diff --git a/.kitchen.yml b/.kitchen.yml index 71d748a2..763050c9 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -22,18 +22,18 @@ provisioner: st2_rbac_enable: yes platforms: - # Ubuntu Xenial with Systemd - - name: ubuntu-16.04 + # Ubuntu Bionic with Systemd + - name: ubuntu-18.04 driver_config: - image: stackstorm/packagingtest:xenial-systemd + image: stackstorm/packagingtest:bionic-systemd platform: ubuntu run_command: /sbin/init volume: - /sys/fs/cgroup:/sys/fs/cgroup:ro - # Ubuntu Bionic with Systemd - - name: ubuntu-18.04 + # Ubuntu Focal with Systemd + - name: ubuntu-20.04 driver_config: - image: stackstorm/packagingtest:bionic-systemd + image: stackstorm/packagingtest:focal-systemd platform: ubuntu run_command: /sbin/init volume: diff --git a/.travis.yml b/.travis.yml index fbbaa975..90cb2953 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,14 +9,14 @@ branches: env: # default is stable repo - - DISTRO=ubuntu-16 - DISTRO=ubuntu-18 + - DISTRO=ubuntu-20 - DISTRO=centos-7 - DISTRO=centos-8 # StackStorm 'unstable' repo check - - DISTRO=ubuntu-16 ST2_REPO=unstable - DISTRO=ubuntu-18 ST2_REPO=unstable + - DISTRO=ubuntu-20 ST2_REPO=unstable - DISTRO=centos-7 ST2_REPO=unstable - DISTRO=centos-8 ST2_REPO=unstable diff --git a/README.md b/README.md index 4b0a0831..f3714969 100644 --- a/README.md +++ b/README.md @@ -9,8 +9,8 @@ Aka IFTTT orchestration for Ops. [![Join our community Slack](https://stackstorm-community.herokuapp.com/badge.svg)](https://stackstorm.com/community-signup) ## Supported platforms -* Ubuntu Xenial (16.04) * Ubuntu Bionic (18.04) +* Ubuntu Focal (20.04) * RHEL7 / CentOS7 * RHEL8 / CentOS8 @@ -19,7 +19,7 @@ Aka IFTTT orchestration for Ops. > In order to access StackStorm Web UI, please don't forget to ensure that http/https ports are opened in your firewall system. ## Requirements -At least 2GB of memory and 3.5GB of disk space is required, since StackStorm is shipped with RabbitMQ, Mongo and nginx. +At least 2GB of memory and 3.5GB of disk space is required, since StackStorm is shipped with RabbitMQ, Mongo, Redis and nginx. ## Installation ```sh @@ -50,7 +50,6 @@ Below is the list of variables you can redefine in your playbook to customize st | `st2_ldap` | [See `st2_ldap` variable in role defaults](roles/st2/defaults/main.yml) | Settings for LDAP authentication backend. `st2_ldap` is a dictionary and has one item `backend_kwargs`. `backend_kwargs` should be provided as exactly listed in ST2 documentation for [LDAP configuration](https://docs.stackstorm.com/authentication.html#ldap). | `st2_packs` | `[ st2 ]` | List of packs to install. This flag does not work with a `--python3` only pack. | `st2_python_packages` | `[ ]` | List of python packages to install into the `/opt/stackstorm/st2` virtualenv. This is needed when deploying alternative auth or coordination backends which depend on Python modules to make them work. -| `st2_u16_add_insecure_py3_ppa` | `false` | Whether permission is granted to install the deadsnakes Python3.6 PPA for Ubuntu 16. | **st2web** | `st2web_version` | `latest` | st2web version to install. `present` to install available package, `latest` to get automatic updates, or pin it to numeric version like `2.2.0` or with revision like `2.2.0-1`. | `st2web_ssl_certificate` | `null` | String with custom SSL certificate (`.crt`). If not provided, self-signed certificate will be generated. @@ -93,8 +92,8 @@ st2smoketests, you will need to disable proxy for localhost. There are a few requirements when developing on `ansible-st2`. These are the platforms we must support (must pass end-to-end testing): -- Ubuntu Xenial - Ubuntu Bionic +- Ubuntu Focal - CentOS7 - CentOS8 - RHEL7 (via AWS) @@ -109,7 +108,7 @@ vagrant up Other distros: ```sh -vagrant up ubuntu16 +vagrant up ubuntu20 vagrant up centos7 vagrant up centos8 ``` @@ -120,8 +119,8 @@ You might be interested in other methods to deploy StackStorm engine: * [Puppet Module](https://github.com/stackstorm/puppet-st2) * Manual Instructions - * [Ubuntu 16.04](https://docs.stackstorm.com/install/u16.html) * [Ubuntu 18.04](https://docs.stackstorm.com/install/u18.html) + * [Ubuntu 20.04](https://docs.stackstorm.com/install/u20.html) * [RHEL8/CentOS8](https://docs.stackstorm.com/install/rhel8.html) * [RHEL7/CentOS7](https://docs.stackstorm.com/install/rhel7.html) diff --git a/Vagrantfile b/Vagrantfile index 51e133f5..9a0a7740 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -2,14 +2,14 @@ # vi: set ft=ruby : VIRTUAL_MACHINES = { - :ubuntu16 => { - :hostname => 'ansible-st2-ubuntu16', - :box => 'ubuntu/xenial64', - }, :ubuntu18 => { :hostname => 'ansible-st2-ubuntu18', :box => 'ubuntu/bionic64', }, + :ubuntu20 => { + :hostname => 'ansible-st2-ubuntu20', + :box => 'ubuntu/focal64', + }, :centos7 => { :hostname => 'ansible-st2-centos7', :box => 'centos/7', diff --git a/meta/main.yml b/meta/main.yml index 9c7d3550..f46f19fe 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -17,7 +17,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7 diff --git a/roles/StackStorm.mongodb/defaults/main.yml b/roles/StackStorm.mongodb/defaults/main.yml index 407094e9..813efee2 100644 --- a/roles/StackStorm.mongodb/defaults/main.yml +++ b/roles/StackStorm.mongodb/defaults/main.yml @@ -1,3 +1,3 @@ --- # MongoDB default version -mongodb_version: "4.0" +mongodb_version: "{% if ansible_facts.os_family == 'Debian' and ansible_facts.distribution_major_version == '20' %}4.4{% else %}4.0{% endif %}" diff --git a/roles/StackStorm.mongodb/meta/main.yml b/roles/StackStorm.mongodb/meta/main.yml index a9e570ef..866a3938 100644 --- a/roles/StackStorm.mongodb/meta/main.yml +++ b/roles/StackStorm.mongodb/meta/main.yml @@ -9,7 +9,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7 diff --git a/roles/StackStorm.mongodb/vars/debian.yml b/roles/StackStorm.mongodb/vars/debian.yml index 071c49fe..8c021657 100644 --- a/roles/StackStorm.mongodb/vars/debian.yml +++ b/roles/StackStorm.mongodb/vars/debian.yml @@ -1,6 +1,5 @@ # Use the following URL to find the key: https://www.mongodb.org/static/pgp/server-{{ mongodb_major_minor_version }}.asc mongodb_apt_keys: - "3.2": "42F3E95A2C4F08279C4960ADD68FA50FEA312927" - "3.4": "0C49F3730359A14518585931BC711F9BA15703C6" "3.6": "2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5" "4.0": "9DA31620334BD75D9DCB49F368818C72E52529D4" + "4.4": "20691EEC35216C63CAF66CE1656408E390CFB1F5" diff --git a/roles/StackStorm.nginx/meta/main.yml b/roles/StackStorm.nginx/meta/main.yml index 84ba2a55..698e93c9 100644 --- a/roles/StackStorm.nginx/meta/main.yml +++ b/roles/StackStorm.nginx/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7 diff --git a/roles/StackStorm.nodejs/meta/main.yml b/roles/StackStorm.nodejs/meta/main.yml index 351707bc..26563857 100644 --- a/roles/StackStorm.nodejs/meta/main.yml +++ b/roles/StackStorm.nodejs/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7 diff --git a/roles/StackStorm.rabbitmq/meta/main.yml b/roles/StackStorm.rabbitmq/meta/main.yml index d72d176d..2057b276 100644 --- a/roles/StackStorm.rabbitmq/meta/main.yml +++ b/roles/StackStorm.rabbitmq/meta/main.yml @@ -9,7 +9,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7 diff --git a/roles/StackStorm.redis/meta/main.yml b/roles/StackStorm.redis/meta/main.yml new file mode 100644 index 00000000..2fcd2531 --- /dev/null +++ b/roles/StackStorm.redis/meta/main.yml @@ -0,0 +1,26 @@ +--- +galaxy_info: + description: Install redis as Stackstorm coordination backend + author: winem + company: StackStorm + license: Apache 2.0 + min_ansible_version: 2.5 + platforms: + - name: Ubuntu + versions: + - bionic + - focal + - name: EL + versions: + - 7 + - 8 + galaxy_tags: + - system + - stackstorm + - st2 + - automation + - remediation + - devops +dependencies: + - role: StackStorm.epel + when: ansible_facts.os_family == 'RedHat' diff --git a/roles/StackStorm.redis/tasks/main.yml b/roles/StackStorm.redis/tasks/main.yml index 18685f06..18c345ea 100644 --- a/roles/StackStorm.redis/tasks/main.yml +++ b/roles/StackStorm.redis/tasks/main.yml @@ -16,7 +16,7 @@ dest: /etc/redis/redis.conf line: supervised systemd tags: redis - when: ansible_facts.os_family == 'Debian' and ansible_facts.distribution_major_version != "16" + when: ansible_facts.os_family == 'Debian' - name: Change bind to be ipv4 only if needed become: yes diff --git a/roles/StackStorm.st2/defaults/main.yml b/roles/StackStorm.st2/defaults/main.yml index 44213243..4bd646bc 100644 --- a/roles/StackStorm.st2/defaults/main.yml +++ b/roles/StackStorm.st2/defaults/main.yml @@ -75,10 +75,3 @@ st2_packs: # Additional python packages to install st2_python_packages: [] - -# Whether permission is granted to install the deadsnakes Python3.6 PPA for Ubuntu 16. -#The python3.6 package is a required dependency for the StackStorm st2 package but that is not installable from any of the default Ubuntu 16.04 repositories. -#We recommend switching to Ubuntu 18.04 LTS (Bionic) as a base OS. Support for Ubuntu 16.04 will be removed with future StackStorm versions. -#Alternatively the playbooks will try to add python3.6 from the 3rd party 'deadsnakes' repository: https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa. -#Only set to true, if you are aware of the support and security risks associated with using unofficial 3rd party PPA repository, and you understand that StackStorm does NOT provide ANY support for python3.6 packages on Ubuntu 16.04. -st2_u16_add_insecure_py3_ppa: false diff --git a/roles/StackStorm.st2/meta/main.yml b/roles/StackStorm.st2/meta/main.yml index 73e4cfa4..bec14f5b 100644 --- a/roles/StackStorm.st2/meta/main.yml +++ b/roles/StackStorm.st2/meta/main.yml @@ -9,7 +9,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7 diff --git a/roles/StackStorm.st2/tasks/auth.yml b/roles/StackStorm.st2/tasks/auth.yml index 1ebac416..96c0869f 100644 --- a/roles/StackStorm.st2/tasks/auth.yml +++ b/roles/StackStorm.st2/tasks/auth.yml @@ -1,9 +1,16 @@ +- name: Include OS-specific variables + include_vars: "{{ item }}" + with_first_found: + - "{{ ansible_facts.os_family | lower }}_{{ ansible_facts.distribution_major_version }}.yml" + - "{{ ansible_facts.os_family | lower }}.yml" + ignore_errors: true + - name: auth | Install auth pre-reqs (Debian) become: yes apt: name: - - python-passlib - apache2-utils + - "{{ passlib }}" state: present register: _task retries: 5 @@ -11,14 +18,6 @@ until: _task is succeeded when: ansible_facts.os_family == 'Debian' -- name: Include RedHat OS-specific variables - include_vars: "{{ item }}" - with_first_found: - - "{{ ansible_os_family | lower }}_{{ ansible_distribution_major_version }}.yml" - - "{{ ansible_os_family | lower }}.yml" - ignore_errors: true - when: ansible_facts.os_family == 'RedHat' - - name: auth | Install auth pre-reqs (RedHat) become: yes yum: diff --git a/roles/StackStorm.st2/tasks/main.yml b/roles/StackStorm.st2/tasks/main.yml index 6adb7cbb..0a4acf82 100644 --- a/roles/StackStorm.st2/tasks/main.yml +++ b/roles/StackStorm.st2/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: Ensure python3.6 is available - include_tasks: request_ppa.yml - when: ansible_facts.os_family == 'Debian' and ansible_facts.distribution_major_version == '16' - tags: st2 - - name: Verify python3-devel is available in enabled repo become: yes shell: diff --git a/roles/StackStorm.st2/tasks/request_ppa.yml b/roles/StackStorm.st2/tasks/request_ppa.yml deleted file mode 100644 index ab33de4a..00000000 --- a/roles/StackStorm.st2/tasks/request_ppa.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: Verify python3.6 is available in enabled repo - become: yes - shell: - cmd: apt-cache show python3.6 - changed_when: false - register: _pkg_check - args: - warn: False - ignore_errors: yes - # Disable warning as package_facts only reports on installed packages - tags: st2, skip_ansible_lint - -- name: Ask for PPA permission if not available and not already granted - pause: - prompt: "The python3.6 package is a required dependency for the StackStorm st2 package but that is not installable from any of the default Ubuntu 16.04 repositories. \nWe recommend switching to Ubuntu 18.04 LTS (Bionic) as a base OS. Support for Ubuntu 16.04 will be removed with future StackStorm versions.\n\nAlternatively we'll try to add python3.6 from the 3rd party 'deadsnakes' repository: https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa.\nBy continuing you are aware of the support and security risks associated with using unofficial 3rd party PPA repository, and you understand that StackStorm does NOT provide ANY support for python3.6 packages on Ubuntu 16.04.\n\nTo bypass this check in future, you can set the following variable to true: st2_u16_add_insecure_py3_ppa\n\nEnter [yes] to continue, and adding the PPA" - when: '"Version" not in _pkg_check.stdout and not st2_u16_add_insecure_py3_ppa' - register: _ppa_request - tags: st2 - -- name: Stop if ppa_permission not granted - fail: - msg: "Python3.6 PPA installation aborted" - when: '"Version" not in _pkg_check.stdout and not st2_u16_add_insecure_py3_ppa and not _ppa_request.user_input | bool' - tags: st2 - -- name: Add PPA key - become: yes - apt_key: - keyserver: keyserver.ubuntu.com - id: F23C5A6CF475977595C89F51BA6932366A755776 - tags: st2 - -- name: Register python 3.6 PPA - become: yes - apt_repository: - repo: ppa:deadsnakes/ppa - tags: st2 diff --git a/roles/StackStorm.st2/vars/debian.yml b/roles/StackStorm.st2/vars/debian.yml new file mode 100644 index 00000000..96917aa3 --- /dev/null +++ b/roles/StackStorm.st2/vars/debian.yml @@ -0,0 +1,3 @@ +# List of python variables +--- +passlib: python-passlib diff --git a/roles/StackStorm.st2/vars/debian_20.yml b/roles/StackStorm.st2/vars/debian_20.yml new file mode 100644 index 00000000..9e1046b2 --- /dev/null +++ b/roles/StackStorm.st2/vars/debian_20.yml @@ -0,0 +1,3 @@ +# List of python3 variables +--- +passlib: python3-passlib diff --git a/roles/StackStorm.st2chatops/meta/main.yml b/roles/StackStorm.st2chatops/meta/main.yml index bdd58900..e1b1670e 100644 --- a/roles/StackStorm.st2chatops/meta/main.yml +++ b/roles/StackStorm.st2chatops/meta/main.yml @@ -9,7 +9,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7 diff --git a/roles/StackStorm.st2repo/meta/main.yml b/roles/StackStorm.st2repo/meta/main.yml index 0f8ebb26..67d4f8e7 100644 --- a/roles/StackStorm.st2repo/meta/main.yml +++ b/roles/StackStorm.st2repo/meta/main.yml @@ -9,7 +9,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7 diff --git a/roles/StackStorm.st2smoketests/meta/main.yml b/roles/StackStorm.st2smoketests/meta/main.yml new file mode 100644 index 00000000..d3c29c8d --- /dev/null +++ b/roles/StackStorm.st2smoketests/meta/main.yml @@ -0,0 +1,27 @@ +--- +galaxy_info: + description: Run StackStorm smoketests to verify the setup + author: armab + company: StackStorm + license: Apache 2.0 + min_ansible_version: 2.5 + platforms: + - name: Ubuntu + versions: + - bionic + - focal + - name: EL + versions: + - 7 + - 8 + galaxy_tags: + - system + - stackstorm + - st2 + - automation + - remediation + - devops +dependencies: + - role: StackStorm.epel + when: ansible_facts.os_family == 'RedHat' + - role: StackStorm.st2repo diff --git a/roles/StackStorm.st2web/meta/main.yml b/roles/StackStorm.st2web/meta/main.yml index fbc177c6..cec5ac6f 100644 --- a/roles/StackStorm.st2web/meta/main.yml +++ b/roles/StackStorm.st2web/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: - name: Ubuntu versions: - bionic - - xenial + - focal - name: EL versions: - 7