From e525061571536da947e1f09abb7a4ca944129bab Mon Sep 17 00:00:00 2001 From: muehlings <80385927+muehlings@users.noreply.github.com> Date: Fri, 25 Aug 2023 11:40:49 +0200 Subject: [PATCH 01/48] Add "customer" parameter in module and request --- plugins/modules/contact_group.py | 23 ++++++++++++++---- plugins/modules/host_group.py | 23 ++++++++++++++---- plugins/modules/password.py | 40 ++++++++++++++++++++++++-------- plugins/modules/service_group.py | 23 ++++++++++++++---- plugins/modules/user.py | 9 ++++++- 5 files changed, 95 insertions(+), 23 deletions(-) diff --git a/plugins/modules/contact_group.py b/plugins/modules/contact_group.py index 62e833279..4cbcbfa71 100644 --- a/plugins/modules/contact_group.py +++ b/plugins/modules/contact_group.py @@ -30,6 +30,9 @@ title: description: The title (alias) of your contact group. If omitted defaults to the name. type: str + customer: + description: The customer (required for CME) + type: str groups: description: - instead of 'name', 'title' a list of dicts with elements of contact group name and title (alias) to be created/modified/deleted. @@ -60,6 +63,7 @@ automation_secret: "$SECRET" name: "my_contact_group" title: "My Contact Group" + cutomer: "provider" state: "present" # Create several contact groups. @@ -69,6 +73,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" + customer: "provider" groups: - name: "my_contact_group_one" title: "My Contact Group One" @@ -85,6 +90,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" + customer: "provider" groups: - name: "my_contact_group_one" title: "My Contact Group One" @@ -266,10 +272,17 @@ def create_single_contact_group(module, base_url, headers): name = module.params["name"] api_endpoint = "/domain-types/contact_group_config/collections/all" - params = { - "name": name, - "alias": module.params.get("title", name), - } + if module.params.get("customer") != None: + params = { + "name": name, + "alias": module.params.get("title", name), + "customer": module.params.get("customer", 'provider'), + } + else: + params = { + "name": name, + "alias": module.params.get("title", name), + } url = base_url + api_endpoint response, info = fetch_url( @@ -291,6 +304,7 @@ def create_contact_groups(module, base_url, groups, headers): { "name": el.get("name"), "alias": el.get("title", el.get("name")), + "customer": el.get("customer", 'provider'), } for el in groups ], @@ -351,6 +365,7 @@ def run_module(): automation_secret=dict(type="str", required=True, no_log=True), name=dict(type="str", required=False), title=dict(type="str", required=False), + customer=dict(type="str", required=False), groups=dict(type="raw", required=False, default=[]), state=dict(type="str", default="present", choices=["present", "absent"]), ) diff --git a/plugins/modules/host_group.py b/plugins/modules/host_group.py index 5c66daa4c..b81d35398 100644 --- a/plugins/modules/host_group.py +++ b/plugins/modules/host_group.py @@ -30,6 +30,9 @@ title: description: The title (alias) of your host group. If omitted defaults to the name. type: str + customer: + description: The customer (required for CME) + type: str groups: description: - instead of 'name', 'title' a list of dicts with elements of host group name and title (alias) to be created/modified/deleted. @@ -56,6 +59,7 @@ automation_secret: "$SECRET" name: "my_host_group" title: "My Host Group" + cutomer: "provider" state: "present" # Create several host groups. @@ -65,6 +69,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" + cutomer: "provider" groups: - name: "my_host_group_one" title: "My Host Group One" @@ -81,6 +86,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" + cutomer: "provider" groups: - name: "my_host_group_one" title: "My Host Group One" @@ -262,10 +268,17 @@ def create_single_host_group(module, base_url, headers): name = module.params["name"] api_endpoint = "/domain-types/host_group_config/collections/all" - params = { - "name": name, - "alias": module.params.get("title", name), - } + if module.params.get("customer") != None: + params = { + "name": name, + "alias": module.params.get("title", name), + "customer": module.params.get("customer", 'provider'), + } + else: + params = { + "name": name, + "alias": module.params.get("title", name), + } url = base_url + api_endpoint response, info = fetch_url( @@ -287,6 +300,7 @@ def create_host_groups(module, base_url, groups, headers): { "name": el.get("name"), "alias": el.get("title", el.get("name")), + "customer": el.get("customer", 'provider'), } for el in groups ], @@ -350,6 +364,7 @@ def run_module(): required=False, ), title=dict(type="str", required=False), + customer=dict(type="str", required=False), groups=dict( type="raw", required=False, diff --git a/plugins/modules/password.py b/plugins/modules/password.py index d1d209745..46263a35c 100644 --- a/plugins/modules/password.py +++ b/plugins/modules/password.py @@ -33,6 +33,11 @@ required: false type: str + customer: + description: The customer + required: true (CME) | false (other Editions) + type: str + comment: description: A comment for the password. required: false @@ -79,6 +84,7 @@ automation_secret: "$SECRET" name: "mypassword" title: "My Password" + customer: "provider" comment: "Comment on my password" documentation_url: "https://url.to.mypassword/" password: "topsecret" @@ -145,7 +151,7 @@ 200: (True, False, "OK: The operation was done successfully."), 400: (False, True, "Bad Request: Parameter or validation failure."), 403: (False, True, "Forbidden: Configuration via Setup is disabled."), - 404: (False, True, "Not Found: The requested object has not been found."), + 404: (False, False, "Not Found: The requested object has not been found."), 406: ( False, True, @@ -212,15 +218,28 @@ class PasswordsCreateAPI(CheckmkAPI): def post(self): - data = { - "ident": self.params.get("name", ""), - "title": self.params.get("title", ""), - "comment": self.params.get("comment", ""), - "documentation_url": self.params.get("documentation_url", ""), - "password": self.params.get("password", ""), - "owner": self.params.get("owner", ""), - "shared": self.params.get("shared", ""), - } + if self.params.get("customer", None) != None: + data = { + "ident": self.params.get("name", ""), + "title": self.params.get("title", ""), + "customer": self.params.get("customer", ""), + "comment": self.params.get("comment", ""), + "documentation_url": self.params.get("documentation_url", ""), + "password": self.params.get("password", ""), + "owner": self.params.get("owner", ""), + "shared": self.params.get("shared", ""), + } + else: + data = { + "ident": self.params.get("name", ""), + "title": self.params.get("title", ""), + "comment": self.params.get("comment", ""), + "documentation_url": self.params.get("documentation_url", ""), + "password": self.params.get("password", ""), + "owner": self.params.get("owner", ""), + "shared": self.params.get("shared", ""), + } + return self._fetch( code_mapping=HTTP_CODES_CREATE, @@ -285,6 +304,7 @@ def run_module(): automation_secret=dict(type="str", required=True, no_log=True), name=dict(type="str", required=True), title=dict(type="str", required=False), + customer=dict(type="str", required=False), comment=dict(type="str", required=False), documentation_url=dict(type="str", required=False), password=dict(type="str", required=False, no_log=True), diff --git a/plugins/modules/service_group.py b/plugins/modules/service_group.py index f242a8131..49dfc08d5 100644 --- a/plugins/modules/service_group.py +++ b/plugins/modules/service_group.py @@ -30,6 +30,9 @@ title: description: The title (alias) of your service group. If omitted defaults to the name. type: str + customer: + description: The customer (required for CME) + type: str groups: description: - instead of 'name', 'title' a list of dicts with elements of service group name and title (alias) to be created/modified/deleted. @@ -60,6 +63,7 @@ automation_secret: "$SECRET" name: "my_service_group" title: "My Service Group" + cutomer: "provider" state: "present" # Create several service groups. @@ -69,6 +73,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" + cutomer: "provider" groups: - name: "my_service_group_one" title: "My Service Group One" @@ -85,6 +90,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" + cutomer: "provider" groups: - name: "my_service_group_one" title: "My Service Group One" @@ -266,10 +272,17 @@ def create_single_service_group(module, base_url, headers): name = module.params["name"] api_endpoint = "/domain-types/service_group_config/collections/all" - params = { - "name": name, - "alias": module.params.get("title", name), - } + if module.params.get("customer") != None: + params = { + "name": name, + "alias": module.params.get("title", name), + "customer": module.params.get("customer", 'provider'), + } + else: + params = { + "name": name, + "alias": module.params.get("title", name), + } url = base_url + api_endpoint response, info = fetch_url( @@ -291,6 +304,7 @@ def create_service_groups(module, base_url, groups, headers): { "name": el.get("name"), "alias": el.get("title", el.get("name")), + "customer": el.get("customer", 'provider'), } for el in groups ], @@ -351,6 +365,7 @@ def run_module(): automation_secret=dict(type="str", required=True, no_log=True), name=dict(type="str", required=False), title=dict(type="str", required=False), + customer=dict(type="str", required=False), groups=dict(type="raw", required=False, default=[]), state=dict(type="str", default="present", choices=["present", "absent"]), ) diff --git a/plugins/modules/user.py b/plugins/modules/user.py index 36aab01f3..f6a192854 100644 --- a/plugins/modules/user.py +++ b/plugins/modules/user.py @@ -95,6 +95,7 @@ automation_secret: "$SECRET" name: "krichards" fullname: "Keith Richards" + customer: "Provider" email: "keith.richards@rollingstones.com" password: "Open-G" contactgroups: @@ -113,6 +114,7 @@ automation_secret: "$SECRET" name: "registration" fullname: "Registration User" + customer: "Provider" auth_type: "automation" password: "ZGSDHUVDSKJHSDF" roles: @@ -128,6 +130,7 @@ automation_secret: "$SECRET" name: "horst" fullname: "Horst Schlämmer" + customer: "Provider" auth_type: "password" password: "uschi" enforce_password_change: True @@ -248,6 +251,9 @@ def _exists(key): if _exists("fullname"): attributes["fullname"] = params["fullname"] + if _exists("customer"): + attributes["customer"] = params["customer"] + if _exists("disable_login"): attributes["disable_login"] = params["disable_login"] @@ -427,9 +433,10 @@ def run_module(): automation_secret=dict(type="str", required=True, no_log=True), name=dict(required=True, type="str"), fullname=dict(type="str"), + customer=dict(type="str"), password=dict(type="str", no_log=True), enforce_password_change=dict(type="bool", no_log=False), - auth_type=dict(type="str", choices=["password", "automation"]), + auth_type=dict(type="str", choices=["password", "automation"], required=True), # changed to required=True, because endpoint won't create usable user without auth_type disable_login=dict(type="bool"), email=dict(type="str"), fallback_contact=dict(type="bool"), From 0b763f06791478458dc0c13f719124b81b0f96a1 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 30 Aug 2023 10:40:37 +0200 Subject: [PATCH 02/48] Fix some linting findings. --- plugins/modules/contact_group.py | 2 +- plugins/modules/host_group.py | 2 +- plugins/modules/password.py | 7 +++---- plugins/modules/service_group.py | 2 +- plugins/modules/user.py | 7 ++++++- 5 files changed, 12 insertions(+), 8 deletions(-) diff --git a/plugins/modules/contact_group.py b/plugins/modules/contact_group.py index 4cbcbfa71..ce36122ef 100644 --- a/plugins/modules/contact_group.py +++ b/plugins/modules/contact_group.py @@ -272,7 +272,7 @@ def create_single_contact_group(module, base_url, headers): name = module.params["name"] api_endpoint = "/domain-types/contact_group_config/collections/all" - if module.params.get("customer") != None: + if module.params.get("customer") is not None: params = { "name": name, "alias": module.params.get("title", name), diff --git a/plugins/modules/host_group.py b/plugins/modules/host_group.py index b81d35398..1a1a1d8cc 100644 --- a/plugins/modules/host_group.py +++ b/plugins/modules/host_group.py @@ -268,7 +268,7 @@ def create_single_host_group(module, base_url, headers): name = module.params["name"] api_endpoint = "/domain-types/host_group_config/collections/all" - if module.params.get("customer") != None: + if module.params.get("customer") is not None: params = { "name": name, "alias": module.params.get("title", name), diff --git a/plugins/modules/password.py b/plugins/modules/password.py index 46263a35c..110995392 100644 --- a/plugins/modules/password.py +++ b/plugins/modules/password.py @@ -34,8 +34,8 @@ type: str customer: - description: The customer - required: true (CME) | false (other Editions) + description: For the Checkmk Managed Edition, you need to specify which customer a password belongs to. + required: false type: str comment: @@ -218,7 +218,7 @@ class PasswordsCreateAPI(CheckmkAPI): def post(self): - if self.params.get("customer", None) != None: + if self.params.get("customer", None) is not None: data = { "ident": self.params.get("name", ""), "title": self.params.get("title", ""), @@ -240,7 +240,6 @@ def post(self): "shared": self.params.get("shared", ""), } - return self._fetch( code_mapping=HTTP_CODES_CREATE, endpoint="/domain-types/password/collections/all", diff --git a/plugins/modules/service_group.py b/plugins/modules/service_group.py index 49dfc08d5..5ec0c656c 100644 --- a/plugins/modules/service_group.py +++ b/plugins/modules/service_group.py @@ -272,7 +272,7 @@ def create_single_service_group(module, base_url, headers): name = module.params["name"] api_endpoint = "/domain-types/service_group_config/collections/all" - if module.params.get("customer") != None: + if module.params.get("customer") is not None: params = { "name": name, "alias": module.params.get("title", name), diff --git a/plugins/modules/user.py b/plugins/modules/user.py index f6a192854..dc9785792 100644 --- a/plugins/modules/user.py +++ b/plugins/modules/user.py @@ -38,6 +38,7 @@ type: bool auth_type: description: The authentication type. + required: true type: str choices: [password, automation] disable_login: @@ -75,6 +76,9 @@ description: Configure the language to be used by the user in the user interface. Omitting this will configure the default language. type: str choices: [default, en, de, ro] + customer: + description: For the Checkmk Managed Edition, you need to specify which customer a user belongs to. + type: str state: description: Desired state type: str @@ -436,7 +440,8 @@ def run_module(): customer=dict(type="str"), password=dict(type="str", no_log=True), enforce_password_change=dict(type="bool", no_log=False), - auth_type=dict(type="str", choices=["password", "automation"], required=True), # changed to required=True, because endpoint won't create usable user without auth_type + # changed 'auth_type' to required=True, because endpoint won't create usable user without auth_type + auth_type=dict(type="str", choices=["password", "automation"], required=True), disable_login=dict(type="bool"), email=dict(type="str"), fallback_contact=dict(type="bool"), From be5410d11b0e5970367484b49c00b9fcbea68862 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 30 Aug 2023 11:14:43 +0200 Subject: [PATCH 03/48] Fix Python QA. --- plugins/modules/contact_group.py | 4 ++-- plugins/modules/host_group.py | 4 ++-- plugins/modules/service_group.py | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/plugins/modules/contact_group.py b/plugins/modules/contact_group.py index ce36122ef..046f801c8 100644 --- a/plugins/modules/contact_group.py +++ b/plugins/modules/contact_group.py @@ -276,7 +276,7 @@ def create_single_contact_group(module, base_url, headers): params = { "name": name, "alias": module.params.get("title", name), - "customer": module.params.get("customer", 'provider'), + "customer": module.params.get("customer", "provider"), } else: params = { @@ -304,7 +304,7 @@ def create_contact_groups(module, base_url, groups, headers): { "name": el.get("name"), "alias": el.get("title", el.get("name")), - "customer": el.get("customer", 'provider'), + "customer": el.get("customer", "provider"), } for el in groups ], diff --git a/plugins/modules/host_group.py b/plugins/modules/host_group.py index 1a1a1d8cc..f8e5b8c8e 100644 --- a/plugins/modules/host_group.py +++ b/plugins/modules/host_group.py @@ -272,7 +272,7 @@ def create_single_host_group(module, base_url, headers): params = { "name": name, "alias": module.params.get("title", name), - "customer": module.params.get("customer", 'provider'), + "customer": module.params.get("customer", "provider"), } else: params = { @@ -300,7 +300,7 @@ def create_host_groups(module, base_url, groups, headers): { "name": el.get("name"), "alias": el.get("title", el.get("name")), - "customer": el.get("customer", 'provider'), + "customer": el.get("customer", "provider"), } for el in groups ], diff --git a/plugins/modules/service_group.py b/plugins/modules/service_group.py index 5ec0c656c..83b274d55 100644 --- a/plugins/modules/service_group.py +++ b/plugins/modules/service_group.py @@ -276,7 +276,7 @@ def create_single_service_group(module, base_url, headers): params = { "name": name, "alias": module.params.get("title", name), - "customer": module.params.get("customer", 'provider'), + "customer": module.params.get("customer", "provider"), } else: params = { @@ -304,7 +304,7 @@ def create_service_groups(module, base_url, groups, headers): { "name": el.get("name"), "alias": el.get("title", el.get("name")), - "customer": el.get("customer", 'provider'), + "customer": el.get("customer", "provider"), } for el in groups ], From e49ab7094ac2a605e8e88308e8ce0054f14bd429 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 7 Sep 2023 16:53:52 +0200 Subject: [PATCH 04/48] Fix customer attribute logic for bulk mode in group modules. --- plugins/modules/contact_group.py | 33 ++++++++++++++++++++++---------- plugins/modules/host_group.py | 33 ++++++++++++++++++++++---------- plugins/modules/service_group.py | 33 ++++++++++++++++++++++---------- 3 files changed, 69 insertions(+), 30 deletions(-) diff --git a/plugins/modules/contact_group.py b/plugins/modules/contact_group.py index 046f801c8..4f214f5f1 100644 --- a/plugins/modules/contact_group.py +++ b/plugins/modules/contact_group.py @@ -299,16 +299,29 @@ def create_single_contact_group(module, base_url, headers): def create_contact_groups(module, base_url, groups, headers): api_endpoint = "/domain-types/contact_group_config/actions/bulk-create/invoke" - params = { - "entries": [ - { - "name": el.get("name"), - "alias": el.get("title", el.get("name")), - "customer": el.get("customer", "provider"), - } - for el in groups - ], - } + + if module.params.get("customer") is not None: + params = { + "entries": [ + { + "name": el.get("name"), + "alias": el.get("title", el.get("name")), + "customer": el.get("customer", "provider"), + } + for el in groups + ], + } + else: + params = { + "entries": [ + { + "name": el.get("name"), + "alias": el.get("title", el.get("name")), + } + for el in groups + ], + } + url = base_url + api_endpoint response, info = fetch_url( diff --git a/plugins/modules/host_group.py b/plugins/modules/host_group.py index f8e5b8c8e..23ea58627 100644 --- a/plugins/modules/host_group.py +++ b/plugins/modules/host_group.py @@ -295,16 +295,29 @@ def create_single_host_group(module, base_url, headers): def create_host_groups(module, base_url, groups, headers): api_endpoint = "/domain-types/host_group_config/actions/bulk-create/invoke" - params = { - "entries": [ - { - "name": el.get("name"), - "alias": el.get("title", el.get("name")), - "customer": el.get("customer", "provider"), - } - for el in groups - ], - } + + if module.params.get("customer") is not None: + params = { + "entries": [ + { + "name": el.get("name"), + "alias": el.get("title", el.get("name")), + "customer": el.get("customer", "provider"), + } + for el in groups + ], + } + else: + params = { + "entries": [ + { + "name": el.get("name"), + "alias": el.get("title", el.get("name")), + } + for el in groups + ], + } + url = base_url + api_endpoint response, info = fetch_url( diff --git a/plugins/modules/service_group.py b/plugins/modules/service_group.py index 83b274d55..fa73dd54a 100644 --- a/plugins/modules/service_group.py +++ b/plugins/modules/service_group.py @@ -299,16 +299,29 @@ def create_single_service_group(module, base_url, headers): def create_service_groups(module, base_url, groups, headers): api_endpoint = "/domain-types/service_group_config/actions/bulk-create/invoke" - params = { - "entries": [ - { - "name": el.get("name"), - "alias": el.get("title", el.get("name")), - "customer": el.get("customer", "provider"), - } - for el in groups - ], - } + + if module.params.get("customer") is not None: + params = { + "entries": [ + { + "name": el.get("name"), + "alias": el.get("title", el.get("name")), + "customer": el.get("customer", "provider"), + } + for el in groups + ], + } + else: + params = { + "entries": [ + { + "name": el.get("name"), + "alias": el.get("title", el.get("name")), + } + for el in groups + ], + } + url = base_url + api_endpoint response, info = fetch_url( From 87e893b36f0cab121205f7b9c0ee982f9d428f39 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 8 Sep 2023 09:47:24 +0200 Subject: [PATCH 05/48] Add auth_type to tasks and update test variables. --- tests/integration/targets/user/tasks/test.yml | 16 ++++++++++------ tests/integration/targets/user/vars/main.yml | 12 +++++++++++- 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/tests/integration/targets/user/tasks/test.yml b/tests/integration/targets/user/tasks/test.yml index 13cad1d3e..67cdb19cc 100644 --- a/tests/integration/targets/user/tasks/test.yml +++ b/tests/integration/targets/user/tasks/test.yml @@ -25,7 +25,7 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Create users." - user: + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" @@ -56,7 +56,7 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Create same users again." - user: + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" @@ -83,12 +83,13 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Edit users." - user: + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" name: "{{ item.name }}" + auth_type: "{{ item.auth_type }}" contactgroups: "{{ item.contactgroups }}" state: "present" delegate_to: localhost @@ -108,12 +109,13 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Change PW of users." - user: + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" name: "{{ item.name }}" + auth_type: "{{ item.auth_type }}" password: "{{ item.newpassword }}" state: "present" delegate_to: localhost @@ -134,12 +136,13 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Delete users." - user: + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" name: "{{ item.name }}" + auth_type: "{{ item.auth_type }}" state: "absent" delegate_to: localhost run_once: true # noqa run-once[task] @@ -158,12 +161,13 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Delete same users again." - user: + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" name: "{{ item.name }}" + auth_type: "{{ item.auth_type }}" state: "absent" delegate_to: localhost run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index e0eb20eb3..2cb71f922 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -35,6 +35,16 @@ checkmk_contact_groups: - team3 checkmk_users: + - name: admin1 + fullname: Admin Eins + password: "123" + newpassword: "abc" + auth_type: password + email: 123@company.com + contactgroups: [] + roles: + - admin + fallback_contact: true - name: user1 fullname: User Eins password: "123" @@ -66,7 +76,7 @@ checkmk_users: fullname: Automation User 1 password: "0123456789" newpassword: "abcdefghij" - auth_type: password + auth_type: automation contactgroups: [] roles: - admin From a57c6123ffb249cc8ad1cfe8694f36f9eacb5c4a Mon Sep 17 00:00:00 2001 From: Beni ~HB9HNT Date: Mon, 18 Sep 2023 11:28:39 +0200 Subject: [PATCH 06/48] Add variable to specify that we're using push agents --- roles/agent/defaults/main.yml | 1 + roles/agent/tasks/Linux.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index e5a990470..fe6b4f308 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -31,6 +31,7 @@ checkmk_agent_folder: "{{ checkmk_folder_path | default('/') }}" checkmk_agent_force_foreign_changes: 'false' checkmk_agent_host_attributes: ipaddress: "{{ checkmk_agent_host_ip | default(omit) }}" +checkmk_agent_push: false # If you trust your local hostnames, you could also use the following diff --git a/roles/agent/tasks/Linux.yml b/roles/agent/tasks/Linux.yml index 344a8a0e4..dfdaaed2c 100644 --- a/roles/agent/tasks/Linux.yml +++ b/roles/agent/tasks/Linux.yml @@ -107,3 +107,4 @@ ansible.builtin.wait_for: port: 6556 timeout: 60 + when: not (checkmk_agent_push | default(false)) | bool From 602a85e1644c04b295acb8f2b56354518697ecfe Mon Sep 17 00:00:00 2001 From: Beni ~HB9HNT Date: Mon, 18 Sep 2023 11:28:47 +0200 Subject: [PATCH 07/48] Add initial push of data before discovery --- roles/agent/tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index bd414bc8f..6fddeb2eb 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -14,6 +14,11 @@ tags: - include-system-tasks +- name: "{{ ansible_system }}: Initial push of data for push agent" # noqa no-changed-when + become: true + ansible.builtin.shell: cmk-agent-ctl push + when: (checkmk_agent_push | default(false)) | bool + - name: "Fetch fresh monitoring data from host." become: false checkmk.general.discovery: From 8d13a0c3559c06317ef1cb5f1bdfdade615181ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20M=C3=BChling?= <80385927+muehlings@users.noreply.github.com> Date: Mon, 25 Sep 2023 16:16:38 +0200 Subject: [PATCH 08/48] Add files via upload --- tests/integration/targets/user/vars/main.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index 2cb71f922..b6027b0fc 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -3,6 +3,9 @@ # to the naming of the setup files. For example 'raw' and 'enterprise' rather # than 'CRE' and 'CEE'. test_sites: + - version: "2.2.0p8" + edition: "cme" + site: "stable_cme" - version: "2.2.0p8" edition: "cre" site: "stable_raw" @@ -13,12 +16,12 @@ test_sites: edition: "cre" site: "old_raw" -server_url: "http://127.0.0.1/" +server_url: "https://maas.pdv-systeme.de/" automation_user: "cmkadmin" automation_secret: "d7589df1" download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" +download_user: "hotline@pdv-systeme.de" download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] # Due to inconsistent naming of editions, we normalize them here for convenience @@ -76,7 +79,7 @@ checkmk_users: fullname: Automation User 1 password: "0123456789" newpassword: "abcdefghij" - auth_type: automation + auth_type: automation contactgroups: [] roles: - admin From 5c68f26b2bf57be79b34325fca124892e5e564cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20M=C3=BChling?= <80385927+muehlings@users.noreply.github.com> Date: Mon, 25 Sep 2023 16:17:31 +0200 Subject: [PATCH 09/48] Add files via upload --- tests/integration/targets/user/tasks/test.yml | 50 +++++++++++++++---- 1 file changed, 40 insertions(+), 10 deletions(-) diff --git a/tests/integration/targets/user/tasks/test.yml b/tests/integration/targets/user/tasks/test.yml index 67cdb19cc..cd8e48321 100644 --- a/tests/integration/targets/user/tasks/test.yml +++ b/tests/integration/targets/user/tasks/test.yml @@ -1,10 +1,40 @@ --- +- name: "{{ outer_item.version }} - Set customer when needed." + set_fact: + customer: "provider" + when: outer_item.edition == "cme" + +- name: "{{ outer_item.version }} - Set customer when needed." + set_fact: + customer: "provider" + when: outer_item.edition == "cce" + +- name: "{{ outer_item.version }} - Unset customer when needed." + set_fact: + customer: null + when: outer_item.edition == "cre" + +- name: "{{ outer_item.version }} - Unset customer when needed." + set_fact: + customer: null + when: outer_item.edition == "cfe" + +- name: "{{ outer_item.version }} - Unset customer when needed." + set_fact: + customer: null + when: outer_item.edition == "enterprise" + +- name: "{{ outer_item.version }} - Output customer variable." + debug: + var: customer + - name: "{{ outer_item.version }} - Create contact groups." contact_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None ) | ternary(customer,omit) }}" name: "{{ item }}" title: "{{ item }}" state: "present" @@ -25,11 +55,12 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Create users." - user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None ) | ternary(customer,omit) }}" name: "{{ item.name }}" fullname: "{{ item.fullname }}" auth_type: "{{ item.auth_type }}" @@ -56,11 +87,12 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Create same users again." - user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module + user: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None ) | ternary(customer,omit) }}" name: "{{ item.name }}" fullname: "{{ item.fullname }}" auth_type: "{{ item.auth_type }}" @@ -83,13 +115,13 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Edit users." - user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None ) | ternary(customer,omit) }}" name: "{{ item.name }}" - auth_type: "{{ item.auth_type }}" contactgroups: "{{ item.contactgroups }}" state: "present" delegate_to: localhost @@ -109,13 +141,13 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Change PW of users." - user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None ) | ternary(customer,omit) }}" name: "{{ item.name }}" - auth_type: "{{ item.auth_type }}" password: "{{ item.newpassword }}" state: "present" delegate_to: localhost @@ -136,13 +168,12 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Delete users." - user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" name: "{{ item.name }}" - auth_type: "{{ item.auth_type }}" state: "absent" delegate_to: localhost run_once: true # noqa run-once[task] @@ -161,13 +192,12 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Delete same users again." - user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" name: "{{ item.name }}" - auth_type: "{{ item.auth_type }}" state: "absent" delegate_to: localhost run_once: true # noqa run-once[task] From 14f3fb756e1df898d95017591c4be9419d89305a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20M=C3=BChling?= <80385927+muehlings@users.noreply.github.com> Date: Mon, 25 Sep 2023 16:42:02 +0200 Subject: [PATCH 10/48] Update main.yml --- tests/integration/targets/user/vars/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index b6027b0fc..463517c5c 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -3,16 +3,16 @@ # to the naming of the setup files. For example 'raw' and 'enterprise' rather # than 'CRE' and 'CEE'. test_sites: - - version: "2.2.0p8" + - version: "2.2.0p9" edition: "cme" site: "stable_cme" - - version: "2.2.0p8" + - version: "2.2.0p9" edition: "cre" site: "stable_raw" - - version: "2.2.0p8" + - version: "2.2.0p9" edition: "cee" site: "stable_ent" - - version: "2.1.0p32" + - version: "2.1.0p33" edition: "cre" site: "old_raw" From 11aee12ad361599b6066ae01086562ab162f5413 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20M=C3=BChling?= <80385927+muehlings@users.noreply.github.com> Date: Tue, 26 Sep 2023 08:16:06 +0200 Subject: [PATCH 11/48] Add files via upload --- plugins/modules/user.py | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/plugins/modules/user.py b/plugins/modules/user.py index dc9785792..8d152760a 100644 --- a/plugins/modules/user.py +++ b/plugins/modules/user.py @@ -38,7 +38,6 @@ type: bool auth_type: description: The authentication type. - required: true type: str choices: [password, automation] disable_login: @@ -76,9 +75,6 @@ description: Configure the language to be used by the user in the user interface. Omitting this will configure the default language. type: str choices: [default, en, de, ro] - customer: - description: For the Checkmk Managed Edition, you need to specify which customer a user belongs to. - type: str state: description: Desired state type: str @@ -321,6 +317,7 @@ def _exists(key): if _exists("authorized_sites"): attributes["authorized_sites"] = params["authorized_sites"] + #raise Exception(str(params)) return cls(params["name"], state=params["state"], attributes=attributes) def satisfies(self, other_instance): @@ -351,6 +348,12 @@ def get_current_user_state(module, api_params): etag = info.get("etag", "") extensions = body.get("extensions", {}) + elif info["status"] == 401: + exit_failed(module, "[get_current_user_state] Error calling API. HTTP code %d. Details: %s." % (info["status"], info["body"])) + + elif info["status"] == 403: + exit_failed(module, "[get_current_user_state] Error calling API. HTTP code %d. Details: %s." % (info["status"], info["body"])) + elif info["status"] == 404: current_state = "absent" @@ -437,11 +440,10 @@ def run_module(): automation_secret=dict(type="str", required=True, no_log=True), name=dict(required=True, type="str"), fullname=dict(type="str"), - customer=dict(type="str"), + customer=dict(type="str", required=False), password=dict(type="str", no_log=True), enforce_password_change=dict(type="bool", no_log=False), - # changed 'auth_type' to required=True, because endpoint won't create usable user without auth_type - auth_type=dict(type="str", choices=["password", "automation"], required=True), + auth_type=dict(type="str", choices=["password", "automation"]), disable_login=dict(type="bool"), email=dict(type="str"), fallback_contact=dict(type="bool"), @@ -482,6 +484,7 @@ def run_module(): ) # Determine desired state and attributes + log("module.params: %s" % str(module.params)) desired_user = User.from_module(module.params) log("desired_user: %s" % str(desired_user)) desired_state = desired_user.state From f3e563c0687331a64196826df6498babac3a6ae6 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Mon, 23 Oct 2023 12:57:46 +0200 Subject: [PATCH 12/48] Fix linting findings in tests. --- tests/integration/targets/user/tasks/test.yml | 26 ++++++++----------- tests/integration/targets/user/vars/main.yml | 2 +- 2 files changed, 12 insertions(+), 16 deletions(-) diff --git a/tests/integration/targets/user/tasks/test.yml b/tests/integration/targets/user/tasks/test.yml index cd8e48321..0458d3b52 100644 --- a/tests/integration/targets/user/tasks/test.yml +++ b/tests/integration/targets/user/tasks/test.yml @@ -1,32 +1,28 @@ --- - name: "{{ outer_item.version }} - Set customer when needed." - set_fact: + ansible.builtin.ansible.builtin.set_fact: customer: "provider" when: outer_item.edition == "cme" - name: "{{ outer_item.version }} - Set customer when needed." - set_fact: + ansible.builtin.set_fact: customer: "provider" when: outer_item.edition == "cce" - name: "{{ outer_item.version }} - Unset customer when needed." - set_fact: + ansible.builtin.set_fact: customer: null when: outer_item.edition == "cre" - name: "{{ outer_item.version }} - Unset customer when needed." - set_fact: + ansible.builtin.set_fact: customer: null when: outer_item.edition == "cfe" - name: "{{ outer_item.version }} - Unset customer when needed." - set_fact: + ansible.builtin.set_fact: customer: null when: outer_item.edition == "enterprise" - -- name: "{{ outer_item.version }} - Output customer variable." - debug: - var: customer - name: "{{ outer_item.version }} - Create contact groups." contact_group: @@ -34,7 +30,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None ) | ternary(customer,omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" name: "{{ item }}" title: "{{ item }}" state: "present" @@ -60,7 +56,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None ) | ternary(customer,omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" name: "{{ item.name }}" fullname: "{{ item.fullname }}" auth_type: "{{ item.auth_type }}" @@ -87,12 +83,12 @@ run_once: true # noqa run-once[task] - name: "{{ outer_item.version }} - Create same users again." - user: + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None ) | ternary(customer,omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" name: "{{ item.name }}" fullname: "{{ item.fullname }}" auth_type: "{{ item.auth_type }}" @@ -120,7 +116,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None ) | ternary(customer,omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" name: "{{ item.name }}" contactgroups: "{{ item.contactgroups }}" state: "present" @@ -146,7 +142,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None ) | ternary(customer,omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" name: "{{ item.name }}" password: "{{ item.newpassword }}" state: "present" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index ffde29af5..ff9bc5908 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -76,7 +76,7 @@ checkmk_users: fullname: Automation User 1 password: "0123456789" newpassword: "abcdefghij" - auth_type: automation + auth_type: automation contactgroups: [] roles: - admin From 3ac2bc7a4d27a4c01dcd207543f58bd6d165d966 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Mon, 23 Oct 2023 14:13:56 +0200 Subject: [PATCH 13/48] Simplify conditionals. --- tests/integration/targets/user/tasks/test.yml | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) diff --git a/tests/integration/targets/user/tasks/test.yml b/tests/integration/targets/user/tasks/test.yml index 0458d3b52..b2dc151af 100644 --- a/tests/integration/targets/user/tasks/test.yml +++ b/tests/integration/targets/user/tasks/test.yml @@ -1,28 +1,13 @@ --- -- name: "{{ outer_item.version }} - Set customer when needed." - ansible.builtin.ansible.builtin.set_fact: - customer: "provider" - when: outer_item.edition == "cme" - - name: "{{ outer_item.version }} - Set customer when needed." ansible.builtin.set_fact: customer: "provider" - when: outer_item.edition == "cce" - -- name: "{{ outer_item.version }} - Unset customer when needed." - ansible.builtin.set_fact: - customer: null - when: outer_item.edition == "cre" - -- name: "{{ outer_item.version }} - Unset customer when needed." - ansible.builtin.set_fact: - customer: null - when: outer_item.edition == "cfe" + when: (outer_item.edition == "cme") or (outer_item.edition == "cce") - name: "{{ outer_item.version }} - Unset customer when needed." ansible.builtin.set_fact: customer: null - when: outer_item.edition == "enterprise" + when: not ((outer_item.edition == "cme") or (outer_item.edition == "cce")) - name: "{{ outer_item.version }} - Create contact groups." contact_group: From 2453e59023de84bd483e4b79a0676c47b7a23ed1 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Mon, 23 Oct 2023 14:15:22 +0200 Subject: [PATCH 14/48] Remove user secrets. --- tests/integration/targets/user/vars/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index ff9bc5908..149acfe44 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -13,12 +13,12 @@ test_sites: edition: "cre" site: "old_raw" -server_url: "https://maas.pdv-systeme.de/" +server_url: "http://127.0.0.1/" automation_user: "cmkadmin" automation_secret: "d7589df1" download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "hotline@pdv-systeme.de" +download_user: "d-gh-ansible-dl" download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] # Due to inconsistent naming of editions, we normalize them here for convenience From 2566753c5620704f8a319d320e4248408b55fb68 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 25 Oct 2023 17:26:16 +0200 Subject: [PATCH 15/48] First draft of site configuration capability. --- roles/server/defaults/main.yml | 15 +++++++++------ roles/server/tasks/configure-site.yml | 11 +++++++++++ roles/server/tasks/sites.yml | 9 +++++++++ 3 files changed, 29 insertions(+), 6 deletions(-) create mode 100644 roles/server/tasks/configure-site.yml diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 798efd75a..501302c7c 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -31,12 +31,15 @@ checkmk_server_verify_setup: 'true' checkmk_server_download_user: [] checkmk_server_download_pass: [] -checkmk_server_sites: [] -# - name: test -# version: "{{ checkmk_server_version }}" -# state: started -# admin_pw: "{{ automation_secret | default(omit) }}" -# update_conflict_resolution: abort +checkmk_server_sites: # [] + - name: test + version: "{{ checkmk_server_version }}" + state: started + admin_pw: "{{ automation_secret | default(omit) }}" + update_conflict_resolution: abort + omd_config: + - var: LIVESTATUS_TCP + value: "on" checkmk_server_configure_firewall: 'true' diff --git a/roles/server/tasks/configure-site.yml b/roles/server/tasks/configure-site.yml new file mode 100644 index 000000000..b67db0c99 --- /dev/null +++ b/roles/server/tasks/configure-site.yml @@ -0,0 +1,11 @@ +--- +- name: "Configure Site." # noqa no-changed-when + become: true + ansible.builtin.shell: | + set -o pipefail + omd config {{ outer_item.name }} set {{ item.var }} {{ item.value }} + args: + executable: /bin/bash + loop: "{{ outer_item.omd_config }}" + tags: + - configure-sites diff --git a/roles/server/tasks/sites.yml b/roles/server/tasks/sites.yml index 46d6c5eee..f755da601 100644 --- a/roles/server/tasks/sites.yml +++ b/roles/server/tasks/sites.yml @@ -14,6 +14,15 @@ tags: - create-sites +- name: "Include configure site tasks." + ansible.builtin.include_tasks: configure-site.yml + loop: "{{ checkmk_server_sites }}" + loop_control: + loop_var: outer_item + when: item.state != "absent" and item.omd_config | length + tags: + - configure-sites + - name: "Get site version." become: true ansible.builtin.shell: | From 203bf790fbc6e29bdc4600320ff0a745a5f997fa Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 25 Oct 2023 17:29:55 +0200 Subject: [PATCH 16/48] Fix formatting. --- plugins/modules/tag_group.py | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/plugins/modules/tag_group.py b/plugins/modules/tag_group.py index 5158cffb4..4160cd1aa 100644 --- a/plugins/modules/tag_group.py +++ b/plugins/modules/tag_group.py @@ -64,17 +64,17 @@ title: Virtualization topic: My_Tags choices: - - id: No_Virtualization - title: No Virtualization - - id: ESXi - title: ESXi - - id: vCenter - title: vCenter - - id: HyperV - title: HyperV - - id: KVM - title: KVM - state: present + - id: No_Virtualization + title: No Virtualization + - id: ESXi + title: ESXi + - id: vCenter + title: vCenter + - id: HyperV + title: HyperV + - id: KVM + title: KVM + state: present """ RETURN = r""" From d64d602a7702a8fc77a4c5e92b0416f323f9b283 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 25 Oct 2023 18:30:19 +0200 Subject: [PATCH 17/48] FInalize omd config management. --- roles/server/defaults/main.yml | 18 +++++++++--------- roles/server/molecule/2.0.0/group_vars/all.yml | 10 +++++++++- roles/server/molecule/2.1.0/group_vars/all.yml | 10 +++++++++- roles/server/molecule/2.2.0/group_vars/all.yml | 10 +++++++++- roles/server/tasks/configure-site.yml | 3 ++- roles/server/tasks/sites.yml | 4 ++-- 6 files changed, 40 insertions(+), 15 deletions(-) diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 501302c7c..0d5142641 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -31,15 +31,15 @@ checkmk_server_verify_setup: 'true' checkmk_server_download_user: [] checkmk_server_download_pass: [] -checkmk_server_sites: # [] - - name: test - version: "{{ checkmk_server_version }}" - state: started - admin_pw: "{{ automation_secret | default(omit) }}" - update_conflict_resolution: abort - omd_config: - - var: LIVESTATUS_TCP - value: "on" +checkmk_server_sites: [] + # - name: test + # version: "{{ checkmk_server_version }}" + # state: started + # admin_pw: "{{ automation_secret | default(omit) }}" + # update_conflict_resolution: abort + # omd_config: + # - var: LIVESTATUS_TCP + # value: "on" checkmk_server_configure_firewall: 'true' diff --git a/roles/server/molecule/2.0.0/group_vars/all.yml b/roles/server/molecule/2.0.0/group_vars/all.yml index 47f40f20f..502df9493 100644 --- a/roles/server/molecule/2.0.0/group_vars/all.yml +++ b/roles/server/molecule/2.0.0/group_vars/all.yml @@ -20,11 +20,16 @@ checkmk_server_backup_opts: '--no-past' checkmk_server_allow_downgrades: 'true' checkmk_server_sites: - - name: "{{ checkmk_site }}" + - name: "started" version: "{{ checkmk_version }}" state: started admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_config: + - var: LIVESTATUS_TCP + value: "on" + - var: LIVESTATUS_TCP_PORT + value: "6557" - name: "stopped" version: "{{ checkmk_version }}" state: stopped @@ -35,6 +40,9 @@ checkmk_server_sites: state: present admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_config: + - var: LIVESTATUS_TCP + value: "on" - name: "absent" version: "{{ checkmk_version }}" state: absent diff --git a/roles/server/molecule/2.1.0/group_vars/all.yml b/roles/server/molecule/2.1.0/group_vars/all.yml index 9c9a08914..e34546118 100644 --- a/roles/server/molecule/2.1.0/group_vars/all.yml +++ b/roles/server/molecule/2.1.0/group_vars/all.yml @@ -20,11 +20,16 @@ checkmk_server_backup_opts: '--no-past' checkmk_server_allow_downgrades: 'true' checkmk_server_sites: - - name: "{{ checkmk_site }}" + - name: "started" version: "{{ checkmk_version }}" state: started admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_config: + - var: LIVESTATUS_TCP + value: "on" + - var: LIVESTATUS_TCP_PORT + value: "6557" - name: "stopped" version: "{{ checkmk_version }}" state: stopped @@ -35,6 +40,9 @@ checkmk_server_sites: state: present admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_config: + - var: LIVESTATUS_TCP + value: "on" - name: "absent" version: "{{ checkmk_version }}" state: absent diff --git a/roles/server/molecule/2.2.0/group_vars/all.yml b/roles/server/molecule/2.2.0/group_vars/all.yml index 587a9c3aa..c8c693714 100644 --- a/roles/server/molecule/2.2.0/group_vars/all.yml +++ b/roles/server/molecule/2.2.0/group_vars/all.yml @@ -20,11 +20,16 @@ checkmk_server_backup_opts: '--no-past' checkmk_server_allow_downgrades: 'true' checkmk_server_sites: - - name: "{{ checkmk_site }}" + - name: "started" version: "{{ checkmk_version }}" state: started admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_config: + - var: LIVESTATUS_TCP + value: "on" + - var: LIVESTATUS_TCP_PORT + value: "6557" - name: "stopped" version: "{{ checkmk_version }}" state: stopped @@ -35,6 +40,9 @@ checkmk_server_sites: state: present admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_config: + - var: LIVESTATUS_TCP + value: "on" - name: "absent" version: "{{ checkmk_version }}" state: absent diff --git a/roles/server/tasks/configure-site.yml b/roles/server/tasks/configure-site.yml index b67db0c99..e969300bb 100644 --- a/roles/server/tasks/configure-site.yml +++ b/roles/server/tasks/configure-site.yml @@ -1,5 +1,5 @@ --- -- name: "Configure Site." # noqa no-changed-when +- name: "Configure Site '{{ outer_item.name }}'." # noqa no-changed-when become: true ansible.builtin.shell: | set -o pipefail @@ -7,5 +7,6 @@ args: executable: /bin/bash loop: "{{ outer_item.omd_config }}" + when: outer_item.state != "absent" and outer_item.omd_config | length tags: - configure-sites diff --git a/roles/server/tasks/sites.yml b/roles/server/tasks/sites.yml index f755da601..372e73c0c 100644 --- a/roles/server/tasks/sites.yml +++ b/roles/server/tasks/sites.yml @@ -14,12 +14,12 @@ tags: - create-sites -- name: "Include configure site tasks." +- name: "Include site configuration tasks." ansible.builtin.include_tasks: configure-site.yml loop: "{{ checkmk_server_sites }}" loop_control: loop_var: outer_item - when: item.state != "absent" and item.omd_config | length + when: outer_item.omd_config is defined tags: - configure-sites From f65ad1f40b53b1289bb3ece637dd105d4997ee68 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 25 Oct 2023 18:46:15 +0200 Subject: [PATCH 18/48] Add new states "enabled" and "disabled". --- .../server/molecule/2.0.0/group_vars/all.yml | 16 +++++++++++ .../server/molecule/2.1.0/group_vars/all.yml | 16 +++++++++++ .../server/molecule/2.2.0/group_vars/all.yml | 16 +++++++++++ roles/server/tasks/sites.yml | 28 +++++++++++++++++++ 4 files changed, 76 insertions(+) diff --git a/roles/server/molecule/2.0.0/group_vars/all.yml b/roles/server/molecule/2.0.0/group_vars/all.yml index 502df9493..6504fafdf 100644 --- a/roles/server/molecule/2.0.0/group_vars/all.yml +++ b/roles/server/molecule/2.0.0/group_vars/all.yml @@ -35,6 +35,22 @@ checkmk_server_sites: state: stopped admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + - name: "enabled" + version: "{{ checkmk_version }}" + state: enabled + admin_pw: "{{ automation_secret }}" + update_conflict_resolution: install + omd_config: + - var: AUTOSTART + value: "on" + - name: "disabled" + version: "{{ checkmk_version }}" + state: disabled + admin_pw: "{{ automation_secret }}" + update_conflict_resolution: install + omd_config: + - var: AUTOSTART + value: "off" - name: "present" version: "{{ checkmk_version }}" state: present diff --git a/roles/server/molecule/2.1.0/group_vars/all.yml b/roles/server/molecule/2.1.0/group_vars/all.yml index e34546118..2398b5999 100644 --- a/roles/server/molecule/2.1.0/group_vars/all.yml +++ b/roles/server/molecule/2.1.0/group_vars/all.yml @@ -35,6 +35,22 @@ checkmk_server_sites: state: stopped admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + - name: "enabled" + version: "{{ checkmk_version }}" + state: enabled + admin_pw: "{{ automation_secret }}" + update_conflict_resolution: install + omd_config: + - var: AUTOSTART + value: "on" + - name: "disabled" + version: "{{ checkmk_version }}" + state: disabled + admin_pw: "{{ automation_secret }}" + update_conflict_resolution: install + omd_config: + - var: AUTOSTART + value: "off" - name: "present" version: "{{ checkmk_version }}" state: present diff --git a/roles/server/molecule/2.2.0/group_vars/all.yml b/roles/server/molecule/2.2.0/group_vars/all.yml index c8c693714..c080d990b 100644 --- a/roles/server/molecule/2.2.0/group_vars/all.yml +++ b/roles/server/molecule/2.2.0/group_vars/all.yml @@ -35,6 +35,22 @@ checkmk_server_sites: state: stopped admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + - name: "enabled" + version: "{{ checkmk_version }}" + state: enabled + admin_pw: "{{ automation_secret }}" + update_conflict_resolution: install + omd_config: + - var: AUTOSTART + value: "on" + - name: "disabled" + version: "{{ checkmk_version }}" + state: disabled + admin_pw: "{{ automation_secret }}" + update_conflict_resolution: install + omd_config: + - var: AUTOSTART + value: "off" - name: "present" version: "{{ checkmk_version }}" state: present diff --git a/roles/server/tasks/sites.yml b/roles/server/tasks/sites.yml index 372e73c0c..fa8193659 100644 --- a/roles/server/tasks/sites.yml +++ b/roles/server/tasks/sites.yml @@ -45,6 +45,20 @@ tags: - update-sites +- name: "Enable Sites." # noqa no-changed-when + become: true + ansible.builtin.shell: | + set -o pipefail + omd config {{ item.name }} AUTOSTART on + args: + executable: /bin/bash + no_log: true + loop: "{{ checkmk_server_sites }}" + when: (item.state == "enabled") or (item.state == "started") + register: checkmk_server_sites_stopped + tags: + - stop-sites + - name: "Start Sites." become: true ansible.builtin.shell: | @@ -75,6 +89,20 @@ tags: - stop-sites +- name: "Disable Sites." # noqa no-changed-when + become: true + ansible.builtin.shell: | + set -o pipefail + omd config {{ item.name }} AUTOSTART off + args: + executable: /bin/bash + no_log: true + loop: "{{ checkmk_server_sites }}" + when: (item.state == "disabled") or (item.state == "present") + register: checkmk_server_sites_stopped + tags: + - stop-sites + - name: "Destroy Sites." become: true ansible.builtin.shell: | From 29000dc0f10e6abed354a2fdfda67c4b60bc2005 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 25 Oct 2023 18:46:22 +0200 Subject: [PATCH 19/48] Update README. --- roles/server/README.md | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/roles/server/README.md b/roles/server/README.md index 5eff61212..20ab715a3 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -69,27 +69,37 @@ Automatically open the necessary ports on the Checkmk server for the web interface to be accessible. checkmk_server_sites: - - name: test + - name: mysite version: "{{ checkmk_server_version }}" + update_conflict_resolution: abort state: started - admin_pw: test + admin_pw: mypw + omd_config: + - var: AUTOSTART + value: on A dictionary of sites, their version, admin password and state. +Valid values for `state` are: +- `started` +- `stopped` +- `enabled` +- `disabled` +- `present` +- `absent` + If a higher version is specified for an existing site, a config update resolution method must first be given to update it. -Valid choices include `install`, `keepold` and `abort`. +Valid choices include `install`, `keepold` and `abort`. +Site configuration can be passed with the `omd_config` keyword. +The format can be seen above, for a list of variables run `omd show` +on an existing site. - checkmk_server_sites: - - name: test - version: "{{ checkmk_server_version }}" - update_conflict_resolution: abort - state: started - admin_pw: test + checkmk_server_backup_on_update: 'true' + +Whether to back up sites when updating between versions. Only disable this if you plan on taking manual backups -Directory to backup sites to when updating between versions. checkmk_server_backup_dir: /tmp -Whether to back up sites when updating between versions. Only disable this if you plan on taking manual backups - checkmk_server_backup_on_update: 'true' +Directory to backup sites to when updating between versions. ## Tags Tasks are tagged with the following tags: From 1611e352b44a6ba946307e85ae05a24d3c622367 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 25 Oct 2023 18:50:01 +0200 Subject: [PATCH 20/48] Add changelog. --- changelogs/fragments/server-omd-config.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelogs/fragments/server-omd-config.yml diff --git a/changelogs/fragments/server-omd-config.yml b/changelogs/fragments/server-omd-config.yml new file mode 100644 index 000000000..5feb5e691 --- /dev/null +++ b/changelogs/fragments/server-omd-config.yml @@ -0,0 +1,3 @@ +minor_changes: + - Server role - Enable configuration of omd config values. Refer to the README for details. + - Server role - Add new states "enabled" and "disabled" for site management. From 2458aabe6ecb620c0c111b39225c56166396ff35 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 09:50:33 +0200 Subject: [PATCH 21/48] Add script for local testing. --- scripts/testing.sh | 65 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100755 scripts/testing.sh diff --git a/scripts/testing.sh b/scripts/testing.sh new file mode 100755 index 000000000..d4572c0ce --- /dev/null +++ b/scripts/testing.sh @@ -0,0 +1,65 @@ +#!/usr/bin/env bash +# +# Written by: Robin Gierse - robin.gieres@checkmk.com - on 20231027 +# +# Purpose: +# Run tests locally. +# +# Usage: +# ./testing.sh -s +# ./testing.sh -i -t host +# + +script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +collection_dir="${script_dir%/*}" + +mode="sanity" + +while getopts 'silt:' OPTION; do + case "$OPTION" in + s) + mode="sanity" ;; + i) + mode="integration" ;; + l) + mode="lint" ;; + t) + target="$OPTARG" ;; + ?) + echo "Unknown option!" + exit 1 + ;; + esac +done + +_run_sanity() { + echo "## Running Ansible Sanity Tests." + ansible-test sanity --docker + echo "## Ansible Sanity Tests done." +} + +_run_integration() { + echo "## Running Ansible Integration Tests for ${target} Module." + ansible-test integration "${target}" --docker + echo "## Ansible Integration Tests done." +} + +_run_linting() { + echo "## Running yamllint." + yamllint -c "${collection_dir}/.yamllint" "${collection_dir}/roles/" + yamllint -c "${collection_dir}/.yamllint" "${collection_dir}/playbooks/" + echo "## yamllint done." + echo "## Running ansible-lint." + ansible-lint -c "${collection_dir}/.ansible-lint" "${collection_dir}/roles/" + ansible-lint -c "${collection_dir}/.ansible-lint" "${collection_dir}/playbooks/" + echo "## ansible-lint done." +} + +case "$mode" in + sanity) + _run_sanity ;; + integration) + _run_integration ;; + lint) + _run_linting ;; +esac From d57a72b62215bc6ebd558403f6dfec7bdc272883 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 09:50:54 +0200 Subject: [PATCH 22/48] Bugfix linting action. --- .github/workflows/ansible-lint.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ansible-lint.yaml b/.github/workflows/ansible-lint.yaml index 385db5d67..df90cc215 100644 --- a/.github/workflows/ansible-lint.yaml +++ b/.github/workflows/ansible-lint.yaml @@ -15,12 +15,14 @@ on: - devel paths: - 'roles/**' + - 'playbooks/**' pull_request: branches: - main - devel paths: - 'roles/**' + - 'playbooks/**' jobs: @@ -58,11 +60,11 @@ jobs: # Run the linting - name: Run yamllint on roles - run: yamllint -c .yamllint roles/ + run: yamllint -c ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/.yamllint ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/roles/ working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - name: Run yamllint on playbooks - run: yamllint -c .yamllint playbooks/ + run: yamllint -c ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/.yamllint ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/playbooks/ working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - name: Run ansible-lint on roles From bb68fd2b30ad7f9cb45e8b0da52df2f5fff3a004 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 09:51:12 +0200 Subject: [PATCH 23/48] Update ansible-lint configuration. --- .ansible-lint | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.ansible-lint b/.ansible-lint index 776d394bf..25b780842 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -31,6 +31,7 @@ exclude_paths: # requirements, like avoiding python identifiers. To disable add `var-naming` # to skip_list. # var_naming_pattern: "^[a-z_][a-z0-9_]*$" +var_naming_pattern: "^checkmk_(server|agent)_.*$" use_default_rules: true # Load custom rules from this specific folder @@ -41,6 +42,7 @@ use_default_rules: true skip_list: - experimental - name[template] # https://ansible-lint.readthedocs.io/rules/name/ + - var-naming[no-role-prefix] # We do believe, that our naming which exceeds this rules requirements is sound # # Any rule that has the 'opt-in' tag will not be loaded unless its 'id' is # # mentioned in the enable_list: From efe5e7e5de125758d34a60ad6add4b72c8e6fe45 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 10:33:37 +0200 Subject: [PATCH 24/48] Update testing.sh. --- scripts/testing.sh | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/scripts/testing.sh b/scripts/testing.sh index d4572c0ce..de2a14d25 100755 --- a/scripts/testing.sh +++ b/scripts/testing.sh @@ -6,9 +6,9 @@ # Run tests locally. # # Usage: -# ./testing.sh -s -# ./testing.sh -i -t host -# +# Run Sanity Tests: ./testing.sh -s +# Run Integration Tests: ./testing.sh -i -t host +# Run Linting: ./testing.sh -s script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) collection_dir="${script_dir%/*}" @@ -39,8 +39,13 @@ _run_sanity() { } _run_integration() { - echo "## Running Ansible Integration Tests for ${target} Module." + if [ -n "${target}" ]; then + echo "## Running Ansible Integration Tests for <${target}> Module." ansible-test integration "${target}" --docker + else + echo "## Running Ansible Integration Tests for all Modules." + ansible-test integration --docker + fi echo "## Ansible Integration Tests done." } @@ -62,4 +67,8 @@ case "$mode" in _run_integration ;; lint) _run_linting ;; + ?) + echo "Unknown mode!" + exit 1 + ;; esac From a83a2d4c74f32baf17f61393e0b00ed7dfb5cead Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 10:41:31 +0200 Subject: [PATCH 25/48] Bugfix linting action. (cherry picked from commit e44df75d40bf27227e20a3ec5f6c1c80e5dabb5a) --- .github/workflows/ansible-lint.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ansible-lint.yaml b/.github/workflows/ansible-lint.yaml index df90cc215..29d060fb3 100644 --- a/.github/workflows/ansible-lint.yaml +++ b/.github/workflows/ansible-lint.yaml @@ -60,12 +60,12 @@ jobs: # Run the linting - name: Run yamllint on roles - run: yamllint -c ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/.yamllint ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/roles/ - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + run: yamllint -c ./${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/.yamllint ./${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/roles/ + working-directory: ./ansible_collections/ - name: Run yamllint on playbooks - run: yamllint -c ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/.yamllint ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/playbooks/ - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + run: yamllint -c ./${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/.yamllint ./${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/playbooks/ + working-directory: ./ansible_collections/ - name: Run ansible-lint on roles run: ansible-lint -c ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/.ansible-lint ${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/roles/ From eda92f9228fc5235d5fce985ef5a0510f75f5274 Mon Sep 17 00:00:00 2001 From: Thibault Soubiran Date: Tue, 24 Oct 2023 21:13:35 +0200 Subject: [PATCH 26/48] feat: add no log capability for agent and server roles Resolves: #452 --- changelogs/fragments/no_log.yml | 3 +++ roles/agent/README.md | 3 +++ roles/agent/defaults/main.yml | 2 +- roles/agent/tasks/Linux.yml | 3 +++ roles/agent/tasks/Win32NT.yml | 3 +++ roles/server/README.md | 22 +++++++++++----------- roles/server/defaults/main.yml | 1 + roles/server/tasks/sites.yml | 16 ++++++++-------- 8 files changed, 33 insertions(+), 20 deletions(-) create mode 100644 changelogs/fragments/no_log.yml diff --git a/changelogs/fragments/no_log.yml b/changelogs/fragments/no_log.yml new file mode 100644 index 000000000..52bd0f620 --- /dev/null +++ b/changelogs/fragments/no_log.yml @@ -0,0 +1,3 @@ +minor_changes: + - Agent role - Avoid logging passwords by default for extra security + - Server role - Avoid logging passwords by default for extra security diff --git a/roles/agent/README.md b/roles/agent/README.md index c859be317..310295b75 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -153,6 +153,9 @@ Define an IP address which will be added to the host in Checkmk. This is optiona Define attributes with which the host will be added to Checkmk. + checkmk_agent_no_log: 'true' + +Whether to log sensitive information like passwords, Ansible output will be censored for enhanced security by default. Set to `false` for easier troubleshooting. Be careful when changing this value in production, passwords may be leaked in operating system logs. ## Tags Tasks are tagged with the following tags: diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index db68fc926..153715ba0 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -31,7 +31,7 @@ checkmk_agent_folder: "{{ checkmk_folder_path | default('/') }}" checkmk_agent_force_foreign_changes: 'false' checkmk_agent_host_attributes: ipaddress: "{{ checkmk_agent_host_ip | default(omit) }}" - +checkmk_agent_no_log: 'true' # If you trust your local hostnames, you could also use the following # to use the local hostname instead of the inventory hostname: diff --git a/roles/agent/tasks/Linux.yml b/roles/agent/tasks/Linux.yml index 5ceff1a26..6db95a48d 100644 --- a/roles/agent/tasks/Linux.yml +++ b/roles/agent/tasks/Linux.yml @@ -80,6 +80,7 @@ cmk-update-agent register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} -p {{ checkmk_agent_protocol }} \ -U {{ checkmk_agent_user }} -P {{ checkmk_agent_auth }} + no_log: "{{ checkmk_agent_no_log | bool }}" register: checkmk_agent_update_state when: | checkmk_agent_edition | lower != "cre" @@ -94,6 +95,7 @@ cmk-update-agent register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} -p {{ checkmk_agent_protocol }} \ -U {{ checkmk_agent_user }} -S {{ checkmk_agent_auth }} + no_log: "{{ checkmk_agent_no_log | bool }}" register: checkmk_agent_update_state when: | checkmk_agent_edition | lower != "cre" @@ -107,6 +109,7 @@ cmk-agent-ctl register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} \ -U {{ checkmk_agent_user }} -P {{ checkmk_agent_auth }} --trust-cert + no_log: "{{ checkmk_agent_no_log | bool }}" register: checkmk_agent_tls_state when: | checkmk_agent_controller_binary.stat.exists | bool diff --git a/roles/agent/tasks/Win32NT.yml b/roles/agent/tasks/Win32NT.yml index 484a3fa26..4d28662c1 100644 --- a/roles/agent/tasks/Win32NT.yml +++ b/roles/agent/tasks/Win32NT.yml @@ -49,6 +49,7 @@ check_mk_agent.exe updater register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} -p {{ checkmk_agent_protocol }} \ -U {{ checkmk_agent_user }} -P {{ checkmk_agent_auth }} + no_log: "{{ checkmk_agent_no_log | bool }}" register: checkmk_agent_update_state args: chdir: "C:\\Program Files (x86)\\checkmk\\service\\" @@ -64,6 +65,7 @@ check_mk_agent.exe updater register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} -p {{ checkmk_agent_protocol }} \ -U {{ checkmk_agent_user }} -S {{ checkmk_agent_auth }} + no_log: "{{ checkmk_agent_no_log | bool }}" register: checkmk_agent_update_state args: chdir: "C:\\Program Files (x86)\\checkmk\\service\\" @@ -82,6 +84,7 @@ cmk-agent-ctl.exe register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} \ -U {{ checkmk_agent_user }} -P {{ checkmk_agent_auth }} --trust-cert + no_log: "{{ checkmk_agent_no_log | bool }}" register: checkmk_agent_tls_state args: chdir: "C:\\Program Files (x86)\\checkmk\\service\\" diff --git a/roles/server/README.md b/roles/server/README.md index 5eff61212..e280449bf 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -61,16 +61,17 @@ Uninstall unused Checkmk versions on the server. checkmk_server_configure_firewall: 'true' -Whether to allow downgrading a sites version. Note this is not a recommended procedure, and will not be supported for enterprise customers. +Automatically open the necessary ports on the Checkmk server for the +web interface to be accessible. checkmk_server_allow_downgrades: 'false' -Automatically open the necessary ports on the Checkmk server for the -web interface to be accessible. +Whether to allow downgrading a sites version. Note this is not a recommended procedure, and will not be supported for enterprise customers. checkmk_server_sites: - name: test version: "{{ checkmk_server_version }}" + update_conflict_resolution: abort state: started admin_pw: test @@ -78,19 +79,18 @@ A dictionary of sites, their version, admin password and state. If a higher version is specified for an existing site, a config update resolution method must first be given to update it. Valid choices include `install`, `keepold` and `abort`. - checkmk_server_sites: - - name: test - version: "{{ checkmk_server_version }}" - update_conflict_resolution: abort - state: started - admin_pw: test + checkmk_server_backup_dir: /tmp Directory to backup sites to when updating between versions. - checkmk_server_backup_dir: /tmp -Whether to back up sites when updating between versions. Only disable this if you plan on taking manual backups checkmk_server_backup_on_update: 'true' +Whether to back up sites when updating between versions. Only disable this if you plan on taking manual backups + + checkmk_agent_no_log: 'true' + +Whether to log sensitive information like passwords, Ansible output will be censored for enhanced security by default. Set to `false` for easier troubleshooting. Be careful when changing this value in production, passwords may be leaked in operating system logs. + ## Tags Tasks are tagged with the following tags: | Tag | Purpose | diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 798efd75a..2cb5defcb 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -48,3 +48,4 @@ checkmk_server_allow_downgrades: 'false' checkmk_server_epel_gpg_check: 'true' checkmk_server_cleanup: 'false' +checkmk_server_no_log: 'true' diff --git a/roles/server/tasks/sites.yml b/roles/server/tasks/sites.yml index 46d6c5eee..68aaf483b 100644 --- a/roles/server/tasks/sites.yml +++ b/roles/server/tasks/sites.yml @@ -7,7 +7,7 @@ args: executable: /bin/bash creates: "/omd/sites/{{ item.name }}" - no_log: true + no_log: "{{ checkmk_server_no_log | bool }}" loop: "{{ checkmk_server_sites }}" when: item.state != "absent" register: checkmk_server_sites_created @@ -21,7 +21,7 @@ omd version {{ item.name }} | egrep -o '[^ ]+$' args: executable: /bin/bash - no_log: true + no_log: "{{ checkmk_server_no_log | bool }}" loop: "{{ checkmk_server_sites }}" changed_when: "checkmk_server_sites_versions.stdout != item.version + '.' + checkmk_server_edition | lower" when: item.state != "absent" @@ -44,7 +44,7 @@ args: executable: /bin/bash creates: "/opt/omd/sites/{{ item.name }}/tmp/run/live" - no_log: true + no_log: "{{ checkmk_server_no_log | bool }}" loop: "{{ checkmk_server_sites }}" when: item.state == "started" register: checkmk_server_sites_started @@ -59,7 +59,7 @@ args: executable: /bin/bash removes: "/opt/omd/sites/{{ item.name }}/tmp/run/live" - no_log: true + no_log: "{{ checkmk_server_no_log | bool }}" loop: "{{ checkmk_server_sites }}" when: (item.state == "absent") or (item.state == "stopped") register: checkmk_server_sites_stopped @@ -74,7 +74,7 @@ args: executable: /bin/bash removes: "/omd/sites/{{ item.name }}" - no_log: true + no_log: "{{ checkmk_server_no_log | bool }}" loop: "{{ checkmk_server_sites }}" when: item.state == "absent" register: checkmk_server_sites_removed @@ -88,7 +88,7 @@ echo '{{ item.admin_pw }}' | htpasswd -i /omd/sites/{{ item.name }}/etc/htpasswd cmkadmin args: executable: /bin/bash - no_log: true + no_log: "{{ checkmk_server_no_log | bool }}" loop: "{{ checkmk_server_sites }}" when: item.admin_pw is defined and (item.state != "absent") and (item.version | regex_replace('p.*', '') is version('2.1', '<')) tags: @@ -103,7 +103,7 @@ echo '{{ item.admin_pw }}' | htpasswd -i -B -C 12 /omd/sites/{{ item.name }}/etc/htpasswd cmkadmin args: executable: /bin/bash - no_log: true + no_log: "{{ checkmk_server_no_log | bool }}" loop: "{{ checkmk_server_sites }}" when: item.admin_pw is defined and (item.state != "absent") and (item.version | regex_replace('p.*', '') is version('2.1', '>=')) tags: @@ -117,4 +117,4 @@ when: checkmk_server_sites_created.changed | bool and not item.item.admin_pw is defined changed_when: true notify: Warn site admin password - no_log: true + no_log: "{{ checkmk_server_no_log | bool }}" From bf297a9528fc7ebb7f585b89bdd267135e257955 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 14:07:34 +0200 Subject: [PATCH 27/48] Enable proper handling of site restart. --- roles/server/README.md | 8 ++++++-- roles/server/defaults/main.yml | 1 + roles/server/tasks/configure-site.yml | 24 ++++++++++++++++++++++++ roles/server/tasks/sites.yml | 21 ++++++++++++--------- 4 files changed, 43 insertions(+), 11 deletions(-) diff --git a/roles/server/README.md b/roles/server/README.md index 20ab715a3..b5bc01f8c 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -74,11 +74,13 @@ web interface to be accessible. update_conflict_resolution: abort state: started admin_pw: mypw + omd_auto_restart: 'false' omd_config: - var: AUTOSTART value: on -A dictionary of sites, their version, admin password and state. +A dictionary of sites, containing the desired version, admin password and state. +There are also advanced settings, which will be outlined below. Valid values for `state` are: - `started` - `stopped` @@ -89,9 +91,11 @@ Valid values for `state` are: If a higher version is specified for an existing site, a config update resolution method must first be given to update it. Valid choices include `install`, `keepold` and `abort`. + Site configuration can be passed with the `omd_config` keyword. The format can be seen above, for a list of variables run `omd show` -on an existing site. +on an existing site. +**Pay special attention to the `omd_auto_restart` variable!** As site configuration needs the site to be stopped, this needs to be handled. By default the variable is set to `false` to avoid unexpected restarting. However, no configuration will be performed if the site is started. checkmk_server_backup_on_update: 'true' diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 0d5142641..8e0d71a25 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -37,6 +37,7 @@ checkmk_server_sites: [] # state: started # admin_pw: "{{ automation_secret | default(omit) }}" # update_conflict_resolution: abort + # omd_auto_restart: 'false' # omd_config: # - var: LIVESTATUS_TCP # value: "on" diff --git a/roles/server/tasks/configure-site.yml b/roles/server/tasks/configure-site.yml index e969300bb..200bad706 100644 --- a/roles/server/tasks/configure-site.yml +++ b/roles/server/tasks/configure-site.yml @@ -1,4 +1,16 @@ --- +- name: "Stop Site." + become: true + ansible.builtin.shell: | + set -o pipefail + omd stop {{ outer_item.name }} + args: + executable: /bin/bash + removes: "/opt/omd/sites/{{ outer_item.name }}/tmp/run/live" + when: outer_item.state != "absent" + tags: + - configure-sites + - name: "Configure Site '{{ outer_item.name }}'." # noqa no-changed-when become: true ansible.builtin.shell: | @@ -10,3 +22,15 @@ when: outer_item.state != "absent" and outer_item.omd_config | length tags: - configure-sites + +- name: "Start Site." + become: true + ansible.builtin.shell: | + set -o pipefail + omd start {{ outer_item.name }} + args: + executable: /bin/bash + creates: "/opt/omd/sites/{{ outer_item.name }}/tmp/run/live" + when: outer_item.state == "started" + tags: + - configure-sites diff --git a/roles/server/tasks/sites.yml b/roles/server/tasks/sites.yml index fa8193659..5905342d5 100644 --- a/roles/server/tasks/sites.yml +++ b/roles/server/tasks/sites.yml @@ -14,15 +14,6 @@ tags: - create-sites -- name: "Include site configuration tasks." - ansible.builtin.include_tasks: configure-site.yml - loop: "{{ checkmk_server_sites }}" - loop_control: - loop_var: outer_item - when: outer_item.omd_config is defined - tags: - - configure-sites - - name: "Get site version." become: true ansible.builtin.shell: | @@ -118,6 +109,18 @@ tags: - destroy-sites +- name: "Include site configuration tasks." + ansible.builtin.include_tasks: configure-site.yml + loop: "{{ checkmk_server_sites }}" + loop_control: + loop_var: outer_item + when: | + outer_item.omd_config is defined and + ((outer_item.omd_auto_restart is defined and outer_item.omd_auto_restart | bool) or + (outer_item.state == "stopped" or outer_item.state == "disabled")) + tags: + - configure-sites + - name: "Update Site Admin Password for Checkmk < 2.1." # noqa no-changed-when become: true ansible.builtin.shell: | From 95aed890a412b642089474b0da0e1c3a88d6200e Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 14:08:15 +0200 Subject: [PATCH 28/48] Improve test coverage. --- .../server/molecule/2.0.0/group_vars/all.yml | 5 ++- roles/server/molecule/2.0.0/verify.yml | 45 +++++++++++++++---- .../server/molecule/2.1.0/group_vars/all.yml | 5 ++- roles/server/molecule/2.1.0/verify.yml | 45 +++++++++++++++---- .../server/molecule/2.2.0/group_vars/all.yml | 5 ++- roles/server/molecule/2.2.0/verify.yml | 45 +++++++++++++++---- 6 files changed, 120 insertions(+), 30 deletions(-) diff --git a/roles/server/molecule/2.0.0/group_vars/all.yml b/roles/server/molecule/2.0.0/group_vars/all.yml index 6504fafdf..bf30f3b3d 100644 --- a/roles/server/molecule/2.0.0/group_vars/all.yml +++ b/roles/server/molecule/2.0.0/group_vars/all.yml @@ -2,7 +2,6 @@ # General checkmk_version: "2.0.0p39" checkmk_edition: "cre" -checkmk_site: "my_site" server_url: "http://127.0.0.1/" automation_user: "cmkadmin" automation_secret: "d7589df1" @@ -25,6 +24,7 @@ checkmk_server_sites: state: started admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'true' omd_config: - var: LIVESTATUS_TCP value: "on" @@ -40,6 +40,7 @@ checkmk_server_sites: state: enabled admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'true' omd_config: - var: AUTOSTART value: "on" @@ -48,6 +49,7 @@ checkmk_server_sites: state: disabled admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'false' omd_config: - var: AUTOSTART value: "off" @@ -56,6 +58,7 @@ checkmk_server_sites: state: present admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'false' omd_config: - var: LIVESTATUS_TCP value: "on" diff --git a/roles/server/molecule/2.0.0/verify.yml b/roles/server/molecule/2.0.0/verify.yml index 6ced2f10a..dc3b94e1f 100644 --- a/roles/server/molecule/2.0.0/verify.yml +++ b/roles/server/molecule/2.0.0/verify.yml @@ -4,28 +4,55 @@ gather_facts: false tasks: + - name: "Test that absent site is absent." + ansible.builtin.stat: + path: /omd/sites/absent + register: checkmk_server_site_absent_state - - name: "Test Server is running." # noqa no-changed-when - ansible.builtin.command: omd status {{ checkmk_site }} - register: checkmk_server_omd_state + - name: "Verify absent site is absent." + ansible.builtin.assert: + that: not checkmk_server_site_absent_state.stat.exists | bool + + - name: "Test that present site is present." + ansible.builtin.stat: + path: /omd/sites/present + register: checkmk_server_site_present_state + + - name: "Verify present site is present." + ansible.builtin.assert: + that: checkmk_server_site_present_state.stat.exists | bool + + - name: "Test stopped site is stopped." # noqa no-changed-when + ansible.builtin.command: omd status stopped + changed_when: false + failed_when: (not checkmk_server_site_stopped_state.rc == 0) and (not checkmk_server_site_stopped_state.rc == 1) + register: checkmk_server_site_stopped_state + + - name: "Verify stopped site is stopped." + ansible.builtin.assert: + that: checkmk_server_site_stopped_state.rc == 1 + + - name: "Test started site is running." # noqa no-changed-when + ansible.builtin.command: omd status started + register: checkmk_server_site_started_state - - name: "Verify Server is running." + - name: "Verify started site is running." ansible.builtin.assert: - that: checkmk_server_omd_state.rc == 0 + that: checkmk_server_site_started_state.rc == 0 - - name: "Test site URL returns 200." + - name: "Test started site URL returns 200." ansible.builtin.uri: - url: "{{ server_url }}/{{ checkmk_site }}/" + url: "{{ server_url }}/started/" register: checkmk_server_url_state - - name: "Verify site URL returns 200." + - name: "Verify started site URL returns 200." ansible.builtin.assert: that: checkmk_server_url_state.status == 200 - name: "Test if we can talk to the REST API by activating changes." checkmk.general.activation: server_url: "{{ server_url }}" - site: "{{ checkmk_site }}" + site: "started" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" force_foreign_changes: true diff --git a/roles/server/molecule/2.1.0/group_vars/all.yml b/roles/server/molecule/2.1.0/group_vars/all.yml index 2398b5999..b51e4ba4f 100644 --- a/roles/server/molecule/2.1.0/group_vars/all.yml +++ b/roles/server/molecule/2.1.0/group_vars/all.yml @@ -2,7 +2,6 @@ # General checkmk_version: "2.1.0p35" checkmk_edition: "cre" -checkmk_site: "my_site" server_url: "http://127.0.0.1/" automation_user: "cmkadmin" automation_secret: "d7589df1" @@ -25,6 +24,7 @@ checkmk_server_sites: state: started admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'true' omd_config: - var: LIVESTATUS_TCP value: "on" @@ -40,6 +40,7 @@ checkmk_server_sites: state: enabled admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'true' omd_config: - var: AUTOSTART value: "on" @@ -48,6 +49,7 @@ checkmk_server_sites: state: disabled admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'false' omd_config: - var: AUTOSTART value: "off" @@ -56,6 +58,7 @@ checkmk_server_sites: state: present admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'false' omd_config: - var: LIVESTATUS_TCP value: "on" diff --git a/roles/server/molecule/2.1.0/verify.yml b/roles/server/molecule/2.1.0/verify.yml index 6ced2f10a..dc3b94e1f 100644 --- a/roles/server/molecule/2.1.0/verify.yml +++ b/roles/server/molecule/2.1.0/verify.yml @@ -4,28 +4,55 @@ gather_facts: false tasks: + - name: "Test that absent site is absent." + ansible.builtin.stat: + path: /omd/sites/absent + register: checkmk_server_site_absent_state - - name: "Test Server is running." # noqa no-changed-when - ansible.builtin.command: omd status {{ checkmk_site }} - register: checkmk_server_omd_state + - name: "Verify absent site is absent." + ansible.builtin.assert: + that: not checkmk_server_site_absent_state.stat.exists | bool + + - name: "Test that present site is present." + ansible.builtin.stat: + path: /omd/sites/present + register: checkmk_server_site_present_state + + - name: "Verify present site is present." + ansible.builtin.assert: + that: checkmk_server_site_present_state.stat.exists | bool + + - name: "Test stopped site is stopped." # noqa no-changed-when + ansible.builtin.command: omd status stopped + changed_when: false + failed_when: (not checkmk_server_site_stopped_state.rc == 0) and (not checkmk_server_site_stopped_state.rc == 1) + register: checkmk_server_site_stopped_state + + - name: "Verify stopped site is stopped." + ansible.builtin.assert: + that: checkmk_server_site_stopped_state.rc == 1 + + - name: "Test started site is running." # noqa no-changed-when + ansible.builtin.command: omd status started + register: checkmk_server_site_started_state - - name: "Verify Server is running." + - name: "Verify started site is running." ansible.builtin.assert: - that: checkmk_server_omd_state.rc == 0 + that: checkmk_server_site_started_state.rc == 0 - - name: "Test site URL returns 200." + - name: "Test started site URL returns 200." ansible.builtin.uri: - url: "{{ server_url }}/{{ checkmk_site }}/" + url: "{{ server_url }}/started/" register: checkmk_server_url_state - - name: "Verify site URL returns 200." + - name: "Verify started site URL returns 200." ansible.builtin.assert: that: checkmk_server_url_state.status == 200 - name: "Test if we can talk to the REST API by activating changes." checkmk.general.activation: server_url: "{{ server_url }}" - site: "{{ checkmk_site }}" + site: "started" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" force_foreign_changes: true diff --git a/roles/server/molecule/2.2.0/group_vars/all.yml b/roles/server/molecule/2.2.0/group_vars/all.yml index c080d990b..faf825a9d 100644 --- a/roles/server/molecule/2.2.0/group_vars/all.yml +++ b/roles/server/molecule/2.2.0/group_vars/all.yml @@ -2,7 +2,6 @@ # General checkmk_version: "2.2.0p12" checkmk_edition: "cre" -checkmk_site: "my_site" server_url: "http://127.0.0.1/" automation_user: "cmkadmin" automation_secret: "d7589df1" @@ -25,6 +24,7 @@ checkmk_server_sites: state: started admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'true' omd_config: - var: LIVESTATUS_TCP value: "on" @@ -40,6 +40,7 @@ checkmk_server_sites: state: enabled admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'true' omd_config: - var: AUTOSTART value: "on" @@ -48,6 +49,7 @@ checkmk_server_sites: state: disabled admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'false' omd_config: - var: AUTOSTART value: "off" @@ -56,6 +58,7 @@ checkmk_server_sites: state: present admin_pw: "{{ automation_secret }}" update_conflict_resolution: install + omd_auto_restart: 'false' omd_config: - var: LIVESTATUS_TCP value: "on" diff --git a/roles/server/molecule/2.2.0/verify.yml b/roles/server/molecule/2.2.0/verify.yml index 6ced2f10a..dc3b94e1f 100644 --- a/roles/server/molecule/2.2.0/verify.yml +++ b/roles/server/molecule/2.2.0/verify.yml @@ -4,28 +4,55 @@ gather_facts: false tasks: + - name: "Test that absent site is absent." + ansible.builtin.stat: + path: /omd/sites/absent + register: checkmk_server_site_absent_state - - name: "Test Server is running." # noqa no-changed-when - ansible.builtin.command: omd status {{ checkmk_site }} - register: checkmk_server_omd_state + - name: "Verify absent site is absent." + ansible.builtin.assert: + that: not checkmk_server_site_absent_state.stat.exists | bool + + - name: "Test that present site is present." + ansible.builtin.stat: + path: /omd/sites/present + register: checkmk_server_site_present_state + + - name: "Verify present site is present." + ansible.builtin.assert: + that: checkmk_server_site_present_state.stat.exists | bool + + - name: "Test stopped site is stopped." # noqa no-changed-when + ansible.builtin.command: omd status stopped + changed_when: false + failed_when: (not checkmk_server_site_stopped_state.rc == 0) and (not checkmk_server_site_stopped_state.rc == 1) + register: checkmk_server_site_stopped_state + + - name: "Verify stopped site is stopped." + ansible.builtin.assert: + that: checkmk_server_site_stopped_state.rc == 1 + + - name: "Test started site is running." # noqa no-changed-when + ansible.builtin.command: omd status started + register: checkmk_server_site_started_state - - name: "Verify Server is running." + - name: "Verify started site is running." ansible.builtin.assert: - that: checkmk_server_omd_state.rc == 0 + that: checkmk_server_site_started_state.rc == 0 - - name: "Test site URL returns 200." + - name: "Test started site URL returns 200." ansible.builtin.uri: - url: "{{ server_url }}/{{ checkmk_site }}/" + url: "{{ server_url }}/started/" register: checkmk_server_url_state - - name: "Verify site URL returns 200." + - name: "Verify started site URL returns 200." ansible.builtin.assert: that: checkmk_server_url_state.status == 200 - name: "Test if we can talk to the REST API by activating changes." checkmk.general.activation: server_url: "{{ server_url }}" - site: "{{ checkmk_site }}" + site: "started" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" force_foreign_changes: true From f07b0d85ac607d64a9ed5a715482f22b22205280 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 14:25:00 +0200 Subject: [PATCH 29/48] Bugfix verification. --- roles/server/molecule/2.0.0/verify.yml | 2 ++ roles/server/molecule/2.1.0/verify.yml | 2 ++ roles/server/molecule/2.2.0/verify.yml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/roles/server/molecule/2.0.0/verify.yml b/roles/server/molecule/2.0.0/verify.yml index dc3b94e1f..f475fd806 100644 --- a/roles/server/molecule/2.0.0/verify.yml +++ b/roles/server/molecule/2.0.0/verify.yml @@ -35,6 +35,8 @@ - name: "Test started site is running." # noqa no-changed-when ansible.builtin.command: omd status started register: checkmk_server_site_started_state + changed_when: false + failed_when: (not checkmk_server_site_started_state.rc == 0) and (not checkmk_server_site_started_state.rc == 1) - name: "Verify started site is running." ansible.builtin.assert: diff --git a/roles/server/molecule/2.1.0/verify.yml b/roles/server/molecule/2.1.0/verify.yml index dc3b94e1f..f475fd806 100644 --- a/roles/server/molecule/2.1.0/verify.yml +++ b/roles/server/molecule/2.1.0/verify.yml @@ -35,6 +35,8 @@ - name: "Test started site is running." # noqa no-changed-when ansible.builtin.command: omd status started register: checkmk_server_site_started_state + changed_when: false + failed_when: (not checkmk_server_site_started_state.rc == 0) and (not checkmk_server_site_started_state.rc == 1) - name: "Verify started site is running." ansible.builtin.assert: diff --git a/roles/server/molecule/2.2.0/verify.yml b/roles/server/molecule/2.2.0/verify.yml index dc3b94e1f..f475fd806 100644 --- a/roles/server/molecule/2.2.0/verify.yml +++ b/roles/server/molecule/2.2.0/verify.yml @@ -35,6 +35,8 @@ - name: "Test started site is running." # noqa no-changed-when ansible.builtin.command: omd status started register: checkmk_server_site_started_state + changed_when: false + failed_when: (not checkmk_server_site_started_state.rc == 0) and (not checkmk_server_site_started_state.rc == 1) - name: "Verify started site is running." ansible.builtin.assert: From f0a15b9ab4c701f17f1a66f3929abdce93520d97 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 27 Oct 2023 18:05:26 +0200 Subject: [PATCH 30/48] Finishing touches. --- roles/server/README.md | 2 +- roles/server/defaults/main.yml | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/roles/server/README.md b/roles/server/README.md index b5bc01f8c..2284de354 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -90,7 +90,7 @@ Valid values for `state` are: - `absent` If a higher version is specified for an existing site, a config update resolution method must first be given to update it. -Valid choices include `install`, `keepold` and `abort`. +Valid choices include `install`, `keepold` and `abort`. Site configuration can be passed with the `omd_config` keyword. The format can be seen above, for a list of variables run `omd show` diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 8e0d71a25..5e7405bbb 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -32,7 +32,7 @@ checkmk_server_download_user: [] checkmk_server_download_pass: [] checkmk_server_sites: [] - # - name: test + # - name: mysite # version: "{{ checkmk_server_version }}" # state: started # admin_pw: "{{ automation_secret | default(omit) }}" @@ -41,7 +41,8 @@ checkmk_server_sites: [] # omd_config: # - var: LIVESTATUS_TCP # value: "on" - + # - var: LIVESTATUS_TCP_PORT + # value: "6557" checkmk_server_configure_firewall: 'true' checkmk_server_backup_on_update: 'true' # Not recommended to disable this option From 866541eb2d746221e9e341111da504ea1e0e13bd Mon Sep 17 00:00:00 2001 From: Beni ~HB9HNT Date: Fri, 27 Oct 2023 20:12:46 +0200 Subject: [PATCH 31/48] Rename variable to checkmk_agent_mode --- roles/agent/defaults/main.yml | 2 +- roles/agent/tasks/Linux.yml | 2 +- roles/agent/tasks/main.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index fe6b4f308..8844aa683 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -31,7 +31,7 @@ checkmk_agent_folder: "{{ checkmk_folder_path | default('/') }}" checkmk_agent_force_foreign_changes: 'false' checkmk_agent_host_attributes: ipaddress: "{{ checkmk_agent_host_ip | default(omit) }}" -checkmk_agent_push: false +checkmk_agent_mode: pull # If you trust your local hostnames, you could also use the following diff --git a/roles/agent/tasks/Linux.yml b/roles/agent/tasks/Linux.yml index dfdaaed2c..c75449c95 100644 --- a/roles/agent/tasks/Linux.yml +++ b/roles/agent/tasks/Linux.yml @@ -107,4 +107,4 @@ ansible.builtin.wait_for: port: 6556 timeout: 60 - when: not (checkmk_agent_push | default(false)) | bool + when: checkmk_agent_mode != 'push' diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 6fddeb2eb..d92a14336 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -17,7 +17,7 @@ - name: "{{ ansible_system }}: Initial push of data for push agent" # noqa no-changed-when become: true ansible.builtin.shell: cmk-agent-ctl push - when: (checkmk_agent_push | default(false)) | bool + when: checkmk_agent_mode == 'push' - name: "Fetch fresh monitoring data from host." become: false From 90233adcb97d37daf837f12e9bf0b054ea24624a Mon Sep 17 00:00:00 2001 From: Beni ~HB9HNT Date: Fri, 27 Oct 2023 20:15:38 +0200 Subject: [PATCH 32/48] Fix linting error: use command rather than shell --- roles/agent/defaults/main.yml | 2 +- roles/agent/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index 8844aa683..ac9e73676 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -31,7 +31,7 @@ checkmk_agent_folder: "{{ checkmk_folder_path | default('/') }}" checkmk_agent_force_foreign_changes: 'false' checkmk_agent_host_attributes: ipaddress: "{{ checkmk_agent_host_ip | default(omit) }}" -checkmk_agent_mode: pull +checkmk_agent_mode: pull # If you trust your local hostnames, you could also use the following diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index d92a14336..d015fbf57 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -16,7 +16,7 @@ - name: "{{ ansible_system }}: Initial push of data for push agent" # noqa no-changed-when become: true - ansible.builtin.shell: cmk-agent-ctl push + ansible.builtin.command: cmk-agent-ctl push when: checkmk_agent_mode == 'push' - name: "Fetch fresh monitoring data from host." From 8fb344d5c72581504dbefdb45c2ba165f1719a40 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Oct 2023 06:22:03 +0000 Subject: [PATCH 33/48] Bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ans-int-test-lkp-folder.yaml | 2 +- .github/workflows/ans-int-test-lkp-folders.yaml | 2 +- .github/workflows/ans-int-test-lkp-host.yaml | 2 +- .github/workflows/ans-int-test-lkp-hosts.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ans-int-test-lkp-folder.yaml b/.github/workflows/ans-int-test-lkp-folder.yaml index 760e9bfce..8e923a251 100644 --- a/.github/workflows/ans-int-test-lkp-folder.yaml +++ b/.github/workflows/ans-int-test-lkp-folder.yaml @@ -45,7 +45,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} diff --git a/.github/workflows/ans-int-test-lkp-folders.yaml b/.github/workflows/ans-int-test-lkp-folders.yaml index 8c55c80bd..20b4dd324 100644 --- a/.github/workflows/ans-int-test-lkp-folders.yaml +++ b/.github/workflows/ans-int-test-lkp-folders.yaml @@ -45,7 +45,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} diff --git a/.github/workflows/ans-int-test-lkp-host.yaml b/.github/workflows/ans-int-test-lkp-host.yaml index f32be516e..f2b1037e1 100644 --- a/.github/workflows/ans-int-test-lkp-host.yaml +++ b/.github/workflows/ans-int-test-lkp-host.yaml @@ -45,7 +45,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} diff --git a/.github/workflows/ans-int-test-lkp-hosts.yaml b/.github/workflows/ans-int-test-lkp-hosts.yaml index aba71d028..f656f7635 100644 --- a/.github/workflows/ans-int-test-lkp-hosts.yaml +++ b/.github/workflows/ans-int-test-lkp-hosts.yaml @@ -45,7 +45,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} From 1c7846fe7bd68840e071743de31a60bdf4661f69 Mon Sep 17 00:00:00 2001 From: Beni ~HB9HNT Date: Tue, 31 Oct 2023 09:00:40 +0100 Subject: [PATCH 34/48] Also skip the port check when agent mode is ssh --- roles/agent/tasks/Linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/agent/tasks/Linux.yml b/roles/agent/tasks/Linux.yml index c75449c95..1349a05c0 100644 --- a/roles/agent/tasks/Linux.yml +++ b/roles/agent/tasks/Linux.yml @@ -107,4 +107,4 @@ ansible.builtin.wait_for: port: 6556 timeout: 60 - when: checkmk_agent_mode != 'push' + when: checkmk_agent_mode == 'pull' From 47b476605a0d95effe0995e1d7025ada048a7d5e Mon Sep 17 00:00:00 2001 From: robin-checkmk Date: Thu, 2 Nov 2023 15:06:36 +0000 Subject: [PATCH 35/48] Update Docs and Changelogs --- changelogs/changelog.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 9e7f9fceb..2d5fc29d2 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -722,4 +722,4 @@ releases: - description: Get various information about a host name: hosts namespace: null - release_date: '2023-10-26' + release_date: '2023-11-02' From 6cbda28539c9e08ec0019351ae754217196d32c7 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 2 Nov 2023 16:57:13 +0100 Subject: [PATCH 36/48] Bump Checkmk versions. --- roles/agent/README.md | 2 +- roles/agent/defaults/main.yml | 2 +- roles/agent/molecule/2.1.0/group_vars/all.yml | 2 +- roles/agent/molecule/2.2.0/group_vars/all.yml | 2 +- roles/server/README.md | 2 +- roles/server/defaults/main.yml | 2 +- roles/server/molecule/2.1.0/group_vars/all.yml | 2 +- roles/server/molecule/2.2.0/group_vars/all.yml | 2 +- scripts/release.sh | 4 ++-- tests/integration/targets/activation/vars/main.yml | 6 +++--- tests/integration/targets/bakery/vars/main.yml | 4 ++-- tests/integration/targets/contact_group/vars/main.yml | 6 +++--- tests/integration/targets/discovery/vars/main.yml | 6 +++--- tests/integration/targets/downtime/vars/main.yml | 6 +++--- tests/integration/targets/folder/vars/main.yml | 6 +++--- tests/integration/targets/host/vars/main.yml | 6 +++--- tests/integration/targets/host_group/vars/main.yml | 6 +++--- tests/integration/targets/lookup_folder/vars/main.yml | 6 +++--- tests/integration/targets/lookup_folders/vars/main.yml | 6 +++--- tests/integration/targets/lookup_host/vars/main.yml | 6 +++--- tests/integration/targets/lookup_hosts/vars/main.yml | 6 +++--- tests/integration/targets/lookup_version/vars/main.yml | 6 +++--- tests/integration/targets/password/vars/main.yml | 6 +++--- tests/integration/targets/rule/vars/main.yml | 6 +++--- tests/integration/targets/service_group/vars/main.yml | 6 +++--- tests/integration/targets/tag_group/vars/main.yml | 6 +++--- tests/integration/targets/timeperiod/vars/main.yml | 6 +++--- tests/integration/targets/user/vars/main.yml | 6 +++--- 28 files changed, 66 insertions(+), 66 deletions(-) diff --git a/roles/agent/README.md b/roles/agent/README.md index 310295b75..435b4ee82 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -17,7 +17,7 @@ It can be installed as easy as running: - checkmk_agent_version: "2.2.0p12" + checkmk_agent_version: "2.2.0p13" The Checkmk version of your site. diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index 153715ba0..9b3bee0a2 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -checkmk_agent_version: "2.2.0p12" +checkmk_agent_version: "2.2.0p13" checkmk_agent_edition: cre checkmk_agent_protocol: http checkmk_agent_server: localhost diff --git a/roles/agent/molecule/2.1.0/group_vars/all.yml b/roles/agent/molecule/2.1.0/group_vars/all.yml index 9b062e4e9..df95cf1b3 100644 --- a/roles/agent/molecule/2.1.0/group_vars/all.yml +++ b/roles/agent/molecule/2.1.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_version: "2.1.0p35" +checkmk_version: "2.1.0p36" checkmk_edition: "cre" checkmk_site: "my_site" automation_user: "cmkadmin" diff --git a/roles/agent/molecule/2.2.0/group_vars/all.yml b/roles/agent/molecule/2.2.0/group_vars/all.yml index 59c18e677..0c5b9fad5 100644 --- a/roles/agent/molecule/2.2.0/group_vars/all.yml +++ b/roles/agent/molecule/2.2.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_version: "2.2.0p12" +checkmk_version: "2.2.0p13" checkmk_edition: "cre" checkmk_site: "my_site" automation_user: "cmkadmin" diff --git a/roles/server/README.md b/roles/server/README.md index e280449bf..dbc44d25d 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -23,7 +23,7 @@ To learn about the distributions used in automated tests, inspect the correspond - checkmk_server_version: "2.2.0p12" + checkmk_server_version: "2.2.0p13" The Checkmk version of your site. diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 2cb5defcb..c53257d5b 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -24,7 +24,7 @@ checkmk_server_server_stable_os: - Ubuntu-20 - Ubuntu-22 -checkmk_server_version: "2.2.0p12" +checkmk_server_version: "2.2.0p13" checkmk_server_edition: cre checkmk_server_verify_setup: 'true' diff --git a/roles/server/molecule/2.1.0/group_vars/all.yml b/roles/server/molecule/2.1.0/group_vars/all.yml index 9c9a08914..6d503fead 100644 --- a/roles/server/molecule/2.1.0/group_vars/all.yml +++ b/roles/server/molecule/2.1.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_version: "2.1.0p35" +checkmk_version: "2.1.0p36" checkmk_edition: "cre" checkmk_site: "my_site" server_url: "http://127.0.0.1/" diff --git a/roles/server/molecule/2.2.0/group_vars/all.yml b/roles/server/molecule/2.2.0/group_vars/all.yml index 587a9c3aa..addbe7bc1 100644 --- a/roles/server/molecule/2.2.0/group_vars/all.yml +++ b/roles/server/molecule/2.2.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_version: "2.2.0p12" +checkmk_version: "2.2.0p13" checkmk_edition: "cre" checkmk_site: "my_site" server_url: "http://127.0.0.1/" diff --git a/scripts/release.sh b/scripts/release.sh index 304c60a5f..5576a8491 100755 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -16,8 +16,8 @@ collection_dir="${script_dir%/*}" # Update these as necessary: checkmk_ancient="2.0.0p39" -checkmk_oldstable="2.1.0p35" -checkmk_stable="2.2.0p12" +checkmk_oldstable="2.1.0p36" +checkmk_stable="2.2.0p13" while getopts 's:t:' OPTION; do case "$OPTION" in diff --git a/tests/integration/targets/activation/vars/main.yml b/tests/integration/targets/activation/vars/main.yml index 2bc3e6c0f..29367163f 100644 --- a/tests/integration/targets/activation/vars/main.yml +++ b/tests/integration/targets/activation/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/bakery/vars/main.yml b/tests/integration/targets/bakery/vars/main.yml index 85802d237..88d31169a 100644 --- a/tests/integration/targets/bakery/vars/main.yml +++ b/tests/integration/targets/bakery/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cee" site: "old_ent" diff --git a/tests/integration/targets/contact_group/vars/main.yml b/tests/integration/targets/contact_group/vars/main.yml index 4f740c812..975157a76 100644 --- a/tests/integration/targets/contact_group/vars/main.yml +++ b/tests/integration/targets/contact_group/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/discovery/vars/main.yml b/tests/integration/targets/discovery/vars/main.yml index 24c2072e2..19ff05fd9 100644 --- a/tests/integration/targets/discovery/vars/main.yml +++ b/tests/integration/targets/discovery/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/downtime/vars/main.yml b/tests/integration/targets/downtime/vars/main.yml index 2bc3e6c0f..29367163f 100644 --- a/tests/integration/targets/downtime/vars/main.yml +++ b/tests/integration/targets/downtime/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/folder/vars/main.yml b/tests/integration/targets/folder/vars/main.yml index eaffd2154..a33615a6b 100644 --- a/tests/integration/targets/folder/vars/main.yml +++ b/tests/integration/targets/folder/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/host/vars/main.yml b/tests/integration/targets/host/vars/main.yml index 5099289c3..adec726cc 100644 --- a/tests/integration/targets/host/vars/main.yml +++ b/tests/integration/targets/host/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/host_group/vars/main.yml b/tests/integration/targets/host_group/vars/main.yml index df8db9bd4..a81ffc6f5 100644 --- a/tests/integration/targets/host_group/vars/main.yml +++ b/tests/integration/targets/host_group/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_folder/vars/main.yml b/tests/integration/targets/lookup_folder/vars/main.yml index dd5a83bc8..cd2a295f2 100644 --- a/tests/integration/targets/lookup_folder/vars/main.yml +++ b/tests/integration/targets/lookup_folder/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_folders/vars/main.yml b/tests/integration/targets/lookup_folders/vars/main.yml index c439f6940..6f754709a 100644 --- a/tests/integration/targets/lookup_folders/vars/main.yml +++ b/tests/integration/targets/lookup_folders/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_host/vars/main.yml b/tests/integration/targets/lookup_host/vars/main.yml index 35d6b32fc..9633855e3 100644 --- a/tests/integration/targets/lookup_host/vars/main.yml +++ b/tests/integration/targets/lookup_host/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_hosts/vars/main.yml b/tests/integration/targets/lookup_hosts/vars/main.yml index dd7404a7f..b63e1ddfa 100644 --- a/tests/integration/targets/lookup_hosts/vars/main.yml +++ b/tests/integration/targets/lookup_hosts/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_version/vars/main.yml b/tests/integration/targets/lookup_version/vars/main.yml index 3383d977d..98802d130 100644 --- a/tests/integration/targets/lookup_version/vars/main.yml +++ b/tests/integration/targets/lookup_version/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/password/vars/main.yml b/tests/integration/targets/password/vars/main.yml index 43411fea2..8cb733ad7 100644 --- a/tests/integration/targets/password/vars/main.yml +++ b/tests/integration/targets/password/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/rule/vars/main.yml b/tests/integration/targets/rule/vars/main.yml index 7f49c8199..c9a05594a 100644 --- a/tests/integration/targets/rule/vars/main.yml +++ b/tests/integration/targets/rule/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" diff --git a/tests/integration/targets/service_group/vars/main.yml b/tests/integration/targets/service_group/vars/main.yml index 4c54bcebb..9edd5ab34 100644 --- a/tests/integration/targets/service_group/vars/main.yml +++ b/tests/integration/targets/service_group/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/tag_group/vars/main.yml b/tests/integration/targets/tag_group/vars/main.yml index 3383d977d..98802d130 100644 --- a/tests/integration/targets/tag_group/vars/main.yml +++ b/tests/integration/targets/tag_group/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" - version: "2.0.0p39" diff --git a/tests/integration/targets/timeperiod/vars/main.yml b/tests/integration/targets/timeperiod/vars/main.yml index 3b16f0a3a..ce0422e8e 100644 --- a/tests/integration/targets/timeperiod/vars/main.yml +++ b/tests/integration/targets/timeperiod/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index 74cf1664d..cf11b7d8e 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p13" edition: "cee" site: "stable_ent" - - version: "2.1.0p35" + - version: "2.1.0p36" edition: "cre" site: "old_raw" From 16baf9a083c837994fb5db7ba57d4b55d681a945 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Mon, 6 Nov 2023 14:45:04 +0100 Subject: [PATCH 37/48] Blacked user.py. --- plugins/modules/user.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/plugins/modules/user.py b/plugins/modules/user.py index 8d152760a..5329a08f3 100644 --- a/plugins/modules/user.py +++ b/plugins/modules/user.py @@ -200,7 +200,6 @@ def log(msg): class User: - default_attributes = { "disable_login": False, "contact_options": {"email": "", "fallback_contact": False}, @@ -230,7 +229,6 @@ def __repr__(self): @classmethod def from_api_response(cls, module, api_params): - # Determine the current state of this particular user api_attributes, state, etag = get_current_user_state(module, api_params) @@ -240,7 +238,6 @@ def from_api_response(cls, module, api_params): @classmethod def from_module(cls, params): - attributes = cls.default_attributes attributes["username"] = params["name"] @@ -317,7 +314,7 @@ def _exists(key): if _exists("authorized_sites"): attributes["authorized_sites"] = params["authorized_sites"] - #raise Exception(str(params)) + # raise Exception(str(params)) return cls(params["name"], state=params["state"], attributes=attributes) def satisfies(self, other_instance): @@ -349,10 +346,18 @@ def get_current_user_state(module, api_params): extensions = body.get("extensions", {}) elif info["status"] == 401: - exit_failed(module, "[get_current_user_state] Error calling API. HTTP code %d. Details: %s." % (info["status"], info["body"])) + exit_failed( + module, + "[get_current_user_state] Error calling API. HTTP code %d. Details: %s." + % (info["status"], info["body"]), + ) elif info["status"] == 403: - exit_failed(module, "[get_current_user_state] Error calling API. HTTP code %d. Details: %s." % (info["status"], info["body"])) + exit_failed( + module, + "[get_current_user_state] Error calling API. HTTP code %d. Details: %s." + % (info["status"], info["body"]), + ) elif info["status"] == 404: current_state = "absent" @@ -430,7 +435,6 @@ def delete_user(module, api_params): def run_module(): - # define available arguments/parameters a user can pass to the module module_args = dict( server_url=dict(type="str", required=True), From cbe7ecb30854b94eb725c5135fc1a57a2348f65b Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Mon, 6 Nov 2023 15:46:53 +0100 Subject: [PATCH 38/48] Update tests in accordance with PR #427. --- .../targets/host_group/tasks/test.yml | 21 +++++++++++++++ .../targets/host_group/vars/main.yml | 27 ++++++++++--------- .../targets/password/tasks/test.yml | 13 +++++++++ .../targets/password/vars/main.yml | 7 +++-- .../targets/service_group/tasks/test.yml | 23 +++++++++++++++- .../targets/service_group/vars/main.yml | 3 +++ .../targets/tag_group/tasks/test.yml | 13 +++++++++ .../targets/tag_group/vars/main.yml | 3 +++ tests/integration/targets/user/tasks/test.yml | 14 +++++----- 9 files changed, 102 insertions(+), 22 deletions(-) diff --git a/tests/integration/targets/host_group/tasks/test.yml b/tests/integration/targets/host_group/tasks/test.yml index 32b30e077..be612010e 100644 --- a/tests/integration/targets/host_group/tasks/test.yml +++ b/tests/integration/targets/host_group/tasks/test.yml @@ -1,10 +1,21 @@ --- +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Set customer when needed." + ansible.builtin.set_fact: + customer: "provider" + when: (outer_item.edition == "cme") or (outer_item.edition == "cce") + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Unset customer when needed." + ansible.builtin.set_fact: + customer: null + when: not ((outer_item.edition == "cme") or (outer_item.edition == "cce")) + - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Create host groups." host_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" title: "{{ item.title | default(item.name) }}" state: "present" @@ -18,6 +29,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" title: "{{ item.title | default(item.name) }}" groups: checkmk_host_groups_create @@ -45,6 +57,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name | default(item.name) }}" title: "{{ item.title }}" state: "present" @@ -70,6 +83,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" state: "absent" delegate_to: localhost @@ -94,6 +108,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" state: "absent" delegate_to: localhost @@ -118,6 +133,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_host_groups_create }}" state: "present" delegate_to: localhost @@ -129,6 +145,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_host_groups_create }}" name: "test" state: "present" @@ -142,6 +159,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_host_groups_create }}" title: "Test" state: "present" @@ -155,6 +173,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_host_groups_modify }}" state: "present" delegate_to: localhost @@ -166,6 +185,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_host_groups_delete }}" state: "absent" delegate_to: localhost @@ -177,6 +197,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_host_groups_create }}" state: "absent" delegate_to: localhost diff --git a/tests/integration/targets/host_group/vars/main.yml b/tests/integration/targets/host_group/vars/main.yml index df8db9bd4..8f133a28e 100644 --- a/tests/integration/targets/host_group/vars/main.yml +++ b/tests/integration/targets/host_group/vars/main.yml @@ -1,5 +1,8 @@ --- test_sites: + - version: "2.2.0p12" + edition: "cme" + site: "stable_cme" - version: "2.2.0p12" edition: "cre" site: "stable_raw" @@ -30,28 +33,28 @@ checkmk_server_edition_mapping: cme: managed checkmk_host_groups_create: - - name: "test1" + - name: "test1" title: "Test_1" - - name: "test2" - - name: "test3" - - name: "test4" + - name: "test2" + - name: "test3" + - name: "test4" title: "Test_4" - - name: "test5" + - name: "test5" title: "Test_5" # 2 and 3 remains unchanged, good for idempotency check checkmk_host_groups_modify: - - name: "test1" + - name: "test1" title: "Test_one" - - name: "test2" + - name: "test2" title: "Test_2" - - name: "test3" + - name: "test3" title: "Test_3" - - name: "test4" + - name: "test4" title: "Test_four" - - name: "test5" + - name: "test5" title: "Test_five" checkmk_host_groups_delete: - - name: "test1" - - name: "test3" + - name: "test1" + - name: "test3" diff --git a/tests/integration/targets/password/tasks/test.yml b/tests/integration/targets/password/tasks/test.yml index 49eede5d2..7c88b92ca 100644 --- a/tests/integration/targets/password/tasks/test.yml +++ b/tests/integration/targets/password/tasks/test.yml @@ -1,10 +1,21 @@ --- +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Set customer when needed." + ansible.builtin.set_fact: + customer: "provider" + when: (outer_item.edition == "cme") or (outer_item.edition == "cce") + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Unset customer when needed." + ansible.builtin.set_fact: + customer: null + when: not ((outer_item.edition == "cme") or (outer_item.edition == "cce")) + - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Create new passwords." password: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" title: "{{ item.title }}" comment: "{{ item.comment }}" @@ -35,6 +46,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" title: "{{ item.title | default(omit) }}" comment: "{{ item.comment | default(omit) }}" @@ -65,6 +77,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" state: "absent" delegate_to: localhost diff --git a/tests/integration/targets/password/vars/main.yml b/tests/integration/targets/password/vars/main.yml index 43411fea2..8ea904ca7 100644 --- a/tests/integration/targets/password/vars/main.yml +++ b/tests/integration/targets/password/vars/main.yml @@ -1,11 +1,14 @@ --- test_sites: - version: "2.2.0p12" - edition: "cre" - site: "stable_raw" + edition: "cme" + site: "stable_cme" - version: "2.2.0p12" edition: "cee" site: "stable_ent" + - version: "2.2.0p12" + edition: "cre" + site: "stable_raw" - version: "2.1.0p35" edition: "cre" site: "old_raw" diff --git a/tests/integration/targets/service_group/tasks/test.yml b/tests/integration/targets/service_group/tasks/test.yml index 44c4a3e53..f0b753a51 100644 --- a/tests/integration/targets/service_group/tasks/test.yml +++ b/tests/integration/targets/service_group/tasks/test.yml @@ -1,10 +1,21 @@ --- +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Set customer when needed." + ansible.builtin.set_fact: + customer: "provider" + when: (outer_item.edition == "cme") or (outer_item.edition == "cce") + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Unset customer when needed." + ansible.builtin.set_fact: + customer: null + when: not ((outer_item.edition == "cme") or (outer_item.edition == "cce")) + - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Create service groups." service_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" title: "{{ item.title | default(item.name) }}" state: "present" @@ -18,6 +29,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" title: "{{ item.title | default(item.name) }}" groups: checkmk_service_groups_create @@ -45,6 +57,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name | default(item.name) }}" title: "{{ item.title }}" state: "present" @@ -70,6 +83,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" state: "absent" delegate_to: localhost @@ -94,6 +108,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" state: "absent" delegate_to: localhost @@ -118,6 +133,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_service_groups_create }}" state: "present" delegate_to: localhost @@ -129,6 +145,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_service_groups_create }}" name: "test" state: "present" @@ -142,6 +159,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_service_groups_create }}" title: "Test" state: "present" @@ -155,6 +173,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_service_groups_modify }}" state: "present" delegate_to: localhost @@ -166,17 +185,19 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_service_groups_delete }}" state: "absent" delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk delete service groups that were created at the beginning (also check for idempotency)." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk delete service groups (also check for idempotency)." service_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 groups: "{{ checkmk_service_groups_create }}" state: "absent" delegate_to: localhost diff --git a/tests/integration/targets/service_group/vars/main.yml b/tests/integration/targets/service_group/vars/main.yml index 4c54bcebb..b5c0316da 100644 --- a/tests/integration/targets/service_group/vars/main.yml +++ b/tests/integration/targets/service_group/vars/main.yml @@ -1,5 +1,8 @@ --- test_sites: + - version: "2.2.0p12" + edition: "cme" + site: "stable_cme" - version: "2.2.0p12" edition: "cre" site: "stable_raw" diff --git a/tests/integration/targets/tag_group/tasks/test.yml b/tests/integration/targets/tag_group/tasks/test.yml index 175388eb8..30558d9ed 100644 --- a/tests/integration/targets/tag_group/tasks/test.yml +++ b/tests/integration/targets/tag_group/tasks/test.yml @@ -1,10 +1,21 @@ --- +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Set customer when needed." + ansible.builtin.set_fact: + customer: "provider" + when: (outer_item.edition == "cme") or (outer_item.edition == "cce") + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Unset customer when needed." + ansible.builtin.set_fact: + customer: null + when: not ((outer_item.edition == "cme") or (outer_item.edition == "cce")) + - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Create tag_group." tag_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 id: Virtualization title: Virtualization topic: My_Tag_Group @@ -37,6 +48,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 id: Virtualization title: Hypervisors topic: My_Tag_Group @@ -67,6 +79,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 id: Virtualization title: Hypervisors topic: My_Tag_Group diff --git a/tests/integration/targets/tag_group/vars/main.yml b/tests/integration/targets/tag_group/vars/main.yml index 3383d977d..969fbc3ad 100644 --- a/tests/integration/targets/tag_group/vars/main.yml +++ b/tests/integration/targets/tag_group/vars/main.yml @@ -1,5 +1,8 @@ --- test_sites: + - version: "2.2.0p12" + edition: "cme" + site: "stable_cme" - version: "2.2.0p12" edition: "cre" site: "stable_raw" diff --git a/tests/integration/targets/user/tasks/test.yml b/tests/integration/targets/user/tasks/test.yml index f27262c84..9d2369b12 100644 --- a/tests/integration/targets/user/tasks/test.yml +++ b/tests/integration/targets/user/tasks/test.yml @@ -1,10 +1,10 @@ --- -- name: "{{ outer_item.version }} - Set customer when needed." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Set customer when needed." ansible.builtin.set_fact: customer: "provider" when: (outer_item.edition == "cme") or (outer_item.edition == "cce") -- name: "{{ outer_item.version }} - Unset customer when needed." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Unset customer when needed." ansible.builtin.set_fact: customer: null when: not ((outer_item.edition == "cme") or (outer_item.edition == "cce")) @@ -15,7 +15,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item }}" title: "{{ item }}" state: "present" @@ -41,7 +41,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" fullname: "{{ item.fullname }}" auth_type: "{{ item.auth_type }}" @@ -73,7 +73,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" fullname: "{{ item.fullname }}" auth_type: "{{ item.auth_type }}" @@ -101,7 +101,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" contactgroups: "{{ item.contactgroups }}" state: "present" @@ -127,7 +127,7 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 name: "{{ item.name }}" password: "{{ item.newpassword }}" state: "present" From 388a970dbdffce34771df084d84713636f906e2d Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 8 Nov 2023 10:46:40 +0100 Subject: [PATCH 39/48] Clarify states of server role. --- roles/server/README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/server/README.md b/roles/server/README.md index 9881aae36..762c94f0e 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -82,12 +82,12 @@ Whether to allow downgrading a sites version. Note this is not a recommended pro A dictionary of sites, containing the desired version, admin password and state. There are also advanced settings, which will be outlined below. Valid values for `state` are: -- `started` -- `stopped` -- `enabled` -- `disabled` -- `present` -- `absent` +- `started`: The site is started and enabled for autostart on system boot. +- `stopped`: The site is stopped and disabled for autostart on system boot. +- `enabled`: The site is stopped, but enabled for autostart on system boot. +- `disabled`: The site is stopped and disabled for autostart on system boot. +- `present`: The site is stopped and disabled for autostart on system boot. +- `absent`: The site is removed from the system entirely. If a higher version is specified for an existing site, a config update resolution method must first be given to update it. Valid choices include `install`, `keepold` and `abort`. From 8eb79a8aeb9adfbbc74a8fd79827371f495fb8af Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 8 Nov 2023 11:25:30 +0100 Subject: [PATCH 40/48] Add changelog and documentation for agent mode variable. --- changelogs/fragments/agent_push.yml | 5 +++++ roles/agent/README.md | 6 ++++++ 2 files changed, 11 insertions(+) create mode 100644 changelogs/fragments/agent_push.yml diff --git a/changelogs/fragments/agent_push.yml b/changelogs/fragments/agent_push.yml new file mode 100644 index 000000000..32cea8eb1 --- /dev/null +++ b/changelogs/fragments/agent_push.yml @@ -0,0 +1,5 @@ +minor_changes: + - Agent role - Introduce variable to configure agent mode. Refer to the README. + +bugfixes: + - Agent role - Fix agent port check for agent modes other than "pull". diff --git a/roles/agent/README.md b/roles/agent/README.md index 435b4ee82..293b822bb 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -153,6 +153,12 @@ Define an IP address which will be added to the host in Checkmk. This is optiona Define attributes with which the host will be added to Checkmk. + checkmk_agent_mode: pull + +The mode the agent operates in. For most deployments, this will be the `pull` mode. If you are uncertain, what you are using, this is most likely your mode. +If you are using an alternative way to call the agent, e.g. SSH, you can set the variable to `ssh`, so the agent port check is skipped. +If you are using the Checkmk Cloud Edition (CCE) with an agent in `push` mode, you want to set this to `push` to avoid the agent port check, as well as triggering an initial push of data. + checkmk_agent_no_log: 'true' Whether to log sensitive information like passwords, Ansible output will be censored for enhanced security by default. Set to `false` for easier troubleshooting. Be careful when changing this value in production, passwords may be leaked in operating system logs. From c835424dcb39f3e64af6ca87552adfcf95b00b5b Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 8 Nov 2023 11:30:36 +0100 Subject: [PATCH 41/48] Bump Checkmk version. --- roles/agent/README.md | 2 +- roles/agent/defaults/main.yml | 2 +- roles/agent/molecule/2.2.0/group_vars/all.yml | 2 +- roles/server/README.md | 2 +- roles/server/defaults/main.yml | 2 +- roles/server/molecule/2.2.0/group_vars/all.yml | 2 +- scripts/release.sh | 2 +- tests/integration/targets/activation/vars/main.yml | 4 ++-- tests/integration/targets/bakery/vars/main.yml | 2 +- tests/integration/targets/contact_group/vars/main.yml | 4 ++-- tests/integration/targets/discovery/vars/main.yml | 4 ++-- tests/integration/targets/downtime/vars/main.yml | 4 ++-- tests/integration/targets/folder/vars/main.yml | 4 ++-- tests/integration/targets/host/vars/main.yml | 4 ++-- tests/integration/targets/host_group/vars/main.yml | 4 ++-- tests/integration/targets/lookup_folder/vars/main.yml | 4 ++-- tests/integration/targets/lookup_folders/vars/main.yml | 4 ++-- tests/integration/targets/lookup_host/vars/main.yml | 4 ++-- tests/integration/targets/lookup_hosts/vars/main.yml | 4 ++-- tests/integration/targets/lookup_version/vars/main.yml | 4 ++-- tests/integration/targets/password/vars/main.yml | 4 ++-- tests/integration/targets/rule/vars/main.yml | 4 ++-- tests/integration/targets/service_group/vars/main.yml | 4 ++-- tests/integration/targets/tag_group/vars/main.yml | 4 ++-- tests/integration/targets/timeperiod/vars/main.yml | 4 ++-- tests/integration/targets/user/vars/main.yml | 4 ++-- 26 files changed, 44 insertions(+), 44 deletions(-) diff --git a/roles/agent/README.md b/roles/agent/README.md index 293b822bb..d8831c4e1 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -17,7 +17,7 @@ It can be installed as easy as running: - checkmk_agent_version: "2.2.0p13" + checkmk_agent_version: "2.2.0p12" The Checkmk version of your site. diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index d38001dd2..39ad11ed5 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -checkmk_agent_version: "2.2.0p13" +checkmk_agent_version: "2.2.0p12" checkmk_agent_edition: cre checkmk_agent_protocol: http checkmk_agent_server: localhost diff --git a/roles/agent/molecule/2.2.0/group_vars/all.yml b/roles/agent/molecule/2.2.0/group_vars/all.yml index 0c5b9fad5..59c18e677 100644 --- a/roles/agent/molecule/2.2.0/group_vars/all.yml +++ b/roles/agent/molecule/2.2.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_version: "2.2.0p13" +checkmk_version: "2.2.0p12" checkmk_edition: "cre" checkmk_site: "my_site" automation_user: "cmkadmin" diff --git a/roles/server/README.md b/roles/server/README.md index 762c94f0e..31212e15b 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -23,7 +23,7 @@ To learn about the distributions used in automated tests, inspect the correspond - checkmk_server_version: "2.2.0p13" + checkmk_server_version: "2.2.0p12" The Checkmk version of your site. diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 002bb3c9d..dececfcb3 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -24,7 +24,7 @@ checkmk_server_server_stable_os: - Ubuntu-20 - Ubuntu-22 -checkmk_server_version: "2.2.0p13" +checkmk_server_version: "2.2.0p12" checkmk_server_edition: cre checkmk_server_verify_setup: 'true' diff --git a/roles/server/molecule/2.2.0/group_vars/all.yml b/roles/server/molecule/2.2.0/group_vars/all.yml index 1e0cc46d6..faf825a9d 100644 --- a/roles/server/molecule/2.2.0/group_vars/all.yml +++ b/roles/server/molecule/2.2.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_version: "2.2.0p13" +checkmk_version: "2.2.0p12" checkmk_edition: "cre" server_url: "http://127.0.0.1/" automation_user: "cmkadmin" diff --git a/scripts/release.sh b/scripts/release.sh index 5576a8491..bd2e03851 100755 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -17,7 +17,7 @@ collection_dir="${script_dir%/*}" # Update these as necessary: checkmk_ancient="2.0.0p39" checkmk_oldstable="2.1.0p36" -checkmk_stable="2.2.0p13" +checkmk_stable="2.2.0p12" while getopts 's:t:' OPTION; do case "$OPTION" in diff --git a/tests/integration/targets/activation/vars/main.yml b/tests/integration/targets/activation/vars/main.yml index 29367163f..ec08de421 100644 --- a/tests/integration/targets/activation/vars/main.yml +++ b/tests/integration/targets/activation/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/bakery/vars/main.yml b/tests/integration/targets/bakery/vars/main.yml index 88d31169a..f67fde61d 100644 --- a/tests/integration/targets/bakery/vars/main.yml +++ b/tests/integration/targets/bakery/vars/main.yml @@ -1,6 +1,6 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/contact_group/vars/main.yml b/tests/integration/targets/contact_group/vars/main.yml index 975157a76..b68f050d1 100644 --- a/tests/integration/targets/contact_group/vars/main.yml +++ b/tests/integration/targets/contact_group/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/discovery/vars/main.yml b/tests/integration/targets/discovery/vars/main.yml index 19ff05fd9..c6a931e9f 100644 --- a/tests/integration/targets/discovery/vars/main.yml +++ b/tests/integration/targets/discovery/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/downtime/vars/main.yml b/tests/integration/targets/downtime/vars/main.yml index 29367163f..ec08de421 100644 --- a/tests/integration/targets/downtime/vars/main.yml +++ b/tests/integration/targets/downtime/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/folder/vars/main.yml b/tests/integration/targets/folder/vars/main.yml index a33615a6b..8ede4c0da 100644 --- a/tests/integration/targets/folder/vars/main.yml +++ b/tests/integration/targets/folder/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/host/vars/main.yml b/tests/integration/targets/host/vars/main.yml index adec726cc..72ef3c7b6 100644 --- a/tests/integration/targets/host/vars/main.yml +++ b/tests/integration/targets/host/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/host_group/vars/main.yml b/tests/integration/targets/host_group/vars/main.yml index a81ffc6f5..9354febc4 100644 --- a/tests/integration/targets/host_group/vars/main.yml +++ b/tests/integration/targets/host_group/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_folder/vars/main.yml b/tests/integration/targets/lookup_folder/vars/main.yml index cd2a295f2..03bc017b1 100644 --- a/tests/integration/targets/lookup_folder/vars/main.yml +++ b/tests/integration/targets/lookup_folder/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_folders/vars/main.yml b/tests/integration/targets/lookup_folders/vars/main.yml index 6f754709a..9ae5b83d6 100644 --- a/tests/integration/targets/lookup_folders/vars/main.yml +++ b/tests/integration/targets/lookup_folders/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_host/vars/main.yml b/tests/integration/targets/lookup_host/vars/main.yml index 9633855e3..ffdc2c96a 100644 --- a/tests/integration/targets/lookup_host/vars/main.yml +++ b/tests/integration/targets/lookup_host/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_hosts/vars/main.yml b/tests/integration/targets/lookup_hosts/vars/main.yml index b63e1ddfa..c0c206291 100644 --- a/tests/integration/targets/lookup_hosts/vars/main.yml +++ b/tests/integration/targets/lookup_hosts/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_version/vars/main.yml b/tests/integration/targets/lookup_version/vars/main.yml index 98802d130..e90996ef1 100644 --- a/tests/integration/targets/lookup_version/vars/main.yml +++ b/tests/integration/targets/lookup_version/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/password/vars/main.yml b/tests/integration/targets/password/vars/main.yml index 8cb733ad7..0639e448d 100644 --- a/tests/integration/targets/password/vars/main.yml +++ b/tests/integration/targets/password/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/rule/vars/main.yml b/tests/integration/targets/rule/vars/main.yml index c9a05594a..125325d46 100644 --- a/tests/integration/targets/rule/vars/main.yml +++ b/tests/integration/targets/rule/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/service_group/vars/main.yml b/tests/integration/targets/service_group/vars/main.yml index 9edd5ab34..ea6a1fdd4 100644 --- a/tests/integration/targets/service_group/vars/main.yml +++ b/tests/integration/targets/service_group/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/tag_group/vars/main.yml b/tests/integration/targets/tag_group/vars/main.yml index 98802d130..e90996ef1 100644 --- a/tests/integration/targets/tag_group/vars/main.yml +++ b/tests/integration/targets/tag_group/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/timeperiod/vars/main.yml b/tests/integration/targets/timeperiod/vars/main.yml index ce0422e8e..d8335ca8e 100644 --- a/tests/integration/targets/timeperiod/vars/main.yml +++ b/tests/integration/targets/timeperiod/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index cf11b7d8e..422f82af8 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cre" site: "stable_raw" - - version: "2.2.0p13" + - version: "2.2.0p12" edition: "cee" site: "stable_ent" - version: "2.1.0p36" From a3dbf379b1536ec9601b9f4c10ff218d473d0aba Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 8 Nov 2023 11:58:42 +0100 Subject: [PATCH 42/48] Get rid of 'ignore_error' statements in tests, replacing them with proper conditionals. --- .../targets/contact_group/tasks/test.yml | 18 +++++++++++------- .../targets/host_group/tasks/test.yml | 16 ++++++++++------ .../targets/service_group/tasks/test.yml | 18 +++++++++++------- .../targets/timeperiod/tasks/test.yml | 9 +++++---- 4 files changed, 37 insertions(+), 24 deletions(-) diff --git a/tests/integration/targets/contact_group/tasks/test.yml b/tests/integration/targets/contact_group/tasks/test.yml index 8fb30531e..5bdc8d3d8 100644 --- a/tests/integration/targets/contact_group/tasks/test.yml +++ b/tests/integration/targets/contact_group/tasks/test.yml @@ -12,7 +12,7 @@ run_once: true # noqa run-once[task] loop: "{{ checkmk_contact_groups_create }}" -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'groups', Create contact groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for mutually exclusive module args: 'groups|name'." contact_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -25,7 +25,8 @@ delegate_to: localhost run_once: true # noqa run-once[task] loop: "{{ checkmk_contact_groups_create }}" - ignore_errors: true + register: checkmk_contact_group_status + failed_when: "'parameters are mutually exclusive: groups|name' not in checkmk_contact_group_status.msg" - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Activate." activation: @@ -123,7 +124,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'name', Bulk create contact groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for mutually exclusive module args: 'groups|name'." contact_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -134,9 +135,10 @@ state: "present" delegate_to: localhost run_once: true # noqa run-once[task] - ignore_errors: true + register: checkmk_contact_group_status + failed_when: "'parameters are mutually exclusive: groups|name' not in checkmk_contact_group_status.msg" -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'title', Bulk create contact groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for uneffective module args: 'groups' and 'title'." contact_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -147,7 +149,9 @@ state: "present" delegate_to: localhost run_once: true # noqa run-once[task] - ignore_errors: true + register: checkmk_contact_group_status + failed_when: | + "'title' has only effect when 'name' is defined and not 'groups'" not in checkmk_contact_group_status.msg - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk modify part of contact groups (also checks for idempotency!)." contact_group: @@ -171,7 +175,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk delete contact groups that were created at the beginning (also check for idempotency)." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk delete contact groups checking for idempotency." contact_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" diff --git a/tests/integration/targets/host_group/tasks/test.yml b/tests/integration/targets/host_group/tasks/test.yml index 32b30e077..b93d78b87 100644 --- a/tests/integration/targets/host_group/tasks/test.yml +++ b/tests/integration/targets/host_group/tasks/test.yml @@ -12,7 +12,7 @@ run_once: true # noqa run-once[task] loop: "{{ checkmk_host_groups_create }}" -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'groups', Create host groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for mutually exclusive module args: 'groups|name'." host_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -25,7 +25,8 @@ delegate_to: localhost run_once: true # noqa run-once[task] loop: "{{ checkmk_host_groups_create }}" - ignore_errors: True + register: checkmk_host_group_status + failed_when: "'parameters are mutually exclusive: groups|name' not in checkmk_host_group_status.msg" - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Activate." activation: @@ -123,7 +124,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'name', Bulk create host groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for mutually exclusive module args: 'groups|name'." host_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -134,9 +135,10 @@ state: "present" delegate_to: localhost run_once: true # noqa run-once[task] - ignore_errors: True + register: checkmk_host_group_status + failed_when: "'parameters are mutually exclusive: groups|name' not in checkmk_host_group_status.msg" -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'title', Bulk create host groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for uneffective module args: 'groups' and 'title'." host_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -147,7 +149,9 @@ state: "present" delegate_to: localhost run_once: true # noqa run-once[task] - ignore_errors: True + register: checkmk_host_group_status + failed_when: | + "'title' has only effect when 'name' is defined and not 'groups'" not in checkmk_host_group_status.msg - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk modify part of host groups (also checks for idempotency!)." host_group: diff --git a/tests/integration/targets/service_group/tasks/test.yml b/tests/integration/targets/service_group/tasks/test.yml index 44c4a3e53..d895edf3e 100644 --- a/tests/integration/targets/service_group/tasks/test.yml +++ b/tests/integration/targets/service_group/tasks/test.yml @@ -12,7 +12,7 @@ run_once: true # noqa run-once[task] loop: "{{ checkmk_service_groups_create }}" -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'groups', Create service groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for mutually exclusive module args: 'groups|name'." service_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -25,7 +25,8 @@ delegate_to: localhost run_once: true # noqa run-once[task] loop: "{{ checkmk_service_groups_create }}" - ignore_errors: true + register: checkmk_service_group_status + failed_when: "'parameters are mutually exclusive: groups|name' not in checkmk_service_group_status.msg" - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Activate." activation: @@ -123,7 +124,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'name', Bulk create service groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for mutually exclusive module args: 'groups|name'." service_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -134,9 +135,10 @@ state: "present" delegate_to: localhost run_once: true # noqa run-once[task] - ignore_errors: true + register: checkmk_service_group_status + failed_when: "'parameters are mutually exclusive: groups|name' not in checkmk_service_group_status.msg" -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Should fail because of 'title', Bulk create service groups." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test for uneffective module args: 'groups' and 'title'." service_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -147,7 +149,9 @@ state: "present" delegate_to: localhost run_once: true # noqa run-once[task] - ignore_errors: true + register: checkmk_service_group_status + failed_when: | + "'title' has only effect when 'name' is defined and not 'groups'" not in checkmk_service_group_status.msg - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk modify part of service groups (also checks for idempotency!)." service_group: @@ -171,7 +175,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk delete service groups that were created at the beginning (also check for idempotency)." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Bulk delete service groups checking for idempotency)." service_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" diff --git a/tests/integration/targets/timeperiod/tasks/test.yml b/tests/integration/targets/timeperiod/tasks/test.yml index cb0e95dea..aab01ffdb 100644 --- a/tests/integration/targets/timeperiod/tasks/test.yml +++ b/tests/integration/targets/timeperiod/tasks/test.yml @@ -73,7 +73,7 @@ run_once: true # noqa run-once[task] # This should fail. -- name: "Try to delete a time period which is used by another time period." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test that a timeperiod which is still in use cannot be deleted." timeperiod: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -83,9 +83,10 @@ state: "absent" delegate_to: localhost loop: "{{ checkmk_timeperiods_faildelete }}" - ignore_errors: true + register: checkmk_timeperiod_status + failed_when: "'The time period is still in use' not in checkmk_timeperiod_status.msg" -- name: "Delete other time period first." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Delete other time period first." timeperiod: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" @@ -96,7 +97,7 @@ delegate_to: localhost loop: "{{ checkmk_timeperiods_deletefirst }}" -- name: "Delete a time period." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Delete a time period." timeperiod: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" From 3ff5ed37210f0ddef51de249e0a0662b46f21879 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 8 Nov 2023 16:50:50 +0100 Subject: [PATCH 43/48] Finishing touches and add changelog. --- changelogs/fragments/cme_support.yml | 6 ++++++ plugins/modules/contact_group.py | 5 +++-- plugins/modules/host_group.py | 9 +++++---- plugins/modules/password.py | 4 ++-- plugins/modules/service_group.py | 9 +++++---- plugins/modules/user.py | 11 +++++++---- 6 files changed, 28 insertions(+), 16 deletions(-) create mode 100644 changelogs/fragments/cme_support.yml diff --git a/changelogs/fragments/cme_support.yml b/changelogs/fragments/cme_support.yml new file mode 100644 index 000000000..9c6928b1f --- /dev/null +++ b/changelogs/fragments/cme_support.yml @@ -0,0 +1,6 @@ +minor_changes: + - User module - Add support for the Checkmk Managed Edition (CME). + - Service group module - Add support for the Checkmk Managed Edition (CME). + - Password module - Add support for the Checkmk Managed Edition (CME). + - Host group module - Add support for the Checkmk Managed Edition (CME). + - Contact group module - Add support for the Checkmk Managed Edition (CME). diff --git a/plugins/modules/contact_group.py b/plugins/modules/contact_group.py index 4f214f5f1..fccc3c136 100644 --- a/plugins/modules/contact_group.py +++ b/plugins/modules/contact_group.py @@ -31,7 +31,8 @@ description: The title (alias) of your contact group. If omitted defaults to the name. type: str customer: - description: The customer (required for CME) + description: For the Checkmk Managed Edition (CME), you need to specify which customer ID this object belongs to. + required: false type: str groups: description: @@ -63,7 +64,7 @@ automation_secret: "$SECRET" name: "my_contact_group" title: "My Contact Group" - cutomer: "provider" + customer: "provider" state: "present" # Create several contact groups. diff --git a/plugins/modules/host_group.py b/plugins/modules/host_group.py index 23ea58627..24d4a0e33 100644 --- a/plugins/modules/host_group.py +++ b/plugins/modules/host_group.py @@ -31,7 +31,8 @@ description: The title (alias) of your host group. If omitted defaults to the name. type: str customer: - description: The customer (required for CME) + description: For the Checkmk Managed Edition (CME), you need to specify which customer ID this object belongs to. + required: false type: str groups: description: @@ -59,7 +60,7 @@ automation_secret: "$SECRET" name: "my_host_group" title: "My Host Group" - cutomer: "provider" + customer: "provider" state: "present" # Create several host groups. @@ -69,7 +70,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" - cutomer: "provider" + customer: "provider" groups: - name: "my_host_group_one" title: "My Host Group One" @@ -86,7 +87,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" - cutomer: "provider" + customer: "provider" groups: - name: "my_host_group_one" title: "My Host Group One" diff --git a/plugins/modules/password.py b/plugins/modules/password.py index 110995392..1347810d1 100644 --- a/plugins/modules/password.py +++ b/plugins/modules/password.py @@ -18,7 +18,7 @@ version_added: "2.3.0" description: -- Manage passwords in checkmk. +- Manage passwords in Checkmk. extends_documentation_fragment: [checkmk.general.common] @@ -34,7 +34,7 @@ type: str customer: - description: For the Checkmk Managed Edition, you need to specify which customer a password belongs to. + description: For the Checkmk Managed Edition (CME), you need to specify which customer ID this object belongs to. required: false type: str diff --git a/plugins/modules/service_group.py b/plugins/modules/service_group.py index fa73dd54a..99a4e0d61 100644 --- a/plugins/modules/service_group.py +++ b/plugins/modules/service_group.py @@ -31,7 +31,8 @@ description: The title (alias) of your service group. If omitted defaults to the name. type: str customer: - description: The customer (required for CME) + description: For the Checkmk Managed Edition (CME), you need to specify which customer ID this object belongs to. + required: false type: str groups: description: @@ -63,7 +64,7 @@ automation_secret: "$SECRET" name: "my_service_group" title: "My Service Group" - cutomer: "provider" + customer: "provider" state: "present" # Create several service groups. @@ -73,7 +74,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" - cutomer: "provider" + customer: "provider" groups: - name: "my_service_group_one" title: "My Service Group One" @@ -90,7 +91,7 @@ site: "my_site" automation_user: "automation" automation_secret: "$SECRET" - cutomer: "provider" + customer: "provider" groups: - name: "my_service_group_one" title: "My Service Group One" diff --git a/plugins/modules/user.py b/plugins/modules/user.py index 5329a08f3..ef185c838 100644 --- a/plugins/modules/user.py +++ b/plugins/modules/user.py @@ -30,6 +30,10 @@ fullname: description: The alias or full name of the user. type: str + customer: + description: For the Checkmk Managed Edition (CME), you need to specify which customer ID this object belongs to. + required: false + type: str password: description: The password or secret for login. type: str @@ -95,7 +99,7 @@ automation_secret: "$SECRET" name: "krichards" fullname: "Keith Richards" - customer: "Provider" + customer: "provider" email: "keith.richards@rollingstones.com" password: "Open-G" contactgroups: @@ -114,7 +118,7 @@ automation_secret: "$SECRET" name: "registration" fullname: "Registration User" - customer: "Provider" + customer: "provider" auth_type: "automation" password: "ZGSDHUVDSKJHSDF" roles: @@ -130,7 +134,7 @@ automation_secret: "$SECRET" name: "horst" fullname: "Horst Schlämmer" - customer: "Provider" + customer: "provider" auth_type: "password" password: "uschi" enforce_password_change: True @@ -314,7 +318,6 @@ def _exists(key): if _exists("authorized_sites"): attributes["authorized_sites"] = params["authorized_sites"] - # raise Exception(str(params)) return cls(params["name"], state=params["state"], attributes=attributes) def satisfies(self, other_instance): From e469468ac115368cced9085854697fe26b3e83ca Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 9 Nov 2023 08:06:33 +0100 Subject: [PATCH 44/48] Fix typo. --- plugins/modules/password.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/password.py b/plugins/modules/password.py index 1347810d1..cdebb1e52 100644 --- a/plugins/modules/password.py +++ b/plugins/modules/password.py @@ -11,7 +11,7 @@ --- module: password -short_description: Manage passwords in checkmk. +short_description: Manage passwords in Checkmk. # If this is part of a collection, you need to use semantic versioning, # i.e. the version is of the form "2.5.0" and not "2.4". From 8546426277cae54e55cb92977f21336a277a5646 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 9 Nov 2023 08:06:44 +0100 Subject: [PATCH 45/48] Remove unnecessary tests. --- tests/integration/targets/tag_group/tasks/test.yml | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/tests/integration/targets/tag_group/tasks/test.yml b/tests/integration/targets/tag_group/tasks/test.yml index 30558d9ed..175388eb8 100644 --- a/tests/integration/targets/tag_group/tasks/test.yml +++ b/tests/integration/targets/tag_group/tasks/test.yml @@ -1,21 +1,10 @@ --- -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Set customer when needed." - ansible.builtin.set_fact: - customer: "provider" - when: (outer_item.edition == "cme") or (outer_item.edition == "cce") - -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Unset customer when needed." - ansible.builtin.set_fact: - customer: null - when: not ((outer_item.edition == "cme") or (outer_item.edition == "cce")) - - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Create tag_group." tag_group: server_url: "{{ server_url }}" site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 id: Virtualization title: Virtualization topic: My_Tag_Group @@ -48,7 +37,6 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 id: Virtualization title: Hypervisors topic: My_Tag_Group @@ -79,7 +67,6 @@ site: "{{ outer_item.site }}" automation_user: "{{ automation_user }}" automation_secret: "{{ automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 id: Virtualization title: Hypervisors topic: My_Tag_Group From 1f154bcac7c5c7c36c5f862255e8044e1a23ecb6 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 9 Nov 2023 08:08:19 +0100 Subject: [PATCH 46/48] Bump Checkmk version. --- roles/agent/README.md | 2 +- roles/agent/defaults/main.yml | 2 +- roles/agent/molecule/2.2.0/group_vars/all.yml | 2 +- roles/server/README.md | 2 +- roles/server/defaults/main.yml | 2 +- roles/server/molecule/2.2.0/group_vars/all.yml | 2 +- scripts/release.sh | 2 +- tests/integration/targets/activation/vars/main.yml | 4 ++-- tests/integration/targets/bakery/vars/main.yml | 2 +- tests/integration/targets/contact_group/vars/main.yml | 4 ++-- tests/integration/targets/discovery/vars/main.yml | 4 ++-- tests/integration/targets/downtime/vars/main.yml | 4 ++-- tests/integration/targets/folder/vars/main.yml | 4 ++-- tests/integration/targets/host/vars/main.yml | 4 ++-- tests/integration/targets/host_group/vars/main.yml | 6 +++--- tests/integration/targets/lookup_folder/vars/main.yml | 4 ++-- tests/integration/targets/lookup_folders/vars/main.yml | 4 ++-- tests/integration/targets/lookup_host/vars/main.yml | 4 ++-- tests/integration/targets/lookup_hosts/vars/main.yml | 4 ++-- tests/integration/targets/lookup_version/vars/main.yml | 4 ++-- tests/integration/targets/password/vars/main.yml | 6 +++--- tests/integration/targets/rule/vars/main.yml | 4 ++-- tests/integration/targets/service_group/vars/main.yml | 6 +++--- tests/integration/targets/tag_group/vars/main.yml | 6 +++--- tests/integration/targets/timeperiod/vars/main.yml | 4 ++-- tests/integration/targets/user/vars/main.yml | 6 +++--- 26 files changed, 49 insertions(+), 49 deletions(-) diff --git a/roles/agent/README.md b/roles/agent/README.md index d8831c4e1..18075568a 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -17,7 +17,7 @@ It can be installed as easy as running: - checkmk_agent_version: "2.2.0p12" + checkmk_agent_version: "2.2.0p14" The Checkmk version of your site. diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index 39ad11ed5..06f2ca1a6 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -checkmk_agent_version: "2.2.0p12" +checkmk_agent_version: "2.2.0p14" checkmk_agent_edition: cre checkmk_agent_protocol: http checkmk_agent_server: localhost diff --git a/roles/agent/molecule/2.2.0/group_vars/all.yml b/roles/agent/molecule/2.2.0/group_vars/all.yml index 59c18e677..9446a6fba 100644 --- a/roles/agent/molecule/2.2.0/group_vars/all.yml +++ b/roles/agent/molecule/2.2.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_version: "2.2.0p12" +checkmk_version: "2.2.0p14" checkmk_edition: "cre" checkmk_site: "my_site" automation_user: "cmkadmin" diff --git a/roles/server/README.md b/roles/server/README.md index 31212e15b..e9c111591 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -23,7 +23,7 @@ To learn about the distributions used in automated tests, inspect the correspond - checkmk_server_version: "2.2.0p12" + checkmk_server_version: "2.2.0p14" The Checkmk version of your site. diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index dececfcb3..407943d33 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -24,7 +24,7 @@ checkmk_server_server_stable_os: - Ubuntu-20 - Ubuntu-22 -checkmk_server_version: "2.2.0p12" +checkmk_server_version: "2.2.0p14" checkmk_server_edition: cre checkmk_server_verify_setup: 'true' diff --git a/roles/server/molecule/2.2.0/group_vars/all.yml b/roles/server/molecule/2.2.0/group_vars/all.yml index faf825a9d..5c2374d58 100644 --- a/roles/server/molecule/2.2.0/group_vars/all.yml +++ b/roles/server/molecule/2.2.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_version: "2.2.0p12" +checkmk_version: "2.2.0p14" checkmk_edition: "cre" server_url: "http://127.0.0.1/" automation_user: "cmkadmin" diff --git a/scripts/release.sh b/scripts/release.sh index bd2e03851..7e76866aa 100755 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -17,7 +17,7 @@ collection_dir="${script_dir%/*}" # Update these as necessary: checkmk_ancient="2.0.0p39" checkmk_oldstable="2.1.0p36" -checkmk_stable="2.2.0p12" +checkmk_stable="2.2.0p14" while getopts 's:t:' OPTION; do case "$OPTION" in diff --git a/tests/integration/targets/activation/vars/main.yml b/tests/integration/targets/activation/vars/main.yml index ec08de421..8fd25ced7 100644 --- a/tests/integration/targets/activation/vars/main.yml +++ b/tests/integration/targets/activation/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/bakery/vars/main.yml b/tests/integration/targets/bakery/vars/main.yml index f67fde61d..947d4c9e7 100644 --- a/tests/integration/targets/bakery/vars/main.yml +++ b/tests/integration/targets/bakery/vars/main.yml @@ -1,6 +1,6 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/contact_group/vars/main.yml b/tests/integration/targets/contact_group/vars/main.yml index b68f050d1..aa3de1fc4 100644 --- a/tests/integration/targets/contact_group/vars/main.yml +++ b/tests/integration/targets/contact_group/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/discovery/vars/main.yml b/tests/integration/targets/discovery/vars/main.yml index c6a931e9f..781df088c 100644 --- a/tests/integration/targets/discovery/vars/main.yml +++ b/tests/integration/targets/discovery/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/downtime/vars/main.yml b/tests/integration/targets/downtime/vars/main.yml index ec08de421..8fd25ced7 100644 --- a/tests/integration/targets/downtime/vars/main.yml +++ b/tests/integration/targets/downtime/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/folder/vars/main.yml b/tests/integration/targets/folder/vars/main.yml index 8ede4c0da..20170db82 100644 --- a/tests/integration/targets/folder/vars/main.yml +++ b/tests/integration/targets/folder/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/host/vars/main.yml b/tests/integration/targets/host/vars/main.yml index 72ef3c7b6..f313ef3d1 100644 --- a/tests/integration/targets/host/vars/main.yml +++ b/tests/integration/targets/host/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/host_group/vars/main.yml b/tests/integration/targets/host_group/vars/main.yml index 0b9f59662..1a05512c9 100644 --- a/tests/integration/targets/host_group/vars/main.yml +++ b/tests/integration/targets/host_group/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cme" site: "stable_cme" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_folder/vars/main.yml b/tests/integration/targets/lookup_folder/vars/main.yml index 03bc017b1..bcb52d4bc 100644 --- a/tests/integration/targets/lookup_folder/vars/main.yml +++ b/tests/integration/targets/lookup_folder/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_folders/vars/main.yml b/tests/integration/targets/lookup_folders/vars/main.yml index 9ae5b83d6..47f3c20ca 100644 --- a/tests/integration/targets/lookup_folders/vars/main.yml +++ b/tests/integration/targets/lookup_folders/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_host/vars/main.yml b/tests/integration/targets/lookup_host/vars/main.yml index ffdc2c96a..d3f33b046 100644 --- a/tests/integration/targets/lookup_host/vars/main.yml +++ b/tests/integration/targets/lookup_host/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_hosts/vars/main.yml b/tests/integration/targets/lookup_hosts/vars/main.yml index c0c206291..708d308a6 100644 --- a/tests/integration/targets/lookup_hosts/vars/main.yml +++ b/tests/integration/targets/lookup_hosts/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/lookup_version/vars/main.yml b/tests/integration/targets/lookup_version/vars/main.yml index e90996ef1..7af04d7d5 100644 --- a/tests/integration/targets/lookup_version/vars/main.yml +++ b/tests/integration/targets/lookup_version/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/password/vars/main.yml b/tests/integration/targets/password/vars/main.yml index fedc1a73c..36406746b 100644 --- a/tests/integration/targets/password/vars/main.yml +++ b/tests/integration/targets/password/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cme" site: "stable_cme" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/rule/vars/main.yml b/tests/integration/targets/rule/vars/main.yml index 125325d46..655810f28 100644 --- a/tests/integration/targets/rule/vars/main.yml +++ b/tests/integration/targets/rule/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/service_group/vars/main.yml b/tests/integration/targets/service_group/vars/main.yml index 4ac7ce198..84a617d98 100644 --- a/tests/integration/targets/service_group/vars/main.yml +++ b/tests/integration/targets/service_group/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cme" site: "stable_cme" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/tag_group/vars/main.yml b/tests/integration/targets/tag_group/vars/main.yml index 7ecfde4a8..1ce595e5a 100644 --- a/tests/integration/targets/tag_group/vars/main.yml +++ b/tests/integration/targets/tag_group/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cme" site: "stable_cme" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/timeperiod/vars/main.yml b/tests/integration/targets/timeperiod/vars/main.yml index d8335ca8e..3094db997 100644 --- a/tests/integration/targets/timeperiod/vars/main.yml +++ b/tests/integration/targets/timeperiod/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index b100643ae..ca1e1af9c 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cme" site: "stable_cme" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cre" site: "stable_raw" - - version: "2.2.0p12" + - version: "2.2.0p14" edition: "cee" site: "stable_ent" - version: "2.1.0p36" From 3590c17ebbc9fd369b510fa1e58efb31c9c33228 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 9 Nov 2023 08:08:47 +0100 Subject: [PATCH 47/48] Bump collection version. --- SUPPORT.md | 1 + galaxy.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/SUPPORT.md b/SUPPORT.md index 7ab56e038..bf49b29fd 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -39,3 +39,4 @@ Collection Version | Checkmk Versions | Ansible Versions | Remarks 3.1.0 | 2.0.0p38, 2.1.0p32, 2.2.0p7 | 2.13, 2.14, 2.15 | None 3.2.0 | 2.0.0p38, 2.1.0p32, 2.2.0p8 | 2.13, 2.14, 2.15 | None 3.3.0 | 2.0.0p39, 2.1.0p35, 2.2.0p12 | 2.13, 2.14, 2.15 | None +3.4.0 | 2.0.0p39, 2.1.0p36, 2.2.0p14 | 2.12, 2.14, 2.15 | None diff --git a/galaxy.yml b/galaxy.yml index cb520a721..47a6466a5 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ name: general # The version of the collection. Must be compatible with semantic versioning -version: 3.3.0 +version: 3.4.0 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From 25e97219bc4cb530088185c7e5c040128e243c96 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 9 Nov 2023 08:13:26 +0100 Subject: [PATCH 48/48] Add release summary. --- changelogs/fragments/release_summary.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelogs/fragments/release_summary.yml diff --git a/changelogs/fragments/release_summary.yml b/changelogs/fragments/release_summary.yml new file mode 100644 index 000000000..6d1a165b8 --- /dev/null +++ b/changelogs/fragments/release_summary.yml @@ -0,0 +1 @@ +release_summary: "Supporting managed service providers, admins and security. All in one release."