From 0ae090b0d57cdbc7880a7185a23194733935c719 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Fri, 14 Oct 2022 18:21:37 +0200 Subject: [PATCH] Add repos only when there're packages for install At the moment we allow not to install packages by providing systemd_networkd_distro_packages as an empty list. When that happens it makes sense also to skip all tasks related to adding repositories when no packages are going to be installed. Not installing packages might be useful for containers creation or in situations when there is no networking yet, but we know that systemd-networkd is already present. Change-Id: I5e12cb0eb07b5eb8dcca462dbe8239a926ef80e6 --- tasks/main.yml | 128 +++++++++++++++++++++++++------------------------ 1 file changed, 65 insertions(+), 63 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 4ab498b..ddc142e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -28,71 +28,73 @@ tags: - always -# Copy all factored-in GPG keys. -# KeyID 2F86D6A1 from https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8 -- name: If a keyfile is provided, copy the gpg keyfile to the key location - copy: - src: "{{ item.keyfile }}" - dest: "{{ item.key }}" - mode: '0644' - with_items: "{{ systemd_networkd_package_repos_keys | selectattr('keyfile','defined') | list }}" - when: - - ansible_facts['os_family'] | lower == 'redhat' - -- name: Ensure GPG keys have the correct SELinux contexts applied - command: restorecon -Rv /etc/pki/rpm-gpg/ - # TODO(evrardjp): Be more idempotent - changed_when: false - when: - - ansible_facts['os_family'] | lower == 'redhat' - -# Handle gpg keys manually -- name: Install gpg keys - rpm_key: - key: "{{ key.key }}" - validate_certs: "{{ key.validate_certs | default(omit) }}" - state: "{{ key.state | default('present') }}" - with_items: "{{ systemd_networkd_package_repos_keys }}" - loop_control: - loop_var: key - register: _add_yum_keys - until: _add_yum_keys is success - retries: 5 - delay: 2 - when: - - ansible_facts['os_family'] | lower == 'redhat' - -# NOTE(jrosser) this repo is configured with the path to the first gpg key provided -- name: Install the EPEL repository - yum_repository: - name: epel-networkd - baseurl: "{{ systemd_networkd_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}" - description: 'Extra Packages for Enterprise Linux $releasever - $basearch' - gpgkey: "file://{{ systemd_networkd_package_repos_keys[0].key }}" - gpgcheck: yes - enabled: yes - state: present - includepkgs: 'systemd-networkd' - when: - - ansible_facts['os_family'] | lower == 'redhat' - register: install_epel_repo - until: install_epel_repo is success - retries: 5 - delay: 2 - -- name: Install networkd distro packages - package: - name: "{{ systemd_networkd_distro_packages }}" - state: "present" - update_cache: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary('yes', omit) }}" - cache_valid_time: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary(600, omit) }}" - enablerepo: "{{ systemd_networkd_enablerepo | default(omit) }}" +- name: Install required repos and packages when: - systemd_networkd_distro_packages | length > 0 - register: install_packages - until: install_packages is success - retries: 3 - delay: 2 + block: + # Copy all factored-in GPG keys. + # KeyID 2F86D6A1 from https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8 + - name: If a keyfile is provided, copy the gpg keyfile to the key location + copy: + src: "{{ item.keyfile }}" + dest: "{{ item.key }}" + mode: '0644' + with_items: "{{ systemd_networkd_package_repos_keys | selectattr('keyfile','defined') | list }}" + when: + - ansible_facts['os_family'] | lower == 'redhat' + + - name: Ensure GPG keys have the correct SELinux contexts applied + command: restorecon -Rv /etc/pki/rpm-gpg/ + # TODO(evrardjp): Be more idempotent + changed_when: false + when: + - ansible_facts['os_family'] | lower == 'redhat' + + # Handle gpg keys manually + - name: Install gpg keys + rpm_key: + key: "{{ key.key }}" + validate_certs: "{{ key.validate_certs | default(omit) }}" + state: "{{ key.state | default('present') }}" + with_items: "{{ systemd_networkd_package_repos_keys }}" + loop_control: + loop_var: key + register: _add_yum_keys + until: _add_yum_keys is success + retries: 5 + delay: 2 + when: + - ansible_facts['os_family'] | lower == 'redhat' + + # NOTE(jrosser) this repo is configured with the path to the first gpg key provided + - name: Install the EPEL repository + yum_repository: + name: epel-networkd + baseurl: "{{ systemd_networkd_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}" + description: 'Extra Packages for Enterprise Linux $releasever - $basearch' + gpgkey: "file://{{ systemd_networkd_package_repos_keys[0].key }}" + gpgcheck: yes + enabled: yes + state: present + includepkgs: 'systemd-networkd' + when: + - ansible_facts['os_family'] | lower == 'redhat' + register: install_epel_repo + until: install_epel_repo is success + retries: 5 + delay: 2 + + - name: Install networkd distro packages + package: + name: "{{ systemd_networkd_distro_packages }}" + state: "present" + update_cache: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary('yes', omit) }}" + cache_valid_time: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary(600, omit) }}" + enablerepo: "{{ systemd_networkd_enablerepo | default(omit) }}" + register: install_packages + until: install_packages is success + retries: 3 + delay: 2 - name: Create systemd-networkd directory file: