roles/pulp/tasks/install.yml

---
- block:

    - name: Update apt package index
      apt:
        update_cache: yes
      when: ansible_distribution == 'Debian'
      # This is a lie, but necessary for Idempotence test
      changed_when: False

    # Break the loop once the first package name/URL in the list is found to be installed.
    # The yum module (which wraps the yum command) uses rc=126 for package not
    # found, or 0 for changed / already installed.
    - name: Install EPEL Release
      yum:
        name: "{{ item }}"
        state: present
        # dnf/yum4 registered results not implemented yet
        use_backend: yum
      register: epel
      when:
        - (ansible_distribution == 'CentOS') or (ansible_distribution == 'RedHat')
        # Works for both strings and lists to make sure not empty
        - epel_release_packages is defined
        - epel_release_packages is not none
        - epel_release_packages | length > 0
        - ( ansible_loop.first ) or (epel.rc == 126)
      failed_when:
        - epel.rc not in [0,126]
        - ( ansible_loop.last ) and (epel.rc == 126)
      # Cast a single string as a list.
      loop: "{{ lookup('vars', 'epel_release_packages', wantlist=True) }}"
      loop_control:
        extended: True

    - name: Install prerequisites
      package:
        name: '{{ pulp_preq_packages }}'
        state: present

    # Needed by psycopg2-binary from PyPI
    - name: Install prerequisites (Fedora 30+ only)
      package:
        name: libxcrypt-compat
        state: present
      when:
        - ansible_distribution == "Fedora"
        - ansible_distribution_version|int >= 30

    - name: Disable SELinux (Pulp 3 is currently incompatible with SELinux)
      selinux:
        policy: targeted
        state: permissive
      when: ansible_os_family == 'RedHat'

    # Become root so as to search paths like /usr/sbin.
    - name: Find the nologin executable
      command: which nologin
      changed_when: False
      check_mode: False
      register: result

    - name: Make sure {{ pulp_group }} group exists
      group:
        name: '{{ pulp_group }}'
        gid: '{{ pulp_group_id }}'
        state: present
        system: true

    - name: Create user {{ pulp_user }}
      user:
        name: '{{ pulp_user }}'
        uid: '{{ pulp_user_id }}'
        shell: '{{ result.stdout.strip() }}'
        home: '{{ pulp_user_home }}'
        system: true
      when: developer_user is not defined

    - name: Add user {{ pulp_user }} to {{ pulp_group }} group
      user:
        name: '{{ pulp_user }}'
        groups:
          - '{{ pulp_group }}'
        append: true

    - name: Add user {{ developer_user }} to {{ pulp_group }} group
      user:
        name: '{{ developer_user }}'
        groups:
          - '{{ pulp_group }}'
        append: true
      when: developer_user is defined

    - name: Reset ssh conn to allow user changes to affect when ssh user and pulp user are the same
      meta: reset_connection

    - name: Create cache dir for Pulp
      file:
        path: '{{ pulp_cache_dir }}'
        state: directory
        owner: '{{ pulp_user }}'
        group: '{{ pulp_group }}'
        mode: 0775

    - name: Create pulp install dir
      file:
        path: '{{ pulp_install_dir }}'
        state: directory
        owner: '{{ pulp_user }}'
        group: '{{ pulp_group }}'

    - name: Install packages needed for source install
      package:
        name:
          - git
        state: present
      register: result
      until: result is succeeded

    # We are purposely running this before the venv is created, since
    # if we are using system-wide packages, it could cause duplicate
    # python packages to be installed.
    # Note: We would do a static import like in pulp-database, but
    # looping does not work with it, so we do a dynamic include.
    - name: Include plugins prereq roles
      include_role:
        name: "{{ item.value.prereq_role }}"
      with_dict: "{{ pulp_install_plugins }}"
      when: item.value.prereq_role is defined

  become: true

- block:

    # Hack for use system-wide packages when enabled by user - Must be first usage of virtualenv
    - name: Allow use system-wide packages
      pip:
        name: pip
        state: present
        virtualenv: '{{ pulp_install_dir }}'
        virtualenv_command: '{{ pulp_python_interpreter }} -m venv'
        virtualenv_site_packages: yes
      when: pulp_use_system_wide_pkgs |bool

    - name: Install the psycopg python package
      pip:
        name: psycopg2-binary
        state: present
        virtualenv: '{{ pulp_install_dir }}'
        virtualenv_command: '{{ pulp_python_interpreter }} -m venv'

    - name: Install the prereq_pip_packages
      pip:
        name: '{{ prereq_pip_packages }}'
        state: present
        virtualenv: '{{ pulp_install_dir }}'
        virtualenv_command: '{{ pulp_python_interpreter }} -m venv'
      when: prereq_pip_packages | length > 0

    - name: Install pulpcore package from source
      pip:
        name: '{{ pulp_source_dir }}'
        editable: '{{ pulp_pip_editable }}'
        state: present
        virtualenv: '{{ pulp_install_dir }}'
        virtualenv_command: '{{ pulp_python_interpreter }} -m venv'
      when: pulp_source_dir is defined
      # This is a hack. Editable pip installs are always changed, which fails molecule's
      # idempotence test.
      changed_when: result.changed and not pulp_pip_editable
      notify: Collect static content

    - name: Install pulpcore-plugin package from source
      pip:
        name: '{{ pulp_plugin_source_dir }}'
        editable: '{{ pulp_pip_editable }}'
        state: present
        virtualenv: '{{ pulp_install_dir }}'
        virtualenv_command: '{{ pulp_python_interpreter }} -m venv'
      when: pulp_plugin_source_dir is defined
      # This is a hack. Editable pip installs are always changed, which fails molecule's
      # idempotence test.
      changed_when: result.changed and not pulp_pip_editable
      notify: Collect static content

    - name: Install Pulp plugins via PyPI
      pip:
        name: '{{ item.key }}'
        state: present
        virtualenv: '{{ pulp_install_dir }}'
        virtualenv_command: '{{ pulp_python_interpreter }} -m venv'
      with_dict: '{{ pulp_install_plugins }}'
      when: pulp_install_plugins[item.key].source_dir is undefined
      notify: Collect static content

    - name: Install Pulp plugins from source
      pip:
        name: '{{ item.value.source_dir }}'
        editable: '{{ pulp_pip_editable }}'
        state: present
        virtualenv: '{{ pulp_install_dir }}'
        virtualenv_command: '{{ pulp_python_interpreter }} -m venv'
      with_dict: '{{ pulp_install_plugins }}'
      when: pulp_install_plugins[item.key].source_dir is defined
      # This is a hack. Editable pip installs are always changed, which fails molecule's
      # idempotence test.
      changed_when: result.changed and not pulp_pip_editable
      notify: Collect static content

  become: true
  become_user: '{{ pulp_user }}'
...