mgmt-sa-tiger-team · oatakan · Mar 18, 2020 · Apr 7, 2020 · Apr 7, 2020 · Jun 19, 2020
diff --git a/Vagrantfile b/Vagrantfile
@@ -10,7 +10,7 @@ Vagrant.configure("2") do |config|
   gitlab_hostname= "gitlab"
   nid = (nid - 1)
   config.vm.define "#{gitlab_hostname}" do |node|
-    node.vm.box = "centos/7"
+    node.vm.box = "generic/centos8"
     node.vm.hostname = "#{gitlab_hostname}"
     node.vm.boot_timeout = 600
     node.ssh.insert_key = false
@@ -36,7 +36,7 @@ Vagrant.configure("2") do |config|
       v.gui = false
       v.vmx["memsize"] = "3072"
       v.vmx["numvcpus"] = "2"
-      v.vmx["ethernet0.virtualDev"] = "vmxnet3"
+      #v.vmx["ethernet0.virtualDev"] = "vmxnet3"
       v.vmx["RemoteDisplay.vnc.enabled"] = "false"
       v.vmx["RemoteDisplay.vnc.port"] = "5900"
       v.enable_vmrun_ip_lookup = false
@@ -46,11 +46,11 @@ Vagrant.configure("2") do |config|
   docs_hostname= "docs"
   nid = (nid - 1)
   config.vm.define "#{docs_hostname}" do |node|
-    node.vm.box = "centos/7"
+    node.vm.box = "generic/centos8"
     node.vm.hostname = "#{docs_hostname}"
     node.vm.boot_timeout = 600
     node.ssh.insert_key = false
-    node.vm.network "forwarded_port", guest: 80, host: 80
+    node.vm.network "forwarded_port", guest: 80, host: 80, auto_correct: true
     node.vm.network :private_network, ip: "10.0.1.5"
 
     node.vm.provider "virtualbox" do |vb, override|
@@ -73,7 +73,7 @@ Vagrant.configure("2") do |config|
         v.gui = false
         v.vmx["memsize"] = "2048"
         v.vmx["numvcpus"] = "2"
-        v.vmx["ethernet0.virtualDev"] = "vmxnet3"
+        #v.vmx["ethernet0.virtualDev"] = "vmxnet3"
         v.vmx["RemoteDisplay.vnc.enabled"] = "false"
         v.vmx["RemoteDisplay.vnc.port"] = "5900"
         v.enable_vmrun_ip_lookup = false
@@ -91,7 +91,7 @@ Vagrant.configure("2") do |config|
     node.winrm.basic_auth_only = false
     node.winrm.timeout = 300
     node.winrm.retry_limit = 20
-    node.vm.network "forwarded_port", guest: 5986, host: 5902
+    node.vm.network "forwarded_port", guest: 5986, host: 5902, auto_correct: true
     node.vm.network :private_network, ip: "10.0.1.6"
     node.vm.synced_folder ".", "/vagrant", disabled: true
 
@@ -129,7 +129,7 @@ Vagrant.configure("2") do |config|
   s1_tower_hostname= "s1-tower"
   nid = (nid - 1)
   config.vm.define "#{s1_tower_hostname}" do |node|
-    node.vm.box = "centos/7"
+    node.vm.box = "generic/centos8"
     node.vm.hostname = "#{s1_tower_hostname}"
     node.vm.boot_timeout = 600
     node.ssh.insert_key = false
@@ -155,7 +155,7 @@ Vagrant.configure("2") do |config|
         v.gui = false
         v.vmx["memsize"] = "4096"
         v.vmx["numvcpus"] = "2"
-        v.vmx["ethernet0.virtualDev"] = "vmxnet3"
+        #v.vmx["ethernet0.virtualDev"] = "vmxnet3"
         v.vmx["RemoteDisplay.vnc.enabled"] = "false"
         v.vmx["RemoteDisplay.vnc.port"] = "5900"
         v.enable_vmrun_ip_lookup = false

diff --git a/roles/ansible-tower/tasks/main.yml b/roles/ansible-tower/tasks/main.yml
@@ -69,11 +69,6 @@
     group: root
     mode: 0644
 
-- name: install the last version of OpenSSL
-  pip:
-    name: pyOpenSSL
-    state: latest
-
 - name: Install dependencies for Kerberos auth
   package:
     name:
@@ -89,13 +84,19 @@
 - name: Install dependencies for Kerberos auth
   package:
     name:
+      - python3-devel
       - krb5-devel
       - krb5-libs
       - krb5-workstation
       - gcc
     state: present
   when: ansible_distribution_major_version|int == 8
 
+- name: upgrade pip
+  pip:
+    name: pip
+    state: latest
+
 - name: Install pywinrm for connecting to windows hosts
   pip:
     name:

diff --git a/roles/ansible-tower/tasks/setup.yml b/roles/ansible-tower/tasks/setup.yml
@@ -52,26 +52,26 @@
 
 - name: download tower installer
   get_url:
-    url: https://releases.ansible.com/ansible-tower/setup-bundle/ansible-tower-setup-bundle-{{ towerversion }}.el{{ ansible_distribution_major_version }}.tar.gz
-    dest: /tmp/ansible-tower-setup-bundle-{{ towerversion }}.el{{ ansible_distribution_major_version }}.tar.gz
+    url: https://releases.ansible.com/ansible-tower/setup-bundle/ansible-tower-setup-bundle-{{ towerversion }}.tar.gz
+    dest: /tmp/ansible-tower-setup-bundle-{{ towerversion }}.tar.gz
     mode: 0640
   when: towerchk not in towerversion
 
 - name: extract installer
   unarchive:
-    src: /tmp/ansible-tower-setup-bundle-{{ towerversion }}.el{{ ansible_distribution_major_version }}.tar.gz
+    src: /tmp/ansible-tower-setup-bundle-{{ towerversion }}.tar.gz
     dest: /tmp/
     remote_src: True
   when: towerchk not in towerversion
 
 - name: template inventory file
   template:
     src: inventory
-    dest: /tmp/ansible-tower-setup-bundle-{{ towerversion }}.el{{ ansible_distribution_major_version }}/inventory
+    dest: /tmp/ansible-tower-setup-bundle-{{ towerversion }}/inventory
   when: towerchk != towerversion
 
 - name: run the tower installer
-  shell: ./setup.sh chdir=/tmp/ansible-tower-setup-bundle-{{ towerversion }}.el{{ ansible_distribution_major_version }}
+  shell: ./setup.sh chdir=/tmp/ansible-tower-setup-bundle-{{ towerversion }}
   when: towerchk not in towerversion
 
 - name: wait for tower to be up

diff --git a/roles/ansible-tower/templates/inventory b/roles/ansible-tower/templates/inventory
@@ -4,7 +4,11 @@ localhost ansible_connection=local
 [database]
 
 [all:vars]
-admin_password='{{towerpass}}'
+admin_password='{{ towerpass }}'
+ignore_preflight_errors=true
+{% if ansible_distribution != 'RedHat' %}
+gpgcheck=false
+{% endif %}
 
 pg_host=''
 pg_port=''

diff --git a/roles/docs_setup/tasks/main.yml b/roles/docs_setup/tasks/main.yml
@@ -4,6 +4,11 @@
     state: present
   when: ansible_distribution_major_version|int < 8
 
+- name: import remi gpg key
+  rpm_key:
+    state: present
+    key: https://rpms.remirepo.net/RPM-GPG-KEY-remi2018
+
 - name: Setup Remi PHP 8 Repo
   yum:
     name: http://rpms.famillecollet.com/enterprise/remi-release-8.rpm

diff --git a/roles/geerlingguy.gitlab/tasks/main.yml b/roles/geerlingguy.gitlab/tasks/main.yml
@@ -31,6 +31,14 @@
   command: bash /tmp/gitlab_install_repository.sh
   when: not gitlab_file.stat.exists
 
+# disable the gpg validation for now
+- name: disable repo validation for now
+  replace:
+    path: /etc/yum.repos.d/gitlab_gitlab-ce.repo
+    regexp: '^repo_gpgcheck=1'
+    replace: repo_gpgcheck=0
+  when: ansible_distribution_major_version|int == 7
+
 - name: Define the Gitlab package name.
   set_fact:
     gitlab_package_name: "{{ gitlab_edition }}{{ gitlab_package_version_separator }}{{ gitlab_version }}"

diff --git a/roles/gitlab-postconfig/tasks/main.yml b/roles/gitlab-postconfig/tasks/main.yml
@@ -1,8 +1,15 @@
 ---
-- name: GitLab Post | Install pip
+- name: GitLab Post | Install pip (RHEL7)
   yum:
     name: python-pip
     state: present
+  when: ansible_distribution_major_version|int == 7
+
+- name: GitLab Post | Install pip (RHEL8)
+  yum:
+    name: python3-pip
+    state: present
+  when: ansible_distribution_major_version|int == 8
 
 - name: GitLab Post | Install pyapi-gitlab
   pip:

diff --git a/roles/gitlab-postconfig/templates/set_root_pw.sh.j2 b/roles/gitlab-postconfig/templates/set_root_pw.sh.j2
@@ -8,4 +8,4 @@ user.reset_password_sent_at = nil
 user.save!
 user.unlock_access!
 quit
-" | gitlab-rails console production
+" | gitlab-rails console
diff --git a/roles/manage-ec2-instances/tasks/aws_check_setup.yml b/roles/manage-ec2-instances/tasks/aws_check_setup.yml
@@ -18,7 +18,7 @@
     - "'_' in ec2_name_prefix"
 
 - name: FIND AZ ZONE FOR REGION {{ ec2_region }}
-  aws_az_facts:
+  aws_az_info:
     region: "{{ ec2_region }}"
   register: az_names
 
@@ -27,7 +27,7 @@
     ec2_az: "{{ az_names.availability_zones[0].zone_name }}"
 
 - name: grab information about AWS user
-  aws_caller_facts:
+  aws_caller_info:
     region: "{{ ec2_region }}"
   register: whoami
 

diff --git a/roles/manage-ec2-instances/tasks/find_ami_ids.yml b/roles/manage-ec2-instances/tasks/find_ami_ids.yml
@@ -1,51 +1,54 @@
 ---
 - name: find ami id for rhel 7
-  ec2_ami_facts:
+  ec2_ami_info:
     owners: 309956199498
     filters:
       name: "{{ ec2_image_names['rhel7'] }}"
+      architecture: x86_64
     region: "{{ ec2_region }}"
   register: rhel7_ami_find
 
 - name: find ami id for rhel 8
-  ec2_ami_facts:
+  ec2_ami_info:
     owners: 309956199498
     filters:
       name: "{{ ec2_image_names['rhel8'] }}"
+      architecture: x86_64
     region: "{{ ec2_region }}"
   register: rhel8_ami_find
 
 - name: find ami id for centos 7
-  ec2_ami_facts:
+  ec2_ami_info:
     owners: aws-marketplace
     filters:
       name: "{{ ec2_image_names['centos7'] }}"
+      architecture: x86_64
     region: "{{ ec2_region }}"
   register: centos7_ami_find
 
 - name: find ami for windows 2016 core
-  ec2_ami_facts:
+  ec2_ami_info:
     filters:
       name: "{{ ec2_image_names['win2016_core'] }}"
     region: "{{ ec2_region }}"
   register: win2016_core_ami_find
 
 - name: find ami for windows 2016 full
-  ec2_ami_facts:
+  ec2_ami_info:
     filters:
       name: "{{ ec2_image_names['win2016_full'] }}"
     region: "{{ ec2_region }}"
   register: win2016_full_ami_find
 
 - name: find ami for windows 2019 core
-  ec2_ami_facts:
+  ec2_ami_info:
     filters:
       name: "{{ ec2_image_names['win2019_core'] }}"
     region: "{{ ec2_region }}"
   register: win2019_core_ami_find
 
 - name: find ami for windows 2019 full
-  ec2_ami_facts:
+  ec2_ami_info:
     filters:
       name: "{{ ec2_image_names['win2019_full'] }}"
     region: "{{ ec2_region }}"

diff --git a/roles/manage-ec2-instances/tasks/teardown.yml b/roles/manage-ec2-instances/tasks/teardown.yml
@@ -1,6 +1,6 @@
 ---
 - name: Get the VPC ID for {{ name_prefix }}
-  ec2_vpc_net_facts:
+  ec2_vpc_net_info:
     filters:
       "tag:Name": "{{ name_prefix }}-vpc"
     region: "{{ ec2_region }}"
@@ -12,15 +12,15 @@
   when: vpc_net_facts.vpcs|length > 0
 
 - name: grab route information for {{ ec2_name_prefix }} on {{ ec2_region }}
-  ec2_vpc_route_table_facts:
+  ec2_vpc_route_table_info:
     region: "{{ ec2_region }}"
     filters:
       vpc_id: "{{ ec2_vpc_id }}"
   register: route_table_facts
   when: vpc_net_facts.vpcs|length > 0
 
 - name: grab information about AWS user
-  aws_caller_facts:
+  aws_caller_info:
     region: "{{ ec2_region }}"
   register: whoami
 
@@ -30,7 +30,7 @@
 
 # ----------------------- Destroy Tower Instances -----------------------
 - name: Get ec2 Tower instance information
-  ec2_instance_facts:
+  ec2_instance_info:
     region: "{{ ec2_region }}"
     filters:
       vpc-id: "{{ ec2_vpc_id }}"
@@ -49,7 +49,7 @@
 
 # ----------------------- Destroy Gitlab Instances -----------------------
 - name: Get ec2 Gitlab instance information
-  ec2_instance_facts:
+  ec2_instance_info:
     region: "{{ ec2_region }}"
     filters:
       vpc-id: "{{ ec2_vpc_id }}"
@@ -79,7 +79,7 @@
 
 # ----------------------- Destroy Docs Instances -----------------------
 - name: Get ec2 Docs instance information
-  ec2_instance_facts:
+  ec2_instance_info:
     region: "{{ ec2_region }}"
     filters:
       vpc-id: "{{ ec2_vpc_id }}"
@@ -123,7 +123,7 @@
 
 # ----------------------- Destroy DC Instances -----------------------
 - name: Get ec2 DC instance information
-  ec2_instance_facts:
+  ec2_instance_info:
     region: "{{ ec2_region }}"
     filters:
       vpc-id: "{{ ec2_vpc_id }}"
@@ -141,7 +141,7 @@
 
 # ----------------------- Destroy Windows Instances -----------------------
 - name: Get ec2 Windows instance information
-  ec2_instance_facts:
+  ec2_instance_info:
     region: "{{ ec2_region }}"
     filters:
       vpc-id: "{{ ec2_vpc_id }}"
@@ -160,7 +160,7 @@
 
 # ----------------------- Destroy Workstation Instances -----------------------
 - name: Get ec2 Workstation instance information
-  ec2_instance_facts:
+  ec2_instance_info:
     region: "{{ ec2_region }}"
     filters:
       vpc-id: "{{ ec2_vpc_id }}"

diff --git a/roles/manage-ovirt-instances/tasks/provision.yml b/roles/manage-ovirt-instances/tasks/provision.yml
@@ -46,7 +46,6 @@
     cloud_init:
       nic_boot_protocol: dhcp
       nic_name: eth0
-      nic_on_boot: true
       host_name: gitlab
       user_name: "{{ root_user }}"
       root_password: "{{ root_password }}"
@@ -74,7 +73,6 @@
     cloud_init:
       nic_boot_protocol: dhcp
       nic_name: eth0
-      nic_on_boot: true
       host_name: docs
       user_name: "{{ root_user }}"
       root_password: "{{ root_password }}"
@@ -102,7 +100,6 @@
     cloud_init:
       nic_boot_protocol: dhcp
       nic_name: eth0
-      nic_on_boot: true
       host_name: "s{{ item }}-tower"
       user_name: "{{ root_user }}"
       root_password: "{{ root_password }}"