From af219b67ca7f3492ec2d3653c3861d72fa44284d Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 11 Aug 2022 15:54:38 +0200 Subject: [PATCH 01/31] Update variables for authentication. --- roles/agent/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index 148eb3f4d..78f84b8cf 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -5,7 +5,8 @@ checkmk_agent_protocol: http checkmk_agent_server: localhost checkmk_agent_site: my_site checkmk_agent_user: "{{ automation_user | default('automation') }}" -checkmk_agent_pass: "{{ automation_secret | default('SECRET') }}" +checkmk_agent_pass: "{{ automation_secret | default('PASSWORD') }}" +checkmk_agent_secret: "{{ automation_secret | default('SECRET') }}" checkmk_agent_add_host: 'false' checkmk_agent_discover: 'false' checkmk_agent_update: 'false' From 16fa3aa6c6e1e8a7e856ab27064885df95984009 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Wed, 24 Aug 2022 14:30:45 +0200 Subject: [PATCH 02/31] WIP: Improve auth handling of agent role. --- roles/agent/tasks/main.yml | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 91c27f72d..8def17b1f 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -36,23 +36,41 @@ delegate_to: "{{ checkmk_agent_delegate_api_calls }}" when: checkmk_agent_add_host | bool -- name: "Register Agent for automatic Upates." +- name: "Register Agent for automatic Upates using User Password." become: true ansible.builtin.shell: | cmk-update-agent register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} -p {{ checkmk_agent_protocol }} \ -U {{ checkmk_agent_user }} -S {{ checkmk_agent_pass }} register: checkmk_agent_update_state - when: (checkmk_agent_edition == "cee") and checkmk_agent_update | bool + when: (checkmk_agent_edition == "cee") and (checkmk_agent_update | bool) and ( checkmk_agent_pass | length ) -- name: "Register Agent for TLS." +- name: "Register Agent for automatic Upates using Automation Secret." + become: true + ansible.builtin.shell: | + cmk-update-agent register -H {{ checkmk_agent_host_name }} \ + -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} -p {{ checkmk_agent_protocol }} \ + -U {{ checkmk_agent_user }} -S {{ checkmk_agent_pass }} + register: checkmk_agent_update_state + when: (checkmk_agent_edition == "cee") and (checkmk_agent_update | bool) and ( checkmk_agent_secret | length ) + +- name: "Register Agent for TLS using User Password." + become: true + ansible.builtin.shell: | + cmk-agent-ctl register -H {{ checkmk_agent_host_name }} \ + -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} \ + -U {{ checkmk_agent_user }} -P {{ checkmk_agent_pass }} --trust-cert + register: checkmk_agent_tls_state + when: (checkmk_agent_edition == "cee") and (checkmk_agent_tls | bool) and ( checkmk_agent_pass | length ) + +- name: "Register Agent for TLS using Automation Secret." become: true ansible.builtin.shell: | cmk-agent-ctl register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} \ -U {{ checkmk_agent_user }} -P {{ checkmk_agent_pass }} --trust-cert register: checkmk_agent_tls_state - when: (checkmk_agent_edition == "cee") and checkmk_agent_tls | bool + when: (checkmk_agent_edition == "cee") and (checkmk_agent_tls | bool) and ( checkmk_agent_secret | length ) - name: "Discover services and labels on host." tribe29.checkmk.discovery: From 20d01ac2bee7cfdcad645d8de07f6c7b5deaf98f Mon Sep 17 00:00:00 2001 From: diademiemi Date: Wed, 24 Aug 2022 16:22:01 +0200 Subject: [PATCH 03/31] Add tags to agent role --- roles/agent/tasks/Debian.yml | 10 ++++++++++ roles/agent/tasks/RedHat.yml | 12 ++++++++++++ roles/agent/tasks/Suse.yml | 12 ++++++++++++ roles/agent/tasks/legacy.yml | 4 ++++ roles/agent/tasks/main.yml | 2 ++ 5 files changed, 40 insertions(+) diff --git a/roles/agent/tasks/Debian.yml b/roles/agent/tasks/Debian.yml index 09b3c9586..b6a27696e 100644 --- a/roles/agent/tasks/Debian.yml +++ b/roles/agent/tasks/Debian.yml @@ -12,6 +12,8 @@ # This task may fail, as we fall back to the generic agent in that case failed_when: 'false' changed_when: 'false' + tags: + - download_package - name: "Debian Derivates: Install host-specific Checkmk CEE Agent." become: true @@ -19,6 +21,8 @@ deb: "{{ checkmk_agent_agent.file.host }}" state: present when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 + tags: + - install_package - name: "Debian Derivates: Download GENERIC Checkmk CEE Agent." ansible.builtin.uri: @@ -29,6 +33,8 @@ Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + tags: + - download_package - name: "Debian Derivates: Install GENERIC Checkmk CEE Agent." become: true @@ -36,6 +42,8 @@ deb: "{{ checkmk_agent_agent.file.cee }}" state: present when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + tags: + - install_package - name: "Debian Derivates: Install Checkmk CRE Agent." become: true @@ -43,3 +51,5 @@ deb: "{{ checkmk_agent_agent.file.cre }}" state: present when: checkmk_agent_edition == "cre" + tags: + - install_package diff --git a/roles/agent/tasks/RedHat.yml b/roles/agent/tasks/RedHat.yml index 77439059c..310f99fd3 100644 --- a/roles/agent/tasks/RedHat.yml +++ b/roles/agent/tasks/RedHat.yml @@ -12,6 +12,8 @@ # This task may fail, as we fall back to the generic agent in that case failed_when: 'false' changed_when: 'false' + tags: + - download_package - name: "RedHat Derivates: Install host-specific Checkmk CEE Agent." become: true @@ -20,6 +22,8 @@ state: present disable_gpg_check: true when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 + tags: + - install_package - name: "RedHat Derivates: Download GENERIC Checkmk CEE Agent." ansible.builtin.uri: @@ -30,6 +34,8 @@ Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + tags: + - download_package - name: "RedHat Derivates: Install Checkmk CRE Agent." become: true @@ -38,6 +44,8 @@ state: present disable_gpg_check: true when: checkmk_agent_edition == "cre" + tags: + - install_package - name: "RedHat Derivates: Install GENERIC Checkmk CEE Agent." become: true @@ -46,6 +54,8 @@ state: present disable_gpg_check: true when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + tags: + - install_package - name: "RedHat Derivates: Install Checkmk CRE Agent." become: true @@ -54,6 +64,8 @@ state: present disable_gpg_check: true when: checkmk_agent_edition == "cre" + tags: + - install_package - name: "Configure Firewall for Agent." block: diff --git a/roles/agent/tasks/Suse.yml b/roles/agent/tasks/Suse.yml index 858d82be3..36c3c9053 100644 --- a/roles/agent/tasks/Suse.yml +++ b/roles/agent/tasks/Suse.yml @@ -12,6 +12,8 @@ # This task may fail, as we fall back to the generic agent in that case failed_when: 'false' changed_when: 'false' + tags: + - download_package - name: "Suse Derivates: Install host-specific Checkmk CEE Agent." become: true @@ -20,6 +22,8 @@ state: present disable_gpg_check: true when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 + tags: + - install_package - name: "Suse Derivates: Download GENERIC Checkmk CEE Agent." ansible.builtin.uri: @@ -30,6 +34,8 @@ Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + tags: + - download_package - name: "Suse Derivates: Install Checkmk CRE Agent." become: true @@ -38,6 +44,8 @@ state: present disable_gpg_check: true when: checkmk_agent_edition == "cre" + tags: + - install_package - name: "Suse Derivates: Install GENERIC Checkmk CEE Agent." become: true @@ -46,6 +54,8 @@ state: present disable_gpg_check: true when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + tags: + - install_package - name: "Suse Derivates: Install Checkmk CRE Agent." become: true @@ -54,3 +64,5 @@ state: present disable_gpg_check: true when: checkmk_agent_edition == "cre" + tags: + - install_package diff --git a/roles/agent/tasks/legacy.yml b/roles/agent/tasks/legacy.yml index fd7521c05..c103c28b2 100644 --- a/roles/agent/tasks/legacy.yml +++ b/roles/agent/tasks/legacy.yml @@ -3,9 +3,13 @@ ansible.builtin.package: name: xinetd state: present + tags: + - install_package - name: "Enable xinetd" ansible.builtin.service: name: xinetd state: started enabled: true + tags: + - enable_service diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 91c27f72d..b5b31403d 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -16,6 +16,8 @@ dest: "{{ checkmk_agent_agent.file.cre }}" mode: 0640 when: checkmk_agent_edition == "cre" + tags: + - download_package - name: "Run OS Family specific Tasks." ansible.builtin.include_tasks: "{{ ansible_os_family }}.yml" From a65c2350fe07a24a90be2597e7ccaae3ce738fec Mon Sep 17 00:00:00 2001 From: diademiemi Date: Wed, 24 Aug 2022 16:33:00 +0200 Subject: [PATCH 04/31] Add tags to server tasks --- roles/server/tasks/Debian.yml | 2 ++ roles/server/tasks/RedHat.yml | 6 ++++++ roles/server/tasks/main.yml | 11 +++++++++++ roles/server/tasks/sites.yml | 14 ++++++++++++++ roles/server/tasks/update-site.yml | 4 ++++ 5 files changed, 37 insertions(+) diff --git a/roles/server/tasks/Debian.yml b/roles/server/tasks/Debian.yml index baf71a52c..696a66839 100644 --- a/roles/server/tasks/Debian.yml +++ b/roles/server/tasks/Debian.yml @@ -5,3 +5,5 @@ deb: "/tmp/{{ checkmk_server_setup_file }}" update_cache: 'yes' state: present + tags: + - install_package diff --git a/roles/server/tasks/RedHat.yml b/roles/server/tasks/RedHat.yml index 1d1115226..5d3dc3aeb 100644 --- a/roles/server/tasks/RedHat.yml +++ b/roles/server/tasks/RedHat.yml @@ -3,6 +3,8 @@ become: true ansible.builtin.shell: dnf config-manager --set-enabled powertools # noqa command-instead-of-shell when: ansible_distribution_major_version == "8" + tags: + - enable_powertools - name: "Install Checkmk Server." become: true @@ -10,6 +12,8 @@ name: "/tmp/{{ checkmk_server_setup_file }}" state: present disable_gpg_check: '{{ not checkmk_server_verify_setup | bool }}' + tags: + - install_package - name: "Enable httpd can network connect selinux boolean." become: true @@ -18,6 +22,8 @@ state: true persistent: true when: ansible_facts.selinux.status == 'enabled' + tags: + - set_selinux_boolean - name: "Open firewall ports." become: true diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index c103bd17b..f0e5d818d 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -20,6 +20,9 @@ state: present loop: - "{{ checkmk_server_prerequisites }}" + tags: + - install_package + - install_prerequisites - name: "Download Checkmk Server Setup." ansible.builtin.get_url: @@ -28,6 +31,8 @@ mode: 0640 url_username: "{{ checkmk_server_download_user | default(omit) }}" url_password: "{{ checkmk_server_download_pass | default(omit) }}" + tags: + - download_package - name: "Download Checkmk GPG Key." ansible.builtin.get_url: @@ -35,12 +40,16 @@ dest: "/tmp/Check_MK-pubkey.gpg" mode: 0640 when: checkmk_server_verify_setup | bool + tags: + - download_gpg_key - name: "GPG Verification on Debian Derivates." block: - name: "Import Checkmk GPG Key." ansible.builtin.command: "gpg --import /tmp/Check_MK-pubkey.gpg" when: checkmk_server_verify_setup | bool + tags: + - import_gpg_key - name: "Verify Checkmk Setup." ansible.builtin.command: dpkg-sig --verify "/tmp/{{ checkmk_server_setup_file }}" @@ -59,6 +68,8 @@ key: "/tmp/Check_MK-pubkey.gpg" state: present when: checkmk_server_verify_setup | bool and ansible_os_family == "RedHat" + tags: + - import_gpg_key - name: Include OS Family specific Playbook. ansible.builtin.include_tasks: "{{ ansible_os_family }}.yml" diff --git a/roles/server/tasks/sites.yml b/roles/server/tasks/sites.yml index c1f41a0b6..51e06ecfc 100644 --- a/roles/server/tasks/sites.yml +++ b/roles/server/tasks/sites.yml @@ -11,6 +11,8 @@ loop: "{{ checkmk_server_sites }}" when: item.state != "absent" register: checkmk_server_sites_created + tags: + - create_sites - name: "Get site version." become: true @@ -23,11 +25,15 @@ changed_when: "checkmk_server_sites_versions.stdout != item.version + '.' + checkmk_server_edition" when: item.state != "absent" register: checkmk_server_sites_versions + tags: + - update_sites - name: "Include update site tasks." ansible.builtin.include_tasks: update-site.yml loop: "{{ checkmk_server_sites_versions.results }}" when: "item.changed" + tags: + - update_sites - name: "Start Sites." become: true @@ -41,6 +47,8 @@ loop: "{{ checkmk_server_sites }}" when: item.state == "started" register: checkmk_server_sites_started + tags: + - start_sites - name: "Stop Sites." become: true @@ -54,6 +62,8 @@ loop: "{{ checkmk_server_sites }}" when: (item.state == "absent") or (item.state == "stopped") register: checkmk_server_sites_stopped + tags: + - stop_sites - name: "Destroy Sites." become: true @@ -67,6 +77,8 @@ loop: "{{ checkmk_server_sites }}" when: item.state == "absent" register: checkmk_server_sites_removed + tags: + - destroy_sites - name: "Update Site Admin Password." become: true @@ -78,3 +90,5 @@ no_log: true loop: "{{ checkmk_server_sites }}" when: item.state != "absent" + tags: + - set_site_admin_pw diff --git a/roles/server/tasks/update-site.yml b/roles/server/tasks/update-site.yml index 2266c49b0..17e9e7bc2 100644 --- a/roles/server/tasks/update-site.yml +++ b/roles/server/tasks/update-site.yml @@ -31,6 +31,8 @@ This can take a while! The site will be down during the update when: | item.item.version | regex_replace('p.*', '') == item.stdout | regex_replace('p.*', '') + tags: + - update_pause - name: "Long pause for major update." ansible.builtin.pause: @@ -42,6 +44,8 @@ This can take a while! The site will be down during the update when: | item.item.version | regex_replace('p.*', '') != item.stdout | regex_replace('p.*', '') + tags: + - update_pause - name: "Create backup of site." become: true From e7d6d5e6c1916456219e5de6905a8f1227a43193 Mon Sep 17 00:00:00 2001 From: diademiemi Date: Wed, 24 Aug 2022 16:33:34 +0200 Subject: [PATCH 05/31] Add install_prerequisites to legacy agent task --- roles/agent/tasks/legacy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/agent/tasks/legacy.yml b/roles/agent/tasks/legacy.yml index c103c28b2..278800fe5 100644 --- a/roles/agent/tasks/legacy.yml +++ b/roles/agent/tasks/legacy.yml @@ -5,6 +5,7 @@ state: present tags: - install_package + - install_prerequisites - name: "Enable xinetd" ansible.builtin.service: From 5411f328b20b39376512e4ecb5e779fb506f47a7 Mon Sep 17 00:00:00 2001 From: diademiemi Date: Wed, 24 Aug 2022 16:56:01 +0200 Subject: [PATCH 06/31] Don't hardcore host attributes --- roles/agent/defaults/main.yml | 3 +++ roles/agent/tasks/main.yml | 4 +--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index 148eb3f4d..fa8112a30 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -14,6 +14,9 @@ checkmk_agent_configure_firewall: 'true' checkmk_agent_prep_legacy: 'false' checkmk_agent_delegate_api_calls: localhost checkmk_agent_host_name: "{{ inventory_hostname }}" +checkmk_agent_host_attributes: + ipaddress: "{{ checkmk_agent_host_ip | default(omit) }}" + tag_agent: 'cmk-agent' # If you trust your local hostnames, you could also use the following # to use the local hostname instead of the inventory hostname: diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 91c27f72d..c72152a01 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -28,9 +28,7 @@ automation_secret: "{{ checkmk_agent_pass }}" folder: "{{ checkmk_agent_folder | default(omit) }}" host_name: "{{ checkmk_agent_host_name }}" - attributes: - ipaddress: "{{ checkmk_agent_host_ip | default(omit) }}" - tag_agent: 'cmk-agent' # ToDo: Do we want to hardcode this? + attributes: "{{ checkmk_agent_host_attributes }}" register: checkmk_agent_create_result failed_when: checkmk_agent_create_result.failed is true and "The host is already part of the specified target folder" not in checkmk_agent_create_result.msg delegate_to: "{{ checkmk_agent_delegate_api_calls }}" From a8917b5086857f87c06bf4b4e5c7c436b19a529c Mon Sep 17 00:00:00 2001 From: diademiemi Date: Wed, 24 Aug 2022 16:58:26 +0200 Subject: [PATCH 07/31] Document in README --- roles/agent/README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/agent/README.md b/roles/agent/README.md index d5c533b0d..a1f657e78 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -79,6 +79,13 @@ Define the hostname which will be used to add the host to Checkmk. Define an IP address which will be added to the host in Checkmk. This is optional, as long as the hostname is DNS-resolvable. + + checkmk_agent_host_attributes: + ipaddress: "{{ checkmk_agent_host_ip | default(omit) }}" + tag_agent: 'cmk-agent' + +Define attributes with which the host will be added to Checkmk. + ## Dependencies From a8b9de7c66390b3203831cd64acf0b402e989a25 Mon Sep 17 00:00:00 2001 From: diademiemi Date: Wed, 24 Aug 2022 17:11:09 +0200 Subject: [PATCH 08/31] Add tags to include tasks --- roles/agent/tasks/main.yml | 8 +++++++- roles/server/tasks/main.yml | 4 ++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index b5b31403d..7c8a20331 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -1,14 +1,18 @@ --- - name: "Include Derivate specific Variables." ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" + tags: + - include_os_family_vars - name: "Get RPM or APT package facts." ansible.builtin.package_facts: manager: "auto" + tags: + - get_package_facts - name: "Import Legacy agent tasks." ansible.builtin.include_tasks: "legacy.yml" - when: ansible_facts.packages['systemd'][0]['version'] | regex_search('\d{1,}') | int < 220 and checkmk_agent_prep_legacy | bool + when: checkmk_agent_prep_legacy | bool and ansible_facts.packages['systemd'][0]['version'] | regex_search('\d{1,}') | int < 220 - name: "Download Checkmk CRE Agent." ansible.builtin.get_url: @@ -21,6 +25,8 @@ - name: "Run OS Family specific Tasks." ansible.builtin.include_tasks: "{{ ansible_os_family }}.yml" + tags: + - include_os_family_tasks - name: "Create host on server." tribe29.checkmk.host: diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index f0e5d818d..0b9ef6bc7 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -8,10 +8,14 @@ - name: "Include OS Family specific Variables." ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" + tags: + - include_os_family_vars - name: "Include RHEL Version specific Variables." ansible.builtin.include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" when: ansible_os_family == "RedHat" + tags: + - include_rhel_version_vars - name: "Install Checkmk Prerequisites." become: true From f1119111bad3ab6e8ddce5ef48bfa0718af15187 Mon Sep 17 00:00:00 2001 From: robin-tribe29 Date: Thu, 25 Aug 2022 07:16:18 +0000 Subject: [PATCH 09/31] Update Docs and Changelogs --- CHANGELOG.rst | 19 +++++++++++++++++++ changelogs/.plugin-cache.yaml | 2 +- .../0.6.0}/bugfix_agent_role.yml | 0 .../0.6.0}/release_summary.yml | 0 .../0.6.0}/server_update_feature.yml | 0 changelogs/changelog.yaml | 14 ++++++++++++++ docs/activation_module.rst | 13 +++++-------- docs/discovery_module.rst | 9 +++------ docs/downtime_module.rst | 13 +++++-------- docs/folder_module.rst | 7 ++----- docs/host_module.rst | 7 ++----- docs/index.rst | 3 ++- 12 files changed, 53 insertions(+), 34 deletions(-) rename changelogs/{fragments => archive/0.6.0}/bugfix_agent_role.yml (100%) rename changelogs/{fragments => archive/0.6.0}/release_summary.yml (100%) rename changelogs/{fragments => archive/0.6.0}/server_update_feature.yml (100%) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 231b981b3..a95077e1f 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,25 @@ tribe29.checkmk Release Notes .. contents:: Topics +v0.6.0 +====== + +Release Summary +--------------- + +Introducing upgrade management for Checkmk sites! + +Major Changes +------------- + +- Server role - Add support for automatically updating Checkmk. Read the role's README for important information! + +Bugfixes +-------- + +- Agent role - Fix SELinux handling on RedHat. +- Agent role - Fix firewall handling on RedHat. + v0.5.2 ====== diff --git a/changelogs/.plugin-cache.yaml b/changelogs/.plugin-cache.yaml index e9d7ae8d3..1bb5250d3 100644 --- a/changelogs/.plugin-cache.yaml +++ b/changelogs/.plugin-cache.yaml @@ -39,4 +39,4 @@ plugins: shell: {} strategy: {} vars: {} -version: 0.5.2 +version: 0.6.0 diff --git a/changelogs/fragments/bugfix_agent_role.yml b/changelogs/archive/0.6.0/bugfix_agent_role.yml similarity index 100% rename from changelogs/fragments/bugfix_agent_role.yml rename to changelogs/archive/0.6.0/bugfix_agent_role.yml diff --git a/changelogs/fragments/release_summary.yml b/changelogs/archive/0.6.0/release_summary.yml similarity index 100% rename from changelogs/fragments/release_summary.yml rename to changelogs/archive/0.6.0/release_summary.yml diff --git a/changelogs/fragments/server_update_feature.yml b/changelogs/archive/0.6.0/server_update_feature.yml similarity index 100% rename from changelogs/fragments/server_update_feature.yml rename to changelogs/archive/0.6.0/server_update_feature.yml diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 20d1e0dbf..d93726f72 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -166,3 +166,17 @@ releases: - bugfix_agent_role.yml - bugfix_discovery_http_timeout.yml release_date: '2022-08-04' + 0.6.0: + changes: + bugfixes: + - Agent role - Fix SELinux handling on RedHat. + - Agent role - Fix firewall handling on RedHat. + major_changes: + - Server role - Add support for automatically updating Checkmk. Read the role's + README for important information! + release_summary: Introducing upgrade management for Checkmk sites! + fragments: + - bugfix_agent_role.yml + - release_summary.yml + - server_update_feature.yml + release_date: '2022-08-25' diff --git a/docs/activation_module.rst b/docs/activation_module.rst index 7df118935..817effec0 100644 --- a/docs/activation_module.rst +++ b/docs/activation_module.rst @@ -1,3 +1,4 @@ + .. Document meta :orphan: @@ -42,11 +43,7 @@ tribe29.checkmk.activation module -- Activate changes in Checkmk. .. Collection note .. note:: - This module is part of the `tribe29.checkmk collection `_ (version 0.5.1). - - You might already have this collection installed if you are using the ``ansible`` package. - It is not included in ``ansible-core``. - To check whether it is installed, run :code:`ansible-galaxy collection list`. + This module is part of the `tribe29.checkmk collection `_ (version 0.6.0). To install it, use: :code:`ansible-galaxy collection install tribe29.checkmk`. @@ -200,8 +197,8 @@ Parameters :ansible-option-choices:`Choices:` - - :ansible-option-default-bold:`no` :ansible-option-default:`← (default)` - - :ansible-option-choices-entry:`yes` + - :ansible-option-default-bold:`false` :ansible-option-default:`← (default)` + - :ansible-option-choices-entry:`true` .. raw:: html @@ -417,7 +414,7 @@ Common return values are documented :ref:`here `, the foll .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample - :ansible-option-sample-bold:`Sample:` "200" + :ansible-option-sample-bold:`Sample:` 200 .. raw:: html diff --git a/docs/discovery_module.rst b/docs/discovery_module.rst index c220e1cb4..cb9027384 100644 --- a/docs/discovery_module.rst +++ b/docs/discovery_module.rst @@ -1,3 +1,4 @@ + .. Document meta :orphan: @@ -42,11 +43,7 @@ tribe29.checkmk.discovery module -- Discover services in Checkmk. .. Collection note .. note:: - This module is part of the `tribe29.checkmk collection `_ (version 0.5.1). - - You might already have this collection installed if you are using the ``ansible`` package. - It is not included in ``ansible-core``. - To check whether it is installed, run :code:`ansible-galaxy collection list`. + This module is part of the `tribe29.checkmk collection `_ (version 0.6.0). To install it, use: :code:`ansible-galaxy collection install tribe29.checkmk`. @@ -406,7 +403,7 @@ Common return values are documented :ref:`here `, the foll .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample - :ansible-option-sample-bold:`Sample:` "200" + :ansible-option-sample-bold:`Sample:` 200 .. raw:: html diff --git a/docs/downtime_module.rst b/docs/downtime_module.rst index a6e2bde7d..262a0300e 100644 --- a/docs/downtime_module.rst +++ b/docs/downtime_module.rst @@ -1,3 +1,4 @@ + .. Document meta :orphan: @@ -42,11 +43,7 @@ tribe29.checkmk.downtime module -- Manage downtimes in Checkmk. .. Collection note .. note:: - This module is part of the `tribe29.checkmk collection `_ (version 0.5.1). - - You might already have this collection installed if you are using the ``ansible`` package. - It is not included in ``ansible-core``. - To check whether it is installed, run :code:`ansible-galaxy collection list`. + This module is part of the `tribe29.checkmk collection `_ (version 0.6.0). To install it, use: :code:`ansible-galaxy collection install tribe29.checkmk`. @@ -226,7 +223,7 @@ Parameters
- Duration in seconds. When set, the downtime does not begin automatically at a nominated time, but when a non-OK status actually appears for the host. Consequently, the start_time and end_time is only the time window in which the scheduled downtime can occur. + Duration in seconds. When set, the downtime does not begin automatically at a nominated time, but when a non-OK status actually appears for the host. Consequently, the start\_time and end\_time is only the time window in which the scheduled downtime can occur. .. rst-class:: ansible-option-line @@ -347,8 +344,8 @@ Parameters :ansible-option-choices:`Choices:` - - :ansible-option-default-bold:`no` :ansible-option-default:`← (default)` - - :ansible-option-choices-entry:`yes` + - :ansible-option-default-bold:`false` :ansible-option-default:`← (default)` + - :ansible-option-choices-entry:`true` .. raw:: html diff --git a/docs/folder_module.rst b/docs/folder_module.rst index aaf8e1742..89b0431c6 100644 --- a/docs/folder_module.rst +++ b/docs/folder_module.rst @@ -1,3 +1,4 @@ + .. Document meta :orphan: @@ -42,11 +43,7 @@ tribe29.checkmk.folder module -- Manage folders in Checkmk. .. Collection note .. note:: - This module is part of the `tribe29.checkmk collection `_ (version 0.5.1). - - You might already have this collection installed if you are using the ``ansible`` package. - It is not included in ``ansible-core``. - To check whether it is installed, run :code:`ansible-galaxy collection list`. + This module is part of the `tribe29.checkmk collection `_ (version 0.6.0). To install it, use: :code:`ansible-galaxy collection install tribe29.checkmk`. diff --git a/docs/host_module.rst b/docs/host_module.rst index 1741b5d64..5032cd232 100644 --- a/docs/host_module.rst +++ b/docs/host_module.rst @@ -1,3 +1,4 @@ + .. Document meta :orphan: @@ -42,11 +43,7 @@ tribe29.checkmk.host module -- Manage hosts in Checkmk. .. Collection note .. note:: - This module is part of the `tribe29.checkmk collection `_ (version 0.5.1). - - You might already have this collection installed if you are using the ``ansible`` package. - It is not included in ``ansible-core``. - To check whether it is installed, run :code:`ansible-galaxy collection list`. + This module is part of the `tribe29.checkmk collection `_ (version 0.6.0). To install it, use: :code:`ansible-galaxy collection install tribe29.checkmk`. diff --git a/docs/index.rst b/docs/index.rst index 6b5cbc4df..232627c46 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -1,11 +1,12 @@ + .. _plugins_in_tribe29.checkmk: Tribe29.Checkmk =============== -Collection version 0.5.1 +Collection version 0.6.0 .. contents:: :local: From 17ee1fb1ad5d232499d100f06a66a3ba36ab0bfe Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 09:42:03 +0200 Subject: [PATCH 10/31] Fix #103. --- .../fragments/bugfix_activation_module.yml | 48 +++++++++++++++++++ plugins/modules/activation.py | 2 +- 2 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/bugfix_activation_module.yml diff --git a/changelogs/fragments/bugfix_activation_module.yml b/changelogs/fragments/bugfix_activation_module.yml new file mode 100644 index 000000000..5e023738c --- /dev/null +++ b/changelogs/fragments/bugfix_activation_module.yml @@ -0,0 +1,48 @@ +# https://docs.ansible.com/ansible/latest/community/development_process.html#changelogs-how-to + +bugfixes: + - Activation module - Fix waiting for activation completion (#103). + +# known_issues: +# - This release is still in development and a heavy work in progress. +# - Discovery module is not feature complete yet. +# - Downtime module is not fully idempotent yet. This affects service downtimes and deletions. + +## Line Format +# When writing a changelog entry, use the following format: + +# - scope - description starting with a lowercase letter and ending with a period at the very end. Multiple sentences are allowed (https://github.com/reference/to/an/issue or, if there is no issue, reference to a pull request itself). + +# The scope is usually a module or plugin name or group of modules or plugins, for example, lookup plugins. While module names can (and should) be mentioned directly (foo_module), plugin names should always be followed by the type (foo inventory plugin). + +# For changes that are not really scoped (for example, which affect a whole collection), use the following format: + +# - Description starting with an uppercase letter and ending with a dot at the very end. Multiple sentences are allowed (https://github.com/reference/to/an/issue or, if there is no issue, reference to a pull request itself). + + +## Possible keys: + +# breaking_changes + +# Changes that break existing playbooks or roles. This includes any change to existing behavior that forces users to update tasks. Displayed in both the changelogs and the Porting Guides. +# major_changes + +# Major changes to Ansible itself. Generally does not include module or plugin changes. Displayed in both the changelogs and the Porting Guides. +# minor_changes + +# Minor changes to Ansible, modules, or plugins. This includes new features, new parameters added to modules, or behavior changes to existing parameters. +# deprecated_features + +# Features that have been deprecated and are scheduled for removal in a future release. Displayed in both the changelogs and the Porting Guides. +# removed_features + +# Features that were previously deprecated and are now removed. Displayed in both the changelogs and the Porting Guides. +# security_fixes + +# Fixes that address CVEs or resolve security concerns. Include links to CVE information. +# bugfixes + +# Fixes that resolve issues. +# known_issues + +# Known issues that are currently not fixed or will not be fixed. diff --git a/plugins/modules/activation.py b/plugins/modules/activation.py index 5861dc563..ed2fd5166 100644 --- a/plugins/modules/activation.py +++ b/plugins/modules/activation.py @@ -137,7 +137,7 @@ def run_module(): params = { "force_foreign_changes": module.params.get("force_foreign_changes", ""), - "redirect": True, # ToDo: Do we need this? Does it need to be configurable? + "redirect": False, "sites": sites, } From d645c94c5537a1390a15c73c3d1c50b221ad2d33 Mon Sep 17 00:00:00 2001 From: diademiemi Date: Thu, 25 Aug 2022 09:57:22 +0200 Subject: [PATCH 11/31] Rebase to only include become true --- roles/agent/tasks/legacy.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/agent/tasks/legacy.yml b/roles/agent/tasks/legacy.yml index fd7521c05..e93b76efe 100644 --- a/roles/agent/tasks/legacy.yml +++ b/roles/agent/tasks/legacy.yml @@ -1,10 +1,12 @@ --- - name: "Install xinetd" + become: true ansible.builtin.package: name: xinetd state: present - name: "Enable xinetd" + become: true ansible.builtin.service: name: xinetd state: started From f89fec507ecabcd41111fa6351c891a57e6b05a7 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 11:12:29 +0200 Subject: [PATCH 12/31] Add first version of style guide. --- CONTRIBUTING.md | 50 ++++++++++++++++++++++++++++++++++--------------- 1 file changed, 35 insertions(+), 15 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 128a2f7da..5cbf2680b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -16,21 +16,7 @@ the time available is limited. We will try to be as transparent as possible about what we will include but please do not feel discouraged, if an idea or proposal gets rejected. Instead go on and create something yourself, if you think your approach is viable! There is already a lot of great content -out there and we love seeing you add to that plethora of content! - -## Submitting Issues - -If you encounter any bugs or have ideas for improvements feel free to open an [issue](https://github.com/tribe29/ansible-collection-tribe29.checkmk/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) or even better a [pull request](#Pull-Requests). -Dedicated requirements will be added here as suitable. - -## Pull Requests - -Please open a [pull request](https://github.com/tribe29/ansible-collection-tribe29.checkmk/pulls?q=is%3Apr+is%3Aopen) -if you have something to contribute. -On pull request creation, checks will run and tell you, -if your changes work with the collection. If errors are detected, please try to -fix them and update your pull request accordingly. -If you need help, feel free to ask for it. +out there and we love seeing you add to that plethora of it! ## How to contribute @@ -44,6 +30,20 @@ We do test everything to the best of our abilities, but nothing beats real world scenarios. Also if you can provide a bugfix yourself or you have an addition to the functionality, [pull requests](#Pull-Requests) are appreciated. +### Submitting Issues + +If you encounter any bugs or have ideas for improvements feel free to open an [issue](https://github.com/tribe29/ansible-collection-tribe29.checkmk/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) or even better a [pull request](#Pull-Requests). +Dedicated requirements will be added here as suitable. + +### Pull Requests + +Please open a [pull request](https://github.com/tribe29/ansible-collection-tribe29.checkmk/pulls?q=is%3Apr+is%3Aopen) +if you have something to contribute. +On pull request creation, checks will run and tell you, +if your changes work with the collection. If errors are detected, please try to +fix them and update your pull request accordingly. +If you need help, do ask for it. + ### Changelog When changing this collection, please make sure to write a log of what you did. @@ -59,6 +59,26 @@ Module documentation is compiled during a release and stored as `docs/module.rst but this is not ideal yet. However, please use the inline documentation as seen in the existing modules when creating additional modules. +## Style Guide + +### Commit messages + +* Use the present tense ("Add feature" not "Added feature") +* Use the imperative mood ("Move cursor to..." not "Moves cursor to...") +* The first line is a short title (limit to 72 characters or less) +* Write [good commit messages](https://chris.beams.io/posts/git-commit/) + +### Plugins +Specifics to be done. Stick to general Ansible coding best practices and look out for sanity check gotchas. + +### Roles +The following are guidelines to keep in mind, when changing roles. +- Variables + - Use snake case (`snake_case_variable`) + - Do not prefix the variable with an underscore ( `_` ) +- Tags + - When tagging roles, separate single words with dashes (`my-custom-tag`) + ## Releasing this collection Releasing this collection is automated using GitHub Actions. Before running the action `Release Collection` against the `main` branch, the From daec0f556418ca10ffa4b5d77f7a5d05da7b993a Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 11:13:04 +0200 Subject: [PATCH 13/31] Add changelog. --- .../feature_agent_role_host_attributes.yml | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 changelogs/fragments/feature_agent_role_host_attributes.yml diff --git a/changelogs/fragments/feature_agent_role_host_attributes.yml b/changelogs/fragments/feature_agent_role_host_attributes.yml new file mode 100644 index 000000000..2cb436ebc --- /dev/null +++ b/changelogs/fragments/feature_agent_role_host_attributes.yml @@ -0,0 +1,48 @@ +# https://docs.ansible.com/ansible/latest/community/development_process.html#changelogs-how-to + +minor_changes: + - Agent role - Host attributes can be fully customized now. + +# known_issues: +# - This release is still in development and a heavy work in progress. +# - Discovery module is not feature complete yet. +# - Downtime module is not fully idempotent yet. This affects service downtimes and deletions. + +## Line Format +# When writing a changelog entry, use the following format: + +# - scope - description starting with a lowercase letter and ending with a period at the very end. Multiple sentences are allowed (https://github.com/reference/to/an/issue or, if there is no issue, reference to a pull request itself). + +# The scope is usually a module or plugin name or group of modules or plugins, for example, lookup plugins. While module names can (and should) be mentioned directly (foo_module), plugin names should always be followed by the type (foo inventory plugin). + +# For changes that are not really scoped (for example, which affect a whole collection), use the following format: + +# - Description starting with an uppercase letter and ending with a dot at the very end. Multiple sentences are allowed (https://github.com/reference/to/an/issue or, if there is no issue, reference to a pull request itself). + + +## Possible keys: + +# breaking_changes + +# Changes that break existing playbooks or roles. This includes any change to existing behavior that forces users to update tasks. Displayed in both the changelogs and the Porting Guides. +# major_changes + +# Major changes to Ansible itself. Generally does not include module or plugin changes. Displayed in both the changelogs and the Porting Guides. +# minor_changes + +# Minor changes to Ansible, modules, or plugins. This includes new features, new parameters added to modules, or behavior changes to existing parameters. +# deprecated_features + +# Features that have been deprecated and are scheduled for removal in a future release. Displayed in both the changelogs and the Porting Guides. +# removed_features + +# Features that were previously deprecated and are now removed. Displayed in both the changelogs and the Porting Guides. +# security_fixes + +# Fixes that address CVEs or resolve security concerns. Include links to CVE information. +# bugfixes + +# Fixes that resolve issues. +# known_issues + +# Known issues that are currently not fixed or will not be fixed. From fc0acce0ab663ce392062bc4da5d3c4c44a5b8a8 Mon Sep 17 00:00:00 2001 From: diademiemi Date: Thu, 25 Aug 2022 11:13:47 +0200 Subject: [PATCH 14/31] Replace underscores with hyphens --- roles/agent/tasks/Debian.yml | 10 +++++----- roles/agent/tasks/RedHat.yml | 12 ++++++------ roles/agent/tasks/Suse.yml | 12 ++++++------ roles/agent/tasks/legacy.yml | 6 +++--- roles/agent/tasks/main.yml | 8 ++++---- roles/server/tasks/Debian.yml | 2 +- roles/server/tasks/RedHat.yml | 6 +++--- roles/server/tasks/main.yml | 16 ++++++++-------- roles/server/tasks/sites.yml | 14 +++++++------- roles/server/tasks/update-site.yml | 4 ++-- 10 files changed, 45 insertions(+), 45 deletions(-) diff --git a/roles/agent/tasks/Debian.yml b/roles/agent/tasks/Debian.yml index b6a27696e..cbef6f092 100644 --- a/roles/agent/tasks/Debian.yml +++ b/roles/agent/tasks/Debian.yml @@ -13,7 +13,7 @@ failed_when: 'false' changed_when: 'false' tags: - - download_package + - download-package - name: "Debian Derivates: Install host-specific Checkmk CEE Agent." become: true @@ -22,7 +22,7 @@ state: present when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 tags: - - install_package + - install-package - name: "Debian Derivates: Download GENERIC Checkmk CEE Agent." ansible.builtin.uri: @@ -34,7 +34,7 @@ Accept: "application/octet-stream" when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 tags: - - download_package + - download-package - name: "Debian Derivates: Install GENERIC Checkmk CEE Agent." become: true @@ -43,7 +43,7 @@ state: present when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 tags: - - install_package + - install-package - name: "Debian Derivates: Install Checkmk CRE Agent." become: true @@ -52,4 +52,4 @@ state: present when: checkmk_agent_edition == "cre" tags: - - install_package + - install-package diff --git a/roles/agent/tasks/RedHat.yml b/roles/agent/tasks/RedHat.yml index 310f99fd3..08aac589a 100644 --- a/roles/agent/tasks/RedHat.yml +++ b/roles/agent/tasks/RedHat.yml @@ -13,7 +13,7 @@ failed_when: 'false' changed_when: 'false' tags: - - download_package + - download-package - name: "RedHat Derivates: Install host-specific Checkmk CEE Agent." become: true @@ -23,7 +23,7 @@ disable_gpg_check: true when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 tags: - - install_package + - install-package - name: "RedHat Derivates: Download GENERIC Checkmk CEE Agent." ansible.builtin.uri: @@ -35,7 +35,7 @@ Accept: "application/octet-stream" when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 tags: - - download_package + - download-package - name: "RedHat Derivates: Install Checkmk CRE Agent." become: true @@ -45,7 +45,7 @@ disable_gpg_check: true when: checkmk_agent_edition == "cre" tags: - - install_package + - install-package - name: "RedHat Derivates: Install GENERIC Checkmk CEE Agent." become: true @@ -55,7 +55,7 @@ disable_gpg_check: true when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 tags: - - install_package + - install-package - name: "RedHat Derivates: Install Checkmk CRE Agent." become: true @@ -65,7 +65,7 @@ disable_gpg_check: true when: checkmk_agent_edition == "cre" tags: - - install_package + - install-package - name: "Configure Firewall for Agent." block: diff --git a/roles/agent/tasks/Suse.yml b/roles/agent/tasks/Suse.yml index 36c3c9053..02fccffe9 100644 --- a/roles/agent/tasks/Suse.yml +++ b/roles/agent/tasks/Suse.yml @@ -13,7 +13,7 @@ failed_when: 'false' changed_when: 'false' tags: - - download_package + - download-package - name: "Suse Derivates: Install host-specific Checkmk CEE Agent." become: true @@ -23,7 +23,7 @@ disable_gpg_check: true when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 tags: - - install_package + - install-package - name: "Suse Derivates: Download GENERIC Checkmk CEE Agent." ansible.builtin.uri: @@ -35,7 +35,7 @@ Accept: "application/octet-stream" when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 tags: - - download_package + - download-package - name: "Suse Derivates: Install Checkmk CRE Agent." become: true @@ -45,7 +45,7 @@ disable_gpg_check: true when: checkmk_agent_edition == "cre" tags: - - install_package + - install-package - name: "Suse Derivates: Install GENERIC Checkmk CEE Agent." become: true @@ -55,7 +55,7 @@ disable_gpg_check: true when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 tags: - - install_package + - install-package - name: "Suse Derivates: Install Checkmk CRE Agent." become: true @@ -65,4 +65,4 @@ disable_gpg_check: true when: checkmk_agent_edition == "cre" tags: - - install_package + - install-package diff --git a/roles/agent/tasks/legacy.yml b/roles/agent/tasks/legacy.yml index 278800fe5..46ad9e98a 100644 --- a/roles/agent/tasks/legacy.yml +++ b/roles/agent/tasks/legacy.yml @@ -4,8 +4,8 @@ name: xinetd state: present tags: - - install_package - - install_prerequisites + - install-package + - install-prerequisites - name: "Enable xinetd" ansible.builtin.service: @@ -13,4 +13,4 @@ state: started enabled: true tags: - - enable_service + - enable-xinetd diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 7c8a20331..6c5d5e85f 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -2,13 +2,13 @@ - name: "Include Derivate specific Variables." ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" tags: - - include_os_family_vars + - include-os-family-vars - name: "Get RPM or APT package facts." ansible.builtin.package_facts: manager: "auto" tags: - - get_package_facts + - get-package-facts - name: "Import Legacy agent tasks." ansible.builtin.include_tasks: "legacy.yml" @@ -21,12 +21,12 @@ mode: 0640 when: checkmk_agent_edition == "cre" tags: - - download_package + - download-package - name: "Run OS Family specific Tasks." ansible.builtin.include_tasks: "{{ ansible_os_family }}.yml" tags: - - include_os_family_tasks + - include-os-family-tasks - name: "Create host on server." tribe29.checkmk.host: diff --git a/roles/server/tasks/Debian.yml b/roles/server/tasks/Debian.yml index 696a66839..ff57a48ce 100644 --- a/roles/server/tasks/Debian.yml +++ b/roles/server/tasks/Debian.yml @@ -6,4 +6,4 @@ update_cache: 'yes' state: present tags: - - install_package + - install-package diff --git a/roles/server/tasks/RedHat.yml b/roles/server/tasks/RedHat.yml index 5d3dc3aeb..90e09159c 100644 --- a/roles/server/tasks/RedHat.yml +++ b/roles/server/tasks/RedHat.yml @@ -4,7 +4,7 @@ ansible.builtin.shell: dnf config-manager --set-enabled powertools # noqa command-instead-of-shell when: ansible_distribution_major_version == "8" tags: - - enable_powertools + - enable-powertools - name: "Install Checkmk Server." become: true @@ -13,7 +13,7 @@ state: present disable_gpg_check: '{{ not checkmk_server_verify_setup | bool }}' tags: - - install_package + - install-package - name: "Enable httpd can network connect selinux boolean." become: true @@ -23,7 +23,7 @@ persistent: true when: ansible_facts.selinux.status == 'enabled' tags: - - set_selinux_boolean + - set-selinux-boolean - name: "Open firewall ports." become: true diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index 0b9ef6bc7..699bcbf1c 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -9,13 +9,13 @@ - name: "Include OS Family specific Variables." ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" tags: - - include_os_family_vars + - include-os-family-vars - name: "Include RHEL Version specific Variables." ansible.builtin.include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" when: ansible_os_family == "RedHat" tags: - - include_rhel_version_vars + - include-rhel-version-vars - name: "Install Checkmk Prerequisites." become: true @@ -25,8 +25,8 @@ loop: - "{{ checkmk_server_prerequisites }}" tags: - - install_package - - install_prerequisites + - install-package + - install-prerequisites - name: "Download Checkmk Server Setup." ansible.builtin.get_url: @@ -36,7 +36,7 @@ url_username: "{{ checkmk_server_download_user | default(omit) }}" url_password: "{{ checkmk_server_download_pass | default(omit) }}" tags: - - download_package + - download-package - name: "Download Checkmk GPG Key." ansible.builtin.get_url: @@ -45,7 +45,7 @@ mode: 0640 when: checkmk_server_verify_setup | bool tags: - - download_gpg_key + - download-gpg-key - name: "GPG Verification on Debian Derivates." block: @@ -53,7 +53,7 @@ ansible.builtin.command: "gpg --import /tmp/Check_MK-pubkey.gpg" when: checkmk_server_verify_setup | bool tags: - - import_gpg_key + - import-gpg-key - name: "Verify Checkmk Setup." ansible.builtin.command: dpkg-sig --verify "/tmp/{{ checkmk_server_setup_file }}" @@ -73,7 +73,7 @@ state: present when: checkmk_server_verify_setup | bool and ansible_os_family == "RedHat" tags: - - import_gpg_key + - import-gpg-key - name: Include OS Family specific Playbook. ansible.builtin.include_tasks: "{{ ansible_os_family }}.yml" diff --git a/roles/server/tasks/sites.yml b/roles/server/tasks/sites.yml index 51e06ecfc..687beb9e4 100644 --- a/roles/server/tasks/sites.yml +++ b/roles/server/tasks/sites.yml @@ -12,7 +12,7 @@ when: item.state != "absent" register: checkmk_server_sites_created tags: - - create_sites + - create-sites - name: "Get site version." become: true @@ -26,14 +26,14 @@ when: item.state != "absent" register: checkmk_server_sites_versions tags: - - update_sites + - update-sites - name: "Include update site tasks." ansible.builtin.include_tasks: update-site.yml loop: "{{ checkmk_server_sites_versions.results }}" when: "item.changed" tags: - - update_sites + - update-sites - name: "Start Sites." become: true @@ -48,7 +48,7 @@ when: item.state == "started" register: checkmk_server_sites_started tags: - - start_sites + - start-sites - name: "Stop Sites." become: true @@ -63,7 +63,7 @@ when: (item.state == "absent") or (item.state == "stopped") register: checkmk_server_sites_stopped tags: - - stop_sites + - stop-sites - name: "Destroy Sites." become: true @@ -78,7 +78,7 @@ when: item.state == "absent" register: checkmk_server_sites_removed tags: - - destroy_sites + - destroy-sites - name: "Update Site Admin Password." become: true @@ -91,4 +91,4 @@ loop: "{{ checkmk_server_sites }}" when: item.state != "absent" tags: - - set_site_admin_pw + - set-site-admin-pw diff --git a/roles/server/tasks/update-site.yml b/roles/server/tasks/update-site.yml index 17e9e7bc2..e7f53fc29 100644 --- a/roles/server/tasks/update-site.yml +++ b/roles/server/tasks/update-site.yml @@ -32,7 +32,7 @@ when: | item.item.version | regex_replace('p.*', '') == item.stdout | regex_replace('p.*', '') tags: - - update_pause + - update-pause - name: "Long pause for major update." ansible.builtin.pause: @@ -45,7 +45,7 @@ when: | item.item.version | regex_replace('p.*', '') != item.stdout | regex_replace('p.*', '') tags: - - update_pause + - update-pause - name: "Create backup of site." become: true From 9d518f96f97da2b075bd82b63f2f95c68d923e1b Mon Sep 17 00:00:00 2001 From: diademiemi Date: Thu, 25 Aug 2022 11:17:16 +0200 Subject: [PATCH 15/31] Add tags table to agent role --- roles/agent/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/roles/agent/README.md b/roles/agent/README.md index d5c533b0d..096471015 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -79,6 +79,18 @@ Define the hostname which will be used to add the host to Checkmk. Define an IP address which will be added to the host in Checkmk. This is optional, as long as the hostname is DNS-resolvable. +## Tags +Tasks are tagged with the following tags: +| Tag | Purpose | +| ---- | ------- | +| `download-package` | Download agent package. | +| `install-package` | Install agent package with package manager. | +| `install-prerequisites` | Install packages that are required for the role or agent to work. | +| `include-os-family-vars` | Include OS family specific variables. | +| `include-os-family-tasks` | Include OS family specific tasks. | +| `get-package-facts` | Get package facts, used in the role. | +| `enable-xinetd` | Enable xinetd on hosts with systemd prior to version 220. | + ## Dependencies From bbc6408e23e7980a43cc2da46b27d2e16145ae25 Mon Sep 17 00:00:00 2001 From: diademiemi Date: Thu, 25 Aug 2022 11:25:02 +0200 Subject: [PATCH 16/31] Add tags table to server role --- roles/agent/README.md | 2 ++ roles/server/README.md | 24 ++++++++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/roles/agent/README.md b/roles/agent/README.md index 096471015..59447e1f8 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -91,6 +91,8 @@ Tasks are tagged with the following tags: | `get-package-facts` | Get package facts, used in the role. | | `enable-xinetd` | Enable xinetd on hosts with systemd prior to version 220. | +You can use Ansible to skip tasks, or only run certain tasks by using these tags. + ## Dependencies diff --git a/roles/server/README.md b/roles/server/README.md index a60298c77..201200851 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -68,6 +68,30 @@ Directory to backup sites to when updating between versions. Whether to back up sites when updating between versions. Only disable this if you plan on taking manual backups checkmk_server_backup_on_update: 'true' + +## Tags +Tasks are tagged with the following tags: +| Tag | Purpose | +| ---- | ------- | +| `download-package` | Download server package. | +| `install-package` | Install server package with package manager. | +| `install-prerequisites` | Install packages that are required for the role or server to work. | +| `download-gpg-key` | Download Checkmk GPG key for verifying the package. | +| `import-gpg-key` | Import the downloaded Checkmk GPG key for verifying the package. | +| `include-os-family-vars` | Include OS family specific variables. | +| `include-rhel-version-vars` | Include RHEL version specific variables. | +| `set-selinux-boolean` | Set necessary SELinux booleans for Checkmk to work on SELinux enabled systems. | +| `enable-powertools` | Enable the powertools repository on RHEL based systems. Required for some dependencies of Checkmk. | +| `create-sites` | Create sites on the Checkmk server. | +| `update-sites` | Update sites on the Checkmk server. | +| `start-sites` | Start sites on the Checkmk server. | +| `stop-sites` | Stop sites on the Checkmk server. | +| `destroy-sites` | Destroy sites on the Checkmk server. | +| `set-site-admin-pw` | Set the cmkadmin password of a site. | +| `update-pause` | Pause with a warning when updating a site. | + +You can use Ansible to skip tasks, or only run certain tasks by using these tags. + ## Dependencies From 2c344cfc2685cd8d3bf60725f4002e0dce521d2d Mon Sep 17 00:00:00 2001 From: diademiemi Date: Thu, 25 Aug 2022 11:44:53 +0200 Subject: [PATCH 17/31] Add notice that all tasks are run when tags are not given --- roles/agent/README.md | 2 +- roles/server/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/agent/README.md b/roles/agent/README.md index fa8b5c6c5..014da3fba 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -97,7 +97,7 @@ Tasks are tagged with the following tags: | `get-package-facts` | Get package facts, used in the role. | | `enable-xinetd` | Enable xinetd on hosts with systemd prior to version 220. | -You can use Ansible to skip tasks, or only run certain tasks by using these tags. +You can use Ansible to skip tasks, or only run certain tasks by using these tags. By default, all tasks are run when no tags are specified. ## Dependencies diff --git a/roles/server/README.md b/roles/server/README.md index 201200851..2d68b66e4 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -90,7 +90,7 @@ Tasks are tagged with the following tags: | `set-site-admin-pw` | Set the cmkadmin password of a site. | | `update-pause` | Pause with a warning when updating a site. | -You can use Ansible to skip tasks, or only run certain tasks by using these tags. +You can use Ansible to skip tasks, or only run certain tasks by using these tags. By default, all tasks are run when no tags are specified. ## Dependencies From 1a0f1fc40fe4623d03f8449d30c05ddd05866a9c Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 12:20:05 +0200 Subject: [PATCH 18/31] Update Vagrantfile and requirements.txt. --- Vagrantfile | 8 ++++---- requirements.txt | 3 ++- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/Vagrantfile b/Vagrantfile index 5081e3618..514b41246 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -20,16 +20,16 @@ Vagrant.configure("2") do |config| $script = <<-SCRIPT apt-get update apt-get install -y python3-pip - pip install -r /vagrant/requirements.txt - ansible-galaxy collection install -f -r /vagrant/requirements.yml - wget "https://download.checkmk.com/checkmk/2.1.0p4/check-mk-raw-2.1.0p4_0.focal_amd64.deb" -O /tmp/checkmk-stable.deb - wget "https://download.checkmk.com/checkmk/2.1.0p4/check-mk-raw-2.1.0p4_0.focal_amd64.deb" -O /tmp/checkmk-beta.deb + wget "https://download.checkmk.com/checkmk/2.1.0p10/check-mk-raw-2.1.0p10_0.focal_amd64.deb" -O /tmp/checkmk-stable.deb + wget "https://download.checkmk.com/checkmk/2.1.0p10/check-mk-raw-2.1.0p10_0.focal_amd64.deb" -O /tmp/checkmk-beta.deb apt-get install -y /tmp/checkmk-stable.deb omd create --admin-password 'cmk' stable apt-get install -y /tmp/checkmk-beta.deb omd create --admin-password 'cmk' beta omd status -b stable || omd start stable omd status -b beta || omd start beta + pip install -r /vagrant/requirements.txt + ansible-galaxy collection install -f -r /vagrant/requirements.yml SCRIPT srv.vm.provision "shell", inline: $script end diff --git a/requirements.txt b/requirements.txt index 795de5222..9e115a3da 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,4 @@ ansible >= 4.10.0 antsibull-changelog >= 0.12.0 -antsibull-docs >= 1.1.0 \ No newline at end of file +antsibull-docs >= 1.1.0 +jinja2 >= 3.0.0 \ No newline at end of file From 9813e602e8776c732b894dfde5c1a65bc69f216a Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 12:52:47 +0200 Subject: [PATCH 19/31] Make GPG import on Debian idempotent. --- roles/server/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index 699bcbf1c..305b5a6c6 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -51,7 +51,9 @@ block: - name: "Import Checkmk GPG Key." ansible.builtin.command: "gpg --import /tmp/Check_MK-pubkey.gpg" + register: checkmk_gpg_import when: checkmk_server_verify_setup | bool + changed_when: "'imported: 1' in checkmk_gpg_import" tags: - import-gpg-key From bdb7c23e9eed8dd0abfa7fa8c1f9ac289731a597 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 12:58:20 +0200 Subject: [PATCH 20/31] Fix galaxy task in provisioning. --- Vagrantfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Vagrantfile b/Vagrantfile index 514b41246..a1f0c5256 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -29,7 +29,7 @@ Vagrant.configure("2") do |config| omd status -b stable || omd start stable omd status -b beta || omd start beta pip install -r /vagrant/requirements.txt - ansible-galaxy collection install -f -r /vagrant/requirements.yml + sudo -u vagrant ansible-galaxy collection install -f -r /vagrant/requirements.yml SCRIPT srv.vm.provision "shell", inline: $script end From d261ae0c288f3f4b9c3a5fc7cbae94521113ed7f Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 13:31:40 +0200 Subject: [PATCH 21/31] Enable support for CFE. Fixes #119. --- ...t_role_host_attributes.yml => agent_role.yml} | 3 +++ roles/agent/tasks/Debian.yml | 16 ++++++++-------- roles/agent/tasks/RedHat.yml | 16 ++++++++-------- roles/agent/tasks/Suse.yml | 16 ++++++++-------- roles/agent/tasks/main.yml | 4 ++-- 5 files changed, 29 insertions(+), 26 deletions(-) rename changelogs/fragments/{feature_agent_role_host_attributes.yml => agent_role.yml} (98%) diff --git a/changelogs/fragments/feature_agent_role_host_attributes.yml b/changelogs/fragments/agent_role.yml similarity index 98% rename from changelogs/fragments/feature_agent_role_host_attributes.yml rename to changelogs/fragments/agent_role.yml index 2cb436ebc..3225118ae 100644 --- a/changelogs/fragments/feature_agent_role_host_attributes.yml +++ b/changelogs/fragments/agent_role.yml @@ -3,6 +3,9 @@ minor_changes: - Agent role - Host attributes can be fully customized now. +bugfixes: + - Agent role - Support CFE properly. + # known_issues: # - This release is still in development and a heavy work in progress. # - Discovery module is not feature complete yet. diff --git a/roles/agent/tasks/Debian.yml b/roles/agent/tasks/Debian.yml index cbef6f092..78a307097 100644 --- a/roles/agent/tasks/Debian.yml +++ b/roles/agent/tasks/Debian.yml @@ -1,5 +1,5 @@ --- -- name: "Debian Derivates: Download host-specific Checkmk CEE Agent." +- name: "Debian Derivates: Download host-specific Checkmk {{ checkmk_agent_edition | upper }} Agent." ansible.builtin.uri: url: "{{ checkmk_agent_agent.url.cee }}?host_name={{ inventory_hostname }}&os_type=linux_deb&agent_type=host_name" dest: "{{ checkmk_agent_agent.file.host }}" @@ -7,7 +7,7 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: checkmk_agent_edition == "cee" + when: checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe" register: checkmk_agent_download_state # This task may fail, as we fall back to the generic agent in that case failed_when: 'false' @@ -15,16 +15,16 @@ tags: - download-package -- name: "Debian Derivates: Install host-specific Checkmk CEE Agent." +- name: "Debian Derivates: Install host-specific Checkmk {{ checkmk_agent_edition | upper }} Agent." become: true ansible.builtin.apt: deb: "{{ checkmk_agent_agent.file.host }}" state: present - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status == 200 tags: - install-package -- name: "Debian Derivates: Download GENERIC Checkmk CEE Agent." +- name: "Debian Derivates: Download GENERIC Checkmk {{ checkmk_agent_edition | upper }} Agent." ansible.builtin.uri: url: "{{ checkmk_agent_agent.url.cee }}?os_type=linux_deb&agent_type=generic" dest: "{{ checkmk_agent_agent.file.cee }}" @@ -32,16 +32,16 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 tags: - download-package -- name: "Debian Derivates: Install GENERIC Checkmk CEE Agent." +- name: "Debian Derivates: Install GENERIC Checkmk {{ checkmk_agent_edition | upper }} Agent." become: true ansible.builtin.apt: deb: "{{ checkmk_agent_agent.file.cee }}" state: present - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 tags: - install-package diff --git a/roles/agent/tasks/RedHat.yml b/roles/agent/tasks/RedHat.yml index 08aac589a..d502d2fd0 100644 --- a/roles/agent/tasks/RedHat.yml +++ b/roles/agent/tasks/RedHat.yml @@ -1,5 +1,5 @@ --- -- name: "RedHat Derivates: Download host-specific Checkmk CEE Agent." +- name: "RedHat Derivates: Download host-specific Checkmk {{ checkmk_agent_edition | upper }} Agent." ansible.builtin.uri: url: "{{ checkmk_agent_agent.url.cee }}?host_name={{ inventory_hostname }}&os_type=linux_rpm&agent_type=host_name" dest: "{{ checkmk_agent_agent.file.host }}" @@ -7,7 +7,7 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: checkmk_agent_edition == "cee" + when: checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe" register: checkmk_agent_download_state # This task may fail, as we fall back to the generic agent in that case failed_when: 'false' @@ -15,17 +15,17 @@ tags: - download-package -- name: "RedHat Derivates: Install host-specific Checkmk CEE Agent." +- name: "RedHat Derivates: Install host-specific Checkmk {{ checkmk_agent_edition | upper }} Agent." become: true ansible.builtin.yum: name: "{{ checkmk_agent_agent.file.host }}" state: present disable_gpg_check: true - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status == 200 tags: - install-package -- name: "RedHat Derivates: Download GENERIC Checkmk CEE Agent." +- name: "RedHat Derivates: Download GENERIC Checkmk {{ checkmk_agent_edition | upper }} Agent." ansible.builtin.uri: url: "{{ checkmk_agent_agent.url.cee }}?os_type=linux_rpm&agent_type=generic" dest: "{{ checkmk_agent_agent.file.cee }}" @@ -33,7 +33,7 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 tags: - download-package @@ -47,13 +47,13 @@ tags: - install-package -- name: "RedHat Derivates: Install GENERIC Checkmk CEE Agent." +- name: "RedHat Derivates: Install GENERIC Checkmk {{ checkmk_agent_edition | upper }} Agent." become: true ansible.builtin.yum: name: "{{ checkmk_agent_agent.file.cee }}" state: present disable_gpg_check: true - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 tags: - install-package diff --git a/roles/agent/tasks/Suse.yml b/roles/agent/tasks/Suse.yml index 02fccffe9..3f61e63d6 100644 --- a/roles/agent/tasks/Suse.yml +++ b/roles/agent/tasks/Suse.yml @@ -1,5 +1,5 @@ --- -- name: "Suse Derivates: Download host-specific Checkmk CEE Agent." +- name: "Suse Derivates: Download host-specific Checkmk {{ checkmk_agent_edition | upper }} Agent." ansible.builtin.uri: url: "{{ checkmk_agent_agent.url.cee }}?host_name={{ inventory_hostname }}&os_type=linux_rpm&agent_type=host_name" dest: "{{ checkmk_agent_agent.file.host }}" @@ -7,7 +7,7 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: checkmk_agent_edition == "cee" + when: checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe" register: checkmk_agent_download_state # This task may fail, as we fall back to the generic agent in that case failed_when: 'false' @@ -15,17 +15,17 @@ tags: - download-package -- name: "Suse Derivates: Install host-specific Checkmk CEE Agent." +- name: "Suse Derivates: Install host-specific Checkmk {{ checkmk_agent_edition | upper }} Agent." become: true ansible.builtin.zypper: name: "{{ checkmk_agent_agent.file.host }}" state: present disable_gpg_check: true - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status == 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status == 200 tags: - install-package -- name: "Suse Derivates: Download GENERIC Checkmk CEE Agent." +- name: "Suse Derivates: Download GENERIC Checkmk {{ checkmk_agent_edition | upper }} Agent." ansible.builtin.uri: url: "{{ checkmk_agent_agent.url.cee }}?os_type=linux_rpm&agent_type=generic" dest: "{{ checkmk_agent_agent.file.cee }}" @@ -33,7 +33,7 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 tags: - download-package @@ -47,13 +47,13 @@ tags: - install-package -- name: "Suse Derivates: Install GENERIC Checkmk CEE Agent." +- name: "Suse Derivates: Install GENERIC Checkmk {{ checkmk_agent_edition | upper }} Agent." become: true ansible.builtin.zypper: name: "{{ checkmk_agent_agent.file.cee }}" state: present disable_gpg_check: true - when: (checkmk_agent_edition == "cee") and checkmk_agent_download_state.status != 200 + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 tags: - install-package diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 46aa12981..8a3214eaf 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -49,7 +49,7 @@ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} -p {{ checkmk_agent_protocol }} \ -U {{ checkmk_agent_user }} -S {{ checkmk_agent_pass }} register: checkmk_agent_update_state - when: (checkmk_agent_edition == "cee") and checkmk_agent_update | bool + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_update | bool - name: "Register Agent for TLS." become: true @@ -58,7 +58,7 @@ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} \ -U {{ checkmk_agent_user }} -P {{ checkmk_agent_pass }} --trust-cert register: checkmk_agent_tls_state - when: (checkmk_agent_edition == "cee") and checkmk_agent_tls | bool + when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_tls | bool - name: "Discover services and labels on host." tribe29.checkmk.discovery: From 82f5a19230639211f421333c49b44b0a8630c72e Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 15:17:03 +0200 Subject: [PATCH 22/31] Make conditionals multiline. --- roles/agent/tasks/Debian.yml | 12 +++++++++--- roles/agent/tasks/RedHat.yml | 12 +++++++++--- roles/agent/tasks/Suse.yml | 12 +++++++++--- roles/agent/tasks/main.yml | 16 ++++++++++++---- 4 files changed, 39 insertions(+), 13 deletions(-) diff --git a/roles/agent/tasks/Debian.yml b/roles/agent/tasks/Debian.yml index 78a307097..22064af2a 100644 --- a/roles/agent/tasks/Debian.yml +++ b/roles/agent/tasks/Debian.yml @@ -20,7 +20,9 @@ ansible.builtin.apt: deb: "{{ checkmk_agent_agent.file.host }}" state: present - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status == 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status == 200 tags: - install-package @@ -32,7 +34,9 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status != 200 tags: - download-package @@ -41,7 +45,9 @@ ansible.builtin.apt: deb: "{{ checkmk_agent_agent.file.cee }}" state: present - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status != 200 tags: - install-package diff --git a/roles/agent/tasks/RedHat.yml b/roles/agent/tasks/RedHat.yml index d502d2fd0..58b70407d 100644 --- a/roles/agent/tasks/RedHat.yml +++ b/roles/agent/tasks/RedHat.yml @@ -21,7 +21,9 @@ name: "{{ checkmk_agent_agent.file.host }}" state: present disable_gpg_check: true - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status == 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status == 200 tags: - install-package @@ -33,7 +35,9 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status != 200 tags: - download-package @@ -53,7 +57,9 @@ name: "{{ checkmk_agent_agent.file.cee }}" state: present disable_gpg_check: true - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status != 200 tags: - install-package diff --git a/roles/agent/tasks/Suse.yml b/roles/agent/tasks/Suse.yml index 3f61e63d6..ed41a9990 100644 --- a/roles/agent/tasks/Suse.yml +++ b/roles/agent/tasks/Suse.yml @@ -21,7 +21,9 @@ name: "{{ checkmk_agent_agent.file.host }}" state: present disable_gpg_check: true - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status == 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status == 200 tags: - install-package @@ -33,7 +35,9 @@ headers: Authorization: "Bearer {{ checkmk_agent_user }} {{ checkmk_agent_pass }}" Accept: "application/octet-stream" - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status != 200 tags: - download-package @@ -53,7 +57,9 @@ name: "{{ checkmk_agent_agent.file.cee }}" state: present disable_gpg_check: true - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_download_state.status != 200 + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_download_state.status != 200 tags: - install-package diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 8a3214eaf..549a37946 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -12,7 +12,9 @@ - name: "Import Legacy agent tasks." ansible.builtin.include_tasks: "legacy.yml" - when: checkmk_agent_prep_legacy | bool and ansible_facts.packages['systemd'][0]['version'] | regex_search('\d{1,}') | int < 220 + when: | + checkmk_agent_prep_legacy | bool + and ansible_facts.packages['systemd'][0]['version'] | regex_search('\d{1,}') | int < 220 - name: "Download Checkmk CRE Agent." ansible.builtin.get_url: @@ -38,7 +40,9 @@ host_name: "{{ checkmk_agent_host_name }}" attributes: "{{ checkmk_agent_host_attributes }}" register: checkmk_agent_create_result - failed_when: checkmk_agent_create_result.failed is true and "The host is already part of the specified target folder" not in checkmk_agent_create_result.msg + failed_when: | + checkmk_agent_create_result.failed is true + and "The host is already part of the specified target folder" not in checkmk_agent_create_result.msg delegate_to: "{{ checkmk_agent_delegate_api_calls }}" when: checkmk_agent_add_host | bool @@ -49,7 +53,9 @@ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} -p {{ checkmk_agent_protocol }} \ -U {{ checkmk_agent_user }} -S {{ checkmk_agent_pass }} register: checkmk_agent_update_state - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_update | bool + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_update | bool - name: "Register Agent for TLS." become: true @@ -58,7 +64,9 @@ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} \ -U {{ checkmk_agent_user }} -P {{ checkmk_agent_pass }} --trust-cert register: checkmk_agent_tls_state - when: (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_tls | bool + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_tls | bool - name: "Discover services and labels on host." tribe29.checkmk.discovery: From b56aa02423213eda3c13f5fd4ef17ec07b411042 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 15:19:08 +0200 Subject: [PATCH 23/31] Update integration tests action. --- .github/workflows/ansible-integration-tests.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ansible-integration-tests.yaml b/.github/workflows/ansible-integration-tests.yaml index e583f21eb..750d15393 100644 --- a/.github/workflows/ansible-integration-tests.yaml +++ b/.github/workflows/ansible-integration-tests.yaml @@ -43,13 +43,10 @@ jobs: fail-fast: false matrix: ansible: - # - stable-2.9 # Only if your collection supports Ansible 2.9 - # - stable-2.10 - # - stable-2.11 - stable-2.12 - # - devel + - stable-2.13 + - devel python: - # - '2.6' - '2.7' - '3.5' - '3.6' From de45b51bf9917ffd8496a591c57debed9f819e86 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 16:03:39 +0200 Subject: [PATCH 24/31] Add check for binaries. --- changelogs/fragments/agent_role.yml | 1 + roles/agent/tasks/main.yml | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/changelogs/fragments/agent_role.yml b/changelogs/fragments/agent_role.yml index 3225118ae..dd2a80ab3 100644 --- a/changelogs/fragments/agent_role.yml +++ b/changelogs/fragments/agent_role.yml @@ -2,6 +2,7 @@ minor_changes: - Agent role - Host attributes can be fully customized now. + - Agent role - Check for agent updater and controller binaries. Skip registration if respective binary is missing. bugfixes: - Agent role - Support CFE properly. diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 549a37946..b6de7ee89 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -46,6 +46,16 @@ delegate_to: "{{ checkmk_agent_delegate_api_calls }}" when: checkmk_agent_add_host | bool +- name: "Check for Agent Updater Binary." + ansible.builtin.stat: + path: /usr/bin/cmk-update-agent + register: checkmk_agent_updater_binary + +- name: "Check for Agent Controller Binary." + ansible.builtin.stat: + path: /usr/bin/cmk-agent-ctl + register: checkmk_agent_controller_binary + - name: "Register Agent for automatic Upates." become: true ansible.builtin.shell: | @@ -55,6 +65,7 @@ register: checkmk_agent_update_state when: | (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_updater_binary.stat.exists | bool and checkmk_agent_update | bool - name: "Register Agent for TLS." @@ -66,6 +77,7 @@ register: checkmk_agent_tls_state when: | (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_controller_binary.stat.exists | bool and checkmk_agent_tls | bool - name: "Discover services and labels on host." From eeb9d1b4dfba666ab6177e3e103086605547dac2 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Thu, 25 Aug 2022 16:31:23 +0200 Subject: [PATCH 25/31] Debugging: Add sleep to activation. --- plugins/modules/activation.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/modules/activation.py b/plugins/modules/activation.py index ed2fd5166..9d998b170 100644 --- a/plugins/modules/activation.py +++ b/plugins/modules/activation.py @@ -81,6 +81,7 @@ from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.urls import fetch_url +import time def run_module(): @@ -167,6 +168,7 @@ def run_module(): if result["failed"]: module.fail_json(**result) + time.sleep(10) module.exit_json(**result) From daf482fdc43f2da3718c2ef820369b83a0927303 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 26 Aug 2022 09:48:00 +0200 Subject: [PATCH 26/31] Fix authentication options. --- changelogs/fragments/agent_role.yml | 1 + roles/agent/README.md | 10 ++++++++-- roles/agent/defaults/main.yml | 7 +++++-- roles/agent/tasks/main.yml | 20 +++++++++++++++----- 4 files changed, 29 insertions(+), 9 deletions(-) diff --git a/changelogs/fragments/agent_role.yml b/changelogs/fragments/agent_role.yml index dd2a80ab3..1adb8e604 100644 --- a/changelogs/fragments/agent_role.yml +++ b/changelogs/fragments/agent_role.yml @@ -6,6 +6,7 @@ minor_changes: bugfixes: - Agent role - Support CFE properly. + - Agent role - Support both normal and automation users properly. # known_issues: # - This release is still in development and a heavy work in progress. diff --git a/roles/agent/README.md b/roles/agent/README.md index 014da3fba..b321836bb 100644 --- a/roles/agent/README.md +++ b/roles/agent/README.md @@ -37,9 +37,15 @@ The name of your Checkmk site. The user used to authenticate against your Checkmk site. - checkmk_agent_pass: SECRET + checkmk_agent_pass: "{{ automation_secret }}" -The password for the user used to authenticate against your Checkmk site. +The password for the normal user used to authenticate against your Checkmk site. +This is mutually exclusive with `checkmk_agent_secret`! + + checkmk_agent_secret: "{{ automation_secret }}" + +The secret for the automation user used to authenticate against your Checkmk site. +This is mutually exclusive with `checkmk_agent_pass`! checkmk_agent_add_host: 'false' diff --git a/roles/agent/defaults/main.yml b/roles/agent/defaults/main.yml index a9ae9deba..d78d1ebf8 100644 --- a/roles/agent/defaults/main.yml +++ b/roles/agent/defaults/main.yml @@ -5,8 +5,11 @@ checkmk_agent_protocol: http checkmk_agent_server: localhost checkmk_agent_site: my_site checkmk_agent_user: "{{ automation_user | default('automation') }}" -checkmk_agent_pass: "{{ automation_secret | default('PASSWORD') }}" -checkmk_agent_secret: "{{ automation_secret | default('SECRET') }}" + +# Depending on which user you will be using, set the password or secret: +# checkmk_agent_pass: "{{ automation_secret }}" +# checkmk_agent_secret: "{{ automation_secret }}" + checkmk_agent_add_host: 'false' checkmk_agent_discover: 'false' checkmk_agent_update: 'false' diff --git a/roles/agent/tasks/main.yml b/roles/agent/tasks/main.yml index 80a65f1ca..f4763433d 100644 --- a/roles/agent/tasks/main.yml +++ b/roles/agent/tasks/main.yml @@ -56,17 +56,18 @@ path: /usr/bin/cmk-agent-ctl register: checkmk_agent_controller_binary -- name: "Register Agent for automatic Upates." +- name: "Register Agent for automatic Upates using User Password." become: true ansible.builtin.shell: | cmk-update-agent register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} -p {{ checkmk_agent_protocol }} \ - -U {{ checkmk_agent_user }} -S {{ checkmk_agent_pass }} + -U {{ checkmk_agent_user }} -P {{ checkmk_agent_pass }} register: checkmk_agent_update_state when: | (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_updater_binary.stat.exists | bool and checkmk_agent_update | bool + and (checkmk_agent_pass is defined and checkmk_agent_pass | length) - name: "Register Agent for automatic Upates using Automation Secret." become: true @@ -75,7 +76,11 @@ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} -p {{ checkmk_agent_protocol }} \ -U {{ checkmk_agent_user }} -S {{ checkmk_agent_pass }} register: checkmk_agent_update_state - when: (checkmk_agent_edition == "cee") and (checkmk_agent_update | bool) and ( checkmk_agent_secret | length ) + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_updater_binary.stat.exists | bool + and checkmk_agent_update | bool + and (checkmk_agent_secret is defined and checkmk_agent_secret | length) - name: "Register Agent for TLS using User Password." become: true @@ -84,19 +89,24 @@ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} \ -U {{ checkmk_agent_user }} -P {{ checkmk_agent_pass }} --trust-cert register: checkmk_agent_tls_state - when: (checkmk_agent_edition == "cee") and (checkmk_agent_tls | bool) and ( checkmk_agent_pass | length ) + when: | + (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") + and checkmk_agent_controller_binary.stat.exists | bool + and checkmk_agent_tls | bool + and (checkmk_agent_pass is defined and checkmk_agent_pass | length) - name: "Register Agent for TLS using Automation Secret." become: true ansible.builtin.shell: | cmk-agent-ctl register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_server }} -i {{ checkmk_agent_site }} \ - -U {{ checkmk_agent_user }} -P {{ checkmk_agent_pass }} --trust-cert + -U {{ checkmk_agent_user }} -S {{ checkmk_agent_pass }} --trust-cert register: checkmk_agent_tls_state when: | (checkmk_agent_edition == "cee" or checkmk_agent_edition == "cfe") and checkmk_agent_controller_binary.stat.exists | bool and checkmk_agent_tls | bool + and (checkmk_agent_secret is defined and checkmk_agent_secret | length) - name: "Discover services and labels on host." tribe29.checkmk.discovery: From 4a0dde7e4f226a8436947c5b014fc849524f9f36 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 26 Aug 2022 10:47:28 +0200 Subject: [PATCH 27/31] Update integration tests. Add current Ansible versions. Also work around a possible race condition in the activation process. --- .github/workflows/ansible-integration-tests.yaml | 13 +------------ plugins/modules/activation.py | 8 ++++++-- 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ansible-integration-tests.yaml b/.github/workflows/ansible-integration-tests.yaml index 750d15393..41d0336f6 100644 --- a/.github/workflows/ansible-integration-tests.yaml +++ b/.github/workflows/ansible-integration-tests.yaml @@ -47,6 +47,7 @@ jobs: - stable-2.13 - devel python: + - '2.6' - '2.7' - '3.5' - '3.6' @@ -54,18 +55,6 @@ jobs: - '3.8' - '3.9' - '3.10' - exclude: - # Because ansible-test doesn't support Python 3.9 for Ansible 2.9 - # and Python 3.10 is supported in 2.12 or later. - - ansible: stable-2.9 - python: '3.9' - - ansible: stable-2.9 - python: '3.10' - - ansible: stable-2.10 - python: '3.10' - - ansible: stable-2.11 - python: '3.10' - steps: - name: Check out code diff --git a/plugins/modules/activation.py b/plugins/modules/activation.py index 9d998b170..df6ac6f05 100644 --- a/plugins/modules/activation.py +++ b/plugins/modules/activation.py @@ -79,9 +79,10 @@ sample: 'Changes activated.' """ +import time + from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.urls import fetch_url -import time def run_module(): @@ -168,7 +169,10 @@ def run_module(): if result["failed"]: module.fail_json(**result) - time.sleep(10) + # Work around a possible race condition in the activation process. + # The sleep can be removed, once this is stable on Checkmk's and. + time.sleep(3) + module.exit_json(**result) From 0b14621e4f328a4e425ee27b4b07d4bdeecd9af2 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 26 Aug 2022 11:13:16 +0200 Subject: [PATCH 28/31] Update Python versions to test against. --- .github/workflows/ansible-integration-tests.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ansible-integration-tests.yaml b/.github/workflows/ansible-integration-tests.yaml index 41d0336f6..e9e5eb07c 100644 --- a/.github/workflows/ansible-integration-tests.yaml +++ b/.github/workflows/ansible-integration-tests.yaml @@ -47,7 +47,6 @@ jobs: - stable-2.13 - devel python: - - '2.6' - '2.7' - '3.5' - '3.6' @@ -55,6 +54,7 @@ jobs: - '3.8' - '3.9' - '3.10' + - '3.11' steps: - name: Check out code From ef5cdd722d136fb3db945dd3332292bf18932288 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 26 Aug 2022 11:25:37 +0200 Subject: [PATCH 29/31] Exclude unsupported Ansible/Python sets. --- .github/workflows/ansible-integration-tests.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ansible-integration-tests.yaml b/.github/workflows/ansible-integration-tests.yaml index e9e5eb07c..f464a6474 100644 --- a/.github/workflows/ansible-integration-tests.yaml +++ b/.github/workflows/ansible-integration-tests.yaml @@ -55,6 +55,12 @@ jobs: - '3.9' - '3.10' - '3.11' + exclude: + # Exclude unsupported sets. + - ansible: stable-2.12 + python: '3.11' + - ansible: stable-2.13 + python: '3.11' steps: - name: Check out code From 87bbbe11b58d7b06cf9cddd5771f509957bfc01e Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 26 Aug 2022 11:28:29 +0200 Subject: [PATCH 30/31] Update Ansible versions to test sanity against. --- .github/workflows/ansible-sanity-tests.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/ansible-sanity-tests.yaml b/.github/workflows/ansible-sanity-tests.yaml index ae7315e40..a44f80ae5 100644 --- a/.github/workflows/ansible-sanity-tests.yaml +++ b/.github/workflows/ansible-sanity-tests.yaml @@ -41,12 +41,9 @@ jobs: strategy: matrix: ansible: - # It's important that Sanity is tested against all stable-X.Y branches - # Testing against `devel` may fail as new tests are added. - # - stable-2.9 # Only if your collection supports Ansible 2.9 - # - stable-2.10 - stable-2.11 - stable-2.12 + - stable-2.13 - devel runs-on: ubuntu-latest steps: From 0d2afb2893cc147a1caa0158ea4d0c01868a6316 Mon Sep 17 00:00:00 2001 From: Robin Gierse Date: Fri, 26 Aug 2022 12:01:22 +0200 Subject: [PATCH 31/31] Prepare release 0.7.0. --- changelogs/fragments/agent_role.yml | 1 + .../fragments/bugfix_activation_module.yml | 1 + changelogs/fragments/release_summary.yml | 3 ++ changelogs/fragments/server_role.yml | 48 +++++++++++++++++++ galaxy.yml | 2 +- requirements.yml | 2 +- 6 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/release_summary.yml create mode 100644 changelogs/fragments/server_role.yml diff --git a/changelogs/fragments/agent_role.yml b/changelogs/fragments/agent_role.yml index 1adb8e604..30f600af7 100644 --- a/changelogs/fragments/agent_role.yml +++ b/changelogs/fragments/agent_role.yml @@ -3,6 +3,7 @@ minor_changes: - Agent role - Host attributes can be fully customized now. - Agent role - Check for agent updater and controller binaries. Skip registration if respective binary is missing. + - Agent role - Label role. This enables skipping or running tasks exclusively. See the README for a detailed list. bugfixes: - Agent role - Support CFE properly. diff --git a/changelogs/fragments/bugfix_activation_module.yml b/changelogs/fragments/bugfix_activation_module.yml index 5e023738c..a4cbd939d 100644 --- a/changelogs/fragments/bugfix_activation_module.yml +++ b/changelogs/fragments/bugfix_activation_module.yml @@ -2,6 +2,7 @@ bugfixes: - Activation module - Fix waiting for activation completion (#103). + - Activation module - Fix possible race condition. (#123). # known_issues: # - This release is still in development and a heavy work in progress. diff --git a/changelogs/fragments/release_summary.yml b/changelogs/fragments/release_summary.yml new file mode 100644 index 000000000..3b624d851 --- /dev/null +++ b/changelogs/fragments/release_summary.yml @@ -0,0 +1,3 @@ +# https://docs.ansible.com/ansible/latest/community/development_process.html#changelogs-how-to + +release_summary: "Lots of love for the agent role!" diff --git a/changelogs/fragments/server_role.yml b/changelogs/fragments/server_role.yml new file mode 100644 index 000000000..085d28db7 --- /dev/null +++ b/changelogs/fragments/server_role.yml @@ -0,0 +1,48 @@ +# https://docs.ansible.com/ansible/latest/community/development_process.html#changelogs-how-to + +minor_changes: + - Server role - Label role. This enables skipping or running tasks exclusively. See the README for a detailed list. + +# known_issues: +# - This release is still in development and a heavy work in progress. +# - Discovery module is not feature complete yet. +# - Downtime module is not fully idempotent yet. This affects service downtimes and deletions. + +## Line Format +# When writing a changelog entry, use the following format: + +# - scope - description starting with a lowercase letter and ending with a period at the very end. Multiple sentences are allowed (https://github.com/reference/to/an/issue or, if there is no issue, reference to a pull request itself). + +# The scope is usually a module or plugin name or group of modules or plugins, for example, lookup plugins. While module names can (and should) be mentioned directly (foo_module), plugin names should always be followed by the type (foo inventory plugin). + +# For changes that are not really scoped (for example, which affect a whole collection), use the following format: + +# - Description starting with an uppercase letter and ending with a dot at the very end. Multiple sentences are allowed (https://github.com/reference/to/an/issue or, if there is no issue, reference to a pull request itself). + + +## Possible keys: + +# breaking_changes + +# Changes that break existing playbooks or roles. This includes any change to existing behavior that forces users to update tasks. Displayed in both the changelogs and the Porting Guides. +# major_changes + +# Major changes to Ansible itself. Generally does not include module or plugin changes. Displayed in both the changelogs and the Porting Guides. +# minor_changes + +# Minor changes to Ansible, modules, or plugins. This includes new features, new parameters added to modules, or behavior changes to existing parameters. +# deprecated_features + +# Features that have been deprecated and are scheduled for removal in a future release. Displayed in both the changelogs and the Porting Guides. +# removed_features + +# Features that were previously deprecated and are now removed. Displayed in both the changelogs and the Porting Guides. +# security_fixes + +# Fixes that address CVEs or resolve security concerns. Include links to CVE information. +# bugfixes + +# Fixes that resolve issues. +# known_issues + +# Known issues that are currently not fixed or will not be fixed. diff --git a/galaxy.yml b/galaxy.yml index b37464af4..a0c28b9c9 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -9,7 +9,7 @@ namespace: tribe29 name: checkmk # The version of the collection. Must be compatible with semantic versioning -version: 0.6.0 +version: 0.7.0 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md diff --git a/requirements.yml b/requirements.yml index a03791128..c5ee1c7a9 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,4 +1,4 @@ --- collections: - name: tribe29.checkmk - version: 0.6.0 + version: 0.7.0