From 8a33248154b404401deed05387ec545abeb75beb Mon Sep 17 00:00:00 2001 From: root Date: Tue, 2 Jul 2024 12:39:26 +0530 Subject: [PATCH] support-token-user/pass Signed-off-by: root --- roles/bmc_fw_update/tasks/main.yml | 174 +++++++++++++++++++---------- 1 file changed, 114 insertions(+), 60 deletions(-) diff --git a/roles/bmc_fw_update/tasks/main.yml b/roles/bmc_fw_update/tasks/main.yml index f5c133a..efc029b 100644 --- a/roles/bmc_fw_update/tasks/main.yml +++ b/roles/bmc_fw_update/tasks/main.yml @@ -14,7 +14,7 @@ ansible.builtin.fail: msg: "{{ bmc_fw_update_mutual_exclusive_msg }}" when: - - ((dpu_bmc_username is defined or dpu_bmc_password is defined) and dpu_bmc_token is defined) + - (dpu_bmc_username is defined or dpu_bmc_password is defined) and (dpu_bmc_token is defined) - name: Get Firmware Inventory ansible.builtin.include_role: @@ -43,61 +43,119 @@ delegate_to: "{{ bmc_fw_update_delegate }}" when: not bmc_fw_update_local_file_check.stat.exists -# Consider replace with 'GetFirmwareUpdateCapabilities' when available -- name: Check multipart support - ansible.builtin.uri: - url: "https://{{ inventory_hostname }}/redfish/v1/UpdateService" - method: GET - return_content: true - status_code: 200 - body_format: json - url_username: "{{ dpu_bmc_username }}" - url_password: "{{ dpu_bmc_password }}" - force_basic_auth: true - validate_certs: false - delegate_to: "{{ bmc_fw_update_delegate }}" - register: bmc_fw_update_multipart_check - -# Deprecated method -- name: Update BMC firmware of DPU using deprecated HttpPushUri - when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is not defined - ansible.builtin.uri: - url: "https://{{ inventory_hostname }}{{ bmc_fw_update_multipart_check.json.HttpPushUri }}" - method: POST - status_code: [200, 202] - src: "{{ bmc_fw_update_image_file }}" - headers: - Content-Type: application/octet-stream - url_username: "{{ dpu_bmc_username }}" - url_password: "{{ dpu_bmc_password }}" - force_basic_auth: true - validate_certs: false - delegate_to: "{{ bmc_fw_update_delegate }}" - register: bmc_fw_update_depecated_http_push - -- name: Extract task id from update task - when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is not defined - ansible.builtin.set_fact: - bmc_firmware_update_taskid: '{{ bmc_fw_update_depecated_http_push.location | urlsplit("path") }}' - -- name: Update BMC firmware of DPU - when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is defined - community.general.redfish_command: - category: Update - command: MultipartHTTPPushUpdate - baseuri: "{{ inventory_hostname }}" - username: "{{ dpu_bmc_username }}" - password: "{{ dpu_bmc_password }}" - # auth_token: "{{ dpu_bmc_token }}" - timeout: 600 - update_image_file: "{{ bmc_fw_update_image_file }}" - register: result_update_task - delegate_to: "{{ bmc_fw_update_delegate }}" - -- name: Extract task id from update task - when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is defined - ansible.builtin.set_fact: - bmc_firmware_update_taskid: "{{ result_update_task.return_values.update_status.handle }}" +# Check multipart support with user/pass authentication +- block: + - name: Check multipart support using user/pass + ansible.builtin.uri: + url: "https://{{ inventory_hostname }}/redfish/v1/UpdateService" + method: GET + return_content: true + status_code: 200 + body_format: json + url_username: "{{ dpu_bmc_username }}" + url_password: "{{ dpu_bmc_password }}" + force_basic_auth: true + validate_certs: false + delegate_to: "{{ bmc_fw_update_delegate }}" + register: bmc_fw_update_multipart_check + + # Deprecated method with user/pass + - name: Update BMC firmware of DPU using deprecated HttpPushUri with user/pass + when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is not defined + ansible.builtin.uri: + url: "https://{{ inventory_hostname }}{{ bmc_fw_update_multipart_check.json.HttpPushUri }}" + method: POST + status_code: [200, 202] + src: "{{ bmc_fw_update_image_file }}" + headers: + Content-Type: application/octet-stream + url_username: "{{ dpu_bmc_username }}" + url_password: "{{ dpu_bmc_password }}" + force_basic_auth: true + validate_certs: false + delegate_to: "{{ bmc_fw_update_delegate }}" + register: bmc_fw_update_depecated_http_push + + - name: Extract task id from update task with user/pass + when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is not defined + ansible.builtin.set_fact: + bmc_firmware_update_taskid: '{{ bmc_fw_update_depecated_http_push.location | urlsplit("path") }}' + + # Update BMC firmware with user/pass + - name: Update BMC firmware of DPU with user/pass + when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is defined + community.general.redfish_command: + category: Update + command: MultipartHTTPPushUpdate + baseuri: "{{ inventory_hostname }}" + username: "{{ dpu_bmc_username }}" + password: "{{ dpu_bmc_password }}" + timeout: 600 + update_image_file: "{{ bmc_fw_update_image_file }}" + register: result_update_task + delegate_to: "{{ bmc_fw_update_delegate }}" + + - name: Extract task id from update task with user/pass + when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is defined + ansible.builtin.set_fact: + bmc_firmware_update_taskid: "{{ result_update_task.return_values.update_status.handle }}" + + when: dpu_bmc_username is defined and dpu_bmc_password is defined + +# Check multipart support with token authentication +- block: + - name: Check multipart support using token + ansible.builtin.uri: + url: "https://{{ inventory_hostname }}/redfish/v1/UpdateService" + method: GET + return_content: true + status_code: 200 + body_format: json + headers: + X-Auth-Token: "{{ dpu_bmc_token }}" + validate_certs: false + delegate_to: "{{ bmc_fw_update_delegate }}" + register: bmc_fw_update_multipart_check + + # Deprecated method with token + - name: Update BMC firmware of DPU using deprecated HttpPushUri with token + when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is not defined + ansible.builtin.uri: + url: "https://{{ inventory_hostname }}{{ bmc_fw_update_multipart_check.json.HttpPushUri }}" + method: POST + status_code: [200, 202] + src: "{{ bmc_fw_update_image_file }}" + headers: + Content-Type: application/octet-stream + X-Auth-Token: "{{ dpu_bmc_token }}" + validate_certs: false + delegate_to: "{{ bmc_fw_update_delegate }}" + register: bmc_fw_update_depecated_http_push + + - name: Extract task id from update task with token + when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is not defined + ansible.builtin.set_fact: + bmc_firmware_update_taskid: '{{ bmc_fw_update_depecated_http_push.location | urlsplit("path") }}' + + # Update BMC firmware with token + - name: Update BMC firmware of DPU with token + when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is defined + community.general.redfish_command: + category: Update + command: MultipartHTTPPushUpdate + baseuri: "{{ inventory_hostname }}" + auth_token: "{{ dpu_bmc_token }}" + timeout: 600 + update_image_file: "{{ bmc_fw_update_image_file }}" + register: result_update_task + delegate_to: "{{ bmc_fw_update_delegate }}" + + - name: Extract task id from update task with token + when: bmc_fw_update_multipart_check.json.MultipartHttpPushUri is defined + ansible.builtin.set_fact: + bmc_firmware_update_taskid: "{{ result_update_task.return_values.update_status.handle }}" + + when: dpu_bmc_token is defined - name: Print TASK id for tracking ansible.builtin.debug: @@ -113,10 +171,6 @@ category: Update command: GetUpdateStatus baseuri: "{{ inventory_hostname }}" - username: "{{ dpu_bmc_username }}" - password: "{{ dpu_bmc_password }}" - # auth_token: "{{ dpu_bmc_token }}" - update_handle: "{{ bmc_firmware_update_taskid }}" register: update_progress until: update_progress.redfish_facts.update_status.status != 'Running' retries: 60