Genericize the roal to look like the rest

2021-07-25 03:23:32 +00:00
parent fe3c5c948f
commit 580805bc34
21 changed files with 275 additions and 38 deletions
--- a/tasks/Debian-default.yml
+++ b/tasks/Debian-default.yml
@@ -0,0 +1,16 @@
+---
+# tasks file for ensure_os_patch
+- name: 'ensure Debian patch'
+  when:
+    - ansible_system == 'Linux'
+    - ansible_pkg_mgr == 'apt'
+  ansible.builtin.apt:
+    autoclean: 'yes'
+    autoremove: 'yes'
+    upgrade: 'dist'
+  notify:
+    - 'ensure_os_patch.package_facts'
+    - 'ensure_os_patch.service_facts'
+- name: 'flush handlers'
+  meta: 'flush_handlers'
+
--- a/tasks/default.yml
+++ b/tasks/default.yml
@@ -0,0 +1,3 @@
+---
+# tasks file for ensure_os_patch
+
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,5 +1,42 @@
 ---
 # tasks file for ensure_os_patch
+- name: 'include vendor / version specific tasks'
+  when:
+    - ansible_system == 'Linux'
+  include_tasks:
+    file: '{{ lookup("first_found", findme ) }}'
+  vars:
+    findme:
+      files:
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_distribution }}-default.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_os_family }}-default.yml'
+        - 'default.yml'
+      errors: 'ignore'
+- name: 'flush handlers'
+  meta: 'flush_handlers'
+- name: 'include variables'
+  when:
+    - ansible_system == 'Linux'
+  include_vars:
+    file: '{{ lookup("first_found", findme ) }}'
+    name: 'ensure_os_patch'
+  vars:
+    findme:
+      files:
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_distribution }}-default.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_os_family }}-default.yml'
+        - 'default.yml'
+      paths:
+        - '../vars/'
+      errors: 'ignore'
 - name: 'package discovery'
  when:
    - ansible_system == 'Linux'
@@ -10,20 +47,25 @@
    - ansible_system == 'Linux'
    - services is not defined
  ansible.builtin.service_facts:
- name: 'ensure patch'
+- name: 'ensure packages'
  when:
    - ansible_system == 'Linux'
-    - ansible_pkg_mgr == 'dnf' or 
-      ansible_pkg_mgr == 'yum'
+    - ensure_os_patch is defined
+    - ensure_os_patch.package_list is defined
+    - ensure_os_patch.package_list is iterable
+    - packages[item.name] is not defined
  ansible.builtin.package:
-    name: '*'
-    state: 'latest'
-  async: 900
-  poll: 5
+    name: '{{ item.name }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_os_patch.package_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
  notify:
    - 'ensure_os_patch.package_facts'
    - 'ensure_os_patch.service_facts'
- name: 'ensure patch'
+- name: 'flush handlers'
+  meta: 'flush_handlers'
+- name: 'ensure Debian patch'
  when:
    - ansible_system == 'Linux'
    - ansible_pkg_mgr == 'apt'
@@ -31,42 +73,24 @@
    autoclean: 'yes'
    autoremove: 'yes'
    upgrade: 'dist'
-  async: 900
-  poll: 5
  notify:
    - 'ensure_os_patch.package_facts'
    - 'ensure_os_patch.service_facts'
- name: 'Ensure dnf-automatic installation'
+- name: 'flush handlers'
+  meta: 'flush_handlers'
+- name: 'ensure services'
  when:
    - ansible_system == 'Linux'
-    - ( 
-        ansible_distribution == 'Fedora' and
-        ansible_distribution_major_version is version('21', '>=')
-      ) or (
-        ansible_distribution == 'CentOS' and
-        ansible_distribution_major_version is version('8', '>=')
-      )
-  ansible.builtin.package:
-    name:
-      - 'dnf-automatic'
-    state: 'present'
-  notify:
-    - 'ensure_os_patch.package_facts'
-    - 'ensure_os_patch.service_facts'
- name: 'Ensure dnf-automatic runs'
-  when:
-    - ansible_system == 'Linux'
-    - ( 
-        ansible_distribution == 'Fedora' and
-        ansible_distribution_major_version is version('21', '>=')
-      ) or (
-        ansible_distribution == 'CentOS' and
-        ansible_distribution_major_version is version('8', '>=')
-      )
+    - ensure_os_patch is defined
+    - ensure_os_patch.service_list is defined
+    - ensure_os_patch.service_list is iterable
  ansible.builtin.service:
-    enabled: 'yes'
-    name: 'dnf-automatic-install.timer'
-    state: 'started'
+    enabled: '{{ item.enabled }}'
+    name: '{{ item.name }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_os_patch.service_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
  notify:
    - 'ensure_os_patch.package_facts'
    - 'ensure_os_patch.service_facts'