From 5202ad6029dd0329d8ae89e238e87fe1067755b2 Mon Sep 17 00:00:00 2001
From: Fayaaz Ahmed <fayaaz.ahmed@sa.catapult.org.uk>
Date: Mon, 9 May 2016 18:46:47 +0100
Subject: [PATCH] Updated to also include debian security and clients (12.04 -
 16.04 LTS)

---
 .gitignore                                    |  2 ++
 roles/spacewalk-client/tasks/main.yml         | 23 +++++++++++++-----
 .../defaults/main.yml                         | 22 ++++++++++++++---
 .../tasks/debian-sync.yml                     | 24 +++++++++++++++++--
 4 files changed, 60 insertions(+), 11 deletions(-)
 create mode 100644 .gitignore

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..df5c4e1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+*.retry
+.idea
diff --git a/roles/spacewalk-client/tasks/main.yml b/roles/spacewalk-client/tasks/main.yml
index 1f3d37a..f0fc714 100755
--- a/roles/spacewalk-client/tasks/main.yml
+++ b/roles/spacewalk-client/tasks/main.yml
@@ -12,7 +12,9 @@
   when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
 
 - name: Install all packages for client
-  yum: name={{item}} state=present
+  yum:
+    name: "{{item}}"
+    state: present
   with_items:
    - rhn-client-tools
    - rhn-check
@@ -22,16 +24,25 @@
    - yum-rhn-plugin
   when: ansible_distribution == "CentOS"
 
+- name: Install package for Ubuntu
+  apt:
+    name: apt-transport-spacewalk
+    state: present
+  when: ansible_distribution == "Ubuntu"
+
 - name: Install Spacewalk CA certificate from server
   yum:
-    name: http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/pub/rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm
+    name: "http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/pub/rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm"
     state: present
   notify: register with spacewalk server
+  when: ansible_distribution == "CentOS"
 
 - name: register with spacewalk server
-  rhn_register:
-    state: present
-    server_url: "http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/XMLRPC"
-    activationkey: "1-centos-{{ansible_distribution_major_version}}-epel"
+  command: rhnreg_ks --serverUrl=http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/XMLRPC --activationkey=1-centos-{{ansible_distribution_major_version}}-epel
   when: ansible_distribution == "CentOS"
+  ignore_errors: true
+
+- name: register with spacewalk server
+  command: rhnreg_ks --serverUrl=http://{{ hostvars['spacewalk']['ansible_ssh_host'] }}/XMLRPC --activationkey=1-ubuntu-{{ansible_distribution_version.split('.')|join('')}}-security
+  when: ansible_distribution == "Ubuntu"
   ignore_errors: true
\ No newline at end of file
diff --git a/roles/spacewalk-customisations/defaults/main.yml b/roles/spacewalk-customisations/defaults/main.yml
index 946c132..6e5efa3 100755
--- a/roles/spacewalk-customisations/defaults/main.yml
+++ b/roles/spacewalk-customisations/defaults/main.yml
@@ -23,7 +23,17 @@ spacewalk_repo_info:
   - {name: 'CentOS_7', label: 'centos-7', repo: 'CentOS_7', repo_url: 'http://mirror.ox.ac.uk/sites/mirror.centos.org/7/os/x86_64/', arch: 'x86_64', checksum: 'sha256'}
 
 spacewalk_child_repo_info:
-  - {name: 'CentOS_7_epel', label: 'centos-7-epel', parent: 'centos-7', repo: 'CentOS_7_epel',  activationkey: '1-centos-7-epel', repo_url: 'http://anorien.csc.warwick.ac.uk/mirrors/epel/7/x86_64/', arch: 'x86_64', checksum: 'sha256'}
+  - {
+      name: 'CentOS_7_epel',
+      label: 'centos-7-epel',
+      parent: 'centos-7',
+      repo: 'CentOS_7_epel',
+      activationkey: '1-centos-7-epel',
+      repo_url: 'http://anorien.csc.warwick.ac.uk/mirrors/epel/7/x86_64/',
+      arch: 'x86_64',
+      checksum:
+      'sha256'
+    }
   - {name: 'CentOS_6_epel', label: 'centos-6-epel', parent: 'centos-6', repo: 'CentOS_6_epel', activationkey: '1-centos-6-epel', repo_url: 'http://anorien.csc.warwick.ac.uk/mirrors/epel/6/x86_64/', arch: 'x86_64', checksum: 'sha256'}
   - {name: 'CentOS_6_updates', label: 'centos-6-updates', parent: 'centos-6', repo: 'CentOS_6_updates', activationkey: '1-centos-6-epel', repo_url: 'http://mirror.centos.org/centos/6/updates/x86_64/', arch: 'x86_64', checksum: 'sha256'}
   - {name: 'CentOS_7_updates', label: 'centos-7-updates', parent: 'centos-7', repo: 'CentOS_7_updates', activationkey: '1-centos-7-epel', repo_url: 'http://mirror.centos.org/centos/7/updates/x86_64/', arch: 'x86_64', checksum: 'sha256'}
@@ -31,5 +41,11 @@ spacewalk_child_repo_info:
   - {name: 'CentOS_7_extras', label: 'centos-7-extras', parent: 'centos-7', repo: 'CentOS_7_extras', activationkey: '1-centos-7-epel', repo_url: 'http://mirror.centos.org/centos/7/extras/x86_64/', arch: 'x86_64', checksum: 'sha256'}
 
 spacewalk_deb_repo_info:
-  - {name: 'Ubuntu_Trusty_14_04', label: 'ubuntu-1404', repo: 'Ubuntu1404', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/trusty/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
-  - {name: 'Ubuntu_Precise_12_04', label: 'ubuntu-1204', repo: 'Ubuntu1204', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/precise/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Precise_12_04', label: 'ubuntu-1204', repo: 'Ubuntu1204', activationkey: '1-ubuntu-1204', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/precise/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Trusty_14_04', label: 'ubuntu-1404', repo: 'Ubuntu1404', activationkey: '1-ubuntu-1404', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/trusty/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Xenial_16_04', label: 'ubuntu-1604', repo: 'Ubuntu1604', activationkey: '1-ubuntu-1604', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/xenial/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+
+spacewalk_child_deb_repo_info:
+  - {name: 'Ubuntu_Precise_12_04_security', label: 'ubuntu-1204-security', parent: 'ubuntu-1204', activationkey: '1-ubuntu-1204-security', repo: 'Ubuntu1204_security', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/precise-security/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Trusty_14_04_security', label: 'ubuntu-1404-security', parent: 'ubuntu-1404', activationkey: '1-ubuntu-1404-security', repo: 'Ubuntu1404_security', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/trusty-security/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
+  - {name: 'Ubuntu_Xenial_16_04_security', label: 'ubuntu-1604-security', parent: 'ubuntu-1604', activationkey: '1-ubuntu-1604-security', repo: 'Ubuntu1604_security', repo_url: 'http://de.archive.ubuntu.com/ubuntu/dists/xenial-security/main/binary-amd64/', arch: 'amd64-deb', checksum: 'sha256'}
diff --git a/roles/spacewalk-customisations/tasks/debian-sync.yml b/roles/spacewalk-customisations/tasks/debian-sync.yml
index 550a602..9cbf7bd 100644
--- a/roles/spacewalk-customisations/tasks/debian-sync.yml
+++ b/roles/spacewalk-customisations/tasks/debian-sync.yml
@@ -14,14 +14,34 @@
 - name: Patch the python debian library
   lineinfile: dest=/usr/lib/python2.7/site-packages/debian/debfile.py regexp='^PART_EXTS =' line="PART_EXTS = ['gz', 'bz2', 'xz', 'lzma']"
 
-- name: Add base channels
+- name: Add deb base channels
   command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- softwarechannel_create -n {{item.name}} -l {{item.label}} -a {{item.arch}} -c sha512
   ignore_errors: true
   with_items: "{{spacewalk_deb_repo_info}}"
 
+- name: Add deb child channels
+  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- softwarechannel_create -n {{item.name}} -p {{item.parent}} -l {{item.label}} -a {{item.arch}} -c sha512
+  ignore_errors: true
+  with_items: "{{spacewalk_child_deb_repo_info}}"
+
+- name: Add deb activation keys
+  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- activationkey_create -n {{item.label}} -b {{item.label}} -d {{item.name}}
+  ignore_errors: true
+  with_items: "{{spacewalk_deb_repo_info}}"
+
+- name: Add activation keys for deb child channels
+  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- activationkey_create -n {{item.label}} -b {{item.parent}} -d {{item.name}}
+  ignore_errors: true
+  with_items: "{{spacewalk_child_deb_repo_info}}"
+
+- name: Associate child channels with activationkeys
+  command: spacecmd --user=admin --password={{spacewalk_admin_password}} -- activationkey_addchildchannels {{item.activationkey}}  {{item.label}}
+  ignore_errors: true
+  with_items: "{{spacewalk_child_deb_repo_info}}"
+
 - name: Get the trusted SSL certs
   get_url: url=http://localhost/pub/RHN-ORG-TRUSTED-SSL-CERT dest=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
 
 - name: Add cron jobs for synchronizing Debian repos
   cron: name="{{item.name}} repo sync" minute="0" hour="7,19" job="{{spacewalk_scripts_dir}}debianSync.py --username=admin --password={{spacewalk_admin_password}} --channel {{item.label}} --url {{item.repo_url}}"
-  with_items: "{{spacewalk_deb_repo_info}}"
+  with_items: "{{spacewalk_deb_repo_info | union(spacewalk_child_deb_repo_info)}}"