Implements Task 9. Version-guarded (no-op when already >= switch_firmware_target, as crs310-maker is at 7.19.6). Upgrade steps grouped in a block; reboot uses ignore_unreachable + wait_for_connection instead of ignore_errors so it stays lint-clean under the production profile. Syntax + lint only; not run (opt-in). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
48 lines
1.7 KiB
YAML
48 lines
1.7 KiB
YAML
---
|
|
# Opt-in RouterOS + RouterBOOT upgrade to switch_firmware_target.
|
|
# Disabled by default (switch_firmware_enabled: false). Upgrades REBOOT the switch,
|
|
# so run deliberately with a recovery channel open. Naturally a no-op when the device
|
|
# is already at or above the target version (the version guard skips every step).
|
|
|
|
- name: Assert a firmware target is set
|
|
ansible.builtin.assert:
|
|
that:
|
|
- switch_firmware_target | length > 0
|
|
fail_msg: >-
|
|
switch_firmware_target must be set in host_vars to run firmware upgrades.
|
|
|
|
- name: Gather RouterOS facts (current version)
|
|
community.routeros.facts:
|
|
|
|
- name: Upgrade RouterOS to the target and reboot
|
|
when: ansible_net_version is version(switch_firmware_target, '<')
|
|
block:
|
|
- name: Install the target RouterOS package from the stable channel
|
|
community.routeros.command:
|
|
commands:
|
|
- /system/package/update/set channel=stable
|
|
- /system/package/update/install
|
|
changed_when: true
|
|
|
|
- name: Wait for the switch to reboot and come back
|
|
ansible.builtin.wait_for_connection:
|
|
delay: 30
|
|
timeout: 300
|
|
|
|
- name: Upgrade RouterBOOT to match the installed RouterOS
|
|
community.routeros.command:
|
|
commands:
|
|
- /system/routerboard/upgrade
|
|
changed_when: true
|
|
|
|
- name: Reboot to apply the RouterBOOT upgrade
|
|
community.routeros.command:
|
|
commands:
|
|
- /system/reboot
|
|
changed_when: true
|
|
ignore_unreachable: true # connection drops on reboot; expected
|
|
|
|
- name: Wait for the switch to come back after the RouterBOOT reboot
|
|
ansible.builtin.wait_for_connection:
|
|
delay: 30
|
|
timeout: 300
|