StackStorm · Mierdin · Jan 21, 2017 · Jan 4, 2017 · Jan 4, 2017 · Jan 5, 2017
diff --git a/README.md b/README.md
@@ -70,6 +70,20 @@ You might be interested in other methods to deploy StackStorm engine:
   * [RHEL7/CentOS7](https://docs.stackstorm.com/install/rhel7.html)
   * [RHEL6/CentOS6](https://docs.stackstorm.com/install/rhel6.html)
 
+## Developing
+
+There are a few requirements when developing on `ansible-st2`:
+
+These are the platforms we must support (must pass end-to-end testing):
+- Xenial
+- Trusty
+- CentOS6
+- CentOS7
+- RHEL6 (via AWS)
+- RHEL7 (via AWS)
+
+Must also support Ansible Idempotence (Eg. Ansible-playbook re-run should end with the following results: changed=0.*failed=0)
+
 ## Help
 If you're in stuck, our community always ready to help, feel free to:
 * Ask questions in our [public Slack channel](https://stackstorm.com/community-signup)

diff --git a/roles/epel/meta/main.yml b/roles/epel/meta/main.yml
@@ -0,0 +1,18 @@
+---
+galaxy_info:
+  description: Install EPEL repository
+  author: mierdin
+  company: StackStorm
+  license: Apache
+  min_ansible_version: 1.9
+  platforms:
+    - name: Ubuntu
+      versions:
+        - trusty
+        - precise
+    - name: EL
+      versions:
+        - 6
+        - 7
+  categories:
+    - system
diff --git a/roles/epel/tasks/main.yml b/roles/epel/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+- name: Check if EPEL is installed
+  stat:
+    path: /etc/yum.repos.d/epel.repo
+  register: epel_installed
+  when: ansible_os_family == "RedHat"
+
+- name: Install EPEL repo
+  become: yes
+  yum:
+    name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm"
+    state: present
+  when: ansible_os_family == "RedHat" and not epel_installed.stat.exists
diff --git a/roles/mongodb/meta/main.yml b/roles/mongodb/meta/main.yml
@@ -16,3 +16,5 @@ galaxy_info:
         - 7
   categories:
     - system
+dependencies:
+  - { role: 'epel', when: ansible_os_family == 'RedHat' }
diff --git a/roles/st2/meta/main.yml b/roles/st2/meta/main.yml
@@ -13,4 +13,5 @@ galaxy_info:
   categories:
     - system
 dependencies:
+  - { role: 'epel', when: ansible_os_family == 'RedHat' }
   - role: st2repos
diff --git a/roles/st2/tasks/config_auth.yml b/roles/st2/tasks/config_auth.yml
@@ -1,11 +1,22 @@
-- name: Install auth pre-reqs
+- name: Install auth pre-reqs (Debian)
   become: yes
   apt:
     name: "{{ item }}"
     state: present
   with_items:
     - python-passlib
     - apache2-utils
+  when: ansible_os_family == 'Debian'
+
+- name: Install auth pre-reqs (RedHat)
+  become: yes
+  yum:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - python-passlib
+    - httpd-tools
+  when: ansible_os_family == 'RedHat'
 
 - name: Create htpasswd file
   become: true
@@ -16,7 +27,7 @@
   notify:
     - restart st2api/st2stream
 
-- name: Enable autentication
+- name: Enable authentication
   become: yes
   ini_file:
     dest: /etc/st2/st2.conf

diff --git a/roles/st2/tasks/main.yml b/roles/st2/tasks/main.yml
@@ -1,17 +1,24 @@
 ---
+- name: Install libffi-devel on EL6
+  become: yes
+  package:
+    name: http://rpmfind.net/linux/centos/6/os/x86_64/Packages/libffi-devel-3.0.5-3.2.el6.x86_64.rpm
+    state: present
+  when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "6"
+
 - name: Install latest st2 package
   become: yes
-  apt:
+  package:
     name: st2
     state: latest
   when: st2_version == "latest"
   notify:
     - restart st2
   tags: skip_ansible_lint
 
-- name: Install latest st2 package
+- name: Install pinned st2 package
   become: yes
-  apt:
+  package:
     name: st2={{ st2_version }}-{{ st2_revision }}
     state: present
   when: st2_version != "latest"

diff --git a/roles/st2/tasks/user.yml b/roles/st2/tasks/user.yml
@@ -13,8 +13,6 @@
   tags: [st2, user]
 
 - name: user | Authorize key-based access for system user
-  vars:
-      ansible_ssh_pipelining: true
   become: yes
   become_user: "{{ st2_system_user }}"
   authorized_key:

diff --git a/roles/st2mistral/tasks/main.yml b/roles/st2mistral/tasks/main.yml
@@ -1,4 +1,5 @@
 ---
+
 - name: Install st2mistral dependency
   become: yes
   package:
@@ -44,8 +45,6 @@
   tags: st2mistral
 
 - name: Initiate database
-  vars:
-      ansible_ssh_pipelining: true
   become: yes
   become_user: postgres
   shell: psql < /etc/mistral/init_mistral_db.SQL

diff --git a/roles/st2repos/tasks/debian.yml b/roles/st2repos/tasks/debian.yml
@@ -0,0 +1,23 @@
+---
+- name: Install prereqs (Debian)
+  become: yes
+  apt:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - debian-archive-keyring
+    - apt-transport-https
+
+- name: Add keys to keyring
+  become: yes
+  apt_key:
 id: 42F3E95A2C4F08279C4960ADD68FA50FEA312927 
 id: 42F3E95A2C4F08279C4960ADD68FA50FEA312927 
+    id: 418A7F2FB0E1E6E7EABF6FE8C2E73424D59097AB
+    url: https://packagecloud.io/StackStorm/{{ st2_pkg_repo }}/gpgkey
+    state: present
+
+- name: Add StackStorm repos
+  become: yes
+  apt_repository:
+    repo: 'deb https://packagecloud.io/StackStorm/{{ st2_pkg_repo }}/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release|lower }} main'
+    state: present
+    update_cache: yes
diff --git a/roles/st2repos/tasks/main.yml b/roles/st2repos/tasks/main.yml
@@ -1,22 +1,4 @@
 ---
-- name: Install prereqs
-  become: yes
-  apt:
-    name: "{{ item }}"
-    state: present
-  with_items:
-    - debian-archive-keyring
-    - apt-transport-https
+# tasks file for st2repos
 
-- name: Add keys to keyring
-  become: yes
-  apt_key:
-    url: https://packagecloud.io/StackStorm/{{ st2_pkg_repo }}/gpgkey
-    state: present
-
-- name: Add StackStorm repos
-  become: yes
-  apt_repository:
-    repo: 'deb https://packagecloud.io/StackStorm/{{ st2_pkg_repo }}/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release|lower }} main'
-    state: present
-    update_cache: yes
+- include: "{{ ansible_os_family|lower }}.yml"
diff --git a/roles/st2repos/tasks/redhat.yml b/roles/st2repos/tasks/redhat.yml
@@ -0,0 +1,24 @@
+---
+# Fixes "Failure talking to yum: Cannot retrieve repository metadata (repomd.xml) for repository: StackStorm_stable. Please verify its path and try again" when installing st2
+- name: Update ca-certificates package
+  become: yes
+  yum:
+    name: ca-certificates
+    state: latest
+  tags: skip_ansible_lint
+
+- name: Add ST2 Repo
+  become: yes
+  yum_repository:
+    name: "StackStorm_{{ st2_pkg_repo }}"
+    description: "StackStorm_{{ st2_pkg_repo }}"
+    file: "StackStorm_{{ st2_pkg_repo }}"
+    baseurl: https://packagecloud.io/StackStorm/{{ st2_pkg_repo }}/el/{{ ansible_distribution_major_version }}/$basearch
+    repo_gpgcheck: yes
+    gpgkey: "https://packagecloud.io/StackStorm/{{ st2_pkg_repo }}/gpgkey"
+    sslcacert: /etc/pki/tls/certs/ca-bundle.crt
+    metadata_expire: 300
+    gpgcheck: no
+    enabled: yes
+    sslverify: yes
+  register: st2_repo_installed