From da576e21974489b6fcf33e2ba2674cbbde290b71 Mon Sep 17 00:00:00 2001 From: Jon Date: Wed, 21 Feb 2024 22:22:47 +0930 Subject: [PATCH 01/27] docs(readme): fix galaxy badges !7 --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 59ec25a..f77c965 100644 --- a/README.md +++ b/README.md @@ -32,8 +32,8 @@ This project is hosted on [gitlab](https://gitlab.com/nofusscomputing/projects/a **Ansible Galaxy** -[![Latest Version](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphp_scan_agent%2F&query=%24.highest_version.version&style=plastic&logo=ansible&logoColor=white&label=Latest%20Release&labelColor=black&color=cyan)](https://galaxy.ansible.com/ui/repo/published/nofusscomputing/ci_test_collection/) -![Downloads](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphp_scan_agent%2F&query=%24.download_count&style=plastic&logo=ansible&logoColor=white&label=Downloads&labelColor=black&color=cyan) +[![Latest Version](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.highest_version.version&style=plastic&logo=ansible&logoColor=white&label=Latest%20Release&labelColor=black&color=cyan)](https://galaxy.ansible.com/ui/repo/published/nofusscomputing/phpipam_scan_agent/) +![Downloads](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.download_count&style=plastic&logo=ansible&logoColor=white&label=Downloads&labelColor=black&color=cyan) ---- From ac9914ae164ce71752ea22934d89a631c156e9a1 Mon Sep 17 00:00:00 2001 From: Jon Date: Wed, 21 Feb 2024 22:23:47 +0930 Subject: [PATCH 02/27] fix(build): ensure the correct tags and architectures are published !7 --- .gitlab-ci.yml | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 48c6253..f24afbb 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -151,36 +151,45 @@ Github (Push --mirror): - docker login docker.io -u $NFC_DOCKERHUB_USERNAME -p $NFC_DOCKERHUB_TOKEN - docker image ls - | - DOCKER_HUB_TAG=dev + # DOCKER_HUB_TAG=dev - echo "[DEBUG] default: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; + # echo "[DEBUG] default: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; - if [ "$CI_COMMIT_BRANCH" == "master" ]; then + # if [ "$CI_COMMIT_BRANCH" == "master" ]; then - DOCKER_HUB_TAG=latest + # DOCKER_HUB_TAG=latest - echo "[DEBUG] stable: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; + # echo "[DEBUG] stable: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; - elif [ "$CI_COMMIT_BRANCH" == "development" ]; then + # fi; - DOCKER_HUB_TAG=dev + # if [ "$CI_COMMIT_BRANCH" == "development" ]; then - echo "[DEBUG] dev: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; + # DOCKER_HUB_TAG=dev + + # echo "[DEBUG] dev: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; + + # fi; - fi; echo "[DEBUG] DOCKER_IMAGE_PUBLISH_NAME=$DOCKER_IMAGE_PUBLISH_NAME"; - echo "[DEBUG] final: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; + # echo "[DEBUG] final: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES"; - docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$DOCKER_HUB_TAG; + if [ "${CI_COMMIT_TAG}" ]; then docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$CI_COMMIT_TAG; + docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:latest; + + else + + docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:dev; + fi; after_script: From f3dbdfe5623de4e80bf643dd9cec0fb75e708d20 Mon Sep 17 00:00:00 2001 From: nfc_bot Date: Wed, 21 Feb 2024 12:55:00 +0000 Subject: [PATCH 03/27] build: bump version 0.1.1 -> 0.1.2-a1 !7 --- .cz.yaml | 2 +- CHANGELOG.md | 6 ++++++ galaxy.yml | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.cz.yaml b/.cz.yaml index e0567d8..896bfb5 100644 --- a/.cz.yaml +++ b/.cz.yaml @@ -4,5 +4,5 @@ commitizen: prerelease_offset: 1 tag_format: $version update_changelog_on_bump: false - version: 0.1.1 + version: 0.1.2-a1 version_scheme: semver diff --git a/CHANGELOG.md b/CHANGELOG.md index 3b3c838..cdde04a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ ### Fix +- **build**: ensure the correct tags and architectures are published + +## 0.1.1 (2024-02-21) + +### Fix + - **ci**: use correct collection name ## 0.1.0 (2024-02-21) diff --git a/galaxy.yml b/galaxy.yml index 45f3ab5..4277dcc 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -8,7 +8,7 @@ namespace: nofusscomputing name: phpipam_scan_agent # The version of the collection. Must be compatible with semantic versioning -version: 0.1.1 +version: 0.1.2-a1 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From 985f121b7f2200136611be67db4af30ff944e54e Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 13:45:25 +0930 Subject: [PATCH 04/27] docs: move server component docs to correct location !7 --- .../collection/phpipam_scan_agent/scanner.md | 20 ------------- .../collection/phpipam_scan_agent/server.md | 29 +++++++++++++++---- 2 files changed, 24 insertions(+), 25 deletions(-) diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/scanner.md b/docs/projects/ansible/collection/phpipam_scan_agent/scanner.md index bddabe2..095a910 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/scanner.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/scanner.md @@ -37,11 +37,6 @@ The variables described below, if optional the value specified here is the defau ``` yaml -client_token: "" # Mandatory, String client api token to connect to phpIPAM API [SCANNER_TOKEN] -client_name: "" # Mandatory, String. The scanner name as set in phpIPAM interface [SCANNER_NAME] -scanagent_code: "" # Mandatory, String. Scan Agent Code as set in phpIPAM interface [SCANNER_CODE] - - nfc_c_http_port: 5000 # Optional, Integer. http port to connect to the server. [HTTP_PORT] nfc_c_http_server: http://127.0.0.1 # Optional, Integer. url with protocol of the Scan Server to connect to. [HTTP_URL] @@ -58,21 +53,6 @@ nfc_c_epoch_time_offset: 0 # optional, int. Value in seconds to offs You can specify environmental variable `ANSIBLE_LOG_PATH=/var/log/ansible.log`, which will tell the scanner component to log to a file at path `/var/log/ansible.log` -#### phpIPAM Interface variable Mapping - -These images are of the phpIPAM interface that show in green text the variable name that would be set as detailed above. - -![phpIPAM API](images/phpipam_api.png) - -phpIPAM API Settings - ----- - -![phpIPAM Scan Agent](images/phpipam_scan_agent_details.png) - -phpIPAM Scan Agent Settings - - ## Workflow The scanner component has the following workflow: diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/server.md b/docs/projects/ansible/collection/phpipam_scan_agent/server.md index 06f103e..b34b6c2 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/server.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/server.md @@ -22,15 +22,19 @@ ansible-rulebook -r nofusscomputing.phpipam_scan_agent.agent_receive ### Variables -The variables described below, if optional the value specified here is the default value. All variables that are used by the server component are environmental variables that must be set before execution. +The variables described below, if optional the value specified here is the default value. All variables that are used by the server component are environmental variables that must be set before execution. Ansbible variable name is enclused in `[]` ``` bash +# phpIPAM Scan Agent Settings +SCANNER_TOKEN= # Mandatory, String client api token to connect to phpIPAM API [client_token] +SCANNER_NAME= # Mandatory, String. The scanner name as set in phpIPAM interface [client_name] +SCANNER_CODE= # Mandatory, String. Scan Agent Code as set in phpIPAM interface [scanagent_code] # phpIPAM MariaDB/MySQL Variables -MYSQL_HOST= # Mandatory, String. IP/DNS of host to connect. -MYSQL_PORT=3306 # Optional, Integer. port to use for connection. -MYSQL_USER= # Mandatory, String. User to authenticate with. -MYSQL_PASSWORD= # Mandatory, String. Password for the user to connect with. +MYSQL_HOST= # Mandatory, String. IP/DNS of host to connect. [nfc_c_mysql_host] +MYSQL_PORT=3306 # Optional, Integer. port to use for connection. [nfc_c_mysql_port] +MYSQL_USER= # Mandatory, String. User to authenticate with. [nfc_c_mysql_user] +MYSQL_PASSWORD= # Mandatory, String. Password for the user to connect with. [nfc_c_mysql_password] # Server Component Variables @@ -39,6 +43,21 @@ HTTP_PORT=5000 # Optional, Integer. The port for the Server component to ``` +#### phpIPAM Interface variable Mapping + +These images are of the phpIPAM interface that show in green text the variable name that would be set as detailed above. + +![phpIPAM API](images/phpipam_api.png) + +phpIPAM API Settings + +---- + +![phpIPAM Scan Agent](images/phpipam_scan_agent_details.png) + +phpIPAM Scan Agent Settings + + # Workflow The Server componet has the following workflow: From d2e0275f1b9cc8e23eea1f7db2328b4e75b55c95 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 13:52:57 +0930 Subject: [PATCH 05/27] docs: fix badges !7 --- docs/projects/ansible/collection/phpipam_scan_agent/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/index.md b/docs/projects/ansible/collection/phpipam_scan_agent/index.md index 35745c2..76b9973 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/index.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/index.md @@ -10,8 +10,8 @@ about: https://gitlab.com/nofusscomputing/projects/ansible/collections/phpipam_s ![Project Status - Active](https://img.shields.io/badge/Project%20Status-Active-green?logo=gitlab&style=plastic) -[![Latest Version](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphp_scan_agent%2F&query=%24.highest_version.version&style=plastic&logo=ansible&logoColor=white&label=Latest%20Release&labelColor=black&color=cyan)](https://galaxy.ansible.com/ui/repo/published/nofusscomputing/ci_test_collection/) -![Downloads](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphp_scan_agent%2F&query=%24.download_count&style=plastic&logo=ansible&logoColor=white&label=Downloads&labelColor=black&color=cyan) +[![Latest Version](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.highest_version.version&style=plastic&logo=ansible&logoColor=white&label=Latest%20Release&labelColor=black&color=cyan)](https://galaxy.ansible.com/ui/repo/published/nofusscomputing/phpipam_scan_agent/) +![Downloads](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.download_count&style=plastic&logo=ansible&logoColor=white&label=Downloads&labelColor=black&color=cyan) [![Docker Image Version](https://img.shields.io/docker/v/nofusscomputing/phpipam-scan-agent?sort=semver&style=plastic&logo=docker&logoColor=0db7ed&color=0db7ed&label=Latest%20Release)](https://hub.docker.com/r/nofusscomputing/phpipam-scan-agent) [![Docker Pulls](https://img.shields.io/docker/pulls/nofusscomputing/phpipam-scan-agent?style=plastic&logo=docker&logoColor=0db7ed&color=0db7ed)](https://hub.docker.com/r/nofusscomputing/phpipam-scan-agent) From 634eff3b3aa6a5762b9620fa779042bc7a6e1f56 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 14:46:52 +0930 Subject: [PATCH 06/27] fix(docker): ensure correct variable used to install package !8 fixes #9 --- dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dockerfile b/dockerfile index db63184..43a8cb6 100644 --- a/dockerfile +++ b/dockerfile @@ -94,7 +94,7 @@ RUN mkdir -p /tmp/collection; \ if [ "$COLLECTION_PACKAGE" != "dev" ]; then \ echo "specified"; \ ansible-galaxy collection install --force-with-deps --pre \ - $COLLECTION; \ + $COLLECTION_PACKAGE; \ elif [ "$COLLECTION_PACKAGE" == "dev" ]; then \ git clone \ --depth=1 \ From 9920fdb0b4c7a696202659191fb9e61578846bb4 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 14:57:05 +0930 Subject: [PATCH 07/27] fix(agent): cater for api call that returns nothing !8 --- playbooks/tasks/api_call.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/tasks/api_call.yaml b/playbooks/tasks/api_call.yaml index 99e5cac..c2e2da3 100644 --- a/playbooks/tasks/api_call.yaml +++ b/playbooks/tasks/api_call.yaml @@ -73,7 +73,7 @@ - 200 - 404 validate_certs: false - changed_when: api_call.json | length | int > 0 + changed_when: api_call.json | default([]) | length | int > 0 no_log: true register: api_call when: > From a2444087a8c2426d8090a03ee8fe2ca9aecd5625 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 15:21:41 +0930 Subject: [PATCH 08/27] refactor(api_call): use var name that makes more sense !8 --- playbooks/tasks/api_call.yaml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/playbooks/tasks/api_call.yaml b/playbooks/tasks/api_call.yaml index c2e2da3..93442ef 100644 --- a/playbooks/tasks/api_call.yaml +++ b/playbooks/tasks/api_call.yaml @@ -26,34 +26,34 @@ - name: check Cache Files ansible.builtin.stat: path: "{{ cache_filepath }}" - register: cache_files + register: cached_file - name: Expire ansible.builtin.set_fact: - expired: "{{ ((epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) >= ((cache_files.stat.mtime | int) + nfc_c_cache_expire_time | int) | int ) | bool }}" - when: cache_files.stat.exists + expired: "{{ ((epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) >= ((cached_file.stat.mtime | int) + nfc_c_cache_expire_time | int) | int ) | bool }}" + when: cached_file.stat.exists - name: TRACE - Cached file ansible.builtin.debug: msg: - - "exists: {{ cache_files.stat.exists | default('') }}" - - "mtime: {{ cache_files.stat.mtime | default(0) | int }}" - - "expire: {{ (cache_files.stat.mtime | int) + nfc_c_cache_expire_time | int }}" + - "exists: {{ cached_file.stat.exists | default('') }}" + - "mtime: {{ cached_file.stat.mtime | default(0) | int }}" + - "expire: {{ (cached_file.stat.mtime | int) + nfc_c_cache_expire_time | int }}" - "epoch: {{ (epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) | int }} [{{ nfc_c_cache_expire_time }}]" - "epoch: {{ epoch }}" - "expired: {{ expired }}" - when: cache_files.stat.exists + when: cached_file.stat.exists - name: Expire Cache ansible.builtin.file: - path: "{{ cache_files.stat.path }}" + path: "{{ cached_file.stat.path }}" state: absent when: > expired and - cache_files.stat.exists + cached_file.stat.exists - name: > @@ -80,10 +80,10 @@ ( expired and - cache_files.stat.exists + cached_file.stat.exists ) or - not cache_files.stat.exists + not cached_file.stat.exists - name: Create Cache DIR @@ -104,9 +104,9 @@ ( expired and - cache_files.stat.exists + cached_file.stat.exists ) or - not cache_files.stat.exists + not cached_file.stat.exists and api_call.status | default(0) | int != 404 From 785ae77510c8c82134f92171ae221a4f045c9cd6 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 15:25:05 +0930 Subject: [PATCH 09/27] feat(api_call): before returning check if cached file exists !8 --- playbooks/tasks/api_call.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/playbooks/tasks/api_call.yaml b/playbooks/tasks/api_call.yaml index 93442ef..3a537b8 100644 --- a/playbooks/tasks/api_call.yaml +++ b/playbooks/tasks/api_call.yaml @@ -110,3 +110,8 @@ not cached_file.stat.exists and api_call.status | default(0) | int != 404 + + - name: check Cache Files + ansible.builtin.stat: + path: "{{ cache_filepath }}" + register: cached_file From 2186a85abfec49e3d2202b370d86586cb134e2c4 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 17:11:02 +0930 Subject: [PATCH 10/27] fix(agent): only attempt to scan subnet if subnets were returned !8 --- playbooks/agent.yaml | 2 +- playbooks/tasks/subnets.yaml | 36 ++++++++++++++++++++++++------------ 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/playbooks/agent.yaml b/playbooks/agent.yaml index 1307424..7c33f2c 100644 --- a/playbooks/agent.yaml +++ b/playbooks/agent.yaml @@ -84,7 +84,7 @@ - name: Scan Subnet ansible.builtin.include_tasks: file: tasks/scan_subnet.yaml - loop: "{{ nfc_c_scan_agent_subnets }}" + loop: "{{ nfc_c_scan_agent_subnets | default([]) }}" loop_control: loop_var: subnet diff --git a/playbooks/tasks/subnets.yaml b/playbooks/tasks/subnets.yaml index b907daf..923632e 100644 --- a/playbooks/tasks/subnets.yaml +++ b/playbooks/tasks/subnets.yaml @@ -15,15 +15,27 @@ api_query_string: "filter_by=scanAgent&filter_value={{ nfc_c_scan_agent_id }}" -- name: Update Subnets List - ansible.builtin.set_fact: - nfc_c_scan_agent_subnets: "{{ nfc_c_scan_agent_subnets + [{ - 'id': network.id, - 'address': network.subnet + '/' + network.mask - }] }}" - loop: "{{ data | default ([]) }}" - loop_control: - loop_var: network - vars: - data: "{{ lookup('file', cache_filepath) }}" - when: network.discoverSubnet | int == 1 +- name: Try/Catch + block: + + + - name: Update Subnets List + ansible.builtin.set_fact: + nfc_c_scan_agent_subnets: "{{ nfc_c_scan_agent_subnets + [{ + 'id': network.id, + 'address': network.subnet + '/' + network.mask + }] }}" + loop: "{{ lookup('file', cache_filepath) | default ([]) }}" + loop_control: + loop_var: network + when: > + network.discoverSubnet | int == 1 + + rescue: + + - name: Confirm 'Subnets List' Error is Expected + ansible.builtin.assert: + that: + - not cached_file.stat.exists + success_msg: "OK. Success. The error occured as there is no cache file. This normally means there are no subnets assigned to the agent." + fail_msg: "ERROR. Something went wrong, Cache file exists." From 058781709ca51fcc1315a9c7b02a00a37c70c232 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 18:26:10 +0930 Subject: [PATCH 11/27] feat(server): show ip address in logs when updating an ip address !8 --- playbooks/tasks/server/ipaddress.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/tasks/server/ipaddress.yaml b/playbooks/tasks/server/ipaddress.yaml index 52ceb04..a40543a 100644 --- a/playbooks/tasks/server/ipaddress.yaml +++ b/playbooks/tasks/server/ipaddress.yaml @@ -1,7 +1,7 @@ --- -- name: Update IP Address' found +- name: "Update IP Address' found - {{ scan_address.ipaddress.ip }}" community.mysql.mysql_query: login_host: "{{ nfc_c_mysql_host }}" login_port: "{{ nfc_c_mysql_port | default(3306) | int }}" From b3e911efcdbe4d1f6cf6c2665206a3ead3e8a4a7 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 18:26:32 +0930 Subject: [PATCH 12/27] ci: add submodule update job !8 --- .gitlab-ci.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f24afbb..0d759ff 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -29,6 +29,11 @@ include: - template/mkdocs-documentation.gitlab-ci.yaml # ToDo: update gitlabCI jobs for collections workflow - git_push_mirror/.gitlab-ci.yml + - automation/.gitlab-ci-ansible.yaml + + +Update Git Submodules: + extends: .ansible_playbook_git_submodule Github (Push --mirror): From f8bdccd122580987bf10d0864d48205d4ff2b1b2 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 18:38:21 +0930 Subject: [PATCH 13/27] feat(agent): showsubnet address in logs when conducting subnet actions !8 --- playbooks/tasks/scan_subnet.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/playbooks/tasks/scan_subnet.yaml b/playbooks/tasks/scan_subnet.yaml index 5847c43..9ad9ba3 100644 --- a/playbooks/tasks/scan_subnet.yaml +++ b/playbooks/tasks/scan_subnet.yaml @@ -1,6 +1,6 @@ --- -- name: Scan subnet +- name: Scan subnet - {{ subnet.address }} ansible.builtin.command: cmd: nmap -sn "{{ subnet.address }}" -oX - become: true @@ -15,7 +15,7 @@ api_query_string: "filter_by=subnetId&filter_value={{ subnet.id }}" -- name: Load Subnet +- name: Load Subnet - {{ subnet.address }} ansible.builtin.set_fact: cached_subnet: "{{ lookup('file', cache_filepath) }}" cacheable: false @@ -24,7 +24,7 @@ api_call.status | default(0) | int != 404 -- name: Process Scan Results +- name: Process Scan Results - {{ subnet.address }} ansible.builtin.set_fact: subnet_scan_results: |- [ @@ -51,12 +51,12 @@ {% endfor %} ] -- name: To JSON +- name: To JSON - {{ subnet.address }} ansible.builtin.set_fact: subnet_scan_results: "{{ subnet_scan_results | from_yaml }}" -- name: Upload Scan Results +- name: Upload Scan Results - {{ subnet.address }} ansible.builtin.uri: url: "{{ nfc_c_http_server }}:{{ nfc_c_http_port }}/" method: POST From 4c631c67f94a208ff60641df4fe1f8912cb3512b Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 20:10:13 +0930 Subject: [PATCH 14/27] feat(agent): if hostname present in nmap scan report, add to report for server !8 #4 --- playbooks/tasks/scan_subnet.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/playbooks/tasks/scan_subnet.yaml b/playbooks/tasks/scan_subnet.yaml index 9ad9ba3..25ebcd8 100644 --- a/playbooks/tasks/scan_subnet.yaml +++ b/playbooks/tasks/scan_subnet.yaml @@ -43,6 +43,13 @@ "subnetId": "{{ subnet.id }}", "ip": "{{ scanned_host.address['@addr'] | default(scanned_host.address[0]['@addr']) }}", "lastSeen": "{{ nmap_scan.start }}", + {% if scanned_host.hostnames.hostname is defined %} + {% if '.' in scanned_host.hostnames.hostname['@name'] | string %} + "hostname": "{{ (scanned_host.hostnames.hostname['@name'] | split('.'))[0] }}", + {% else %} + "hostname": "{{ scanned_host.hostnames.hostname['@name'] }}", + {% endif %} + {% endif %} {% if scanned_host.address['@addrtype'] | default(scanned_host.address[1]['@addrtype']) == 'mac' %} "mac": "{{ scanned_host.address['@addr'] | default(scanned_host.address[1]['@addr']) | upper }}" {% endif %} From 7d7a77b3fbdb6997a9dd98fdf720932e28e173b0 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 20:23:21 +0930 Subject: [PATCH 15/27] feat(server): if hostname in scan report, update the database !8 #4 --- playbooks/tasks/server/ipaddress.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/playbooks/tasks/server/ipaddress.yaml b/playbooks/tasks/server/ipaddress.yaml index a40543a..50349a3 100644 --- a/playbooks/tasks/server/ipaddress.yaml +++ b/playbooks/tasks/server/ipaddress.yaml @@ -18,6 +18,12 @@ SET lastSeen = '{{ scan_address.ipaddress.lastSeen }}' + {% if scan_address.ipaddress.hostname | default('') != '' %}, + + hostname = '{{ scan_address.ipaddress.hostname }}' + + {% endif %} + {% if scan_address.ipaddress.mac | default('') != '' %}, mac = '{{ scan_address.ipaddress.mac }}' @@ -36,6 +42,7 @@ subnetId, ip_addr, description, + {% if scan_address.ipaddress.hostname | default('') != '' %}hostname,{% endif %} {% if scan_address.ipaddress.mac | default('') != '' %}mac,{% endif %} note, lastSeen @@ -46,6 +53,12 @@ '{{ scan_address.ipaddress.ip | ip2ipam }}', '-- autodiscovered --', + {% if scan_address.ipaddress.hostname | default('') != '' %} + + '{{ scan_address.ipaddress.hostname }}' + + {% endif %} + {% if scan_address.ipaddress.mac | default('') != '' %} '{{ scan_address.ipaddress.mac }}', From 3ab1936a0a4818bebb182521cc7b3a12924ddf2a Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 21:04:35 +0930 Subject: [PATCH 16/27] chore(ci): update ci template repo to current head !8 --- gitlab-ci | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitlab-ci b/gitlab-ci index d29064f..34c81c9 160000 --- a/gitlab-ci +++ b/gitlab-ci @@ -1 +1 @@ -Subproject commit d29064f1490073599518b629c7bf6585b48c8736 +Subproject commit 34c81c98494b5ce448f4da4e645952439c897906 From 98317f4831c4c1b5d86f348106d90ae99b58c379 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 22 Feb 2024 21:16:12 +0930 Subject: [PATCH 17/27] fix(server): use correct sql syntax to insert ipaddress !8 #4 --- playbooks/tasks/server/ipaddress.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/tasks/server/ipaddress.yaml b/playbooks/tasks/server/ipaddress.yaml index 50349a3..633ae0c 100644 --- a/playbooks/tasks/server/ipaddress.yaml +++ b/playbooks/tasks/server/ipaddress.yaml @@ -55,7 +55,7 @@ {% if scan_address.ipaddress.hostname | default('') != '' %} - '{{ scan_address.ipaddress.hostname }}' + '{{ scan_address.ipaddress.hostname }}', {% endif %} From 99513f6d656419b18f916712b3b8f35cfc9396b8 Mon Sep 17 00:00:00 2001 From: nfc_bot Date: Thu, 22 Feb 2024 12:08:53 +0000 Subject: [PATCH 18/27] build: bump version 0.1.2-a1 -> 0.2.0-a1 !8 --- .cz.yaml | 2 +- CHANGELOG.md | 23 ++++++++++++++++++++++- galaxy.yml | 2 +- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/.cz.yaml b/.cz.yaml index 896bfb5..9ed329c 100644 --- a/.cz.yaml +++ b/.cz.yaml @@ -4,5 +4,5 @@ commitizen: prerelease_offset: 1 tag_format: $version update_changelog_on_bump: false - version: 0.1.2-a1 + version: 0.2.0-a1 version_scheme: semver diff --git a/CHANGELOG.md b/CHANGELOG.md index cdde04a..8482807 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,25 @@ -## Unreleased +## 0.2.0-a1 (2024-02-22) + +### Feat + +- **server**: if hostname in scan report, update the database +- **agent**: if hostname present in nmap scan report, add to report for server +- **agent**: showsubnet address in logs when conducting subnet actions +- **server**: show ip address in logs when updating an ip address +- **api_call**: before returning check if cached file exists + +### Fix + +- **server**: use correct sql syntax to insert ipaddress +- **agent**: only attempt to scan subnet if subnets were returned +- **agent**: cater for api call that returns nothing +- **docker**: ensure correct variable used to install package + +### Refactor + +- **api_call**: use var name that makes more sense + +## 0.1.2-a1 (2024-02-21) ### Fix diff --git a/galaxy.yml b/galaxy.yml index 4277dcc..eb13eac 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -8,7 +8,7 @@ namespace: nofusscomputing name: phpipam_scan_agent # The version of the collection. Must be compatible with semantic versioning -version: 0.1.2-a1 +version: 0.2.0-a1 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md From 9ca7b14364ba2a4b6712ec3364252ae7b5512cfd Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 23 Feb 2024 12:10:30 +0930 Subject: [PATCH 19/27] ci: attempt to fix multi-arch builds !9 --- .gitlab-ci.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0d759ff..2b0f213 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -146,9 +146,9 @@ Github (Push --mirror): docker buildx imagetools inspect $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG; - DOCKER_MULTI_ARCH_IMAGES=$(docker buildx imagetools inspect "$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG" --format "{{ range .Manifest.Manifests }}$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG@{{ println .Digest }} {{end}}") + #DOCKER_MULTI_ARCH_IMAGES=$(docker buildx imagetools inspect "$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG" --format "{{ range .Manifest.Manifests }}$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG@{{ println .Digest }} {{end}}") - echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES"; + # echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES"; # done; @@ -177,23 +177,23 @@ Github (Push --mirror): # fi; - echo "[DEBUG] DOCKER_IMAGE_PUBLISH_NAME=$DOCKER_IMAGE_PUBLISH_NAME"; + # echo "[DEBUG] DOCKER_IMAGE_PUBLISH_NAME=$DOCKER_IMAGE_PUBLISH_NAME"; # echo "[DEBUG] final: DOCKER_HUB_TAG=$DOCKER_HUB_TAG"; - echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES"; - - + # echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES"; + + if [ "${CI_COMMIT_TAG}" ]; then - docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$CI_COMMIT_TAG; + docker buildx imagetools create $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$CI_COMMIT_TAG; - docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:latest; + docker buildx imagetools create $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:latest; else - docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:dev; + docker buildx imagetools create $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:dev; fi; From 49682d6038328f79d349e3d06f611dcb5e5e144c Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 23 Feb 2024 12:39:15 +0930 Subject: [PATCH 20/27] test(docker): unit test to ensure collection installed within container !9 fixes #9 --- .gitlab-ci.yml | 47 ++++++++++++++++++++++++++++++++- .gitlab/unit-test.gitlab-ci.yml | 33 +++++++++++++++++++++++ 2 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 .gitlab/unit-test.gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2b0f213..fcf4110 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -21,6 +21,9 @@ variables: include: + + - local: .gitlab/unit-test.gitlab-ci.yml + - project: nofusscomputing/projects/gitlab-ci ref: development file: @@ -239,10 +242,31 @@ Docker Container (dev): - when: never +test:unit:docker:collection:installed:dev: + extends: .docker_collection_installed + needs: + - "Docker Container (dev)" + rules: + - if: $CI_COMMIT_TAG + when: never + + - if: "$CI_COMMIT_AUTHOR =='nfc_bot '" + when: never + + - if: + $CI_COMMIT_BRANCH != "master" + && + $CI_PIPELINE_SOURCE == "push" + when: always + + - when: never + + Docker Hub (dev): extends: .publish-docker-hub needs: - "Docker Container (dev)" + - "test:unit:docker:collection:installed:dev" resource_group: docker-build rules: - if: $CI_COMMIT_TAG @@ -255,7 +279,7 @@ Docker Hub (dev): $CI_COMMIT_BRANCH == "development" && $CI_PIPELINE_SOURCE == "push" - when: always + when: on_success - when: never @@ -281,10 +305,31 @@ Docker Container: - when: never +test:unit:docker:collection:installed: + extends: .docker_collection_installed + needs: + - Docker Container + rules: + - if: $CI_COMMIT_TAG + when: on_success + + - if: "$CI_COMMIT_AUTHOR =='nfc_bot '" + when: never + + # - if: # Occur on merge + # $CI_COMMIT_BRANCH == "development" + # && + # $CI_PIPELINE_SOURCE == "push" + # when: always + + - when: never + + Docker Hub: extends: .publish-docker-hub needs: - "Docker Container" + - "test:unit:docker:collection:installed" - "Gitlab Release" resource_group: docker-build rules: diff --git a/.gitlab/unit-test.gitlab-ci.yml b/.gitlab/unit-test.gitlab-ci.yml new file mode 100644 index 0000000..564d5f1 --- /dev/null +++ b/.gitlab/unit-test.gitlab-ci.yml @@ -0,0 +1,33 @@ + +.docker_collection_installed: + stage: test + image: + name: nofusscomputing/docker-buildx-qemu:dev + pull_policy: always + services: + - name: docker:23-dind + entrypoint: ["env", "-u", "DOCKER_HOST"] + command: ["dockerd-entrypoint.sh"] + variables: + DOCKER_HOST: tcp://docker:2375/ + DOCKER_DRIVER: overlay2 + DOCKER_DOCKERFILE: dockerfile + # See https://github.com/docker-library/docker/pull/166 + DOCKER_TLS_CERTDIR: "" + GIT_STRATEGY: none + + before_script: + + - | # Pull the image + docker pull $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG; + + - | # Show local images + docker images; + + script: + + - | # Confirm the package is installed within the docker container + docker run \ + --rm \ + $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG \ + ansible-galaxy collection list | grep nofusscomputing.phpipam_scan_agent; From de7752cfcfad58c234e3897f2654faa4451b85f3 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 23 Feb 2024 13:24:02 +0930 Subject: [PATCH 21/27] feat(agent): move config of variables to vars file !8 closes #11 --- dockerfile | 4 +- .../collection/phpipam_scan_agent/docker.md | 9 ++- .../collection/phpipam_scan_agent/scanner.md | 38 +++++++++---- .../collection/phpipam_scan_agent/server.md | 19 ------- includes/etc/phpipam/scan_agent.yaml | 18 ++++++ playbooks/agent.yaml | 56 +++++++------------ playbooks/tasks/agent_id.yaml | 6 +- playbooks/tasks/api_call.yaml | 19 ++----- playbooks/tasks/scan_subnet.yaml | 12 ++-- playbooks/tasks/subnets.yaml | 4 +- 10 files changed, 90 insertions(+), 95 deletions(-) create mode 100644 includes/etc/phpipam/scan_agent.yaml diff --git a/dockerfile b/dockerfile index 43a8cb6..d0e923e 100644 --- a/dockerfile +++ b/dockerfile @@ -106,7 +106,9 @@ RUN mkdir -p /tmp/collection; \ /tmp/collection/.; \ rm -Rf /tmp/collection; \ fi; \ - chmod +x /etc/cron.d/*; + chmod +x /etc/cron.d/*; \ + chown root:root -R /etc/phpipam; \ + chmod 740 -R /etc/phpipam; WORKDIR /root diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/docker.md b/docs/projects/ansible/collection/phpipam_scan_agent/docker.md index 80e69c6..fab0c36 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/docker.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/docker.md @@ -23,12 +23,9 @@ docker run \ -e "MYSQL_HOST=" \ -e "MYSQL_USER=" \ -e "MYSQL_PASSWORD=" \ - -e "SCANNER_TOKEN=" \ - -e "SCANNER_NAME=" \ - -e "SCANNER_CODE=" \ -p "5000:5000" \ --name scan-agent \ - scan-agent:latest; + nofusscomputing/phpipam-scan-agent:latest; ``` @@ -44,7 +41,9 @@ During the build of the container environmental variable `ANSIBLE_FORCE_COLOR='t ### Volumes -There are no volumes for this container. +You will need to configure the scan components: + +- scanner config file at path `/etc/phpipam/scan_agent.yaml`, see [scanner docs](scanner.md#variables) for details. If you wish to customize the cronjob for the scan component within the container, mount a new cron file to path `/etc/cron.d/scanner`. The default cron file is as follows: diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/scanner.md b/docs/projects/ansible/collection/phpipam_scan_agent/scanner.md index 095a910..7a0cb33 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/scanner.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/scanner.md @@ -11,15 +11,11 @@ The Scan Agent Scanner component is intended to scan networks that are assigned ## Usage -After installing the collection, running the agent is as simple as running the following command: +After installing the collection and configuring. Running the agent is as simple as running the following command: ``` bash -ansible-playbook nofusscomputing.phpipam_scan_agent.agent \ - --extra-vars "api_url=" \ - --extra-vars "client_token=" \ - --extra-vars "client_name=" \ - --extra-vars "scanagent_code=" +ansible-playbook nofusscomputing.phpipam_scan_agent.agent ``` @@ -33,19 +29,24 @@ The scanner component requires API access to phpIPAM. THe API user that is used, ### Variables -The variables described below, if optional the value specified here is the default value. Any variable that can be set via environmental variables have the variable name enclosed in `[]` +Variables for the scanner are set in a variables file at path `/etc/phpipam/scan_agent.yaml`. The variables described below, if optional the value specified here is the default value. ``` yaml +nofusscomputing_phpipam_scan_agent: -nfc_c_http_port: 5000 # Optional, Integer. http port to connect to the server. [HTTP_PORT] -nfc_c_http_server: http://127.0.0.1 # Optional, Integer. url with protocol of the Scan Server to connect to. [HTTP_URL] + api_url: # Mandatory, String. url with protocol of the phpIPAM API to connect to. + http_port: 5000 # Optional, Integer. http port to connect to the server. + http_server: http://127.0.0.1 # Optional, Integer. url with protocol of the Scan Server to connect to. -api_url: http://127.0.0.1 # Optional, String. url with protocol of the phpIPAM API to connect to. [API_URL] + cache_expire_time: 1800 # Optional, Integer. Time in seconds to expire the phpIPAM cache. + epoch_time_offset: 0 # optional, int. Value in seconds to offset the time +# phpIPAM Scan Agent Settings + client_token: # Mandatory, String client api token to connect to phpIPAM API [client_token] + client_name: # Mandatory, String. The scanner name as set in phpIPAM interface [client_name] + scanagent_code: # Mandatory, String. Scan Agent Code as set in phpIPAM interface [scanagent_code] -nfc_c_cache_expire_time: 1800 # Optional, Integer. Time in seconds to expire the phpIPAM cache. -nfc_c_epoch_time_offset: 0 # optional, int. Value in seconds to offset the time ``` @@ -53,6 +54,19 @@ nfc_c_epoch_time_offset: 0 # optional, int. Value in seconds to offs You can specify environmental variable `ANSIBLE_LOG_PATH=/var/log/ansible.log`, which will tell the scanner component to log to a file at path `/var/log/ansible.log` +#### phpIPAM Interface variable Mapping + +These images are of the phpIPAM interface that show in green text the variable name that would be set as detailed above. + +![phpIPAM API](images/phpipam_api.png) +phpIPAM API Settings + +---- + +![phpIPAM Scan Agent](images/phpipam_scan_agent_details.png) +phpIPAM Scan Agent Settings + + ## Workflow The scanner component has the following workflow: diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/server.md b/docs/projects/ansible/collection/phpipam_scan_agent/server.md index b34b6c2..a5713ae 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/server.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/server.md @@ -25,10 +25,6 @@ ansible-rulebook -r nofusscomputing.phpipam_scan_agent.agent_receive The variables described below, if optional the value specified here is the default value. All variables that are used by the server component are environmental variables that must be set before execution. Ansbible variable name is enclused in `[]` ``` bash -# phpIPAM Scan Agent Settings -SCANNER_TOKEN= # Mandatory, String client api token to connect to phpIPAM API [client_token] -SCANNER_NAME= # Mandatory, String. The scanner name as set in phpIPAM interface [client_name] -SCANNER_CODE= # Mandatory, String. Scan Agent Code as set in phpIPAM interface [scanagent_code] # phpIPAM MariaDB/MySQL Variables MYSQL_HOST= # Mandatory, String. IP/DNS of host to connect. [nfc_c_mysql_host] @@ -43,21 +39,6 @@ HTTP_PORT=5000 # Optional, Integer. The port for the Server component to ``` -#### phpIPAM Interface variable Mapping - -These images are of the phpIPAM interface that show in green text the variable name that would be set as detailed above. - -![phpIPAM API](images/phpipam_api.png) - -phpIPAM API Settings - ----- - -![phpIPAM Scan Agent](images/phpipam_scan_agent_details.png) - -phpIPAM Scan Agent Settings - - # Workflow The Server componet has the following workflow: diff --git a/includes/etc/phpipam/scan_agent.yaml b/includes/etc/phpipam/scan_agent.yaml new file mode 100644 index 0000000..3591368 --- /dev/null +++ b/includes/etc/phpipam/scan_agent.yaml @@ -0,0 +1,18 @@ +--- + +nofusscomputing_phpipam_scan_agent: + + # api_url: http://127.0.0.1 # Mandatory, String. url with protocol of the phpIPAM API to connect to. + + # http_port: 5000 # Optional, Integer. http port to connect to the server. + # http_server: http://127.0.0.1 # Optional, Integer. url with protocol of the Scan Server to connect to. + + + # cache_expire_time: 1800 # Optional, Integer. Time in seconds to expire the phpIPAM cache. + # epoch_time_offset: 0 # optional, int. Value in seconds to offset the time + + +# phpIPAM Scan Agent Settings + client_token: # Mandatory, String client api token to connect to phpIPAM API [client_token] + client_name: # Mandatory, String. The scanner name as set in phpIPAM interface [client_name] + scanagent_code: # Mandatory, String. Scan Agent Code as set in phpIPAM interface [scanagent_code] diff --git a/playbooks/agent.yaml b/playbooks/agent.yaml index 7c33f2c..a3f4293 100644 --- a/playbooks/agent.yaml +++ b/playbooks/agent.yaml @@ -5,64 +5,48 @@ tasks: + - name: Check for Existance of config file + ansible.builtin.stat: + path: /etc/phpipam/scan_agent.yaml + register: config_file_check - - name: Fetch Required Environmental Variables - ansible.builtin.set_fact: - client_token: "{{ lookup('ansible.builtin.env', 'SCANNER_TOKEN') | default('') }}" - client_name: "{{ lookup('ansible.builtin.env', 'SCANNER_NAME') }}" - scanagent_code: "{{ lookup('ansible.builtin.env', 'SCANNER_CODE') | default('') }}" - api_url: "{{ lookup('ansible.builtin.env', 'API_URL') | default('') }}" - no_log: true + + - name: Load Config File + ansible.builtin.include_vars: + file: /etc/phpipam/scan_agent.yaml when: > - client_token is not defined - and - client_name is not defined - and - scanagent_code is not defined - and - api_url is not defined - - - - name: Fetch Required Environmental Variable - HTTP_URL - ansible.builtin.set_fact: - nfc_c_http_server: "{{ lookup('ansible.builtin.env', 'HTTP_URL') | default('') }}" - when: > - lookup('ansible.builtin.env', 'HTTP_URL') | default('') != '' - - - - name: Fetch Required Environmental Variable - HTTP_PORT - ansible.builtin.set_fact: - nfc_c_http_port: "{{ lookup('ansible.builtin.env', 'HTTP_PORT') | default('') }}" - when: > - lookup('ansible.builtin.env', 'HTTP_PORT') | default('') != '' + config_file_check.stat.exists - name: Confirm 'api_url' is Set ansible.builtin.assert: that: - - api_url is defined - - api_url != '' + - nofusscomputing_phpipam_scan_agent.api_url is defined + - nofusscomputing_phpipam_scan_agent.api_url != '' msg: "missing Required Variables" - name: Confirm 'client_token' is Set ansible.builtin.assert: that: - - client_token is defined + - nofusscomputing_phpipam_scan_agent.client_token is defined + - nofusscomputing_phpipam_scan_agent.client_token != '' msg: "missing Required Variables" - name: Confirm 'client_name' is Set ansible.builtin.assert: that: - - client_name is defined + - nofusscomputing_phpipam_scan_agent.client_name is defined + - nofusscomputing_phpipam_scan_agent.client_name != '' msg: "missing Required Variables" - name: Confirm 'scanagent_code' is Set ansible.builtin.assert: that: - - scanagent_code is defined + - nofusscomputing_phpipam_scan_agent.scanagent_code is defined + - nofusscomputing_phpipam_scan_agent.scanagent_code != '' msg: "missing Required Variables" @@ -89,12 +73,12 @@ loop_var: subnet - vars: # ToDo: remove the below t4est vars + vars: + nfc_c_cache_expire_time: 1800 nfc_c_http_port: 5000 nfc_c_http_server: http://127.0.0.1 + nfc_c_path_cache: "{{ playbook_dir }}/../cache" api_address: addresses api_subnets: subnets api_scanagents: tools/scanagents - nfc_c_path_cache: "{{ playbook_dir }}/../cache" - nfc_c_cache_expire_time: 1800 diff --git a/playbooks/tasks/agent_id.yaml b/playbooks/tasks/agent_id.yaml index 2bd20d3..1732a69 100644 --- a/playbooks/tasks/agent_id.yaml +++ b/playbooks/tasks/agent_id.yaml @@ -4,10 +4,10 @@ ansible.builtin.include_tasks: file: tasks/api_call.yaml vars: - api_client_name: "{{ client_name }}" - api_token: "{{ client_token }}" + api_client_name: "{{ nofusscomputing_phpipam_scan_agent.client_name }}" + api_token: "{{ nofusscomputing_phpipam_scan_agent.client_token }}" api_path: "{{ api_scanagents }}" - api_query_string: "filter_by=code&filter_value={{ scanagent_code }}" + api_query_string: "filter_by=code&filter_value={{ nofusscomputing_phpipam_scan_agent.scanagent_code }}" - name: My ScanAgent ID diff --git a/playbooks/tasks/api_call.yaml b/playbooks/tasks/api_call.yaml index 3a537b8..0e1b216 100644 --- a/playbooks/tasks/api_call.yaml +++ b/playbooks/tasks/api_call.yaml @@ -3,15 +3,6 @@ block: - - name: Mandatory Variables set - ansible.builtin.assert: - that: - - api_client_name is defined - - api_path is defined - - api_token is defined - - api_url is defined - - - name: API Facts ansible.builtin.set_fact: epoch: "{{ ((('%Y-%m-%d %H:%M:%S' | strftime) | string | to_datetime) - ('1970-01-01 00:00:00' | to_datetime)).total_seconds() | int }}" @@ -31,7 +22,8 @@ - name: Expire ansible.builtin.set_fact: - expired: "{{ ((epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) >= ((cached_file.stat.mtime | int) + nfc_c_cache_expire_time | int) | int ) | bool }}" + expired: "{{ ((epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) >= ((cached_file.stat.mtime | int) + + (nofusscomputing_phpipam_scan_agent.cache_expire_time | default(nfc_c_cache_expire_time)) | int) | int ) | bool }}" when: cached_file.stat.exists @@ -40,8 +32,9 @@ msg: - "exists: {{ cached_file.stat.exists | default('') }}" - "mtime: {{ cached_file.stat.mtime | default(0) | int }}" - - "expire: {{ (cached_file.stat.mtime | int) + nfc_c_cache_expire_time | int }}" - - "epoch: {{ (epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) | int }} [{{ nfc_c_cache_expire_time }}]" + - "expire: {{ (cached_file.stat.mtime | int) + (nofusscomputing_phpipam_scan_agent.cache_expire_time | default(nfc_c_cache_expire_time)) | int }}" + - "epoch: {{ (epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) | int }} [{{ + (nofusscomputing_phpipam_scan_agent.cache_expire_time | default(nfc_c_cache_expire_time)) }}]" - "epoch: {{ epoch }}" - "expired: {{ expired }}" when: cached_file.stat.exists @@ -62,7 +55,7 @@ {%- endif %} ansible.builtin.uri: url: >- - {{ api_url }}/api/{{ api_client_name }}/{{ api_path }} + {{ nofusscomputing_phpipam_scan_agent.api_url }}/api/{{ api_client_name }}/{{ api_path }} {%- if api_query_string is defined -%} /?{{ api_query_string }} {%- endif %} diff --git a/playbooks/tasks/scan_subnet.yaml b/playbooks/tasks/scan_subnet.yaml index 25ebcd8..4602786 100644 --- a/playbooks/tasks/scan_subnet.yaml +++ b/playbooks/tasks/scan_subnet.yaml @@ -5,12 +5,14 @@ cmd: nmap -sn "{{ subnet.address }}" -oX - become: true register: nmap_scan + + - name: Get subnets Address' ansible.builtin.include_tasks: file: tasks/api_call.yaml vars: - api_client_name: "{{ client_name }}" - api_token: "{{ client_token }}" + api_client_name: "{{ nofusscomputing_phpipam_scan_agent.client_name }}" + api_token: "{{ nofusscomputing_phpipam_scan_agent.client_token }}" api_path: "{{ api_address }}" api_query_string: "filter_by=subnetId&filter_value={{ subnet.id }}" @@ -65,11 +67,13 @@ - name: Upload Scan Results - {{ subnet.address }} ansible.builtin.uri: - url: "{{ nfc_c_http_server }}:{{ nfc_c_http_port }}/" + url: "{{ + nofusscomputing_phpipam_scan_agent.http_server | default(nfc_c_http_server) + }}:{{ nofusscomputing_phpipam_scan_agent.http_port | default(nfc_c_http_port) }}/" method: POST body_format: json body: { - "code": "{{ scanagent_code }}", + "code": "{{ nofusscomputing_phpipam_scan_agent.scanagent_code }}", "scan": { "subnet": "{{ subnet.address }}", "results": "{{ subnet_scan_results }}" diff --git a/playbooks/tasks/subnets.yaml b/playbooks/tasks/subnets.yaml index 923632e..785b31c 100644 --- a/playbooks/tasks/subnets.yaml +++ b/playbooks/tasks/subnets.yaml @@ -9,8 +9,8 @@ ansible.builtin.include_tasks: file: tasks/api_call.yaml vars: - api_client_name: "{{ client_name }}" - api_token: "{{ client_token }}" + api_client_name: "{{ nofusscomputing_phpipam_scan_agent.client_name }}" + api_token: "{{ nofusscomputing_phpipam_scan_agent.client_token }}" api_path: "{{ api_subnets }}" api_query_string: "filter_by=scanAgent&filter_value={{ nfc_c_scan_agent_id }}" From 87b90bffa020dd3690b95987e559062ffa3c8fbc Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 23 Feb 2024 15:14:56 +0930 Subject: [PATCH 22/27] feat(server): move config of variables to vars file !8 #11 --- .../collection/phpipam_scan_agent/docker.md | 6 +-- .../collection/phpipam_scan_agent/server.md | 22 ++++++----- extensions/eda/rulebooks/agent_receive.yml | 2 +- includes/etc/phpipam/scan_server.yaml | 13 +++++++ includes/etc/supervisor/conf.d/rulebook.conf | 2 +- playbooks/server.yaml | 37 ++++++++++--------- playbooks/tasks/server/ipaddress.yaml | 8 ++-- playbooks/tasks/server/subnet_scan.yaml | 8 ++-- 8 files changed, 57 insertions(+), 41 deletions(-) create mode 100644 includes/etc/phpipam/scan_server.yaml diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/docker.md b/docs/projects/ansible/collection/phpipam_scan_agent/docker.md index fab0c36..95012e8 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/docker.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/docker.md @@ -19,10 +19,6 @@ Launching the docker container can be done with docker run \ -d \ - -e "API_URL=" \ - -e "MYSQL_HOST=" \ - -e "MYSQL_USER=" \ - -e "MYSQL_PASSWORD=" \ -p "5000:5000" \ --name scan-agent \ nofusscomputing/phpipam-scan-agent:latest; @@ -45,6 +41,8 @@ You will need to configure the scan components: - scanner config file at path `/etc/phpipam/scan_agent.yaml`, see [scanner docs](scanner.md#variables) for details. +- server config at path `/etc/phpipam/scan_server.yaml`, see [server docs](server.md#variables) for details. + If you wish to customize the cronjob for the scan component within the container, mount a new cron file to path `/etc/cron.d/scanner`. The default cron file is as follows: ``` yaml title="/etc/cron.d/scanner" linenums="1" diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/server.md b/docs/projects/ansible/collection/phpipam_scan_agent/server.md index a5713ae..53de719 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/server.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/server.md @@ -22,24 +22,26 @@ ansible-rulebook -r nofusscomputing.phpipam_scan_agent.agent_receive ### Variables -The variables described below, if optional the value specified here is the default value. All variables that are used by the server component are environmental variables that must be set before execution. Ansbible variable name is enclused in `[]` +The variables described below, if optional the value specified here is the default value. The variables are to be set in a variables file at path `/etc/phpipam/scan_server.yaml` -``` bash +``` yaml -# phpIPAM MariaDB/MySQL Variables -MYSQL_HOST= # Mandatory, String. IP/DNS of host to connect. [nfc_c_mysql_host] -MYSQL_PORT=3306 # Optional, Integer. port to use for connection. [nfc_c_mysql_port] -MYSQL_USER= # Mandatory, String. User to authenticate with. [nfc_c_mysql_user] -MYSQL_PASSWORD= # Mandatory, String. Password for the user to connect with. [nfc_c_mysql_password] +nofusscomputing_phpipam_scan_server: + + # phpIPAM MariaDB/MySQL Variables + mysql_host: # Mandatory, String. IP/DNS of host to connect. [nfc_c_] + mysql_port: 3306 # Optional, Integer. port to use for connection. [nfc_c_] + mysql_user: # Mandatory, String. User to authenticate with. [nfc_c_] + mysql_password: # Mandatory, String. Password for the user to connect with. [nfc_c_] -# Server Component Variables -HTTP_PORT=5000 # Optional, Integer. The port for the Server component to listen for connections. + # Server Component Variables + http_port: 5000 # Optional, Integer. The port for the Server component to listen for connections. ``` -# Workflow +## Workflow The Server componet has the following workflow: diff --git a/extensions/eda/rulebooks/agent_receive.yml b/extensions/eda/rulebooks/agent_receive.yml index 5a64137..a84d2de 100644 --- a/extensions/eda/rulebooks/agent_receive.yml +++ b/extensions/eda/rulebooks/agent_receive.yml @@ -6,7 +6,7 @@ - name: Webhook ansible.eda.webhook: host: 0.0.0.0 - port: "{{ HTTP_PORT }}" + port: "{{ nofusscomputing_phpipam_scan_server.http_port | default(5000) | int }}" rules: diff --git a/includes/etc/phpipam/scan_server.yaml b/includes/etc/phpipam/scan_server.yaml new file mode 100644 index 0000000..e8176b6 --- /dev/null +++ b/includes/etc/phpipam/scan_server.yaml @@ -0,0 +1,13 @@ +--- + +nofusscomputing_phpipam_scan_server: + +# phpIPAM MariaDB/MySQL Variables +# mysql_host: # Mandatory, String. IP/DNS of host to connect. [nfc_c_] +# mysql_port: 3306 # Optional, Integer. port to use for connection. [nfc_c_] +# mysql_user: # Mandatory, String. User to authenticate with. [nfc_c_] +# mysql_password: # Mandatory, String. Password for the user to connect with. [nfc_c_] + + +# Server Component Variables +# http_port: 5000 # Optional, Integer. The port for the Server component to listen for connections. diff --git a/includes/etc/supervisor/conf.d/rulebook.conf b/includes/etc/supervisor/conf.d/rulebook.conf index c63aed3..862a8bb 100644 --- a/includes/etc/supervisor/conf.d/rulebook.conf +++ b/includes/etc/supervisor/conf.d/rulebook.conf @@ -1,7 +1,7 @@ [program:rulebook] startsecs=0 stopwaitsecs=55 -command=ansible-rulebook -r nofusscomputing.phpipam_scan_agent.agent_receive --env-vars "HTTP_PORT" -i /root/hosts.yaml -v +command=ansible-rulebook -r nofusscomputing.phpipam_scan_agent.agent_receive --vars /etc/phpipam/scan_server.yaml -i /root/hosts.yaml -v autorestart=true autostart=true stdout_logfile=/dev/fd/1 diff --git a/playbooks/server.yaml b/playbooks/server.yaml index dc41f9b..d740d90 100644 --- a/playbooks/server.yaml +++ b/playbooks/server.yaml @@ -7,26 +7,29 @@ tasks: - - name: Fetch Required Environmental Variables - ansible.builtin.set_fact: - nfc_c_mysql_host: "{{ lookup('ansible.builtin.env', 'MYSQL_HOST') | default('') }}" - nfc_c_mysql_port: "{{ lookup('ansible.builtin.env', 'MYSQL_PORT') | default(3306) | int }}" - nfc_c_mysql_user: "{{ lookup('ansible.builtin.env', 'MYSQL_USER') | default('') }}" - nfc_c_mysql_password: "{{ lookup('ansible.builtin.env', 'MYSQL_PASSWORD') | default('') }}" - no_log: true - - - name: TRACE Inbound data Received ansible.builtin.debug: msg: "{{ inbound_data }}" + - name: Check for Existance of config file + ansible.builtin.stat: + path: /etc/phpipam/scan_server.yaml + register: config_file_check + + + - name: Load Config File + ansible.builtin.include_vars: + file: /etc/phpipam/scan_server.yaml + when: > + config_file_check.stat.exists + - name: Fetch Agent Details community.mysql.mysql_query: - login_host: "{{ nfc_c_mysql_host }}" - login_port: "{{ nfc_c_mysql_port | default(3306) | int }}" - login_user: "{{ nfc_c_mysql_user }}" - login_password: "{{ nfc_c_mysql_password }}" + login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}" + login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}" + login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}" + login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}" login_db: 'phpipam' query: > @@ -37,10 +40,10 @@ - name: Confirm Subnet Assignment community.mysql.mysql_query: - login_host: "{{ nfc_c_mysql_host }}" - login_port: "{{ nfc_c_mysql_port | default(3306) | int }}" - login_user: "{{ nfc_c_mysql_user }}" - login_password: "{{ nfc_c_mysql_password }}" + login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}" + login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}" + login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}" + login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}" login_db: 'phpipam' query: > diff --git a/playbooks/tasks/server/ipaddress.yaml b/playbooks/tasks/server/ipaddress.yaml index 633ae0c..fb80058 100644 --- a/playbooks/tasks/server/ipaddress.yaml +++ b/playbooks/tasks/server/ipaddress.yaml @@ -3,10 +3,10 @@ - name: "Update IP Address' found - {{ scan_address.ipaddress.ip }}" community.mysql.mysql_query: - login_host: "{{ nfc_c_mysql_host }}" - login_port: "{{ nfc_c_mysql_port | default(3306) | int }}" - login_user: "{{ nfc_c_mysql_user }}" - login_password: "{{ nfc_c_mysql_password }}" + login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}" + login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}" + login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}" + login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}" login_db: 'phpipam' query: |- diff --git a/playbooks/tasks/server/subnet_scan.yaml b/playbooks/tasks/server/subnet_scan.yaml index d9eb038..a8de9f5 100644 --- a/playbooks/tasks/server/subnet_scan.yaml +++ b/playbooks/tasks/server/subnet_scan.yaml @@ -3,10 +3,10 @@ - name: Match Scan Addresses to DB Details community.mysql.mysql_query: - login_host: "{{ nfc_c_mysql_host }}" - login_port: "{{ nfc_c_mysql_port | default(3306) | int }}" - login_user: "{{ nfc_c_mysql_user }}" - login_password: "{{ nfc_c_mysql_password }}" + login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}" + login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}" + login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}" + login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}" login_db: 'phpipam' query: |- From a72b9fc8eb5d5b038e87412336db3f59b83d7ca9 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 23 Feb 2024 16:05:58 +0930 Subject: [PATCH 23/27] feat(server): update subnet discovery date/time !9 closes #12 --- .../collection/phpipam_scan_agent/server.md | 5 +++++ playbooks/tasks/server/subnet_scan.yaml | 18 ++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/server.md b/docs/projects/ansible/collection/phpipam_scan_agent/server.md index 53de719..175acb9 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/server.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/server.md @@ -56,3 +56,8 @@ The Server componet has the following workflow: - _if no results found, no further processing occurs_ 1. Update the phpIPAM MariaDB/MySQL database directly + + +## phpIPAM Features + +- **Last discovery time** This is displayed within the subnet interface next to the `Discover new hosts` fieled. Whenever a scan report is received by the server this filed is updated to reflect the last scan time. diff --git a/playbooks/tasks/server/subnet_scan.yaml b/playbooks/tasks/server/subnet_scan.yaml index a8de9f5..c7d4f33 100644 --- a/playbooks/tasks/server/subnet_scan.yaml +++ b/playbooks/tasks/server/subnet_scan.yaml @@ -26,6 +26,24 @@ loop_var: ipaddress +- name: Update Subnet Discovery Time + community.mysql.mysql_query: + login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}" + login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}" + login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}" + login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}" + + login_db: 'phpipam' + query: |- + UPDATE + subnets + SET + lastDiscovery = '{{ inbound_data.scan.results[0].lastSeen }}' + WHERE + subnet = '{{ (inbound_data.scan.subnet | split('/'))[0] | ip2ipam }}' + single_transaction: true + + - name: Update IP Addresses ansible.builtin.include_tasks: file: tasks/server/ipaddress.yaml From 5ca5b98b383ecf4e629f9ff197e237f47bd654da Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 23 Feb 2024 16:57:16 +0930 Subject: [PATCH 24/27] refactor(server): don't process scan results in parallel !9 --- extensions/eda/rulebooks/agent_receive.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/extensions/eda/rulebooks/agent_receive.yml b/extensions/eda/rulebooks/agent_receive.yml index a84d2de..35aac33 100644 --- a/extensions/eda/rulebooks/agent_receive.yml +++ b/extensions/eda/rulebooks/agent_receive.yml @@ -1,6 +1,5 @@ - name: Agent Webhook hosts: all - execution_strategy: parallel sources: - name: Webhook From c41be4541e4b650c38a6af203583436adcd60c78 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 23 Feb 2024 17:00:17 +0930 Subject: [PATCH 25/27] docs: clean up !9 --- .../collection/phpipam_scan_agent/docker.md | 2 ++ .../ansible/collection/phpipam_scan_agent/index.md | 14 +++++++------- .../collection/phpipam_scan_agent/server.md | 5 ----- 3 files changed, 9 insertions(+), 12 deletions(-) diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/docker.md b/docs/projects/ansible/collection/phpipam_scan_agent/docker.md index 95012e8..c990645 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/docker.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/docker.md @@ -20,6 +20,8 @@ Launching the docker container can be done with docker run \ -d \ -p "5000:5000" \ + -v "./scan_agent.yaml:/etc/phpipam/scan_agent.yaml" \ + -v "./scan_server.yaml:/etc/phpipam/scan_server.yaml" \ --name scan-agent \ nofusscomputing/phpipam-scan-agent:latest; diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/index.md b/docs/projects/ansible/collection/phpipam_scan_agent/index.md index 76b9973..16a2b74 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/index.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/index.md @@ -68,6 +68,11 @@ When this setting is enabled, the scanner will scan the entire subnet that has b the work in [Hosts check](https://gitlab.com/nofusscomputing/projects/ansible/collections/phpipam_scan_agent/-/issues/3), will adjust this behaviour to only add hosts that dont exist. + - Location `Subnet -> Discover new hosts [Last discovery time]` + +This is displayed within the subnet interface next to the `Discover new hosts` field. Whenever a scan report is received by the server this filed is updated to reflect the last scan time. + + ## Development Notes Contributions to this project are welcome. Below you will find some useful commands for use during development. @@ -80,13 +85,8 @@ docker build . --tag scan-agent:dev --build-arg COLLECTION_BRANCH=" \ - -e "MYSQL_HOST=" \ - -e "MYSQL_USER=" \ - -e "MYSQL_PASSWORD=" \ - -e "SCANNER_TOKEN=" \ - -e "SCANNER_NAME=" \ - -e "SCANNER_CODE=" \ + -v "./scan_agent.yaml:/etc/phpipam/scan_agent.yaml" \ + -v "./scan_server.yaml:/etc/phpipam/scan_server.yaml" \ -e "ANSIBLE_LOG_PATH=/var/log/ansible.log" \ -p "5000:5000" \ --name scan-agent \ diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/server.md b/docs/projects/ansible/collection/phpipam_scan_agent/server.md index 175acb9..53de719 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/server.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/server.md @@ -56,8 +56,3 @@ The Server componet has the following workflow: - _if no results found, no further processing occurs_ 1. Update the phpIPAM MariaDB/MySQL database directly - - -## phpIPAM Features - -- **Last discovery time** This is displayed within the subnet interface next to the `Discover new hosts` fieled. Whenever a scan report is received by the server this filed is updated to reflect the last scan time. From d9885ef78b19d8596a8b6cfe9a20921d5b20f968 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 23 Feb 2024 17:33:06 +0930 Subject: [PATCH 26/27] docs: badge rearrangement !9 --- README.md | 20 +++++-------------- .../collection/phpipam_scan_agent/index.md | 10 ++++++---- 2 files changed, 11 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index f77c965..c7f27b6 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,13 @@ - + # No Fuss Computing - Ansible Collection PHPIPAM Scan Agent ![Project Status - Active](https://img.shields.io/badge/Project%20Status-Active-green?logo=gitlab&style=plastic) +[![Downloads](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.download_count&style=plastic&logo=ansible&logoColor=white&label=Galaxy%20Downloads&labelColor=black&color=cyan)](https://galaxy.ansible.com/ui/repo/published/nofusscomputing/phpipam_scan_agent/) +[![Docker Pulls](https://img.shields.io/docker/pulls/nofusscomputing/phpipam-scan-agent?style=plastic&logo=docker&logoColor=0db7ed&color=0db7ed)](https://hub.docker.com/r/nofusscomputing/phpipam-scan-agent) + + ----
@@ -28,20 +32,6 @@ This project is hosted on [gitlab](https://gitlab.com/nofusscomputing/projects/a ![Gitlab build status - development](https://img.shields.io/badge/dynamic/json?color=ff782e&label=Build&query=0.status&url=https%3A%2F%2Fgitlab.com%2Fapi%2Fv4%2Fprojects%2F55052132%2Fpipelines%3Fref%3Ddevelopment&logo=gitlab&style=plastic) ![branch release version](https://img.shields.io/badge/dynamic/yaml?color=ff782e&logo=gitlab&style=plastic&label=Release&query=%24.commitizen.version&url=https%3A//gitlab.com/nofusscomputing/projects/ansible/collections/phpipam_scan_agent%2F-%2Fraw%2Fdevelopment%2F.cz.yaml) ----- - -**Ansible Galaxy** - -[![Latest Version](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.highest_version.version&style=plastic&logo=ansible&logoColor=white&label=Latest%20Release&labelColor=black&color=cyan)](https://galaxy.ansible.com/ui/repo/published/nofusscomputing/phpipam_scan_agent/) -![Downloads](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.download_count&style=plastic&logo=ansible&logoColor=white&label=Downloads&labelColor=black&color=cyan) - ----- - -**Docker Hub** - -[![Docker Image Version](https://img.shields.io/docker/v/nofusscomputing/phpipam-scan-agent?sort=semver&style=plastic&logo=docker&logoColor=0db7ed&color=0db7ed&label=Latest%20Release)](https://hub.docker.com/r/nofusscomputing/phpipam-scan-agent) -[![Docker Pulls](https://img.shields.io/docker/pulls/nofusscomputing/phpipam-scan-agent?style=plastic&logo=docker&logoColor=0db7ed&color=0db7ed)](https://hub.docker.com/r/nofusscomputing/phpipam-scan-agent) - ---- diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/index.md b/docs/projects/ansible/collection/phpipam_scan_agent/index.md index 16a2b74..8a84a18 100644 --- a/docs/projects/ansible/collection/phpipam_scan_agent/index.md +++ b/docs/projects/ansible/collection/phpipam_scan_agent/index.md @@ -6,14 +6,16 @@ template: project.html about: https://gitlab.com/nofusscomputing/projects/ansible/collections/phpipam_scan_agent --- - + ![Project Status - Active](https://img.shields.io/badge/Project%20Status-Active-green?logo=gitlab&style=plastic) -[![Latest Version](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.highest_version.version&style=plastic&logo=ansible&logoColor=white&label=Latest%20Release&labelColor=black&color=cyan)](https://galaxy.ansible.com/ui/repo/published/nofusscomputing/phpipam_scan_agent/) -![Downloads](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.download_count&style=plastic&logo=ansible&logoColor=white&label=Downloads&labelColor=black&color=cyan) -[![Docker Image Version](https://img.shields.io/docker/v/nofusscomputing/phpipam-scan-agent?sort=semver&style=plastic&logo=docker&logoColor=0db7ed&color=0db7ed&label=Latest%20Release)](https://hub.docker.com/r/nofusscomputing/phpipam-scan-agent) +![branch release version](https://img.shields.io/badge/dynamic/yaml?color=ff782e&logo=gitlab&style=plastic&label=Stable%20Release&query=%24.commitizen.version&url=https%3A//gitlab.com/nofusscomputing/projects/ansible/collections/phpipam_scan_agent%2F-%2Fraw%2Fmaster%2F.cz.yaml) +![branch release version](https://img.shields.io/badge/dynamic/yaml?color=ff782e&logo=gitlab&style=plastic&label=Dev%20Release&query=%24.commitizen.version&url=https%3A//gitlab.com/nofusscomputing/projects/ansible/collections/phpipam_scan_agent%2F-%2Fraw%2Fdevelopment%2F.cz.yaml) + + +[![Downloads](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv3%2Fplugin%2Fansible%2Fcontent%2Fpublished%2Fcollections%2Findex%2Fnofusscomputing%2Fphpipam_scan_agent%2F&query=%24.download_count&style=plastic&logo=ansible&logoColor=white&label=Galaxy%20Downloads&labelColor=black&color=cyan)](https://galaxy.ansible.com/ui/repo/published/nofusscomputing/phpipam_scan_agent/) [![Docker Pulls](https://img.shields.io/docker/pulls/nofusscomputing/phpipam-scan-agent?style=plastic&logo=docker&logoColor=0db7ed&color=0db7ed)](https://hub.docker.com/r/nofusscomputing/phpipam-scan-agent) From 8b65ba03411e170c7d40bc8c76bf75bcd517c011 Mon Sep 17 00:00:00 2001 From: nfc_bot Date: Fri, 23 Feb 2024 08:24:29 +0000 Subject: [PATCH 27/27] build: bump version 0.2.0-a1 -> 0.2.0-a2 !9 --- .cz.yaml | 2 +- CHANGELOG.md | 12 ++++++++++++ galaxy.yml | 2 +- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/.cz.yaml b/.cz.yaml index 9ed329c..5c928f2 100644 --- a/.cz.yaml +++ b/.cz.yaml @@ -4,5 +4,5 @@ commitizen: prerelease_offset: 1 tag_format: $version update_changelog_on_bump: false - version: 0.2.0-a1 + version: 0.2.0-a2 version_scheme: semver diff --git a/CHANGELOG.md b/CHANGELOG.md index 8482807..73d0b2f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +## 0.2.0-a2 (2024-02-23) + +### Feat + +- **server**: update subnet discovery date/time +- **server**: move config of variables to vars file +- **agent**: move config of variables to vars file + +### Refactor + +- **server**: don't process scan results in parallel + ## 0.2.0-a1 (2024-02-22) ### Feat diff --git a/galaxy.yml b/galaxy.yml index eb13eac..592b8e5 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -8,7 +8,7 @@ namespace: nofusscomputing name: phpipam_scan_agent # The version of the collection. Must be compatible with semantic versioning -version: 0.2.0-a1 +version: 0.2.0-a2 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md