Merge pull request #95 from play-iot/release/vpnc-deployer/0.10.0

zero88 · web-flow · commit 45728b99536c · 2021-06-16T11:29:48.000+07:00
Release/vpnc deployer/0.10.0
diff --git a/.github/workflows/build-release-vpnc-deployer.yml b/.github/workflows/build-release-vpnc-deployer.yml
@@ -181,6 +181,7 @@ jobs:
           docker create --name ${{ env.CLI_APP_IMAGE }} localhost:5000/${{ env.CLI_APP_IMAGE }}:build
           docker cp ${{ env.CLI_APP_IMAGE }}:/app/${{ env.CLI_APP_CODE }} /tmp/${{ env.CLI_APP_CODE }}
           docker rm -f ${{ env.CLI_APP_IMAGE }}
+          chmod +x /tmp/${{ env.CLI_APP_CODE }}
 
       - name: Upload CLI tool
         uses: actions/upload-artifact@v2
diff --git a/cli/CHANGELOG-VPNC-DEPLOYER.md b/cli/CHANGELOG-VPNC-DEPLOYER.md
@@ -1,29 +1,40 @@
 # Changelog
 
-## [v0.9.4](https://github.com/play-iot/iot-vpn/tree/vpnc-deployer/v0.9.4) (2021-05-13)
+## [v0.10.0](https://github.com/play-iot/iot-vpn/tree/vpnc-deployer/v0.10.0) (2021-06-16)
 
 ### Improvement
+
+- Provide workaround for [#91](https://github.com/play-iot/iot-vpn/issues/91)
+
+## [v0.9.4](https://github.com/play-iot/iot-vpn/tree/vpnc-deployer/v0.9.4) (2021-06-10)
+
+### Improvement
+
 - Add `arm64` option in `deployer-cli` to allow downloading `vpnc-armv64`
 - Sync version with `vpnc`
 
 ## [v0.9.3](https://github.com/play-iot/iot-vpn/tree/vpnc-deployer/v0.9.3) (2021-05-13)
 
 ### Improvement
+
 - Add `vpnc-deployer-cli` tool
 - Sync version with `vpnc`
 
 ## [v0.1.2](https://github.com/play-iot/iot-vpn/tree/vpnc-deployer/v0.1.2) (2021-05-06)
 
 ### Improvement
+
 - Use [mitogen](https://github.com/mitogen-hq/mitogen) with `Ansible` to improve performance
 - Add missing `jmespath` lib in `Ansible` image
 
 ## [v0.1.1](https://github.com/play-iot/iot-vpn/tree/vpnc-deployer/v0.1.1) (2021-05-05)
 
 ### Fixed
+
 - Fix wrong variable
 
 ## [v0.1.0](https://github.com/play-iot/iot-vpn/tree/vpnc-deployer/v0.1.0) (2021-05-05)
 
 ### Added
+
 - `Ansible` for bulk setup/rollout/extend VPNC
diff --git a/cli/ansible/roles/vpnc-state/tasks/01_check_vpnc_cli.yml b/cli/ansible/roles/vpnc-state/tasks/01_check_vpnc_cli.yml
@@ -11,7 +11,7 @@
       {{ resp_vpnc_state | combine({  'is_exec': runtime_is_exec.rc == 0,
                                       'error': None if runtime_is_exec.rc == 0 else runtime_is_exec.msg }) }}
 
-- name: Check VPNC CLI version
+- name: Query VPNC CLI version
   when: not ansible_check_mode and runtime_is_exec.rc == 0
   command: "{{ vpnc_cli }} version --json"
   register: runtime_is_ver
diff --git a/cli/ansible/roles/vpnc-state/tasks/02_check_vpnc_service.yml b/cli/ansible/roles/vpnc-state/tasks/02_check_vpnc_service.yml
@@ -1,4 +1,4 @@
-- name: Check VPNC service status
+- name: Query VPNC service status
   when: not ansible_check_mode and runtime_is_exec.rc == 0 and runtime_is_ver.rc == 0
   command: "{{ vpnc_cli }} status {{ args_vpn_state_test_domains | map('regex_replace', '^(.*)$', '--domain \\1') | join(' ') }} --json"
   register: runtime_is_status
diff --git a/cli/ansible/tasks/connman_dhclient.yml b/cli/ansible/tasks/connman_dhclient.yml
@@ -0,0 +1,27 @@
+- name: Check is Connman
+  command: "which connmanctl"
+  register: runtime_is_connmand
+  ignore_errors: yes
+
+- name: Setup Connman DHCP Client
+  when: runtime_is_connmand.rc == 0
+  block:
+    - name: Restart VPN service
+      ansible.builtin.service:
+        name: "{{ vpnc_service }}"
+        state: started
+
+    - name: Query VPN status
+      command: "{{ vpnc_cli }} status --json"
+      register: runtime_dhcp_is_status
+      ignore_errors: yes
+
+    - name: Run dhclient if needed
+      when:
+        - runtime_dhcp_is_status.rc != 0
+        - (runtime_dhcp_is_status.stdout | from_json)['vpn_account']
+        - (runtime_dhcp_is_status.stdout | from_json)['vpn_pid'] > 0
+        - not (runtime_dhcp_is_status.stdout | from_json)['vpn_ip']
+      command: "dhclient --no-pid -v -nw vpn_{{ (runtime_dhcp_is_status.stdout | from_json)['vpn_account'] }}"
+  become: yes
+  become_method: sudo
diff --git a/cli/ansible/vars/global_vars.yml b/cli/ansible/vars/global_vars.yml
@@ -4,6 +4,7 @@ global_arch_mapping:
 
 vpn_corp: playio
 vpnc_cli: "{{ vpn_corp }}-vpnc"
+vpnc_service: "{{ vpn_corp }}-vpn"
 vpnc_artifact: playio-vpnc
 args_app_dir: /app
 args_vpnc_dir: "{{ args_app_dir }}/vpnclient"
diff --git a/cli/ansible/version.py b/cli/ansible/version.py
@@ -1,4 +1,4 @@
-APP_VERSION = '0.9.5'
+APP_VERSION = '0.10.0'
 HASH_VERSION = 'dev'
 
 print(f'vpnc-deployer {APP_VERSION}-{HASH_VERSION}')
diff --git a/cli/ansible/wf-vpnc-extend.yml b/cli/ansible/wf-vpnc-extend.yml
@@ -27,6 +27,9 @@
       vars:
         runtime_vpn_conn: "{{ resp_prepare_credential }}"
 
+    - name: Fix Connman DHClient if needed
+      include_tasks: tasks/connman_dhclient.yml
+
     - name: Validate VPNC state
       include_role:
         name: vpnc-state
diff --git a/cli/ansible/wf-vpnc-rollout.yml b/cli/ansible/wf-vpnc-rollout.yml
@@ -34,6 +34,9 @@
       include_role:
         name: vpnc-upgrade
 
+    - name: Fix Connman DHClient if needed
+      include_tasks: tasks/connman_dhclient.yml
+
     - name: Validate VPNC state
       when: wf_precondition_is_installed or wf_precondition_is_upgraded
       include_role:

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-- name: Check VPNC service status`
	`1`	`+- name: Query VPNC service status`
`2`	`2`	`when: not ansible_check_mode and runtime_is_exec.rc == 0 and runtime_is_ver.rc == 0`
`3`	`3`	`command: "{{ vpnc_cli }} status {{ args_vpn_state_test_domains \| map('regex_replace', '^(.*)$', '--domain \\1') \| join(' ') }} --json"`
`4`	`4`	`register: runtime_is_status`