From 7ff35ec95420023d323e394162cd124029ea7161 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Mon, 20 Jul 2020 22:34:01 +0200
Subject: make debian installer fetch more generic

---
 .../installer/debian/fetch/filter_plugins/main.py  | 16 ++++++++-
 roles/installer/debian/fetch/tasks/main.yml        | 29 +++++++++--------
 .../installer/debian/fetch/tasks/verify-debian.yml | 26 ++++-----------
 .../installer/debian/fetch/tasks/verify-ubuntu.yml | 21 ++----------
 roles/installer/debian/fetch/vars/main.yml         | 15 ++++++---
 roles/installer/debian/usb/tasks/main.yml          | 38 +++++++++++-----------
 6 files changed, 68 insertions(+), 77 deletions(-)

(limited to 'roles/installer/debian')

diff --git a/roles/installer/debian/fetch/filter_plugins/main.py b/roles/installer/debian/fetch/filter_plugins/main.py
index 298e7efd..947db2eb 100644
--- a/roles/installer/debian/fetch/filter_plugins/main.py
+++ b/roles/installer/debian/fetch/filter_plugins/main.py
@@ -4,6 +4,19 @@ __metaclass__ = type
 from ansible import errors
 
 
+def di_dists_path(data):
+    try:
+        if data[0] != 'ubuntu':
+            return data[1]
+
+        if data[1] in ['xenial']:
+            return data[1]+'-updates'
+
+        return data[1]
+    except Exception as e:
+        raise errors.AnsibleFilterError("di_dists_path(): %s" % str(e))
+
+
 def di_images_path(data):
     try:
         if data[0] != 'ubuntu':
@@ -14,12 +27,13 @@ def di_images_path(data):
 
         return 'legacy-images'
     except Exception as e:
-        raise errors.AnsibleFilterError("mountpoint_exists(): %s" % str(e))
+        raise errors.AnsibleFilterError("di_images_path(): %s" % str(e))
 
 
 class FilterModule(object):
 
     filter_map = {
+        'di_dists_path': di_dists_path,
         'di_images_path': di_images_path,
     }
 
diff --git a/roles/installer/debian/fetch/tasks/main.yml b/roles/installer/debian/fetch/tasks/main.yml
index dc87655f..0e756411 100644
--- a/roles/installer/debian/fetch/tasks/main.yml
+++ b/roles/installer/debian/fetch/tasks/main.yml
@@ -1,34 +1,35 @@
 ---
 - name: prepare directories for installer files
   file:
-    name: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}"
+    name: "{{ debian_installer_target_dir }}"
     state: directory
 
 - name: download and verify installer files
   block:
-  - name: fetch and verify installer checksums
+  - name: fetch and verify installer checksum file
     include_tasks: "verify-{{ install_distro }}.yml"
 
-  - name: download installer kernel image
-    get_url:
-      url: "{{ debian_installer_base_url }}/{{ debian_installer_variant_path }}/{{ debian_installer_variant_kernal_image_name }}"
-      dest: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/{{ debian_installer_variant_kernal_image_name }}"
-      checksum: "{{ debian_installer_kernel_checksum }}"
-      force: "{{ debian_installer_force_download }}"
-      mode: 0644
+  - name: extract file hashes from SHA256SUMS
+    loop: "{{ debian_installer_variant_files }}"
+    command: grep -E "^[0-9a-z]{64}\s+(./)?{{ debian_installer_variant_path }}/{{ item }}$" "{{ debian_installer_target_dir }}/SHA256SUMS"
+    changed_when: false
+    register: debian_installer_sha256sums
 
-  - name: download installer initrd.gz
+  - name: download installer files
+    loop: "{{ debian_installer_sha256sums.results }}"
+    loop_control:
+      label: "{{ item.item }}"
     get_url:
-      url: "{{ debian_installer_base_url }}/{{ debian_installer_variant_path }}/initrd.gz"
-      dest: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/initrd.gz"
-      checksum: "{{ debian_installer_initrd_checksum }}"
+      url: "{{ debian_installer_base_url }}/{{ debian_installer_variant_path }}/{{ item.item }}"
+      dest: "{{ debian_installer_target_dir }}/{{ item.item }}"
+      checksum: "sha256:{{ item.stdout.split(' ') | first }}"
       force: "{{ debian_installer_force_download }}"
       mode: 0644
 
   rescue:
   - name: remove all downloaded files
     file:
-      name: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}"
+      name: "{{ debian_installer_target_dir }}"
       state: absent
 
   - fail:
diff --git a/roles/installer/debian/fetch/tasks/verify-debian.yml b/roles/installer/debian/fetch/tasks/verify-debian.yml
index cfd6e53e..9aef7962 100644
--- a/roles/installer/debian/fetch/tasks/verify-debian.yml
+++ b/roles/installer/debian/fetch/tasks/verify-debian.yml
@@ -5,14 +5,14 @@
   - Release.gpg
   get_url:
     url: "{{ debian_installer_base_url | dirname | dirname | dirname | dirname }}/{{ item }}"
-    dest: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/{{ item }}"
+    dest: "{{ debian_installer_target_dir }}/{{ item }}"
+    force: "{{ debian_installer_force_download }}"
 
 - name: verfiy signature of Release file
   command: >-
     gpg --no-options --trust-model always --no-default-keyring  --secret-keyring /dev/null
         --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/debian-{{ install_codename }}.gpg"
-        --verify "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/Release.gpg"
-        "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/Release"
+        --verify "{{ debian_installer_target_dir }}/Release.gpg" "{{ debian_installer_target_dir }}/Release"
   changed_when: False
   register: debian_installer_gpg_result
 
@@ -20,27 +20,13 @@
     var: debian_installer_gpg_result.stderr_lines
 
 - name: extract checksum file hash from Release file
-  command: grep -E "^ [0-9a-z]{64} .* main/installer-{{ debian_installer_arch }}/current/{{ [debian_installer_distro, debian_installer_codename] | di_images_path }}/SHA256SUMS$" "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/Release"
+  command: grep -E "^ [0-9a-z]{64} .* main/installer-{{ debian_installer_arch }}/current/{{ [debian_installer_distro, debian_installer_codename] | di_images_path }}/SHA256SUMS$" "{{ debian_installer_target_dir }}/Release"
   changed_when: false
   register: debian_installer_release_sha256
 
 - name: download SHA256SUMS
   get_url:
     url: "{{ debian_installer_base_url }}/SHA256SUMS"
-    dest: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS"
+    dest: "{{ debian_installer_target_dir }}/SHA256SUMS"
     checksum: "sha256:{{ (debian_installer_release_sha256.stdout | trim).split(' ') | first }}"
-
-- name: extract kernel image hash from SHA256SUMS
-  command: grep -E "^[0-9a-z]{64}\s+(./)?{{ debian_installer_variant_path }}/{{ debian_installer_variant_kernal_image_name }}$" "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS"
-  changed_when: false
-  register: debian_installer_sha256sums_kernel
-
-- name: extract inital ramdisk hash from SHA256SUMS
-  command: grep -E "^[0-9a-z]{64}\s+(./)?{{ debian_installer_variant_path }}/initrd.gz$" "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS"
-  changed_when: false
-  register: debian_installer_sha256sums_initrd
-
-- name: set checksum variables
-  set_fact:
-    debian_installer_kernel_checksum: "sha256:{{ debian_installer_sha256sums_kernel.stdout.split(' ') | first }}"
-    debian_installer_initrd_checksum: "sha256:{{ debian_installer_sha256sums_initrd.stdout.split(' ') | first }}"
+    force: "{{ debian_installer_force_download }}"
diff --git a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
index e7cff3ae..6c6500ea 100644
--- a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
+++ b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
@@ -5,31 +5,16 @@
     - SHA256SUMS.gpg
   get_url:
     url: "{{ debian_installer_base_url }}/{{ item }}"
-    dest: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/{{ item }}"
+    dest: "{{ debian_installer_target_dir }}/{{ item }}"
+    force: "{{ debian_installer_force_download }}"
 
 - name: verfiy signature of SHA256SUMS.gpg file
   command: >-
     gpg --no-options --trust-model always --no-default-keyring  --secret-keyring /dev/null
         --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/ubuntu-archive.gpg"
-        --verify "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS.gpg"
-        "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS"
+        --verify "{{ debian_installer_target_dir }}/SHA256SUMS.gpg" "{{ debian_installer_target_dir }}/SHA256SUMS"
   changed_when: False
   register: debian_installer_gpg_result
 
 - debug:
     var: debian_installer_gpg_result.stderr_lines
-
-- name: extract kernel image hash from SHA256SUMS
-  command: grep -E "^[0-9a-z]{64}\s+(./)?{{ debian_installer_variant_path }}/{{ debian_installer_variant_kernal_image_name }}$" "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS"
-  changed_when: false
-  register: debian_installer_sha256sums_kernel
-
-- name: extract inital ramdisk hash from SHA256SUMS
-  command: grep -E "^[0-9a-z]{64}\s+(./)?{{ debian_installer_variant_path }}/initrd.gz$" "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS"
-  changed_when: false
-  register: debian_installer_sha256sums_initrd
-
-- name: set checksum variables
-  set_fact:
-    debian_installer_kernel_checksum: "sha256:{{ debian_installer_sha256sums_kernel.stdout.split(' ') | first }}"
-    debian_installer_initrd_checksum: "sha256:{{ debian_installer_sha256sums_initrd.stdout.split(' ') | first }}"
diff --git a/roles/installer/debian/fetch/vars/main.yml b/roles/installer/debian/fetch/vars/main.yml
index 404b571a..f612a742 100644
--- a/roles/installer/debian/fetch/vars/main.yml
+++ b/roles/installer/debian/fetch/vars/main.yml
@@ -1,13 +1,18 @@
 ---
-debian_installer_base_url: "{{ debian_installer_url[debian_installer_distro] }}/dists/{{ debian_installer_codename }}/main/installer-{{ debian_installer_arch }}/current/{{ [debian_installer_distro, debian_installer_codename] | di_images_path }}"
+debian_installer_base_url: "{{ debian_installer_url[debian_installer_distro] }}/dists/{{ [debian_installer_distro, debian_installer_codename] | di_dists_path }}/main/installer-{{ debian_installer_arch }}/current/{{ [debian_installer_distro, debian_installer_codename] | di_images_path }}"
 
 _debian_installer_variant_path_:
   netboot: "netboot/{{ debian_installer_distro }}-installer/{{ debian_installer_arch }}"
   hd-media: "hd-media"
 
-_debian_installer_variant_kernel_image_name_:
-  netboot: "linux"
-  hd-media: "vmlinuz"
+_debian_installer_variant_files_:
+  netboot:
+    - linux
+    - initrd.gz
+  hd-media:
+    - linux
+    - initrd.gz
 
 debian_installer_variant_path: "{{ _debian_installer_variant_path_[debian_installer_variant] }}"
-debian_installer_variant_kernal_image_name: "{{ _debian_installer_variant_kernel_image_name_[debian_installer_variant] }}"
+debian_installer_variant_files: "{{ _debian_installer_variant_files_[debian_installer_variant] }}"
+debian_installer_target_dir: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}"
diff --git a/roles/installer/debian/usb/tasks/main.yml b/roles/installer/debian/usb/tasks/main.yml
index 6220b02b..40846f13 100644
--- a/roles/installer/debian/usb/tasks/main.yml
+++ b/roles/installer/debian/usb/tasks/main.yml
@@ -11,18 +11,18 @@
     that: usb_install_mountpoint.stat.exists
     msg: the path to the usb drive does not exist
 
-- block:
-  - name: download installer
-    vars:
-      debian_installer_distro: "{{ install_distro }}"
-      debian_installer_codename: "{{ install_codename }}"
-      debian_installer_arch: "{{ install.arch | default('amd64') }}"
-      debian_installer_variant: netboot
-    run_once: true
-    import_role:
-      role: installer/debian/fetch
+- name: download installer
+  vars:
+    debian_installer_distro: "{{ install_distro }}"
+    debian_installer_codename: "{{ install_codename }}"
+    debian_installer_arch: "{{ install.arch | default('amd64') }}"
+    debian_installer_variant: netboot
+  run_once: true
+  import_role:
+    role: installer/debian/fetch
 
-  - name: Create temporary workdir
+- block:
+  - name: create temporary workdir
     tempfile:
       prefix: "usb-install.{{ install_hostname }}."
       state: directory
@@ -30,30 +30,30 @@
 
   - name: generate pressed file
     vars:
-      preseed_orig_initrd: "{{ installer_base_path }}/{{ install_distro }}-{{ install_codename }}/{{ hostvars[install_hostname].install_cooked.arch | default('amd64') }}-netboot/initrd.gz"
+      preseed_orig_initrd: "{{ debian_installer_target_dir }}/initrd.gz"
       preseed_tmpdir: "{{ tmpdir.path }}"
     import_role:
       name: installer/debian/preseed
 
-  - name: Copy the preseed initramfs to the usb drive
+  - name: copy the preseed initramfs to the usb drive
     copy:
       src: "{{ tmpdir.path }}/initrd.{{ install_hostname }}.gz"
       dest: "{{ usb_install_path }}/initrd.{{ install_hostname }}.gz"
 
   always:
-  - name: Cleanup temporary workdir
+  - name: cleanup temporary workdir
     when: tmpdir.path is defined
     file:
       path: "{{ tmpdir.path }}"
       state: absent
 
-- name: Copy linux kernel image to the USB drive
+- name: copy linux kernel image to the USB drive
   run_once: true
   copy:
-    src: "{{ global_cache_dir }}/debian-installer/{{ install_distro }}-{{ install_codename }}/{{ install.arch | default('amd64') }}-{{ debian_installer_variant }}/linux"
+    src: "{{ debian_installer_target_dir }}/linux"
     dest: "{{ usb_install_path }}/"
 
-- name: Generate syslinux configuration for BIOS boot
+- name: generate syslinux configuration for BIOS boot
   run_once: true
   vars:
     syslinux_base_path: ""
@@ -67,7 +67,7 @@
     path: "{{ usb_install_path }}/EFI/boot"
     state: directory
 
-- name: Generate syslinux configuration for UEFI boot
+- name: generate syslinux configuration for UEFI boot
   run_once: true
   vars:
     syslinux_base_path: "../../"
@@ -75,7 +75,7 @@
     src: syslinux.cfg.j2
     dest: "{{ usb_install_path }}/EFI/boot/syslinux.cfg"
 
-- name: Make the USB disk bootable
+- name: make the USB disk bootable
   pause:
     seconds: 0
     prompt: |
-- 
cgit v1.2.3