---
+- name: Add LTTng-CI PPA
+ # This provides gdb with no babeltrace; however, it's only made
+ # available for certain releases
+ when: ansible_distribution == 'Ubuntu' and ansible_distribution_version in ['22']
+ block:
+ - name: LTTng-CI PPA | apt key
+ ansible.builtin.copy:
+ src: efficios_ubuntu_ci.gpg
+ dest: /etc/apt/trusted.gpg.d/efficios_ubuntu_ci.gpg
+ owner: root
+ group: root
+ mode: '0644'
+
+ - name: LTTng-CI PPA | apt source
+ ansible.builtin.apt_repository:
+ repo: "deb [signed-by=/etc/apt/trusted.gpg.d/efficios_ubuntu_ci.gpg] http://ppa.launchpad.net/efficios/ci/ubuntu {{ ansible_distribution_release }} main"
+ state: present
+ filename: efficios-ubuntu-ci
+
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=86400
- name: Ensure common packages are installed.
- apt: "name={{ item }} state=present"
- with_items: "{{ common_packages }}"
+ apt: "name={{ common_packages }} state=present"
+
+- name: Install unattended upgrades
+ apt:
+ name: 'unattended-upgrades'
+ state: "{{(unattended_upgrades|bool)|ternary('present', 'absent')}}"
+
+- name: Enable extra repos for unattended upgrades
+ template:
+ dest: /etc/apt/apt.conf.d/51unattended_upgrades_extra_repos.conf
+ src: unattended_upgrades_extra_repos.conf.j2
+ vars:
+ repos_base:
+ - "${distro_id}:${distro_codename}-updates"
+ - "${distro_id}:${distro_codename}-backports"
+ repos_Ubuntu:
+ - "LP-PPA-efficios-ci:${distro_codename}"
+ repose_Debian: []
+ repos: "{{repos_base|union(lookup('vars', 'repos_' + ansible_distribution, default=[]))}}"
+
+- name: Enable unattended upgrades
+ block:
+ - copy:
+ dest: /etc/apt/apt.conf.d/20auto-upgrades
+ content: "APT::Periodic::Update-Package-Lists \"1\";\nAPT::Periodic::Unattended-Upgrade \"1\";\n"
+ when: unattended_upgrades | bool
+ - file:
+ path: /etc/apt/apt.conf.d/20auto-upgrades
+ state: "{{(unattended_upgrades|bool)|ternary('file', 'absent')}}"
+ owner: root
+ group: root
+ mode: '0644'
+- name: Install microcode for physical hosts
+ when: ansible_virtualization_role == 'host'
+ block:
+ - name: Install AMD microcode
+ when: "'AuthenticAMD' in ansible_processor"
+ ansible.builtin.apt:
+ name: amd64-microcode
+ register: amd64_microcode
+ - name: Install Intel microcode
+ when: "'GenuineIntel' in ansible_processor"
+ ansible.builtin.apt:
+ name: intel-microcode
+ register: intel_microcode
+ - name: Update initramfs
+ when: amd64_microcode.changed or intel_microcode.changed
+ ansible.builtin.command:
+ argv: ['update-initramfs', '-u', '-k', 'all']
+ - name: Set reboot required
+ when: amd64_microcode.changed or intel_microcode.changed
+ ansible.builtin.copy:
+ dest: /var/run/reboot-required
+ content: '*** System restart required ***'
+ owner: root
+ group: root
+ mode: '0644'
+- name: Install prometheus node exporter for physical hosts
+ when: "'hosts' in group_names"
+ ansible.builtin.apt:
+ name:
+ - prometheus-node-exporter
+ - prometheus-node-exporter-collectors
+
+- name: Work-around for git hanging during checkouts
+ # @see https://support.efficios.com/issues/1532
+ when: ansible_distribution_release == 'bookworm'
+ block:
+ - name: Add bookworm-backports pref
+ ansible.builtin.copy:
+ dest: /etc/apt/preferences.d/bookworm-backports.pref
+ content: "Package: curl libcurl3* libcurl4*\nPin: release n=bookworm-backports\nPin-Priority: 600\n"
+ - name: Enable bookworm backports
+ ansible.builtin.apt_repository:
+ repo: 'deb http://deb.debian.org/debian bookworm-backports main'
+ - ansible.builtin.apt:
+ upgrade: 'yes'
+ - name: Use HTTP/1.1 with git HTTP operations
+ community.general.git_config:
+ file: '/etc/gitconfig'
+ name: 'http.version'
+ value: 'HTTP/1.1'