Add ability to generate bootstrap admin token

jfrog · Dec 10, 2024 · dc78298 · dc78298
1 parent 6804524
commit dc78298
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 6 deletions.
diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml
@@ -71,6 +71,9 @@ artifactory_allowNonPostgresql: false
 # artifactory_admin_username: admin
 # artifactory_admin_password: password
 
+# Set this to true to generate a bootstrap admin token - https://jfrog.com/help/r/jfrog-installation-setup-documentation/create-an-automatic-admin-token
+artifactory_generate_bootstrap_token: false
+
 artifactory_service_file: /lib/systemd/system/artifactory.service
 
 # Provide systemyaml content below with 2-space indentation
@@ -118,10 +121,10 @@ artifactory_systemyaml_override: false
 # Allow artifactory user to create crontab rules
 artifactory_allow_crontab: false
 
-# Provide access config patch content 
+# Provide access config patch content
 artifactory_access_config_patch: |-
 # security:
 #   authentication:
 #     mtls:
-#       enabled: true                  
-#       extraction-regex: (.*)
+#       enabled: true
+#       extraction-regex: (.*)
diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/install.yml
@@ -114,6 +114,7 @@
     - "{{ artifactory_home }}/var/etc"
     - "{{ artifactory_home }}/var/etc/security/"
     - "{{ artifactory_home }}/var/etc/artifactory/info/"
+    - "{{ artifactory_home }}/var/bootstrap/etc/access/keys"
 
 - name: Check if system.yaml exists
   become: true
@@ -172,19 +173,31 @@
     - artifactory_licenses | length > 0
   notify: Restart artifactory
 
-- name: Set up Artifactory admin account 
+- name: Set up Artifactory admin account
   become: true
   ansible.builtin.template:
     src: bootstrap.creds.j2
     dest: "{{ artifactory_home }}/var/etc/access/bootstrap.creds"
     owner: "{{ artifactory_user }}"
     group: "{{ artifactory_group }}"
     mode: 0600
-  when: 
+  when:
     - artifactory_admin_username is defined
     - artifactory_admin_password is defined
   notify: Restart artifactory
 
+- name: Generate Artifactory bootstrap admin token
+  become: true
+  ansible.builtin.file:
+    path: "{{ artifactory_home }}/var/bootstrap/etc/access/keys/generate.token.json"
+    state: touch
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+    mode: 0600
+  when:
+    - artifactory_generate_bootstrap_token | bool
+  notify: Restart artifactory
+
 - name: Check if included database driver is the correct version
   become: true
   ansible.builtin.stat:
@@ -239,4 +252,4 @@
   delay: 5
   when:
     - not ansible_check_mode
-    - artifactory_start_service | bool
+    - artifactory_start_service | bool