common: s/http/https in apt sources as outbound port 80 is blocked in Sepia

Signed-off-by: David Galloway <david.galloway@ibm.com>

diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index 30e2a52dab0adfb5397271c8ec761248f340c028..72534de6c9ed7c5fee4125420455ba83f599d0b7 100644 (file)
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -5,3 +5,7 @@
     state: restarted
   # There's an issue with ansible<=2.9 and our custom built kernels (5.8 as of this commit) where the service and systemd modules don't have backwards compatibility with init scripts
   ignore_errors: "{{ 'ceph' in ansible_kernel }}"
+
+- name: apt update
+  ansible.builtin.apt:
+    update_cache: yes

diff --git a/roles/common/tasks/apt_systems.yml b/roles/common/tasks/apt_systems.yml
index 824b1333350ee9290ba88a7a1dfe99a836b17b46..a0987925315d3584bb9fd7258618cee942763bb5 100644 (file)
--- a/roles/common/tasks/apt_systems.yml
+++ b/roles/common/tasks/apt_systems.yml
@@ -57,3 +57,24 @@
     state: present
   when:
     - ansible_distribution_major_version|int >= 24
+
+# Outbound port 80 traffic is blocked in Sepia
+- name: Find apt source list files
+  ansible.builtin.find:
+    paths:
+      - /etc/apt
+      - /etc/apt/sources.list.d
+    patterns:
+      - sources.list
+      - "*.list"
+    file_type: file
+  register: apt_source_files
+
+- name: Replace http with https in apt sources
+  ansible.builtin.replace:
+    path: "{{ item.path }}"
+    regexp: '(^\s*deb(?:-src)?\s+)(http://)'
+    replace: '\1https://'
+    backup: yes
+  loop: "{{ apt_source_files.files }}"
+  notify: apt update