Merge branch 'fedora-upgrade' into 'master'

add fedora-upgrade role, change package update headers to be more descriptive See merge request jlay/deploy-base!1
2019-07-12 04:24:37 +00:00 · 2019-07-12 04:24:37 +00:00 · 62eb3f28fb
commit 62eb3f28fb
parent 1201baa8ad e3eb8d1a8b
5 changed files with 44 additions and 4 deletions
--- a/play.yml
+++ b/play.yml
@ -6,6 +6,7 @@
  roles:
    - {role: bootstrap}
    - {role: update-packages}
+    - {role: fedora-upgrade}
    - {role: install-packages}
    - {role: create-user}
    - {role: hardening}
--- a/roles/fedora-upgrade/defaults/main.yml
+++ b/roles/fedora-upgrade/defaults/main.yml
@ -0,0 +1,4 @@
+---
+fedora_latest: 30
+fedora_minimum: 29
+fedora_target: "{{ fedora_latest|int }}"
--- a/roles/fedora-upgrade/tasks/main.yml
+++ b/roles/fedora-upgrade/tasks/main.yml
@ -0,0 +1,4 @@
+---
+
+- include_tasks: tasks.yml
+  when: (ansible_distribution in ["Fedora"] and not is_atomic) and (ansible_distribution_version != fedora_target and ansible_distribution_version >= fedora_minimum)
--- a/roles/fedora-upgrade/tasks/tasks.yml
+++ b/roles/fedora-upgrade/tasks/tasks.yml
@ -0,0 +1,23 @@
+---
+
+- name: install dnf-plugin-system-upgrade
+  dnf:
+    name: dnf-plugin-system-upgrade
+    state: present
+
+- name: stage upgraded packages for fedora {{ fedora_target }}
+  shell: dnf -y system-upgrade download --releasever="{{ fedora_target }}"
+  warn: false
+  register: dnf_result
+  changed_when: "'Download complete' in dnf_result.stdout"
+
+- name: trigger upgrade
+  shell: nohup bash -c 'sleep 2 && dnf system-upgrade reboot' &
+  register: upgraded_reset
+  when: (dnf_result is changed)
+
+- name: wait for hosts to upgrade, reboot, and return
+  wait_for_connection:
+    timeout: 900
+    delay: 20
+  when: upgraded_reset is changed
--- a/roles/update-packages/tasks/main.yml
+++ b/roles/update-packages/tasks/main.yml
@ -1,23 +1,31 @@
 ---
 - block:

-    - name: update packages (atomic)
+    - name: update packages (Fedora Atomic)
      atomic_host:
        revision: latest
      when: ansible_distribution == 'Fedora' and is_atomic
      register: atomic_host_upgraded

-    - name: update packages (non-atomic)
+    - name: refresh and update packages (Fedora)
+      dnf:
+        name: "*"
+        state: latest
+        update_cache: yes
+      when: ansible_distribution == 'Fedora' and not is_atomic
+      register: fedora_upgraded
+
+    - name: update packages (generic - non-atomic/dnf)
      package:
        name: '*'
        state: latest
-      when: ansible_distribution in ["CentOS", "Red Hat Enterprise Linux", "Fedora", "Debian", "Ubuntu"] and not is_atomic
+      when: ansible_distribution in ["CentOS", "Red Hat Enterprise Linux", "Debian", "Ubuntu"] and not is_atomic
      register: host_upgraded

    - name: reboot updated hosts
      shell: nohup bash -c "sleep 2 && shutdown -r now" &
      register: host_reset
-      when: (atomic_host_upgraded is changed) or (host_upgraded is changed)
+      when: (atomic_host_upgraded is changed) or (host_upgraded is changed) or (fedora_upgraded is changed)

    - name: wait for rebooted host to return
      wait_for_connection: