Bug fixes pr devel 2.x (#2705)

* Fixing-email-title-for-backup-validation (#2657)

Co-authored-by: Matej Stajduhar <[email protected]>

* Adding-task-to-create-aurora-cluster (#2659)

* Adding-task-to-create-aurora-cluster

* Adding-region-profile-and-tags-to-aurora-cluster

* Updating-engine-for-aurora-cluster

* Updating-parameter-group-engine

* Updating-engine-version

* Updating-engine-version-2

* Disabling-automated-backups

* Disabling-automated-backups-2

* Disabling-automated-backups-3

* Disabling-automated-backups-4

* Skipping-task-if-not-aurora

* Adding-subnet-group-to-instances

* Adding-subnet-group-to-instances

* Updating-SG-return-values

* Updating-SG-return-values-2

* Updating-SG-return-values-3

* Updating-SG-return-values-4

* Updating-SG-return-value-debug

* Updating-SG-return-value-debug-2

* Updating-SG-return-value-debug-3

* Removing-debug-tasks

* Removing-init-var-for-SG-list

* Adding-character-set-option

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing installer variable bug.

* Fixing tests for external PRs.

* Testing with a fork.

* Adding repo owner's username into installer string.

* Refactoring config repo detection to simplify.

* No longer permitted to use an integer as a truthy value.

* No longer permitted to use existence check as a truthy value.

* Can't see a reason why linotp var shouldn't be a boolean.

* No longer permitted to use existence check as a truthy value.

* Fixing truthy errors in ce_deploy role.

* No longer permitted to use an integer as a truthy value.

* Fixing truthy variable mistakes. (#2662)

* Fixing installer variable bug.

* Fixing tests for external PRs.

* Testing with a fork.

* Adding repo owner's username into installer string.

* Refactoring config repo detection to simplify.

* No longer permitted to use an integer as a truthy value.

* No longer permitted to use existence check as a truthy value.

* Can't see a reason why linotp var shouldn't be a boolean.

* No longer permitted to use existence check as a truthy value.

* Fixing truthy errors in ce_deploy role.

* No longer permitted to use an integer as a truthy value.

* feat(php): Add FPM slow logrotate (#2625)

* feat(php): Support removal of APCU, add FPM slow logrotate

* simplify condition

* revert apcu installed setting, not needed

* r73458-install-php-gmp-by-default2 (#2667)

* r73458-install-php-gmp-by-default2

* re-add required packages

* Wazuh-mitre-report-setup (#2588)

* Wazuh-mitre-report-setup

* Wazuh-mitre-shellshock-longurl-block

* Fixing-vars

* Wazuh-mitre-report-setup-PR-2.x

* Wazuh mitre report setup pr 2.x (#2669)

* Wazuh-mitre-report-setup

* Wazuh-mitre-shellshock-longurl-block

* Fixing-vars

* Wazuh-mitre-report-setup-PR-2.x

* Wazuh-mitre-report-setup-PR-2.x

* pin_ansible_version (#2671)

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_fix_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* pin_ansible_version_disable_upgrade_timer

* Fixing-ce-provision-vars (#2678)

* Updating-string (#2507)

* Updating-string

* Updating-string-3

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Added-tasks-to-backup-Aurora-and-copy-AMI-to-safe-region (#2682)

* Added-tasks-to-backup-Aurora-and-copy-AMI-to-safe-region

* Fixing-aurora-backup-tasks

* Fixing-aurora-backup-tasks-2

* Fixing-aurora-backup-tasks-3

* Fixing-aurora-backup-tasks-5

* Adding-aurora-template

* Updating-aurora-vars

* Adding-handler-to-defaults-for-CF

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* SG-creation-update (#2605)

* SG-creation-update

* Updating-lambda-tasks-to-handle-various-file-options

* Updating-lambda-tasks-for-url-handling

* Updating-aws_admin_tools-for-aws_lambda

* Updating-aws_admin_tools-for-aws_lambda

* Setting-loop-item

* Setting-loop-item-2

* Updating-vpc-sec-group-vars

* Removing-extra-vars-for-git-module

* Adding-default-for-git_url

* Cleaning-up-tasks

* Updating-ansible-lint

* Updating-ansible-lint

* Ommiting-name-if-no-sec_group-name-defined

* Removing-loop-var

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing-copy-AMI-to-backup-region (#2684)

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing-ami-copy-task (#2686)

Co-authored-by: Matej Stajduhar <[email protected]>

* Updating clamav command to use flock avoiding duplicate processes running.

* Bug fixes pr 2.x (#2690)

* Fixing installer variable bug.

* Fixing tests for external PRs.

* Testing with a fork.

* Adding repo owner's username into installer string.

* Refactoring config repo detection to simplify.

* No longer permitted to use an integer as a truthy value.

* No longer permitted to use existence check as a truthy value.

* Can't see a reason why linotp var shouldn't be a boolean.

* No longer permitted to use existence check as a truthy value.

* Fixing truthy errors in ce_deploy role.

* No longer permitted to use an integer as a truthy value.

* Updating clamav command to use flock avoiding duplicate processes running.

* 73569 allowing webp nginx pr 2.x (#2692)

* allowing webp extension

* adding webp mime type

---------

Co-authored-by: filip <[email protected]>

* extending provision.sh to support tags in plays (#2431)

Co-authored-by: filip <[email protected]>

* Adding-option-for-Aurora-RDS-for-backup-validation (#2635)

Co-authored-by: Matej Stajduhar <[email protected]>

* Fixing-aws_vpc-override (#2688)

* Fixing-aws_vpc-override

* Adding-defaults

* Fixing-register-command

* Defaulting-tags

* Defaulting-tags-2

* Updating-region

* Updating-iam_role-vars

* Updating-iam_role-vars-2

* Updating-when-statement

* Updating-when-statement-for-backups

* Updating-when-statement-for-iam-policy

* Updating-when-statement-for-iam-policy

* Updating-vars-for-SG-creation

* Updating-when-statement-for-iam-role

* Updating-handle-git-url

* Updating-handle-git-url-2

* Updating-handle-git-url-3

* Updating-handle-git-url-4

* Updating-handle-git-url-5

* Updating-handle-git-url-6

* Updating-handle-git-url-7

* Fixing-indentation

---------

Co-authored-by: Matej Stajduhar <[email protected]>

* More truthy length fixes.

* Updating-pam-ldap-condition (#2695)

* Updating-pam-ldap-condition

* Updating-pam-ldap-condition-PR-2.x

* Fixing more LDAP role truthy issues.

* Slight block refactor for LDAP.

* DN length check should not be negated.

* Forgot to add the length filter.

* Another boolean Ansible 12 error in AMI role.

* ALB port must be cast as a string for RedirectAction.

* Setting the correct Jinja filter, it's string, not str.

* Fixing more Ansible 12 length issues in autoscale role.

---------

Co-authored-by: drazenCE <[email protected]>
Co-authored-by: Matej Štajduhar <[email protected]>
Co-authored-by: Matej Stajduhar <[email protected]>
Co-authored-by: Klaus Purer <[email protected]>
Co-authored-by: nfawbert <[email protected]>
Co-authored-by: tymofiisobchenko <[email protected]>
Co-authored-by: Filip Rupic <[email protected]>
Co-authored-by: filip <[email protected]>

Author: 9 people

roles/aws/aws_ec2_autoscale_cluster/tasks/main.yml

@@ -460,8 +460,8 @@
     cmd: "aws elbv2 add-listener-certificates --region {{ aws_ec2_autoscale_cluster.region }} --profile {{ aws_ec2_autoscale_cluster.aws_profile }} --listener-arn {{ _aws_ec2_autoscale_cluster_alb_listener_ARN }} --certificates CertificateArn={{ item }}"
   when:
     - aws_ec2_autoscale_cluster.create_elb
-    - aws_ec2_autoscale_cluster.ssl_extra_certificate_ARNs
-    - _ssl_certificate_ARN | length > 1
+    - aws_ec2_autoscale_cluster.ssl_extra_certificate_ARNs|length > 0
+    - _ssl_certificate_ARN|length > 1
   with_items: "{{ aws_ec2_autoscale_cluster.ssl_extra_certificate_ARNs }}"
 
 # EC2 - BUILD ASG
@@ -475,7 +475,7 @@
       group_names: "{{ aws_ec2_autoscale_cluster.cluster_security_groups }}"
       return_type: ids
   when:
-    - aws_ec2_autoscale_cluster.cluster_security_groups | length > 0
+    - aws_ec2_autoscale_cluster.cluster_security_groups|length > 0
     - aws_ec2_autoscale_cluster.asg_refresh
     - aws_ec2_autoscale_cluster.type == "ec2"
     - aws_ec2_autoscale_cluster.deploy_cluster
@@ -542,60 +542,56 @@
     - aws_ec2_autoscale_cluster.type == "ec2"
     - aws_ec2_autoscale_cluster.deploy_cluster
 
-- name: Create step scaling AutoScale policies.
-  community.aws.autoscaling_policy:
-    profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
-    region: "{{ aws_ec2_autoscale_cluster.region }}"
-    state: "present"
-    name: "{{ item.name }}-{{ item.policy_type }}"
-    adjustment_type: "{{ item.adjustment_type }}"
-    asg_name: "{{ aws_ec2_autoscale_cluster.name }}"
-    scaling_adjustment: "{{ item.adjustment }}"
-    min_adjustment_step: "{{ item.adjustment_step }}"
-    metric_aggregation: "{{ item.metric_aggregation }}"
-    step_adjustments: "{{ item.step_adjustments }}"
-  when:
-    - aws_ec2_autoscale_cluster.asg_scaling_policies
-    - item.policy_type == 'StepScaling'
-    - aws_ec2_autoscale_cluster.type == "ec2"
-    - aws_ec2_autoscale_cluster.deploy_cluster
-  register: _aws_ec2_autoscale_cluster_step_scaling_policies
-  with_items: "{{ aws_ec2_autoscale_cluster.asg_scaling_policies }}"
-
-- name: Create simple scaling AutoScale policies.
-  community.aws.autoscaling_policy:
-    profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
-    region: "{{ aws_ec2_autoscale_cluster.region }}"
-    state: "present"
-    name: "{{ item.name }}-{{ item.policy_type }}"
-    adjustment_type: "{{ item.adjustment_type }}"
-    asg_name: "{{ aws_ec2_autoscale_cluster.name }}"
-    scaling_adjustment: "{{ item.adjustment }}"
-    min_adjustment_step: "{{ item.adjustment_step }}"
-    cooldown: "{{ item.cooldown }}"
-  when:
-    - aws_ec2_autoscale_cluster.asg_scaling_policies
-    - item.policy_type == 'SimpleScaling'
-    - aws_ec2_autoscale_cluster.type == "ec2"
-    - aws_ec2_autoscale_cluster.deploy_cluster
-  register: _aws_ec2_autoscale_cluster_simple_scaling_policies
-  with_items: "{{ aws_ec2_autoscale_cluster.asg_scaling_policies }}"
-
-- name: Fetch step scaling policies.
-  ansible.builtin.set_fact:
-    _aws_ec2_autoscale_cluster_scaling_policies: "{{ _aws_ec2_autoscale_cluster_step_scaling_policies.results }}"
+- name: Handle simple scaling AutoScale.
   when:
-    - _aws_ec2_autoscale_cluster_step_scaling_policies
+    - aws_ec2_autoscale_cluster.asg_scaling_policies|length > 0
+    - item.policy_type == 'SimpleScaling'
     - aws_ec2_autoscale_cluster.type == "ec2"
     - aws_ec2_autoscale_cluster.deploy_cluster
-
-- name: Fetch simple scaling policies.
-  ansible.builtin.set_fact:
-    _aws_ec2_autoscale_cluster_scaling_policies: "{{ _aws_ec2_autoscale_cluster_scaling_policies + _aws_ec2_autoscale_cluster_simple_scaling_policies.results }}"
-  when:
-    - _aws_ec2_autoscale_cluster_simple_scaling_policies
+  block:
+    - name: Create simple scaling AutoScale policies.
+      community.aws.autoscaling_policy:
+        profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
+        region: "{{ aws_ec2_autoscale_cluster.region }}"
+        state: "present"
+        name: "{{ item.name }}-{{ item.policy_type }}"
+        adjustment_type: "{{ item.adjustment_type }}"
+        asg_name: "{{ aws_ec2_autoscale_cluster.name }}"
+        scaling_adjustment: "{{ item.adjustment }}"
+        min_adjustment_step: "{{ item.adjustment_step }}"
+        cooldown: "{{ item.cooldown }}"
+      register: _aws_ec2_autoscale_cluster_simple_scaling_policies
+      with_items: "{{ aws_ec2_autoscale_cluster.asg_scaling_policies }}"
+
+    - name: Fetch simple scaling policies.
+      ansible.builtin.set_fact:
+        _aws_ec2_autoscale_cluster_scaling_policies: "{{ _aws_ec2_autoscale_cluster_scaling_policies + _aws_ec2_autoscale_cluster_simple_scaling_policies.results }}"
+
+- name: Handle step scaling AustoScale.
+  when:
+    - aws_ec2_autoscale_cluster.asg_scaling_policies|length > 0
+    - item.policy_type == 'StepScaling'
     - aws_ec2_autoscale_cluster.type == "ec2"
     - aws_ec2_autoscale_cluster.deploy_cluster
+  block:
+    - name: Create step scaling AutoScale policies.
+      community.aws.autoscaling_policy:
+        profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
+        region: "{{ aws_ec2_autoscale_cluster.region }}"
+        state: "present"
+        name: "{{ item.name }}-{{ item.policy_type }}"
+        adjustment_type: "{{ item.adjustment_type }}"
+        asg_name: "{{ aws_ec2_autoscale_cluster.name }}"
+        scaling_adjustment: "{{ item.adjustment }}"
+        min_adjustment_step: "{{ item.adjustment_step }}"
+        metric_aggregation: "{{ item.metric_aggregation }}"
+        step_adjustments: "{{ item.step_adjustments }}"
+      register: _aws_ec2_autoscale_cluster_step_scaling_policies
+      with_items: "{{ aws_ec2_autoscale_cluster.asg_scaling_policies }}"
+
+    - name: Fetch step scaling policies.
+      ansible.builtin.set_fact:
+        _aws_ec2_autoscale_cluster_scaling_policies: "{{ _aws_ec2_autoscale_cluster_step_scaling_policies.results }}"
 
 - name: Create placeholder ARN variables for scaling policies.
   ansible.builtin.set_fact:
@@ -740,7 +736,7 @@
     _aws_ec2_autoscale_cluster_cloudfront_aliases: "{{ _aws_ec2_autoscale_cluster_cloudfront_aliases + [item.domain] }}"
   loop: "{{ aws_ec2_autoscale_cluster.acm.extra_domains }}"
   when:
-    - aws_ec2_autoscale_cluster.acm.extra_domains | length > 0
+    - aws_ec2_autoscale_cluster.acm.extra_domains|length > 0
     - aws_ec2_autoscale_cluster.create_elb
     - aws_ec2_autoscale_cluster.cloudfront.create_distribution
 
@@ -761,7 +757,7 @@
   when:
     - aws_ec2_autoscale_cluster.create_elb
     - aws_ec2_autoscale_cluster.cloudfront.create_distribution
-    - _cf_certificate_ARN | length > 1
+    - _cf_certificate_ARN|length > 1
 
 # @TODO - we can use the aws_acm_obsolete_certificate_arn variable to tidy up previous ACM certs, if it is defined.
 
@@ -777,11 +773,4 @@
   loop: "{{ _aws_ec2_autoscale_cluster_dns_all_domains }}"
   when:
     - aws_ec2_autoscale_cluster.route_53.zone is defined
-    - aws_ec2_autoscale_cluster.route_53.zone | length > 0
-
-#- name: Copy AMI to backup region.
-#  community.aws.ec2_ami_copy:
-#    aws_profile: "{{ aws_ec2_autoscale_cluster.aws_profile }}"
-#    source_region: "{{ aws_ec2_autoscale_cluster.region }}"
-#    region: "{{ aws_backup.copy_vault.region }}"
-#    source_image_id: "{{ aws_ec2_autoscale_cluster_image_latest.image_id }}"
+    - aws_ec2_autoscale_cluster.route_53.zone|length > 0