diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2e85730..c85e047 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,9 +11,10 @@ on: jobs: ci: - uses: ansible-middleware/github-actions/.github/workflows/ci.yml@main + uses: ansible-middleware/github-actions/.github/workflows/ci.yml@rootperm secrets: inherit with: fqcn: 'middleware_automation/infinispan' + root_permission_varname: 'infinispan_install_requires_become' molecule_tests: >- [ "default" ] diff --git a/README.md b/README.md index 000c00f..fbfdb04 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # Ansible Collection - middleware_automation.infinispan -[![Build Status](https://github.com/ansible-middleware/infinispan/workflows/CI/badge.svg?branch=main)](https://github.com/ansible-middleware/infinispan/actions/workflows/ci.yml) +[![Build Status](https://github.com/ansible-middleware/infinispan/workflows/CI/badge.svg)](https://github.com/ansible-middleware/infinispan/actions/workflows/ci.yml) > **_NOTE:_ If you are Red Hat customer, install `redhat.data_grid` from [Automation Hub](https://console.redhat.com/ansible/automation-hub/repo/published/redhat/data_grid/) as the certified version of this collection.** diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 7a5ea10..1dff98e 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -21,7 +21,7 @@ - sudo_pkg_name in ansible_facts.packages - name: Install requirements for tests - become: yes + become: "{{ infinispan_install_requires_become | default(true) }}" ansible.builtin.yum: name: - iproute diff --git a/playbooks/infinispan.yml b/playbooks/infinispan.yml index 22aa05e..4376f3b 100644 --- a/playbooks/infinispan.yml +++ b/playbooks/infinispan.yml @@ -1,7 +1,7 @@ --- - name: Playbook for infinispan Hosts hosts: all - become: yes + become: "{{ infinispan_install_requires_become | default(true) }}" roles: - role: infinispan infinispan_supervisor_password: "remembertochangeme" diff --git a/roles/infinispan/tasks/fastpackages.yml b/roles/infinispan/tasks/fastpackages.yml index 887cf4e..2e464ed 100644 --- a/roles/infinispan/tasks/fastpackages.yml +++ b/roles/infinispan/tasks/fastpackages.yml @@ -11,7 +11,7 @@ map('regex_findall', 'package (.+) is not installed$') | default([]) | flatten }}" - name: "Install packages: {{ packages_to_install }}" - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" ansible.builtin.package: name: "{{ packages_to_install }}" state: present diff --git a/roles/infinispan/tasks/firewalld.yml b/roles/infinispan/tasks/firewalld.yml index 2eaf57e..e9620eb 100644 --- a/roles/infinispan/tasks/firewalld.yml +++ b/roles/infinispan/tasks/firewalld.yml @@ -6,14 +6,14 @@ - firewalld - name: Enable and start the firewalld service - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" ansible.builtin.systemd: name: firewalld enabled: true state: started - name: "Configure firewall for {{ infinispan.name }} ports" - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" ansible.posix.firewalld: port: "{{ item }}" permanent: true diff --git a/roles/infinispan/tasks/install.yml b/roles/infinispan/tasks/install.yml index 01fea07..fd76cec 100644 --- a/roles/infinispan/tasks/install.yml +++ b/roles/infinispan/tasks/install.yml @@ -4,14 +4,14 @@ name: "{{ infinispan.group.name }}" state: present gid: "{{ infinispan.group.id | default(omit) }}" - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Create user {{ infinispan.user.name }}" ansible.builtin.user: name: "{{ infinispan.user.name }}" state: present uid: "{{ infinispan.user.id | default(omit) }}" - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Create download directory" ansible.builtin.file: @@ -20,7 +20,7 @@ owner: "{{ infinispan.user.name }}" group: "{{ infinispan.group.name }}" mode: '0750' - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" ## check remote archive - name: Set download archive path @@ -31,7 +31,7 @@ ansible.builtin.stat: path: "{{ archive }}" register: archive_path - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: Check local download archive path ansible.builtin.stat: @@ -125,13 +125,13 @@ when: - local_archive_path.stat is defined - local_archive_path.stat.exists - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Check target directory: {{ infinispan.installation_path }}" ansible.builtin.stat: path: "{{ infinispan.installation_path }}/bin" register: path_to_workdir - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Create target directory {{ infinispan.installation_path | dirname }}" ansible.builtin.file: @@ -140,7 +140,7 @@ owner: "{{ infinispan.user.name }}" group: "{{ infinispan.group.name }}" mode: '0750' - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Extract {{ infinispan.name }} archive on target {{ infinispan.installation_path }}" ansible.builtin.unarchive: @@ -150,7 +150,7 @@ creates: "{{ infinispan.installation_path }}/bin" owner: "{{ infinispan.user.name }}" group: "{{ infinispan.group.name }}" - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" when: - new_version_downloaded.changed or not path_to_workdir.stat.exists notify: @@ -168,5 +168,5 @@ owner: "{{ infinispan.user.name }}" group: "{{ infinispan.group.name }}" recurse: true - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" changed_when: false diff --git a/roles/infinispan/tasks/jdg_user.yml b/roles/infinispan/tasks/jdg_user.yml index 94f7c4f..d02eca3 100644 --- a/roles/infinispan/tasks/jdg_user.yml +++ b/roles/infinispan/tasks/jdg_user.yml @@ -15,7 +15,7 @@ mode: '0644' notify: - restart infinispan - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Ensure {{ infinispan.config.groups }} exists" ansible.builtin.template: @@ -26,4 +26,4 @@ mode: '0644' notify: - restart infinispan - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" diff --git a/roles/infinispan/tasks/main.yml b/roles/infinispan/tasks/main.yml index d028ddf..b89a1ba 100644 --- a/roles/infinispan/tasks/main.yml +++ b/roles/infinispan/tasks/main.yml @@ -95,7 +95,7 @@ jdg_rpm_java_home: "{{ rpm_java_home }}" notify: - restart infinispan - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Get xsd schema versions" ansible.builtin.find: @@ -103,7 +103,7 @@ use_regex: true patterns: ['^.*-server-[0-9.]*[.]xsd$'] register: server_schema - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Set fetched schema version for template" ansible.builtin.set_fact: @@ -119,7 +119,7 @@ backup: true notify: - restart infinispan - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Ensure {{ infinispan.service.name }} log4j2 configuration is deployed" ansible.builtin.template: @@ -131,7 +131,7 @@ backup: true notify: - restart infinispan - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: Download database driver jar to target ansible.builtin.get_url: @@ -142,7 +142,7 @@ mode: '0644' when: - infinispan_jgroups_discovery == 'JDBC_PING' - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: Include users tasks ansible.builtin.include_tasks: jdg_user.yml @@ -166,4 +166,4 @@ src: "{{ infinispan.home }}server/log" dest: "/var/log/infinispan{{ '-' + infinispan_nodename if infinispan_nodename != inventory_hostname else '' }}" force: true - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" diff --git a/roles/infinispan/tasks/restart.yml b/roles/infinispan/tasks/restart.yml index 5463dd5..4941ebe 100644 --- a/roles/infinispan/tasks/restart.yml +++ b/roles/infinispan/tasks/restart.yml @@ -6,11 +6,11 @@ ansible.builtin.systemd: name: "{{ infinispan.service.unit_file }}" state: restarted - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Wait for used port to be open" ansible.builtin.wait_for: port: "{{ infinispan.port }}" delay: 0 when: - infinispan_healthcheck - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" diff --git a/roles/infinispan/tasks/start.yml b/roles/infinispan/tasks/start.yml index 0479d55..af88563 100644 --- a/roles/infinispan/tasks/start.yml +++ b/roles/infinispan/tasks/start.yml @@ -6,11 +6,11 @@ name: "{{ infinispan.service.unit_file }}" state: started enabled: true - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" - name: "Wait for used port to be open" ansible.builtin.wait_for: port: "{{ infinispan.port }}" delay: 0 when: - infinispan_healthcheck - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" diff --git a/roles/infinispan/tasks/systemd.yml b/roles/infinispan/tasks/systemd.yml index bc88bf1..0a12b94 100644 --- a/roles/infinispan/tasks/systemd.yml +++ b/roles/infinispan/tasks/systemd.yml @@ -5,7 +5,7 @@ owner: root group: root mode: '0644' - become: true + become: "{{ infinispan_install_requires_become | default(true) }}" register: ispn_daemon_reload notify: - restart infinispan @@ -16,4 +16,4 @@ when: - ispn_daemon_reload is defined - ispn_daemon_reload.changed - become: true + become: "{{ infinispan_install_requires_become | default(true) }}"