Updated to also include debian security and clients (12.04 - 16.04 LTS)

2016-05-09 18:46:47 +01:00 · 2016-05-09 18:46:47 +01:00 · 5202ad6029
parent de19339a7d
commit 5202ad6029
4 changed files with 60 additions and 11 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+*.retry
+.idea
--- a/roles/spacewalk-client/tasks/main.yml
+++ b/roles/spacewalk-client/tasks/main.yml
@ -12,7 +12,9 @@
  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"

 - name: Install all packages for client
-  yum: name={{item}} state=present
+  yum:
+    name: "{{item}}"
+    state: present
  with_items:
   - rhn-client-tools
   - rhn-check
@ -22,16 +24,25 @@
   - yum-rhn-plugin
  when: ansible_distribution == "CentOS"

+- name: Install package for Ubuntu
+  apt:
+    name: apt-transport-spacewalk
+    state: present
+  when: ansible_distribution == "Ubuntu"
+
 - name: Install Spacewalk CA certificate from server
  yum:
-    name: http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/pub/rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm
+    name: "http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/pub/rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm"
    state: present
  notify: register with spacewalk server
+  when: ansible_distribution == "CentOS"

 - name: register with spacewalk server
-  rhn_register:
-    state: present
-    server_url: "http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/XMLRPC"
-    activationkey: "1-centos-{{ansible_distribution_major_version}}-epel"
+  command: rhnreg_ks --serverUrl=http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/XMLRPC --activationkey=1-centos-{{ansible_distribution_major_version}}-epel
  when: ansible_distribution == "CentOS"
+  ignore_errors: true
+
+- name: register with spacewalk server
+  command: rhnreg_ks --serverUrl=http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/XMLRPC --activationkey=1-ubuntu-{{ansible_distribution_version.split('.')|join('')}}-security
+  when: ansible_distribution == "Ubuntu"
  ignore_errors: true
--- a/roles/spacewalk-customisations/defaults/main.yml
+++ b/roles/spacewalk-customisations/defaults/main.yml
@ -23,7 +23,17 @@ spacewalk_repo_info:
  - {name: 'CentOS_7', label: 'centos-7', repo: 'CentOS_7', repo_url: 'http://mirror.ox.ac.uk/sites/mirror.centos.org/7/os/x86_64/', arch: 'x86_64', checksum: 'sha256'}

 spacewalk_child_repo_info:
-  - {name: 'CentOS_7_epel', label: 'centos-7-epel', parent: 'centos-7', repo: 'CentOS_7_epel',  activationkey: '1-centos-7-epel', repo_url: 'http://anorien.csc.warwick.ac.uk/mirrors/epel/7/x86_64/', arch: 'x86_64', checksum: 'sha256'}
+  - {
+      name: 'CentOS_7_epel',
+      label: 'centos-7-epel',
+      parent: 'centos-7',
+      repo: 'CentOS_7_epel',
+      activationkey: '1-centos-7-epel',
+      repo_url: 'http://anorien.csc.warwick.ac.uk/mirrors/epel/7/x86_64/',
+      arch: 'x86_64',
+      checksum:
+      'sha256'
+    }
  - {name: 'CentOS_6_epel', label: 'centos-6-epel', parent: 'centos-6', repo: 'CentOS_6_epel', activationkey: '1-centos-6-epel', repo_url: 'http://anorien.csc.warwick.ac.uk/mirrors/epel/6/x86_64/', arch: 'x86_64', checksum: 'sha256'}
  - {name: 'CentOS_6_updates', label: 'centos-6-updates', parent: 'centos-6', repo: 'CentOS_6_updates', activationkey: '1-centos-6-epel', repo_url: 'http://mirror.centos.org/centos/6/updates/x86_64/', arch: 'x86_64', checksum: 'sha256'}
  - {name: 'CentOS_7_updates', label: 'centos-7-updates', parent: 'centos-7', repo: 'CentOS_7_updates', activationkey: '1-centos-7-epel', repo_url: 'http://mirror.centos.org/centos/7/updates/x86_64/', arch: 'x86_64', checksum: 'sha256'}
@ -31,5 +41,11 @@ spacewalk_child_repo_info:
  - {name: 'CentOS_7_extras', label: 'centos-7-extras', parent: 'centos-7', repo: 'CentOS_7_extras', activationkey: '1-centos-7-epel', repo_url: 'http://mirror.centos.org/centos/7/extras/x86_64/', arch: 'x86_64', checksum: 'sha256'}

 spacewalk_deb_repo_info:
-  - {name: 'Ubuntu_Trusty_14_04', label: 'ubuntu-1404', repo: 'Ubuntu1404', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/trusty/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
-  - {name: 'Ubuntu_Precise_12_04', label: 'ubuntu-1204', repo: 'Ubuntu1204', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/precise/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Precise_12_04', label: 'ubuntu-1204', repo: 'Ubuntu1204', activationkey: '1-ubuntu-1204', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/precise/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Trusty_14_04', label: 'ubuntu-1404', repo: 'Ubuntu1404', activationkey: '1-ubuntu-1404', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/trusty/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Xenial_16_04', label: 'ubuntu-1604', repo: 'Ubuntu1604', activationkey: '1-ubuntu-1604', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/xenial/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+
+spacewalk_child_deb_repo_info:
+  - {name: 'Ubuntu_Precise_12_04_security', label: 'ubuntu-1204-security', parent: 'ubuntu-1204', activationkey: '1-ubuntu-1204-security', repo: 'Ubuntu1204_security', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/precise-security/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Trusty_14_04_security', label: 'ubuntu-1404-security', parent: 'ubuntu-1404', activationkey: '1-ubuntu-1404-security', repo: 'Ubuntu1404_security', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/trusty-security/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Xenial_16_04_security', label: 'ubuntu-1604-security', parent: 'ubuntu-1604', activationkey: '1-ubuntu-1604-security', repo: 'Ubuntu1604_security', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/xenial-security/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
--- a/roles/spacewalk-customisations/tasks/debian-sync.yml
+++ b/roles/spacewalk-customisations/tasks/debian-sync.yml
@ -14,14 +14,34 @@
 - name: Patch the python debian library
  lineinfile: dest=/usr/lib/python2.7/site-packages/debian/debfile.py regexp='^PART_EXTS =' line="PART_EXTS = ['gz', 'bz2', 'xz', 'lzma']"

- name: Add base channels
+- name: Add deb base channels
  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- softwarechannel_create -n {{item.name}} -l {{item.label}} -a {{item.arch}} -c sha512
  ignore_errors: true
  with_items: "{{spacewalk_deb_repo_info}}"

+- name: Add deb child channels
+  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- softwarechannel_create -n {{item.name}} -p {{item.parent}} -l {{item.label}} -a {{item.arch}} -c sha512
+  ignore_errors: true
+  with_items: "{{spacewalk_child_deb_repo_info}}"
+
+- name: Add deb activation keys
+  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- activationkey_create -n {{item.label}} -b {{item.label}} -d {{item.name}}
+  ignore_errors: true
+  with_items: "{{spacewalk_deb_repo_info}}"
+
+- name: Add activation keys for deb child channels
+  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- activationkey_create -n {{item.label}} -b {{item.parent}} -d {{item.name}}
+  ignore_errors: true
+  with_items: "{{spacewalk_child_deb_repo_info}}"
+
+- name: Associate child channels with activationkeys
+  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- activationkey_addchildchannels {{item.activationkey}}  {{item.label}}
+  ignore_errors: true
+  with_items: "{{spacewalk_child_deb_repo_info}}"
+
 - name: Get the trusted SSL certs
  get_url: url=http://localhost/pub/RHN-ORG-TRUSTED-SSL-CERT dest=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

 - name: Add cron jobs for synchronizing Debian repos
  cron: name="{{item.name}} repo sync" minute="0" hour="7,19" job="{{spacewalk_scripts_dir}}debianSync.py --username=admin --password={{spacewalk_admin_password}} --channel {{item.label}} --url {{item.repo_url}}"
-  with_items: "{{spacewalk_deb_repo_info}}"
+  with_items: "{{spacewalk_deb_repo_info | union(spacewalk_child_deb_repo_info)}}"