From 00a105f722c27d717511bad903168e0540ce9d4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ph=E1=BA=A1m=20Xu=C3=A2n=20Hinh?= Date: Thu, 25 Jul 2024 18:10:10 +0700 Subject: [PATCH] feat: Update playbook for new supported OS: SUSE, openSUSE --- README.md | 14 +++ .../inventories/production/group_vars/all.yml | 42 +++++---- .../roles/bamboofw_agent/tasks/main.yaml | 89 ++++++++++++------- 3 files changed, 97 insertions(+), 48 deletions(-) diff --git a/README.md b/README.md index 3d69138..88b6925 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,20 @@ informed of the latest Bamboo Firewall updates: RHEL 9 Verified + + SUSE + SLES 15 + Verified + + + SLED 15 + Verified + + + openSUSE + openSUSE Leap 15 + Verified + Debian Debian 8 diff --git a/demo/playbook/inventories/production/group_vars/all.yml b/demo/playbook/inventories/production/group_vars/all.yml index 9d2cfe0..6111ae2 100644 --- a/demo/playbook/inventories/production/group_vars/all.yml +++ b/demo/playbook/inventories/production/group_vars/all.yml @@ -7,22 +7,32 @@ docker_compose_ver: "v2.20.2" # OS compatibility check #---------------- OS_DISTRIBUTION_VALID: -- "Ubuntu" -- "CentOS" -- "RedHat" -UBUNTU_DISTRIBUTION_VALID: -- "20" -- "22" -- "24" - -CENTOS_DISTRIBUTION_VALID: -- "7" -- "8" -- "9" -REDHAT_DISTRIBUTION_VALID: -- "7" -- "8" -- "9" + - name: "Ubuntu" + versions: + - 20 + - 22 + - 24 + - name: "CentOS" + versions: + - 7 + - 8 + - 9 + - name: "RedHat" + versions: + - 7 + - 8 + - 9 + - name: "SUSE" + variants: + - "SLED" + - "SLES" + versions: + - 15 + - name: "openSUSE" + variants: + - "openSUSE Leap" + versions: + - 15 #---------------- # Image version diff --git a/demo/playbook/roles/bamboofw_agent/tasks/main.yaml b/demo/playbook/roles/bamboofw_agent/tasks/main.yaml index cf2d411..cc22532 100644 --- a/demo/playbook/roles/bamboofw_agent/tasks/main.yaml +++ b/demo/playbook/roles/bamboofw_agent/tasks/main.yaml @@ -1,29 +1,43 @@ --- -- name: Debug playbook - debug: - msg: "Perform checking to ensure OS is supported by playbook" - - name: OS checking and playbook decision block: - - name: Check if OS is matching with these below - ansible.builtin.assert: - that: - - ansible_facts['distribution'] in OS_DISTRIBUTION_VALID - fail_msg: "This playbook requiures the OS to be one of the following {{ OS_DISTRIBUTION_VALID }}" - success_msg: "The opearting system {{ ansible_facts['distribution'] }} is allowed" - - - name: Gather facts from remote machine + - name: Define OS set_fact: + os_names: "{{ OS_DISTRIBUTION_VALID | map(attribute='name') | list }}" + os_variants: "{{ OS_DISTRIBUTION_VALID | selectattr('variants', 'defined') | map(attribute='variants') | flatten | list }}" + find_distribution: >- + {{ + (OS_DISTRIBUTION_VALID | selectattr('name', 'equalto', ansible_facts['distribution']) | list) + + (OS_DISTRIBUTION_VALID | selectattr('variants', 'defined') | selectattr('variants', 'contains', ansible_facts['distribution']) | list) + }} os_major_version: "{{ ansible_facts['distribution_version'].split('.')[0] }}" - - name: End playbook if OS is not supported - meta: end_play - when: ansible_facts['distribution'] not in OS_DISTRIBUTION_VALID - ignore_errors: yes - -- name: Include some preparation tasks if distribution is not ubuntu - import_tasks: roles/bamboofw_agent/tasks/pre-tasks.yml - when: ansible_facts['distribution'] != 'Ubuntu' + - name: Check if OS is supported + set_fact: + os_supported: >- + {% if find_distribution | length > 0 %} + {% set os_info = find_distribution[0] %} + {% if os_info.versions is not defined or os_major_version | float in os_info.versions %} + 1 + {% else %} + 0 + {% endif %} + {% else %} + -1 + {% endif %} + + - name: Assert OS is supported + assert: + that: os_supported|int== 1 + fail_msg: >- + {% if os_supported|int == 0 %} + The current version {{ ansible_facts['distribution_version'] }} is not supported for {{ ansible_facts['distribution'] }}. + Supported versions for {{ ansible_facts['distribution'] }} are: {{ find_distribution[0].versions }}. + {% else %} + Current operating system {{ ansible_facts['distribution'] }} is not supported. + This playbook requires the OS to be one of the following {{ os_names + os_variants }}. + {% endif %} + success_msg: "The operating system {{ ansible_facts['distribution'] }} version {{ ansible_facts['distribution_version'] }} is allowed." - name: Default execution for all supported distribution block: @@ -39,9 +53,10 @@ create: true tags: update_hostname - - name: Set hosts name - hostname: - name: "{{ name }}" + - name: Set hostname + shell: hostnamectl set-hostname '{{ name }}' + args: + warn: false - name: Build hosts file for etcd lineinfile: @@ -101,13 +116,24 @@ - { file_var: "{{ cert }}", file_name: etcd.pem } - { file_var: "{{ key }}", file_name: etcd-key.pem } - - name: "Create a calico service" - template: - src: templates/calico.service.j2 - dest: /lib/systemd/system/calico-felix.service - owner: root - group: root - mode: 0644 + - name: "Ensure systemd directory exists and create a calico service" + block: + - name: Check if systemd directory exists + stat: + path: /lib/systemd/system + register: systemd_dir + + - name: Ensure systemd directory is present + command: mkdir -p /lib/systemd/system + when: not systemd_dir.stat.exists + + - name: Create a calico service + template: + src: templates/calico.service.j2 + dest: /lib/systemd/system/calico-felix.service + owner: root + group: root + mode: 0644 - name: "Set external lib if OS is too old" shell: sudo patchelf --set-interpreter /usr/local/glibc-2.22/lib/ld-linux-x86-64.so.2 --set-rpath /usr/local/glibc-2.22/lib:/usr/lib64 /usr/local/bin/calico-felix-amd64 @@ -120,5 +146,4 @@ name: calico-felix state: restarted daemon_reload: true - enabled: true - + enabled: true \ No newline at end of file