├── .ansible-lint ├── .pre-commit-config.yaml ├── .travis.yml ├── .yamllint.yaml ├── README.md ├── defaults └── main.yml ├── handlers └── main.yml ├── leapp_upgrade.yml ├── license.txt ├── meta └── main.yml ├── tasks ├── main.yml ├── postupgrade-RedHat.yml ├── postupgrade.yml ├── prepare-RedHat.yml ├── prepare.yml ├── preupgrade.yml ├── remediate.yml ├── setup-RedHat.yml ├── setup.yml ├── upgrade.yml ├── validate.yml └── verify.yml ├── tests ├── inventory └── test.yml └── vars ├── RedHat-x86_64.yml └── main.yml /.ansible-lint: -------------------------------------------------------------------------------- 1 | # exclude_paths: 2 | # - collections 3 | # - roles 4 | # - vars/vaults 5 | parseable: true 6 | quiet: true 7 | #skip_list: 8 | # - skip_this_tag 9 | # - and_this_one_too 10 | # - skip_this_id 11 | # - '401' 12 | #tags: 13 | # - run_this_tag 14 | use_default_rules: true 15 | verbosity: 5 16 | -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # For use with pre-commit. 4 | # See usage instructions at http://pre-commit.com 5 | 6 | repos: 7 | - repo: https://github.com/pre-commit/pre-commit-hooks.git 8 | rev: master 9 | hooks: 10 | - id: check-added-large-files 11 | - id: check-byte-order-marker 12 | - id: check-case-conflict 13 | - id: check-executables-have-shebangs 14 | - id: check-json 15 | - id: check-yaml 16 | - id: detect-aws-credentials 17 | - id: detect-private-key 18 | - id: end-of-file-fixer 19 | - id: mixed-line-ending 20 | # - id: pretty-format-json 21 | - id: trailing-whitespace 22 | 23 | - repo: https://github.com/ansible/ansible-lint.git 24 | rev: v4.2.0 25 | hooks: 26 | - id: ansible-lint 27 | files: \.(yaml|yml)$ 28 | 29 | - repo: https://github.com/adrienverge/yamllint.git 30 | rev: master 31 | hooks: 32 | - id: yamllint 33 | files: \.(yaml|yml)$ 34 | 35 | - repo: https://github.com/markdownlint/markdownlint.git 36 | rev: master 37 | hooks: 38 | - id: markdownlint 39 | files: \.(md|MD)$ 40 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "3.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ 30 | -------------------------------------------------------------------------------- /.yamllint.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | yaml-files: 4 | - '*.yaml' 5 | - '*.yml' 6 | - '.ansible-lint' 7 | - '.pre-commit-config.yaml' 8 | - '.yamllint.yaml' 9 | 10 | rules: 11 | braces: 12 | min-spaces-inside-empty: 0 13 | max-spaces-inside-empty: 1 14 | min-spaces-inside: 1 15 | max-spaces-inside: 1 16 | brackets: 17 | min-spaces-inside-empty: 0 18 | max-spaces-inside-empty: 1 19 | min-spaces-inside: 1 20 | max-spaces-inside: 1 21 | colons: 22 | max-spaces-before: 0 23 | max-spaces-after: 1 24 | commas: 25 | min-spaces-after: 1 26 | max-spaces-after: 1 27 | comments: 28 | level: warning 29 | min-spaces-from-content: 1 30 | require-starting-space: yes 31 | comments-indentation: 32 | level: warning 33 | document-end: disable 34 | document-start: 35 | ignore: | 36 | tasks/ 37 | level: warning 38 | empty-lines: enable 39 | empty-values: 40 | level: warning 41 | hyphens: enable 42 | indentation: 43 | ignore: | 44 | tasks/main.yml 45 | key-duplicates: enable 46 | key-ordering: disable 47 | line-length: 48 | level: warning 49 | max: 160 50 | new-line-at-end-of-file: enable 51 | new-lines: enable 52 | octal-values: 53 | forbid-explicit-octal: yes 54 | forbid-implicit-octal: no 55 | quoted-strings: disable 56 | trailing-spaces: enable 57 | truthy: 58 | allowed-values: [ "yes", "no" ] 59 | ignore: | 60 | .travis.yml 61 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ansible-leapp 2 | ============= 3 | 4 | This Ansible role attempts to perform an automated in-place upgrade of EL based 5 | systems, primarily Red Hat Enterprise Linux. 6 | 7 | It performs the following high level tasks: 8 | 9 | * Validating prerequisites and requirements 10 | * Preparing a system for the upgrade 11 | * Generate leapp preupgrade report 12 | * Remediate common upgrade issues (disabled by default) 13 | * Performing the upgrade (disabled by default) 14 | * Verifying the post-upgrade state (disabled by default) 15 | 16 | By default, this role will not perform the actual upgrade. It is intended to 17 | prepare the system and generate a preupgrade report that should be reviewed. 18 | If you're feeling lucky, you can also have it attempt to perform the upgrade. 19 | 20 | TODO 21 | ---- 22 | 23 | * Implement post-upgrade verification (tasks/verify.yml) 24 | 25 | References 26 | ---------- 27 | 28 | I used the following docs for reference: 29 | 30 | * [https://developers.redhat.com/products/rhel/download](https://developers.redhat.com/products/rhel/download) 31 | * [https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/upgrading_from_rhel_7_to_rhel_8/index](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/upgrading_from_rhel_7_to_rhel_8/index) 32 | * [https://www.redhat.com/en/blog/upgrading-rhel-7-rhel-8-leapp-and-boom](https://www.redhat.com/en/blog/upgrading-rhel-7-rhel-8-leapp-and-boom) 33 | * [https://access.redhat.com/articles/4263361](https://access.redhat.com/articles/4263361) 34 | * [https://access.redhat.com/articles/3664871](https://access.redhat.com/articles/3664871) 35 | 36 | Role Variables 37 | -------------- 38 | 39 | Variables that modify the behavior of this role are declared in `defaults/main.yml` 40 | 41 | ``` 42 | # Provide a list of repository IDs that exist in /etc/yum.repos.d 43 | # Default [] 44 | leapp_custom_repositories: [] 45 | 46 | # specify a grub device, generally not required for most installations 47 | leapp_grub_device: '/boot' 48 | 49 | # Skip Red Hat Subscription Manager? Default no 50 | leapp_skip_rhsm: no 51 | 52 | # Skip the validation pre-flight checks? Default no 53 | leapp_skip_validate: no 54 | 55 | # Skip the prepare tasks? Default no 56 | leapp_skip_prepare: no 57 | 58 | # Skip cockpit installation? Default no 59 | leapp_skip_prepare_cockpit_install: no 60 | 61 | # Skip package installation? Default no 62 | leapp_skip_prepare_package_install: no 63 | 64 | # Skip actual package updates? Default yes 65 | leapp_skip_prepare_update: yes 66 | 67 | # Skip reboot after changes to package updates? Default no 68 | leapp_skip_prepare_update_reboot: no 69 | 70 | # Skip the leapp preupgrade? Default yes 71 | leapp_skip_preupgrade: yes 72 | 73 | # Skip removing previous reports? Defaults no 74 | leapp_skip_preupgrade_cleanup: no 75 | 76 | # Skip remediate of common issues? Defaults yes 77 | leapp_skip_remediate: yes 78 | 79 | # Skip the actual leapp upgrade? Default yes 80 | leapp_skip_upgrade: yes 81 | 82 | # How long to wait (in seconds) for reboot after upgrade? Default 1200 83 | leapp_reboot_timeout: 1200 84 | ``` 85 | 86 | Dependencies 87 | ------------ 88 | 89 | There are no dependencies to use this role, however, this role assumes you have 90 | implemented a standard operating environment that provides: 91 | 92 | * Red Hat Enterprise Linux 7 93 | * System Entitled with RHSM or Satellite 94 | * Repositories configured and enabled for latest updates, specifically for 95 | `rhel-7-server-rpms` and `rhel-7-server-extras-rpms` 96 | 97 | Additionally, you must also download the additional required data files (RPM 98 | package changes and RPM repository mapping) attached to the 99 | [Knowledgebase Article](https://access.redhat.com/articles/3664871) and place 100 | it in the 'files' directory in the same directory as the playbook including 101 | this role. 102 | 103 | Example Playbook 104 | ---------------- 105 | 106 | The following is a simple playbook that will perform the default behaviors up to 107 | performing the actual upgrade: 108 | 109 | ``` 110 | --- 111 | 112 | - name: Perform an in-place upgrade of a EL System 113 | hosts: all 114 | become: yes 115 | 116 | vars: 117 | # Provide a list of repository IDs that exist in /etc/yum.repos.d 118 | # Default [] 119 | leapp_custom_repositories: [] 120 | 121 | # Skip Red Hat Subscription Manager? Default no 122 | leapp_skip_rhsm: no 123 | 124 | # Skip the validation pre-flight checks? Default no 125 | leapp_skip_validate: no 126 | 127 | # Skip the prepare tasks? Default no 128 | leapp_skip_prepare: no 129 | 130 | # Skip cockpit installation? Default no 131 | leapp_skip_prepare_cockpit_install: no 132 | 133 | # Skip package installation? Default no 134 | leapp_skip_prepare_package_install: no 135 | 136 | # Skip actual package updates? Default yes 137 | leapp_skip_prepare_update: yes 138 | 139 | # Skip the leapp preupgrade? Default no 140 | leapp_skip_preupgrade: no 141 | 142 | # Skip removing previous reports? Defaults no 143 | leapp_skip_preupgrade_cleanup: no 144 | 145 | # Skip the actual leapp upgrade? Default yes 146 | leapp_skip_upgrade: yes 147 | 148 | # How long to wait (in seconds) for reboot after upgrade? Default 1200 149 | leapp_reboot_timeout: 1200 150 | 151 | roles: 152 | - mrjoshuap.leapp 153 | ``` 154 | 155 | License 156 | ------- 157 | 158 | GPL-2.0-or-later 159 | 160 | Author Information 161 | ------------------ 162 | 163 | Joshua Preston is a solution architect with Red Hat, specializing in Platform 164 | and Management technologies. 165 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for mrjoshuap.leapp 3 | 4 | # Provide a list of repository IDs that exist in /etc/yum.repos.d 5 | # Default [] 6 | leapp_custom_repositories: [] 7 | 8 | # specify a grub device, generally not required for most installations 9 | # Default /boot 10 | leapp_grub_device: '/boot' 11 | 12 | # Skip Red Hat Subscription Manager? Default no 13 | leapp_skip_rhsm: no 14 | 15 | # Skip the validation pre-flight checks? Default no 16 | leapp_skip_validate: no 17 | 18 | # Skip the prepare tasks? Default no 19 | leapp_skip_prepare: no 20 | 21 | # Skip cockpit installation? Default no 22 | leapp_skip_prepare_cockpit_install: no 23 | 24 | # Skip package installation? Default no 25 | leapp_skip_prepare_package_install: no 26 | 27 | # Skip mucking with RHSM repos? Default yes 28 | leapp_skip_prepare_rhsm_repositories: yes 29 | 30 | # Skip actual package updates? Default no 31 | leapp_skip_prepare_update: yes 32 | 33 | # Skip reboot after changes to package updates? Default no 34 | leapp_skip_prepare_update_reboot: no 35 | 36 | # Skip the leapp preupgrade? Default no 37 | leapp_skip_preupgrade: no 38 | 39 | # Skip removing previous reports? Defaults no 40 | leapp_skip_preupgrade_cleanup: no 41 | 42 | # Skip remediate of common issues? Defaults yes 43 | leapp_skip_remediate: yes 44 | 45 | # Skip the actual leapp upgrade? Default yes 46 | leapp_skip_upgrade: yes 47 | 48 | # Skip removing previous reports? Defaults no 49 | leapp_skip_upgrade_cleanup: no 50 | 51 | # Skip the reboot after the upgrade? Default no 52 | leapp_skip_upgrade_reboot: no 53 | 54 | # Skip the post leapp upgrade tasks? Default yes 55 | leapp_skip_postupgrade: yes 56 | 57 | # Skip the post upgrade reboot? Default no 58 | leapp_skip_postupgrade_reboot: no 59 | 60 | # Skip the verification after the upgrade and post tasks? Default no 61 | leapp_skip_verify: no 62 | 63 | # How long to wait (in seconds) for reboots? Default 1200 64 | leapp_reboot_timeout: 1200 65 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for mrjoshuap.leapp 3 | 4 | - name: reboot system 5 | reboot: 6 | reboot_timeout: '{{ leapp_reboot_timeout | int }}' 7 | 8 | - name: restart cockpit 9 | service: 10 | name: cockpit.service 11 | state: restarted 12 | 13 | - name: restart sshd 14 | service: 15 | name: sshd.service 16 | state: restarted 17 | -------------------------------------------------------------------------------- /leapp_upgrade.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Perform an in-place upgrade of a EL System 4 | hosts: localhost 5 | become: yes 6 | 7 | vars: 8 | # Provide a list of repository IDs that exist in /etc/yum.repos.d 9 | # Default [] 10 | leapp_custom_repositories: [] 11 | 12 | # Skip Red Hat Subscription Manager? Default no 13 | leapp_skip_rhsm: no 14 | 15 | # Skip the validation pre-flight checks? Default no 16 | leapp_skip_validate: no 17 | 18 | # Skip the prepare tasks? Default no 19 | leapp_skip_prepare: no 20 | 21 | # Skip cockpit installation? Default no 22 | leapp_skip_prepare_cockpit_install: no 23 | 24 | # Skip package installation? Default no 25 | leapp_skip_prepare_package_install: no 26 | 27 | # Skip actual package updates? Default no 28 | leapp_skip_prepare_update: no 29 | 30 | # Skip reboot after changes to package updates? Default no 31 | leapp_skip_prepare_update_reboot: no 32 | 33 | # Skip the leapp preupgrade? Default no 34 | leapp_skip_preupgrade: no 35 | 36 | # Skip removing previous reports? Defaults no 37 | leapp_skip_preupgrade_cleanup: no 38 | 39 | # Skip the actual leapp upgrade? Default yes 40 | leapp_skip_upgrade: no 41 | 42 | # How long to wait (in seconds) for reboot after upgrade? Default 1200 43 | leapp_reboot_timeout: 1200 44 | 45 | roles: 46 | - mrjoshuap.leapp 47 | -------------------------------------------------------------------------------- /license.txt: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 2, June 1991 3 | 4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc., 5 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 6 | Everyone is permitted to copy and distribute verbatim copies 7 | of this license document, but changing it is not allowed. 8 | 9 | Preamble 10 | 11 | The licenses for most software are designed to take away your 12 | freedom to share and change it. By contrast, the GNU General Public 13 | License is intended to guarantee your freedom to share and change free 14 | software--to make sure the software is free for all its users. This 15 | General Public License applies to most of the Free Software 16 | Foundation's software and to any other program whose authors commit to 17 | using it. (Some other Free Software Foundation software is covered by 18 | the GNU Lesser General Public License instead.) You can apply it to 19 | your programs, too. 20 | 21 | When we speak of free software, we are referring to freedom, not 22 | price. Our General Public Licenses are designed to make sure that you 23 | have the freedom to distribute copies of free software (and charge for 24 | this service if you wish), that you receive source code or can get it 25 | if you want it, that you can change the software or use pieces of it 26 | in new free programs; and that you know you can do these things. 27 | 28 | To protect your rights, we need to make restrictions that forbid 29 | anyone to deny you these rights or to ask you to surrender the rights. 30 | These restrictions translate to certain responsibilities for you if you 31 | distribute copies of the software, or if you modify it. 32 | 33 | For example, if you distribute copies of such a program, whether 34 | gratis or for a fee, you must give the recipients all the rights that 35 | you have. You must make sure that they, too, receive or can get the 36 | source code. And you must show them these terms so they know their 37 | rights. 38 | 39 | We protect your rights with two steps: (1) copyright the software, and 40 | (2) offer you this license which gives you legal permission to copy, 41 | distribute and/or modify the software. 42 | 43 | Also, for each author's protection and ours, we want to make certain 44 | that everyone understands that there is no warranty for this free 45 | software. If the software is modified by someone else and passed on, we 46 | want its recipients to know that what they have is not the original, so 47 | that any problems introduced by others will not reflect on the original 48 | authors' reputations. 49 | 50 | Finally, any free program is threatened constantly by software 51 | patents. We wish to avoid the danger that redistributors of a free 52 | program will individually obtain patent licenses, in effect making the 53 | program proprietary. To prevent this, we have made it clear that any 54 | patent must be licensed for everyone's free use or not licensed at all. 55 | 56 | The precise terms and conditions for copying, distribution and 57 | modification follow. 58 | 59 | GNU GENERAL PUBLIC LICENSE 60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 61 | 62 | 0. This License applies to any program or other work which contains 63 | a notice placed by the copyright holder saying it may be distributed 64 | under the terms of this General Public License. The "Program", below, 65 | refers to any such program or work, and a "work based on the Program" 66 | means either the Program or any derivative work under copyright law: 67 | that is to say, a work containing the Program or a portion of it, 68 | either verbatim or with modifications and/or translated into another 69 | language. (Hereinafter, translation is included without limitation in 70 | the term "modification".) Each licensee is addressed as "you". 71 | 72 | Activities other than copying, distribution and modification are not 73 | covered by this License; they are outside its scope. The act of 74 | running the Program is not restricted, and the output from the Program 75 | is covered only if its contents constitute a work based on the 76 | Program (independent of having been made by running the Program). 77 | Whether that is true depends on what the Program does. 78 | 79 | 1. You may copy and distribute verbatim copies of the Program's 80 | source code as you receive it, in any medium, provided that you 81 | conspicuously and appropriately publish on each copy an appropriate 82 | copyright notice and disclaimer of warranty; keep intact all the 83 | notices that refer to this License and to the absence of any warranty; 84 | and give any other recipients of the Program a copy of this License 85 | along with the Program. 86 | 87 | You may charge a fee for the physical act of transferring a copy, and 88 | you may at your option offer warranty protection in exchange for a fee. 89 | 90 | 2. You may modify your copy or copies of the Program or any portion 91 | of it, thus forming a work based on the Program, and copy and 92 | distribute such modifications or work under the terms of Section 1 93 | above, provided that you also meet all of these conditions: 94 | 95 | a) You must cause the modified files to carry prominent notices 96 | stating that you changed the files and the date of any change. 97 | 98 | b) You must cause any work that you distribute or publish, that in 99 | whole or in part contains or is derived from the Program or any 100 | part thereof, to be licensed as a whole at no charge to all third 101 | parties under the terms of this License. 102 | 103 | c) If the modified program normally reads commands interactively 104 | when run, you must cause it, when started running for such 105 | interactive use in the most ordinary way, to print or display an 106 | announcement including an appropriate copyright notice and a 107 | notice that there is no warranty (or else, saying that you provide 108 | a warranty) and that users may redistribute the program under 109 | these conditions, and telling the user how to view a copy of this 110 | License. (Exception: if the Program itself is interactive but 111 | does not normally print such an announcement, your work based on 112 | the Program is not required to print an announcement.) 113 | 114 | These requirements apply to the modified work as a whole. If 115 | identifiable sections of that work are not derived from the Program, 116 | and can be reasonably considered independent and separate works in 117 | themselves, then this License, and its terms, do not apply to those 118 | sections when you distribute them as separate works. But when you 119 | distribute the same sections as part of a whole which is a work based 120 | on the Program, the distribution of the whole must be on the terms of 121 | this License, whose permissions for other licensees extend to the 122 | entire whole, and thus to each and every part regardless of who wrote it. 123 | 124 | Thus, it is not the intent of this section to claim rights or contest 125 | your rights to work written entirely by you; rather, the intent is to 126 | exercise the right to control the distribution of derivative or 127 | collective works based on the Program. 128 | 129 | In addition, mere aggregation of another work not based on the Program 130 | with the Program (or with a work based on the Program) on a volume of 131 | a storage or distribution medium does not bring the other work under 132 | the scope of this License. 133 | 134 | 3. You may copy and distribute the Program (or a work based on it, 135 | under Section 2) in object code or executable form under the terms of 136 | Sections 1 and 2 above provided that you also do one of the following: 137 | 138 | a) Accompany it with the complete corresponding machine-readable 139 | source code, which must be distributed under the terms of Sections 140 | 1 and 2 above on a medium customarily used for software interchange; or, 141 | 142 | b) Accompany it with a written offer, valid for at least three 143 | years, to give any third party, for a charge no more than your 144 | cost of physically performing source distribution, a complete 145 | machine-readable copy of the corresponding source code, to be 146 | distributed under the terms of Sections 1 and 2 above on a medium 147 | customarily used for software interchange; or, 148 | 149 | c) Accompany it with the information you received as to the offer 150 | to distribute corresponding source code. (This alternative is 151 | allowed only for noncommercial distribution and only if you 152 | received the program in object code or executable form with such 153 | an offer, in accord with Subsection b above.) 154 | 155 | The source code for a work means the preferred form of the work for 156 | making modifications to it. For an executable work, complete source 157 | code means all the source code for all modules it contains, plus any 158 | associated interface definition files, plus the scripts used to 159 | control compilation and installation of the executable. However, as a 160 | special exception, the source code distributed need not include 161 | anything that is normally distributed (in either source or binary 162 | form) with the major components (compiler, kernel, and so on) of the 163 | operating system on which the executable runs, unless that component 164 | itself accompanies the executable. 165 | 166 | If distribution of executable or object code is made by offering 167 | access to copy from a designated place, then offering equivalent 168 | access to copy the source code from the same place counts as 169 | distribution of the source code, even though third parties are not 170 | compelled to copy the source along with the object code. 171 | 172 | 4. You may not copy, modify, sublicense, or distribute the Program 173 | except as expressly provided under this License. Any attempt 174 | otherwise to copy, modify, sublicense or distribute the Program is 175 | void, and will automatically terminate your rights under this License. 176 | However, parties who have received copies, or rights, from you under 177 | this License will not have their licenses terminated so long as such 178 | parties remain in full compliance. 179 | 180 | 5. You are not required to accept this License, since you have not 181 | signed it. However, nothing else grants you permission to modify or 182 | distribute the Program or its derivative works. These actions are 183 | prohibited by law if you do not accept this License. Therefore, by 184 | modifying or distributing the Program (or any work based on the 185 | Program), you indicate your acceptance of this License to do so, and 186 | all its terms and conditions for copying, distributing or modifying 187 | the Program or works based on it. 188 | 189 | 6. Each time you redistribute the Program (or any work based on the 190 | Program), the recipient automatically receives a license from the 191 | original licensor to copy, distribute or modify the Program subject to 192 | these terms and conditions. You may not impose any further 193 | restrictions on the recipients' exercise of the rights granted herein. 194 | You are not responsible for enforcing compliance by third parties to 195 | this License. 196 | 197 | 7. If, as a consequence of a court judgment or allegation of patent 198 | infringement or for any other reason (not limited to patent issues), 199 | conditions are imposed on you (whether by court order, agreement or 200 | otherwise) that contradict the conditions of this License, they do not 201 | excuse you from the conditions of this License. If you cannot 202 | distribute so as to satisfy simultaneously your obligations under this 203 | License and any other pertinent obligations, then as a consequence you 204 | may not distribute the Program at all. For example, if a patent 205 | license would not permit royalty-free redistribution of the Program by 206 | all those who receive copies directly or indirectly through you, then 207 | the only way you could satisfy both it and this License would be to 208 | refrain entirely from distribution of the Program. 209 | 210 | If any portion of this section is held invalid or unenforceable under 211 | any particular circumstance, the balance of the section is intended to 212 | apply and the section as a whole is intended to apply in other 213 | circumstances. 214 | 215 | It is not the purpose of this section to induce you to infringe any 216 | patents or other property right claims or to contest validity of any 217 | such claims; this section has the sole purpose of protecting the 218 | integrity of the free software distribution system, which is 219 | implemented by public license practices. Many people have made 220 | generous contributions to the wide range of software distributed 221 | through that system in reliance on consistent application of that 222 | system; it is up to the author/donor to decide if he or she is willing 223 | to distribute software through any other system and a licensee cannot 224 | impose that choice. 225 | 226 | This section is intended to make thoroughly clear what is believed to 227 | be a consequence of the rest of this License. 228 | 229 | 8. If the distribution and/or use of the Program is restricted in 230 | certain countries either by patents or by copyrighted interfaces, the 231 | original copyright holder who places the Program under this License 232 | may add an explicit geographical distribution limitation excluding 233 | those countries, so that distribution is permitted only in or among 234 | countries not thus excluded. In such case, this License incorporates 235 | the limitation as if written in the body of this License. 236 | 237 | 9. The Free Software Foundation may publish revised and/or new versions 238 | of the General Public License from time to time. Such new versions will 239 | be similar in spirit to the present version, but may differ in detail to 240 | address new problems or concerns. 241 | 242 | Each version is given a distinguishing version number. If the Program 243 | specifies a version number of this License which applies to it and "any 244 | later version", you have the option of following the terms and conditions 245 | either of that version or of any later version published by the Free 246 | Software Foundation. If the Program does not specify a version number of 247 | this License, you may choose any version ever published by the Free Software 248 | Foundation. 249 | 250 | 10. If you wish to incorporate parts of the Program into other free 251 | programs whose distribution conditions are different, write to the author 252 | to ask for permission. For software which is copyrighted by the Free 253 | Software Foundation, write to the Free Software Foundation; we sometimes 254 | make exceptions for this. Our decision will be guided by the two goals 255 | of preserving the free status of all derivatives of our free software and 256 | of promoting the sharing and reuse of software generally. 257 | 258 | NO WARRANTY 259 | 260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS 266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 268 | REPAIR OR CORRECTION. 269 | 270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED 275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY 276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE 278 | POSSIBILITY OF SUCH DAMAGES. 279 | 280 | END OF TERMS AND CONDITIONS 281 | 282 | How to Apply These Terms to Your New Programs 283 | 284 | If you develop a new program, and you want it to be of the greatest 285 | possible use to the public, the best way to achieve this is to make it 286 | free software which everyone can redistribute and change under these terms. 287 | 288 | To do so, attach the following notices to the program. It is safest 289 | to attach them to the start of each source file to most effectively 290 | convey the exclusion of warranty; and each file should have at least 291 | the "copyright" line and a pointer to where the full notice is found. 292 | 293 | 294 | Copyright (C) 295 | 296 | This program is free software; you can redistribute it and/or modify 297 | it under the terms of the GNU General Public License as published by 298 | the Free Software Foundation; either version 2 of the License, or 299 | (at your option) any later version. 300 | 301 | This program is distributed in the hope that it will be useful, 302 | but WITHOUT ANY WARRANTY; without even the implied warranty of 303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 304 | GNU General Public License for more details. 305 | 306 | You should have received a copy of the GNU General Public License along 307 | with this program; if not, write to the Free Software Foundation, Inc., 308 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 309 | 310 | Also add information on how to contact you by electronic and paper mail. 311 | 312 | If the program is interactive, make it output a short notice like this 313 | when it starts in an interactive mode: 314 | 315 | Gnomovision version 69, Copyright (C) year name of author 316 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 317 | This is free software, and you are welcome to redistribute it 318 | under certain conditions; type `show c' for details. 319 | 320 | The hypothetical commands `show w' and `show c' should show the appropriate 321 | parts of the General Public License. Of course, the commands you use may 322 | be called something other than `show w' and `show c'; they could even be 323 | mouse-clicks or menu items--whatever suits your program. 324 | 325 | You should also get your employer (if you work as a programmer) or your 326 | school, if any, to sign a "copyright disclaimer" for the program, if 327 | necessary. Here is a sample; alter the names: 328 | 329 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program 330 | `Gnomovision' (which makes passes at compilers) written by James Hacker. 331 | 332 | , 1 April 1989 333 | Ty Coon, President of Vice 334 | 335 | This General Public License does not permit incorporating your program into 336 | proprietary programs. If your program is a subroutine library, you may 337 | consider it more useful to permit linking proprietary applications with the 338 | library. If this is what you want to do, use the GNU Lesser General 339 | Public License instead of this License. 340 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | galaxy_info: 4 | role_name: leapp 5 | author: Joshua Preston 6 | description: An Ansible role that attempts an inplace upgrade of EL7 to EL8 using LEAPP 7 | company: Red Hat 8 | 9 | license: GPL-2.0-or-later 10 | 11 | min_ansible_version: 2.9 12 | 13 | platforms: 14 | - name: EL 15 | versions: 16 | - 7 17 | 18 | galaxy_tags: 19 | - leapp 20 | - system 21 | - upgrade 22 | 23 | # List your role dependencies here, one per line. Be sure to remove the '[]' below, 24 | # if you add dependencies to this list. 25 | dependencies: [] 26 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Perform a LEAPP Upgrade from EL7.latest to EL8.latest 2 | block: 3 | 4 | - name: Include setup tasks 5 | include_tasks: setup.yml 6 | 7 | - block: 8 | 9 | - name: Include setup tasks - pre 10 | include_tasks: setup.yml 11 | vars: 12 | leapp_setup_state: pre 13 | 14 | - name: Validating prerequisites and requirements 15 | include_tasks: validate.yml 16 | when: 17 | - not leapp_skip_validate | bool 18 | 19 | - name: Preparing system for the upgrade 20 | include_tasks: prepare.yml 21 | when: 22 | - not leapp_skip_prepare | bool 23 | 24 | - name: Include setup tasks - prepared 25 | include_tasks: setup.yml 26 | vars: 27 | leapp_setup_state: prepared 28 | when: 29 | - not leapp_skip_prepare | bool 30 | 31 | - name: Generate leapp preupgrade report 32 | include_tasks: preupgrade.yml 33 | when: 34 | - not leapp_skip_preupgrade | bool 35 | 36 | - name: Perform common remediation of issues 37 | include_tasks: remediate.yml 38 | when: 39 | - not leapp_skip_remediate | bool 40 | 41 | - name: Include setup tasks - remediated 42 | include_tasks: setup.yml 43 | vars: 44 | leapp_setup_state: remediated 45 | when: 46 | - not leapp_skip_remediate | bool 47 | 48 | - name: Rerun leapp preupgrade report after remediations 49 | include_tasks: preupgrade.yml 50 | when: 51 | - not leapp_skip_preupgrade | bool 52 | - not leapp_skip_remediate | bool 53 | - leapp_preupgrade_report_inhibitors | int > 0 54 | 55 | - assert: 56 | that: 57 | - not leapp_skip_upgrade | bool and leapp_preupgrade_report_inhibitors | int == 0 58 | fail_msg: 'There are still inhibitors blocking the upgrade, manually review report and remediate' 59 | 60 | - name: Performing the upgrade 61 | include_tasks: upgrade.yml 62 | when: 63 | - not leapp_skip_upgrade | bool 64 | 65 | - name: Include setup tasks - upgraded 66 | include_tasks: setup.yml 67 | vars: 68 | leapp_setup_state: upgraded 69 | when: 70 | - not leapp_skip_upgrade | bool 71 | 72 | when: 73 | - ansible_distribution_major_version == '7' 74 | 75 | - block: 76 | 77 | - name: Include setup tasks - post 78 | include_tasks: setup.yml 79 | vars: 80 | leapp_setup_state: 81 | 82 | - name: Include postupgrade tasks 83 | include_tasks: postupgrade.yml 84 | when: 85 | - not leapp_skip_postupgrade | bool 86 | 87 | - name: Include setup tasks - postupgraded 88 | include_tasks: setup.yml 89 | vars: 90 | leapp_setup_state: postupgraded 91 | when: 92 | - not leapp_skip_postupgrade | bool 93 | 94 | - name: Verifying the post-upgrade state 95 | include_tasks: verify.yml 96 | when: 97 | - 'not leapp_skip_verify | bool' 98 | 99 | when: 100 | - ansible_distribution_major_version == '8' 101 | -------------------------------------------------------------------------------- /tasks/postupgrade-RedHat.yml: -------------------------------------------------------------------------------- 1 | - name: Unset Subscription Manager Release 2 | rhsm_release: 3 | release: null 4 | when: 5 | - 'not leapp_skip_rhsm | bool' 6 | -------------------------------------------------------------------------------- /tasks/postupgrade.yml: -------------------------------------------------------------------------------- 1 | - name: Load leapp upgrade report 2 | include_vars: 3 | file: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-upgrade.json' 4 | name: leapp_upgrade_report 5 | when: 6 | - 'leapp_upgrade_report is not defined' 7 | 8 | - name: Print leapp upgrade report variable 9 | debug: 10 | var: leapp_upgrade_report 11 | verbosity: 2 12 | 13 | - name: Include postupgrade tasks specific for distribution and architecture 14 | include_tasks: '{{ item }}' 15 | vars: 16 | params: 17 | files: 18 | - 'postupgrade-{{ ansible_distribution }}-{{ ansible_architecture }}.yml' 19 | - 'postupgrade-{{ ansible_distribution }}.yml' 20 | loop: "{{ q('first_found', params, errors='ignore') }}" 21 | 22 | - name: Correct python version selected 23 | alternatives: 24 | name: python 25 | path: /usr/bin/python3 26 | when: 27 | - leapp_preupgrade_report.entries | selectattr("title", "match", "Difference in Python versions and support") 28 | 29 | - name: Reboot system # noqa 503 30 | block: 31 | - debug: 32 | msg: "Rebooting system" 33 | notify: 34 | - reboot system 35 | when: 36 | - 'not leapp_skip_postupgrade_reboot | bool' 37 | 38 | - name: Force all notified handlers to run at this point, not waiting for normal sync points 39 | meta: flush_handlers 40 | -------------------------------------------------------------------------------- /tasks/prepare-RedHat.yml: -------------------------------------------------------------------------------- 1 | - name: Perform RHSM prepare work 2 | block: 3 | 4 | - name: Unset Subscription Manager Release 5 | rhsm_release: 6 | release: null 7 | when: 8 | - 'leapp_subscription_manager_release_locked | default() | bool' 9 | 10 | - name: Disable all repositories except the RHSM ones 11 | rhsm_repository: 12 | name: '{{ leapp_rhsm_repositories | join(",") }}' 13 | purge: yes 14 | when: 15 | - 'not leapp_skip_prepare_rhsm_repositories | bool' 16 | 17 | when: 18 | - 'not leapp_skip_rhsm | bool' 19 | -------------------------------------------------------------------------------- /tasks/prepare.yml: -------------------------------------------------------------------------------- 1 | - name: Include prepare tasks specific for distribution and architecture 2 | include_tasks: '{{ item }}' 3 | vars: 4 | params: 5 | files: 6 | - 'prepare-{{ ansible_distribution }}-{{ ansible_architecture }}.yml' 7 | - 'prepare-{{ ansible_distribution }}.yml' 8 | loop: "{{ q('first_found', params, errors='ignore') }}" 9 | 10 | - name: Clear yum versionlocks 11 | command: yum versionlock clear 12 | args: 13 | warn: no 14 | when: 'leapp_yum_version_locked | default() | bool' 15 | 16 | - name: Install required LEAPP packages 17 | package: 18 | name: '{{ leapp_packages }}' 19 | state: present 20 | when: 'not leapp_skip_prepare_package_install | bool' 21 | 22 | - name: Install LEAPP module for cockpit 23 | package: 24 | name: '{{ leapp_packages_cockpit }}' 25 | state: present 26 | notify: 27 | - restart cockpit 28 | when: 29 | - 'not leapp_skip_prepare_cockpit_install | bool' 30 | register: leapp_package_cockpit 31 | 32 | - name: Update all packages to latest # noqa 403 33 | package: 34 | name: '*' 35 | state: latest 36 | register: leapp_package_update 37 | when: 38 | - 'not leapp_skip_prepare_update | bool' 39 | 40 | - name: Reboot system # noqa 503 41 | block: 42 | - debug: 43 | msg: "Rebooting system" 44 | notify: 45 | - reboot system 46 | when: 47 | - 'leapp_package_update.changed' 48 | - 'not leapp_skip_prepare_update_reboot | bool' 49 | 50 | - name: Force all notified handlers to run at this point, not waiting for normal sync points 51 | meta: flush_handlers 52 | -------------------------------------------------------------------------------- /tasks/preupgrade.yml: -------------------------------------------------------------------------------- 1 | - name: Extract additional required data files (RPM package changes and repository mappings) 2 | unarchive: 3 | remote_src: no 4 | src: '{{ lookup("first_found", leapp_data_files) }}' 5 | dest: /etc/leapp/files/ 6 | 7 | - name: Cleanup previous preupgrade reports 8 | file: 9 | path: '{{ item }}' 10 | state: absent 11 | loop: 12 | - /var/log/leapp/leapp-report.txt 13 | - /var/log/leapp/leapp-report.json 14 | when: 15 | - 'not leapp_skip_preupgrade_cleanup | bool' 16 | 17 | - name: Generate leapp preupgrade report 18 | command: > 19 | leapp preupgrade 20 | {% for repo in leapp_custom_repositories %}--enablerepo {{ repo }} {% endfor %} 21 | {{ "--no-rhsm" if leapp_skip_rhsm | default() | bool }} 22 | args: 23 | creates: /var/log/leapp/leapp-report.txt 24 | ignore_errors: yes 25 | register: leapp_preupgrade 26 | 27 | - name: Debug leapp preupgrade output 28 | debug: 29 | var: leapp_preupgrade 30 | verbosity: 2 31 | 32 | - name: Gather leapp preupgrade report (TXT) 33 | fetch: 34 | src: /var/log/leapp/leapp-report.txt 35 | dest: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-preupgrade.txt' 36 | flat: yes 37 | 38 | - name: Gather leapp preupgrade report (JSON) 39 | fetch: 40 | src: /var/log/leapp/leapp-report.json 41 | dest: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-preupgrade.json' 42 | flat: yes 43 | 44 | - name: Load leapp preupgrade report 45 | include_vars: 46 | file: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-preupgrade.json' 47 | name: leapp_preupgrade_report 48 | 49 | - name: Print leapp preupgrade report variable 50 | debug: 51 | var: leapp_preupgrade_report 52 | verbosity: 2 53 | 54 | - name: Set appropriate facts based on the report 55 | set_fact: 56 | leapp_preupgrade_report_info: '{{ leapp_preupgrade_report["entries"] | selectattr("severity", "match", "info") | list }}' 57 | leapp_preupgrade_report_low: '{{ leapp_preupgrade_report["entries"] | selectattr("severity", "match", "low") | list }}' 58 | leapp_preupgrade_report_high: '{{ leapp_preupgrade_report["entries"] | selectattr("severity", "match", "high") | list }}' 59 | leapp_preupgrade_report_inhibitors: > 60 | {{ leapp_preupgrade_report["entries"] | json_query("[*].flags[?contains(@, 'inhibitor')]") | list }} 61 | 62 | - name: Print leapp preupgrade statistics 63 | debug: 64 | msg: > 65 | {{ leapp_preupgrade_report["entries"] | selectattr("severity", "match", "info") | list | length }} Info Messages, 66 | {{ leapp_preupgrade_report["entries"] | selectattr("severity", "match", "low") | list | length }} Low Severity Issues, 67 | {{ leapp_preupgrade_report["entries"] | selectattr("severity", "match", "high") | list | length }} High Severity Issues, 68 | {{ leapp_preupgrade_report["entries"] | json_query("[*].flags[?contains(@, 'inhibitor')]") | list | length }} Inhibitors 69 | -------------------------------------------------------------------------------- /tasks/remediate.yml: -------------------------------------------------------------------------------- 1 | - name: Load leapp preupgrade report 2 | include_vars: 3 | file: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-preupgrade.json' 4 | name: leapp_preupgrade_report 5 | when: 6 | - 'leapp_preupgrade_report is not defined' 7 | 8 | - name: Print leapp preupgrade report variable 9 | debug: 10 | var: leapp_preupgrade_report 11 | verbosity: 2 12 | 13 | - name: Set system locale to en_US.UTF-8 14 | lineinfile: 15 | path: /etc/locale.conf 16 | regexp: '^LANG=' 17 | line: LANG=en_US.UTF-8 18 | 19 | - name: Permit root login via ssh 20 | block: 21 | - name: Configure sshd 22 | lineinfile: 23 | path: /etc/ssh/sshd_config 24 | regexp: '^PermitRootLogin' 25 | line: PermitRootLogin yes 26 | register: permit_root_login 27 | notify: 28 | - restart sshd 29 | when: 30 | - 'leapp_preupgrade_report["entries"] | selectattr("title", "match", "Possible problems with remote login using root account") | list | length > 0' 31 | -------------------------------------------------------------------------------- /tasks/setup-RedHat.yml: -------------------------------------------------------------------------------- 1 | - name: Perform RHSM setup work 2 | block: 3 | 4 | - name: Get subscription status 5 | command: subscription-manager status 6 | ignore_errors: yes 7 | changed_when: no 8 | register: subscription_manager_status 9 | 10 | - name: Debug output of subscription status 11 | debug: 12 | var: subscription_manager_status 13 | verbosity: 2 14 | 15 | - name: Set subscription status 16 | set_fact: 17 | leapp_subscription_manager_entitled: '{{ not subscription_manager_status.failed | bool }}' 18 | 19 | - name: Get release status 20 | command: subscription-manager release --show 21 | ignore_errors: yes 22 | changed_when: no 23 | register: subscription_manager_release_status 24 | 25 | - name: Debug output of release status 26 | debug: 27 | var: subscription_manager_release_status 28 | verbosity: 2 29 | 30 | - name: Set release status 31 | set_fact: 32 | leapp_subscription_manager_release_locked: '{{ "Release not set" not in subscription_manager_release_status.stdout }}' 33 | 34 | - name: Debug output of Red Hat variables 35 | debug: 36 | msg: > 37 | leapp_subscription_manager_entitled={{ leapp_subscription_manager_entitled }} 38 | leapp_subscription_manager_release_locked={{ leapp_subscription_manager_release_locked }} 39 | 40 | when: 41 | - 'not leapp_skip_rhsm | bool' 42 | -------------------------------------------------------------------------------- /tasks/setup.yml: -------------------------------------------------------------------------------- 1 | - name: Gather python interpreter fact 2 | setup: 3 | filter: ansible_python_interpreter 4 | register: leapp_setup_test 5 | ignore_errors: yes 6 | 7 | - name: Specify failsafe python interpreter if setup fails 8 | set_fact: 9 | ansible_python_interpreter: /usr/bin/python3 10 | cacheable: yes 11 | when: leapp_setup_test.failed 12 | 13 | - name: Gather latest system facts 14 | setup: 15 | 16 | - name: Gather latest package facts 17 | package_facts: 18 | 19 | - name: Debug output all ansible facts 20 | debug: 21 | var: ansible_facts 22 | verbosity: 2 23 | 24 | - name: Include setup tasks specific for distribution and architecture 25 | include_tasks: '{{ item }}' 26 | vars: 27 | params: 28 | files: 29 | - 'setup-{{ ansible_distribution }}-{{ ansible_architecture }}.yml' 30 | - 'setup-{{ ansible_distribution }}.yml' 31 | loop: "{{ q('first_found', params, errors='ignore') }}" 32 | 33 | - name: Perform repository version locking 34 | block: 35 | 36 | - name: Get yum versionlock list 37 | command: yum versionlock list --quiet 38 | args: 39 | warn: no 40 | changed_when: no 41 | register: yum_versionlock_status 42 | 43 | - name: Debug output of yum versionlock list 44 | debug: 45 | var: yum_versionlock_status 46 | verbosity: 2 47 | 48 | - name: Set yum versionlock status 49 | set_fact: 50 | leapp_yum_version_locked: '{{ yum_versionlock_status.stdout_lines | default() | length > 0 }}' 51 | 52 | when: 53 | - leapp_yum_version_locked is not defined 54 | - '"yum-plugin-versionlock" in ansible_facts.packages' 55 | 56 | - name: Cache local system state and data 57 | block: 58 | 59 | - name: Saving state of ansible_facts 60 | copy: 61 | content: "{{ ansible_facts | to_nice_json }}" 62 | dest: "/var/log/leapp-ansible_facts-{{ leapp_setup_state }}.json" 63 | changed_when: no 64 | 65 | - name: Saving ansible_facts to local file -- for reference 66 | fetch: 67 | src: "/var/log/leapp-ansible_facts-{{ leapp_setup_state }}.json" 68 | dest: leapp-reports/ 69 | changed_when: no 70 | 71 | - name: Saving state of hostvars 72 | copy: 73 | content: "{{ hostvars[inventory_hostname] | to_nice_json }}" 74 | dest: "/var/log/leapp-hostvars-{{ leapp_setup_state }}.json" 75 | changed_when: no 76 | 77 | - name: Saving hostvars to local file -- for reference 78 | fetch: 79 | src: "/var/log/leapp-hostvars-{{ leapp_setup_state }}.json" 80 | dest: leapp-reports/ 81 | changed_when: no 82 | 83 | when: 84 | - "leapp_setup_state is defined" 85 | -------------------------------------------------------------------------------- /tasks/upgrade.yml: -------------------------------------------------------------------------------- 1 | - name: Load leapp preupgrade report 2 | include_vars: 3 | file: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-preupgrade.json' 4 | name: leapp_preupgrade_report 5 | when: 6 | - 'leapp_preupgrade_report is not defined' 7 | 8 | - name: Print leapp preupgrade report variable 9 | debug: 10 | var: leapp_preupgrade_report 11 | verbosity: 2 12 | 13 | - name: Cleanup previous upgrade reports 14 | file: 15 | path: '{{ item }}' 16 | state: absent 17 | loop: 18 | - /var/log/leapp/leapp-report.txt 19 | - /var/log/leapp/leapp-report.json 20 | when: 21 | - 'not leapp_skip_upgrade_cleanup | bool' 22 | 23 | - name: Perform leapp upgrade # noqa 301 24 | command: > 25 | leapp upgrade 26 | {% for repo in leapp_custom_repositories %}--enablerepo {{ repo | quote }} {% endfor %} 27 | {{ "--no-rhsm" if leapp_skip_rhsm | default() | bool }} 28 | register: leapp_upgrade 29 | 30 | - name: Debug leapp upgrade output 31 | debug: 32 | var: leapp_upgrade 33 | verbosity: 2 34 | 35 | - name: Gather leapp upgrade report (TXT) 36 | fetch: 37 | src: /var/log/leapp/leapp-report.txt 38 | dest: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-upgrade.txt' 39 | flat: yes 40 | 41 | - name: Gather leapp upgrade report (JSON) 42 | fetch: 43 | src: /var/log/leapp/leapp-report.json 44 | dest: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-upgrade.json' 45 | flat: yes 46 | 47 | - name: Load leapp upgrade report 48 | include_vars: 49 | file: 'leapp-reports/{{ inventory_hostname }}/var/log/leapp/leapp-report-upgrade.json' 50 | name: leapp_upgrade_report 51 | 52 | - name: Print leapp upgrade report variable 53 | debug: 54 | var: leapp_upgrade_report 55 | verbosity: 2 56 | 57 | - name: Print leapp upgrade statistics 58 | debug: 59 | msg: > 60 | {{ leapp_upgrade_report["entries"] | selectattr("severity", "match", "info") | list | length }} Info Messages, 61 | {{ leapp_upgrade_report["entries"] | selectattr("severity", "match", "low") | list | length }} Low Severity Issues, 62 | {{ leapp_upgrade_report["entries"] | selectattr("severity", "match", "high") | list | length }} High Severity Issues 63 | 64 | - name: Reboot system # noqa 503 65 | block: 66 | - debug: 67 | msg: "Rebooting system" 68 | notify: 69 | - reboot system 70 | when: 71 | - 'not leapp_upgrade.failed' 72 | - 'not leapp_skip_upgrade_reboot | bool' 73 | 74 | - name: Force all notified handlers to run at this point, not waiting for normal sync points 75 | meta: flush_handlers 76 | -------------------------------------------------------------------------------- /tasks/validate.yml: -------------------------------------------------------------------------------- 1 | - name: Load distribution and architecture variables 2 | include_vars: '{{ item }}' 3 | vars: 4 | params: 5 | files: 6 | - 'vars/{{ ansible_distribution }}-{{ ansible_architecture }}.yml' 7 | loop: "{{ q('first_found', params, errors='ignore') }}" 8 | 9 | - name: Validate system requirements 10 | assert: 11 | fail_msg: 'System did not meet requirements for leapp upgrade' 12 | that: 13 | - 'ansible_distribution_major_version | int == 7' 14 | - 'ansible_interfaces | select("match", "eth") | list | length <= 1' 15 | - 'ansible_kernel is match(leapp_kernel_version_from)' 16 | - 'ansible_memtotal_mb | int < leapp_max_memtotal_mb | int' 17 | - 'ansible_memtotal_mb | int > leapp_min_memtotal_mb | int' 18 | - 'ansible_processor_count | int * ansible_processor_cores | int < leapp_maximum_logical_cpus | int' 19 | - 'not ansible_fips | bool' 20 | 21 | - name: Validate repository and subscription-manager options 22 | assert: 23 | fail_msg: '"leapp_skip_rhsm" is true, but no "leapp_custom_repositories" were defined' 24 | that: 25 | - > 26 | not leapp_skip_rhsm | bool 27 | or 28 | (leapp_skip_rhsm | bool and leapp_custom_repositories | length > 0) 29 | -------------------------------------------------------------------------------- /tasks/verify.yml: -------------------------------------------------------------------------------- 1 | - name: Load distribution and architecture variables 2 | include_vars: '{{ item }}' 3 | vars: 4 | params: 5 | files: 6 | - 'vars/{{ ansible_distribution }}-{{ ansible_architecture }}.yml' 7 | loop: "{{ q('first_found', params, errors='ignore') }}" 8 | 9 | - name: Verify post-upgrade system status 10 | assert: 11 | that: 12 | - 'ansible_distribution_major_version | int == 8' 13 | - 'ansible_kernel is match(leapp_kernel_version_to)' 14 | -------------------------------------------------------------------------------- /tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | -------------------------------------------------------------------------------- /tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: TEST Perform an in-place upgrade of a EL System 3 | hosts: localhost 4 | remote_user: root 5 | 6 | vars: 7 | # Provide a list of repository IDs that exist in /etc/yum.repos.d 8 | # Default [] 9 | leapp_custom_repositories: [] 10 | 11 | # Skip Red Hat Subscription Manager? Default no 12 | leapp_skip_rhsm: no 13 | 14 | # Skip the validation pre-flight checks? Default no 15 | leapp_skip_validate: no 16 | 17 | # Skip the prepare tasks? Default no 18 | leapp_skip_prepare: no 19 | 20 | # Skip cockpit installation? Default no 21 | leapp_skip_prepare_cockpit_install: no 22 | 23 | # Skip package installation? Default no 24 | leapp_skip_prepare_package_install: no 25 | 26 | # Skip actual package updates? Default no 27 | leapp_skip_prepare_update: no 28 | 29 | # Skip the leapp preupgrade? Default no 30 | leapp_skip_preupgrade: yes 31 | 32 | # Skip removing previous reports? Defaults no 33 | leapp_skip_preupgrade_cleanup: no 34 | 35 | # Skip the actual leapp upgrade? Default yes 36 | leapp_skip_upgrade: yes 37 | 38 | # How long to wait (in seconds) for reboot after upgrade? Default 1200 39 | leapp_reboot_timeout: 1200 40 | 41 | roles: 42 | - mrjoshuap.leapp 43 | -------------------------------------------------------------------------------- /vars/RedHat-x86_64.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Required kernel version to upgrade FROM 3 | leapp_kernel_version_from: '3.10' 4 | 5 | # Required kernel version to upgrade TO 6 | leapp_kernel_version_to: '4.18' 7 | 8 | # Maximum logical CPUs, per https://access.redhat.com/articles/rhel-limits 9 | leapp_maximum_logical_cpus: '768' 10 | 11 | # Maximum memory, per https://access.redhat.com/articles/rhel-limits 12 | leapp_max_memtotal_mb: '12000000' 13 | 14 | # Minimum memory, per https://access.redhat.com/articles/rhel-limits 15 | leapp_min_memtotal_mb: '1024' 16 | 17 | # a list of packages to install with leapp 18 | leapp_packages: 19 | - leapp 20 | - leapp-repository 21 | 22 | # the list of packages to install if cockpit is not skipped 23 | leapp_packages_cockpit: 24 | - cockpit-leapp 25 | 26 | # enable the default rhsm repositories 27 | leapp_rhsm_repositories: 28 | - rhel-7-server-rpms 29 | - rhel-7-server-extras-rpms 30 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for mrjoshuap.leapp 3 | 4 | # We're going to find the first found 5 | leapp_data_files: 6 | - files/leapp-data20.tar.gz 7 | - files/leapp-data19.tar.gz 8 | - files/leapp-data18.tar.gz 9 | - files/leapp-data17.tar.gz 10 | - files/leapp-data16.tar.gz 11 | - files/leapp-data15.tar.gz 12 | - files/leapp-data14.tar.gz 13 | - files/leapp-data13.tar.gz 14 | - files/leapp-data12.tar.gz 15 | - files/leapp-data11.tar.gz 16 | - files/leapp-data10.tar.gz 17 | - files/leapp-data9.tar.gz 18 | - files/leapp-data8.tar.gz 19 | - files/leapp-data7.tar.gz 20 | - files/leapp-data6.tar.gz 21 | - files/leapp-data5.tar.gz 22 | - files/leapp-data4.tar.gz 23 | - files/leapp-data3.tar.gz 24 | - files/leapp-data2.tar.gz 25 | - files/leapp-data1.tar.gz 26 | 27 | leapp_json_query_inhibitor: '[*].flags[?contains(@, "inhibitor")]' 28 | --------------------------------------------------------------------------------