diff --git a/action_plugins/insights_config.py b/action_plugins/insights_config.py new file mode 100644 index 0000000..8c447e5 --- /dev/null +++ b/action_plugins/insights_config.py @@ -0,0 +1,41 @@ +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +from ansible.plugins.action import ActionBase + + +class ActionModule(ActionBase): + + def run(self, tmp=None, task_vars=None): + + result = super(ActionModule, self).run(tmp, task_vars) + + insights_name = self._task.args.get('insights_name', 'insights-client') + + config_vars = dict( + username = self._task.args.get('username', None), + password = self._task.args.get('password', None), + auto_config = self._task.args.get('auto_config', None), + authmethod = self._task.args.get('authmethod', None), + display_name = self._task.args.get('display_name', None) + ) + + for k, v in config_vars.items(): + if v: + new_module_args = dict( + path = '/etc/' + insights_name + '/' + insights_name + '.conf', + section = insights_name, + option = k, + value = v, + no_extra_spaces = True, + state = "present" + ) + result.update(self._execute_module( + module_name='ini_file', + module_args=new_module_args, + task_vars=task_vars, + tmp=tmp + )) + + return result + diff --git a/library/insights_config.py b/library/insights_config.py new file mode 100644 index 0000000..4a45520 --- /dev/null +++ b/library/insights_config.py @@ -0,0 +1,67 @@ +ANSIBLE_METADATA = { + 'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community' +} + +DOCUMENTATION = ''' +--- +module: insights_config +short_description: This module handles initial configuration of the insights client on install +description: + - Supply values for various configuration options that you would like to use. On install + this module will add those values to the insights-client.conf file prior to registering. +version_added: "3.0" +options: + username: + description: + - Insights basic auth username. If defined this will change, set, or remove the username + in the insights configuration. To remove a username set this value to an empty string. + required: false + password: + description: + - Insights basic auth password. If defined this will change, set, or remove the password + in the insights configuration. To remove a password set this value to an empty string. + required: false + auto_config: + description: + - Attempt to auto-configure the network connection with Satellite or RHSM. Default is True. + required: false + authmethod: + description: + - Authentication method for the Portal (BASIC, CERT). Default is BASIC. Note: when + auto_config is enabled, CERT will be used if RHSM or Satellite is detected. + required: false + display_name: + description: + - Custom display name to appear in the Insights web UI. Only used on machine registration. + Blank by default. + required: false + insights_name: + description: + - For now, this is just 'insights-client', but it could change in the future so having + it as a variable is just preparing for that. + required: false +''' + +EXAMPLES = ''' +- name: Configure the insights client to register with username and password + insights_config: + username: "rhn_support" or "{{ redhat_portal_username }}" if passing in as a role variable + password: "rhn_password" or "{{ redhat_portal_password }}" + auto_config: False or "{{ auto_config }}" + authmethod: BASIC or "{{ authmethod }}" + become: true + +- name: Configure the insights client to register with RHSM and no display name + insights_config: + become: true + +Note: The above example calls the insights_config module with no parameters. This is because auto_config defaults to True +which in turn forces the client to try RHSM (or Satellite) + +- name: Configure the insights client to register with RHSM and a display name + insights_config: + display_name: "nice_name" or "{{ insights_display_name }}" if passing in as a role variable + become: true +''' diff --git a/library/insights_register.py b/library/insights_register.py new file mode 100644 index 0000000..89de8ec --- /dev/null +++ b/library/insights_register.py @@ -0,0 +1,152 @@ +#!/usr/bin/python + +# Copyright: (c) 2018, Terry Jones +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +ANSIBLE_METADATA = { + 'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community' +} + +DOCUMENTATION = ''' +--- +module: insights_register + +short_description: This module registers the insights client + +description: + - This module will check the current registration status, unregister if needed, + and then register the insights client (and update the display_name if needed) + +options: + state: + description: + - Determines whether to register or unregister insights-client + choices: ["present", "absent"] + required: true + insights_name: + description: + - For now, this is just 'insights-client', but it could change in the future + so having it as a variable is just preparing for that + required: false + display_name: + description: + - This option is here to enable registering with a display_name outside of using + a configuration file. Some may be used to doing it this way so I left this in as + an optional parameter. + required: false + force_reregister: + description: + - This option should be set to true if you wish to force a reregister of the insights-client. + Note that this will remove the existing machine-id and create a new one. Only use this option + if you are okay with creating a new machine-id. + required: false + +author: + - Jason Stephens (@Jason-RH) +''' + +EXAMPLES = ''' +# Normal Register +- name: Register the insights client + insights_register: + state: present + +# Force a Reregister (for config changes, etc) +- name: Resgiter the insights client + insights_register: + state: present + force_reregister: true + +# Unregister +- name: Unregister the insights client + insights_regsiter: + state: absent + +# Register an install of redhat-access-insights (this is not a 100% automated process) +- name: Register redhat-access-insights + insights_register: + state: present + insights_name: 'redhat-access-insights' + +Note: The above example for registering redhat-access-insights requires that the playbook be +changed to install redhat-access-insights and that redhat-access-insights is also passed into +the insights_config module and that the file paths be changed when using the file module +''' + +RETURN = ''' +original_message: + description: Just a sentence declaring that there is a registration attempt + type: str +message: + description: The output message that the module generates +''' + +from ansible.module_utils.basic import AnsibleModule +import subprocess + +def run_module(): + # define available arguments/parameters a user can pass to the module + module_args = dict( + state=dict(choices=['present', 'absent'], default='present'), + insights_name=dict(type='str', required=False, default='insights-client'), + display_name=dict(type='str', required=False, default=''), + force_reregister=dict(type='bool', required=False, default=False) + ) + + result = dict( + changed=False, + original_message='', + message='' + ) + + module = AnsibleModule( + argument_spec=module_args, + supports_check_mode=True + ) + + if module.check_mode: + return result + + state = module.params['state'] + insights_name = module.params['insights_name'] + display_name = module.params['display_name'] + force_reregister = module.params['force_reregister'] + + reg_status = subprocess.call([insights_name, '--status']) + + if state == 'present': + result['original_message'] = 'Attempting to register ' + insights_name + if reg_status == 0 and not force_reregister: + result['changed'] = False + result['message'] = 'The Insights API has determined that this machine is already registered' + module.exit_json(**result) + elif reg_status == 0 and force_reregister: + subprocess.call([insights_name, '--force-reregister']) + result['changed'] = True + result['message'] = 'New machine-id created - ' + insights_name + ' has been registered' + module.exit_json(**result) + else: + subprocess.call([insights_name, '--register']) + result['changed'] = True + result['message'] = insights_name + ' has been registered' + module.exit_json(**result) + + if state == 'absent': + result['original_message'] = 'Attempting to unregister ' + insights_name + if reg_status is not 0: + result['changed'] = False + result['message'] = insights_name + ' is already unregistered' + module.exit_json(**result) + else: + subprocess.call([insights_name, '--unregister']) + result['changed'] = True + result['message'] = insights_name + ' has been unregistered' + module.exit_json(**result) + +def main(): + run_module() + +if __name__ == '__main__': + main() diff --git a/tasks/main.yml b/tasks/main.yml index 5629116..9666466 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -14,87 +14,37 @@ # See the License for the specific language governing permissions and # limitations under the License. # -- name: Check for 'insights-client' RPM availability - yum: - list: insights-client - register: yum_list_task - become: true - -- name: Install 'insights-client' if it is available +- name: Install 'insights-client' yum: name: insights-client - when: yum_list_task.results|length > 0 - become: true - -- name: Set Insights Config Name to 'insights-client' - set_fact: - insights_name: 'insights-client' - when: yum_list_task.results|length > 0 - become: true - -- name: Install 'redhat-access-insights' if 'insights-client' is not available - yum: - name: redhat-access-insights - when: yum_list_task.results|length == 0 - become: true - -- name: Set Insights Config Name to 'redhat-access-insights' - set_fact: - insights_name: 'redhat-access-insights' - when: yum_list_task.results|length == 0 - become: true - -- name: Configure username in Insights' Config file - ini_file: - path: /etc/{{ insights_name }}/{{ insights_name }}.conf - section: "{{ insights_name }}" - option: username - value: "{{ redhat_portal_username }}" - no_extra_spaces: true - state: "{{ 'present' if redhat_portal_username else 'absent' }}" - when: redhat_portal_username is defined - become: true - -- name: Configure password in Insights Config file - ini_file: - path: /etc/{{ insights_name }}/{{ insights_name }}.conf - section: "{{ insights_name }}" - option: password - value: "{{ redhat_portal_password }}" - no_extra_spaces: true - state: "{{ 'present' if redhat_portal_username else 'absent' }}" - when: redhat_portal_username is defined become: true -- name: Check status of Insights .register file - stat: path=/etc/{{ insights_name }}/.registered +- name: Set Insights Configuration Values + insights_config: + username: "{{ redhat_portal_username | default(omit) }}" + password: "{{ redhat_portal_password | default(omit) }}" + auto_config: "{{ auto_config | default(omit) }}" + authmethod: "{{ authmethod | default(omit) }}" + display_name: "{{ insights_display_name | default(omit) }}" become: true - register: reg_file_task -- name: Unregister if we are setting the display_name, and we have already registered - command: "{{ insights_name }} --unregister" - when: - - insights_display_name is defined - - reg_file_task.stat.exists == true +- name: Register Insights Client + insights_register: + state: present become: true - -- name: Register to the Red Hat Access Insights Service if necessary - command: "{{ insights_name }} --register {{ '--display-name='+insights_display_name if insights_display_name is defined else '' }} creates=/etc/{{ insights_name }}/.registered" - become: true - + - name: Change permissions of Insights Config directory so that Insights System ID can be read file: - path: /etc/{{ insights_name }} + path: /etc/insights-client mode: og=rx become: true - name: Change permissions of machine_id file so that Insights System ID can be read file: - path: /etc/{{ insights_name }}/machine-id + path: /etc/insights-client/machine-id mode: og=r become: true - - name: Create directory for ansible custom facts file: state: directory