From b90cb5bfe46fea27b56e7d8c858dad7ff574359a Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 15 Oct 2024 17:13:08 +0000 Subject: [PATCH] refactor(smokeping_prober): delegate common tasks to _common role Signed-off-by: gardar --- roles/smokeping_prober/defaults/main.yml | 6 +- .../smokeping_prober/meta/argument_specs.yml | 19 ++--- .../molecule/alternative/molecule.yml | 7 +- .../molecule/default/tests/test_default.py | 1 - roles/smokeping_prober/tasks/configure.yml | 61 ++++++---------- roles/smokeping_prober/tasks/install.yml | 69 ------------------- roles/smokeping_prober/tasks/main.yml | 46 +++++-------- roles/smokeping_prober/tasks/preflight.yml | 68 +++--------------- roles/smokeping_prober/tasks/selinux.yml | 23 ------- .../templates/smokeping_prober.service.j2 | 3 + .../templates/web_config.yaml.j2 | 18 ----- roles/smokeping_prober/vars/main.yml | 14 ++-- 12 files changed, 66 insertions(+), 269 deletions(-) delete mode 100644 roles/smokeping_prober/tasks/install.yml delete mode 100644 roles/smokeping_prober/tasks/selinux.yml delete mode 100644 roles/smokeping_prober/templates/web_config.yaml.j2 diff --git a/roles/smokeping_prober/defaults/main.yml b/roles/smokeping_prober/defaults/main.yml index c3b4edaf..6d5ee50c 100644 --- a/roles/smokeping_prober/defaults/main.yml +++ b/roles/smokeping_prober/defaults/main.yml @@ -1,10 +1,8 @@ --- smokeping_prober_version: 0.8.1 -smokeping_prober_binary_local_dir: "" smokeping_prober_binary_url: "https://github.com/{{ _smokeping_prober_repo }}/releases/download/v{{ smokeping_prober_version }}/\ - smokeping_prober-{{ smokeping_prober_version }}.linux-{{ go_arch }}.tar.gz" + smokeping_prober-{{ smokeping_prober_version }}.{{ ansible_system | lower }}-{{ _smokeping_prober_go_ansible_arch }}.tar.gz" smokeping_prober_checksums_url: "https://github.com/{{ _smokeping_prober_repo }}/releases/download/v{{ smokeping_prober_version }}/sha256sums.txt" -smokeping_prober_skip_install: false smokeping_prober_web_listen_address: "0.0.0.0:9374" @@ -34,4 +32,4 @@ smokeping_prober_system_group: "smokeping" smokeping_prober_system_user: "{{ smokeping_prober_system_group }}" # Local path to stash the archive and its extraction -smokeping_archive_path: /tmp +smokeping_prober_local_cache_path: "/tmp/smokeping_prober-{{ ansible_system | lower }}-{{ _smokeping_prober_go_ansible_arch }}/{{ smokeping_prober_version }}" diff --git a/roles/smokeping_prober/meta/argument_specs.yml b/roles/smokeping_prober/meta/argument_specs.yml index f571a731..b0de9b34 100644 --- a/roles/smokeping_prober/meta/argument_specs.yml +++ b/roles/smokeping_prober/meta/argument_specs.yml @@ -11,18 +11,9 @@ argument_specs: smokeping_prober_version: description: "Smokeping Prober package version. Also accepts latest as parameter." default: "0.8.1" - smokeping_prober_skip_install: - description: "Smokeping Prober installation tasks gets skipped when set to true." - type: bool - default: false - smokeping_prober_binary_local_dir: - description: - - "Enables the use of local packages instead of those distributed on github." - - "The parameter may be set to a directory where the C(smokeping_prober) binary is stored on the host where ansible is run." - - "This overrides the I(smokeping_prober_version) parameter" smokeping_prober_binary_url: description: "URL of the Smokeping Prober binaries .tar.gz file" - default: "https://github.com/{{ _smokeping_prober_repo }}/releases/download/v{{ smokeping_prober_version }}/smokeping_prober-{{ smokeping_prober_version }}.linux-{{ go_arch }}.tar.gz" + default: "https://github.com/{{ _smokeping_prober_repo }}/releases/download/v{{ smokeping_prober_version }}/smokeping_prober-{{ smokeping_prober_version }}.{{ ansible_system | lower }}-{{ _smokeping_prober_go_ansible_arch }}.tar.gz" smokeping_prober_checksums_url: description: "URL of the Smokeping Prober checksums file" default: "https://github.com/{{ _smokeping_prober_repo }}/releases/download/v{{ smokeping_prober_version }}/sha256sums.txt" @@ -30,7 +21,7 @@ argument_specs: description: "Address on which Smokeping Prober will listen" default: "0.0.0.0:9374" smokeping_prober_config_dir: - description: "The directory of the smokeping_prober probes config files" + description: "Path to directory with smokeping_prober configuration" default: "/etc/smokeping_prober" smokeping_prober_config_file: description: "The filename of the smokeping_prober probes config file" @@ -66,6 +57,6 @@ argument_specs: - "I(Advanced)" - "Smokeping Prober user" default: "smokeping" - smokeping_archive_path: - description: 'Local path to stash the archive and its extraction' - default: "/tmp" + smokeping_prober_local_cache_path: + description: "Local path to stash the archive and its extraction" + default: "/tmp/smokeping_prober-{{ ansible_system | lower }}-{{ _smokeping_prober_go_ansible_arch }}/{{ smokeping_prober_version }}" diff --git a/roles/smokeping_prober/molecule/alternative/molecule.yml b/roles/smokeping_prober/molecule/alternative/molecule.yml index 72671055..6d396649 100644 --- a/roles/smokeping_prober/molecule/alternative/molecule.yml +++ b/roles/smokeping_prober/molecule/alternative/molecule.yml @@ -5,7 +5,7 @@ provisioner: inventory: group_vars: all: - smokeping_prober_binary_local_dir: "/tmp/smokeping_prober-linux-amd64" + smokeping_prober_local_cache_path: "/tmp/smokeping_prober-linux-amd64" smokeping_prober_web_listen_address: - '127.0.0.1:8080' - '127.0.1.1:8080' @@ -16,9 +16,6 @@ provisioner: http2: true smokeping_prober_basic_auth_users: randomuser: examplepassword - go_arch: amd64 smokeping_prober_version: 0.7.0 - smokeping_prober_archive_path: /tmp - smokeping_archive_path: /tmp smokeping_prober_binary_url: "https://github.com/superq/smokeping_prober/releases/download/v{{ smokeping_prober_version\ - \ }}/smokeping_prober-{{ smokeping_prober_version }}.linux-{{ go_arch }}.tar.gz" + \ }}/smokeping_prober-{{ smokeping_prober_version }}.linux-amd64.tar.gz" diff --git a/roles/smokeping_prober/molecule/default/tests/test_default.py b/roles/smokeping_prober/molecule/default/tests/test_default.py index a0ce3131..b2101868 100644 --- a/roles/smokeping_prober/molecule/default/tests/test_default.py +++ b/roles/smokeping_prober/molecule/default/tests/test_default.py @@ -46,7 +46,6 @@ def test_user(host): assert host.group("smokeping").exists assert "smokeping" in host.user("smokeping").groups assert host.user("smokeping").shell == "/usr/sbin/nologin" - assert host.user("smokeping").home == "/" def test_service(host): diff --git a/roles/smokeping_prober/tasks/configure.yml b/roles/smokeping_prober/tasks/configure.yml index e036df8f..42eb628f 100644 --- a/roles/smokeping_prober/tasks/configure.yml +++ b/roles/smokeping_prober/tasks/configure.yml @@ -1,20 +1,19 @@ --- -- name: Copy the smokeping_prober systemd service file - ansible.builtin.template: - src: smokeping_prober.service.j2 - dest: /etc/systemd/system/smokeping_prober.service - owner: root - group: root - mode: 0644 - notify: restart smokeping_prober - -- name: Create smokeping_prober config directory - ansible.builtin.file: - path: "{{ smokeping_prober_config_dir }}" - state: directory - owner: root - group: root - mode: u+rwX,g+rwX,o=rX +- name: Configure + ansible.builtin.include_role: + name: prometheus.prometheus._common + tasks_from: configure.yml + vars: + _common_system_user: "{{ smokeping_prober_system_user }}" + _common_system_group: "{{ smokeping_prober_system_group }}" + _common_config_dir: "{{ smokeping_prober_config_dir }}" + _common_tls_server_config: "{{ smokeping_prober_tls_server_config }}" + _common_http_server_config: "{{ smokeping_prober_http_server_config }}" + _common_basic_auth_users: "{{ smokeping_prober_basic_auth_users }}" + tags: + - smokeping_prober + - configure + - smokeping_prober_configure - name: Copy the smokeping_prober config file ansible.builtin.template: @@ -25,28 +24,8 @@ mode: 0644 no_log: "{{ false if (lookup('env', 'CI')) or (lookup('env', 'MOLECULE_PROVISIONER_NAME')) else true }}" notify: restart smokeping_prober - -- name: Configure smokeping_prober web config - when: - ( smokeping_prober_tls_server_config | length > 0 ) or - ( smokeping_prober_http_server_config | length > 0 ) or - ( smokeping_prober_basic_auth_users | length > 0 ) - block: - - name: Copy the smokeping_prober web config file - ansible.builtin.template: - src: web_config.yaml.j2 - dest: "{{ smokeping_prober_config_dir }}/web_config.yaml" - owner: root - group: root - mode: 0644 - notify: restart smokeping_prober - -- name: Allow smokeping_prober port in SELinux on RedHat OS family - community.general.seport: - ports: "{{ smokeping_prober_web_listen_address.split(':')[-1] }}" - proto: tcp - setype: http_port_t - state: present - when: - - ansible_version.full is version_compare('2.4', '>=') - - ansible_selinux.status == "enabled" + become: true + tags: + - smokeping_prober + - configure + - smokeping_prober_configure diff --git a/roles/smokeping_prober/tasks/install.yml b/roles/smokeping_prober/tasks/install.yml deleted file mode 100644 index cdf161ef..00000000 --- a/roles/smokeping_prober/tasks/install.yml +++ /dev/null @@ -1,69 +0,0 @@ ---- -- name: Create the smokeping_prober group - ansible.builtin.group: - name: "{{ smokeping_prober_system_group }}" - state: present - system: true - when: smokeping_prober_system_group != "root" - -- name: Create the smokeping_prober user - ansible.builtin.user: - name: "{{ smokeping_prober_system_user }}" - groups: "{{ smokeping_prober_system_group }}" - append: true - shell: /usr/sbin/nologin - system: true - create_home: false - home: / - when: smokeping_prober_system_user != "root" - -- name: Get binary - when: - - smokeping_prober_binary_local_dir | length == 0 - - not smokeping_prober_skip_install - block: - - - name: Download smokeping_prober binary to local folder - become: false - ansible.builtin.get_url: - url: "{{ smokeping_prober_binary_url }}" - dest: "{{ smokeping_archive_path }}/smokeping_prober-{{ smokeping_prober_version }}.linux-{{ go_arch }}.tar.gz" - checksum: "sha256:{{ __smokeping_prober_checksum }}" - mode: '0644' - register: _download_binary - until: _download_binary is succeeded - retries: 5 - delay: 2 - delegate_to: localhost - check_mode: false - - - name: Unpack smokeping_prober binary - become: false - ansible.builtin.unarchive: - src: "{{ smokeping_archive_path }}/smokeping_prober-{{ smokeping_prober_version }}.linux-{{ go_arch }}.tar.gz" - dest: "{{ smokeping_archive_path }}" - creates: "{{ smokeping_archive_path }}/smokeping_prober-{{ smokeping_prober_version }}.linux-{{ go_arch }}/smokeping_prober" - delegate_to: localhost - check_mode: false - - - name: Propagate smokeping_prober binaries - ansible.builtin.copy: - src: "{{ smokeping_archive_path }}/smokeping_prober-{{ smokeping_prober_version }}.linux-{{ go_arch }}/smokeping_prober" - dest: "{{ smokeping_prober_binary_install_dir }}/smokeping_prober" - mode: 0755 - owner: root - group: root - notify: restart smokeping_prober - when: not ansible_check_mode - -- name: Propagate locally distributed smokeping_prober binary - ansible.builtin.copy: - src: "{{ smokeping_prober_binary_local_dir }}/smokeping_prober" - dest: "{{ smokeping_prober_binary_install_dir }}/smokeping_prober" - mode: 0755 - owner: root - group: root - when: - - smokeping_prober_binary_local_dir | length > 0 - - not smokeping_prober_skip_install - notify: restart smokeping_prober diff --git a/roles/smokeping_prober/tasks/main.yml b/roles/smokeping_prober/tasks/main.yml index a49265ff..e2f11844 100644 --- a/roles/smokeping_prober/tasks/main.yml +++ b/roles/smokeping_prober/tasks/main.yml @@ -2,40 +2,34 @@ - name: Preflight ansible.builtin.include_tasks: file: preflight.yml - apply: - tags: - - smokeping_prober_install - - smokeping_prober_configure - - smokeping_prober_run tags: - smokeping_prober_install - smokeping_prober_configure - smokeping_prober_run - name: Install - ansible.builtin.include_tasks: - file: install.yml - apply: - become: true - tags: - - smokeping_prober_install - when: - ( not __smokeping_prober_is_installed.stat.exists ) or - ( (__smokeping_prober_current_version_output.stderr_lines | length > 0) - and (__smokeping_prober_current_version_output.stderr_lines[0].split(" ")[2] != smokeping_prober_version) ) or - ( (__smokeping_prober_current_version_output.stdout_lines | length > 0) - and (__smokeping_prober_current_version_output.stdout_lines[0].split(" ")[2] != smokeping_prober_version) ) or - ( smokeping_prober_binary_local_dir | length > 0 ) + ansible.builtin.include_role: + name: prometheus.prometheus._common + tasks_from: install.yml + vars: + _common_local_cache_path: "{{ smokeping_prober_local_cache_path }}" + _common_binaries: "{{ _smokeping_prober_binaries }}" + _common_binary_install_dir: "{{ smokeping_prober_binary_install_dir }}" + _common_binary_url: "{{ smokeping_prober_binary_url }}" + _common_checksums_url: "{{ smokeping_prober_checksums_url }}" + _common_system_group: "{{ smokeping_prober_system_group }}" + _common_system_user: "{{ smokeping_prober_system_user }}" + _common_config_dir: "{{ smokeping_prober_config_dir }}" + _common_binary_unarchive_opts: ['--strip-components=1'] tags: - smokeping_prober_install - name: SELinux - ansible.builtin.include_tasks: - file: selinux.yml - apply: - become: true - tags: - - smokeping_prober_configure + ansible.builtin.include_role: + name: prometheus.prometheus._common + tasks_from: selinux.yml + vars: + _common_selinux_port: "{{ smokeping_prober_web_listen_address | urlsplit('port') }}" when: ansible_selinux.status == "enabled" tags: - smokeping_prober_configure @@ -43,10 +37,6 @@ - name: Configure ansible.builtin.include_tasks: file: configure.yml - apply: - become: true - tags: - - smokeping_prober_configure tags: - smokeping_prober_configure diff --git a/roles/smokeping_prober/tasks/preflight.yml b/roles/smokeping_prober/tasks/preflight.yml index e1bf6f75..8a106b27 100644 --- a/roles/smokeping_prober/tasks/preflight.yml +++ b/roles/smokeping_prober/tasks/preflight.yml @@ -1,24 +1,8 @@ --- -- name: Assert usage of systemd as an init system - ansible.builtin.assert: - that: ansible_service_mgr == 'systemd' - msg: "This role only works with systemd" - -- name: Install package fact dependencies - become: true - ansible.builtin.package: - name: "{{ _pkg_fact_req }}" - state: present - when: (_pkg_fact_req) - vars: - _pkg_fact_req: "{% if (ansible_pkg_mgr == 'apt') %}\ - {{ ('python-apt' if ansible_python_version is version('3', '<') else 'python3-apt') }} - {% else %}\ - {% endif %}" - -- name: Gather package facts - ansible.builtin.package_facts: - when: "not 'packages' in ansible_facts" +- name: Common preflight + ansible.builtin.include_role: + name: prometheus.prometheus._common + tasks_from: preflight.yml - name: Assert that used version supports listen address type ansible.builtin.assert: @@ -66,23 +50,6 @@ - "__smokeping_prober_cert_file.stat.exists" - "__smokeping_prober_key_file.stat.exists" -- name: Check if smokeping_prober is installed - ansible.builtin.stat: - path: "{{ smokeping_prober_binary_install_dir }}/smokeping_prober" - register: __smokeping_prober_is_installed - check_mode: false - tags: - - smokeping_prober_install - -- name: Gather currently installed smokeping_prober version (if any) - ansible.builtin.command: "{{ smokeping_prober_binary_install_dir }}/smokeping_prober --version" - changed_when: false - register: __smokeping_prober_current_version_output - check_mode: false - when: __smokeping_prober_is_installed.stat.exists - tags: - - smokeping_prober_install - - name: Discover latest version ansible.builtin.set_fact: smokeping_prober_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _smokeping_prober_repo }}/releases/latest', headers=_github_api_headers, @@ -92,24 +59,9 @@ retries: 10 when: - smokeping_prober_version == "latest" - - smokeping_prober_binary_local_dir | length == 0 - - not smokeping_prober_skip_install - -- name: Get smokeping_prober binary checksum - when: - - smokeping_prober_binary_local_dir | length == 0 - - not smokeping_prober_skip_install - block: - - name: Get checksum list from github - ansible.builtin.set_fact: - __smokeping_prober_checksums: "{{ lookup('url', smokeping_prober_checksums_url, headers=_github_api_headers, wantlist=True) | list }}" - run_once: true - until: __smokeping_prober_checksums is search('linux-' + go_arch + '.tar.gz') - retries: 10 - - - name: "Get checksum for {{ go_arch }}" - ansible.builtin.set_fact: - __smokeping_prober_checksum: "{{ item.split(' ')[0] }}" - with_items: "{{ __smokeping_prober_checksums }}" - when: - - "('linux-' + go_arch + '.tar.gz') in item" + tags: + - smokeping_prober + - install + - smokeping_prober_install + - download + - smokeping_prober_download diff --git a/roles/smokeping_prober/tasks/selinux.yml b/roles/smokeping_prober/tasks/selinux.yml deleted file mode 100644 index 754cbd0a..00000000 --- a/roles/smokeping_prober/tasks/selinux.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Install selinux python packages [RedHat] - ansible.builtin.package: - name: "{{ ['libselinux-python', 'policycoreutils-python'] - if ansible_python_version is version('3', '<') else - ['python3-libselinux', 'python3-policycoreutils'] }}" - state: present - register: _install_selinux_packages - until: _install_selinux_packages is success - retries: 5 - delay: 2 - when: ansible_os_family | lower == "redhat" - -- name: Install selinux python packages [clearlinux] - ansible.builtin.package: - name: sysadmin-basic - state: present - register: _install_selinux_packages - until: _install_selinux_packages is success - retries: 5 - delay: 2 - when: - - ansible_distribution | lower == "clearlinux" diff --git a/roles/smokeping_prober/templates/smokeping_prober.service.j2 b/roles/smokeping_prober/templates/smokeping_prober.service.j2 index 8fc1e216..6ea9991a 100644 --- a/roles/smokeping_prober/templates/smokeping_prober.service.j2 +++ b/roles/smokeping_prober/templates/smokeping_prober.service.j2 @@ -13,6 +13,9 @@ PermissionsStartOnly=true ExecReload=/bin/kill -HUP $MAINPID ExecStart={{ smokeping_prober_binary_install_dir }}/smokeping_prober \ --config.file={{ smokeping_prober_config_dir }}//{{ smokeping_prober_config_file }} \ +{% if smokeping_prober_tls_server_config | length > 0 or smokeping_prober_http_server_config | length > 0 or smokeping_prober_basic_auth_users | length > 0 %} + '--web.config.file={{ smokeping_prober_config_dir }}/web_config.yml' \ +{% endif %} {% if smokeping_prober_version is version('0.7.0', '>=') and smokeping_prober_web_listen_address is iterable and smokeping_prober_web_listen_address is not mapping and diff --git a/roles/smokeping_prober/templates/web_config.yaml.j2 b/roles/smokeping_prober/templates/web_config.yaml.j2 deleted file mode 100644 index 5b5c675f..00000000 --- a/roles/smokeping_prober/templates/web_config.yaml.j2 +++ /dev/null @@ -1,18 +0,0 @@ ---- -{{ ansible_managed | comment }} -{% if smokeping_prober_tls_server_config | length > 0 %} -tls_server_config: -{{ smokeping_prober_tls_server_config | to_nice_yaml | indent(2, true) }} -{% endif %} - -{% if smokeping_prober_http_server_config | length > 0 %} -http_server_config: -{{ smokeping_prober_http_server_config | to_nice_yaml | indent(2, true) }} -{% endif %} - -{% if smokeping_prober_basic_auth_users | length > 0 %} -basic_auth_users: -{% for k, v in smokeping_prober_basic_auth_users.items() %} - {{ k }}: {{ v | string | password_hash('bcrypt', ('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' | shuffle(seed=inventory_hostname) | join)[:22], rounds=9) }} -{% endfor %} -{% endif %} diff --git a/roles/smokeping_prober/vars/main.yml b/roles/smokeping_prober/vars/main.yml index ecbe80df..a432411c 100644 --- a/roles/smokeping_prober/vars/main.yml +++ b/roles/smokeping_prober/vars/main.yml @@ -1,11 +1,9 @@ --- -go_arch_map: - i386: '386' - x86_64: 'amd64' - aarch64: 'arm64' - armv7l: 'armv7' - armv6l: 'armv6' - -go_arch: "{{ go_arch_map[ansible_architecture] | default(ansible_architecture) }}" +_smokeping_prober_go_ansible_arch: "{{ {'i386': '386', + 'x86_64': 'amd64', + 'aarch64': 'arm64', + 'armv7l': 'armv7', + 'armv6l': 'armv6'}.get(ansible_architecture, ansible_architecture) }}" _smokeping_prober_repo: "superq/smokeping_prober" _github_api_headers: "{{ {'GITHUB_TOKEN': lookup('ansible.builtin.env', 'GITHUB_TOKEN')} if (lookup('ansible.builtin.env', 'GITHUB_TOKEN')) else {} }}" +_smokeping_prober_binaries: ['smokeping_prober']