ansible/roles/mft/tasks/main.yml (177 lines of code) (raw):
- name: Create MFT deployment directory {{ mft_deployment_dir }}
become: yes
file: path={{ mft_deployment_dir }}
state=directory
mode=0755
owner={{ user }}
group={{ group }}
- name: Create MFT source directory
become: yes
file: path={{mft_source_dir}}
state=directory
mode=0755
owner={{ user }}
group={{ group }}
- name: open firewall ports for MFT grpc service api
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ mft_api_service_grpc_port }}" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"
- name: open firewall ports for MFT default agent
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ mft_default_agent_port }}" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"
- name: open firewall ports for MFT consul
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ mft_consul_port }}" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"
- name: open firewall ports for MFT grpc resource service
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ mft_resource_service_grpc_port }}" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"
- name: open firewall ports for MFT grpc secret service
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ mft_secret_service_grpc_port }}" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"
- name: git checkout from MFT github repo {{ mft_repo }} branch {{ mft_git_branch }}
git: repo="{{ mft_repo }}"
dest="{{ mft_source_dir }}"
version="{{ mft_git_branch }}"
register: checkout
tags: update
become: yes
become_user: "{{ user }}"
- name: Run MFT maven build
command: mvn clean install -Dmaven.test.skip=true chdir="{{ mft_source_dir }}/"
environment:
MAVEN_OPTS: "-Xmx2048m"
register: build
tags: update
become: yes
become_user: "{{ user }}"
- name: Stop mft controller
command: systemctl daemon-reload
notify: stop mft-controller
become: yes
- name: Stop mft resource service
command: systemctl daemon-reload
notify: stop mft-resource
become: yes
- name: Stop mft secret service
command: systemctl daemon-reload
notify: stop mft-secret
become: yes
- name: Stop mft api service
command: systemctl daemon-reload
notify: stop mft-api
become: yes
- name: Stop mft agent service
command: systemctl daemon-reload
notify: stop mft-agent
become: yes
- name: Delete lib directories of the distributions
file:
state: absent
path: "{{ mft_deployment_dir }}/{{ item }}"
with_items:
- "MFT-Controller-{{mft_distribution_version}}/lib"
- "MFT-Agent-{{mft_distribution_version}}/lib"
- "API-Service-{{mft_distribution_version}}/lib"
- "Resource-Service-{{mft_distribution_version}}/lib"
- "Secret-Service-{{mft_distribution_version}}/lib"
become: yes
become_user: "{{ user }}"
ignore_errors: yes
- name: Copy MFT distributions to MFT deployment directory
unarchive: "src={{ mft_source_dir }}/{{ item }}
dest={{ mft_deployment_dir }}/ copy=no"
with_items:
- "agent/target/MFT-Agent-{{mft_distribution_version}}-bin.zip"
- "api/service/target/API-Service-{{mft_distribution_version}}-bin.zip"
- "controller/target/MFT-Controller-{{mft_distribution_version}}-bin.zip"
- "services/resource-service/server/target/Resource-Service-{{mft_distribution_version}}-bin.zip"
- "services/secret-service/server/target/Secret-Service-{{mft_distribution_version}}-bin.zip"
become: yes
become_user: "{{ user }}"
- name: Copy MFT property files
template: "src={{ item.name }}
dest={{ mft_deployment_dir }}/{{ item.dir }}/conf/{{ item.target }}
owner={{ user }}
group={{ group }}
mode=\"u=rw,g=r,o=r\""
with_items:
- { name: agent/application.properties.j2,
dir: "MFT-Agent-{{mft_distribution_version}}",
target: application.properties}
- { name: api-service/application.properties.j2,
dir: "API-Service-{{mft_distribution_version}}",
target: application.properties}
- { name: resource-service/application.properties.j2,
dir: "Resource-Service-{{mft_distribution_version}}",
target: application.properties}
- { name: resource-service/applicationContext.xml.j2,
dir: "Resource-Service-{{mft_distribution_version}}",
target: applicationContext.xml}
- { name: secret-service/application.properties.j2,
dir: "Secret-Service-{{mft_distribution_version}}",
target: application.properties }
- { name: secret-service/applicationContext.xml.j2,
dir: "Secret-Service-{{mft_distribution_version}}",
target: applicationContext.xml }
- { name: secret-service/secrets.json.j2,
dir: "Secret-Service-{{mft_distribution_version}}",
target: secrets.json }
- { name: agent/application.properties.j2,
dir: "MFT-Controller-{{mft_distribution_version}}",
target: application.properties }
become: yes
become_user: "{{ user }}"
- name: Start mft controller
command: systemctl daemon-reload
notify: start mft-controller
become: yes
- name: Start mft resource service
command: systemctl daemon-reload
notify: start mft-resource
become: yes
- name: Start mft secret service
command: systemctl daemon-reload
notify: start mft-secret
become: yes
- name: Start mft api service
command: systemctl daemon-reload
notify: start mft-api
become: yes
- name: Start mft agent service
command: systemctl daemon-reload
notify: start mft-agent
become: yes