2 ## Copyright (c) 2020-2021 Intel Corporation.
4 ## Licensed under the Apache License, Version 2.0 (the "License");
5 ## you may not use this file except in compliance with the License.
6 ## You may obtain a copy of the License at
8 ## http://www.apache.org/licenses/LICENSE-2.0
10 ## Unless required by applicable law or agreed to in writing, software
11 ## distributed under the License is distributed on an "AS IS" BASIS,
12 ## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 ## See the License for the specific language governing permissions and
14 ## limitations under the License.
17 - name: enable PowerTools repository on CentOS >= 8 and < 8.3
18 # noqa 303 - yum is called intenionallly here
19 command: yum config-manager --set-enabled PowerTools
21 - ansible_distribution == "CentOS"
22 - ansible_distribution_version >= '8' and ansible_distribution_version < '8.3'
24 - name: enable PowerTools repository on CentOS >= 8.3
25 # noqa 303 - yum is called intenionallly here
26 command: yum config-manager --set-enabled powertools
28 - ansible_distribution == "CentOS"
29 - ansible_distribution_version >= '8.3'
31 - name: enable CodeReady Linux Builder repository on RHEL 8
33 name: codeready-builder-for-rhel-8-x86_64-rpms
35 - ansible_distribution == "RedHat"
36 - ansible_distribution_version >= '8'
38 - name: install epel-release on CentOS
42 - ansible_distribution == "CentOS"
44 - name: obtain EPEL GPG key on RHEL8
47 key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8
49 - ansible_distribution == "RedHat"
50 - ansible_distribution_version >= '8'
52 - name: install epel-release on RHEL8
54 name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
56 - ansible_distribution == "RedHat"
57 - ansible_distribution_version >= '8'
59 - name: get full distribution versions
60 command: cat /etc/redhat-release
64 - name: set full distribution version
66 full_dist_version: "{{ release.stdout | regex_replace('.*(\\d+.\\d+.\\d\\d\\d\\d).*', '\\1') }}"
68 - name: update CentOS Vault yum repository on CentOS 7
70 name: C{{ full_dist_version }}-base
71 description: CentOS-{{ full_dist_version }} - Base
73 baseurl: http://vault.centos.org/{{ full_dist_version }}/os/$basearch/
75 gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-{{ ansible_distribution_major_version }}
78 - ansible_distribution == "CentOS"
79 - ansible_distribution_version < '7.9'
82 #- name: update CentOS Vault yum repository on CentOS 8
84 # name: C{{ full_dist_version }}-base
85 # description: CentOS-{{ full_dist_version }} - Base
87 # baseurl: http://vault.centos.org/{{ full_dist_version }}/BaseOS/$basearch/os/
88 # baseurl: http://vault.centos.org/{{ full_dist_version }}/BaseOS/Source/
90 # gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
93 # - ansible_distribution == "CentOS"
94 # - ansible_distribution_version >= '8' and ansible_distribution_version < '8.3'
97 # CentOS-Vault repo not working for CentOS 8, so install kernel headers directly
98 - name: pull matching kernel headers on CentOS 8.2
102 register: source_status
104 - "https://vault.centos.org/8.2.2004/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-193.el8.x86_64.rpm"
105 - "https://vault.centos.org/8.2.2004/BaseOS/x86_64/os/Packages/kernel-devel-4.18.0-193.el8.x86_64.rpm"
107 - ansible_distribution == "CentOS"
108 - ansible_distribution_version == '8.2'
111 - name: pull matching kernel headers on CentOS 8.3
115 register: source_status
117 - "http://mirror.centos.org/centos/8/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-240.el8.x86_64.rpm"
118 - "http://mirror.centos.org/centos/8/BaseOS/x86_64/os/Packages/kernel-devel-4.18.0-240.el8.x86_64.rpm"
119 # - "https://vault.centos.org/8.3.2011/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-240.el8.x86_64.rpm"
120 # - "https://vault.centos.org/8.3.2011/BaseOS/x86_64/os/Packages/kernel-devel-4.18.0-240.el8.x86_64.rpm"
122 - ansible_distribution == "CentOS"
123 - ansible_distribution_version == '8.3'
126 # pull the matching kernel headers if kernel is not updated
127 - name: pull matching kernel headers from configured repos
128 # noqa 503 - more than one condition, can't be a handler
131 - kernel-headers-{{ ansible_kernel }}
132 - kernel-devel-{{ ansible_kernel }}
133 register: kernel_source
135 until: kernel_source is success
137 - not source_status.changed
138 - ansible_os_family == "RedHat"
141 - name: install the 'Development tools' package group
143 name: "@Development tools"
145 - ansible_os_family == "RedHat"
151 - ansible_distribution in ["RedHat", "CentOS"]
152 - ansible_distribution_version < '8'
158 - ansible_distribution in ["RedHat", "CentOS"]
159 - ansible_distribution_version >= '8'
161 - name: update all packages
164 state: latest # noqa 403
167 - ansible_os_family == "RedHat"
168 - update_all_packages | default(false)
170 - name: update to the latest kernel and kernel headers on the Red Hat OS family
175 state: latest # noqa 403
179 - ansible_os_family == "RedHat"
180 - update_kernel | default(false)
182 #note(przemeklal): fixes issue with missing selinux in packet.net CentOS 7 images
183 - name: ensure selinux is installed on CentOS/RHEL 7
187 - policycoreutils-python
189 - selinux-policy-targeted
197 - ansible_distribution in ["RedHat", "CentOS"]
198 - ansible_distribution_version < '8'
200 # Workaround for Equinix Metal CentOS 7
201 - name: set selinux to permissive
203 path: "/etc/sysconfig/selinux"
204 regexp: '^SELINUX=enforcing'
205 line: 'SELINUX=permissive'
207 - ansible_distribution in ["RedHat", "CentOS"]
208 - ansible_distribution_version < '8'
210 - name: Set python is python3
213 path: /usr/bin/python3
214 link: /usr/bin/python
216 - ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat'
217 - ansible_distribution_version >= '8'
219 - name: install command line tools to collect hardware details
226 when: ansible_distribution in ["RedHat", "CentOS"]
228 - name: use the correct pip version for CentOS 7
233 - ansible_distribution == "CentOS"
234 - ansible_distribution_version < '7.9'