add debian support

 * seems apt_key has no fingerprints
 * add gpg-agent for ubuntu
 * update apt cache
 * reload autofs service
 * run config

Author: ltalirz

Diff for: meta/main.yml

@@ -51,6 +51,10 @@ galaxy_info:
     versions:
     - 6
     - 7
+    - 8
+  - name: Ubuntu
+    versions:
+    - bionic
 
   galaxy_tags: []
     # List tags for your role here, one per line. A tag is a keyword that describes

Diff for: tasks/config.yml

@@ -8,6 +8,7 @@
     owner: "root"
     group: "root"
     mode: "0644"
+  register: cvmfs_config_file
 
 - name: Set autofs timeout
   ansible.builtin.lineinfile:
@@ -27,3 +28,8 @@
     state: "{% if not cvmfs_auto_setup %}mounted{% elif cvmfs_force_unmount %}absent{% endif %}"
   when: (not cvmfs_auto_setup) or (cvmfs_force_unmount)
   loop: "{{ cvmfs_repositories }}"
+
+# cvmfs-auto-setup package not available for Debian so we have to run it manually...
+- name: Configure AutoFS
+  command: cvmfs_config setup
+  when: cvmfs_config_file.changed and ansible_os_family == 'Debian'  

Diff for: tasks/debian.yml

@@ -1,61 +1,64 @@
-
----
-
 # The CERNVM GPG key is the trust anchor for the secure installation of the CVMFS client.
 #
 # The Compute Canada CVMFS GPG key is the trust anchor for the secure distribution of the Compute Canada software stack (and other content), as follows:
 #	- the Compute Canada CVMFS GPG key verifies the authenticity of the computecanada-release RPM
-#	- the computecanada-release RPM configures a yum repository which distributes the cvmfs-config-computecanada RPM
-#	- the cvmfs-config-computecanada RPM contains the public CVMFS key for the cvmfs-config.computecanada.ca CVMFS configuration repository
+#	- the computecanada-release configures an apt repository which distributes the cvmfs-config-computecanada deb
+#	- the cvmfs-config-computecanada deb contains the public CVMFS key for the cvmfs-config.computecanada.ca CVMFS configuration repository
 #	- the CVMFS configuration repository contains the public CVMFS keys for all other Compute Canada CVMFS repositories
 #	- the other CVMFS repositories contain all Compute Canada software (and other content)
 
+- name: Install gpg agent
+  apt:
+    name: ['gpg-agent']
+
 - name: Install CernVM GPG key
   apt_key:
-    key: https://cvmrepo.web.cern.ch/cvmrepo/apt/cernvm.gpg
+    url: https://cvmrepo.web.cern.ch/cvmrepo/apt/cernvm.gpg
     state: present
     validate_certs: yes
-    fingerprint: "70B9 8904 8820 8E31 5ED4  5208 230D 389D 8AE4 5CE7"
 
 # Also available at https://git.computecanada.ca/cc-cvmfs-public/cvmfs-config/raw/master/RPM-GPG-KEY-CC-CVMFS-1
 - name: Install Compute Canada CVMFS GPG key
   apt_key:
-    key: https://package.computecanada.ca/yum/cc-cvmfs-public/RPM-GPG-KEY-CC-CVMFS-1
+    url: https://package.computecanada.ca/yum/cc-cvmfs-public/RPM-GPG-KEY-CC-CVMFS-1
     state: present
     validate_certs: yes
-    fingerprint: "C0C4 0F04 70A3 6AF2 7CC4  4D5A 3B9F C55A CF21 4CFC"
   when: '"cvmfs-config-computecanada" in cvmfs_configuration'
 
-# Target hosts will need internet access anyway to install the actual packages via yum, so we might as well
-# install the yum config from the internet as well - if a version is not already installed. 
-# There is no benefit to abstracting this with the yum_repository module, and doing so would break idempotence
-# because these packages update themselves via their own yum repositories.
+# Target hosts will need internet access anyway to install the actual packages via apt, so we might as well
+# install the apt config from the internet as well - if a version is not already installed.
+# There is no benefit to abstracting this with the apt_repository module, and doing so would break idempotence
+# because these packages update themselves via their own apt repositories.
 
 - name: Install CernVM apt repository
-  yum:
-    name: https://ecsft.cern.ch/dist/cvmfs/cvmfs-release/cvmfs-release-latest_all.deb
+  apt:
+    deb: https://ecsft.cern.ch/dist/cvmfs/cvmfs-release/cvmfs-release-latest_all.deb
     state: present
-    validate_certs: yes
   when: ansible_facts.packages['cvmfs-release'] is not defined
 
-- name: Install Compute Canada apt repository
-  yum:
-    name: https://package.computecanada.ca/yum/cc-cvmfs-public/prod/RPM/computecanada-release-latest.noarch.rpm
-    state: present
-    validate_certs: yes
+# Todo: repository configuration for apt missing
+# - name: Install Compute Canada apt repository
+#   apt:
+#     name: https://package.computecanada.ca/yum/cc-cvmfs-public/prod/other/computecanada-release-latest.noarch.rpm
+#     state: present
+#     validate_certs: yes
+#   when:
+#     - '"cvmfs-config-computecanada" in cvmfs_configuration'
+#     - ansible_facts.packages['computecanada-release'] is not defined
+
+# This task can be removed once the Compute Canada apt repository is configured
+- name: Workaround - install compute canada config package directly from URL
+  apt:
+    deb: "https://package.computecanada.ca/yum/cc-cvmfs-public/prod/other/cvmfs-config-computecanada-latest.all.deb"
+    update_cache: true
   when:
-    - '"cvmfs-config-computecanada" in cvmfs_configuration'
-    - ansible_facts.packages['computecanada-release'] is not defined
+  - '"cvmfs-config-computecanada" in cvmfs_configuration'
 
 - name: Install other prerequisite packages
-  yum:
-    name: [ 'lvm2' ]
+  apt:
+    name: ['lvm2']
   when: cvmfs_client_configure_storage | bool
 
-
 - name: Install CVMFS client and configuration packages
-  yum:
-    name: "['cvmfs'] + {{ cvmfs_auto_setup_package }} + {{ cvmfs_configuration }}"
-  vars:
-    cvmfs_auto_setup_package: "{{ ['cvmfs-auto-setup'] if cvmfs_auto_setup|bool else [] }}"
-
+  apt:
+    name: "['cvmfs'] + {{ cvmfs_configuration }}"

Diff for: tasks/main.yml

@@ -5,11 +5,11 @@
   check_mode: no
   tags:
     - yum
+    - apt
 
 - { import_tasks: users.yml, tags: ['cvmfs', 'users'] }
 - { import_tasks: storage.yml, tags: ['cvmfs', 'storage'], when: cvmfs_client_configure_storage | bool }
 - { import_tasks: redhat.yml, tags: ['cvmfs', 'packages','keys','yum'], when: ansible_os_family == 'RedHat' }
 - { import_tasks: debian.yml, tags: ['cvmfs', 'packages','keys','apt'], when: ansible_os_family == 'Debian' }
 - { import_tasks: config.yml, tags: ['cvmfs', 'config'] }
 - { import_tasks: test.yml, tags: ['cvmfs', 'test'] }
-

Diff for: tasks/redhat.yml

@@ -0,0 +1,58 @@
+---
+
+# The CERNVM GPG key is the trust anchor for the secure installation of the CVMFS client.
+#
+# The Compute Canada CVMFS GPG key is the trust anchor for the secure distribution of the Compute Canada software stack (and other content), as follows:
+#	- the Compute Canada CVMFS GPG key verifies the authenticity of the computecanada-release RPM
+#	- the computecanada-release RPM configures a yum repository which distributes the cvmfs-config-computecanada RPM
+#	- the cvmfs-config-computecanada RPM contains the public CVMFS key for the cvmfs-config.computecanada.ca CVMFS configuration repository
+#	- the CVMFS configuration repository contains the public CVMFS keys for all other Compute Canada CVMFS repositories
+#	- the other CVMFS repositories contain all Compute Canada software (and other content)
+
+- name: Install CernVM GPG key
+  rpm_key:
+    key: https://cvmrepo.web.cern.ch/cvmrepo/yum/RPM-GPG-KEY-CernVM
+    state: present
+    validate_certs: yes
+    fingerprint: "70B9 8904 8820 8E31 5ED4  5208 230D 389D 8AE4 5CE7"
+
+# Also available at https://git.computecanada.ca/cc-cvmfs-public/cvmfs-config/raw/master/RPM-GPG-KEY-CC-CVMFS-1
+- name: Install Compute Canada CVMFS GPG key
+  rpm_key:
+    key: https://package.computecanada.ca/yum/cc-cvmfs-public/RPM-GPG-KEY-CC-CVMFS-1
+    state: present
+    validate_certs: yes
+    fingerprint: "C0C4 0F04 70A3 6AF2 7CC4  4D5A 3B9F C55A CF21 4CFC"
+  when: '"cvmfs-config-computecanada" in cvmfs_configuration'
+
+# Target hosts will need internet access anyway to install the actual packages via yum, so we might as well
+# install the yum config from the internet as well - if a version is not already installed. 
+# There is no benefit to abstracting this with the yum_repository module, and doing so would break idempotence
+# because these packages update themselves via their own yum repositories.
+
+- name: Install CernVM yum repository
+  yum:
+    name: https://ecsft.cern.ch/dist/cvmfs/cvmfs-release/cvmfs-release-latest.noarch.rpm
+    state: present
+    validate_certs: yes
+  when: ansible_facts.packages['cvmfs-release'] is not defined
+
+- name: Install Compute Canada yum repository
+  yum:
+    name: https://package.computecanada.ca/yum/cc-cvmfs-public/prod/RPM/computecanada-release-latest.noarch.rpm
+    state: present
+    validate_certs: yes
+  when:
+    - '"cvmfs-config-computecanada" in cvmfs_configuration'
+    - ansible_facts.packages['computecanada-release'] is not defined
+
+- name: Install other prerequisite packages
+  yum:
+    name: [ 'lvm2' ]
+  when: cvmfs_client_configure_storage | bool
+
+- name: Install CVMFS client and configuration packages
+  yum:
+    name: "['cvmfs'] + {{ cvmfs_auto_setup_package }} + {{ cvmfs_configuration }}"
+  vars:
+    cvmfs_auto_setup_package: "{{ ['cvmfs-auto-setup'] if cvmfs_auto_setup|bool else [] }}"

Diff for: tasks/test.yml

@@ -7,4 +7,3 @@
   command: /usr/bin/cvmfs_config probe
   changed_when: false
   check_mode: no
-