From db1f99414c42b0f7f887b1e44d8523446394c2a6 Mon Sep 17 00:00:00 2001
From: Bas Meijer <bas.meijer@enexis.nl>
Date: Mon, 18 Dec 2023 21:25:41 +0100
Subject: [PATCH 1/4] JA-7492- Fixed a security issue whereby, interacting with
 specially crafted URLs could lead to exposure of sensitive information.

---
 .../jfrog/platform/roles/artifactory/defaults/main.yml        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml
index 817e5acd..89f8d5a1 100644
--- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml
+++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml
@@ -1,7 +1,7 @@
 # Defaults file for artifactory
 
 # The version of artifactory to install
-artifactory_version: 7.71.5
+artifactory_version: 7.71.8
 
 # Set this to true when SSL is enabled (to use artifactory_nginx_ssl role), default to false (implies artifactory uses artifactory_nginx role )
 artifactory_nginx_ssl_enabled: false
@@ -112,4 +112,4 @@ artifactory_binarystore: |-
 artifactory_systemyaml_override: false
 
 # Allow artifactory user to create crontab rules
-artifactory_allow_crontab: false
\ No newline at end of file
+artifactory_allow_crontab: false

From 147eeae3b448549e4a825d76256f33ebefed7e0c Mon Sep 17 00:00:00 2001
From: Bas Meijer <bas.meijer@enexis.nl>
Date: Mon, 18 Dec 2023 21:28:04 +0100
Subject: [PATCH 2/4] Version 7.71.8 of Artifactory

---
 Ansible/ansible_collections/jfrog/platform/CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md b/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md
index 7c24184a..40f4ffcc 100644
--- a/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md
+++ b/Ansible/ansible_collections/jfrog/platform/CHANGELOG.md
@@ -1,6 +1,9 @@
 # JFrog Platform Ansible Collection Changelog
 All changes to this collection will be documented in this file.
 
+## [10.16.4] - Dec 18, 2023
+* Changed default Artifactory version to 7.71.8 
+
 ## [10.16.3] - Dec 6, 2023
 * Added How to avoid IPv6 binding in Readme [GH-349](https://github.com/jfrog/JFrog-Cloud-Installers/pull/349)
 * Product Updates/fixes

From 91c4f0fb7ea333e8520f43ce536bbe71b578d06e Mon Sep 17 00:00:00 2001
From: Bas Meijer <bas.meijer@enexis.nl>
Date: Tue, 19 Dec 2023 10:45:41 +0100
Subject: [PATCH 3/4] Determine the running_version and compare to desired
 artifactory_version

---
 .../platform/roles/artifactory/tasks/upgrade.yml   | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml
index 2ff3a108..f24e73c1 100644
--- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml
+++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml
@@ -56,17 +56,27 @@
     path: "{{ jfrog_home_directory }}"
     state: directory
 
+- name: Check artifactory version
+  ansible.builtin.shell: |
+    set -o pipefail;
+    grep artifactory.product.version "{{ artifactory_home }}/app/artifactory.product.version.properties" |cut -d= -f2
+  register: check_version_cmd
+
+- name: Set running_version
+  ansible.builtin.set_fact:
+    running_version: "{{ check_version_cmd.stdout_lines }}"
+
 - name: Delete artifactory app directory
   become: true
   ansible.builtin.file:
     path: "{{ artifactory_home }}/app"
     state: absent
-  when: (download_artifactory.changed) or (unarchived_artifactory.changed)
+  when: running_version != artifactory_version
 
 - name: Copy new app to artifactory app
   become: true
   ansible.builtin.command: "cp -r {{ artifactory_untar_home }}/app/. {{ artifactory_home }}/app"
-  when: (download_artifactory.changed) or (unarchived_artifactory.changed)
+  when: running_version != artifactory_version
   notify: Restart artifactory
 
 - name: Configure artifactory license(s)

From 7b1c30c43ee2f529c00a28078bee996ae1e94bbb Mon Sep 17 00:00:00 2001
From: Bas Meijer <bas.meijer@enexis.nl>
Date: Wed, 20 Dec 2023 11:16:11 +0100
Subject: [PATCH 4/4] compare stdout wihtout newline. changed_when: false for
 read operation.

---
 .../jfrog/platform/roles/artifactory/tasks/upgrade.yml         | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml
index f24e73c1..1ee1b29b 100644
--- a/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml
+++ b/Ansible/ansible_collections/jfrog/platform/roles/artifactory/tasks/upgrade.yml
@@ -61,10 +61,11 @@
     set -o pipefail;
     grep artifactory.product.version "{{ artifactory_home }}/app/artifactory.product.version.properties" |cut -d= -f2
   register: check_version_cmd
+  changed_when: false
 
 - name: Set running_version
   ansible.builtin.set_fact:
-    running_version: "{{ check_version_cmd.stdout_lines }}"
+    running_version: "{{ check_version_cmd.stdout }}"
 
 - name: Delete artifactory app directory
   become: true