From 4a23bc88ffcaad2cd9392f07c9e29869965aaa30 Mon Sep 17 00:00:00 2001 From: Major Hayden Date: Tue, 7 Feb 2017 14:33:10 -0600 Subject: [PATCH] Use async for RPM verification This patch runs the RPM verification asynchronously to speed up the playbook run. Change-Id: I7e114031cf81f89b6134614ebcff62edc5fafc65 --- tasks/rhel7stig/main.yml | 18 ++++++++++++++++++ tasks/rhel7stig/rpm.yml | 18 +++++++----------- 2 files changed, 25 insertions(+), 11 deletions(-) diff --git a/tasks/rhel7stig/main.yml b/tasks/rhel7stig/main.yml index a48faa8c..90e14fbd 100644 --- a/tasks/rhel7stig/main.yml +++ b/tasks/rhel7stig/main.yml @@ -31,6 +31,24 @@ tags: - always +# Multiple tasks will need the output of RPM verification, so let's do the +# lookup one time and then grep over the output in subsequent tasks. +- name: Verify all installed RPM packages + shell: "rpm -Va > {{ temp_dir }}/rpmverify.txt" + args: + warn: no + failed_when: False + changed_when: False + register: rpmverify_task + async: 300 + poll: 0 + when: + - not check_mode | bool + - ansible_os_family | lower == 'redhat' + tags: + - always + - skip_ansible_lint + # Package installations and removals must come first so that configuration # changes can be made later. - include: packages.yml diff --git a/tasks/rhel7stig/rpm.yml b/tasks/rhel7stig/rpm.yml index bde9b8b2..d467d170 100644 --- a/tasks/rhel7stig/rpm.yml +++ b/tasks/rhel7stig/rpm.yml @@ -13,20 +13,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Multiple tasks will need the output of RPM verification, so let's do the -# lookup one time and then grep over the output in subsequent tasks. -- name: Verify all installed RPM packages - shell: "rpm -Va > {{ temp_dir }}/rpmverify.txt" - args: - warn: no +- name: Ensure RPM verification task has finished + async_status: + jid: "{{ rpmverify_task.ansible_job_id }}" failed_when: False changed_when: False + register: job_result + until: job_result.finished + retries: 30 when: - - not check_mode | bool - - ansible_os_family | lower == 'redhat' - tags: - - always - - skip_ansible_lint + - not rpmverify_task | skipped - name: RHEL-07-010020 - Get files with invalid checksums (rpm) shell: "grep '^..5' {{ temp_dir }}/rpmverify.txt | awk '{ print $NF }'"