Merge pull request #221 from Icinga/feature/pgsql-schemas

Adds PostgresQL support for Icingaweb2 modules
Icinga · Jan 18, 2024 · a2ad28c · a2ad28c
2 parents 0426b95 + ecf9f53
commit a2ad28c
Show file tree

Hide file tree

Showing 3 changed files with 71 additions and 21 deletions.
diff --git a/changelogs/fragments/feature_add_pgsql_support_for_modules.yml b/changelogs/fragments/feature_add_pgsql_support_for_modules.yml
@@ -0,0 +1,3 @@
+---
+minor_changes:
+  - Added support for PostgresQL databases for Icingaweb2 modules that support it
diff --git a/roles/icingaweb2/tasks/modules/manage_pgsql_imports.yml b/roles/icingaweb2/tasks/modules/manage_pgsql_imports.yml
@@ -0,0 +1,37 @@
+---
+- name: Check Database Credentials
+  ansible.builtin.assert:
+    that:
+      - _db['user'] is defined
+      - _db['password'] is defined
+    fail_msg: "No database credentials defined."
+
+- name: Build pgsql command
+  ansible.builtin.set_fact:
+    _tmp_pgsqlcmd: >-
+      PGPASSWORD="{{ _db['password'] }}"
+      psql
+      "{% if _db['host'] | default('localhost') != 'localhost' %} host={{ _db['host'] }}{%- endif %}
+      {% if _db['port'] is defined %} port={{ _db['port'] }}{%- endif %}
+      user={{ _db['user'] }}
+      dbname={{ _db['name'] }}
+      {% if _db['ssl_mode'] is defined %} sslmode={{ _db['ssl_mode'] | default('require') }}{%- endif %}
+      {% if _db['ssl_cert'] is defined %} sslcert={{ _db['ssl_cert'] }}{%- endif %}
+      {% if _db['ssl_key'] is defined %} sslkey={{ _db['ssl_key'] }}{%- endif %}
+      {% if _db['ssl_extra_options'] is defined %} {{ _db['ssl_extra_options'] }}{%- endif %}"
+
+- name: PostgresQL check for db schema
+  ansible.builtin.shell: >
+    {{ _tmp_pgsqlcmd }}
+    -tq -c "{{ _db['select_query'] }}"
+  failed_when: false
+  changed_when: false
+  check_mode: false
+  register: _db_schema
+
+- name: PostgresQL import  db schema
+  ansible.builtin.shell: >
+    {{ _tmp_pgsqlcmd }}
+    < {{ _db['schema_path_pgsql'] }}
+  when: _db_schema.rc != 0
+  run_once: yes
diff --git a/roles/icingaweb2/tasks/modules/x509.yml b/roles/icingaweb2/tasks/modules/x509.yml
@@ -21,46 +21,56 @@
       - sni
 
 - name: Module x509 | Manage Schema
+  when: vars['icingaweb2_modules'][_module]['database']['import_schema'] | default(false)
+  vars:
+    _module: "{{ item.key }}"
   block:
     - name: Module x509 | Prepare _db informations
       ansible.builtin.set_fact:
         _db:
-          host: "{{ icingaweb2_modules[_module].database.host | default('localhost') }}"
-          port: "{{ icingaweb2_modules[_module].database.port | default('3306') }}"
-          user: "{{ icingaweb2_modules[_module].database.user | default('x509') }}"
-          password: "{{ icingaweb2_modules[_module].database.password | default(omit) }}"
-          name: "{{ icingaweb2_modules[_module].database.name | default('x509') }}"
-          ssl_mode: "{{ icingaweb2_modules[_module].database.ssl_mode | default(omit) }}"
-          ssl_ca: "{{ icingaweb2_modules[_module].database.ssl_ca | default(omit) }}"
-          ssl_cert: "{{ icingaweb2_modules[_module].database.ssl_cert | default(omit) }}"
-          ssl_key: "{{ icingaweb2_modules[_module].database.ssl_key | default(omit) }}"
-          ssl_cipher: "{{ icingaweb2_modules[_module].database.ssl_cipher | default(omit) }}"
-          ssl_extra_options: "{{ icingaweb2_modules[_module].database.ssl_extra_options | default(omit) }}"
-          schema_path: /usr/share/icingaweb2/modules/x509/schema/mysql.schema.sql
+          host: "{{ vars['icingaweb2_modules'][_module]['database']['host'] | default('localhost') }}"
+          port: "{{ vars['icingaweb2_modules'][_module]['database']['port'] | default('3306') }}"
+          user: "{{ vars['icingaweb2_modules'][_module]['database']['user'] | default('x509') }}"
+          password: "{{ vars['icingaweb2_modules'][_module]['database']['password'] | default(omit) }}"
+          name: "{{ vars['icingaweb2_modules'][_module]['database']['name'] | default('x509') }}"
+          ssl_mode: "{{ vars['icingaweb2_modules'][_module]['database']['ssl_mode'] | default(omit) }}"
+          ssl_ca: "{{ vars['icingaweb2_modules'][_module]['database']['ssl_ca'] | default(omit) }}"
+          ssl_cert: "{{ vars['icingaweb2_modules'][_module]['database']['ssl_cert'] | default(omit) }}"
+          ssl_key: "{{ vars['icingaweb2_modules'][_module]['database']['ssl_key'] | default(omit) }}"
+          ssl_cipher: "{{ vars['icingaweb2_modules'][_module]['database']['ssl_cipher'] | default(omit) }}"
+          ssl_extra_options: "{{ vars['icingaweb2_modules'][_module]['database']['ssl_extra_options'] | default(omit) }}"
+          schema_path_mysql: /usr/share/icingaweb2/modules/x509/schema/mysql.schema.sql
+          schema_path_pgsql: /usr/share/icingaweb2/modules/x509/schema/pgsql.schema.sql
           select_query: "select * from x509_certificate"
-      when: icingaweb2_modules[_module].database.type | default('mysql') == 'mysql'
+          type: "{{ vars['icingaweb2_modules'][_module]['database']['type'] | default(omit) }}"
+
+    - ansible.builtin.fail:
+        fail_msg: No database type was provided
+      when: vars['icingaweb2_modules'][_module]['database']['type'] is not defined
 
     - ansible.builtin.fail:
-        fail_msg: "The Database type select is not supported, {{ icingaweb2_modules[_module].database.type }} [Supported=mysql]"
-      when: vars['icingaweb2_modules'][_module]['database']['type'] is defined and icingaweb2_modules[_module].database.type != 'mysql'
+        fail_msg: "Invalid database type was provided. [Supported: mysql, pgsql]"
+      when: _db.type not in ['mysql', 'pgsql']
 
-    - name: Module x509 | Import Schema
+    - name: Module x509 | Import MySQL Schema
       ansible.builtin.include_tasks: ../manage_mysql_imports.yml
+      when: _db.type == 'mysql'
+
+    - name: Module x509 | Import PostgresQL Schema
+      ansible.builtin.include_tasks: ../manage_pgsql_imports.yml
+      when: _db.type == 'pgsql'
 
     - name: Module x509 | empty _db var
       ansible.builtin.set_fact:
         _db: {}
-  when: icingaweb2_modules[_module].database.import_schema | default(false)
-  vars:
-    _module: "{{ item.key }}"
 
 - name: Module x509 | Import Certificates
   ansible.builtin.shell: >
     icingacli {{ _module }} import --file {{ _file }}
-  loop: "{{ icingaweb2_modules[_module].certificate_files }}"
+  loop: "{{ vars['icingaweb2_modules'][_module]['certificate_files'] }}"
   loop_control:
     loop_var: _file
   vars:
     _module: "{{ item.key }}"
-  when: icingaweb2_modules[_module].certificate_files is defined
+  when: vars['icingaweb2_modules'][_module]['certificate_files'] is defined
   changed_when: false