Merge pull request #155 from rancherfederal/aceeric-tarball-upgrade

Adding Tarball upgrade capability

.ansible-lint

@@ -1,10 +1,11 @@
 exclude_paths:
-- .github/
-- molecule/
-- .ansible-lint
+  - .github/
+  - molecule/
+  - .ansible-lint
 warn_list:
   - no-handler
   - var-spacing
+  - var-naming
 skip_list:
   - experimental
   - fqcn-builtins

.github/workflows/lint.yml

@@ -1,5 +1,5 @@
 ---
-name: CentOS 7
+name: Lint Test
 
 on:
   push:

.github/workflows/centos7.yml → .github/workflows/rocky8.yml

@@ -1,5 +1,5 @@
 ---
-name: CentOS 7
+name: Rocky 8
 
 on:
   pull_request:
@@ -40,7 +40,7 @@ jobs:
       - name: Run ansible-lint.
         run: ansible-lint
 
-  centos7-test:
+  rocky8-test:
     name: Initial build test
     runs-on: ubuntu-latest
     needs: ['lint-test']
@@ -75,7 +75,7 @@ jobs:
         id: plan
         run: |
           cd testing/
-          terraform plan -var "GITHUB_RUN_ID=$GITHUB_RUN_ID" -var "os=centos7" -no-color
+          terraform plan -var "GITHUB_RUN_ID=$GITHUB_RUN_ID" -var "os=rocky8" -no-color
         continue-on-error: true
 
       - name: Terraform Plan Status
@@ -85,7 +85,7 @@ jobs:
       - name: Terraform Apply
         run: |
           cd testing/
-          terraform apply -var "GITHUB_RUN_ID=$GITHUB_RUN_ID" -var "os=centos7" -auto-approve
+          terraform apply -var "GITHUB_RUN_ID=$GITHUB_RUN_ID" -var "os=rocky8" -auto-approve
 
       - name: Set up Python
         id: setup_python
@@ -122,26 +122,26 @@ jobs:
 
       - name: Prep inventory
         run: |
-          cp -R inventory/sample inventory/centos7
-          cp hosts.ini inventory/centos7/hosts.ini
+          cp -R inventory/sample inventory/rocky8
+          cp hosts.ini inventory/rocky8/hosts.ini
 
       - name: Run playbook
         run: |
-          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos -vv --private-key .key site.yml
+          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos -vv --private-key .key site.yml
 
       - name: Run playbook again for idempotency
         run: |
-          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos -vv --private-key .key site.yml
+          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos -vv --private-key .key site.yml
 
       - name: Run Ansible Tests
         run: |
-          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos --verbose --skip-tags "troubleshooting" --private-key .key testing.yml
+          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos --verbose --skip-tags "troubleshooting" --private-key .key testing.yml
 
       - name: Run Python Tests
         run: |
           export DEFAULT_PRIVATE_KEY_FILE=.key
-          pytest --hosts=rke2_servers --ansible-inventory=inventory/centos7/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_server_tests.py
-          pytest --hosts=rke2_agents --ansible-inventory=inventory/centos7/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_agent_tests.py
+          pytest --hosts=rke2_servers --ansible-inventory=inventory/rocky8/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_server_tests.py
+          pytest --hosts=rke2_agents --ansible-inventory=inventory/rocky8/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_agent_tests.py
 
       - name: Create new inventory hosts.ini with added hosts
         run: |
@@ -154,26 +154,26 @@ jobs:
           aws ec2 describe-instances --filters "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=ExtraNode" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PublicIpAddress" --output text >> hosts.ini
           echo "[all:vars]" >> hosts.ini
           echo "kubernetes_api_server_host=$(aws ec2 describe-instances --filters "Name=tag:Owner,Values=rke2-ansible-github-actions" "Name=tag:NodeType,Values=Server" "Name=tag:github_run,Values=$GITHUB_RUN_ID" --query "Reservations[*].Instances[*].PrivateIpAddress" --output text | head -1)" >> hosts.ini
-          cp hosts.ini inventory/centos7/hosts.ini
+          cp hosts.ini inventory/rocky8/hosts.ini
 
       - name: Run playbook again with added hosts
         run: |
-          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos --verbose --private-key .key site.yml
+          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos --verbose --private-key .key site.yml
 
       - name: Run Ansible Tests with added hosts
         run: |
-          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos --verbose --skip-tags "troubleshooting" --private-key .key testing.yml
+          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos --verbose --skip-tags "troubleshooting" --private-key .key testing.yml
 
       - name: Run Python Tests with added hosts
         run: |
           export DEFAULT_PRIVATE_KEY_FILE=.key
-          pytest --hosts=rke2_servers --ansible-inventory=inventory/centos7/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_server_tests.py
-          pytest --hosts=rke2_agents --ansible-inventory=inventory/centos7/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_agent_tests.py
+          pytest --hosts=rke2_servers --ansible-inventory=inventory/rocky8/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_server_tests.py
+          pytest --hosts=rke2_agents --ansible-inventory=inventory/rocky8/hosts.ini --force-ansible --connection=ansible --sudo testing/basic_agent_tests.py
 
       - name: Run troubleshoot tasks
         if: ${{ failure() }}
         run: |
-          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/centos7/hosts.ini -u centos -vvv --tags "troubleshooting" --private-key .key testing.yml
+          ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/rocky8/hosts.ini -u centos -vvv --tags "troubleshooting" --private-key .key testing.yml
 
       - name: Delete Stack
         if: ${{ always() }}

roles/rke2_common/defaults/main.yml

@@ -13,7 +13,7 @@ rke2_common_yum_repo:
   enabled: yes
 
 rke2_versioned_yum_repo:
-  name: "rke2-v{{ rke2_version_majmin }}"  # noqa var-spacing
+  name: "rke2-v{{ rke2_version_majmin }}"  # noqa jinja[spacing]
   description: "Rancher RKE2 Version"
   baseurl: "https://rpm.rancher.io/rke2/latest/{{ rke2_version_majmin }}/centos/$releasever/$basearch"
   gpgcheck: true

roles/rke2_common/tasks/calculate_rke2_version.yml

@@ -0,0 +1,68 @@
+---
+
+- name: "Calculate rke2 full version"
+  when: ( install_rke2_version is not defined ) or ( install_rke2_version | length == 0 )
+  block:
+    - name: Stop if the provided is not valid
+      fail:
+        msg: "Provided channel is not valid"
+      when: rke2_channel not in channels
+
+    - name: Get full version name url
+      uri:
+        url: https://update.rke2.io/v1-release/channels/{{ rke2_channel }}
+        follow_redirects: safe
+        remote_src: true
+      register: rke2_version_url
+
+    - name: Set full version name
+      shell: set -o pipefail && echo {{ rke2_version_url.url }} | sed -e 's|.*/||'
+      register: rke2_full_version
+      changed_when: false
+      args:
+        executable: /usr/bin/bash
+
+- name: Set rke2_full_version fact
+  set_fact:
+    rke2_full_version: "{{ rke2_full_version.stdout if ((install_rke2_version is not defined) or (install_rke2_version|length == 0)) else install_rke2_version }}"  # yamllint disable-line rule:line-length
+
+- name: Set dot version
+  shell: set -o pipefail && echo {{ rke2_full_version }} | /usr/bin/cut -d'+' -f1
+  register: rke2_version_dot_tmp
+  changed_when: false
+  args:
+    executable: /usr/bin/bash
+
+- name: Set rke2_version_dot fact
+  set_fact:
+    rke2_version_dot: "{{ rke2_version_dot_tmp.stdout }}"
+
+- name: Set Maj.Min version
+  shell: set -o pipefail && echo {{ rke2_full_version }} | /bin/awk -F'.' '{ print $1"."$2 }' | sed "s|^v||g"
+  register: rke2_version_majmin_tmp
+  changed_when: false
+  args:
+    executable: /usr/bin/bash
+
+- name: Set rke2_version_majmin fact
+  set_fact:
+    rke2_version_majmin: "{{ rke2_version_majmin_tmp.stdout }}"
+
+- name: Set RPM version
+  shell: set -o pipefail && echo {{ rke2_full_version }} | sed -E -e "s/[\+-]/~/g" | sed -E -e "s/v(.*)/\1/"
+  register: rke2_version_rpm_tmp
+  changed_when: false
+  args:
+    executable: /usr/bin/bash
+
+- name: Set rke2_version_rpm fact
+  set_fact:
+    rke2_version_rpm: "{{ rke2_version_rpm_tmp.stdout }}"
+
+- name: Describe versions
+  debug:
+    msg:
+      - "Full version, with revision indication: {{ rke2_full_version }}"
+      - "Version without revision indication: {{ rke2_version_dot }}"
+      - "Major and Minor Only: {{ rke2_version_majmin }}"
+      - "RPM Version (tilde): {{ rke2_version_rpm }}"

roles/rke2_common/tasks/config.yml

@@ -259,20 +259,20 @@
     state: absent
   changed_when: false
 
-- name: Restart rke2-server if package installed and config changed
+- name: Restart rke2-server if package installed and config changed or RKE2 version changed
   service:
     state: restarted
     name: rke2-server
   when:
     - ansible_facts.services["rke2-server.service"] is defined
     - "ansible_facts.services['rke2-server.service'].state == 'running'"
-    - tmp_sha1 != previous_rke2_config.stat.checksum
+    - (tmp_sha1 != previous_rke2_config.stat.checksum or (rke2_version_changed | default(false)))
 
-- name: Restart rke2-agent if package installed and config changed
+- name: Restart rke2-agent if package installed and config changed or RKE2 version changed
   service:
     state: restarted
     name: rke2-agent
   when:
     - ansible_facts.services["rke2-agent.service"] is defined
     - "ansible_facts.services['rke2-agent.service'].state == 'running'"
-    - tmp_sha1 != previous_rke2_config.stat.checksum
+    - (tmp_sha1 != previous_rke2_config.stat.checksum or (rke2_version_changed | default(false)))

roles/rke2_common/tasks/main.yml

@@ -12,14 +12,17 @@
 
 - name: Include images_tarball_install.yml
   include_tasks: images_tarball_install.yml
-  when: not installed
 
-- name: "Check for binary tarball in {{ playbook_dir }}/tarball_install/rke2.linux-amd64.tar.gz"  # noqa name[template]
+- name: "Check for binary tarball in tarball_install/rke2.linux-amd64.tar.gz"
   stat:
     path: "{{ playbook_dir }}/tarball_install/rke2.linux-amd64.tar.gz"
   register: rke2_binary_tarball_check
   delegate_to: 127.0.0.1
-  become: no
+  become: false
+
+- name: Include calculate_rke2_version.yml
+  include_tasks: calculate_rke2_version.yml
+  when: not rke2_binary_tarball_check.stat.exists
 
 - name: SLES/Ubuntu/Tarball Installation
   include_tasks: tarball_install.yml
@@ -28,26 +31,12 @@
       ((ansible_facts['os_family'] != 'RedHat' and
       ansible_facts['os_family'] != 'Rocky') or
       rke2_binary_tarball_check.stat.exists )
-      and not installed
 
 - name: RHEL/CentOS Installation
   when:
     - ansible_os_family == 'RedHat' or ansible_os_family == 'Rocky'
     - not rke2_binary_tarball_check.stat.exists
-  block:
-    - name: Install redhat-lsb-core
-      when: "'redhat-lsb-core' not in ansible_facts.packages"
-      yum:
-        name: redhat-lsb-core
-        state: present
-
-    - name: Reread ansible_lsb facts
-      when: "'redhat-lsb-core' not in ansible_facts.packages"
-      setup:
-        filter: ansible_lsb*
-
-    - name: Include task file rpm_install.yml
-      include_tasks: rpm_install.yml
+  include_tasks: rpm_install.yml
 
 # Disable Firewalld
 # We recommend disabling firewalld. For Kubernetes 1.19+, firewalld must be turned off.

roles/rke2_common/tasks/previous_install.yml

@@ -27,3 +27,21 @@
   when: >
     ansible_facts.services["rke2-agent.service"] is defined
     and not ansible_facts.services["rke2-agent.service"].status == 'disabled'
+
+- name: Check for the rke2 binary
+  stat:
+    path: /usr/local/bin/rke2
+  register: rke2_binary
+
+- name: Get current RKE2 version if already installed
+  shell: set -o pipefail && /usr/local/bin/rke2 -v | head -n 1 | cut -d ' ' -f 3
+  register: installed_rke2_version_tmp
+  changed_when: false
+  args:
+    executable: /usr/bin/bash
+  when: rke2_binary.stat.exists
+
+- name: Determine if current version differs what what is being installed
+  set_fact:
+    installed_rke2_version: "{{installed_rke2_version_tmp.stdout}}"
+  when: rke2_binary.stat.exists