From 43cc83a9f1dc822a14514e9b912cd4d6aae8b62f Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 1 Dec 2023 17:02:06 +0100 Subject: [PATCH 001/114] WIP --- tests/rework/Dockerfile | 64 +++++++++++++ tests/rework/Dockerfile.ansible-test | 14 +++ tests/rework/Dockerfile.base-test-container | 94 +++++++++++++++++++ .../Dockerfile.docker-ubuntu2204-ansible | 47 ++++++++++ tests/rework/files/initctl_faker | 23 +++++ 5 files changed, 242 insertions(+) create mode 100644 tests/rework/Dockerfile create mode 100644 tests/rework/Dockerfile.ansible-test create mode 100644 tests/rework/Dockerfile.base-test-container create mode 100644 tests/rework/Dockerfile.docker-ubuntu2204-ansible create mode 100644 tests/rework/files/initctl_faker diff --git a/tests/rework/Dockerfile b/tests/rework/Dockerfile new file mode 100644 index 000000000..5dc330b0f --- /dev/null +++ b/tests/rework/Dockerfile @@ -0,0 +1,64 @@ +FROM ubuntu:jammy +LABEL maintainer="Robin Gierse" + +ENV pip_packages "ansible" + +ARG distro="jammy" +ARG DEBIAN_FRONTEND=noninteractives + +ENV stable "2.2.0p14" +ENV old "2.1.0p36" +ENV ancient "2.0.0p39" + +# Install dependencies. +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + apt-utils \ + build-essential \ + locales \ + libffi-dev \ + libssl-dev \ + libyaml-dev \ + man \ + python3-dev \ + python3-setuptools \ + python3-pip \ + python3-yaml \ + software-properties-common \ + rsyslog systemd sudo iproute2 \ + wget \ + && \ + apt-get clean && \ + rm -Rf /var/lib/apt/lists/* && \ + rm -Rf /usr/share/doc +RUN sed -i 's/^\($ModLoad imklog\)/#\1/' /etc/rsyslog.conf + +# Fix potential UTF-8 errors with ansible-test. +RUN locale-gen en_US.UTF-8 + +# Install Ansible via Pip. +RUN pip3 install $pip_packages + +COPY files/initctl_faker . +RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl + +# Install Ansible inventory file. +RUN mkdir -p /etc/ansible +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts + +# Remove unnecessary getty and udev targets that result in high CPU usage when using +# multiple containers with Molecule (https://github.com/ansible/molecule/issues/1104) +RUN rm -f /lib/systemd/system/systemd*udev* \ + && rm -f /lib/systemd/system/getty.target + +# Install Checkmk +RUN apt-get update &&\ + # wget https://download.checkmk.com/checkmk/${ancient}/check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ + # wget https://download.checkmk.com/checkmk/${old}/check-mk-raw-${old}_0.${distro}_amd64.deb && \ + wget https://download.checkmk.com/checkmk/${stable}/check-mk-raw-${stable}_0.${distro}_amd64.deb && \ + # apt-get install -y ./check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ + # apt-get install -y ./check-mk-raw-${old}_0.${distro}_amd64.deb && \ + apt-get install -y ./check-mk-raw-${stable}_0.${distro}_amd64.deb + +VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] +CMD ["/lib/systemd/systemd"] diff --git a/tests/rework/Dockerfile.ansible-test b/tests/rework/Dockerfile.ansible-test new file mode 100644 index 000000000..22a6eda45 --- /dev/null +++ b/tests/rework/Dockerfile.ansible-test @@ -0,0 +1,14 @@ +FROM quay.io/ansible/base-test-container:6.0.0 + +COPY requirements /usr/share/container-setup/default/requirements/ +COPY freeze /usr/share/container-setup/default/freeze/ + +RUN pwsh /usr/share/container-setup/default/requirements/sanity.pslint.ps1 -IsContainer && \ + rm -rf /tmp/.dotnet /tmp/Microsoft.PackageManagement + +COPY files/pre-build /usr/share/container-setup/pre-build/ +COPY files/requirements.py /usr/share/container-setup/ +RUN /usr/share/container-setup/python -B /usr/share/container-setup/requirements.py default + +COPY files/prime.py files/ansible-test-*.txt /usr/share/container-setup/ +RUN /usr/share/container-setup/python -B /usr/share/container-setup/prime.py default diff --git a/tests/rework/Dockerfile.base-test-container b/tests/rework/Dockerfile.base-test-container new file mode 100644 index 000000000..b379778ab --- /dev/null +++ b/tests/rework/Dockerfile.base-test-container @@ -0,0 +1,94 @@ +FROM quay.io/bedrock/ubuntu:focal-20230801 + +RUN apt-get update -y && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + g++ \ + gcc \ + git \ + gnupg2 \ + libbz2-dev \ + libffi-dev \ + libreadline-dev \ + libsqlite3-dev \ + libxml2-dev \ + libxslt1-dev \ + libyaml-dev \ + locales \ + make \ + openssh-client \ + openssh-server \ + openssl \ + python3.8-dev \ + python3.8-distutils \ + python3.8-venv \ + python3.9-dev \ + python3.9-distutils \ + python3.9-venv \ + shellcheck \ + sudo \ + systemd-sysv \ + && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +COPY files/deadsnakes.gpg /etc/apt/keyrings/deadsnakes.gpg +COPY files/deadsnakes.list /etc/apt/sources.list.d/deadsnakes.list + +# Install Python versions available from the deadsnakes PPA. +# This is done separately to avoid conflicts with official Ubuntu packages. +RUN apt-get update -y && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + python3.7-dev \ + python3.7-distutils \ + python3.7-venv \ + python3.10-dev \ + python3.10-distutils \ + python3.10-venv \ + python3.11-dev \ + python3.11-distutils \ + python3.11-venv \ + python3.12-dev \ + python3.12-distutils \ + python3.12-venv \ + && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +RUN rm /etc/apt/apt.conf.d/docker-clean && \ + ln -s python3 /usr/bin/python && \ + locale-gen en_US.UTF-8 + +# Install PowerShell using a binary archive. +# This allows pinning to a specific version, and also brings support for multiple architectures. +RUN version="7.3.8" && \ + major_version="$(echo ${version} | cut -f 1 -d .)" && \ + install_dir="/opt/microsoft/powershell/${major_version}" && \ + tmp_file="/tmp/powershell.tgz" && \ + arch="$(uname -i)" && \ + arch=$(if [ "${arch}" = "x86_64" ]; then echo "x64"; \ + elif [ "${arch}" = "aarch64" ]; then echo "arm64"; \ + else echo "unknown arch: ${arch}" && exit 1; fi) && \ + url="https://github.com/PowerShell/PowerShell/releases/download/v${version}/powershell-${version}-linux-${arch}.tar.gz" && \ + echo "URL: ${url}" && \ + curl -sL "${url}" > "${tmp_file}" && \ + mkdir -p "${install_dir}" && \ + tar zxf "${tmp_file}" --no-same-owner --no-same-permissions -C "${install_dir}" && \ + rm "${tmp_file}" && \ + find "${install_dir}" -type f -exec chmod -x "{}" ";" && \ + chmod +x "${install_dir}/pwsh" && \ + ln -s "${install_dir}/pwsh" /usr/bin/pwsh && \ + pwsh --version + +ENV container=docker +CMD ["/sbin/init"] + +# Install pip last to speed up local container rebuilds. +COPY files/*.py /usr/share/container-setup/ +RUN ln -s /usr/bin/python3.12 /usr/share/container-setup/python +RUN /usr/share/container-setup/python -B /usr/share/container-setup/setup.py + +# Make sure the pip entry points in /usr/bin are correct. +RUN rm -f /usr/bin/pip3 && cp -av /usr/local/bin/pip3 /usr/bin/pip3 && /usr/bin/pip3 -V && \ + rm -f /usr/bin/pip && cp -av /usr/local/bin/pip /usr/bin/pip && /usr/bin/pip -V diff --git a/tests/rework/Dockerfile.docker-ubuntu2204-ansible b/tests/rework/Dockerfile.docker-ubuntu2204-ansible new file mode 100644 index 000000000..8054b9489 --- /dev/null +++ b/tests/rework/Dockerfile.docker-ubuntu2204-ansible @@ -0,0 +1,47 @@ +FROM ubuntu:22.04 +LABEL maintainer="Jeff Geerling" + +ARG DEBIAN_FRONTEND=noninteractive + +ENV pip_packages "ansible" + +# Install dependencies. +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + apt-utils \ + build-essential \ + locales \ + libffi-dev \ + libssl-dev \ + libyaml-dev \ + python3-dev \ + python3-setuptools \ + python3-pip \ + python3-yaml \ + software-properties-common \ + rsyslog systemd systemd-cron sudo iproute2 \ + && apt-get clean \ + && rm -Rf /var/lib/apt/lists/* \ + && rm -Rf /usr/share/doc && rm -Rf /usr/share/man +RUN sed -i 's/^\($ModLoad imklog\)/#\1/' /etc/rsyslog.conf + +# Fix potential UTF-8 errors with ansible-test. +RUN locale-gen en_US.UTF-8 + +# Install Ansible via Pip. +RUN pip3 install $pip_packages + +COPY initctl_faker . +RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl + +# Install Ansible inventory file. +RUN mkdir -p /etc/ansible +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts + +# Remove unnecessary getty and udev targets that result in high CPU usage when using +# multiple containers with Molecule (https://github.com/ansible/molecule/issues/1104) +RUN rm -f /lib/systemd/system/systemd*udev* \ + && rm -f /lib/systemd/system/getty.target + +VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] +CMD ["/lib/systemd/systemd"] diff --git a/tests/rework/files/initctl_faker b/tests/rework/files/initctl_faker new file mode 100644 index 000000000..a2267f30d --- /dev/null +++ b/tests/rework/files/initctl_faker @@ -0,0 +1,23 @@ +#!/bin/sh +ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" + +case "$ALIAS_CMD" in + start|stop|restart|reload|status) + exec service $1 $ALIAS_CMD + ;; +esac + +case "$1" in + list ) + exec service --status-all + ;; + reload-configuration ) + exec service $2 restart + ;; + start|stop|restart|reload|status) + exec service $2 $1 + ;; + \?) + exit 0 + ;; +esac From 96d8c2cf210d256f89823c8a56bac6ac624ec147 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Tue, 5 Dec 2023 14:28:10 +0100 Subject: [PATCH 002/114] Add findings. --- tests/rework/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/rework/Dockerfile b/tests/rework/Dockerfile index 5dc330b0f..885be6a67 100644 --- a/tests/rework/Dockerfile +++ b/tests/rework/Dockerfile @@ -1,3 +1,6 @@ +# We need to avoid the Checkmk setup detecting systemd somehow. +# See the postinst script of the package for the mechanism. + FROM ubuntu:jammy LABEL maintainer="Robin Gierse" From 43d1bb63b64921ad875017e9303d3a948a61e88d Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Tue, 5 Dec 2023 17:39:51 +0100 Subject: [PATCH 003/114] First working Dockerfile with a hack. --- tests/rework/Dockerfile | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/tests/rework/Dockerfile b/tests/rework/Dockerfile index 885be6a67..798a72e24 100644 --- a/tests/rework/Dockerfile +++ b/tests/rework/Dockerfile @@ -1,6 +1,3 @@ -# We need to avoid the Checkmk setup detecting systemd somehow. -# See the postinst script of the package for the mechanism. - FROM ubuntu:jammy LABEL maintainer="Robin Gierse" @@ -9,7 +6,7 @@ ENV pip_packages "ansible" ARG distro="jammy" ARG DEBIAN_FRONTEND=noninteractives -ENV stable "2.2.0p14" +ENV stable "2.2.0p16" ENV old "2.1.0p36" ENV ancient "2.0.0p39" @@ -55,13 +52,18 @@ RUN rm -f /lib/systemd/system/systemd*udev* \ && rm -f /lib/systemd/system/getty.target # Install Checkmk -RUN apt-get update &&\ - # wget https://download.checkmk.com/checkmk/${ancient}/check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ - # wget https://download.checkmk.com/checkmk/${old}/check-mk-raw-${old}_0.${distro}_amd64.deb && \ +RUN apt-get update && \ + mv /usr/bin/systemctl /usr/bin/systemctl.bak && \ + echo "exit 0" > /usr/bin/systemctl && \ + chmod +x /usr/bin/systemctl && \ + wget https://download.checkmk.com/checkmk/${ancient}/check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ + wget https://download.checkmk.com/checkmk/${old}/check-mk-raw-${old}_0.${distro}_amd64.deb && \ wget https://download.checkmk.com/checkmk/${stable}/check-mk-raw-${stable}_0.${distro}_amd64.deb && \ - # apt-get install -y ./check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ - # apt-get install -y ./check-mk-raw-${old}_0.${distro}_amd64.deb && \ - apt-get install -y ./check-mk-raw-${stable}_0.${distro}_amd64.deb + apt-get install -y ./check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ + apt-get install -y ./check-mk-raw-${old}_0.${distro}_amd64.deb && \ + apt-get install -y ./check-mk-raw-${stable}_0.${distro}_amd64.deb && \ + mv /usr/bin/systemctl.bak /usr/bin/systemctl && \ + chmod +x /usr/bin/systemctl VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] CMD ["/lib/systemd/systemd"] From 6f39205d1afef3056493291c00d36afcd9331992 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Wed, 20 Dec 2023 11:12:30 +0100 Subject: [PATCH 004/114] The rule module has now a parameter rule_id that can be used to identify an existing rule. --- plugins/lookup/rules.py | 157 ++++++++++++++++++++++++++++++++++++++++ plugins/modules/rule.py | 79 ++++++++++++++------ 2 files changed, 212 insertions(+), 24 deletions(-) create mode 100644 plugins/lookup/rules.py diff --git a/plugins/lookup/rules.py b/plugins/lookup/rules.py new file mode 100644 index 000000000..2b66acdf1 --- /dev/null +++ b/plugins/lookup/rules.py @@ -0,0 +1,157 @@ +# Copyright: (c) 2023, Lars Getwan +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +DOCUMENTATION = """ + name: rules + author: Lars Getwan (@lgetwan) + version_added: "3.5.0" + short_description: List rules + description: + - Returns a list of Rules + options: + ruleset: + description: The ruleset name. + required: True + description_regex: + description: A regex to filter for certain descriptions. + required: False + default: "" + comment_regex: + description: A regex to filter for certain comment stings. + required: False + default: "" + server_url: + description: URL of the Checkmk server. + required: True + site: + description: Site name. + required: True + automation_user: + description: Automation user for the REST API access. + required: True + automation_secret: + description: Automation secret for the REST API access. + required: True + validate_certs: + description: Whether or not to validate TLS cerificates. + type: boolean + required: False + default: True +""" + +EXAMPLES = """ +- name: Get all rules of the ruleset host_groups + ansible.builtin.debug: + msg: "Rule: {{ item.extensions }}" + loop: "{{ + lookup('checkmk.general.rules', + ruleset='host_groups', + server_url=server_url, + site=site, + automation_user=automation_user, + automation_secret=automation_secret, + validate_certs=False + ) + }}" + loop_control: + label: "{{ item.id }}" + +- name: actice_checks:http rules that match a certain description AND comment + ansible.builtin.debug: + msg: "Rule: {{ item.extensions }}" + loop: "{{ + lookup('checkmk.general.rules', + ruleset='actice_checks:http', + description_regex='foo.*bar', + comment_regex='xmas-edition', + server_url=server_url, + site=site, + automation_user=automation_user, + automation_secret=automation_secret, + validate_certs=False + ) + }}" + loop_control: + label: "{{ item.id }}" +""" + +RETURN = """ + _list: + description: + - A list of all rules of a particular ruleset + type: list + elements: str +""" + +import json +import re + +from ansible.errors import AnsibleError +from ansible.plugins.lookup import LookupBase +from ansible_collections.checkmk.general.plugins.module_utils.lookup_api import ( + CheckMKLookupAPI, +) + + +class LookupModule(LookupBase): + def run(self, terms, variables, **kwargs): + regex_params = {} + self.set_options(var_options=variables, direct=kwargs) + ruleset = self.get_option("ruleset") + regex_params["description"] = self.get_option("description_regex") + regex_params["comment"] = self.get_option("comment_regex") + server_url = self.get_option("server_url") + site = self.get_option("site") + user = self.get_option("automation_user") + secret = self.get_option("automation_secret") + validate_certs = self.get_option("validate_certs") + + site_url = server_url + "/" + site + + api = CheckMKLookupAPI( + site_url=site_url, + user=user, + secret=secret, + validate_certs=validate_certs, + ) + + parameters = { + "ruleset_name": ruleset, + } + + response = json.loads(api.get("/domain-types/rule/collections/all", parameters)) + + if "code" in response: + raise AnsibleError( + "Received error for %s - %s: %s" + % ( + response.get("url", ""), + response.get("code", ""), + response.get("msg", ""), + ) + ) + + rule_list = response.get("value") + + for what, regex in regex_params.items(): + try: + if regex: + rule_list = [ + r + for r in rule_list + if re.search( + regex, + r.get("extensions", {}).get("properties", {}).get(what, ""), + ) + ] + except re.error as e: + raise AnsibleError( + "Invalid regex for %s, pattern: %s, position: %s error: %s" + % (what, e.pattern, e.pos, e.msg) + ) + + return [rule_list] diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index aa7530f8c..1e28af9a0 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -67,6 +67,11 @@ properties: description: Properties of the rule. type: dict + rule_id: + description: + - If given, it will be C(the only condition) to identify the rule to work on. + - When there's no rule found with this id, the task will fail. + type: str value_raw: description: Rule values as exported from the web interface. type: str @@ -280,6 +285,25 @@ def get_rules_in_ruleset(module, base_url, headers, ruleset): module, url, module.jsonify(params), headers=headers, method="GET" ) + if info["status"] != 200: + exit_failed( + module, + "Error calling API. HTTP code %d. Details: %s, " + % (info["status"], str(info)), + ) + + return json.loads(response.read().decode("utf-8")).get("value") + + +def show_rule(module, base_url, headers, rule_id): + api_endpoint = "/objects/rule/" + rule_id + + url = "%s%s" % (base_url, api_endpoint) + + response, info = fetch_url( + module, url, headers=headers, method="GET" + ) + if info["status"] != 200: exit_failed( module, @@ -291,8 +315,12 @@ def get_rules_in_ruleset(module, base_url, headers, ruleset): def get_existing_rule(module, base_url, headers, ruleset, rule): - # Get rules in ruleset - rules = get_rules_in_ruleset(module, base_url, headers, ruleset) + if rule.get("rule_id"): + # We already know whih rule to get + return rule.get("rule_id") + else: + # Get rules in ruleset + rules = get_rules_in_ruleset(module, base_url, headers, ruleset) (value_mod, exc) = safe_eval(rule["value_raw"], include_exceptions=True) if exc is not None: @@ -300,7 +328,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): if rules is not None: # Loop through all rules - for r in rules.get("value"): + for r in rules: (value_api, exc) = safe_eval( r["extensions"]["value_raw"], include_exceptions=True ) @@ -314,7 +342,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): and value_api == value_mod ): # If they are the same, return the ID - return r + return r["id"] return None @@ -323,9 +351,9 @@ def create_rule(module, base_url, headers, ruleset, rule): api_endpoint = "/domain-types/rule/collections/all" changed = True - e = get_existing_rule(module, base_url, headers, ruleset, rule) - if e: - return (e["id"], not changed) + rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) + if rule_id: + return (rule_id, not changed) if module.check_mode: return (None, changed) @@ -358,10 +386,11 @@ def create_rule(module, base_url, headers, ruleset, rule): def delete_rule(module, base_url, headers, ruleset, rule): changed = True - e = get_existing_rule(module, base_url, headers, ruleset, rule) - if e: + rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) + + if rule_id: if not module.check_mode: - delete_rule_by_id(module, base_url, headers, e["id"]) + delete_rule_by_id(module, base_url, headers, rule_id) return changed return not changed @@ -447,6 +476,7 @@ def run_module(): conditions=dict(type="dict"), properties=dict(type="dict"), value_raw=dict(type="str"), + rule_id=dict(type="str"), location=dict( type="dict", options=dict( @@ -495,23 +525,24 @@ def run_module(): # Get the variables ruleset = module.params.get("ruleset", "") - rule = module.params.get("rule", "") + rule = module.params.get("rule", {}) location = rule.get("location") # Check if required params to create a rule are given - if rule.get("folder") is None or rule.get("folder") == "": - rule["folder"] = location["folder"] - if rule.get("properties") is None or rule.get("properties") == "": - exit_failed(module, "Rule properties are required") - if rule.get("value_raw") is None or rule.get("value_raw") == "": - exit_failed(module, "Rule value_raw is required") - # Default to all hosts if conditions arent given - if rule.get("conditions") is None or rule.get("conditions") == "": - rule["conditions"] = { - "host_tags": [], - "host_labels": [], - "service_labels": [], - } + if rule.get("rule_id") is None or rule.get("rule_id") == "": + if rule.get("folder") is None or rule.get("folder") == "": + rule["folder"] = location["folder"] + if rule.get("properties") is None or rule.get("properties") == "": + exit_failed(module, "Rule properties are required") + if rule.get("value_raw") is None or rule.get("value_raw") == "": + exit_failed(module, "Rule value_raw is required") + # Default to all hosts if conditions arent given + if rule.get("conditions") is None or rule.get("conditions") == "": + rule["conditions"] = { + "host_tags": [], + "host_labels": [], + "service_labels": [], + } if module.params.get("state") == "absent": if location.get("rule_id") is not None: exit_failed(module, "rule_id in location is invalid with state=absent") From aa67aa3dcdc82a98933207c2924a7a99a9e3bf94 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 21 Dec 2023 16:14:22 +0100 Subject: [PATCH 005/114] Work in progress. --- .../targets/activation/tasks/prep.yml | 41 ++++++++++++------- tests/rework/Dockerfile | 23 +++++++++-- tests/rework/entrypoint.sh | 7 ++++ 3 files changed, 52 insertions(+), 19 deletions(-) create mode 100755 tests/rework/entrypoint.sh diff --git a/tests/integration/targets/activation/tasks/prep.yml b/tests/integration/targets/activation/tasks/prep.yml index 5f2c8e874..3d58b3439 100644 --- a/tests/integration/targets/activation/tasks/prep.yml +++ b/tests/integration/targets/activation/tasks/prep.yml @@ -1,20 +1,26 @@ --- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" +# - name: "Get installed Packages." +# ansible.builtin.package_facts: -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" +# - name: "Download Checkmk Versions." +# ansible.builtin.get_url: +# url: "{{ download_url }}" +# dest: /tmp/checkmk-server-{{ item.site }}.deb +# mode: "0640" +# url_username: "{{ download_user | default(omit) }}" +# url_password: "{{ download_pass | default(omit) }}" +# loop: "{{ test_sites }}" +# # when: ((download_pass is defined and download_pass | length) or item.edition == "cre") and ('check-mk-'+item.edition+'-'+item.version not in ansible_facts.packages) +# when: | +# ((download_pass is defined and download_pass | length) or item.edition == "cre") +# and not 'check-mk-' + item.edition + '-' +item.version in ansible_facts.packages + +# - name: "Install Checkmk Versions." +# ansible.builtin.apt: +# deb: /tmp/checkmk-server-{{ item.site }}.deb +# state: present +# loop: "{{ test_sites }}" +# when: (download_pass is defined and download_pass | length) or item.edition == "cre" - name: "Create Sites." ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" @@ -23,6 +29,11 @@ loop: "{{ test_sites }}" when: (download_pass is defined and download_pass | length) or item.edition == "cre" +- name: "Start Apache2." + ansible.builtin.service: + name: apache2 + state: started + - name: "Start Sites." ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" register: site_status diff --git a/tests/rework/Dockerfile b/tests/rework/Dockerfile index 798a72e24..ffb9c66ff 100644 --- a/tests/rework/Dockerfile +++ b/tests/rework/Dockerfile @@ -6,8 +6,8 @@ ENV pip_packages "ansible" ARG distro="jammy" ARG DEBIAN_FRONTEND=noninteractives -ENV stable "2.2.0p16" -ENV old "2.1.0p36" +ENV stable "2.2.0p17" +ENV old "2.1.0p37" ENV ancient "2.0.0p39" # Install dependencies. @@ -63,7 +63,22 @@ RUN apt-get update && \ apt-get install -y ./check-mk-raw-${old}_0.${distro}_amd64.deb && \ apt-get install -y ./check-mk-raw-${stable}_0.${distro}_amd64.deb && \ mv /usr/bin/systemctl.bak /usr/bin/systemctl && \ - chmod +x /usr/bin/systemctl + chmod +x /usr/bin/systemctl && \ + systemctl enable apache2.service VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] -CMD ["/lib/systemd/systemd"] + +# COPY entrypoint.sh / + +# ENTRYPOINT ["/entrypoint.sh"] + +# Remove unnecessary units +RUN rm -f /lib/systemd/system/multi-user.target.wants/* \ + /etc/systemd/system/*.wants/* \ + /lib/systemd/system/local-fs.target.wants/* \ + /lib/systemd/system/sockets.target.wants/*udev* \ + /lib/systemd/system/sockets.target.wants/*initctl* \ + /lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup* \ + /lib/systemd/system/systemd-update-utmp* + +CMD [ "/lib/systemd/systemd", "log-level=info", "unit=sysinit.target" ] diff --git a/tests/rework/entrypoint.sh b/tests/rework/entrypoint.sh new file mode 100755 index 000000000..d07877924 --- /dev/null +++ b/tests/rework/entrypoint.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# set -e -o pipefail + +/lib/systemd/systemd & + +wait From 0d0771e0040c1defac6de6cad64e574aa79a8f4f Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 22 Dec 2023 17:11:20 +0100 Subject: [PATCH 006/114] Clean up. --- tests/rework/entrypoint.sh | 7 ------- tests/rework/files/initctl_faker | 23 ----------------------- 2 files changed, 30 deletions(-) delete mode 100755 tests/rework/entrypoint.sh delete mode 100644 tests/rework/files/initctl_faker diff --git a/tests/rework/entrypoint.sh b/tests/rework/entrypoint.sh deleted file mode 100755 index d07877924..000000000 --- a/tests/rework/entrypoint.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# set -e -o pipefail - -/lib/systemd/systemd & - -wait diff --git a/tests/rework/files/initctl_faker b/tests/rework/files/initctl_faker deleted file mode 100644 index a2267f30d..000000000 --- a/tests/rework/files/initctl_faker +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh -ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" - -case "$ALIAS_CMD" in - start|stop|restart|reload|status) - exec service $1 $ALIAS_CMD - ;; -esac - -case "$1" in - list ) - exec service --status-all - ;; - reload-configuration ) - exec service $2 restart - ;; - start|stop|restart|reload|status) - exec service $2 $1 - ;; - \?) - exit 0 - ;; -esac From 3f27a81d41871cbbdf2ac7102d8e987d8aca02a7 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 22 Dec 2023 17:11:28 +0100 Subject: [PATCH 007/114] Add README. --- tests/rework/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 tests/rework/README.md diff --git a/tests/rework/README.md b/tests/rework/README.md new file mode 100644 index 000000000..f5a478f75 --- /dev/null +++ b/tests/rework/README.md @@ -0,0 +1,12 @@ +# Custom Docker Containers for Integration Tests +## Why +TBD + +## How-to +- `docker build -t ansible-checkmk-test ./` + +## ToDo +- [ ] Add deadsnakes to enable several Python versions. + +## Recognition +This project uses https://github.com/gdraheim/docker-systemctl-replacement. From 61871a23375b4a95ed965f069518abc51b0c2068 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 22 Dec 2023 17:11:39 +0100 Subject: [PATCH 008/114] Add systemctl faker. --- tests/rework/files/LICENSE | 304 ++ tests/rework/files/README.md | 228 + tests/rework/files/systemctl3.py | 6808 ++++++++++++++++++++++++++++++ 3 files changed, 7340 insertions(+) create mode 100644 tests/rework/files/LICENSE create mode 100644 tests/rework/files/README.md create mode 100755 tests/rework/files/systemctl3.py diff --git a/tests/rework/files/LICENSE b/tests/rework/files/LICENSE new file mode 100644 index 000000000..e5dc36766 --- /dev/null +++ b/tests/rework/files/LICENSE @@ -0,0 +1,304 @@ +## EUROPEAN UNION PUBLIC LICENCE v. 1.2 + + EUPL (C) the European Union 2007, 2016 + +This European Union Public Licence (the EUPL) applies to the Work (as +defined below) which is provided under the terms of this Licence. Any +use of the Work, other than as authorised under this Licence is +prohibited (to the extent such use is covered by a right of the +copyright holder of the Work). + +The Original Work is provided under the terms of this Licence when +the Licensor (as defined below) has placed the following notice +immediately following the copyright notice for the Original Work: + + Licensed under the EUPL + +or has expressed by any other means his willingness to license under +the EUPL. + +### 1.Definitions + +In this Licence, the following terms have the following meaning: + +- 'The Licence': this Licence. +- 'The Original Work': the work or software distributed or + communicated by the Licensor under this Licence, available as Source + Code and also as Executable Code as the case may be. +- 'Derivative Works': the works or software that could be created by + the Licensee, based upon the Original Work or modifications thereof. + This Licence does not define the extent of modification or + dependence on the Original Work required in order to classify a work + as a Derivative Work; this extent is determined by copyright law + applicable in the country mentioned in Article 15. +- 'The Work': the Original Work or its Derivative Works. +- 'The Source Code': the human-readable form of the Work which is the + most convenient for people to study and modify. +- 'The Executable Code': any code which has generally been compiled + and which is meant to be interpreted by a computer as a program. +- 'The Licensor': the natural or legal person that distributes or + communicates the Work under the Licence. +- 'Contributor(s)': any natural or legal person who modifies the Work + under the Licence, or otherwise contributes to the creation of a + Derivative Work. +- 'The Licensee or You': any natural or legal person who makes any + usage of the Work under the terms of the Licence. +- 'Distribution or Communication': any act of selling, giving, + lending, renting, distributing, communicating, transmitting, or + otherwise making available, online or offline, copies of the Work + or providing access to its essential functionalities at the disposal + of any other natural or legal person. + +### 2. Scope of the rights granted by the Licence + +The Licensor hereby grants You a worldwide, royalty-free, +non-exclusive, sublicensable licence to do the following, for the +duration of copyright vested in the Original Work: + +- use the Work in any circumstance and for all usage, +- reproduce the Work, +- modify the Work, and make Derivative Works based upon the Work, +- communicate to the public, including the right to make available + or display the Work or copies thereof to the public and perform + publicly, as the case may be, the Work, +- distribute the Work or copies thereof, +- lend and rent the Work or copies thereof, +- sublicense rights in the Work or copies thereof. + +Those rights can be exercised on any media, supports and formats, +whether now known or later invented, as far as the applicable law +permits so. + +In the countries where moral rights apply, the Licensor waives his +right to exercise his moral right to the extent allowed by law in +order to make effective the licence of the economic rights here above +listed. + +The Licensor grants to the Licensee royalty-free, non-exclusive usage +rights to any patents held by the Licensor, to the extent necessary +to make use of the rights granted on the Work under this Licence. + +### 3. Communication of the Source Code + +The Licensor may provide the Work either in its Source Code form, or +as Executable Code. If the Work is provided as Executable Code, the +Licensor provides in addition a machine-readable copy of the Source +Code of the Work along with each copy of the Work that the Licensor +distributes or indicates, in a notice following the copyright notice +attached to the Work, a repository where the Source Code is easily +and freely accessible for as long as the Licensor continues to +distribute or communicate the Work. + +### 4. Limitations on copyright + +Nothing in this Licence is intended to deprive the Licensee of the +benefits from any exception or limitation to the exclusive rights of +the rights owners in the Work, of the exhaustion of those rights or +of other applicable limitations thereto. + +### 5. Obligations of the Licensee + +The grant of the rights mentioned above is subject to some +restrictions and obligations imposed on the Licensee. Those +obligations are the following: + +**Attribution right**: The Licensee shall keep intact all copyright, +patent or trademarks notices and all notices that refer to the +Licence and to the disclaimer of warranties. The Licensee must +include a copy of such notices and a copy of the Licence with every +copy of the Work he/she distributes or communicates. The Licensee +must cause any Derivative Work to carry prominent notices stating +that the Work has been modified and the date of modification. + +**Copyleft clause**: If the Licensee distributes or communicates +copies of the Original Works or Derivative Works, this Distribution +or Communication will be done under the terms of this Licence or of a +later version of this Licence unless the Original Work is expressly +distributed only under this version of the Licence for example by +communicating EUPL v. 1.2 only. The Licensee (becoming Licensor) +cannot offer or impose any additional terms or conditions on the +Work or Derivative Work that alter or restrict the terms of the +Licence. + +**Compatibility clause**: If the Licensee Distributes or Communicates +Derivative Works or copies thereof based upon both the Work and +another work licensed under a Compatible Licence, this Distribution +or Communication can be done under the terms of this Compatible +Licence. For the sake of this clause, Compatible Licence refers to +the licences listed in the appendix attached to this Licence. +Should the Licensee's obligations under the Compatible Licence +conflict with his/her obligations under this Licence, the +obligations of the Compatible Licence shall prevail. + +**Provision of Source Code**: When distributing or communicating +copies of the Work, the Licensee will provide a machine-readable +copy of the Source Code or indicate a repository where this Source +will be easily and freely available for as long as the Licensee +continues to distribute or communicate the Work. + +**Legal Protection**: This Licence does not grant permission to use +the trade names, trademarks, service marks, or names of the Licensor, +except as required for reasonable and customary use in describing +the origin of the Work and reproducing the content of the copyright +notice. + +### 6. Chain of Authorship + +The original Licensor warrants that the copyright in the Original +Work granted hereunder is owned by him/her or licensed to him/her +and that he/she has the power and authority to grant the Licence. + +Each Contributor warrants that the copyright in the modifications +he/she brings to the Work are owned by him/her or licensed to him/her +and that he/she has the power and authority to grant the Licence. + +Each time You accept the Licence, the original Licensor and +subsequent Contributors grant You a licence to their contributions +to the Work, under the terms of this Licence. + +### 7.Disclaimer of Warranty + +The Work is a work in progress, which is continuously improved by +numerous Contributors. It is not a finished work and may therefore +contain defects or bugs inherent to this type of development. + +For the above reason, the Work is provided under the Licence on an +as is basis and without warranties of any kind concerning the Work, +including without limitation merchantability, fitness for a +particular purpose, absence of defects or errors, accuracy, +non-infringement of intellectual property rights other than +copyright as stated in Article 6 of this Licence. + +This disclaimer of warranty is an essential part of the Licence and +a condition for the grant of any rights to the Work. + +### 8. Disclaimer of Liability + +Except in the cases of wilful misconduct or damages directly caused +to natural persons, the Licensor will in no event be liable for any +direct or indirect, material or moral, damages of any kind, arising +out of the Licence or of the use of the Work, including without +limitation, damages for loss of goodwill, work stoppage, computer +failure or malfunction, loss of data or any commercial damage, even +if the Licensor has been advised of the possibility of such damage. +However, the Licensor will be liable under statutory product +liability laws as far such laws apply to the Work. + +### 9. Additional agreements + +While distributing the Work, You may choose to conclude an additional +agreement, defining obligations or services consistent with this +Licence. However, if accepting obligations, You may act only on your +own behalf and on your sole responsibility, not on behalf of the +original Licensor or any other Contributor, and only if You agree +to indemnify, defend, and hold each Contributor harmless for any +liability incurred by, or claims asserted against such Contributor by +the fact You have accepted any warranty or additional liability. + +### 10. Acceptance of the Licence + +The provisions of this Licence can be accepted by clicking on an icon +I agree placed under the bottom of a window displaying the text of +this Licence or by affirming consent in any other similar way, in +accordance with the rules of applicable law. Clicking on that icon +indicates your clear and irrevocable acceptance of this Licence and +all of its terms and conditions. + +Similarly, you irrevocably accept this Licence and all of its terms +and conditions by exercising any rights granted to You by Article 2 +of this Licence, such as the use of the Work, the creation by You of +a Derivative Work or the Distribution or Communication by You of +the Work or copies thereof. + +### 11. Information to the public + +In case of any Distribution or Communication of the Work by means +of electronic communication by You (for example, by offering to +download the Work from a remote location) the distribution channel +or media (for example, a website) must at least provide to the public +the information requested by the applicable law regarding the +Licensor, the Licence and the way it may be accessible, concluded, +stored and reproduced by the Licensee. + +### 12. Termination of the Licence + +The Licence and the rights granted hereunder will terminate +automatically upon any breach by the Licensee of the terms of the +Licence. + +Such a termination will not terminate the licences of any person +who has received the Work from the Licensee under the Licence, +provided such persons remain in full compliance with the Licence. + +### 13. Miscellaneous + +Without prejudice of Article 9 above, the Licence represents the +complete agreement between the Parties as to the Work. + +If any provision of the Licence is invalid or unenforceable under +applicable law, this will not affect the validity or enforceability +of the Licence as a whole. Such provision will be construed or +reformed so as necessary to make it valid and enforceable. + +The European Commission may publish other linguistic versions or +new versions of this Licence or updated versions of the Appendix, +so far this is required and reasonable, without reducing the scope +of the rights granted by the Licence. New versions of the Licence +will be published with a unique version number. + +All linguistic versions of this Licence, approved by the European +Commission, have identical value. Parties can take advantage of +the linguistic version of their choice. + +### 14. Jurisdiction + +Without prejudice to specific agreement between parties, + +- any litigation resulting from the interpretation of this License, + arising between the European Union institutions, bodies, offices + or agencies, as a Licensor, and any Licensee, will be subject to + the jurisdiction of the Court of Justice of the European Union, as + laid down in article 272 of the Treaty on the Functioning of the + European Union, +- any litigation arising between other parties and resulting from + the interpretation of this License, will be subject to the + exclusive jurisdiction of the competent court where the Licensor + resides or conducts its primary business. + +### 15. Applicable Law + +Without prejudice to specific agreement between parties, + +- this Licence shall be governed by the law of the European Union + Member State where the Licensor has his seat, resides or has his + registered office, +- this licence shall be governed by Belgian law if the Licensor + has no seat, residence or registered office inside a European + Union Member State. + + +## Appendix + +Compatible Licences according to Article 5 EUPL are: + +- GNU General Public License (GPL) v. 2, v. 3 +- GNU Affero General Public License (AGPL) v. 3 +- Open Software License (OSL) v. 2.1, v. 3.0 +- Eclipse Public License (EPL) v. 1.0 +- CeCILL v. 2.0, v. 2.1 +- Mozilla Public Licence (MPL) v. 2 +- GNU Lesser General Public Licence (LGPL) v. 2.1, v. 3 +- Creative Commons Attribution-ShareAlike v. 3.0 Unported + (CC BY-SA 3.0) for works other than software +- European Union Public Licence (EUPL) v. 1.1, v. 1.2 +- Qubec Free and Open-Source Licence Reciprocity (LiLiQ-R) + or Strong Reciprocity (LiLiQ-R+). + +The European Commission may update this Appendix to later versions +of the above licences without producing a new version of the EUPL, +as long as they provide the rights granted in Article 2 of this +Licence and protect the covered Source Code from exclusive +appropriation. + +All other changes or additions to this Appendix require the +production of a new EUPL version. diff --git a/tests/rework/files/README.md b/tests/rework/files/README.md new file mode 100644 index 000000000..cb06e7171 --- /dev/null +++ b/tests/rework/files/README.md @@ -0,0 +1,228 @@ +[![Style Check](https://github.com/gdraheim/docker-systemctl-replacement/actions/workflows/stylecheck.yml/badge.svg?event=push&branch=develop)](https://github.com/gdraheim/docker-systemctl-replacement/actions/workflows/stylecheck.yml) +[![Type Check](https://github.com/gdraheim/docker-systemctl-replacement/actions/workflows/typecheck.yml/badge.svg?event=push&branch=develop)](https://github.com/gdraheim/docker-systemctl-replacement/actions/workflows/typecheck.yml) +[![Unit Tests](https://github.com/gdraheim/docker-systemctl-replacement/actions/workflows/unittests.yml/badge.svg?event=push&branch=develop)](https://github.com/gdraheim/docker-systemctl-replacement/actions/workflows/unittests.yml) +[![Code Coverage](https://img.shields.io/badge/400%20test-93%25%20coverage-brightgreen)](https://github.com/gdraheim/docker-systemctl-replacement/blob/master/testsuite.py) +[![PyPI version](https://badge.fury.io/py/docker-systemctl-replacement.svg)](https://pypi.org/project/docker-systemctl-replacement/) + + +# docker systemctl replacement + +This script may be used to overwrite "/usr/bin/systemctl". +It will execute the systemctl commands without SystemD! + +This is used to test deployment of services with a docker +container as the target host. Just as on a real machine you +can use "systemctl start" and "systemctl enable" and other +commands to bring up services for further configuration and +testing. Information from "systemctl show" allows deployment +automation tools to work seamlessly. + +This script can also be run as docker-init of a docker container +(i.e. the main "CMD" on PID 1) where it will automatically bring +up all enabled services in the "multi-user.target" and where it +will reap all zombies from background processes in the container. +When running a "docker stop" on such a container it will also +bring down all configured services correctly before exit. + + ## docker exec lamp-stack-container systemctl list-units --state=running + httpd.service loaded active running The Apache HTTP Server + mariadb.service loaded active running MariaDB database server + + ## docker exec lamp-stack-container pstree -ap + systemctl,1 /usr/bin/systemctl + |-httpd,7 -DFOREGROUND + | |-httpd,9 -DFOREGROUND + | |-httpd,10 -DFOREGROUND + `-mysqld_safe,44 /usr/bin/mysqld_safe --basedir=/usr + `-mysqld,187 --basedir=/usr --datadir=/var/lib/mysql + |-{mysqld},191 + |-{mysqld},192 + +## Problems with SystemD in Docker + +The background for this script is the inability to run a +SystemD daemon easily inside a docker container. There have +been multiple workarounds with varying complexity and actual +functionality. (The systemd-nsspawn tool is supposed to help +with running systemd in a container but only rkt with CoreOs +is using it so far). + +Most people have come to take the easy path and to create a +startup shell script for the docker container that will +bring up the service processes one by one. Essentially one would +read the documentation or the SystemD `*.service` scripts of the +application to see how that would be done. By using this +replacement script a programmer can skip that step. + +## Service Manager + +The systemctl-replacement script does cover the functionality +of a service manager where commands like `systemctl start xx` +are executed. This is achieved by parsing the `*.service` +files that are installed by the standard application packages +(rpm, deb) in the container. These service unit descriptors +define the actual commands to start/stop a service in their +ExecStart/ExecStop settings. + +When installing systemctl.py as /usr/bin/systemctl in a +container then it provides enough functionality that +deployment scripts for virtual machines continue to +work unchanged when trying to start/stop, enable/disable +or mask/unmask a service in a container. + +This is also true for deployment tools like Ansible. As of +version 2.0 and later Ansible is able to connect to docker +containers directly without the help of a ssh-daemon in +the container. Just make your inventory look like + + [frontend] + my_frontend_1 ansible_connection=docker + +Based on that `ansible_connection` one can enable the +systemctl-replacement to intercept subsequent calls +to `"service:"` steps. Effectively Ansible scripts that +shall be run on real virtual machines can be tested +with docker containers. However in newer centos/ubuntu +images you need to check for python first. + + - copy: src="files/docker/systemctl.py" dest="/usr/bin/systemctl" + - package: name="python" + - file: name="/run/systemd/system/" state="directory" + - service: name="dbus.service" state="stopped" + +See [SERVICE-MANAGER](SERVICE-MANAGER.md) for more details. + +--- + +## Problems with PID 1 in Docker + +The command listed as "CMD" in the docker image properties +or being given as docker-run argument will become the PID-1 +of a new container. Actually it takes the place that would +traditionally be used by the /sbin/init process which has +a special functionality in unix'ish operating systems. + +The docker-stop command will send a SIGTERM to PID-1 in +the container - but NOT to any other process. If the CMD +is the actual application (exec java -jar whatever) then +this works fine as it will also clean up its subprocesses. +In many other cases it is not sufficient leaving +[zombie processes](https://www.howtogeek.com/119815/) +around. + +Zombie processes may also occur when a master process does +not do a `wait` for its children or the children were +explicitly "disown"ed to run as a daemon themselves. The +systemctl replacement script can help here as it implements +the "zombie reaper" functionality that the standard unix +init daemon would provide. Otherwise the zombie PIDs would +continue to live forever (as long as the container is +running) filling also the process table of the docker host +as the init daemon of the host does not reap them. + +## Init Daemon + +Another function of the init daemon is to startup the +default system services. What has been known as runlevel +in SystemV is now "multi-user.target" or "graphical.target" +in a SystemD environment. + +Let's assume that a system has been configured with some +"systemctl enable xx" services. When a virtual machine +starts then these services are started as well. The +systemctl-replacement script does provide this functionality +for a docker container, thereby implementing +"systemctl default" for usage in inside a container. + +The "systemctl halt" command is also implemented +allowing to stop all services that are found as +"is-enabled" services that have been run upon container +start. It does execute all the "systemctl stop xx" +commands to bring down the enabled services correctly. + +This is most useful when the systemctl replacement script +has been run as the entrypoint of a container - so when a +"docker stop" sends a SIGTERM to the container's PID-1 then +all the services are shut down before exiting the container. +This can be permanently achieved by registering the +systemctl replacement script as the CMD attribute of an +image, perhaps by a "docker commit" like this: + + docker commit -c "CMD ['/usr/bin/systemctl']" \ + -m "" + +After all it allows to use a docker container to be +more like a virtual machine with multiple services +running at the same time in the same context. + +See [INIT-DAEMON](INIT-DAEMON.md) for more details. + +--- + +## Testsuite and Examples + +There is an extensive testsuite in the project that allows +for a high line coverage of the tool. All the major functionality +of the systemctl replacement script is being tested so that its +usage in continuous development pipeline will no break on updates +of the script. If the systemctl.py script has some important +changes in the implementation details it will be marked with +an update of the major version. + +Please run the `testsuite.py` or `make check` upon providing +a patch. It takes a couple of minutes because it may download +a number of packages during provisioning - but with the help of the +[docker-mirror-packages-repo](https://github.com/gdraheim/docker-mirror-packages-repo) +scripting this can be reduced a lot (it even runs without internet connection). + +Some real world examples have been cut out into a separate +project. This includes dockerfile and ansible based tests +to provide common applications like webservers, databases +and even a Jenkins application. You may want to have a look +at [gdraheim/docker-systemctl-images](https://github.com/gdraheim/docker-systemctl-images) +list. + + +See [TESTSUITE](TESTUITE.md) for more details. + +## Development + +Although this script has been developed for quite a while, +it does only implement a limited number of commands. It +does not cover all commands of "systemctl" and it will not +cover all the functionality of SystemD. The implementation +tries to align with SystemD's systemctl commands as close +as possible as quite some third party tools are interpreting +the output of it. However the implemented software +[ARCHITECTURE](ARCHITECTURE.md) is very different. + +The systemctl replacement script has a long [HISTORY](HISTORY.md) +now with over a [thousand commits on github](https://github.com/gdraheim/docker-systemctl-replacement/tree/master) +(mostly for the testsuite). It has also garnered some additional +functionality like the [USERMODE](USERMODE.md) which is +specifically targeted at running docker containers. See the +[RELEASENOTES](RELEASENOTES.md) for the latest achievements. +The choice of the [EUPL-LICENSE](EUPL-LICENSE.md) is intentionally +permissive to allow you to copy the script to your project. + +Sadly the functionality of SystemD's systemctl is badly +documented so that much of the current implementation is +done by trial and fixing the errors. Some [BUGS](BUGS.md) +are actually in other tools and need to be circumvented. As +most programmers tend to write very simple `*.service` files +it works in a surprising number of cases however. But definitely +not all. So if there is a problem, use the +[github issue tracker](https://github.com/gdraheim/docker-systemctl-replacement/issues) +to make me aware of it. In general it is not needed to emulate +every feature as [EXTRA-CONFIGS](EXTRA-CONFIGS.md) can help. + +And I take patches. ;) + +## The author + +Guido Draheim is working as a freelance consultant for +multiple big companies in Germany. This script is related to +the current surge of DevOps topics which often use docker +as a lightweight replacement for cloud containers or even +virtual machines. It makes it easier to test deployments +in the standard build pipelines of development teams. diff --git a/tests/rework/files/systemctl3.py b/tests/rework/files/systemctl3.py new file mode 100755 index 000000000..c9bfd3671 --- /dev/null +++ b/tests/rework/files/systemctl3.py @@ -0,0 +1,6808 @@ +#! /usr/bin/python3 +# type hints are provided in 'types/systemctl3.pyi' +from __future__ import print_function +import threading +import grp +import pwd +import hashlib +import select +import fcntl +import string +import datetime +import socket +import time +import signal +import sys +import os +import errno +import collections +import shlex +import fnmatch +import re +from types import GeneratorType + +__copyright__ = "(C) 2016-2023 Guido U. Draheim, licensed under the EUPL" +__version__ = "1.5.7106" + +# | +# | +# | +# | +# | +# | +# | +# | +# | +# | +# | +# | +# | + +import logging +logg = logging.getLogger("systemctl") + + +if sys.version[0] == '3': + basestring = str + xrange = range + +DEBUG_AFTER = False +DEBUG_STATUS = False +DEBUG_BOOTTIME = False +DEBUG_INITLOOP = False +DEBUG_KILLALL = False +DEBUG_FLOCK = False +DebugPrintResult = False +TestListen = False +TestAccept = False + +HINT = (logging.DEBUG + logging.INFO) // 2 +NOTE = (logging.WARNING + logging.INFO) // 2 +DONE = (logging.WARNING + logging.ERROR) // 2 +logging.addLevelName(HINT, "HINT") +logging.addLevelName(NOTE, "NOTE") +logging.addLevelName(DONE, "DONE") + +def logg_debug_flock(format, *args): + if DEBUG_FLOCK: + logg.debug(format, *args) # pragma: no cover +def logg_debug_after(format, *args): + if DEBUG_AFTER: + logg.debug(format, *args) # pragma: no cover + +NOT_A_PROBLEM = 0 # FOUND_OK +NOT_OK = 1 # FOUND_ERROR +NOT_ACTIVE = 2 # FOUND_INACTIVE +NOT_FOUND = 4 # FOUND_UNKNOWN + +# defaults for options +_extra_vars = [] +_force = False +_full = False +_log_lines = 0 +_no_pager = False +_now = False +_no_reload = False +_no_legend = False +_no_ask_password = False +_preset_mode = "all" +_quiet = False +_root = "" +_unit_type = None +_unit_state = None +_unit_property = None +_what_kind = "" +_show_all = False +_user_mode = False + +# common default paths +_system_folder1 = "/etc/systemd/system" +_system_folder2 = "/run/systemd/system" +_system_folder3 = "/var/run/systemd/system" +_system_folder4 = "/usr/local/lib/systemd/system" +_system_folder5 = "/usr/lib/systemd/system" +_system_folder6 = "/lib/systemd/system" +_system_folderX = None +_user_folder1 = "{XDG_CONFIG_HOME}/systemd/user" +_user_folder2 = "/etc/systemd/user" +_user_folder3 = "{XDG_RUNTIME_DIR}/systemd/user" +_user_folder4 = "/run/systemd/user" +_user_folder5 = "/var/run/systemd/user" +_user_folder6 = "{XDG_DATA_HOME}/systemd/user" +_user_folder7 = "/usr/local/lib/systemd/user" +_user_folder8 = "/usr/lib/systemd/user" +_user_folder9 = "/lib/systemd/user" +_user_folderX = None +_init_folder1 = "/etc/init.d" +_init_folder2 = "/run/init.d" +_init_folder3 = "/var/run/init.d" +_init_folderX = None +_preset_folder1 = "/etc/systemd/system-preset" +_preset_folder2 = "/run/systemd/system-preset" +_preset_folder3 = "/var/run/systemd/system-preset" +_preset_folder4 = "/usr/local/lib/systemd/system-preset" +_preset_folder5 = "/usr/lib/systemd/system-preset" +_preset_folder6 = "/lib/systemd/system-preset" +_preset_folderX = None + +# standard paths +_dev_null = "/dev/null" +_dev_zero = "/dev/zero" +_etc_hosts = "/etc/hosts" +_rc3_boot_folder = "/etc/rc3.d" +_rc3_init_folder = "/etc/init.d/rc3.d" +_rc5_boot_folder = "/etc/rc5.d" +_rc5_init_folder = "/etc/init.d/rc5.d" +_proc_pid_stat = "/proc/{pid}/stat" +_proc_pid_status = "/proc/{pid}/status" +_proc_pid_cmdline= "/proc/{pid}/cmdline" +_proc_pid_dir = "/proc" +_proc_sys_uptime = "/proc/uptime" +_proc_sys_stat = "/proc/stat" + +# default values +SystemCompatibilityVersion = 219 +SysInitTarget = "sysinit.target" +SysInitWait = 5 # max for target +MinimumYield = 0.5 +MinimumTimeoutStartSec = 4 +MinimumTimeoutStopSec = 4 +DefaultTimeoutStartSec = 90 # official value +DefaultTimeoutStopSec = 90 # official value +DefaultTimeoutAbortSec = 3600 # officially it none (usually larget than StopSec) +DefaultMaximumTimeout = 200 # overrides all other +DefaultRestartSec = 0.1 # official value of 100ms +DefaultStartLimitIntervalSec = 10 # official value +DefaultStartLimitBurst = 5 # official value +InitLoopSleep = 5 +MaxLockWait = 0 # equals DefaultMaximumTimeout +DefaultPath = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +ResetLocale = ["LANG", "LANGUAGE", "LC_CTYPE", "LC_NUMERIC", "LC_TIME", "LC_COLLATE", "LC_MONETARY", + "LC_MESSAGES", "LC_PAPER", "LC_NAME", "LC_ADDRESS", "LC_TELEPHONE", "LC_MEASUREMENT", + "LC_IDENTIFICATION", "LC_ALL"] +LocaleConf="/etc/locale.conf" +DefaultListenBacklog=2 + +ExitWhenNoMoreServices = False +ExitWhenNoMoreProcs = False +DefaultUnit = os.environ.get("SYSTEMD_DEFAULT_UNIT", "default.target") # systemd.exe --unit=default.target +DefaultTarget = os.environ.get("SYSTEMD_DEFAULT_TARGET", "multi-user.target") # DefaultUnit fallback +# LogLevel = os.environ.get("SYSTEMD_LOG_LEVEL", "info") # systemd.exe --log-level +# LogTarget = os.environ.get("SYSTEMD_LOG_TARGET", "journal-or-kmsg") # systemd.exe --log-target +# LogLocation = os.environ.get("SYSTEMD_LOG_LOCATION", "no") # systemd.exe --log-location +# ShowStatus = os.environ.get("SYSTEMD_SHOW_STATUS", "auto") # systemd.exe --show-status +DefaultStandardInput=os.environ.get("SYSTEMD_STANDARD_INPUT", "null") +DefaultStandardOutput=os.environ.get("SYSTEMD_STANDARD_OUTPUT", "journal") # systemd.exe --default-standard-output +DefaultStandardError=os.environ.get("SYSTEMD_STANDARD_ERROR", "inherit") # systemd.exe --default-standard-error + +EXEC_SPAWN = False +EXEC_DUP2 = True +REMOVE_LOCK_FILE = False +BOOT_PID_MIN = 0 +BOOT_PID_MAX = -9 +PROC_MAX_DEPTH = 100 +EXPAND_VARS_MAXDEPTH = 20 +EXPAND_KEEP_VARS = True +RESTART_FAILED_UNITS = True +ACTIVE_IF_ENABLED=False + +TAIL_CMD = "/usr/bin/tail" +LESS_CMD = "/usr/bin/less" +CAT_CMD = "/usr/bin/cat" + +# The systemd default was NOTIFY_SOCKET="/var/run/systemd/notify" +_notify_socket_folder = "{RUN}/systemd" # alias /run/systemd +_journal_log_folder = "{LOG}/journal" + +SYSTEMCTL_DEBUG_LOG = "{LOG}/systemctl.debug.log" +SYSTEMCTL_EXTRA_LOG = "{LOG}/systemctl.log" + +_default_targets = ["poweroff.target", "rescue.target", "sysinit.target", "basic.target", "multi-user.target", "graphical.target", "reboot.target"] +_feature_targets = ["network.target", "remote-fs.target", "local-fs.target", "timers.target", "nfs-client.target"] +_all_common_targets = ["default.target"] + _default_targets + _feature_targets + +# inside a docker we pretend the following +_all_common_enabled = ["default.target", "multi-user.target", "remote-fs.target"] +_all_common_disabled = ["graphical.target", "resue.target", "nfs-client.target"] + +target_requires = {"graphical.target": "multi-user.target", "multi-user.target": "basic.target", "basic.target": "sockets.target"} + +_runlevel_mappings = {} # the official list +_runlevel_mappings["0"] = "poweroff.target" +_runlevel_mappings["1"] = "rescue.target" +_runlevel_mappings["2"] = "multi-user.target" +_runlevel_mappings["3"] = "multi-user.target" +_runlevel_mappings["4"] = "multi-user.target" +_runlevel_mappings["5"] = "graphical.target" +_runlevel_mappings["6"] = "reboot.target" + +_sysv_mappings = {} # by rule of thumb +_sysv_mappings["$local_fs"] = "local-fs.target" +_sysv_mappings["$network"] = "network.target" +_sysv_mappings["$remote_fs"] = "remote-fs.target" +_sysv_mappings["$timer"] = "timers.target" + + +# sections from conf +Unit = "Unit" +Service = "Service" +Socket = "Socket" +Install = "Install" + +# https://tldp.org/LDP/abs/html/exitcodes.html +# https://freedesktop.org/software/systemd/man/systemd.exec.html#id-1.20.8 +EXIT_SUCCESS = 0 +EXIT_FAILURE = 1 + +def strINET(value): + if value == socket.SOCK_DGRAM: + return "UDP" + if value == socket.SOCK_STREAM: + return "TCP" + if value == socket.SOCK_RAW: # pragma: no cover + return "RAW" + if value == socket.SOCK_RDM: # pragma: no cover + return "RDM" + if value == socket.SOCK_SEQPACKET: # pragma: no cover + return "SEQ" + return "" # pragma: no cover + +def strYes(value): + if value is True: + return "yes" + if not value: + return "no" + return str(value) +def strE(part): + if not part: + return "" + return str(part) +def strQ(part): + if part is None: + return "" + if isinstance(part, int): + return str(part) + return "'%s'" % part +def shell_cmd(cmd): + return " ".join([strQ(part) for part in cmd]) +def to_intN(value, default = None): + if not value: + return default + try: + return int(value) + except: + return default +def to_int(value, default = 0): + try: + return int(value) + except: + return default +def to_list(value): + if not value: + return [] + if isinstance(value, list): + return value + if isinstance(value, tuple): + return list(value) + return str(value or "").split(",") +def int_mode(value): + try: return int(value, 8) + except: return None # pragma: no cover +def unit_of(module): + if "." not in module: + return module + ".service" + return module +def o22(part): + if isinstance(part, basestring): + if len(part) <= 22: + return part + return part[:5] + "..." + part[-14:] + return part # pragma: no cover (is always str) +def o44(part): + if isinstance(part, basestring): + if len(part) <= 44: + return part + return part[:10] + "..." + part[-31:] + return part # pragma: no cover (is always str) +def o77(part): + if isinstance(part, basestring): + if len(part) <= 77: + return part + return part[:20] + "..." + part[-54:] + return part # pragma: no cover (is always str) +def path44(filename): + if not filename: + return "" + x = filename.find("/", 8) + if len(filename) <= 40: + if "/" not in filename: + return ".../" + filename + elif len(filename) <= 44: + return filename + if 0 < x and x < 14: + out = filename[:x+1] + out += "..." + else: + out = filename[:10] + out += "..." + remain = len(filename) - len(out) + y = filename.find("/", remain) + if 0 < y and y < remain+5: + out += filename[y:] + else: + out += filename[remain:] + return out + +def unit_name_escape(text): + # https://www.freedesktop.org/software/systemd/man/systemd.unit.html#id-1.6 + esc = re.sub("([^a-z-AZ.-/])", lambda m: "\\x%02x" % ord(m.group(1)[0]), text) + return esc.replace("/", "-") +def unit_name_unescape(text): + esc = text.replace("-", "/") + return re.sub("\\\\x(..)", lambda m: "%c" % chr(int(m.group(1), 16)), esc) + +def is_good_root(root): + if not root: + return True + return root.strip(os.path.sep).count(os.path.sep) > 1 +def os_path(root, path): + if not root: + return path + if not path: + return path + if is_good_root(root) and path.startswith(root): + return path + while path.startswith(os.path.sep): + path = path[1:] + return os.path.join(root, path) +def path_replace_extension(path, old, new): + if path.endswith(old): + path = path[:-len(old)] + return path + new + +def get_PAGER(): + PAGER = os.environ.get("PAGER", "less") + pager = os.environ.get("SYSTEMD_PAGER", "{PAGER}").format(**locals()) + options = os.environ.get("SYSTEMD_LESS", "FRSXMK") # see 'man timedatectl' + if not pager: pager = "cat" + if "less" in pager and options: + return [pager, "-" + options] + return [pager] + +def os_getlogin(): + """ NOT using os.getlogin() """ + return pwd.getpwuid(os.geteuid()).pw_name + +def get_runtime_dir(): + explicit = os.environ.get("XDG_RUNTIME_DIR", "") + if explicit: return explicit + user = os_getlogin() + return "/tmp/run-"+user +def get_RUN(root = False): + tmp_var = get_TMP(root) + if _root: + tmp_var = _root + if root: + for p in ("/run", "/var/run", "{tmp_var}/run"): + path = p.format(**locals()) + if os.path.isdir(path) and os.access(path, os.W_OK): + return path + os.makedirs(path) # "/tmp/run" + return path + else: + uid = get_USER_ID(root) + for p in ("/run/user/{uid}", "/var/run/user/{uid}", "{tmp_var}/run-{uid}"): + path = p.format(**locals()) + if os.path.isdir(path) and os.access(path, os.W_OK): + return path + os.makedirs(path, 0o700) # "/tmp/run/user/{uid}" + return path +def get_PID_DIR(root = False): + if root: + return get_RUN(root) + else: + return os.path.join(get_RUN(root), "run") # compat with older systemctl.py + +def get_home(): + if False: # pragma: no cover + explicit = os.environ.get("HOME", "") # >> On Unix, an initial ~ (tilde) is replaced by the + if explicit: return explicit # environment variable HOME if it is set; otherwise + uid = os.geteuid() # the current users home directory is looked up in the + # # password directory through the built-in module pwd. + return pwd.getpwuid(uid).pw_name # An initial ~user i looked up directly in the + return os.path.expanduser("~") # password directory. << from docs(os.path.expanduser) +def get_HOME(root = False): + if root: return "/root" + return get_home() +def get_USER_ID(root = False): + ID = 0 + if root: return ID + return os.geteuid() +def get_USER(root = False): + if root: return "root" + uid = os.geteuid() + return pwd.getpwuid(uid).pw_name +def get_GROUP_ID(root = False): + ID = 0 + if root: return ID + return os.getegid() +def get_GROUP(root = False): + if root: return "root" + gid = os.getegid() + return grp.getgrgid(gid).gr_name +def get_TMP(root = False): + TMP = "/tmp" + if root: return TMP + return os.environ.get("TMPDIR", os.environ.get("TEMP", os.environ.get("TMP", TMP))) +def get_VARTMP(root = False): + VARTMP = "/var/tmp" + if root: return VARTMP + return os.environ.get("TMPDIR", os.environ.get("TEMP", os.environ.get("TMP", VARTMP))) +def get_SHELL(root = False): + SHELL = "/bin/sh" + if root: return SHELL + return os.environ.get("SHELL", SHELL) +def get_RUNTIME_DIR(root = False): + RUN = "/run" + if root: return RUN + return os.environ.get("XDG_RUNTIME_DIR", get_runtime_dir()) +def get_CONFIG_HOME(root = False): + CONFIG = "/etc" + if root: return CONFIG + HOME = get_HOME(root) + return os.environ.get("XDG_CONFIG_HOME", HOME + "/.config") +def get_CACHE_HOME(root = False): + CACHE = "/var/cache" + if root: return CACHE + HOME = get_HOME(root) + return os.environ.get("XDG_CACHE_HOME", HOME + "/.cache") +def get_DATA_HOME(root = False): + SHARE = "/usr/share" + if root: return SHARE + HOME = get_HOME(root) + return os.environ.get("XDG_DATA_HOME", HOME + "/.local/share") +def get_LOG_DIR(root = False): + LOGDIR = "/var/log" + if root: return LOGDIR + CONFIG = get_CONFIG_HOME(root) + return os.path.join(CONFIG, "log") +def get_VARLIB_HOME(root = False): + VARLIB = "/var/lib" + if root: return VARLIB + CONFIG = get_CONFIG_HOME(root) + return CONFIG +def expand_path(path, root = False): + HOME = get_HOME(root) + RUN = get_RUN(root) + LOG = get_LOG_DIR(root) + XDG_DATA_HOME=get_DATA_HOME(root) + XDG_CONFIG_HOME=get_CONFIG_HOME(root) + XDG_RUNTIME_DIR=get_RUNTIME_DIR(root) + return os.path.expanduser(path.replace("${", "{").format(**locals())) + +def shutil_chown(path, user, group): + if user or group: + uid, gid = -1, -1 + if user: + uid = pwd.getpwnam(user).pw_uid + gid = pwd.getpwnam(user).pw_gid + if group: + gid = grp.getgrnam(group).gr_gid + os.chown(path, uid, gid) +def shutil_fchown(fileno, user, group): + if user or group: + uid, gid = -1, -1 + if user: + uid = pwd.getpwnam(user).pw_uid + gid = pwd.getpwnam(user).pw_gid + if group: + gid = grp.getgrnam(group).gr_gid + os.fchown(fileno, uid, gid) +def shutil_setuid(user = None, group = None, xgroups = None): + """ set fork-child uid/gid (returns pw-info env-settings)""" + if group: + gid = grp.getgrnam(group).gr_gid + os.setgid(gid) + logg.debug("setgid %s for %s", gid, strQ(group)) + groups = [gid] + try: + os.setgroups(groups) + logg.debug("setgroups %s < (%s)", groups, group) + except OSError as e: # pragma: no cover (it will occur in non-root mode anyway) + logg.debug("setgroups %s < (%s) : %s", groups, group, e) + if user: + pw = pwd.getpwnam(user) + gid = pw.pw_gid + gname = grp.getgrgid(gid).gr_name + if not group: + os.setgid(gid) + logg.debug("setgid %s for user %s", gid, strQ(user)) + groupnames = [g.gr_name for g in grp.getgrall() if user in g.gr_mem] + groups = [g.gr_gid for g in grp.getgrall() if user in g.gr_mem] + if xgroups: + groups += [g.gr_gid for g in grp.getgrall() if g.gr_name in xgroups and g.gr_gid not in groups] + if not groups: + if group: + gid = grp.getgrnam(group).gr_gid + groups = [gid] + try: + os.setgroups(groups) + logg.debug("setgroups %s > %s ", groups, groupnames) + except OSError as e: # pragma: no cover (it will occur in non-root mode anyway) + logg.debug("setgroups %s > %s : %s", groups, groupnames, e) + uid = pw.pw_uid + os.setuid(uid) + logg.debug("setuid %s for user %s", uid, strQ(user)) + home = pw.pw_dir + shell = pw.pw_shell + logname = pw.pw_name + return {"USER": user, "LOGNAME": logname, "HOME": home, "SHELL": shell} + return {} + +def shutil_truncate(filename): + """ truncates the file (or creates a new empty file)""" + filedir = os.path.dirname(filename) + if not os.path.isdir(filedir): + os.makedirs(filedir) + f = open(filename, "w") + f.write("") + f.close() + +# http://stackoverflow.com/questions/568271/how-to-check-if-there-exists-a-process-with-a-given-pid +def pid_exists(pid): + """Check whether pid exists in the current process table.""" + if pid is None: # pragma: no cover (is never null) + return False + return _pid_exists(int(pid)) +def _pid_exists(pid): + """Check whether pid exists in the current process table. + UNIX only. + """ + if pid < 0: + return False + if pid == 0: + # According to "man 2 kill" PID 0 refers to every process + # in the process group of the calling process. + # On certain systems 0 is a valid PID but we have no way + # to know that in a portable fashion. + raise ValueError('invalid PID 0') + try: + os.kill(pid, 0) + except OSError as err: + if err.errno == errno.ESRCH: + # ESRCH == No such process + return False + elif err.errno == errno.EPERM: + # EPERM clearly means there's a process to deny access to + return True + else: + # According to "man 2 kill" possible error values are + # (EINVAL, EPERM, ESRCH) + raise + else: + return True +def pid_zombie(pid): + """ may be a pid exists but it is only a zombie """ + if pid is None: + return False + return _pid_zombie(int(pid)) +def _pid_zombie(pid): + """ may be a pid exists but it is only a zombie """ + if pid < 0: + return False + if pid == 0: + # According to "man 2 kill" PID 0 refers to every process + # in the process group of the calling process. + # On certain systems 0 is a valid PID but we have no way + # to know that in a portable fashion. + raise ValueError('invalid PID 0') + check = _proc_pid_status.format(**locals()) + try: + for line in open(check): + if line.startswith("State:"): + return "Z" in line + except IOError as e: + if e.errno != errno.ENOENT: + logg.error("%s (%s): %s", check, e.errno, e) + return False + return False + +def checkprefix(cmd): + prefix = "" + for i, c in enumerate(cmd): + if c in "-+!@:": + prefix = prefix + c + else: + newcmd = cmd[i:] + return prefix, newcmd + return prefix, "" + +ExecMode = collections.namedtuple("ExecMode", ["mode", "check", "nouser", "noexpand", "argv0"]) +def exec_path(cmd): + """ Hint: exec_path values are usually not moved by --root (while load_path are)""" + prefix, newcmd = checkprefix(cmd) + check = "-" not in prefix + nouser = "+" in prefix or "!" in prefix + noexpand = ":" in prefix + argv0 = "@" in prefix + mode = ExecMode(prefix, check, nouser, noexpand, argv0) + return mode, newcmd +LoadMode = collections.namedtuple("LoadMode", ["mode", "check"]) +def load_path(ref): + """ Hint: load_path values are usually moved by --root (while exec_path are not)""" + prefix, filename = "", ref + while filename.startswith("-"): + prefix = prefix + filename[0] + filename = filename[1:] + check = "-" not in prefix + mode = LoadMode(prefix, check) + return mode, filename + +# https://github.com/phusion/baseimage-docker/blob/rel-0.9.16/image/bin/my_init +def ignore_signals_and_raise_keyboard_interrupt(signame): + signal.signal(signal.SIGTERM, signal.SIG_IGN) + signal.signal(signal.SIGINT, signal.SIG_IGN) + raise KeyboardInterrupt(signame) + +_default_dict_type = collections.OrderedDict +_default_conf_type = collections.OrderedDict + +class SystemctlConfData: + """ A *.service files has a structure similar to an *.ini file so + that data is structured in sections and values. Actually the + values are lists - the raw data is in .getlist(). Otherwise + .get() will return the first line that was encountered. """ + # | + # | + # | + # | + # | + # | + def __init__(self, defaults=None, dict_type=None, conf_type=None, allow_no_value=False): + self._defaults = defaults or {} + self._conf_type = conf_type or _default_conf_type + self._dict_type = dict_type or _default_dict_type + self._allow_no_value = allow_no_value + self._conf = self._conf_type() + self._files = [] + def defaults(self): + return self._defaults + def sections(self): + return list(self._conf.keys()) + def add_section(self, section): + if section not in self._conf: + self._conf[section] = self._dict_type() + def has_section(self, section): + return section in self._conf + def has_option(self, section, option): + if section not in self._conf: + return False + return option in self._conf[section] + def set(self, section, option, value): + if section not in self._conf: + self._conf[section] = self._dict_type() + if value is None: + self._conf[section][option] = [] + elif option not in self._conf[section]: + self._conf[section][option] = [value] + else: + self._conf[section][option].append(value) + def getstr(self, section, option, default = None, allow_no_value = False): + done = self.get(section, option, strE(default), allow_no_value) + if done is None: return strE(default) + return done + def get(self, section, option, default = None, allow_no_value = False): + allow_no_value = allow_no_value or self._allow_no_value + if section not in self._conf: + if default is not None: + return default + if allow_no_value: + return None + logg.warning("section {} does not exist".format(section)) + logg.warning(" have {}".format(self.sections())) + raise AttributeError("section {} does not exist".format(section)) + if option not in self._conf[section]: + if default is not None: + return default + if allow_no_value: + return None + raise AttributeError("option {} in {} does not exist".format(option, section)) + if not self._conf[section][option]: # i.e. an empty list + if default is not None: + return default + if allow_no_value: + return None + raise AttributeError("option {} in {} is None".format(option, section)) + return self._conf[section][option][0] # the first line in the list of configs + def getlist(self, section, option, default = None, allow_no_value = False): + allow_no_value = allow_no_value or self._allow_no_value + if section not in self._conf: + if default is not None: + return default + if allow_no_value: + return [] + logg.warning("section {} does not exist".format(section)) + logg.warning(" have {}".format(self.sections())) + raise AttributeError("section {} does not exist".format(section)) + if option not in self._conf[section]: + if default is not None: + return default + if allow_no_value: + return [] + raise AttributeError("option {} in {} does not exist".format(option, section)) + return self._conf[section][option] # returns a list, possibly empty + def filenames(self): + return self._files + +class SystemctlConfigParser(SystemctlConfData): + """ A *.service files has a structure similar to an *.ini file but it is + actually not like it. Settings may occur multiple times in each section + and they create an implicit list. In reality all the settings are + globally uniqute, so that an 'environment' can be printed without + adding prefixes. Settings are continued with a backslash at the end + of the line. """ + # def __init__(self, defaults=None, dict_type=None, allow_no_value=False): + # SystemctlConfData.__init__(self, defaults, dict_type, allow_no_value) + def read(self, filename): + return self.read_sysd(filename) + def read_sysd(self, filename): + initscript = False + initinfo = False + section = "GLOBAL" + nextline = False + name, text = "", "" + if os.path.isfile(filename): + self._files.append(filename) + for orig_line in open(filename): + if nextline: + text += orig_line + if text.rstrip().endswith("\\") or text.rstrip().endswith("\\\n"): + text = text.rstrip() + "\n" + else: + self.set(section, name, text) + nextline = False + continue + line = orig_line.strip() + if not line: + continue + if line.startswith("#"): + continue + if line.startswith(";"): + continue + if line.startswith(".include"): + logg.error("the '.include' syntax is deprecated. Use x.service.d/ drop-in files!") + includefile = re.sub(r'^\.include[ ]*', '', line).rstrip() + if not os.path.isfile(includefile): + raise Exception("tried to include file that doesn't exist: %s" % includefile) + self.read_sysd(includefile) + continue + if line.startswith("["): + x = line.find("]") + if x > 0: + section = line[1:x] + self.add_section(section) + continue + m = re.match(r"(\w+) *=(.*)", line) + if not m: + logg.warning("bad ini line: %s", line) + raise Exception("bad ini line") + name, text = m.group(1), m.group(2).strip() + if text.endswith("\\") or text.endswith("\\\n"): + nextline = True + text = text + "\n" + else: + # hint: an empty line shall reset the value-list + self.set(section, name, text and text or None) + return self + def read_sysv(self, filename): + """ an LSB header is scanned and converted to (almost) + equivalent settings of a SystemD ini-style input """ + initscript = False + initinfo = False + section = "GLOBAL" + if os.path.isfile(filename): + self._files.append(filename) + for orig_line in open(filename): + line = orig_line.strip() + if line.startswith("#"): + if " BEGIN INIT INFO" in line: + initinfo = True + section = "init.d" + if " END INIT INFO" in line: + initinfo = False + if initinfo: + m = re.match(r"\S+\s*(\w[\w_-]*):(.*)", line) + if m: + key, val = m.group(1), m.group(2).strip() + self.set(section, key, val) + continue + self.systemd_sysv_generator(filename) + return self + def systemd_sysv_generator(self, filename): + """ see systemd-sysv-generator(8) """ + self.set(Unit, "SourcePath", filename) + description = self.get("init.d", "Description", "") + if description: + self.set(Unit, "Description", description) + check = self.get("init.d", "Required-Start", "") + if check: + for item in check.split(" "): + if item.strip() in _sysv_mappings: + self.set(Unit, "Requires", _sysv_mappings[item.strip()]) + provides = self.get("init.d", "Provides", "") + if provides: + self.set(Install, "Alias", provides) + # if already in multi-user.target then start it there. + runlevels = self.getstr("init.d", "Default-Start", "3 5") + for item in runlevels.split(" "): + if item.strip() in _runlevel_mappings: + self.set(Install, "WantedBy", _runlevel_mappings[item.strip()]) + self.set(Service, "Restart", "no") + self.set(Service, "TimeoutSec", strE(DefaultMaximumTimeout)) + self.set(Service, "KillMode", "process") + self.set(Service, "GuessMainPID", "no") + # self.set(Service, "RemainAfterExit", "yes") + # self.set(Service, "SuccessExitStatus", "5 6") + self.set(Service, "ExecStart", filename + " start") + self.set(Service, "ExecStop", filename + " stop") + if description: # LSB style initscript + self.set(Service, "ExecReload", filename + " reload") + self.set(Service, "Type", "forking") # not "sysv" anymore + +# UnitConfParser = ConfigParser.RawConfigParser +UnitConfParser = SystemctlConfigParser + +class SystemctlSocket: + def __init__(self, conf, sock, skip = False): + self.conf = conf + self.sock = sock + self.skip = skip + def fileno(self): + return self.sock.fileno() + def listen(self, backlog = None): + if backlog is None: + backlog = DefaultListenBacklog + dgram = (self.sock.type == socket.SOCK_DGRAM) + if not dgram and not self.skip: + self.sock.listen(backlog) + def name(self): + return self.conf.name() + def addr(self): + stream = self.conf.get(Socket, "ListenStream", "") + dgram = self.conf.get(Socket, "ListenDatagram", "") + return stream or dgram + def close(self): + self.sock.close() + +class SystemctlConf: + # | + # | + # | + # | + # | + # | + # | + # | + # | + def __init__(self, data, module = None): + self.data = data # UnitConfParser + self.env = {} + self.status = None + self.masked = None + self.module = module + self.nonloaded_path = "" + self.drop_in_files = {} + self._root = _root + self._user_mode = _user_mode + def root_mode(self): + return not self._user_mode + def loaded(self): + files = self.data.filenames() + if self.masked: + return "masked" + if len(files): + return "loaded" + return "" + def filename(self): + """ returns the last filename that was parsed """ + files = self.data.filenames() + if files: + return files[0] + return None + def overrides(self): + """ drop-in files are loaded alphabetically by name, not by full path """ + return [self.drop_in_files[name] for name in sorted(self.drop_in_files)] + def name(self): + """ the unit id or defaults to the file name """ + name = self.module or "" + filename = self.filename() + if filename: + name = os.path.basename(filename) + return self.module or name + def set(self, section, name, value): + return self.data.set(section, name, value) + def get(self, section, name, default, allow_no_value = False): + return self.data.getstr(section, name, default, allow_no_value) + def getlist(self, section, name, default = None, allow_no_value = False): + return self.data.getlist(section, name, default or [], allow_no_value) + def getbool(self, section, name, default = None): + value = self.data.get(section, name, default or "no") + if value: + if value[0] in "TtYy123456789": + return True + return False + +class PresetFile: + # | + # | + def __init__(self): + self._files = [] + self._lines = [] + def filename(self): + """ returns the last filename that was parsed """ + if self._files: + return self._files[-1] + return None + def read(self, filename): + self._files.append(filename) + for line in open(filename): + self._lines.append(line.strip()) + return self + def get_preset(self, unit): + for line in self._lines: + m = re.match(r"(enable|disable)\s+(\S+)", line) + if m: + status, pattern = m.group(1), m.group(2) + if fnmatch.fnmatchcase(unit, pattern): + logg.debug("%s %s => %s %s", status, pattern, unit, strQ(self.filename())) + return status + return None + +## with waitlock(conf): self.start() +class waitlock: + # | + # | + # | + def __init__(self, conf): + self.conf = conf # currently unused + self.opened = -1 + self.lockfolder = expand_path(_notify_socket_folder, conf.root_mode()) + try: + folder = self.lockfolder + if not os.path.isdir(folder): + os.makedirs(folder) + except Exception as e: + logg.warning("oops, %s", e) + def lockfile(self): + unit = "" + if self.conf: + unit = self.conf.name() + return os.path.join(self.lockfolder, str(unit or "global") + ".lock") + def __enter__(self): + try: + lockfile = self.lockfile() + lockname = os.path.basename(lockfile) + self.opened = os.open(lockfile, os.O_RDWR | os.O_CREAT, 0o600) + for attempt in xrange(int(MaxLockWait or DefaultMaximumTimeout)): + try: + logg_debug_flock("[%s] %s. trying %s _______ ", os.getpid(), attempt, lockname) + fcntl.flock(self.opened, fcntl.LOCK_EX | fcntl.LOCK_NB) + st = os.fstat(self.opened) + if not st.st_nlink: + logg_debug_flock("[%s] %s. %s got deleted, trying again", os.getpid(), attempt, lockname) + os.close(self.opened) + self.opened = os.open(lockfile, os.O_RDWR | os.O_CREAT, 0o600) + continue + content = "{ 'systemctl': %s, 'lock': '%s' }\n" % (os.getpid(), lockname) + os.write(self.opened, content.encode("utf-8")) + logg_debug_flock("[%s] %s. holding lock on %s", os.getpid(), attempt, lockname) + return True + except IOError as e: + whom = os.read(self.opened, 4096) + os.lseek(self.opened, 0, os.SEEK_SET) + logg.info("[%s] %s. systemctl locked by %s", os.getpid(), attempt, whom.rstrip()) + time.sleep(1) # until MaxLockWait + continue + logg.error("[%s] not able to get the lock to %s", os.getpid(), lockname) + except Exception as e: + logg.warning("[%s] oops %s, %s", os.getpid(), str(type(e)), e) + # TODO# raise Exception("no lock for %s", self.unit or "global") + return False + def __exit__(self, type, value, traceback): + try: + os.lseek(self.opened, 0, os.SEEK_SET) + os.ftruncate(self.opened, 0) + if REMOVE_LOCK_FILE: # an optional implementation + lockfile = self.lockfile() + lockname = os.path.basename(lockfile) + os.unlink(lockfile) # ino is kept allocated because opened by this process + logg.debug("[%s] lockfile removed for %s", os.getpid(), lockname) + fcntl.flock(self.opened, fcntl.LOCK_UN) + os.close(self.opened) # implies an unlock but that has happend like 6 seconds later + self.opened = -1 + except Exception as e: + logg.warning("oops, %s", e) + +SystemctlWaitPID = collections.namedtuple("SystemctlWaitPID", ["pid", "returncode", "signal"]) + +def must_have_failed(waitpid, cmd): + # found to be needed on ubuntu:16.04 to match test result from ubuntu:18.04 and other distros + # .... I have tracked it down that python's os.waitpid() returns an exitcode==0 even when the + # .... underlying process has actually failed with an exitcode<>0. It is unknown where that + # .... bug comes from but it seems a bit serious to trash some very basic unix functionality. + # .... Essentially a parent process does not get the correct exitcode from its own children. + if cmd and cmd[0] == "/bin/kill": + pid = None + for arg in cmd[1:]: + if not arg.startswith("-"): + pid = arg + if pid is None: # unknown $MAINPID + if not waitpid.returncode: + logg.error("waitpid %s did return %s => correcting as 11", cmd, waitpid.returncode) + waitpid = SystemctlWaitPID(waitpid.pid, 11, waitpid.signal) + return waitpid + +def subprocess_waitpid(pid): + run_pid, run_stat = os.waitpid(pid, 0) + return SystemctlWaitPID(run_pid, os.WEXITSTATUS(run_stat), os.WTERMSIG(run_stat)) +def subprocess_testpid(pid): + run_pid, run_stat = os.waitpid(pid, os.WNOHANG) + if run_pid: + return SystemctlWaitPID(run_pid, os.WEXITSTATUS(run_stat), os.WTERMSIG(run_stat)) + else: + return SystemctlWaitPID(pid, None, 0) + +SystemctlUnitName = collections.namedtuple("SystemctlUnitName", ["fullname", "name", "prefix", "instance", "suffix", "component"]) + +def parse_unit(fullname): # -> object(prefix, instance, suffix, ...., name, component) + name, suffix = fullname, "" + has_suffix = fullname.rfind(".") + if has_suffix > 0: + name = fullname[:has_suffix] + suffix = fullname[has_suffix+1:] + prefix, instance = name, "" + has_instance = name.find("@") + if has_instance > 0: + prefix = name[:has_instance] + instance = name[has_instance+1:] + component = "" + has_component = prefix.rfind("-") + if has_component > 0: + component = prefix[has_component+1:] + return SystemctlUnitName(fullname, name, prefix, instance, suffix, component) + +def time_to_seconds(text, maximum): + value = 0. + for part in str(text).split(" "): + item = part.strip() + if item == "infinity": + return maximum + if item.endswith("m"): + try: value += 60 * int(item[:-1]) + except: pass # pragma: no cover + if item.endswith("min"): + try: value += 60 * int(item[:-3]) + except: pass # pragma: no cover + elif item.endswith("ms"): + try: value += int(item[:-2]) / 1000. + except: pass # pragma: no cover + elif item.endswith("s"): + try: value += int(item[:-1]) + except: pass # pragma: no cover + elif item: + try: value += int(item) + except: pass # pragma: no cover + if value > maximum: + return maximum + if not value and text.strip() == "0": + return 0. + if not value: + return 1. + return value +def seconds_to_time(seconds): + seconds = float(seconds) + mins = int(int(seconds) / 60) + secs = int(int(seconds) - (mins * 60)) + msecs = int(int(seconds * 1000) - (secs * 1000 + mins * 60000)) + if mins and secs and msecs: + return "%smin %ss %sms" % (mins, secs, msecs) + elif mins and secs: + return "%smin %ss" % (mins, secs) + elif secs and msecs: + return "%ss %sms" % (secs, msecs) + elif mins and msecs: + return "%smin %sms" % (mins, msecs) + elif mins: + return "%smin" % (mins) + else: + return "%ss" % (secs) + +def getBefore(conf): + result = [] + beforelist = conf.getlist(Unit, "Before", []) + for befores in beforelist: + for before in befores.split(" "): + name = before.strip() + if name and name not in result: + result.append(name) + return result + +def getAfter(conf): + result = [] + afterlist = conf.getlist(Unit, "After", []) + for afters in afterlist: + for after in afters.split(" "): + name = after.strip() + if name and name not in result: + result.append(name) + return result + +def compareAfter(confA, confB): + idA = confA.name() + idB = confB.name() + for after in getAfter(confA): + if after == idB: + logg.debug("%s After %s", idA, idB) + return -1 + for after in getAfter(confB): + if after == idA: + logg.debug("%s After %s", idB, idA) + return 1 + for before in getBefore(confA): + if before == idB: + logg.debug("%s Before %s", idA, idB) + return 1 + for before in getBefore(confB): + if before == idA: + logg.debug("%s Before %s", idB, idA) + return -1 + return 0 + +def conf_sortedAfter(conflist, cmp = compareAfter): + # the normal sorted() does only look at two items + # so if "A after C" and a list [A, B, C] then + # it will see "A = B" and "B = C" assuming that + # "A = C" and the list is already sorted. + # + # To make a totalsorted we have to create a marker + # that informs sorted() that also B has a relation. + # It only works when 'after' has a direction, so + # anything without 'before' is a 'after'. In that + # case we find that "B after C". + class SortTuple: + def __init__(self, rank, conf): + self.rank = rank + self.conf = conf + sortlist = [SortTuple(0, conf) for conf in conflist] + for check in xrange(len(sortlist)): # maxrank = len(sortlist) + changed = 0 + for A in xrange(len(sortlist)): + for B in xrange(len(sortlist)): + if A != B: + itemA = sortlist[A] + itemB = sortlist[B] + before = compareAfter(itemA.conf, itemB.conf) + if before > 0 and itemA.rank <= itemB.rank: + logg_debug_after(" %-30s before %s", itemA.conf.name(), itemB.conf.name()) + itemA.rank = itemB.rank + 1 + changed += 1 + if before < 0 and itemB.rank <= itemA.rank: + logg_debug_after(" %-30s before %s", itemB.conf.name(), itemA.conf.name()) + itemB.rank = itemA.rank + 1 + changed += 1 + if not changed: + logg_debug_after("done in check %s of %s", check, len(sortlist)) + break + # because Requires is almost always the same as the After clauses + # we are mostly done in round 1 as the list is in required order + for conf in conflist: + logg_debug_after(".. %s", conf.name()) + for item in sortlist: + logg_debug_after("(%s) %s", item.rank, item.conf.name()) + sortedlist = sorted(sortlist, key = lambda item: -item.rank) + for item in sortedlist: + logg_debug_after("[%s] %s", item.rank, item.conf.name()) + return [item.conf for item in sortedlist] + +class SystemctlListenThread(threading.Thread): + def __init__(self, systemctl): + threading.Thread.__init__(self, name="listen") + self.systemctl = systemctl + self.stopped = threading.Event() + def stop(self): + self.stopped.set() + def run(self): + READ_ONLY = select.POLLIN | select.POLLPRI | select.POLLHUP | select.POLLERR + READ_WRITE = READ_ONLY | select.POLLOUT + me = os.getpid() + if DEBUG_INITLOOP: # pragma: no cover + logg.info("[%s] listen: new thread", me) + if not self.systemctl._sockets: + return + if DEBUG_INITLOOP: # pragma: no cover + logg.info("[%s] listen: start thread", me) + listen = select.poll() + for sock in self.systemctl._sockets.values(): + listen.register(sock, READ_ONLY) + sock.listen() + logg.debug("[%s] listen: %s :%s", me, sock.name(), sock.addr()) + timestamp = time.time() + while not self.stopped.is_set(): + try: + sleep_sec = InitLoopSleep - (time.time() - timestamp) + if sleep_sec < MinimumYield: + sleep_sec = MinimumYield + sleeping = sleep_sec + while sleeping > 2: + time.sleep(1) # accept signals atleast every second + sleeping = InitLoopSleep - (time.time() - timestamp) + if sleeping < MinimumYield: + sleeping = MinimumYield + break + time.sleep(sleeping) # remainder waits less that 2 seconds + if DEBUG_INITLOOP: # pragma: no cover + logg.debug("[%s] listen: poll", me) + accepting = listen.poll(100) # milliseconds + if DEBUG_INITLOOP: # pragma: no cover + logg.debug("[%s] listen: poll (%s)", me, len(accepting)) + for sock_fileno, event in accepting: + for sock in self.systemctl._sockets.values(): + if sock.fileno() == sock_fileno: + if not self.stopped.is_set(): + if self.systemctl.loop.acquire(): + logg.debug("[%s] listen: accept %s :%s", me, sock.name(), sock_fileno) + self.systemctl.do_accept_socket_from(sock.conf, sock.sock) + except Exception as e: + logg.info("[%s] listen: interrupted - exception %s", me, e) + raise + for sock in self.systemctl._sockets.values(): + try: + listen.unregister(sock) + sock.close() + except Exception as e: + logg.warning("[%s] listen: close socket: %s", me, e) + return + +class Systemctl: + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + # | + def __init__(self): + self.error = NOT_A_PROBLEM # program exitcode or process returncode + # from command line options or the defaults + self._extra_vars = _extra_vars + self._force = _force + self._full = _full + self._init = _init + self._no_ask_password = _no_ask_password + self._no_legend = _no_legend + self._now = _now + self._preset_mode = _preset_mode + self._quiet = _quiet + self._root = _root + self._show_all = _show_all + self._unit_property = _unit_property + self._unit_state = _unit_state + self._unit_type = _unit_type + # some common constants that may be changed + self._systemd_version = SystemCompatibilityVersion + self._journal_log_folder = _journal_log_folder + # and the actual internal runtime state + self._loaded_file_sysv = {} # /etc/init.d/name => config data + self._loaded_file_sysd = {} # /etc/systemd/system/name.service => config data + self._file_for_unit_sysv = None # name.service => /etc/init.d/name + self._file_for_unit_sysd = None # name.service => /etc/systemd/system/name.service + self._preset_file_list = None # /etc/systemd/system-preset/* => file content + self._default_target = DefaultTarget + self._sysinit_target = None # stores a UnitConf() + self.doExitWhenNoMoreProcs = ExitWhenNoMoreProcs or False + self.doExitWhenNoMoreServices = ExitWhenNoMoreServices or False + self._user_mode = _user_mode + self._user_getlogin = os_getlogin() + self._log_file = {} # init-loop + self._log_hold = {} # init-loop + self._boottime = None # cache self.get_boottime() + self._SYSTEMD_UNIT_PATH = None + self._SYSTEMD_SYSVINIT_PATH = None + self._SYSTEMD_PRESET_PATH = None + self._restarted_unit = {} + self._restart_failed_units = {} + self._sockets = {} + self.loop = threading.Lock() + def user(self): + return self._user_getlogin + def user_mode(self): + return self._user_mode + def user_folder(self): + for folder in self.user_folders(): + if folder: return folder + raise Exception("did not find any systemd/user folder") + def system_folder(self): + for folder in self.system_folders(): + if folder: return folder + raise Exception("did not find any systemd/system folder") + def preset_folders(self): + SYSTEMD_PRESET_PATH = self.get_SYSTEMD_PRESET_PATH() + for path in SYSTEMD_PRESET_PATH.split(":"): + if path.strip(): yield expand_path(path.strip()) + if SYSTEMD_PRESET_PATH.endswith(":"): + if _preset_folder1: yield _preset_folder1 + if _preset_folder2: yield _preset_folder2 + if _preset_folder3: yield _preset_folder3 + if _preset_folder4: yield _preset_folder4 + if _preset_folder5: yield _preset_folder5 + if _preset_folder6: yield _preset_folder6 + if _preset_folderX: yield _preset_folderX + def init_folders(self): + SYSTEMD_SYSVINIT_PATH = self.get_SYSTEMD_SYSVINIT_PATH() + for path in SYSTEMD_SYSVINIT_PATH.split(":"): + if path.strip(): yield expand_path(path.strip()) + if SYSTEMD_SYSVINIT_PATH.endswith(":"): + if _init_folder1: yield _init_folder1 + if _init_folder2: yield _init_folder2 + if _init_folder3: yield _init_folder3 + if _init_folderX: yield _init_folderX + def user_folders(self): + SYSTEMD_UNIT_PATH = self.get_SYSTEMD_UNIT_PATH() + for path in SYSTEMD_UNIT_PATH.split(":"): + if path.strip(): yield expand_path(path.strip()) + if SYSTEMD_UNIT_PATH.endswith(":"): + if _user_folder1: yield expand_path(_user_folder1) + if _user_folder2: yield expand_path(_user_folder2) + if _user_folder3: yield expand_path(_user_folder3) + if _user_folder4: yield expand_path(_user_folder4) + if _user_folder5: yield expand_path(_user_folder5) + if _user_folder6: yield expand_path(_user_folder6) + if _user_folder7: yield expand_path(_user_folder7) + if _user_folder8: yield expand_path(_user_folder8) + if _user_folder9: yield expand_path(_user_folder9) + if _user_folderX: yield expand_path(_user_folderX) + def system_folders(self): + SYSTEMD_UNIT_PATH = self.get_SYSTEMD_UNIT_PATH() + for path in SYSTEMD_UNIT_PATH.split(":"): + if path.strip(): yield expand_path(path.strip()) + if SYSTEMD_UNIT_PATH.endswith(":"): + if _system_folder1: yield _system_folder1 + if _system_folder2: yield _system_folder2 + if _system_folder3: yield _system_folder3 + if _system_folder4: yield _system_folder4 + if _system_folder5: yield _system_folder5 + if _system_folder6: yield _system_folder6 + if _system_folderX: yield _system_folderX + def get_SYSTEMD_UNIT_PATH(self): + if self._SYSTEMD_UNIT_PATH is None: + self._SYSTEMD_UNIT_PATH = os.environ.get("SYSTEMD_UNIT_PATH", ":") + assert self._SYSTEMD_UNIT_PATH is not None + return self._SYSTEMD_UNIT_PATH + def get_SYSTEMD_SYSVINIT_PATH(self): + if self._SYSTEMD_SYSVINIT_PATH is None: + self._SYSTEMD_SYSVINIT_PATH = os.environ.get("SYSTEMD_SYSVINIT_PATH", ":") + assert self._SYSTEMD_SYSVINIT_PATH is not None + return self._SYSTEMD_SYSVINIT_PATH + def get_SYSTEMD_PRESET_PATH(self): + if self._SYSTEMD_PRESET_PATH is None: + self._SYSTEMD_PRESET_PATH = os.environ.get("SYSTEMD_PRESET_PATH", ":") + assert self._SYSTEMD_PRESET_PATH is not None + return self._SYSTEMD_PRESET_PATH + def sysd_folders(self): + """ if --user then these folders are preferred """ + if self.user_mode(): + for folder in self.user_folders(): + yield folder + if True: + for folder in self.system_folders(): + yield folder + def scan_unit_sysd_files(self, module = None): # -> [ unit-names,... ] + """ reads all unit files, returns the first filename for the unit given """ + if self._file_for_unit_sysd is None: + self._file_for_unit_sysd = {} + for folder in self.sysd_folders(): + if not folder: + continue + folder = os_path(self._root, folder) + if not os.path.isdir(folder): + continue + for name in os.listdir(folder): + path = os.path.join(folder, name) + if os.path.isdir(path): + continue + service_name = name + if service_name not in self._file_for_unit_sysd: + self._file_for_unit_sysd[service_name] = path + logg.debug("found %s sysd files", len(self._file_for_unit_sysd)) + return list(self._file_for_unit_sysd.keys()) + def scan_unit_sysv_files(self, module = None): # -> [ unit-names,... ] + """ reads all init.d files, returns the first filename when unit is a '.service' """ + if self._file_for_unit_sysv is None: + self._file_for_unit_sysv = {} + for folder in self.init_folders(): + if not folder: + continue + folder = os_path(self._root, folder) + if not os.path.isdir(folder): + continue + for name in os.listdir(folder): + path = os.path.join(folder, name) + if os.path.isdir(path): + continue + service_name = name + ".service" # simulate systemd + if service_name not in self._file_for_unit_sysv: + self._file_for_unit_sysv[service_name] = path + logg.debug("found %s sysv files", len(self._file_for_unit_sysv)) + return list(self._file_for_unit_sysv.keys()) + def unit_sysd_file(self, module = None): # -> filename? + """ file path for the given module (systemd) """ + self.scan_unit_sysd_files() + assert self._file_for_unit_sysd is not None + if module and module in self._file_for_unit_sysd: + return self._file_for_unit_sysd[module] + if module and unit_of(module) in self._file_for_unit_sysd: + return self._file_for_unit_sysd[unit_of(module)] + return None + def unit_sysv_file(self, module = None): # -> filename? + """ file path for the given module (sysv) """ + self.scan_unit_sysv_files() + assert self._file_for_unit_sysv is not None + if module and module in self._file_for_unit_sysv: + return self._file_for_unit_sysv[module] + if module and unit_of(module) in self._file_for_unit_sysv: + return self._file_for_unit_sysv[unit_of(module)] + return None + def unit_file(self, module = None): # -> filename? + """ file path for the given module (sysv or systemd) """ + path = self.unit_sysd_file(module) + if path is not None: return path + path = self.unit_sysv_file(module) + if path is not None: return path + return None + def is_sysv_file(self, filename): + """ for routines that have a special treatment for init.d services """ + self.unit_file() # scan all + assert self._file_for_unit_sysd is not None + assert self._file_for_unit_sysv is not None + if not filename: return None + if filename in self._file_for_unit_sysd.values(): return False + if filename in self._file_for_unit_sysv.values(): return True + return None # not True + def is_user_conf(self, conf): + if not conf: # pragma: no cover (is never null) + return False + filename = conf.nonloaded_path or conf.filename() + if filename and "/user/" in filename: + return True + return False + def not_user_conf(self, conf): + """ conf can not be started as user service (when --user)""" + if conf is None: # pragma: no cover (is never null) + return True + if not self.user_mode(): + logg.debug("%s no --user mode >> accept", strQ(conf.filename())) + return False + if self.is_user_conf(conf): + logg.debug("%s is /user/ conf >> accept", strQ(conf.filename())) + return False + # to allow for 'docker run -u user' with system services + user = self.get_User(conf) + if user and user == self.user(): + logg.debug("%s with User=%s >> accept", strQ(conf.filename()), user) + return False + return True + def find_drop_in_files(self, unit): + """ search for some.service.d/extra.conf files """ + result = {} + basename_d = unit + ".d" + for folder in self.sysd_folders(): + if not folder: + continue + folder = os_path(self._root, folder) + override_d = os_path(folder, basename_d) + if not os.path.isdir(override_d): + continue + for name in os.listdir(override_d): + path = os.path.join(override_d, name) + if os.path.isdir(path): + continue + if not path.endswith(".conf"): + continue + if name not in result: + result[name] = path + return result + def load_sysd_template_conf(self, module): # -> conf? + """ read the unit template with a UnitConfParser (systemd) """ + if module and "@" in module: + unit = parse_unit(module) + service = "%s@.service" % unit.prefix + conf = self.load_sysd_unit_conf(service) + if conf: + conf.module = module + return conf + return None + def load_sysd_unit_conf(self, module): # -> conf? + """ read the unit file with a UnitConfParser (systemd) """ + path = self.unit_sysd_file(module) + if not path: return None + assert self._loaded_file_sysd is not None + if path in self._loaded_file_sysd: + return self._loaded_file_sysd[path] + masked = None + if os.path.islink(path) and os.readlink(path).startswith("/dev"): + masked = os.readlink(path) + drop_in_files = {} + data = UnitConfParser() + if not masked: + data.read_sysd(path) + drop_in_files = self.find_drop_in_files(os.path.basename(path)) + # load in alphabetic order, irrespective of location + for name in sorted(drop_in_files): + path = drop_in_files[name] + data.read_sysd(path) + conf = SystemctlConf(data, module) + conf.masked = masked + conf.nonloaded_path = path # if masked + conf.drop_in_files = drop_in_files + conf._root = self._root + self._loaded_file_sysd[path] = conf + return conf + def load_sysv_unit_conf(self, module): # -> conf? + """ read the unit file with a UnitConfParser (sysv) """ + path = self.unit_sysv_file(module) + if not path: return None + assert self._loaded_file_sysv is not None + if path in self._loaded_file_sysv: + return self._loaded_file_sysv[path] + data = UnitConfParser() + data.read_sysv(path) + conf = SystemctlConf(data, module) + conf._root = self._root + self._loaded_file_sysv[path] = conf + return conf + def load_unit_conf(self, module): # -> conf | None(not-found) + """ read the unit file with a UnitConfParser (sysv or systemd) """ + try: + conf = self.load_sysd_unit_conf(module) + if conf is not None: + return conf + conf = self.load_sysd_template_conf(module) + if conf is not None: + return conf + conf = self.load_sysv_unit_conf(module) + if conf is not None: + return conf + except Exception as e: + logg.warning("%s not loaded: %s", module, e) + return None + def default_unit_conf(self, module, description = None): # -> conf + """ a unit conf that can be printed to the user where + attributes are empty and loaded() is False """ + data = UnitConfParser() + data.set(Unit, "Description", description or ("NOT-FOUND " + str(module))) + # assert(not data.loaded()) + conf = SystemctlConf(data, module) + conf._root = self._root + return conf + def get_unit_conf(self, module): # -> conf (conf | default-conf) + """ accept that a unit does not exist + and return a unit conf that says 'not-loaded' """ + conf = self.load_unit_conf(module) + if conf is not None: + return conf + return self.default_unit_conf(module) + def get_unit_type(self, module): + name, ext = os.path.splitext(module) + if ext in [".service", ".socket", ".target"]: + return ext[1:] + return None + def get_unit_section(self, module, default = Service): + return string.capwords(self.get_unit_type(module) or default) + def get_unit_section_from(self, conf, default = Service): + return self.get_unit_section(conf.name(), default) + def match_sysd_templates(self, modules = None, suffix=".service"): # -> generate[ unit ] + """ make a file glob on all known template units (systemd areas). + It returns no modules (!!) if no modules pattern were given. + The module string should contain an instance name already. """ + modules = to_list(modules) + if not modules: + return + self.scan_unit_sysd_files() + assert self._file_for_unit_sysd is not None + for item in sorted(self._file_for_unit_sysd.keys()): + if "@" not in item: + continue + service_unit = parse_unit(item) + for module in modules: + if "@" not in module: + continue + module_unit = parse_unit(module) + if service_unit.prefix == module_unit.prefix: + yield "%s@%s.%s" % (service_unit.prefix, module_unit.instance, service_unit.suffix) + def match_sysd_units(self, modules = None, suffix=".service"): # -> generate[ unit ] + """ make a file glob on all known units (systemd areas). + It returns all modules if no modules pattern were given. + Also a single string as one module pattern may be given. """ + modules = to_list(modules) + self.scan_unit_sysd_files() + assert self._file_for_unit_sysd is not None + for item in sorted(self._file_for_unit_sysd.keys()): + if not modules: + yield item + elif [module for module in modules if fnmatch.fnmatchcase(item, module)]: + yield item + elif [module for module in modules if module+suffix == item]: + yield item + def match_sysv_units(self, modules = None, suffix=".service"): # -> generate[ unit ] + """ make a file glob on all known units (sysv areas). + It returns all modules if no modules pattern were given. + Also a single string as one module pattern may be given. """ + modules = to_list(modules) + self.scan_unit_sysv_files() + assert self._file_for_unit_sysv is not None + for item in sorted(self._file_for_unit_sysv.keys()): + if not modules: + yield item + elif [module for module in modules if fnmatch.fnmatchcase(item, module)]: + yield item + elif [module for module in modules if module+suffix == item]: + yield item + def match_units(self, modules = None, suffix=".service"): # -> [ units,.. ] + """ Helper for about any command with multiple units which can + actually be glob patterns on their respective unit name. + It returns all modules if no modules pattern were given. + Also a single string as one module pattern may be given. """ + found = [] + for unit in self.match_sysd_units(modules, suffix): + if unit not in found: + found.append(unit) + for unit in self.match_sysd_templates(modules, suffix): + if unit not in found: + found.append(unit) + for unit in self.match_sysv_units(modules, suffix): + if unit not in found: + found.append(unit) + return found + def list_service_unit_basics(self): + """ show all the basic loading state of services """ + filename = self.unit_file() # scan all + assert self._file_for_unit_sysd is not None + assert self._file_for_unit_sysv is not None + result = [] + for name, value in self._file_for_unit_sysd.items(): + result += [(name, "SysD", value)] + for name, value in self._file_for_unit_sysv.items(): + result += [(name, "SysV", value)] + return result + def list_service_units(self, *modules): # -> [ (unit,loaded+active+substate,description) ] + """ show all the service units """ + result = {} + active = {} + substate = {} + description = {} + for unit in self.match_units(to_list(modules)): + result[unit] = "not-found" + active[unit] = "inactive" + substate[unit] = "dead" + description[unit] = "" + try: + conf = self.get_unit_conf(unit) + result[unit] = "loaded" + description[unit] = self.get_description_from(conf) + active[unit] = self.get_active_from(conf) + substate[unit] = self.get_substate_from(conf) or "unknown" + except Exception as e: + logg.warning("list-units: %s", e) + if self._unit_state: + if self._unit_state not in [result[unit], active[unit], substate[unit]]: + del result[unit] + return [(unit, result[unit] + " " + active[unit] + " " + substate[unit], description[unit]) for unit in sorted(result)] + def list_units_modules(self, *modules): # -> [ (unit,loaded,description) ] + """ [PATTERN]... -- List loaded units. + If one or more PATTERNs are specified, only units matching one of + them are shown. NOTE: This is the default command.""" + hint = "To show all installed unit files use 'systemctl list-unit-files'." + result = self.list_service_units(*modules) + if self._no_legend: + return result + found = "%s loaded units listed." % len(result) + return result + [("", "", ""), (found, "", ""), (hint, "", "")] + def list_service_unit_files(self, *modules): # -> [ (unit,enabled) ] + """ show all the service units and the enabled status""" + logg.debug("list service unit files for %s", modules) + result = {} + enabled = {} + for unit in self.match_units(to_list(modules)): + if _unit_type and self.get_unit_type(unit) not in _unit_type.split(","): + continue + result[unit] = None + enabled[unit] = "" + try: + conf = self.get_unit_conf(unit) + if self.not_user_conf(conf): + result[unit] = None + continue + result[unit] = conf + enabled[unit] = self.enabled_from(conf) + except Exception as e: + logg.warning("list-units: %s", e) + return [(unit, enabled[unit]) for unit in sorted(result) if result[unit]] + def each_target_file(self): + folders = self.system_folders() + if self.user_mode(): + folders = self.user_folders() + for folder1 in folders: + folder = os_path(self._root, folder1) + if not os.path.isdir(folder): + continue + for filename in os.listdir(folder): + if filename.endswith(".target"): + yield (filename, os.path.join(folder, filename)) + def list_target_unit_files(self, *modules): # -> [ (unit,enabled) ] + """ show all the target units and the enabled status""" + enabled = {} + targets = {} + for target, filepath in self.each_target_file(): + logg.info("target %s", filepath) + targets[target] = filepath + enabled[target] = "static" + for unit in _all_common_targets: + targets[unit] = None + enabled[unit] = "static" + if unit in _all_common_enabled: + enabled[unit] = "enabled" + if unit in _all_common_disabled: + enabled[unit] = "disabled" + return [(unit, enabled[unit]) for unit in sorted(targets)] + def list_unit_files_modules(self, *modules): # -> [ (unit,enabled) ] + """[PATTERN]... -- List installed unit files + List installed unit files and their enablement state (as reported + by is-enabled). If one or more PATTERNs are specified, only units + whose filename (just the last component of the path) matches one of + them are shown. This command reacts to limitations of --type being + --type=service or --type=target (and --now for some basics).""" + result = [] + if self._now: + basics = self.list_service_unit_basics() + result = [(name, sysv + " " + filename) for name, sysv, filename in basics] + elif self._unit_type == "target": + result = self.list_target_unit_files() + elif self._unit_type == "service": + result = self.list_service_unit_files() + elif self._unit_type: + logg.warning("unsupported unit --type=%s", self._unit_type) + else: + result = self.list_target_unit_files() + result += self.list_service_unit_files(*modules) + if self._no_legend: + return result + found = "%s unit files listed." % len(result) + return [("UNIT FILE", "STATE")] + result + [("", ""), (found, "")] + ## + ## + def get_description(self, unit, default = None): + return self.get_description_from(self.load_unit_conf(unit)) + def get_description_from(self, conf, default = None): # -> text + """ Unit.Description could be empty sometimes """ + if not conf: return default or "" + description = conf.get(Unit, "Description", default or "") + return self.expand_special(description, conf) + def read_pid_file(self, pid_file, default = None): + pid = default + if not pid_file: + return default + if not os.path.isfile(pid_file): + return default + if self.truncate_old(pid_file): + return default + try: + # some pid-files from applications contain multiple lines + for line in open(pid_file): + if line.strip(): + pid = to_intN(line.strip()) + break + except Exception as e: + logg.warning("bad read of pid file '%s': %s", pid_file, e) + return pid + def wait_pid_file(self, pid_file, timeout = None): # -> pid? + """ wait some seconds for the pid file to appear and return the pid """ + timeout = int(timeout or (DefaultTimeoutStartSec/2)) + timeout = max(timeout, (MinimumTimeoutStartSec)) + dirpath = os.path.dirname(os.path.abspath(pid_file)) + for x in xrange(timeout): + if not os.path.isdir(dirpath): + time.sleep(1) # until TimeoutStartSec/2 + continue + pid = self.read_pid_file(pid_file) + if not pid: + time.sleep(1) # until TimeoutStartSec/2 + continue + if not pid_exists(pid): + time.sleep(1) # until TimeoutStartSec/2 + continue + return pid + return None + def get_status_pid_file(self, unit): + """ actual file path of pid file (internal) """ + conf = self.get_unit_conf(unit) + return self.pid_file_from(conf) or self.get_status_file_from(conf) + def pid_file_from(self, conf, default = ""): + """ get the specified pid file path (not a computed default) """ + pid_file = self.get_pid_file(conf) or default + return os_path(self._root, self.expand_special(pid_file, conf)) + def get_pid_file(self, conf, default = None): + return conf.get(Service, "PIDFile", default) + def read_mainpid_from(self, conf, default = None): + """ MAINPID is either the PIDFile content written from the application + or it is the value in the status file written by this systemctl.py code """ + pid_file = self.pid_file_from(conf) + if pid_file: + return self.read_pid_file(pid_file, default) + status = self.read_status_from(conf) + if "MainPID" in status: + return to_intN(status["MainPID"], default) + return default + def clean_pid_file_from(self, conf): + pid_file = self.pid_file_from(conf) + if pid_file and os.path.isfile(pid_file): + try: + os.remove(pid_file) + except OSError as e: + logg.warning("while rm %s: %s", pid_file, e) + self.write_status_from(conf, MainPID=None) + def get_status_file(self, unit): # for testing + conf = self.get_unit_conf(unit) + return self.get_status_file_from(conf) + def get_status_file_from(self, conf, default = None): + status_file = self.get_StatusFile(conf) + # this not a real setting, but do the expand_special anyway + return os_path(self._root, self.expand_special(status_file, conf)) + def get_StatusFile(self, conf, default = None): # -> text + """ file where to store a status mark """ + status_file = conf.get(Service, "StatusFile", default) + if status_file: + return status_file + root = conf.root_mode() + folder = get_PID_DIR(root) + name = "%s.status" % conf.name() + return os.path.join(folder, name) + def clean_status_from(self, conf): + status_file = self.get_status_file_from(conf) + if os.path.exists(status_file): + os.remove(status_file) + conf.status = {} + def write_status_from(self, conf, **status): # -> bool(written) + """ if a status_file is known then path is created and the + give status is written as the only content. """ + status_file = self.get_status_file_from(conf) + # if not status_file: return False + dirpath = os.path.dirname(os.path.abspath(status_file)) + if not os.path.isdir(dirpath): + os.makedirs(dirpath) + if conf.status is None: + conf.status = self.read_status_from(conf) + if True: + for key in sorted(status.keys()): + value = status[key] + if key.upper() == "AS": key = "ActiveState" + if key.upper() == "EXIT": key = "ExecMainCode" + if value is None: + try: del conf.status[key] + except KeyError: pass + else: + conf.status[key] = strE(value) + try: + with open(status_file, "w") as f: + for key in sorted(conf.status): + value = conf.status[key] + if key == "MainPID" and str(value) == "0": + logg.warning("ignore writing MainPID=0") + continue + content = "{}={}\n".format(key, str(value)) + logg.debug("writing to %s\n\t%s", status_file, content.strip()) + f.write(content) + except IOError as e: + logg.error("writing STATUS %s: %s\n\t to status file %s", status, e, status_file) + return True + def read_status_from(self, conf): + status_file = self.get_status_file_from(conf) + status = {} + # if not status_file: return status + if not os.path.isfile(status_file): + if DEBUG_STATUS: logg.debug("no status file: %s\n returning %s", status_file, status) + return status + if self.truncate_old(status_file): + if DEBUG_STATUS: logg.debug("old status file: %s\n returning %s", status_file, status) + return status + try: + if DEBUG_STATUS: logg.debug("reading %s", status_file) + for line in open(status_file): + if line.strip(): + m = re.match(r"(\w+)[:=](.*)", line) + if m: + key, value = m.group(1), m.group(2) + if key.strip(): + status[key.strip()] = value.strip() + else: # pragma: no cover + logg.warning("ignored %s", line.strip()) + except: + logg.warning("bad read of status file '%s'", status_file) + return status + def get_status_from(self, conf, name, default = None): + if conf.status is None: + conf.status = self.read_status_from(conf) + return conf.status.get(name, default) + def set_status_from(self, conf, name, value): + if conf.status is None: + conf.status = self.read_status_from(conf) + if value is None: + try: del conf.status[name] + except KeyError: pass + else: + conf.status[name] = value + # + def get_boottime(self): + """ detects the boot time of the container - in general the start time of PID 1 """ + if self._boottime is None: + self._boottime = self.get_boottime_from_proc() + assert self._boottime is not None + return self._boottime + def get_boottime_from_proc(self): + """ detects the latest boot time by looking at the start time of available process""" + pid1 = BOOT_PID_MIN or 0 + pid_max = BOOT_PID_MAX + if pid_max < 0: + pid_max = pid1 - pid_max + for pid in xrange(pid1, pid_max): + proc = _proc_pid_stat.format(**locals()) + try: + if os.path.exists(proc): + # return os.path.getmtime(proc) # did sometimes change + return self.path_proc_started(proc) + except Exception as e: # pragma: no cover + logg.warning("boottime - could not access %s: %s", proc, e) + if DEBUG_BOOTTIME: + logg.debug(" boottime from the oldest entry in /proc [nothing in %s..%s]", pid1, pid_max) + return self.get_boottime_from_old_proc() + def get_boottime_from_old_proc(self): + booted = time.time() + for pid in os.listdir(_proc_pid_dir): + proc = _proc_pid_stat.format(**locals()) + try: + if os.path.exists(proc): + # ctime = os.path.getmtime(proc) + ctime = self.path_proc_started(proc) + if ctime < booted: + booted = ctime + except Exception as e: # pragma: no cover + logg.warning("could not access %s: %s", proc, e) + return booted + + # Use uptime, time process running in ticks, and current time to determine process boot time + # You can't use the modified timestamp of the status file because it isn't static. + # ... using clock ticks it is known to be a linear time on Linux + def path_proc_started(self, proc): + # get time process started after boot in clock ticks + with open(proc) as file_stat: + data_stat = file_stat.readline() + file_stat.close() + stat_data = data_stat.split() + started_ticks = stat_data[21] + # man proc(5): "(22) starttime = The time the process started after system boot." + # ".. the value is expressed in clock ticks (divide by sysconf(_SC_CLK_TCK))." + # NOTE: for containers the start time is related to the boot time of host system. + + clkTickInt = os.sysconf_names['SC_CLK_TCK'] + clockTicksPerSec = os.sysconf(clkTickInt) + started_secs = float(started_ticks) / clockTicksPerSec + if DEBUG_BOOTTIME: + logg.debug(" BOOT .. Proc started time: %.3f (%s)", started_secs, proc) + # this value is the start time from the host system + + # Variant 1: + system_uptime = _proc_sys_uptime + with open(system_uptime, "rb") as file_uptime: + data_uptime = file_uptime.readline() + file_uptime.close() + uptime_data = data_uptime.decode().split() + uptime_secs = float(uptime_data[0]) + if DEBUG_BOOTTIME: + logg.debug(" BOOT 1. System uptime secs: %.3f (%s)", uptime_secs, system_uptime) + + # get time now + now = time.time() + started_time = now - (uptime_secs - started_secs) + if DEBUG_BOOTTIME: + logg.debug(" BOOT 1. Proc has been running since: %s" % (datetime.datetime.fromtimestamp(started_time))) + + # Variant 2: + system_stat = _proc_sys_stat + system_btime = 0. + with open(system_stat, "rb") as f: + for line in f: + assert isinstance(line, bytes) + if line.startswith(b"btime"): + system_btime = float(line.decode().split()[1]) + f.closed + if DEBUG_BOOTTIME: + logg.debug(" BOOT 2. System btime secs: %.3f (%s)", system_btime, system_stat) + + started_btime = system_btime + started_secs + if DEBUG_BOOTTIME: + logg.debug(" BOOT 2. Proc has been running since: %s" % (datetime.datetime.fromtimestamp(started_btime))) + + # return started_time + return started_btime + + def get_filetime(self, filename): + return os.path.getmtime(filename) + def truncate_old(self, filename): + filetime = self.get_filetime(filename) + boottime = self.get_boottime() + if filetime >= boottime: + if DEBUG_BOOTTIME: + logg.debug(" file time: %s (%s)", datetime.datetime.fromtimestamp(filetime), o22(filename)) + logg.debug(" boot time: %s (%s)", datetime.datetime.fromtimestamp(boottime), "status modified later") + return False # OK + if DEBUG_BOOTTIME: + logg.info(" file time: %s (%s)", datetime.datetime.fromtimestamp(filetime), o22(filename)) + logg.info(" boot time: %s (%s)", datetime.datetime.fromtimestamp(boottime), "status TRUNCATED NOW") + try: + shutil_truncate(filename) + except Exception as e: + logg.warning("while truncating: %s", e) + return True # truncated + def getsize(self, filename): + if filename is None: # pragma: no cover (is never null) + return 0 + if not os.path.isfile(filename): + return 0 + if self.truncate_old(filename): + return 0 + try: + return os.path.getsize(filename) + except Exception as e: + logg.warning("while reading file size: %s\n of %s", e, filename) + return 0 + # + def read_env_file(self, env_file): # -> generate[ (name,value) ] + """ EnvironmentFile= is being scanned """ + mode, env_file = load_path(env_file) + real_file = os_path(self._root, env_file) + if not os.path.exists(real_file): + if mode.check: + logg.error("file does not exist: %s", real_file) + else: + logg.debug("file does not exist: %s", real_file) + return + try: + for real_line in open(os_path(self._root, env_file)): + line = real_line.strip() + if not line or line.startswith("#"): + continue + m = re.match(r"(?:export +)?([\w_]+)[=]'([^']*)'", line) + if m: + yield m.group(1), m.group(2) + continue + m = re.match(r'(?:export +)?([\w_]+)[=]"([^"]*)"', line) + if m: + yield m.group(1), m.group(2) + continue + m = re.match(r'(?:export +)?([\w_]+)[=](.*)', line) + if m: + yield m.group(1), m.group(2) + continue + except Exception as e: + logg.info("while reading %s: %s", env_file, e) + def read_env_part(self, env_part): # -> generate[ (name, value) ] + """ Environment== is being scanned """ + # systemd Environment= spec says it is a space-seperated list of + # assignments. In order to use a space or an equals sign in a value + # one should enclose the whole assignment with double quotes: + # Environment="VAR1=word word" VAR2=word3 "VAR3=$word 5 6" + # and the $word is not expanded by other environment variables. + try: + for real_line in env_part.split("\n"): + line = real_line.strip() + for found in re.finditer(r'\s*("[\w_]+=[^"]*"|[\w_]+=\S*)', line): + part = found.group(1) + if part.startswith('"'): + part = part[1:-1] + name, value = part.split("=", 1) + yield name, value + except Exception as e: + logg.info("while reading %s: %s", env_part, e) + def command_of_unit(self, unit): + """ [UNIT]. -- show service settings (experimental) + or use -p VarName to show another property than 'ExecStart' """ + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s could not be found.", unit) + self.error |= NOT_FOUND + return None + if _unit_property: + return conf.getlist(Service, _unit_property) + return conf.getlist(Service, "ExecStart") + def environment_of_unit(self, unit): + """ [UNIT]. -- show environment parts """ + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s could not be found.", unit) + self.error |= NOT_FOUND + return None + return self.get_env(conf) + def extra_vars(self): + return self._extra_vars # from command line + def get_env(self, conf): + env = os.environ.copy() + for env_part in conf.getlist(Service, "Environment", []): + for name, value in self.read_env_part(self.expand_special(env_part, conf)): + env[name] = value # a '$word' is not special here (lazy expansion) + for env_file in conf.getlist(Service, "EnvironmentFile", []): + for name, value in self.read_env_file(self.expand_special(env_file, conf)): + env[name] = self.expand_env(value, env) # but nonlazy expansion here + logg.debug("extra-vars %s", self.extra_vars()) + for extra in self.extra_vars(): + if extra.startswith("@"): + for name, value in self.read_env_file(extra[1:]): + logg.info("override %s=%s", name, value) + env[name] = self.expand_env(value, env) + else: + for name, value in self.read_env_part(extra): + logg.info("override %s=%s", name, value) + env[name] = value # a '$word' is not special here + return env + def expand_env(self, cmd, env): + def get_env1(m): + name = m.group(1) + if name in env: + return env[name] + namevar = "$%s" % name + logg.debug("can not expand %s", namevar) + return (EXPAND_KEEP_VARS and namevar or "") + def get_env2(m): + name = m.group(1) + if name in env: + return env[name] + namevar = "${%s}" % name + logg.debug("can not expand %s", namevar) + return (EXPAND_KEEP_VARS and namevar or "") + # + maxdepth = EXPAND_VARS_MAXDEPTH + expanded = re.sub("[$](\w+)", lambda m: get_env1(m), cmd.replace("\\\n", "")) + for depth in xrange(maxdepth): + new_text = re.sub("[$][{](\w+)[}]", lambda m: get_env2(m), expanded) + if new_text == expanded: + return expanded + expanded = new_text + logg.error("shell variable expansion exceeded maxdepth %s", maxdepth) + return expanded + def expand_special(self, cmd, conf): + """ expand %i %t and similar special vars. They are being expanded + before any other expand_env takes place which handles shell-style + $HOME references. """ + def xx(arg): return unit_name_unescape(arg) + def yy(arg): return arg + def get_confs(conf): + confs={"%": "%"} + if conf is None: # pragma: no cover (is never null) + return confs + unit = parse_unit(conf.name()) + # + root = conf.root_mode() + VARTMP = get_VARTMP(root) # $TMPDIR # "/var/tmp" + TMP = get_TMP(root) # $TMPDIR # "/tmp" + RUN = get_RUNTIME_DIR(root) # $XDG_RUNTIME_DIR # "/run" + ETC = get_CONFIG_HOME(root) # $XDG_CONFIG_HOME # "/etc" + DAT = get_VARLIB_HOME(root) # $XDG_CONFIG_HOME # "/var/lib" + LOG = get_LOG_DIR(root) # $XDG_CONFIG_HOME/log # "/var/log" + CACHE = get_CACHE_HOME(root) # $XDG_CACHE_HOME # "/var/cache" + HOME = get_HOME(root) # $HOME or ~ # "/root" + USER = get_USER(root) # geteuid().pw_name # "root" + USER_ID = get_USER_ID(root) # geteuid() # 0 + GROUP = get_GROUP(root) # getegid().gr_name # "root" + GROUP_ID = get_GROUP_ID(root) # getegid() # 0 + SHELL = get_SHELL(root) # $SHELL # "/bin/sh" + # confs["b"] = boot_ID + confs["C"] = os_path(self._root, CACHE) # Cache directory root + confs["E"] = os_path(self._root, ETC) # Configuration directory root + confs["F"] = strE(conf.filename()) # EXTRA + confs["f"] = "/%s" % xx(unit.instance or unit.prefix) + confs["h"] = HOME # User home directory + # confs["H"] = host_NAME + confs["i"] = yy(unit.instance) + confs["I"] = xx(unit.instance) # same as %i but escaping undone + confs["j"] = yy(unit.component) # final component of the prefix + confs["J"] = xx(unit.component) # unescaped final component + confs["L"] = os_path(self._root, LOG) + # confs["m"] = machine_ID + confs["n"] = yy(unit.fullname) # Full unit name + confs["N"] = yy(unit.name) # Same as "%n", but with the type suffix removed. + confs["p"] = yy(unit.prefix) # before the first "@" or same as %n + confs["P"] = xx(unit.prefix) # same as %p but escaping undone + confs["s"] = SHELL + confs["S"] = os_path(self._root, DAT) + confs["t"] = os_path(self._root, RUN) + confs["T"] = os_path(self._root, TMP) + confs["g"] = GROUP + confs["G"] = str(GROUP_ID) + confs["u"] = USER + confs["U"] = str(USER_ID) + confs["V"] = os_path(self._root, VARTMP) + return confs + def get_conf1(m): + confs = get_confs(conf) + if m.group(1) in confs: + return confs[m.group(1)] + logg.warning("can not expand %%%s", m.group(1)) + return "" + result = "" + if cmd: + result = re.sub("[%](.)", lambda m: get_conf1(m), cmd) + # ++# logg.info("expanded => %s", result) + return result + def exec_newcmd(self, cmd, env, conf): + mode, exe = exec_path(cmd) + if mode.noexpand: + newcmd = self.split_cmd(exe) + else: + newcmd = self.expand_cmd(exe, env, conf) + if mode.argv0: + if len(newcmd) > 1: + del newcmd[1] # TODO: keep but allow execve calls to pick it up + return mode, newcmd + def split_cmd(self, cmd): + cmd2 = cmd.replace("\\\n", "") + newcmd = [] + for part in shlex.split(cmd2): + newcmd += [part] + return newcmd + def expand_cmd(self, cmd, env, conf): + """ expand ExecCmd statements including %i and $MAINPID """ + cmd2 = cmd.replace("\\\n", "") + # according to documentation, when bar="one two" then the expansion + # of '$bar' is ["one","two"] and '${bar}' becomes ["one two"]. We + # tackle that by expand $bar before shlex, and the rest thereafter. + def get_env1(m): + name = m.group(1) + if name in env: + return env[name] + logg.debug("can not expand $%s", name) + return "" # empty string + def get_env2(m): + name = m.group(1) + if name in env: + return env[name] + logg.debug("can not expand $%s}}", name) + return "" # empty string + cmd3 = re.sub("[$](\w+)", lambda m: get_env1(m), cmd2) + newcmd = [] + for part in shlex.split(cmd3): + part2 = self.expand_special(part, conf) + newcmd += [re.sub("[$][{](\w+)[}]", lambda m: get_env2(m), part2)] # type: ignore[arg-type] + return newcmd + def remove_service_directories(self, conf, section = Service): + # | + ok = True + nameRuntimeDirectory = self.get_RuntimeDirectory(conf, section) + keepRuntimeDirectory = self.get_RuntimeDirectoryPreserve(conf, section) + if not keepRuntimeDirectory: + root = conf.root_mode() + for name in nameRuntimeDirectory.split(" "): + if not name.strip(): continue + RUN = get_RUNTIME_DIR(root) + path = os.path.join(RUN, name) + dirpath = os_path(self._root, path) + ok = self.do_rm_tree(dirpath) and ok + if RUN == "/run": + for var_run in ("/var/run", "/tmp/run"): + if os.path.isdir(var_run): + var_path = os.path.join(var_run, name) + var_dirpath = os_path(self._root, var_path) + self.do_rm_tree(var_dirpath) + if not ok: + logg.debug("could not fully remove service directory %s", path) + return ok + def do_rm_tree(self, path): + ok = True + if os.path.isdir(path): + for dirpath, dirnames, filenames in os.walk(path, topdown=False): + for item in filenames: + filepath = os.path.join(dirpath, item) + try: + os.remove(filepath) + except Exception as e: # pragma: no cover + logg.debug("not removed file: %s (%s)", filepath, e) + ok = False + for item in dirnames: + dir_path = os.path.join(dirpath, item) + try: + os.rmdir(dir_path) + except Exception as e: # pragma: no cover + logg.debug("not removed dir: %s (%s)", dir_path, e) + ok = False + try: + os.rmdir(path) + except Exception as e: + logg.debug("not removed top dir: %s (%s)", path, e) + ok = False # pragma: no cover + logg.debug("%s rm_tree %s", ok and "done" or "fail", path) + return ok + def get_RuntimeDirectoryPreserve(self, conf, section = Service): + return conf.getbool(section, "RuntimeDirectoryPreserve", "no") + def get_RuntimeDirectory(self, conf, section = Service): + return self.expand_special(conf.get(section, "RuntimeDirectory", ""), conf) + def get_StateDirectory(self, conf, section = Service): + return self.expand_special(conf.get(section, "StateDirectory", ""), conf) + def get_CacheDirectory(self, conf, section = Service): + return self.expand_special(conf.get(section, "CacheDirectory", ""), conf) + def get_LogsDirectory(self, conf, section = Service): + return self.expand_special(conf.get(section, "LogsDirectory", ""), conf) + def get_ConfigurationDirectory(self, conf, section = Service): + return self.expand_special(conf.get(section, "ConfigurationDirectory", ""), conf) + def get_RuntimeDirectoryMode(self, conf, section = Service): + return conf.get(section, "RuntimeDirectoryMode", "") + def get_StateDirectoryMode(self, conf, section = Service): + return conf.get(section, "StateDirectoryMode", "") + def get_CacheDirectoryMode(self, conf, section = Service): + return conf.get(section, "CacheDirectoryMode", "") + def get_LogsDirectoryMode(self, conf, section = Service): + return conf.get(section, "LogsDirectoryMode", "") + def get_ConfigurationDirectoryMode(self, conf, section = Service): + return conf.get(section, "ConfigurationDirectoryMode", "") + def clean_service_directories(self, conf, which = ""): + ok = True + section = self.get_unit_section_from(conf) + nameRuntimeDirectory = self.get_RuntimeDirectory(conf, section) + nameStateDirectory = self.get_StateDirectory(conf, section) + nameCacheDirectory = self.get_CacheDirectory(conf, section) + nameLogsDirectory = self.get_LogsDirectory(conf, section) + nameConfigurationDirectory = self.get_ConfigurationDirectory(conf, section) + root = conf.root_mode() + for name in nameRuntimeDirectory.split(" "): + if not name.strip(): continue + RUN = get_RUNTIME_DIR(root) + path = os.path.join(RUN, name) + if which in ["all", "runtime", ""]: + dirpath = os_path(self._root, path) + ok = self.do_rm_tree(dirpath) and ok + if RUN == "/run": + for var_run in ("/var/run", "/tmp/run"): + var_path = os.path.join(var_run, name) + var_dirpath = os_path(self._root, var_path) + self.do_rm_tree(var_dirpath) + for name in nameStateDirectory.split(" "): + if not name.strip(): continue + DAT = get_VARLIB_HOME(root) + path = os.path.join(DAT, name) + if which in ["all", "state"]: + dirpath = os_path(self._root, path) + ok = self.do_rm_tree(dirpath) and ok + for name in nameCacheDirectory.split(" "): + if not name.strip(): continue + CACHE = get_CACHE_HOME(root) + path = os.path.join(CACHE, name) + if which in ["all", "cache", ""]: + dirpath = os_path(self._root, path) + ok = self.do_rm_tree(dirpath) and ok + for name in nameLogsDirectory.split(" "): + if not name.strip(): continue + LOGS = get_LOG_DIR(root) + path = os.path.join(LOGS, name) + if which in ["all", "logs"]: + dirpath = os_path(self._root, path) + ok = self.do_rm_tree(dirpath) and ok + for name in nameConfigurationDirectory.split(" "): + if not name.strip(): continue + CONFIG = get_CONFIG_HOME(root) + path = os.path.join(CONFIG, name) + if which in ["all", "configuration", ""]: + dirpath = os_path(self._root, path) + ok = self.do_rm_tree(dirpath) and ok + return ok + def env_service_directories(self, conf): + envs = {} + section = self.get_unit_section_from(conf) + nameRuntimeDirectory = self.get_RuntimeDirectory(conf, section) + nameStateDirectory = self.get_StateDirectory(conf, section) + nameCacheDirectory = self.get_CacheDirectory(conf, section) + nameLogsDirectory = self.get_LogsDirectory(conf, section) + nameConfigurationDirectory = self.get_ConfigurationDirectory(conf, section) + root = conf.root_mode() + for name in nameRuntimeDirectory.split(" "): + if not name.strip(): continue + RUN = get_RUNTIME_DIR(root) + path = os.path.join(RUN, name) + envs["RUNTIME_DIRECTORY"] = path + for name in nameStateDirectory.split(" "): + if not name.strip(): continue + DAT = get_VARLIB_HOME(root) + path = os.path.join(DAT, name) + envs["STATE_DIRECTORY"] = path + for name in nameCacheDirectory.split(" "): + if not name.strip(): continue + CACHE = get_CACHE_HOME(root) + path = os.path.join(CACHE, name) + envs["CACHE_DIRECTORY"] = path + for name in nameLogsDirectory.split(" "): + if not name.strip(): continue + LOGS = get_LOG_DIR(root) + path = os.path.join(LOGS, name) + envs["LOGS_DIRECTORY"] = path + for name in nameConfigurationDirectory.split(" "): + if not name.strip(): continue + CONFIG = get_CONFIG_HOME(root) + path = os.path.join(CONFIG, name) + envs["CONFIGURATION_DIRECTORY"] = path + return envs + def create_service_directories(self, conf): + envs = {} + section = self.get_unit_section_from(conf) + nameRuntimeDirectory = self.get_RuntimeDirectory(conf, section) + modeRuntimeDirectory = self.get_RuntimeDirectoryMode(conf, section) + nameStateDirectory = self.get_StateDirectory(conf, section) + modeStateDirectory = self.get_StateDirectoryMode(conf, section) + nameCacheDirectory = self.get_CacheDirectory(conf, section) + modeCacheDirectory = self.get_CacheDirectoryMode(conf, section) + nameLogsDirectory = self.get_LogsDirectory(conf, section) + modeLogsDirectory = self.get_LogsDirectoryMode(conf, section) + nameConfigurationDirectory = self.get_ConfigurationDirectory(conf, section) + modeConfigurationDirectory = self.get_ConfigurationDirectoryMode(conf, section) + root = conf.root_mode() + user = self.get_User(conf) + group = self.get_Group(conf) + for name in nameRuntimeDirectory.split(" "): + if not name.strip(): continue + RUN = get_RUNTIME_DIR(root) + path = os.path.join(RUN, name) + logg.debug("RuntimeDirectory %s", path) + self.make_service_directory(path, modeRuntimeDirectory) + self.chown_service_directory(path, user, group) + envs["RUNTIME_DIRECTORY"] = path + if RUN == "/run": + for var_run in ("/var/run", "/tmp/run"): + if os.path.isdir(var_run): + var_path = os.path.join(var_run, name) + var_dirpath = os_path(self._root, var_path) + if os.path.isdir(var_dirpath): + if not os.path.islink(var_dirpath): + logg.debug("not a symlink: %s", var_dirpath) + continue + dirpath = os_path(self._root, path) + basepath = os.path.dirname(var_dirpath) + if not os.path.isdir(basepath): + os.makedirs(basepath) + try: + os.symlink(dirpath, var_dirpath) + except Exception as e: + logg.debug("var symlink %s\n\t%s", var_dirpath, e) + for name in nameStateDirectory.split(" "): + if not name.strip(): continue + DAT = get_VARLIB_HOME(root) + path = os.path.join(DAT, name) + logg.debug("StateDirectory %s", path) + self.make_service_directory(path, modeStateDirectory) + self.chown_service_directory(path, user, group) + envs["STATE_DIRECTORY"] = path + for name in nameCacheDirectory.split(" "): + if not name.strip(): continue + CACHE = get_CACHE_HOME(root) + path = os.path.join(CACHE, name) + logg.debug("CacheDirectory %s", path) + self.make_service_directory(path, modeCacheDirectory) + self.chown_service_directory(path, user, group) + envs["CACHE_DIRECTORY"] = path + for name in nameLogsDirectory.split(" "): + if not name.strip(): continue + LOGS = get_LOG_DIR(root) + path = os.path.join(LOGS, name) + logg.debug("LogsDirectory %s", path) + self.make_service_directory(path, modeLogsDirectory) + self.chown_service_directory(path, user, group) + envs["LOGS_DIRECTORY"] = path + for name in nameConfigurationDirectory.split(" "): + if not name.strip(): continue + CONFIG = get_CONFIG_HOME(root) + path = os.path.join(CONFIG, name) + logg.debug("ConfigurationDirectory %s", path) + self.make_service_directory(path, modeConfigurationDirectory) + # not done according the standard + # self.chown_service_directory(path, user, group) + envs["CONFIGURATION_DIRECTORY"] = path + return envs + def make_service_directory(self, path, mode): + ok = True + dirpath = os_path(self._root, path) + if not os.path.isdir(dirpath): + try: + os.makedirs(dirpath) + logg.info("created directory path: %s", dirpath) + except Exception as e: # pragma: no cover + logg.debug("errors directory path: %s\n\t%s", dirpath, e) + ok = False + filemode = int_mode(mode) + if filemode: + try: + os.chmod(dirpath, filemode) + except Exception as e: # pragma: no cover + logg.debug("errors directory path: %s\n\t%s", dirpath, e) + ok = False + else: + logg.debug("path did already exist: %s", dirpath) + if not ok: + logg.debug("could not fully create service directory %s", path) + return ok + def chown_service_directory(self, path, user, group): + # the standard defines an optimization so that if the parent + # directory does have the correct user and group then there + # is no other chown on files and subdirectories to be done. + dirpath = os_path(self._root, path) + if not os.path.isdir(dirpath): + logg.debug("chown did not find %s", dirpath) + return True + if user or group: + st = os.stat(dirpath) + st_user = pwd.getpwuid(st.st_uid).pw_name + st_group = grp.getgrgid(st.st_gid).gr_name + change = False + if user and (user.strip() != st_user and user.strip() != str(st.st_uid)): + change = True + if group and (group.strip() != st_group and group.strip() != str(st.st_gid)): + change = True + if change: + logg.debug("do chown %s", dirpath) + try: + ok = self.do_chown_tree(dirpath, user, group) + logg.info("changed %s:%s %s", user, group, ok) + return ok + except Exception as e: + logg.info("oops %s\n\t%s", dirpath, e) + else: + logg.debug("untouched %s", dirpath) + return True + def do_chown_tree(self, path, user, group): + ok = True + uid, gid = -1, -1 + if user: + uid = pwd.getpwnam(user).pw_uid + gid = pwd.getpwnam(user).pw_gid + if group: + gid = grp.getgrnam(group).gr_gid + for dirpath, dirnames, filenames in os.walk(path, topdown=False): + for item in filenames: + filepath = os.path.join(dirpath, item) + try: + os.chown(filepath, uid, gid) + except Exception as e: # pragma: no cover + logg.debug("could not set %s:%s on %s\n\t%s", user, group, filepath, e) + ok = False + for item in dirnames: + dir_path = os.path.join(dirpath, item) + try: + os.chown(dir_path, uid, gid) + except Exception as e: # pragma: no cover + logg.debug("could not set %s:%s on %s\n\t%s", user, group, dir_path, e) + ok = False + try: + os.chown(path, uid, gid) + except Exception as e: # pragma: no cover + logg.debug("could not set %s:%s on %s\n\t%s", user, group, path, e) + ok = False + if not ok: + logg.debug("could not chown %s:%s service directory %s", user, group, path) + return ok + def clean_modules(self, *modules): + """ [UNIT]... -- remove the state directories + /// it recognizes --what=all or any of configuration, state, cache, logs, runtime + while an empty value (the default) removes cache and runtime directories""" + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + lines = _log_lines + follow = _force + ok = self.clean_units(units) + return ok and found_all + def clean_units(self, units, what = ""): + if not what: + what = _what_kind + ok = True + for unit in units: + ok = self.clean_unit(unit, what) and ok + return ok + def clean_unit(self, unit, what = ""): + conf = self.load_unit_conf(unit) + if not conf: return False + return self.clean_unit_from(conf, what) + def clean_unit_from(self, conf, what): + if self.is_active_from(conf): + logg.warning("can not clean active unit: %s", conf.name()) + return False + return self.clean_service_directories(conf, what) + def log_modules(self, *modules): + """ [UNIT]... -- start 'less' on the log files for the services + /// use '-f' to follow and '-n lines' to limit output using 'tail', + using '--no-pager' just does a full 'cat'""" + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + lines = _log_lines + follow = _force + result = self.log_units(units, lines, follow) + if result: + self.error = result + return False + return found_all + def log_units(self, units, lines = None, follow = False): + result = 0 + for unit in self.sortedAfter(units): + exitcode = self.log_unit(unit, lines, follow) + if exitcode < 0: + return exitcode + if exitcode > result: + result = exitcode + return result + def log_unit(self, unit, lines = None, follow = False): + conf = self.load_unit_conf(unit) + if not conf: return -1 + return self.log_unit_from(conf, lines, follow) + def log_unit_from(self, conf, lines = None, follow = False): + cmd_args = [] + log_path = self.get_journal_log_from(conf) + if follow: + cmd = [TAIL_CMD, "-n", str(lines or 10), "-F", log_path] + logg.debug("journalctl %s -> %s", conf.name(), cmd) + cmd_args = [arg for arg in cmd] # satisfy mypy + return os.spawnvp(os.P_WAIT, cmd_args[0], cmd_args) + elif lines: + cmd = [TAIL_CMD, "-n", str(lines or 10), log_path] + logg.debug("journalctl %s -> %s", conf.name(), cmd) + cmd_args = [arg for arg in cmd] # satisfy mypy + return os.spawnvp(os.P_WAIT, cmd_args[0], cmd_args) + elif _no_pager: + cmd = [CAT_CMD, log_path] + logg.debug("journalctl %s -> %s", conf.name(), cmd) + cmd_args = [arg for arg in cmd] # satisfy mypy + return os.spawnvp(os.P_WAIT, cmd_args[0], cmd_args) + else: + cmd = [LESS_CMD, log_path] + logg.debug("journalctl %s -> %s", conf.name(), cmd) + cmd_args = [arg for arg in cmd] # satisfy mypy + return os.spawnvp(os.P_WAIT, cmd_args[0], cmd_args) + def get_journal_log_from(self, conf): + return os_path(self._root, self.get_journal_log(conf)) + def get_journal_log(self, conf): + """ /var/log/zzz.service.log or /var/log/default.unit.log """ + filename = os.path.basename(strE(conf.filename())) + unitname = (conf.name() or "default")+".unit" + name = filename or unitname + log_folder = expand_path(self._journal_log_folder, conf.root_mode()) + log_file = name.replace(os.path.sep, ".") + ".log" + if log_file.startswith("."): + log_file = "dot."+log_file + return os.path.join(log_folder, log_file) + def open_journal_log(self, conf): + log_file = self.get_journal_log_from(conf) + log_folder = os.path.dirname(log_file) + if not os.path.isdir(log_folder): + os.makedirs(log_folder) + return open(os.path.join(log_file), "a") + def get_WorkingDirectory(self, conf): + return conf.get(Service, "WorkingDirectory", "") + def chdir_workingdir(self, conf): + """ if specified then change the working directory """ + # the original systemd will start in '/' even if User= is given + if self._root: + os.chdir(self._root) + workingdir = self.get_WorkingDirectory(conf) + mode, workingdir = load_path(workingdir) + if workingdir: + into = os_path(self._root, self.expand_special(workingdir, conf)) + try: + logg.debug("chdir workingdir '%s'", into) + os.chdir(into) + return False + except Exception as e: + if mode.check: + logg.error("chdir workingdir '%s': %s", into, e) + return into + else: + logg.debug("chdir workingdir '%s': %s", into, e) + return None + return None + NotifySocket = collections.namedtuple("NotifySocket", ["socket", "socketfile"]) + def get_notify_socket_from(self, conf, socketfile = None, debug = False): + """ creates a notify-socket for the (non-privileged) user """ + notify_socket_folder = expand_path(_notify_socket_folder, conf.root_mode()) + notify_folder = os_path(self._root, notify_socket_folder) + notify_name = "notify." + str(conf.name() or "systemctl") + notify_socket = os.path.join(notify_folder, notify_name) + socketfile = socketfile or notify_socket + if len(socketfile) > 100: + # occurs during testsuite.py for ~user/test.tmp/root path + if debug: + logg.debug("https://unix.stackexchange.com/questions/367008/%s", + "why-is-socket-path-length-limited-to-a-hundred-chars") + logg.debug("old notify socketfile (%s) = %s", len(socketfile), socketfile) + notify_name44 = o44(notify_name) + notify_name77 = o77(notify_name) + socketfile = os.path.join(notify_folder, notify_name77) + if len(socketfile) > 100: + socketfile = os.path.join(notify_folder, notify_name44) + pref = "zz.%i.%s" % (get_USER_ID(), o22(os.path.basename(notify_socket_folder))) + if len(socketfile) > 100: + socketfile = os.path.join(get_TMP(), pref, notify_name) + if len(socketfile) > 100: + socketfile = os.path.join(get_TMP(), pref, notify_name77) + if len(socketfile) > 100: # pragma: no cover + socketfile = os.path.join(get_TMP(), pref, notify_name44) + if len(socketfile) > 100: # pragma: no cover + socketfile = os.path.join(get_TMP(), notify_name44) + if debug: + logg.info("new notify socketfile (%s) = %s", len(socketfile), socketfile) + return socketfile + def notify_socket_from(self, conf, socketfile = None): + socketfile = self.get_notify_socket_from(conf, socketfile, debug=True) + try: + if not os.path.isdir(os.path.dirname(socketfile)): + os.makedirs(os.path.dirname(socketfile)) + if os.path.exists(socketfile): + os.unlink(socketfile) + except Exception as e: + logg.warning("error %s: %s", socketfile, e) + sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM) + sock.bind(socketfile) + os.chmod(socketfile, 0o777) # the service my run under some User=setting + return Systemctl.NotifySocket(sock, socketfile) + def read_notify_socket(self, notify, timeout): + notify.socket.settimeout(timeout or DefaultMaximumTimeout) + result = "" + try: + result, client_address = notify.socket.recvfrom(4096) + assert isinstance(result, bytes) + if result: + result = result.decode("utf-8") + result_txt = result.replace("\n", "|") + result_len = len(result) + logg.debug("read_notify_socket(%s):%s", result_len, result_txt) + except socket.timeout as e: + if timeout > 2: + logg.debug("socket.timeout %s", e) + return result + def wait_notify_socket(self, notify, timeout, pid = None, pid_file = None): + if not os.path.exists(notify.socketfile): + logg.info("no $NOTIFY_SOCKET exists") + return {} + # + lapseTimeout = max(3, int(timeout / 100)) + mainpidTimeout = lapseTimeout # Apache sends READY before MAINPID + status = "" + logg.info("wait $NOTIFY_SOCKET, timeout %s (lapse %s)", timeout, lapseTimeout) + waiting = " ---" + results = {} + for attempt in xrange(int(timeout)+1): + if pid and not self.is_active_pid(pid): + logg.info("seen dead PID %s", pid) + return results + if not attempt: # first one + time.sleep(1) # until TimeoutStartSec + continue + result = self.read_notify_socket(notify, 1) # sleep max 1 second + for line in result.splitlines(): + # for name, value in self.read_env_part(line) + if "=" not in line: + continue + name, value = line.split("=", 1) + results[name] = value + if name in ["STATUS", "ACTIVESTATE", "MAINPID", "READY"]: + hint="seen notify %s " % (waiting) + logg.debug("%s :%s=%s", hint, name, value) + if status != results.get("STATUS", ""): + mainpidTimeout = lapseTimeout + status = results.get("STATUS", "") + if "READY" not in results: + time.sleep(1) # until TimeoutStart + continue + if "MAINPID" not in results and not pid_file: + mainpidTimeout -= 1 + if mainpidTimeout > 0: + waiting = "%4i" % (-mainpidTimeout) + time.sleep(1) # until TimeoutStart + continue + break # READY and MAINPID + if "READY" not in results: + logg.info(".... timeout while waiting for 'READY=1' status on $NOTIFY_SOCKET") + elif "MAINPID" not in results: + logg.info(".... seen 'READY=1' but no MAINPID update status on $NOTIFY_SOCKET") + logg.debug("notify = %s", results) + try: + notify.socket.close() + except Exception as e: + logg.debug("socket.close %s", e) + return results + def start_modules(self, *modules): + """ [UNIT]... -- start these units + /// SPECIAL: with --now or --init it will + run the init-loop and stop the units afterwards """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + init = self._now or self._init + return self.start_units(units, init) and found_all + def start_units(self, units, init = None): + """ fails if any unit does not start + /// SPECIAL: may run the init-loop and + stop the named units afterwards """ + self.wait_system() + done = True + started_units = [] + for unit in self.sortedAfter(units): + started_units.append(unit) + if not self.start_unit(unit): + done = False + if init: + logg.info("init-loop start") + sig = self.init_loop_until_stop(started_units) + logg.info("init-loop %s", sig) + for unit in reversed(started_units): + self.stop_unit(unit) + return done + def start_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.debug("unit could not be loaded (%s)", unit) + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.start_unit_from(conf) + def get_TimeoutStartSec(self, conf): + timeout = conf.get(Service, "TimeoutSec", strE(DefaultTimeoutStartSec)) + timeout = conf.get(Service, "TimeoutStartSec", timeout) + return time_to_seconds(timeout, DefaultMaximumTimeout) + def get_SocketTimeoutSec(self, conf): + timeout = conf.get(Socket, "TimeoutSec", strE(DefaultTimeoutStartSec)) + return time_to_seconds(timeout, DefaultMaximumTimeout) + def get_RemainAfterExit(self, conf): + return conf.getbool(Service, "RemainAfterExit", "no") + def start_unit_from(self, conf): + if not conf: return False + if self.syntax_check(conf) > 100: return False + with waitlock(conf): + logg.debug(" start unit %s => %s", conf.name(), strQ(conf.filename())) + return self.do_start_unit_from(conf) + def do_start_unit_from(self, conf): + if conf.name().endswith(".service"): + return self.do_start_service_from(conf) + elif conf.name().endswith(".socket"): + return self.do_start_socket_from(conf) + elif conf.name().endswith(".target"): + return self.do_start_target_from(conf) + else: + logg.error("start not implemented for unit type: %s", conf.name()) + return False + def do_start_service_from(self, conf): + timeout = self.get_TimeoutStartSec(conf) + doRemainAfterExit = self.get_RemainAfterExit(conf) + runs = conf.get(Service, "Type", "simple").lower() + env = self.get_env(conf) + if not self._quiet: + okee = self.exec_check_unit(conf, env, Service, "Exec") # all... + if not okee and _no_reload: return False + service_directories = self.create_service_directories(conf) + env.update(service_directories) # atleast sshd did check for /run/sshd + # for StopPost on failure: + returncode = 0 + service_result = "success" + if True: + if runs in ["simple", "forking", "notify", "idle"]: + env["MAINPID"] = strE(self.read_mainpid_from(conf)) + for cmd in conf.getlist(Service, "ExecStartPre", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info(" pre-start %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + logg.debug(" pre-start done (%s) <-%s>", + run.returncode or "OK", run.signal or "") + if run.returncode and exe.check: + logg.error("the ExecStartPre control process exited with error code") + active = "failed" + self.write_status_from(conf, AS=active) + if _what_kind not in ["none", "keep"]: + self.remove_service_directories(conf) # cleanup that /run/sshd + return False + if runs in ["oneshot"]: + status_file = self.get_status_file_from(conf) + if self.get_status_from(conf, "ActiveState", "unknown") == "active": + logg.warning("the service was already up once") + return True + for cmd in conf.getlist(Service, "ExecStart", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("%s start %s", runs, shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: # pragma: no cover + os.setsid() # detach child process from parent + self.execve_from(conf, newcmd, env) + run = subprocess_waitpid(forkpid) + if run.returncode and exe.check: + returncode = run.returncode + service_result = "failed" + logg.error("%s start %s (%s) <-%s>", runs, service_result, + run.returncode or "OK", run.signal or "") + break + logg.info("%s start done (%s) <-%s>", runs, + run.returncode or "OK", run.signal or "") + if True: + self.set_status_from(conf, "ExecMainCode", strE(returncode)) + active = returncode and "failed" or "active" + self.write_status_from(conf, AS=active) + elif runs in ["simple", "idle"]: + status_file = self.get_status_file_from(conf) + pid = self.read_mainpid_from(conf) + if self.is_active_pid(pid): + logg.warning("the service is already running on PID %s", pid) + return True + if doRemainAfterExit: + logg.debug("%s RemainAfterExit -> AS=active", runs) + self.write_status_from(conf, AS="active") + cmdlist = conf.getlist(Service, "ExecStart", []) + for idx, cmd in enumerate(cmdlist): + logg.debug("ExecStart[%s]: %s", idx, cmd) + for cmd in cmdlist: + pid = self.read_mainpid_from(conf) + env["MAINPID"] = strE(pid) + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("%s start %s", runs, shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: # pragma: no cover + os.setsid() # detach child process from parent + self.execve_from(conf, newcmd, env) + self.write_status_from(conf, MainPID=forkpid) + logg.info("%s started PID %s", runs, forkpid) + env["MAINPID"] = strE(forkpid) + time.sleep(MinimumYield) + run = subprocess_testpid(forkpid) + if run.returncode is not None: + logg.info("%s stopped PID %s (%s) <-%s>", runs, run.pid, + run.returncode or "OK", run.signal or "") + if doRemainAfterExit: + self.set_status_from(conf, "ExecMainCode", strE(run.returncode)) + active = run.returncode and "failed" or "active" + self.write_status_from(conf, AS=active) + if run.returncode and exe.check: + service_result = "failed" + break + elif runs in ["notify"]: + # "notify" is the same as "simple" but we create a $NOTIFY_SOCKET + # and wait for startup completion by checking the socket messages + pid_file = self.pid_file_from(conf) + pid = self.read_mainpid_from(conf) + if self.is_active_pid(pid): + logg.error("the service is already running on PID %s", pid) + return False + notify = self.notify_socket_from(conf) + if notify: + env["NOTIFY_SOCKET"] = notify.socketfile + logg.debug("use NOTIFY_SOCKET=%s", notify.socketfile) + if doRemainAfterExit: + logg.debug("%s RemainAfterExit -> AS=active", runs) + self.write_status_from(conf, AS="active") + cmdlist = conf.getlist(Service, "ExecStart", []) + for idx, cmd in enumerate(cmdlist): + logg.debug("ExecStart[%s]: %s", idx, cmd) + mainpid = None + for cmd in cmdlist: + mainpid = self.read_mainpid_from(conf) + env["MAINPID"] = strE(mainpid) + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("%s start %s", runs, shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: # pragma: no cover + os.setsid() # detach child process from parent + self.execve_from(conf, newcmd, env) + # via NOTIFY # self.write_status_from(conf, MainPID=forkpid) + logg.info("%s started PID %s", runs, forkpid) + mainpid = forkpid + self.write_status_from(conf, MainPID=mainpid) + env["MAINPID"] = strE(mainpid) + time.sleep(MinimumYield) + run = subprocess_testpid(forkpid) + if run.returncode is not None: + logg.info("%s stopped PID %s (%s) <-%s>", runs, run.pid, + run.returncode or "OK", run.signal or "") + if doRemainAfterExit: + self.set_status_from(conf, "ExecMainCode", strE(run.returncode)) + active = run.returncode and "failed" or "active" + self.write_status_from(conf, AS=active) + if run.returncode and exe.check: + service_result = "failed" + break + if service_result in ["success"] and mainpid: + logg.debug("okay, wating on socket for %ss", timeout) + results = self.wait_notify_socket(notify, timeout, mainpid, pid_file) + if "MAINPID" in results: + new_pid = to_intN(results["MAINPID"]) + if new_pid and new_pid != mainpid: + logg.info("NEW PID %s from sd_notify (was PID %s)", new_pid, mainpid) + self.write_status_from(conf, MainPID=new_pid) + mainpid = new_pid + logg.info("%s start done %s", runs, mainpid) + pid = self.read_mainpid_from(conf) + if pid: + env["MAINPID"] = strE(pid) + else: + service_result = "timeout" # "could not start service" + elif runs in ["forking"]: + pid_file = self.pid_file_from(conf) + for cmd in conf.getlist(Service, "ExecStart", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + if not newcmd: continue + logg.info("%s start %s", runs, shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: # pragma: no cover + os.setsid() # detach child process from parent + self.execve_from(conf, newcmd, env) + logg.info("%s started PID %s", runs, forkpid) + run = subprocess_waitpid(forkpid) + if run.returncode and exe.check: + returncode = run.returncode + service_result = "failed" + logg.info("%s stopped PID %s (%s) <-%s>", runs, run.pid, + run.returncode or "OK", run.signal or "") + if pid_file and service_result in ["success"]: + pid = self.wait_pid_file(pid_file) # application PIDFile + logg.info("%s start done PID %s [%s]", runs, pid, pid_file) + if pid: + env["MAINPID"] = strE(pid) + if not pid_file: + time.sleep(MinimumTimeoutStartSec) + logg.warning("No PIDFile for forking %s", strQ(conf.filename())) + status_file = self.get_status_file_from(conf) + self.set_status_from(conf, "ExecMainCode", strE(returncode)) + active = returncode and "failed" or "active" + self.write_status_from(conf, AS=active) + else: + logg.error("unsupported run type '%s'", runs) + return False + # POST sequence + if not self.is_active_from(conf): + logg.warning("%s start not active", runs) + # according to the systemd documentation, a failed start-sequence + # should execute the ExecStopPost sequence allowing some cleanup. + env["SERVICE_RESULT"] = service_result + for cmd in conf.getlist(Service, "ExecStopPost", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("post-fail %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + logg.debug("post-fail done (%s) <-%s>", + run.returncode or "OK", run.signal or "") + if _what_kind not in ["none", "keep"]: + self.remove_service_directories(conf) + return False + else: + for cmd in conf.getlist(Service, "ExecStartPost", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("post-start %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + logg.debug("post-start done (%s) <-%s>", + run.returncode or "OK", run.signal or "") + return True + def listen_modules(self, *modules): + """ [UNIT]... -- listen socket units""" + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.listen_units(units) and found_all + def listen_units(self, units): + """ fails if any socket does not start """ + self.wait_system() + done = True + started_units = [] + active_units = [] + for unit in self.sortedAfter(units): + started_units.append(unit) + if not self.listen_unit(unit): + done = False + else: + active_units.append(unit) + if active_units: + logg.info("init-loop start") + sig = self.init_loop_until_stop(started_units) + logg.info("init-loop %s", sig) + for unit in reversed(started_units): + pass # self.stop_unit(unit) + return done + def listen_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.debug("unit could not be loaded (%s)", unit) + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.listen_unit_from(conf) + def listen_unit_from(self, conf): + if not conf: return False + with waitlock(conf): + logg.debug(" listen unit %s => %s", conf.name(), strQ(conf.filename())) + return self.do_listen_unit_from(conf) + def do_listen_unit_from(self, conf): + if conf.name().endswith(".socket"): + return self.do_start_socket_from(conf) + else: + logg.error("listen not implemented for unit type: %s", conf.name()) + return False + def do_accept_socket_from(self, conf, sock): + logg.debug("%s: accepting %s", conf.name(), sock.fileno()) + service_unit = self.get_socket_service_from(conf) + service_conf = self.load_unit_conf(service_unit) + if service_conf is None or TestAccept: # pragma: no cover + if sock.type == socket.SOCK_STREAM: + conn, addr = sock.accept() + data = conn.recv(1024) + logg.debug("%s: '%s'", conf.name(), data) + conn.send(b"ERROR: "+data.upper()) + conn.close() + return False + if sock.type == socket.SOCK_DGRAM: + data, sender = sock.recvfrom(1024) + logg.debug("%s: '%s'", conf.name(), data) + sock.sendto(b"ERROR: "+data.upper(), sender) + return False + logg.error("can not accept socket type %s", strINET(sock.type)) + return False + return self.do_start_service_from(service_conf) + def get_socket_service_from(self, conf): + socket_unit = conf.name() + accept = conf.getbool(Socket, "Accept", "no") + service_type = accept and "@.service" or ".service" + service_name = path_replace_extension(socket_unit, ".socket", service_type) + service_unit = conf.get(Socket, Service, service_name) + logg.debug("socket %s -> service %s", socket_unit, service_unit) + return service_unit + def do_start_socket_from(self, conf): + runs = "socket" + timeout = self.get_SocketTimeoutSec(conf) + accept = conf.getbool(Socket, "Accept", "no") + stream = conf.get(Socket, "ListenStream", "") + service_unit = self.get_socket_service_from(conf) + service_conf = self.load_unit_conf(service_unit) + if service_conf is None: + logg.debug("unit could not be loaded (%s)", service_unit) + logg.error("Unit %s not found.", service_unit) + return False + env = self.get_env(conf) + if not self._quiet: + okee = self.exec_check_unit(conf, env, Socket, "Exec") # all... + if not okee and _no_reload: return False + if True: + for cmd in conf.getlist(Socket, "ExecStartPre", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info(" pre-start %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + logg.debug(" pre-start done (%s) <-%s>", + run.returncode or "OK", run.signal or "") + if run.returncode and exe.check: + logg.error("the ExecStartPre control process exited with error code") + active = "failed" + self.write_status_from(conf, AS=active) + return False + # service_directories = self.create_service_directories(conf) + # env.update(service_directories) + listening=False + if not accept: + sock = self.create_socket(conf) + if sock and TestListen: + listening=True + self._sockets[conf.name()] = SystemctlSocket(conf, sock) + service_result = "success" + state = sock and "active" or "failed" + self.write_status_from(conf, AS=state) + if not listening: + # we do not listen but have the service started right away + done = self.do_start_service_from(service_conf) + service_result = done and "success" or "failed" + if not self.is_active_from(service_conf): + service_result = "failed" + state = service_result + if service_result in ["success"]: + state = "active" + self.write_status_from(conf, AS=state) + # POST sequence + if service_result in ["failed"]: + # according to the systemd documentation, a failed start-sequence + # should execute the ExecStopPost sequence allowing some cleanup. + env["SERVICE_RESULT"] = service_result + for cmd in conf.getlist(Socket, "ExecStopPost", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("post-fail %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + logg.debug("post-fail done (%s) <-%s>", + run.returncode or "OK", run.signal or "") + return False + else: + for cmd in conf.getlist(Socket, "ExecStartPost", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("post-start %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + logg.debug("post-start done (%s) <-%s>", + run.returncode or "OK", run.signal or "") + return True + def create_socket(self, conf): + unsupported = ["ListenUSBFunction", "ListenMessageQueue", "ListenNetlink"] + unsupported += ["ListenSpecial", "ListenFIFO", "ListenSequentialPacket"] + for item in unsupported: + if conf.get(Socket, item, ""): + logg.warning("%s: %s sockets are not implemented", conf.name(), item) + self.error |= NOT_OK + return None + vListenDatagram = conf.get(Socket, "ListenDatagram", "") + vListenStream = conf.get(Socket, "ListenStream", "") + address = vListenStream or vListenDatagram + m = re.match(r"(/.*)", address) + if m: + path = m.group(1) + sock = self.create_unix_socket(conf, path, not vListenStream) + self.set_status_from(conf, "path", path) + return sock + m = re.match(r"(\d+[.]\d*[.]\d*[.]\d+):(\d+)", address) + if m: + addr, port = m.group(1), m.group(2) + sock = self.create_port_ipv4_socket(conf, addr, port, not vListenStream) + self.set_status_from(conf, "port", port) + self.set_status_from(conf, "addr", addr) + return sock + m = re.match(r"\[([0-9a-fA-F:]*)\]:(\d+)", address) + if m: + addr, port = m.group(1), m.group(2) + sock = self.create_port_ipv6_socket(conf, addr, port, not vListenStream) + self.set_status_from(conf, "port", port) + self.set_status_from(conf, "addr", addr) + return sock + m = re.match(r"(\d+)$", address) + if m: + port = m.group(1) + sock = self.create_port_socket(conf, port, not vListenStream) + self.set_status_from(conf, "port", port) + return sock + if re.match("@.*", address): + logg.warning("%s: abstract namespace socket not implemented (%s)", conf.name(), address) + return None + if re.match("vsock:.*", address): + logg.warning("%s: virtual machine socket not implemented (%s)", conf.name(), address) + return None + logg.error("%s: unknown socket address type (%s)", conf.name(), address) + return None + def create_unix_socket(self, conf, path, dgram): + sock_stream = dgram and socket.SOCK_DGRAM or socket.SOCK_STREAM + sock = socket.socket(socket.AF_UNIX, sock_stream) + try: + dirmode = conf.get(Socket, "DirectoryMode", "0755") + mode = conf.get(Socket, "SocketMode", "0666") + user = conf.get(Socket, "SocketUser", "") + group = conf.get(Socket, "SocketGroup", "") + symlinks = conf.getlist(Socket, "SymLinks", []) + dirpath = os.path.dirname(path) + if not os.path.isdir(dirpath): + os.makedirs(dirpath, int(dirmode, 8)) + if os.path.exists(path): + os.unlink(path) + sock.bind(path) + os.fchmod(sock.fileno(), int(mode, 8)) + shutil_fchown(sock.fileno(), user, group) + if symlinks: + logg.warning("%s: symlinks for socket not implemented (%s)", conf.name(), path) + except Exception as e: + logg.error("%s: create socket failed [%s]: %s", conf.name(), path, e) + sock.close() + return None + return sock + def create_port_socket(self, conf, port, dgram): + inet = dgram and socket.SOCK_DGRAM or socket.SOCK_STREAM + sock = socket.socket(socket.AF_INET, inet) + try: + sock.bind(('', int(port))) + logg.info("%s: bound socket at %s %s:%s", conf.name(), strINET(inet), "*", port) + except Exception as e: + logg.error("%s: create socket failed (%s:%s): %s", conf.name(), "*", port, e) + sock.close() + return None + return sock + def create_port_ipv4_socket(self, conf, addr, port, dgram): + inet = dgram and socket.SOCK_DGRAM or socket.SOCK_STREAM + sock = socket.socket(socket.AF_INET, inet) + try: + sock.bind((addr, int(port))) + logg.info("%s: bound socket at %s %s:%s", conf.name(), strINET(inet), addr, port) + except Exception as e: + logg.error("%s: create socket failed (%s:%s): %s", conf.name(), addr, port, e) + sock.close() + return None + return sock + def create_port_ipv6_socket(self, conf, addr, port, dgram): + inet = dgram and socket.SOCK_DGRAM or socket.SOCK_STREAM + sock = socket.socket(socket.AF_INET6, inet) + try: + sock.bind((addr, int(port))) + logg.info("%s: bound socket at %s [%s]:%s", conf.name(), strINET(inet), addr, port) + except Exception as e: + logg.error("%s: create socket failed ([%s]:%s): %s", conf.name(), addr, port, e) + sock.close() + return None + return sock + def extend_exec_env(self, env): + env = env.copy() + # implant DefaultPath into $PATH + path = env.get("PATH", DefaultPath) + parts = path.split(os.pathsep) + for part in DefaultPath.split(os.pathsep): + if part and part not in parts: + parts.append(part) + env["PATH"] = str(os.pathsep).join(parts) + # reset locale to system default + for name in ResetLocale: + if name in env: + del env[name] + locale = {} + path = env.get("LOCALE_CONF", LocaleConf) + parts = path.split(os.pathsep) + for part in parts: + if os.path.isfile(part): + for var, val in self.read_env_file("-"+part): + locale[var] = val + env[var] = val + if "LANG" not in locale: + env["LANG"] = locale.get("LANGUAGE", locale.get("LC_CTYPE", "C")) + return env + def expand_list(self, group_lines, conf): + result = [] + for line in group_lines: + for item in line.split(): + if item: + result.append(self.expand_special(item, conf)) + return result + def get_User(self, conf): + return self.expand_special(conf.get(Service, "User", ""), conf) + def get_Group(self, conf): + return self.expand_special(conf.get(Service, "Group", ""), conf) + def get_SupplementaryGroups(self, conf): + return self.expand_list(conf.getlist(Service, "SupplementaryGroups", []), conf) + def skip_journal_log(self, conf): + if self.get_unit_type(conf.name()) not in ["service"]: + return True + std_out = conf.get(Service, "StandardOutput", DefaultStandardOutput) + std_err = conf.get(Service, "StandardError", DefaultStandardError) + out, err = False, False + if std_out in ["null"]: out = True + if std_out.startswith("file:"): out = True + if std_err in ["inherit"]: std_err = std_out + if std_err in ["null"]: err = True + if std_err.startswith("file:"): err = True + if std_err.startswith("append:"): err = True + return out and err + def dup2_journal_log(self, conf): + msg = "" + std_inp = conf.get(Service, "StandardInput", DefaultStandardInput) + std_out = conf.get(Service, "StandardOutput", DefaultStandardOutput) + std_err = conf.get(Service, "StandardError", DefaultStandardError) + inp, out, err = None, None, None + if std_inp in ["null"]: + inp = open(_dev_null, "r") + elif std_inp.startswith("file:"): + fname = std_inp[len("file:"):] + if os.path.exists(fname): + inp = open(fname, "r") + else: + inp = open(_dev_zero, "r") + else: + inp = open(_dev_zero, "r") + assert inp is not None + try: + if std_out in ["null"]: + out = open(_dev_null, "w") + elif std_out.startswith("file:"): + fname = std_out[len("file:"):] + fdir = os.path.dirname(fname) + if not os.path.exists(fdir): + os.makedirs(fdir) + out = open(fname, "w") + elif std_out.startswith("append:"): + fname = std_out[len("append:"):] + fdir = os.path.dirname(fname) + if not os.path.exists(fdir): + os.makedirs(fdir) + out = open(fname, "a") + except Exception as e: + msg += "\n%s: %s" % (fname, e) + if out is None: + out = self.open_journal_log(conf) + err = out + assert out is not None + try: + if std_err in ["inherit"]: + err = out + elif std_err in ["null"]: + err = open(_dev_null, "w") + elif std_err.startswith("file:"): + fname = std_err[len("file:"):] + fdir = os.path.dirname(fname) + if not os.path.exists(fdir): + os.makedirs(fdir) + err = open(fname, "w") + elif std_err.startswith("append:"): + fname = std_err[len("append:"):] + fdir = os.path.dirname(fname) + if not os.path.exists(fdir): + os.makedirs(fdir) + err = open(fname, "a") + except Exception as e: + msg += "\n%s: %s" % (fname, e) + if err is None: + err = self.open_journal_log(conf) + assert err is not None + if msg: + err.write("ERROR:") + err.write(msg.strip()) + err.write("\n") + if EXEC_DUP2: + os.dup2(inp.fileno(), sys.stdin.fileno()) + os.dup2(out.fileno(), sys.stdout.fileno()) + os.dup2(err.fileno(), sys.stderr.fileno()) + def execve_from(self, conf, cmd, env): + """ this code is commonly run in a child process // returns exit-code""" + # | + runs = conf.get(Service, "Type", "simple").lower() + # logg.debug("%s process for %s => %s", runs, strE(conf.name()), strQ(conf.filename())) + self.dup2_journal_log(conf) + cmd_args = [] + # + runuser = self.get_User(conf) + rungroup = self.get_Group(conf) + xgroups = self.get_SupplementaryGroups(conf) + envs = shutil_setuid(runuser, rungroup, xgroups) + badpath = self.chdir_workingdir(conf) # some dirs need setuid before + if badpath: + logg.error("(%s): bad workingdir: '%s'", shell_cmd(cmd), badpath) + sys.exit(1) + env = self.extend_exec_env(env) + env.update(envs) # set $HOME to ~$USER + try: + if EXEC_SPAWN: + cmd_args = [arg for arg in cmd] # satisfy mypy + exitcode = os.spawnvpe(os.P_WAIT, cmd[0], cmd_args, env) + sys.exit(exitcode) + else: # pragma: no cover + os.execve(cmd[0], cmd, env) + sys.exit(11) # pragma: no cover (can not be reached / bug like mypy#8401) + except Exception as e: + logg.error("(%s): %s", shell_cmd(cmd), e) + sys.exit(1) + def test_start_unit(self, unit): + """ helper function to test the code that is normally forked off """ + conf = self.load_unit_conf(unit) + if not conf: return None + env = self.get_env(conf) + for cmd in conf.getlist(Service, "ExecStart", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + self.execve_from(conf, newcmd, env) + return None + def stop_modules(self, *modules): + """ [UNIT]... -- stop these units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.stop_units(units) and found_all + def stop_units(self, units): + """ fails if any unit fails to stop """ + self.wait_system() + done = True + for unit in self.sortedBefore(units): + if not self.stop_unit(unit): + done = False + return done + def stop_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.stop_unit_from(conf) + + def get_TimeoutStopSec(self, conf): + timeout = conf.get(Service, "TimeoutSec", strE(DefaultTimeoutStartSec)) + timeout = conf.get(Service, "TimeoutStopSec", timeout) + return time_to_seconds(timeout, DefaultMaximumTimeout) + def stop_unit_from(self, conf): + if not conf: return False + if self.syntax_check(conf) > 100: return False + with waitlock(conf): + logg.info(" stop unit %s => %s", conf.name(), strQ(conf.filename())) + return self.do_stop_unit_from(conf) + def do_stop_unit_from(self, conf): + if conf.name().endswith(".service"): + return self.do_stop_service_from(conf) + elif conf.name().endswith(".socket"): + return self.do_stop_socket_from(conf) + elif conf.name().endswith(".target"): + return self.do_stop_target_from(conf) + else: + logg.error("stop not implemented for unit type: %s", conf.name()) + return False + def do_stop_service_from(self, conf): + # | + timeout = self.get_TimeoutStopSec(conf) + runs = conf.get(Service, "Type", "simple").lower() + env = self.get_env(conf) + if not self._quiet: + okee = self.exec_check_unit(conf, env, Service, "ExecStop") + if not okee and _no_reload: return False + service_directories = self.env_service_directories(conf) + env.update(service_directories) + returncode = 0 + service_result = "success" + if runs in ["oneshot"]: + status_file = self.get_status_file_from(conf) + if self.get_status_from(conf, "ActiveState", "unknown") == "inactive": + logg.warning("the service is already down once") + return True + for cmd in conf.getlist(Service, "ExecStop", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("%s stop %s", runs, shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + if run.returncode and exe.check: + returncode = run.returncode + service_result = "failed" + break + if True: + if returncode: + self.set_status_from(conf, "ExecStopCode", strE(returncode)) + self.write_status_from(conf, AS="failed") + else: + self.clean_status_from(conf) # "inactive" + # fallback Stop => Kill for ["simple","notify","forking"] + elif not conf.getlist(Service, "ExecStop", []): + logg.info("no ExecStop => systemctl kill") + if True: + self.do_kill_unit_from(conf) + self.clean_pid_file_from(conf) + self.clean_status_from(conf) # "inactive" + elif runs in ["simple", "notify", "idle"]: + status_file = self.get_status_file_from(conf) + size = os.path.exists(status_file) and os.path.getsize(status_file) + logg.info("STATUS %s %s", status_file, size) + pid = 0 + for cmd in conf.getlist(Service, "ExecStop", []): + env["MAINPID"] = strE(self.read_mainpid_from(conf)) + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("%s stop %s", runs, shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + run = must_have_failed(run, newcmd) # TODO: a workaround + # self.write_status_from(conf, MainPID=run.pid) # no ExecStop + if run.returncode and exe.check: + returncode = run.returncode + service_result = "failed" + break + pid = to_intN(env.get("MAINPID")) + if pid: + if self.wait_vanished_pid(pid, timeout): + self.clean_pid_file_from(conf) + self.clean_status_from(conf) # "inactive" + else: + logg.info("%s sleep as no PID was found on Stop", runs) + time.sleep(MinimumTimeoutStopSec) + pid = self.read_mainpid_from(conf) + if not pid or not pid_exists(pid) or pid_zombie(pid): + self.clean_pid_file_from(conf) + self.clean_status_from(conf) # "inactive" + elif runs in ["forking"]: + status_file = self.get_status_file_from(conf) + pid_file = self.pid_file_from(conf) + for cmd in conf.getlist(Service, "ExecStop", []): + # active = self.is_active_from(conf) + if pid_file: + new_pid = self.read_mainpid_from(conf) + if new_pid: + env["MAINPID"] = strE(new_pid) + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("fork stop %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + if run.returncode and exe.check: + returncode = run.returncode + service_result = "failed" + break + pid = to_intN(env.get("MAINPID")) + if pid: + if self.wait_vanished_pid(pid, timeout): + self.clean_pid_file_from(conf) + else: + logg.info("%s sleep as no PID was found on Stop", runs) + time.sleep(MinimumTimeoutStopSec) + pid = self.read_mainpid_from(conf) + if not pid or not pid_exists(pid) or pid_zombie(pid): + self.clean_pid_file_from(conf) + if returncode: + if os.path.isfile(status_file): + self.set_status_from(conf, "ExecStopCode", strE(returncode)) + self.write_status_from(conf, AS="failed") + else: + self.clean_status_from(conf) # "inactive" + else: + logg.error("unsupported run type '%s'", runs) + return False + # POST sequence + if not self.is_active_from(conf): + env["SERVICE_RESULT"] = service_result + for cmd in conf.getlist(Service, "ExecStopPost", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("post-stop %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + logg.debug("post-stop done (%s) <-%s>", + run.returncode or "OK", run.signal or "") + if _what_kind not in ["none", "keep"]: + self.remove_service_directories(conf) + return service_result == "success" + def do_stop_socket_from(self, conf): + runs = "socket" + timeout = self.get_SocketTimeoutSec(conf) + accept = conf.getbool(Socket, "Accept", "no") + service_unit = self.get_socket_service_from(conf) + service_conf = self.load_unit_conf(service_unit) + if service_conf is None: + logg.debug("unit could not be loaded (%s)", service_unit) + logg.error("Unit %s not found.", service_unit) + return False + env = self.get_env(conf) + if not self._quiet: + okee = self.exec_check_unit(conf, env, Socket, "ExecStop") + if not okee and _no_reload: return False + if not accept: + # we do not listen but have the service started right away + done = self.do_stop_service_from(service_conf) + service_result = done and "success" or "failed" + else: + done = self.do_stop_service_from(service_conf) + service_result = done and "success" or "failed" + # service_directories = self.env_service_directories(conf) + # env.update(service_directories) + # POST sequence + if not self.is_active_from(conf): + env["SERVICE_RESULT"] = service_result + for cmd in conf.getlist(Socket, "ExecStopPost", []): + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("post-stop %s", shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + logg.debug("post-stop done (%s) <-%s>", + run.returncode or "OK", run.signal or "") + return service_result == "success" + def wait_vanished_pid(self, pid, timeout): + if not pid: + return True + if not self.is_active_pid(pid): + return True + logg.info("wait for PID %s to vanish (%ss)", pid, timeout) + for x in xrange(int(timeout)): + time.sleep(1) # until TimeoutStopSec + if not self.is_active_pid(pid): + logg.info("wait for PID %s is done (%s.)", pid, x) + return True + logg.info("wait for PID %s failed (%s.)", pid, timeout) + return False + def reload_modules(self, *modules): + """ [UNIT]... -- reload these units """ + self.wait_system() + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.reload_units(units) and found_all + def reload_units(self, units): + """ fails if any unit fails to reload """ + self.wait_system() + done = True + for unit in self.sortedAfter(units): + if not self.reload_unit(unit): + done = False + return done + def reload_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.reload_unit_from(conf) + def reload_unit_from(self, conf): + if not conf: return False + if self.syntax_check(conf) > 100: return False + with waitlock(conf): + logg.info(" reload unit %s => %s", conf.name(), strQ(conf.filename())) + return self.do_reload_unit_from(conf) + def do_reload_unit_from(self, conf): + if conf.name().endswith(".service"): + return self.do_reload_service_from(conf) + elif conf.name().endswith(".socket"): + service_unit = self.get_socket_service_from(conf) + service_conf = self.load_unit_conf(service_unit) + if service_conf: + return self.do_reload_service_from(service_conf) + else: + logg.error("no %s found for unit type: %s", service_unit, conf.name()) + return False + elif conf.name().endswith(".target"): + return self.do_reload_target_from(conf) + else: + logg.error("reload not implemented for unit type: %s", conf.name()) + return False + def do_reload_service_from(self, conf): + runs = conf.get(Service, "Type", "simple").lower() + env = self.get_env(conf) + if not self._quiet: + okee = self.exec_check_unit(conf, env, Service, "ExecReload") + if not okee and _no_reload: return False + initscript = conf.filename() + if self.is_sysv_file(initscript): + status_file = self.get_status_file_from(conf) + if initscript: + newcmd = [initscript, "reload"] + env["SYSTEMCTL_SKIP_REDIRECT"] = "yes" + logg.info("%s reload %s", runs, shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: nocover + run = subprocess_waitpid(forkpid) + self.set_status_from(conf, "ExecReloadCode", run.returncode) + if run.returncode: + self.write_status_from(conf, AS="failed") + return False + else: + self.write_status_from(conf, AS="active") + return True + service_directories = self.env_service_directories(conf) + env.update(service_directories) + if runs in ["simple", "notify", "forking", "idle"]: + if not self.is_active_from(conf): + logg.info("no reload on inactive service %s", conf.name()) + return True + for cmd in conf.getlist(Service, "ExecReload", []): + env["MAINPID"] = strE(self.read_mainpid_from(conf)) + exe, newcmd = self.exec_newcmd(cmd, env, conf) + logg.info("%s reload %s", runs, shell_cmd(newcmd)) + forkpid = os.fork() + if not forkpid: + self.execve_from(conf, newcmd, env) # pragma: no cover + run = subprocess_waitpid(forkpid) + if run.returncode and exe.check: + logg.error("Job for %s failed because the control process exited with error code. (%s)", + conf.name(), run.returncode) + return False + time.sleep(MinimumYield) + return True + elif runs in ["oneshot"]: + logg.debug("ignored run type '%s' for reload", runs) + return True + else: + logg.error("unsupported run type '%s'", runs) + return False + def restart_modules(self, *modules): + """ [UNIT]... -- restart these units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.restart_units(units) and found_all + def restart_units(self, units): + """ fails if any unit fails to restart """ + self.wait_system() + done = True + for unit in self.sortedAfter(units): + if not self.restart_unit(unit): + done = False + return done + def restart_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.restart_unit_from(conf) + def restart_unit_from(self, conf): + if not conf: return False + if self.syntax_check(conf) > 100: return False + with waitlock(conf): + if conf.name().endswith(".service"): + logg.info(" restart service %s => %s", conf.name(), strQ(conf.filename())) + if not self.is_active_from(conf): + return self.do_start_unit_from(conf) + else: + return self.do_restart_unit_from(conf) + else: + return self.do_restart_unit_from(conf) + def do_restart_unit_from(self, conf): + logg.info("(restart) => stop/start %s", conf.name()) + self.do_stop_unit_from(conf) + return self.do_start_unit_from(conf) + def try_restart_modules(self, *modules): + """ [UNIT]... -- try-restart these units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.try_restart_units(units) and found_all + def try_restart_units(self, units): + """ fails if any module fails to try-restart """ + self.wait_system() + done = True + for unit in self.sortedAfter(units): + if not self.try_restart_unit(unit): + done = False + return done + def try_restart_unit(self, unit): + """ only do 'restart' if 'active' """ + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + with waitlock(conf): + logg.info(" try-restart unit %s => %s", conf.name(), strQ(conf.filename())) + if self.is_active_from(conf): + return self.do_restart_unit_from(conf) + return True + def reload_or_restart_modules(self, *modules): + """ [UNIT]... -- reload-or-restart these units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.reload_or_restart_units(units) and found_all + def reload_or_restart_units(self, units): + """ fails if any unit does not reload-or-restart """ + self.wait_system() + done = True + for unit in self.sortedAfter(units): + if not self.reload_or_restart_unit(unit): + done = False + return done + def reload_or_restart_unit(self, unit): + """ do 'reload' if specified, otherwise do 'restart' """ + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.reload_or_restart_unit_from(conf) + def reload_or_restart_unit_from(self, conf): + """ do 'reload' if specified, otherwise do 'restart' """ + if not conf: return False + with waitlock(conf): + logg.info(" reload-or-restart unit %s => %s", conf.name(), strQ(conf.filename())) + return self.do_reload_or_restart_unit_from(conf) + def do_reload_or_restart_unit_from(self, conf): + if not self.is_active_from(conf): + # try: self.stop_unit_from(conf) + # except Exception as e: pass + return self.do_start_unit_from(conf) + elif conf.getlist(Service, "ExecReload", []): + logg.info("found service to have ExecReload -> 'reload'") + return self.do_reload_unit_from(conf) + else: + logg.info("found service without ExecReload -> 'restart'") + return self.do_restart_unit_from(conf) + def reload_or_try_restart_modules(self, *modules): + """ [UNIT]... -- reload-or-try-restart these units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.reload_or_try_restart_units(units) and found_all + def reload_or_try_restart_units(self, units): + """ fails if any unit fails to reload-or-try-restart """ + self.wait_system() + done = True + for unit in self.sortedAfter(units): + if not self.reload_or_try_restart_unit(unit): + done = False + return done + def reload_or_try_restart_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.reload_or_try_restart_unit_from(conf) + def reload_or_try_restart_unit_from(self, conf): + with waitlock(conf): + logg.info(" reload-or-try-restart unit %s => %s", conf.name(), strQ(conf.filename())) + return self.do_reload_or_try_restart_unit_from(conf) + def do_reload_or_try_restart_unit_from(self, conf): + if conf.getlist(Service, "ExecReload", []): + return self.do_reload_unit_from(conf) + elif not self.is_active_from(conf): + return True + else: + return self.do_restart_unit_from(conf) + def kill_modules(self, *modules): + """ [UNIT]... -- kill these units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + # self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.kill_units(units) and found_all + def kill_units(self, units): + """ fails if any unit could not be killed """ + self.wait_system() + done = True + for unit in self.sortedBefore(units): + if not self.kill_unit(unit): + done = False + return done + def kill_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.kill_unit_from(conf) + def kill_unit_from(self, conf): + if not conf: return False + with waitlock(conf): + logg.info(" kill unit %s => %s", conf.name(), strQ(conf.filename())) + return self.do_kill_unit_from(conf) + def do_kill_unit_from(self, conf): + started = time.time() + doSendSIGKILL = self.get_SendSIGKILL(conf) + doSendSIGHUP = self.get_SendSIGHUP(conf) + useKillMode = self.get_KillMode(conf) + useKillSignal = self.get_KillSignal(conf) + kill_signal = getattr(signal, useKillSignal) + timeout = self.get_TimeoutStopSec(conf) + status_file = self.get_status_file_from(conf) + size = os.path.exists(status_file) and os.path.getsize(status_file) + logg.info("STATUS %s %s", status_file, size) + mainpid = self.read_mainpid_from(conf) + self.clean_status_from(conf) # clear RemainAfterExit and TimeoutStartSec + if not mainpid: + if useKillMode in ["control-group"]: + logg.warning("no main PID %s", strQ(conf.filename())) + logg.warning("and there is no control-group here") + else: + logg.info("no main PID %s", strQ(conf.filename())) + return False + if not pid_exists(mainpid) or pid_zombie(mainpid): + logg.debug("ignoring children when mainpid is already dead") + # because we list child processes, not processes in control-group + return True + pidlist = self.pidlist_of(mainpid) # here + if pid_exists(mainpid): + logg.info("stop kill PID %s", mainpid) + self._kill_pid(mainpid, kill_signal) + if useKillMode in ["control-group"]: + if len(pidlist) > 1: + logg.info("stop control-group PIDs %s", pidlist) + for pid in pidlist: + if pid != mainpid: + self._kill_pid(pid, kill_signal) + if doSendSIGHUP: + logg.info("stop SendSIGHUP to PIDs %s", pidlist) + for pid in pidlist: + self._kill_pid(pid, signal.SIGHUP) + # wait for the processes to have exited + while True: + dead = True + for pid in pidlist: + if pid_exists(pid) and not pid_zombie(pid): + dead = False + break + if dead: + break + if time.time() > started + timeout: + logg.info("service PIDs not stopped after %s", timeout) + break + time.sleep(1) # until TimeoutStopSec + if dead or not doSendSIGKILL: + logg.info("done kill PID %s %s", mainpid, dead and "OK") + return dead + if useKillMode in ["control-group", "mixed"]: + logg.info("hard kill PIDs %s", pidlist) + for pid in pidlist: + if pid != mainpid: + self._kill_pid(pid, signal.SIGKILL) + time.sleep(MinimumYield) + # useKillMode in [ "control-group", "mixed", "process" ] + if pid_exists(mainpid): + logg.info("hard kill PID %s", mainpid) + self._kill_pid(mainpid, signal.SIGKILL) + time.sleep(MinimumYield) + dead = not pid_exists(mainpid) or pid_zombie(mainpid) + logg.info("done hard kill PID %s %s", mainpid, dead and "OK") + return dead + def _kill_pid(self, pid, kill_signal = None): + try: + sig = kill_signal or signal.SIGTERM + os.kill(pid, sig) + except OSError as e: + if e.errno == errno.ESRCH or e.errno == errno.ENOENT: + logg.debug("kill PID %s => No such process", pid) + return True + else: + logg.error("kill PID %s => %s", pid, str(e)) + return False + return not pid_exists(pid) or pid_zombie(pid) + def is_active_modules(self, *modules): + """ [UNIT].. -- check if these units are in active state + implements True if all is-active = True """ + # systemctl returns multiple lines, one for each argument + # "active" when is_active + # "inactive" when not is_active + # "unknown" when not enabled + # The return code is set to + # 0 when "active" + # 1 when unit is not found + # 3 when any "inactive" or "unknown" + # However: # TODO! BUG in original systemctl! + # documentation says " exit code 0 if at least one is active" + # and "Unless --quiet is specified, print the unit state" + # | + units = [] + results = [] + for module in modules: + units = self.match_units(to_list(module)) + if not units: + logg.error("Unit %s not found.", unit_of(module)) + # self.error |= NOT_FOUND + self.error |= NOT_ACTIVE + results += ["inactive"] + continue + for unit in units: + active = self.get_active_unit(unit) + enabled = self.enabled_unit(unit) + if enabled != "enabled" and ACTIVE_IF_ENABLED: + active = "inactive" # "unknown" + results += [active] + break + # how it should work: + status = "active" in results + # how 'systemctl' works: + non_active = [result for result in results if result != "active"] + if non_active: + self.error |= NOT_ACTIVE + if non_active: + self.error |= NOT_OK # status + if _quiet: + return [] + return results + def is_active_from(self, conf): + """ used in try-restart/other commands to check if needed. """ + if not conf: return False + return self.get_active_from(conf) == "active" + def active_pid_from(self, conf): + if not conf: return False + pid = self.read_mainpid_from(conf) + return self.is_active_pid(pid) + def is_active_pid(self, pid): + """ returns pid if the pid is still an active process """ + if pid and pid_exists(pid) and not pid_zombie(pid): + return pid # usually a string (not null) + return None + def get_active_unit(self, unit): + """ returns 'active' 'inactive' 'failed' 'unknown' """ + conf = self.load_unit_conf(unit) + if not conf: + logg.warning("Unit %s not found.", unit) + return "unknown" + else: + return self.get_active_from(conf) + def get_active_from(self, conf): + if conf.name().endswith(".service"): + return self.get_active_service_from(conf) + elif conf.name().endswith(".socket"): + service_unit = self.get_socket_service_from(conf) + service_conf = self.load_unit_conf(service_unit) + return self.get_active_service_from(service_conf) + elif conf.name().endswith(".target"): + return self.get_active_target_from(conf) + else: + logg.debug("is-active not implemented for unit type: %s", conf.name()) + return "unknown" # TODO: "inactive" ? + def get_active_service_from(self, conf): + """ returns 'active' 'inactive' 'failed' 'unknown' """ + # used in try-restart/other commands to check if needed. + if not conf: return "unknown" + pid_file = self.pid_file_from(conf) + if pid_file: # application PIDFile + if not os.path.exists(pid_file): + return "inactive" + status_file = self.get_status_file_from(conf) + if self.getsize(status_file): + state = self.get_status_from(conf, "ActiveState", "") + if state: + if DEBUG_STATUS: + logg.info("get_status_from %s => %s", conf.name(), state) + return state + pid = self.read_mainpid_from(conf) + if DEBUG_STATUS: + logg.debug("pid_file '%s' => PID %s", pid_file or status_file, strE(pid)) + if pid: + if not pid_exists(pid) or pid_zombie(pid): + return "failed" + return "active" + else: + return "inactive" + def get_active_target_from(self, conf): + """ returns 'active' 'inactive' 'failed' 'unknown' """ + return self.get_active_target(conf.name()) + def get_active_target(self, target): + """ returns 'active' 'inactive' 'failed' 'unknown' """ + if target in self.get_active_target_list(): + status = self.is_system_running() + if status in ["running"]: + return "active" + return "inactive" + else: + services = self.target_default_services(target) + result = "active" + for service in services: + conf = self.load_unit_conf(service) + if conf: + state = self.get_active_from(conf) + if state in ["failed"]: + result = state + elif state not in ["active"]: + result = state + return result + def get_active_target_list(self): + current_target = self.get_default_target() + target_list = self.get_target_list(current_target) + target_list += [DefaultUnit] # upper end + target_list += [SysInitTarget] # lower end + return target_list + def get_substate_from(self, conf): + """ returns 'running' 'exited' 'dead' 'failed' 'plugged' 'mounted' """ + if not conf: return None + pid_file = self.pid_file_from(conf) + if pid_file: + if not os.path.exists(pid_file): + return "dead" + status_file = self.get_status_file_from(conf) + if self.getsize(status_file): + state = self.get_status_from(conf, "ActiveState", "") + if state: + if state in ["active"]: + return self.get_status_from(conf, "SubState", "running") + else: + return self.get_status_from(conf, "SubState", "dead") + pid = self.read_mainpid_from(conf) + if DEBUG_STATUS: + logg.debug("pid_file '%s' => PID %s", pid_file or status_file, strE(pid)) + if pid: + if not pid_exists(pid) or pid_zombie(pid): + return "failed" + return "running" + else: + return "dead" + def is_failed_modules(self, *modules): + """ [UNIT]... -- check if these units are in failes state + implements True if any is-active = True """ + units = [] + results = [] + for module in modules: + units = self.match_units(to_list(module)) + if not units: + logg.error("Unit %s not found.", unit_of(module)) + # self.error |= NOT_FOUND + results += ["inactive"] + continue + for unit in units: + active = self.get_active_unit(unit) + enabled = self.enabled_unit(unit) + if enabled != "enabled" and ACTIVE_IF_ENABLED: + active = "inactive" + results += [active] + break + if "failed" in results: + self.error = 0 + else: + self.error |= NOT_OK + if _quiet: + return [] + return results + def is_failed_from(self, conf): + if conf is None: return True + return self.get_active_from(conf) == "failed" + def reset_failed_modules(self, *modules): + """ [UNIT]... -- Reset failed state for all, one, or more units """ + units = [] + status = True + for module in modules: + units = self.match_units(to_list(module)) + if not units: + logg.error("Unit %s not found.", unit_of(module)) + # self.error |= NOT_FOUND + return False + for unit in units: + if not self.reset_failed_unit(unit): + logg.error("Unit %s could not be reset.", unit_of(module)) + status = False + break + return status + def reset_failed_unit(self, unit): + conf = self.load_unit_conf(unit) + if not conf: + logg.warning("Unit %s not found.", unit) + return False + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.reset_failed_from(conf) + def reset_failed_from(self, conf): + if conf is None: return True + if not self.is_failed_from(conf): return False + done = False + status_file = self.get_status_file_from(conf) + if status_file and os.path.exists(status_file): + try: + os.remove(status_file) + done = True + logg.debug("done rm %s", status_file) + except Exception as e: + logg.error("while rm %s: %s", status_file, e) + pid_file = self.pid_file_from(conf) + if pid_file and os.path.exists(pid_file): + try: + os.remove(pid_file) + done = True + logg.debug("done rm %s", pid_file) + except Exception as e: + logg.error("while rm %s: %s", pid_file, e) + return done + def status_modules(self, *modules): + """ [UNIT]... check the status of these units. + """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s could not be found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + result = self.status_units(units) + # if not found_all: + # self.error |= NOT_OK | NOT_ACTIVE # 3 + # # same as (dead) # original behaviour + return result + def status_units(self, units): + """ concatenates the status output of all units + and the last non-successful statuscode """ + status = 0 + result = "" + for unit in units: + status1, result1 = self.status_unit(unit) + if status1: status = status1 + if result: result += "\n\n" + result += result1 + if status: + self.error |= NOT_OK | NOT_ACTIVE # 3 + return result + def status_unit(self, unit): + conf = self.get_unit_conf(unit) + result = "%s - %s" % (unit, self.get_description_from(conf)) + loaded = conf.loaded() + if loaded: + filename = str(conf.filename()) + enabled = self.enabled_from(conf) + result += "\n Loaded: {loaded} ({filename}, {enabled})".format(**locals()) + for path in conf.overrides(): + result += "\n Drop-In: {path}".format(**locals()) + else: + result += "\n Loaded: failed" + return 3, result + active = self.get_active_from(conf) + substate = self.get_substate_from(conf) + result += "\n Active: {} ({})".format(active, substate) + if active == "active": + return 0, result + else: + return 3, result + def cat_modules(self, *modules): + """ [UNIT]... show the *.system file for these" + """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s could not be found.", unit_of(module)) + # self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + result = self.cat_units(units) + if not found_all: + self.error |= NOT_OK + return result + def cat_units(self, units): + done = True + result = "" + for unit in units: + text = self.cat_unit(unit) + if not text: + done = False + else: + if result: + result += "\n\n" + result += text + if not done: + self.error = NOT_OK + return result + def cat_unit(self, unit): + try: + unit_file = self.unit_file(unit) + if unit_file: + return open(unit_file).read() + logg.error("No files found for %s", unit) + except Exception as e: + print("Unit {} is not-loaded: {}".format(unit, e)) + self.error |= NOT_OK + return None + ## + ## + def load_preset_files(self, module = None): # -> [ preset-file-names,... ] + """ reads all preset files, returns the scanned files """ + if self._preset_file_list is None: + self._preset_file_list = {} + assert self._preset_file_list is not None + for folder in self.preset_folders(): + if not folder: + continue + if self._root: + folder = os_path(self._root, folder) + if not os.path.isdir(folder): + continue + for name in os.listdir(folder): + if not name.endswith(".preset"): + continue + if name not in self._preset_file_list: + path = os.path.join(folder, name) + if os.path.isdir(path): + continue + preset = PresetFile().read(path) + self._preset_file_list[name] = preset + logg.debug("found %s preset files", len(self._preset_file_list)) + return sorted(self._preset_file_list.keys()) + def get_preset_of_unit(self, unit): + """ [UNIT] check the *.preset of this unit + """ + self.load_preset_files() + assert self._preset_file_list is not None + for filename in sorted(self._preset_file_list.keys()): + preset = self._preset_file_list[filename] + status = preset.get_preset(unit) + if status: + return status + return None + def preset_modules(self, *modules): + """ [UNIT]... -- set 'enabled' when in *.preset + """ + if self.user_mode(): + logg.warning("preset makes no sense in --user mode") + return True + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s could not be found.", unit_of(module)) + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.preset_units(units) and found_all + def preset_units(self, units): + """ fails if any unit could not be changed """ + self.wait_system() + fails = 0 + found = 0 + for unit in units: + status = self.get_preset_of_unit(unit) + if not status: continue + found += 1 + if status.startswith("enable"): + if self._preset_mode == "disable": continue + logg.info("preset enable %s", unit) + if not self.enable_unit(unit): + logg.warning("failed to enable %s", unit) + fails += 1 + if status.startswith("disable"): + if self._preset_mode == "enable": continue + logg.info("preset disable %s", unit) + if not self.disable_unit(unit): + logg.warning("failed to disable %s", unit) + fails += 1 + return not fails and not not found + def preset_all_modules(self, *modules): + """ 'preset' all services + enable or disable services according to *.preset files + """ + if self.user_mode(): + logg.warning("preset-all makes no sense in --user mode") + return True + found_all = True + units = self.match_units() # TODO: how to handle module arguments + return self.preset_units(units) and found_all + def wanted_from(self, conf, default = None): + if not conf: return default + return conf.get(Install, "WantedBy", default, True) + def enablefolders(self, wanted): + if self.user_mode(): + for folder in self.user_folders(): + yield self.default_enablefolder(wanted, folder) + if True: + for folder in self.system_folders(): + yield self.default_enablefolder(wanted, folder) + def enablefolder(self, wanted): + if self.user_mode(): + user_folder = self.user_folder() + return self.default_enablefolder(wanted, user_folder) + else: + return self.default_enablefolder(wanted) + def default_enablefolder(self, wanted, basefolder = None): + basefolder = basefolder or self.system_folder() + if not wanted: + return wanted + if not wanted.endswith(".wants"): + wanted = wanted + ".wants" + return os.path.join(basefolder, wanted) + def enable_modules(self, *modules): + """ [UNIT]... -- enable these units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + # self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + logg.info("matched %s", unit) # ++ + if unit not in units: + units += [unit] + return self.enable_units(units) and found_all + def enable_units(self, units): + self.wait_system() + done = True + for unit in units: + if not self.enable_unit(unit): + done = False + elif self._now: + self.start_unit(unit) + return done + def enable_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + unit_file = conf.filename() + if unit_file is None: + logg.error("Unit file %s not found.", unit) + return False + if self.is_sysv_file(unit_file): + if self.user_mode(): + logg.error("Initscript %s not for --user mode", unit) + return False + return self.enable_unit_sysv(unit_file) + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.enable_unit_from(conf) + def enable_unit_from(self, conf): + wanted = self.wanted_from(conf) + if not wanted and not self._force: + logg.debug("%s has no target", conf.name()) + return False # "static" is-enabled + target = wanted or self.get_default_target() + folder = self.enablefolder(target) + if self._root: + folder = os_path(self._root, folder) + if not os.path.isdir(folder): + os.makedirs(folder) + source = conf.filename() + if not source: # pragma: no cover (was checked before) + logg.debug("%s has no real file", conf.name()) + return False + symlink = os.path.join(folder, conf.name()) + if True: + _f = self._force and "-f" or "" + logg.info("ln -s {_f} '{source}' '{symlink}'".format(**locals())) + if self._force and os.path.islink(symlink): + os.remove(target) + if not os.path.islink(symlink): + os.symlink(source, symlink) + return True + def rc3_root_folder(self): + old_folder = os_path(self._root, _rc3_boot_folder) + new_folder = os_path(self._root, _rc3_init_folder) + if os.path.isdir(old_folder): # pragma: no cover + return old_folder + return new_folder + def rc5_root_folder(self): + old_folder = os_path(self._root, _rc5_boot_folder) + new_folder = os_path(self._root, _rc5_init_folder) + if os.path.isdir(old_folder): # pragma: no cover + return old_folder + return new_folder + def enable_unit_sysv(self, unit_file): + # a "multi-user.target"/rc3 is also started in /rc5 + rc3 = self._enable_unit_sysv(unit_file, self.rc3_root_folder()) + rc5 = self._enable_unit_sysv(unit_file, self.rc5_root_folder()) + return rc3 and rc5 + def _enable_unit_sysv(self, unit_file, rc_folder): + name = os.path.basename(unit_file) + nameS = "S50"+name + nameK = "K50"+name + if not os.path.isdir(rc_folder): + os.makedirs(rc_folder) + # do not double existing entries + for found in os.listdir(rc_folder): + m = re.match(r"S\d\d(.*)", found) + if m and m.group(1) == name: + nameS = found + m = re.match(r"K\d\d(.*)", found) + if m and m.group(1) == name: + nameK = found + target = os.path.join(rc_folder, nameS) + if not os.path.exists(target): + os.symlink(unit_file, target) + target = os.path.join(rc_folder, nameK) + if not os.path.exists(target): + os.symlink(unit_file, target) + return True + def disable_modules(self, *modules): + """ [UNIT]... -- disable these units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + # self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.disable_units(units) and found_all + def disable_units(self, units): + self.wait_system() + done = True + for unit in units: + if not self.disable_unit(unit): + done = False + return done + def disable_unit(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + unit_file = conf.filename() + if unit_file is None: + logg.error("Unit file %s not found.", unit) + return False + if self.is_sysv_file(unit_file): + if self.user_mode(): + logg.error("Initscript %s not for --user mode", unit) + return False + return self.disable_unit_sysv(unit_file) + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + return self.disable_unit_from(conf) + def disable_unit_from(self, conf): + wanted = self.wanted_from(conf) + if not wanted and not self._force: + logg.debug("%s has no target", conf.name()) + return False # "static" is-enabled + target = wanted or self.get_default_target() + for folder in self.enablefolders(target): + if self._root: + folder = os_path(self._root, folder) + symlink = os.path.join(folder, conf.name()) + if os.path.exists(symlink): + try: + _f = self._force and "-f" or "" + logg.info("rm {_f} '{symlink}'".format(**locals())) + if os.path.islink(symlink) or self._force: + os.remove(symlink) + except IOError as e: + logg.error("disable %s: %s", symlink, e) + except OSError as e: + logg.error("disable %s: %s", symlink, e) + return True + def disable_unit_sysv(self, unit_file): + rc3 = self._disable_unit_sysv(unit_file, self.rc3_root_folder()) + rc5 = self._disable_unit_sysv(unit_file, self.rc5_root_folder()) + return rc3 and rc5 + def _disable_unit_sysv(self, unit_file, rc_folder): + # a "multi-user.target"/rc3 is also started in /rc5 + name = os.path.basename(unit_file) + nameS = "S50"+name + nameK = "K50"+name + # do not forget the existing entries + for found in os.listdir(rc_folder): + m = re.match(r"S\d\d(.*)", found) + if m and m.group(1) == name: + nameS = found + m = re.match(r"K\d\d(.*)", found) + if m and m.group(1) == name: + nameK = found + target = os.path.join(rc_folder, nameS) + if os.path.exists(target): + os.unlink(target) + target = os.path.join(rc_folder, nameK) + if os.path.exists(target): + os.unlink(target) + return True + def is_enabled_sysv(self, unit_file): + name = os.path.basename(unit_file) + target = os.path.join(self.rc3_root_folder(), "S50%s" % name) + if os.path.exists(target): + return True + return False + def is_enabled_modules(self, *modules): + """ [UNIT]... -- check if these units are enabled + returns True if any of them is enabled.""" + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + # self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.is_enabled_units(units) # and found_all + def is_enabled_units(self, units): + """ true if any is enabled, and a list of infos """ + result = False + infos = [] + for unit in units: + infos += [self.enabled_unit(unit)] + if self.is_enabled(unit): + result = True + if not result: + self.error |= NOT_OK + return infos + def is_enabled(self, unit): + conf = self.load_unit_conf(unit) + if conf is None: + logg.error("Unit %s not found.", unit) + return False + unit_file = conf.filename() + if not unit_file: + logg.error("Unit %s not found.", unit) + return False + if self.is_sysv_file(unit_file): + return self.is_enabled_sysv(unit_file) + state = self.get_enabled_from(conf) + if state in ["enabled", "static"]: + return True + return False # ["disabled", "masked"] + def enabled_unit(self, unit): + conf = self.get_unit_conf(unit) + return self.enabled_from(conf) + def enabled_from(self, conf): + unit_file = strE(conf.filename()) + if self.is_sysv_file(unit_file): + state = self.is_enabled_sysv(unit_file) + if state: + return "enabled" + return "disabled" + return self.get_enabled_from(conf) + def get_enabled_from(self, conf): + if conf.masked: + return "masked" + wanted = self.wanted_from(conf) + target = wanted or self.get_default_target() + for folder in self.enablefolders(target): + if self._root: + folder = os_path(self._root, folder) + target = os.path.join(folder, conf.name()) + if os.path.isfile(target): + return "enabled" + if not wanted: + return "static" + return "disabled" + def mask_modules(self, *modules): + """ [UNIT]... -- mask non-startable units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.mask_units(units) and found_all + def mask_units(self, units): + self.wait_system() + done = True + for unit in units: + if not self.mask_unit(unit): + done = False + return done + def mask_unit(self, unit): + unit_file = self.unit_file(unit) + if not unit_file: + logg.error("Unit %s not found.", unit) + return False + if self.is_sysv_file(unit_file): + logg.error("Initscript %s can not be masked", unit) + return False + conf = self.get_unit_conf(unit) + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + folder = self.mask_folder() + if self._root: + folder = os_path(self._root, folder) + if not os.path.isdir(folder): + os.makedirs(folder) + target = os.path.join(folder, os.path.basename(unit_file)) + dev_null = _dev_null + if True: + _f = self._force and "-f" or "" + logg.debug("ln -s {_f} {dev_null} '{target}'".format(**locals())) + if self._force and os.path.islink(target): + os.remove(target) + if not os.path.exists(target): + os.symlink(dev_null, target) + logg.info("Created symlink {target} -> {dev_null}".format(**locals())) + return True + elif os.path.islink(target): + logg.debug("mask symlink does already exist: %s", target) + return True + else: + logg.error("mask target does already exist: %s", target) + return False + def mask_folder(self): + for folder in self.mask_folders(): + if folder: return folder + raise Exception("did not find any systemd/system folder") + def mask_folders(self): + if self.user_mode(): + for folder in self.user_folders(): + yield folder + if True: + for folder in self.system_folders(): + yield folder + def unmask_modules(self, *modules): + """ [UNIT]... -- unmask non-startable units """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s not found.", unit_of(module)) + self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.unmask_units(units) and found_all + def unmask_units(self, units): + self.wait_system() + done = True + for unit in units: + if not self.unmask_unit(unit): + done = False + return done + def unmask_unit(self, unit): + unit_file = self.unit_file(unit) + if not unit_file: + logg.error("Unit %s not found.", unit) + return False + if self.is_sysv_file(unit_file): + logg.error("Initscript %s can not be un/masked", unit) + return False + conf = self.get_unit_conf(unit) + if self.not_user_conf(conf): + logg.error("Unit %s not for --user mode", unit) + return False + folder = self.mask_folder() + if self._root: + folder = os_path(self._root, folder) + target = os.path.join(folder, os.path.basename(unit_file)) + if True: + _f = self._force and "-f" or "" + logg.info("rm {_f} '{target}'".format(**locals())) + if os.path.islink(target): + os.remove(target) + return True + elif not os.path.exists(target): + logg.debug("Symlink did not exist anymore: %s", target) + return True + else: + logg.warning("target is not a symlink: %s", target) + return True + def list_dependencies_modules(self, *modules): + """ [UNIT]... show the dependency tree" + """ + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s could not be found.", unit_of(module)) + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.list_dependencies_units(units) # and found_all + def list_dependencies_units(self, units): + result = [] + for unit in units: + if result: + result += ["", ""] + result += self.list_dependencies_unit(unit) + return result + def list_dependencies_unit(self, unit): + result = [] + for line in self.list_dependencies(unit, ""): + result += [line] + return result + def list_dependencies(self, unit, indent = None, mark = None, loop = []): + mapping = {} + mapping["Requires"] = "required to start" + mapping["Wants"] = "wanted to start" + mapping["Requisite"] = "required started" + mapping["Bindsto"] = "binds to start" + mapping["PartOf"] = "part of started" + mapping[".requires"] = ".required to start" + mapping[".wants"] = ".wanted to start" + mapping["PropagateReloadTo"] = "(to be reloaded as well)" + mapping["Conflicts"] = "(to be stopped on conflict)" + restrict = ["Requires", "Requisite", "ConsistsOf", "Wants", + "BindsTo", ".requires", ".wants"] + indent = indent or "" + mark = mark or "" + deps = self.get_dependencies_unit(unit) + conf = self.get_unit_conf(unit) + if not conf.loaded(): + if not self._show_all: + return + yield "%s(%s): %s" % (indent, unit, mark) + else: + yield "%s%s: %s" % (indent, unit, mark) + for stop_recursion in ["Conflict", "conflict", "reloaded", "Propagate"]: + if stop_recursion in mark: + return + for dep in deps: + if dep in loop: + logg.debug("detected loop at %s", dep) + continue + new_loop = loop + list(deps.keys()) + new_indent = indent + "| " + new_mark = deps[dep] + if not self._show_all: + if new_mark not in restrict: + continue + if new_mark in mapping: + new_mark = mapping[new_mark] + restrict = ["Requires", "Wants", "Requisite", "BindsTo", "PartOf", "ConsistsOf", + ".requires", ".wants"] + for line in self.list_dependencies(dep, new_indent, new_mark, new_loop): + yield line + def get_dependencies_unit(self, unit, styles = None): + styles = styles or ["Requires", "Wants", "Requisite", "BindsTo", "PartOf", "ConsistsOf", + ".requires", ".wants", "PropagateReloadTo", "Conflicts", ] + conf = self.get_unit_conf(unit) + deps = {} + for style in styles: + if style.startswith("."): + for folder in self.sysd_folders(): + if not folder: + continue + require_path = os.path.join(folder, unit + style) + if self._root: + require_path = os_path(self._root, require_path) + if os.path.isdir(require_path): + for required in os.listdir(require_path): + if required not in deps: + deps[required] = style + else: + for requirelist in conf.getlist(Unit, style, []): + for required in requirelist.strip().split(" "): + deps[required.strip()] = style + return deps + def get_required_dependencies(self, unit, styles = None): + styles = styles or ["Requires", "Wants", "Requisite", "BindsTo", + ".requires", ".wants"] + return self.get_dependencies_unit(unit, styles) + def get_start_dependencies(self, unit, styles = None): # pragma: no cover + """ the list of services to be started as well / TODO: unused """ + styles = styles or ["Requires", "Wants", "Requisite", "BindsTo", "PartOf", "ConsistsOf", + ".requires", ".wants"] + deps = {} + unit_deps = self.get_dependencies_unit(unit) + for dep_unit, dep_style in unit_deps.items(): + if dep_style in styles: + if dep_unit in deps: + if dep_style not in deps[dep_unit]: + deps[dep_unit].append(dep_style) + else: + deps[dep_unit] = [dep_style] + next_deps = self.get_start_dependencies(dep_unit) + for dep, styles in next_deps.items(): + for style in styles: + if dep in deps: + if style not in deps[dep]: + deps[dep].append(style) + else: + deps[dep] = [style] + return deps + def list_start_dependencies_modules(self, *modules): + """ [UNIT]... show the dependency tree (experimental)" + """ + return self.list_start_dependencies_units(list(modules)) + def list_start_dependencies_units(self, units): + unit_order = [] + deps = {} + for unit in units: + unit_order.append(unit) + # unit_deps = self.get_start_dependencies(unit) # TODO + unit_deps = self.get_dependencies_unit(unit) + for dep_unit, styles in unit_deps.items(): + dep_styles = to_list(styles) + for dep_style in dep_styles: + if dep_unit in deps: + if dep_style not in deps[dep_unit]: + deps[dep_unit].append(dep_style) + else: + deps[dep_unit] = [dep_style] + deps_conf = [] + for dep in deps: + if dep in unit_order: + continue + conf = self.get_unit_conf(dep) + if conf.loaded(): + deps_conf.append(conf) + for unit in unit_order: + deps[unit] = ["Requested"] + conf = self.get_unit_conf(unit) + if conf.loaded(): + deps_conf.append(conf) + result = [] + sortlist = conf_sortedAfter(deps_conf, cmp=compareAfter) + for item in sortlist: + line = (item.name(), "(%s)" % (" ".join(deps[item.name()]))) + result.append(line) + return result + def sortedAfter(self, unitlist): + """ get correct start order for the unit list (ignoring masked units) """ + conflist = [self.get_unit_conf(unit) for unit in unitlist] + if True: + conflist = [] + for unit in unitlist: + conf = self.get_unit_conf(unit) + if conf.masked: + logg.debug("ignoring masked unit %s", unit) + continue + conflist.append(conf) + sortlist = conf_sortedAfter(conflist) + return [item.name() for item in sortlist] + def sortedBefore(self, unitlist): + """ get correct start order for the unit list (ignoring masked units) """ + conflist = [self.get_unit_conf(unit) for unit in unitlist] + if True: + conflist = [] + for unit in unitlist: + conf = self.get_unit_conf(unit) + if conf.masked: + logg.debug("ignoring masked unit %s", unit) + continue + conflist.append(conf) + sortlist = conf_sortedAfter(reversed(conflist)) + return [item.name() for item in reversed(sortlist)] + def daemon_reload_target(self): + """ reload does will only check the service files here. + The returncode will tell the number of warnings, + and it is over 100 if it can not continue even + for the relaxed systemctl.py style of execution. """ + errors = 0 + for unit in self.match_units(): + try: + conf = self.get_unit_conf(unit) + except Exception as e: + logg.error("%s: can not read unit file %s\n\t%s", + unit, strQ(conf.filename()), e) + continue + errors += self.syntax_check(conf) + if errors: + logg.warning(" (%s) found %s problems", errors, errors % 100) + return True # errors + def syntax_check(self, conf): + filename = conf.filename() + if filename and filename.endswith(".service"): + return self.syntax_check_service(conf) + return 0 + def syntax_check_service(self, conf, section = Service): + unit = conf.name() + if not conf.data.has_section(Service): + logg.error(" %s: a .service file without [Service] section", unit) + return 101 + errors = 0 + haveType = conf.get(section, "Type", "simple") + haveExecStart = conf.getlist(section, "ExecStart", []) + haveExecStop = conf.getlist(section, "ExecStop", []) + haveExecReload = conf.getlist(section, "ExecReload", []) + usedExecStart = [] + usedExecStop = [] + usedExecReload = [] + if haveType not in ["simple", "forking", "notify", "oneshot", "dbus", "idle"]: + logg.error(" %s: Failed to parse service type, ignoring: %s", unit, haveType) + errors += 100 + for line in haveExecStart: + mode, exe = exec_path(line) + if not exe.startswith("/"): + if mode.check: + logg.error(" %s: %s Executable path is not absolute.", unit, section) + else: + logg.warning("%s: %s Executable path is not absolute.", unit, section) + logg.info("%s: %s exe = %s", unit, section, exe) + errors += 1 + usedExecStart.append(line) + for line in haveExecStop: + mode, exe = exec_path(line) + if not exe.startswith("/"): + if mode.check: + logg.error(" %s: %s Executable path is not absolute.", unit, section) + else: + logg.warning("%s: %s Executable path is not absolute.", unit, section) + logg.info("%s: %s exe = %s", unit, section, exe) + errors += 1 + usedExecStop.append(line) + for line in haveExecReload: + mode, exe = exec_path(line) + if not exe.startswith("/"): + if mode.check: + logg.error(" %s: %s Executable path is not absolute.", unit, section) + else: + logg.warning("%s: %s Executable path is not absolute.", unit, section) + logg.info("%s: %s exe = %s", unit, section, exe) + errors += 1 + usedExecReload.append(line) + if haveType in ["simple", "notify", "forking", "idle"]: + if not usedExecStart and not usedExecStop: + logg.error(" %s: %s lacks both ExecStart and ExecStop= setting. Refusing.", unit, section) + errors += 101 + elif not usedExecStart and haveType != "oneshot": + logg.error(" %s: %s has no ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.", unit, section) + errors += 101 + if len(usedExecStart) > 1 and haveType != "oneshot": + logg.error(" %s: there may be only one %s ExecStart statement (unless for 'oneshot' services)." + + "\n\t\t\tYou can use ExecStartPre / ExecStartPost to add additional commands.", unit, section) + errors += 1 + if len(usedExecStop) > 1 and haveType != "oneshot": + logg.info(" %s: there should be only one %s ExecStop statement (unless for 'oneshot' services)." + + "\n\t\t\tYou can use ExecStopPost to add additional commands (also executed on failed Start)", unit, section) + if len(usedExecReload) > 1: + logg.info(" %s: there should be only one %s ExecReload statement." + + "\n\t\t\tUse ' ; ' for multiple commands (ExecReloadPost or ExedReloadPre do not exist)", unit, section) + if len(usedExecReload) > 0 and "/bin/kill " in usedExecReload[0]: + logg.warning(" %s: the use of /bin/kill is not recommended for %s ExecReload as it is asychronous." + + "\n\t\t\tThat means all the dependencies will perform the reload simultanously / out of order.", unit, section) + if conf.getlist(Service, "ExecRestart", []): # pragma: no cover + logg.error(" %s: there no such thing as an %s ExecRestart (ignored)", unit, section) + if conf.getlist(Service, "ExecRestartPre", []): # pragma: no cover + logg.error(" %s: there no such thing as an %s ExecRestartPre (ignored)", unit, section) + if conf.getlist(Service, "ExecRestartPost", []): # pragma: no cover + logg.error(" %s: there no such thing as an %s ExecRestartPost (ignored)", unit, section) + if conf.getlist(Service, "ExecReloadPre", []): # pragma: no cover + logg.error(" %s: there no such thing as an %s ExecReloadPre (ignored)", unit, section) + if conf.getlist(Service, "ExecReloadPost", []): # pragma: no cover + logg.error(" %s: there no such thing as an %s ExecReloadPost (ignored)", unit, section) + if conf.getlist(Service, "ExecStopPre", []): # pragma: no cover + logg.error(" %s: there no such thing as an %s ExecStopPre (ignored)", unit, section) + for env_file in conf.getlist(Service, "EnvironmentFile", []): + if env_file.startswith("-"): continue + if not os.path.isfile(os_path(self._root, self.expand_special(env_file, conf))): + logg.error(" %s: Failed to load environment files: %s", unit, env_file) + errors += 101 + return errors + def exec_check_unit(self, conf, env, section = Service, exectype = ""): + if conf is None: # pragma: no cover (is never null) + return True + if not conf.data.has_section(section): + return True # pragma: no cover + haveType = conf.get(section, "Type", "simple") + if self.is_sysv_file(conf.filename()): + return True # we don't care about that + unit = conf.name() + abspath = 0 + notexists = 0 + badusers = 0 + badgroups = 0 + for execs in ["ExecStartPre", "ExecStart", "ExecStartPost", "ExecStop", "ExecStopPost", "ExecReload"]: + if not execs.startswith(exectype): + continue + for cmd in conf.getlist(section, execs, []): + mode, newcmd = self.exec_newcmd(cmd, env, conf) + if not newcmd: + continue + exe = newcmd[0] + if not exe: + continue + if exe[0] != "/": + logg.error(" %s: Exec is not an absolute path: %s=%s", unit, execs, cmd) + abspath += 1 + if not os.path.isfile(exe): + logg.error(" %s: Exec command does not exist: (%s) %s", unit, execs, exe) + if mode.check: + notexists += 1 + newexe1 = os.path.join("/usr/bin", exe) + newexe2 = os.path.join("/bin", exe) + if os.path.exists(newexe1): + logg.error(" %s: but this does exist: %s %s", unit, " " * len(execs), newexe1) + elif os.path.exists(newexe2): + logg.error(" %s: but this does exist: %s %s", unit, " " * len(execs), newexe2) + users = [conf.get(section, "User", ""), conf.get(section, "SocketUser", "")] + groups = [conf.get(section, "Group", ""), conf.get(section, "SocketGroup", "")] + conf.getlist(section, "SupplementaryGroups") + for user in users: + if user: + try: pwd.getpwnam(self.expand_special(user, conf)) + except Exception as e: + logg.error(" %s: User does not exist: %s (%s)", unit, user, getattr(e, "__doc__", "")) + badusers += 1 + for group in groups: + if group: + try: grp.getgrnam(self.expand_special(group, conf)) + except Exception as e: + logg.error(" %s: Group does not exist: %s (%s)", unit, group, getattr(e, "__doc__", "")) + badgroups += 1 + tmpproblems = 0 + for setting in ("RootDirectory", "RootImage", "BindPaths", "BindReadOnlyPaths", + "ReadWritePaths", "ReadOnlyPaths", "TemporaryFileSystem"): + setting_value = conf.get(section, setting, "") + if setting_value: + logg.info("%s: %s private directory remounts ignored: %s=%s", unit, section, setting, setting_value) + tmpproblems += 1 + for setting in ("PrivateTmp", "PrivateDevices", "PrivateNetwork", "PrivateUsers", "DynamicUser", + "ProtectSystem", "ProjectHome", "ProtectHostname", "PrivateMounts", "MountAPIVFS"): + setting_yes = conf.getbool(section, setting, "no") + if setting_yes: + logg.info("%s: %s private directory option is ignored: %s=yes", unit, section, setting) + tmpproblems += 1 + if not abspath and not notexists and not badusers and not badgroups: + return True + if True: + filename = strE(conf.filename()) + if len(filename) > 44: filename = o44(filename) + logg.error(" !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!") + if abspath: + logg.error(" The SystemD ExecXY commands must always be absolute paths by definition.") + time.sleep(1) + if notexists: + logg.error(" Oops, %s executable paths were not found in the current environment. Refusing.", notexists) + time.sleep(1) + if badusers or badgroups: + logg.error(" Oops, %s user names and %s group names were not found. Refusing.", badusers, badgroups) + time.sleep(1) + if tmpproblems: + logg.info(" Note, %s private directory settings are ignored. The application should not depend on it.", tmpproblems) + time.sleep(1) + logg.error(" !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!") + return False + def show_modules(self, *modules): + """ [PATTERN]... -- Show properties of one or more units + Show properties of one or more units (or the manager itself). + If no argument is specified, properties of the manager will be + shown. If a unit name is specified, properties of the unit is + shown. By default, empty properties are suppressed. Use --all to + show those too. To select specific properties to show, use + --property=. This command is intended to be used whenever + computer-parsable output is required. Use status if you are looking + for formatted human-readable output. + / + NOTE: only a subset of properties is implemented """ + notfound = [] + units = [] + found_all = True + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s could not be found.", unit_of(module)) + units += [module] + # self.error |= NOT_FOUND + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + return self.show_units(units) + notfound # and found_all + def show_units(self, units): + logg.debug("show --property=%s", self._unit_property) + result = [] + for unit in units: + if result: result += [""] + for var, value in self.show_unit_items(unit): + if self._unit_property: + if self._unit_property != var: + continue + else: + if not value and not self._show_all: + continue + result += ["%s=%s" % (var, value)] + return result + def show_unit_items(self, unit): + """ [UNIT]... -- show properties of a unit. + """ + logg.info("try read unit %s", unit) + conf = self.get_unit_conf(unit) + for entry in self.each_unit_items(unit, conf): + yield entry + def each_unit_items(self, unit, conf): + loaded = conf.loaded() + if not loaded: + loaded = "not-loaded" + if "NOT-FOUND" in self.get_description_from(conf): + loaded = "not-found" + names = {unit: 1, conf.name(): 1} + yield "Id", conf.name() + yield "Names", " ".join(sorted(names.keys())) + yield "Description", self.get_description_from(conf) # conf.get(Unit, "Description") + yield "PIDFile", self.get_pid_file(conf) # not self.pid_file_from w/o default location + yield "PIDFilePath", self.pid_file_from(conf) + yield "MainPID", strE(self.active_pid_from(conf)) # status["MainPID"] or PIDFile-read + yield "SubState", self.get_substate_from(conf) or "unknown" # status["SubState"] or notify-result + yield "ActiveState", self.get_active_from(conf) or "unknown" # status["ActiveState"] + yield "LoadState", loaded + yield "UnitFileState", self.enabled_from(conf) + yield "StatusFile", self.get_StatusFile(conf) + yield "StatusFilePath", self.get_status_file_from(conf) + yield "JournalFile", self.get_journal_log(conf) + yield "JournalFilePath", self.get_journal_log_from(conf) + yield "NotifySocket", self.get_notify_socket_from(conf) + yield "User", self.get_User(conf) or "" + yield "Group", self.get_Group(conf) or "" + yield "SupplementaryGroups", " ".join(self.get_SupplementaryGroups(conf)) + yield "TimeoutStartUSec", seconds_to_time(self.get_TimeoutStartSec(conf)) + yield "TimeoutStopUSec", seconds_to_time(self.get_TimeoutStopSec(conf)) + yield "NeedDaemonReload", "no" + yield "SendSIGKILL", strYes(self.get_SendSIGKILL(conf)) + yield "SendSIGHUP", strYes(self.get_SendSIGHUP(conf)) + yield "KillMode", strE(self.get_KillMode(conf)) + yield "KillSignal", strE(self.get_KillSignal(conf)) + yield "StartLimitBurst", strE(self.get_StartLimitBurst(conf)) + yield "StartLimitIntervalSec", seconds_to_time(self.get_StartLimitIntervalSec(conf)) + yield "RestartSec", seconds_to_time(self.get_RestartSec(conf)) + yield "RemainAfterExit", strYes(self.get_RemainAfterExit(conf)) + yield "WorkingDirectory", strE(self.get_WorkingDirectory(conf)) + env_parts = [] + for env_part in conf.getlist(Service, "Environment", []): + env_parts.append(self.expand_special(env_part, conf)) + if env_parts: + yield "Environment", " ".join(env_parts) + env_files = [] + for env_file in conf.getlist(Service, "EnvironmentFile", []): + env_files.append(self.expand_special(env_file, conf)) + if env_files: + yield "EnvironmentFile", " ".join(env_files) + def get_SendSIGKILL(self, conf): + return conf.getbool(Service, "SendSIGKILL", "yes") + def get_SendSIGHUP(self, conf): + return conf.getbool(Service, "SendSIGHUP", "no") + def get_KillMode(self, conf): + return conf.get(Service, "KillMode", "control-group") + def get_KillSignal(self, conf): + return conf.get(Service, "KillSignal", "SIGTERM") + # + igno_centos = ["netconsole", "network"] + igno_opensuse = ["raw", "pppoe", "*.local", "boot.*", "rpmconf*", "postfix*"] + igno_ubuntu = ["mount*", "umount*", "ondemand", "*.local"] + igno_always = ["network*", "dbus*", "systemd-*", "kdump*"] + igno_always += ["purge-kernels.service", "after-local.service", "dm-event.*"] # as on opensuse + igno_targets = ["remote-fs.target"] + def _ignored_unit(self, unit, ignore_list): + for ignore in ignore_list: + if fnmatch.fnmatchcase(unit, ignore): + return True # ignore + if fnmatch.fnmatchcase(unit, ignore+".service"): + return True # ignore + return False + def default_services_modules(self, *modules): + """ show the default services + This is used internally to know the list of service to be started in the 'get-default' + target runlevel when the container is started through default initialisation. It will + ignore a number of services - use '--all' to show a longer list of services and + use '--all --force' if not even a minimal filter shall be used. + """ + results = [] + targets = modules or [self.get_default_target()] + for target in targets: + units = self.target_default_services(target) + logg.debug(" %s # %s", " ".join(units), target) + for unit in units: + if unit not in results: + results.append(unit) + return results + def target_default_services(self, target = None, sysv = "S"): + """ get the default services for a target - this will ignore a number of services, + use '--all' and --force' to get more services. + """ + igno = self.igno_centos + self.igno_opensuse + self.igno_ubuntu + self.igno_always + if self._show_all: + igno = self.igno_always + if self._force: + igno = [] + logg.debug("ignored services filter for default.target:\n\t%s", igno) + default_target = target or self.get_default_target() + return self.enabled_target_services(default_target, sysv, igno) + def enabled_target_services(self, target, sysv = "S", igno = []): + units = [] + if self.user_mode(): + targetlist = self.get_target_list(target) + logg.debug("check for %s user services : %s", target, targetlist) + for targets in targetlist: + for unit in self.enabled_target_user_local_units(targets, ".target", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.required_target_units(targets, ".socket", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.enabled_target_user_local_units(targets, ".socket", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.required_target_units(targets, ".service", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.enabled_target_user_local_units(targets, ".service", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.enabled_target_user_system_units(targets, ".service", igno): + if unit not in units: + units.append(unit) + else: + targetlist = self.get_target_list(target) + logg.debug("check for %s system services: %s", target, targetlist) + for targets in targetlist: + for unit in self.enabled_target_configured_system_units(targets, ".target", igno + self.igno_targets): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.required_target_units(targets, ".socket", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.enabled_target_installed_system_units(targets, ".socket", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.required_target_units(targets, ".service", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.enabled_target_installed_system_units(targets, ".service", igno): + if unit not in units: + units.append(unit) + for targets in targetlist: + for unit in self.enabled_target_sysv_units(targets, sysv, igno): + if unit not in units: + units.append(unit) + return units + def enabled_target_user_local_units(self, target, unit_kind = ".service", igno = []): + units = [] + for basefolder in self.user_folders(): + if not basefolder: + continue + folder = self.default_enablefolder(target, basefolder) + if self._root: + folder = os_path(self._root, folder) + if os.path.isdir(folder): + for unit in sorted(os.listdir(folder)): + path = os.path.join(folder, unit) + if os.path.isdir(path): continue + if self._ignored_unit(unit, igno): + continue # ignore + if unit.endswith(unit_kind): + units.append(unit) + return units + def enabled_target_user_system_units(self, target, unit_kind = ".service", igno = []): + units = [] + for basefolder in self.system_folders(): + if not basefolder: + continue + folder = self.default_enablefolder(target, basefolder) + if self._root: + folder = os_path(self._root, folder) + if os.path.isdir(folder): + for unit in sorted(os.listdir(folder)): + path = os.path.join(folder, unit) + if os.path.isdir(path): continue + if self._ignored_unit(unit, igno): + continue # ignore + if unit.endswith(unit_kind): + conf = self.load_unit_conf(unit) + if conf is None: + pass + elif self.not_user_conf(conf): + pass + else: + units.append(unit) + return units + def enabled_target_installed_system_units(self, target, unit_type = ".service", igno = []): + units = [] + for basefolder in self.system_folders(): + if not basefolder: + continue + folder = self.default_enablefolder(target, basefolder) + if self._root: + folder = os_path(self._root, folder) + if os.path.isdir(folder): + for unit in sorted(os.listdir(folder)): + path = os.path.join(folder, unit) + if os.path.isdir(path): continue + if self._ignored_unit(unit, igno): + continue # ignore + if unit.endswith(unit_type): + units.append(unit) + return units + def enabled_target_configured_system_units(self, target, unit_type = ".service", igno = []): + units = [] + if True: + folder = self.default_enablefolder(target) + if self._root: + folder = os_path(self._root, folder) + if os.path.isdir(folder): + for unit in sorted(os.listdir(folder)): + path = os.path.join(folder, unit) + if os.path.isdir(path): continue + if self._ignored_unit(unit, igno): + continue # ignore + if unit.endswith(unit_type): + units.append(unit) + return units + def enabled_target_sysv_units(self, target, sysv = "S", igno = []): + units = [] + folders = [] + if target in ["multi-user.target", DefaultUnit]: + folders += [self.rc3_root_folder()] + if target in ["graphical.target"]: + folders += [self.rc5_root_folder()] + for folder in folders: + if not os.path.isdir(folder): + logg.warning("non-existant %s", folder) + continue + for unit in sorted(os.listdir(folder)): + path = os.path.join(folder, unit) + if os.path.isdir(path): continue + m = re.match(sysv+r"\d\d(.*)", unit) + if m: + service = m.group(1) + unit = service + ".service" + if self._ignored_unit(unit, igno): + continue # ignore + units.append(unit) + return units + def required_target_units(self, target, unit_type, igno): + units = [] + deps = self.get_required_dependencies(target) + for unit in sorted(deps): + if self._ignored_unit(unit, igno): + continue # ignore + if unit.endswith(unit_type): + if unit not in units: + units.append(unit) + return units + def get_target_conf(self, module): # -> conf (conf | default-conf) + """ accept that a unit does not exist + and return a unit conf that says 'not-loaded' """ + conf = self.load_unit_conf(module) + if conf is not None: + return conf + target_conf = self.default_unit_conf(module) + if module in target_requires: + target_conf.set(Unit, "Requires", target_requires[module]) + return target_conf + def get_target_list(self, module): + """ the Requires= in target units are only accepted if known """ + target = module + if "." not in target: target += ".target" + targets = [target] + conf = self.get_target_conf(module) + requires = conf.get(Unit, "Requires", "") + while requires in target_requires: + targets = [requires] + targets + requires = target_requires[requires] + logg.debug("the %s requires %s", module, targets) + return targets + def default_system(self, arg = True): + """ start units for default system level + This will go through the enabled services in the default 'multi-user.target'. + However some services are ignored as being known to be installation garbage + from unintended services. Use '--all' so start all of the installed services + and with '--all --force' even those services that are otherwise wrong. + /// SPECIAL: with --now or --init the init-loop is run and afterwards + a system_halt is performed with the enabled services to be stopped.""" + self.sysinit_status(SubState = "initializing") + logg.info("system default requested - %s", arg) + init = self._now or self._init + return self.start_system_default(init = init) + def start_system_default(self, init = False): + """ detect the default.target services and start them. + When --init is given then the init-loop is run and + the services are stopped again by 'systemctl halt'.""" + target = self.get_default_target() + services = self.start_target_system(target, init) + logg.info("%s system is up", target) + if init: + logg.info("init-loop start") + sig = self.init_loop_until_stop(services) + logg.info("init-loop %s", sig) + self.stop_system_default() + return not not services + def start_target_system(self, target, init = False): + services = self.target_default_services(target, "S") + self.sysinit_status(SubState = "starting") + self.start_units(services) + return services + def do_start_target_from(self, conf): + target = conf.name() + # services = self.start_target_system(target) + services = self.target_default_services(target, "S") + units = [service for service in services if not self.is_running_unit(service)] + logg.debug("start %s is starting %s from %s", target, units, services) + return self.start_units(units) + def stop_system_default(self): + """ detect the default.target services and stop them. + This is commonly run through 'systemctl halt' or + at the end of a 'systemctl --init default' loop.""" + target = self.get_default_target() + services = self.stop_target_system(target) + logg.info("%s system is down", target) + return not not services + def stop_target_system(self, target): + services = self.target_default_services(target, "K") + self.sysinit_status(SubState = "stopping") + self.stop_units(services) + return services + def do_stop_target_from(self, conf): + target = conf.name() + # services = self.stop_target_system(target) + services = self.target_default_services(target, "K") + units = [service for service in services if self.is_running_unit(service)] + logg.debug("stop %s is stopping %s from %s", target, units, services) + return self.stop_units(units) + def do_reload_target_from(self, conf): + target = conf.name() + return self.reload_target_system(target) + def reload_target_system(self, target): + services = self.target_default_services(target, "S") + units = [service for service in services if self.is_running_unit(service)] + return self.reload_units(units) + def halt_target(self, arg = True): + """ stop units from default system level """ + logg.info("system halt requested - %s", arg) + done = self.stop_system_default() + try: + os.kill(1, signal.SIGQUIT) # exit init-loop on no_more_procs + except Exception as e: + logg.warning("SIGQUIT to init-loop on PID-1: %s", e) + return done + def system_get_default(self): + """ get current default run-level""" + return self.get_default_target() + def get_targets_folder(self): + return os_path(self._root, self.mask_folder()) + def get_default_target_file(self): + targets_folder = self.get_targets_folder() + return os.path.join(targets_folder, DefaultUnit) + def get_default_target(self, default_target = None): + """ get current default run-level""" + current = default_target or self._default_target + default_target_file = self.get_default_target_file() + if os.path.islink(default_target_file): + current = os.path.basename(os.readlink(default_target_file)) + return current + def set_default_modules(self, *modules): + """ set current default run-level""" + if not modules: + logg.debug(".. no runlevel given") + self.error |= NOT_OK + return "Too few arguments" + current = self.get_default_target() + default_target_file = self.get_default_target_file() + msg = "" + for module in modules: + if module == current: + continue + targetfile = None + for targetname, targetpath in self.each_target_file(): + if targetname == module: + targetfile = targetpath + if not targetfile: + self.error |= NOT_OK | NOT_ACTIVE # 3 + msg = "No such runlevel %s" % (module) + continue + # + if os.path.islink(default_target_file): + os.unlink(default_target_file) + if not os.path.isdir(os.path.dirname(default_target_file)): + os.makedirs(os.path.dirname(default_target_file)) + os.symlink(targetfile, default_target_file) + msg = "Created symlink from %s -> %s" % (default_target_file, targetfile) + logg.debug("%s", msg) + return msg + def init_modules(self, *modules): + """ [UNIT*] -- init loop: '--init default' or '--init start UNIT*' + The systemctl init service will start the enabled 'default' services, + and then wait for any zombies to be reaped. When a SIGINT is received + then a clean shutdown of the enabled services is ensured. A Control-C in + in interactive mode will also run 'stop' on all the enabled services. // + When a UNIT name is given then only that one is started instead of the + services in the 'default.target'. Using 'init UNIT' is better than + '--init start UNIT' because the UNIT is also stopped cleanly even when + it was never enabled in the system. + /// SPECIAL: when using --now then only the init-loop is started, + with the reap-zombies function and waiting for an interrupt. + (and no unit is started/stoppped wether given or not). + """ + if self._now: + result = self.init_loop_until_stop([]) + return not not result + if not modules: + # like 'systemctl --init default' + if self._now or self._show_all: + logg.debug("init default --now --all => no_more_procs") + self.doExitWhenNoMoreProcs = True + return self.start_system_default(init = True) + # + # otherwise quit when all the init-services have died + self.doExitWhenNoMoreServices = True + if self._now or self._show_all: + logg.debug("init services --now --all => no_more_procs") + self.doExitWhenNoMoreProcs = True + found_all = True + units = [] + for module in modules: + matched = self.match_units(to_list(module)) + if not matched: + logg.error("Unit %s could not be found.", unit_of(module)) + found_all = False + continue + for unit in matched: + if unit not in units: + units += [unit] + logg.info("init %s -> start %s", ",".join(modules), ",".join(units)) + done = self.start_units(units, init = True) + logg.info("-- init is done") + return done # and found_all + def start_log_files(self, units): + self._log_file = {} + self._log_hold = {} + for unit in units: + conf = self.load_unit_conf(unit) + if not conf: continue + if self.skip_journal_log(conf): continue + log_path = self.get_journal_log_from(conf) + try: + opened = os.open(log_path, os.O_RDONLY | os.O_NONBLOCK) + self._log_file[unit] = opened + self._log_hold[unit] = b"" + except Exception as e: + logg.error("can not open %s log: %s\n\t%s", unit, log_path, e) + def read_log_files(self, units): + BUFSIZE=8192 + for unit in units: + if unit in self._log_file: + new_text = b"" + while True: + buf = os.read(self._log_file[unit], BUFSIZE) + if not buf: break + new_text += buf + continue + text = self._log_hold[unit] + new_text + if not text: continue + lines = text.split(b"\n") + if not text.endswith(b"\n"): + self._log_hold[unit] = lines[-1] + lines = lines[:-1] + for line in lines: + prefix = unit.encode("utf-8") + content = prefix+b": "+line+b"\n" + os.write(1, content) + try: os.fsync(1) + except: pass + def stop_log_files(self, units): + for unit in units: + try: + if unit in self._log_file: + if self._log_file[unit]: + os.close(self._log_file[unit]) + except Exception as e: + logg.error("can not close log: %s\n\t%s", unit, e) + self._log_file = {} + self._log_hold = {} + + def get_StartLimitBurst(self, conf): + defaults = DefaultStartLimitBurst + return to_int(conf.get(Service, "StartLimitBurst", strE(defaults)), defaults) # 5 + def get_StartLimitIntervalSec(self, conf, maximum = None): + maximum = maximum or 999 + defaults = DefaultStartLimitIntervalSec + interval = conf.get(Service, "StartLimitIntervalSec", strE(defaults)) # 10s + return time_to_seconds(interval, maximum) + def get_RestartSec(self, conf, maximum = None): + maximum = maximum or DefaultStartLimitIntervalSec + delay = conf.get(Service, "RestartSec", strE(DefaultRestartSec)) + return time_to_seconds(delay, maximum) + def restart_failed_units(self, units, maximum = None): + """ This function will retart failed units. + / + NOTE that with standard settings the LimitBurst implementation has no effect. If + the InitLoopSleep is ticking at the Default of 5sec and the LimitBurst Default + is 5x within a Default 10secs time frame then within those 10sec only 2 loop + rounds have come here checking for possible restarts. You can directly shorten + the interval ('-c InitLoopSleep=1') or have it indirectly shorter from the + service descriptor's RestartSec ("RestartSec=2s"). + """ + global InitLoopSleep + me = os.getpid() + maximum = maximum or DefaultStartLimitIntervalSec + restartDelay = MinimumYield + for unit in units: + now = time.time() + try: + conf = self.load_unit_conf(unit) + if not conf: continue + restartPolicy = conf.get(Service, "Restart", "no") + if restartPolicy in ["no", "on-success"]: + logg.debug("[%s] [%s] Current NoCheck (Restart=%s)", me, unit, restartPolicy) + continue + restartSec = self.get_RestartSec(conf) + if restartSec == 0: + if InitLoopSleep > 1: + logg.warning("[%s] set InitLoopSleep from %ss to 1 (caused by RestartSec=0!)", + unit, InitLoopSleep) + InitLoopSleep = 1 + elif restartSec > 0.9 and restartSec < InitLoopSleep: + restartSleep = int(restartSec + 0.2) + if restartSleep < InitLoopSleep: + logg.warning("[%s] set InitLoopSleep from %ss to %s (caused by RestartSec=%.3fs)", + unit, InitLoopSleep, restartSleep, restartSec) + InitLoopSleep = restartSleep + isUnitState = self.get_active_from(conf) + isUnitFailed = isUnitState in ["failed"] + logg.debug("[%s] [%s] Current Status: %s (%s)", me, unit, isUnitState, isUnitFailed) + if not isUnitFailed: + if unit in self._restart_failed_units: + del self._restart_failed_units[unit] + continue + limitBurst = self.get_StartLimitBurst(conf) + limitSecs = self.get_StartLimitIntervalSec(conf) + if limitBurst > 1 and limitSecs >= 1: + try: + if unit not in self._restarted_unit: + self._restarted_unit[unit] = [] + # we want to register restarts from now on + restarted = self._restarted_unit[unit] + logg.debug("[%s] [%s] Current limitSecs=%ss limitBurst=%sx (restarted %sx)", + me, unit, limitSecs, limitBurst, len(restarted)) + oldest = 0. + interval = 0. + if len(restarted) >= limitBurst: + logg.debug("[%s] [%s] restarted %s", + me, unit, ["%.3fs" % (t - now) for t in restarted]) + while len(restarted): + oldest = restarted[0] + interval = time.time() - oldest + if interval > limitSecs: + restarted = restarted[1:] + continue + break + self._restarted_unit[unit] = restarted + logg.debug("[%s] [%s] ratelimit %s", + me, unit, ["%.3fs" % (t - now) for t in restarted]) + # all values in restarted have a time below limitSecs + if len(restarted) >= limitBurst: + logg.info("[%s] [%s] Blocking Restart - oldest %s is %s ago (allowed %s)", + me, unit, oldest, interval, limitSecs) + self.write_status_from(conf, AS="error") + unit = "" # dropped out + continue + except Exception as e: + logg.error("[%s] burst exception %s", unit, e) + if unit: # not dropped out + if unit not in self._restart_failed_units: + self._restart_failed_units[unit] = now + restartSec + logg.debug("[%s] [%s] restart scheduled in %+.3fs", + me, unit, (self._restart_failed_units[unit] - now)) + except Exception as e: + logg.error("[%s] [%s] An error ocurred while restart checking: %s", me, unit, e) + if not self._restart_failed_units: + self.error |= NOT_OK + return [] + # NOTE: this function is only called from InitLoop when "running" + # let's check if any of the restart_units has its restartSec expired + now = time.time() + restart_done = [] + logg.debug("[%s] Restart checking %s", + me, ["%+.3fs" % (t - now) for t in self._restart_failed_units.values()]) + for unit in sorted(self._restart_failed_units): + restartAt = self._restart_failed_units[unit] + if restartAt > now: + continue + restart_done.append(unit) + try: + conf = self.load_unit_conf(unit) + if not conf: continue + isUnitState = self.get_active_from(conf) + isUnitFailed = isUnitState in ["failed"] + logg.debug("[%s] [%s] Restart Status: %s (%s)", me, unit, isUnitState, isUnitFailed) + if isUnitFailed: + logg.debug("[%s] [%s] --- restarting failed unit...", me, unit) + self.restart_unit(unit) + logg.debug("[%s] [%s] --- has been restarted.", me, unit) + if unit in self._restarted_unit: + self._restarted_unit[unit].append(time.time()) + except Exception as e: + logg.error("[%s] [%s] An error ocurred while restarting: %s", me, unit, e) + for unit in restart_done: + if unit in self._restart_failed_units: + del self._restart_failed_units[unit] + logg.debug("[%s] Restart remaining %s", + me, ["%+.3fs" % (t - now) for t in self._restart_failed_units.values()]) + return restart_done + + def init_loop_until_stop(self, units): + """ this is the init-loop - it checks for any zombies to be reaped and + waits for an interrupt. When a SIGTERM /SIGINT /Control-C signal + is received then the signal name is returned. Any other signal will + just raise an Exception like one would normally expect. As a special + the 'systemctl halt' emits SIGQUIT which puts it into no_more_procs mode.""" + signal.signal(signal.SIGQUIT, lambda signum, frame: ignore_signals_and_raise_keyboard_interrupt("SIGQUIT")) + signal.signal(signal.SIGINT, lambda signum, frame: ignore_signals_and_raise_keyboard_interrupt("SIGINT")) + signal.signal(signal.SIGTERM, lambda signum, frame: ignore_signals_and_raise_keyboard_interrupt("SIGTERM")) + result = None + # + self.start_log_files(units) + logg.debug("start listen") + listen = SystemctlListenThread(self) + logg.debug("starts listen") + listen.start() + logg.debug("started listen") + self.sysinit_status(ActiveState = "active", SubState = "running") + timestamp = time.time() + while True: + try: + if DEBUG_INITLOOP: # pragma: no cover + logg.debug("DONE InitLoop (sleep %ss)", InitLoopSleep) + sleep_sec = InitLoopSleep - (time.time() - timestamp) + if sleep_sec < MinimumYield: + sleep_sec = MinimumYield + sleeping = sleep_sec + while sleeping > 2: + time.sleep(1) # accept signals atleast every second + sleeping = InitLoopSleep - (time.time() - timestamp) + if sleeping < MinimumYield: + sleeping = MinimumYield + break + time.sleep(sleeping) # remainder waits less that 2 seconds + timestamp = time.time() + self.loop.acquire() + if DEBUG_INITLOOP: # pragma: no cover + logg.debug("NEXT InitLoop (after %ss)", sleep_sec) + self.read_log_files(units) + if DEBUG_INITLOOP: # pragma: no cover + logg.debug("reap zombies - check current processes") + running = self.reap_zombies() + if DEBUG_INITLOOP: # pragma: no cover + logg.debug("reap zombies - init-loop found %s running procs", running) + if self.doExitWhenNoMoreServices: + active = False + for unit in units: + conf = self.load_unit_conf(unit) + if not conf: continue + if self.is_active_from(conf): + active = True + if not active: + logg.info("no more services - exit init-loop") + break + if self.doExitWhenNoMoreProcs: + if not running: + logg.info("no more procs - exit init-loop") + break + if RESTART_FAILED_UNITS: + self.restart_failed_units(units) + self.loop.release() + except KeyboardInterrupt as e: + if e.args and e.args[0] == "SIGQUIT": + # the original systemd puts a coredump on that signal. + logg.info("SIGQUIT - switch to no more procs check") + self.doExitWhenNoMoreProcs = True + continue + signal.signal(signal.SIGTERM, signal.SIG_DFL) + signal.signal(signal.SIGINT, signal.SIG_DFL) + logg.info("interrupted - exit init-loop") + result = str(e) or "STOPPED" + break + except Exception as e: + logg.info("interrupted - exception %s", e) + raise + self.sysinit_status(ActiveState = None, SubState = "degraded") + try: self.loop.release() + except: pass + listen.stop() + listen.join(2) + self.read_log_files(units) + self.read_log_files(units) + self.stop_log_files(units) + logg.debug("done - init loop") + return result + def reap_zombies_target(self): + """ -- check to reap children (internal) """ + running = self.reap_zombies() + return "remaining {running} process".format(**locals()) + def reap_zombies(self): + """ check to reap children """ + selfpid = os.getpid() + running = 0 + for pid_entry in os.listdir(_proc_pid_dir): + pid = to_intN(pid_entry) + if pid is None: + continue + if pid == selfpid: + continue + proc_status = _proc_pid_status.format(**locals()) + if os.path.isfile(proc_status): + zombie = False + ppid = -1 + try: + for line in open(proc_status): + m = re.match(r"State:\s*Z.*", line) + if m: zombie = True + m = re.match(r"PPid:\s*(\d+)", line) + if m: ppid = int(m.group(1)) + except IOError as e: + logg.warning("%s : %s", proc_status, e) + continue + if zombie and ppid == os.getpid(): + logg.info("reap zombie %s", pid) + try: os.waitpid(pid, os.WNOHANG) + except OSError as e: + logg.warning("reap zombie %s: %s", e.strerror) + if os.path.isfile(proc_status): + if pid > 1: + running += 1 + return running # except PID 0 and PID 1 + def sysinit_status(self, **status): + conf = self.sysinit_target() + self.write_status_from(conf, **status) + def sysinit_target(self): + if not self._sysinit_target: + self._sysinit_target = self.default_unit_conf(SysInitTarget, "System Initialization") + assert self._sysinit_target is not None + return self._sysinit_target + def is_system_running(self): + conf = self.sysinit_target() + if not self.is_running_unit_from(conf): + time.sleep(MinimumYield) + if not self.is_running_unit_from(conf): + return "offline" + status = self.read_status_from(conf) + return status.get("SubState", "unknown") + def is_system_running_info(self): + state = self.is_system_running() + if state not in ["running"]: + self.error |= NOT_OK # 1 + if self._quiet: + return None + return state + def wait_system(self, target = None): + target = target or SysInitTarget + for attempt in xrange(int(SysInitWait)): + state = self.is_system_running() + if "init" in state: + if target in [SysInitTarget, "basic.target"]: + logg.info("system not initialized - wait %s", target) + time.sleep(1) + continue + if "start" in state or "stop" in state: + if target in ["basic.target"]: + logg.info("system not running - wait %s", target) + time.sleep(1) + continue + if "running" not in state: + logg.info("system is %s", state) + break + def is_running_unit_from(self, conf): + status_file = self.get_status_file_from(conf) + return self.getsize(status_file) > 0 + def is_running_unit(self, unit): + conf = self.get_unit_conf(unit) + return self.is_running_unit_from(conf) + def pidlist_of(self, pid): + if not pid: + return [] + pidlist = [pid] + pids = [pid] + for depth in xrange(PROC_MAX_DEPTH): + for pid_entry in os.listdir(_proc_pid_dir): + pid = to_intN(pid_entry) + if pid is None: + continue + proc_status = _proc_pid_status.format(**locals()) + if os.path.isfile(proc_status): + try: + for line in open(proc_status): + if line.startswith("PPid:"): + ppid_text = line[len("PPid:"):].strip() + try: ppid = int(ppid_text) + except: continue + if ppid in pidlist and pid not in pids: + pids += [pid] + except IOError as e: + logg.warning("%s : %s", proc_status, e) + continue + if len(pids) != len(pidlist): + pidlist = pids[:] + continue + return pids + def echo(self, *targets): + line = " ".join(*targets) + logg.info(" == echo == %s", line) + return line + def killall(self, *targets): + mapping = {} + mapping[":3"] = signal.SIGQUIT + mapping[":QUIT"] = signal.SIGQUIT + mapping[":6"] = signal.SIGABRT + mapping[":ABRT"] = signal.SIGABRT + mapping[":9"] = signal.SIGKILL + mapping[":KILL"] = signal.SIGKILL + sig = signal.SIGTERM + for target in targets: + if target.startswith(":"): + if target in mapping: + sig = mapping[target] + else: # pragma: no cover + logg.error("unsupported %s", target) + continue + for pid_entry in os.listdir(_proc_pid_dir): + pid = to_intN(pid_entry) + if pid: + try: + cmdline = _proc_pid_cmdline.format(**locals()) + cmd = open(cmdline).read().split("\0") + if DEBUG_KILLALL: logg.debug("cmdline %s", cmd) + found = None + cmd_exe = os.path.basename(cmd[0]) + if DEBUG_KILLALL: logg.debug("cmd.exe '%s'", cmd_exe) + if fnmatch.fnmatchcase(cmd_exe, target): found = "exe" + if len(cmd) > 1 and cmd_exe.startswith("python"): + X = 1 + while cmd[X].startswith("-"): X += 1 # atleast '-u' unbuffered + cmd_arg = os.path.basename(cmd[X]) + if DEBUG_KILLALL: logg.debug("cmd.arg '%s'", cmd_arg) + if fnmatch.fnmatchcase(cmd_arg, target): found = "arg" + if cmd_exe.startswith("coverage") or cmd_arg.startswith("coverage"): + x = cmd.index("--") + if x > 0 and x+1 < len(cmd): + cmd_run = os.path.basename(cmd[x+1]) + if DEBUG_KILLALL: logg.debug("cmd.run '%s'", cmd_run) + if fnmatch.fnmatchcase(cmd_run, target): found = "run" + if found: + if DEBUG_KILLALL: logg.debug("%s found %s %s", found, pid, [c for c in cmd]) + if pid != os.getpid(): + logg.debug(" kill -%s %s # %s", sig, pid, target) + os.kill(pid, sig) + except Exception as e: + logg.error("kill -%s %s : %s", sig, pid, e) + return True + def force_ipv4(self, *args): + """ only ipv4 localhost in /etc/hosts """ + logg.debug("checking hosts sysconf for '::1 localhost'") + lines = [] + sysconf_hosts = os_path(self._root, _etc_hosts) + for line in open(sysconf_hosts): + if "::1" in line: + newline = re.sub("\\slocalhost\\s", " ", line) + if line != newline: + logg.info("%s: '%s' => '%s'", _etc_hosts, line.rstrip(), newline.rstrip()) + line = newline + lines.append(line) + f = open(sysconf_hosts, "w") + for line in lines: + f.write(line) + f.close() + def force_ipv6(self, *args): + """ only ipv4 localhost in /etc/hosts """ + logg.debug("checking hosts sysconf for '127.0.0.1 localhost'") + lines = [] + sysconf_hosts = os_path(self._root, _etc_hosts) + for line in open(sysconf_hosts): + if "127.0.0.1" in line: + newline = re.sub("\\slocalhost\\s", " ", line) + if line != newline: + logg.info("%s: '%s' => '%s'", _etc_hosts, line.rstrip(), newline.rstrip()) + line = newline + lines.append(line) + f = open(sysconf_hosts, "w") + for line in lines: + f.write(line) + f.close() + def help_modules(self, *args): + """[command] -- show this help + """ + lines = [] + okay = True + prog = os.path.basename(sys.argv[0]) + if not args: + argz = {} + for name in dir(self): + arg = None + if name.startswith("system_"): + arg = name[len("system_"):].replace("_", "-") + if name.startswith("show_"): + arg = name[len("show_"):].replace("_", "-") + if name.endswith("_of_unit"): + arg = name[:-len("_of_unit")].replace("_", "-") + if name.endswith("_modules"): + arg = name[:-len("_modules")].replace("_", "-") + if arg: + argz[arg] = name + lines.append("%s command [options]..." % prog) + lines.append("") + lines.append("Commands:") + for arg in sorted(argz): + name = argz[arg] + method = getattr(self, name) + doc = "..." + doctext = getattr(method, "__doc__") + if doctext: + doc = doctext + elif not self._show_all: + continue # pragma: no cover + firstline = doc.split("\n")[0] + doc_text = firstline.strip() + if "--" not in firstline: + doc_text = "-- " + doc_text + lines.append(" %s %s" % (arg, firstline.strip())) + return lines + for arg in args: + arg = arg.replace("-", "_") + func1 = getattr(self.__class__, arg+"_modules", None) + func2 = getattr(self.__class__, arg+"_of_unit", None) + func3 = getattr(self.__class__, "show_"+arg, None) + func4 = getattr(self.__class__, "system_"+arg, None) + func5 = None + if arg.startswith("__"): + func5 = getattr(self.__class__, arg[2:], None) + func = func1 or func2 or func3 or func4 or func5 + if func is None: + print("error: no such command '%s'" % arg) + okay = False + else: + doc_text = "..." + doc = getattr(func, "__doc__", "") + if doc: + doc_text = doc.replace("\n", "\n\n", 1).strip() + if "--" not in doc_text: + doc_text = "-- " + doc_text + else: + func_name = arg # FIXME + logg.debug("__doc__ of %s is none", func_name) + if not self._show_all: continue + lines.append("%s %s %s" % (prog, arg, doc_text)) + if not okay: + self.help_modules() + self.error |= NOT_OK + return [] + return lines + def systemd_version(self): + """ the version line for systemd compatibility """ + return "systemd %s\n - via systemctl.py %s" % (self._systemd_version, __version__) + def systemd_features(self): + """ the info line for systemd features """ + features1 = "-PAM -AUDIT -SELINUX -IMA -APPARMOR -SMACK" + features2 = " +SYSVINIT -UTMP -LIBCRYPTSETUP -GCRYPT -GNUTLS" + features3 = " -ACL -XZ -LZ4 -SECCOMP -BLKID -ELFUTILS -KMOD -IDN" + return features1+features2+features3 + def version_info(self): + return [self.systemd_version(), self.systemd_features()] + def test_float(self): + return 0. # "Unknown result type" + +def print_begin(argv, args): + script = os.path.realpath(argv[0]) + system = _user_mode and " --user" or " --system" + init = _init and " --init" or "" + logg.info("EXEC BEGIN %s %s%s%s", script, " ".join(args), system, init) + if _root and not is_good_root(_root): + root44 = path44(_root) + logg.warning("the --root=%s should have alteast three levels /tmp/test_123/root", root44) + +def print_begin2(args): + logg.debug("======= systemctl.py %s", " ".join(args)) + +def is_not_ok(result): + if DebugPrintResult: + logg.log(HINT, "EXEC END %s", result) + if result is False: + return NOT_OK + return 0 + +def print_str(result): + if result is None: + if DebugPrintResult: + logg.debug(" END %s", result) + return + print(result) + if DebugPrintResult: + result1 = result.split("\n")[0][:-20] + if result == result1: + logg.log(HINT, "EXEC END '%s'", result) + else: + logg.log(HINT, "EXEC END '%s...'", result1) + logg.debug(" END '%s'", result) +def print_str_list(result): + if result is None: + if DebugPrintResult: + logg.debug(" END %s", result) + return + shown = 0 + for element in result: + print(element) + shown += 1 + if DebugPrintResult: + logg.log(HINT, "EXEC END %i items", shown) + logg.debug(" END %s", result) +def print_str_list_list(result): + shown = 0 + for element in result: + print("\t".join([str(elem) for elem in element])) + shown += 1 + if DebugPrintResult: + logg.log(HINT, "EXEC END %i items", shown) + logg.debug(" END %s", result) +def print_str_dict(result): + if result is None: + if DebugPrintResult: + logg.debug(" END %s", result) + return + shown = 0 + for key in sorted(result.keys()): + element = result[key] + print("%s=%s" % (key, element)) + shown += 1 + if DebugPrintResult: + logg.log(HINT, "EXEC END %i items", shown) + logg.debug(" END %s", result) +def print_str_dict_dict(result): + if result is None: + if DebugPrintResult: + logg.debug(" END %s", result) + return + shown = 0 + for key in sorted(result): + element = result[key] + for name in sorted(element): + value = element[name] + print("%s [%s] %s" % (key, value, name)) + shown += 1 + if DebugPrintResult: + logg.log(HINT, "EXEC END %i items", shown) + logg.debug(" END %s", result) + +def run(command, *modules): + exitcode = 0 + if command in ["help"]: + print_str_list(systemctl.help_modules(*modules)) + elif command in ["cat"]: + print_str(systemctl.cat_modules(*modules)) + elif command in ["clean"]: + exitcode = is_not_ok(systemctl.clean_modules(*modules)) + elif command in ["command"]: + print_str_list(systemctl.command_of_unit(*modules)) + elif command in ["daemon-reload"]: + exitcode = is_not_ok(systemctl.daemon_reload_target()) + elif command in ["default"]: + exitcode = is_not_ok(systemctl.default_system()) + elif command in ["default-services"]: + print_str_list(systemctl.default_services_modules(*modules)) + elif command in ["disable"]: + exitcode = is_not_ok(systemctl.disable_modules(*modules)) + elif command in ["enable"]: + exitcode = is_not_ok(systemctl.enable_modules(*modules)) + elif command in ["environment"]: + print_str_dict(systemctl.environment_of_unit(*modules)) + elif command in ["get-default"]: + print_str(systemctl.get_default_target()) + elif command in ["get-preset"]: + print_str(systemctl.get_preset_of_unit(*modules)) + elif command in ["halt"]: + exitcode = is_not_ok(systemctl.halt_target()) + elif command in ["init"]: + exitcode = is_not_ok(systemctl.init_modules(*modules)) + elif command in ["is-active"]: + print_str_list(systemctl.is_active_modules(*modules)) + elif command in ["is-enabled"]: + print_str_list(systemctl.is_enabled_modules(*modules)) + elif command in ["is-failed"]: + print_str_list(systemctl.is_failed_modules(*modules)) + elif command in ["is-system-running"]: + print_str(systemctl.is_system_running_info()) + elif command in ["kill"]: + exitcode = is_not_ok(systemctl.kill_modules(*modules)) + elif command in ["list-start-dependencies"]: + print_str_list_list(systemctl.list_start_dependencies_modules(*modules)) + elif command in ["list-dependencies"]: + print_str_list(systemctl.list_dependencies_modules(*modules)) + elif command in ["list-unit-files"]: + print_str_list_list(systemctl.list_unit_files_modules(*modules)) + elif command in ["list-units"]: + print_str_list_list(systemctl.list_units_modules(*modules)) + elif command in ["listen"]: + exitcode = is_not_ok(systemctl.listen_modules(*modules)) + elif command in ["log", "logs"]: + exitcode = is_not_ok(systemctl.log_modules(*modules)) + elif command in ["mask"]: + exitcode = is_not_ok(systemctl.mask_modules(*modules)) + elif command in ["preset"]: + exitcode = is_not_ok(systemctl.preset_modules(*modules)) + elif command in ["preset-all"]: + exitcode = is_not_ok(systemctl.preset_all_modules()) + elif command in ["reap-zombies"]: + print_str(systemctl.reap_zombies_target()) + elif command in ["reload"]: + exitcode = is_not_ok(systemctl.reload_modules(*modules)) + elif command in ["reload-or-restart"]: + exitcode = is_not_ok(systemctl.reload_or_restart_modules(*modules)) + elif command in ["reload-or-try-restart"]: + exitcode = is_not_ok(systemctl.reload_or_try_restart_modules(*modules)) + elif command in ["reset-failed"]: + exitcode = is_not_ok(systemctl.reset_failed_modules(*modules)) + elif command in ["restart"]: + exitcode = is_not_ok(systemctl.restart_modules(*modules)) + elif command in ["set-default"]: + print_str(systemctl.set_default_modules(*modules)) + elif command in ["show"]: + print_str_list(systemctl.show_modules(*modules)) + elif command in ["start"]: + exitcode = is_not_ok(systemctl.start_modules(*modules)) + elif command in ["status"]: + print_str(systemctl.status_modules(*modules)) + elif command in ["stop"]: + exitcode = is_not_ok(systemctl.stop_modules(*modules)) + elif command in ["try-restart"]: + exitcode = is_not_ok(systemctl.try_restart_modules(*modules)) + elif command in ["unmask"]: + exitcode = is_not_ok(systemctl.unmask_modules(*modules)) + elif command in ["version"]: + print_str_list(systemctl.version_info()) + elif command in ["__cat_unit"]: + print_str(systemctl.cat_unit(*modules)) + elif command in ["__get_active_unit"]: + print_str(systemctl.get_active_unit(*modules)) + elif command in ["__get_description"]: + print_str(systemctl.get_description(*modules)) + elif command in ["__get_status_file"]: + print_str(systemctl.get_status_file(modules[0])) + elif command in ["__get_status_pid_file", "__get_pid_file"]: + print_str(systemctl.get_status_pid_file(modules[0])) + elif command in ["__disable_unit"]: + exitcode = is_not_ok(systemctl.disable_unit(*modules)) + elif command in ["__enable_unit"]: + exitcode = is_not_ok(systemctl.enable_unit(*modules)) + elif command in ["__is_enabled"]: + exitcode = is_not_ok(systemctl.is_enabled(*modules)) + elif command in ["__killall"]: + exitcode = is_not_ok(systemctl.killall(*modules)) + elif command in ["__kill_unit"]: + exitcode = is_not_ok(systemctl.kill_unit(*modules)) + elif command in ["__load_preset_files"]: + print_str_list(systemctl.load_preset_files(*modules)) + elif command in ["__mask_unit"]: + exitcode = is_not_ok(systemctl.mask_unit(*modules)) + elif command in ["__read_env_file"]: + print_str_list_list(list(systemctl.read_env_file(*modules))) + elif command in ["__reload_unit"]: + exitcode = is_not_ok(systemctl.reload_unit(*modules)) + elif command in ["__reload_or_restart_unit"]: + exitcode = is_not_ok(systemctl.reload_or_restart_unit(*modules)) + elif command in ["__reload_or_try_restart_unit"]: + exitcode = is_not_ok(systemctl.reload_or_try_restart_unit(*modules)) + elif command in ["__reset_failed_unit"]: + exitcode = is_not_ok(systemctl.reset_failed_unit(*modules)) + elif command in ["__restart_unit"]: + exitcode = is_not_ok(systemctl.restart_unit(*modules)) + elif command in ["__start_unit"]: + exitcode = is_not_ok(systemctl.start_unit(*modules)) + elif command in ["__stop_unit"]: + exitcode = is_not_ok(systemctl.stop_unit(*modules)) + elif command in ["__try_restart_unit"]: + exitcode = is_not_ok(systemctl.try_restart_unit(*modules)) + elif command in ["__test_start_unit"]: + systemctl.test_start_unit(*modules) + elif command in ["__unmask_unit"]: + exitcode = is_not_ok(systemctl.unmask_unit(*modules)) + elif command in ["__show_unit_items"]: + print_str_list_list(list(systemctl.show_unit_items(*modules))) + else: + logg.error("Unknown operation %s", command) + return EXIT_FAILURE + # + exitcode |= systemctl.error + return exitcode + +if __name__ == "__main__": + import optparse + _o = optparse.OptionParser("%prog [options] command [name...]", + epilog="use 'help' command for more information") + _o.add_option("--version", action="store_true", + help="Show package version") + _o.add_option("--system", action="store_true", default=False, + help="Connect to system manager (default)") # overrides --user + _o.add_option("--user", action="store_true", default=_user_mode, + help="Connect to user service manager") + # _o.add_option("-H", "--host", metavar="[USER@]HOST", + # help="Operate on remote host*") + # _o.add_option("-M", "--machine", metavar="CONTAINER", + # help="Operate on local container*") + _o.add_option("-t", "--type", metavar="TYPE", dest="unit_type", default=_unit_type, + help="List units of a particual type") + _o.add_option("--state", metavar="STATE", default=_unit_state, + help="List units with particular LOAD or SUB or ACTIVE state") + _o.add_option("-p", "--property", metavar="NAME", dest="unit_property", default=_unit_property, + help="Show only properties by this name") + _o.add_option("--what", metavar="TYPE", dest="what_kind", default=_what_kind, + help="Defines the service directories to be cleaned (configuration, state, cache, logs, runtime)") + _o.add_option("-a", "--all", action="store_true", dest="show_all", default=_show_all, + help="Show all loaded units/properties, including dead empty ones. To list all units installed on the system, use the 'list-unit-files' command instead") + _o.add_option("-l", "--full", action="store_true", default=_full, + help="Don't ellipsize unit names on output (never ellipsized)") + _o.add_option("--reverse", action="store_true", + help="Show reverse dependencies with 'list-dependencies' (ignored)") + _o.add_option("--job-mode", metavar="MODE", + help="Specifiy how to deal with already queued jobs, when queuing a new job (ignored)") + _o.add_option("--show-types", action="store_true", + help="When showing sockets, explicitly show their type (ignored)") + _o.add_option("-i", "--ignore-inhibitors", action="store_true", + help="When shutting down or sleeping, ignore inhibitors (ignored)") + _o.add_option("--kill-who", metavar="WHO", + help="Who to send signal to (ignored)") + _o.add_option("-s", "--signal", metavar="SIG", + help="Which signal to send (ignored)") + _o.add_option("--now", action="store_true", default=_now, + help="Start or stop unit in addition to enabling or disabling it") + _o.add_option("-q", "--quiet", action="store_true", default=_quiet, + help="Suppress output") + _o.add_option("--no-block", action="store_true", default=False, + help="Do not wait until operation finished (ignored)") + _o.add_option("--no-legend", action="store_true", default=_no_legend, + help="Do not print a legend (column headers and hints)") + _o.add_option("--no-wall", action="store_true", default=False, + help="Don't send wall message before halt/power-off/reboot (ignored)") + _o.add_option("--no-reload", action="store_true", default=_no_reload, + help="Don't reload daemon after en-/dis-abling unit files") + _o.add_option("--no-ask-password", action="store_true", default=_no_ask_password, + help="Do not ask for system passwords") + # _o.add_option("--global", action="store_true", dest="globally", default=_globally, + # help="Enable/disable unit files globally") # for all user logins + # _o.add_option("--runtime", action="store_true", + # help="Enable unit files only temporarily until next reboot") + _o.add_option("-f", "--force", action="store_true", default=_force, + help="When enabling unit files, override existing symblinks / When shutting down, execute action immediately") + _o.add_option("--preset-mode", metavar="TYPE", default=_preset_mode, + help="Apply only enable, only disable, or all presets [%default]") + _o.add_option("--root", metavar="PATH", default=_root, + help="Enable unit files in the specified root directory (used for alternative root prefix)") + _o.add_option("-n", "--lines", metavar="NUM", + help="Number of journal entries to show") + _o.add_option("-o", "--output", metavar="CAT", + help="change journal output mode [short, ..., cat] (ignored)") + _o.add_option("--plain", action="store_true", + help="Print unit dependencies as a list instead of a tree (ignored)") + _o.add_option("--no-pager", action="store_true", + help="Do not pipe output into pager (mostly ignored)") + # + _o.add_option("-c", "--config", metavar="NAME=VAL", action="append", default=[], + help="..override internal variables (InitLoopSleep,SysInitTarget) {%default}") + _o.add_option("-e", "--extra-vars", "--environment", metavar="NAME=VAL", action="append", default=[], + help="..override settings in the syntax of 'Environment='") + _o.add_option("-v", "--verbose", action="count", default=0, + help="..increase debugging information level") + _o.add_option("-4", "--ipv4", action="store_true", default=False, + help="..only keep ipv4 localhost in /etc/hosts") + _o.add_option("-6", "--ipv6", action="store_true", default=False, + help="..only keep ipv6 localhost in /etc/hosts") + _o.add_option("-1", "--init", action="store_true", default=False, + help="..keep running as init-process (default if PID 1)") + opt, args = _o.parse_args() + logging.basicConfig(level = max(0, logging.FATAL - 10 * opt.verbose)) + logg.setLevel(max(0, logging.ERROR - 10 * opt.verbose)) + # + _extra_vars = opt.extra_vars + _force = opt.force + _full = opt.full + _log_lines = opt.lines + _no_pager = opt.no_pager + _no_reload = opt.no_reload + _no_legend = opt.no_legend + _no_ask_password = opt.no_ask_password + _now = opt.now + _preset_mode = opt.preset_mode + _quiet = opt.quiet + _root = opt.root + _show_all = opt.show_all + _unit_state = opt.state + _unit_type = opt.unit_type + _unit_property = opt.unit_property + _what_kind = opt.what_kind + # being PID 1 (or 0) in a container will imply --init + _pid = os.getpid() + _init = opt.init or _pid in [1, 0] + _user_mode = opt.user + if os.geteuid() and _pid in [1, 0]: + _user_mode = True + if opt.system: + _user_mode = False # override --user + # + for setting in opt.config: + nam, val = setting, "1" + if "=" in setting: + nam, val = setting.split("=", 1) + elif nam.startswith("no-") or nam.startswith("NO-"): + nam, val = nam[3:], "0" + elif nam.startswith("No") or nam.startswith("NO"): + nam, val = nam[2:], "0" + if nam in globals(): + old = globals()[nam] + if old is False or old is True: + logg.debug("yes %s=%s", nam, val) + globals()[nam] = (val in ("true", "True", "TRUE", "yes", "y", "Y", "YES", "1")) + logg.debug("... _show_all=%s", _show_all) + elif isinstance(old, float): + logg.debug("num %s=%s", nam, val) + globals()[nam] = float(val) + logg.debug("... MinimumYield=%s", MinimumYield) + elif isinstance(old, int): + logg.debug("int %s=%s", nam, val) + globals()[nam] = int(val) + logg.debug("... InitLoopSleep=%s", InitLoopSleep) + elif isinstance(old, basestring): + logg.debug("str %s=%s", nam, val) + globals()[nam] = val.strip() + logg.debug("... SysInitTarget=%s", SysInitTarget) + else: + logg.warning("(ignored) unknown target type -c '%s' : %s", nam, type(old)) + else: + logg.warning("(ignored) unknown target config -c '%s' : no such variable", nam) + # + systemctl_debug_log = os_path(_root, expand_path(SYSTEMCTL_DEBUG_LOG, not _user_mode)) + systemctl_extra_log = os_path(_root, expand_path(SYSTEMCTL_EXTRA_LOG, not _user_mode)) + if os.access(systemctl_extra_log, os.W_OK): + loggfile = logging.FileHandler(systemctl_extra_log) + loggfile.setFormatter(logging.Formatter("%(asctime)s %(levelname)s %(message)s")) + logg.addHandler(loggfile) + logg.setLevel(max(0, logging.INFO - 10 * opt.verbose)) + if os.access(systemctl_debug_log, os.W_OK): + loggfile = logging.FileHandler(systemctl_debug_log) + loggfile.setFormatter(logging.Formatter("%(asctime)s %(levelname)s %(message)s")) + logg.addHandler(loggfile) + logg.setLevel(logging.DEBUG) + # + print_begin(sys.argv, args) + # + systemctl = Systemctl() + if opt.version: + args = ["version"] + if not args: + if _init: + args = ["default"] + else: + args = ["list-units"] + print_begin2(args) + command = args[0] + modules = args[1:] + try: + modules.remove("service") + except ValueError: + pass + if opt.ipv4: + systemctl.force_ipv4() + elif opt.ipv6: + systemctl.force_ipv6() + sys.exit(run(command, *modules)) From 2ead668a756909acc4ab50068a9beb1cee006d66 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 22 Dec 2023 17:11:51 +0100 Subject: [PATCH 009/114] First working state. --- tests/rework/Dockerfile | 67 ++++++++++++++++++++--------------------- 1 file changed, 32 insertions(+), 35 deletions(-) diff --git a/tests/rework/Dockerfile b/tests/rework/Dockerfile index ffb9c66ff..309eaf93c 100644 --- a/tests/rework/Dockerfile +++ b/tests/rework/Dockerfile @@ -1,8 +1,6 @@ FROM ubuntu:jammy LABEL maintainer="Robin Gierse" -ENV pip_packages "ansible" - ARG distro="jammy" ARG DEBIAN_FRONTEND=noninteractives @@ -13,6 +11,7 @@ ENV ancient "2.0.0p39" # Install dependencies. RUN apt-get update && \ apt-get install -y --no-install-recommends \ + apache2 \ apt-utils \ build-essential \ locales \ @@ -25,53 +24,33 @@ RUN apt-get update && \ python3-pip \ python3-yaml \ software-properties-common \ - rsyslog systemd sudo iproute2 \ + rsyslog sudo iproute2 \ wget \ && \ apt-get clean && \ rm -Rf /var/lib/apt/lists/* && \ rm -Rf /usr/share/doc + +# Download files first to have them cached. +RUN wget https://download.checkmk.com/checkmk/${ancient}/check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ + wget https://download.checkmk.com/checkmk/${old}/check-mk-raw-${old}_0.${distro}_amd64.deb && \ + wget https://download.checkmk.com/checkmk/${stable}/check-mk-raw-${stable}_0.${distro}_amd64.deb && \ + wget https://download.checkmk.com/checkmk/${stable}/check-mk-cloud-${stable}_0.${distro}_amd64.deb + RUN sed -i 's/^\($ModLoad imklog\)/#\1/' /etc/rsyslog.conf # Fix potential UTF-8 errors with ansible-test. RUN locale-gen en_US.UTF-8 # Install Ansible via Pip. -RUN pip3 install $pip_packages - -COPY files/initctl_faker . -RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl +# COPY ../../requirements.txt / +# RUN pip3 install -r /requirements.txt +RUN pip3 install ansible # Install Ansible inventory file. RUN mkdir -p /etc/ansible RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts -# Remove unnecessary getty and udev targets that result in high CPU usage when using -# multiple containers with Molecule (https://github.com/ansible/molecule/issues/1104) -RUN rm -f /lib/systemd/system/systemd*udev* \ - && rm -f /lib/systemd/system/getty.target - -# Install Checkmk -RUN apt-get update && \ - mv /usr/bin/systemctl /usr/bin/systemctl.bak && \ - echo "exit 0" > /usr/bin/systemctl && \ - chmod +x /usr/bin/systemctl && \ - wget https://download.checkmk.com/checkmk/${ancient}/check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ - wget https://download.checkmk.com/checkmk/${old}/check-mk-raw-${old}_0.${distro}_amd64.deb && \ - wget https://download.checkmk.com/checkmk/${stable}/check-mk-raw-${stable}_0.${distro}_amd64.deb && \ - apt-get install -y ./check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ - apt-get install -y ./check-mk-raw-${old}_0.${distro}_amd64.deb && \ - apt-get install -y ./check-mk-raw-${stable}_0.${distro}_amd64.deb && \ - mv /usr/bin/systemctl.bak /usr/bin/systemctl && \ - chmod +x /usr/bin/systemctl && \ - systemctl enable apache2.service - -VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] - -# COPY entrypoint.sh / - -# ENTRYPOINT ["/entrypoint.sh"] - # Remove unnecessary units RUN rm -f /lib/systemd/system/multi-user.target.wants/* \ /etc/systemd/system/*.wants/* \ @@ -79,6 +58,24 @@ RUN rm -f /lib/systemd/system/multi-user.target.wants/* \ /lib/systemd/system/sockets.target.wants/*udev* \ /lib/systemd/system/sockets.target.wants/*initctl* \ /lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup* \ - /lib/systemd/system/systemd-update-utmp* + /lib/systemd/system/systemd-update-utmp* \ + /lib/systemd/system/getty.target + +# Install systemctl faker and enable apache2 service at boot +COPY files/systemctl3.py /usr/bin/systemctl +RUN systemctl enable apache2 + +# Install Checkmk +RUN apt-get update && \ + # mv /usr/bin/systemctl /usr/bin/systemctl.bak && \ + # echo "exit 0" > /usr/bin/systemctl && \ + # chmod +x /usr/bin/systemctl && \ + apt-get install -y \ + ./check-mk-raw-${ancient}_0.${distro}_amd64.deb \ + ./check-mk-raw-${old}_0.${distro}_amd64.deb \ + ./check-mk-raw-${stable}_0.${distro}_amd64.deb \ + ./check-mk-cloud-${stable}_0.${distro}_amd64.deb + # && mv /usr/bin/systemctl.bak /usr/bin/systemctl && \ + # chmod +x /usr/bin/systemctl -CMD [ "/lib/systemd/systemd", "log-level=info", "unit=sysinit.target" ] +CMD ["/usr/bin/systemctl"] From 858fc4e8b51e34ce16bfbd0493e888eee5e7117c Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 22 Dec 2023 17:14:09 +0100 Subject: [PATCH 010/114] Update README. --- tests/rework/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/rework/README.md b/tests/rework/README.md index f5a478f75..b377696b8 100644 --- a/tests/rework/README.md +++ b/tests/rework/README.md @@ -4,6 +4,7 @@ TBD ## How-to - `docker build -t ansible-checkmk-test ./` +- `ansible-test integration activation --docker-privileged --python 3.10 --docker ansible-checkmk-test` ## ToDo - [ ] Add deadsnakes to enable several Python versions. From 2bc1f36dd9a2e183a10a6936d47ff530ce418750 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 27 Dec 2023 15:23:18 +0100 Subject: [PATCH 011/114] Rename sites for tests. --- tests/integration/targets/activation/vars/main.yml | 8 ++++---- tests/integration/targets/bakery/vars/main.yml | 4 ++-- tests/integration/targets/contact_group/vars/main.yml | 8 ++++---- tests/integration/targets/discovery/vars/main.yml | 8 ++++---- tests/integration/targets/downtime/vars/main.yml | 8 ++++---- tests/integration/targets/folder/vars/main.yml | 8 ++++---- tests/integration/targets/host/vars/main.yml | 8 ++++---- tests/integration/targets/host_group/vars/main.yml | 8 ++++---- tests/integration/targets/lookup_bakery/vars/main.yml | 4 ++-- tests/integration/targets/lookup_folder/vars/main.yml | 8 ++++---- tests/integration/targets/lookup_folders/vars/main.yml | 8 ++++---- tests/integration/targets/lookup_host/vars/main.yml | 8 ++++---- tests/integration/targets/lookup_hosts/vars/main.yml | 8 ++++---- tests/integration/targets/lookup_rules/vars/main.yml | 6 +++--- tests/integration/targets/lookup_rulesets/vars/main.yml | 6 +++--- tests/integration/targets/lookup_version/vars/main.yml | 8 ++++---- tests/integration/targets/password/vars/main.yml | 8 ++++---- tests/integration/targets/rule/vars/main.yml | 6 +++--- tests/integration/targets/service_group/vars/main.yml | 8 ++++---- tests/integration/targets/tag_group/vars/main.yml | 8 ++++---- tests/integration/targets/timeperiod/vars/main.yml | 6 +++--- tests/integration/targets/user/vars/main.yml | 6 +++--- 22 files changed, 79 insertions(+), 79 deletions(-) diff --git a/tests/integration/targets/activation/vars/main.yml b/tests/integration/targets/activation/vars/main.yml index f15733639..81c220d8a 100644 --- a/tests/integration/targets/activation/vars/main.yml +++ b/tests/integration/targets/activation/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/bakery/vars/main.yml b/tests/integration/targets/bakery/vars/main.yml index defc73c1c..9347ca665 100644 --- a/tests/integration/targets/bakery/vars/main.yml +++ b/tests/integration/targets/bakery/vars/main.yml @@ -2,10 +2,10 @@ test_sites: - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cee" - site: "old_ent" + site: "old_cee" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/contact_group/vars/main.yml b/tests/integration/targets/contact_group/vars/main.yml index 1160c115f..863e3313a 100644 --- a/tests/integration/targets/contact_group/vars/main.yml +++ b/tests/integration/targets/contact_group/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/discovery/vars/main.yml b/tests/integration/targets/discovery/vars/main.yml index 3733a00a4..28eab584a 100644 --- a/tests/integration/targets/discovery/vars/main.yml +++ b/tests/integration/targets/discovery/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/downtime/vars/main.yml b/tests/integration/targets/downtime/vars/main.yml index f15733639..81c220d8a 100644 --- a/tests/integration/targets/downtime/vars/main.yml +++ b/tests/integration/targets/downtime/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/folder/vars/main.yml b/tests/integration/targets/folder/vars/main.yml index 66ceca89b..4681bbdfe 100644 --- a/tests/integration/targets/folder/vars/main.yml +++ b/tests/integration/targets/folder/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/host/vars/main.yml b/tests/integration/targets/host/vars/main.yml index 619212f1d..a870bd938 100644 --- a/tests/integration/targets/host/vars/main.yml +++ b/tests/integration/targets/host/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/host_group/vars/main.yml b/tests/integration/targets/host_group/vars/main.yml index 937774ccc..5a261d82f 100644 --- a/tests/integration/targets/host_group/vars/main.yml +++ b/tests/integration/targets/host_group/vars/main.yml @@ -5,16 +5,16 @@ test_sites: site: "stable_cme" - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/lookup_bakery/vars/main.yml b/tests/integration/targets/lookup_bakery/vars/main.yml index 579714e59..433b55123 100644 --- a/tests/integration/targets/lookup_bakery/vars/main.yml +++ b/tests/integration/targets/lookup_bakery/vars/main.yml @@ -2,10 +2,10 @@ test_sites: - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cee" - site: "old_ent" + site: "old_cee" server_url: "http://127.0.0.1/" automation_user: "cmkadmin" diff --git a/tests/integration/targets/lookup_folder/vars/main.yml b/tests/integration/targets/lookup_folder/vars/main.yml index ed640c71a..4f50bbbc5 100644 --- a/tests/integration/targets/lookup_folder/vars/main.yml +++ b/tests/integration/targets/lookup_folder/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/lookup_folders/vars/main.yml b/tests/integration/targets/lookup_folders/vars/main.yml index 8909c0ef8..82d733fe9 100644 --- a/tests/integration/targets/lookup_folders/vars/main.yml +++ b/tests/integration/targets/lookup_folders/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/lookup_host/vars/main.yml b/tests/integration/targets/lookup_host/vars/main.yml index 283de8833..fe6998e5d 100644 --- a/tests/integration/targets/lookup_host/vars/main.yml +++ b/tests/integration/targets/lookup_host/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/lookup_hosts/vars/main.yml b/tests/integration/targets/lookup_hosts/vars/main.yml index 61765aa62..0b90a2085 100644 --- a/tests/integration/targets/lookup_hosts/vars/main.yml +++ b/tests/integration/targets/lookup_hosts/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/lookup_rules/vars/main.yml b/tests/integration/targets/lookup_rules/vars/main.yml index e1c7fb35d..51329549c 100644 --- a/tests/integration/targets/lookup_rules/vars/main.yml +++ b/tests/integration/targets/lookup_rules/vars/main.yml @@ -2,13 +2,13 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" server_url: "http://127.0.0.1/" automation_user: "cmkadmin" diff --git a/tests/integration/targets/lookup_rulesets/vars/main.yml b/tests/integration/targets/lookup_rulesets/vars/main.yml index aa21c410c..89d844ca7 100644 --- a/tests/integration/targets/lookup_rulesets/vars/main.yml +++ b/tests/integration/targets/lookup_rulesets/vars/main.yml @@ -2,13 +2,13 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" server_url: "http://127.0.0.1/" automation_user: "cmkadmin" diff --git a/tests/integration/targets/lookup_version/vars/main.yml b/tests/integration/targets/lookup_version/vars/main.yml index 4e4fb9cdc..019e72e98 100644 --- a/tests/integration/targets/lookup_version/vars/main.yml +++ b/tests/integration/targets/lookup_version/vars/main.yml @@ -2,16 +2,16 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/password/vars/main.yml b/tests/integration/targets/password/vars/main.yml index 1835319f4..5e5e9bb09 100644 --- a/tests/integration/targets/password/vars/main.yml +++ b/tests/integration/targets/password/vars/main.yml @@ -5,16 +5,16 @@ test_sites: site: "stable_cme" - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/rule/vars/main.yml b/tests/integration/targets/rule/vars/main.yml index 0241fc7ad..9acdd50a4 100644 --- a/tests/integration/targets/rule/vars/main.yml +++ b/tests/integration/targets/rule/vars/main.yml @@ -2,13 +2,13 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/service_group/vars/main.yml b/tests/integration/targets/service_group/vars/main.yml index 3c9e4cafc..080f3c989 100644 --- a/tests/integration/targets/service_group/vars/main.yml +++ b/tests/integration/targets/service_group/vars/main.yml @@ -5,16 +5,16 @@ test_sites: site: "stable_cme" - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/tag_group/vars/main.yml b/tests/integration/targets/tag_group/vars/main.yml index e8f3dea77..27a4927fd 100644 --- a/tests/integration/targets/tag_group/vars/main.yml +++ b/tests/integration/targets/tag_group/vars/main.yml @@ -5,16 +5,16 @@ test_sites: site: "stable_cme" - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" - version: "2.0.0p39" edition: "cre" - site: "ancient_raw" + site: "ancient_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/timeperiod/vars/main.yml b/tests/integration/targets/timeperiod/vars/main.yml index 8882ad269..2fea21583 100644 --- a/tests/integration/targets/timeperiod/vars/main.yml +++ b/tests/integration/targets/timeperiod/vars/main.yml @@ -2,13 +2,13 @@ test_sites: - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index 444ee4ea6..e5b70e32e 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -5,13 +5,13 @@ test_sites: site: "stable_cme" - version: "2.2.0p17" edition: "cre" - site: "stable_raw" + site: "stable_cre" - version: "2.2.0p17" edition: "cee" - site: "stable_ent" + site: "stable_cee" - version: "2.1.0p37" edition: "cre" - site: "old_raw" + site: "old_cre" checkmk_var_server_url: "http://127.0.0.1/" checkmk_var_automation_user: "cmkadmin" From 455c0cc0d8bb25cbe9f869d9b5f70c5a29450de6 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 27 Dec 2023 16:43:19 +0100 Subject: [PATCH 012/114] Remove duplication by including a single prep.yml. --- .../{targets/rule/tasks => files}/prep.yml | 28 +++++++++---- .../targets/activation/tasks/main.yml | 2 +- .../targets/activation/tasks/prep.yml | 42 ------------------- .../integration/targets/bakery/tasks/main.yml | 2 +- .../integration/targets/bakery/tasks/prep.yml | 41 ------------------ .../targets/contact_group/tasks/main.yml | 2 +- .../targets/contact_group/tasks/prep.yml | 31 -------------- .../targets/discovery/tasks/main.yml | 2 +- .../targets/discovery/tasks/prep.yml | 31 -------------- .../targets/downtime/tasks/main.yml | 2 +- .../targets/downtime/tasks/prep.yml | 31 -------------- .../integration/targets/folder/tasks/main.yml | 2 +- .../integration/targets/folder/tasks/prep.yml | 31 -------------- tests/integration/targets/host/tasks/main.yml | 2 +- tests/integration/targets/host/tasks/prep.yml | 31 -------------- .../targets/host_group/tasks/main.yml | 2 +- .../targets/host_group/tasks/prep.yml | 31 -------------- .../targets/lookup_bakery/tasks/main.yml | 2 +- .../targets/lookup_bakery/tasks/prep.yml | 31 -------------- .../targets/lookup_folder/tasks/main.yml | 2 +- .../targets/lookup_folder/tasks/prep.yml | 31 -------------- .../targets/lookup_folders/tasks/main.yml | 2 +- .../targets/lookup_folders/tasks/prep.yml | 31 -------------- .../targets/lookup_host/tasks/main.yml | 2 +- .../targets/lookup_host/tasks/prep.yml | 31 -------------- .../targets/lookup_hosts/tasks/main.yml | 2 +- .../targets/lookup_hosts/tasks/prep.yml | 31 -------------- .../targets/lookup_rules/tasks/main.yml | 2 +- .../targets/lookup_rules/tasks/prep.yml | 31 -------------- .../targets/lookup_rulesets/tasks/main.yml | 2 +- .../targets/lookup_rulesets/tasks/prep.yml | 31 -------------- .../targets/lookup_version/tasks/main.yml | 2 +- .../targets/lookup_version/tasks/prep.yml | 31 -------------- .../targets/password/tasks/main.yml | 2 +- .../targets/password/tasks/prep.yml | 31 -------------- tests/integration/targets/rule/tasks/main.yml | 2 +- .../targets/service_group/tasks/main.yml | 2 +- .../targets/service_group/tasks/prep.yml | 31 -------------- .../targets/tag_group/tasks/main.yml | 2 +- .../targets/tag_group/tasks/prep.yml | 31 -------------- .../targets/timeperiod/tasks/main.yml | 2 +- .../targets/timeperiod/tasks/prep.yml | 31 -------------- tests/integration/targets/user/tasks/main.yml | 2 +- tests/integration/targets/user/tasks/prep.yml | 31 -------------- 44 files changed, 41 insertions(+), 703 deletions(-) rename tests/integration/{targets/rule/tasks => files}/prep.yml (61%) delete mode 100644 tests/integration/targets/activation/tasks/prep.yml delete mode 100644 tests/integration/targets/bakery/tasks/prep.yml delete mode 100644 tests/integration/targets/contact_group/tasks/prep.yml delete mode 100644 tests/integration/targets/discovery/tasks/prep.yml delete mode 100644 tests/integration/targets/downtime/tasks/prep.yml delete mode 100644 tests/integration/targets/folder/tasks/prep.yml delete mode 100644 tests/integration/targets/host/tasks/prep.yml delete mode 100644 tests/integration/targets/host_group/tasks/prep.yml delete mode 100644 tests/integration/targets/lookup_bakery/tasks/prep.yml delete mode 100644 tests/integration/targets/lookup_folder/tasks/prep.yml delete mode 100644 tests/integration/targets/lookup_folders/tasks/prep.yml delete mode 100644 tests/integration/targets/lookup_host/tasks/prep.yml delete mode 100644 tests/integration/targets/lookup_hosts/tasks/prep.yml delete mode 100644 tests/integration/targets/lookup_rules/tasks/prep.yml delete mode 100644 tests/integration/targets/lookup_rulesets/tasks/prep.yml delete mode 100644 tests/integration/targets/lookup_version/tasks/prep.yml delete mode 100644 tests/integration/targets/password/tasks/prep.yml delete mode 100644 tests/integration/targets/service_group/tasks/prep.yml delete mode 100644 tests/integration/targets/tag_group/tasks/prep.yml delete mode 100644 tests/integration/targets/timeperiod/tasks/prep.yml delete mode 100644 tests/integration/targets/user/tasks/prep.yml diff --git a/tests/integration/targets/rule/tasks/prep.yml b/tests/integration/files/prep.yml similarity index 61% rename from tests/integration/targets/rule/tasks/prep.yml rename to tests/integration/files/prep.yml index 42fad828b..ac9bf3010 100644 --- a/tests/integration/targets/rule/tasks/prep.yml +++ b/tests/integration/files/prep.yml @@ -1,4 +1,12 @@ --- +- name: "Install dependencies." + ansible.builtin.package: + name: python3-apt + state: present + +- name: "Get installed Packages." + ansible.builtin.package_facts: + - name: "Download Checkmk Versions." ansible.builtin.get_url: url: "{{ download_url }}" @@ -7,14 +15,18 @@ url_username: "{{ download_user | default(omit) }}" url_password: "{{ download_pass | default(omit) }}" loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" + when: | + ((download_pass is defined and download_pass | length) or item.edition == "cre") + and not 'check-mk-' + checkmk_server_edition_mapping[item.edition] + '-' +item.version in ansible_facts.packages - name: "Install Checkmk Versions." ansible.builtin.apt: deb: /tmp/checkmk-server-{{ item.site }}.deb state: present loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" + when: | + ((download_pass is defined and download_pass | length) or item.edition == "cre") + and not 'check-mk-' + checkmk_server_edition_mapping[item.edition] + '-' +item.version in ansible_facts.packages - name: "Create Sites." ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" @@ -23,16 +35,14 @@ loop: "{{ test_sites }}" when: (download_pass is defined and download_pass | length) or item.edition == "cre" +- name: "Start Apache2." + ansible.builtin.service: + name: apache2 + state: started + - name: "Start Sites." ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" register: site_status changed_when: site_status.rc == "0" loop: "{{ test_sites }}" when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Gather Date and Time Facts on localhost." - ansible.builtin.setup: - gather_subset: - - date_time - delegate_to: localhost - run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/activation/tasks/main.yml b/tests/integration/targets/activation/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/activation/tasks/main.yml +++ b/tests/integration/targets/activation/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/activation/tasks/prep.yml b/tests/integration/targets/activation/tasks/prep.yml deleted file mode 100644 index 3d58b3439..000000000 --- a/tests/integration/targets/activation/tasks/prep.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# - name: "Get installed Packages." -# ansible.builtin.package_facts: - -# - name: "Download Checkmk Versions." -# ansible.builtin.get_url: -# url: "{{ download_url }}" -# dest: /tmp/checkmk-server-{{ item.site }}.deb -# mode: "0640" -# url_username: "{{ download_user | default(omit) }}" -# url_password: "{{ download_pass | default(omit) }}" -# loop: "{{ test_sites }}" -# # when: ((download_pass is defined and download_pass | length) or item.edition == "cre") and ('check-mk-'+item.edition+'-'+item.version not in ansible_facts.packages) -# when: | -# ((download_pass is defined and download_pass | length) or item.edition == "cre") -# and not 'check-mk-' + item.edition + '-' +item.version in ansible_facts.packages - -# - name: "Install Checkmk Versions." -# ansible.builtin.apt: -# deb: /tmp/checkmk-server-{{ item.site }}.deb -# state: present -# loop: "{{ test_sites }}" -# when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Apache2." - ansible.builtin.service: - name: apache2 - state: started - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/bakery/tasks/main.yml b/tests/integration/targets/bakery/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/bakery/tasks/main.yml +++ b/tests/integration/targets/bakery/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/bakery/tasks/prep.yml b/tests/integration/targets/bakery/tasks/prep.yml deleted file mode 100644 index bf196aa8d..000000000 --- a/tests/integration/targets/bakery/tasks/prep.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Inject a Key into the Sites." # This is a hack and should never be done in production! - ansible.builtin.copy: - src: agent_signature_keys.mk - dest: "/omd/sites/{{ item.site }}/etc/check_mk/multisite.d/wato/agent_signature_keys.mk" - owner: "{{ item.site }}" - group: "{{ item.site }}" - mode: "0660" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/contact_group/tasks/main.yml b/tests/integration/targets/contact_group/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/contact_group/tasks/main.yml +++ b/tests/integration/targets/contact_group/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/contact_group/tasks/prep.yml b/tests/integration/targets/contact_group/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/contact_group/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/discovery/tasks/main.yml b/tests/integration/targets/discovery/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/discovery/tasks/main.yml +++ b/tests/integration/targets/discovery/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/discovery/tasks/prep.yml b/tests/integration/targets/discovery/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/discovery/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/downtime/tasks/main.yml b/tests/integration/targets/downtime/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/downtime/tasks/main.yml +++ b/tests/integration/targets/downtime/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/downtime/tasks/prep.yml b/tests/integration/targets/downtime/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/downtime/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/folder/tasks/main.yml b/tests/integration/targets/folder/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/folder/tasks/main.yml +++ b/tests/integration/targets/folder/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/folder/tasks/prep.yml b/tests/integration/targets/folder/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/folder/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/host/tasks/main.yml b/tests/integration/targets/host/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/host/tasks/main.yml +++ b/tests/integration/targets/host/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/host/tasks/prep.yml b/tests/integration/targets/host/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/host/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/host_group/tasks/main.yml b/tests/integration/targets/host_group/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/host_group/tasks/main.yml +++ b/tests/integration/targets/host_group/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/host_group/tasks/prep.yml b/tests/integration/targets/host_group/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/host_group/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/lookup_bakery/tasks/main.yml b/tests/integration/targets/lookup_bakery/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/lookup_bakery/tasks/main.yml +++ b/tests/integration/targets/lookup_bakery/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_bakery/tasks/prep.yml b/tests/integration/targets/lookup_bakery/tasks/prep.yml deleted file mode 100644 index 7f81d9051..000000000 --- a/tests/integration/targets/lookup_bakery/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/lookup_folder/tasks/main.yml b/tests/integration/targets/lookup_folder/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/lookup_folder/tasks/main.yml +++ b/tests/integration/targets/lookup_folder/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_folder/tasks/prep.yml b/tests/integration/targets/lookup_folder/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/lookup_folder/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/lookup_folders/tasks/main.yml b/tests/integration/targets/lookup_folders/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/lookup_folders/tasks/main.yml +++ b/tests/integration/targets/lookup_folders/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_folders/tasks/prep.yml b/tests/integration/targets/lookup_folders/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/lookup_folders/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/lookup_host/tasks/main.yml b/tests/integration/targets/lookup_host/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/lookup_host/tasks/main.yml +++ b/tests/integration/targets/lookup_host/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_host/tasks/prep.yml b/tests/integration/targets/lookup_host/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/lookup_host/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/lookup_hosts/tasks/main.yml b/tests/integration/targets/lookup_hosts/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/lookup_hosts/tasks/main.yml +++ b/tests/integration/targets/lookup_hosts/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_hosts/tasks/prep.yml b/tests/integration/targets/lookup_hosts/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/lookup_hosts/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/lookup_rules/tasks/main.yml b/tests/integration/targets/lookup_rules/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/lookup_rules/tasks/main.yml +++ b/tests/integration/targets/lookup_rules/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_rules/tasks/prep.yml b/tests/integration/targets/lookup_rules/tasks/prep.yml deleted file mode 100644 index 7f81d9051..000000000 --- a/tests/integration/targets/lookup_rules/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/lookup_rulesets/tasks/main.yml b/tests/integration/targets/lookup_rulesets/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/lookup_rulesets/tasks/main.yml +++ b/tests/integration/targets/lookup_rulesets/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_rulesets/tasks/prep.yml b/tests/integration/targets/lookup_rulesets/tasks/prep.yml deleted file mode 100644 index 7f81d9051..000000000 --- a/tests/integration/targets/lookup_rulesets/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/lookup_version/tasks/main.yml b/tests/integration/targets/lookup_version/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/lookup_version/tasks/main.yml +++ b/tests/integration/targets/lookup_version/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_version/tasks/prep.yml b/tests/integration/targets/lookup_version/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/lookup_version/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/password/tasks/main.yml b/tests/integration/targets/password/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/password/tasks/main.yml +++ b/tests/integration/targets/password/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/password/tasks/prep.yml b/tests/integration/targets/password/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/password/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/rule/tasks/main.yml b/tests/integration/targets/rule/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/rule/tasks/main.yml +++ b/tests/integration/targets/rule/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/service_group/tasks/main.yml b/tests/integration/targets/service_group/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/service_group/tasks/main.yml +++ b/tests/integration/targets/service_group/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/service_group/tasks/prep.yml b/tests/integration/targets/service_group/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/service_group/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/tag_group/tasks/main.yml b/tests/integration/targets/tag_group/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/tag_group/tasks/main.yml +++ b/tests/integration/targets/tag_group/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/tag_group/tasks/prep.yml b/tests/integration/targets/tag_group/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/tag_group/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/timeperiod/tasks/main.yml b/tests/integration/targets/timeperiod/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/timeperiod/tasks/main.yml +++ b/tests/integration/targets/timeperiod/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/timeperiod/tasks/prep.yml b/tests/integration/targets/timeperiod/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/timeperiod/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" diff --git a/tests/integration/targets/user/tasks/main.yml b/tests/integration/targets/user/tasks/main.yml index d2a7115a7..fbbf4fef2 100644 --- a/tests/integration/targets/user/tasks/main.yml +++ b/tests/integration/targets/user/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Run preparations." - ansible.builtin.include_tasks: prep.yml + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/user/tasks/prep.yml b/tests/integration/targets/user/tasks/prep.yml deleted file mode 100644 index 5f2c8e874..000000000 --- a/tests/integration/targets/user/tasks/prep.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Download Checkmk Versions." - ansible.builtin.get_url: - url: "{{ download_url }}" - dest: /tmp/checkmk-server-{{ item.site }}.deb - mode: "0640" - url_username: "{{ download_user | default(omit) }}" - url_password: "{{ download_pass | default(omit) }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Install Checkmk Versions." - ansible.builtin.apt: - deb: /tmp/checkmk-server-{{ item.site }}.deb - state: present - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Create Sites." - ansible.builtin.command: "omd -V {{ item.version }}.{{ item.edition }} create --no-tmpfs --admin-password {{ checkmk_var_automation_secret }} {{ item.site }}" - args: - creates: "/omd/sites/{{ item.site }}" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" - -- name: "Start Sites." - ansible.builtin.shell: "omd status -b {{ item.site }} || omd start {{ item.site }}" - register: site_status - changed_when: site_status.rc == "0" - loop: "{{ test_sites }}" - when: (download_pass is defined and download_pass | length) or item.edition == "cre" From 7b4da9760c7991f37cbd715a1fab496e438897e4 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 27 Dec 2023 16:46:06 +0100 Subject: [PATCH 013/114] Add Python versions and support commercial editions. --- tests/rework/Dockerfile | 88 +++++++++++++++++++++-------- tests/rework/files/deadsnakes.gpg | Bin 0 -> 1129 bytes tests/rework/files/deadsnakes.list | 2 + 3 files changed, 65 insertions(+), 25 deletions(-) create mode 100644 tests/rework/files/deadsnakes.gpg create mode 100644 tests/rework/files/deadsnakes.list diff --git a/tests/rework/Dockerfile b/tests/rework/Dockerfile index 309eaf93c..eba6121ff 100644 --- a/tests/rework/Dockerfile +++ b/tests/rework/Dockerfile @@ -8,6 +8,9 @@ ENV stable "2.2.0p17" ENV old "2.1.0p37" ENV ancient "2.0.0p39" +ARG DL_USER="d-gh-ansible-dl" +ARG DL_PW + # Install dependencies. RUN apt-get update && \ apt-get install -y --no-install-recommends \ @@ -25,19 +28,25 @@ RUN apt-get update && \ python3-yaml \ software-properties-common \ rsyslog sudo iproute2 \ - wget \ - && \ - apt-get clean && \ - rm -Rf /var/lib/apt/lists/* && \ - rm -Rf /usr/share/doc + wget # Download files first to have them cached. -RUN wget https://download.checkmk.com/checkmk/${ancient}/check-mk-raw-${ancient}_0.${distro}_amd64.deb && \ - wget https://download.checkmk.com/checkmk/${old}/check-mk-raw-${old}_0.${distro}_amd64.deb && \ - wget https://download.checkmk.com/checkmk/${stable}/check-mk-raw-${stable}_0.${distro}_amd64.deb && \ +## Free downloads +RUN \ + wget https://download.checkmk.com/checkmk/${ancient}/check-mk-raw-${ancient}_0.${distro}_amd64.deb ; \ + wget https://download.checkmk.com/checkmk/${old}/check-mk-raw-${old}_0.${distro}_amd64.deb ; \ + wget https://download.checkmk.com/checkmk/${stable}/check-mk-raw-${stable}_0.${distro}_amd64.deb ; \ wget https://download.checkmk.com/checkmk/${stable}/check-mk-cloud-${stable}_0.${distro}_amd64.deb +## Restricted downloads +RUN \ + wget --user=${DL_USER} --password=${DL_PW} https://download.checkmk.com/checkmk/${stable}/check-mk-enterprise-${stable}_0.${distro}_amd64.deb ; \ + wget --user=${DL_USER} --password=${DL_PW} https://download.checkmk.com/checkmk/${stable}/check-mk-managed-${stable}_0.${distro}_amd64.deb ; \ + wget --user=${DL_USER} --password=${DL_PW} https://download.checkmk.com/checkmk/${old}/check-mk-enterprise-${old}_0.${distro}_amd64.deb ; \ + wget --user=${DL_USER} --password=${DL_PW} https://download.checkmk.com/checkmk/${old}/check-mk-managed-${old}_0.${distro}_amd64.deb ; \ + wget --user=${DL_USER} --password=${DL_PW} https://download.checkmk.com/checkmk/${ancient}/check-mk-enterprise-${ancient}_0.${distro}_amd64.deb ; \ + wget --user=${DL_USER} --password=${DL_PW} https://download.checkmk.com/checkmk/${ancient}/check-mk-managed-${ancient}_0.${distro}_amd64.deb -RUN sed -i 's/^\($ModLoad imklog\)/#\1/' /etc/rsyslog.conf +# RUN sed -i 's/^\($ModLoad imklog\)/#\1/' /etc/rsyslog.conf # Fix potential UTF-8 errors with ansible-test. RUN locale-gen en_US.UTF-8 @@ -51,31 +60,60 @@ RUN pip3 install ansible RUN mkdir -p /etc/ansible RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts -# Remove unnecessary units -RUN rm -f /lib/systemd/system/multi-user.target.wants/* \ - /etc/systemd/system/*.wants/* \ - /lib/systemd/system/local-fs.target.wants/* \ - /lib/systemd/system/sockets.target.wants/*udev* \ - /lib/systemd/system/sockets.target.wants/*initctl* \ - /lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup* \ - /lib/systemd/system/systemd-update-utmp* \ - /lib/systemd/system/getty.target - # Install systemctl faker and enable apache2 service at boot COPY files/systemctl3.py /usr/bin/systemctl RUN systemctl enable apache2 # Install Checkmk RUN apt-get update && \ - # mv /usr/bin/systemctl /usr/bin/systemctl.bak && \ - # echo "exit 0" > /usr/bin/systemctl && \ - # chmod +x /usr/bin/systemctl && \ apt-get install -y \ ./check-mk-raw-${ancient}_0.${distro}_amd64.deb \ ./check-mk-raw-${old}_0.${distro}_amd64.deb \ ./check-mk-raw-${stable}_0.${distro}_amd64.deb \ - ./check-mk-cloud-${stable}_0.${distro}_amd64.deb - # && mv /usr/bin/systemctl.bak /usr/bin/systemctl && \ - # chmod +x /usr/bin/systemctl + ./check-mk-cloud-${stable}_0.${distro}_amd64.deb \ + ./check-mk-enterprise-${ancient}_0.${distro}_amd64.deb \ + ./check-mk-managed-${ancient}_0.${distro}_amd64.deb \ + ./check-mk-enterprise-${old}_0.${distro}_amd64.deb \ + ./check-mk-managed-${old}_0.${distro}_amd64.deb \ + ./check-mk-enterprise-${stable}_0.${distro}_amd64.deb \ + ./check-mk-managed-${stable}_0.${distro}_amd64.deb + +# Install Python Versions from Deadsnakes +COPY files/deadsnakes.gpg /etc/apt/keyrings/deadsnakes.gpg +COPY files/deadsnakes.list /etc/apt/sources.list.d/deadsnakes.list +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + python3.8-dev \ + python3.8-distutils \ + python3.8-venv \ + python3.9-dev \ + python3.9-distutils \ + python3.9-venv \ + python3.10-dev \ + python3.10-distutils \ + python3.10-venv \ + python3.11-dev \ + python3.11-distutils \ + python3.11-venv \ + python3.12-dev \ + python3.12-distutils \ + python3.12-venv \ + && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* && \ + rm -rf /usr/share/doc + +# Pre-create Sites +RUN \ + omd -V ${stable}.cre create -A --no-tmpfs --admin-password "d7589df1" "stable_cre" ; \ + omd -V ${stable}.cee create -A --no-tmpfs --admin-password "d7589df1" "stable_cee" ; \ + omd -V ${stable}.cme create -A --no-tmpfs --admin-password "d7589df1" "stable_cme" ; \ + omd -V ${stable}.cce create -A --no-tmpfs --admin-password "d7589df1" "stable_cce" ; \ + omd -V ${old}.cre create -A --no-tmpfs --admin-password "d7589df1" "old_cre" ; \ + omd -V ${old}.cee create -A --no-tmpfs --admin-password "d7589df1" "old_cee" ; \ + omd -V ${old}.cme create -A --no-tmpfs --admin-password "d7589df1" "old_cme" ; \ + omd -V ${ancient}.cre create -A --no-tmpfs --admin-password "d7589df1" "ancient_cre" ; \ + omd -V ${ancient}.cee create -A --no-tmpfs --admin-password "d7589df1" "ancient_cee" ; \ + omd -V ${ancient}.cme create -A --no-tmpfs --admin-password "d7589df1" "ancient_cme" CMD ["/usr/bin/systemctl"] diff --git a/tests/rework/files/deadsnakes.gpg b/tests/rework/files/deadsnakes.gpg new file mode 100644 index 0000000000000000000000000000000000000000..058890d2b9eecc34195d9105d981b31b035dfeb2 GIT binary patch literal 1129 zcmV-v1eW`m0u2ONe0_ld5CG7aW_qML@MGAA^fhI`+!H$UneMLT9dqUVGT$=IZE`~# z{6AWT$3ZvMRu-2lR7CGquJ-!_>l)Z$eilzQ3*3^-|hy_LfcH$tXj( znqt*BpBoQ@p*pVTg*21xEM{&godsTsEX|SU)Y(doplNO5h=%rZAxV8W#TiC=&Dd*0 zqco0N*B0Djgnq9_H=)u#P%Jl9CT%D+|He`EqyIK<$}U~uJ1h-i;5)`PJ{3y(F~5i) zBRTOg|BsPn)++=?v9JJKUUsg&1yQG(DuNUaLTVjwF{~ZWLdjYAm;n;$BtemT=-Dbp zqxBQ9SIw48qi2LKyX~G7vr<;4IsP^fAZS>1Xk`YG6vJB@nx%u*mU+>}$?Hr?)VG{{ zY^ka1`Ys6ZRDV!^qLr%8O>NT?MyXm`2lL~1Ag0mBY#^-`O`!oU$y;y9>;n~qp(GvI z#@^KnF1x&-CDi~C0RREC986(#ZewV0VPqgsP(dJOZ*m}HWnpAbBO{t1QP)Q z03rnfS$utg0viJc3ke7Z0|EvW2m%QT3j`Jd0|5da0Rk6*0162Zx@j^tYIRq3{2>qi zC?kBFk>aQIqD?h2Y|9QZbjb(+=SKQA*|CfNtlsxgR0Y)#JRC0dNI9E#LvHg)CX=@#t^_7ovEea&#mXD?k1H(Uw6SS`BtoN`&+f)f22FK$>B_- zt{2nLu%BrdU@B_id!vdqzKIo^;KR2Y!pn=w0RVIVlR%993(`fl#_*8PkpRcvu^*er zg#1fwB{;E+pa_2}pqlXqeah#>qbLR{8tNX5aSF`5j~gZ`@uISGIZ=3#j`3de7{WZ- z3@--J^uX~f&_$%7lEimWCE1TZFH5Ug`GZ=S5znEW)N4lb;@z4F%fEg})f&azG#0Zo zg1uN>y6crK{l4W5x+7l28Ql7AsOlaW0{tx*`<`Hk>gXscLuv7q+!&t$8x8we>UPfD vvkr(?r>FnoVW7)mm{-(zOThWa5Y$tkQtd0bo)ip9*WG@;1%2}7p7BEWXEr8& literal 0 HcmV?d00001 diff --git a/tests/rework/files/deadsnakes.list b/tests/rework/files/deadsnakes.list new file mode 100644 index 000000000..711eb1969 --- /dev/null +++ b/tests/rework/files/deadsnakes.list @@ -0,0 +1,2 @@ +deb [signed-by=/etc/apt/keyrings/deadsnakes.gpg] http://ppa.launchpad.net/deadsnakes/ppa/ubuntu jammy main +deb-src [signed-by=/etc/apt/keyrings/deadsnakes.gpg] http://ppa.launchpad.net/deadsnakes/ppa/ubuntu jammy main From 5673cff7b8b844ac8690f9db8ad7a9b67885fcf8 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 27 Dec 2023 16:47:57 +0100 Subject: [PATCH 014/114] Add first draft of GitHub Action. --- .github/workflows/container-build.yaml | 39 ++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/workflows/container-build.yaml diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml new file mode 100644 index 000000000..81103613f --- /dev/null +++ b/.github/workflows/container-build.yaml @@ -0,0 +1,39 @@ +name: Build Test Container Images +on: + workflow_dispatch: + schedule: + - cron: '0 0 * * 0' + +jobs: + + build: + runs-on: ubuntu-latest + name: Build Container + + steps: + - name: Check out code + uses: actions/checkout@v4 + with: + path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.11' + + - name: Install ansible-base (${{ matrix.ansible }}) + run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check + + - name: Provide secrets file + run: echo "${{ secrets.CHECKMK_DOWNLOAD_PW }}" > ./tests/integration/files/.dl-secret + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + env: + CHECKMK_DOWNLOAD_PW: ${{ secrets.CHECKMK_DOWNLOAD_PW }} + + - name: Docker Build + run: docker build -t ansible-checkmk-test ./ --build-arg DL_USER=d-gh-ansible-dl --build-arg DL_PW=${{ secrets.CHECKMK_DOWNLOAD_PW }} + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/rework + + - name: Run integration tests + run: ansible-test integration -v --color --retry-on-error --continue-on-error --diff --python 3.11 --docker ansible-checkmk-test + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} From 100fe86d933e45cd04e209edcc2c1d7d033c0541 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 27 Dec 2023 17:15:04 +0100 Subject: [PATCH 015/114] Add sanity ignores for irrelevant files. --- tests/sanity/ignore-2.13.txt | 4 ++++ tests/sanity/ignore-2.14.txt | 4 ++++ tests/sanity/ignore-2.15.txt | 4 ++++ tests/sanity/ignore-2.16.txt | 4 ++++ tests/sanity/ignore-devel.txt | 4 ++++ 5 files changed, 20 insertions(+) create mode 100644 tests/sanity/ignore-2.13.txt create mode 100644 tests/sanity/ignore-2.14.txt create mode 100644 tests/sanity/ignore-2.15.txt create mode 100644 tests/sanity/ignore-2.16.txt create mode 100644 tests/sanity/ignore-devel.txt diff --git a/tests/sanity/ignore-2.13.txt b/tests/sanity/ignore-2.13.txt new file mode 100644 index 000000000..37b7aa705 --- /dev/null +++ b/tests/sanity/ignore-2.13.txt @@ -0,0 +1,4 @@ +tests/rework/files/systemctl3.py pep8!skip +tests/rework/files/systemctl3.py no-basestring!skip +tests/rework/files/systemctl3.py pylint!skip +tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.14.txt b/tests/sanity/ignore-2.14.txt new file mode 100644 index 000000000..37b7aa705 --- /dev/null +++ b/tests/sanity/ignore-2.14.txt @@ -0,0 +1,4 @@ +tests/rework/files/systemctl3.py pep8!skip +tests/rework/files/systemctl3.py no-basestring!skip +tests/rework/files/systemctl3.py pylint!skip +tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.15.txt b/tests/sanity/ignore-2.15.txt new file mode 100644 index 000000000..37b7aa705 --- /dev/null +++ b/tests/sanity/ignore-2.15.txt @@ -0,0 +1,4 @@ +tests/rework/files/systemctl3.py pep8!skip +tests/rework/files/systemctl3.py no-basestring!skip +tests/rework/files/systemctl3.py pylint!skip +tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.16.txt b/tests/sanity/ignore-2.16.txt new file mode 100644 index 000000000..37b7aa705 --- /dev/null +++ b/tests/sanity/ignore-2.16.txt @@ -0,0 +1,4 @@ +tests/rework/files/systemctl3.py pep8!skip +tests/rework/files/systemctl3.py no-basestring!skip +tests/rework/files/systemctl3.py pylint!skip +tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file diff --git a/tests/sanity/ignore-devel.txt b/tests/sanity/ignore-devel.txt new file mode 100644 index 000000000..37b7aa705 --- /dev/null +++ b/tests/sanity/ignore-devel.txt @@ -0,0 +1,4 @@ +tests/rework/files/systemctl3.py pep8!skip +tests/rework/files/systemctl3.py no-basestring!skip +tests/rework/files/systemctl3.py pylint!skip +tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file From b37d6b562005c2cda245529b2b0804ad412a0098 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 07:55:22 +0100 Subject: [PATCH 016/114] Reorganize folder structure. --- tests/{rework => container}/Dockerfile | 0 tests/{rework => container}/README.md | 0 tests/{rework => container}/files/LICENSE | 0 tests/{rework => container}/files/README.md | 0 .../files/deadsnakes.gpg | Bin .../files/deadsnakes.list | 0 .../{rework => container}/files/systemctl3.py | 0 tests/rework/Dockerfile.ansible-test | 14 --- tests/rework/Dockerfile.base-test-container | 94 ------------------ .../Dockerfile.docker-ubuntu2204-ansible | 47 --------- 10 files changed, 155 deletions(-) rename tests/{rework => container}/Dockerfile (100%) rename tests/{rework => container}/README.md (100%) rename tests/{rework => container}/files/LICENSE (100%) rename tests/{rework => container}/files/README.md (100%) rename tests/{rework => container}/files/deadsnakes.gpg (100%) rename tests/{rework => container}/files/deadsnakes.list (100%) rename tests/{rework => container}/files/systemctl3.py (100%) delete mode 100644 tests/rework/Dockerfile.ansible-test delete mode 100644 tests/rework/Dockerfile.base-test-container delete mode 100644 tests/rework/Dockerfile.docker-ubuntu2204-ansible diff --git a/tests/rework/Dockerfile b/tests/container/Dockerfile similarity index 100% rename from tests/rework/Dockerfile rename to tests/container/Dockerfile diff --git a/tests/rework/README.md b/tests/container/README.md similarity index 100% rename from tests/rework/README.md rename to tests/container/README.md diff --git a/tests/rework/files/LICENSE b/tests/container/files/LICENSE similarity index 100% rename from tests/rework/files/LICENSE rename to tests/container/files/LICENSE diff --git a/tests/rework/files/README.md b/tests/container/files/README.md similarity index 100% rename from tests/rework/files/README.md rename to tests/container/files/README.md diff --git a/tests/rework/files/deadsnakes.gpg b/tests/container/files/deadsnakes.gpg similarity index 100% rename from tests/rework/files/deadsnakes.gpg rename to tests/container/files/deadsnakes.gpg diff --git a/tests/rework/files/deadsnakes.list b/tests/container/files/deadsnakes.list similarity index 100% rename from tests/rework/files/deadsnakes.list rename to tests/container/files/deadsnakes.list diff --git a/tests/rework/files/systemctl3.py b/tests/container/files/systemctl3.py similarity index 100% rename from tests/rework/files/systemctl3.py rename to tests/container/files/systemctl3.py diff --git a/tests/rework/Dockerfile.ansible-test b/tests/rework/Dockerfile.ansible-test deleted file mode 100644 index 22a6eda45..000000000 --- a/tests/rework/Dockerfile.ansible-test +++ /dev/null @@ -1,14 +0,0 @@ -FROM quay.io/ansible/base-test-container:6.0.0 - -COPY requirements /usr/share/container-setup/default/requirements/ -COPY freeze /usr/share/container-setup/default/freeze/ - -RUN pwsh /usr/share/container-setup/default/requirements/sanity.pslint.ps1 -IsContainer && \ - rm -rf /tmp/.dotnet /tmp/Microsoft.PackageManagement - -COPY files/pre-build /usr/share/container-setup/pre-build/ -COPY files/requirements.py /usr/share/container-setup/ -RUN /usr/share/container-setup/python -B /usr/share/container-setup/requirements.py default - -COPY files/prime.py files/ansible-test-*.txt /usr/share/container-setup/ -RUN /usr/share/container-setup/python -B /usr/share/container-setup/prime.py default diff --git a/tests/rework/Dockerfile.base-test-container b/tests/rework/Dockerfile.base-test-container deleted file mode 100644 index b379778ab..000000000 --- a/tests/rework/Dockerfile.base-test-container +++ /dev/null @@ -1,94 +0,0 @@ -FROM quay.io/bedrock/ubuntu:focal-20230801 - -RUN apt-get update -y && \ - DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - ca-certificates \ - curl \ - g++ \ - gcc \ - git \ - gnupg2 \ - libbz2-dev \ - libffi-dev \ - libreadline-dev \ - libsqlite3-dev \ - libxml2-dev \ - libxslt1-dev \ - libyaml-dev \ - locales \ - make \ - openssh-client \ - openssh-server \ - openssl \ - python3.8-dev \ - python3.8-distutils \ - python3.8-venv \ - python3.9-dev \ - python3.9-distutils \ - python3.9-venv \ - shellcheck \ - sudo \ - systemd-sysv \ - && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -COPY files/deadsnakes.gpg /etc/apt/keyrings/deadsnakes.gpg -COPY files/deadsnakes.list /etc/apt/sources.list.d/deadsnakes.list - -# Install Python versions available from the deadsnakes PPA. -# This is done separately to avoid conflicts with official Ubuntu packages. -RUN apt-get update -y && \ - DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - python3.7-dev \ - python3.7-distutils \ - python3.7-venv \ - python3.10-dev \ - python3.10-distutils \ - python3.10-venv \ - python3.11-dev \ - python3.11-distutils \ - python3.11-venv \ - python3.12-dev \ - python3.12-distutils \ - python3.12-venv \ - && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -RUN rm /etc/apt/apt.conf.d/docker-clean && \ - ln -s python3 /usr/bin/python && \ - locale-gen en_US.UTF-8 - -# Install PowerShell using a binary archive. -# This allows pinning to a specific version, and also brings support for multiple architectures. -RUN version="7.3.8" && \ - major_version="$(echo ${version} | cut -f 1 -d .)" && \ - install_dir="/opt/microsoft/powershell/${major_version}" && \ - tmp_file="/tmp/powershell.tgz" && \ - arch="$(uname -i)" && \ - arch=$(if [ "${arch}" = "x86_64" ]; then echo "x64"; \ - elif [ "${arch}" = "aarch64" ]; then echo "arm64"; \ - else echo "unknown arch: ${arch}" && exit 1; fi) && \ - url="https://github.com/PowerShell/PowerShell/releases/download/v${version}/powershell-${version}-linux-${arch}.tar.gz" && \ - echo "URL: ${url}" && \ - curl -sL "${url}" > "${tmp_file}" && \ - mkdir -p "${install_dir}" && \ - tar zxf "${tmp_file}" --no-same-owner --no-same-permissions -C "${install_dir}" && \ - rm "${tmp_file}" && \ - find "${install_dir}" -type f -exec chmod -x "{}" ";" && \ - chmod +x "${install_dir}/pwsh" && \ - ln -s "${install_dir}/pwsh" /usr/bin/pwsh && \ - pwsh --version - -ENV container=docker -CMD ["/sbin/init"] - -# Install pip last to speed up local container rebuilds. -COPY files/*.py /usr/share/container-setup/ -RUN ln -s /usr/bin/python3.12 /usr/share/container-setup/python -RUN /usr/share/container-setup/python -B /usr/share/container-setup/setup.py - -# Make sure the pip entry points in /usr/bin are correct. -RUN rm -f /usr/bin/pip3 && cp -av /usr/local/bin/pip3 /usr/bin/pip3 && /usr/bin/pip3 -V && \ - rm -f /usr/bin/pip && cp -av /usr/local/bin/pip /usr/bin/pip && /usr/bin/pip -V diff --git a/tests/rework/Dockerfile.docker-ubuntu2204-ansible b/tests/rework/Dockerfile.docker-ubuntu2204-ansible deleted file mode 100644 index 8054b9489..000000000 --- a/tests/rework/Dockerfile.docker-ubuntu2204-ansible +++ /dev/null @@ -1,47 +0,0 @@ -FROM ubuntu:22.04 -LABEL maintainer="Jeff Geerling" - -ARG DEBIAN_FRONTEND=noninteractive - -ENV pip_packages "ansible" - -# Install dependencies. -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - apt-utils \ - build-essential \ - locales \ - libffi-dev \ - libssl-dev \ - libyaml-dev \ - python3-dev \ - python3-setuptools \ - python3-pip \ - python3-yaml \ - software-properties-common \ - rsyslog systemd systemd-cron sudo iproute2 \ - && apt-get clean \ - && rm -Rf /var/lib/apt/lists/* \ - && rm -Rf /usr/share/doc && rm -Rf /usr/share/man -RUN sed -i 's/^\($ModLoad imklog\)/#\1/' /etc/rsyslog.conf - -# Fix potential UTF-8 errors with ansible-test. -RUN locale-gen en_US.UTF-8 - -# Install Ansible via Pip. -RUN pip3 install $pip_packages - -COPY initctl_faker . -RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl - -# Install Ansible inventory file. -RUN mkdir -p /etc/ansible -RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts - -# Remove unnecessary getty and udev targets that result in high CPU usage when using -# multiple containers with Molecule (https://github.com/ansible/molecule/issues/1104) -RUN rm -f /lib/systemd/system/systemd*udev* \ - && rm -f /lib/systemd/system/getty.target - -VOLUME ["/sys/fs/cgroup", "/tmp", "/run"] -CMD ["/lib/systemd/systemd"] From 23386637ae238bb3733700d68f8b289e980f1565 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 07:55:38 +0100 Subject: [PATCH 017/114] Try to trigger container build action. --- .github/workflows/container-build.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index 81103613f..2e250b4cb 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -3,6 +3,9 @@ on: workflow_dispatch: schedule: - cron: '0 0 * * 0' + push: + paths: + - 'tests/container/' jobs: From 124d5d25578e9f8585ade529aee11c98f0fc8775 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:01:47 +0100 Subject: [PATCH 018/114] Update GitHub Action. --- .github/workflows/container-build.yaml | 35 +++++++++++++++++++------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index 2e250b4cb..8959b4782 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -1,3 +1,9 @@ +env: + NAMESPACE: checkmk + COLLECTION_NAME: general + CONTAINER_ROOT: "./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container" + CONTAINER_NAME: "ansible-checkmk-test" + name: Build Test Container Images on: workflow_dispatch: @@ -14,29 +20,40 @@ jobs: name: Build Container steps: - - name: Check out code + - name: "Check out code" uses: actions/checkout@v4 with: path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - - name: Set up Python + - name: "Set up Python" uses: actions/setup-python@v5 with: python-version: '3.11' - - name: Install ansible-base (${{ matrix.ansible }}) + - name: "Install ansible-base (${{ matrix.ansible }})" run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check - - name: Provide secrets file + - name: "Provide secrets file" run: echo "${{ secrets.CHECKMK_DOWNLOAD_PW }}" > ./tests/integration/files/.dl-secret working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} env: CHECKMK_DOWNLOAD_PW: ${{ secrets.CHECKMK_DOWNLOAD_PW }} - - name: Docker Build - run: docker build -t ansible-checkmk-test ./ --build-arg DL_USER=d-gh-ansible-dl --build-arg DL_PW=${{ secrets.CHECKMK_DOWNLOAD_PW }} - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/rework + - name: "Docker Build" + run: docker build -t ${{ env.CONTAINER_NAME }} ./ --build-arg DL_USER=d-gh-ansible-dl --build-arg DL_PW=${{ secrets.CHECKMK_DOWNLOAD_PW }} + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container + + - name: "Docker Save" + run: docker save ${{ env.CONTAINER_NAME }}:latest > ${{ env.CONTAINER_ROOT }}/${{ env.CONTAINER_NAME }}-latest-image.tar.gz" + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container + + - name: "Upload Artifact" + run: CLOUDSEND_PASSWORD=${{ secrets.NEXTCLOUD_PW }} ./scripts/cloudsend/cloudsend.sh -e ${{ env.CONTAINER_NAME }}-latest-image.tar.gz $(CLOUD_SHARE) + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container + env: + NEXTCLOUD_PW: ${{ secrets.NEXTCLOUD_PW }} + CLOUDSEND_PASSWORD: ${{ secrets.NEXTCLOUD_PW }} - - name: Run integration tests - run: ansible-test integration -v --color --retry-on-error --continue-on-error --diff --python 3.11 --docker ansible-checkmk-test + - name: "Run integration test for testing" + run: ansible-test integration activation -v --color --retry-on-error --continue-on-error --diff --python 3.11 --docker-privileged ${{ env.CONTAINER_NAME }} working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} From 5f77368b340076cc1c16208f6d044c60965c4747 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:01:58 +0100 Subject: [PATCH 019/114] Add cloudsend. --- scripts/cloudsend/LICENSE | 661 ++++++++++++++++++++++++++++++ scripts/cloudsend/README.md | 184 +++++++++ scripts/cloudsend/cloudsend.sh | 708 +++++++++++++++++++++++++++++++++ 3 files changed, 1553 insertions(+) create mode 100644 scripts/cloudsend/LICENSE create mode 100644 scripts/cloudsend/README.md create mode 100755 scripts/cloudsend/cloudsend.sh diff --git a/scripts/cloudsend/LICENSE b/scripts/cloudsend/LICENSE new file mode 100644 index 000000000..ff5ef5392 --- /dev/null +++ b/scripts/cloudsend/LICENSE @@ -0,0 +1,661 @@ +GNU AFFERO GENERAL PUBLIC LICENSE +Version 3, 19 November 2007 + +Copyright (C) 2007 Free Software Foundation, Inc. +Everyone is permitted to copy and distribute verbatim copies +of this license document, but changing it is not allowed. + + Preamble + +The GNU Affero General Public License is a free, copyleft license for +software and other kinds of works, specifically designed to ensure +cooperation with the community in the case of network server software. + +The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +our General Public Licenses are intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. + +When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + +Developers that use our General Public Licenses protect your rights +with two steps: (1) assert copyright on the software, and (2) offer +you this License which gives you legal permission to copy, distribute +and/or modify the software. + +A secondary benefit of defending all users' freedom is that +improvements made in alternate versions of the program, if they +receive widespread use, become available for other developers to +incorporate. Many developers of free software are heartened and +encouraged by the resulting cooperation. However, in the case of +software used on network servers, this result may fail to come about. +The GNU General Public License permits making a modified version and +letting the public access it on a server without ever releasing its +source code to the public. + +The GNU Affero General Public License is designed specifically to +ensure that, in such cases, the modified source code becomes available +to the community. It requires the operator of a network server to +provide the source code of the modified version running there to the +users of that server. Therefore, public use of a modified version, on +a publicly accessible server, gives the public access to the source +code of the modified version. + +An older license, called the Affero General Public License and +published by Affero, was designed to accomplish similar goals. This is +a different license, not a version of the Affero GPL, but Affero has +released a new version of the Affero GPL which permits relicensing under +this license. + +The precise terms and conditions for copying, distribution and +modification follow. + +TERMS AND CONDITIONS + +0. Definitions. + +"This License" refers to version 3 of the GNU Affero General Public License. + +"Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + +"The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + +To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + +A "covered work" means either the unmodified Program or a work based +on the Program. + +To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + +To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + +An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + +1. Source Code. + +The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + +A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + +The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + +The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + +The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + +The Corresponding Source for a work in source code form is that +same work. + +2. Basic Permissions. + +All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + +You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + +Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + +3. Protecting Users' Legal Rights From Anti-Circumvention Law. + +No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + +When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + +4. Conveying Verbatim Copies. + +You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + +You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + +5. Conveying Modified Source Versions. + +You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + +a) The work must carry prominent notices stating that you modified +it, and giving a relevant date. + +b) The work must carry prominent notices stating that it is +released under this License and any conditions added under section +7. This requirement modifies the requirement in section 4 to +"keep intact all notices". + +c) You must license the entire work, as a whole, under this +License to anyone who comes into possession of a copy. This +License will therefore apply, along with any applicable section 7 +additional terms, to the whole of the work, and all its parts, +regardless of how they are packaged. This License gives no +permission to license the work in any other way, but it does not +invalidate such permission if you have separately received it. + +d) If the work has interactive user interfaces, each must display +Appropriate Legal Notices; however, if the Program has interactive +interfaces that do not display Appropriate Legal Notices, your +work need not make them do so. + +A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + +6. Conveying Non-Source Forms. + +You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + +a) Convey the object code in, or embodied in, a physical product +(including a physical distribution medium), accompanied by the +Corresponding Source fixed on a durable physical medium +customarily used for software interchange. + +b) Convey the object code in, or embodied in, a physical product +(including a physical distribution medium), accompanied by a +written offer, valid for at least three years and valid for as +long as you offer spare parts or customer support for that product +model, to give anyone who possesses the object code either (1) a +copy of the Corresponding Source for all the software in the +product that is covered by this License, on a durable physical +medium customarily used for software interchange, for a price no +more than your reasonable cost of physically performing this +conveying of source, or (2) access to copy the +Corresponding Source from a network server at no charge. + +c) Convey individual copies of the object code with a copy of the +written offer to provide the Corresponding Source. This +alternative is allowed only occasionally and noncommercially, and +only if you received the object code with such an offer, in accord +with subsection 6b. + +d) Convey the object code by offering access from a designated +place (gratis or for a charge), and offer equivalent access to the +Corresponding Source in the same way through the same place at no +further charge. You need not require recipients to copy the +Corresponding Source along with the object code. If the place to +copy the object code is a network server, the Corresponding Source +may be on a different server (operated by you or a third party) +that supports equivalent copying facilities, provided you maintain +clear directions next to the object code saying where to find the +Corresponding Source. Regardless of what server hosts the +Corresponding Source, you remain obligated to ensure that it is +available for as long as needed to satisfy these requirements. + +e) Convey the object code using peer-to-peer transmission, provided +you inform other peers where the object code and Corresponding +Source of the work are being offered to the general public at no +charge under subsection 6d. + +A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + +A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + +"Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + +If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + +The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + +Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + +7. Additional Terms. + +"Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + +When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + +Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + +a) Disclaiming warranty or limiting liability differently from the +terms of sections 15 and 16 of this License; or + +b) Requiring preservation of specified reasonable legal notices or +author attributions in that material or in the Appropriate Legal +Notices displayed by works containing it; or + +c) Prohibiting misrepresentation of the origin of that material, or +requiring that modified versions of such material be marked in +reasonable ways as different from the original version; or + +d) Limiting the use for publicity purposes of names of licensors or +authors of the material; or + +e) Declining to grant rights under trademark law for use of some +trade names, trademarks, or service marks; or + +f) Requiring indemnification of licensors and authors of that +material by anyone who conveys the material (or modified versions of +it) with contractual assumptions of liability to the recipient, for +any liability that these contractual assumptions directly impose on +those licensors and authors. + +All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + +If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + +Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + +8. Termination. + +You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + +However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + +Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + +Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + +9. Acceptance Not Required for Having Copies. + +You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + +10. Automatic Licensing of Downstream Recipients. + +Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + +An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + +You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + +11. Patents. + +A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + +A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + +Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + +In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + +If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + +If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + +A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + +Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + +12. No Surrender of Others' Freedom. + +If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + +13. Remote Network Interaction; Use with the GNU General Public License. + +Notwithstanding any other provision of this License, if you modify the +Program, your modified version must prominently offer all users +interacting with it remotely through a computer network (if your version +supports such interaction) an opportunity to receive the Corresponding +Source of your version by providing access to the Corresponding Source +from a network server at no charge, through some standard or customary +means of facilitating copying of software. This Corresponding Source +shall include the Corresponding Source for any work covered by version 3 +of the GNU General Public License that is incorporated pursuant to the +following paragraph. + +Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the work with which it is combined will remain governed by version +3 of the GNU General Public License. + +14. Revised Versions of this License. + +The Free Software Foundation may publish revised and/or new versions of +the GNU Affero General Public License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU Affero General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU Affero General Public License, you may choose any version ever published +by the Free Software Foundation. + +If the Program specifies that a proxy can decide which future +versions of the GNU Affero General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + +Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + +15. Disclaimer of Warranty. + +THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + +16. Limitation of Liability. + +IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + +17. Interpretation of Sections 15 and 16. + +If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + +END OF TERMS AND CONDITIONS + +How to Apply These Terms to Your New Programs + +If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + +To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + +Copyright (C) + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU Affero General Public License as published +by the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU Affero General Public License for more details. + +You should have received a copy of the GNU Affero General Public License +along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + +If your software can interact with users remotely through a computer +network, you should also make sure that it provides a way for users to +get its source. For example, if your program is a web application, its +interface could display a "Source" link that leads users to an archive +of the code. There are many ways you could offer source, and different +solutions will be better for different programs; see section 13 for the +specific requirements. + +You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU AGPL, see +. diff --git a/scripts/cloudsend/README.md b/scripts/cloudsend/README.md new file mode 100644 index 000000000..864bb576e --- /dev/null +++ b/scripts/cloudsend/README.md @@ -0,0 +1,184 @@ +# Tavinus CloudSender2 +Bash script that uses curl to send files and folders to a [nextcloud](https://nextcloud.com) / [owncloud](https://owncloud.org) publicly shared folder. + + +---------------------------------------------- +#### If you want to support this project, you can do it here :coffee: :beer: + +[![paypal-image](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=AJNPRBY9EDXJJ&source=url) + +--- + +***The logic is*** +``` +cloudsend +``` +[The Origins are here](https://gist.github.com/tavinus/93bdbc051728748787dc22a58dfe58d8), +Thanks for everyone that contributed on [the original GIST](https://gist.github.com/tavinus/93bdbc051728748787dc22a58dfe58d8) + +--- + +**Also check my [cloudmanager app](https://github.com/tavinus/cloudmanager) for a full nextcloud/owncloud webdav client.** + +--- + +### Shares with passwords +**Cloudsend v2 changed the way password parsing works.** +Cloudsend 0.x.x used the `-p` parameter for the Environment password (changed to `-e` in v2+). +Please use EITHER `-e` OR `-p`, but not both. The last to be called will be used. + + - **Env Pass** *>* Set the variable `CLOUDSEND_PASSWORD='MySecretPass'` and use the option `-e` + - **Param Pass** *>* Send the password as a parameter with `-p ` + +### Input Globbing +You can use input globbing (wildcards) by setting the `-g` option. +This will ignore input file checking and pass the glob to curl to be used. +You *MUST NOT* rename files when globbing, input file names will be used. +You *MUST NOT* send folders when globbing, only files are allowed. + +**Glob examples:** + - `'{file1.txt,file2.txt,file3.txt}'` + - `'img[1-100].png'` + +**More info on globbing** +https://github.com/tavinus/cloudsend.sh/wiki/Input-Globbing + +### Read from stdin (pipes) +You can send piped content by using `-` or `.` as the input file name *(curl specs)*. +You *MUST* set a destination file name to use stdin as input ( `-r ` ). + +**From curl's manual:** +Use the file name `-` (a single dash) to use stdin instead of a given file. +Alternately, the file name `.` (a single period) may be specified instead of `-` to use +stdin in non-blocking mode to allow reading server output while stdin is being uploaded. + +### Sending entire folder +From v2.2.0 `cloudsend.sh` can send folders. It will traverse the folder tree, create +each folder and send each file. **Just use a folder path as input.** + +![image](https://user-images.githubusercontent.com/8039413/116766734-6a98fe00-aa02-11eb-9553-de06c39e3d0e.png) + +#### Other ways to send folders: + +*This sends every **FILE** in the current shell folder.* + - change the first `./` to change the input folder ( *eg.* `'/home/myname/myfolder'` ) + - `-maxdepth 1` will read current folder only, more levels go deeper, supressing goes all levels +```bash +find ./ -maxdepth 1 -type f -exec ./cloudsend.sh {} https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG -p yourPassword \; +``` + +---- + +*This sends every **FILE** inside `/home/myname/myfolder`, including ALL subfolders.* +```bash +find /home/myname/myfolder -type f -exec ./cloudsend.sh {} https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG -p yourPassword \; +``` + +---- + +*This sends a gziped tarball of the current shell folder.* +```bash +tar cf - "$(pwd)" | gzip -9 -c | ./cloudsend.sh - 'https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG' -r myfolder.tar.gz +``` + +---- + +*This sends a gziped tarball of `/home/myname/myfolder`.* +```bash +tar cf - /home/myname/myfolder | gzip -9 -c | ./cloudsend.sh - 'https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG' -r myfolder.tar.gz +``` + +---- + +*This sends a recursive zip file of `/home/myname/myfolder`.* +```bash +zip -q -r -9 - /home/myname/myfolder | ./cloudsend.sh - 'https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG' -r myfolder.zip +``` + +---- + +### Help info +``` +$./cloudsend.sh --help +Tavinus Cloud Sender v2.2.8 + +Parameters: + -h | --help Print this help and exits + -q | --quiet Disables verbose messages + -V | --version Prints version and exits + -r | --rename Change the destination file name + -g | --glob Disable input file checking to use curl globs + -k | --insecure Uses curl with -k option (https insecure) + -l | --limit-rate Uses curl limit-rate (eg 100k, 1M) + -a | --abort-on-errors Aborts on Webdav response errors + -p | --password Uses as shared folder password + -e | --envpass Uses env var $CLOUDSEND_PASSWORD as share password + You can 'export CLOUDSEND_PASSWORD' at your system, or set it at the call + Please remeber to also call -e to use the password set + +Use: + ./cloudsend.sh [options] + CLOUDSEND_PASSWORD='MySecretPass' ./cloudsend.sh -e [options] + +Passwords: + Cloudsend 2 changed the way password works + Cloudsend 0.x.x used the '-p' parameter for the Environment password (changed to -e in v2+) + Please use EITHER -e OR -p, but not both. The last to be called will be used + + Env Pass > Set the variable CLOUDSEND_PASSWORD='MySecretPass' and use the option '-e' + Param Pass > Send the password as a parameter with '-p ' + +Folders: + Cloudsend 2.2.0 introduces folder tree sending. Just use a directory as . + It will traverse all files and folders, create the needed folders and send all files. + Each folder creation and file sending will require a curl call. + +Input Globbing: + You can use input globbing (wildcards) by setting the -g option + This will ignore input file checking and pass the glob to curl to be used + You MUST NOT rename files when globbing, input file names will be used + You MUST NOT send folders when globbing, only files are allowed + Glob examples: '{file1.txt,file2.txt,file3.txt}' + 'img[1-100].png' + +Send from stdin (pipe): + You can send piped content by using - or . as the input file name (curl specs) + You MUST set a destination file name to use stdin as input (-r ) + + Use the file name '-' (a single dash) to use stdin instead of a given file + Alternately, the file name '.' (a single period) may be specified instead of '-' to use + stdin in non-blocking mode to allow reading server output while stdin is being uploaded + +Examples: + CLOUDSEND_PASSWORD='MySecretPass' ./cloudsend.sh -e './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh 'my Folder' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh -r 'RenamedFile.txt' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh --limit-rate 200K -p 'MySecretPass' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh -p 'MySecretPass' -r 'RenamedFile.txt' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh -g -p 'MySecretPass' '{file1,file2,file3}' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + cat file | ./cloudsend.sh - 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' -r destFileName + + +``` + +--- + +### Questions +*Whats is "https://cloud.mydomain.net/s/fLDzToZF4MLvG28"? +What is a "folderlink"? +Where do i get it from? +Specially the "s/fLDzToZF4MLvG28" part?* + +**You have to share a Folder writable and use the generated link** + +![Shared Folder Screenshot](https://user-images.githubusercontent.com/8039413/81998321-9a4fca00-9628-11ea-8fbc-7e5c7d0faaf0.png) + +--- + +### Troubleshooting +From [Nextcloud 21 Documentation](https://docs.nextcloud.com/server/21/user_manual/en/files/access_webdav.html#accessing-public-shares-over-webdav) +![image](https://user-images.githubusercontent.com/8039413/116769994-b05fc180-aa16-11eb-80bc-e37ff45d1c38.png) + + + diff --git a/scripts/cloudsend/cloudsend.sh b/scripts/cloudsend/cloudsend.sh new file mode 100755 index 000000000..71892acd1 --- /dev/null +++ b/scripts/cloudsend/cloudsend.sh @@ -0,0 +1,708 @@ +#!/usr/bin/env bash + +############################################################ +# +# Tavinus Cloud Sender 2 +# cloudsend.sh +# https://github.com/tavinus/cloudsend.sh +# +# Uses curl to send files to a shared +# Nextcloud/Owncloud folder +# +# Usage: ./cloudsend.sh +# Help: ./cloudsend.sh -h +# +# Gustavo Arnosti Neves +# https://github.com/tavinus +# +# Contributors: +# @MG2R @gessel +# +# Get this script to current folder with: +# curl -O 'https://raw.githubusercontent.com/tavinus/cloudsend.sh/master/cloudsend.sh' && chmod +x cloudsend.sh +# +# NOTE: Cloudsend 2 changed the way password is handled and +# is NOT compatible with cloudsend 1 calls. The -e parameter +# now does what -p parameter did (environment passwords), +# while the -p parameter receives the password directly. +# +############################################################ + + + + + +CS_VERSION="2.2.8" + +TRUE=0 +FALSE=1 + +CLOUDURL="" +FOLDERTOKEN="" +INNERPATH="" + +PUBSUFFIX="public.php/webdav" +HEADER='X-Requested-With: XMLHttpRequest' + +CLOUDSEND_PARAMS=() +INSECURE='' +OUTFILE='' + +RENAMING=$FALSE +QUIETMODE=$FALSE +GLOBBING=$FALSE +LIMITTING=$FALSE +LIMITCMD='' +RATELIMIT='' +GLOBCMD=' -g' +VERBOSE=' --progress-bar' + +STTYBIN="$(command -v stty 2>/dev/null)" +BASENAMEBIN="$(command -v basename 2>/dev/null)" +FINDBIN="$(command -v find 2>/dev/null)" +SCREENSIZE="40 80" + +DIRLIST=() +FILELIST=() + +CURLEXIT=0 +CURLRESPONSES="" +ABORTONERRORS=$FALSE + + + + + +################################################################ +#### CURL CALL EXAMPLE + +# https://cloud.mydomain.net/s/fLDzToZF4MLvG28 +# curl -k -T myFile.ext -u "fLDzToZF4MLvG28:" -H 'X-Requested-With: XMLHttpRequest' https://cloud.mydomain.net/public.php/webdav/myFile.ext + + + + + +################################################################ +#### MESSAGES +################################################################ + + +# Logs message to stdout +log() { + isQuietMode || printf "%s\n" "$@" +} + + +# Logs message to stdout +logSameLine() { + isQuietMode || printf "%s" "$@" +} + + +# Prints program name and version +printVersion() { + printf "%s\n" "Tavinus Cloud Sender v$CS_VERSION" +} + + +# Prints error messages and exits +initError() { + printVersion >&2 + printf "%s\n" "Init Error! $1" >&2 + printf "%s\n" "Try: $0 --help" >&2 + exit 5 +} + + +# Curl summed exit codes +# Will be 0 if no curl call had errors +curlAddExitCode() { + ((CURLEXIT=CURLEXIT+$1)) +} + + +# Curl appended messages +# Will probably be empty if curl was able to perfom as intended +curlAddResponse() { + if isNotEmpty "$1"; then + isEmpty "$CURLRESPONSES" && CURLRESPONSES="$2"$'\n'"$1" || CURLRESPONSES="$CURLRESPONSES"$'\n----------------\n'"$2"$'\n'"$1" + fi +} + + +# Prints usage information (help) +usage() { + printVersion + printf "%s" " +Parameters: + -h | --help Print this help and exits + -q | --quiet Disables verbose messages + -V | --version Prints version and exits + -r | --rename Change the destination file name + -g | --glob Disable input file checking to use curl globs + -k | --insecure Uses curl with -k option (https insecure) + -l | --limit-rate Uses curl limit-rate (eg 100k, 1M) + -a | --abort-on-errors Aborts on Webdav response errors + -p | --password Uses as shared folder password + -e | --envpass Uses env var \$CLOUDSEND_PASSWORD as share password + You can 'export CLOUDSEND_PASSWORD' at your system, or set it at the call + Please remeber to also call -e to use the password set + +Use: + ./cloudsend.sh [options] + CLOUDSEND_PASSWORD='MySecretPass' ./cloudsend.sh -e [options] + +Passwords: + Cloudsend 2 changed the way password works + Cloudsend 0.x.x used the '-p' parameter for the Environment password (changed to -e in v2+) + Please use EITHER -e OR -p, but not both. The last to be called will be used + + Env Pass > Set the variable CLOUDSEND_PASSWORD='MySecretPass' and use the option '-e' + Param Pass > Send the password as a parameter with '-p ' + +Folders: + Cloudsend 2.2.0 introduces folder tree sending. Just use a directory as . + It will traverse all files and folders, create the needed folders and send all files. + Each folder creation and file sending will require a curl call. + +Input Globbing: + You can use input globbing (wildcards) by setting the -g option + This will ignore input file checking and pass the glob to curl to be used + You MUST NOT rename files when globbing, input file names will be used + You MUST NOT send folders when globbing, only files are allowed + Glob examples: '{file1.txt,file2.txt,file3.txt}' + 'img[1-100].png' + +Send from stdin (pipe): + You can send piped content by using - or . as the input file name (curl specs) + You MUST set a destination file name to use stdin as input (-r ) + + Use the file name '-' (a single dash) to use stdin instead of a given file + Alternately, the file name '.' (a single period) may be specified instead of '-' to use + stdin in non-blocking mode to allow reading server output while stdin is being uploaded + +Examples: + CLOUDSEND_PASSWORD='MySecretPass' ./cloudsend.sh -e './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh 'my Folder' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh -r 'RenamedFile.txt' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh --limit-rate 200K -p 'MySecretPass' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh -p 'MySecretPass' -r 'RenamedFile.txt' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + ./cloudsend.sh -g -p 'MySecretPass' '{file1,file2,file3}' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' + cat file | ./cloudsend.sh - 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' -r destFileName + +" +} + + + + + +################################################################ +#### GET OPTIONS +################################################################ + + +# Checks only for quiet/verbose mode and ignores all else +parseQuietMode(){ + while :; do + case "$1" in + -h|--help) + usage ; exit 0 ;; + -V|--version) + printVersion ; exit 0 ;; + -q|--quiet) + QUIETMODE=$TRUE + VERBOSE=" -s" ; break ;; + *) + isEmpty "$1" && break || shift ;; + esac + done + +} + + +# Parses CLI options and parameters +parseOptions() { + log "Tavinus Cloud Sender v$CS_VERSION"$'\n' + while :; do + case "$1" in + -q|--quiet) + shift ;; # already checked + -k|--insecure) + INSECURE=' -k' + log "> Insecure mode ON" + shift ;; + -e|--envpass|--environment) + loadPassword "${CLOUDSEND_PASSWORD}" + log "> Using password from environment" + shift ;; + -p|--password) + loadPassword "$2" + log "> Using password from parameter" + shift ; shift ;; + -r|--rename) + loadOutFile "${2}" + log "> Destination file will be renamed to \"$OUTFILE\"" + RENAMING=$TRUE + shift ; shift ;; + -g|--glob) + GLOBBING=$TRUE + GLOBCMD='' + log "> Glob mode ON, input file checkings disabled" + shift ;; + -a|--abort-on-errors) + ABORTONERRORS=$TRUE + log "> Abort on errors ON, will stop execution on DAV errors" + shift ;; + -l|--limit-rate) + loadLimit "${2}" + LIMITTING=$TRUE + log "> Rate limit set to $RATELIMIT" + shift ; shift ;; + + *) + if isEmpty "$1"; then + break ; + else + CLOUDSEND_PARAMS=("${CLOUDSEND_PARAMS[@]}" "$1") + shift ; + fi + + esac + done + + CLOUDURL='' + FILENAME="${CLOUDSEND_PARAMS[0]}" + CLOUDSHARE="${CLOUDSEND_PARAMS[1]}" + + # if we have index.php in the URL, process accordingly + if [[ "$CLOUDSHARE" == *"index.php"* ]]; then + CLOUDURL="${CLOUDSHARE%/index.php/s/*}" + else + CLOUDURL="${CLOUDSHARE%/s/*}" + fi + + # get token and sub folder + FOLDERTOKEN="${CLOUDSHARE##*/s/}" + INNERPATH="${FOLDERTOKEN##*\?path=}" + FOLDERTOKEN="${FOLDERTOKEN%\?*}" + + if [[ "$FOLDERTOKEN" == "$INNERPATH" ]]; then + INNERPATH="" + else + INNERPATH="$(decodeSlash "$INNERPATH")" + fi + + + if isGlobbing; then + if isRenaming; then + initError $'Cannot rename output files when using globbing on input.\nAll files would get the same output name and then be overwritten.\nSend individual files if you need renaming.' + elif isPiped "$FILENAME"; then + initError $'Cannot use globbing and send piped input at the same time.\nDo either one or the other.' + fi + else + if ! isFile "$FILENAME" && ! isDir "$FILENAME" && ! isPiped "$FILENAME"; then + initError "Invalid input file/folder: $FILENAME" + fi + + if isPiped "$FILENAME" && ! isRenaming; then + initError $'No output file name!\nYou need to set a destination name when reading from a pipe!\nPlease add -r to your call.' + fi + fi + + if isEmpty "$CLOUDURL"; then + initError "Empty URL! Nowhere to send..." + fi + + if isEmpty "$FOLDERTOKEN"; then + initError "Empty Folder Token! Nowhere to send..." + fi + log '' +} + +# Parses Rate limitting +loadLimit() { + if [ -z "$@" ]; then + initError "Trying to set an empty rate limit" + fi + RATELIMIT="$@" + LIMITCMD=' --limit-rate '"$RATELIMIT" +} + + +# Parses password to var or exits +loadPassword() { + if [ -z "$@" ]; then + initError "Trying to set an empty password" + fi + PASSWORD="$@" +} + + +# Parses destination file name to var or exits +loadOutFile() { + if [ -z "$@" ]; then + initError "Trying to set an empty destination file name" + fi + OUTFILE="$@" +} + + + + + +################################################################ +#### VALIDATORS +################################################################ + + +# Dependency check +checkCurl() { + CURLBIN="$(command -v curl 2>/dev/null)" + isExecutable "$CURLBIN" && return $TRUE + CURLBIN='/usr/bin/curl' + isExecutable "$CURLBIN" && return $TRUE + CURLBIN='/usr/local/bin/curl' + isExecutable "$CURLBIN" && return $TRUE + CURLBIN='/usr/share/curl' + isExecutable "$CURLBIN" && return $TRUE + initError "No curl found on system! Please install curl and try again!" + exit 6 +} + + +# Adjust Columns so the progess bar shows correctly +# Curl "space bar" has bugs that only show in special cases, +# depending on the column size of the terminal. I had lots +# of problems with this spanning multiple lines, so I fixed it +# with a max of 80 columns if it is bigger (seems to solve). +# https://github.com/curl/curl/issues/4849 +getScreenSize() { + if isExecutable "$STTYBIN"; then + SCREENSIZE="$($STTYBIN size)" + fi + #export LINES=${SCREENSIZE% *} + #export COLUMNS=$((${SCREENSIZE#* } - 1)) + COLUMNS=${SCREENSIZE#* } + ((COLUMNS=COLUMNS-1)) + [[ $COLUMNS -gt 80 ]] && COLUMNS=80 + export COLUMNS + #export COLUMNS=50 + #echo "LINES..: $LINES" + #echo "COLUMNS: $COLUMNS" +} + + +# Returns $TRUE if $1 is a file, $FALSE otherwise +isFile() { + [[ -f "$1" ]] && return $TRUE + return $FALSE +} + + +# Returns $TRUE if $1 is a directory, $FALSE otherwise +isDir() { + [[ -d "$1" ]] && return $TRUE + return $FALSE +} + + +# Returns $TRUE if $1 is executable, $FALSE otherwise +isExecutable() { + [[ -x "$1" ]] && return $TRUE + return $FALSE +} + + +# Returns $TRUE if $1 is empty, $FALSE otherwise +isEmpty() { + [[ -z "$1" ]] && return $TRUE + return $FALSE +} + + +# Returns $TRUE if $1 is not empty, $FALSE otherwise +isNotEmpty() { + [[ -z "$1" ]] && return $FALSE + return $TRUE +} + + +# Checks if the input file is stdin (either - or .) +isPiped() { + if [ "$1" = '-' ] || [ "$1" = '.' ] ; then + return $TRUE + fi + return $FALSE +} + + + + + +################################################################ +#### FLAG CHECKERS +################################################################ + + +# If we are renaming the output, return $TRUE, else $FALSE +isRenaming() { + return $RENAMING +} + + +# If we are running in Quiet Mode, return $TRUE, else $FALSE +isQuietMode() { + return $QUIETMODE +} + + +# If we are globbing the input, return $TRUE, else $FALSE +isGlobbing() { + return $GLOBBING +} + + +# If we should abort when curl returns a XML response, return $TRUE, else $FALSE +abortOnDavErrors() { + return $ABORTONERRORS +} + + +# If have a dav error, return $TRUE, else $FALSE +hasDavErrors() { + isEmpty "$CURLRESPONSES" && return $FALSE + return $TRUE +} + + +# If have a dav error, return $TRUE, else $FALSE +checkAbort() { + abortOnDavErrors && hasDavErrors && logResult +} + + + + + +################################################################ +#### HELPER FUNCTIONS + + +# encode URL escaping +rawUrlEncode() { + local string="${1}" + local strlen=${#string} + local encoded="" + local pos c o + + for (( pos=0 ; pos " + eout="$(escapeChars "$1")" + #echo "$CURLBIN"$INSECURE --silent -X MKCOL -u "$FOLDERTOKEN":"$PASSWORD" -H "$HEADER" "$CLOUDURL/$PUBSUFFIX$INNERPATH/$1" + cstat="$(createDirRun "$eout" 2>&1)" + #echo " -- $cstat" + if ! isEmpty "$cstat"; then + curlAddResponse "$cstat" "Send Folder: \"$eout\"" + msg="$(echo "$cstat" | grep '' | sed -e 's/<[^>]*>//g' -e 's/^[[:space:]]*//')" + isEmpty "$msg" && msg="$(echo "$cstat" | grep '' | sed -e 's/<[^>]*>//g' -e 's/^[[:space:]]*//')" + log "$msg" + else + log 'OK' + fi + checkAbort # exits if DAV errors AND not ignoring them +} + + +# Create a directory with -X MKCOL +createDirRun() { + "$CURLBIN"$INSECURE --silent -X MKCOL -u "$FOLDERTOKEN":"$PASSWORD" -H "$HEADER" "$CLOUDURL/$PUBSUFFIX$INNERPATH/$1" | cat ; test ${PIPESTATUS[0]} -eq 0 + ecode=$? + curlAddExitCode $ecode + return $ecode +} + + +# Traverse a folder and send its files and subfolders +sendDir() { + isEmpty "$FILENAME" && initError 'Error! Cannot send folder with empty name.' + isDir "$FILENAME" || initError 'Error! sendFolder() > "'"$FILENAME"'" is not a Folder.' + + # Load lists of folders and files to be sent + DIRLIST=() + FILELIST=() + readarray -t DIRLIST < <(find "$FILENAME" -type d -printf '%P\n') + readarray -t FILELIST < <(find "$FILENAME" -type f -printf '%P\n') + #echo '<>' ; echo "${DIRLIST[@]}" ; echo '<>' ; echo "${FILELIST[@]}" + + fbn="$("$BASENAMEBIN" "$FILENAME")" + + # MacOS / BSD readlink does not have the -f option + # Get bash implementation from pdfScale.sh if needed + # For now PWD seems to be enough + if [[ "$fbn" == '.' ]]; then + fbn="$PWD" + fbn="$("$BASENAMEBIN" "$fbn")" + fi + + log "CREATING FOLDER TREE AT DESTINATION"$'\n'"==================================="$'\n' + + # Create main/root folder that is being sent + createDir "$fbn" + + # Create whole directory tree at destination + for d in "${DIRLIST[@]}"; do + if ! isEmpty "$d"; then + createDir "$fbn/$d" + fi + done + + log $'\n'"SENDING ALL FILES FROM FOLDER TREE"$'\n'"=================================="$'\n' + + # Send all files to their destinations + for f in "${FILELIST[@]}"; do + if ! isEmpty "$f"; then + OUTFILE="$fbn/$f" + log "$OUTFILE > " + sendFile "$FILENAME/$f" + fi + done + +} + + +# Logs succes or failure from curl +logResult() { + #echo "LOGRESULT: $1" + local fileString="$("$BASENAMEBIN" "$FILENAME")" + isRenaming && fileString="$("$BASENAMEBIN" "$FILENAME") (renamed as $OUTFILE)" + log $'\n'"SUMMARY"$'\n'"======="$'\n' + + if [ $CURLEXIT -eq 0 ]; then + if isEmpty "$CURLRESPONSES"; then + log " > All Curl calls exited without errors and no WebDAV errors were detected"$'\n'" > Attempt to send completed > $fileString" + else + log " > All Curl calls exited without errors, but webdav errors"$'\n'" were detected while trying to send $fileString"$'\n\n'"Curl Log:"$'\n'"$CURLRESPONSES" + fi + exit 0 + fi + log " > Curl execution errors were detected when sending > $fileString"$'\n'" > Summed Curl exit codes: $CURLEXIT" + exit $CURLEXIT +} + + +# Execute curl send +sendFile() { + if isGlobbing; then + OUTFILE='' + elif isEmpty "$OUTFILE"; then # If we are not renaming, use the input file name + OUTFILE="$("$BASENAMEBIN" "$1")" + fi + + getScreenSize + eout="$(escapeChars "$OUTFILE")" + # Send file + #echo "$CURLBIN"$INSECURE$VERBOSE -T \""$1"\" -u \""$FOLDERTOKEN":"$PASSWORD"\" -H \""$HEADER"\" \""$CLOUDURL/$PUBSUFFIX$INNERPATH/$eout"\" + #"$CURLBIN"$LIMITCMD$INSECURE$VERBOSE$GLOBCMD -T "$1" -u "$FOLDERTOKEN":"$PASSWORD" -H "$HEADER" "$CLOUDURL/$PUBSUFFIX$INNERPATH/$eout" | cat ; test ${PIPESTATUS[0]} -eq 0 + resp="$("$CURLBIN"$LIMITCMD$INSECURE$VERBOSE$GLOBCMD -T "$1" -u "$FOLDERTOKEN":"$PASSWORD" -H "$HEADER" "$CLOUDURL/$PUBSUFFIX$INNERPATH/$eout")" + stat=$? + curlAddResponse "$resp" "Send File: \"$eout\"" + curlAddExitCode $stat + checkAbort # exits if DAV errors AND not ignoring them +} + + +# Send Files and Folders +sendItems() { + if ! isGlobbing && isDir "$FILENAME"; then + sendDir + else + if isGlobbing; then + log "SENDING CURL GLOB"$'\n'"================="$'\n' + log "$FILENAME > " + else + log "SENDING SINGLE FILE"$'\n'"==================="$'\n' + log "$("$BASENAMEBIN" "$FILENAME") > " + fi + sendFile "$FILENAME" + fi +} + + + + + +################################################################ +#### RUN ####################################################### +################################################################ +parseQuietMode "${@}" +parseOptions "${@}" +checkCurl +sendItems +logResult +################################################################ +#### RUN ####################################################### +################################################################ + + + + + + +################################################################ +exit 88 ; # should never get here +################################################################ From 951204e3a8317148da67e1b2b38f82bac6061bc5 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:02:13 +0100 Subject: [PATCH 020/114] Update Makefile. --- Makefile | 88 ++++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 64 insertions(+), 24 deletions(-) diff --git a/Makefile b/Makefile index 5f5691207..4a6650f3e 100644 --- a/Makefile +++ b/Makefile @@ -2,39 +2,60 @@ SHELL=/bin/bash VERSION := $$(grep 'version:' galaxy.yml | cut -d ' ' -f 2) +COLLECTION_ROOT="/home/vagrant/ansible_collections/checkmk/general" +CONTAINER_BUILD_ROOT="$(COLLECTION_ROOT)/tests/container" +CONTAINER_NAME="ansible-checkmk-test" + +CLOUD_SHARE=https://cloud.checkmk.com/index.php/s/jMbHWxM5mT4WN2r + help: - @echo "setup - Run all setup target at once." + @echo "setup - Run all setup target at once." + @echo "" + @echo "setup-python - Prepare the system for development with Python." + @echo "" + @echo "setup-kvm - Install and enable KVM and prepare Vagrant." @echo "" - @echo "setup-python - Prepare the system for development with Python." + @echo "kvm - Only copy the correct Vagrantfile for use with KVM." @echo "" - @echo "setup-kvm - Install and enable KVM and prepare Vagrant." + @echo "setup-vbox - Copy the correct Vagrantfile for use with VirtualBox." @echo "" - @echo "kvm - Only copy the correct Vagrantfile for use with KVM." + @echo "vbox - Copy the correct Vagrantfile for use with VirtualBox." @echo "" - @echo "setup-vbox - Copy the correct Vagrantfile for use with VirtualBox." + @echo "vm - Create a virtual development environment." + @echo "molecule - Create a virtual environment for molecule tests." @echo "" - @echo "vbox - Copy the correct Vagrantfile for use with VirtualBox." + @echo "container - Create a customized container image for testing." @echo "" - @echo "vm - Create a virtual development environment." - @echo "molecule - Create a virtual environment for molecule tests." + @echo "tests - Run all available tests." + @echo "tests-sanity - Run sanity tests." + @echo "tests-integration - Run all integration tests." + @echo "tests-integration-custom - Run all integration tests using a custom built image." @echo "" - @echo "clean - Clean up several things" - @echo "clean-vm - Clean up virtual development environment." + @echo "clean - Clean up several things" + @echo "clean-vm - Clean up virtual development environment." @echo "" - @echo "version - Update collection version" + @echo "version - Update collection version" @echo "" @echo "Publishing:" @echo "" - @echo " release - Build, upload, publish, announce and tag a release" - @echo " announce - Announce the release" - @echo " publish - Make files available, update git and announce" + @echo " release - Build, upload, publish, announce and tag a release" + @echo " announce - Announce the release" + @echo " publish - Make files available, update git and announce" @echo "" -release: - -publish: +release: version + # gh workflow run release.yaml --ref main # https://cli.github.com/manual/gh_workflow_run announce: + # See cma scripts announce + +version: + @newversion=$$(dialog --stdout --inputbox "New Version:" 0 0 "$(VERSION)") ; \ + if [ -n "$$newversion" ] ; then ./scripts/release.sh -s "$(VERSION)" -t $$newversion ; fi + +cloudsend: + CLOUDSEND_PASSWORD=$$(dialog --stdout --inputbox "Share Password:" 0 0) \ + ./scripts/cloudsend/cloudsend.sh -e ansible-checkmk-test-latest-image.tar.gz $(CLOUD_SHARE) setup: setup-python setup-kvm @@ -60,9 +81,7 @@ setup-kvm: kvm qemu-kvm \ libvirt-clients \ libvirt-daemon-system \ - bridge-utils \ - virtinst \ - libguestfs-tools \ + bridge-utils \--build-arg DL_PW=$$(cat .secret) libvirt-daemon\ libvirt-dev \ libxslt-dev \ @@ -77,10 +96,6 @@ vbox: setup-vbox: vbox -version: - @newversion=$$(dialog --stdout --inputbox "New Version:" 0 0 "$(VERSION)") ; \ - if [ -n "$$newversion" ] ; then ./scripts/release.sh -s "$(VERSION)" -t $$newversion ; fi - clean: clean-vm clean-vm: @@ -91,3 +106,28 @@ molecule: vm: @vagrant up collection + +container: molecule + vagrant ssh molecule -c "\ + docker build -t $(CONTAINER_NAME) $(CONTAINER_BUILD_ROOT) --build-arg DL_PW=$$(cat .secret) && \ + docker save $(CONTAINER_NAME):latest > $(COLLECTION_ROOT)/$(CONTAINER_NAME)-latest-image.tar.gz" + +tests: tests-sanity tests-integration + +tests-sanity: vm + @vagrant ssh collection -c "\ + cd $(COLLECTION_ROOT) && \ + ansible-test sanity --docker" + +tests-integration: vm + @vagrant ssh collection -c "\ + cd $(COLLECTION_ROOT) && \ + ansible-test integration --docker" + +tests-integration-custom: vm container + @vagrant ssh collection -c "\ + cd $(COLLECTION_ROOT) && \ + docker load -i ansible-checkmk-test-latest-image.tar.gz && \ + ansible-test integration --docker-privileged --python 3.10 --docker ansible-checkmk-test && \ + ansible-test integration --docker-privileged --python 3.11 --docker ansible-checkmk-test && \ + ansible-test integration --docker-privileged --python 3.12 --docker ansible-checkmk-test" From 48854ca728081cacf7fca217433b589741d5f167 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:15:26 +0100 Subject: [PATCH 021/114] Update GitHub Action trigger. --- .github/workflows/container-build.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index 8959b4782..215368994 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -11,7 +11,9 @@ on: - cron: '0 0 * * 0' push: paths: - - 'tests/container/' + - 'tests/container/**' + branches: + - "build/integration-tests-docker" jobs: From c30a2d16cac5b80857b2fec564e4f4f0d3289bf1 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:17:18 +0100 Subject: [PATCH 022/114] Clean up Dockerfile. --- tests/container/Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/container/Dockerfile b/tests/container/Dockerfile index eba6121ff..a102a3660 100644 --- a/tests/container/Dockerfile +++ b/tests/container/Dockerfile @@ -46,8 +46,6 @@ RUN \ wget --user=${DL_USER} --password=${DL_PW} https://download.checkmk.com/checkmk/${ancient}/check-mk-enterprise-${ancient}_0.${distro}_amd64.deb ; \ wget --user=${DL_USER} --password=${DL_PW} https://download.checkmk.com/checkmk/${ancient}/check-mk-managed-${ancient}_0.${distro}_amd64.deb -# RUN sed -i 's/^\($ModLoad imklog\)/#\1/' /etc/rsyslog.conf - # Fix potential UTF-8 errors with ansible-test. RUN locale-gen en_US.UTF-8 From 66fa20e21063eb6b2c6312d7317609d263e26abc Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:19:19 +0100 Subject: [PATCH 023/114] Bugfix workflow env. --- .github/workflows/container-build.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index 215368994..1f1af994c 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -1,7 +1,6 @@ env: NAMESPACE: checkmk COLLECTION_NAME: general - CONTAINER_ROOT: "./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container" CONTAINER_NAME: "ansible-checkmk-test" name: Build Test Container Images From a464825250d3e0463ccafd981658e67ea80b8a41 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:22:25 +0100 Subject: [PATCH 024/114] Fix Ansible setup. --- .github/workflows/container-build.yaml | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index 1f1af994c..ebe076cfc 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -31,14 +31,8 @@ jobs: with: python-version: '3.11' - - name: "Install ansible-base (${{ matrix.ansible }})" - run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check - - - name: "Provide secrets file" - run: echo "${{ secrets.CHECKMK_DOWNLOAD_PW }}" > ./tests/integration/files/.dl-secret - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - env: - CHECKMK_DOWNLOAD_PW: ${{ secrets.CHECKMK_DOWNLOAD_PW }} + - name: "Install ansible-base devel" + run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check - name: "Docker Build" run: docker build -t ${{ env.CONTAINER_NAME }} ./ --build-arg DL_USER=d-gh-ansible-dl --build-arg DL_PW=${{ secrets.CHECKMK_DOWNLOAD_PW }} From 38e6ee46d8544da8f72baaea53c31d4e5c28080b Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:33:12 +0100 Subject: [PATCH 025/114] Fix typo and clean up systemd. --- tests/container/Dockerfile | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/tests/container/Dockerfile b/tests/container/Dockerfile index a102a3660..451ce7c8f 100644 --- a/tests/container/Dockerfile +++ b/tests/container/Dockerfile @@ -2,7 +2,7 @@ FROM ubuntu:jammy LABEL maintainer="Robin Gierse" ARG distro="jammy" -ARG DEBIAN_FRONTEND=noninteractives +ARG DEBIAN_FRONTEND=noninteractive ENV stable "2.2.0p17" ENV old "2.1.0p37" @@ -30,6 +30,15 @@ RUN apt-get update && \ rsyslog sudo iproute2 \ wget +# Remove unnecessary units +RUN rm -f /lib/systemd/system/multi-user.target.wants/* \ + /etc/systemd/system/*.wants/* \ + /lib/systemd/system/local-fs.target.wants/* \ + /lib/systemd/system/sockets.target.wants/*udev* \ + /lib/systemd/system/sockets.target.wants/*initctl* \ + /lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup* \ + /lib/systemd/system/systemd-update-utmp* + # Download files first to have them cached. ## Free downloads RUN \ From 4be8d80ccd2e4bfdc7909defa1958d966b4f1d2e Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:33:33 +0100 Subject: [PATCH 026/114] Fix typo. --- .github/workflows/container-build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index ebe076cfc..ca3c1b3be 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -39,7 +39,7 @@ jobs: working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container - name: "Docker Save" - run: docker save ${{ env.CONTAINER_NAME }}:latest > ${{ env.CONTAINER_ROOT }}/${{ env.CONTAINER_NAME }}-latest-image.tar.gz" + run: docker save ${{ env.CONTAINER_NAME }}:latest > ${{ env.CONTAINER_ROOT }}/${{ env.CONTAINER_NAME }}-latest-image.tar.gz working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container - name: "Upload Artifact" From 7abd0943df4f5038d8fae4d8747ec6eb2339e986 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 10:50:21 +0100 Subject: [PATCH 027/114] Fix file handling. --- .github/workflows/container-build.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index ca3c1b3be..a97c39b96 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -39,12 +39,12 @@ jobs: working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container - name: "Docker Save" - run: docker save ${{ env.CONTAINER_NAME }}:latest > ${{ env.CONTAINER_ROOT }}/${{ env.CONTAINER_NAME }}-latest-image.tar.gz + run: docker save ${{ env.CONTAINER_NAME }}:latest > ./${{ env.CONTAINER_NAME }}-latest-image.tar.gz working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container - name: "Upload Artifact" - run: CLOUDSEND_PASSWORD=${{ secrets.NEXTCLOUD_PW }} ./scripts/cloudsend/cloudsend.sh -e ${{ env.CONTAINER_NAME }}-latest-image.tar.gz $(CLOUD_SHARE) - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container + run: CLOUDSEND_PASSWORD=${{ secrets.NEXTCLOUD_PW }} ./scripts/cloudsend/cloudsend.sh -e ./tests/container/${{ env.CONTAINER_NAME }}-latest-image.tar.gz $(CLOUD_SHARE) + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} env: NEXTCLOUD_PW: ${{ secrets.NEXTCLOUD_PW }} CLOUDSEND_PASSWORD: ${{ secrets.NEXTCLOUD_PW }} From cfbaf354f415f8b5ce6cf161ddb7076b4eff6e12 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 11:03:49 +0100 Subject: [PATCH 028/114] Update sanity test ignores. --- tests/sanity/ignore-2.13.txt | 11 +++++++---- tests/sanity/ignore-2.14.txt | 11 +++++++---- tests/sanity/ignore-2.15.txt | 11 +++++++---- tests/sanity/ignore-2.16.txt | 11 +++++++---- tests/sanity/ignore-devel.txt | 11 +++++++---- 5 files changed, 35 insertions(+), 20 deletions(-) diff --git a/tests/sanity/ignore-2.13.txt b/tests/sanity/ignore-2.13.txt index 37b7aa705..3489f9ee8 100644 --- a/tests/sanity/ignore-2.13.txt +++ b/tests/sanity/ignore-2.13.txt @@ -1,4 +1,7 @@ -tests/rework/files/systemctl3.py pep8!skip -tests/rework/files/systemctl3.py no-basestring!skip -tests/rework/files/systemctl3.py pylint!skip -tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file +tests/container/files/systemctl3.py pep8!skip +tests/container/files/systemctl3.py no-basestring!skip +tests/container/files/systemctl3.py pylint!skip +tests/container/files/systemctl3.py shebang!skip +tests/container/files/systemctl3.py compile-3.12!skip +scripts/cloudsend/cloudsend.sh shebang!skip +scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.14.txt b/tests/sanity/ignore-2.14.txt index 37b7aa705..3489f9ee8 100644 --- a/tests/sanity/ignore-2.14.txt +++ b/tests/sanity/ignore-2.14.txt @@ -1,4 +1,7 @@ -tests/rework/files/systemctl3.py pep8!skip -tests/rework/files/systemctl3.py no-basestring!skip -tests/rework/files/systemctl3.py pylint!skip -tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file +tests/container/files/systemctl3.py pep8!skip +tests/container/files/systemctl3.py no-basestring!skip +tests/container/files/systemctl3.py pylint!skip +tests/container/files/systemctl3.py shebang!skip +tests/container/files/systemctl3.py compile-3.12!skip +scripts/cloudsend/cloudsend.sh shebang!skip +scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.15.txt b/tests/sanity/ignore-2.15.txt index 37b7aa705..3489f9ee8 100644 --- a/tests/sanity/ignore-2.15.txt +++ b/tests/sanity/ignore-2.15.txt @@ -1,4 +1,7 @@ -tests/rework/files/systemctl3.py pep8!skip -tests/rework/files/systemctl3.py no-basestring!skip -tests/rework/files/systemctl3.py pylint!skip -tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file +tests/container/files/systemctl3.py pep8!skip +tests/container/files/systemctl3.py no-basestring!skip +tests/container/files/systemctl3.py pylint!skip +tests/container/files/systemctl3.py shebang!skip +tests/container/files/systemctl3.py compile-3.12!skip +scripts/cloudsend/cloudsend.sh shebang!skip +scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.16.txt b/tests/sanity/ignore-2.16.txt index 37b7aa705..3489f9ee8 100644 --- a/tests/sanity/ignore-2.16.txt +++ b/tests/sanity/ignore-2.16.txt @@ -1,4 +1,7 @@ -tests/rework/files/systemctl3.py pep8!skip -tests/rework/files/systemctl3.py no-basestring!skip -tests/rework/files/systemctl3.py pylint!skip -tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file +tests/container/files/systemctl3.py pep8!skip +tests/container/files/systemctl3.py no-basestring!skip +tests/container/files/systemctl3.py pylint!skip +tests/container/files/systemctl3.py shebang!skip +tests/container/files/systemctl3.py compile-3.12!skip +scripts/cloudsend/cloudsend.sh shebang!skip +scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file diff --git a/tests/sanity/ignore-devel.txt b/tests/sanity/ignore-devel.txt index 37b7aa705..3489f9ee8 100644 --- a/tests/sanity/ignore-devel.txt +++ b/tests/sanity/ignore-devel.txt @@ -1,4 +1,7 @@ -tests/rework/files/systemctl3.py pep8!skip -tests/rework/files/systemctl3.py no-basestring!skip -tests/rework/files/systemctl3.py pylint!skip -tests/rework/files/systemctl3.py shebang!skip \ No newline at end of file +tests/container/files/systemctl3.py pep8!skip +tests/container/files/systemctl3.py no-basestring!skip +tests/container/files/systemctl3.py pylint!skip +tests/container/files/systemctl3.py shebang!skip +tests/container/files/systemctl3.py compile-3.12!skip +scripts/cloudsend/cloudsend.sh shebang!skip +scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file From 4a655a9f14c62018aa471363261fe790d1b3595e Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 11:07:30 +0100 Subject: [PATCH 029/114] Add disk cleanup to container build. --- .github/workflows/container-build.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index a97c39b96..c7fdb44d3 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -21,6 +21,14 @@ jobs: name: Build Container steps: + + - name: "Free Disk Space." + uses: jlumbroso/free-disk-space@main + with: + # this might remove tools that are actually needed, + # if set to "true" but frees about 6 GB + tool-cache: false + - name: "Check out code" uses: actions/checkout@v4 with: From bf84c8643362138a249a9a8c737dcbecf230bc72 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 11:21:42 +0100 Subject: [PATCH 030/114] Clean up ignores. --- tests/sanity/ignore-2.13.txt | 7 ------- tests/sanity/ignore-2.14.txt | 1 - tests/sanity/ignore-2.15.txt | 1 - 3 files changed, 9 deletions(-) delete mode 100644 tests/sanity/ignore-2.13.txt diff --git a/tests/sanity/ignore-2.13.txt b/tests/sanity/ignore-2.13.txt deleted file mode 100644 index 3489f9ee8..000000000 --- a/tests/sanity/ignore-2.13.txt +++ /dev/null @@ -1,7 +0,0 @@ -tests/container/files/systemctl3.py pep8!skip -tests/container/files/systemctl3.py no-basestring!skip -tests/container/files/systemctl3.py pylint!skip -tests/container/files/systemctl3.py shebang!skip -tests/container/files/systemctl3.py compile-3.12!skip -scripts/cloudsend/cloudsend.sh shebang!skip -scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.14.txt b/tests/sanity/ignore-2.14.txt index 3489f9ee8..eca87845d 100644 --- a/tests/sanity/ignore-2.14.txt +++ b/tests/sanity/ignore-2.14.txt @@ -2,6 +2,5 @@ tests/container/files/systemctl3.py pep8!skip tests/container/files/systemctl3.py no-basestring!skip tests/container/files/systemctl3.py pylint!skip tests/container/files/systemctl3.py shebang!skip -tests/container/files/systemctl3.py compile-3.12!skip scripts/cloudsend/cloudsend.sh shebang!skip scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.15.txt b/tests/sanity/ignore-2.15.txt index 3489f9ee8..eca87845d 100644 --- a/tests/sanity/ignore-2.15.txt +++ b/tests/sanity/ignore-2.15.txt @@ -2,6 +2,5 @@ tests/container/files/systemctl3.py pep8!skip tests/container/files/systemctl3.py no-basestring!skip tests/container/files/systemctl3.py pylint!skip tests/container/files/systemctl3.py shebang!skip -tests/container/files/systemctl3.py compile-3.12!skip scripts/cloudsend/cloudsend.sh shebang!skip scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file From 06655b40b1845f189f71c2a9d4c3e8f574eaee3f Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 11:37:02 +0100 Subject: [PATCH 031/114] Fix artifact upload. --- .github/workflows/container-build.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index c7fdb44d3..acc2fc689 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -2,6 +2,7 @@ env: NAMESPACE: checkmk COLLECTION_NAME: general CONTAINER_NAME: "ansible-checkmk-test" + CLOUD_SHARE: "https://cloud.checkmk.com/index.php/s/jMbHWxM5mT4WN2r" name: Build Test Container Images on: @@ -51,10 +52,9 @@ jobs: working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container - name: "Upload Artifact" - run: CLOUDSEND_PASSWORD=${{ secrets.NEXTCLOUD_PW }} ./scripts/cloudsend/cloudsend.sh -e ./tests/container/${{ env.CONTAINER_NAME }}-latest-image.tar.gz $(CLOUD_SHARE) + run: ./scripts/cloudsend/cloudsend.sh -e ./tests/container/${{ env.CONTAINER_NAME }}-latest-image.tar.gz ${{ env.CLOUD_SHARE }} working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} env: - NEXTCLOUD_PW: ${{ secrets.NEXTCLOUD_PW }} CLOUDSEND_PASSWORD: ${{ secrets.NEXTCLOUD_PW }} - name: "Run integration test for testing" From 5dc19ea670a6c5c1fd1177abfc3403a7139b7fae Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 4 Jan 2024 12:37:07 +0100 Subject: [PATCH 032/114] Clean up build job and add test job. --- .../ans-int-test-activation-cust.yaml | 89 +++++++++++++++++++ .github/workflows/container-build.yaml | 9 -- 2 files changed, 89 insertions(+), 9 deletions(-) create mode 100644 .github/workflows/ans-int-test-activation-cust.yaml diff --git a/.github/workflows/ans-int-test-activation-cust.yaml b/.github/workflows/ans-int-test-activation-cust.yaml new file mode 100644 index 000000000..02cc3c9dd --- /dev/null +++ b/.github/workflows/ans-int-test-activation-cust.yaml @@ -0,0 +1,89 @@ +# README: +# - When changing the module name, it needs to be changed in 'env:MODULE_NAME' and in 'on:pull_requests:path'! +# +# Resources: +# - Template for this file: https://github.com/ansible-collections/collection_template/blob/main/.github/workflows/ansible-test.yml +# - About Ansible integration tests: https://docs.ansible.com/ansible/latest/dev_guide/testing_integration.html + +env: + NAMESPACE: checkmk + COLLECTION_NAME: general + MODULE_NAME: activation + CONTAINER_NAME: "ansible-checkmk-test" + CLOUD_SHARE: "https://cloud.checkmk.com/index.php/s/jMbHWxM5mT4WN2r" + +name: Ansible Integration Tests for Activation Module (Custom) +on: + workflow_dispatch: + schedule: + - cron: '0 0 * * 0' + pull_request: + branches: + - main + - devel + paths: + - 'plugins/modules/activation.py' + push: + branches: + - 'build/integration-tests-docker' + +jobs: + + integration: + runs-on: ubuntu-latest + name: â’¶${{ matrix.ansible }}+py${{ matrix.python }} + strategy: + fail-fast: false + matrix: + ansible: + - stable-2.14 + - stable-2.15 + - stable-2.16 + - devel + python: + - '3.8' + - '3.9' + - '3.10' + - '3.11' + - '3.12' + exclude: + # Exclude unsupported sets. + - ansible: stable-2.14 + python: '3.12' + - ansible: stable-2.15 + python: '3.12' + + steps: + - name: "Check out code" + uses: actions/checkout@v4 + with: + path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + + - name: "Set up Python" + uses: actions/setup-python@v5 + with: + python-version: '3.11' + + - name: "Install ansible-base (${{ matrix.ansible }})" + run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check + + - name: "Provide secrets file" + run: echo "${{ secrets.CHECKMK_DOWNLOAD_PW }}" > ./tests/integration/files/.dl-secret + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + env: + CHECKMK_DOWNLOAD_PW: ${{ secrets.CHECKMK_DOWNLOAD_PW }} + + - name: "Download Container Image" + run: | + curl -u "jMbHWxM5mT4WN2r:${{ env.NEXTCLOUD_PW }}" -H "X-Requested-With: XMLHttpRequest" "https://cloud.checkmk.com/public.php/webdav/ansible-checkmk-test-latest-image.tar.gz" --output ./ansible-checkmk-test-latest-image.tar.gz + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + env: + NEXTCLOUD_PW: ${{ secrets.NEXTCLOUD_PW }} + + - name: "Import Container Image" + run: docker load -i ansible-checkmk-test-latest-image.tar.gz + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + + - name: "Run integration test for testing" + run: ansible-test integration activation -v --color --retry-on-error --continue-on-error --diff --python 3.11 --docker-privileged --docker ${{ env.CONTAINER_NAME }} + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml index acc2fc689..a609c3730 100644 --- a/.github/workflows/container-build.yaml +++ b/.github/workflows/container-build.yaml @@ -9,11 +9,6 @@ on: workflow_dispatch: schedule: - cron: '0 0 * * 0' - push: - paths: - - 'tests/container/**' - branches: - - "build/integration-tests-docker" jobs: @@ -56,7 +51,3 @@ jobs: working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} env: CLOUDSEND_PASSWORD: ${{ secrets.NEXTCLOUD_PW }} - - - name: "Run integration test for testing" - run: ansible-test integration activation -v --color --retry-on-error --continue-on-error --diff --python 3.11 --docker-privileged ${{ env.CONTAINER_NAME }} - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} From 134836a301782481bc3b366914558da388692b8c Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Tue, 9 Jan 2024 07:48:03 +0100 Subject: [PATCH 033/114] Ongoing development. --- plugins/modules/rule.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 1e28af9a0..885f3d091 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -317,7 +317,10 @@ def show_rule(module, base_url, headers, rule_id): def get_existing_rule(module, base_url, headers, ruleset, rule): if rule.get("rule_id"): # We already know whih rule to get - return rule.get("rule_id") + if module.params.get("state") == "absent": + # When deleting and we already know the ID, don't compare + return rule.get("rule_id") + rules = [ show_rule(module, base_url, headers, rule.get("rule_id")) ] else: # Get rules in ruleset rules = get_rules_in_ruleset(module, base_url, headers, ruleset) @@ -529,9 +532,9 @@ def run_module(): location = rule.get("location") # Check if required params to create a rule are given + if rule.get("folder") is None or rule.get("folder") == "": + rule["folder"] = location["folder"] if rule.get("rule_id") is None or rule.get("rule_id") == "": - if rule.get("folder") is None or rule.get("folder") == "": - rule["folder"] = location["folder"] if rule.get("properties") is None or rule.get("properties") == "": exit_failed(module, "Rule properties are required") if rule.get("value_raw") is None or rule.get("value_raw") == "": From f23018754e2be31c773b0e80b43a8c3a7328361d Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:01:22 +0100 Subject: [PATCH 034/114] Now it's also possible to change existing rules based on a given rule_id. --- plugins/modules/rule.py | 65 +++++++++++++++++++++++++++++++++++------ 1 file changed, 56 insertions(+), 9 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 885f3d091..f7f352d6a 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -387,6 +387,42 @@ def create_rule(module, base_url, headers, ruleset, rule): return (r["id"], changed) +def modify_rule(module, base_url, headers, ruleset, rule): + changed = True + rule_id = rule.get("rule_id") + + if not rule_id: + return not changed + + if module.check_mode: + return (None, changed) + + headers["If-Match"] = get_rule_etag(module, base_url, headers, rule_id) + + params = { + "properties": rule["properties"], + "value_raw": rule["value_raw"], + "conditions": rule["conditions"], + } + + api_endpoint = "/objects/rule/" + rule_id + url = base_url + api_endpoint + + info = fetch_url( + module, url, module.jsonify(params), headers=headers, method="PUT" + )[1] + #exit_failed(module, "###### INFO: %s" % str(info)) + + if info["status"] not in [200, 204]: + exit_failed( + module, + "Error calling API. HTTP code %d. Details: %s, " + % (info["status"], info["body"]), + ) + + return changed + + def delete_rule(module, base_url, headers, ruleset, rule): changed = True rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) @@ -532,15 +568,15 @@ def run_module(): location = rule.get("location") # Check if required params to create a rule are given - if rule.get("folder") is None or rule.get("folder") == "": + if not rule.get("folder"): rule["folder"] = location["folder"] - if rule.get("rule_id") is None or rule.get("rule_id") == "": - if rule.get("properties") is None or rule.get("properties") == "": + if not rule.get("rule_id"): + if not rule.get("properties"): exit_failed(module, "Rule properties are required") - if rule.get("value_raw") is None or rule.get("value_raw") == "": + if not rule.get("value_raw"): exit_failed(module, "Rule value_raw is required") # Default to all hosts if conditions arent given - if rule.get("conditions") is None or rule.get("conditions") == "": + if rule.get("conditions"): rule["conditions"] = { "host_tags": [], "host_labels": [], @@ -559,13 +595,24 @@ def run_module(): exit_ok(module, "Rule does not exist") # If state is present, create the rule elif module.params.get("state") == "present": - (rule_id, created) = create_rule(module, base_url, headers, ruleset, rule) - if created: + action = None + if rule.get("rule_id"): + # Modify an existing rule + rule_id = rule.get("rule_id") + if modify_rule(module, base_url, headers, ruleset, rule): + action = "changed" + else: + # If no rule_id is mentioned, we check if our rule exists. If not, then create it. + (rule_id, changed) = create_rule(module, base_url, headers, ruleset, rule) + if changed: + action = "created" + + if action: # Move rule to specified location, if it's not default if location["position"] != "bottom" and not module.check_mode: move_rule(module, base_url, headers, rule_id, location) - exit_changed(module, "Rule created", rule_id) - exit_ok(module, "Rule already exists", rule_id) + exit_changed(module, "Rule %s" % action, rule_id) + exit_ok(module, "Rule already exists with equal settings", rule_id) # Fallback exit_failed(module, "Unknown error") From 48f34296229f224528669bf3cc6b75abe7eda07d Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Wed, 20 Dec 2023 11:12:30 +0100 Subject: [PATCH 035/114] The rule module has now a parameter rule_id that can be used to identify an existing rule. --- plugins/modules/rule.py | 79 ++++++++++++++++++++++++++++------------- 1 file changed, 55 insertions(+), 24 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index aa7530f8c..1e28af9a0 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -67,6 +67,11 @@ properties: description: Properties of the rule. type: dict + rule_id: + description: + - If given, it will be C(the only condition) to identify the rule to work on. + - When there's no rule found with this id, the task will fail. + type: str value_raw: description: Rule values as exported from the web interface. type: str @@ -280,6 +285,25 @@ def get_rules_in_ruleset(module, base_url, headers, ruleset): module, url, module.jsonify(params), headers=headers, method="GET" ) + if info["status"] != 200: + exit_failed( + module, + "Error calling API. HTTP code %d. Details: %s, " + % (info["status"], str(info)), + ) + + return json.loads(response.read().decode("utf-8")).get("value") + + +def show_rule(module, base_url, headers, rule_id): + api_endpoint = "/objects/rule/" + rule_id + + url = "%s%s" % (base_url, api_endpoint) + + response, info = fetch_url( + module, url, headers=headers, method="GET" + ) + if info["status"] != 200: exit_failed( module, @@ -291,8 +315,12 @@ def get_rules_in_ruleset(module, base_url, headers, ruleset): def get_existing_rule(module, base_url, headers, ruleset, rule): - # Get rules in ruleset - rules = get_rules_in_ruleset(module, base_url, headers, ruleset) + if rule.get("rule_id"): + # We already know whih rule to get + return rule.get("rule_id") + else: + # Get rules in ruleset + rules = get_rules_in_ruleset(module, base_url, headers, ruleset) (value_mod, exc) = safe_eval(rule["value_raw"], include_exceptions=True) if exc is not None: @@ -300,7 +328,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): if rules is not None: # Loop through all rules - for r in rules.get("value"): + for r in rules: (value_api, exc) = safe_eval( r["extensions"]["value_raw"], include_exceptions=True ) @@ -314,7 +342,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): and value_api == value_mod ): # If they are the same, return the ID - return r + return r["id"] return None @@ -323,9 +351,9 @@ def create_rule(module, base_url, headers, ruleset, rule): api_endpoint = "/domain-types/rule/collections/all" changed = True - e = get_existing_rule(module, base_url, headers, ruleset, rule) - if e: - return (e["id"], not changed) + rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) + if rule_id: + return (rule_id, not changed) if module.check_mode: return (None, changed) @@ -358,10 +386,11 @@ def create_rule(module, base_url, headers, ruleset, rule): def delete_rule(module, base_url, headers, ruleset, rule): changed = True - e = get_existing_rule(module, base_url, headers, ruleset, rule) - if e: + rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) + + if rule_id: if not module.check_mode: - delete_rule_by_id(module, base_url, headers, e["id"]) + delete_rule_by_id(module, base_url, headers, rule_id) return changed return not changed @@ -447,6 +476,7 @@ def run_module(): conditions=dict(type="dict"), properties=dict(type="dict"), value_raw=dict(type="str"), + rule_id=dict(type="str"), location=dict( type="dict", options=dict( @@ -495,23 +525,24 @@ def run_module(): # Get the variables ruleset = module.params.get("ruleset", "") - rule = module.params.get("rule", "") + rule = module.params.get("rule", {}) location = rule.get("location") # Check if required params to create a rule are given - if rule.get("folder") is None or rule.get("folder") == "": - rule["folder"] = location["folder"] - if rule.get("properties") is None or rule.get("properties") == "": - exit_failed(module, "Rule properties are required") - if rule.get("value_raw") is None or rule.get("value_raw") == "": - exit_failed(module, "Rule value_raw is required") - # Default to all hosts if conditions arent given - if rule.get("conditions") is None or rule.get("conditions") == "": - rule["conditions"] = { - "host_tags": [], - "host_labels": [], - "service_labels": [], - } + if rule.get("rule_id") is None or rule.get("rule_id") == "": + if rule.get("folder") is None or rule.get("folder") == "": + rule["folder"] = location["folder"] + if rule.get("properties") is None or rule.get("properties") == "": + exit_failed(module, "Rule properties are required") + if rule.get("value_raw") is None or rule.get("value_raw") == "": + exit_failed(module, "Rule value_raw is required") + # Default to all hosts if conditions arent given + if rule.get("conditions") is None or rule.get("conditions") == "": + rule["conditions"] = { + "host_tags": [], + "host_labels": [], + "service_labels": [], + } if module.params.get("state") == "absent": if location.get("rule_id") is not None: exit_failed(module, "rule_id in location is invalid with state=absent") From 059df3daaa0e59fa6b56bba403b9ee946aa06120 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Tue, 9 Jan 2024 07:48:03 +0100 Subject: [PATCH 036/114] Ongoing development. --- plugins/modules/rule.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 1e28af9a0..885f3d091 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -317,7 +317,10 @@ def show_rule(module, base_url, headers, rule_id): def get_existing_rule(module, base_url, headers, ruleset, rule): if rule.get("rule_id"): # We already know whih rule to get - return rule.get("rule_id") + if module.params.get("state") == "absent": + # When deleting and we already know the ID, don't compare + return rule.get("rule_id") + rules = [ show_rule(module, base_url, headers, rule.get("rule_id")) ] else: # Get rules in ruleset rules = get_rules_in_ruleset(module, base_url, headers, ruleset) @@ -529,9 +532,9 @@ def run_module(): location = rule.get("location") # Check if required params to create a rule are given + if rule.get("folder") is None or rule.get("folder") == "": + rule["folder"] = location["folder"] if rule.get("rule_id") is None or rule.get("rule_id") == "": - if rule.get("folder") is None or rule.get("folder") == "": - rule["folder"] = location["folder"] if rule.get("properties") is None or rule.get("properties") == "": exit_failed(module, "Rule properties are required") if rule.get("value_raw") is None or rule.get("value_raw") == "": From f740143d28a327bbd678c89896bb44ef47e43142 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:01:22 +0100 Subject: [PATCH 037/114] Now it's also possible to change existing rules based on a given rule_id. --- plugins/modules/rule.py | 65 +++++++++++++++++++++++++++++++++++------ 1 file changed, 56 insertions(+), 9 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 885f3d091..f7f352d6a 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -387,6 +387,42 @@ def create_rule(module, base_url, headers, ruleset, rule): return (r["id"], changed) +def modify_rule(module, base_url, headers, ruleset, rule): + changed = True + rule_id = rule.get("rule_id") + + if not rule_id: + return not changed + + if module.check_mode: + return (None, changed) + + headers["If-Match"] = get_rule_etag(module, base_url, headers, rule_id) + + params = { + "properties": rule["properties"], + "value_raw": rule["value_raw"], + "conditions": rule["conditions"], + } + + api_endpoint = "/objects/rule/" + rule_id + url = base_url + api_endpoint + + info = fetch_url( + module, url, module.jsonify(params), headers=headers, method="PUT" + )[1] + #exit_failed(module, "###### INFO: %s" % str(info)) + + if info["status"] not in [200, 204]: + exit_failed( + module, + "Error calling API. HTTP code %d. Details: %s, " + % (info["status"], info["body"]), + ) + + return changed + + def delete_rule(module, base_url, headers, ruleset, rule): changed = True rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) @@ -532,15 +568,15 @@ def run_module(): location = rule.get("location") # Check if required params to create a rule are given - if rule.get("folder") is None or rule.get("folder") == "": + if not rule.get("folder"): rule["folder"] = location["folder"] - if rule.get("rule_id") is None or rule.get("rule_id") == "": - if rule.get("properties") is None or rule.get("properties") == "": + if not rule.get("rule_id"): + if not rule.get("properties"): exit_failed(module, "Rule properties are required") - if rule.get("value_raw") is None or rule.get("value_raw") == "": + if not rule.get("value_raw"): exit_failed(module, "Rule value_raw is required") # Default to all hosts if conditions arent given - if rule.get("conditions") is None or rule.get("conditions") == "": + if rule.get("conditions"): rule["conditions"] = { "host_tags": [], "host_labels": [], @@ -559,13 +595,24 @@ def run_module(): exit_ok(module, "Rule does not exist") # If state is present, create the rule elif module.params.get("state") == "present": - (rule_id, created) = create_rule(module, base_url, headers, ruleset, rule) - if created: + action = None + if rule.get("rule_id"): + # Modify an existing rule + rule_id = rule.get("rule_id") + if modify_rule(module, base_url, headers, ruleset, rule): + action = "changed" + else: + # If no rule_id is mentioned, we check if our rule exists. If not, then create it. + (rule_id, changed) = create_rule(module, base_url, headers, ruleset, rule) + if changed: + action = "created" + + if action: # Move rule to specified location, if it's not default if location["position"] != "bottom" and not module.check_mode: move_rule(module, base_url, headers, rule_id, location) - exit_changed(module, "Rule created", rule_id) - exit_ok(module, "Rule already exists", rule_id) + exit_changed(module, "Rule %s" % action, rule_id) + exit_ok(module, "Rule already exists with equal settings", rule_id) # Fallback exit_failed(module, "Unknown error") From add9f81351447ab070a969bdcf642fb244d3e398 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:52:24 +0100 Subject: [PATCH 038/114] Modifying existing rules is now idempotent, at least for some of the rulesets. Depends on the value_raw that is used. --- plugins/modules/rule.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index f7f352d6a..93d0c1ab5 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -394,6 +394,9 @@ def modify_rule(module, base_url, headers, ruleset, rule): if not rule_id: return not changed + if get_existing_rule(module, base_url, headers, ruleset, rule): + return not changed + if module.check_mode: return (None, changed) From 1b51ae97ccf7ba3ab131aad51ce4618193518612 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:53:22 +0100 Subject: [PATCH 039/114] Typo in the rules lookup module integration test. --- tests/integration/targets/lookup_rules/tasks/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/targets/lookup_rules/tasks/test.yml b/tests/integration/targets/lookup_rules/tasks/test.yml index b42e3dc6c..0406251e9 100644 --- a/tests/integration/targets/lookup_rules/tasks/test.yml +++ b/tests/integration/targets/lookup_rules/tasks/test.yml @@ -68,7 +68,7 @@ vars: rules: "{{ lookup('checkmk.general.rules', ruleset=item, - commebt_regex='Ansible managed', + comment_regex='Ansible managed', server_url=server_url, site=outer_item.site, validate_certs=False, From d30d7a7c48804f170569057462634c312439e0d3 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:53:56 +0100 Subject: [PATCH 040/114] Added an integration test case for modifying existing rules. --- tests/integration/targets/rule/tasks/test.yml | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/tests/integration/targets/rule/tasks/test.yml b/tests/integration/targets/rule/tasks/test.yml index b2f13c23c..c74f1b643 100644 --- a/tests/integration/targets/rule/tasks/test.yml +++ b/tests/integration/targets/rule/tasks/test.yml @@ -45,6 +45,45 @@ delegate_to: localhost run_once: true # noqa run-once[task] +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Modify rules." + rule: + server_url: "{{ checkmk_var_server_url }}" + site: "{{ outer_item.site }}" + automation_user: "{{ checkmk_var_automation_user }}" + automation_secret: "{{ checkmk_var_automation_secret }}" + ruleset: "{{ item.ruleset }}" + rule: + rule_id: "{{ existing_rule[0].id }}" + properties: { + "description": "Modified this intentionally." + } + state: "present" + vars: + existing_rule:"{{ lookup('checkmk.general.rules', + ruleset=item.ruleset, + comment_regex='Ansible managed', + server_url=server_url, + site=outer_item.site, + validate_certs=False, + automation_user=automation_user, + automation_secret=automation_secret) + }}" + delegate_to: localhost + run_once: true # noqa run-once[task] + loop: "{{ checkmk_var_rules }}" + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Activate." + activation: + server_url: "{{ checkmk_var_server_url }}" + site: "{{ outer_item.site }}" + automation_user: "{{ checkmk_var_automation_user }}" + automation_secret: "{{ checkmk_var_automation_secret }}" + force_foreign_changes: true + sites: + - "{{ outer_item.site }}" + delegate_to: localhost + run_once: true # noqa run-once[task] + - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Delete rules." rule: server_url: "{{ checkmk_var_server_url }}" From fb5d4aedddc98151115113eac51f9a0e25dc864c Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:57:45 +0100 Subject: [PATCH 041/114] Sanity --- plugins/modules/rule.py | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 93d0c1ab5..9971e0c46 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -68,7 +68,7 @@ description: Properties of the rule. type: dict rule_id: - description: + description: - If given, it will be C(the only condition) to identify the rule to work on. - When there's no rule found with this id, the task will fail. type: str @@ -300,9 +300,7 @@ def show_rule(module, base_url, headers, rule_id): url = "%s%s" % (base_url, api_endpoint) - response, info = fetch_url( - module, url, headers=headers, method="GET" - ) + response, info = fetch_url(module, url, headers=headers, method="GET") if info["status"] != 200: exit_failed( @@ -320,7 +318,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): if module.params.get("state") == "absent": # When deleting and we already know the ID, don't compare return rule.get("rule_id") - rules = [ show_rule(module, base_url, headers, rule.get("rule_id")) ] + rules = [show_rule(module, base_url, headers, rule.get("rule_id"))] else: # Get rules in ruleset rules = get_rules_in_ruleset(module, base_url, headers, ruleset) @@ -414,7 +412,6 @@ def modify_rule(module, base_url, headers, ruleset, rule): info = fetch_url( module, url, module.jsonify(params), headers=headers, method="PUT" )[1] - #exit_failed(module, "###### INFO: %s" % str(info)) if info["status"] not in [200, 204]: exit_failed( From 409ee8ea8278437093f6b285c9ce51bb3d1106b0 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 11:12:21 +0100 Subject: [PATCH 042/114] Typo in rule integration test. --- tests/integration/targets/rule/tasks/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/targets/rule/tasks/test.yml b/tests/integration/targets/rule/tasks/test.yml index c74f1b643..8029dab10 100644 --- a/tests/integration/targets/rule/tasks/test.yml +++ b/tests/integration/targets/rule/tasks/test.yml @@ -59,7 +59,7 @@ } state: "present" vars: - existing_rule:"{{ lookup('checkmk.general.rules', + existing_rule: "{{ lookup('checkmk.general.rules', ruleset=item.ruleset, comment_regex='Ansible managed', server_url=server_url, From 311885c9cfcb1d8bc3e7c55db30a030c0fc7cdf8 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 11:29:08 +0100 Subject: [PATCH 043/114] Copy & paste issue in rule integration test. --- tests/integration/targets/rule/tasks/test.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/integration/targets/rule/tasks/test.yml b/tests/integration/targets/rule/tasks/test.yml index 8029dab10..541edcb0e 100644 --- a/tests/integration/targets/rule/tasks/test.yml +++ b/tests/integration/targets/rule/tasks/test.yml @@ -62,11 +62,11 @@ existing_rule: "{{ lookup('checkmk.general.rules', ruleset=item.ruleset, comment_regex='Ansible managed', - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] From 7f20c9bfeeca15ec65bdb06429821d176d8d28f5 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 14:23:06 -0500 Subject: [PATCH 044/114] Move includes to dedicated folder. --- tests/integration/files/{ => includes/tasks}/prep.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename tests/integration/files/{ => includes/tasks}/prep.yml (100%) diff --git a/tests/integration/files/prep.yml b/tests/integration/files/includes/tasks/prep.yml similarity index 100% rename from tests/integration/files/prep.yml rename to tests/integration/files/includes/tasks/prep.yml From 5bc1059dc08924396eb85d4975ff51e7b68601c2 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 14:23:16 -0500 Subject: [PATCH 045/114] Move global variables to included file. --- .../integration/files/includes/vars/global.yml | 17 +++++++++++++++++ .../targets/activation/vars/main.yml | 16 ---------------- tests/integration/targets/bakery/vars/main.yml | 16 ---------------- .../targets/contact_group/vars/main.yml | 16 ---------------- .../integration/targets/discovery/vars/main.yml | 16 ---------------- .../integration/targets/downtime/vars/main.yml | 16 ---------------- tests/integration/targets/folder/vars/main.yml | 16 ---------------- tests/integration/targets/host/vars/main.yml | 16 ---------------- .../targets/host_group/vars/main.yml | 16 ---------------- .../targets/lookup_folder/vars/main.yml | 16 ---------------- .../targets/lookup_folders/vars/main.yml | 16 ---------------- .../targets/lookup_host/vars/main.yml | 16 ---------------- .../targets/lookup_hosts/vars/main.yml | 16 ---------------- .../targets/lookup_version/vars/main.yml | 16 ---------------- .../integration/targets/password/vars/main.yml | 16 ---------------- tests/integration/targets/rule/vars/main.yml | 16 ---------------- .../targets/service_group/vars/main.yml | 16 ---------------- .../integration/targets/tag_group/vars/main.yml | 16 ---------------- .../targets/timeperiod/vars/main.yml | 16 ---------------- tests/integration/targets/user/vars/main.yml | 16 ---------------- 20 files changed, 17 insertions(+), 304 deletions(-) create mode 100644 tests/integration/files/includes/vars/global.yml diff --git a/tests/integration/files/includes/vars/global.yml b/tests/integration/files/includes/vars/global.yml new file mode 100644 index 000000000..57f8bb073 --- /dev/null +++ b/tests/integration/files/includes/vars/global.yml @@ -0,0 +1,17 @@ +--- +# Configure location and credentials for the Checkmk REST API +checkmk_var_server_url: "http://127.0.0.1/" +checkmk_var_automation_user: "cmkadmin" +checkmk_var_automation_secret: "Sup3rSec4et!" + +# Generate download URL and provide credentials to download Checkmk setups +download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] +download_user: "d-gh-ansible-dl" +download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] + +# Due to inconsistent naming of editions, we normalize them here for convenience +checkmk_server_edition_mapping: + cre: raw + cee: enterprise + cce: cloud + cme: managed diff --git a/tests/integration/targets/activation/vars/main.yml b/tests/integration/targets/activation/vars/main.yml index 89ea4ae04..839248fdd 100644 --- a/tests/integration/targets/activation/vars/main.yml +++ b/tests/integration/targets/activation/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_hosts: - name: test1.tld folder: "/" diff --git a/tests/integration/targets/bakery/vars/main.yml b/tests/integration/targets/bakery/vars/main.yml index 76263430b..8f0136326 100644 --- a/tests/integration/targets/bakery/vars/main.yml +++ b/tests/integration/targets/bakery/vars/main.yml @@ -7,22 +7,6 @@ test_sites: edition: "cee" site: "old_cee" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - signature_key_id: 1 signature_key_passphrase: "{{ checkmk_var_automation_secret }}" diff --git a/tests/integration/targets/contact_group/vars/main.yml b/tests/integration/targets/contact_group/vars/main.yml index 105ad449a..3fb169f3d 100644 --- a/tests/integration/targets/contact_group/vars/main.yml +++ b/tests/integration/targets/contact_group/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_contact_groups_create: - name: "test1" title: "Test_1" diff --git a/tests/integration/targets/discovery/vars/main.yml b/tests/integration/targets/discovery/vars/main.yml index 6b13e6c5a..ca308fbd7 100644 --- a/tests/integration/targets/discovery/vars/main.yml +++ b/tests/integration/targets/discovery/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_hosts: - name: test1.tld folder: "/" diff --git a/tests/integration/targets/downtime/vars/main.yml b/tests/integration/targets/downtime/vars/main.yml index 89ea4ae04..839248fdd 100644 --- a/tests/integration/targets/downtime/vars/main.yml +++ b/tests/integration/targets/downtime/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_hosts: - name: test1.tld folder: "/" diff --git a/tests/integration/targets/folder/vars/main.yml b/tests/integration/targets/folder/vars/main.yml index 90d954f4b..9986aed15 100644 --- a/tests/integration/targets/folder/vars/main.yml +++ b/tests/integration/targets/folder/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_var_folders: - path: /test name: Test diff --git a/tests/integration/targets/host/vars/main.yml b/tests/integration/targets/host/vars/main.yml index 455378469..34da9fa7f 100644 --- a/tests/integration/targets/host/vars/main.yml +++ b/tests/integration/targets/host/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_var_folders: - path: /foo name: Foo diff --git a/tests/integration/targets/host_group/vars/main.yml b/tests/integration/targets/host_group/vars/main.yml index f55f3e3cb..a1e40fe1f 100644 --- a/tests/integration/targets/host_group/vars/main.yml +++ b/tests/integration/targets/host_group/vars/main.yml @@ -16,22 +16,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_host_groups_create: - name: "test1" title: "Test_1" diff --git a/tests/integration/targets/lookup_folder/vars/main.yml b/tests/integration/targets/lookup_folder/vars/main.yml index 370c99d6b..a389e7128 100644 --- a/tests/integration/targets/lookup_folder/vars/main.yml +++ b/tests/integration/targets/lookup_folder/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_folder: name: "Folder 1" path: "/folder1" diff --git a/tests/integration/targets/lookup_folders/vars/main.yml b/tests/integration/targets/lookup_folders/vars/main.yml index 92511b696..37681c6ef 100644 --- a/tests/integration/targets/lookup_folders/vars/main.yml +++ b/tests/integration/targets/lookup_folders/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_var_folders: - name: "Folder 1" path: "/folder1" diff --git a/tests/integration/targets/lookup_host/vars/main.yml b/tests/integration/targets/lookup_host/vars/main.yml index 823845d1f..0b00fd4b6 100644 --- a/tests/integration/targets/lookup_host/vars/main.yml +++ b/tests/integration/targets/lookup_host/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_host: name: "host1.tld" folder: "/" diff --git a/tests/integration/targets/lookup_hosts/vars/main.yml b/tests/integration/targets/lookup_hosts/vars/main.yml index 87e40d27a..b84cd157d 100644 --- a/tests/integration/targets/lookup_hosts/vars/main.yml +++ b/tests/integration/targets/lookup_hosts/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_hosts: - name: "host1.tld" folder: "/" diff --git a/tests/integration/targets/lookup_version/vars/main.yml b/tests/integration/targets/lookup_version/vars/main.yml index 3b8800f3c..334a5163a 100644 --- a/tests/integration/targets/lookup_version/vars/main.yml +++ b/tests/integration/targets/lookup_version/vars/main.yml @@ -12,19 +12,3 @@ test_sites: - version: "2.0.0p39" edition: "cre" site: "ancient_cre" - -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed diff --git a/tests/integration/targets/password/vars/main.yml b/tests/integration/targets/password/vars/main.yml index 4fabece53..0ca3adfe3 100644 --- a/tests/integration/targets/password/vars/main.yml +++ b/tests/integration/targets/password/vars/main.yml @@ -16,22 +16,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_passwords_create: - name: "pwtest1" title: "Password Test 1" diff --git a/tests/integration/targets/rule/vars/main.yml b/tests/integration/targets/rule/vars/main.yml index c37ae1cf5..43aca7341 100644 --- a/tests/integration/targets/rule/vars/main.yml +++ b/tests/integration/targets/rule/vars/main.yml @@ -10,22 +10,6 @@ test_sites: edition: "cre" site: "old_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_var_rules: - name: "Filesystem - Magic Factor." diff --git a/tests/integration/targets/service_group/vars/main.yml b/tests/integration/targets/service_group/vars/main.yml index 3d7af8ea5..8ca906c69 100644 --- a/tests/integration/targets/service_group/vars/main.yml +++ b/tests/integration/targets/service_group/vars/main.yml @@ -16,22 +16,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_service_groups_create: - name: "test1" title: "Test_1" diff --git a/tests/integration/targets/tag_group/vars/main.yml b/tests/integration/targets/tag_group/vars/main.yml index b568dd049..cc593be7c 100644 --- a/tests/integration/targets/tag_group/vars/main.yml +++ b/tests/integration/targets/tag_group/vars/main.yml @@ -16,22 +16,6 @@ test_sites: edition: "cre" site: "ancient_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_taggroups_create: - name: Datacenter title: Datacenter diff --git a/tests/integration/targets/timeperiod/vars/main.yml b/tests/integration/targets/timeperiod/vars/main.yml index 9f43417b2..37f0299b3 100644 --- a/tests/integration/targets/timeperiod/vars/main.yml +++ b/tests/integration/targets/timeperiod/vars/main.yml @@ -10,22 +10,6 @@ test_sites: edition: "cre" site: "old_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_timeperiods_create: - name: "lunchtime" alias: "Lunchtime" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index f3908c53f..d23ae16c2 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -13,22 +13,6 @@ test_sites: edition: "cre" site: "old_cre" -checkmk_var_server_url: "http://127.0.0.1/" -checkmk_var_automation_user: "cmkadmin" -checkmk_var_automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_var_contact_groups: - team1 - team2 From a5ea92c844afad2ee6ee3f62294ef3b90d714b17 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 14:25:32 -0500 Subject: [PATCH 046/114] Update tasks with new variable include. --- tests/integration/targets/activation/tasks/main.yml | 7 +++++-- tests/integration/targets/bakery/tasks/main.yml | 7 +++++-- tests/integration/targets/contact_group/tasks/main.yml | 7 +++++-- tests/integration/targets/discovery/tasks/main.yml | 7 +++++-- tests/integration/targets/downtime/tasks/main.yml | 7 +++++-- tests/integration/targets/folder/tasks/main.yml | 7 +++++-- tests/integration/targets/host/tasks/main.yml | 7 +++++-- tests/integration/targets/host_group/tasks/main.yml | 7 +++++-- tests/integration/targets/lookup_bakery/tasks/main.yml | 7 +++++-- tests/integration/targets/lookup_folder/tasks/main.yml | 7 +++++-- tests/integration/targets/lookup_folders/tasks/main.yml | 7 +++++-- tests/integration/targets/lookup_host/tasks/main.yml | 7 +++++-- tests/integration/targets/lookup_hosts/tasks/main.yml | 7 +++++-- tests/integration/targets/lookup_rules/tasks/main.yml | 7 +++++-- tests/integration/targets/lookup_rulesets/tasks/main.yml | 7 +++++-- tests/integration/targets/lookup_version/tasks/main.yml | 7 +++++-- tests/integration/targets/password/tasks/main.yml | 7 +++++-- tests/integration/targets/rule/tasks/main.yml | 7 +++++-- tests/integration/targets/service_group/tasks/main.yml | 7 +++++-- tests/integration/targets/tag_group/tasks/main.yml | 7 +++++-- tests/integration/targets/timeperiod/tasks/main.yml | 7 +++++-- tests/integration/targets/user/tasks/main.yml | 7 +++++-- 22 files changed, 110 insertions(+), 44 deletions(-) diff --git a/tests/integration/targets/activation/tasks/main.yml b/tests/integration/targets/activation/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/activation/tasks/main.yml +++ b/tests/integration/targets/activation/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/bakery/tasks/main.yml b/tests/integration/targets/bakery/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/bakery/tasks/main.yml +++ b/tests/integration/targets/bakery/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/contact_group/tasks/main.yml b/tests/integration/targets/contact_group/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/contact_group/tasks/main.yml +++ b/tests/integration/targets/contact_group/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/discovery/tasks/main.yml b/tests/integration/targets/discovery/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/discovery/tasks/main.yml +++ b/tests/integration/targets/discovery/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/downtime/tasks/main.yml b/tests/integration/targets/downtime/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/downtime/tasks/main.yml +++ b/tests/integration/targets/downtime/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/folder/tasks/main.yml b/tests/integration/targets/folder/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/folder/tasks/main.yml +++ b/tests/integration/targets/folder/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/host/tasks/main.yml b/tests/integration/targets/host/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/host/tasks/main.yml +++ b/tests/integration/targets/host/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/host_group/tasks/main.yml b/tests/integration/targets/host_group/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/host_group/tasks/main.yml +++ b/tests/integration/targets/host_group/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_bakery/tasks/main.yml b/tests/integration/targets/lookup_bakery/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/lookup_bakery/tasks/main.yml +++ b/tests/integration/targets/lookup_bakery/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_folder/tasks/main.yml b/tests/integration/targets/lookup_folder/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/lookup_folder/tasks/main.yml +++ b/tests/integration/targets/lookup_folder/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_folders/tasks/main.yml b/tests/integration/targets/lookup_folders/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/lookup_folders/tasks/main.yml +++ b/tests/integration/targets/lookup_folders/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_host/tasks/main.yml b/tests/integration/targets/lookup_host/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/lookup_host/tasks/main.yml +++ b/tests/integration/targets/lookup_host/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_hosts/tasks/main.yml b/tests/integration/targets/lookup_hosts/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/lookup_hosts/tasks/main.yml +++ b/tests/integration/targets/lookup_hosts/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_rules/tasks/main.yml b/tests/integration/targets/lookup_rules/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/lookup_rules/tasks/main.yml +++ b/tests/integration/targets/lookup_rules/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_rulesets/tasks/main.yml b/tests/integration/targets/lookup_rulesets/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/lookup_rulesets/tasks/main.yml +++ b/tests/integration/targets/lookup_rulesets/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/lookup_version/tasks/main.yml b/tests/integration/targets/lookup_version/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/lookup_version/tasks/main.yml +++ b/tests/integration/targets/lookup_version/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/password/tasks/main.yml b/tests/integration/targets/password/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/password/tasks/main.yml +++ b/tests/integration/targets/password/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/rule/tasks/main.yml b/tests/integration/targets/rule/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/rule/tasks/main.yml +++ b/tests/integration/targets/rule/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/service_group/tasks/main.yml b/tests/integration/targets/service_group/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/service_group/tasks/main.yml +++ b/tests/integration/targets/service_group/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/tag_group/tasks/main.yml b/tests/integration/targets/tag_group/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/tag_group/tasks/main.yml +++ b/tests/integration/targets/tag_group/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/timeperiod/tasks/main.yml b/tests/integration/targets/timeperiod/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/timeperiod/tasks/main.yml +++ b/tests/integration/targets/timeperiod/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: diff --git a/tests/integration/targets/user/tasks/main.yml b/tests/integration/targets/user/tasks/main.yml index fbbf4fef2..67b2edf51 100644 --- a/tests/integration/targets/user/tasks/main.yml +++ b/tests/integration/targets/user/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: "Run preparations." - ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/prep.yml +- name: "Include Global Variables." + ansible.builtin.include_vars: /root/ansible_collections/checkmk/general/tests/integration/files/includes/vars/global.yml + +- name: "Run Preparations." + ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml - name: "Wait for site to be ready." ansible.builtin.pause: From 99e4149f1126c9f9afb7f462a36b389cb1fc5af7 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 14:28:50 -0500 Subject: [PATCH 047/114] Update README. --- tests/integration/files/README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/integration/files/README.md b/tests/integration/files/README.md index 06dd31abf..1bfc8881e 100644 --- a/tests/integration/files/README.md +++ b/tests/integration/files/README.md @@ -1,5 +1,6 @@ # Files This folder is currently used to provide files to the `ansible-test` container on GitHub Action execution. Primarily this currently concerns secrets for which -there is no other way of providing them to the container. -**Please do not store anything in here unless you know, what you are doing!** \ No newline at end of file +there is no other way of providing them to the container. +The folder `includes` contains shared resources, which are required by all tests. +**Please do not store anything in here unless you know, what you are doing!** From 99e53bb6ca5f5ef6d26f84b572477ff74d9cd4b1 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 15:30:57 -0500 Subject: [PATCH 048/114] Clean out variables. --- .../targets/lookup_bakery/vars/main.yml | 16 ---------- .../targets/lookup_rules/vars/main.yml | 28 ++++-------------- .../targets/lookup_rulesets/vars/main.yml | 29 ++++--------------- 3 files changed, 12 insertions(+), 61 deletions(-) diff --git a/tests/integration/targets/lookup_bakery/vars/main.yml b/tests/integration/targets/lookup_bakery/vars/main.yml index c826154d7..a28bca57c 100644 --- a/tests/integration/targets/lookup_bakery/vars/main.yml +++ b/tests/integration/targets/lookup_bakery/vars/main.yml @@ -6,19 +6,3 @@ test_sites: - version: "2.1.0p38" edition: "cee" site: "old_cee" - -server_url: "http://127.0.0.1/" -automation_user: "cmkadmin" -automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed diff --git a/tests/integration/targets/lookup_rules/vars/main.yml b/tests/integration/targets/lookup_rules/vars/main.yml index fed6bc0de..d4c1b2747 100644 --- a/tests/integration/targets/lookup_rules/vars/main.yml +++ b/tests/integration/targets/lookup_rules/vars/main.yml @@ -10,29 +10,13 @@ test_sites: edition: "cre" site: "old_cre" -server_url: "http://127.0.0.1/" -automation_user: "cmkadmin" -automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_rulesets: - - "checkgroup_parameters:filesystem" - - "checkgroup_parameters:cpu_load" - - "checkgroup_parameters:cpu_iowait" - - "checkgroup_parameters:logwatch_ec" - - "usewalk_hosts" - - "checkgroup_parameters:memory_percentage_used" + - "checkgroup_parameters:filesystem" + - "checkgroup_parameters:cpu_load" + - "checkgroup_parameters:cpu_iowait" + - "checkgroup_parameters:logwatch_ec" + - "usewalk_hosts" + - "checkgroup_parameters:memory_percentage_used" checkmk_rules: diff --git a/tests/integration/targets/lookup_rulesets/vars/main.yml b/tests/integration/targets/lookup_rulesets/vars/main.yml index 8537718a8..ce9415dbb 100644 --- a/tests/integration/targets/lookup_rulesets/vars/main.yml +++ b/tests/integration/targets/lookup_rulesets/vars/main.yml @@ -10,30 +10,13 @@ test_sites: edition: "cre" site: "old_cre" -server_url: "http://127.0.0.1/" -automation_user: "cmkadmin" -automation_secret: "d7589df1" - -download_url: "https://download.checkmk.com/checkmk/{{ item.version }}/check-mk-{{ checkmk_server_edition_mapping[item.edition] }}-{{ item.version }}_0.{{ ansible_distribution_release }}_amd64.deb" # noqa yaml[line-length] -download_user: "d-gh-ansible-dl" -download_pass: "{{ lookup('ansible.builtin.file', '/root/ansible_collections/checkmk/general/tests/integration/files/.dl-secret', errors='ignore') | default(omit) }}" # noqa yaml[line-length] - -# Due to inconsistent naming of editions, we normalize them here for convenience -checkmk_server_edition_mapping: - cre: raw - cfe: free - cee: enterprise - cce: cloud - cme: managed - checkmk_ruleset_regexes: - - "checkgroup_parameters:filesystem" - - "checkgroup_parameters:cpu_load" - - "checkgroup_parameters:cpu_iowait" - - "checkgroup_parameters:logwatch_ec" - - "usewalk_hosts" - - "checkgroup_parameters:memory_percentage_used" - + - "checkgroup_parameters:filesystem" + - "checkgroup_parameters:cpu_load" + - "checkgroup_parameters:cpu_iowait" + - "checkgroup_parameters:logwatch_ec" + - "usewalk_hosts" + - "checkgroup_parameters:memory_percentage_used" checkmk_rules: From 66529fe6f26b1364f3e45d456ce2b6ce2814e0c8 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 16:59:35 -0500 Subject: [PATCH 049/114] Move site readiness task to includes. --- .../integration/files/includes/tasks/prep.yml | 8 ++++++ .../targets/activation/tasks/main.yml | 8 ------ .../integration/targets/bakery/tasks/main.yml | 8 ------ .../targets/contact_group/tasks/main.yml | 8 ------ .../targets/discovery/tasks/main.yml | 8 ------ .../targets/downtime/tasks/main.yml | 8 ------ .../integration/targets/folder/tasks/main.yml | 8 ------ tests/integration/targets/host/tasks/main.yml | 8 ------ .../targets/host_group/tasks/main.yml | 8 ------ .../targets/lookup_bakery/tasks/main.yml | 8 ------ .../targets/lookup_bakery/tasks/test.yml | 4 +-- .../targets/lookup_folder/tasks/main.yml | 8 ------ .../targets/lookup_folders/tasks/main.yml | 8 ------ .../targets/lookup_host/tasks/main.yml | 8 ------ .../targets/lookup_hosts/tasks/main.yml | 8 ------ .../targets/lookup_rules/tasks/main.yml | 8 ------ .../targets/lookup_rules/tasks/test.yml | 26 +++++++++---------- .../targets/lookup_rulesets/tasks/main.yml | 8 ------ .../targets/lookup_rulesets/tasks/test.yml | 22 ++++++++-------- .../targets/lookup_version/tasks/main.yml | 8 ------ .../targets/password/tasks/main.yml | 8 ------ tests/integration/targets/rule/tasks/main.yml | 8 ------ .../targets/service_group/tasks/main.yml | 8 ------ .../targets/tag_group/tasks/main.yml | 8 ------ .../targets/timeperiod/tasks/main.yml | 8 ------ tests/integration/targets/user/tasks/main.yml | 8 ------ 26 files changed, 34 insertions(+), 202 deletions(-) diff --git a/tests/integration/files/includes/tasks/prep.yml b/tests/integration/files/includes/tasks/prep.yml index ac9bf3010..f9b515aad 100644 --- a/tests/integration/files/includes/tasks/prep.yml +++ b/tests/integration/files/includes/tasks/prep.yml @@ -46,3 +46,11 @@ changed_when: site_status.rc == "0" loop: "{{ test_sites }}" when: (download_pass is defined and download_pass | length) or item.edition == "cre" + +- name: "Wait for site to be ready." + ansible.builtin.pause: + seconds: 5 + when: | + ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') + and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) + loop: "{{ site_status.results }}" diff --git a/tests/integration/targets/activation/tasks/main.yml b/tests/integration/targets/activation/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/activation/tasks/main.yml +++ b/tests/integration/targets/activation/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/bakery/tasks/main.yml b/tests/integration/targets/bakery/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/bakery/tasks/main.yml +++ b/tests/integration/targets/bakery/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/contact_group/tasks/main.yml b/tests/integration/targets/contact_group/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/contact_group/tasks/main.yml +++ b/tests/integration/targets/contact_group/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/discovery/tasks/main.yml b/tests/integration/targets/discovery/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/discovery/tasks/main.yml +++ b/tests/integration/targets/discovery/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/downtime/tasks/main.yml b/tests/integration/targets/downtime/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/downtime/tasks/main.yml +++ b/tests/integration/targets/downtime/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/folder/tasks/main.yml b/tests/integration/targets/folder/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/folder/tasks/main.yml +++ b/tests/integration/targets/folder/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/host/tasks/main.yml b/tests/integration/targets/host/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/host/tasks/main.yml +++ b/tests/integration/targets/host/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/host_group/tasks/main.yml b/tests/integration/targets/host_group/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/host_group/tasks/main.yml +++ b/tests/integration/targets/host_group/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/lookup_bakery/tasks/main.yml b/tests/integration/targets/lookup_bakery/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/lookup_bakery/tasks/main.yml +++ b/tests/integration/targets/lookup_bakery/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/lookup_bakery/tasks/test.yml b/tests/integration/targets/lookup_bakery/tasks/test.yml index 7da9f9ac3..0b764fc94 100644 --- a/tests/integration/targets/lookup_bakery/tasks/test.yml +++ b/tests/integration/targets/lookup_bakery/tasks/test.yml @@ -7,8 +7,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost register: looked_up_bakery diff --git a/tests/integration/targets/lookup_folder/tasks/main.yml b/tests/integration/targets/lookup_folder/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/lookup_folder/tasks/main.yml +++ b/tests/integration/targets/lookup_folder/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/lookup_folders/tasks/main.yml b/tests/integration/targets/lookup_folders/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/lookup_folders/tasks/main.yml +++ b/tests/integration/targets/lookup_folders/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/lookup_host/tasks/main.yml b/tests/integration/targets/lookup_host/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/lookup_host/tasks/main.yml +++ b/tests/integration/targets/lookup_host/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/lookup_hosts/tasks/main.yml b/tests/integration/targets/lookup_hosts/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/lookup_hosts/tasks/main.yml +++ b/tests/integration/targets/lookup_hosts/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/lookup_rules/tasks/main.yml b/tests/integration/targets/lookup_rules/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/lookup_rules/tasks/main.yml +++ b/tests/integration/targets/lookup_rules/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/lookup_rules/tasks/test.yml b/tests/integration/targets/lookup_rules/tasks/test.yml index b42e3dc6c..a5faed19f 100644 --- a/tests/integration/targets/lookup_rules/tasks/test.yml +++ b/tests/integration/targets/lookup_rules/tasks/test.yml @@ -1,10 +1,10 @@ --- - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Create rules." rule: - server_url: "{{ server_url }}" + server_url: "{{ checkmk_var_server_url }}" site: "{{ outer_item.site }}" - automation_user: "{{ automation_user }}" - automation_secret: "{{ automation_secret }}" + automation_user: "{{ checkmk_var_automation_user }}" + automation_secret: "{{ checkmk_var_automation_secret }}" ruleset: "{{ item.ruleset }}" rule: "{{ item.rule }}" state: "present" @@ -21,8 +21,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" register: cpu_load_ruleset delegate_to: localhost @@ -38,8 +38,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] @@ -54,8 +54,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] @@ -72,8 +72,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] @@ -88,8 +88,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/lookup_rulesets/tasks/main.yml b/tests/integration/targets/lookup_rulesets/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/lookup_rulesets/tasks/main.yml +++ b/tests/integration/targets/lookup_rulesets/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/lookup_rulesets/tasks/test.yml b/tests/integration/targets/lookup_rulesets/tasks/test.yml index 290fd0e92..abdc1bd1d 100644 --- a/tests/integration/targets/lookup_rulesets/tasks/test.yml +++ b/tests/integration/targets/lookup_rulesets/tasks/test.yml @@ -1,10 +1,10 @@ --- - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Create rules." rule: - server_url: "{{ server_url }}" + server_url: "{{ checkmk_var_server_url }}" site: "{{ outer_item.site }}" - automation_user: "{{ automation_user }}" - automation_secret: "{{ automation_secret }}" + automation_user: "{{ checkmk_var_automation_user }}" + automation_secret: "{{ checkmk_var_automation_secret }}" ruleset: "{{ item.ruleset }}" rule: "{{ item.rule }}" state: "present" @@ -23,8 +23,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] @@ -39,8 +39,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] @@ -58,8 +58,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] @@ -74,8 +74,8 @@ server_url=server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/lookup_version/tasks/main.yml b/tests/integration/targets/lookup_version/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/lookup_version/tasks/main.yml +++ b/tests/integration/targets/lookup_version/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/password/tasks/main.yml b/tests/integration/targets/password/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/password/tasks/main.yml +++ b/tests/integration/targets/password/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/rule/tasks/main.yml b/tests/integration/targets/rule/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/rule/tasks/main.yml +++ b/tests/integration/targets/rule/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/service_group/tasks/main.yml b/tests/integration/targets/service_group/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/service_group/tasks/main.yml +++ b/tests/integration/targets/service_group/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/tag_group/tasks/main.yml b/tests/integration/targets/tag_group/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/tag_group/tasks/main.yml +++ b/tests/integration/targets/tag_group/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/timeperiod/tasks/main.yml b/tests/integration/targets/timeperiod/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/timeperiod/tasks/main.yml +++ b/tests/integration/targets/timeperiod/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" diff --git a/tests/integration/targets/user/tasks/main.yml b/tests/integration/targets/user/tasks/main.yml index 67b2edf51..bbb3963bc 100644 --- a/tests/integration/targets/user/tasks/main.yml +++ b/tests/integration/targets/user/tasks/main.yml @@ -5,14 +5,6 @@ - name: "Run Preparations." ansible.builtin.include_tasks: /root/ansible_collections/checkmk/general/tests/integration/files/includes/tasks/prep.yml -- name: "Wait for site to be ready." - ansible.builtin.pause: - seconds: 5 - when: | - ((download_pass is defined and download_pass | length) or item.item.edition == 'cre') - and (item.stdout_lines is defined and 'OVERALL 1' in item.stdout_lines) - loop: "{{ site_status.results }}" - - name: "Testing." ansible.builtin.include_tasks: test.yml loop: "{{ test_sites }}" From 55b902b107f322cb576ca985f87c7ad5a172043b Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 17:10:08 -0500 Subject: [PATCH 050/114] Bugfix variable names. --- tests/integration/targets/lookup_bakery/tasks/test.yml | 2 +- tests/integration/targets/lookup_rules/tasks/test.yml | 10 +++++----- .../integration/targets/lookup_rulesets/tasks/test.yml | 8 ++++---- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/integration/targets/lookup_bakery/tasks/test.yml b/tests/integration/targets/lookup_bakery/tasks/test.yml index 0b764fc94..b594758f0 100644 --- a/tests/integration/targets/lookup_bakery/tasks/test.yml +++ b/tests/integration/targets/lookup_bakery/tasks/test.yml @@ -4,7 +4,7 @@ msg: "Bakery status is {{ bakery }}" vars: bakery: "{{ lookup('checkmk.general.bakery', - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, diff --git a/tests/integration/targets/lookup_rules/tasks/test.yml b/tests/integration/targets/lookup_rules/tasks/test.yml index a5faed19f..675237540 100644 --- a/tests/integration/targets/lookup_rules/tasks/test.yml +++ b/tests/integration/targets/lookup_rules/tasks/test.yml @@ -18,7 +18,7 @@ vars: rules: "{{ lookup('checkmk.general.rules', ruleset='checkgroup_parameters:cpu_load', - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, @@ -35,7 +35,7 @@ vars: rules: "{{ lookup('checkmk.general.rules', ruleset=item, - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, @@ -51,7 +51,7 @@ vars: rules: "{{ lookup('checkmk.general.rules', ruleset=item, - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, @@ -69,7 +69,7 @@ rules: "{{ lookup('checkmk.general.rules', ruleset=item, commebt_regex='Ansible managed', - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, @@ -85,7 +85,7 @@ vars: rule: "{{ lookup('checkmk.general.rule', rule_id=item.id, - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, diff --git a/tests/integration/targets/lookup_rulesets/tasks/test.yml b/tests/integration/targets/lookup_rulesets/tasks/test.yml index abdc1bd1d..8f7482982 100644 --- a/tests/integration/targets/lookup_rulesets/tasks/test.yml +++ b/tests/integration/targets/lookup_rulesets/tasks/test.yml @@ -20,7 +20,7 @@ regex='', rulesets_used=True, rulesets_deprecated=False, - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, @@ -36,7 +36,7 @@ regex='', rulesets_used=True, rulesets_deprecated=False, - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, @@ -55,7 +55,7 @@ regex='file', rulesets_used=False, rulesets_deprecated=False, - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, @@ -71,7 +71,7 @@ vars: ruleset: "{{ lookup('checkmk.general.ruleset', ruleset=item, - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, automation_user=checkmk_var_automation_user, From 149c5f43c144b1218233b2f48f118cef14576e8a Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 17:37:05 -0500 Subject: [PATCH 051/114] Cleanup. --- .../ans-int-test-activation-cust.yaml | 89 --- .github/workflows/container-build.yaml | 53 -- scripts/cloudsend/LICENSE | 661 ---------------- scripts/cloudsend/README.md | 184 ----- scripts/cloudsend/cloudsend.sh | 708 ------------------ tests/container/README.md | 3 - tests/sanity/ignore-2.14.txt | 4 +- tests/sanity/ignore-2.15.txt | 4 +- tests/sanity/ignore-2.16.txt | 4 +- 9 files changed, 3 insertions(+), 1707 deletions(-) delete mode 100644 .github/workflows/ans-int-test-activation-cust.yaml delete mode 100644 .github/workflows/container-build.yaml delete mode 100644 scripts/cloudsend/LICENSE delete mode 100644 scripts/cloudsend/README.md delete mode 100755 scripts/cloudsend/cloudsend.sh diff --git a/.github/workflows/ans-int-test-activation-cust.yaml b/.github/workflows/ans-int-test-activation-cust.yaml deleted file mode 100644 index 02cc3c9dd..000000000 --- a/.github/workflows/ans-int-test-activation-cust.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# README: -# - When changing the module name, it needs to be changed in 'env:MODULE_NAME' and in 'on:pull_requests:path'! -# -# Resources: -# - Template for this file: https://github.com/ansible-collections/collection_template/blob/main/.github/workflows/ansible-test.yml -# - About Ansible integration tests: https://docs.ansible.com/ansible/latest/dev_guide/testing_integration.html - -env: - NAMESPACE: checkmk - COLLECTION_NAME: general - MODULE_NAME: activation - CONTAINER_NAME: "ansible-checkmk-test" - CLOUD_SHARE: "https://cloud.checkmk.com/index.php/s/jMbHWxM5mT4WN2r" - -name: Ansible Integration Tests for Activation Module (Custom) -on: - workflow_dispatch: - schedule: - - cron: '0 0 * * 0' - pull_request: - branches: - - main - - devel - paths: - - 'plugins/modules/activation.py' - push: - branches: - - 'build/integration-tests-docker' - -jobs: - - integration: - runs-on: ubuntu-latest - name: â’¶${{ matrix.ansible }}+py${{ matrix.python }} - strategy: - fail-fast: false - matrix: - ansible: - - stable-2.14 - - stable-2.15 - - stable-2.16 - - devel - python: - - '3.8' - - '3.9' - - '3.10' - - '3.11' - - '3.12' - exclude: - # Exclude unsupported sets. - - ansible: stable-2.14 - python: '3.12' - - ansible: stable-2.15 - python: '3.12' - - steps: - - name: "Check out code" - uses: actions/checkout@v4 - with: - path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - - - name: "Set up Python" - uses: actions/setup-python@v5 - with: - python-version: '3.11' - - - name: "Install ansible-base (${{ matrix.ansible }})" - run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check - - - name: "Provide secrets file" - run: echo "${{ secrets.CHECKMK_DOWNLOAD_PW }}" > ./tests/integration/files/.dl-secret - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - env: - CHECKMK_DOWNLOAD_PW: ${{ secrets.CHECKMK_DOWNLOAD_PW }} - - - name: "Download Container Image" - run: | - curl -u "jMbHWxM5mT4WN2r:${{ env.NEXTCLOUD_PW }}" -H "X-Requested-With: XMLHttpRequest" "https://cloud.checkmk.com/public.php/webdav/ansible-checkmk-test-latest-image.tar.gz" --output ./ansible-checkmk-test-latest-image.tar.gz - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - env: - NEXTCLOUD_PW: ${{ secrets.NEXTCLOUD_PW }} - - - name: "Import Container Image" - run: docker load -i ansible-checkmk-test-latest-image.tar.gz - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - - - name: "Run integration test for testing" - run: ansible-test integration activation -v --color --retry-on-error --continue-on-error --diff --python 3.11 --docker-privileged --docker ${{ env.CONTAINER_NAME }} - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml deleted file mode 100644 index a609c3730..000000000 --- a/.github/workflows/container-build.yaml +++ /dev/null @@ -1,53 +0,0 @@ -env: - NAMESPACE: checkmk - COLLECTION_NAME: general - CONTAINER_NAME: "ansible-checkmk-test" - CLOUD_SHARE: "https://cloud.checkmk.com/index.php/s/jMbHWxM5mT4WN2r" - -name: Build Test Container Images -on: - workflow_dispatch: - schedule: - - cron: '0 0 * * 0' - -jobs: - - build: - runs-on: ubuntu-latest - name: Build Container - - steps: - - - name: "Free Disk Space." - uses: jlumbroso/free-disk-space@main - with: - # this might remove tools that are actually needed, - # if set to "true" but frees about 6 GB - tool-cache: false - - - name: "Check out code" - uses: actions/checkout@v4 - with: - path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - - - name: "Set up Python" - uses: actions/setup-python@v5 - with: - python-version: '3.11' - - - name: "Install ansible-base devel" - run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check - - - name: "Docker Build" - run: docker build -t ${{ env.CONTAINER_NAME }} ./ --build-arg DL_USER=d-gh-ansible-dl --build-arg DL_PW=${{ secrets.CHECKMK_DOWNLOAD_PW }} - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container - - - name: "Docker Save" - run: docker save ${{ env.CONTAINER_NAME }}:latest > ./${{ env.CONTAINER_NAME }}-latest-image.tar.gz - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/tests/container - - - name: "Upload Artifact" - run: ./scripts/cloudsend/cloudsend.sh -e ./tests/container/${{ env.CONTAINER_NAME }}-latest-image.tar.gz ${{ env.CLOUD_SHARE }} - working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} - env: - CLOUDSEND_PASSWORD: ${{ secrets.NEXTCLOUD_PW }} diff --git a/scripts/cloudsend/LICENSE b/scripts/cloudsend/LICENSE deleted file mode 100644 index ff5ef5392..000000000 --- a/scripts/cloudsend/LICENSE +++ /dev/null @@ -1,661 +0,0 @@ -GNU AFFERO GENERAL PUBLIC LICENSE -Version 3, 19 November 2007 - -Copyright (C) 2007 Free Software Foundation, Inc. -Everyone is permitted to copy and distribute verbatim copies -of this license document, but changing it is not allowed. - - Preamble - -The GNU Affero General Public License is a free, copyleft license for -software and other kinds of works, specifically designed to ensure -cooperation with the community in the case of network server software. - -The licenses for most software and other practical works are designed -to take away your freedom to share and change the works. By contrast, -our General Public Licenses are intended to guarantee your freedom to -share and change all versions of a program--to make sure it remains free -software for all its users. - -When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -them if you wish), that you receive source code or can get it if you -want it, that you can change the software or use pieces of it in new -free programs, and that you know you can do these things. - -Developers that use our General Public Licenses protect your rights -with two steps: (1) assert copyright on the software, and (2) offer -you this License which gives you legal permission to copy, distribute -and/or modify the software. - -A secondary benefit of defending all users' freedom is that -improvements made in alternate versions of the program, if they -receive widespread use, become available for other developers to -incorporate. Many developers of free software are heartened and -encouraged by the resulting cooperation. However, in the case of -software used on network servers, this result may fail to come about. -The GNU General Public License permits making a modified version and -letting the public access it on a server without ever releasing its -source code to the public. - -The GNU Affero General Public License is designed specifically to -ensure that, in such cases, the modified source code becomes available -to the community. It requires the operator of a network server to -provide the source code of the modified version running there to the -users of that server. Therefore, public use of a modified version, on -a publicly accessible server, gives the public access to the source -code of the modified version. - -An older license, called the Affero General Public License and -published by Affero, was designed to accomplish similar goals. This is -a different license, not a version of the Affero GPL, but Affero has -released a new version of the Affero GPL which permits relicensing under -this license. - -The precise terms and conditions for copying, distribution and -modification follow. - -TERMS AND CONDITIONS - -0. Definitions. - -"This License" refers to version 3 of the GNU Affero General Public License. - -"Copyright" also means copyright-like laws that apply to other kinds of -works, such as semiconductor masks. - -"The Program" refers to any copyrightable work licensed under this -License. Each licensee is addressed as "you". "Licensees" and -"recipients" may be individuals or organizations. - -To "modify" a work means to copy from or adapt all or part of the work -in a fashion requiring copyright permission, other than the making of an -exact copy. The resulting work is called a "modified version" of the -earlier work or a work "based on" the earlier work. - -A "covered work" means either the unmodified Program or a work based -on the Program. - -To "propagate" a work means to do anything with it that, without -permission, would make you directly or secondarily liable for -infringement under applicable copyright law, except executing it on a -computer or modifying a private copy. Propagation includes copying, -distribution (with or without modification), making available to the -public, and in some countries other activities as well. - -To "convey" a work means any kind of propagation that enables other -parties to make or receive copies. Mere interaction with a user through -a computer network, with no transfer of a copy, is not conveying. - -An interactive user interface displays "Appropriate Legal Notices" -to the extent that it includes a convenient and prominently visible -feature that (1) displays an appropriate copyright notice, and (2) -tells the user that there is no warranty for the work (except to the -extent that warranties are provided), that licensees may convey the -work under this License, and how to view a copy of this License. If -the interface presents a list of user commands or options, such as a -menu, a prominent item in the list meets this criterion. - -1. Source Code. - -The "source code" for a work means the preferred form of the work -for making modifications to it. "Object code" means any non-source -form of a work. - -A "Standard Interface" means an interface that either is an official -standard defined by a recognized standards body, or, in the case of -interfaces specified for a particular programming language, one that -is widely used among developers working in that language. - -The "System Libraries" of an executable work include anything, other -than the work as a whole, that (a) is included in the normal form of -packaging a Major Component, but which is not part of that Major -Component, and (b) serves only to enable use of the work with that -Major Component, or to implement a Standard Interface for which an -implementation is available to the public in source code form. A -"Major Component", in this context, means a major essential component -(kernel, window system, and so on) of the specific operating system -(if any) on which the executable work runs, or a compiler used to -produce the work, or an object code interpreter used to run it. - -The "Corresponding Source" for a work in object code form means all -the source code needed to generate, install, and (for an executable -work) run the object code and to modify the work, including scripts to -control those activities. However, it does not include the work's -System Libraries, or general-purpose tools or generally available free -programs which are used unmodified in performing those activities but -which are not part of the work. For example, Corresponding Source -includes interface definition files associated with source files for -the work, and the source code for shared libraries and dynamically -linked subprograms that the work is specifically designed to require, -such as by intimate data communication or control flow between those -subprograms and other parts of the work. - -The Corresponding Source need not include anything that users -can regenerate automatically from other parts of the Corresponding -Source. - -The Corresponding Source for a work in source code form is that -same work. - -2. Basic Permissions. - -All rights granted under this License are granted for the term of -copyright on the Program, and are irrevocable provided the stated -conditions are met. This License explicitly affirms your unlimited -permission to run the unmodified Program. The output from running a -covered work is covered by this License only if the output, given its -content, constitutes a covered work. This License acknowledges your -rights of fair use or other equivalent, as provided by copyright law. - -You may make, run and propagate covered works that you do not -convey, without conditions so long as your license otherwise remains -in force. You may convey covered works to others for the sole purpose -of having them make modifications exclusively for you, or provide you -with facilities for running those works, provided that you comply with -the terms of this License in conveying all material for which you do -not control copyright. Those thus making or running the covered works -for you must do so exclusively on your behalf, under your direction -and control, on terms that prohibit them from making any copies of -your copyrighted material outside their relationship with you. - -Conveying under any other circumstances is permitted solely under -the conditions stated below. Sublicensing is not allowed; section 10 -makes it unnecessary. - -3. Protecting Users' Legal Rights From Anti-Circumvention Law. - -No covered work shall be deemed part of an effective technological -measure under any applicable law fulfilling obligations under article -11 of the WIPO copyright treaty adopted on 20 December 1996, or -similar laws prohibiting or restricting circumvention of such -measures. - -When you convey a covered work, you waive any legal power to forbid -circumvention of technological measures to the extent such circumvention -is effected by exercising rights under this License with respect to -the covered work, and you disclaim any intention to limit operation or -modification of the work as a means of enforcing, against the work's -users, your or third parties' legal rights to forbid circumvention of -technological measures. - -4. Conveying Verbatim Copies. - -You may convey verbatim copies of the Program's source code as you -receive it, in any medium, provided that you conspicuously and -appropriately publish on each copy an appropriate copyright notice; -keep intact all notices stating that this License and any -non-permissive terms added in accord with section 7 apply to the code; -keep intact all notices of the absence of any warranty; and give all -recipients a copy of this License along with the Program. - -You may charge any price or no price for each copy that you convey, -and you may offer support or warranty protection for a fee. - -5. Conveying Modified Source Versions. - -You may convey a work based on the Program, or the modifications to -produce it from the Program, in the form of source code under the -terms of section 4, provided that you also meet all of these conditions: - -a) The work must carry prominent notices stating that you modified -it, and giving a relevant date. - -b) The work must carry prominent notices stating that it is -released under this License and any conditions added under section -7. This requirement modifies the requirement in section 4 to -"keep intact all notices". - -c) You must license the entire work, as a whole, under this -License to anyone who comes into possession of a copy. This -License will therefore apply, along with any applicable section 7 -additional terms, to the whole of the work, and all its parts, -regardless of how they are packaged. This License gives no -permission to license the work in any other way, but it does not -invalidate such permission if you have separately received it. - -d) If the work has interactive user interfaces, each must display -Appropriate Legal Notices; however, if the Program has interactive -interfaces that do not display Appropriate Legal Notices, your -work need not make them do so. - -A compilation of a covered work with other separate and independent -works, which are not by their nature extensions of the covered work, -and which are not combined with it such as to form a larger program, -in or on a volume of a storage or distribution medium, is called an -"aggregate" if the compilation and its resulting copyright are not -used to limit the access or legal rights of the compilation's users -beyond what the individual works permit. Inclusion of a covered work -in an aggregate does not cause this License to apply to the other -parts of the aggregate. - -6. Conveying Non-Source Forms. - -You may convey a covered work in object code form under the terms -of sections 4 and 5, provided that you also convey the -machine-readable Corresponding Source under the terms of this License, -in one of these ways: - -a) Convey the object code in, or embodied in, a physical product -(including a physical distribution medium), accompanied by the -Corresponding Source fixed on a durable physical medium -customarily used for software interchange. - -b) Convey the object code in, or embodied in, a physical product -(including a physical distribution medium), accompanied by a -written offer, valid for at least three years and valid for as -long as you offer spare parts or customer support for that product -model, to give anyone who possesses the object code either (1) a -copy of the Corresponding Source for all the software in the -product that is covered by this License, on a durable physical -medium customarily used for software interchange, for a price no -more than your reasonable cost of physically performing this -conveying of source, or (2) access to copy the -Corresponding Source from a network server at no charge. - -c) Convey individual copies of the object code with a copy of the -written offer to provide the Corresponding Source. This -alternative is allowed only occasionally and noncommercially, and -only if you received the object code with such an offer, in accord -with subsection 6b. - -d) Convey the object code by offering access from a designated -place (gratis or for a charge), and offer equivalent access to the -Corresponding Source in the same way through the same place at no -further charge. You need not require recipients to copy the -Corresponding Source along with the object code. If the place to -copy the object code is a network server, the Corresponding Source -may be on a different server (operated by you or a third party) -that supports equivalent copying facilities, provided you maintain -clear directions next to the object code saying where to find the -Corresponding Source. Regardless of what server hosts the -Corresponding Source, you remain obligated to ensure that it is -available for as long as needed to satisfy these requirements. - -e) Convey the object code using peer-to-peer transmission, provided -you inform other peers where the object code and Corresponding -Source of the work are being offered to the general public at no -charge under subsection 6d. - -A separable portion of the object code, whose source code is excluded -from the Corresponding Source as a System Library, need not be -included in conveying the object code work. - -A "User Product" is either (1) a "consumer product", which means any -tangible personal property which is normally used for personal, family, -or household purposes, or (2) anything designed or sold for incorporation -into a dwelling. In determining whether a product is a consumer product, -doubtful cases shall be resolved in favor of coverage. For a particular -product received by a particular user, "normally used" refers to a -typical or common use of that class of product, regardless of the status -of the particular user or of the way in which the particular user -actually uses, or expects or is expected to use, the product. A product -is a consumer product regardless of whether the product has substantial -commercial, industrial or non-consumer uses, unless such uses represent -the only significant mode of use of the product. - -"Installation Information" for a User Product means any methods, -procedures, authorization keys, or other information required to install -and execute modified versions of a covered work in that User Product from -a modified version of its Corresponding Source. The information must -suffice to ensure that the continued functioning of the modified object -code is in no case prevented or interfered with solely because -modification has been made. - -If you convey an object code work under this section in, or with, or -specifically for use in, a User Product, and the conveying occurs as -part of a transaction in which the right of possession and use of the -User Product is transferred to the recipient in perpetuity or for a -fixed term (regardless of how the transaction is characterized), the -Corresponding Source conveyed under this section must be accompanied -by the Installation Information. But this requirement does not apply -if neither you nor any third party retains the ability to install -modified object code on the User Product (for example, the work has -been installed in ROM). - -The requirement to provide Installation Information does not include a -requirement to continue to provide support service, warranty, or updates -for a work that has been modified or installed by the recipient, or for -the User Product in which it has been modified or installed. Access to a -network may be denied when the modification itself materially and -adversely affects the operation of the network or violates the rules and -protocols for communication across the network. - -Corresponding Source conveyed, and Installation Information provided, -in accord with this section must be in a format that is publicly -documented (and with an implementation available to the public in -source code form), and must require no special password or key for -unpacking, reading or copying. - -7. Additional Terms. - -"Additional permissions" are terms that supplement the terms of this -License by making exceptions from one or more of its conditions. -Additional permissions that are applicable to the entire Program shall -be treated as though they were included in this License, to the extent -that they are valid under applicable law. If additional permissions -apply only to part of the Program, that part may be used separately -under those permissions, but the entire Program remains governed by -this License without regard to the additional permissions. - -When you convey a copy of a covered work, you may at your option -remove any additional permissions from that copy, or from any part of -it. (Additional permissions may be written to require their own -removal in certain cases when you modify the work.) You may place -additional permissions on material, added by you to a covered work, -for which you have or can give appropriate copyright permission. - -Notwithstanding any other provision of this License, for material you -add to a covered work, you may (if authorized by the copyright holders of -that material) supplement the terms of this License with terms: - -a) Disclaiming warranty or limiting liability differently from the -terms of sections 15 and 16 of this License; or - -b) Requiring preservation of specified reasonable legal notices or -author attributions in that material or in the Appropriate Legal -Notices displayed by works containing it; or - -c) Prohibiting misrepresentation of the origin of that material, or -requiring that modified versions of such material be marked in -reasonable ways as different from the original version; or - -d) Limiting the use for publicity purposes of names of licensors or -authors of the material; or - -e) Declining to grant rights under trademark law for use of some -trade names, trademarks, or service marks; or - -f) Requiring indemnification of licensors and authors of that -material by anyone who conveys the material (or modified versions of -it) with contractual assumptions of liability to the recipient, for -any liability that these contractual assumptions directly impose on -those licensors and authors. - -All other non-permissive additional terms are considered "further -restrictions" within the meaning of section 10. If the Program as you -received it, or any part of it, contains a notice stating that it is -governed by this License along with a term that is a further -restriction, you may remove that term. If a license document contains -a further restriction but permits relicensing or conveying under this -License, you may add to a covered work material governed by the terms -of that license document, provided that the further restriction does -not survive such relicensing or conveying. - -If you add terms to a covered work in accord with this section, you -must place, in the relevant source files, a statement of the -additional terms that apply to those files, or a notice indicating -where to find the applicable terms. - -Additional terms, permissive or non-permissive, may be stated in the -form of a separately written license, or stated as exceptions; -the above requirements apply either way. - -8. Termination. - -You may not propagate or modify a covered work except as expressly -provided under this License. Any attempt otherwise to propagate or -modify it is void, and will automatically terminate your rights under -this License (including any patent licenses granted under the third -paragraph of section 11). - -However, if you cease all violation of this License, then your -license from a particular copyright holder is reinstated (a) -provisionally, unless and until the copyright holder explicitly and -finally terminates your license, and (b) permanently, if the copyright -holder fails to notify you of the violation by some reasonable means -prior to 60 days after the cessation. - -Moreover, your license from a particular copyright holder is -reinstated permanently if the copyright holder notifies you of the -violation by some reasonable means, this is the first time you have -received notice of violation of this License (for any work) from that -copyright holder, and you cure the violation prior to 30 days after -your receipt of the notice. - -Termination of your rights under this section does not terminate the -licenses of parties who have received copies or rights from you under -this License. If your rights have been terminated and not permanently -reinstated, you do not qualify to receive new licenses for the same -material under section 10. - -9. Acceptance Not Required for Having Copies. - -You are not required to accept this License in order to receive or -run a copy of the Program. Ancillary propagation of a covered work -occurring solely as a consequence of using peer-to-peer transmission -to receive a copy likewise does not require acceptance. However, -nothing other than this License grants you permission to propagate or -modify any covered work. These actions infringe copyright if you do -not accept this License. Therefore, by modifying or propagating a -covered work, you indicate your acceptance of this License to do so. - -10. Automatic Licensing of Downstream Recipients. - -Each time you convey a covered work, the recipient automatically -receives a license from the original licensors, to run, modify and -propagate that work, subject to this License. You are not responsible -for enforcing compliance by third parties with this License. - -An "entity transaction" is a transaction transferring control of an -organization, or substantially all assets of one, or subdividing an -organization, or merging organizations. If propagation of a covered -work results from an entity transaction, each party to that -transaction who receives a copy of the work also receives whatever -licenses to the work the party's predecessor in interest had or could -give under the previous paragraph, plus a right to possession of the -Corresponding Source of the work from the predecessor in interest, if -the predecessor has it or can get it with reasonable efforts. - -You may not impose any further restrictions on the exercise of the -rights granted or affirmed under this License. For example, you may -not impose a license fee, royalty, or other charge for exercise of -rights granted under this License, and you may not initiate litigation -(including a cross-claim or counterclaim in a lawsuit) alleging that -any patent claim is infringed by making, using, selling, offering for -sale, or importing the Program or any portion of it. - -11. Patents. - -A "contributor" is a copyright holder who authorizes use under this -License of the Program or a work on which the Program is based. The -work thus licensed is called the contributor's "contributor version". - -A contributor's "essential patent claims" are all patent claims -owned or controlled by the contributor, whether already acquired or -hereafter acquired, that would be infringed by some manner, permitted -by this License, of making, using, or selling its contributor version, -but do not include claims that would be infringed only as a -consequence of further modification of the contributor version. For -purposes of this definition, "control" includes the right to grant -patent sublicenses in a manner consistent with the requirements of -this License. - -Each contributor grants you a non-exclusive, worldwide, royalty-free -patent license under the contributor's essential patent claims, to -make, use, sell, offer for sale, import and otherwise run, modify and -propagate the contents of its contributor version. - -In the following three paragraphs, a "patent license" is any express -agreement or commitment, however denominated, not to enforce a patent -(such as an express permission to practice a patent or covenant not to -sue for patent infringement). To "grant" such a patent license to a -party means to make such an agreement or commitment not to enforce a -patent against the party. - -If you convey a covered work, knowingly relying on a patent license, -and the Corresponding Source of the work is not available for anyone -to copy, free of charge and under the terms of this License, through a -publicly available network server or other readily accessible means, -then you must either (1) cause the Corresponding Source to be so -available, or (2) arrange to deprive yourself of the benefit of the -patent license for this particular work, or (3) arrange, in a manner -consistent with the requirements of this License, to extend the patent -license to downstream recipients. "Knowingly relying" means you have -actual knowledge that, but for the patent license, your conveying the -covered work in a country, or your recipient's use of the covered work -in a country, would infringe one or more identifiable patents in that -country that you have reason to believe are valid. - -If, pursuant to or in connection with a single transaction or -arrangement, you convey, or propagate by procuring conveyance of, a -covered work, and grant a patent license to some of the parties -receiving the covered work authorizing them to use, propagate, modify -or convey a specific copy of the covered work, then the patent license -you grant is automatically extended to all recipients of the covered -work and works based on it. - -A patent license is "discriminatory" if it does not include within -the scope of its coverage, prohibits the exercise of, or is -conditioned on the non-exercise of one or more of the rights that are -specifically granted under this License. You may not convey a covered -work if you are a party to an arrangement with a third party that is -in the business of distributing software, under which you make payment -to the third party based on the extent of your activity of conveying -the work, and under which the third party grants, to any of the -parties who would receive the covered work from you, a discriminatory -patent license (a) in connection with copies of the covered work -conveyed by you (or copies made from those copies), or (b) primarily -for and in connection with specific products or compilations that -contain the covered work, unless you entered into that arrangement, -or that patent license was granted, prior to 28 March 2007. - -Nothing in this License shall be construed as excluding or limiting -any implied license or other defenses to infringement that may -otherwise be available to you under applicable patent law. - -12. No Surrender of Others' Freedom. - -If conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot convey a -covered work so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you may -not convey it at all. For example, if you agree to terms that obligate you -to collect a royalty for further conveying from those to whom you convey -the Program, the only way you could satisfy both those terms and this -License would be to refrain entirely from conveying the Program. - -13. Remote Network Interaction; Use with the GNU General Public License. - -Notwithstanding any other provision of this License, if you modify the -Program, your modified version must prominently offer all users -interacting with it remotely through a computer network (if your version -supports such interaction) an opportunity to receive the Corresponding -Source of your version by providing access to the Corresponding Source -from a network server at no charge, through some standard or customary -means of facilitating copying of software. This Corresponding Source -shall include the Corresponding Source for any work covered by version 3 -of the GNU General Public License that is incorporated pursuant to the -following paragraph. - -Notwithstanding any other provision of this License, you have -permission to link or combine any covered work with a work licensed -under version 3 of the GNU General Public License into a single -combined work, and to convey the resulting work. The terms of this -License will continue to apply to the part which is the covered work, -but the work with which it is combined will remain governed by version -3 of the GNU General Public License. - -14. Revised Versions of this License. - -The Free Software Foundation may publish revised and/or new versions of -the GNU Affero General Public License from time to time. Such new versions -will be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the -Program specifies that a certain numbered version of the GNU Affero General -Public License "or any later version" applies to it, you have the -option of following the terms and conditions either of that numbered -version or of any later version published by the Free Software -Foundation. If the Program does not specify a version number of the -GNU Affero General Public License, you may choose any version ever published -by the Free Software Foundation. - -If the Program specifies that a proxy can decide which future -versions of the GNU Affero General Public License can be used, that proxy's -public statement of acceptance of a version permanently authorizes you -to choose that version for the Program. - -Later license versions may give you additional or different -permissions. However, no additional obligations are imposed on any -author or copyright holder as a result of your choosing to follow a -later version. - -15. Disclaimer of Warranty. - -THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT -HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY -OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, -THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM -IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF -ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - -16. Limitation of Liability. - -IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS -THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY -GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE -USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF -DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD -PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), -EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF -SUCH DAMAGES. - -17. Interpretation of Sections 15 and 16. - -If the disclaimer of warranty and limitation of liability provided -above cannot be given local legal effect according to their terms, -reviewing courts shall apply local law that most closely approximates -an absolute waiver of all civil liability in connection with the -Program, unless a warranty or assumption of liability accompanies a -copy of the Program in return for a fee. - -END OF TERMS AND CONDITIONS - -How to Apply These Terms to Your New Programs - -If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - -To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -state the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - -Copyright (C) - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as published -by the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU Affero General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see . - -Also add information on how to contact you by electronic and paper mail. - -If your software can interact with users remotely through a computer -network, you should also make sure that it provides a way for users to -get its source. For example, if your program is a web application, its -interface could display a "Source" link that leads users to an archive -of the code. There are many ways you could offer source, and different -solutions will be better for different programs; see section 13 for the -specific requirements. - -You should also get your employer (if you work as a programmer) or school, -if any, to sign a "copyright disclaimer" for the program, if necessary. -For more information on this, and how to apply and follow the GNU AGPL, see -. diff --git a/scripts/cloudsend/README.md b/scripts/cloudsend/README.md deleted file mode 100644 index 864bb576e..000000000 --- a/scripts/cloudsend/README.md +++ /dev/null @@ -1,184 +0,0 @@ -# Tavinus CloudSender2 -Bash script that uses curl to send files and folders to a [nextcloud](https://nextcloud.com) / [owncloud](https://owncloud.org) publicly shared folder. - - ----------------------------------------------- -#### If you want to support this project, you can do it here :coffee: :beer: - -[![paypal-image](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=AJNPRBY9EDXJJ&source=url) - ---- - -***The logic is*** -``` -cloudsend -``` -[The Origins are here](https://gist.github.com/tavinus/93bdbc051728748787dc22a58dfe58d8), -Thanks for everyone that contributed on [the original GIST](https://gist.github.com/tavinus/93bdbc051728748787dc22a58dfe58d8) - ---- - -**Also check my [cloudmanager app](https://github.com/tavinus/cloudmanager) for a full nextcloud/owncloud webdav client.** - ---- - -### Shares with passwords -**Cloudsend v2 changed the way password parsing works.** -Cloudsend 0.x.x used the `-p` parameter for the Environment password (changed to `-e` in v2+). -Please use EITHER `-e` OR `-p`, but not both. The last to be called will be used. - - - **Env Pass** *>* Set the variable `CLOUDSEND_PASSWORD='MySecretPass'` and use the option `-e` - - **Param Pass** *>* Send the password as a parameter with `-p ` - -### Input Globbing -You can use input globbing (wildcards) by setting the `-g` option. -This will ignore input file checking and pass the glob to curl to be used. -You *MUST NOT* rename files when globbing, input file names will be used. -You *MUST NOT* send folders when globbing, only files are allowed. - -**Glob examples:** - - `'{file1.txt,file2.txt,file3.txt}'` - - `'img[1-100].png'` - -**More info on globbing** -https://github.com/tavinus/cloudsend.sh/wiki/Input-Globbing - -### Read from stdin (pipes) -You can send piped content by using `-` or `.` as the input file name *(curl specs)*. -You *MUST* set a destination file name to use stdin as input ( `-r ` ). - -**From curl's manual:** -Use the file name `-` (a single dash) to use stdin instead of a given file. -Alternately, the file name `.` (a single period) may be specified instead of `-` to use -stdin in non-blocking mode to allow reading server output while stdin is being uploaded. - -### Sending entire folder -From v2.2.0 `cloudsend.sh` can send folders. It will traverse the folder tree, create -each folder and send each file. **Just use a folder path as input.** - -![image](https://user-images.githubusercontent.com/8039413/116766734-6a98fe00-aa02-11eb-9553-de06c39e3d0e.png) - -#### Other ways to send folders: - -*This sends every **FILE** in the current shell folder.* - - change the first `./` to change the input folder ( *eg.* `'/home/myname/myfolder'` ) - - `-maxdepth 1` will read current folder only, more levels go deeper, supressing goes all levels -```bash -find ./ -maxdepth 1 -type f -exec ./cloudsend.sh {} https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG -p yourPassword \; -``` - ----- - -*This sends every **FILE** inside `/home/myname/myfolder`, including ALL subfolders.* -```bash -find /home/myname/myfolder -type f -exec ./cloudsend.sh {} https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG -p yourPassword \; -``` - ----- - -*This sends a gziped tarball of the current shell folder.* -```bash -tar cf - "$(pwd)" | gzip -9 -c | ./cloudsend.sh - 'https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG' -r myfolder.tar.gz -``` - ----- - -*This sends a gziped tarball of `/home/myname/myfolder`.* -```bash -tar cf - /home/myname/myfolder | gzip -9 -c | ./cloudsend.sh - 'https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG' -r myfolder.tar.gz -``` - ----- - -*This sends a recursive zip file of `/home/myname/myfolder`.* -```bash -zip -q -r -9 - /home/myname/myfolder | ./cloudsend.sh - 'https://cloud.mydomain.tld/s/TxWdsNX2Ln3X5kxG' -r myfolder.zip -``` - ----- - -### Help info -``` -$./cloudsend.sh --help -Tavinus Cloud Sender v2.2.8 - -Parameters: - -h | --help Print this help and exits - -q | --quiet Disables verbose messages - -V | --version Prints version and exits - -r | --rename Change the destination file name - -g | --glob Disable input file checking to use curl globs - -k | --insecure Uses curl with -k option (https insecure) - -l | --limit-rate Uses curl limit-rate (eg 100k, 1M) - -a | --abort-on-errors Aborts on Webdav response errors - -p | --password Uses as shared folder password - -e | --envpass Uses env var $CLOUDSEND_PASSWORD as share password - You can 'export CLOUDSEND_PASSWORD' at your system, or set it at the call - Please remeber to also call -e to use the password set - -Use: - ./cloudsend.sh [options] - CLOUDSEND_PASSWORD='MySecretPass' ./cloudsend.sh -e [options] - -Passwords: - Cloudsend 2 changed the way password works - Cloudsend 0.x.x used the '-p' parameter for the Environment password (changed to -e in v2+) - Please use EITHER -e OR -p, but not both. The last to be called will be used - - Env Pass > Set the variable CLOUDSEND_PASSWORD='MySecretPass' and use the option '-e' - Param Pass > Send the password as a parameter with '-p ' - -Folders: - Cloudsend 2.2.0 introduces folder tree sending. Just use a directory as . - It will traverse all files and folders, create the needed folders and send all files. - Each folder creation and file sending will require a curl call. - -Input Globbing: - You can use input globbing (wildcards) by setting the -g option - This will ignore input file checking and pass the glob to curl to be used - You MUST NOT rename files when globbing, input file names will be used - You MUST NOT send folders when globbing, only files are allowed - Glob examples: '{file1.txt,file2.txt,file3.txt}' - 'img[1-100].png' - -Send from stdin (pipe): - You can send piped content by using - or . as the input file name (curl specs) - You MUST set a destination file name to use stdin as input (-r ) - - Use the file name '-' (a single dash) to use stdin instead of a given file - Alternately, the file name '.' (a single period) may be specified instead of '-' to use - stdin in non-blocking mode to allow reading server output while stdin is being uploaded - -Examples: - CLOUDSEND_PASSWORD='MySecretPass' ./cloudsend.sh -e './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh 'my Folder' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh -r 'RenamedFile.txt' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh --limit-rate 200K -p 'MySecretPass' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh -p 'MySecretPass' -r 'RenamedFile.txt' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh -g -p 'MySecretPass' '{file1,file2,file3}' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - cat file | ./cloudsend.sh - 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' -r destFileName - - -``` - ---- - -### Questions -*Whats is "https://cloud.mydomain.net/s/fLDzToZF4MLvG28"? -What is a "folderlink"? -Where do i get it from? -Specially the "s/fLDzToZF4MLvG28" part?* - -**You have to share a Folder writable and use the generated link** - -![Shared Folder Screenshot](https://user-images.githubusercontent.com/8039413/81998321-9a4fca00-9628-11ea-8fbc-7e5c7d0faaf0.png) - ---- - -### Troubleshooting -From [Nextcloud 21 Documentation](https://docs.nextcloud.com/server/21/user_manual/en/files/access_webdav.html#accessing-public-shares-over-webdav) -![image](https://user-images.githubusercontent.com/8039413/116769994-b05fc180-aa16-11eb-80bc-e37ff45d1c38.png) - - - diff --git a/scripts/cloudsend/cloudsend.sh b/scripts/cloudsend/cloudsend.sh deleted file mode 100755 index 71892acd1..000000000 --- a/scripts/cloudsend/cloudsend.sh +++ /dev/null @@ -1,708 +0,0 @@ -#!/usr/bin/env bash - -############################################################ -# -# Tavinus Cloud Sender 2 -# cloudsend.sh -# https://github.com/tavinus/cloudsend.sh -# -# Uses curl to send files to a shared -# Nextcloud/Owncloud folder -# -# Usage: ./cloudsend.sh -# Help: ./cloudsend.sh -h -# -# Gustavo Arnosti Neves -# https://github.com/tavinus -# -# Contributors: -# @MG2R @gessel -# -# Get this script to current folder with: -# curl -O 'https://raw.githubusercontent.com/tavinus/cloudsend.sh/master/cloudsend.sh' && chmod +x cloudsend.sh -# -# NOTE: Cloudsend 2 changed the way password is handled and -# is NOT compatible with cloudsend 1 calls. The -e parameter -# now does what -p parameter did (environment passwords), -# while the -p parameter receives the password directly. -# -############################################################ - - - - - -CS_VERSION="2.2.8" - -TRUE=0 -FALSE=1 - -CLOUDURL="" -FOLDERTOKEN="" -INNERPATH="" - -PUBSUFFIX="public.php/webdav" -HEADER='X-Requested-With: XMLHttpRequest' - -CLOUDSEND_PARAMS=() -INSECURE='' -OUTFILE='' - -RENAMING=$FALSE -QUIETMODE=$FALSE -GLOBBING=$FALSE -LIMITTING=$FALSE -LIMITCMD='' -RATELIMIT='' -GLOBCMD=' -g' -VERBOSE=' --progress-bar' - -STTYBIN="$(command -v stty 2>/dev/null)" -BASENAMEBIN="$(command -v basename 2>/dev/null)" -FINDBIN="$(command -v find 2>/dev/null)" -SCREENSIZE="40 80" - -DIRLIST=() -FILELIST=() - -CURLEXIT=0 -CURLRESPONSES="" -ABORTONERRORS=$FALSE - - - - - -################################################################ -#### CURL CALL EXAMPLE - -# https://cloud.mydomain.net/s/fLDzToZF4MLvG28 -# curl -k -T myFile.ext -u "fLDzToZF4MLvG28:" -H 'X-Requested-With: XMLHttpRequest' https://cloud.mydomain.net/public.php/webdav/myFile.ext - - - - - -################################################################ -#### MESSAGES -################################################################ - - -# Logs message to stdout -log() { - isQuietMode || printf "%s\n" "$@" -} - - -# Logs message to stdout -logSameLine() { - isQuietMode || printf "%s" "$@" -} - - -# Prints program name and version -printVersion() { - printf "%s\n" "Tavinus Cloud Sender v$CS_VERSION" -} - - -# Prints error messages and exits -initError() { - printVersion >&2 - printf "%s\n" "Init Error! $1" >&2 - printf "%s\n" "Try: $0 --help" >&2 - exit 5 -} - - -# Curl summed exit codes -# Will be 0 if no curl call had errors -curlAddExitCode() { - ((CURLEXIT=CURLEXIT+$1)) -} - - -# Curl appended messages -# Will probably be empty if curl was able to perfom as intended -curlAddResponse() { - if isNotEmpty "$1"; then - isEmpty "$CURLRESPONSES" && CURLRESPONSES="$2"$'\n'"$1" || CURLRESPONSES="$CURLRESPONSES"$'\n----------------\n'"$2"$'\n'"$1" - fi -} - - -# Prints usage information (help) -usage() { - printVersion - printf "%s" " -Parameters: - -h | --help Print this help and exits - -q | --quiet Disables verbose messages - -V | --version Prints version and exits - -r | --rename Change the destination file name - -g | --glob Disable input file checking to use curl globs - -k | --insecure Uses curl with -k option (https insecure) - -l | --limit-rate Uses curl limit-rate (eg 100k, 1M) - -a | --abort-on-errors Aborts on Webdav response errors - -p | --password Uses as shared folder password - -e | --envpass Uses env var \$CLOUDSEND_PASSWORD as share password - You can 'export CLOUDSEND_PASSWORD' at your system, or set it at the call - Please remeber to also call -e to use the password set - -Use: - ./cloudsend.sh [options] - CLOUDSEND_PASSWORD='MySecretPass' ./cloudsend.sh -e [options] - -Passwords: - Cloudsend 2 changed the way password works - Cloudsend 0.x.x used the '-p' parameter for the Environment password (changed to -e in v2+) - Please use EITHER -e OR -p, but not both. The last to be called will be used - - Env Pass > Set the variable CLOUDSEND_PASSWORD='MySecretPass' and use the option '-e' - Param Pass > Send the password as a parameter with '-p ' - -Folders: - Cloudsend 2.2.0 introduces folder tree sending. Just use a directory as . - It will traverse all files and folders, create the needed folders and send all files. - Each folder creation and file sending will require a curl call. - -Input Globbing: - You can use input globbing (wildcards) by setting the -g option - This will ignore input file checking and pass the glob to curl to be used - You MUST NOT rename files when globbing, input file names will be used - You MUST NOT send folders when globbing, only files are allowed - Glob examples: '{file1.txt,file2.txt,file3.txt}' - 'img[1-100].png' - -Send from stdin (pipe): - You can send piped content by using - or . as the input file name (curl specs) - You MUST set a destination file name to use stdin as input (-r ) - - Use the file name '-' (a single dash) to use stdin instead of a given file - Alternately, the file name '.' (a single period) may be specified instead of '-' to use - stdin in non-blocking mode to allow reading server output while stdin is being uploaded - -Examples: - CLOUDSEND_PASSWORD='MySecretPass' ./cloudsend.sh -e './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh 'my Folder' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh -r 'RenamedFile.txt' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh --limit-rate 200K -p 'MySecretPass' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh -p 'MySecretPass' -r 'RenamedFile.txt' './myfile.txt' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - ./cloudsend.sh -g -p 'MySecretPass' '{file1,file2,file3}' 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' - cat file | ./cloudsend.sh - 'https://cloud.mydomain.net/s/fLDzToZF4MLvG28' -r destFileName - -" -} - - - - - -################################################################ -#### GET OPTIONS -################################################################ - - -# Checks only for quiet/verbose mode and ignores all else -parseQuietMode(){ - while :; do - case "$1" in - -h|--help) - usage ; exit 0 ;; - -V|--version) - printVersion ; exit 0 ;; - -q|--quiet) - QUIETMODE=$TRUE - VERBOSE=" -s" ; break ;; - *) - isEmpty "$1" && break || shift ;; - esac - done - -} - - -# Parses CLI options and parameters -parseOptions() { - log "Tavinus Cloud Sender v$CS_VERSION"$'\n' - while :; do - case "$1" in - -q|--quiet) - shift ;; # already checked - -k|--insecure) - INSECURE=' -k' - log "> Insecure mode ON" - shift ;; - -e|--envpass|--environment) - loadPassword "${CLOUDSEND_PASSWORD}" - log "> Using password from environment" - shift ;; - -p|--password) - loadPassword "$2" - log "> Using password from parameter" - shift ; shift ;; - -r|--rename) - loadOutFile "${2}" - log "> Destination file will be renamed to \"$OUTFILE\"" - RENAMING=$TRUE - shift ; shift ;; - -g|--glob) - GLOBBING=$TRUE - GLOBCMD='' - log "> Glob mode ON, input file checkings disabled" - shift ;; - -a|--abort-on-errors) - ABORTONERRORS=$TRUE - log "> Abort on errors ON, will stop execution on DAV errors" - shift ;; - -l|--limit-rate) - loadLimit "${2}" - LIMITTING=$TRUE - log "> Rate limit set to $RATELIMIT" - shift ; shift ;; - - *) - if isEmpty "$1"; then - break ; - else - CLOUDSEND_PARAMS=("${CLOUDSEND_PARAMS[@]}" "$1") - shift ; - fi - - esac - done - - CLOUDURL='' - FILENAME="${CLOUDSEND_PARAMS[0]}" - CLOUDSHARE="${CLOUDSEND_PARAMS[1]}" - - # if we have index.php in the URL, process accordingly - if [[ "$CLOUDSHARE" == *"index.php"* ]]; then - CLOUDURL="${CLOUDSHARE%/index.php/s/*}" - else - CLOUDURL="${CLOUDSHARE%/s/*}" - fi - - # get token and sub folder - FOLDERTOKEN="${CLOUDSHARE##*/s/}" - INNERPATH="${FOLDERTOKEN##*\?path=}" - FOLDERTOKEN="${FOLDERTOKEN%\?*}" - - if [[ "$FOLDERTOKEN" == "$INNERPATH" ]]; then - INNERPATH="" - else - INNERPATH="$(decodeSlash "$INNERPATH")" - fi - - - if isGlobbing; then - if isRenaming; then - initError $'Cannot rename output files when using globbing on input.\nAll files would get the same output name and then be overwritten.\nSend individual files if you need renaming.' - elif isPiped "$FILENAME"; then - initError $'Cannot use globbing and send piped input at the same time.\nDo either one or the other.' - fi - else - if ! isFile "$FILENAME" && ! isDir "$FILENAME" && ! isPiped "$FILENAME"; then - initError "Invalid input file/folder: $FILENAME" - fi - - if isPiped "$FILENAME" && ! isRenaming; then - initError $'No output file name!\nYou need to set a destination name when reading from a pipe!\nPlease add -r to your call.' - fi - fi - - if isEmpty "$CLOUDURL"; then - initError "Empty URL! Nowhere to send..." - fi - - if isEmpty "$FOLDERTOKEN"; then - initError "Empty Folder Token! Nowhere to send..." - fi - log '' -} - -# Parses Rate limitting -loadLimit() { - if [ -z "$@" ]; then - initError "Trying to set an empty rate limit" - fi - RATELIMIT="$@" - LIMITCMD=' --limit-rate '"$RATELIMIT" -} - - -# Parses password to var or exits -loadPassword() { - if [ -z "$@" ]; then - initError "Trying to set an empty password" - fi - PASSWORD="$@" -} - - -# Parses destination file name to var or exits -loadOutFile() { - if [ -z "$@" ]; then - initError "Trying to set an empty destination file name" - fi - OUTFILE="$@" -} - - - - - -################################################################ -#### VALIDATORS -################################################################ - - -# Dependency check -checkCurl() { - CURLBIN="$(command -v curl 2>/dev/null)" - isExecutable "$CURLBIN" && return $TRUE - CURLBIN='/usr/bin/curl' - isExecutable "$CURLBIN" && return $TRUE - CURLBIN='/usr/local/bin/curl' - isExecutable "$CURLBIN" && return $TRUE - CURLBIN='/usr/share/curl' - isExecutable "$CURLBIN" && return $TRUE - initError "No curl found on system! Please install curl and try again!" - exit 6 -} - - -# Adjust Columns so the progess bar shows correctly -# Curl "space bar" has bugs that only show in special cases, -# depending on the column size of the terminal. I had lots -# of problems with this spanning multiple lines, so I fixed it -# with a max of 80 columns if it is bigger (seems to solve). -# https://github.com/curl/curl/issues/4849 -getScreenSize() { - if isExecutable "$STTYBIN"; then - SCREENSIZE="$($STTYBIN size)" - fi - #export LINES=${SCREENSIZE% *} - #export COLUMNS=$((${SCREENSIZE#* } - 1)) - COLUMNS=${SCREENSIZE#* } - ((COLUMNS=COLUMNS-1)) - [[ $COLUMNS -gt 80 ]] && COLUMNS=80 - export COLUMNS - #export COLUMNS=50 - #echo "LINES..: $LINES" - #echo "COLUMNS: $COLUMNS" -} - - -# Returns $TRUE if $1 is a file, $FALSE otherwise -isFile() { - [[ -f "$1" ]] && return $TRUE - return $FALSE -} - - -# Returns $TRUE if $1 is a directory, $FALSE otherwise -isDir() { - [[ -d "$1" ]] && return $TRUE - return $FALSE -} - - -# Returns $TRUE if $1 is executable, $FALSE otherwise -isExecutable() { - [[ -x "$1" ]] && return $TRUE - return $FALSE -} - - -# Returns $TRUE if $1 is empty, $FALSE otherwise -isEmpty() { - [[ -z "$1" ]] && return $TRUE - return $FALSE -} - - -# Returns $TRUE if $1 is not empty, $FALSE otherwise -isNotEmpty() { - [[ -z "$1" ]] && return $FALSE - return $TRUE -} - - -# Checks if the input file is stdin (either - or .) -isPiped() { - if [ "$1" = '-' ] || [ "$1" = '.' ] ; then - return $TRUE - fi - return $FALSE -} - - - - - -################################################################ -#### FLAG CHECKERS -################################################################ - - -# If we are renaming the output, return $TRUE, else $FALSE -isRenaming() { - return $RENAMING -} - - -# If we are running in Quiet Mode, return $TRUE, else $FALSE -isQuietMode() { - return $QUIETMODE -} - - -# If we are globbing the input, return $TRUE, else $FALSE -isGlobbing() { - return $GLOBBING -} - - -# If we should abort when curl returns a XML response, return $TRUE, else $FALSE -abortOnDavErrors() { - return $ABORTONERRORS -} - - -# If have a dav error, return $TRUE, else $FALSE -hasDavErrors() { - isEmpty "$CURLRESPONSES" && return $FALSE - return $TRUE -} - - -# If have a dav error, return $TRUE, else $FALSE -checkAbort() { - abortOnDavErrors && hasDavErrors && logResult -} - - - - - -################################################################ -#### HELPER FUNCTIONS - - -# encode URL escaping -rawUrlEncode() { - local string="${1}" - local strlen=${#string} - local encoded="" - local pos c o - - for (( pos=0 ; pos " - eout="$(escapeChars "$1")" - #echo "$CURLBIN"$INSECURE --silent -X MKCOL -u "$FOLDERTOKEN":"$PASSWORD" -H "$HEADER" "$CLOUDURL/$PUBSUFFIX$INNERPATH/$1" - cstat="$(createDirRun "$eout" 2>&1)" - #echo " -- $cstat" - if ! isEmpty "$cstat"; then - curlAddResponse "$cstat" "Send Folder: \"$eout\"" - msg="$(echo "$cstat" | grep '' | sed -e 's/<[^>]*>//g' -e 's/^[[:space:]]*//')" - isEmpty "$msg" && msg="$(echo "$cstat" | grep '' | sed -e 's/<[^>]*>//g' -e 's/^[[:space:]]*//')" - log "$msg" - else - log 'OK' - fi - checkAbort # exits if DAV errors AND not ignoring them -} - - -# Create a directory with -X MKCOL -createDirRun() { - "$CURLBIN"$INSECURE --silent -X MKCOL -u "$FOLDERTOKEN":"$PASSWORD" -H "$HEADER" "$CLOUDURL/$PUBSUFFIX$INNERPATH/$1" | cat ; test ${PIPESTATUS[0]} -eq 0 - ecode=$? - curlAddExitCode $ecode - return $ecode -} - - -# Traverse a folder and send its files and subfolders -sendDir() { - isEmpty "$FILENAME" && initError 'Error! Cannot send folder with empty name.' - isDir "$FILENAME" || initError 'Error! sendFolder() > "'"$FILENAME"'" is not a Folder.' - - # Load lists of folders and files to be sent - DIRLIST=() - FILELIST=() - readarray -t DIRLIST < <(find "$FILENAME" -type d -printf '%P\n') - readarray -t FILELIST < <(find "$FILENAME" -type f -printf '%P\n') - #echo '<>' ; echo "${DIRLIST[@]}" ; echo '<>' ; echo "${FILELIST[@]}" - - fbn="$("$BASENAMEBIN" "$FILENAME")" - - # MacOS / BSD readlink does not have the -f option - # Get bash implementation from pdfScale.sh if needed - # For now PWD seems to be enough - if [[ "$fbn" == '.' ]]; then - fbn="$PWD" - fbn="$("$BASENAMEBIN" "$fbn")" - fi - - log "CREATING FOLDER TREE AT DESTINATION"$'\n'"==================================="$'\n' - - # Create main/root folder that is being sent - createDir "$fbn" - - # Create whole directory tree at destination - for d in "${DIRLIST[@]}"; do - if ! isEmpty "$d"; then - createDir "$fbn/$d" - fi - done - - log $'\n'"SENDING ALL FILES FROM FOLDER TREE"$'\n'"=================================="$'\n' - - # Send all files to their destinations - for f in "${FILELIST[@]}"; do - if ! isEmpty "$f"; then - OUTFILE="$fbn/$f" - log "$OUTFILE > " - sendFile "$FILENAME/$f" - fi - done - -} - - -# Logs succes or failure from curl -logResult() { - #echo "LOGRESULT: $1" - local fileString="$("$BASENAMEBIN" "$FILENAME")" - isRenaming && fileString="$("$BASENAMEBIN" "$FILENAME") (renamed as $OUTFILE)" - log $'\n'"SUMMARY"$'\n'"======="$'\n' - - if [ $CURLEXIT -eq 0 ]; then - if isEmpty "$CURLRESPONSES"; then - log " > All Curl calls exited without errors and no WebDAV errors were detected"$'\n'" > Attempt to send completed > $fileString" - else - log " > All Curl calls exited without errors, but webdav errors"$'\n'" were detected while trying to send $fileString"$'\n\n'"Curl Log:"$'\n'"$CURLRESPONSES" - fi - exit 0 - fi - log " > Curl execution errors were detected when sending > $fileString"$'\n'" > Summed Curl exit codes: $CURLEXIT" - exit $CURLEXIT -} - - -# Execute curl send -sendFile() { - if isGlobbing; then - OUTFILE='' - elif isEmpty "$OUTFILE"; then # If we are not renaming, use the input file name - OUTFILE="$("$BASENAMEBIN" "$1")" - fi - - getScreenSize - eout="$(escapeChars "$OUTFILE")" - # Send file - #echo "$CURLBIN"$INSECURE$VERBOSE -T \""$1"\" -u \""$FOLDERTOKEN":"$PASSWORD"\" -H \""$HEADER"\" \""$CLOUDURL/$PUBSUFFIX$INNERPATH/$eout"\" - #"$CURLBIN"$LIMITCMD$INSECURE$VERBOSE$GLOBCMD -T "$1" -u "$FOLDERTOKEN":"$PASSWORD" -H "$HEADER" "$CLOUDURL/$PUBSUFFIX$INNERPATH/$eout" | cat ; test ${PIPESTATUS[0]} -eq 0 - resp="$("$CURLBIN"$LIMITCMD$INSECURE$VERBOSE$GLOBCMD -T "$1" -u "$FOLDERTOKEN":"$PASSWORD" -H "$HEADER" "$CLOUDURL/$PUBSUFFIX$INNERPATH/$eout")" - stat=$? - curlAddResponse "$resp" "Send File: \"$eout\"" - curlAddExitCode $stat - checkAbort # exits if DAV errors AND not ignoring them -} - - -# Send Files and Folders -sendItems() { - if ! isGlobbing && isDir "$FILENAME"; then - sendDir - else - if isGlobbing; then - log "SENDING CURL GLOB"$'\n'"================="$'\n' - log "$FILENAME > " - else - log "SENDING SINGLE FILE"$'\n'"==================="$'\n' - log "$("$BASENAMEBIN" "$FILENAME") > " - fi - sendFile "$FILENAME" - fi -} - - - - - -################################################################ -#### RUN ####################################################### -################################################################ -parseQuietMode "${@}" -parseOptions "${@}" -checkCurl -sendItems -logResult -################################################################ -#### RUN ####################################################### -################################################################ - - - - - - -################################################################ -exit 88 ; # should never get here -################################################################ diff --git a/tests/container/README.md b/tests/container/README.md index b377696b8..c19d09247 100644 --- a/tests/container/README.md +++ b/tests/container/README.md @@ -6,8 +6,5 @@ TBD - `docker build -t ansible-checkmk-test ./` - `ansible-test integration activation --docker-privileged --python 3.10 --docker ansible-checkmk-test` -## ToDo -- [ ] Add deadsnakes to enable several Python versions. - ## Recognition This project uses https://github.com/gdraheim/docker-systemctl-replacement. diff --git a/tests/sanity/ignore-2.14.txt b/tests/sanity/ignore-2.14.txt index eca87845d..df7c9efcc 100644 --- a/tests/sanity/ignore-2.14.txt +++ b/tests/sanity/ignore-2.14.txt @@ -1,6 +1,4 @@ tests/container/files/systemctl3.py pep8!skip tests/container/files/systemctl3.py no-basestring!skip tests/container/files/systemctl3.py pylint!skip -tests/container/files/systemctl3.py shebang!skip -scripts/cloudsend/cloudsend.sh shebang!skip -scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file +tests/container/files/systemctl3.py shebang!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.15.txt b/tests/sanity/ignore-2.15.txt index eca87845d..df7c9efcc 100644 --- a/tests/sanity/ignore-2.15.txt +++ b/tests/sanity/ignore-2.15.txt @@ -1,6 +1,4 @@ tests/container/files/systemctl3.py pep8!skip tests/container/files/systemctl3.py no-basestring!skip tests/container/files/systemctl3.py pylint!skip -tests/container/files/systemctl3.py shebang!skip -scripts/cloudsend/cloudsend.sh shebang!skip -scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file +tests/container/files/systemctl3.py shebang!skip \ No newline at end of file diff --git a/tests/sanity/ignore-2.16.txt b/tests/sanity/ignore-2.16.txt index 3489f9ee8..cf7a03556 100644 --- a/tests/sanity/ignore-2.16.txt +++ b/tests/sanity/ignore-2.16.txt @@ -2,6 +2,4 @@ tests/container/files/systemctl3.py pep8!skip tests/container/files/systemctl3.py no-basestring!skip tests/container/files/systemctl3.py pylint!skip tests/container/files/systemctl3.py shebang!skip -tests/container/files/systemctl3.py compile-3.12!skip -scripts/cloudsend/cloudsend.sh shebang!skip -scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file +tests/container/files/systemctl3.py compile-3.12!skip \ No newline at end of file From 303a939cbc4fd5f1c65d6741a4aeb41b584a91bc Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 17:37:27 -0500 Subject: [PATCH 052/114] Try to fix ignores for Ansible devel sanity tests. --- tests/sanity/{ignore-devel.txt => ignore-2.17..txt} | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) rename tests/sanity/{ignore-devel.txt => ignore-2.17..txt} (57%) diff --git a/tests/sanity/ignore-devel.txt b/tests/sanity/ignore-2.17..txt similarity index 57% rename from tests/sanity/ignore-devel.txt rename to tests/sanity/ignore-2.17..txt index 3489f9ee8..cf7a03556 100644 --- a/tests/sanity/ignore-devel.txt +++ b/tests/sanity/ignore-2.17..txt @@ -2,6 +2,4 @@ tests/container/files/systemctl3.py pep8!skip tests/container/files/systemctl3.py no-basestring!skip tests/container/files/systemctl3.py pylint!skip tests/container/files/systemctl3.py shebang!skip -tests/container/files/systemctl3.py compile-3.12!skip -scripts/cloudsend/cloudsend.sh shebang!skip -scripts/cloudsend/cloudsend.sh shellcheck!skip \ No newline at end of file +tests/container/files/systemctl3.py compile-3.12!skip \ No newline at end of file From 0ee61cced5abda2b3d4de505bbdcd75f80322516 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 17:39:14 -0500 Subject: [PATCH 053/114] Clean up Makefile. --- Makefile | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/Makefile b/Makefile index fc6b07f5d..38ad780ff 100644 --- a/Makefile +++ b/Makefile @@ -6,8 +6,6 @@ COLLECTION_ROOT="/home/vagrant/ansible_collections/checkmk/general" CONTAINER_BUILD_ROOT="$(COLLECTION_ROOT)/tests/container" CONTAINER_NAME="ansible-checkmk-test" -CLOUD_SHARE=https://cloud.checkmk.com/index.php/s/jMbHWxM5mT4WN2r - help: @echo "setup - Run all setup target at once." @echo "" @@ -57,10 +55,6 @@ version: @newversion=$$(dialog --stdout --inputbox "New Version:" 0 0 "$(VERSION)") ; \ if [ -n "$$newversion" ] ; then ./scripts/release.sh -s "$(VERSION)" -t $$newversion ; fi -cloudsend: - CLOUDSEND_PASSWORD=$$(dialog --stdout --inputbox "Share Password:" 0 0) \ - ./scripts/cloudsend/cloudsend.sh -e ansible-checkmk-test-latest-image.tar.gz $(CLOUD_SHARE) - setup: setup-python setup-kvm setup-python: @@ -129,6 +123,7 @@ vms-suse: vms-windows: @vagrant up ansidows + container: molecule vagrant ssh molecule -c "\ docker build -t $(CONTAINER_NAME) $(CONTAINER_BUILD_ROOT) --build-arg DL_PW=$$(cat .secret) && \ From 2cdb9b7d048eb82c09f6706035f81fe3795d8251 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 17:44:37 -0500 Subject: [PATCH 054/114] Fix typo in file name. --- tests/sanity/{ignore-2.17..txt => ignore-2.17.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename tests/sanity/{ignore-2.17..txt => ignore-2.17.txt} (100%) diff --git a/tests/sanity/ignore-2.17..txt b/tests/sanity/ignore-2.17.txt similarity index 100% rename from tests/sanity/ignore-2.17..txt rename to tests/sanity/ignore-2.17.txt From a4d96f8271d745c825eeb8cdb397d212c8505182 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 19 Jan 2024 17:46:47 -0500 Subject: [PATCH 055/114] Remove unnecessary skip. --- tests/sanity/ignore-2.17.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/sanity/ignore-2.17.txt b/tests/sanity/ignore-2.17.txt index cf7a03556..439637947 100644 --- a/tests/sanity/ignore-2.17.txt +++ b/tests/sanity/ignore-2.17.txt @@ -1,5 +1,4 @@ tests/container/files/systemctl3.py pep8!skip -tests/container/files/systemctl3.py no-basestring!skip tests/container/files/systemctl3.py pylint!skip tests/container/files/systemctl3.py shebang!skip tests/container/files/systemctl3.py compile-3.12!skip \ No newline at end of file From 24dc453686d265d0f1773018e3dd3aa7b3ac22a2 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Tue, 23 Jan 2024 09:03:45 +0100 Subject: [PATCH 056/114] Debugged the integration test for the rules module. --- tests/integration/targets/rule/tasks/test.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/integration/targets/rule/tasks/test.yml b/tests/integration/targets/rule/tasks/test.yml index 541edcb0e..f380dd7b0 100644 --- a/tests/integration/targets/rule/tasks/test.yml +++ b/tests/integration/targets/rule/tasks/test.yml @@ -55,9 +55,14 @@ rule: rule_id: "{{ existing_rule[0].id }}" properties: { - "description": "Modified this intentionally." + "comment": "{{ existing_rule[0].extensions.properties.comment }}", + "description": "Modified this intentionally.", + "disabled": "{{ existing_rule[0].extensions.properties.disabled }}" } + conditions: "{{ existing_rule[0].extensions.conditions }}" + value_raw: "{{ existing_rule[0].extensions.value_raw | string }}" state: "present" + when: "existing_rule|length>0" vars: existing_rule: "{{ lookup('checkmk.general.rules', ruleset=item.ruleset, From 2c3a9c65a2413538d762b1dc11b19ceaa39ddeec Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Wed, 20 Dec 2023 11:12:30 +0100 Subject: [PATCH 057/114] The rule module has now a parameter rule_id that can be used to identify an existing rule. --- plugins/modules/rule.py | 79 ++++++++++++++++++++++++++++------------- 1 file changed, 55 insertions(+), 24 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 097acce4e..959196536 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -67,6 +67,11 @@ properties: description: Properties of the rule. type: dict + rule_id: + description: + - If given, it will be C(the only condition) to identify the rule to work on. + - When there's no rule found with this id, the task will fail. + type: str value_raw: description: Rule values as exported from the web interface. type: str @@ -280,6 +285,25 @@ def get_rules_in_ruleset(module, base_url, headers, ruleset): module, url, module.jsonify(params), headers=headers, method="GET" ) + if info["status"] != 200: + exit_failed( + module, + "Error calling API. HTTP code %d. Details: %s, " + % (info["status"], str(info)), + ) + + return json.loads(response.read().decode("utf-8")).get("value") + + +def show_rule(module, base_url, headers, rule_id): + api_endpoint = "/objects/rule/" + rule_id + + url = "%s%s" % (base_url, api_endpoint) + + response, info = fetch_url( + module, url, headers=headers, method="GET" + ) + if info["status"] != 200: exit_failed( module, @@ -308,8 +332,12 @@ def get_rule_by_id(module, base_url, headers, rule_id): def get_existing_rule(module, base_url, headers, ruleset, rule): - # Get rules in ruleset - rules = get_rules_in_ruleset(module, base_url, headers, ruleset) + if rule.get("rule_id"): + # We already know whih rule to get + return rule.get("rule_id") + else: + # Get rules in ruleset + rules = get_rules_in_ruleset(module, base_url, headers, ruleset) (value_mod, exc) = safe_eval(rule["value_raw"], include_exceptions=True) if exc is not None: @@ -324,7 +352,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): if rules is not None: # Loop through all rules - for r in rules.get("value"): + for r in rules: (value_api, exc) = safe_eval( r["extensions"]["value_raw"], include_exceptions=True ) @@ -338,7 +366,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): and value_api == value_mod ): # If they are the same, return the ID - return r + return r["id"] return None @@ -347,9 +375,9 @@ def create_rule(module, base_url, headers, ruleset, rule): api_endpoint = "/domain-types/rule/collections/all" changed = True - e = get_existing_rule(module, base_url, headers, ruleset, rule) - if e: - return (e["id"], not changed) + rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) + if rule_id: + return (rule_id, not changed) if module.check_mode: return (None, changed) @@ -382,10 +410,11 @@ def create_rule(module, base_url, headers, ruleset, rule): def delete_rule(module, base_url, headers, ruleset, rule): changed = True - e = get_existing_rule(module, base_url, headers, ruleset, rule) - if e: + rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) + + if rule_id: if not module.check_mode: - delete_rule_by_id(module, base_url, headers, e["id"]) + delete_rule_by_id(module, base_url, headers, rule_id) return changed return not changed @@ -471,6 +500,7 @@ def run_module(): conditions=dict(type="dict"), properties=dict(type="dict"), value_raw=dict(type="str"), + rule_id=dict(type="str"), location=dict( type="dict", options=dict( @@ -519,23 +549,24 @@ def run_module(): # Get the variables ruleset = module.params.get("ruleset", "") - rule = module.params.get("rule", "") + rule = module.params.get("rule", {}) location = rule.get("location") # Check if required params to create a rule are given - if rule.get("folder") is None or rule.get("folder") == "": - rule["folder"] = location["folder"] - if rule.get("properties") is None or rule.get("properties") == "": - exit_failed(module, "Rule properties are required") - if rule.get("value_raw") is None or rule.get("value_raw") == "": - exit_failed(module, "Rule value_raw is required") - # Default to all hosts if conditions arent given - if rule.get("conditions") is None or rule.get("conditions") == "": - rule["conditions"] = { - "host_tags": [], - "host_labels": [], - "service_labels": [], - } + if rule.get("rule_id") is None or rule.get("rule_id") == "": + if rule.get("folder") is None or rule.get("folder") == "": + rule["folder"] = location["folder"] + if rule.get("properties") is None or rule.get("properties") == "": + exit_failed(module, "Rule properties are required") + if rule.get("value_raw") is None or rule.get("value_raw") == "": + exit_failed(module, "Rule value_raw is required") + # Default to all hosts if conditions arent given + if rule.get("conditions") is None or rule.get("conditions") == "": + rule["conditions"] = { + "host_tags": [], + "host_labels": [], + "service_labels": [], + } if module.params.get("state") == "absent": if location.get("rule_id") is not None: exit_failed(module, "rule_id in location is invalid with state=absent") From 8f7d4a63e6187eaedeff45807e986800b65d0a3b Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Tue, 9 Jan 2024 07:48:03 +0100 Subject: [PATCH 058/114] Ongoing development. --- plugins/modules/rule.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 959196536..990594d97 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -334,7 +334,10 @@ def get_rule_by_id(module, base_url, headers, rule_id): def get_existing_rule(module, base_url, headers, ruleset, rule): if rule.get("rule_id"): # We already know whih rule to get - return rule.get("rule_id") + if module.params.get("state") == "absent": + # When deleting and we already know the ID, don't compare + return rule.get("rule_id") + rules = [ show_rule(module, base_url, headers, rule.get("rule_id")) ] else: # Get rules in ruleset rules = get_rules_in_ruleset(module, base_url, headers, ruleset) @@ -553,9 +556,9 @@ def run_module(): location = rule.get("location") # Check if required params to create a rule are given + if rule.get("folder") is None or rule.get("folder") == "": + rule["folder"] = location["folder"] if rule.get("rule_id") is None or rule.get("rule_id") == "": - if rule.get("folder") is None or rule.get("folder") == "": - rule["folder"] = location["folder"] if rule.get("properties") is None or rule.get("properties") == "": exit_failed(module, "Rule properties are required") if rule.get("value_raw") is None or rule.get("value_raw") == "": From b39fd6d6eadd1243b6ccce63b320c2ca1034efbf Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:01:22 +0100 Subject: [PATCH 059/114] Now it's also possible to change existing rules based on a given rule_id. --- plugins/modules/rule.py | 65 +++++++++++++++++++++++++++++++++++------ 1 file changed, 56 insertions(+), 9 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 990594d97..61c1331d1 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -411,6 +411,42 @@ def create_rule(module, base_url, headers, ruleset, rule): return (r["id"], changed) +def modify_rule(module, base_url, headers, ruleset, rule): + changed = True + rule_id = rule.get("rule_id") + + if not rule_id: + return not changed + + if module.check_mode: + return (None, changed) + + headers["If-Match"] = get_rule_etag(module, base_url, headers, rule_id) + + params = { + "properties": rule["properties"], + "value_raw": rule["value_raw"], + "conditions": rule["conditions"], + } + + api_endpoint = "/objects/rule/" + rule_id + url = base_url + api_endpoint + + info = fetch_url( + module, url, module.jsonify(params), headers=headers, method="PUT" + )[1] + #exit_failed(module, "###### INFO: %s" % str(info)) + + if info["status"] not in [200, 204]: + exit_failed( + module, + "Error calling API. HTTP code %d. Details: %s, " + % (info["status"], info["body"]), + ) + + return changed + + def delete_rule(module, base_url, headers, ruleset, rule): changed = True rule_id = get_existing_rule(module, base_url, headers, ruleset, rule) @@ -556,15 +592,15 @@ def run_module(): location = rule.get("location") # Check if required params to create a rule are given - if rule.get("folder") is None or rule.get("folder") == "": + if not rule.get("folder"): rule["folder"] = location["folder"] - if rule.get("rule_id") is None or rule.get("rule_id") == "": - if rule.get("properties") is None or rule.get("properties") == "": + if not rule.get("rule_id"): + if not rule.get("properties"): exit_failed(module, "Rule properties are required") - if rule.get("value_raw") is None or rule.get("value_raw") == "": + if not rule.get("value_raw"): exit_failed(module, "Rule value_raw is required") # Default to all hosts if conditions arent given - if rule.get("conditions") is None or rule.get("conditions") == "": + if rule.get("conditions"): rule["conditions"] = { "host_tags": [], "host_labels": [], @@ -583,13 +619,24 @@ def run_module(): exit_ok(module, "Rule does not exist") # If state is present, create the rule elif module.params.get("state") == "present": - (rule_id, created) = create_rule(module, base_url, headers, ruleset, rule) - if created: + action = None + if rule.get("rule_id"): + # Modify an existing rule + rule_id = rule.get("rule_id") + if modify_rule(module, base_url, headers, ruleset, rule): + action = "changed" + else: + # If no rule_id is mentioned, we check if our rule exists. If not, then create it. + (rule_id, changed) = create_rule(module, base_url, headers, ruleset, rule) + if changed: + action = "created" + + if action: # Move rule to specified location, if it's not default if location["position"] != "bottom" and not module.check_mode: move_rule(module, base_url, headers, rule_id, location) - exit_changed(module, "Rule created", rule_id) - exit_ok(module, "Rule already exists", rule_id) + exit_changed(module, "Rule %s" % action, rule_id) + exit_ok(module, "Rule already exists with equal settings", rule_id) # Fallback exit_failed(module, "Unknown error") From ed320f64eeba70fccca331c9aa889dcbd96c445d Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Wed, 20 Dec 2023 11:12:30 +0100 Subject: [PATCH 060/114] The rule module has now a parameter rule_id that can be used to identify an existing rule. --- plugins/modules/rule.py | 36 ++++++------------------------------ 1 file changed, 6 insertions(+), 30 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 61c1331d1..9971e0c46 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -68,7 +68,7 @@ description: Properties of the rule. type: dict rule_id: - description: + description: - If given, it will be C(the only condition) to identify the rule to work on. - When there's no rule found with this id, the task will fail. type: str @@ -300,28 +300,9 @@ def show_rule(module, base_url, headers, rule_id): url = "%s%s" % (base_url, api_endpoint) - response, info = fetch_url( - module, url, headers=headers, method="GET" - ) - - if info["status"] != 200: - exit_failed( - module, - "Error calling API. HTTP code %d. Details: %s, " - % (info["status"], info["body"]), - ) - - return json.loads(response.read().decode("utf-8")) - - -def get_rule_by_id(module, base_url, headers, rule_id): - api_endpoint = "/objects/rule/" + rule_id - - url = base_url + api_endpoint - response, info = fetch_url(module, url, headers=headers, method="GET") - if info["status"] not in [200, 204]: + if info["status"] != 200: exit_failed( module, "Error calling API. HTTP code %d. Details: %s, " @@ -337,7 +318,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): if module.params.get("state") == "absent": # When deleting and we already know the ID, don't compare return rule.get("rule_id") - rules = [ show_rule(module, base_url, headers, rule.get("rule_id")) ] + rules = [show_rule(module, base_url, headers, rule.get("rule_id"))] else: # Get rules in ruleset rules = get_rules_in_ruleset(module, base_url, headers, ruleset) @@ -346,13 +327,6 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): if exc is not None: exit_failed(module, "value_raw in rule has invalid format") - # Get folder from neighbour rule if relative rule_id is given in location - if rule["location"]["rule_id"] is not None: - neighbour_rule = get_rule_by_id( - module, base_url, headers, rule["location"]["rule_id"] - ) - rule["folder"] = neighbour_rule["extensions"]["folder"] - if rules is not None: # Loop through all rules for r in rules: @@ -418,6 +392,9 @@ def modify_rule(module, base_url, headers, ruleset, rule): if not rule_id: return not changed + if get_existing_rule(module, base_url, headers, ruleset, rule): + return not changed + if module.check_mode: return (None, changed) @@ -435,7 +412,6 @@ def modify_rule(module, base_url, headers, ruleset, rule): info = fetch_url( module, url, module.jsonify(params), headers=headers, method="PUT" )[1] - #exit_failed(module, "###### INFO: %s" % str(info)) if info["status"] not in [200, 204]: exit_failed( From aad310f58d11a718d8459e67a5d226b656f5123f Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:53:22 +0100 Subject: [PATCH 061/114] Typo in the rules lookup module integration test. --- tests/integration/targets/lookup_rules/tasks/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/targets/lookup_rules/tasks/test.yml b/tests/integration/targets/lookup_rules/tasks/test.yml index b42e3dc6c..0406251e9 100644 --- a/tests/integration/targets/lookup_rules/tasks/test.yml +++ b/tests/integration/targets/lookup_rules/tasks/test.yml @@ -68,7 +68,7 @@ vars: rules: "{{ lookup('checkmk.general.rules', ruleset=item, - commebt_regex='Ansible managed', + comment_regex='Ansible managed', server_url=server_url, site=outer_item.site, validate_certs=False, From 461e4b94310ad9f01b68a2c59b9f3ebd00d07d52 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 10:53:56 +0100 Subject: [PATCH 062/114] Added an integration test case for modifying existing rules. --- tests/integration/targets/rule/tasks/test.yml | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/tests/integration/targets/rule/tasks/test.yml b/tests/integration/targets/rule/tasks/test.yml index b2f13c23c..c74f1b643 100644 --- a/tests/integration/targets/rule/tasks/test.yml +++ b/tests/integration/targets/rule/tasks/test.yml @@ -45,6 +45,45 @@ delegate_to: localhost run_once: true # noqa run-once[task] +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Modify rules." + rule: + server_url: "{{ checkmk_var_server_url }}" + site: "{{ outer_item.site }}" + automation_user: "{{ checkmk_var_automation_user }}" + automation_secret: "{{ checkmk_var_automation_secret }}" + ruleset: "{{ item.ruleset }}" + rule: + rule_id: "{{ existing_rule[0].id }}" + properties: { + "description": "Modified this intentionally." + } + state: "present" + vars: + existing_rule:"{{ lookup('checkmk.general.rules', + ruleset=item.ruleset, + comment_regex='Ansible managed', + server_url=server_url, + site=outer_item.site, + validate_certs=False, + automation_user=automation_user, + automation_secret=automation_secret) + }}" + delegate_to: localhost + run_once: true # noqa run-once[task] + loop: "{{ checkmk_var_rules }}" + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Activate." + activation: + server_url: "{{ checkmk_var_server_url }}" + site: "{{ outer_item.site }}" + automation_user: "{{ checkmk_var_automation_user }}" + automation_secret: "{{ checkmk_var_automation_secret }}" + force_foreign_changes: true + sites: + - "{{ outer_item.site }}" + delegate_to: localhost + run_once: true # noqa run-once[task] + - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Delete rules." rule: server_url: "{{ checkmk_var_server_url }}" From 8407c415d40f65ec91e1f2e6b7301f35dbff78a1 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 11:12:21 +0100 Subject: [PATCH 063/114] Typo in rule integration test. --- tests/integration/targets/rule/tasks/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/targets/rule/tasks/test.yml b/tests/integration/targets/rule/tasks/test.yml index c74f1b643..8029dab10 100644 --- a/tests/integration/targets/rule/tasks/test.yml +++ b/tests/integration/targets/rule/tasks/test.yml @@ -59,7 +59,7 @@ } state: "present" vars: - existing_rule:"{{ lookup('checkmk.general.rules', + existing_rule: "{{ lookup('checkmk.general.rules', ruleset=item.ruleset, comment_regex='Ansible managed', server_url=server_url, From 15cfe63268b45efbd9f32376d0edff30bf2670f7 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 19 Jan 2024 11:29:08 +0100 Subject: [PATCH 064/114] Copy & paste issue in rule integration test. --- tests/integration/targets/rule/tasks/test.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/integration/targets/rule/tasks/test.yml b/tests/integration/targets/rule/tasks/test.yml index 8029dab10..541edcb0e 100644 --- a/tests/integration/targets/rule/tasks/test.yml +++ b/tests/integration/targets/rule/tasks/test.yml @@ -62,11 +62,11 @@ existing_rule: "{{ lookup('checkmk.general.rules', ruleset=item.ruleset, comment_regex='Ansible managed', - server_url=server_url, + server_url=checkmk_var_server_url, site=outer_item.site, validate_certs=False, - automation_user=automation_user, - automation_secret=automation_secret) + automation_user=checkmk_var_automation_user, + automation_secret=checkmk_var_automation_secret) }}" delegate_to: localhost run_once: true # noqa run-once[task] From 05b4ef8cf4386f080d6d7f9c8cdc3cf04655fdfe Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Tue, 23 Jan 2024 09:03:45 +0100 Subject: [PATCH 065/114] Debugged the integration test for the rules module. --- tests/integration/targets/rule/tasks/test.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/integration/targets/rule/tasks/test.yml b/tests/integration/targets/rule/tasks/test.yml index 541edcb0e..f380dd7b0 100644 --- a/tests/integration/targets/rule/tasks/test.yml +++ b/tests/integration/targets/rule/tasks/test.yml @@ -55,9 +55,14 @@ rule: rule_id: "{{ existing_rule[0].id }}" properties: { - "description": "Modified this intentionally." + "comment": "{{ existing_rule[0].extensions.properties.comment }}", + "description": "Modified this intentionally.", + "disabled": "{{ existing_rule[0].extensions.properties.disabled }}" } + conditions: "{{ existing_rule[0].extensions.conditions }}" + value_raw: "{{ existing_rule[0].extensions.value_raw | string }}" state: "present" + when: "existing_rule|length>0" vars: existing_rule: "{{ lookup('checkmk.general.rules', ruleset=item.ruleset, From 30bf87a9bc65cccc4f3277748dfd8829c5d22c93 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Tue, 23 Jan 2024 16:32:09 +0100 Subject: [PATCH 066/114] Manually merge pull request #517 from meni2029/fix/module_rule_relative_id into the branch feature/module-rules-rule_id --- plugins/modules/rule.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/plugins/modules/rule.py b/plugins/modules/rule.py index 9971e0c46..a446c98a2 100644 --- a/plugins/modules/rule.py +++ b/plugins/modules/rule.py @@ -295,7 +295,7 @@ def get_rules_in_ruleset(module, base_url, headers, ruleset): return json.loads(response.read().decode("utf-8")).get("value") -def show_rule(module, base_url, headers, rule_id): +def get_rule_by_id(module, base_url, headers, rule_id): api_endpoint = "/objects/rule/" + rule_id url = "%s%s" % (base_url, api_endpoint) @@ -318,7 +318,7 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): if module.params.get("state") == "absent": # When deleting and we already know the ID, don't compare return rule.get("rule_id") - rules = [show_rule(module, base_url, headers, rule.get("rule_id"))] + rules = [get_rule_by_id(module, base_url, headers, rule.get("rule_id"))] else: # Get rules in ruleset rules = get_rules_in_ruleset(module, base_url, headers, ruleset) @@ -327,6 +327,13 @@ def get_existing_rule(module, base_url, headers, ruleset, rule): if exc is not None: exit_failed(module, "value_raw in rule has invalid format") + # Get folder from neighbour rule if relative rule_id is given in location + if rule["location"]["rule_id"] is not None: + neighbour_rule = get_rule_by_id( + module, base_url, headers, rule["location"]["rule_id"] + ) + rule["folder"] = neighbour_rule["extensions"]["folder"] + if rules is not None: # Loop through all rules for r in rules: From 2d30e5331eee4db0a5ed0ee4ab4df9ff15925930 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Tue, 23 Jan 2024 11:56:24 -0500 Subject: [PATCH 067/114] Update release process. --- CONTRIBUTING.md | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f24c720e4..1906df002 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -106,7 +106,7 @@ We urge you to run the following tests locally as applicable, so the turnaround ### Sanity [Ansible Sanity Tests](https://docs.ansible.com/ansible/latest/dev_guide/testing_sanity.html) enforce Ansible coding standards and requirements facilitating static code analysis. The `ansible-test` tool typically comes along with your Ansible installation (e.g. if you use the `requirements.txt` of this project). -We recommend using the `--docker` option, so you get the best results, as that uses a Docker image crafted and maintained by the Ansible project. +We recommend using the `--docker` option, so you get the best results, as that uses a Docker image crafted and maintained by the Ansible project. **Caution**: By default, Docker containers cannot be run as an unprivileged user! Depending on your setup you need to allow your user to run containers, or run `ansible-test` with `sudo`. Keep in mind, that with the latter you are running in another environment and might need to take care of installing the Python requirements for Ansible. To run the tests locally, use the following command in the project root: @@ -120,7 +120,7 @@ You can also run a subset by mentioning them as follows. See `ansible-test sanit ### Integration [Ansible Integration Tests](https://docs.ansible.com/ansible/latest/dev_guide/testing_integration.html) run test cases created by the maintainers of this project, to ensure the collection actually does what is intended. The `ansible-test` tool typically comes along with your Ansible installation (e.g. if you use the `requirements.txt` of this project). -We strongly recommend using the `--docker` option, so you do not modify your local system with these tests. +We strongly recommend using the `--docker` option, so you do not modify your local system with these tests. **Caution**: By default, Docker containers cannot be run as an unprivileged user! Depending on your setup you need to allow your user to run containers, or run `ansible-test` with `sudo`. Keep in mind, that with the latter you are running in another environment and might need to take care of installing the Python requirements for Ansible. To run all tests locally, use the following command in the project root: @@ -149,16 +149,20 @@ Releasing this collection is automated using GitHub Actions. Before running the action `Release Collection` against the `main` branch, the following needs to be done: -1. Update the collection version in `galaxy.yml` and `requirements.yml`. Look for `version:`. -2. Check the integration and molecule tests for up-to-date Checkmk versions. +1. Create a pull request from `devel` into `main` with the following naming scheme: `Release X.Y.Z`. +2. Choose and note which feature pull request you want to include in this release. 3. Check the GitHub Workflows for [EOL Ansible and Python versions and add new releases](https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix). -4. Update the compatibility matrix in `SUPPORT.md` accordingly. +4. The following tasks are automated in `scripts/release.sh`. Feel free to use the script, but double-check the result! + 1. Update the collection version in `galaxy.yml` and `requirements.yml`. Look for the string `version:`. + 2. Check the integration and molecule tests for up-to-date Checkmk versions and update if necessary. + 3. Update the compatibility matrix in `SUPPORT.md` accordingly. 5. Double check `changelogs/fragments` if all changes have a changelog. 6. After all changes have been performed, merge them into the `main` branch. 7. Release the collection by running the action `Release Collection` against the `main` branch. 8. Merge the automatically created pull request into `devel` and then update the `main` branch from `devel`. -Some of these steps can already be checked and done with `scripts/release.sh`. This is a work in progress and should be used carefully. +Some of these steps can already be checked and done with `scripts/release.sh`. +This is a work in progress and should be used carefully. You should definitely check the resulting changes thoroughly before committing. ## Code of Conduct From 55a6c113ac88f969963b7db0d4ac6d93e116b32e Mon Sep 17 00:00:00 2001 From: "max.sickora" Date: Thu, 25 Jan 2024 13:39:05 +0100 Subject: [PATCH 068/114] Initial commit --- plugins/modules/user.py | 73 +++++++++++++++---- tests/integration/targets/user/tasks/test.yml | 38 ++++++++++ tests/integration/targets/user/vars/main.yml | 24 +++--- 3 files changed, 111 insertions(+), 24 deletions(-) diff --git a/plugins/modules/user.py b/plugins/modules/user.py index d2a00f13b..e9cf583aa 100644 --- a/plugins/modules/user.py +++ b/plugins/modules/user.py @@ -232,9 +232,13 @@ from ansible.module_utils.basic import AnsibleModule from ansible_collections.checkmk.general.plugins.module_utils.api import CheckmkAPI +from ansible_collections.checkmk.general.plugins.module_utils.types import RESULT from ansible_collections.checkmk.general.plugins.module_utils.utils import ( result_as_dict, ) +from ansible_collections.checkmk.general.plugins.module_utils.version import ( + CheckmkVersion, +) USER = ( "username", @@ -405,6 +409,19 @@ def needs_editing(self): return True return False + def shortpassword(self, data): + ver = self.getversion() + if ver >= CheckmkVersion("2.3.0") and "auth_option" in data: + if ( + "password" in data["auth_option"] + and len(data["auth_option"]["password"]) < 12 + ) or ( + "secret" in data["auth_option"] + and len(data["auth_option"]["secret"]) < 10 + ): + return True + return False + def get(self): result = self._fetch( code_mapping=UserHTTPCodes.get, @@ -425,25 +442,44 @@ def create(self): # in the Checkmk API... data.setdefault("fullname", data["username"]) - result = self._fetch( - code_mapping=UserHTTPCodes.create, - endpoint=UserEndpoints.create, - data=data, - method="POST", - ) - + if self.shortpassword(data): + result = RESULT( + http_code=0, + msg="Password too short. For 2.3 and higher, please provide at least 12 characters (automation min. 10).", + content="", + etag="", + failed=True, + changed=False, + ) + else: + result = self._fetch( + code_mapping=UserHTTPCodes.create, + endpoint=UserEndpoints.create, + data=data, + method="POST", + ) return result def edit(self, etag): data = self._build_user_data() self.headers["if-Match"] = etag - result = self._fetch( - code_mapping=UserHTTPCodes.edit, - endpoint=self._build_default_endpoint(), - data=data, - method="PUT", - ) + if self.shortpassword(data): + result = RESULT( + http_code=0, + msg="Password too short. For 2.3 and higher, please provide at least 12 characters (automation min. 10).", + content="", + etag="", + failed=True, + changed=False, + ) + else: + result = self._fetch( + code_mapping=UserHTTPCodes.edit, + endpoint=self._build_default_endpoint(), + data=data, + method="PUT", + ) return result @@ -525,8 +561,17 @@ def run_module(): user.required.pop("username") result = user.edit(etag) elif user.state == "absent": - if required_state in ("present", "reset_password"): + if required_state in "present": result = user.create() + if required_state in "reset_password": + result = RESULT( + http_code=0, + msg="Can't reset the password for an absent user.", + content="", + etag="", + failed=False, + changed=False, + ) module.exit_json(**result_as_dict(result)) diff --git a/tests/integration/targets/user/tasks/test.yml b/tests/integration/targets/user/tasks/test.yml index 041fdbe66..1a855ad13 100644 --- a/tests/integration/targets/user/tasks/test.yml +++ b/tests/integration/targets/user/tasks/test.yml @@ -203,6 +203,44 @@ delegate_to: localhost run_once: true # noqa run-once[task] +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test create with short pw for 2.3 (should fail)" + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module + server_url: "{{ checkmk_var_server_url }}" + site: "{{ outer_item.site }}" + automation_user: "{{ checkmk_var_automation_user }}" + automation_secret: "{{ checkmk_var_automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 + name: "autotest" + fullname: "autotest" + auth_type: "automation" + password: "2short" + roles: + - admin + state: "present" + delegate_to: localhost + run_once: true # noqa run-once[task] + when: "'2.3' in outer_item.version" + register: checkmk_shortpwcheck_create + failed_when: "'Password too short. For 2.3 and higher' not in checkmk_shortpwcheck_create.msg" + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test reset with short pw for 2.3 (should fail)" + user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module + server_url: "{{ checkmk_var_server_url }}" + site: "{{ outer_item.site }}" + automation_user: "{{ checkmk_var_automation_user }}" + automation_secret: "{{ checkmk_var_automation_secret }}" + customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 + name: "{{ item.name }}" + password: "{{ item.password }}" + auth_type: "{{ item.auth_type }}" + state: "reset_password" + delegate_to: localhost + run_once: true # noqa run-once[task] + loop: "{{ checkmk_var_users_new_short_pw }}" + when: "'2.3' in outer_item.version" + register: checkmk_shortpwcheck_edit + failed_when: "'Password too short. For 2.3 and higher' not in checkmk_shortpwcheck_edit.msg" + - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Delete users." user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ checkmk_var_server_url }}" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index 5efd5ef49..d9469504a 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -38,7 +38,7 @@ checkmk_var_contact_groups: checkmk_var_users_create: - name: admin1 fullname: Admin Eins - password: "123" + password: "1234567890xx" auth_type: password email: 123@company.com contactgroups: [] @@ -49,7 +49,7 @@ checkmk_var_users_create: idle_timeout_option: individual - name: user1 fullname: User Eins - password: "123" + password: "1234567890xx" auth_type: password email: 123@company.com pager_address: "0123/4567890" @@ -62,7 +62,7 @@ checkmk_var_users_create: disable_notifications_timerange: { "end_time": "2024-01-09T12:10:00+00:00", "start_time": "2024-01-09T10:10:00+00:00" } - name: user2 fullname: User Zwei - password: "234" + password: "2345ggggeeee" auth_type: password contactgroups: - team2 @@ -71,7 +71,7 @@ checkmk_var_users_create: language: en - name: user3 fullname: User Drei - password: "345" + password: "3456asdfqwer" auth_type: password email: 345@company.com contactgroups: @@ -83,7 +83,7 @@ checkmk_var_users_create: disable_login: true - name: user4 fullname: User four - password: "4444" + password: "44441111gggg" auth_type: password contactgroups: - noteam @@ -106,25 +106,29 @@ checkmk_var_users_create: checkmk_var_users_newpw: - name: admin1 - password: "abc" + password: "abcuiuiuiuiui" auth_type: password - name: user1 - password: "abc" + password: "abcuiuiuiuiui" auth_type: password - name: user2 - password: "bcd" + password: "bcdaoaoaoaoao" auth_type: password - name: user3 - password: "cde" + password: "cdeblablabla" auth_type: password - name: auto1 password: "abcdefghij" auth_type: automation +checkmk_var_users_new_short_pw: + - name: user3 + password: "abcdefg" + auth_type: password + checkmk_var_users_edit: - name: admin1 fullname: Admin Eins - auth_type: password email: 123@company.com contactgroups: [] roles: From acc2d91161f9aa69e746720597fc01dae4f3485b Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Thu, 25 Jan 2024 15:45:52 +0100 Subject: [PATCH 069/114] scripts/testing.sh now has an option to do QA tests. --- Vagrantfile.kvm | 2 ++ Vagrantfile.vbox | 2 ++ scripts/testing.sh | 16 +++++++++++++++- 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/Vagrantfile.kvm b/Vagrantfile.kvm index e277ae318..75b1fb7f2 100644 --- a/Vagrantfile.kvm +++ b/Vagrantfile.kvm @@ -32,6 +32,7 @@ Vagrant.configure("2") do |config| apt-get -y install python3-pip ca-certificates curl gnupg lsb-release python3 -m pip install pip --upgrade python3 -m pip install -r /home/vagrant/ansible_collections/checkmk/general/requirements.txt + python3 -m pip install -r /home/vagrant/ansible_collections/checkmk/general/requirements-qa.txt sudo -u vagrant ansible-galaxy collection install -f -r /home/vagrant/ansible_collections/checkmk/general/requirements.yml mkdir -p /home/vagrant/ansible_collections/checkmk/general mkdir -p /etc/apt/keyrings @@ -72,6 +73,7 @@ Vagrant.configure("2") do |config| apt-get -y install python3-pip ca-certificates curl gnupg lsb-release python3 -m pip install pip --upgrade python3 -m pip install -r /home/vagrant/ansible_collections/checkmk/general/requirements.txt + python3 -m pip install -r /home/vagrant/ansible_collections/checkmk/general/requirements-qa.txt python3 -m pip install molecule molecule-plugins[docker] sudo -u vagrant ansible-galaxy collection install -f -r /home/vagrant/ansible_collections/checkmk/general/requirements.yml mkdir -p /home/vagrant/ansible_collections/checkmk/general diff --git a/Vagrantfile.vbox b/Vagrantfile.vbox index 30e40e89b..fddecb12d 100644 --- a/Vagrantfile.vbox +++ b/Vagrantfile.vbox @@ -24,6 +24,7 @@ Vagrant.configure("2") do |config| apt-get -y install python3-pip ca-certificates curl gnupg lsb-release python3 -m pip install pip --upgrade python3 -m pip install -r /vagrant/requirements.txt + python3 -m pip install -r /vagrant/requirements-qa.txt sudo -u vagrant ansible-galaxy collection install -f -r /vagrant/requirements.yml mkdir -p /home/vagrant/ansible_collections/checkmk/general mkdir -p /etc/apt/keyrings @@ -55,6 +56,7 @@ Vagrant.configure("2") do |config| apt-get -y install python3-pip ca-certificates curl gnupg lsb-release python3 -m pip install pip --upgrade python3 -m pip install -r /vagrant/requirements.txt + python3 -m pip install -r /vagrant/requirements-qa.txt python3 -m pip install molecule molecule-plugins[docker] sudo -u vagrant ansible-galaxy collection install -f -r /vagrant/requirements.yml mkdir -p /home/vagrant/ansible_collections/checkmk/general diff --git a/scripts/testing.sh b/scripts/testing.sh index e8c0b3b95..e8ec39da3 100755 --- a/scripts/testing.sh +++ b/scripts/testing.sh @@ -9,6 +9,7 @@ # Run Sanity Tests: ./testing.sh -s # Run Integration Tests: ./testing.sh -i -t host # Run Linting: ./testing.sh -l +# Run QA: ./testing.sh -q # Run Molecule for server role and Checkmk 2.2.0: ./testing.sh -m -r server -v 2.2.0 script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) @@ -16,10 +17,12 @@ collection_dir="${script_dir%/*}" mode="sanity" -while getopts 'silmt:r:v:' OPTION; do +while getopts 'sqilmt:r:v:' OPTION; do case "$OPTION" in s) mode="sanity" ;; + q) + mode="qa" ;; i) mode="integration" ;; l) @@ -45,6 +48,15 @@ _run_sanity() { echo "## Ansible Sanity Tests done." } +_run_qa() { + echo "## Running black." + black --check --diff "${collection_dir}/plugins/" + echo "## black done." + echo "## Running isort." + isort --check --diff "${collection_dir}/plugins/" + echo "## isort done." +} + _run_integration() { if [ -n "${target}" ]; then echo "## Running Ansible Integration Tests for <${target}> Module." @@ -78,6 +90,8 @@ _run_molecule() { case "$mode" in sanity) _run_sanity ;; + qa) + _run_qa ;; integration) _run_integration ;; lint) From a7c0dfca6775cb8f725c17eb0dcc84c321530951 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Sat, 27 Jan 2024 21:29:37 +0100 Subject: [PATCH 070/114] extend: fuctionality --- plugins/modules/folder.py | 538 +++++++++++++++++++++++--------------- 1 file changed, 321 insertions(+), 217 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 5de4fe787..9e4b99e62 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -38,20 +38,28 @@ description: - The attributes of your folder as described in the API documentation. B(Attention! This option OVERWRITES all existing attributes!) + As of Check MK v2.2.0p7 and v2.3.0b1, simultaneous use of I(attributes), + I(remove_attributes), and I(update_attributes) is no longer supported. type: raw - default: {} + required: false update_attributes: description: - The update_attributes of your host as described in the API documentation. This will only update the given attributes. + As of Check MK v2.2.0p7 and v2.3.0b1, simultaneous use of I(attributes), + I(remove_attributes), and I(update_attributes) is no longer supported. type: raw - default: {} + required: false remove_attributes: description: - The remove_attributes of your host as described in the API documentation. + B(If a list of strings is supplied, the listed attributes are removed.) + B(If instead a dict is supplied, the attributes {key: value} that exactly match the passed attributes are removed.) This will only remove the given attributes. + As of Check MK v2.2.0p7 and v2.3.0b1, simultaneous use of I(attributes), + I(remove_attributes), and I(update_attributes) is no longer supported. type: raw - default: [] + required: false state: description: The state of your folder. type: str @@ -68,10 +76,10 @@ # Create a single folder. - name: "Create a single folder." checkmk.general.folder: - server_url: "http://localhost/" + server_url: "http://my_server/" site: "my_site" - automation_user: "automation" - automation_secret: "$SECRET" + automation_user: "my_user" + automation_secret: "my_secret" path: "/my_folder" name: "My Folder" state: "present" @@ -79,10 +87,10 @@ # Create a folder who's hosts should be hosted on a remote site. - name: "Create a single folder." checkmk.general.folder: - server_url: "http://localhost/" + server_url: "http://my_server/" site: "my_site" - automation_user: "automation" - automation_secret: "$SECRET" + automation_user: "my_user" + automation_secret: "my_secret" path: "/my_remote_folder" name: "My Remote Folder" attributes: @@ -92,10 +100,10 @@ # Create a folder with Criticality set to a Test system and Networking Segment WAN (high latency)" - name: "Create a folder with tag_criticality test and tag_networking wan" checkmk.general.folder: - server_url: "http://localhost/" + server_url: "http://my_server/" site: "my_site" - automation_user: "automation" - automation_secret: "$SECRET" + automation_user: "my_user" + automation_secret: "my_secret" path: "/my_remote_folder" attributes: tag_criticality: "test" @@ -105,10 +113,10 @@ # Update only specified attributes - name: "Update only specified attributes" checkmk.general.folder: - server_url: "http://localhost/" + server_url: "http://my_server/" site: "my_site" - automation_user: "automation" - automation_secret: "$SECRET" + automation_user: "my_user" + automation_secret: "my_secret" path: "/my_folder" update_attributes: tag_networking: "dmz" @@ -117,10 +125,10 @@ # Remove specified attributes - name: "Remove specified attributes" checkmk.general.folder: - server_url: "http://localhost/" + server_url: "http://my_server/" site: "my_site" - automation_user: "automation" - automation_secret: "$SECRET" + automation_user: "my_user" + automation_secret: "my_secret" path: "/my_folder" remove_attributes: - tag_networking @@ -141,13 +149,22 @@ # https://docs.ansible.com/ansible/latest/dev_guide/testing/sanity/import.html from ansible.module_utils.basic import AnsibleModule, missing_required_lib -from ansible.module_utils.common.dict_transformations import dict_merge -from ansible.module_utils.urls import fetch_url +from ansible.module_utils.common.dict_transformations import dict_merge, recursive_diff +from ansible_collections.checkmk.general.plugins.module_utils.api import CheckmkAPI +from ansible_collections.checkmk.general.plugins.module_utils.types import RESULT +from ansible_collections.checkmk.general.plugins.module_utils.utils import ( + result_as_dict, +) +from ansible_collections.checkmk.general.plugins.module_utils.version import ( + CheckmkVersion, +) + +PYTHON_VERSION = 3 +HAS_PATHLIB2_LIBRARY = True +PATHLIB2_LIBRARY_IMPORT_ERROR = None if sys.version[0] == "3": from pathlib import Path - - PYTHON_VERSION = 3 else: PYTHON_VERSION = 2 try: @@ -155,139 +172,294 @@ except ImportError: HAS_PATHLIB2_LIBRARY = False PATHLIB2_LIBRARY_IMPORT_ERROR = traceback.format_exc() - else: - HAS_PATHLIB2_LIBRARY = True - PATHLIB2_LIBRARY_IMPORT_ERROR = None +FOLDER = ( + "customer", + "attributes", + "update_attributes", + "remove_attributes", +) -def exit_failed(module, msg): - result = {"msg": msg, "changed": False, "failed": True} - module.fail_json(**result) +class FolderHTTPCodes: + # http_code: (changed, failed, "Message") + get = { + 200: (False, False, "Folder found, nothing changed"), + 404: (False, False, "Folder not found"), + } -def exit_changed(module, msg): - result = {"msg": msg, "changed": True, "failed": False} - module.exit_json(**result) + create = {200: (True, False, "Folder created")} + edit = {200: (True, False, "Folder modified")} + delete = {204: (True, False, "Folder deleted")} -def exit_ok(module, msg): - result = {"msg": msg, "changed": False, "failed": False} - module.exit_json(**result) +class FolderEndpoints: + default = "/objects/folder_config" + create = "/domain-types/folder_config/collections/all" -def cleanup_path(path): - p = Path(path) - if not p.is_absolute(): - p = Path("/").joinpath(p) - return str(p.parent).lower(), p.name +class FolderAPI(CheckmkAPI): + def __init__(self, module): + super().__init__(module) + self.desired = {} -def path_for_url(module): - return module.params["path"].replace("/", "~") + (self.desired["parent"], self.desired["name"]) = _normalize_path( + self.params.get("path") + ) + self.desired["title"] = self.params.get("title", self.desired["name"]) + + for key in FOLDER: + if self.params.get(key): + self.desired[key] = self.params.get(key) + + # Get the current folder from the API and set some parameters + self._get_current() + self._changed_items = self._detect_changes() + + self._verify_compatibility() + + def _verify_compatibility(self): + # Check if parameters are compatible with CMK version + if ( + sum( + [ + 1 + for el in ["attributes", "remove_attributes", "update_attributes"] + if self.module.params.get(el) + ] + ) + > 1 + ): + ver = self.getversion() + msg = ( + "As of Check MK v2.2.0p7 and v2.3.0b1, simultaneous use of" + " attributes, remove_attributes, and update_attributes is no longer supported." + ) -def get_current_folder_state(module, base_url, headers): - current_state = "unknown" - current_explicit_attributes = {} - current_title = "" - etag = "" + if ver >= CheckmkVersion("2.2.0p7"): + result = RESULT( + http_code=0, + msg=msg, + content="", + etag="", + failed=True, + changed=False, + ) + self.module.exit_json(**result_as_dict(result)) + else: + self.module.warn(msg) + + @staticmethod + def _normalize_path(path): + p = Path(path) + if not p.is_absolute(): + p = Path("/").joinpath(p) + return str(p.parent).lower(), p.name + + @staticmethod + def _urlize_path(path): + return path.replace("/", "~").replace("~~", "~") + + def _build_default_endpoint(self): + return "%s/%s" % ( + FolderEndpoints.default, + _urlize_path("%s/%s" % (self.desired["parent"], self.desired["name"])), + ) - api_endpoint = "/objects/folder_config/" + path_for_url(module) - parameters = "?show_hosts=false" - url = base_url + api_endpoint + parameters + def _detect_changes(self): + current_attributes = self.current.get("attributes", {}) + desired_attributes = self.desired.copy() + changes = [] - response, info = fetch_url(module, url, data=None, headers=headers, method="GET") + if desired_attributes.get("update_attributes"): + merged_attributes = dict_merge( + current_attributes, desired_attributes.get("update_attributes") + ) - if info["status"] == 200: - body = json.loads(response.read()) - current_state = "present" - etag = info.get("etag", "") - extensions = body.get("extensions", {}) - current_explicit_attributes = extensions.get("attributes", {}) - current_title = "%s" % body.get("title", "") - if "meta_data" in current_explicit_attributes: - del current_explicit_attributes["meta_data"] + if merged_attributes != current_attributes: + try: + (_, m_c) = recursive_diff(current_attributes, merged_attributes) + changes.append("update attributes: %" % json.dumps(m_c)) + except Exception as e: + changes.append("update attributes") + desired_attributes["update_attributes"] = merged_attributes + + if desired_attributes.get( + "attributes" + ) and current_attributes != desired_attributes.get("attributes"): + changes.append("attributes") + + if self.current.get("title") != desired_attributes.get("title"): + changes.append("title") + + if desired_attributes.get("remove_attributes"): + tmp_remove_attributes = desired_attributes.get("remove_attributes") + if isinstance(tmp_remove_attributes, list): + removes_which = [a for a in tmp_remove_attributes if current_attributes.get(a)] + if len(removes_which) > 0: + changes.append("remove attributes: %s" % " ".join(removes_which) ) + elif isinstance(tmp_remove_attributes, dict): + try: + (c_m, _) = recursive_diff(current_attributes, tmp_remove_attributes) + (c_c_m, _) = recursive_diff(current_attributes, c_m) + if c_c_m: + changes.append("remove attributes: %" % json.dumps(c_c_m)) + self.desired.pop("remove_attributes") + self.desired["retained_attributes"] = c_m + except Exception as e: + module.fail_json( + msg="ERROR: incompatible parameter: remove_attributes!", + exception=e, + ) + else: + module.fail_json( + msg="ERROR: The parameter remove_attributes can be a list of strings or a dictionary!", + exception=e, + ) - elif info["status"] == 404: - current_state = "absent" + return changes - else: - exit_failed( - module, - "Error calling API. HTTP code %d. Details: %s." - % (info["status"], info.get("body", "N/A")), + def _get_current(self): + result = self._fetch( + code_mapping=FolderHTTPCodes.get, + endpoint=self._build_default_endpoint(), + method="GET", ) - return current_state, current_explicit_attributes, current_title, etag + if result.http_code == 200: + self.state = "present" + content = json.loads(result.content) -def set_folder_attributes(module, attributes, base_url, headers, params): - api_endpoint = "/objects/folder_config/" + path_for_url(module) - url = base_url + api_endpoint + self.current["title"] = content["title"] - response, info = fetch_url( - module, url, module.jsonify(params), headers=headers, method="PUT" - ) + extensions = content["extensions"] + for key, value in extensions.items(): + if key == "attributes": + value.pop("meta_data") + self.current[key] = value - if ( - info["status"] == 400 - and params.get("remove_attributes") - and not params.get("title") - and not params.get("attributes") - and not params.get("update_attributes") - ): - # "Folder attributes allready removed." - return False - elif info["status"] != 200: - exit_failed( - module, - "Error calling API. HTTP code %d. Details: %s, " - % (info["status"], info["body"]), + self.etag = result.etag + + else: + self.state = "absent" + + def _check_output(self, mode): + return RESULT( + http_code=0, + msg="Running in check mode. Would have done an %s" % mode, + content="", + etag="", + failed=False, + changed=False, ) - return True + def needs_update(self): + return len(self._changed_items) > 0 + def needs_reduction(self): + return ("retained_attributes" in self.desired) -def create_folder(module, attributes, base_url, headers): - parent, foldername = cleanup_path(module.params["path"]) - name = module.params.get("name", foldername) + def create(self): + data = self.desired.copy() + if not data.get("attributes"): + data["attributes"] = data.pop("update_attributes", {}) - api_endpoint = "/domain-types/folder_config/collections/all" - params = { - "name": foldername, - "title": name, - "parent": parent, - "attributes": attributes, - } - url = base_url + api_endpoint + if data.get("remove_attributes"): + data.pop("remove_attributes") - response, info = fetch_url( - module, url, module.jsonify(params), headers=headers, method="POST" - ) + if data.get("retained_attributes"): + data.pop("retained_attributes") - if info["status"] != 200: - exit_failed( - module, - "Error calling API. HTTP code %d. Details: %s, " - % (info["status"], info["body"]), + if self.module.check_mode: + return self._check_output("create") + + result = self._fetch( + code_mapping=FolderHTTPCodes.create, + endpoint=FolderEndpoints.create, + data=data, + method="POST", ) + return result + + def edit(self): + data = self.desired.copy() + data.pop("name") + data.pop("parent") + self.headers["if-Match"] = self.etag -def delete_folder(module, base_url, headers): - api_endpoint = "/objects/folder_config/" + path_for_url(module) - url = base_url + api_endpoint + if data.get("retained_attributes"): + data.pop("retained_attributes") - response, info = fetch_url(module, url, data=None, headers=headers, method="DELETE") + if self.module.check_mode: + return self._check_output("edit") - if info["status"] != 204: - exit_failed( - module, - "Error calling API. HTTP code %d. Details: %s, " - % (info["status"], info["body"]), + result = self._fetch( + code_mapping=FolderHTTPCodes.edit, + endpoint=self._build_default_endpoint(), + data=data, + method="PUT", + ) + + return result._replace( + msg=result.msg + ". Changed: %s" % ", ".join(self._changed_items) + ) + + def reduct(self): + data = self.desired.copy() + + if data.get("attributes"): + data.pop("attributes") + + if data.get("update_attributes"): + data.pop("remove_attributes") + + if data.get("remove_attributes"): + data.pop("remove_attributes") + + if self.module.check_mode: + return self._check_output("reduct (remove_attributes supplied by dict object)") + + result = self._fetch( + code_mapping=FolderHTTPCodes.create, + endpoint=FolderEndpoints.create, + data=data, + method="POST", + ) + + return result._replace( + msg=result.msg + ". Changed: %s" % ", ".join(self._changed_items) + ) + + def delete(self): + if self.module.check_mode: + return self._check_output("delete") + + result = self._fetch( + code_mapping=FolderHTTPCodes.delete, + endpoint=self._build_default_endpoint(), + method="DELETE", + ) + + return result + + +def _exit_if_missing_pathlib(module): + # Handle library import error according to the following link: + # https://docs.ansible.com/ansible/latest/dev_guide/testing/sanity/import.html + if PYTHON_VERSION == 2 and not HAS_PATHLIB2_LIBRARY: + # Needs: from ansible.module_utils.basic import missing_required_lib + module.fail_json( + msg=missing_required_lib("pathlib2"), + exception=PATHLIB2_LIBRARY_IMPORT_ERROR, ) def run_module(): + # define available arguments/parameters a user can pass to the module module_args = dict( server_url=dict(type="str", required=True), site=dict(type="str", required=True), @@ -300,116 +472,48 @@ def run_module(): required=False, aliases=["title"], ), - attributes=dict(type="raw", default={}), - remove_attributes=dict(type="raw", default=[]), - update_attributes=dict(type="raw", default={}), - state=dict(type="str", default="present", choices=["present", "absent"]), + attributes=dict(type="raw", required=False), + remove_attributes=dict(type="raw", required=False), + update_attributes=dict(type="raw", required=False), + state=dict( + type="str", required=False, default="present", choices=["present", "absent"] + ), ) module = AnsibleModule(argument_spec=module_args, supports_check_mode=True) - # Handle library import error according to the following link: - # https://docs.ansible.com/ansible/latest/dev_guide/testing/sanity/import.html - if PYTHON_VERSION == 2 and not HAS_PATHLIB2_LIBRARY: - # Needs: from ansible.module_utils.basic import missing_required_lib - module.fail_json( - msg=missing_required_lib("pathlib2"), - exception=PATHLIB2_LIBRARY_IMPORT_ERROR, - ) + _exit_if_missing_pathlib(module) - # Use the parameters to initialize some common variables - headers = { - "Accept": "application/json", - "Content-Type": "application/json", - "Authorization": "Bearer %s %s" - % ( - module.params.get("automation_user", ""), - module.params.get("automation_secret", ""), - ), - } + # Create an API object that contains the current and desired state + current_folder = FolderAPI(module) - base_url = "%s/%s/check_mk/api/1.0" % ( - module.params.get("server_url", ""), - module.params.get("site", ""), + result = RESULT( + http_code=0, + msg="No changes needed.", + content="", + etag="", + failed=False, + changed=False, ) - # Determine desired state and attributes - attributes = module.params.get("attributes", {}) - remove_attributes = module.params.get("remove_attributes", []) - update_attributes = module.params.get("update_attributes", {}) - if attributes == []: - attributes = {} - state = module.params.get("state", "present") - - # Determine the current state of this particular folder - ( - current_state, - current_explicit_attributes, - current_title, - etag, - ) = get_current_folder_state(module, base_url, headers) - - # Handle the folder accordingly to above findings and desired state - if state == "present" and current_state == "present": - headers["If-Match"] = etag - msg_tokens = [] - - merged_attributes = dict_merge(current_explicit_attributes, update_attributes) - - params = {} - changed = False - if module.params["name"] and current_title != module.params["name"]: - params["title"] = module.params.get("name") - changed = True - - if attributes != {} and current_explicit_attributes != attributes: - params["attributes"] = attributes - changed = True - - if update_attributes != {} and current_explicit_attributes != merged_attributes: - params["update_attributes"] = merged_attributes - changed = True - - if remove_attributes != []: - for el in remove_attributes: - if current_explicit_attributes.get(el): - changed = True - break - params["remove_attributes"] = remove_attributes - - if params != {}: - if not module.check_mode: - changed = set_folder_attributes( - module, attributes, base_url, headers, params - ) - - if changed: - msg_tokens.append("Folder attributes updated.") - - if len(msg_tokens) >= 1: - exit_changed(module, " ".join(msg_tokens)) + desired_state = current_folder.params.get("state") + if current_folder.state == "present": + result = result._replace( + msg="Folder already exists with the desired parameters." + ) + if desired_state == "absent": + result = current_folder.delete() else: - exit_ok( - module, "Folder already present. All explicit attributes as desired." - ) - - elif state == "present" and current_state == "absent": - if update_attributes != {} and attributes == {}: - attributes = update_attributes - if not module.check_mode: - create_folder(module, attributes, base_url, headers) - exit_changed(module, "Folder created.") - - elif state == "absent" and current_state == "absent": - exit_ok(module, "Folder already absent.") - - elif state == "absent" and current_state == "present": - if not module.check_mode: - delete_folder(module, base_url, headers) - exit_changed(module, "Folder deleted.") - - else: - exit_failed(module, "Unknown error") + if current_folder.needs_update(): + result = current_folder.edit() + if current_folder.needs_reduction() + result = current_folder.reduct() + elif current_folder.state == "absent": + result = result._replace(msg="Folder already absent.") + if desired_state in ("present"): + result = current_folder.create() + + module.exit_json(**result_as_dict(result)) def main(): From 53548e2ac66cf57adb7c10ec0766cd2b91c01a63 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Sat, 27 Jan 2024 21:46:29 +0100 Subject: [PATCH 071/114] fix: --- plugins/modules/folder.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 9e4b99e62..031856454 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -506,7 +506,7 @@ def run_module(): else: if current_folder.needs_update(): result = current_folder.edit() - if current_folder.needs_reduction() + if current_folder.needs_reduction(): result = current_folder.reduct() elif current_folder.state == "absent": result = result._replace(msg="Folder already absent.") From a5368adc05896de7c90f3f08b34a02edd0373b77 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Sat, 27 Jan 2024 21:49:45 +0100 Subject: [PATCH 072/114] fix: style --- plugins/modules/folder.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 031856454..e27ca7e5b 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -297,9 +297,11 @@ def _detect_changes(self): if desired_attributes.get("remove_attributes"): tmp_remove_attributes = desired_attributes.get("remove_attributes") if isinstance(tmp_remove_attributes, list): - removes_which = [a for a in tmp_remove_attributes if current_attributes.get(a)] + removes_which = [ + a for a in tmp_remove_attributes if current_attributes.get(a) + ] if len(removes_which) > 0: - changes.append("remove attributes: %s" % " ".join(removes_which) ) + changes.append("remove attributes: %s" % " ".join(removes_which)) elif isinstance(tmp_remove_attributes, dict): try: (c_m, _) = recursive_diff(current_attributes, tmp_remove_attributes) @@ -360,7 +362,7 @@ def needs_update(self): return len(self._changed_items) > 0 def needs_reduction(self): - return ("retained_attributes" in self.desired) + return "retained_attributes" in self.desired def create(self): data = self.desired.copy() @@ -421,7 +423,9 @@ def reduct(self): data.pop("remove_attributes") if self.module.check_mode: - return self._check_output("reduct (remove_attributes supplied by dict object)") + return self._check_output( + "reduct (remove_attributes supplied by dict object)" + ) result = self._fetch( code_mapping=FolderHTTPCodes.create, From 1f864bdf418f458050925b45bd75f6fc62e8a253 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Sat, 27 Jan 2024 21:54:41 +0100 Subject: [PATCH 073/114] fix: linting --- plugins/modules/folder.py | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index e27ca7e5b..5cf92c3fe 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -54,7 +54,8 @@ description: - The remove_attributes of your host as described in the API documentation. B(If a list of strings is supplied, the listed attributes are removed.) - B(If instead a dict is supplied, the attributes {key: value} that exactly match the passed attributes are removed.) + B(If instead a dict is supplied, the attributes (key: value) that + exactly match the passed attributes are removed.) This will only remove the given attributes. As of Check MK v2.2.0p7 and v2.3.0b1, simultaneous use of I(attributes), I(remove_attributes), and I(update_attributes) is no longer supported. @@ -204,7 +205,7 @@ def __init__(self, module): self.desired = {} - (self.desired["parent"], self.desired["name"]) = _normalize_path( + (self.desired["parent"], self.desired["name"]) = self._normalize_path( self.params.get("path") ) self.desired["title"] = self.params.get("title", self.desired["name"]) @@ -251,21 +252,19 @@ def _verify_compatibility(self): else: self.module.warn(msg) - @staticmethod - def _normalize_path(path): + def _normalize_path(self, path): p = Path(path) if not p.is_absolute(): p = Path("/").joinpath(p) return str(p.parent).lower(), p.name - @staticmethod - def _urlize_path(path): + def _urlize_path(self, path): return path.replace("/", "~").replace("~~", "~") def _build_default_endpoint(self): return "%s/%s" % ( FolderEndpoints.default, - _urlize_path("%s/%s" % (self.desired["parent"], self.desired["name"])), + self._urlize_path("%s/%s" % (self.desired["parent"], self.desired["name"])), ) def _detect_changes(self): @@ -280,7 +279,7 @@ def _detect_changes(self): if merged_attributes != current_attributes: try: - (_, m_c) = recursive_diff(current_attributes, merged_attributes) + (c_m, m_c) = recursive_diff(current_attributes, merged_attributes) changes.append("update attributes: %" % json.dumps(m_c)) except Exception as e: changes.append("update attributes") @@ -304,8 +303,8 @@ def _detect_changes(self): changes.append("remove attributes: %s" % " ".join(removes_which)) elif isinstance(tmp_remove_attributes, dict): try: - (c_m, _) = recursive_diff(current_attributes, tmp_remove_attributes) - (c_c_m, _) = recursive_diff(current_attributes, c_m) + (c_m, m_c) = recursive_diff(current_attributes, tmp_remove_attributes) + (c_c_m, c_m_c) = recursive_diff(current_attributes, c_m) if c_c_m: changes.append("remove attributes: %" % json.dumps(c_c_m)) self.desired.pop("remove_attributes") From d51703ea21ef46d9f92d4513904c340c0e8c6661 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Sat, 27 Jan 2024 21:58:21 +0100 Subject: [PATCH 074/114] fix: --- plugins/modules/folder.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 5cf92c3fe..aea50ba6f 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -280,7 +280,7 @@ def _detect_changes(self): if merged_attributes != current_attributes: try: (c_m, m_c) = recursive_diff(current_attributes, merged_attributes) - changes.append("update attributes: %" % json.dumps(m_c)) + changes.append("update attributes: %s" % json.dumps(m_c)) except Exception as e: changes.append("update attributes") desired_attributes["update_attributes"] = merged_attributes @@ -303,10 +303,12 @@ def _detect_changes(self): changes.append("remove attributes: %s" % " ".join(removes_which)) elif isinstance(tmp_remove_attributes, dict): try: - (c_m, m_c) = recursive_diff(current_attributes, tmp_remove_attributes) + (c_m, m_c) = recursive_diff( + current_attributes, tmp_remove_attributes + ) (c_c_m, c_m_c) = recursive_diff(current_attributes, c_m) if c_c_m: - changes.append("remove attributes: %" % json.dumps(c_c_m)) + changes.append("remove attributes: %s" % json.dumps(c_c_m)) self.desired.pop("remove_attributes") self.desired["retained_attributes"] = c_m except Exception as e: From d81428bc144f2745ac155a8bab7a592a21a19d0b Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Sat, 27 Jan 2024 22:00:59 +0100 Subject: [PATCH 075/114] fix: --- plugins/modules/folder.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index aea50ba6f..372429e2c 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -54,8 +54,8 @@ description: - The remove_attributes of your host as described in the API documentation. B(If a list of strings is supplied, the listed attributes are removed.) - B(If instead a dict is supplied, the attributes (key: value) that - exactly match the passed attributes are removed.) + B(If instead a dict is supplied, the attributes that exactly match + the passed attributes are removed.) This will only remove the given attributes. As of Check MK v2.2.0p7 and v2.3.0b1, simultaneous use of I(attributes), I(remove_attributes), and I(update_attributes) is no longer supported. From c16f50c93afe5f2749f29927279f88dbdc894be4 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Sat, 27 Jan 2024 22:24:13 +0100 Subject: [PATCH 076/114] fix: --- plugins/modules/folder.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 372429e2c..907b55640 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -312,12 +312,12 @@ def _detect_changes(self): self.desired.pop("remove_attributes") self.desired["retained_attributes"] = c_m except Exception as e: - module.fail_json( + self.module.fail_json( msg="ERROR: incompatible parameter: remove_attributes!", exception=e, ) else: - module.fail_json( + self.module.fail_json( msg="ERROR: The parameter remove_attributes can be a list of strings or a dictionary!", exception=e, ) From bb6f5df85c0f39889ab4c9065f9337304a1c2e9c Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Wed, 31 Jan 2024 00:48:15 +0100 Subject: [PATCH 077/114] fix: tested --- plugins/modules/folder.py | 96 ++++++++++++++++++--------------------- 1 file changed, 44 insertions(+), 52 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 907b55640..3d5524f64 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -54,7 +54,7 @@ description: - The remove_attributes of your host as described in the API documentation. B(If a list of strings is supplied, the listed attributes are removed.) - B(If instead a dict is supplied, the attributes that exactly match + B(If extended_functionality and a dict is supplied, the attributes that exactly match the passed attributes are removed.) This will only remove the given attributes. As of Check MK v2.2.0p7 and v2.3.0b1, simultaneous use of I(attributes), @@ -66,6 +66,10 @@ type: str default: present choices: [present, absent] + extended_functionality: + description: The state of your folder. + type: bool + default: true author: - Robin Gierse (@robin-checkmk) @@ -203,6 +207,8 @@ class FolderAPI(CheckmkAPI): def __init__(self, module): super().__init__(module) + self.extended_functionality = self.params.get("extended_functionality", True) + self.desired = {} (self.desired["parent"], self.desired["name"]) = self._normalize_path( @@ -295,6 +301,7 @@ def _detect_changes(self): if desired_attributes.get("remove_attributes"): tmp_remove_attributes = desired_attributes.get("remove_attributes") + if isinstance(tmp_remove_attributes, list): removes_which = [ a for a in tmp_remove_attributes if current_attributes.get(a) @@ -302,26 +309,47 @@ def _detect_changes(self): if len(removes_which) > 0: changes.append("remove attributes: %s" % " ".join(removes_which)) elif isinstance(tmp_remove_attributes, dict): - try: - (c_m, m_c) = recursive_diff( - current_attributes, tmp_remove_attributes - ) - (c_c_m, c_m_c) = recursive_diff(current_attributes, c_m) - if c_c_m: - changes.append("remove attributes: %s" % json.dumps(c_c_m)) - self.desired.pop("remove_attributes") - self.desired["retained_attributes"] = c_m - except Exception as e: + if not self.extended_functionality: self.module.fail_json( - msg="ERROR: incompatible parameter: remove_attributes!", - exception=e, + msg="ERROR: The parameter remove_attributes of dict type is not supported for set paramter extended_functionality: false!", ) + + (tmp_remove, tmp_rest) = (current_attributes, {}) + if current_attributes != tmp_remove_attributes: + try: + (c_m, m_c) = recursive_diff( + current_attributes, tmp_remove_attributes + ) + + if c_m: + # if nothing to remove + if current_attributes == c_m: + (tmp_remove, tmp_rest) = ({}, current_attributes) + else: + (c_c_m, c_m_c) = recursive_diff(current_attributes, c_m) + (tmp_remove, tmp_rest) = (c_c_m, c_m) + except Exception as e: + self.module.fail_json( + msg="ERROR: incompatible parameter: remove_attributes!", + exception=e, + ) + + desired_attributes.pop("remove_attributes") + if tmp_remove != {}: + changes.append("remove attributes: %s" % json.dumps(tmp_remove)) + if tmp_rest != {}: + desired_attributes["update_attributes"] = tmp_rest else: self.module.fail_json( msg="ERROR: The parameter remove_attributes can be a list of strings or a dictionary!", exception=e, ) + if self.extended_functionality: + self.desired = desired_attributes.copy() + + # self.module.fail_json(json.dumps(desired_attributes)) + return changes def _get_current(self): @@ -362,9 +390,6 @@ def _check_output(self, mode): def needs_update(self): return len(self._changed_items) > 0 - def needs_reduction(self): - return "retained_attributes" in self.desired - def create(self): data = self.desired.copy() if not data.get("attributes"): @@ -373,9 +398,6 @@ def create(self): if data.get("remove_attributes"): data.pop("remove_attributes") - if data.get("retained_attributes"): - data.pop("retained_attributes") - if self.module.check_mode: return self._check_output("create") @@ -394,9 +416,6 @@ def edit(self): data.pop("parent") self.headers["if-Match"] = self.etag - if data.get("retained_attributes"): - data.pop("retained_attributes") - if self.module.check_mode: return self._check_output("edit") @@ -411,34 +430,6 @@ def edit(self): msg=result.msg + ". Changed: %s" % ", ".join(self._changed_items) ) - def reduct(self): - data = self.desired.copy() - - if data.get("attributes"): - data.pop("attributes") - - if data.get("update_attributes"): - data.pop("remove_attributes") - - if data.get("remove_attributes"): - data.pop("remove_attributes") - - if self.module.check_mode: - return self._check_output( - "reduct (remove_attributes supplied by dict object)" - ) - - result = self._fetch( - code_mapping=FolderHTTPCodes.create, - endpoint=FolderEndpoints.create, - data=data, - method="POST", - ) - - return result._replace( - msg=result.msg + ". Changed: %s" % ", ".join(self._changed_items) - ) - def delete(self): if self.module.check_mode: return self._check_output("delete") @@ -483,6 +474,9 @@ def run_module(): state=dict( type="str", required=False, default="present", choices=["present", "absent"] ), + extended_functionality=dict( + type="bool", required=False, default=True + ), ) module = AnsibleModule(argument_spec=module_args, supports_check_mode=True) @@ -511,8 +505,6 @@ def run_module(): else: if current_folder.needs_update(): result = current_folder.edit() - if current_folder.needs_reduction(): - result = current_folder.reduct() elif current_folder.state == "absent": result = result._replace(msg="Folder already absent.") if desired_state in ("present"): From 680caf7a60e0475944a5727fdec71028c423ff33 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Wed, 31 Jan 2024 00:50:04 +0100 Subject: [PATCH 078/114] fix: QA --- plugins/modules/folder.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 3d5524f64..91367b485 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -474,9 +474,7 @@ def run_module(): state=dict( type="str", required=False, default="present", choices=["present", "absent"] ), - extended_functionality=dict( - type="bool", required=False, default=True - ), + extended_functionality=dict(type="bool", required=False, default=True), ) module = AnsibleModule(argument_spec=module_args, supports_check_mode=True) From 28fa2561a29637e340242dc791cf9c21ad45b167 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Wed, 31 Jan 2024 15:11:27 +0100 Subject: [PATCH 079/114] add: parents parsing --- plugins/modules/folder.py | 9 +++++++++ plugins/modules/host.py | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index e2f6a5c5e..a928bf4a7 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -148,6 +148,7 @@ # https://docs.ansible.com/ansible/latest/dev_guide/testing/sanity/import.html from ansible.module_utils.basic import AnsibleModule, missing_required_lib from ansible.module_utils.common.dict_transformations import dict_merge +from ansible.module_utils.common.validation import check_type_list from ansible.module_utils.urls import fetch_url PYTHON_VERSION = 3 @@ -424,6 +425,14 @@ def run_module(): if attributes == []: attributes = {} + if attributes or attributes != {}: + if attributes.get("parents"): + attributes["parents"] = check_type_list(attributes.get("parents")) + + if update_attributes or update_attributes != {}: + if update_attributes.get("parents"): + update_attributes["parents"] = check_type_list(update_attributes.get("parents")) + state = module.params.get("state", "present") # Determine the current state of this particular folder diff --git a/plugins/modules/host.py b/plugins/modules/host.py index 63301f621..920c118a5 100644 --- a/plugins/modules/host.py +++ b/plugins/modules/host.py @@ -164,6 +164,7 @@ from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.common.dict_transformations import dict_merge +from ansible.module_utils.common.validation import check_type_list from ansible.module_utils.urls import fetch_url @@ -350,6 +351,14 @@ def run_module(): update_attributes = module.params.get("update_attributes", {}) state = module.params.get("state", "present") + if attributes != {}: + if attributes.get("parents"): + attributes["parents"] = check_type_list(attributes.get("parents")) + + if update_attributes != {}: + if update_attributes.get("parents"): + update_attributes["parents"] = check_type_list(update_attributes.get("parents")) + if module.params["folder"]: module.params["folder"] = normalize_folder(module.params["folder"]) From 3cd34839542fbc03ab0c846ac69ef2a3e0c7de9c Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Wed, 31 Jan 2024 15:13:55 +0100 Subject: [PATCH 080/114] fix: style --- plugins/modules/folder.py | 4 +++- plugins/modules/host.py | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index a928bf4a7..4f75a6eb5 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -431,7 +431,9 @@ def run_module(): if update_attributes or update_attributes != {}: if update_attributes.get("parents"): - update_attributes["parents"] = check_type_list(update_attributes.get("parents")) + update_attributes["parents"] = check_type_list( + update_attributes.get("parents") + ) state = module.params.get("state", "present") diff --git a/plugins/modules/host.py b/plugins/modules/host.py index 920c118a5..eba3923ac 100644 --- a/plugins/modules/host.py +++ b/plugins/modules/host.py @@ -357,7 +357,9 @@ def run_module(): if update_attributes != {}: if update_attributes.get("parents"): - update_attributes["parents"] = check_type_list(update_attributes.get("parents")) + update_attributes["parents"] = check_type_list( + update_attributes.get("parents") + ) if module.params["folder"]: module.params["folder"] = normalize_folder(module.params["folder"]) From 7d80401c5746c417ec91e4f59fc5dbb1934da5e8 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Wed, 31 Jan 2024 15:29:16 +0100 Subject: [PATCH 081/114] fix: check --- plugins/modules/folder.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 4f75a6eb5..103a199f0 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -425,11 +425,11 @@ def run_module(): if attributes == []: attributes = {} - if attributes or attributes != {}: + if attributes and attributes != {}: if attributes.get("parents"): attributes["parents"] = check_type_list(attributes.get("parents")) - if update_attributes or update_attributes != {}: + if update_attributes and update_attributes != {}: if update_attributes.get("parents"): update_attributes["parents"] = check_type_list( update_attributes.get("parents") From 6dfa939daf217d6826a07af8e93123cff1bacba3 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Wed, 31 Jan 2024 17:22:50 +0100 Subject: [PATCH 082/114] init: --- plugins/lookup/bakery.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/folder.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/folders.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/host.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/hosts.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/rule.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/rules.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/ruleset.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/rulesets.py | 35 +++++++++++++++++++++++++++++++++++ plugins/lookup/version.py | 35 +++++++++++++++++++++++++++++++++++ 10 files changed, 350 insertions(+) diff --git a/plugins/lookup/bakery.py b/plugins/lookup/bakery.py index 85199ed3c..69c080641 100644 --- a/plugins/lookup/bakery.py +++ b/plugins/lookup/bakery.py @@ -16,20 +16,55 @@ server_url: description: URL of the Checkmk server required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: site name required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: automation user for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: automation secret for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Wether or not to validate TLS certificates type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs notes: - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. If you need to use different permissions, you must change the command or run Ansible as another user. diff --git a/plugins/lookup/folder.py b/plugins/lookup/folder.py index c4a392264..916f4803d 100644 --- a/plugins/lookup/folder.py +++ b/plugins/lookup/folder.py @@ -19,20 +19,55 @@ server_url: description: URL of the Checkmk server required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: site name required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: automation user for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: automation secret for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Wether or not to validate TLS certificates type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs """ EXAMPLES = """ diff --git a/plugins/lookup/folders.py b/plugins/lookup/folders.py index 8a8d914fb..a5e097bc0 100644 --- a/plugins/lookup/folders.py +++ b/plugins/lookup/folders.py @@ -30,20 +30,55 @@ server_url: description: URL of the Checkmk server required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: site name required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: automation user for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: automation secret for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Wether or not to validate TLS cerificates type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs """ EXAMPLES = """ diff --git a/plugins/lookup/host.py b/plugins/lookup/host.py index 424ed2796..f109f86ce 100644 --- a/plugins/lookup/host.py +++ b/plugins/lookup/host.py @@ -24,20 +24,55 @@ server_url: description: URL of the Checkmk server required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: site name required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: automation user for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: automation secret for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Wether or not to validate TLS cerificates type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs """ EXAMPLES = """ diff --git a/plugins/lookup/hosts.py b/plugins/lookup/hosts.py index dd7b1b670..250b114e7 100644 --- a/plugins/lookup/hosts.py +++ b/plugins/lookup/hosts.py @@ -22,20 +22,55 @@ server_url: description: URL of the Checkmk server required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: site name required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: automation user for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: automation secret for the REST API access required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Wether or not to validate TLS cerificates type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs """ EXAMPLES = """ diff --git a/plugins/lookup/rule.py b/plugins/lookup/rule.py index b1c94e318..1473321b0 100644 --- a/plugins/lookup/rule.py +++ b/plugins/lookup/rule.py @@ -19,20 +19,55 @@ server_url: description: URL of the Checkmk server. required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: Site name. required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: Automation user for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: Automation secret for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Whether or not to validate TLS cerificates. type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs """ EXAMPLES = """ diff --git a/plugins/lookup/rules.py b/plugins/lookup/rules.py index 2b66acdf1..0cc21762c 100644 --- a/plugins/lookup/rules.py +++ b/plugins/lookup/rules.py @@ -27,20 +27,55 @@ server_url: description: URL of the Checkmk server. required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: Site name. required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: Automation user for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: Automation secret for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Whether or not to validate TLS cerificates. type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs """ EXAMPLES = """ diff --git a/plugins/lookup/ruleset.py b/plugins/lookup/ruleset.py index a97534f92..7cf959fc6 100644 --- a/plugins/lookup/ruleset.py +++ b/plugins/lookup/ruleset.py @@ -19,20 +19,55 @@ server_url: description: URL of the Checkmk server. required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: Site name. required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: Automation user for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: Automation secret for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Whether or not to validate TLS cerificates. type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs """ EXAMPLES = """ diff --git a/plugins/lookup/rulesets.py b/plugins/lookup/rulesets.py index 8c6457b73..5349e276b 100644 --- a/plugins/lookup/rulesets.py +++ b/plugins/lookup/rulesets.py @@ -35,20 +35,55 @@ server_url: description: URL of the Checkmk server. required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: Site name required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: Automation user for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: Automation secret for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Whether or not to validate TLS cerificates. type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs """ EXAMPLES = """ diff --git a/plugins/lookup/version.py b/plugins/lookup/version.py index 7f0aafbaf..bb5c7f142 100644 --- a/plugins/lookup/version.py +++ b/plugins/lookup/version.py @@ -16,20 +16,55 @@ server_url: description: URL of the Checkmk server required: True + vars: + - name: ansible_lookup_checkmk_server_url + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SERVER_URL + ini: + - section: checkmk_lookup + key: server_url site: description: Site name. required: True + vars: + - name: ansible_lookup_checkmk_site + env: + - name: ANSIBLE_LOOKUP_CHECKMK_SITE + ini: + - section: checkmk_lookup + key: site automation_user: description: Automation user for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_user + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_USER + ini: + - section: checkmk_lookup + key: automation_user automation_secret: description: Automation secret for the REST API access. required: True + vars: + - name: ansible_lookup_checkmk_automation_secret + env: + - name: ANSIBLE_LOOKUP_CHECKMK_AUTOMATION_SECRET + ini: + - section: checkmk_lookup + key: automation_secret validate_certs: description: Whether or not to validate TLS certificates. type: boolean required: False default: True + vars: + - name: ansible_lookup_checkmk_validate_certs + env: + - name: ANSIBLE_LOOKUP_CHECKMK_VALIDATE_CERTS + ini: + - section: checkmk_lookup + key: validate_certs notes: - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. If you need to use different permissions, you must change the command or run Ansible as another user. From b7869054a0a4fe213cb3f45168988d1b31c964f2 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Wed, 31 Jan 2024 19:04:30 +0100 Subject: [PATCH 083/114] add: parents parse --- plugins/modules/folder.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 91367b485..9e241b62e 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -155,6 +155,7 @@ # https://docs.ansible.com/ansible/latest/dev_guide/testing/sanity/import.html from ansible.module_utils.basic import AnsibleModule, missing_required_lib from ansible.module_utils.common.dict_transformations import dict_merge, recursive_diff +from ansible.module_utils.common.validation import check_type_list from ansible_collections.checkmk.general.plugins.module_utils.api import CheckmkAPI from ansible_collections.checkmk.general.plugins.module_utils.types import RESULT from ansible_collections.checkmk.general.plugins.module_utils.utils import ( @@ -185,6 +186,11 @@ "remove_attributes", ) +FOLDER_PARENTS_PARSE = ( + "attributes", + "update_attributes", +) + class FolderHTTPCodes: # http_code: (changed, failed, "Message") @@ -220,6 +226,13 @@ def __init__(self, module): if self.params.get(key): self.desired[key] = self.params.get(key) + for key in FOLDER_PARENTS_PARSE: + if self.desired.get(key): + if self.desired.get(key).get("parents"): + self.desired[key]["parents"] = check_type_list( + self.desired.get(key).get("parents") + ) + # Get the current folder from the API and set some parameters self._get_current() self._changed_items = self._detect_changes() @@ -500,9 +513,8 @@ def run_module(): ) if desired_state == "absent": result = current_folder.delete() - else: - if current_folder.needs_update(): - result = current_folder.edit() + elif current_folder.needs_update(): + result = current_folder.edit() elif current_folder.state == "absent": result = result._replace(msg="Folder already absent.") if desired_state in ("present"): From bb97c180d75c734a19daa4c324f3f425432e6974 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 06:58:25 +0000 Subject: [PATCH 084/114] Bump github/issue-labeler from 3.3 to 3.4 Bumps [github/issue-labeler](https://github.com/github/issue-labeler) from 3.3 to 3.4. - [Release notes](https://github.com/github/issue-labeler/releases) - [Commits](https://github.com/github/issue-labeler/compare/v3.3...v3.4) --- updated-dependencies: - dependency-name: github/issue-labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/label-issues.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/label-issues.yaml b/.github/workflows/label-issues.yaml index 4f5fa822f..d760b6c3c 100644 --- a/.github/workflows/label-issues.yaml +++ b/.github/workflows/label-issues.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: "Label Issues." - uses: github/issue-labeler@v3.3 + uses: github/issue-labeler@v3.4 with: configuration-path: .github/labels-issues.yml include-title: 1 From b8f44f348c3b0e1da784affea327bbda181fed6e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 06:58:29 +0000 Subject: [PATCH 085/114] Bump peter-evans/create-pull-request from 5 to 6 Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5 to 6. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v5...v6) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 4d8a1569e..4236fa249 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -99,7 +99,7 @@ jobs: run: antsibull-docs collection --use-current --squash-hierarchy --fail-on-error --dest-dir ./docs/ ${{env.NAMESPACE}}.${{env.COLLECTION_NAME}} - name: Create Pull Request for docs and changelog against devel branch - uses: peter-evans/create-pull-request@v5 + uses: peter-evans/create-pull-request@v6 with: commit-message: Update Docs and Changelogs committer: GitHub From 927b11afa09ac1b2c6ba36343b0c39a5dbae50da Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Mon, 5 Feb 2024 17:14:45 -0500 Subject: [PATCH 086/114] Clean up pull request creation upon release. --- .github/workflows/release.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 4236fa249..fc6e7a3b3 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -101,14 +101,12 @@ jobs: - name: Create Pull Request for docs and changelog against devel branch uses: peter-evans/create-pull-request@v6 with: - commit-message: Update Docs and Changelogs - committer: GitHub - author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> + commit-message: Update Docs and Changelogs upon Release signoff: false branch: changelogs-docs-update-devel base: devel delete-branch: true - title: '[Auto] Update changelogs and docs' + title: '[Auto] Update changelogs and docs upon release' body: | Changelogs and docs updated during *${{ steps.current_version.outputs.version }}* release. assignees: robin-checkmk @@ -146,7 +144,7 @@ jobs: # Ansible Collection: ${{env.NAMESPACE}}.${{env.COLLECTION_NAME}} For information about this collection and how to install it, refer to the [README](https://github.com/Checkmk/ansible-collection-checkmk.general/blob/main/README.md). - + For a detailed changelog, refer to the [CHANGELOG](https://github.com/Checkmk/ansible-collection-checkmk.general/blob/main/CHANGELOG.rst). - name: Publish Ansible Collection to the Galaxy From cb828f3a9a964b2e3966233003cdbd9f2bc054ba Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Mon, 5 Feb 2024 18:43:16 -0500 Subject: [PATCH 087/114] Formatting and phrasing. --- plugins/lookup/bakery.py | 17 ++++++++--- plugins/lookup/folder.py | 23 ++++++++++++--- plugins/lookup/folders.py | 45 +++++++++++++++++++--------- plugins/lookup/host.py | 34 +++++++++++++++------ plugins/lookup/hosts.py | 33 +++++++++++++++------ plugins/lookup/rule.py | 25 ++++++++++++---- plugins/lookup/rules.py | 43 ++++++++++++++++++--------- plugins/lookup/ruleset.py | 25 ++++++++++++---- plugins/lookup/rulesets.py | 60 +++++++++++++++++++++++++------------- plugins/lookup/version.py | 11 ++++++- 10 files changed, 231 insertions(+), 85 deletions(-) diff --git a/plugins/lookup/bakery.py b/plugins/lookup/bakery.py index 69c080641..0346e3122 100644 --- a/plugins/lookup/bakery.py +++ b/plugins/lookup/bakery.py @@ -9,10 +9,14 @@ name: bakery author: Max Sickora (@max-checkmk) version_added: "4.0.0" + short_description: Get the bakery status of a Checkmk server + description: - Returns the bakery status of a Checkmk server as a string, e.g. 'running' + options: + server_url: description: URL of the Checkmk server required: True @@ -23,8 +27,9 @@ ini: - section: checkmk_lookup key: server_url + site: - description: site name + description: Site name. required: True vars: - name: ansible_lookup_checkmk_site @@ -33,8 +38,9 @@ ini: - section: checkmk_lookup key: site + automation_user: - description: automation user for the REST API access + description: Automation user for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_user @@ -43,8 +49,9 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: - description: automation secret for the REST API access + description: Automation secret for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_secret @@ -53,8 +60,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Wether or not to validate TLS certificates + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -65,6 +73,7 @@ ini: - section: checkmk_lookup key: validate_certs + notes: - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. If you need to use different permissions, you must change the command or run Ansible as another user. diff --git a/plugins/lookup/folder.py b/plugins/lookup/folder.py index 916f4803d..56a204ca2 100644 --- a/plugins/lookup/folder.py +++ b/plugins/lookup/folder.py @@ -9,13 +9,18 @@ name: folder author: Lars Getwan (@lgetwan) version_added: "3.3.0" + short_description: Get folder attributes + description: - Returns the attributes of a folder + options: + _terms: description: complete folder path using tilde as a delimiter required: True + server_url: description: URL of the Checkmk server required: True @@ -26,8 +31,9 @@ ini: - section: checkmk_lookup key: server_url + site: - description: site name + description: Site name. required: True vars: - name: ansible_lookup_checkmk_site @@ -36,8 +42,9 @@ ini: - section: checkmk_lookup key: site + automation_user: - description: automation user for the REST API access + description: Automation user for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_user @@ -46,8 +53,9 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: - description: automation secret for the REST API access + description: Automation secret for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_secret @@ -56,8 +64,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Wether or not to validate TLS certificates + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -68,6 +77,12 @@ ini: - section: checkmk_lookup key: validate_certs + + notes: + - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. + If you need to use different permissions, you must change the command or run Ansible as another user. + - Alternatively, you can use a shell/command task that runs against localhost and registers the result. + - The directory of the play is used as the current working directory. """ EXAMPLES = """ diff --git a/plugins/lookup/folders.py b/plugins/lookup/folders.py index a5e097bc0..8a3a9708a 100644 --- a/plugins/lookup/folders.py +++ b/plugins/lookup/folders.py @@ -9,24 +9,19 @@ name: folders author: Lars Getwan (@lgetwan) version_added: "3.3.0" + short_description: Get various information about a folder + description: - Returns a list of subfolders - Returns a list of hosts of the folder + options: + _terms: description: complete folder path using tilde as a delimiter required: True - show_hosts: - description: Also show the hosts of the folder(s) found - type: boolean - required: False - default: False - recursive: - description: Do a recursive query - type: boolean - required: False - default: False + server_url: description: URL of the Checkmk server required: True @@ -37,8 +32,9 @@ ini: - section: checkmk_lookup key: server_url + site: - description: site name + description: Site name. required: True vars: - name: ansible_lookup_checkmk_site @@ -47,8 +43,9 @@ ini: - section: checkmk_lookup key: site + automation_user: - description: automation user for the REST API access + description: Automation user for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_user @@ -57,8 +54,9 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: - description: automation secret for the REST API access + description: Automation secret for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_secret @@ -67,8 +65,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Wether or not to validate TLS cerificates + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -79,6 +78,24 @@ ini: - section: checkmk_lookup key: validate_certs + + show_hosts: + description: Also show the hosts of the folder(s) found + type: boolean + required: False + default: False + + recursive: + description: Do a recursive query + type: boolean + required: False + default: False + + notes: + - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. + If you need to use different permissions, you must change the command or run Ansible as another user. + - Alternatively, you can use a shell/command task that runs against localhost and registers the result. + - The directory of the play is used as the current working directory. """ EXAMPLES = """ diff --git a/plugins/lookup/host.py b/plugins/lookup/host.py index f109f86ce..a4145221d 100644 --- a/plugins/lookup/host.py +++ b/plugins/lookup/host.py @@ -9,18 +9,18 @@ name: host author: Lars Getwan (@lgetwan) version_added: "3.3.0" + short_description: Get host attributes + description: - Returns the attributes of a host + options: + _terms: description: host name required: True - effective_attributes: - description: show all effective attributes on hosts - type: boolean - required: False - default: False + server_url: description: URL of the Checkmk server required: True @@ -31,8 +31,9 @@ ini: - section: checkmk_lookup key: server_url + site: - description: site name + description: Site name. required: True vars: - name: ansible_lookup_checkmk_site @@ -41,8 +42,9 @@ ini: - section: checkmk_lookup key: site + automation_user: - description: automation user for the REST API access + description: Automation user for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_user @@ -51,8 +53,9 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: - description: automation secret for the REST API access + description: Automation secret for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_secret @@ -61,8 +64,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Wether or not to validate TLS cerificates + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -73,6 +77,18 @@ ini: - section: checkmk_lookup key: validate_certs + + effective_attributes: + description: show all effective attributes on hosts + type: boolean + required: False + default: False + + notes: + - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. + If you need to use different permissions, you must change the command or run Ansible as another user. + - Alternatively, you can use a shell/command task that runs against localhost and registers the result. + - The directory of the play is used as the current working directory. """ EXAMPLES = """ diff --git a/plugins/lookup/hosts.py b/plugins/lookup/hosts.py index 250b114e7..79f2e744e 100644 --- a/plugins/lookup/hosts.py +++ b/plugins/lookup/hosts.py @@ -9,16 +9,15 @@ name: hosts author: Lars Getwan (@lgetwan) version_added: "3.3.0" + short_description: Get various information about a host + description: - Returns a list of subhosts - Returns a list of hosts of the host + options: - effective_attributes: - description: show all effective attributes on hosts - type: boolean - required: False - default: False + server_url: description: URL of the Checkmk server required: True @@ -29,8 +28,9 @@ ini: - section: checkmk_lookup key: server_url + site: - description: site name + description: Site name. required: True vars: - name: ansible_lookup_checkmk_site @@ -39,8 +39,9 @@ ini: - section: checkmk_lookup key: site + automation_user: - description: automation user for the REST API access + description: Automation user for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_user @@ -49,8 +50,9 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: - description: automation secret for the REST API access + description: Automation secret for the REST API access. required: True vars: - name: ansible_lookup_checkmk_automation_secret @@ -59,8 +61,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Wether or not to validate TLS cerificates + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -71,6 +74,18 @@ ini: - section: checkmk_lookup key: validate_certs + + effective_attributes: + description: show all effective attributes on hosts + type: boolean + required: False + default: False + + notes: + - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. + If you need to use different permissions, you must change the command or run Ansible as another user. + - Alternatively, you can use a shell/command task that runs against localhost and registers the result. + - The directory of the play is used as the current working directory. """ EXAMPLES = """ diff --git a/plugins/lookup/rule.py b/plugins/lookup/rule.py index 1473321b0..441b3ac71 100644 --- a/plugins/lookup/rule.py +++ b/plugins/lookup/rule.py @@ -9,13 +9,14 @@ name: rule author: Lars Getwan (@lgetwan) version_added: "3.5.0" - short_description: Show rule + + short_description: Show a rule + description: - Returns details of a rule + options: - rule_id: - description: The rule id. - required: True + server_url: description: URL of the Checkmk server. required: True @@ -26,6 +27,7 @@ ini: - section: checkmk_lookup key: server_url + site: description: Site name. required: True @@ -36,6 +38,7 @@ ini: - section: checkmk_lookup key: site + automation_user: description: Automation user for the REST API access. required: True @@ -46,6 +49,7 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: description: Automation secret for the REST API access. required: True @@ -56,8 +60,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Whether or not to validate TLS cerificates. + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -68,6 +73,16 @@ ini: - section: checkmk_lookup key: validate_certs + + rule_id: + description: The rule id. + required: True + + notes: + - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. + If you need to use different permissions, you must change the command or run Ansible as another user. + - Alternatively, you can use a shell/command task that runs against localhost and registers the result. + - The directory of the play is used as the current working directory. """ EXAMPLES = """ diff --git a/plugins/lookup/rules.py b/plugins/lookup/rules.py index 0cc21762c..a9b954f8c 100644 --- a/plugins/lookup/rules.py +++ b/plugins/lookup/rules.py @@ -9,21 +9,14 @@ name: rules author: Lars Getwan (@lgetwan) version_added: "3.5.0" - short_description: List rules + + short_description: Get a list rules + description: - Returns a list of Rules + options: - ruleset: - description: The ruleset name. - required: True - description_regex: - description: A regex to filter for certain descriptions. - required: False - default: "" - comment_regex: - description: A regex to filter for certain comment stings. - required: False - default: "" + server_url: description: URL of the Checkmk server. required: True @@ -34,6 +27,7 @@ ini: - section: checkmk_lookup key: server_url + site: description: Site name. required: True @@ -44,6 +38,7 @@ ini: - section: checkmk_lookup key: site + automation_user: description: Automation user for the REST API access. required: True @@ -54,6 +49,7 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: description: Automation secret for the REST API access. required: True @@ -64,8 +60,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Whether or not to validate TLS cerificates. + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -76,6 +73,26 @@ ini: - section: checkmk_lookup key: validate_certs + + ruleset: + description: The ruleset name. + required: True + + description_regex: + description: A regex to filter for certain descriptions. + required: False + default: "" + + comment_regex: + description: A regex to filter for certain comment stings. + required: False + default: "" + + notes: + - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. + If you need to use different permissions, you must change the command or run Ansible as another user. + - Alternatively, you can use a shell/command task that runs against localhost and registers the result. + - The directory of the play is used as the current working directory. """ EXAMPLES = """ diff --git a/plugins/lookup/ruleset.py b/plugins/lookup/ruleset.py index 7cf959fc6..d25d1cb05 100644 --- a/plugins/lookup/ruleset.py +++ b/plugins/lookup/ruleset.py @@ -9,13 +9,14 @@ name: ruleset author: Lars Getwan (@lgetwan) version_added: "3.5.0" - short_description: Show ruleset + + short_description: Show a ruleset + description: - Returns details of a ruleset + options: - ruleset: - description: The ruleset name. - required: True + server_url: description: URL of the Checkmk server. required: True @@ -26,6 +27,7 @@ ini: - section: checkmk_lookup key: server_url + site: description: Site name. required: True @@ -36,6 +38,7 @@ ini: - section: checkmk_lookup key: site + automation_user: description: Automation user for the REST API access. required: True @@ -46,6 +49,7 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: description: Automation secret for the REST API access. required: True @@ -56,8 +60,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Whether or not to validate TLS cerificates. + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -68,6 +73,16 @@ ini: - section: checkmk_lookup key: validate_certs + + ruleset: + description: The ruleset name. + required: True + + notes: + - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. + If you need to use different permissions, you must change the command or run Ansible as another user. + - Alternatively, you can use a shell/command task that runs against localhost and registers the result. + - The directory of the play is used as the current working directory. """ EXAMPLES = """ diff --git a/plugins/lookup/rulesets.py b/plugins/lookup/rulesets.py index 5349e276b..349920375 100644 --- a/plugins/lookup/rulesets.py +++ b/plugins/lookup/rulesets.py @@ -9,29 +9,14 @@ name: rulesets author: Lars Getwan (@lgetwan) version_added: "3.5.0" + short_description: Search rulesets + description: - Returns a list of Rulesets + options: - regex: - description: A regex of the ruleset name. - required: True - rulesets_folder: - description: - - The folder in which to search for rules. - - Path delimiters can be either ~ or /. - required: False - default: "/" - rulesets_deprecated: - description: Only show deprecated rulesets. Defaults to False. - type: boolean - required: False - default: False - rulesets_used: - description: Only show used rulesets. Defaults to True. - type: boolean - required: False - default: True + server_url: description: URL of the Checkmk server. required: True @@ -42,8 +27,9 @@ ini: - section: checkmk_lookup key: server_url + site: - description: Site name + description: Site name. required: True vars: - name: ansible_lookup_checkmk_site @@ -52,6 +38,7 @@ ini: - section: checkmk_lookup key: site + automation_user: description: Automation user for the REST API access. required: True @@ -62,6 +49,7 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: description: Automation secret for the REST API access. required: True @@ -72,8 +60,9 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: - description: Whether or not to validate TLS cerificates. + description: Whether or not to validate TLS certificates. type: boolean required: False default: True @@ -84,6 +73,35 @@ ini: - section: checkmk_lookup key: validate_certs + + regex: + description: A regex of the ruleset name. + required: True + + rulesets_folder: + description: + - The folder in which to search for rules. + - Path delimiters can be either ~ or /. + required: False + default: "/" + + rulesets_deprecated: + description: Only show deprecated rulesets. Defaults to False. + type: boolean + required: False + default: False + + rulesets_used: + description: Only show used rulesets. Defaults to True. + type: boolean + required: False + default: True + + notes: + - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. + If you need to use different permissions, you must change the command or run Ansible as another user. + - Alternatively, you can use a shell/command task that runs against localhost and registers the result. + - The directory of the play is used as the current working directory. """ EXAMPLES = """ diff --git a/plugins/lookup/version.py b/plugins/lookup/version.py index bb5c7f142..5a87f4ded 100644 --- a/plugins/lookup/version.py +++ b/plugins/lookup/version.py @@ -9,12 +9,16 @@ name: version author: Lars Getwan (@lgetwan) version_added: "3.1.0" + short_description: Get the version of a Checkmk server + description: - Returns the version of a Checkmk server as a string, e.g. '2.1.0p31.cre' + options: + server_url: - description: URL of the Checkmk server + description: URL of the Checkmk server. required: True vars: - name: ansible_lookup_checkmk_server_url @@ -23,6 +27,7 @@ ini: - section: checkmk_lookup key: server_url + site: description: Site name. required: True @@ -33,6 +38,7 @@ ini: - section: checkmk_lookup key: site + automation_user: description: Automation user for the REST API access. required: True @@ -43,6 +49,7 @@ ini: - section: checkmk_lookup key: automation_user + automation_secret: description: Automation secret for the REST API access. required: True @@ -53,6 +60,7 @@ ini: - section: checkmk_lookup key: automation_secret + validate_certs: description: Whether or not to validate TLS certificates. type: boolean @@ -65,6 +73,7 @@ ini: - section: checkmk_lookup key: validate_certs + notes: - Like all lookups, this runs on the Ansible controller and is unaffected by other keywords such as 'become'. If you need to use different permissions, you must change the command or run Ansible as another user. From b4e1aaaabd53a86062be0e092a2e793e5ad1ebe7 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Fri, 9 Feb 2024 11:15:27 +0100 Subject: [PATCH 088/114] add: requested changes --- plugins/modules/folder.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 9e241b62e..55ad7f84d 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -67,7 +67,7 @@ default: present choices: [present, absent] extended_functionality: - description: The state of your folder. + description: Allow extended functionality instead of the expected REST API behavior. type: bool default: true @@ -304,9 +304,7 @@ def _detect_changes(self): changes.append("update attributes") desired_attributes["update_attributes"] = merged_attributes - if desired_attributes.get( - "attributes" - ) and current_attributes != desired_attributes.get("attributes"): + if current_attributes != desired_attributes.get("attributes", {}): changes.append("attributes") if self.current.get("title") != desired_attributes.get("title"): @@ -324,7 +322,7 @@ def _detect_changes(self): elif isinstance(tmp_remove_attributes, dict): if not self.extended_functionality: self.module.fail_json( - msg="ERROR: The parameter remove_attributes of dict type is not supported for set paramter extended_functionality: false!", + msg="ERROR: The parameter remove_attributes of dict type is not supported for the paramter extended_functionality: false!", ) (tmp_remove, tmp_rest) = (current_attributes, {}) @@ -383,6 +381,8 @@ def _get_current(self): for key, value in extensions.items(): if key == "attributes": value.pop("meta_data") + if "network_scan_results" in value: + value.pop("network_scan_results") self.current[key] = value self.etag = result.etag @@ -405,7 +405,7 @@ def needs_update(self): def create(self): data = self.desired.copy() - if not data.get("attributes"): + if data.get("attributes", {}) != {}: data["attributes"] = data.pop("update_attributes", {}) if data.get("remove_attributes"): From bce20d324e9b14cf3f9ceaefb86573f1be78c35d Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Fri, 9 Feb 2024 11:51:10 +0100 Subject: [PATCH 089/114] refactor: request --- plugins/modules/host.py | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/plugins/modules/host.py b/plugins/modules/host.py index eba3923ac..8ad85d400 100644 --- a/plugins/modules/host.py +++ b/plugins/modules/host.py @@ -351,15 +351,12 @@ def run_module(): update_attributes = module.params.get("update_attributes", {}) state = module.params.get("state", "present") - if attributes != {}: - if attributes.get("parents"): - attributes["parents"] = check_type_list(attributes.get("parents")) - - if update_attributes != {}: - if update_attributes.get("parents"): - update_attributes["parents"] = check_type_list( - update_attributes.get("parents") - ) + for par in [attributes, update_attributes]: + if par != {}: + if par.get("parents"): + par["parents"] = check_type_list( + par.get("parents") + ) if module.params["folder"]: module.params["folder"] = normalize_folder(module.params["folder"]) From eaa49101f98b67d08410ceb8ae7416d00a7069db Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Fri, 9 Feb 2024 15:00:00 +0100 Subject: [PATCH 090/114] fix: style --- plugins/modules/host.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/plugins/modules/host.py b/plugins/modules/host.py index 8ad85d400..1be564dd0 100644 --- a/plugins/modules/host.py +++ b/plugins/modules/host.py @@ -354,9 +354,7 @@ def run_module(): for par in [attributes, update_attributes]: if par != {}: if par.get("parents"): - par["parents"] = check_type_list( - par.get("parents") - ) + par["parents"] = check_type_list(par.get("parents")) if module.params["folder"]: module.params["folder"] = normalize_folder(module.params["folder"]) From fd4141883058a595106fc3f277ec49dc6359ecc4 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Fri, 9 Feb 2024 16:09:00 +0100 Subject: [PATCH 091/114] Did some merging magic (actually, all manually...). --- plugins/modules/folder.py | 41 --------------------------------------- 1 file changed, 41 deletions(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 07264331f..55ad7f84d 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -169,10 +169,6 @@ HAS_PATHLIB2_LIBRARY = True PATHLIB2_LIBRARY_IMPORT_ERROR = None -PYTHON_VERSION = 3 -HAS_PATHLIB2_LIBRARY = True -PATHLIB2_LIBRARY_IMPORT_ERROR = None - if sys.version[0] == "3": from pathlib import Path else: @@ -471,43 +467,6 @@ def _exit_if_missing_pathlib(module): ) -def get_version_ge_220p7(module, checkmkversion): - if "p" in checkmkversion[2]: - patchlevel = checkmkversion[2].split("p") - patchtype = "p" - elif "a" in checkmkversion[2]: - patchlevel = checkmkversion[2].split("a") - patchtype = "a" - elif "b" in checkmkversion[2]: - patchlevel = checkmkversion[2].split("b") - patchtype = "b" - else: - exit_failed( - module, - "Not supported patch-level schema: %s" % (checkmkversion[2]), - ) - - if ( - int(checkmkversion[0]) > 2 - or (int(checkmkversion[0]) == 2 and int(checkmkversion[1]) > 2) - or ( - int(checkmkversion[0]) == 2 - and int(checkmkversion[1]) == 2 - and int(patchlevel[0]) > 0 - ) - or ( - int(checkmkversion[0]) == 2 - and int(checkmkversion[1]) == 2 - and int(patchlevel[0]) == 0 - and patchtype == "p" - and int(patchlevel[1]) >= 7 - ) - ): - return True - else: - return False - - def run_module(): # define available arguments/parameters a user can pass to the module module_args = dict( From ea6706cc3ceef185f86e3d6b1ec08ef205acfe83 Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Fri, 9 Feb 2024 16:59:40 +0100 Subject: [PATCH 092/114] fix: bug, idempotency --- plugins/modules/folder.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 55ad7f84d..9d50b28b0 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -304,7 +304,7 @@ def _detect_changes(self): changes.append("update attributes") desired_attributes["update_attributes"] = merged_attributes - if current_attributes != desired_attributes.get("attributes", {}): + if desired_attributes.get("attributes") and current_attributes != desired_attributes.get("attributes"): changes.append("attributes") if self.current.get("title") != desired_attributes.get("title"): From 4e55a628d0e1c95c44cfbb8686644c7e3537302a Mon Sep 17 00:00:00 2001 From: Michael Sekania Date: Fri, 9 Feb 2024 17:02:57 +0100 Subject: [PATCH 093/114] fix: style --- plugins/modules/folder.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 9d50b28b0..87a5a9945 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -304,7 +304,9 @@ def _detect_changes(self): changes.append("update attributes") desired_attributes["update_attributes"] = merged_attributes - if desired_attributes.get("attributes") and current_attributes != desired_attributes.get("attributes"): + if desired_attributes.get( + "attributes" + ) and current_attributes != desired_attributes.get("attributes"): changes.append("attributes") if self.current.get("title") != desired_attributes.get("title"): From a846fb78c722c437db09d5da7019a40983f8b6ac Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Tue, 13 Feb 2024 17:59:39 -0500 Subject: [PATCH 094/114] Update lookup_folder with new variables. --- .../targets/lookup_folder/tasks/test.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/integration/targets/lookup_folder/tasks/test.yml b/tests/integration/targets/lookup_folder/tasks/test.yml index 647dc014d..1e55b046c 100644 --- a/tests/integration/targets/lookup_folder/tasks/test.yml +++ b/tests/integration/targets/lookup_folder/tasks/test.yml @@ -57,3 +57,18 @@ }}" delegate_to: localhost run_once: true # noqa run-once[task] + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Verify folder criticality using ENV vars." + ansible.builtin.assert: + that: "extensions.attributes.tag_criticality == checkmk_folder.criticality" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + extensions: "{{ lookup('checkmk.general.folder', + checkmk_folder.path) + }}" + delegate_to: localhost + run_once: true # noqa run-once[task] From 0d43296287d4a0544f3a1d275250be7f7f3c2804 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Wed, 14 Feb 2024 11:37:52 +0100 Subject: [PATCH 095/114] Blackenedgit add plugins/modules/folder.py --- plugins/modules/folder.py | 1 - 1 file changed, 1 deletion(-) diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 25a73449e..87a5a9945 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -508,7 +508,6 @@ def run_module(): changed=False, ) - desired_state = current_folder.params.get("state") if current_folder.state == "present": result = result._replace( From 66e0b063728bc02278f654ccdfecb5f913764565 Mon Sep 17 00:00:00 2001 From: Lars Getwan Date: Wed, 14 Feb 2024 13:59:40 +0100 Subject: [PATCH 096/114] Folder module - Fix idempotency when using attributes parameter for creating a folder. --- changelogs/fragments/fix_folder_module_idempotency.yml | 2 ++ plugins/modules/folder.py | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/fix_folder_module_idempotency.yml diff --git a/changelogs/fragments/fix_folder_module_idempotency.yml b/changelogs/fragments/fix_folder_module_idempotency.yml new file mode 100644 index 000000000..401a40cc2 --- /dev/null +++ b/changelogs/fragments/fix_folder_module_idempotency.yml @@ -0,0 +1,2 @@ +bugfixes: + - Folder module - Fix idempotency when using "attributes" parameter for creating a folder. diff --git a/plugins/modules/folder.py b/plugins/modules/folder.py index 87a5a9945..ea2500b79 100644 --- a/plugins/modules/folder.py +++ b/plugins/modules/folder.py @@ -407,7 +407,7 @@ def needs_update(self): def create(self): data = self.desired.copy() - if data.get("attributes", {}) != {}: + if data.get("attributes", {}) == {}: data["attributes"] = data.pop("update_attributes", {}) if data.get("remove_attributes"): From e19fd625656b0ce703890fe69440e0f1e2fac9aa Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 14 Feb 2024 11:18:43 -0500 Subject: [PATCH 097/114] Update lookup_bakery with new variables. --- .../targets/lookup_bakery/tasks/test.yml | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/integration/targets/lookup_bakery/tasks/test.yml b/tests/integration/targets/lookup_bakery/tasks/test.yml index b594758f0..d41fbc773 100644 --- a/tests/integration/targets/lookup_bakery/tasks/test.yml +++ b/tests/integration/targets/lookup_bakery/tasks/test.yml @@ -20,3 +20,24 @@ ("'initialized' in looked_up_bakery.msg") or ("'stopped' in looked_up_bakery.msg") or ("'exception' in looked_up_bakery.msg") + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Get Checkmk bakery status using ENV vars." + ansible.builtin.debug: + msg: "Bakery status is {{ bakery }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + bakery: "{{ lookup('checkmk.general.bakery') }}" + delegate_to: localhost + register: looked_up_bakery + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Verify bakery status." + ansible.builtin.assert: + that: ("'finished' in looked_up_bakery.msg") or + ("'running' in looked_up_bakery.msg") or + ("'initialized' in looked_up_bakery.msg") or + ("'stopped' in looked_up_bakery.msg") or + ("'exception' in looked_up_bakery.msg") From f5aadb735a8563ec9ed9a8edc13672c60c4261aa Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 15 Feb 2024 09:13:48 -0500 Subject: [PATCH 098/114] Update changelog template. --- changelogs/template.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/changelogs/template.yml b/changelogs/template.yml index 4931365a8..d4b43fd17 100644 --- a/changelogs/template.yml +++ b/changelogs/template.yml @@ -21,12 +21,20 @@ # For changes that are not really scoped (for example, which affect a whole collection), use the following format: # - Description starting with an uppercase letter and ending with a dot at the very end. Multiple sentences are allowed. +# Tipps: +# You can write multi line changelogs like this: +# - Module name - This is a very long and detailed +# changelog line, so we will split it into several +# lines, just like this. + ## Possible keys: # # release_summary # Adds a single line release summary to the changelog. # breaking_changes -# Changes that break existing playbooks or roles. This includes any change to existing behavior that forces users to update tasks. Displayed in both the changelogs and the Porting Guides. +# Changes that break existing playbooks or roles. +# This includes any change to existing behavior that forces users to update tasks. +# Displayed in both the changelogs and the Porting Guides. # major_changes # Major changes to Ansible itself. Generally does not include module or plugin changes. Displayed in both the changelogs and the Porting Guides. # minor_changes From bed616f764cf82b6676d6d9aa0c27e72bc6d760d Mon Sep 17 00:00:00 2001 From: "max.sickora" Date: Thu, 15 Feb 2024 15:51:23 +0100 Subject: [PATCH 099/114] removed_pw_length_check --- plugins/modules/user.py | 60 ++++--------------- tests/integration/targets/user/tasks/test.yml | 38 ------------ tests/integration/targets/user/vars/main.yml | 26 ++++---- 3 files changed, 24 insertions(+), 100 deletions(-) diff --git a/plugins/modules/user.py b/plugins/modules/user.py index e9cf583aa..c0c0b5055 100644 --- a/plugins/modules/user.py +++ b/plugins/modules/user.py @@ -236,9 +236,6 @@ from ansible_collections.checkmk.general.plugins.module_utils.utils import ( result_as_dict, ) -from ansible_collections.checkmk.general.plugins.module_utils.version import ( - CheckmkVersion, -) USER = ( "username", @@ -409,19 +406,6 @@ def needs_editing(self): return True return False - def shortpassword(self, data): - ver = self.getversion() - if ver >= CheckmkVersion("2.3.0") and "auth_option" in data: - if ( - "password" in data["auth_option"] - and len(data["auth_option"]["password"]) < 12 - ) or ( - "secret" in data["auth_option"] - and len(data["auth_option"]["secret"]) < 10 - ): - return True - return False - def get(self): result = self._fetch( code_mapping=UserHTTPCodes.get, @@ -442,44 +426,24 @@ def create(self): # in the Checkmk API... data.setdefault("fullname", data["username"]) - if self.shortpassword(data): - result = RESULT( - http_code=0, - msg="Password too short. For 2.3 and higher, please provide at least 12 characters (automation min. 10).", - content="", - etag="", - failed=True, - changed=False, - ) - else: - result = self._fetch( - code_mapping=UserHTTPCodes.create, - endpoint=UserEndpoints.create, - data=data, - method="POST", - ) + result = self._fetch( + code_mapping=UserHTTPCodes.create, + endpoint=UserEndpoints.create, + data=data, + method="POST", + ) return result def edit(self, etag): data = self._build_user_data() self.headers["if-Match"] = etag - if self.shortpassword(data): - result = RESULT( - http_code=0, - msg="Password too short. For 2.3 and higher, please provide at least 12 characters (automation min. 10).", - content="", - etag="", - failed=True, - changed=False, - ) - else: - result = self._fetch( - code_mapping=UserHTTPCodes.edit, - endpoint=self._build_default_endpoint(), - data=data, - method="PUT", - ) + result = self._fetch( + code_mapping=UserHTTPCodes.edit, + endpoint=self._build_default_endpoint(), + data=data, + method="PUT", + ) return result diff --git a/tests/integration/targets/user/tasks/test.yml b/tests/integration/targets/user/tasks/test.yml index 1a855ad13..041fdbe66 100644 --- a/tests/integration/targets/user/tasks/test.yml +++ b/tests/integration/targets/user/tasks/test.yml @@ -203,44 +203,6 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test create with short pw for 2.3 (should fail)" - user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module - server_url: "{{ checkmk_var_server_url }}" - site: "{{ outer_item.site }}" - automation_user: "{{ checkmk_var_automation_user }}" - automation_secret: "{{ checkmk_var_automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 - name: "autotest" - fullname: "autotest" - auth_type: "automation" - password: "2short" - roles: - - admin - state: "present" - delegate_to: localhost - run_once: true # noqa run-once[task] - when: "'2.3' in outer_item.version" - register: checkmk_shortpwcheck_create - failed_when: "'Password too short. For 2.3 and higher' not in checkmk_shortpwcheck_create.msg" - -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Test reset with short pw for 2.3 (should fail)" - user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module - server_url: "{{ checkmk_var_server_url }}" - site: "{{ outer_item.site }}" - automation_user: "{{ checkmk_var_automation_user }}" - automation_secret: "{{ checkmk_var_automation_secret }}" - customer: "{{ (customer != None) | ternary(customer, omit) }}" # See PR #427 - name: "{{ item.name }}" - password: "{{ item.password }}" - auth_type: "{{ item.auth_type }}" - state: "reset_password" - delegate_to: localhost - run_once: true # noqa run-once[task] - loop: "{{ checkmk_var_users_new_short_pw }}" - when: "'2.3' in outer_item.version" - register: checkmk_shortpwcheck_edit - failed_when: "'Password too short. For 2.3 and higher' not in checkmk_shortpwcheck_edit.msg" - - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Delete users." user: # noqa fqcn[action-core] # The FQCN lint makes no sense here, as we want to test our local module server_url: "{{ checkmk_var_server_url }}" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index 827bd678c..4de2d7e07 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -1,17 +1,20 @@ --- test_sites: - - version: "2.2.0p19" - edition: "cme" - site: "stable_cme" - - version: "2.2.0p19" - edition: "cre" - site: "stable_cre" + # - version: "2.2.0p19" + # edition: "cme" + # site: "stable_cme" + # - version: "2.2.0p19" + # edition: "cre" + # site: "stable_cre" + - version: "2.3.0-2024.02.15" + edition: "cee" + site: "master" - version: "2.2.0p19" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" - edition: "cre" - site: "old_cre" + # - version: "2.1.0p38" + # edition: "cre" + # site: "old_cre" checkmk_var_contact_groups: - team1 @@ -105,11 +108,6 @@ checkmk_var_users_newpw: password: "abcdefghij" auth_type: automation -checkmk_var_users_new_short_pw: - - name: user3 - password: "abcdefg" - auth_type: password - checkmk_var_users_edit: - name: admin1 fullname: Admin Eins From acd7800b4b0ea29d34837cdc9bd0813af0636cfe Mon Sep 17 00:00:00 2001 From: "max.sickora" Date: Thu, 15 Feb 2024 15:59:09 +0100 Subject: [PATCH 100/114] corrected testet versions --- tests/integration/targets/user/vars/main.yml | 21 +++++++++----------- 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index 4de2d7e07..beb368299 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -1,20 +1,17 @@ --- test_sites: - # - version: "2.2.0p19" - # edition: "cme" - # site: "stable_cme" - # - version: "2.2.0p19" - # edition: "cre" - # site: "stable_cre" - - version: "2.3.0-2024.02.15" - edition: "cee" - site: "master" + - version: "2.2.0p19" + edition: "cme" + site: "stable_cme" + - version: "2.2.0p19" + edition: "cre" + site: "stable_cre" - version: "2.2.0p19" edition: "cee" site: "stable_cee" - # - version: "2.1.0p38" - # edition: "cre" - # site: "old_cre" + - version: "2.1.0p38" + edition: "cre" + site: "old_cre" checkmk_var_contact_groups: - team1 From 6e671d3ffe39cfed42622af8964f838a91e4cb21 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 15 Feb 2024 10:20:18 -0500 Subject: [PATCH 101/114] Add changelog and extend documentation. --- changelogs/fragments/lookups.yml | 4 ++++ plugins/lookup/bakery.py | 13 ++++++++++++- plugins/lookup/folder.py | 11 +++++++++++ plugins/lookup/folders.py | 18 ++++++++++++++++++ plugins/lookup/host.py | 11 +++++++++++ plugins/lookup/hosts.py | 14 ++++++++++++++ plugins/lookup/rule.py | 11 +++++++++++ plugins/lookup/rules.py | 14 ++++++++++++++ plugins/lookup/ruleset.py | 11 +++++++++++ plugins/lookup/rulesets.py | 14 ++++++++++++++ plugins/lookup/version.py | 11 +++++++++++ 11 files changed, 131 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/lookups.yml diff --git a/changelogs/fragments/lookups.yml b/changelogs/fragments/lookups.yml new file mode 100644 index 000000000..c9c3e4d80 --- /dev/null +++ b/changelogs/fragments/lookups.yml @@ -0,0 +1,4 @@ +minor_changes: + - Lookup modules - Enable usage of ini files, environment and inventory variables + to configure basic settings for the lookup plugins, like the server_url and site + alongside the authentication options. Refer to the module documentation for details. diff --git a/plugins/lookup/bakery.py b/plugins/lookup/bakery.py index 0346e3122..63fdc700d 100644 --- a/plugins/lookup/bakery.py +++ b/plugins/lookup/bakery.py @@ -83,7 +83,7 @@ EXAMPLES = """ - name: "Show bakery status" - debug: + ansible.builtin.debug: msg: "Bakery status is {{ bakery }}" vars: bakery: "{{ lookup('checkmk.general.bakery', @@ -93,6 +93,17 @@ automation_user=automation_user, automation_secret=automation_secret )}}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Bakery status is {{ bakery }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + bakery: "{{ lookup('checkmk.general.bakery') }}" """ RETURN = """ diff --git a/plugins/lookup/folder.py b/plugins/lookup/folder.py index 56a204ca2..22965b838 100644 --- a/plugins/lookup/folder.py +++ b/plugins/lookup/folder.py @@ -100,6 +100,17 @@ validate_certs=False ) }}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Attributes of folder /network: {{ attributes }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + attributes: "{{ lookup('checkmk.general.folder', '~tests') }}" """ RETURN = """ diff --git a/plugins/lookup/folders.py b/plugins/lookup/folders.py index 8a3a9708a..570337c15 100644 --- a/plugins/lookup/folders.py +++ b/plugins/lookup/folders.py @@ -136,6 +136,24 @@ loop: "{{ looping|subelements('members.hosts.value') }}" loop_control: label: "{{ item.0.id }}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Folder tree: {{ item.id }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + loop: "{{ + lookup('checkmk.general.folders', + '~', + show_hosts=False, + recursive=True, + ) }}" + loop_control: + label: "{{ item.id }}" """ RETURN = """ diff --git a/plugins/lookup/host.py b/plugins/lookup/host.py index a4145221d..d94d8485c 100644 --- a/plugins/lookup/host.py +++ b/plugins/lookup/host.py @@ -107,6 +107,17 @@ validate_certs=False ) }}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Attributes of host example: {{ attributes }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + attributes: "{{ lookup('checkmk.general.host', 'example.com', effective_attributes=True) }}" """ RETURN = """ diff --git a/plugins/lookup/hosts.py b/plugins/lookup/hosts.py index 79f2e744e..a98f5c5ab 100644 --- a/plugins/lookup/hosts.py +++ b/plugins/lookup/hosts.py @@ -104,6 +104,20 @@ }}" loop_control: label: "{{ item.id }}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Host: {{ item.id }} in folder {{ item.extensions.folder }}, IP: {{ item.extensions.effective_attributes.ipaddress }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + loop: "{{ + lookup('checkmk.general.hosts', effective_attributes=True) }}" + loop_control: + label: "{{ item.id }}" """ RETURN = """ diff --git a/plugins/lookup/rule.py b/plugins/lookup/rule.py index 441b3ac71..ec3e4e1f3 100644 --- a/plugins/lookup/rule.py +++ b/plugins/lookup/rule.py @@ -100,6 +100,17 @@ validate_certs=False ) }}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Rule: {{ extensions }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + attributes: "{{ lookup('checkmk.general.rule', rule_id='a9285bc1-dcaf-45e0-a3ba-ad398ef06a49') }}" """ RETURN = """ diff --git a/plugins/lookup/rules.py b/plugins/lookup/rules.py index a9b954f8c..842c98ac3 100644 --- a/plugins/lookup/rules.py +++ b/plugins/lookup/rules.py @@ -129,6 +129,20 @@ }}" loop_control: label: "{{ item.id }}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Rule: {{ item.extensions }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + loop: "{{ + lookup('checkmk.general.rules', ruleset='host_groups') }}" + loop_control: + label: "{{ item.id }}" """ RETURN = """ diff --git a/plugins/lookup/ruleset.py b/plugins/lookup/ruleset.py index d25d1cb05..161ce8547 100644 --- a/plugins/lookup/ruleset.py +++ b/plugins/lookup/ruleset.py @@ -100,6 +100,17 @@ validate_certs=False ) }}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Ruleset: {{ extensions }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + extensions: "{{ lookup('checkmk.general.ruleset', ruleset='host_groups') }}" """ RETURN = """ diff --git a/plugins/lookup/rulesets.py b/plugins/lookup/rulesets.py index 349920375..a8c39dd8a 100644 --- a/plugins/lookup/rulesets.py +++ b/plugins/lookup/rulesets.py @@ -139,6 +139,20 @@ }}" loop_control: label: "{{ item.0.id }}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Ruleset {{ item.extension.name }} is deprecated." + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + loop: "{{ + lookup('checkmk.general.rulesets', regex='', rulesets_deprecated=True, rulesets_used=True) }}" + loop_control: + label: "{{ item.0.id }}" """ RETURN = """ diff --git a/plugins/lookup/version.py b/plugins/lookup/version.py index 5a87f4ded..8d293ba68 100644 --- a/plugins/lookup/version.py +++ b/plugins/lookup/version.py @@ -92,6 +92,17 @@ automation_user=my_user, automation_secret=my_secret )}}" + +- name: "Use variables outside the module call." + ansible.builtin.debug: + msg: "Server version is {{ version }}" + vars: + ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" + ansible_lookup_checkmk_site: "{{ outer_item.site }}" + ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_validate_certs: false + attributes: "{{ lookup('checkmk.general.version') }}" """ RETURN = """ From 68940f841df56eda2460964c0ae94e806e7ad4f6 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 15 Feb 2024 12:47:28 -0500 Subject: [PATCH 102/114] Fix variable names. --- plugins/lookup/bakery.py | 6 +++--- plugins/lookup/folder.py | 6 +++--- plugins/lookup/folders.py | 6 +++--- plugins/lookup/host.py | 6 +++--- plugins/lookup/hosts.py | 6 +++--- plugins/lookup/rule.py | 6 +++--- plugins/lookup/rules.py | 6 +++--- plugins/lookup/ruleset.py | 6 +++--- plugins/lookup/rulesets.py | 6 +++--- plugins/lookup/version.py | 6 +++--- 10 files changed, 30 insertions(+), 30 deletions(-) diff --git a/plugins/lookup/bakery.py b/plugins/lookup/bakery.py index 63fdc700d..712006101 100644 --- a/plugins/lookup/bakery.py +++ b/plugins/lookup/bakery.py @@ -100,9 +100,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false bakery: "{{ lookup('checkmk.general.bakery') }}" """ diff --git a/plugins/lookup/folder.py b/plugins/lookup/folder.py index 22965b838..bf00737f6 100644 --- a/plugins/lookup/folder.py +++ b/plugins/lookup/folder.py @@ -107,9 +107,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false attributes: "{{ lookup('checkmk.general.folder', '~tests') }}" """ diff --git a/plugins/lookup/folders.py b/plugins/lookup/folders.py index 570337c15..03d260728 100644 --- a/plugins/lookup/folders.py +++ b/plugins/lookup/folders.py @@ -143,9 +143,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false loop: "{{ lookup('checkmk.general.folders', '~', diff --git a/plugins/lookup/host.py b/plugins/lookup/host.py index d94d8485c..6db71d786 100644 --- a/plugins/lookup/host.py +++ b/plugins/lookup/host.py @@ -114,9 +114,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false attributes: "{{ lookup('checkmk.general.host', 'example.com', effective_attributes=True) }}" """ diff --git a/plugins/lookup/hosts.py b/plugins/lookup/hosts.py index a98f5c5ab..d2ac43106 100644 --- a/plugins/lookup/hosts.py +++ b/plugins/lookup/hosts.py @@ -111,9 +111,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false loop: "{{ lookup('checkmk.general.hosts', effective_attributes=True) }}" loop_control: diff --git a/plugins/lookup/rule.py b/plugins/lookup/rule.py index ec3e4e1f3..e6c0447ff 100644 --- a/plugins/lookup/rule.py +++ b/plugins/lookup/rule.py @@ -107,9 +107,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false attributes: "{{ lookup('checkmk.general.rule', rule_id='a9285bc1-dcaf-45e0-a3ba-ad398ef06a49') }}" """ diff --git a/plugins/lookup/rules.py b/plugins/lookup/rules.py index 842c98ac3..9d0620b2f 100644 --- a/plugins/lookup/rules.py +++ b/plugins/lookup/rules.py @@ -136,9 +136,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false loop: "{{ lookup('checkmk.general.rules', ruleset='host_groups') }}" loop_control: diff --git a/plugins/lookup/ruleset.py b/plugins/lookup/ruleset.py index 161ce8547..af23d7dd8 100644 --- a/plugins/lookup/ruleset.py +++ b/plugins/lookup/ruleset.py @@ -107,9 +107,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false extensions: "{{ lookup('checkmk.general.ruleset', ruleset='host_groups') }}" """ diff --git a/plugins/lookup/rulesets.py b/plugins/lookup/rulesets.py index a8c39dd8a..fb50b21f2 100644 --- a/plugins/lookup/rulesets.py +++ b/plugins/lookup/rulesets.py @@ -146,9 +146,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false loop: "{{ lookup('checkmk.general.rulesets', regex='', rulesets_deprecated=True, rulesets_used=True) }}" loop_control: diff --git a/plugins/lookup/version.py b/plugins/lookup/version.py index 8d293ba68..e603819a6 100644 --- a/plugins/lookup/version.py +++ b/plugins/lookup/version.py @@ -99,9 +99,9 @@ vars: ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false + ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" + ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + ansible_lookup_checkmk_validate_certs: false attributes: "{{ lookup('checkmk.general.version') }}" """ From 0433f903241a523bcc476dd5ff24ea010e33f9d6 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 15 Feb 2024 13:57:45 -0500 Subject: [PATCH 103/114] Add initial set of tests using the new variables from #546. --- .../files/includes/vars/global.yml | 6 ++++++ .../targets/lookup_bakery/tasks/test.yml | 7 +------ .../targets/lookup_folder/tasks/test.yml | 11 ++--------- .../targets/lookup_folders/tasks/test.yml | 15 ++++++++++++--- .../targets/lookup_host/tasks/test.yml | 8 ++++++++ .../targets/lookup_hosts/tasks/test.yml | 8 ++++++++ .../targets/lookup_rules/tasks/test.yml | 19 +++++++++++++++++++ .../targets/lookup_rulesets/tasks/test.yml | 18 ++++++++++++++++++ .../targets/lookup_version/tasks/test.yml | 7 +++++++ 9 files changed, 81 insertions(+), 18 deletions(-) diff --git a/tests/integration/files/includes/vars/global.yml b/tests/integration/files/includes/vars/global.yml index 57f8bb073..e56ed6faf 100644 --- a/tests/integration/files/includes/vars/global.yml +++ b/tests/integration/files/includes/vars/global.yml @@ -15,3 +15,9 @@ checkmk_server_edition_mapping: cee: enterprise cce: cloud cme: managed + +ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" +ansible_lookup_checkmk_site: "{{ outer_item.site }}" +ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" +ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" +ansible_lookup_checkmk_validate_certs: false diff --git a/tests/integration/targets/lookup_bakery/tasks/test.yml b/tests/integration/targets/lookup_bakery/tasks/test.yml index d41fbc773..034b88552 100644 --- a/tests/integration/targets/lookup_bakery/tasks/test.yml +++ b/tests/integration/targets/lookup_bakery/tasks/test.yml @@ -21,15 +21,10 @@ ("'stopped' in looked_up_bakery.msg") or ("'exception' in looked_up_bakery.msg") -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Get Checkmk bakery status using ENV vars." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call." ansible.builtin.debug: msg: "Bakery status is {{ bakery }}" vars: - ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" - ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false bakery: "{{ lookup('checkmk.general.bakery') }}" delegate_to: localhost register: looked_up_bakery diff --git a/tests/integration/targets/lookup_folder/tasks/test.yml b/tests/integration/targets/lookup_folder/tasks/test.yml index 1e55b046c..f028883c9 100644 --- a/tests/integration/targets/lookup_folder/tasks/test.yml +++ b/tests/integration/targets/lookup_folder/tasks/test.yml @@ -58,17 +58,10 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Verify folder criticality using ENV vars." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call." ansible.builtin.assert: that: "extensions.attributes.tag_criticality == checkmk_folder.criticality" vars: - ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" - ansible_lookup_checkmk_site: "{{ outer_item.site }}" - ansible_lookup_automation_user: "{{ checkmk_var_automation_user }}" - ansible_lookup_automation_secret: "{{ checkmk_var_automation_secret }}" - ansible_lookup_validate_certs: false - extensions: "{{ lookup('checkmk.general.folder', - checkmk_folder.path) - }}" + extensions: "{{ lookup('checkmk.general.folder', checkmk_folder.path) }}" delegate_to: localhost run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/lookup_folders/tasks/test.yml b/tests/integration/targets/lookup_folders/tasks/test.yml index befebd766..8852389d4 100644 --- a/tests/integration/targets/lookup_folders/tasks/test.yml +++ b/tests/integration/targets/lookup_folders/tasks/test.yml @@ -14,7 +14,7 @@ run_once: true # noqa run-once[task] loop: "{{ checkmk_var_folders }}" -- name: "Get all folders." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Get all folders." ansible.builtin.debug: var: folders vars: @@ -30,7 +30,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "Get list of all folders." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Get list of all folders." ansible.builtin.debug: msg: "Criticality of {{ item.id }} is {{ item.extensions.attributes.tag_criticality | default('N/A') }}" loop: "{{ lookup('checkmk.general.folders', @@ -47,7 +47,7 @@ loop_control: label: "{{ item.id }}" -- name: "Verify number of folders." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Verify number of folders." ansible.builtin.assert: # The looked up list contains the main folder, as well. that: "( 1 + checkmk_var_folders|length ) == folders|length" @@ -63,3 +63,12 @@ }}" delegate_to: localhost run_once: true # noqa run-once[task] + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Verify number of folders." + ansible.builtin.assert: + # The looked up list contains the main folder, as well. + that: "( 1 + checkmk_var_folders|length ) == folders|length" + vars: + folders: "{{ lookup('checkmk.general.folders', '/', recursive=True) }}" + delegate_to: localhost + run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/lookup_host/tasks/test.yml b/tests/integration/targets/lookup_host/tasks/test.yml index 281d673a0..e10ac167d 100644 --- a/tests/integration/targets/lookup_host/tasks/test.yml +++ b/tests/integration/targets/lookup_host/tasks/test.yml @@ -44,3 +44,11 @@ }}" delegate_to: localhost run_once: true # noqa run-once[task] + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call." + ansible.builtin.assert: + that: "checkmk_host.alias == extensions.attributes.alias" + vars: + extensions: "{{ lookup('checkmk.general.host', checkmk_host.name) }}" + delegate_to: localhost + run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/lookup_hosts/tasks/test.yml b/tests/integration/targets/lookup_hosts/tasks/test.yml index 3e04d6b30..e9b50d1e7 100644 --- a/tests/integration/targets/lookup_hosts/tasks/test.yml +++ b/tests/integration/targets/lookup_hosts/tasks/test.yml @@ -44,3 +44,11 @@ }}" delegate_to: localhost run_once: true # noqa run-once[task] + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call." + ansible.builtin.assert: + that: "checkmk_hosts|length == hosts|length" + vars: + folders: "{{ lookup('checkmk.general.hosts') }}" + delegate_to: localhost + run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/lookup_rules/tasks/test.yml b/tests/integration/targets/lookup_rules/tasks/test.yml index 675237540..eda80fa72 100644 --- a/tests/integration/targets/lookup_rules/tasks/test.yml +++ b/tests/integration/targets/lookup_rules/tasks/test.yml @@ -94,3 +94,22 @@ delegate_to: localhost run_once: true # noqa run-once[task] loop: "{{ cpu_load_ruleset.rules }}" + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call: rule." + ansible.builtin.debug: + var: "rule" + vars: + rule: "{{ lookup('checkmk.general.rule', rule_id=item.id) }}" + delegate_to: localhost + run_once: true # noqa run-once[task] + loop: "{{ cpu_load_ruleset.rules }}" + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call: rules." + ansible.builtin.assert: + # Check the number of rules + that: rules|length == 1 + vars: + rules: "{{ lookup('checkmk.general.rules', ruleset=item, commebt_regex='Ansible managed') }}" + delegate_to: localhost + run_once: true # noqa run-once[task] + loop: "{{ checkmk_rulesets }}" diff --git a/tests/integration/targets/lookup_rulesets/tasks/test.yml b/tests/integration/targets/lookup_rulesets/tasks/test.yml index 8f7482982..94eb8d998 100644 --- a/tests/integration/targets/lookup_rulesets/tasks/test.yml +++ b/tests/integration/targets/lookup_rulesets/tasks/test.yml @@ -80,3 +80,21 @@ delegate_to: localhost run_once: true # noqa run-once[task] loop: "{{ checkmk_ruleset_regexes }}" + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call: ruleset." + ansible.builtin.assert: + # For each rule that we created, check, if the number of rules in its ruleset is 1. + that: "ruleset.number_of_rules == 1" + vars: + ruleset: "{{ lookup('checkmk.general.ruleset', ruleset=item) }}" + delegate_to: localhost + run_once: true # noqa run-once[task] + loop: "{{ checkmk_ruleset_regexes }}" + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call: rulesets." + ansible.builtin.debug: + var: rulesets + vars: + rulesets: "{{ lookup('checkmk.general.rulesets', regex='file', rulesets_used=False, rulesets_deprecated=False) }}" + delegate_to: localhost + run_once: true # noqa run-once[task] diff --git a/tests/integration/targets/lookup_version/tasks/test.yml b/tests/integration/targets/lookup_version/tasks/test.yml index e4409f64c..b156f5df9 100644 --- a/tests/integration/targets/lookup_version/tasks/test.yml +++ b/tests/integration/targets/lookup_version/tasks/test.yml @@ -16,3 +16,10 @@ - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Verify Checkmk version." ansible.builtin.assert: that: "outer_item.version in looked_up_version.msg" + +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Get Checkmk version." + ansible.builtin.assert: + that: "outer_item.version in looked_up_version.msg" + vars: + version: "{{ lookup('checkmk.general.version') }}" + delegate_to: localhost From 45d04c4669b6fcda803dc2d198165fbf714f78f1 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 15 Feb 2024 13:58:14 -0500 Subject: [PATCH 104/114] Add changelogs. --- changelogs/fragments/folder.yml | 3 +++ changelogs/fragments/release_summary.yml | 1 + 2 files changed, 4 insertions(+) create mode 100644 changelogs/fragments/folder.yml create mode 100644 changelogs/fragments/release_summary.yml diff --git a/changelogs/fragments/folder.yml b/changelogs/fragments/folder.yml new file mode 100644 index 000000000..e95d55914 --- /dev/null +++ b/changelogs/fragments/folder.yml @@ -0,0 +1,3 @@ +minor_changes: + - Folder module - Extend attribute management. Please refer to the module documentation + for more details. diff --git a/changelogs/fragments/release_summary.yml b/changelogs/fragments/release_summary.yml new file mode 100644 index 000000000..61a046a26 --- /dev/null +++ b/changelogs/fragments/release_summary.yml @@ -0,0 +1 @@ +release_summary: "Folders, build related changed and the environment." From 89bd427779357f9d870364fee42a034fb579cd93 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 15 Feb 2024 13:58:32 -0500 Subject: [PATCH 105/114] Update doc fragment. --- plugins/doc_fragments/common.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/doc_fragments/common.py b/plugins/doc_fragments/common.py index d70c16134..d0ed25cd9 100644 --- a/plugins/doc_fragments/common.py +++ b/plugins/doc_fragments/common.py @@ -7,7 +7,7 @@ class ModuleDocFragment(object): DOCUMENTATION = r""" options: server_url: - description: The base url of your Checkmk server. + description: The base url of your Checkmk server including the protocol. required: true type: str site: From 35611d2d153cbe87db1214a04fe2521e5012e5e7 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 15 Feb 2024 14:01:24 -0500 Subject: [PATCH 106/114] Bump Checkmk versions. --- roles/agent/README.md | 2 +- roles/agent/defaults/main.yml | 2 +- roles/agent/molecule/2.1.0/group_vars/all.yml | 2 +- roles/agent/molecule/2.2.0/group_vars/all.yml | 2 +- roles/server/README.md | 2 +- roles/server/defaults/main.yml | 2 +- roles/server/molecule/2.1.0/group_vars/all.yml | 2 +- roles/server/molecule/2.2.0/group_vars/all.yml | 2 +- scripts/release.sh | 4 ++-- tests/integration/targets/activation/vars/main.yml | 6 +++--- tests/integration/targets/bakery/vars/main.yml | 4 ++-- tests/integration/targets/contact_group/vars/main.yml | 6 +++--- tests/integration/targets/discovery/vars/main.yml | 6 +++--- tests/integration/targets/downtime/vars/main.yml | 6 +++--- tests/integration/targets/folder/vars/main.yml | 6 +++--- tests/integration/targets/host/vars/main.yml | 6 +++--- tests/integration/targets/host_group/vars/main.yml | 8 ++++---- tests/integration/targets/lookup_bakery/vars/main.yml | 4 ++-- tests/integration/targets/lookup_folder/vars/main.yml | 6 +++--- tests/integration/targets/lookup_folders/vars/main.yml | 6 +++--- tests/integration/targets/lookup_host/vars/main.yml | 6 +++--- tests/integration/targets/lookup_hosts/vars/main.yml | 6 +++--- tests/integration/targets/lookup_rules/vars/main.yml | 6 +++--- tests/integration/targets/lookup_rulesets/vars/main.yml | 6 +++--- tests/integration/targets/lookup_version/vars/main.yml | 6 +++--- tests/integration/targets/password/vars/main.yml | 8 ++++---- tests/integration/targets/rule/vars/main.yml | 6 +++--- tests/integration/targets/service_group/vars/main.yml | 8 ++++---- tests/integration/targets/tag_group/vars/main.yml | 8 ++++---- tests/integration/targets/timeperiod/vars/main.yml | 6 +++--- tests/integration/targets/user/vars/main.yml | 8 ++++---- 31 files changed, 79 insertions(+), 79 deletions(-) diff --git a/roles/agent/README.md b/roles/agent/README.md index cbd697aec..cb7d55538 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -13,7 +13,7 @@ It can be installed as easy as running: ## Role Variables - checkmk_agent_version: "2.2.0p19" + checkmk_agent_version: "2.2.0p22" The Checkmk version of the site your agents will talk to. diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index 134a878e6..d99c3a1f1 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -checkmk_agent_version: "2.2.0p19" +checkmk_agent_version: "2.2.0p22" checkmk_agent_edition: cre checkmk_agent_server_protocol: http checkmk_agent_server: localhost diff --git a/roles/agent/molecule/2.1.0/group_vars/all.yml b/roles/agent/molecule/2.1.0/group_vars/all.yml index 1a2081859..23df43011 100644 --- a/roles/agent/molecule/2.1.0/group_vars/all.yml +++ b/roles/agent/molecule/2.1.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_var_version: "2.1.0p38" +checkmk_var_version: "2.1.0p39" checkmk_var_edition: "cre" checkmk_var_checkmk_site: "my_site" checkmk_var_automation_user: "cmkadmin" diff --git a/roles/agent/molecule/2.2.0/group_vars/all.yml b/roles/agent/molecule/2.2.0/group_vars/all.yml index fe4bdf2f3..2d9a1d6d6 100644 --- a/roles/agent/molecule/2.2.0/group_vars/all.yml +++ b/roles/agent/molecule/2.2.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_var_version: "2.2.0p19" +checkmk_var_version: "2.2.0p22" checkmk_var_edition: "cre" checkmk_var_checkmk_site: "my_site" checkmk_var_automation_user: "cmkadmin" diff --git a/roles/server/README.md b/roles/server/README.md index 40b4e195e..3d679da43 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -25,7 +25,7 @@ To learn about the distributions used in automated tests, inspect the correspond ## Role Variables - checkmk_server_version: "2.2.0p19" + checkmk_server_version: "2.2.0p22" The global Checkmk version. This is used for installing Checkmk. To manage sites and their version, see `checkmk_server_sites`. diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 5d965d8e9..62e6dd721 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -24,7 +24,7 @@ checkmk_server_server_stable_os: - Ubuntu-20 - Ubuntu-22 -checkmk_server_version: "2.2.0p19" +checkmk_server_version: "2.2.0p22" checkmk_server_edition: cre checkmk_server_verify_setup: 'true' diff --git a/roles/server/molecule/2.1.0/group_vars/all.yml b/roles/server/molecule/2.1.0/group_vars/all.yml index db44b60ee..8baa9a637 100644 --- a/roles/server/molecule/2.1.0/group_vars/all.yml +++ b/roles/server/molecule/2.1.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_var_version: "2.1.0p38" +checkmk_var_version: "2.1.0p39" checkmk_var_edition: "cre" checkmk_server_verify_setup: 'true' checkmk_var_server_url: "http://127.0.0.1/" diff --git a/roles/server/molecule/2.2.0/group_vars/all.yml b/roles/server/molecule/2.2.0/group_vars/all.yml index 9b04ff2e5..902bdc3ae 100644 --- a/roles/server/molecule/2.2.0/group_vars/all.yml +++ b/roles/server/molecule/2.2.0/group_vars/all.yml @@ -1,6 +1,6 @@ --- # General -checkmk_var_version: "2.2.0p19" +checkmk_var_version: "2.2.0p22" checkmk_var_edition: "cre" checkmk_server_verify_setup: 'true' checkmk_var_server_url: "http://127.0.0.1/" diff --git a/scripts/release.sh b/scripts/release.sh index 3c0cd27f1..328c6b1a4 100755 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -16,8 +16,8 @@ collection_dir="${script_dir%/*}" # Update these as necessary: checkmk_ancient="2.0.0p39" -checkmk_oldstable="2.1.0p38" -checkmk_stable="2.2.0p19" +checkmk_oldstable="2.1.0p39" +checkmk_stable="2.2.0p22" while getopts 's:t:' OPTION; do case "$OPTION" in diff --git a/tests/integration/targets/activation/vars/main.yml b/tests/integration/targets/activation/vars/main.yml index 839248fdd..f55a7fb56 100644 --- a/tests/integration/targets/activation/vars/main.yml +++ b/tests/integration/targets/activation/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/bakery/vars/main.yml b/tests/integration/targets/bakery/vars/main.yml index 8f0136326..f390261b6 100644 --- a/tests/integration/targets/bakery/vars/main.yml +++ b/tests/integration/targets/bakery/vars/main.yml @@ -1,9 +1,9 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cee" site: "old_cee" diff --git a/tests/integration/targets/contact_group/vars/main.yml b/tests/integration/targets/contact_group/vars/main.yml index 3fb169f3d..124c01d29 100644 --- a/tests/integration/targets/contact_group/vars/main.yml +++ b/tests/integration/targets/contact_group/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/discovery/vars/main.yml b/tests/integration/targets/discovery/vars/main.yml index ca308fbd7..53e43630a 100644 --- a/tests/integration/targets/discovery/vars/main.yml +++ b/tests/integration/targets/discovery/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/downtime/vars/main.yml b/tests/integration/targets/downtime/vars/main.yml index 839248fdd..f55a7fb56 100644 --- a/tests/integration/targets/downtime/vars/main.yml +++ b/tests/integration/targets/downtime/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/folder/vars/main.yml b/tests/integration/targets/folder/vars/main.yml index 9986aed15..30d015abd 100644 --- a/tests/integration/targets/folder/vars/main.yml +++ b/tests/integration/targets/folder/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/host/vars/main.yml b/tests/integration/targets/host/vars/main.yml index 34da9fa7f..239cd82ac 100644 --- a/tests/integration/targets/host/vars/main.yml +++ b/tests/integration/targets/host/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/host_group/vars/main.yml b/tests/integration/targets/host_group/vars/main.yml index a1e40fe1f..f6facb348 100644 --- a/tests/integration/targets/host_group/vars/main.yml +++ b/tests/integration/targets/host_group/vars/main.yml @@ -1,15 +1,15 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cme" site: "stable_cme" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_bakery/vars/main.yml b/tests/integration/targets/lookup_bakery/vars/main.yml index a28bca57c..3809fd273 100644 --- a/tests/integration/targets/lookup_bakery/vars/main.yml +++ b/tests/integration/targets/lookup_bakery/vars/main.yml @@ -1,8 +1,8 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cee" site: "old_cee" diff --git a/tests/integration/targets/lookup_folder/vars/main.yml b/tests/integration/targets/lookup_folder/vars/main.yml index a389e7128..6fed2d247 100644 --- a/tests/integration/targets/lookup_folder/vars/main.yml +++ b/tests/integration/targets/lookup_folder/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_folders/vars/main.yml b/tests/integration/targets/lookup_folders/vars/main.yml index 37681c6ef..f838892b0 100644 --- a/tests/integration/targets/lookup_folders/vars/main.yml +++ b/tests/integration/targets/lookup_folders/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_host/vars/main.yml b/tests/integration/targets/lookup_host/vars/main.yml index 0b00fd4b6..3b5e6be7f 100644 --- a/tests/integration/targets/lookup_host/vars/main.yml +++ b/tests/integration/targets/lookup_host/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_hosts/vars/main.yml b/tests/integration/targets/lookup_hosts/vars/main.yml index b84cd157d..c370444f5 100644 --- a/tests/integration/targets/lookup_hosts/vars/main.yml +++ b/tests/integration/targets/lookup_hosts/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/lookup_rules/vars/main.yml b/tests/integration/targets/lookup_rules/vars/main.yml index d4c1b2747..5f85c1230 100644 --- a/tests/integration/targets/lookup_rules/vars/main.yml +++ b/tests/integration/targets/lookup_rules/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" diff --git a/tests/integration/targets/lookup_rulesets/vars/main.yml b/tests/integration/targets/lookup_rulesets/vars/main.yml index ce9415dbb..cef6b9a8a 100644 --- a/tests/integration/targets/lookup_rulesets/vars/main.yml +++ b/tests/integration/targets/lookup_rulesets/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" diff --git a/tests/integration/targets/lookup_version/vars/main.yml b/tests/integration/targets/lookup_version/vars/main.yml index 334a5163a..a622b3980 100644 --- a/tests/integration/targets/lookup_version/vars/main.yml +++ b/tests/integration/targets/lookup_version/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/password/vars/main.yml b/tests/integration/targets/password/vars/main.yml index 0ca3adfe3..ad69bd9f9 100644 --- a/tests/integration/targets/password/vars/main.yml +++ b/tests/integration/targets/password/vars/main.yml @@ -1,15 +1,15 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cme" site: "stable_cme" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/rule/vars/main.yml b/tests/integration/targets/rule/vars/main.yml index 43aca7341..9a019eb6e 100644 --- a/tests/integration/targets/rule/vars/main.yml +++ b/tests/integration/targets/rule/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" diff --git a/tests/integration/targets/service_group/vars/main.yml b/tests/integration/targets/service_group/vars/main.yml index 8ca906c69..7b7b69f17 100644 --- a/tests/integration/targets/service_group/vars/main.yml +++ b/tests/integration/targets/service_group/vars/main.yml @@ -1,15 +1,15 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cme" site: "stable_cme" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/tag_group/vars/main.yml b/tests/integration/targets/tag_group/vars/main.yml index cc593be7c..c8cd69b17 100644 --- a/tests/integration/targets/tag_group/vars/main.yml +++ b/tests/integration/targets/tag_group/vars/main.yml @@ -1,15 +1,15 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cme" site: "stable_cme" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" - version: "2.0.0p39" diff --git a/tests/integration/targets/timeperiod/vars/main.yml b/tests/integration/targets/timeperiod/vars/main.yml index 37f0299b3..58d8a131b 100644 --- a/tests/integration/targets/timeperiod/vars/main.yml +++ b/tests/integration/targets/timeperiod/vars/main.yml @@ -1,12 +1,12 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" diff --git a/tests/integration/targets/user/vars/main.yml b/tests/integration/targets/user/vars/main.yml index beb368299..3da150a1c 100644 --- a/tests/integration/targets/user/vars/main.yml +++ b/tests/integration/targets/user/vars/main.yml @@ -1,15 +1,15 @@ --- test_sites: - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cme" site: "stable_cme" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cre" site: "stable_cre" - - version: "2.2.0p19" + - version: "2.2.0p22" edition: "cee" site: "stable_cee" - - version: "2.1.0p38" + - version: "2.1.0p39" edition: "cre" site: "old_cre" From bdc2fad7d1e0b65d540eb5f44804a3f34c9b6656 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 15 Feb 2024 14:01:33 -0500 Subject: [PATCH 107/114] Bump collection version. --- SUPPORT.md | 1 + galaxy.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/SUPPORT.md b/SUPPORT.md index 80ebb253a..8700749a5 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -49,3 +49,4 @@ Collection Version | Checkmk Versions | Ansible Versions | Remarks 4.0.1 | 2.0.0p39, 2.1.0p36, 2.2.0p16 | 2.14, 2.15, 2.16 | None 4.1.0 | 2.0.0p39, 2.1.0p37, 2.2.0p17 | 2.14, 2.15, 2.16 | None 4.2.0 | 2.0.0p39, 2.1.0p38, 2.2.0p19 | 2.14, 2.15, 2.16 | None +4.3.0 | 2.0.0p39, 2.1.0p39, 2.2.0p22 | 2.14, 2.15, 2.16 | None diff --git a/galaxy.yml b/galaxy.yml index 8e1ad3332..028a6ee41 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ name: general # The version of the collection. Must be compatible with semantic versioning -version: 4.2.0 +version: 4.3.0 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From 160f068126bc27b1b7bdcbd95d03704f8a7e3b6d Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 16 Feb 2024 09:18:24 -0500 Subject: [PATCH 108/114] Bugfix. --- tests/integration/targets/lookup_version/tasks/test.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/integration/targets/lookup_version/tasks/test.yml b/tests/integration/targets/lookup_version/tasks/test.yml index b156f5df9..63142308f 100644 --- a/tests/integration/targets/lookup_version/tasks/test.yml +++ b/tests/integration/targets/lookup_version/tasks/test.yml @@ -17,9 +17,10 @@ ansible.builtin.assert: that: "outer_item.version in looked_up_version.msg" -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Get Checkmk version." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call." ansible.builtin.assert: that: "outer_item.version in looked_up_version.msg" vars: version: "{{ lookup('checkmk.general.version') }}" delegate_to: localhost + register: looked_up_version From d46ce0a06a79625d0a9cbed48aeab516243f7285 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 16 Feb 2024 09:18:46 -0500 Subject: [PATCH 109/114] Enable extended integration tests, using a hack. --- .../integration/files/includes/vars/global.yml | 12 ++++++++---- .../targets/lookup_bakery/tasks/test.yml | 18 +++++++----------- .../targets/lookup_folder/tasks/test.yml | 1 + .../targets/lookup_folders/tasks/test.yml | 3 ++- .../targets/lookup_host/tasks/test.yml | 1 + .../targets/lookup_hosts/tasks/test.yml | 1 + .../targets/lookup_rules/tasks/test.yml | 2 ++ .../targets/lookup_rulesets/tasks/test.yml | 2 ++ .../targets/lookup_version/tasks/test.yml | 1 + 9 files changed, 25 insertions(+), 16 deletions(-) diff --git a/tests/integration/files/includes/vars/global.yml b/tests/integration/files/includes/vars/global.yml index e56ed6faf..f243be9f5 100644 --- a/tests/integration/files/includes/vars/global.yml +++ b/tests/integration/files/includes/vars/global.yml @@ -16,8 +16,12 @@ checkmk_server_edition_mapping: cce: cloud cme: managed -ansible_lookup_checkmk_server_url: "{{ checkmk_var_server_url }}" -ansible_lookup_checkmk_site: "{{ outer_item.site }}" -ansible_lookup_checkmk_automation_user: "{{ checkmk_var_automation_user }}" -ansible_lookup_checkmk_automation_secret: "{{ checkmk_var_automation_secret }}" + +# This is a very hacky workaround, as it is not possible to assign variables +# to other variables when using them in lookup modules. +ansible_lookup_checkmk_server_url: "http://127.0.0.1" +ansible_lookup_checkmk_site: "stable_cee" # This is especially hacky. + # All integration tests were adapted to run the specific task only on this site. +ansible_lookup_checkmk_automation_user: "cmkadmin" +ansible_lookup_checkmk_automation_secret: "Sup3rSec4et!" ansible_lookup_checkmk_validate_certs: false diff --git a/tests/integration/targets/lookup_bakery/tasks/test.yml b/tests/integration/targets/lookup_bakery/tasks/test.yml index 034b88552..a24572023 100644 --- a/tests/integration/targets/lookup_bakery/tasks/test.yml +++ b/tests/integration/targets/lookup_bakery/tasks/test.yml @@ -22,17 +22,13 @@ ("'exception' in looked_up_bakery.msg") - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call." - ansible.builtin.debug: - msg: "Bakery status is {{ bakery }}" + ansible.builtin.assert: + that: ("'finished' in bakery.msg") or + ("'running' in bakery.msg") or + ("'initialized' in bakery.msg") or + ("'stopped' in bakery.msg") or + ("'exception' in bakery.msg") vars: bakery: "{{ lookup('checkmk.general.bakery') }}" delegate_to: localhost - register: looked_up_bakery - -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Verify bakery status." - ansible.builtin.assert: - that: ("'finished' in looked_up_bakery.msg") or - ("'running' in looked_up_bakery.msg") or - ("'initialized' in looked_up_bakery.msg") or - ("'stopped' in looked_up_bakery.msg") or - ("'exception' in looked_up_bakery.msg") + when: outer_item.edition == "stable_cee" diff --git a/tests/integration/targets/lookup_folder/tasks/test.yml b/tests/integration/targets/lookup_folder/tasks/test.yml index f028883c9..11522c352 100644 --- a/tests/integration/targets/lookup_folder/tasks/test.yml +++ b/tests/integration/targets/lookup_folder/tasks/test.yml @@ -65,3 +65,4 @@ extensions: "{{ lookup('checkmk.general.folder', checkmk_folder.path) }}" delegate_to: localhost run_once: true # noqa run-once[task] + when: outer_item.edition == "stable_cee" diff --git a/tests/integration/targets/lookup_folders/tasks/test.yml b/tests/integration/targets/lookup_folders/tasks/test.yml index 8852389d4..f7109c8bc 100644 --- a/tests/integration/targets/lookup_folders/tasks/test.yml +++ b/tests/integration/targets/lookup_folders/tasks/test.yml @@ -64,7 +64,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] -- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Verify number of folders." +- name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call." ansible.builtin.assert: # The looked up list contains the main folder, as well. that: "( 1 + checkmk_var_folders|length ) == folders|length" @@ -72,3 +72,4 @@ folders: "{{ lookup('checkmk.general.folders', '/', recursive=True) }}" delegate_to: localhost run_once: true # noqa run-once[task] + when: outer_item.edition == "stable_cee" diff --git a/tests/integration/targets/lookup_host/tasks/test.yml b/tests/integration/targets/lookup_host/tasks/test.yml index e10ac167d..c5f98fb5f 100644 --- a/tests/integration/targets/lookup_host/tasks/test.yml +++ b/tests/integration/targets/lookup_host/tasks/test.yml @@ -52,3 +52,4 @@ extensions: "{{ lookup('checkmk.general.host', checkmk_host.name) }}" delegate_to: localhost run_once: true # noqa run-once[task] + when: outer_item.edition == "stable_cee" diff --git a/tests/integration/targets/lookup_hosts/tasks/test.yml b/tests/integration/targets/lookup_hosts/tasks/test.yml index e9b50d1e7..8642c7ad3 100644 --- a/tests/integration/targets/lookup_hosts/tasks/test.yml +++ b/tests/integration/targets/lookup_hosts/tasks/test.yml @@ -52,3 +52,4 @@ folders: "{{ lookup('checkmk.general.hosts') }}" delegate_to: localhost run_once: true # noqa run-once[task] + when: outer_item.edition == "stable_cee" diff --git a/tests/integration/targets/lookup_rules/tasks/test.yml b/tests/integration/targets/lookup_rules/tasks/test.yml index eda80fa72..3189b24af 100644 --- a/tests/integration/targets/lookup_rules/tasks/test.yml +++ b/tests/integration/targets/lookup_rules/tasks/test.yml @@ -103,6 +103,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] loop: "{{ cpu_load_ruleset.rules }}" + when: outer_item.edition == "stable_cee" - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call: rules." ansible.builtin.assert: @@ -113,3 +114,4 @@ delegate_to: localhost run_once: true # noqa run-once[task] loop: "{{ checkmk_rulesets }}" + when: outer_item.edition == "stable_cee" diff --git a/tests/integration/targets/lookup_rulesets/tasks/test.yml b/tests/integration/targets/lookup_rulesets/tasks/test.yml index 94eb8d998..4055ea615 100644 --- a/tests/integration/targets/lookup_rulesets/tasks/test.yml +++ b/tests/integration/targets/lookup_rulesets/tasks/test.yml @@ -90,6 +90,7 @@ delegate_to: localhost run_once: true # noqa run-once[task] loop: "{{ checkmk_ruleset_regexes }}" + when: outer_item.edition == "stable_cee" - name: "{{ outer_item.version }} - {{ outer_item.edition | upper }} - Use variables outside the module call: rulesets." ansible.builtin.debug: @@ -98,3 +99,4 @@ rulesets: "{{ lookup('checkmk.general.rulesets', regex='file', rulesets_used=False, rulesets_deprecated=False) }}" delegate_to: localhost run_once: true # noqa run-once[task] + when: outer_item.edition == "stable_cee" diff --git a/tests/integration/targets/lookup_version/tasks/test.yml b/tests/integration/targets/lookup_version/tasks/test.yml index 63142308f..49dfb9ae7 100644 --- a/tests/integration/targets/lookup_version/tasks/test.yml +++ b/tests/integration/targets/lookup_version/tasks/test.yml @@ -24,3 +24,4 @@ version: "{{ lookup('checkmk.general.version') }}" delegate_to: localhost register: looked_up_version + when: outer_item.edition == "stable_cee" From 28ac0dc3fd9e6ac2e888feb79902a64831919186 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 16 Feb 2024 11:09:18 -0500 Subject: [PATCH 110/114] Document known issues and limitations. --- changelogs/fragments/lookups.yml | 7 ++++++- plugins/lookup/bakery.py | 2 ++ plugins/lookup/folder.py | 2 ++ plugins/lookup/folders.py | 2 ++ plugins/lookup/host.py | 2 ++ plugins/lookup/hosts.py | 2 ++ plugins/lookup/rule.py | 2 ++ plugins/lookup/rules.py | 2 ++ plugins/lookup/ruleset.py | 2 ++ plugins/lookup/rulesets.py | 2 ++ plugins/lookup/version.py | 2 ++ 11 files changed, 26 insertions(+), 1 deletion(-) diff --git a/changelogs/fragments/lookups.yml b/changelogs/fragments/lookups.yml index c9c3e4d80..1c8d0172f 100644 --- a/changelogs/fragments/lookups.yml +++ b/changelogs/fragments/lookups.yml @@ -1,4 +1,9 @@ minor_changes: - Lookup modules - Enable usage of ini files, environment and inventory variables - to configure basic settings for the lookup plugins, like the server_url and site + to configure basic settings for the lookup plugins, like e.g., the server_url or site alongside the authentication options. Refer to the module documentation for details. + +known_issues: + - Lookup modules - When using inventory variables to configure e.g., the server_url, + it is not possible to assign other variables to these variables. + This is a limitation of Ansble itself. diff --git a/plugins/lookup/bakery.py b/plugins/lookup/bakery.py index 712006101..6308bb351 100644 --- a/plugins/lookup/bakery.py +++ b/plugins/lookup/bakery.py @@ -79,6 +79,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/folder.py b/plugins/lookup/folder.py index bf00737f6..a2b5db1cd 100644 --- a/plugins/lookup/folder.py +++ b/plugins/lookup/folder.py @@ -83,6 +83,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/folders.py b/plugins/lookup/folders.py index 03d260728..4a18d7aaf 100644 --- a/plugins/lookup/folders.py +++ b/plugins/lookup/folders.py @@ -96,6 +96,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/host.py b/plugins/lookup/host.py index 6db71d786..af9a191fc 100644 --- a/plugins/lookup/host.py +++ b/plugins/lookup/host.py @@ -89,6 +89,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/hosts.py b/plugins/lookup/hosts.py index d2ac43106..50756e84a 100644 --- a/plugins/lookup/hosts.py +++ b/plugins/lookup/hosts.py @@ -86,6 +86,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/rule.py b/plugins/lookup/rule.py index e6c0447ff..105f39034 100644 --- a/plugins/lookup/rule.py +++ b/plugins/lookup/rule.py @@ -83,6 +83,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/rules.py b/plugins/lookup/rules.py index 9d0620b2f..c36349ea7 100644 --- a/plugins/lookup/rules.py +++ b/plugins/lookup/rules.py @@ -93,6 +93,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/ruleset.py b/plugins/lookup/ruleset.py index af23d7dd8..790fd7db9 100644 --- a/plugins/lookup/ruleset.py +++ b/plugins/lookup/ruleset.py @@ -83,6 +83,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/rulesets.py b/plugins/lookup/rulesets.py index fb50b21f2..10acc985d 100644 --- a/plugins/lookup/rulesets.py +++ b/plugins/lookup/rulesets.py @@ -102,6 +102,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ diff --git a/plugins/lookup/version.py b/plugins/lookup/version.py index e603819a6..389876af2 100644 --- a/plugins/lookup/version.py +++ b/plugins/lookup/version.py @@ -79,6 +79,8 @@ If you need to use different permissions, you must change the command or run Ansible as another user. - Alternatively, you can use a shell/command task that runs against localhost and registers the result. - The directory of the play is used as the current working directory. + - It is B(NOT) possible to assign other variables to the variables mentioned in the C(vars) section! + This is a limitation of Ansible itself. """ EXAMPLES = """ From a01a6d3f381d38a1508c9d0d5e3bbd1598abab08 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 16 Feb 2024 11:23:53 -0500 Subject: [PATCH 111/114] Minor update to README. --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index 5d32abd4e..498975512 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,9 @@ Checkmk and keep your daily operations smooth and efficient. ## Here be dragons! This collection is provided AS IS and we cannot guarantee proper functionality. + Additionally, there is no commercial support whatsoever! + This is an open source endeavour, on which we want to collaborate with the community. [![Ansible Sanity Tests](https://github.com/Checkmk/ansible-collection-checkmk.general/actions/workflows/ansible-sanity-tests.yaml/badge.svg)](https://github.com/Checkmk/ansible-collection-checkmk.general/actions/workflows/ansible-sanity-tests.yaml) @@ -42,6 +44,7 @@ Name | Description --> ### Lookup plugins +Click on the lookup plugin name below, to get detailed documentation about it. Name | Description | Tests --- | --- | --- @@ -57,6 +60,7 @@ Name | Description | Tests [checkmk.general.version](https://github.com/Checkmk/ansible-collection-checkmk.general/blob/main/plugins/lookup/version.py)|Look up version and edition information.|[![Integration Tests for Version Lookup Module](https://github.com/Checkmk/ansible-collection-checkmk.general/actions/workflows/ans-int-test-lkp-version.yaml/badge.svg)](https://github.com/Checkmk/ansible-collection-checkmk.general/actions/workflows/ans-int-test-lkp-version.yaml) ### Modules +Click on the module name below, to get detailed documentation about it. Name | Description | Tests --- | --- | --- @@ -74,6 +78,7 @@ Name | Description | Tests [checkmk.general.user](https://github.com/Checkmk/ansible-collection-checkmk.general/blob/main/plugins/modules/user.py)|Manage users.|[![Integration Tests for User Module](https://github.com/Checkmk/ansible-collection-checkmk.general/actions/workflows/ans-int-test-user.yaml/badge.svg)](https://github.com/Checkmk/ansible-collection-checkmk.general/actions/workflows/ans-int-test-user.yaml) ### Roles +Click on the role name below, to get documentation about the role. Name | Description | Tests --- | --- | --- From 5472f93a5a39bc817affc7ac71e079d16ff4c22c Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 16 Feb 2024 11:27:19 -0500 Subject: [PATCH 112/114] Add dedicated README for lookup plugins. --- README.md | 1 + plugins/lookup/README.md | 57 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 plugins/lookup/README.md diff --git a/README.md b/README.md index 498975512..4d2772925 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,7 @@ Name | Description ### Lookup plugins Click on the lookup plugin name below, to get detailed documentation about it. +For more in-depth documentation, see [this README](https://github.com/Checkmk/ansible-collection-checkmk.general/blob/main/plugins/lookup/README.md). Name | Description | Tests --- | --- | --- diff --git a/plugins/lookup/README.md b/plugins/lookup/README.md new file mode 100644 index 000000000..c5b855619 --- /dev/null +++ b/plugins/lookup/README.md @@ -0,0 +1,57 @@ +# Lookup Plugins + +## Using variables for Lookup plugins +It is possible to set variables for authentication globally for lookup plugins. +This way, they do not need to be provided at task level. + +### Method 1: Environment variables +```bash +export ANSIBLE_LOOKUP_CHECKMK_SERVER_URL="https://myserver" +export ANSIBLE_LOOKUP_CHECKMK_SITE=mysite +export ANSIBLE_LOOKUP_AUTOMATION_USER=automation +export ANSIBLE_LOOKUP_AUTOMATION_SECRET=mysecret +export ANSIBLE_LOOKUP_VALIDATE_CERTS=False +``` + +### Method 2: In `ansible.cfg` +```ini +[checkmk_lookup] +server_url = https://myserver +site = mysite +automation_user = automation +automation_secret = mysecret +validate_certs = False + +``` + +### Method 3: In playbooks or the inventory +```yaml +- name: My Task + hosts: localhost + gather_facts: false + vars: + ansible_lookup_checkmk_server_url: "https://myserver" + ansible_lookup_checkmk_site: "mysite" + ansible_lookup_automation_user: "automation" + ansible_lookup_automation_secret: "mysecret" + ansible_lookup_validate_certs: false + + tasks: + - name: Get the attributes of myhost + ansible.builtin.debug: + msg: "Attributes of myhost: {{ attributes }}" + vars: + attributes: "{{ lookup('checkmk.general.host', 'myhost', effective_attributes=True) }}" +``` + +### Example +The following task will work, if one of the above methods has been applied. +```yaml +- name: My Task + tasks: + - name: Get the attributes of myhost + ansible.builtin.debug: + msg: "Attributes of myhost: {{ attributes }}" + vars: + attributes: "{{ lookup('checkmk.general.host', 'myhost', effective_attributes=True) }}" +``` From 607ed96c756111937dee783e8b9e92dc504c5a06 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 16 Feb 2024 13:44:05 -0500 Subject: [PATCH 113/114] Add missing changelogs. --- changelogs/fragments/parents.yml | 5 +++++ changelogs/fragments/release_summary.yml | 2 +- changelogs/fragments/rule.yml | 4 ++++ 3 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/parents.yml create mode 100644 changelogs/fragments/rule.yml diff --git a/changelogs/fragments/parents.yml b/changelogs/fragments/parents.yml new file mode 100644 index 000000000..b979b09b5 --- /dev/null +++ b/changelogs/fragments/parents.yml @@ -0,0 +1,5 @@ +bugfixes: + - Host module - Parents will be parsed properly now. + This means, that parents given as a string will now be parsed as a list of one. + - Folder module - Parents will be parsed properly now. + This means, that parents given as a string will now be parsed as a list of one. diff --git a/changelogs/fragments/release_summary.yml b/changelogs/fragments/release_summary.yml index 61a046a26..378cdb716 100644 --- a/changelogs/fragments/release_summary.yml +++ b/changelogs/fragments/release_summary.yml @@ -1 +1 @@ -release_summary: "Folders, build related changed and the environment." +release_summary: "Reworking the CI, enhancing code quality and improving modules." diff --git a/changelogs/fragments/rule.yml b/changelogs/fragments/rule.yml new file mode 100644 index 000000000..03b6872ef --- /dev/null +++ b/changelogs/fragments/rule.yml @@ -0,0 +1,4 @@ +minor_changes: + - Rule module - Introduce rule_id to uniquely identify rules. + This ID can be retrieved e.g., using the lookup plugin. + Refer to the module documentation for further details. From 6289a5c7541285bcfd1ebca48a10d8481f776c6d Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 16 Feb 2024 14:25:40 -0500 Subject: [PATCH 114/114] Add missing changelog. --- changelogs/fragments/user.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 changelogs/fragments/user.yml diff --git a/changelogs/fragments/user.yml b/changelogs/fragments/user.yml new file mode 100644 index 000000000..0d4ed82b5 --- /dev/null +++ b/changelogs/fragments/user.yml @@ -0,0 +1,2 @@ +bugfixes: + - User module - Fix bug, where an absent user was created, if 'reset_password' was used.