From 2f84df46ca63942792e0db3b87a48208cd6e7b34 Mon Sep 17 00:00:00 2001 From: Jonathan Rosser Date: Sat, 3 Mar 2018 19:14:28 +0000 Subject: [PATCH] Unify extra package download with other OSA roles Convert the extra package download tasks to use the same pattern as other roles, including validating the checksum of the download. Change-Id: I72891a3321eda65ef802bcbc5073251fc2fb9a03 --- defaults/main.yml | 9 +++++++++ tasks/haproxy_install.yml | 30 ++++++++++++++++-------------- 2 files changed, 25 insertions(+), 14 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 55ee346..abcc2b9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -68,7 +68,16 @@ haproxy_ssl_self_signed_subject: "/C=US/ST=Texas/L=San Antonio/O=IT/CN={{ extern haproxy_ssl_cipher_suite: "{{ ssl_cipher_suite | default('ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS') }}" haproxy_ssl_bind_options: "no-sslv3" +# hatop extra package URL and checksum haproxy_hatop_download_url: "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/hatop/hatop-0.7.7.tar.gz" +haproxy_hatop_download_checksum: "sha256:0b9fc1b84ce4e469a069e3a3c7c1b5eea10e6bb24bc66bd32af453acd54636ab" + +# Where the extra package download is executed from. +# Options are ['deployment-host', 'target-host'] +haproxy_hatop_downloader: "deployment-host" + +# The location where the extra packages are downloaded to +haproxy_hatop_download_path: "/opt/cache/files" ## haproxy default # Set the number of retries to perform on a server after a connection failure diff --git a/tasks/haproxy_install.yml b/tasks/haproxy_install.yml index 8ab91f5..0e61539 100644 --- a/tasks/haproxy_install.yml +++ b/tasks/haproxy_install.yml @@ -24,25 +24,27 @@ retries: 5 delay: 2 -- name: Download HATop - local_action: - module: get_url - url: "{{ haproxy_hatop_download_url }}" - dest: "/tmp/{{ haproxy_hatop_download_url | basename }}" - force: yes - validate_certs: "{{ haproxy_hatop_download_validate_certs }}" - run_once: True - vars: - ansible_python_interpreter: "/usr/bin/python" - -- name: Create HATop directory +- name: Ensure haproxy_hatop_download_path exists file: - path: "/opt/{{ haproxy_hatop_download_url | basename | replace('.tar.gz', '') }}" + path: "{{ haproxy_hatop_download_path }}" state: directory + delegate_to: "{{ (haproxy_hatop_downloader == 'deployment-host') | ternary('localhost', omit) }}" + +- name: Download extra package + get_url: + url: "{{ haproxy_hatop_download_url }}" + dest: "{{ haproxy_hatop_download_path }}" + validate_certs: "{{ haproxy_hatop_download_validate_certs }}" + register: fetch_url + until: fetch_url | success + retries: 3 + delay: 10 + delegate_to: "{{ (haproxy_hatop_downloader == 'deployment-host') | ternary('localhost', omit) }}" - name: Unarchive HATop unarchive: - src: "/tmp/{{ haproxy_hatop_download_url | basename }}" + src: "{{ haproxy_hatop_download_path }}/{{ haproxy_hatop_download_url | basename }}" + remote_src: "{{ (haproxy_hatop_downloader == 'deployment-host') | ternary('no', 'yes') }}" dest: "/opt" - name: Install HATop