diff --git a/.github/workflows/enteprise.yml b/.github/workflows/enteprise.yml index 67b01ca13..ee527726d 100644 --- a/.github/workflows/enteprise.yml +++ b/.github/workflows/enteprise.yml @@ -59,6 +59,8 @@ jobs: - name: Ensure required artifacts have been cached uses: ./.github/actions/cache-downloads + with: + cache-name: enterprise docker: name: Test ${{ matrix.role.name }} role on ${{ matrix.molecule_distro.image }} runs-on: ubuntu-latest @@ -107,6 +109,8 @@ jobs: - name: Cache downloads uses: ./.github/actions/cache-downloads + with: + cache-name: enterprise - name: Run tests env: diff --git a/7.2.N-extra-vars.yml b/7.2.N-extra-vars.yml index b8d8b7fa1..b93f51d3b 100644 --- a/7.2.N-extra-vars.yml +++ b/7.2.N-extra-vars.yml @@ -51,9 +51,9 @@ dependencies_version: postgresql_connector: 42.6.1 postgres_major_version: 13 activemq: 5.16.7 - java: 11.0.23 + java: 11.0.25 java_build: 9 - tomcat: 9.0.91 + tomcat: 9.0.97 libreoffice: 7.2.5.1 pdf_renderer: 1.1 imagemagick: 7.1.0-16-ci-10 diff --git a/7.3.N-extra-vars.yml b/7.3.N-extra-vars.yml index 6b2ab0f9a..bb0bf78f1 100644 --- a/7.3.N-extra-vars.yml +++ b/7.3.N-extra-vars.yml @@ -51,9 +51,9 @@ dependencies_version: postgresql_connector: 42.6.1 postgres_major_version: 13 activemq: 5.17.6 - java: 11.0.23 + java: 11.0.25 java_build: 9 - tomcat: 9.0.91 + tomcat: 9.0.97 libreoffice: 7.2.5.1 pdf_renderer: 1.1 imagemagick: 7.1.0-16-ci-10 diff --git a/7.4.N-extra-vars.yml b/7.4.N-extra-vars.yml index bcf99f0a3..b463d0b2a 100644 --- a/7.4.N-extra-vars.yml +++ b/7.4.N-extra-vars.yml @@ -59,9 +59,9 @@ dependencies_version: postgresql_connector: 42.6.1 postgres_major_version: 14 activemq: 5.17.6 - java: 17.0.11 - java_build: 9 - tomcat: 9.0.91 + java: 17.0.13 + java_build: 11 + tomcat: 9.0.97 libreoffice: 7.2.5.1 pdf_renderer: 1.1 imagemagick: 7.1.0-16-ci-10 diff --git a/README.md b/README.md index 989329a3a..2ff419347 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,6 @@ setting up environment for development, testing and release. * [Docker based tests](#docker-based-tests) * [Adding support for a new distribution](#adding-support-for-a-new-distribution) * [Release](#release) - * [Tag and release](#tag-and-release) ## Introduction to pipenv @@ -191,31 +190,20 @@ doc](./README.md#versioning) Follow this quick checklist: -* review currently open dependabot/renovate and merge them -* copy the versions inside the group_vars/all.yml to a new XX.N-extra-vars.yml (in case of a new ACS major version) -* bump versions constraints in scripts/updatecli/updatecli_acs*.yml (workflow will take care of the rest) -* ensure that the [versions table in the main readme](docs/overview.md#versioning) has been updated -* ensure that docker images and AMI id for the root molecule tests are - reflecting any minor OS release (e.g. [default suite](../molecule/default/)) - -### Tag and release - -To start the actual release process, just create a tag and push it. - -If you have GPG setup, use `git tag -s` otherwise `git tag -a`. - -Tag name must have `v` prefix. - -Example with GPG sign enabled: - -```bash -git tag -s v2.x.x -m v2.x.x -``` - -Then push the tag with: - -```bash -git push origin v2.x.x -``` - -Check that the triggered [Release workflow](https://github.com/Alfresco/alfresco-ansible-deployment/actions/workflows/release.yml) go green. +1. Review currently open dependabot/renovate and merge them. +2. In case of a new ACS major version, copy the versions inside the group_vars/all.yml to a new XX.N-extra-vars.yml +3. Bump versions constraints in scripts/updatecli/updatecli_acs*.yml (workflow will take care of the rest) +4. Ensure that the [versions table in the main readme](docs/overview.md#versioning) has been updated +5. Ensure that docker images and AMI id for the root molecule tests are + reflecting any minor OS release (e.g. [default suite](../molecule/default/)) +6. Ensure that activemq, tomcat and java versions are up to date (latest patch version) +7. After merging every pending PR, proceed with tagging: + * `git tag -s v2.x.x -m v2.x.x` + * `git push origin v2.x.x` +8. Wait for the [Release + workflow](https://github.com/Alfresco/alfresco-ansible-deployment/actions/workflows/release.yml) + go green. +9. [Draft a new + release](https://github.com/Alfresco/alfresco-ansible-deployment/releases) on + GitHub with the tag you just pushed. If the release is for a new ACS major + version, mention the ACS release in the title, e.g. v2.x.x (ACS 23.4.0) diff --git a/docs/overview.md b/docs/overview.md index 6866d912b..d12c72ad7 100644 --- a/docs/overview.md +++ b/docs/overview.md @@ -9,17 +9,27 @@ This page provides an overview of Ansible, the project structure and the compone ## Ansible Overview -[Ansible](https://www.ansible.com/overview/how-ansible-works) models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a time. +[Ansible](https://www.ansible.com/overview/how-ansible-works) models your IT +infrastructure by describing how all of your systems inter-relate, rather than +just managing one system at a time. -It doesn't use any agents nor additional custom security infrastructure, so it's easy to deploy - and most importantly, it uses a very simple language, YAML, in the form of Ansible Playbooks that allow you to describe your automation jobs in a way that approaches plain English. +It doesn't use any agents nor additional custom security infrastructure, so it's +easy to deploy - and most importantly, it uses a very simple language, YAML, in +the form of Ansible Playbooks that allow you to describe your automation jobs in +a way that approaches plain English. -An Ansible playbook contains one or more roles. A role is an independent component which allows reuse of common configuration steps. It consists of a set of tasks used to configure a host to serve a certain purpose, for example, configuring a service. This is depicted in the diagram below. +An Ansible playbook contains one or more roles. A role is an independent +component which allows reuse of common configuration steps. It consists of a set +of tasks used to configure a host to serve a certain purpose, for example, +configuring a service. This is depicted in the diagram below. Roles are defined using YAML files with a predefined directory structure. -A role directory structure contains directories: defaults, vars, tasks, files, templates, meta, and handlers. +A role directory structure contains directories: defaults, vars, tasks, files, +templates, meta, and handlers. -* **defaults** contains default variables for the role. Variables in defaults have the lowest priority so they are easy to override +* **defaults** contains default variables for the role. Variables in defaults + have the lowest priority so they are easy to override * **vars** contains variables for the role. Variables in vars have higher priority than variables in the defaults directory * **tasks** contains the main list of steps to be executed by the role * **files** contains files which we want to be copied to the remote host. We don’t need to specify a path of resources stored in this directory @@ -31,7 +41,10 @@ A role directory structure contains directories: defaults, vars, tasks, files, t The project contains a playbook and multiple roles. -The ACS playbook can be found in the _playbooks_ directory. Because the project makes use of Ansible role structure, the playbook contains only definitions of the roles, and all the logic is performed by them, thus making the project both granular and easy to maintain. +The ACS playbook can be found in the _playbooks_ directory. Because the project +makes use of Ansible role structure, the playbook contains only definitions of +the roles, and all the logic is performed by them, thus making the project both +granular and easy to maintain. The playbook uses the following roles: @@ -64,9 +77,9 @@ set of instructions. ## Versioning To understand which Operating System the Alfresco Ansible playbook can work -against (on the target nodes), please refer to the [Supported -platform doc](https://docs.alfresco.com/content-services/latest/support/) (pick -the right Alfresco version). +against (on the target nodes), please refer to the [Supported platform +doc](https://docs.alfresco.com/content-services/latest/support/) (pick the right +Alfresco version). We aim to support these stacks **with the exception of** Amazon Linux & Suse distributions. @@ -74,26 +87,28 @@ distributions. > Ansible version used for testing this playbooks can be retrieved from the > [Pipfile](https://github.com/Alfresco/alfresco-ansible-deployment/blob/master/Pipfile). -The table below shows the version of the components deployed by the playbook for ACS 7.x onward. - -| Component | 23.3 Enterprise (Community) | 7.4 Enterprise | 7.3 Enterprise | 7.2 Enterprise | 7.1 Enterprise | -|---------------------|-----------------------------|----------------|----------------|----------------|----------------| -| OpenJDK | 17.0.11 | 17.0.11 | 11.0.23 | 11.0.23 | 11.0.23 | -| Apache Tomcat | 10.1.25 | 9.0.91 | 9.0.91 | 9.0.91 | 9.0.91 | -| PostgreSQL | 15.x | 14.x | 14.x | 13.x | 13.x | -| Apache ActiveMQ | 5.18.5 | 5.17.6 | 5.17.6 | 5.16.7 | 5.16.7 | -| Repository | 23.3.2 (23.3.0) | 7.4.2.1 | 7.3.2.1 | 7.2.2.5 | 7.1.1.10 | -| Share | 23.3.2 (23.3.0) | 7.4.2.1 | 7.3.2.1 | 7.2.2.5 | 7.1.1.10 | -| Search Services | 2.0.11 | 2.0.11 | 2.0.11 | 2.0.11 | 2.0.2.2 | -| Search Enterprise | 4.1.0 (n/a) | 3.3.3 | 3.2.1 | 3.1.1.1 | 3.1.1.1 | -| All-In-One T-Engine | 5.1.4 | 5.1.4 | 3.1.2 | 3.1.2 | 3.1.2 | -| AOS | 3.1.0 | 1.6.2 | 1.5.0 | 1.4.1 | 1.4.1 | -| Google Docs | 4.0.0 | 3.4.2 | 3.3.1 | 3.2.2 | 3.2.1 | -| Digital Workspace | 5.1.0 (n/a) | 4.0.0 | 3.1.0 | 3.0.0 | 2.6.1 | -| Control Center | 9.1.0 | 8.0.0 | n/a | n/a | n/a | -| Transform Router | 4.1.4 (n/a) | 4.1.4 | 2.1.2 | 2.1.2 | 2.1.2 | -| Shared File Store | 4.1.4 (n/a) | 4.1.4 | 2.1.2 | 2.1.2 | 2.1.2 | -| Sync Service | 5.0.0 (n/a) | 3.11.3 | 3.11.3 | 3.11.3 | 3.11.3 | - +The table below shows the version of the components deployed by the playbook for +ACS 7.x onward. + +| Component | 23.4 Enterprise (Community) | 7.4 Enterprise | 7.3 Enterprise | 7.2 Enterprise | +|---------------------|-----------------------------|----------------|----------------|----------------| +| OpenJDK | 17.0.13 | 17.0.13 | 11.0.25 | 11.0.25 | +| Apache Tomcat | 10.1.33 | 9.0.97 | 9.0.97 | 9.0.97 | +| PostgreSQL | 15.x | 14.x | 14.x | 13.x | +| Apache ActiveMQ | 5.18.6 | 5.17.6 | 5.17.6 | 5.16.7 | +| Repository | 23.4.0 (23.4.0) | 7.4.2.3 | 7.3.2.3 | 7.2.2.5 | +| Share | 23.4.0 (23.4.0) | 7.4.2.3 | 7.3.2.3 | 7.2.2.5 | +| Search Services | 2.0.13 | 2.0.13 | 2.0.12 | 2.0.12 | +| Search Enterprise | 4.2.0 (n/a) | 3.3.3 | 3.2.1 | 3.1.1.1 | +| All-In-One T-Engine | 5.1.4 | 5.1.5 | 3.1.2 | 3.1.2 | +| AOS | 3.2.0 | 1.6.2 | 1.5.0 | 1.4.1 | +| Google Docs | 4.0.0 | 3.4.2 | 3.3.1 | 3.2.2 | +| Digital Workspace | 5.2.0 (n/a) | 4.0.0 | 3.1.0 | 3.0.0 | +| Control Center | 9.2.0 | 8.0.0 | n/a | n/a | +| Transform Router | 4.1.5 (n/a) | 4.1.5 | 2.1.2 | 2.1.2 | +| Shared File Store | 4.1.5 (n/a) | 4.1.5 | 2.1.2 | 2.1.2 | +| Sync Service | 5.1.0 (n/a) | 3.11.3 | 3.11.3 | 3.11.3 | + +> Support for ACS 7.1 has been deprecated since November 2024, but you can still use the latest playbook that supported it ([v2.11.2](https://github.com/Alfresco/alfresco-ansible-deployment/releases/tag/v2.11.2)) > Support for ACS 7.0 has been deprecated since April 2024, but you can still use the latest playbook that supported it ([v2.6.0](https://github.com/Alfresco/alfresco-ansible-deployment/releases/tag/v2.6.0)) > Support for ACS 6.2 has been deprecated since November 2022, but you can still use the latest playbook that supported it ([v2.2.0](https://github.com/Alfresco/alfresco-ansible-deployment/releases/tag/v2.2.0)) diff --git a/group_vars/all.yml b/group_vars/all.yml index bfdf22f38..0e72b4caa 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -191,10 +191,10 @@ use_custom_keystores: false dependencies_version: postgresql_connector: 42.6.1 postgres_major_version: 15 - activemq: 5.18.5 - java: 17.0.11 - java_build: 9 - tomcat: 10.1.25 + activemq: 5.18.6 + java: 17.0.13 + java_build: 11 + tomcat: 10.1.33 libreoffice: 7.2.5.1 pdf_renderer: 1.1 imagemagick: 7.1.0-16-ci-10 diff --git a/roles/activemq/defaults/main.yml b/roles/activemq/defaults/main.yml index 42951dc12..7306e1321 100644 --- a/roles/activemq/defaults/main.yml +++ b/roles/activemq/defaults/main.yml @@ -9,4 +9,4 @@ activemq_environment: - -Xms128m - -Xmx1g - $ACTIVEMQ_OPTS -activemq_version: 5.18.5 +activemq_version: null diff --git a/roles/activemq/meta/argument_specs.yml b/roles/activemq/meta/argument_specs.yml index 95055e145..6fc1ca711 100644 --- a/roles/activemq/meta/argument_specs.yml +++ b/roles/activemq/meta/argument_specs.yml @@ -5,6 +5,5 @@ argument_specs: author: Alfresco options: activemq_version: - description: activemq version to use for deployment. - required: false - default: 5.17.4 + description: activemq version to use for deployment (URL still handled via group_vars) + required: true diff --git a/roles/activemq/molecule/default/converge.yml b/roles/activemq/molecule/default/converge.yml index a53073e14..aa029bda7 100644 --- a/roles/activemq/molecule/default/converge.yml +++ b/roles/activemq/molecule/default/converge.yml @@ -10,6 +10,7 @@ ansible.builtin.include_role: name: "activemq" vars: + activemq_version: "{{ dependencies_version.activemq }}" activemq_environment: ACTIVEMQ_OPTS: - -Xms300m diff --git a/roles/audit_storage/defaults/main.yml b/roles/audit_storage/defaults/main.yml index c6846b632..d9b48cfb0 100644 --- a/roles/audit_storage/defaults/main.yml +++ b/roles/audit_storage/defaults/main.yml @@ -29,7 +29,7 @@ audit_storage_default_environment: AUDIT_EVENTINGESTION_URI: activemq:topic:alfresco.repo.event2 audit_storage_environment: {} -audit_storage_java_bin_path: /opt/openjdk-17.0.11/bin/java +audit_storage_java_bin_path: "{{ java_home }}/bin/java" audit_storage_binaries_dir: "/opt/alfresco/audit-storage-{{ audit_storage_version }}" audit_storage_config_dir: "/etc/alfresco/audit-storage" diff --git a/roles/audit_storage/molecule/default/converge.yml b/roles/audit_storage/molecule/default/converge.yml index e451f3d5d..8770e9d54 100644 --- a/roles/audit_storage/molecule/default/converge.yml +++ b/roles/audit_storage/molecule/default/converge.yml @@ -3,5 +3,7 @@ hosts: all roles: - role: activemq + vars: + activemq_version: "{{ dependencies_version.activemq }}" - role: elasticsearch - role: audit_storage diff --git a/roles/search_enterprise/molecule/default/converge.yml b/roles/search_enterprise/molecule/default/converge.yml index e6bd76485..eb497762b 100644 --- a/roles/search_enterprise/molecule/default/converge.yml +++ b/roles/search_enterprise/molecule/default/converge.yml @@ -5,6 +5,8 @@ - name: "Include activemq" ansible.builtin.include_role: name: "activemq" + vars: + activemq_version: "{{ dependencies_version.activemq }}" - name: "Include sfs" ansible.builtin.include_role: name: "sfs" diff --git a/roles/sync/molecule/default/converge.yml b/roles/sync/molecule/default/converge.yml index dbc5a45a8..42d3762a9 100644 --- a/roles/sync/molecule/default/converge.yml +++ b/roles/sync/molecule/default/converge.yml @@ -3,6 +3,8 @@ hosts: all roles: - role: activemq + vars: + activemq_version: "{{ dependencies_version.activemq }}" - role: nginx tasks: - name: Install PostgreSQL diff --git a/roles/transformers/molecule/default/converge.yml b/roles/transformers/molecule/default/converge.yml index 9a3748cfb..d539dfb24 100644 --- a/roles/transformers/molecule/default/converge.yml +++ b/roles/transformers/molecule/default/converge.yml @@ -5,6 +5,8 @@ - name: "Include activemq" ansible.builtin.include_role: name: "activemq" + vars: + activemq_version: "{{ dependencies_version.activemq }}" - name: Flush Handlers ansible.builtin.meta: flush_handlers - name: "Include transformers" diff --git a/roles/trouter/molecule/default/converge.yml b/roles/trouter/molecule/default/converge.yml index 91c9482db..e33205a34 100644 --- a/roles/trouter/molecule/default/converge.yml +++ b/roles/trouter/molecule/default/converge.yml @@ -5,6 +5,8 @@ - name: "Include activemq" ansible.builtin.include_role: name: "activemq" + vars: + activemq_version: "{{ dependencies_version.activemq }}" - name: Flush Handlers ansible.builtin.meta: flush_handlers - name: "Include AIO"