Added support for optional JCE installation. (William-Yeh#23)

Author: verhage

README.md

@@ -2,8 +2,7 @@
 williamyeh.oracle-java for Ansible Galaxy
 ============
 
-
-[![Circle CI](https://circleci.com/gh/William-Yeh/ansible-oracle-java.svg?style=shield)](https://circleci.com/gh/William-Yeh/ansible-oracle-java) [![Build Status](https://travis-ci.org/William-Yeh/ansible-oracle-java.svg?branch=master)](https://travis-ci.org/William-Yeh/ansible-oracle-java)
+[![Circle CI](https://circleci.com/gh/verhage/ansible-oracle-java/tree/master.svg?style=svg)](https://circleci.com/gh/verhage/ansible-oracle-java/tree/master) [![Build Status](https://travis-ci.org/verhage/ansible-oracle-java.svg?branch=master)](https://travis-ci.org/verhage/ansible-oracle-java)
 
 ## Summary
 
@@ -12,6 +11,7 @@ Role name in Ansible Galaxy: **[williamyeh.oracle-java](https://galaxy.ansible.c
 This Ansible role has the following features for Oracle JDK:
 
  - Install JDK 7 or 8 version.
+ - Install optional Java Cryptography Extensions (JCE)
  - Install for CentOS and Debian/Ubuntu families.
 
 If you prefer OpenJDK, try alternatives such as [smola.java](https://galaxy.ansible.com/smola/java/) or [geerlingguy.java](https://galaxy.ansible.com/geerlingguy/java/).
@@ -45,6 +45,9 @@ java_download_from_oracle: true
 
 # remove temporary downloaded files?
 java_remove_download: true
+
+# install JCE?
+java_install_jce: false
 ```
 
 For other configurable internals, read `tasks/set-role-variables.yml` file; for example, supported `java_version`/`java_subversion` combinations.
@@ -104,8 +107,6 @@ To do this, put the file on the `{{ playbook_dir }}/files` directory in advance,
 
 ## Dependencies
 
-None.
-
 
 ## License
 

circle.yml

@@ -39,5 +39,6 @@ test:
     - sh -c "[ -s result-centos7     ]"
     - sh -c "[ -s result-centos6     ]"
 
-    - echo "==> Saving .rpm and .tar.gz to CircleCI for reference..."
+    - echo "==> Saving artifacts to CircleCI for reference..."
     - cp files/jdk-* $CIRCLE_ARTIFACTS
+    - cp files/*.zip $CIRCLE_ARTIFACTS

defaults/main.yml

@@ -16,3 +16,4 @@ java_subversion: 77
 java_download_path: /tmp
 java_download_from_oracle: true
 java_remove_download: true
+java_install_jce: false

prefetch.yml

@@ -13,3 +13,4 @@
     - java_version: 8
     - java_subversion: 77
     - java_download_path: /tmp
+    - java_install_jce: true

tasks/fetch.yml

@@ -15,3 +15,10 @@
     headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
     dest:    "{{ java_download_path }}/{{ jdk_tarball_file }}.tar.gz"
   when: ansible_pkg_mgr != "yum"
+
+- name: get JCE
+  get_url:
+    url:     "{{ jce_zip_url }}"
+    headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
+    dest:    "{{ java_download_path }}/{{ jce_zip_file }}"
+  when: java_install_jce

tasks/install.yml

@@ -22,6 +22,12 @@
         dest: "{{ java_download_path }}/{{ jdk_tarball_file }}.tar.gz"
       when: ansible_pkg_mgr != "yum"
 
+    - name: copy JCE zip from local
+      copy:
+        src: "{{ playbook_dir }}/files/{{ jce_zip_file }}"
+        dest: "{{ java_download_path }}/{{ jce_zip_file }}"
+      when: java_install_jce
+
   when: not java_download_from_oracle 
 
 
@@ -30,10 +36,13 @@
   include: use-rpm.yml
   when: ansible_pkg_mgr == "yum"
 
-- name: delegate to raw tarball installation
+- name: delegate to raw tarball installation process
   include: use-tarball.yml
   when: ansible_pkg_mgr != "yum"
 
+- name: delegate to JCE zip installation process
+  include: install_jce.yml
+  when: java_install_jce
 
 
 - name: link /usr/java/default
@@ -64,5 +73,7 @@
     - "{{ java_download_path }}/{{ jdk_tarball_file }}.rpm"
     - "{{ java_download_path }}/{{ jdk_tarball_file }}.tar.gz"
     - "{{ java_download_path }}/check-tarball-installed.sh"
+    - "{{ java_download_path }}/{{ jce_zip_file }}"
+    - "{{ java_download_path }}/{{ jce_zip_folder }}"
   ignore_errors: true
   when: java_remove_download

tasks/install_jce.yml

@@ -0,0 +1,24 @@
+---
+# Installation script for Java Cryptography Extensions (JCE)
+
+- name: install unzip
+  package: name=unzip state=present
+
+- name: unzip JCE
+  unarchive:
+    src: "{{ java_download_path }}/{{ jce_zip_file }}"
+    dest: "{{ java_download_path }}"
+    copy: no
+
+- name: install local_policy.jar
+  copy:
+    src: "{{ java_download_path }}/{{ jce_zip_folder }}/local_policy.jar"
+    dest: "/usr/java/jdk{{ jdk_version }}/jre/lib/security/local_policy.jar"
+    remote_src: True
+
+- name: install US_export_policy.jar
+  copy:
+    src: "{{ java_download_path }}/{{ jce_zip_folder }}/US_export_policy.jar"
+    dest: "/usr/java/jdk{{ jdk_version }}/jre/lib/security/US_export_policy.jar"
+    remote_src: True
+

tasks/main.yml

@@ -11,6 +11,10 @@
   fail: msg="ERROR - required variable 'java_subversion' missing."
   when: java_subversion is not defined
 
+- name: precondition - java_install_jce
+  fail: msg="ERROR - required variable 'java_install_jce' missing."
+  when: java_install_jce is not defined
+
 - include: set-role-variables.yml
 
 

tasks/set-role-variables.yml

@@ -70,6 +70,17 @@
     jdk_tarball_url:  http://download.oracle.com/otn-pub/java/jdk/8u31-b13/jdk-8u31-linux-{{ jdk_arch }}
   when: java_version == 8 and java_subversion == 31
 
+- name: set JCE zip to use for 1.8.x JCE
+  set_fact:
+    jce_zip_file: jce_policy-8.zip
+    jce_zip_folder: UnlimitedJCEPolicyJDK8
+  when: java_version == 8 and java_install_jce
+
+- name: set internal vars for 1.8.x JCE
+  set_fact:
+    jce_zip_url:    http://download.oracle.com/otn-pub/java/jce/8/{{ jce_zip_file }}
+  when: java_version == 8 and java_install_jce
+
 
 
 
@@ -86,3 +97,14 @@
     jdk_tarball_file: jdk-7u75-linux-{{ jdk_arch }}
     jdk_tarball_url:  http://download.oracle.com/otn-pub/java/jdk/7u75-b13/jdk-7u75-linux-{{ jdk_arch }}
   when: java_version == 7 and java_subversion == 75
+
+- name: set JCE zip file to use for 1.7.x JCE
+  set_fact:
+    jce_zip_file: UnlimitedJCEPolicyJDK7.zip
+    jce_zip_folder: UnlimitedJCEPolicy
+  when: java_version == 7 and java_install_jce
+
+- name: set internal vars for 1.7.x JCE
+  set_fact:
+    jce_zip_url:    http://download.oracle.com/otn-pub/java/jce/7/{{ jce_zip_file }}
+  when: java_version == 7 and java_install_jce

test.yml

@@ -1,3 +1,4 @@
+---
 - hosts: all
   become: yes
   become_method: sudo
@@ -9,3 +10,4 @@
   vars:
     #java_version: 8
     #java_subversion: 77
+    java_install_jce: true