feat: move naive assertion to common role

Signed-off-by: Jack <jack4zhang@gmail.com>
This commit is contained in:
Jack 2024-10-29 21:01:58 +08:00
parent e2d8b745dc
commit 2ec62b392b
24 changed files with 56 additions and 209 deletions

View file

@ -81,6 +81,9 @@ argument_specs:
{{ ('python-apt' if ansible_python_version is version('3', '<') else 'python3-apt') }} {{ ('python-apt' if ansible_python_version is version('3', '<') else 'python3-apt') }}
{% else %}\ {% else %}\
{% endif %}" {% endif %}"
_common_web_listen_address:
description: "Address on which to listen"
default: ""
selinux: selinux:
short_description: "Internal only - common selinux configuration tasks" short_description: "Internal only - common selinux configuration tasks"
description: "Internal only - selinux requirements" description: "Internal only - selinux requirements"

View file

@ -74,3 +74,14 @@
- "{{ ansible_parent_role_names | first | regex_replace(ansible_collection_name ~ '.', '') }}_configure" - "{{ ansible_parent_role_names | first | regex_replace(ansible_collection_name ~ '.', '') }}_configure"
- install - install
- "{{ ansible_parent_role_names | first | regex_replace(ansible_collection_name ~ '.', '') }}_install" - "{{ ansible_parent_role_names | first | regex_replace(ansible_collection_name ~ '.', '') }}_install"
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[_common_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
when: (_common_web_listen_address)

View file

@ -18,6 +18,7 @@ _common_binary_unarchive_opts: ""
_common_tls_server_config: {} _common_tls_server_config: {}
_common_http_server_config: {} _common_http_server_config: {}
_common_basic_auth_users: {} _common_basic_auth_users: {}
_common_web_listen_address: ""
# Variables that should not be overwritten # Variables that should not be overwritten
__common_binary_basename: "{{ _common_binary_url | urlsplit('path') | basename }}" __common_binary_basename: "{{ _common_binary_url | urlsplit('path') | basename }}"
__common_github_api_headers: "{{ {'GITHUB_TOKEN': lookup('ansible.builtin.env', 'GITHUB_TOKEN')} if (lookup('ansible.builtin.env', 'GITHUB_TOKEN')) else {} }}" __common_github_api_headers: "{{ {'GITHUB_TOKEN': lookup('ansible.builtin.env', 'GITHUB_TOKEN')} if (lookup('ansible.builtin.env', 'GITHUB_TOKEN')) else {} }}"

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ alertmanager_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -15,16 +17,6 @@
alertmanager_web_listen_address | type_debug == "list" alertmanager_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[alertmanager_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Discover latest version - name: Discover latest version
ansible.builtin.set_fact: ansible.builtin.set_fact:
alertmanager_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _alertmanager_repo }}/releases/latest', headers=_github_api_headers, alertmanager_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _alertmanager_repo }}/releases/latest', headers=_github_api_headers,

View file

@ -3,16 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
- name: Naive assertion of proper listen address _common_web_listen_address: "{{ bind_exporter_web_listen_address }}"
ansible.builtin.assert:
that:
- >-
[bind_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: bind_exporter_tls_server_config | length > 0 when: bind_exporter_tls_server_config | length > 0

View file

@ -5,6 +5,7 @@
tasks_from: preflight.yml tasks_from: preflight.yml
vars: vars:
_common_dependencies: "{{ _blackbox_exporter_dependencies }}" _common_dependencies: "{{ _blackbox_exporter_dependencies }}"
_common_web_listen_address: "{{ blackbox_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -17,16 +18,6 @@
blackbox_exporter_web_listen_address | type_debug == "list" blackbox_exporter_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[blackbox_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Discover latest version - name: Discover latest version
ansible.builtin.set_fact: ansible.builtin.set_fact:
blackbox_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _blackbox_exporter_repo }}/releases/latest', headers=_github_api_headers, blackbox_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _blackbox_exporter_repo }}/releases/latest', headers=_github_api_headers,

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ chrony_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -15,16 +17,6 @@
chrony_exporter_web_listen_address | type_debug == "list" chrony_exporter_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[chrony_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert collectors are not both disabled and enabled at the same time - name: Assert collectors are not both disabled and enabled at the same time
ansible.builtin.assert: ansible.builtin.assert:
that: that:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ fail2ban_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -10,16 +12,6 @@
- >- - >-
fail2ban_exporter_web_listen_address is string fail2ban_exporter_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[fail2ban_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Discover latest version - name: Discover latest version
ansible.builtin.set_fact: ansible.builtin.set_fact:
fail2ban_exporter_version: "{{ (lookup('url', 'https://gitlab.com/api/v4/projects/{{ _fail2ban_exporter_repo }}/releases', fail2ban_exporter_version: "{{ (lookup('url', 'https://gitlab.com/api/v4/projects/{{ _fail2ban_exporter_repo }}/releases',

View file

@ -3,6 +3,9 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ influxdb_exporter_web_listen_address }}"
tags: tags:
- influxdb_exporter - influxdb_exporter
- preflight - preflight
@ -17,20 +20,6 @@
- preflight - preflight
- influxdb_exporter_preflight - influxdb_exporter_preflight
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[influxdb_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
tags:
- influxdb_exporter
- preflight
- influxdb_exporter_preflight
- name: Discover latest version - name: Discover latest version
ansible.builtin.set_fact: ansible.builtin.set_fact:
influxdb_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _influxdb_exporter_repo }}/releases/latest', headers=_influxdb_exporter_github_api_headers, influxdb_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _influxdb_exporter_repo }}/releases/latest', headers=_influxdb_exporter_github_api_headers,

View file

@ -5,6 +5,7 @@
tasks_from: preflight.yml tasks_from: preflight.yml
vars: vars:
_common_dependencies: "{{ _ipmi_exporter_dependencies }}" _common_dependencies: "{{ _ipmi_exporter_dependencies }}"
_common_web_listen_address: "{{ ipmi_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -12,16 +13,6 @@
- >- - >-
ipmi_exporter_web_listen_address is string ipmi_exporter_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[ipmi_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: ipmi_exporter_tls_server_config | length > 0 when: ipmi_exporter_tls_server_config | length > 0
block: block:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ memcached_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -10,16 +12,6 @@
- >- - >-
memcached_exporter_web_listen_address is string memcached_exporter_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[memcached_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: memcached_exporter_tls_server_config | length > 0 when: memcached_exporter_tls_server_config | length > 0
block: block:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ mongodb_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -10,16 +12,6 @@
- >- - >-
mongodb_exporter_web_listen_address is string mongodb_exporter_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[mongodb_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: mongodb_exporter_tls_server_config | length > 0 when: mongodb_exporter_tls_server_config | length > 0
block: block:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ mysqld_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -15,16 +17,6 @@
mysqld_exporter_web_listen_address | type_debug == "list" mysqld_exporter_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[mysqld_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert collectors are not both disabled and enabled at the same time - name: Assert collectors are not both disabled and enabled at the same time
ansible.builtin.assert: ansible.builtin.assert:
that: that:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ nginx_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -10,16 +12,6 @@
- >- - >-
nginx_exporter_web_listen_address is string nginx_exporter_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[nginx_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: nginx_exporter_tls_server_config | length > 0 when: nginx_exporter_tls_server_config | length > 0
block: block:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ node_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -15,16 +17,6 @@
node_exporter_web_listen_address | type_debug == "list" node_exporter_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[node_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert collectors are not both disabled and enabled at the same time - name: Assert collectors are not both disabled and enabled at the same time
ansible.builtin.assert: ansible.builtin.assert:
that: that:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ postgres_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -15,16 +17,6 @@
postgres_exporter_web_listen_address | type_debug == "list" postgres_exporter_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[postgres_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert collectors are not both disabled and enabled at the same time - name: Assert collectors are not both disabled and enabled at the same time
ansible.builtin.assert: ansible.builtin.assert:
that: that:

View file

@ -3,11 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
- name: Naive assertion of proper listen address _common_web_listen_address: "{{ process_exporter_web_listen_address }}"
ansible.builtin.assert:
that:
- "':' in process_exporter_web_listen_address"
- name: Discover latest version - name: Discover latest version
ansible.builtin.set_fact: ansible.builtin.set_fact:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ prometheus_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -10,16 +12,6 @@
- >- - >-
prometheus_web_listen_address is string prometheus_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[prometheus_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert no duplicate config flags - name: Assert no duplicate config flags
ansible.builtin.assert: ansible.builtin.assert:
that: that:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ pushgateway_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -15,16 +17,6 @@
pushgateway_web_listen_address | type_debug == "list" pushgateway_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[pushgateway_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: pushgateway_tls_server_config | length > 0 when: pushgateway_tls_server_config | length > 0
block: block:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ redis_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -10,16 +12,6 @@
- >- - >-
redis_exporter_web_listen_address is string redis_exporter_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[redis_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: when:
- redis_exporter_tls_server_key_file | length > 0 - redis_exporter_tls_server_key_file | length > 0

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ smartctl_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -10,16 +12,6 @@
- >- - >-
smartctl_exporter_web_listen_address is string smartctl_exporter_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[smartctl_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: smartctl_exporter_tls_server_config | length > 0 when: smartctl_exporter_tls_server_config | length > 0
block: block:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ smokeping_prober_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -15,16 +17,6 @@
smokeping_prober_web_listen_address | type_debug == "list" smokeping_prober_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[smokeping_prober_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: smokeping_prober_tls_server_config | length > 0 when: smokeping_prober_tls_server_config | length > 0
block: block:

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ snmp_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -15,16 +17,6 @@
snmp_exporter_web_listen_address | type_debug == "list" snmp_exporter_web_listen_address | type_debug == "list"
) )
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[snmp_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Discover latest version - name: Discover latest version
ansible.builtin.set_fact: ansible.builtin.set_fact:
snmp_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _snmp_exporter_repo }}/releases/latest', headers=_github_api_headers, snmp_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _snmp_exporter_repo }}/releases/latest', headers=_github_api_headers,

View file

@ -3,6 +3,8 @@
ansible.builtin.include_role: ansible.builtin.include_role:
name: prometheus.prometheus._common name: prometheus.prometheus._common
tasks_from: preflight.yml tasks_from: preflight.yml
vars:
_common_web_listen_address: "{{ systemd_exporter_web_listen_address }}"
- name: Assert that used version supports listen address type - name: Assert that used version supports listen address type
ansible.builtin.assert: ansible.builtin.assert:
@ -10,16 +12,6 @@
- >- - >-
systemd_exporter_web_listen_address is string systemd_exporter_web_listen_address is string
- name: Naive assertion of proper listen address
ansible.builtin.assert:
that:
- >-
[systemd_exporter_web_listen_address] |
flatten |
reject('match', '.+:\\d+$') |
list |
length == 0
- name: Assert that TLS config is correct - name: Assert that TLS config is correct
when: systemd_exporter_tls_server_config | length > 0 when: systemd_exporter_tls_server_config | length > 0
block: block: