From 2b5a12bf89fde0553e5fae16c6b62de263aed39b Mon Sep 17 00:00:00 2001 From: Santiago Orobon Date: Wed, 23 Aug 2023 13:03:26 +0200 Subject: [PATCH 1/2] [#216] keystore dir not working as intended --- CHANGELOG.md | 3 +++ tasks/import_certs.yml | 13 +++++++++++-- vars/corretto/CentOS-8.yml | 1 - vars/corretto/Debian-10.yml | 1 - vars/corretto/Debian-11.yml | 1 - vars/corretto/Debian-12.yml | 1 - vars/main.yml | 3 +++ vars/openjdk/CentOS-7.yml | 1 - vars/openjdk/CentOS-8.yml | 1 - vars/openjdk/Debian-10.yml | 1 - vars/openjdk/Debian-11.yml | 1 - vars/openjdk/Debian-12.yml | 1 - vars/openjdk/Debian-9.yml | 1 - vars/openjdk/Ubuntu-18.yml | 1 - vars/openjdk/Ubuntu-20.yml | 1 - vars/openjdk/Ubuntu-22.yml | 1 - vars/temurin/Debian-10.yml | 1 - vars/temurin/Debian-11.yml | 1 - vars/temurin/Debian-12.yml | 1 - vars/temurin/Debian-9.yml | 1 - vars/temurin/Ubuntu-20.yml | 1 - vars/temurin/Ubuntu-22.yml | 1 - 22 files changed, 17 insertions(+), 21 deletions(-) create mode 100644 vars/main.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index ab33e67..6fa7f53 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,11 +3,14 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a changelog](https://github.com/olivierlacan/keep-a-changelog). ## [Unreleased](https://github.com/idealista/java_role/tree/develop) +# Fixed +- *[#216](https://github.com/idealista/java_role/issues/216) Java keystore dir not working as intended* @sorobon ## [9.0.0](https://github.com/idealista/java_role/tree/9.0.0) (2023-08-16) ### Added - *[#210](https://github.com/idealista/java_role/issues/210) Temurin support* @sorobon - *[#210](https://github.com/idealista/java_role/issues/210) Debian 12 support* @sorobon +- *[#210](https://github.com/idealista/java_role/issues/210) Debian 9 support recovered* @sorobon - *[#210](https://github.com/idealista/java_role/issues/210) Remove deprecated repositories* @sorobon ### Removed - *[#210](https://github.com/idealista/java_role/issues/210) Removed adoptopenjdk* @sorobon diff --git a/tasks/import_certs.yml b/tasks/import_certs.yml index 97a017d..56d630d 100644 --- a/tasks/import_certs.yml +++ b/tasks/import_certs.yml @@ -12,9 +12,17 @@ with_items: "{{ check_java_certs.results }}" when: not item.stat.exists -- name: Java | Setting keystore variables +- name: Java | Setting keystore variables in java < 11 set_fact: - java_keystore_dir: "{{ java_keystore_dir if java_keystore_dir is defined and java_keystore_dir is not sameas None and java_keystore_dir else __java_keystore_dir }}" + java_keystore_dir: "{{ java_keystore_dir if java_keystore_dir is defined and java_keystore_dir is not sameas None and java_keystore_dir else java_keystore_dir_old }}" + when: + - java_open_jdk_version_major | int < 11 + +- name: Java | Setting keystore variables in java >= 11 + set_fact: + java_keystore_dir: "{{ java_keystore_dir if java_keystore_dir is defined and java_keystore_dir is not sameas None and java_keystore_dir else java_keystore_dir_new }}" + when: + - java_open_jdk_version_major | int >= 11 - name: Java | Import SSL certificates java_cert: @@ -23,4 +31,5 @@ keystore_pass: "{{ java_cert_keystore_pass }}" state: present cert_alias: "{{ item.java_cert_alias }}" + keystore_create: true with_items: "{{ java_certs }}" diff --git a/vars/corretto/CentOS-8.yml b/vars/corretto/CentOS-8.yml index 6d1e44e..41a5750 100644 --- a/vars/corretto/CentOS-8.yml +++ b/vars/corretto/CentOS-8.yml @@ -1,6 +1,5 @@ --- __java_open_jdk_version_major: 1.8.0 -__java_keystore_dir: jre/lib/security # Supported versions: 8 (1.8.0 in RHEL), 11 __java_required_repositories_openjdk: diff --git a/vars/corretto/Debian-10.yml b/vars/corretto/Debian-10.yml index a488bb6..ae69e54 100644 --- a/vars/corretto/Debian-10.yml +++ b/vars/corretto/Debian-10.yml @@ -4,7 +4,6 @@ java_open_jdk_apt_extra_packages: - apt-transport-https __java_open_jdk_version_major: 1.8.0 -__java_keystore_dir: jre/lib/security # Supported versions: 8 (1.8.0L), 11 __java_required_repositories_openjdk: diff --git a/vars/corretto/Debian-11.yml b/vars/corretto/Debian-11.yml index 9c5bf9b..3b1ce47 100644 --- a/vars/corretto/Debian-11.yml +++ b/vars/corretto/Debian-11.yml @@ -5,7 +5,6 @@ java_open_jdk_apt_extra_packages: - gnupg2 __java_open_jdk_version_major: 1.8.0 -__java_keystore_dir: jre/lib/security # Supported versions: 8 (1.8.0L), 11 __java_required_repositories_openjdk: diff --git a/vars/corretto/Debian-12.yml b/vars/corretto/Debian-12.yml index 9c5bf9b..3b1ce47 100644 --- a/vars/corretto/Debian-12.yml +++ b/vars/corretto/Debian-12.yml @@ -5,7 +5,6 @@ java_open_jdk_apt_extra_packages: - gnupg2 __java_open_jdk_version_major: 1.8.0 -__java_keystore_dir: jre/lib/security # Supported versions: 8 (1.8.0L), 11 __java_required_repositories_openjdk: diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..5a77c39 --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,3 @@ +--- +java_keystore_dir_old: jre/lib/security +java_keystore_dir_new: lib/security diff --git a/vars/openjdk/CentOS-7.yml b/vars/openjdk/CentOS-7.yml index 947caa8..6f01299 100644 --- a/vars/openjdk/CentOS-7.yml +++ b/vars/openjdk/CentOS-7.yml @@ -2,7 +2,6 @@ # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 11 -__java_keystore_dir: lib/security # Supported openjdk major releases: 1.6.0, 1.7.0, 1.8.0, 11 # __java_required_repositories_openjdk: [] diff --git a/vars/openjdk/CentOS-8.yml b/vars/openjdk/CentOS-8.yml index 1660379..ef9418f 100644 --- a/vars/openjdk/CentOS-8.yml +++ b/vars/openjdk/CentOS-8.yml @@ -2,7 +2,6 @@ # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 11 -__java_keystore_dir: lib/security # Supported openjdk major releases: 1.8.0, 11 __java_required_repositories_openjdk: [] diff --git a/vars/openjdk/Debian-10.yml b/vars/openjdk/Debian-10.yml index d08d0e1..04ade22 100644 --- a/vars/openjdk/Debian-10.yml +++ b/vars/openjdk/Debian-10.yml @@ -2,7 +2,6 @@ # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 11 -__java_keystore_dir: lib/security # Supported openjdk major releases: 11 __java_required_repositories_openjdk: [] diff --git a/vars/openjdk/Debian-11.yml b/vars/openjdk/Debian-11.yml index 9c71317..28235b0 100644 --- a/vars/openjdk/Debian-11.yml +++ b/vars/openjdk/Debian-11.yml @@ -2,7 +2,6 @@ # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 11 -__java_keystore_dir: lib/security # Supported openjdk major releases: 11, 17 __java_required_repositories_openjdk: [] diff --git a/vars/openjdk/Debian-12.yml b/vars/openjdk/Debian-12.yml index d4a9fe9..6427e43 100644 --- a/vars/openjdk/Debian-12.yml +++ b/vars/openjdk/Debian-12.yml @@ -2,7 +2,6 @@ # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 17 -__java_keystore_dir: lib/security # Supported openjdk major releases: 11, 17 __java_required_repositories_openjdk: [] diff --git a/vars/openjdk/Debian-9.yml b/vars/openjdk/Debian-9.yml index 2cafcec..02ff8d4 100644 --- a/vars/openjdk/Debian-9.yml +++ b/vars/openjdk/Debian-9.yml @@ -2,7 +2,6 @@ # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 11 -__java_keystore_dir: lib/security # Supported openjdk major releases: 11 __java_required_repositories_openjdk: "deb http://archive.debian.org/debian stretch-backports main" diff --git a/vars/openjdk/Ubuntu-18.yml b/vars/openjdk/Ubuntu-18.yml index 4245937..dbfac54 100644 --- a/vars/openjdk/Ubuntu-18.yml +++ b/vars/openjdk/Ubuntu-18.yml @@ -6,7 +6,6 @@ java_open_jdk_apt_extra_packages: # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 11 -__java_keystore_dir: lib/security # Supported openjdk major releases: 8, 11 __java_required_repositories_openjdk: [] diff --git a/vars/openjdk/Ubuntu-20.yml b/vars/openjdk/Ubuntu-20.yml index 86e30dd..9123f93 100644 --- a/vars/openjdk/Ubuntu-20.yml +++ b/vars/openjdk/Ubuntu-20.yml @@ -5,7 +5,6 @@ java_open_jdk_apt_extra_packages: - gnupg2 # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 17 -__java_keystore_dir: lib/security # Supported openjdk major releases: 8, 11, 13, 14, 17 __java_required_repositories_openjdk: [] diff --git a/vars/openjdk/Ubuntu-22.yml b/vars/openjdk/Ubuntu-22.yml index 9709921..60ddbb7 100644 --- a/vars/openjdk/Ubuntu-22.yml +++ b/vars/openjdk/Ubuntu-22.yml @@ -5,7 +5,6 @@ java_open_jdk_apt_extra_packages: - gnupg2 # Using pattern described in Ansible Best Practices and Conventions (Appendix B), Ansible for Devops (p. 406) __java_open_jdk_version_major: 17 -__java_keystore_dir: lib/security # Supported openjdk major releases: 8, 11, 17, 18 __java_required_repositories_openjdk: [] diff --git a/vars/temurin/Debian-10.yml b/vars/temurin/Debian-10.yml index 878a361..ac1b656 100644 --- a/vars/temurin/Debian-10.yml +++ b/vars/temurin/Debian-10.yml @@ -3,7 +3,6 @@ java_open_jdk_apt_extra_packages: - python-apt - apt-transport-https __java_open_jdk_version_major: 8 -__java_keystore_dir: jre/lib/security # Supported major releases: 8 and from 11 to 14; hotspot and openj9 implementations # For Debian family diff --git a/vars/temurin/Debian-11.yml b/vars/temurin/Debian-11.yml index a1ee22a..56604f7 100644 --- a/vars/temurin/Debian-11.yml +++ b/vars/temurin/Debian-11.yml @@ -4,7 +4,6 @@ java_open_jdk_apt_extra_packages: - apt-transport-https - gnupg2 __java_open_jdk_version_major: 8 -__java_keystore_dir: jre/lib/security # Supported major releases: 8 and from 11 to 14; hotspot and openj9 implementations # For Debian family diff --git a/vars/temurin/Debian-12.yml b/vars/temurin/Debian-12.yml index a1ee22a..56604f7 100644 --- a/vars/temurin/Debian-12.yml +++ b/vars/temurin/Debian-12.yml @@ -4,7 +4,6 @@ java_open_jdk_apt_extra_packages: - apt-transport-https - gnupg2 __java_open_jdk_version_major: 8 -__java_keystore_dir: jre/lib/security # Supported major releases: 8 and from 11 to 14; hotspot and openj9 implementations # For Debian family diff --git a/vars/temurin/Debian-9.yml b/vars/temurin/Debian-9.yml index 878a361..ac1b656 100644 --- a/vars/temurin/Debian-9.yml +++ b/vars/temurin/Debian-9.yml @@ -3,7 +3,6 @@ java_open_jdk_apt_extra_packages: - python-apt - apt-transport-https __java_open_jdk_version_major: 8 -__java_keystore_dir: jre/lib/security # Supported major releases: 8 and from 11 to 14; hotspot and openj9 implementations # For Debian family diff --git a/vars/temurin/Ubuntu-20.yml b/vars/temurin/Ubuntu-20.yml index fad294b..32602b7 100644 --- a/vars/temurin/Ubuntu-20.yml +++ b/vars/temurin/Ubuntu-20.yml @@ -4,7 +4,6 @@ java_open_jdk_apt_extra_packages: - apt-transport-https - gnupg2 __java_open_jdk_version_major: 8 -__java_keystore_dir: jre/lib/security # Supported major releases: 8 and from 11 to 14; hotspot and openj9 implementations __java_required_libs_openjdk: [] diff --git a/vars/temurin/Ubuntu-22.yml b/vars/temurin/Ubuntu-22.yml index fad294b..32602b7 100644 --- a/vars/temurin/Ubuntu-22.yml +++ b/vars/temurin/Ubuntu-22.yml @@ -4,7 +4,6 @@ java_open_jdk_apt_extra_packages: - apt-transport-https - gnupg2 __java_open_jdk_version_major: 8 -__java_keystore_dir: jre/lib/security # Supported major releases: 8 and from 11 to 14; hotspot and openj9 implementations __java_required_libs_openjdk: [] From bb19650789bec928039d5667ae1282376915e131 Mon Sep 17 00:00:00 2001 From: Santiago Orobon Date: Wed, 23 Aug 2023 17:44:45 +0200 Subject: [PATCH 2/2] [#216] keystore dir not working as intended --- .travis.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index eb4cda8..bba2f6a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -51,11 +51,11 @@ env: # Java 11 - DOCKER_IMAGE_BASE=debian:buster-slim DOCKER_TAG_TO_PUBLISH=11-buster-openjdk-headless - - DOCKER_IMAGE_BASE=debian:buster-slim JDK_MAJOR=11 JDK_VERSION=11.0.20+8-1~deb11u1 - DOCKER_TAG_TO_PUBLISH=11.0.20-buster-openjdk-headless + - DOCKER_IMAGE_BASE=debian:buster-slim JDK_MAJOR=11 JDK_VERSION=11.0.18+10-1~deb10u1 + DOCKER_TAG_TO_PUBLISH=11.0.18-buster-openjdk-headless - DOCKER_IMAGE_BASE=debian:bullseye-slim DOCKER_TAG_TO_PUBLISH=11-bullseye-openjdk-headless - - DOCKER_IMAGE_BASE=debian:bullseye-slim JDK_MAJOR=11 JDK_VERSION=11.0.18+10-1~deb11u1 - DOCKER_TAG_TO_PUBLISH=11.0.18-bullseye-openjdk-headless + - DOCKER_IMAGE_BASE=debian:bullseye-slim JDK_MAJOR=11 JDK_VERSION=11.0.20+8-1~deb11u1 + DOCKER_TAG_TO_PUBLISH=11.0.20-bullseye-openjdk-headless - DOCKER_IMAGE_BASE=debian:bookworm-slim DOCKER_TAG_TO_PUBLISH=11-bookworm-openjdk-headless - DOCKER_IMAGE_BASE=debian:buster-slim JDK_MAJOR=11 JDK_VENDOR=temurin JDK_VERSION=11.0.20.0.0+8