + ansible.builtin.debug: msg="atl_product_home_shared_download_dir={{ atl_product_home_shared_download_dir }}" # For the first run a temp obr should be downloaded but moved to @@ -77,7 +77,7 @@ # a directory is used as a lockfile (atomic operation) when moving obr. - name: Set assumptions to avoid race condition - set_fact: + ansible.builtin.set_fact: download_obr: true move_obr: false atl_obr_download: "{{ atl_installer_temp }}/{{ atl_obr_filename }}" @@ -87,22 +87,22 @@ # Check for pre-downloaded obr on shared_home and completed lock dir. - name: Check for completed lock directory - stat: + ansible.builtin.stat: path: "{{ atl_obr_completed_lock }}" register: completed_lock - name: Check for obr in home_shared - stat: + ansible.builtin.stat: path: "{{ atl_obr_shared_download }}" register: home_shared_download - name: debug home_shared_download - debug: + ansible.builtin.debug: var: home_shared_download # If obr exists and lockdir exists use this obr instead - name: Check lock directory and obr exists on shared_home - set_fact: + ansible.builtin.set_fact: download_obr: false atl_obr_download: "{{ atl_obr_shared_download }}" when: @@ -114,14 +114,14 @@ # Fetch obr if required - note we validate it by mimetype rather than checksum due to https://ecosystem.atlassian.net/browse/AMKT-25526 - name: download_obr is true so fetch and do all the things block: - - debug: + - ansible.builtin.debug: var: atl_obr_download_url - - debug: + - ansible.builtin.debug: var: atl_obr_download # Fetch obr and copy to temp - name: Fetch obr - get_url: + ansible.builtin.get_url: url: "{{ atl_obr_download_url }}" dest: "{{ atl_obr_download }}" mode: 0755 @@ -130,12 +130,12 @@ register: atl_obr_completed - name: Confirm the output from the download task - debug: + ansible.builtin.debug: var: atl_obr_completed # get details about the obr - name: Stat the new obr file - stat: + ansible.builtin.stat: path: "{{ atl_obr_completed.dest }}" get_mime: yes register: atl_obr_stats @@ -143,14 +143,14 @@ - atl_obr_completed.dest is defined - name: fail if the downloaded OBR is not a zip file - fail: + ansible.builtin.fail: msg: "The downloaded OBR was not detected as being a valid ZIP file: {{ atl_obr_stats }}" when: - (atl_obr_stats.stat.mimetype is not defined) or (atl_obr_stats.stat.mimetype is not match("application/zip")) # If obr was fetched make the lock directory - name: Create moving_lock. - file: + ansible.builtin.file: path: "{{ atl_obr_moving_lock }}" state: directory when: @@ -160,7 +160,7 @@ # Directory lock was created by this run? # If so, then set a fact intending to move obr - name: Move obr Scenario - lock created by this run - set_fact: + ansible.builtin.set_fact: move_obr: true when: - moving_lock_created is succeeded @@ -175,21 +175,21 @@ block: - name: Copy temp installer to home_shared - copy: + ansible.builtin.copy: src: "{{ atl_obr_download }}" dest: "{{ atl_obr_shared_download }}" remote_src: true register: copied - name: Create completed_lock once obr downloaded and copied - file: + ansible.builtin.file: path: "{{ atl_obr_completed_lock }}" state: directory when: copied is succeeded register: completed_lock_created - name: Remove moving_lock to show that obr is completed - file: + ansible.builtin.file: path: "{{ atl_obr_moving_lock }}" state: absent when: @@ -198,14 +198,14 @@ register: moving_lock_removed - name: Delete old temp installer - file: + ansible.builtin.file: path: "{{ atl_obr_download }}" state: absent when: moving_lock_removed is succeeded register: temp_deleted - name: Set install to home_shared location - set_fact: + ansible.builtin.set_fact: atl_obr_download: "{{ atl_obr_shared_download }}" when: temp_deleted is succeeded @@ -215,7 +215,7 @@ # (which is either on home_shared or temp) - name: Ensure instaled-plugins dir exists - file: + ansible.builtin.file: path: "{{ atl_product_home_shared }}/plugins/installed-plugins" state: directory mode: 0750 @@ -224,7 +224,7 @@ # Note as ansible unarchive cant handle "-j junk paths" we need to ignore errors to bypass the path verify - name: Unpack the obr into the atlassian-bundled-plugins dir - unarchive: + ansible.builtin.unarchive: remote_src: yes src: "{{ atl_obr_download }}" dest: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins" @@ -239,14 +239,14 @@ register: obr_unpack - name: Move JSD dependency jars into the bundled-plugins dir # noqa 503 - ignore lint info about when changed - copy: + ansible.builtin.copy: remote_src: yes src: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/dependencies/" dest: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/" when: obr_unpack.changed - name: Remove the empty dependencies folder # noqa 503 - ignore lint info about when changed - file: + ansible.builtin.file: path: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/dependencies" state: absent when: obr_unpack.changed \ No newline at end of file diff --git a/roles/product_install/tasks/jira-servicedesk_extra_tasks.yml b/roles/product_install/tasks/jira-servicedesk_extra_tasks.yml index 0dd37cc..8b85a8f 100644 --- a/roles/product_install/tasks/jira-servicedesk_extra_tasks.yml +++ b/roles/product_install/tasks/jira-servicedesk_extra_tasks.yml @@ -1,5 +1,5 @@ --- - name: Set the download edition for ServiceDesk - set_fact: + ansible.builtin.set_fact: atl_download_edition: "servicedesk" diff --git a/roles/product_install/tasks/jira-servicedesk_version_latest.yml b/roles/product_install/tasks/jira-servicedesk_version_latest.yml index 8911ae8..07c9bbd 100644 --- a/roles/product_install/tasks/jira-servicedesk_version_latest.yml +++ b/roles/product_install/tasks/jira-servicedesk_version_latest.yml @@ -1,9 +1,9 @@ --- - name: Fetch the latest version from URL - set_fact: + ansible.builtin.set_fact: atl_product_version_json: "{{ lookup('url', 'https://marketplace.atlassian.com/rest/2/products/key/jira-servicedesk/versions') }}" - name: Set the local var to retrieved version - set_fact: + ansible.builtin.set_fact: atl_latest_version: "{{ atl_product_version_json._embedded.versions[0].name }}" \ No newline at end of file diff --git a/roles/product_install/tasks/jira-software_version_latest.yml b/roles/product_install/tasks/jira-software_version_latest.yml index 0112206..9c423a8 100644 --- a/roles/product_install/tasks/jira-software_version_latest.yml +++ b/roles/product_install/tasks/jira-software_version_latest.yml @@ -1,9 +1,9 @@ --- - name: Fetch the latest version from URL - set_fact: + ansible.builtin.set_fact: atl_product_version_json: "{{ lookup('url', 'https://marketplace.atlassian.com/rest/2/products/key/jira-software/versions') }}" - name: Set the local var to retrieved version - set_fact: + ansible.builtin.set_fact: atl_latest_version: "{{ atl_product_version_json._embedded.versions[0].name }}" \ No newline at end of file diff --git a/roles/product_install/tasks/main.yml b/roles/product_install/tasks/main.yml index 73c7e7b..9a9521c 100644 --- a/roles/product_install/tasks/main.yml +++ b/roles/product_install/tasks/main.yml @@ -2,7 +2,7 @@ - name: Check for existing version cache file - stat: + ansible.builtin.stat: path: "{{ atl_product_version_cache }}" register: cached @@ -11,19 +11,19 @@ block: - name: Read cached version from file - command: "cat {{ atl_product_version_cache }}" + ansible.builtin.command: "cat {{ atl_product_version_cache }}" register: atl_product_version_file changed_when: false - name: Set the local var to cached version - set_fact: + ansible.builtin.set_fact: atl_cached_version: "{{ atl_product_version_file.stdout }}" when: cached.stat.exists - name: Determine if requested version is 'latest' - set_fact: + ansible.builtin.set_fact: version_is_latest: "{{ atl_product_version is undefined or not atl_product_version or atl_product_version == 'latest' }}" @@ -33,7 +33,7 @@ block: - name: Fetch the latest edition version - include_tasks: "{{ atl_product_edition }}_version_latest.yml" + ansible.builtin.include_tasks: "{{ atl_product_edition }}_version_latest.yml" when: not cached.stat.exists and version_is_latest @@ -63,12 +63,12 @@ block: - name: "Case: Cached version exists, has precedence over 'latest'" - set_fact: + ansible.builtin.set_fact: atl_download_version: "{{ atl_cached_version }}" when: cached.stat.exists - name: "Case: No cached version, use latest" - set_fact: + ansible.builtin.set_fact: atl_download_version: "{{ atl_latest_version }}" when: not cached.stat.exists @@ -77,24 +77,24 @@ - name: "Case: Version is not latest" block: - name: "create atlassian z versioning for comparison" - set_fact: + ansible.builtin.set_fact: atl_z_product_version: "{{ atl_product_version ~ '-z' }}" atl_z_cached_version: "{{ atl_cached_version ~ '-z' }}" - name: "create atlassian ordered versioning for comparison" - set_fact: + ansible.builtin.set_fact: atl_product_normalised_version: "{{ atl_z_product_version | replace('-m', '-am') }}" atl_cached_normalised_version: "{{ atl_z_cached_version | replace('-m', '-am') }}" - name: "Case: No cached version, or supplied is higher; use supplied" - set_fact: + ansible.builtin.set_fact: atl_download_version: "{{ atl_product_version }}" when: force_version_update | bool or not cached.stat.exists or atl_product_normalised_version is version(atl_cached_normalised_version, '>') - name: "Case: Cached version is higher or forced, ignore supplied" - set_fact: + ansible.builtin.set_fact: atl_download_version: "{{ atl_cached_version }}" when: cached.stat.exists and atl_product_normalised_version is version(atl_cached_normalised_version, '<=') and @@ -104,23 +104,22 @@ - name: "Fallthrough guard: Use cached or supplied version if nothing set" - set_fact: + ansible.builtin.set_fact: atl_download_version: "{{ atl_cached_version or atl_product_version }}" when: atl_download_version is not defined or atl_download_version|length == 0 - name: Override the supplied version with the calculated one - set_fact: + ansible.builtin.set_fact: atl_product_version: "{{ atl_download_version }}" ###################################################################### - name: Perform any additional per-edition version setup - include_tasks: "{{ atl_product_edition }}_extra_tasks.yml" - + ansible.builtin.include_tasks: "{{ atl_product_edition }}_extra_tasks.yml" - name: Create installation directories - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: 0750 @@ -136,7 +135,7 @@ # At this point atl_product_version should be set, cache if necessary. - name: Write override cached version when specified - template: + ansible.builtin.template: src: version.j2 dest: "{{ atl_product_version_cache }}" force: true @@ -148,25 +147,25 @@ # a directory is used as a lockfile (atomic operation) when moving binary. - name: Set assumptions to avoid race condition - set_fact: + ansible.builtin.set_fact: download_binary: true move_binary: false atl_product_download: "{{ atl_product_temp_download }}" # Check for pre-downloaded binary on shared_home and completed lock dir. - name: Check for completed lock directory - stat: + ansible.builtin.stat: path: "{{ atl_product_home_shared_completed_lock }}" register: completed_lock - name: Check for product installer in home_shared - stat: + ansible.builtin.stat: path: "{{ atl_product_home_shared_download }}" register: home_shared_download # If binary exists and lockdir exists use this binary instead - name: Check lock directory and binary exists on shared_home - set_fact: + ansible.builtin.set_fact: download_binary: false atl_product_download: "{{ atl_product_home_shared_download }}" when: @@ -180,7 +179,7 @@ # Fetch binary and copy to temp - name: Fetch binary - get_url: + ansible.builtin.get_url: url: "{{ atl_product_download_url }}" dest: "{{ atl_product_temp_download }}" mode: 0755 @@ -189,7 +188,7 @@ # If product installer was fetched make the lock directory - name: Create moving_lock. - file: + ansible.builtin.file: path: "{{ atl_product_home_shared_moving_lock }}" state: directory when: @@ -199,7 +198,7 @@ # Directory lock was created by this run? # If so, then set a fact intending to move binary - name: Move binary Scenario - lock created by this run - set_fact: + ansible.builtin.set_fact: move_binary: true when: - moving_lock_created is succeeded @@ -214,7 +213,7 @@ block: - name: Copy temp installer to home_shared - copy: + ansible.builtin.copy: src: "{{ atl_product_temp_download }}" dest: "{{ atl_product_home_shared_download }}" remote_src: true @@ -224,14 +223,14 @@ register: copied - name: Create completed_lock once product installer downloaded and copied - file: + ansible.builtin.file: path: "{{ atl_product_home_shared_completed_lock }}" state: directory when: copied is succeeded register: completed_lock_created - name: Remove moving_lock to show that binary is completed - file: + ansible.builtin.file: path: "{{ atl_product_home_shared_moving_lock }}" state: absent when: @@ -240,14 +239,14 @@ register: moving_lock_removed - name: Delete old temp installer - file: + ansible.builtin.file: path: "{{ atl_product_temp_download }}" state: absent when: moving_lock_removed is succeeded register: temp_deleted - name: Set install to home_shared location - set_fact: + ansible.builtin.set_fact: atl_product_download: "{{ atl_product_home_shared_download }}" when: temp_deleted is succeeded @@ -256,17 +255,17 @@ # At this point the binary is in {{ atl_product_download }} # (which is either on home_shared or temp) - name: Unpack the downloaded application depending on format - include_tasks: "unpack_{{ atl_download_format }}.yml" + ansible.builtin.include_tasks: "unpack_{{ atl_download_format }}.yml" - name: Symlink the installed version to current - file: + ansible.builtin.file: src: "{{ atl_product_installation_versioned }}" dest: "{{ atl_product_installation_current }}" state: link force: true - name: "Ensure catalina.out log dir exists after product is installed (except bitbucket)" - file: + ansible.builtin.file: path: "{{ atl_product_installation_current }}/logs" state: directory mode: 0750 @@ -276,5 +275,5 @@ changed_when: false # For Molecule idempotence check - name: Include if jsd is requested to be installed from OBR - include_tasks: "jira-servicedesk_as_obr.yml" + ansible.builtin.include_tasks: "jira-servicedesk_as_obr.yml" when: atl_install_jsd_as_obr diff --git a/roles/product_install/tasks/product_version_latest.yml b/roles/product_install/tasks/product_version_latest.yml index 604e816..03ac7cf 100644 --- a/roles/product_install/tasks/product_version_latest.yml +++ b/roles/product_install/tasks/product_version_latest.yml @@ -5,9 +5,9 @@ # product that supports the standard marketplace API. - name: Fetch the latest version from URL - set_fact: + ansible.builtin.set_fact: atl_product_version_json: "{{ lookup('url', '{{ atl_product_latest_version_url }}') }}" - name: Set the local var to retrieved version - set_fact: + ansible.builtin.set_fact: atl_latest_version: "{{ atl_product_version_json._embedded.versions[0].name }}" diff --git a/roles/product_install/tasks/unpack_installer.yml b/roles/product_install/tasks/unpack_installer.yml index f340463..5ecca1e 100644 --- a/roles/product_install/tasks/unpack_installer.yml +++ b/roles/product_install/tasks/unpack_installer.yml @@ -1,7 +1,7 @@ --- - name: Create installer varfile - template: + ansible.builtin.template: src: "{{ atl_product_family }}.varfile.j2" dest: "{{ atl_product_varfile }}" mode: 0755 @@ -13,7 +13,7 @@ # The variable {{ atl_product_download }} will be on temp for first nodes and shared_home for # subsequent nodes. - name: Run the installer - command: /bin/sh "{{ atl_product_download }}" -q -varfile "{{ atl_product_varfile }}" + ansible.builtin.command: /bin/sh "{{ atl_product_download }}" -q -varfile "{{ atl_product_varfile }}" args: creates: "{{ atl_product_installation_versioned }}/.install4j/" become: true diff --git a/roles/product_install/tasks/unpack_tarball.yml b/roles/product_install/tasks/unpack_tarball.yml index 196928f..2c5d46d 100644 --- a/roles/product_install/tasks/unpack_tarball.yml +++ b/roles/product_install/tasks/unpack_tarball.yml @@ -1,7 +1,7 @@ --- - name: Unpack the product packages - unarchive: + ansible.builtin.unarchive: remote_src: true src: "{{ atl_product_download }}" dest: "{{ atl_product_installation_versioned }}" diff --git a/roles/product_startup/handlers/main.yml b/roles/product_startup/handlers/main.yml index 57275c9..d0864a8 100644 --- a/roles/product_startup/handlers/main.yml +++ b/roles/product_startup/handlers/main.yml @@ -1,7 +1,7 @@ --- - name: Restart Product - service: + ansible.builtin.service: name: "{{ atl_systemd_service_name }}" state: restarted when: @@ -10,7 +10,7 @@ no_log: true - name: Enable Product - service: + ansible.builtin.service: name: "{{ atl_systemd_service_name }}" enabled: true when: diff --git a/roles/product_startup/molecule/bitbucket/converge.yml b/roles/product_startup/molecule/bitbucket/converge.yml index b0b462a..7209cc0 100644 --- a/roles/product_startup/molecule/bitbucket/converge.yml +++ b/roles/product_startup/molecule/bitbucket/converge.yml @@ -27,7 +27,7 @@ pre_tasks: - name: Create systemd dir if necessary - file: + ansible.builtin.file: path: "{{ item }}" state: directory with_items: diff --git a/roles/product_startup/molecule/default/converge.yml b/roles/product_startup/molecule/default/converge.yml index 9a232fc..8b5d53f 100644 --- a/roles/product_startup/molecule/default/converge.yml +++ b/roles/product_startup/molecule/default/converge.yml @@ -10,7 +10,7 @@ pre_tasks: - name: Create systemd dir if necessary - file: + ansible.builtin.file: path: "{{ item }}" state: directory with_items: @@ -21,17 +21,17 @@ - role: product_startup post_tasks: - - include_vars: ../../defaults/main.yml + - ansible.builtin.include_vars: ../../defaults/main.yml # workaround Molecule idempotence check # normal pattern of setting changed_when allows file to be written twice, which takes extra time - name: Check if vars have already been dumped - stat: + ansible.builtin.stat: path: "{{ ansible_vars_dump_location }}" register: ansible_vars_stat_result - name: Dump vars to file for inspection - copy: + ansible.builtin.copy: content: | {{ vars | to_nice_yaml }} dest: "{{ ansible_vars_dump_location }}" diff --git a/roles/product_startup/molecule/startup_restart_false/converge.yml b/roles/product_startup/molecule/startup_restart_false/converge.yml index 1943cb3..70f7941 100644 --- a/roles/product_startup/molecule/startup_restart_false/converge.yml +++ b/roles/product_startup/molecule/startup_restart_false/converge.yml @@ -10,17 +10,17 @@ ansible_vars_dump_location: "/tmp/ansible-vars.yml" tasks: - - include_vars: ../../defaults/main.yml + - ansible.builtin.include_vars: ../../defaults/main.yml # workaround Molecule idempotence check # normal pattern of setting changed_when allows file to be written twice, which takes extra time - name: Check if vars have already been dumped - stat: + ansible.builtin.stat: path: "{{ ansible_vars_dump_location }}" register: ansible_vars_stat_result - name: Dump vars to file for inspection - copy: + ansible.builtin.copy: content: | {{ vars | to_nice_yaml }} dest: "{{ ansible_vars_dump_location }}" diff --git a/roles/product_startup/molecule/synchrony/converge.yml b/roles/product_startup/molecule/synchrony/converge.yml index b4fa14b..1418f0e 100644 --- a/roles/product_startup/molecule/synchrony/converge.yml +++ b/roles/product_startup/molecule/synchrony/converge.yml @@ -19,7 +19,7 @@ pre_tasks: - name: Create systemd dir if necessary - file: + ansible.builtin.file: path: "{{ item }}" state: directory with_items: diff --git a/roles/product_startup/tasks/main.yml b/roles/product_startup/tasks/main.yml index 99a40e4..e5120ab 100644 --- a/roles/product_startup/tasks/main.yml +++ b/roles/product_startup/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: "Install systemd service file" - template: + ansible.builtin.template: src: "product.service.j2" dest: "{{ atl_systemd_service_dir }}/{{ atl_systemd_service_name }}" owner: root diff --git a/roles/synchrony_config/tasks/main.yml b/roles/synchrony_config/tasks/main.yml index f3cf3f2..e9b8db0 100644 --- a/roles/synchrony_config/tasks/main.yml +++ b/roles/synchrony_config/tasks/main.yml @@ -1,14 +1,14 @@ --- - name: Install the startup wrapper script - copy: + ansible.builtin.copy: src: start-synchrony dest: "{{ atl_product_installation_current }}/bin/start-synchrony" group: "{{ atl_product_user }}" mode: "0750" - name: Install the Synchrony environment settings - template: + ansible.builtin.template: src: "atl.synchrony.j2" dest: "/etc/atl.synchrony" group: "{{ atl_product_user }}"