WIP3

roles/oatakan.windows_virtio/.ansible-lint

@@ -0,0 +1,2 @@
+skip_list:
+  - '204'

roles/oatakan.windows_virtio/.travis.yml

@@ -0,0 +1,29 @@
+---
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: false
+
+# Install ansible
+addons:
+  apt:
+    packages:
+    - python-pip
+
+install:
+  # Install ansible
+  - pip install ansible
+
+  # Check ansible version
+  - ansible --version
+
+  # Create ansible.cfg with correct roles_path
+  - printf '[defaults]\nroles_path=../' >ansible.cfg
+
+script:
+  # Basic role syntax check
+  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

roles/oatakan.windows_virtio/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Orcun Atakan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

roles/oatakan.windows_virtio/README.md

@@ -0,0 +1,37 @@
+# windows_virtio
+This repo contains an Ansible role that installs virtio drivers on Windows images.
+Role Name
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - oatakan.windows_virtio
+
+License
+-------
+
+MIT
+
+Author Information
+------------------
+
+Orcun Atakan

roles/oatakan.windows_virtio/defaults/main.yml

@@ -0,0 +1,26 @@
+---
+
+# this takes precedence, if a mounted drive is provided, we'll install from there
+virtio_iso_mount_drive: ''
+
+virtio_changelog_url: https://fedorapeople.org/groups/virt/virtio-win/CHANGELOG
+virtio_changelog_query: '(\d+).(\d+).(\d+)-(\d+)'
+virtio_win_iso_url: "https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/archive-virtio/virtio-win-{{ virtio_version }}/virtio-win.iso"
+virtio_win_iso_name: virtio-win.iso
+virtio_win_ovirt: false
+virtio_win_facts: "{{ ansible_env.SystemDrive }}\\{{ source_of_supply_name | default('Support') }}\\facts.d"
+
+virtio_driver_directory: >-
+      {% if 'Windows Server 2019' in ansible_distribution -%}
+        {% set virt_dir = '2k19' %}
+      {% elif 'Windows Server 2016' in ansible_distribution -%}
+        {% set virt_dir = '2k16' %}
+      {% elif 'Windows Server 2012 R2' in ansible_distribution -%}
+        {% set virt_dir = '2k12R2' %}
+      {% elif 'Windows Server 2008 R2' in ansible_distribution -%}
+        {% set virt_dir = '2k8R2' %}
+      {% elif 'Windows 10' in ansible_distribution -%}
+        {% set virt_dir = 'w10' %}
+      {% else -%}
+        {% set virt_dir = 'w10' %}
+      {%- endif %}{{ virt_dir }}

roles/oatakan.windows_virtio/handlers/main.yml

@@ -0,0 +1,18 @@
+---
+
+- name: Unmount
+  win_disk_image:
+    image_path: "{{ ansible_env.TEMP }}\\{{ virtio_win_iso_name }}"
+    state: absent
+  when: win_disk_image.mount_path is defined
+
+- name: Delete downloaded
+  win_file:
+    path: "{{ item }}"
+    state: absent
+  when: virtio_iso_mount_drive | length == 0
+  with_items:
+    - "{{ ansible_env.TEMP }}\\redhat_balloon.cer"
+    - "{{ ansible_env.TEMP }}\\redhat_qxldod.cer"
+    - "{{ ansible_env.TEMP }}\\{{ virtio_win_iso_name }}"
+    - "{{ ansible_env.TEMP }}\\virtio_iso_extract"

roles/oatakan.windows_virtio/meta/.galaxy_install_info

@@ -0,0 +1,2 @@
+install_date: Wed Jun 24 18:44:36 2020
+version: master

roles/oatakan.windows_virtio/meta/main.yml

@@ -0,0 +1,29 @@
+---
+galaxy_info:
+  author: Orcun Atakan
+  description: Ansible galaxy role for installing virtio drivers on Windows images.
+  role_name: windows_virtio
+  company: Red Hat
+
+  license: MIT
+
+  min_ansible_version: 2.5
+
+  platforms:
+    - name: Windows
+      versions:
+        - all
+
+  cloud_platforms:
+    - ovirt
+
+  galaxy_tags:
+    - windows
+    - ovirt
+    - rhev
+    - rhv
+    - kvm
+    - cloud
+    - multicloud
+
+dependencies: []

roles/oatakan.windows_virtio/tasks/download.yml

@@ -0,0 +1,23 @@
+---
+
+- name: Download {{ virtio_win_iso_name }}
+  win_get_url:
+    url: '{{ virtio_win_iso_url }}'
+    force: false
+    dest: '{{ ansible_env.TEMP }}\{{ virtio_win_iso_name }}'
+  notify:
+    - Delete downloaded
+
+- name: Mount {{ virtio_win_iso_name }}
+  win_disk_image:
+    image_path: '{{ ansible_env.TEMP }}\{{ virtio_win_iso_name }}'
+  register: win_disk_image
+  until: win_disk_image is success
+  delay: 3
+  retries: 5
+  notify:
+    - Unmount
+  when: ('Windows Server 2008' not in ansible_distribution)
+
+- include_tasks: extract_iso.yml
+  when: ('Windows Server 2008' in ansible_distribution)

roles/oatakan.windows_virtio/tasks/extract_iso.yml

@@ -0,0 +1,20 @@
+---
+
+- name: Install 7-zip
+  win_chocolatey:
+    name: 7zip
+    state: present
+
+- name: Ensure temp directory exists for iso
+  win_file:
+    path: '{{ ansible_env.TEMP }}\virtio_iso_extract'
+    state: directory
+
+- name: Extract iso
+  win_shell: >
+    7z.exe x -y '{{ ansible_env.TEMP }}\{{ virtio_win_iso_name }}' -o'{{ ansible_env.TEMP }}\virtio_iso_extract'
+
+- name: Remove 7-zip
+  win_chocolatey:
+    name: 7zip
+    state: absent

roles/oatakan.windows_virtio/tasks/install.yml

@@ -0,0 +1,33 @@
+---
+
+- name: Set the virtio_win_iso_path and virtio_win_virtio_path
+  set_fact:
+    virtio_win_iso_path: '{{ win_disk_image.mount_path | default(virtio_iso_mount_drive) }}'
+    virtio_win_virtio_path: "{{ (win_disk_image.mount_path | default(virtio_iso_mount_drive)) + '\\virtio' if virtio_win_ovirt else (win_disk_image.mount_path | default(virtio_iso_mount_drive)) }}"
+    virtio_win_iso_name: "{{ virtio_win_iso_name }}"
+  when:
+    - virtio_iso_mount_drive | length > 0 or ('Windows Server 2008' not in ansible_distribution)
+
+- name: Set the virtio_win_iso_path and virtio_win_virtio_path
+  set_fact:
+    virtio_win_iso_path: '{{ ansible_env.TEMP }}\virtio_iso_extract'
+    virtio_win_virtio_path: "{{ ansible_env.TEMP + '\\virtio_iso_extract\\virtio' if virtio_win_ovirt else ansible_env.TEMP + '\\virtio_iso_extract' }}"
+    virtio_win_iso_name: "{{ virtio_win_iso_name }}"
+  when:
+    - virtio_iso_mount_drive | length == 0
+    - ('Windows Server 2008' in ansible_distribution)
+
+- name: Get list of all drivers
+  win_command: driverquery /V
+  changed_when: false
+  register: driver_list
+
+- name: Check if Red Hat certificate is not already installed
+  win_shell: 'Get-ChildItem -Path Cert:\LocalMachine\TrustedPublisher'
+  changed_when: false
+  register: cert_check
+
+- include_tasks: install_cert.yml
+  when: cert_check.stdout is not search("Red Hat")
+
+- include_tasks: install_drivers.yml

roles/oatakan.windows_virtio/tasks/install_cert.yml

@@ -0,0 +1,22 @@
+---
+
+- name: Export Cert from qxldod
+  win_shell: '$cert = (Get-AuthenticodeSignature "{{ virtio_win_virtio_path }}\qxldod\{{ virtio_driver_directory }}\amd64\qxldod.cat").SignerCertificate; [System.IO.File]::WriteAllBytes("{{ ansible_env.TEMP }}\redhat_qxldod.cer", $cert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert));'
+  when: virtio_driver_directory != '2k8R2'
+
+- name: Export Cert from qxl
+  win_shell: '$cert = (Get-AuthenticodeSignature "{{ virtio_win_virtio_path }}\qxl\{{ virtio_driver_directory }}\amd64\qxl.cat").SignerCertificate; [System.IO.File]::WriteAllBytes("{{ ansible_env.TEMP }}\redhat_qxldod.cer", $cert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert));'
+  when: virtio_driver_directory == '2k8R2'
+
+- name: Export Cert from balloon
+  win_shell: '$cert = (Get-AuthenticodeSignature "{{ virtio_win_virtio_path }}\Balloon\{{ virtio_driver_directory }}\amd64\blnsvr.exe").SignerCertificate; [System.IO.File]::WriteAllBytes("{{ ansible_env.TEMP }}\redhat_balloon.cer", $cert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert));'
+
+- name: Install RH certificate (qxldod) to TrustedPublisher certificate store
+  win_command: 'certutil.exe -f -addstore "TrustedPublisher" {{ ansible_env.TEMP }}\redhat_qxldod.cer'
+  notify:
+    - Delete downloaded
+
+- name: Install RH certificate (Balloon) to TrustedPublisher certificate store
+  win_command: 'certutil.exe -f -addstore "TrustedPublisher" {{ ansible_env.TEMP }}\redhat_balloon.cer'
+  notify:
+    - Delete downloaded

roles/oatakan.windows_virtio/tasks/install_drivers.yml

@@ -0,0 +1,45 @@
+---
+
+- name: Install the Virtio Network Driver (netkvm)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\NetKVM\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when: driver_list.stdout is not search("netkvm")
+
+- name: Install the Virtio Block Driver (viostor)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\viostor\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when: driver_list.stdout is not search("viostor")
+
+- name: Install the QXL Graphics Driver (qxldod)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\qxldod\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when:
+    - driver_list.stdout is not search("qxldod")
+    - virtio_driver_directory != '2k8R2'
+
+- name: Install the QXL Graphics Driver (qxl)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\qxl\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when:
+    - driver_list.stdout is not search("qxl")
+    - virtio_driver_directory == '2k8R2'
+
+- name: Install the Balloon Driver (Balloon)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\Balloon\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when: driver_list.stdout is not search("balloon")
+
+- name: Install Virtio RNG driver (viorng)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\viorng\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when: driver_list.stdout is not search("viorng")
+
+- name: Install Virtio serial driver (vioserial)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\vioserial\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when: driver_list.stdout is not search("vioser")
+
+- name: Install Virtio Input driver (vioinput)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\vioinput\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when: driver_list.stdout is not search("vioinput")
+
+- name: Install Virtio SCSI Passthrough driver (vioscsi)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\vioscsi\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when: driver_list.stdout is not search("vioscsi")
+
+- name: Install pvpanic device driver (pvpanic)
+  win_command: "pnputil -i -a \"{{ virtio_win_virtio_path }}\\pvpanic\\{{ virtio_driver_directory }}\\{{ ansible_env.PROCESSOR_ARCHITECTURE | lower }}\\*.inf\""
+  when: driver_list.stdout is not search("pvpanic")

roles/oatakan.windows_virtio/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+
+- name: check new version of virtio
+  uri:
+    url: "{{ virtio_changelog_url }}"
+    return_content: true
+    validate_certs: no
+  register: register_virtio_changelog
+  ignore_errors: yes
+  delegate_to: localhost
+  become: no
+  vars:
+    ansible_connection: local
+
+- name: set virtio version facts
+  set_fact:
+    virtio_version: "{{ register_virtio_changelog.content | regex_search(virtio_changelog_query) | default('0.0') }}"
+
+- include_tasks: download.yml
+  when:
+    - virtio_iso_mount_drive | length == 0
+    - (ansible_virtio_version | default()) != virtio_version
+
+- include_tasks: install.yml
+  when: virtio_iso_mount_drive | length > 0 or (ansible_virtio_version | default()) != virtio_version

roles/oatakan.windows_virtio/tests/inventory

@@ -0,0 +1 @@
+localhost

roles/oatakan.windows_virtio/tests/test.yml

@@ -0,0 +1,10 @@
+---
+- hosts: localhost
+  remote_user: Administrator
+  vars:
+    ansible_port: 5986
+    ansible_connection: winrm
+    ansible_winrm_transport: credssp
+    ansible_winrm_server_cert_validation: ignore
+  roles:
+    - oatakan.windows_virtio