Add offline install support for wildfly_driver role

.github/workflows/ci.yml

@@ -16,4 +16,4 @@ jobs:
       fqcn: 'middleware_automation/wildfly'
       root_permission_varname: 'wildfly_install_requires_become'
       molecule_tests: >-
-        [ "default", "prospero", "yaml_config_validation", "install_options", "colocated_cluster", "custom_config_file", "temurinjdk_support", "app_deploy_standalone", "wildfly_migration", "uninstall" ]
+        [ "default", "prospero", "offline_install_driver", "yaml_config_validation", "install_options", "colocated_cluster", "custom_config_file", "temurinjdk_support", "app_deploy_standalone", "wildfly_migration", "uninstall" ]

molecule/offline_install_driver/converge.yml

@@ -0,0 +1,11 @@
+---
+- name: Deploy JDBC driver to WildFly
+  hosts: all
+  gather_facts: false
+  vars_files:
+    - vars.yml
+    - ../group_vars/all/vars.yml
+  tasks:
+    - name: "Deploy PostgreSQL driver using wildfly_driver role"
+      ansible.builtin.include_role:
+        name: wildfly_driver

molecule/offline_install_driver/molecule.yml

@@ -0,0 +1,48 @@
+---
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+      bin_ansible_callbacks: true
+      callbacks_enabled: junit
+    ssh_connection:
+      pipelining: false
+  playbooks:
+    prepare: prepare.yml
+    converge: converge.yml
+    verify: verify.yml
+  inventory:
+    links:
+      group_vars: ../group_vars
+    group_vars:
+      all:
+        molecule_scenario_requires_driver: true
+  env:
+    JUNIT_OUTPUT_DIR: "$PWD/junit"
+    JUNIT_HIDE_TASK_ARGUMENTS: yes
+    JUNIT_TASK_RELATIVE_PATH: "$PWD"
+    JUNIT_TASK_CLASS: "true"
+    JUNIT_REPLACE_OUT_OF_TREE_PATH: ""
+    ANSIBLE_FORCE_COLOR: "true"
+    ANSIBLE_COLLECTIONS_PATHS: "~/.ansible/collections/"
+    ANSIBLE_ROLES_PATH: "../../roles"
+
+verifier:
+  name: ansible
+  options:
+    sudo: true
+
+scenario:
+  test_sequence:
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    - idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy

molecule/offline_install_driver/prepare.yml

@@ -0,0 +1,4 @@
+---
+- import_playbook: ../prepare.yml
+
+- import_playbook: ../../playbooks/playbook.yml

molecule/offline_install_driver/vars.yml

@@ -0,0 +1,6 @@
+---
+wildfly_driver_offline_install: true
+wildfly_driver_module_name: "org.postgresql"
+wildfly_driver_version: "42.7.10"
+wildfly_driver_jar_filename: "postgresql-{{ wildfly_driver_version }}.jar"
+wildfly_driver_jar_url: "https://jdbc.postgresql.org/download/{{ wildfly_driver_jar_filename }}"

molecule/offline_install_driver/verify.yml

@@ -0,0 +1,89 @@
+---
+- name: Verify JDBC driver deployment
+  hosts: all
+  gather_facts: false
+  vars_files:
+    - ../group_vars/all/vars.yml
+    - vars.yml
+  vars:
+    wildfly_version: '39.0.0.Final'
+    wildfly_home: "/opt/wildfly/wildfly-{{ wildfly_version }}"
+    wildfly_user: 'wildfly'
+    wildfly_group: 'wildfly'
+    driver_module_path: "{{ wildfly_home }}/modules/{{ wildfly_driver_module_name | replace('.', '/') }}/main"
+    driver_jar_file: "{{ driver_module_path }}/{{ wildfly_driver_jar_filename }}"
+    module_xml_file: "{{ driver_module_path }}/module.xml"
+  tasks:
+    - name: "Check if driver module directory exists"
+      ansible.builtin.stat:
+        path: "{{ driver_module_path }}"
+      register: module_dir
+      become: "{{ wildfly_install_requires_become | default(true) }}"
+
+    - name: "Verify module directory exists"
+      ansible.builtin.assert:
+        that:
+          - module_dir.stat.exists
+          - module_dir.stat.isdir
+        fail_msg: "Driver module directory does not exist: {{ driver_module_path }}"
+        success_msg: "Driver module directory exists"
+
+    - name: "Check if driver JAR file exists"
+      ansible.builtin.stat:
+        path: "{{ driver_jar_file }}"
+      register: jar_file
+      become: "{{ wildfly_install_requires_become | default(true) }}"
+
+    - name: "Verify JAR file exists"
+      ansible.builtin.assert:
+        that:
+          - jar_file.stat.exists
+          - jar_file.stat.isreg
+        fail_msg: "Driver JAR file does not exist: {{ driver_jar_file }}"
+        success_msg: "Driver JAR file exists"
+
+    - name: "Check if module.xml exists"
+      ansible.builtin.stat:
+        path: "{{ module_xml_file }}"
+      register: module_xml
+      become: "{{ wildfly_install_requires_become | default(true) }}"
+
+    - name: "Verify module.xml exists"
+      ansible.builtin.assert:
+        that:
+          - module_xml.stat.exists
+          - module_xml.stat.isreg
+        fail_msg: "module.xml file does not exist: {{ module_xml_file }}"
+        success_msg: "module.xml file exists"
+
+    - name: "Read module.xml content"
+      ansible.builtin.slurp:
+        src: "{{ module_xml_file }}"
+      register: module_xml_content
+      become: "{{ wildfly_install_requires_become | default(true) }}"
+
+    - name: "Verify module.xml contains correct module name"
+      ansible.builtin.assert:
+        that:
+          - "'{{ wildfly_driver_module_name }}' in (module_xml_content.content | b64decode)"
+          - "'{{ wildfly_driver_jar_filename }}' in (module_xml_content.content | b64decode)"
+        fail_msg: "module.xml does not contain expected module configuration"
+        success_msg: "module.xml contains correct PostgreSQL driver configuration"
+
+    - name: "Verify file ownership"
+      ansible.builtin.assert:
+        that:
+          - jar_file.stat.pw_name == wildfly_user
+          - jar_file.stat.gr_name == wildfly_group
+          - module_xml.stat.pw_name == wildfly_user
+          - module_xml.stat.gr_name == wildfly_group
+        fail_msg: "Driver files have incorrect ownership"
+        success_msg: "Driver files have correct ownership ({{ wildfly_user }}:{{ wildfly_group }})"
+
+    - name: "Verify file permissions"
+      ansible.builtin.assert:
+        that:
+          - jar_file.stat.mode == '0640'
+          - module_xml.stat.mode == '0640'
+        fail_msg: "Driver files have incorrect permissions"
+        success_msg: "Driver files have correct permissions (0640)"

roles/wildfly_driver/README.md

@@ -13,6 +13,8 @@ Role Defaults
 |:---------|:------------|:--------|
 |`wildfly_driver_module_dir`| Path for module installation | `{{ wildfly_home }}/modules/{{ wildfly_driver.module_name | replace('.', '/') }}/main` |
 |`wildfly_driver_jar_installation_path`| Path for JDBC driver installation | `{{ wildfly_driver_module_dir }}/{{ wildfly_driver.jar_filename }}` |
+|`wildfly_driver_download_dir`| Temporary directory for the driver download | `/tmp` |
+|`wildfly_driver_offline_install`| Enable offline install mode (download to control node, then copy to target) | `false` |
 |`wildfly_version`| WildFly version to install | `39.0.0.Final` |
 |`wildfly_home`| WildFly installation directory | `/opt/wildfly/wildfly-{{ wildfly_version }}/` |
 |`wildfly_user`| POSIX user account for WildFly | `wildfly` |

roles/wildfly_driver/defaults/main.yml

@@ -2,6 +2,8 @@
 wildfly_user: 'wildfly'
 wildfly_group: "{{ wildfly_user }}"
 wildfly_version: '39.0.0.Final'
-wildfly_home: "/opt/wildfly/wildfly-{{ wildfly_version }}/"
+wildfly_home: "/opt/wildfly/wildfly-{{ wildfly_version }}"
 wildfly_driver_module_dir: "{{ wildfly_home }}/modules/{{ wildfly_driver.module_name | replace('.', '/') }}/main"
 wildfly_driver_jar_installation_path: "{{ wildfly_driver_module_dir }}/{{ wildfly_driver_jar_filename }}"
+wildfly_driver_download_dir: "/tmp"
+wildfly_driver_offline_install: false

roles/wildfly_driver/meta/argument_specs.yml

@@ -25,6 +25,14 @@ argument_specs:
                 required: true
                 description: "Name for the JDBC driver module"
                 type: "str"
+            wildfly_driver_download_dir:
+                default: "/tmp"
+                description: "Temporary directory for the driver download"
+                type: "str"
+            wildfly_driver_offline_install:
+                default: false
+                description: "Enable offline install mode (download to control node, then copy to target)"
+                type: "bool"
             wildfly_version:
                 default: "39.0.0.Final"
                 description: "WildFly version to install"

roles/wildfly_driver/tasks/main.yml

@@ -7,9 +7,9 @@
       - wildfly_driver.version is defined
       - wildfly_driver.jar_url is defined
     quiet: true
-    fail_msg: 'Required variables not provided.'
+    fail_msg: "Required variables not provided."
 
-- name: "Ensure driver {{ wildfly_driver.module_name }} is deployed."
+- name: "Prepare {{ wildfly_driver.module_name }} driver deployment"
   become: "{{ wildfly_driver_become | default('yes') }}"
   block:
     - name: "Check module directory: {{ wildfly_driver_module_dir }}"
@@ -32,22 +32,20 @@
       when:
         - not dest_path.stat.exists
 
-    - name: "Retrieve JDBC Driver from {{ wildfly_driver.jar_url }}"
-      ansible.builtin.uri:
-        url: "{{ wildfly_driver.jar_url }}"
-        dest: "{{ wildfly_driver_jar_installation_path }}"
-        group: "{{ wildfly_group }}"
-        owner: "{{ wildfly_user }}"
-        mode: '0640'
-        creates: "{{ wildfly_driver_jar_installation_path }}"
-        selevel: s0
-        serole: object_r
-        setype: usr_t
-        seuser: system_u
-      when:
-        - wildfly_driver.jar_url is defined
+- name: "Deploy driver using offline mode"
+  ansible.builtin.include_tasks: offline.yml
+  when:
+    - wildfly_driver_offline_install
+
+- name: "Deploy driver using online mode"
+  ansible.builtin.include_tasks: online.yml
+  when:
+    - not wildfly_driver_offline_install
 
-    - name: Set source template path
+- name: "Finalize {{ wildfly_driver.module_name }} driver deployment"
+  become: "{{ wildfly_driver_become | default('yes') }}"
+  block:
+    - name: "Set source template path"
       ansible.builtin.set_fact:
         module_xml_template: "{{ override_module_xml_template | default('templates/jdbc_driver_module.xml.j2') }}"
 

roles/wildfly_driver/tasks/offline.yml

@@ -0,0 +1,44 @@
+---
+- name: "Download {{ wildfly_driver.module_name }} driver to localhost"
+  delegate_to: localhost
+  become: false
+  run_once: true
+  block:
+    - name: "Check local download driver path"
+      ansible.builtin.stat:
+        path: "{{ wildfly_driver_download_dir }}"
+      register: local_path
+
+    - name: "Set download path"
+      ansible.builtin.set_fact:
+        local_path_to_driver: "{{ local_path.stat.path }}/{{ wildfly_driver.jar_filename }}"
+
+    - name: "Retrieve JDBC Driver from {{ wildfly_driver.jar_url }}"
+      ansible.builtin.uri:
+        url: "{{ wildfly_driver.jar_url }}"
+        dest: "{{ local_path_to_driver }}"
+        mode: '0640'
+        creates: "{{ local_path_to_driver }}"
+        selevel: s0
+        serole: object_r
+        setype: usr_t
+        seuser: system_u
+      when:
+        - wildfly_driver.jar_url is defined
+
+    - name: "Check downloaded driver"
+      ansible.builtin.stat:
+        path: "{{ local_path_to_driver }}"
+      register: local_driver_path
+
+- name: "Copy driver from localhost to target"
+  ansible.builtin.copy:
+    src: "{{ local_path_to_driver }}"
+    dest: "{{ wildfly_driver_jar_installation_path }}"
+    owner: "{{ wildfly_user }}"
+    group: "{{ wildfly_group }}"
+    mode: '0640'
+  when:
+    - local_driver_path.stat is defined
+    - local_driver_path.stat.exists
+  become: "{{ wildfly_driver_become | default('yes') }}"

roles/wildfly_driver/tasks/online.yml

@@ -0,0 +1,16 @@
+---
+- name: "Download {{ wildfly_driver.module_name }} driver directly to target"
+  ansible.builtin.uri:
+    url: "{{ wildfly_driver.jar_url }}"
+    dest: "{{ wildfly_driver_jar_installation_path }}"
+    owner: "{{ wildfly_user }}"
+    group: "{{ wildfly_group }}"
+    mode: '0640'
+    creates: "{{ wildfly_driver_jar_installation_path }}"
+    selevel: s0
+    serole: object_r
+    setype: usr_t
+    seuser: system_u
+  when:
+    - wildfly_driver.jar_url is defined
+  become: "{{ wildfly_driver_become | default('yes') }}"