From 837d34e637bfb645f3d9be366b44ecf786aefb11 Mon Sep 17 00:00:00 2001 From: Swen Jedlicka Date: Mon, 24 Jul 2023 13:34:59 +0200 Subject: [PATCH 01/24] add playbooks for simplifying creating checks --- README.md | 16 ++++ playbooks/azure_oauth_token.yml | 73 ++++++++++++++++ playbooks/domon-check_gitlab_scheduler.yml | 65 ++++++++++++++ playbooks/domon-https.yml | 37 ++++++++ playbooks/domon-json-azure-restapi.yml | 87 +++++++++++++++++++ ...omon-json-azure_restapi_resourcehealth.yml | 30 +++++++ playbooks/domon-json.yml | 82 +++++++++++++++++ playbooks/domon-template-empty-host.yml | 21 +++++ 8 files changed, 411 insertions(+) create mode 100644 playbooks/azure_oauth_token.yml create mode 100644 playbooks/domon-check_gitlab_scheduler.yml create mode 100644 playbooks/domon-https.yml create mode 100644 playbooks/domon-json-azure-restapi.yml create mode 100644 playbooks/domon-json-azure_restapi_resourcehealth.yml create mode 100644 playbooks/domon-json.yml create mode 100644 playbooks/domon-template-empty-host.yml diff --git a/README.md b/README.md index 4612c86..c3d1273 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,8 @@ This Ansible collection contains: 4. An extra [collection](https://github.com/T-Systems-MMS/ansible-collection-icinga-business-process) to use the [Business Process module](https://github.com/Icinga/icingaweb2-module-businessprocess) + 5. Ansible playbooks to create various objects in Icinga 2 using the director API + ## Requirements - Ansible version: 2.9.10 @@ -50,6 +52,20 @@ Check out the 'Documentation' part for the modules [here](https://github.com/T-S **icinga_business_process collection:** Check out the 'Documentation' part for this collection [here](https://github.com/T-Systems-MMS/ansible-collection-icinga-business-process/blob/master/roles/ansible_icinga_business_process/README.md) + +**icinga playbooks:** + +| playbook| description +|------------|----------------------------------------------------------------------- +| azure_oauth_token.yml | get azure oauth token +| domon-check_gitlab_scheduler.yml | check gitlab scheduled pipelines +| domon-https.yml | check https reacahbility and certificates +| domon-json-azure_restapi_resourcehealth.yml | check state of azure resourcehealth +| domon-json-azure-restapi.yml | do a json check against azure restapi (with oauth_token) +| domon-json.yml | do a json check +| domon-template-empty-host.yml | create a host template for an empty host + + ## License GPLv3 diff --git a/playbooks/azure_oauth_token.yml b/playbooks/azure_oauth_token.yml new file mode 100644 index 0000000..e12cfb5 --- /dev/null +++ b/playbooks/azure_oauth_token.yml @@ -0,0 +1,73 @@ +--- +- hosts: localhost + gather_facts: false + collections: + - telekom_mms.icinga_director + vars: + ansible_role: ansible_icinga + ansible_task: + command: icinga_command + service_template: icinga_service_template + object_name: azure_oauth_token + tasks: + # icinga_command + - name: "{{ ansible_task.command }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.command }}" + vars: + icinga_commands: + - command_object: + - "{{ object_name }}" + command: "{{ object_name }}.py" + arguments: + '(no key)': + order: 1 + required: true + skip_key: true + value: "$tenant_id$" + '(no key.1)': + order: 2 + required: true + skip_key: true + value: "$client_id$" + '(no key.2)': + order: 3 + required: true + skip_key: true + value: "$client_secret$" + '(no key.3)': + order: 4 + required: true + skip_key: true + value: "$scope$" + # icinga_service_template + - name: "{{ ansible_task.service_template }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.service_template }}" + vars: + icinga_service_templates: + - service_template_object: + - "{{ object_name }}" + check_command: "{{ object_name }}" + check_interval: 50m + +# EXAMPLES +## used for service_apply +#- name: "{{ ansible_task.service_apply }}_azure" +# include_role: +# name: "{{ ansible_role }}" +# tasks_from: "{{ ansible_task.service_apply }}" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "{{ object_name }}" +# display_name: "{{ object_name }}" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# tenant_id: "ID" +# client_id: "ID" +# client_secret: "secret" +# scope: "https://management.azure.com/.default" diff --git a/playbooks/domon-check_gitlab_scheduler.yml b/playbooks/domon-check_gitlab_scheduler.yml new file mode 100644 index 0000000..9f09474 --- /dev/null +++ b/playbooks/domon-check_gitlab_scheduler.yml @@ -0,0 +1,65 @@ +--- +- hosts: localhost + gather_facts: false + collections: + - telekom_mms.icinga_director + vars: + ansible_role: ansible_icinga + ansible_task: + command: icinga_command + service_template: icinga_service_template + object_name: check_gitlab_scheduler + tasks: + # icinga_command + - name: "{{ ansible_task.command }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.command }}" + vars: + icinga_commands: + - command_object: + - "{{ object_name }}" + command: "{{ object_name }}.py" + arguments: + '-p': + required: true + value: "$projectid$" + '-s': + required: true + value: "$schedulerid$" + '-t': + required: true + value: "$token$" + '-o': + required: false + value: "$pending_timeout$" + # icinga_service_template + - name: "{{ ansible_task.service_template }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.service_template }}" + vars: + icinga_service_templates: + - service_template_object: + - "{{ object_name }}" + check_command: "{{ object_name }}" + check_interval: 5m + +# EXAMPLES +## used for service_apply +#- name: "{{ ansible_task.service_apply }}_azure" +# include_role: +# name: "{{ ansible_role }}" +# tasks_from: "{{ ansible_task.service_apply }}" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "check_gitlab_scheduler" +# display_name: "{{ object_name }}_pipelinename" +# assign_filter: "{{'host.name="gitlab-pipelines"'}}" +# vars: +# projectid: "111" +# schedulerid: "222" +# token: "{{ gitlab_project_token }}" + diff --git a/playbooks/domon-https.yml b/playbooks/domon-https.yml new file mode 100644 index 0000000..fa94ff8 --- /dev/null +++ b/playbooks/domon-https.yml @@ -0,0 +1,37 @@ +--- +- hosts: localhost + gather_facts: false + collections: + - telekom_mms.icinga_director + vars: + ansible_role: ansible_icinga + ansible_task: + service_template: icinga_service_template + object_name: domon-https + tasks: + # icinga_service_template + - name: "{{ ansible_task.service_template }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.service_template }}" + vars: + icinga_service_templates: + - service_template_object: + - "{{ object_name }}" + imports: + - "domon-non-agent-service" + check_command: http + check_interval: 300 + vars: + http_address: $check_address$ + http_extendedperfdata: false + http_invertregex: false + http_sni: true + http_ssl: true + http_timeout: 30 + - service_template_object: + - "{{ object_name }}-certificate" + imports: + - "{{ object_name }}" + check_period: only_at_1000-1005 + check_timeout: 60 diff --git a/playbooks/domon-json-azure-restapi.yml b/playbooks/domon-json-azure-restapi.yml new file mode 100644 index 0000000..0ca7496 --- /dev/null +++ b/playbooks/domon-json-azure-restapi.yml @@ -0,0 +1,87 @@ +--- +- hosts: localhost + gather_facts: false + collections: + - telekom_mms.icinga_director + vars: + ansible_role: ansible_icinga + ansible_task: + command: icinga_command + service_template: icinga_service_template + object_name: check_json_azure_restapi + tasks: + # icinga_command + - name: "{{ ansible_task.command }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.command }}" + vars: + icinga_commands: + - command_object: + - "{{ object_name }}" + command: "check_json.pl" + arguments: + '--ignoressl': + set_if: "$json_ignoressl$" + '-T': "$json_contenttype$" + '-a': + required: true + value: "$json_attributes$" + '-b': + required: true + type: Function + body: "return get_service(macro(\"$azure_oauth_token_host$\"), macro(\"$azure_oauth_token_service$\")).last_check_result.output" + '-c': + required: true + type: Function + body: "macro(\"$json_crit$\")" + '-d': "$json_divisor$" + '-e': "$json_expect$" + '-m': "$json_metadata$" + '-o': "$json_outputvars$" + '-p': "$json_perfvars$" + '-t': "$json_timeout$" + '-u': + required: true + value: "$json_url$" + '-w': + required: true + type: Function + body: "macro(\"$json_warn$\")" + '-x': "$json_xauth$" + # icinga_service_template + - name: "{{ ansible_task.service_template }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.service_template }}" + vars: + icinga_service_templates: + - service_template_object: + - "domon-json-azure-restapi" + imports: + - "domon-non-agent-service" + check_command: "{{ object_name }}" + check_interval: 5m + vars: + json_url: "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$?api-version=$azure_restapi_version$" + json_ignoressl: true + +# EXAMPLES +## used for service_apply +#- name: "{{ ansible_task.service_apply }}_azure" +# include_role: +# name: "{{ ansible_role }}" +# tasks_from: "{{ ansible_task.service_apply }}" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "domon-json-azure-restapi" +# display_name: "{{ object_name }}" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# json_url: "https://management.azure.com/subscriptions/xxx" +# json_attributes: '{properties}->{state}' +# json_expect: Ready +# json_ignoressl: true +# json_outputvars: '{properties}->{state}' diff --git a/playbooks/domon-json-azure_restapi_resourcehealth.yml b/playbooks/domon-json-azure_restapi_resourcehealth.yml new file mode 100644 index 0000000..b5cd414 --- /dev/null +++ b/playbooks/domon-json-azure_restapi_resourcehealth.yml @@ -0,0 +1,30 @@ +--- +- hosts: localhost + gather_facts: false + collections: + - telekom_mms.icinga_director + vars: + ansible_role: ansible_icinga + ansible_task: + service_template: icinga_service_template + object_name: azure_restapi_resourcehealth + tasks: + # icinga_service_template + - name: "{{ ansible_task.service_template }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.service_template }}" + vars: + icinga_service_templates: + - service_template_object: + - "domon-json-azure_restapi_resourcehealth" + imports: + - "domon-non-agent-service" + check_command: "check_json_azure_restapi" + check_interval: 5m + vars: + json_url: "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$/providers/Microsoft.ResourceHealth/availabilityStatuses/current?api-version=2020-05-01-preview" + json_expect: Available + json_ignoressl: true + json_attributes: '{properties}->{availabilityState}' + json_outputvars: '{properties}->{availabilityState},{properties}->{summary},{properties}->{reasonType},{properties}->{occuredTime}' diff --git a/playbooks/domon-json.yml b/playbooks/domon-json.yml new file mode 100644 index 0000000..80fd01e --- /dev/null +++ b/playbooks/domon-json.yml @@ -0,0 +1,82 @@ +--- +- hosts: localhost + gather_facts: false + collections: + - telekom_mms.icinga_director + vars: + ansible_role: ansible_icinga + ansible_task: + command: icinga_command + service_template: icinga_service_template + object_name: check_json + tasks: + # icinga_command + - name: "{{ ansible_task.command }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.command }}" + vars: + icinga_commands: + - command_object: + - "{{ object_name }}" + command: "{{ object_name }}.pl" + arguments: + '--ignoressl': + set_if: "$json_ignoressl$" + '-T': "$json_contenttype$" + '-a': + required: true + value: "$json_attributes$" + '-b': + value: "$json_bearer$" + '-c': + required: true + type: Function + body: "macro(\"$json_crit$\")" + '-d': "$json_divisor$" + '-e': "$json_expect$" + '-m': "$json_metadata$" + '-o': "$json_outputvars$" + '-p': "$json_perfvars$" + '-t': "$json_timeout$" + '-u': + required: true + value: "$json_url$" + '-w': + required: true + type: Function + body: "macro(\"$json_warn$\")" + '-x': "$json_xauth$" + # icinga_service_template + - name: "{{ ansible_task.service_template }}-{{ object_name }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.service_template }}" + vars: + icinga_service_templates: + - service_template_object: + - "domon-json" + imports: + - "domon-non-agent-service" + check_command: "{{ object_name }}" + check_interval: 5m + +# EXAMPLES +## used for service_apply +#- name: "{{ ansible_task.service_apply }}_azure" +# include_role: +# name: "{{ ansible_role }}" +# tasks_from: "{{ ansible_task.service_apply }}" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "domon-json" +# display_name: "{{ object_name }}" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# json_url: "https://api/xxx" +# json_attributes: '{state}' +# json_expect: Online +# json_ignoressl: true +# json_outputvars: '{state}' diff --git a/playbooks/domon-template-empty-host.yml b/playbooks/domon-template-empty-host.yml new file mode 100644 index 0000000..dcc230d --- /dev/null +++ b/playbooks/domon-template-empty-host.yml @@ -0,0 +1,21 @@ +--- +- hosts: localhost + gather_facts: false + collections: + - telekom_mms.icinga_director + vars: + ansible_role: ansible_icinga + ansible_task: + host_template: icinga_host_template + object_name: empty-host + tasks: + # icinga_host_template + - name: "{{ ansible_task.host_template }}" + include_role: + name: "{{ ansible_role }}" + tasks_from: "{{ ansible_task.host_template }}" + vars: + icinga_host_templates: + - host_template_object: + - domon-template-{{ object_name }} + check_command: dummy From fd6578ad94d8399511007f47c5571cc109758046 Mon Sep 17 00:00:00 2001 From: Swen Jedlicka Date: Mon, 24 Jul 2023 14:44:30 +0200 Subject: [PATCH 02/24] fix linting --- playbooks/azure_oauth_token.yml | 77 ++++++------- playbooks/domon-check_gitlab_scheduler.yml | 76 ++++++------ playbooks/domon-https.yml | 24 ++-- playbooks/domon-json-azure-restapi.yml | 109 +++++++++--------- ...omon-json-azure_restapi_resourcehealth.yml | 31 +++-- playbooks/domon-json.yml | 105 ++++++++--------- playbooks/domon-template-empty-host.yml | 18 ++- 7 files changed, 211 insertions(+), 229 deletions(-) diff --git a/playbooks/azure_oauth_token.yml b/playbooks/azure_oauth_token.yml index e12cfb5..62e26a1 100644 --- a/playbooks/azure_oauth_token.yml +++ b/playbooks/azure_oauth_token.yml @@ -1,73 +1,70 @@ --- -- hosts: localhost +- name: Create objects in Icinga + hosts: localhost gather_facts: false collections: - - telekom_mms.icinga_director + - telekom_mms.icinga_director vars: - ansible_role: ansible_icinga - ansible_task: - command: icinga_command - service_template: icinga_service_template object_name: azure_oauth_token tasks: # icinga_command - - name: "{{ ansible_task.command }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.command }}" + - name: "Icinga_command-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_command" vars: icinga_commands: - command_object: - - "{{ object_name }}" + - "{{ object_name }}" command: "{{ object_name }}.py" arguments: - '(no key)': + (no key): order: 1 required: true skip_key: true - value: "$tenant_id$" - '(no key.1)': + value: $tenant_id$ + (no key.1): order: 2 required: true skip_key: true - value: "$client_id$" - '(no key.2)': + value: $client_id$ + (no key.2): order: 3 required: true skip_key: true - value: "$client_secret$" - '(no key.3)': + value: $client_secret$ + (no key.3): order: 4 required: true skip_key: true - value: "$scope$" + value: $scope$ # icinga_service_template - - name: "{{ ansible_task.service_template }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.service_template }}" + - name: "Icinga_service_template-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_service_template" vars: icinga_service_templates: - service_template_object: - - "{{ object_name }}" + - "{{ object_name }}" check_command: "{{ object_name }}" check_interval: 50m # EXAMPLES ## used for service_apply -#- name: "{{ ansible_task.service_apply }}_azure" -# include_role: -# name: "{{ ansible_role }}" -# tasks_from: "{{ ansible_task.service_apply }}" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "{{ object_name }}" -# display_name: "{{ object_name }}" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# tenant_id: "ID" -# client_id: "ID" -# client_secret: "secret" -# scope: "https://management.azure.com/.default" +# - name: "Icinga_service_apply_azure" +# include_role: +# name: "ansible_icinga" +# tasks_from: "icinga_service_apply" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "{{ object_name }}" +# display_name: "{{ object_name }}" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# tenant_id: "ID" +# client_id: "ID" +# client_secret: "secret" +# scope: "https://management.azure.com/.default" diff --git a/playbooks/domon-check_gitlab_scheduler.yml b/playbooks/domon-check_gitlab_scheduler.yml index 9f09474..207482f 100644 --- a/playbooks/domon-check_gitlab_scheduler.yml +++ b/playbooks/domon-check_gitlab_scheduler.yml @@ -1,65 +1,61 @@ --- -- hosts: localhost +- name: Create objects in Icinga + hosts: localhost gather_facts: false collections: - - telekom_mms.icinga_director + - telekom_mms.icinga_director vars: - ansible_role: ansible_icinga - ansible_task: - command: icinga_command - service_template: icinga_service_template object_name: check_gitlab_scheduler tasks: # icinga_command - - name: "{{ ansible_task.command }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.command }}" + - name: "Icinga_command-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_command}" vars: icinga_commands: - command_object: - - "{{ object_name }}" + - "{{ object_name }}" command: "{{ object_name }}.py" arguments: - '-p': + -p: required: true - value: "$projectid$" - '-s': + value: $projectid$ + -s: required: true - value: "$schedulerid$" - '-t': + value: $schedulerid$ + -t: required: true - value: "$token$" - '-o': + value: $token$ + -o: required: false - value: "$pending_timeout$" + value: $pending_timeout$ # icinga_service_template - - name: "{{ ansible_task.service_template }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.service_template }}" + - name: "Icinga_service_template-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_service_template" vars: icinga_service_templates: - service_template_object: - - "{{ object_name }}" + - "{{ object_name }}" check_command: "{{ object_name }}" check_interval: 5m # EXAMPLES ## used for service_apply -#- name: "{{ ansible_task.service_apply }}_azure" -# include_role: -# name: "{{ ansible_role }}" -# tasks_from: "{{ ansible_task.service_apply }}" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "check_gitlab_scheduler" -# display_name: "{{ object_name }}_pipelinename" -# assign_filter: "{{'host.name="gitlab-pipelines"'}}" -# vars: -# projectid: "111" -# schedulerid: "222" -# token: "{{ gitlab_project_token }}" - +# - name: "Icinga_service_apply_azure" +# include_role: +# name: "ansible_icinga" +# tasks_from: "icinga_service_apply" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "check_gitlab_scheduler" +# display_name: "{{ object_name }}_pipelinename" +# assign_filter: "{{'host.name="gitlab-pipelines"'}}" +# vars: +# projectid: "111" +# schedulerid: "222" +# token: "{{ gitlab_project_token }}" diff --git a/playbooks/domon-https.yml b/playbooks/domon-https.yml index fa94ff8..8decea4 100644 --- a/playbooks/domon-https.yml +++ b/playbooks/domon-https.yml @@ -1,25 +1,23 @@ --- -- hosts: localhost +- name: Create objects in Icinga + hosts: localhost gather_facts: false collections: - - telekom_mms.icinga_director + - telekom_mms.icinga_director vars: - ansible_role: ansible_icinga - ansible_task: - service_template: icinga_service_template object_name: domon-https tasks: # icinga_service_template - - name: "{{ ansible_task.service_template }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.service_template }}" + - name: "Icinga_service_template-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_service_template" vars: icinga_service_templates: - service_template_object: - - "{{ object_name }}" + - "{{ object_name }}" imports: - - "domon-non-agent-service" + - domon-non-agent-service check_command: http check_interval: 300 vars: @@ -30,8 +28,8 @@ http_ssl: true http_timeout: 30 - service_template_object: - - "{{ object_name }}-certificate" + - "{{ object_name }}-certificate" imports: - - "{{ object_name }}" + - "{{ object_name }}" check_period: only_at_1000-1005 check_timeout: 60 diff --git a/playbooks/domon-json-azure-restapi.yml b/playbooks/domon-json-azure-restapi.yml index 0ca7496..ef92380 100644 --- a/playbooks/domon-json-azure-restapi.yml +++ b/playbooks/domon-json-azure-restapi.yml @@ -1,87 +1,84 @@ --- -- hosts: localhost +- name: Create objects in Icinga + hosts: localhost gather_facts: false collections: - - telekom_mms.icinga_director + - telekom_mms.icinga_director vars: - ansible_role: ansible_icinga - ansible_task: - command: icinga_command - service_template: icinga_service_template object_name: check_json_azure_restapi tasks: # icinga_command - - name: "{{ ansible_task.command }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.command }}" + - name: "Icinga_command-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_command" vars: icinga_commands: - command_object: - - "{{ object_name }}" - command: "check_json.pl" + - "{{ object_name }}" + command: check_json.pl arguments: - '--ignoressl': - set_if: "$json_ignoressl$" - '-T': "$json_contenttype$" - '-a': + --ignoressl: + set_if: $json_ignoressl$ + -T: $json_contenttype$ + -a: required: true - value: "$json_attributes$" - '-b': + value: $json_attributes$ + -b: required: true type: Function - body: "return get_service(macro(\"$azure_oauth_token_host$\"), macro(\"$azure_oauth_token_service$\")).last_check_result.output" - '-c': + body: return get_service(macro("$azure_oauth_token_host$"), macro("$azure_oauth_token_service$")).last_check_result.output + -c: required: true type: Function - body: "macro(\"$json_crit$\")" - '-d': "$json_divisor$" - '-e': "$json_expect$" - '-m': "$json_metadata$" - '-o': "$json_outputvars$" - '-p': "$json_perfvars$" - '-t': "$json_timeout$" - '-u': + body: macro("$json_crit$") + -d: $json_divisor$ + -e: $json_expect$ + -m: $json_metadata$ + -o: $json_outputvars$ + -p: $json_perfvars$ + -t: $json_timeout$ + -u: required: true - value: "$json_url$" - '-w': + value: $json_url$ + -w: required: true type: Function - body: "macro(\"$json_warn$\")" - '-x': "$json_xauth$" + body: macro("$json_warn$") + -x: $json_xauth$ # icinga_service_template - - name: "{{ ansible_task.service_template }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.service_template }}" + - name: "Icinga_service_template-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_service_template" vars: icinga_service_templates: - service_template_object: - - "domon-json-azure-restapi" + - domon-json-azure-restapi imports: - - "domon-non-agent-service" + - domon-non-agent-service check_command: "{{ object_name }}" check_interval: 5m vars: - json_url: "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$?api-version=$azure_restapi_version$" + json_url: https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$?api-version=$azure_restapi_version$ json_ignoressl: true # EXAMPLES ## used for service_apply -#- name: "{{ ansible_task.service_apply }}_azure" -# include_role: -# name: "{{ ansible_role }}" -# tasks_from: "{{ ansible_task.service_apply }}" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "domon-json-azure-restapi" -# display_name: "{{ object_name }}" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# json_url: "https://management.azure.com/subscriptions/xxx" -# json_attributes: '{properties}->{state}' -# json_expect: Ready -# json_ignoressl: true -# json_outputvars: '{properties}->{state}' +# - name: "Icinga_service_template_azure" +# include_role: +# name: "ansible_icinga" +# tasks_from: "icinga_service_apply" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "domon-json-azure-restapi" +# display_name: "{{ object_name }}" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# json_url: "https://management.azure.com/subscriptions/xxx" +# json_attributes: '{properties}->{state}' +# json_expect: Ready +# json_ignoressl: true +# json_outputvars: '{properties}->{state}' diff --git a/playbooks/domon-json-azure_restapi_resourcehealth.yml b/playbooks/domon-json-azure_restapi_resourcehealth.yml index b5cd414..d716cbe 100644 --- a/playbooks/domon-json-azure_restapi_resourcehealth.yml +++ b/playbooks/domon-json-azure_restapi_resourcehealth.yml @@ -1,30 +1,29 @@ --- -- hosts: localhost +- name: Create objects in Icinga + hosts: localhost gather_facts: false collections: - - telekom_mms.icinga_director + - telekom_mms.icinga_director vars: - ansible_role: ansible_icinga - ansible_task: - service_template: icinga_service_template - object_name: azure_restapi_resourcehealth + object_name: azure_restapi_resourcehealth tasks: # icinga_service_template - - name: "{{ ansible_task.service_template }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.service_template }}" + - name: "Icinga_service_template-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_service_template" vars: icinga_service_templates: - service_template_object: - - "domon-json-azure_restapi_resourcehealth" + - domon-json-azure_restapi_resourcehealth imports: - - "domon-non-agent-service" - check_command: "check_json_azure_restapi" + - domon-non-agent-service + check_command: check_json_azure_restapi check_interval: 5m vars: - json_url: "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$/providers/Microsoft.ResourceHealth/availabilityStatuses/current?api-version=2020-05-01-preview" + json_url: + https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$/providers/Microsoft.ResourceHealth/availabilityStatuses/current?api-version=2020-05-01-preview json_expect: Available json_ignoressl: true - json_attributes: '{properties}->{availabilityState}' - json_outputvars: '{properties}->{availabilityState},{properties}->{summary},{properties}->{reasonType},{properties}->{occuredTime}' + json_attributes: "{properties}->{availabilityState}" + json_outputvars: "{properties}->{availabilityState},{properties}->{summary},{properties}->{reasonType},{properties}->{occuredTime}" diff --git a/playbooks/domon-json.yml b/playbooks/domon-json.yml index 80fd01e..8425c82 100644 --- a/playbooks/domon-json.yml +++ b/playbooks/domon-json.yml @@ -1,82 +1,79 @@ --- -- hosts: localhost +- name: Create objects in Icinga + hosts: localhost gather_facts: false collections: - - telekom_mms.icinga_director + - telekom_mms.icinga_director vars: - ansible_role: ansible_icinga - ansible_task: - command: icinga_command - service_template: icinga_service_template object_name: check_json tasks: # icinga_command - - name: "{{ ansible_task.command }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.command }}" + - name: "Icinga_command-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_command" vars: icinga_commands: - command_object: - - "{{ object_name }}" + - "{{ object_name }}" command: "{{ object_name }}.pl" arguments: - '--ignoressl': - set_if: "$json_ignoressl$" - '-T': "$json_contenttype$" - '-a': + --ignoressl: + set_if: $json_ignoressl$ + -T: $json_contenttype$ + -a: required: true - value: "$json_attributes$" - '-b': - value: "$json_bearer$" - '-c': + value: $json_attributes$ + -b: + value: $json_bearer$ + -c: required: true type: Function - body: "macro(\"$json_crit$\")" - '-d': "$json_divisor$" - '-e': "$json_expect$" - '-m': "$json_metadata$" - '-o': "$json_outputvars$" - '-p': "$json_perfvars$" - '-t': "$json_timeout$" - '-u': + body: macro("$json_crit$") + -d: $json_divisor$ + -e: $json_expect$ + -m: $json_metadata$ + -o: $json_outputvars$ + -p: $json_perfvars$ + -t: $json_timeout$ + -u: required: true - value: "$json_url$" - '-w': + value: $json_url$ + -w: required: true type: Function - body: "macro(\"$json_warn$\")" - '-x': "$json_xauth$" + body: macro("$json_warn$") + -x: $json_xauth$ # icinga_service_template - - name: "{{ ansible_task.service_template }}-{{ object_name }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.service_template }}" + - name: "Icinga_service_template-{{ object_name }}" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_service_template" vars: icinga_service_templates: - service_template_object: - - "domon-json" + - domon-json imports: - - "domon-non-agent-service" + - domon-non-agent-service check_command: "{{ object_name }}" check_interval: 5m # EXAMPLES ## used for service_apply -#- name: "{{ ansible_task.service_apply }}_azure" -# include_role: -# name: "{{ ansible_role }}" -# tasks_from: "{{ ansible_task.service_apply }}" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "domon-json" -# display_name: "{{ object_name }}" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# json_url: "https://api/xxx" -# json_attributes: '{state}' -# json_expect: Online -# json_ignoressl: true -# json_outputvars: '{state}' +# - name: "Icinga_service_apply_azure" +# include_role: +# name: "ansible_icinga" +# tasks_from: "icinga_service_apply" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "domon-json" +# display_name: "{{ object_name }}" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# json_url: "https://api/xxx" +# json_attributes: '{state}' +# json_expect: Online +# json_ignoressl: true +# json_outputvars: '{state}' diff --git a/playbooks/domon-template-empty-host.yml b/playbooks/domon-template-empty-host.yml index dcc230d..fcd90a2 100644 --- a/playbooks/domon-template-empty-host.yml +++ b/playbooks/domon-template-empty-host.yml @@ -1,21 +1,19 @@ --- -- hosts: localhost +- name: Create objects in Icinga + hosts: localhost gather_facts: false collections: - - telekom_mms.icinga_director + - telekom_mms.icinga_director vars: - ansible_role: ansible_icinga - ansible_task: - host_template: icinga_host_template object_name: empty-host tasks: # icinga_host_template - - name: "{{ ansible_task.host_template }}" - include_role: - name: "{{ ansible_role }}" - tasks_from: "{{ ansible_task.host_template }}" + - name: "Icinga_host_template" + ansible.builtin.include_role: + name: "ansible_icinga" + tasks_from: "icinga_host_template" vars: icinga_host_templates: - host_template_object: - - domon-template-{{ object_name }} + - domon-template-{{ object_name }} check_command: dummy From 38c1c6d2fcbf8f4dcd253f44d6f8c60e5326f3cc Mon Sep 17 00:00:00 2001 From: Swen Jedlicka Date: Mon, 24 Jul 2023 14:51:06 +0200 Subject: [PATCH 03/24] fix linting for long lines --- playbooks/domon-json-azure-restapi.yml | 4 +++- playbooks/domon-json-azure_restapi_resourcehealth.yml | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/playbooks/domon-json-azure-restapi.yml b/playbooks/domon-json-azure-restapi.yml index ef92380..17e36a1 100644 --- a/playbooks/domon-json-azure-restapi.yml +++ b/playbooks/domon-json-azure-restapi.yml @@ -60,7 +60,9 @@ check_command: "{{ object_name }}" check_interval: 5m vars: - json_url: https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$?api-version=$azure_restapi_version$ + json_url: + "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$\ + ?api-version=$azure_restapi_version$" json_ignoressl: true # EXAMPLES diff --git a/playbooks/domon-json-azure_restapi_resourcehealth.yml b/playbooks/domon-json-azure_restapi_resourcehealth.yml index d716cbe..12837a9 100644 --- a/playbooks/domon-json-azure_restapi_resourcehealth.yml +++ b/playbooks/domon-json-azure_restapi_resourcehealth.yml @@ -22,7 +22,8 @@ check_interval: 5m vars: json_url: - https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$/providers/Microsoft.ResourceHealth/availabilityStatuses/current?api-version=2020-05-01-preview + "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$/\ + providers/Microsoft.ResourceHealth/availabilityStatuses/current?api-version=2020-05-01-preview" json_expect: Available json_ignoressl: true json_attributes: "{properties}->{availabilityState}" From 797538f2e70e4201f6ecf774d73e90c7706a74a9 Mon Sep 17 00:00:00 2001 From: Swen Jedlicka Date: Mon, 24 Jul 2023 15:13:33 +0200 Subject: [PATCH 04/24] change exclude-path for ansible-lint --- .config/ansible-lint.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.config/ansible-lint.yml b/.config/ansible-lint.yml index 4dbd158..a467ba2 100644 --- a/.config/ansible-lint.yml +++ b/.config/ansible-lint.yml @@ -8,6 +8,7 @@ exclude_paths: - .yamllint - ../molecule/ - ../.github/ + - .github/ warn_list: - fqcn[keyword] From 06f4c298cb2f687a2c9475cbc87cd839110001dd Mon Sep 17 00:00:00 2001 From: Swen Jedlicka Date: Mon, 24 Jul 2023 15:22:48 +0200 Subject: [PATCH 05/24] remove collection tag from playbooks --- playbooks/azure_oauth_token.yml | 8 +++----- playbooks/domon-check_gitlab_scheduler.yml | 8 +++----- playbooks/domon-https.yml | 4 +--- playbooks/domon-json-azure-restapi.yml | 8 +++----- playbooks/domon-json-azure_restapi_resourcehealth.yml | 4 +--- playbooks/domon-json.yml | 8 +++----- playbooks/domon-template-empty-host.yml | 4 +--- 7 files changed, 15 insertions(+), 29 deletions(-) diff --git a/playbooks/azure_oauth_token.yml b/playbooks/azure_oauth_token.yml index 62e26a1..3968101 100644 --- a/playbooks/azure_oauth_token.yml +++ b/playbooks/azure_oauth_token.yml @@ -2,15 +2,13 @@ - name: Create objects in Icinga hosts: localhost gather_facts: false - collections: - - telekom_mms.icinga_director vars: object_name: azure_oauth_token tasks: # icinga_command - name: "Icinga_command-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_command" vars: icinga_commands: @@ -41,7 +39,7 @@ # icinga_service_template - name: "Icinga_service_template-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_service_template" vars: icinga_service_templates: @@ -54,7 +52,7 @@ ## used for service_apply # - name: "Icinga_service_apply_azure" # include_role: -# name: "ansible_icinga" +# name: "telekom_mms.icinga_director.ansible_icinga" # tasks_from: "icinga_service_apply" # vars: # icinga_service_applies: diff --git a/playbooks/domon-check_gitlab_scheduler.yml b/playbooks/domon-check_gitlab_scheduler.yml index 207482f..9463ca8 100644 --- a/playbooks/domon-check_gitlab_scheduler.yml +++ b/playbooks/domon-check_gitlab_scheduler.yml @@ -2,15 +2,13 @@ - name: Create objects in Icinga hosts: localhost gather_facts: false - collections: - - telekom_mms.icinga_director vars: object_name: check_gitlab_scheduler tasks: # icinga_command - name: "Icinga_command-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_command}" vars: icinga_commands: @@ -33,7 +31,7 @@ # icinga_service_template - name: "Icinga_service_template-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_service_template" vars: icinga_service_templates: @@ -46,7 +44,7 @@ ## used for service_apply # - name: "Icinga_service_apply_azure" # include_role: -# name: "ansible_icinga" +# name: "telekom_mms.icinga_director.ansible_icinga" # tasks_from: "icinga_service_apply" # vars: # icinga_service_applies: diff --git a/playbooks/domon-https.yml b/playbooks/domon-https.yml index 8decea4..e9725a6 100644 --- a/playbooks/domon-https.yml +++ b/playbooks/domon-https.yml @@ -2,15 +2,13 @@ - name: Create objects in Icinga hosts: localhost gather_facts: false - collections: - - telekom_mms.icinga_director vars: object_name: domon-https tasks: # icinga_service_template - name: "Icinga_service_template-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_service_template" vars: icinga_service_templates: diff --git a/playbooks/domon-json-azure-restapi.yml b/playbooks/domon-json-azure-restapi.yml index 17e36a1..246e655 100644 --- a/playbooks/domon-json-azure-restapi.yml +++ b/playbooks/domon-json-azure-restapi.yml @@ -2,15 +2,13 @@ - name: Create objects in Icinga hosts: localhost gather_facts: false - collections: - - telekom_mms.icinga_director vars: object_name: check_json_azure_restapi tasks: # icinga_command - name: "Icinga_command-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_command" vars: icinga_commands: @@ -49,7 +47,7 @@ # icinga_service_template - name: "Icinga_service_template-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_service_template" vars: icinga_service_templates: @@ -69,7 +67,7 @@ ## used for service_apply # - name: "Icinga_service_template_azure" # include_role: -# name: "ansible_icinga" +# name: "telekom_mms.icinga_director.ansible_icinga" # tasks_from: "icinga_service_apply" # vars: # icinga_service_applies: diff --git a/playbooks/domon-json-azure_restapi_resourcehealth.yml b/playbooks/domon-json-azure_restapi_resourcehealth.yml index 12837a9..26d6708 100644 --- a/playbooks/domon-json-azure_restapi_resourcehealth.yml +++ b/playbooks/domon-json-azure_restapi_resourcehealth.yml @@ -2,15 +2,13 @@ - name: Create objects in Icinga hosts: localhost gather_facts: false - collections: - - telekom_mms.icinga_director vars: object_name: azure_restapi_resourcehealth tasks: # icinga_service_template - name: "Icinga_service_template-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_service_template" vars: icinga_service_templates: diff --git a/playbooks/domon-json.yml b/playbooks/domon-json.yml index 8425c82..42c7895 100644 --- a/playbooks/domon-json.yml +++ b/playbooks/domon-json.yml @@ -2,15 +2,13 @@ - name: Create objects in Icinga hosts: localhost gather_facts: false - collections: - - telekom_mms.icinga_director vars: object_name: check_json tasks: # icinga_command - name: "Icinga_command-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_command" vars: icinga_commands: @@ -47,7 +45,7 @@ # icinga_service_template - name: "Icinga_service_template-{{ object_name }}" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_service_template" vars: icinga_service_templates: @@ -62,7 +60,7 @@ ## used for service_apply # - name: "Icinga_service_apply_azure" # include_role: -# name: "ansible_icinga" +# name: "telekom_mms.icinga_director.ansible_icinga" # tasks_from: "icinga_service_apply" # vars: # icinga_service_applies: diff --git a/playbooks/domon-template-empty-host.yml b/playbooks/domon-template-empty-host.yml index fcd90a2..a8eefdf 100644 --- a/playbooks/domon-template-empty-host.yml +++ b/playbooks/domon-template-empty-host.yml @@ -2,15 +2,13 @@ - name: Create objects in Icinga hosts: localhost gather_facts: false - collections: - - telekom_mms.icinga_director vars: object_name: empty-host tasks: # icinga_host_template - name: "Icinga_host_template" ansible.builtin.include_role: - name: "ansible_icinga" + name: "telekom_mms.icinga_director.ansible_icinga" tasks_from: "icinga_host_template" vars: icinga_host_templates: From 0481847d84370cd1aab7fb8dbac8fe0d8a458f2c Mon Sep 17 00:00:00 2001 From: Swen Jedlicka Date: Fri, 28 Jul 2023 15:35:27 +0200 Subject: [PATCH 06/24] rename playbooks --- README.md | 12 ++++++------ ...r.yml => icinga-check_gitlab_scheduler.yml} | 0 .../{domon-https.yml => icinga-https.yml} | 18 ++++++++++++++++-- ...stapi.yml => icinga-json-azure-restapi.yml} | 17 ++++++++++++++++- ...inga-json-azure_restapi_resourcehealth.yml} | 17 ++++++++++++++++- playbooks/{domon-json.yml => icinga-json.yml} | 17 ++++++++++++++++- ...host.yml => icinga-template-empty-host.yml} | 0 7 files changed, 70 insertions(+), 11 deletions(-) rename playbooks/{domon-check_gitlab_scheduler.yml => icinga-check_gitlab_scheduler.yml} (100%) rename playbooks/{domon-https.yml => icinga-https.yml} (62%) rename playbooks/{domon-json-azure-restapi.yml => icinga-json-azure-restapi.yml} (83%) rename playbooks/{domon-json-azure_restapi_resourcehealth.yml => icinga-json-azure_restapi_resourcehealth.yml} (67%) rename playbooks/{domon-json.yml => icinga-json.yml} (80%) rename playbooks/{domon-template-empty-host.yml => icinga-template-empty-host.yml} (100%) diff --git a/README.md b/README.md index c3d1273..80fdcbc 100644 --- a/README.md +++ b/README.md @@ -58,12 +58,12 @@ Check out the 'Documentation' part for this collection [here](https://github.com | playbook| description |------------|----------------------------------------------------------------------- | azure_oauth_token.yml | get azure oauth token -| domon-check_gitlab_scheduler.yml | check gitlab scheduled pipelines -| domon-https.yml | check https reacahbility and certificates -| domon-json-azure_restapi_resourcehealth.yml | check state of azure resourcehealth -| domon-json-azure-restapi.yml | do a json check against azure restapi (with oauth_token) -| domon-json.yml | do a json check -| domon-template-empty-host.yml | create a host template for an empty host +| icinga-check_gitlab_scheduler.yml | check gitlab scheduled pipelines +| icinga-https.yml | check https reachability and certificates +| icinga-json-azure_restapi_resourcehealth.yml | check state of azure resourcehealth +| icinga-json-azure-restapi.yml | do a json check against azure restapi (with oauth_token) +| icinga-json.yml | do a json check +| icinga-template-empty-host.yml | create a host template for an empty host ## License diff --git a/playbooks/domon-check_gitlab_scheduler.yml b/playbooks/icinga-check_gitlab_scheduler.yml similarity index 100% rename from playbooks/domon-check_gitlab_scheduler.yml rename to playbooks/icinga-check_gitlab_scheduler.yml diff --git a/playbooks/domon-https.yml b/playbooks/icinga-https.yml similarity index 62% rename from playbooks/domon-https.yml rename to playbooks/icinga-https.yml index e9725a6..610be4e 100644 --- a/playbooks/domon-https.yml +++ b/playbooks/icinga-https.yml @@ -12,10 +12,25 @@ tasks_from: "icinga_service_template" vars: icinga_service_templates: + - service_template_object: + - "domon-standard-service" + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false + command_endpoint: null + vars: + domon_enabled_notifications: [ "mail_24/7" ] - service_template_object: - "{{ object_name }}" imports: - - domon-non-agent-service + - domon-standard-service check_command: http check_interval: 300 vars: @@ -29,5 +44,4 @@ - "{{ object_name }}-certificate" imports: - "{{ object_name }}" - check_period: only_at_1000-1005 check_timeout: 60 diff --git a/playbooks/domon-json-azure-restapi.yml b/playbooks/icinga-json-azure-restapi.yml similarity index 83% rename from playbooks/domon-json-azure-restapi.yml rename to playbooks/icinga-json-azure-restapi.yml index 246e655..322f321 100644 --- a/playbooks/domon-json-azure-restapi.yml +++ b/playbooks/icinga-json-azure-restapi.yml @@ -51,10 +51,25 @@ tasks_from: "icinga_service_template" vars: icinga_service_templates: + - service_template_object: + - "domon-standard-service" + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false + command_endpoint: null + vars: + domon_enabled_notifications: [ "mail_24/7" ] - service_template_object: - domon-json-azure-restapi imports: - - domon-non-agent-service + - domon-standard-service check_command: "{{ object_name }}" check_interval: 5m vars: diff --git a/playbooks/domon-json-azure_restapi_resourcehealth.yml b/playbooks/icinga-json-azure_restapi_resourcehealth.yml similarity index 67% rename from playbooks/domon-json-azure_restapi_resourcehealth.yml rename to playbooks/icinga-json-azure_restapi_resourcehealth.yml index 26d6708..7065fb4 100644 --- a/playbooks/domon-json-azure_restapi_resourcehealth.yml +++ b/playbooks/icinga-json-azure_restapi_resourcehealth.yml @@ -12,10 +12,25 @@ tasks_from: "icinga_service_template" vars: icinga_service_templates: + - service_template_object: + - "domon-standard-service" + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false + command_endpoint: null + vars: + domon_enabled_notifications: [ "mail_24/7" ] - service_template_object: - domon-json-azure_restapi_resourcehealth imports: - - domon-non-agent-service + - domon-standard-service check_command: check_json_azure_restapi check_interval: 5m vars: diff --git a/playbooks/domon-json.yml b/playbooks/icinga-json.yml similarity index 80% rename from playbooks/domon-json.yml rename to playbooks/icinga-json.yml index 42c7895..0f03704 100644 --- a/playbooks/domon-json.yml +++ b/playbooks/icinga-json.yml @@ -49,10 +49,25 @@ tasks_from: "icinga_service_template" vars: icinga_service_templates: + - service_template_object: + - "domon-standard-service" + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false + command_endpoint: null + vars: + domon_enabled_notifications: [ "mail_24/7" ] - service_template_object: - domon-json imports: - - domon-non-agent-service + - domon-standard-service check_command: "{{ object_name }}" check_interval: 5m diff --git a/playbooks/domon-template-empty-host.yml b/playbooks/icinga-template-empty-host.yml similarity index 100% rename from playbooks/domon-template-empty-host.yml rename to playbooks/icinga-template-empty-host.yml From ee8f946ef833ca66b39e86db104be8b7b070fdc5 Mon Sep 17 00:00:00 2001 From: sjedlick <104558780+sjedlick@users.noreply.github.com> Date: Thu, 27 Jul 2023 12:57:01 +0200 Subject: [PATCH 07/24] Update README.md Co-authored-by: Daniel --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 80fdcbc..a3cb189 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,6 @@ Check out the 'Documentation' part for this collection [here](https://github.com | icinga-json.yml | do a json check | icinga-template-empty-host.yml | create a host template for an empty host - ## License GPLv3 From 24449e1ca2fa977ce659a1abd5592f67a3b13fb5 Mon Sep 17 00:00:00 2001 From: Swen Jedlicka Date: Fri, 28 Jul 2023 16:14:51 +0200 Subject: [PATCH 08/24] fix linting --- playbooks/icinga-https.yml | 2 +- playbooks/icinga-json-azure-restapi.yml | 2 +- playbooks/icinga-json-azure_restapi_resourcehealth.yml | 2 +- playbooks/icinga-json.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/playbooks/icinga-https.yml b/playbooks/icinga-https.yml index 610be4e..791885e 100644 --- a/playbooks/icinga-https.yml +++ b/playbooks/icinga-https.yml @@ -26,7 +26,7 @@ volatile: false command_endpoint: null vars: - domon_enabled_notifications: [ "mail_24/7" ] + domon_enabled_notifications: ["mail_24/7"] - service_template_object: - "{{ object_name }}" imports: diff --git a/playbooks/icinga-json-azure-restapi.yml b/playbooks/icinga-json-azure-restapi.yml index 322f321..a0a359b 100644 --- a/playbooks/icinga-json-azure-restapi.yml +++ b/playbooks/icinga-json-azure-restapi.yml @@ -65,7 +65,7 @@ volatile: false command_endpoint: null vars: - domon_enabled_notifications: [ "mail_24/7" ] + domon_enabled_notifications: ["mail_24/7"] - service_template_object: - domon-json-azure-restapi imports: diff --git a/playbooks/icinga-json-azure_restapi_resourcehealth.yml b/playbooks/icinga-json-azure_restapi_resourcehealth.yml index 7065fb4..fed9ba7 100644 --- a/playbooks/icinga-json-azure_restapi_resourcehealth.yml +++ b/playbooks/icinga-json-azure_restapi_resourcehealth.yml @@ -26,7 +26,7 @@ volatile: false command_endpoint: null vars: - domon_enabled_notifications: [ "mail_24/7" ] + domon_enabled_notifications: ["mail_24/7"] - service_template_object: - domon-json-azure_restapi_resourcehealth imports: diff --git a/playbooks/icinga-json.yml b/playbooks/icinga-json.yml index 0f03704..ce4cc94 100644 --- a/playbooks/icinga-json.yml +++ b/playbooks/icinga-json.yml @@ -63,7 +63,7 @@ volatile: false command_endpoint: null vars: - domon_enabled_notifications: [ "mail_24/7" ] + domon_enabled_notifications: ["mail_24/7"] - service_template_object: - domon-json imports: From 5d55e552e57618f77061751354ed245a4fbec21e Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 09:29:54 +0200 Subject: [PATCH 09/24] remove the role-dependency to simplify the creation --- playbooks/azure_oauth_token.yml | 68 ------------- playbooks/check-azure_oauth_token.yml | 61 ++++++++++++ playbooks/check-gitlab_scheduler.yml | 52 ++++++++++ playbooks/check-https.yml | 51 ++++++++++ playbooks/check-json-azure-restapi.yml | 83 ++++++++++++++++ ...heck-json-azure_restapi_resourcehealth.yml | 44 +++++++++ playbooks/check-json.yml | 80 +++++++++++++++ playbooks/icinga-check_gitlab_scheduler.yml | 59 ----------- playbooks/icinga-https.yml | 47 --------- playbooks/icinga-json-azure-restapi.yml | 99 ------------------- ...inga-json-azure_restapi_resourcehealth.yml | 43 -------- playbooks/icinga-json.yml | 92 ----------------- playbooks/icinga-template-empty-host.yml | 17 ---- playbooks/template-empty-host.yml | 15 +++ 14 files changed, 386 insertions(+), 425 deletions(-) delete mode 100644 playbooks/azure_oauth_token.yml create mode 100644 playbooks/check-azure_oauth_token.yml create mode 100644 playbooks/check-gitlab_scheduler.yml create mode 100644 playbooks/check-https.yml create mode 100644 playbooks/check-json-azure-restapi.yml create mode 100644 playbooks/check-json-azure_restapi_resourcehealth.yml create mode 100644 playbooks/check-json.yml delete mode 100644 playbooks/icinga-check_gitlab_scheduler.yml delete mode 100644 playbooks/icinga-https.yml delete mode 100644 playbooks/icinga-json-azure-restapi.yml delete mode 100644 playbooks/icinga-json-azure_restapi_resourcehealth.yml delete mode 100644 playbooks/icinga-json.yml delete mode 100644 playbooks/icinga-template-empty-host.yml create mode 100644 playbooks/template-empty-host.yml diff --git a/playbooks/azure_oauth_token.yml b/playbooks/azure_oauth_token.yml deleted file mode 100644 index 3968101..0000000 --- a/playbooks/azure_oauth_token.yml +++ /dev/null @@ -1,68 +0,0 @@ ---- -- name: Create objects in Icinga - hosts: localhost - gather_facts: false - vars: - object_name: azure_oauth_token - tasks: - # icinga_command - - name: "Icinga_command-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_command" - vars: - icinga_commands: - - command_object: - - "{{ object_name }}" - command: "{{ object_name }}.py" - arguments: - (no key): - order: 1 - required: true - skip_key: true - value: $tenant_id$ - (no key.1): - order: 2 - required: true - skip_key: true - value: $client_id$ - (no key.2): - order: 3 - required: true - skip_key: true - value: $client_secret$ - (no key.3): - order: 4 - required: true - skip_key: true - value: $scope$ - # icinga_service_template - - name: "Icinga_service_template-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_service_template" - vars: - icinga_service_templates: - - service_template_object: - - "{{ object_name }}" - check_command: "{{ object_name }}" - check_interval: 50m - -# EXAMPLES -## used for service_apply -# - name: "Icinga_service_apply_azure" -# include_role: -# name: "telekom_mms.icinga_director.ansible_icinga" -# tasks_from: "icinga_service_apply" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "{{ object_name }}" -# display_name: "{{ object_name }}" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# tenant_id: "ID" -# client_id: "ID" -# client_secret: "secret" -# scope: "https://management.azure.com/.default" diff --git a/playbooks/check-azure_oauth_token.yml b/playbooks/check-azure_oauth_token.yml new file mode 100644 index 0000000..2657669 --- /dev/null +++ b/playbooks/check-azure_oauth_token.yml @@ -0,0 +1,61 @@ +--- +- name: Create command and service template for Azure oauth token + hosts: localhost + gather_facts: false + module_defaults: + group/telekom_mms.icinga_director.icinga: + url: "{{ icinga_url }}" + url_username: "{{ icinga_user }}" + url_password: "{{ icinga_pass }}" + tasks: + - name: Create command Azure oauth token + telekom_mms.icinga_director.icinga_command: + state: present + object_name: azure_oauth_token + command: "azure_oauth_token.py" + arguments: + (no key): + order: 1 + required: true + skip_key: true + value: $tenant_id$ + (no key.1): + order: 2 + required: true + skip_key: true + value: $client_id$ + (no key.2): + order: 3 + required: true + skip_key: true + value: $client_secret$ + (no key.3): + order: 4 + required: true + skip_key: true + value: $scope$ + - name: Create service template for Azure oauth token + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: "azure_oauth_token" + check_command: "azure_oauth_token" + check_interval: 50m + +# EXAMPLES +## used for service_apply +# - name: "Icinga_service_apply_azure" +# include_role: +# name: "telekom_mms.icinga_director.ansible_icinga" +# tasks_from: "icinga_service_apply" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "azure_oauth_token-service_apply" +# imports: "azure_oauth_token" +# display_name: "azure_oauth_token" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# tenant_id: "ID" +# client_id: "ID" +# client_secret: "secret" +# scope: "https://management.azure.com/.default" diff --git a/playbooks/check-gitlab_scheduler.yml b/playbooks/check-gitlab_scheduler.yml new file mode 100644 index 0000000..a4d84e3 --- /dev/null +++ b/playbooks/check-gitlab_scheduler.yml @@ -0,0 +1,52 @@ +--- +- name: Create command and service template for check_gitlab_scheduler + hosts: localhost + gather_facts: false + module_defaults: + group/telekom_mms.icinga_director.icinga: + url: "{{ icinga_url }}" + url_username: "{{ icinga_user }}" + url_password: "{{ icinga_pass }}" + tasks: + - name: Create command for check_gitlab_scheduler + telekom_mms.icinga_director.icinga_command: + state: present + object_name: check_gitlab_scheduler + command: check_gitlab_scheduler.py + arguments: + -p: + required: true + value: $projectid$ + -s: + required: true + value: $schedulerid$ + -t: + required: true + value: $token$ + -o: + required: false + value: $pending_timeout$ + - name: Create service template for check_gitlab_scheduler + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: check_gitlab_scheduler + check_command: "check_gitlab_scheduler" + check_interval: 5m + +# EXAMPLES +## used for service_apply +# - name: "Icinga_service_apply_azure" +# include_role: +# name: "telekom_mms.icinga_director.ansible_icinga" +# tasks_from: "icinga_service_apply" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "check_gitlab_scheduler-service_apply" +# imports: "check_gitlab_scheduler" +# display_name: "check_gitlab_scheduler_pipelinename" +# assign_filter: "{{'host.name="gitlab-pipelines"'}}" +# vars: +# projectid: "111" +# schedulerid: "222" +# token: "{{ gitlab_project_token }}" diff --git a/playbooks/check-https.yml b/playbooks/check-https.yml new file mode 100644 index 0000000..34608ee --- /dev/null +++ b/playbooks/check-https.yml @@ -0,0 +1,51 @@ +--- +- name: Create service templates for defaults + hosts: localhost + gather_facts: false + module_defaults: + group/telekom_mms.icinga_director.icinga: + url: "{{ icinga_url }}" + url_username: "{{ icinga_user }}" + url_password: "{{ icinga_pass }}" + tasks: + - name: Create service template for domon-standard-service + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: domon-standard-service + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false + command_endpoint: null + vars: + domon_enabled_notifications: ["mail_24/7"] + + - name: Create service template for domon-https + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: domon-https + imports: + - domon-standard-service + check_command: http + check_interval: 300 + vars: + http_address: $check_address$ + http_extendedperfdata: false + http_invertregex: false + http_sni: true + http_ssl: true + http_timeout: 30 + + - name: Create service template for domon-https + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: domon-https-certificate + imports: + - domon-https + check_timeout: 60 diff --git a/playbooks/check-json-azure-restapi.yml b/playbooks/check-json-azure-restapi.yml new file mode 100644 index 0000000..0eec767 --- /dev/null +++ b/playbooks/check-json-azure-restapi.yml @@ -0,0 +1,83 @@ +--- +- name: Create service template for domon-standard-service and azure REST-API + hosts: localhost + gather_facts: false + module_defaults: + group/telekom_mms.icinga_director.icinga: + url: "{{ icinga_url }}" + url_username: "{{ icinga_user }}" + url_password: "{{ icinga_pass }}" + object_name: check_json_azure_restapi + tasks: + - name: Create service template for domon-standard-service + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: domon-standard-service + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false + command_endpoint: null + vars: + domon_enabled_notifications: ["mail_24/7"] + + - name: Create command Azure REST-API + telekom_mms.icinga_director.icinga_command: + state: present + object_name: azure_restapi + command: check_json.pl + arguments: + --ignoressl: + set_if: $json_ignoressl$ + -T: $json_contenttype$ + -a: + required: true + value: $json_attributes$ + -b: + required: true + type: Function + body: return get_service(macro("$azure_oauth_token_host$"), macro("$azure_oauth_token_service$")).last_check_result.output + -c: + required: true + type: Function + body: macro("$json_crit$") + -d: $json_divisor$ + -e: $json_expect$ + -m: $json_metadata$ + -o: $json_outputvars$ + -p: $json_perfvars$ + -t: $json_timeout$ + -u: + required: true + value: $json_url$ + -w: + required: true + type: Function + body: macro("$json_warn$") + -x: $json_xauth$ + +# EXAMPLES +## used for service_apply +# - name: "Icinga_service_template_azure" +# include_role: +# name: "telekom_mms.icinga_director.ansible_icinga" +# tasks_from: "icinga_service_apply" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "azure_restapi-service_apply" +# imports: "domon-json-azure-restapi" +# display_name: "azure_restapi" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# json_url: "https://management.azure.com/subscriptions/xxx" +# json_attributes: '{properties}->{state}' +# json_expect: Ready +# json_ignoressl: true +# json_outputvars: '{properties}->{state}' diff --git a/playbooks/check-json-azure_restapi_resourcehealth.yml b/playbooks/check-json-azure_restapi_resourcehealth.yml new file mode 100644 index 0000000..ea7d8e5 --- /dev/null +++ b/playbooks/check-json-azure_restapi_resourcehealth.yml @@ -0,0 +1,44 @@ +--- +- name: Create service template for azure REST-API ResourceHealth + hosts: localhost + gather_facts: false + module_defaults: + group/telekom_mms.icinga_director.icinga: + url: "{{ icinga_url }}" + url_username: "{{ icinga_user }}" + url_password: "{{ icinga_pass }}" + tasks: + - name: Create service template for domon-standard-service + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: domon-standard-service + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false + command_endpoint: null + vars: + domon_enabled_notifications: ["mail_24/7"] + + - name: Create service template for azure REST-API ResourceHealth + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: domon-json-azure_restapi_resourcehealth + imports: + - domon-standard-service + check_command: check_json_azure_restapi + check_interval: 5m + vars: + json_url: + "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$/\ + providers/Microsoft.ResourceHealth/availabilityStatuses/current?api-version=2020-05-01-preview" + json_expect: Available + json_ignoressl: true + json_attributes: "{properties}->{availabilityState}" + json_outputvars: "{properties}->{availabilityState},{properties}->{summary},{properties}->{reasonType},{properties}->{occuredTime}" diff --git a/playbooks/check-json.yml b/playbooks/check-json.yml new file mode 100644 index 0000000..7041e61 --- /dev/null +++ b/playbooks/check-json.yml @@ -0,0 +1,80 @@ +--- +- name: Create service template and command for check_json + hosts: localhost + gather_facts: false + module_defaults: + group/telekom_mms.icinga_director.icinga: + url: "{{ icinga_url }}" + url_username: "{{ icinga_user }}" + url_password: "{{ icinga_pass }}" + tasks: + - name: Create service template for domon-standard-service + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: domon-standard-service + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false + command_endpoint: null + vars: + domon_enabled_notifications: ["mail_24/7"] + + - name: Create Command check_json + telekom_mms.icinga_director.icinga_command: + state: present + object_name: check_json + command: "check_json.pl" + arguments: + --ignoressl: + set_if: $json_ignoressl$ + -T: $json_contenttype$ + -a: + required: true + value: $json_attributes$ + -b: + value: $json_bearer$ + -c: + required: true + type: Function + body: macro("$json_crit$") + -d: $json_divisor$ + -e: $json_expect$ + -m: $json_metadata$ + -o: $json_outputvars$ + -p: $json_perfvars$ + -t: $json_timeout$ + -u: + required: true + value: $json_url$ + -w: + required: true + type: Function + body: macro("$json_warn$") + -x: $json_xauth$ + +# EXAMPLES +## used for service_apply +# - name: "Icinga_service_apply_azure" +# include_role: +# name: "telekom_mms.icinga_director.ansible_icinga" +# tasks_from: "icinga_service_apply" +# vars: +# icinga_service_applies: +# - service_apply_object: +# - "{{ object_name }}-service_apply" +# imports: "domon-json" +# display_name: "{{ object_name }}" +# assign_filter: "{{'host.name=\"azure\"'}}" +# vars: +# json_url: "https://api/xxx" +# json_attributes: '{state}' +# json_expect: Online +# json_ignoressl: true +# json_outputvars: '{state}' diff --git a/playbooks/icinga-check_gitlab_scheduler.yml b/playbooks/icinga-check_gitlab_scheduler.yml deleted file mode 100644 index 9463ca8..0000000 --- a/playbooks/icinga-check_gitlab_scheduler.yml +++ /dev/null @@ -1,59 +0,0 @@ ---- -- name: Create objects in Icinga - hosts: localhost - gather_facts: false - vars: - object_name: check_gitlab_scheduler - tasks: - # icinga_command - - name: "Icinga_command-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_command}" - vars: - icinga_commands: - - command_object: - - "{{ object_name }}" - command: "{{ object_name }}.py" - arguments: - -p: - required: true - value: $projectid$ - -s: - required: true - value: $schedulerid$ - -t: - required: true - value: $token$ - -o: - required: false - value: $pending_timeout$ - # icinga_service_template - - name: "Icinga_service_template-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_service_template" - vars: - icinga_service_templates: - - service_template_object: - - "{{ object_name }}" - check_command: "{{ object_name }}" - check_interval: 5m - -# EXAMPLES -## used for service_apply -# - name: "Icinga_service_apply_azure" -# include_role: -# name: "telekom_mms.icinga_director.ansible_icinga" -# tasks_from: "icinga_service_apply" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "check_gitlab_scheduler" -# display_name: "{{ object_name }}_pipelinename" -# assign_filter: "{{'host.name="gitlab-pipelines"'}}" -# vars: -# projectid: "111" -# schedulerid: "222" -# token: "{{ gitlab_project_token }}" diff --git a/playbooks/icinga-https.yml b/playbooks/icinga-https.yml deleted file mode 100644 index 791885e..0000000 --- a/playbooks/icinga-https.yml +++ /dev/null @@ -1,47 +0,0 @@ ---- -- name: Create objects in Icinga - hosts: localhost - gather_facts: false - vars: - object_name: domon-https - tasks: - # icinga_service_template - - name: "Icinga_service_template-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_service_template" - vars: - icinga_service_templates: - - service_template_object: - - "domon-standard-service" - max_check_attempts: "3" - check_period: "24/7" - check_interval: "2m" - retry_interval: "1m" - enable_notifications: true - enable_active_checks: true - enable_passive_checks: false - enable_event_handler: false - enable_perfdata: true - volatile: false - command_endpoint: null - vars: - domon_enabled_notifications: ["mail_24/7"] - - service_template_object: - - "{{ object_name }}" - imports: - - domon-standard-service - check_command: http - check_interval: 300 - vars: - http_address: $check_address$ - http_extendedperfdata: false - http_invertregex: false - http_sni: true - http_ssl: true - http_timeout: 30 - - service_template_object: - - "{{ object_name }}-certificate" - imports: - - "{{ object_name }}" - check_timeout: 60 diff --git a/playbooks/icinga-json-azure-restapi.yml b/playbooks/icinga-json-azure-restapi.yml deleted file mode 100644 index a0a359b..0000000 --- a/playbooks/icinga-json-azure-restapi.yml +++ /dev/null @@ -1,99 +0,0 @@ ---- -- name: Create objects in Icinga - hosts: localhost - gather_facts: false - vars: - object_name: check_json_azure_restapi - tasks: - # icinga_command - - name: "Icinga_command-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_command" - vars: - icinga_commands: - - command_object: - - "{{ object_name }}" - command: check_json.pl - arguments: - --ignoressl: - set_if: $json_ignoressl$ - -T: $json_contenttype$ - -a: - required: true - value: $json_attributes$ - -b: - required: true - type: Function - body: return get_service(macro("$azure_oauth_token_host$"), macro("$azure_oauth_token_service$")).last_check_result.output - -c: - required: true - type: Function - body: macro("$json_crit$") - -d: $json_divisor$ - -e: $json_expect$ - -m: $json_metadata$ - -o: $json_outputvars$ - -p: $json_perfvars$ - -t: $json_timeout$ - -u: - required: true - value: $json_url$ - -w: - required: true - type: Function - body: macro("$json_warn$") - -x: $json_xauth$ - # icinga_service_template - - name: "Icinga_service_template-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_service_template" - vars: - icinga_service_templates: - - service_template_object: - - "domon-standard-service" - max_check_attempts: "3" - check_period: "24/7" - check_interval: "2m" - retry_interval: "1m" - enable_notifications: true - enable_active_checks: true - enable_passive_checks: false - enable_event_handler: false - enable_perfdata: true - volatile: false - command_endpoint: null - vars: - domon_enabled_notifications: ["mail_24/7"] - - service_template_object: - - domon-json-azure-restapi - imports: - - domon-standard-service - check_command: "{{ object_name }}" - check_interval: 5m - vars: - json_url: - "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$\ - ?api-version=$azure_restapi_version$" - json_ignoressl: true - -# EXAMPLES -## used for service_apply -# - name: "Icinga_service_template_azure" -# include_role: -# name: "telekom_mms.icinga_director.ansible_icinga" -# tasks_from: "icinga_service_apply" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "domon-json-azure-restapi" -# display_name: "{{ object_name }}" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# json_url: "https://management.azure.com/subscriptions/xxx" -# json_attributes: '{properties}->{state}' -# json_expect: Ready -# json_ignoressl: true -# json_outputvars: '{properties}->{state}' diff --git a/playbooks/icinga-json-azure_restapi_resourcehealth.yml b/playbooks/icinga-json-azure_restapi_resourcehealth.yml deleted file mode 100644 index fed9ba7..0000000 --- a/playbooks/icinga-json-azure_restapi_resourcehealth.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- -- name: Create objects in Icinga - hosts: localhost - gather_facts: false - vars: - object_name: azure_restapi_resourcehealth - tasks: - # icinga_service_template - - name: "Icinga_service_template-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_service_template" - vars: - icinga_service_templates: - - service_template_object: - - "domon-standard-service" - max_check_attempts: "3" - check_period: "24/7" - check_interval: "2m" - retry_interval: "1m" - enable_notifications: true - enable_active_checks: true - enable_passive_checks: false - enable_event_handler: false - enable_perfdata: true - volatile: false - command_endpoint: null - vars: - domon_enabled_notifications: ["mail_24/7"] - - service_template_object: - - domon-json-azure_restapi_resourcehealth - imports: - - domon-standard-service - check_command: check_json_azure_restapi - check_interval: 5m - vars: - json_url: - "https://management.azure.com/subscriptions/$azure_subscription_id$/resourcegroups/$azure_resource_group$$azure_resource_uri$/\ - providers/Microsoft.ResourceHealth/availabilityStatuses/current?api-version=2020-05-01-preview" - json_expect: Available - json_ignoressl: true - json_attributes: "{properties}->{availabilityState}" - json_outputvars: "{properties}->{availabilityState},{properties}->{summary},{properties}->{reasonType},{properties}->{occuredTime}" diff --git a/playbooks/icinga-json.yml b/playbooks/icinga-json.yml deleted file mode 100644 index ce4cc94..0000000 --- a/playbooks/icinga-json.yml +++ /dev/null @@ -1,92 +0,0 @@ ---- -- name: Create objects in Icinga - hosts: localhost - gather_facts: false - vars: - object_name: check_json - tasks: - # icinga_command - - name: "Icinga_command-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_command" - vars: - icinga_commands: - - command_object: - - "{{ object_name }}" - command: "{{ object_name }}.pl" - arguments: - --ignoressl: - set_if: $json_ignoressl$ - -T: $json_contenttype$ - -a: - required: true - value: $json_attributes$ - -b: - value: $json_bearer$ - -c: - required: true - type: Function - body: macro("$json_crit$") - -d: $json_divisor$ - -e: $json_expect$ - -m: $json_metadata$ - -o: $json_outputvars$ - -p: $json_perfvars$ - -t: $json_timeout$ - -u: - required: true - value: $json_url$ - -w: - required: true - type: Function - body: macro("$json_warn$") - -x: $json_xauth$ - # icinga_service_template - - name: "Icinga_service_template-{{ object_name }}" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_service_template" - vars: - icinga_service_templates: - - service_template_object: - - "domon-standard-service" - max_check_attempts: "3" - check_period: "24/7" - check_interval: "2m" - retry_interval: "1m" - enable_notifications: true - enable_active_checks: true - enable_passive_checks: false - enable_event_handler: false - enable_perfdata: true - volatile: false - command_endpoint: null - vars: - domon_enabled_notifications: ["mail_24/7"] - - service_template_object: - - domon-json - imports: - - domon-standard-service - check_command: "{{ object_name }}" - check_interval: 5m - -# EXAMPLES -## used for service_apply -# - name: "Icinga_service_apply_azure" -# include_role: -# name: "telekom_mms.icinga_director.ansible_icinga" -# tasks_from: "icinga_service_apply" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "domon-json" -# display_name: "{{ object_name }}" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# json_url: "https://api/xxx" -# json_attributes: '{state}' -# json_expect: Online -# json_ignoressl: true -# json_outputvars: '{state}' diff --git a/playbooks/icinga-template-empty-host.yml b/playbooks/icinga-template-empty-host.yml deleted file mode 100644 index a8eefdf..0000000 --- a/playbooks/icinga-template-empty-host.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Create objects in Icinga - hosts: localhost - gather_facts: false - vars: - object_name: empty-host - tasks: - # icinga_host_template - - name: "Icinga_host_template" - ansible.builtin.include_role: - name: "telekom_mms.icinga_director.ansible_icinga" - tasks_from: "icinga_host_template" - vars: - icinga_host_templates: - - host_template_object: - - domon-template-{{ object_name }} - check_command: dummy diff --git a/playbooks/template-empty-host.yml b/playbooks/template-empty-host.yml new file mode 100644 index 0000000..2596182 --- /dev/null +++ b/playbooks/template-empty-host.yml @@ -0,0 +1,15 @@ +--- +- name: Create empty-host template + hosts: localhost + gather_facts: false + module_defaults: + group/telekom_mms.icinga_director.icinga: + url: "{{ icinga_url }}" + url_username: "{{ icinga_user }}" + url_password: "{{ icinga_pass }}" + tasks: + - name: Create a host in icinga + t_systems_mms.icinga_director.icinga_host: + state: present + object_name: domon-template-empty-host + check_command: dummy From 0b8e8f70781b7227a6450c84941e8f6d404e2a93 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 10:43:21 +0200 Subject: [PATCH 10/24] add integration tests --- .github/workflows/CI.yml | 43 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index fdeea79..23ff5c5 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -11,6 +11,13 @@ on: schedule: - cron: '0 6 * * 1' +concurrency: + group: >- + ${{ github.workflow }}-${{ + github.event.pull_request.number || github.sha + }} + cancel-in-progress: true + jobs: ansible-sanity-tests: name: Sanity (Ⓐ${{ matrix.ansible }}) @@ -40,6 +47,42 @@ jobs: run: ansible-test sanity --docker -v --color working-directory: ./ansible_collections/t_systems_mms/ansible_collection_icinga + integration: + runs-on: ubuntu-20.04 + name: I (Ⓐ${{ matrix.ansible }}+py${{ matrix.python }}) + strategy: + fail-fast: false + matrix: + ansible: + - stable-2.12 + - stable-2.13 + - stable-2.14 + - devel + python: + - "3.8" + - "3.9" + - "3.10" + services: + icinga: + image: ghcr.io/telekom-mms/icinga2:director-1.8.1 + ports: + - 80:80 + steps: + - name: >- + Perform integration testing against + Ansible version ${{ matrix.ansible }} + under Python ${{ matrix.python }} + uses: ansible-community/ansible-test-gh-action@v1.14.1 + with: + ansible-core-version: ${{ matrix.ansible }} + # OPTIONAL command to run before invoking `ansible-test integration` + pre-test-cmd: sed -i "s/127.0.0.1/icinga/g" tests/integration/integration_config.yml + target-python-version: ${{ matrix.python }} + testing-type: integration + # OPTIONAL If your integration tests require code + # from other collections, install them like this + # test-deps: ansible.netcommon + linting: name: Ansible Lint runs-on: ubuntu-latest From 37195117f51f1334741e5eca02ebbf1db786c21a Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 10:44:21 +0200 Subject: [PATCH 11/24] rename playbooks to remove dashes, they're not allowed. --- ..._token.yml => check_azure_oauth_token.yml} | 0 ...heduler.yml => check_gitlab_scheduler.yml} | 0 .../{check-https.yml => check_https.yml} | 18 ---------------- playbooks/{check-json.yml => check_json.yml} | 18 ---------------- ...stapi.yml => check_json_azure_restapi.yml} | 21 +------------------ ...eck_json_azure_restapi_resourcehealth.yml} | 18 ---------------- ...empty-host.yml => template_empty_host.yml} | 2 +- 7 files changed, 2 insertions(+), 75 deletions(-) rename playbooks/{check-azure_oauth_token.yml => check_azure_oauth_token.yml} (100%) rename playbooks/{check-gitlab_scheduler.yml => check_gitlab_scheduler.yml} (100%) rename playbooks/{check-https.yml => check_https.yml} (62%) rename playbooks/{check-json.yml => check_json.yml} (74%) rename playbooks/{check-json-azure-restapi.yml => check_json_azure_restapi.yml} (74%) rename playbooks/{check-json-azure_restapi_resourcehealth.yml => check_json_azure_restapi_resourcehealth.yml} (66%) rename playbooks/{template-empty-host.yml => template_empty_host.yml} (87%) diff --git a/playbooks/check-azure_oauth_token.yml b/playbooks/check_azure_oauth_token.yml similarity index 100% rename from playbooks/check-azure_oauth_token.yml rename to playbooks/check_azure_oauth_token.yml diff --git a/playbooks/check-gitlab_scheduler.yml b/playbooks/check_gitlab_scheduler.yml similarity index 100% rename from playbooks/check-gitlab_scheduler.yml rename to playbooks/check_gitlab_scheduler.yml diff --git a/playbooks/check-https.yml b/playbooks/check_https.yml similarity index 62% rename from playbooks/check-https.yml rename to playbooks/check_https.yml index 34608ee..3c52227 100644 --- a/playbooks/check-https.yml +++ b/playbooks/check_https.yml @@ -8,24 +8,6 @@ url_username: "{{ icinga_user }}" url_password: "{{ icinga_pass }}" tasks: - - name: Create service template for domon-standard-service - telekom_mms.icinga_director.icinga_service_template: - state: present - object_name: domon-standard-service - max_check_attempts: "3" - check_period: "24/7" - check_interval: "2m" - retry_interval: "1m" - enable_notifications: true - enable_active_checks: true - enable_passive_checks: false - enable_event_handler: false - enable_perfdata: true - volatile: false - command_endpoint: null - vars: - domon_enabled_notifications: ["mail_24/7"] - - name: Create service template for domon-https telekom_mms.icinga_director.icinga_service_template: state: present diff --git a/playbooks/check-json.yml b/playbooks/check_json.yml similarity index 74% rename from playbooks/check-json.yml rename to playbooks/check_json.yml index 7041e61..0fd21c6 100644 --- a/playbooks/check-json.yml +++ b/playbooks/check_json.yml @@ -8,24 +8,6 @@ url_username: "{{ icinga_user }}" url_password: "{{ icinga_pass }}" tasks: - - name: Create service template for domon-standard-service - telekom_mms.icinga_director.icinga_service_template: - state: present - object_name: domon-standard-service - max_check_attempts: "3" - check_period: "24/7" - check_interval: "2m" - retry_interval: "1m" - enable_notifications: true - enable_active_checks: true - enable_passive_checks: false - enable_event_handler: false - enable_perfdata: true - volatile: false - command_endpoint: null - vars: - domon_enabled_notifications: ["mail_24/7"] - - name: Create Command check_json telekom_mms.icinga_director.icinga_command: state: present diff --git a/playbooks/check-json-azure-restapi.yml b/playbooks/check_json_azure_restapi.yml similarity index 74% rename from playbooks/check-json-azure-restapi.yml rename to playbooks/check_json_azure_restapi.yml index 0eec767..3950ef2 100644 --- a/playbooks/check-json-azure-restapi.yml +++ b/playbooks/check_json_azure_restapi.yml @@ -7,30 +7,11 @@ url: "{{ icinga_url }}" url_username: "{{ icinga_user }}" url_password: "{{ icinga_pass }}" - object_name: check_json_azure_restapi tasks: - - name: Create service template for domon-standard-service - telekom_mms.icinga_director.icinga_service_template: - state: present - object_name: domon-standard-service - max_check_attempts: "3" - check_period: "24/7" - check_interval: "2m" - retry_interval: "1m" - enable_notifications: true - enable_active_checks: true - enable_passive_checks: false - enable_event_handler: false - enable_perfdata: true - volatile: false - command_endpoint: null - vars: - domon_enabled_notifications: ["mail_24/7"] - - name: Create command Azure REST-API telekom_mms.icinga_director.icinga_command: state: present - object_name: azure_restapi + object_name: check_json_azure_restapi command: check_json.pl arguments: --ignoressl: diff --git a/playbooks/check-json-azure_restapi_resourcehealth.yml b/playbooks/check_json_azure_restapi_resourcehealth.yml similarity index 66% rename from playbooks/check-json-azure_restapi_resourcehealth.yml rename to playbooks/check_json_azure_restapi_resourcehealth.yml index ea7d8e5..2ed7e47 100644 --- a/playbooks/check-json-azure_restapi_resourcehealth.yml +++ b/playbooks/check_json_azure_restapi_resourcehealth.yml @@ -8,24 +8,6 @@ url_username: "{{ icinga_user }}" url_password: "{{ icinga_pass }}" tasks: - - name: Create service template for domon-standard-service - telekom_mms.icinga_director.icinga_service_template: - state: present - object_name: domon-standard-service - max_check_attempts: "3" - check_period: "24/7" - check_interval: "2m" - retry_interval: "1m" - enable_notifications: true - enable_active_checks: true - enable_passive_checks: false - enable_event_handler: false - enable_perfdata: true - volatile: false - command_endpoint: null - vars: - domon_enabled_notifications: ["mail_24/7"] - - name: Create service template for azure REST-API ResourceHealth telekom_mms.icinga_director.icinga_service_template: state: present diff --git a/playbooks/template-empty-host.yml b/playbooks/template_empty_host.yml similarity index 87% rename from playbooks/template-empty-host.yml rename to playbooks/template_empty_host.yml index 2596182..bf342d6 100644 --- a/playbooks/template-empty-host.yml +++ b/playbooks/template_empty_host.yml @@ -9,7 +9,7 @@ url_password: "{{ icinga_pass }}" tasks: - name: Create a host in icinga - t_systems_mms.icinga_director.icinga_host: + t_systems_mms.icinga_director.icinga_host_template: state: present object_name: domon-template-empty-host check_command: dummy From 30c865f2ac47cea81903a6eb22281447ae1256f6 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 10:44:47 +0200 Subject: [PATCH 12/24] put domon-stuff used by other checks in separate play --- playbooks/domon_standard.yml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 playbooks/domon_standard.yml diff --git a/playbooks/domon_standard.yml b/playbooks/domon_standard.yml new file mode 100644 index 0000000..eacc434 --- /dev/null +++ b/playbooks/domon_standard.yml @@ -0,0 +1,36 @@ +- name: Create domon-standards + hosts: localhost + gather_facts: false + module_defaults: + group/telekom_mms.icinga_director.icinga: + url: "{{ icinga_url }}" + url_username: "{{ icinga_user }}" + url_password: "{{ icinga_pass }}" + tasks: + - name: Create timeperiod for domon-standard-service + telekom_mms.icinga_director.icinga_timeperiod: + state: present + object_name: 24/7 + ranges: + monday: "00:00-24:00" + tuesday: "00:00-24:00" + wednesday: "00:00-24:00" + thursday: "00:00-24:00" + friday: "00:00-24:00" + saturday: "00:00-24:00" + sunday: "00:00-24:00" + + - name: Create service template for domon-standard-service + telekom_mms.icinga_director.icinga_service_template: + state: present + object_name: domon-standard-service + max_check_attempts: "3" + check_period: "24/7" + check_interval: "2m" + retry_interval: "1m" + enable_notifications: true + enable_active_checks: true + enable_passive_checks: false + enable_event_handler: false + enable_perfdata: true + volatile: false From 759c8745d001883ecb690dbd74b61271dc12f24f Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 10:45:26 +0200 Subject: [PATCH 13/24] add integration tests --- tests/integration/integration_config.yml | 4 ++++ tests/integration/targets/icinga/runme.sh | 21 +++++++++++++++++---- 2 files changed, 21 insertions(+), 4 deletions(-) create mode 100644 tests/integration/integration_config.yml diff --git a/tests/integration/integration_config.yml b/tests/integration/integration_config.yml new file mode 100644 index 0000000..a2d1d84 --- /dev/null +++ b/tests/integration/integration_config.yml @@ -0,0 +1,4 @@ +--- +icinga_url: "http://127.0.0.1/icingaweb2" +icinga_user: "icingaadmin" +icinga_pass: "icinga" diff --git a/tests/integration/targets/icinga/runme.sh b/tests/integration/targets/icinga/runme.sh index 7d45615..0717d84 100644 --- a/tests/integration/targets/icinga/runme.sh +++ b/tests/integration/targets/icinga/runme.sh @@ -2,7 +2,20 @@ set -eux -ansible-playbook icinga_agent.yml -ansible-playbook icinga_agent.yml --check --diff -ansible-playbook icinga_plugins.yml -ansible-playbook icinga_plugins.yml --check --diff +ansible-playbook icinga_agent.yml -e "@../../integration_config.yml" "$@" +ansible-playbook icinga_agent.yml --check --diff -e "@../../integration_config.yml" "$@" +ansible-playbook icinga_plugins.yml -e "@../../integration_config.yml" "$@" +ansible-playbook icinga_plugins.yml --check --diff -e "@../../integration_config.yml" "$@" + +ansible-playbook icinga_plugins.yml -e "@../../integration_config.yml" "$@" +ansible-playbook icinga_plugins.yml --check --diff -e "@../../integration_config.yml" "$@" + +ansible-playbook t_systems_mms.ansible_collection_icinga.domon_standard -e "@../../integration_config.yml" "$@" +ansible-playbook t_systems_mms.ansible_collection_icinga.check_azure_oauth_token -e "@../../integration_config.yml" "$@" +ansible-playbook t_systems_mms.ansible_collection_icinga.check_gitlab_scheduler -e "@../../integration_config.yml" "$@" +ansible-playbook t_systems_mms.ansible_collection_icinga.check_https -e "@../../integration_config.yml" "$@" +ansible-playbook t_systems_mms.ansible_collection_icinga.check_json -e "@../../integration_config.yml" "$@" +ansible-playbook t_systems_mms.ansible_collection_icinga.check_json_azure_restapi -e "@../../integration_config.yml" "$@" +ansible-playbook t_systems_mms.ansible_collection_icinga.check_json_azure_restapi_resourcehealth -e "@../../integration_config.yml" "$@" +ansible-playbook t_systems_mms.ansible_collection_icinga.template_empty_host -e "@../../integration_config.yml" "$@" + From fa8630078fc72f35947dded650f1c2c732cc7830 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 10:45:38 +0200 Subject: [PATCH 14/24] add examples to use playbooks --- README.md | 44 +++++++++++++++++++++++++++++++++++++------- 1 file changed, 37 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index a3cb189..d9c449b 100644 --- a/README.md +++ b/README.md @@ -57,13 +57,43 @@ Check out the 'Documentation' part for this collection [here](https://github.com | playbook| description |------------|----------------------------------------------------------------------- -| azure_oauth_token.yml | get azure oauth token -| icinga-check_gitlab_scheduler.yml | check gitlab scheduled pipelines -| icinga-https.yml | check https reachability and certificates -| icinga-json-azure_restapi_resourcehealth.yml | check state of azure resourcehealth -| icinga-json-azure-restapi.yml | do a json check against azure restapi (with oauth_token) -| icinga-json.yml | do a json check -| icinga-template-empty-host.yml | create a host template for an empty host +| domon_standard.yml | create a timeperiod and service template to use for other checks +| azure_oauth_token.yml | get azure oauth token to use in other checks +| check_gitlab_scheduler.yml | check gitlab scheduled pipelines +| check_https.yml | check https reachability and certificates +| check_json_azure_restapi_resourcehealth.yml | check state of azure resourcehealth +| check_json_azure_restapi.yml | do a json check against azure restapi (with oauth_token) +| check_json.yml | do a json check +| template_empty_host.yml | create a host template for an empty host + +You can use these playbooks in your playbook like this: + +``` +- name: Import domon standard playbook to create services that other checks depend on + import-playbook: t_systems_mms.ansible_collection_icinga.domon_standard + +- name: Import playbook to create azure oauth token check + import-playbook: t_systems_mms.ansible_collection_icinga.check_azure_oauth_token + +- name: Import playbook to create gitlab_scheduler check + import-playbook: t_systems_mms.ansible_collection_icinga.check_gitlab_scheduler + +- name: Import playbook to create check_https checks + import-playbook: t_systems_mms.ansible_collection_icinga.check_https + +``` + +Or call them from the command line: +``` +ansible-playbook t_systems_mms.ansible_collection_icinga.domon_standard +ansible-playbook t_systems_mms.ansible_collection_icinga.check_azure_oauth_token +ansible-playbook t_systems_mms.ansible_collection_icinga.check_gitlab_scheduler +ansible-playbook t_systems_mms.ansible_collection_icinga.check_https +ansible-playbook t_systems_mms.ansible_collection_icinga.check_json +ansible-playbook t_systems_mms.ansible_collection_icinga.check_json_azure_restapi +ansible-playbook t_systems_mms.ansible_collection_icinga.check_json_azure_restapi_resourcehealth +ansible-playbook t_systems_mms.ansible_collection_icinga.template_empty_host +``` ## License From 79bf95febd285a12ccda2415d35feeb10e23124e Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 10:49:31 +0200 Subject: [PATCH 15/24] make runme.sh executable --- tests/integration/targets/icinga/runme.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 tests/integration/targets/icinga/runme.sh diff --git a/tests/integration/targets/icinga/runme.sh b/tests/integration/targets/icinga/runme.sh old mode 100644 new mode 100755 From 371014000c00d39462974f17a0f543cb6d7cfb3b Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 10:53:18 +0200 Subject: [PATCH 16/24] only run icinga director tests in integration --- tests/integration/targets/icinga/runme.sh | 8 -------- 1 file changed, 8 deletions(-) diff --git a/tests/integration/targets/icinga/runme.sh b/tests/integration/targets/icinga/runme.sh index 0717d84..9e6040e 100755 --- a/tests/integration/targets/icinga/runme.sh +++ b/tests/integration/targets/icinga/runme.sh @@ -2,14 +2,6 @@ set -eux -ansible-playbook icinga_agent.yml -e "@../../integration_config.yml" "$@" -ansible-playbook icinga_agent.yml --check --diff -e "@../../integration_config.yml" "$@" -ansible-playbook icinga_plugins.yml -e "@../../integration_config.yml" "$@" -ansible-playbook icinga_plugins.yml --check --diff -e "@../../integration_config.yml" "$@" - -ansible-playbook icinga_plugins.yml -e "@../../integration_config.yml" "$@" -ansible-playbook icinga_plugins.yml --check --diff -e "@../../integration_config.yml" "$@" - ansible-playbook t_systems_mms.ansible_collection_icinga.domon_standard -e "@../../integration_config.yml" "$@" ansible-playbook t_systems_mms.ansible_collection_icinga.check_azure_oauth_token -e "@../../integration_config.yml" "$@" ansible-playbook t_systems_mms.ansible_collection_icinga.check_gitlab_scheduler -e "@../../integration_config.yml" "$@" From 30ac3932914f89d4780304b80fad812937348414 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 11:01:15 +0200 Subject: [PATCH 17/24] add icinga director collection as a dep to ansible integration tests --- .github/workflows/CI.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 23ff5c5..81c4697 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -79,9 +79,7 @@ jobs: pre-test-cmd: sed -i "s/127.0.0.1/icinga/g" tests/integration/integration_config.yml target-python-version: ${{ matrix.python }} testing-type: integration - # OPTIONAL If your integration tests require code - # from other collections, install them like this - # test-deps: ansible.netcommon + test-deps: telekom_mms.icinga_director linting: name: Ansible Lint From a939a09bf24bb22f2082e655906bb6ddf23b7867 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 11:06:09 +0200 Subject: [PATCH 18/24] fix wrong collection namespace --- playbooks/template_empty_host.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/template_empty_host.yml b/playbooks/template_empty_host.yml index bf342d6..dff00fc 100644 --- a/playbooks/template_empty_host.yml +++ b/playbooks/template_empty_host.yml @@ -9,7 +9,7 @@ url_password: "{{ icinga_pass }}" tasks: - name: Create a host in icinga - t_systems_mms.icinga_director.icinga_host_template: + telekom_mms.icinga_director.icinga_host_template: state: present object_name: domon-template-empty-host check_command: dummy From a80dbb7f0fae88a57c991f720c16bfa1c34eb08a Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 11:06:24 +0200 Subject: [PATCH 19/24] add requirements-file for ansible-lint --- tests/integration/requirements.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 tests/integration/requirements.yml diff --git a/tests/integration/requirements.yml b/tests/integration/requirements.yml new file mode 100644 index 0000000..f85bdde --- /dev/null +++ b/tests/integration/requirements.yml @@ -0,0 +1 @@ +- telekom_mms.icinga_director From cb60847c456bb60384088b1521a57e08274ec1f8 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 11:10:24 +0200 Subject: [PATCH 20/24] update ansible-lint action, no more support for args --- .github/workflows/CI.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 81c4697..65aedfd 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -90,12 +90,7 @@ jobs: uses: actions/checkout@v3 - name: Run Linting - uses: ansible/ansible-lint-action@v6 - with: - targets: "roles/" - override-deps: | - rich>=9.5.1,<11.0.0 - args: "" + uses: ansible/ansible-lint-action@v6.17.2 molecule: name: Molecule From a93e2b06e20d6b2f510c46423dc1873099d06747 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 11:13:44 +0200 Subject: [PATCH 21/24] update ansible-lint action, no more support for args --- .github/workflows/CI.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 65aedfd..a8ca3e6 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -90,7 +90,7 @@ jobs: uses: actions/checkout@v3 - name: Run Linting - uses: ansible/ansible-lint-action@v6.17.2 + uses: ansible/ansible-lint-action@v6.17.0 molecule: name: Molecule From 8c88306d752287ed57e817b3bd0785f5d4101a36 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 31 Jul 2023 11:16:03 +0200 Subject: [PATCH 22/24] add requirements-file for ansible-lint --- tests/integration/requirements.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/integration/requirements.yml b/tests/integration/requirements.yml index f85bdde..d7693f9 100644 --- a/tests/integration/requirements.yml +++ b/tests/integration/requirements.yml @@ -1 +1,2 @@ -- telekom_mms.icinga_director +collections: + - telekom_mms.icinga_director From c510de1161acb4015198e5fb43f657108ee633bf Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 7 Aug 2023 08:53:17 +0200 Subject: [PATCH 23/24] remove examples --- playbooks/check_azure_oauth_token.yml | 19 ------------------- playbooks/check_gitlab_scheduler.yml | 18 ------------------ playbooks/check_json.yml | 20 -------------------- playbooks/check_json_azure_restapi.yml | 20 -------------------- 4 files changed, 77 deletions(-) diff --git a/playbooks/check_azure_oauth_token.yml b/playbooks/check_azure_oauth_token.yml index 2657669..4d1b872 100644 --- a/playbooks/check_azure_oauth_token.yml +++ b/playbooks/check_azure_oauth_token.yml @@ -40,22 +40,3 @@ object_name: "azure_oauth_token" check_command: "azure_oauth_token" check_interval: 50m - -# EXAMPLES -## used for service_apply -# - name: "Icinga_service_apply_azure" -# include_role: -# name: "telekom_mms.icinga_director.ansible_icinga" -# tasks_from: "icinga_service_apply" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "azure_oauth_token-service_apply" -# imports: "azure_oauth_token" -# display_name: "azure_oauth_token" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# tenant_id: "ID" -# client_id: "ID" -# client_secret: "secret" -# scope: "https://management.azure.com/.default" diff --git a/playbooks/check_gitlab_scheduler.yml b/playbooks/check_gitlab_scheduler.yml index a4d84e3..deacd07 100644 --- a/playbooks/check_gitlab_scheduler.yml +++ b/playbooks/check_gitlab_scheduler.yml @@ -32,21 +32,3 @@ object_name: check_gitlab_scheduler check_command: "check_gitlab_scheduler" check_interval: 5m - -# EXAMPLES -## used for service_apply -# - name: "Icinga_service_apply_azure" -# include_role: -# name: "telekom_mms.icinga_director.ansible_icinga" -# tasks_from: "icinga_service_apply" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "check_gitlab_scheduler-service_apply" -# imports: "check_gitlab_scheduler" -# display_name: "check_gitlab_scheduler_pipelinename" -# assign_filter: "{{'host.name="gitlab-pipelines"'}}" -# vars: -# projectid: "111" -# schedulerid: "222" -# token: "{{ gitlab_project_token }}" diff --git a/playbooks/check_json.yml b/playbooks/check_json.yml index 0fd21c6..e55b8f2 100644 --- a/playbooks/check_json.yml +++ b/playbooks/check_json.yml @@ -40,23 +40,3 @@ type: Function body: macro("$json_warn$") -x: $json_xauth$ - -# EXAMPLES -## used for service_apply -# - name: "Icinga_service_apply_azure" -# include_role: -# name: "telekom_mms.icinga_director.ansible_icinga" -# tasks_from: "icinga_service_apply" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "{{ object_name }}-service_apply" -# imports: "domon-json" -# display_name: "{{ object_name }}" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# json_url: "https://api/xxx" -# json_attributes: '{state}' -# json_expect: Online -# json_ignoressl: true -# json_outputvars: '{state}' diff --git a/playbooks/check_json_azure_restapi.yml b/playbooks/check_json_azure_restapi.yml index 3950ef2..f9fb467 100644 --- a/playbooks/check_json_azure_restapi.yml +++ b/playbooks/check_json_azure_restapi.yml @@ -42,23 +42,3 @@ type: Function body: macro("$json_warn$") -x: $json_xauth$ - -# EXAMPLES -## used for service_apply -# - name: "Icinga_service_template_azure" -# include_role: -# name: "telekom_mms.icinga_director.ansible_icinga" -# tasks_from: "icinga_service_apply" -# vars: -# icinga_service_applies: -# - service_apply_object: -# - "azure_restapi-service_apply" -# imports: "domon-json-azure-restapi" -# display_name: "azure_restapi" -# assign_filter: "{{'host.name=\"azure\"'}}" -# vars: -# json_url: "https://management.azure.com/subscriptions/xxx" -# json_attributes: '{properties}->{state}' -# json_expect: Ready -# json_ignoressl: true -# json_outputvars: '{properties}->{state}' From 89823c69650ab061ca22dbcf1b9ff08d8fe08570 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 7 Aug 2023 14:02:10 +0200 Subject: [PATCH 24/24] rename domon to mms --- README.md | 8 ++++---- playbooks/check_https.yml | 12 ++++++------ playbooks/check_json_azure_restapi.yml | 2 +- .../check_json_azure_restapi_resourcehealth.yml | 4 ++-- playbooks/{domon_standard.yml => mms_standard.yml} | 8 ++++---- playbooks/template_empty_host.yml | 2 +- tests/integration/targets/icinga/runme.sh | 2 +- 7 files changed, 19 insertions(+), 19 deletions(-) rename playbooks/{domon_standard.yml => mms_standard.yml} (83%) diff --git a/README.md b/README.md index d9c449b..59c6530 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ Check out the 'Documentation' part for this collection [here](https://github.com | playbook| description |------------|----------------------------------------------------------------------- -| domon_standard.yml | create a timeperiod and service template to use for other checks +| mms_standard.yml | create a timeperiod and service template to use for other checks | azure_oauth_token.yml | get azure oauth token to use in other checks | check_gitlab_scheduler.yml | check gitlab scheduled pipelines | check_https.yml | check https reachability and certificates @@ -69,8 +69,8 @@ Check out the 'Documentation' part for this collection [here](https://github.com You can use these playbooks in your playbook like this: ``` -- name: Import domon standard playbook to create services that other checks depend on - import-playbook: t_systems_mms.ansible_collection_icinga.domon_standard +- name: Import mms standard playbook to create services that other checks depend on + import-playbook: t_systems_mms.ansible_collection_icinga.mms_standard - name: Import playbook to create azure oauth token check import-playbook: t_systems_mms.ansible_collection_icinga.check_azure_oauth_token @@ -85,7 +85,7 @@ You can use these playbooks in your playbook like this: Or call them from the command line: ``` -ansible-playbook t_systems_mms.ansible_collection_icinga.domon_standard +ansible-playbook t_systems_mms.ansible_collection_icinga.mms_standard ansible-playbook t_systems_mms.ansible_collection_icinga.check_azure_oauth_token ansible-playbook t_systems_mms.ansible_collection_icinga.check_gitlab_scheduler ansible-playbook t_systems_mms.ansible_collection_icinga.check_https diff --git a/playbooks/check_https.yml b/playbooks/check_https.yml index 3c52227..005a6c2 100644 --- a/playbooks/check_https.yml +++ b/playbooks/check_https.yml @@ -8,12 +8,12 @@ url_username: "{{ icinga_user }}" url_password: "{{ icinga_pass }}" tasks: - - name: Create service template for domon-https + - name: Create service template for mms-https telekom_mms.icinga_director.icinga_service_template: state: present - object_name: domon-https + object_name: mms-https imports: - - domon-standard-service + - mms-standard-service check_command: http check_interval: 300 vars: @@ -24,10 +24,10 @@ http_ssl: true http_timeout: 30 - - name: Create service template for domon-https + - name: Create service template for mms-https telekom_mms.icinga_director.icinga_service_template: state: present - object_name: domon-https-certificate + object_name: mms-https-certificate imports: - - domon-https + - mms-https check_timeout: 60 diff --git a/playbooks/check_json_azure_restapi.yml b/playbooks/check_json_azure_restapi.yml index f9fb467..8b9cfce 100644 --- a/playbooks/check_json_azure_restapi.yml +++ b/playbooks/check_json_azure_restapi.yml @@ -1,5 +1,5 @@ --- -- name: Create service template for domon-standard-service and azure REST-API +- name: Create service template for mms-standard-service and azure REST-API hosts: localhost gather_facts: false module_defaults: diff --git a/playbooks/check_json_azure_restapi_resourcehealth.yml b/playbooks/check_json_azure_restapi_resourcehealth.yml index 2ed7e47..7751272 100644 --- a/playbooks/check_json_azure_restapi_resourcehealth.yml +++ b/playbooks/check_json_azure_restapi_resourcehealth.yml @@ -11,9 +11,9 @@ - name: Create service template for azure REST-API ResourceHealth telekom_mms.icinga_director.icinga_service_template: state: present - object_name: domon-json-azure_restapi_resourcehealth + object_name: mms-json-azure_restapi_resourcehealth imports: - - domon-standard-service + - mms-standard-service check_command: check_json_azure_restapi check_interval: 5m vars: diff --git a/playbooks/domon_standard.yml b/playbooks/mms_standard.yml similarity index 83% rename from playbooks/domon_standard.yml rename to playbooks/mms_standard.yml index eacc434..8906cbc 100644 --- a/playbooks/domon_standard.yml +++ b/playbooks/mms_standard.yml @@ -1,4 +1,4 @@ -- name: Create domon-standards +- name: Create mms-standards hosts: localhost gather_facts: false module_defaults: @@ -7,7 +7,7 @@ url_username: "{{ icinga_user }}" url_password: "{{ icinga_pass }}" tasks: - - name: Create timeperiod for domon-standard-service + - name: Create timeperiod for mms-standard-service telekom_mms.icinga_director.icinga_timeperiod: state: present object_name: 24/7 @@ -20,10 +20,10 @@ saturday: "00:00-24:00" sunday: "00:00-24:00" - - name: Create service template for domon-standard-service + - name: Create service template for mms-standard-service telekom_mms.icinga_director.icinga_service_template: state: present - object_name: domon-standard-service + object_name: mms-standard-service max_check_attempts: "3" check_period: "24/7" check_interval: "2m" diff --git a/playbooks/template_empty_host.yml b/playbooks/template_empty_host.yml index dff00fc..c78168f 100644 --- a/playbooks/template_empty_host.yml +++ b/playbooks/template_empty_host.yml @@ -11,5 +11,5 @@ - name: Create a host in icinga telekom_mms.icinga_director.icinga_host_template: state: present - object_name: domon-template-empty-host + object_name: mms-template-empty-host check_command: dummy diff --git a/tests/integration/targets/icinga/runme.sh b/tests/integration/targets/icinga/runme.sh index 9e6040e..a07051c 100755 --- a/tests/integration/targets/icinga/runme.sh +++ b/tests/integration/targets/icinga/runme.sh @@ -2,7 +2,7 @@ set -eux -ansible-playbook t_systems_mms.ansible_collection_icinga.domon_standard -e "@../../integration_config.yml" "$@" +ansible-playbook t_systems_mms.ansible_collection_icinga.mms_standard -e "@../../integration_config.yml" "$@" ansible-playbook t_systems_mms.ansible_collection_icinga.check_azure_oauth_token -e "@../../integration_config.yml" "$@" ansible-playbook t_systems_mms.ansible_collection_icinga.check_gitlab_scheduler -e "@../../integration_config.yml" "$@" ansible-playbook t_systems_mms.ansible_collection_icinga.check_https -e "@../../integration_config.yml" "$@"