Updates to allow AWX and Ansible Tower to be used

tasks/cpm_clean.yml

@@ -2,43 +2,43 @@
 # tasks file for cpm_extract
 
 - name: Find all inf files
-  win_find:
+  ansible.windows.win_find:
     paths: "{{ cpm_installation_path }}\\Password Manager\\Logs"
     patterns: ['*.*']
   register: files_to_delete
 
 - name: Delete all inf files
-  win_file:
+  ansible.windows.win_file:
     path: "{{ item.path }}"
     state: absent
   with_items: "{{ files_to_delete.files }}"
 
 - name: Clean Windows\\Temp folder
-  win_find:
+  ansible.windows.win_find:
     paths: "C:\\Windows\\Temp"
     patterns: ['CPM*.*', 'InstallationAutomation*.*']
   register: files_to_delete
 
 - name: Delete temp folder
-  win_file:
+  ansible.windows.win_file:
     path: "{{ item.path }}"
     state: absent
   with_items: "{{ files_to_delete.files }}"
 
 - name: Keep installation automation folder
-  win_copy:
+  ansible.windows.win_copy:
     src: "{{ cpm_installationautomation_folder }}"
     dest: "{{ cpm_base_bin_drive }}\\Cyberark\\CPM"
     remote_src: True
   ignore_errors: yes
 
 - name: Delete extract folder
-  win_file:
+  ansible.windows.win_file:
     path: "{{ cpm_extract_folder }}"
     state: absent
 
 - name: Clean run History
-  win_shell: |
+  ansible.windows.win_shell: |
     try {
       $path = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU"
 
@@ -59,7 +59,7 @@
     exit 0
 
 - name: Clean event logs
-  win_shell: |
+  ansible.windows.win_shell: |
     try {
       wevtutil el | ForEach-Object { wevtutil cl "$_" }
     } catch {
@@ -68,7 +68,7 @@
     }
 
 - name: Clean recycle bin
-  win_shell: |
+  ansible.windows.win_shell: |
     try {
       $Recycler = (New-Object -ComObject Shell.Application).Namespace(0xa)
       $Recycler.items() | ForEach-Object { rm $_.path -Force -Recurse }

tasks/cpm_extract.yml

@@ -2,41 +2,42 @@
 # tasks file for cpm_extract
 
 - name: Create folder
-  win_file:
+  ansible.windows.win_file:
     path: "{{ cpm_extract_folder }}"
     state: directory
 
 - name: Copy CPM package from local source
-  win_copy:
+  ansible.windows.win_copy:
     src: "{{ cpm_zip_file_path }}"
     dest: "{{ cpm_extract_folder }}\\{{ cpm_artifact_name }}"
+    remote_src: "{{cpm_zip_file_unc}}" 
   register: st
 
-- fail:
+- ansible.builtin.fail:
     msg: "{{ cpm_zip_file_path }} not exists, failing..."
   when: not st.checksum
 
 - name: Check if package is valid using checksum
-  fail:
+  ansible.builtin.fail:
     msg: "Checksum does not match, please validate your package."
   when:
     - st.checksum != cpm_sha1_checksum
     - not cpm_ignore_checksum
 
 - name: Unzip the CPM package
-  win_unzip:
+  community.windows.win_unzip:
     src: "{{ cpm_extract_folder }}\\{{ cpm_artifact_name }}"
     dest: "{{ cpm_extract_folder }}"
   when: cpm_official
 
 - name: Create component folder
-  win_file:
+  ansible.windows.win_file:
     path: "{{ cpm_extract_folder }}\\{{ cpm_component_folder }}"
     state: directory
   when: not cpm_official
 
 - name: Unzip the CPM package
-  win_unzip:
+  community.windows.win_unzip:
     src: "{{ cpm_extract_folder }}\\{{ cpm_artifact_name }}"
     dest: "{{ cpm_extract_folder }}\\{{ cpm_component_folder }}"
   when: not cpm_official

tasks/cpm_hardening.yml

@@ -2,20 +2,20 @@
 # tasks file for cpm_hardening
 
 - name: Create user.ini file
-  win_file:
+  ansible.windows.win_file:
     path: "{{ cpm_installation_path }}\\Password Manager\\Vault\\user.ini"
     state: touch
 
 - name: Hardening Block
   block:
 
     - name: Set cpm_hardening_script in domain
-      set_fact:
+      ansible.builtin.set_fact:
         cpm_hardening_script: "CPM_In_Domain_Hardening.ps1"
       when: ansible_windows_domain_member
 
     - name: Run CPM hardening
-      win_shell: |
+      ansible.windows.win_shell: |
         $ErrorActionPreference = "SilentlyContinue"
         try {
           $Action = .\{{ cpm_hardening_script }}
@@ -35,17 +35,17 @@
         chdir: "{{ cpm_installationautomation_folder }}"
 
 - name: Validate CPM hardening and stop service
-  win_service:
+  ansible.windows.win_service:
     name: "{{ cpm_service_name }}"
     state: stopped
   register: cpm_service_info
 
 - name: Validate CPM scanner hardening and stop service
-  win_service:
+  ansible.windows.win_service:
     name: "{{ cpm_scanner_service_name }}"
     state: stopped
   register: cpm_scanner_service_info
 
-- set_fact:
+- ansible.builtin.set_fact:
     cpm_hardened: true
   when: cpm_service_info.username != "LocalSystem" and cpm_scanner_service_info.username != "LocalSystem"

tasks/cpm_install.yml

@@ -2,7 +2,7 @@
 # tasks file for cpm installation
 
 - name: Set installation folder on xml config file
-  win_shell: |
+  ansible.windows.win_shell: |
     try
     {
         ### This script set the install directory received from var in the install config file
@@ -23,7 +23,7 @@
   block:
 
     - name: Run CPM installation
-      win_shell: |
+      ansible.windows.win_shell: |
         Set-Location "{{ cpm_installationautomation_folder }}\Installation"
         #$ErrorActionPreference = "SilentlyContinue"
         $Action = .\CPMInstallation.ps1
@@ -38,13 +38,13 @@
         chdir: "{{ cpm_installationautomation_folder }}\\Installation"
 
     - name: Get log path for installation
-      win_shell: |
+      ansible.windows.win_shell: |
         $Result = Get-Content "{{ cpm_install_log }}"
         Write-Output $Result
       register: log_result
 
     - name: Fetch installation log from path
-      fetch:
+      ansible.builtin.fetch:
         src: '{{ item.logPath }}'
         dest: '{{ lookup("config", "DEFAULT_LOG_PATH") | dirname }}/cpm/{{ inventory_hostname }}_install.log'
         flat: yes
@@ -54,31 +54,31 @@
   rescue:
 
     - name: Rescue - Get log path for installation
-      win_shell: |
+      ansible.windows.win_shell: |
         $Result = Get-Content "{{ cpm_install_log }}"
         Write-Output $Result
       register: log_result
 
     - name: Rescue - Fetch installation log from path
-      fetch:
+      ansible.builtin.fetch:
         src: '{{ item.logPath }}'
         dest: '{{ lookup("config", "DEFAULT_LOG_PATH") | dirname }}/cpm/{{ inventory_hostname }}_install.log'
         flat: yes
       with_items:
         - "{{ log_result.stdout | from_json }}"
 
     - name: Rescue - Fail installation stage
-      fail:
+      ansible.builtin.fail:
         msg: 'ERROR: Installation failed. For more info check {{ lookup("config", "DEFAULT_LOG_PATH") | dirname }}/cpm/{{ inventory_hostname }}_install.log'
 
 - name: Get log path for installation
-  win_shell: |
+  ansible.windows.win_shell: |
     $Result = Get-Content "{{ cpm_install_log }}"
     Write-Output $Result
   register: log_result
 
 - name: Validate CPM installation
-  win_lineinfile:
+  community.windows.win_lineinfile:
     path: '{{ item.logPath }}'
     regexp: 'Operation Succeeded'
     state: present
@@ -87,15 +87,15 @@
     - "{{ log_result.stdout | from_json }}"
 
 - name: Check if CPM service created successfully
-  win_service:
+  ansible.windows.win_service:
     name: "{{ cpm_service_name }}"
   register: cpm_service_info
 
 - name: Check if CPM scanner created successfully
-  win_service:
+  ansible.windows.win_service:
     name: "{{ cpm_scanner_service_name }}"
   register: cpm_scanner_service_info
 
-- set_fact:
+- ansible.builtin.set_fact:
     cpm_exists: "{{ cpm_service_info.exists }}"
     cpm_scanner_exists: "{{ cpm_scanner_service_info.exists }}"

tasks/cpm_prerequisites.yml

@@ -5,7 +5,7 @@
   block:
 
     - name: Run CPM prerequisites
-      win_shell: |
+      ansible.windows.win_shell: |
         $ErrorActionPreference = "SilentlyContinue"
         $Action = .\CPM_PreInstallation.ps1
         $Action | Out-File -FilePath "{{ cpm_prerequisites_log }}"
@@ -19,13 +19,13 @@
         chdir: "{{ cpm_installationautomation_folder }}"
 
     - name: Get log path for prerequisites
-      win_shell: |
+      ansible.windows.win_shell: |
         $Result = Get-Content "{{ cpm_prerequisites_log }}"
         Write-Output $Result
       register: log_result
 
     - name: Fetch prerequisites log from path
-      fetch:
+      ansible.builtin.fetch:
         src: '{{ item.logPath }}'
         dest: '{{ lookup("config", "DEFAULT_LOG_PATH") | dirname }}/cpm/{{ inventory_hostname }}_prerequisites.log'
         flat: yes
@@ -35,19 +35,19 @@
   rescue:
 
     - name: Rescue - Get log path for prerequisites
-      win_shell: |
+      ansible.windows.win_shell: |
         $Result = Get-Content "{{ cpm_prerequisites_log }}"
         Write-Output $Result
       register: log_result
 
     - name: Rescue - Fetch prerequisites log from path
-      fetch:
+      ansible.builtin.fetch:
         src: '{{ item.logPath }}'
         dest: '{{ lookup("config", "DEFAULT_LOG_PATH") | dirname }}/cpm/{{ inventory_hostname }}_prerequisites.log'
         flat: yes
       with_items:
         - "{{ log_result.stdout | from_json }}"
 
     - name: Rescue - Fail prerequisites stage
-      fail:
+      ansible.builtin.fail:
         msg: 'ERROR: Pre Prerequisites failed. For more info check {{ lookup("config", "DEFAULT_LOG_PATH") | dirname }}/cpm/{{ inventory_hostname }}_prerequisites.log'