feat(agent): move config of variables to vars file

!8 closes #11
2024-02-23 13:24:02 +09:30
parent 49682d6038
commit de7752cfcf
10 changed files with 90 additions and 95 deletions
--- a/playbooks/agent.yaml
+++ b/playbooks/agent.yaml
@ -5,64 +5,48 @@

  tasks:

+    - name: Check for Existance of config file
+      ansible.builtin.stat:
+        path: /etc/phpipam/scan_agent.yaml
+      register: config_file_check

-    - name: Fetch Required Environmental Variables
-      ansible.builtin.set_fact:
-        client_token: "{{ lookup('ansible.builtin.env', 'SCANNER_TOKEN') | default('') }}"
-        client_name: "{{ lookup('ansible.builtin.env', 'SCANNER_NAME') }}"
-        scanagent_code: "{{ lookup('ansible.builtin.env', 'SCANNER_CODE') | default('') }}"
-        api_url: "{{ lookup('ansible.builtin.env', 'API_URL') | default('') }}"
-      no_log: true
+
+    - name: Load Config File
+      ansible.builtin.include_vars:
+        file: /etc/phpipam/scan_agent.yaml
      when: >
-        client_token is not defined
-          and
-        client_name is not defined
-          and
-        scanagent_code is not defined
-          and
-        api_url is not defined
-
-
-    - name: Fetch Required Environmental Variable - HTTP_URL
-      ansible.builtin.set_fact:
-        nfc_c_http_server: "{{ lookup('ansible.builtin.env', 'HTTP_URL') | default('') }}"
-      when: >
-        lookup('ansible.builtin.env', 'HTTP_URL') | default('') != ''
-
-
-    - name: Fetch Required Environmental Variable - HTTP_PORT
-      ansible.builtin.set_fact:
-        nfc_c_http_port: "{{ lookup('ansible.builtin.env', 'HTTP_PORT') | default('') }}"
-      when: >
-        lookup('ansible.builtin.env', 'HTTP_PORT') | default('') != ''
+        config_file_check.stat.exists


    - name: Confirm 'api_url' is Set
      ansible.builtin.assert:
        that:
-          - api_url is defined
-          - api_url != ''
+          - nofusscomputing_phpipam_scan_agent.api_url is defined
+          - nofusscomputing_phpipam_scan_agent.api_url != ''
        msg: "missing Required Variables"


    - name: Confirm 'client_token' is Set
      ansible.builtin.assert:
        that:
-          - client_token is defined
+          - nofusscomputing_phpipam_scan_agent.client_token is defined
+          - nofusscomputing_phpipam_scan_agent.client_token != ''
        msg: "missing Required Variables"


    - name: Confirm 'client_name' is Set
      ansible.builtin.assert:
        that:
-          - client_name is defined
+          - nofusscomputing_phpipam_scan_agent.client_name is defined
+          - nofusscomputing_phpipam_scan_agent.client_name != ''
        msg: "missing Required Variables"


    - name: Confirm 'scanagent_code' is Set
      ansible.builtin.assert:
        that:
-          - scanagent_code is defined
+          - nofusscomputing_phpipam_scan_agent.scanagent_code is defined
+          - nofusscomputing_phpipam_scan_agent.scanagent_code != ''
        msg: "missing Required Variables"


@ -89,12 +73,12 @@
        loop_var: subnet


-  vars: # ToDo: remove the below t4est vars
+  vars:
+    nfc_c_cache_expire_time: 1800
    nfc_c_http_port: 5000
    nfc_c_http_server: http://127.0.0.1
+    nfc_c_path_cache: "{{ playbook_dir }}/../cache"

    api_address: addresses
    api_subnets: subnets
    api_scanagents: tools/scanagents
-    nfc_c_path_cache: "{{ playbook_dir }}/../cache"
-    nfc_c_cache_expire_time: 1800
--- a/playbooks/tasks/agent_id.yaml
+++ b/playbooks/tasks/agent_id.yaml
@ -4,10 +4,10 @@
  ansible.builtin.include_tasks:
    file: tasks/api_call.yaml
  vars:
-    api_client_name: "{{ client_name }}"
-    api_token: "{{ client_token }}"
+    api_client_name: "{{ nofusscomputing_phpipam_scan_agent.client_name }}"
+    api_token: "{{ nofusscomputing_phpipam_scan_agent.client_token }}"
    api_path: "{{ api_scanagents }}"
-    api_query_string: "filter_by=code&filter_value={{ scanagent_code }}"
+    api_query_string: "filter_by=code&filter_value={{ nofusscomputing_phpipam_scan_agent.scanagent_code }}"


 - name: My ScanAgent ID
--- a/playbooks/tasks/api_call.yaml
+++ b/playbooks/tasks/api_call.yaml
@ -3,15 +3,6 @@
  block:


-    - name: Mandatory Variables set
-      ansible.builtin.assert:
-        that:
-          - api_client_name is defined
-          - api_path is defined
-          - api_token is defined
-          - api_url is defined
-
-
    - name: API Facts
      ansible.builtin.set_fact:
        epoch: "{{ ((('%Y-%m-%d %H:%M:%S' | strftime) | string | to_datetime) - ('1970-01-01 00:00:00' | to_datetime)).total_seconds() | int }}"
@ -31,7 +22,8 @@

    - name: Expire
      ansible.builtin.set_fact:
-        expired: "{{ ((epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) >= ((cached_file.stat.mtime | int) + nfc_c_cache_expire_time | int) | int ) | bool }}"
+        expired: "{{ ((epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) >= ((cached_file.stat.mtime | int) +
+          (nofusscomputing_phpipam_scan_agent.cache_expire_time | default(nfc_c_cache_expire_time)) | int) | int ) | bool }}"
      when: cached_file.stat.exists


@ -40,8 +32,9 @@
        msg:
          - "exists: {{ cached_file.stat.exists | default('') }}"
          - "mtime:  {{ cached_file.stat.mtime | default(0) | int }}"
-          - "expire: {{ (cached_file.stat.mtime | int) + nfc_c_cache_expire_time | int }}" 
-          - "epoch:  {{ (epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) | int }} [{{ nfc_c_cache_expire_time }}]"
+          - "expire: {{ (cached_file.stat.mtime | int) + (nofusscomputing_phpipam_scan_agent.cache_expire_time | default(nfc_c_cache_expire_time)) | int }}"
+          - "epoch:  {{ (epoch | int + (nfc_c_epoch_time_offset | default(0)) | int) | int }} [{{
+            (nofusscomputing_phpipam_scan_agent.cache_expire_time | default(nfc_c_cache_expire_time)) }}]"
          - "epoch: {{ epoch }}"
          - "expired: {{ expired }}"
      when: cached_file.stat.exists
@ -62,7 +55,7 @@
          {%- endif %}
      ansible.builtin.uri:
        url: >-
-          {{ api_url }}/api/{{ api_client_name }}/{{ api_path }}
+          {{ nofusscomputing_phpipam_scan_agent.api_url }}/api/{{ api_client_name }}/{{ api_path }}
          {%- if api_query_string is defined -%}
            /?{{ api_query_string }}
          {%- endif %}
--- a/playbooks/tasks/scan_subnet.yaml
+++ b/playbooks/tasks/scan_subnet.yaml
@ -5,12 +5,14 @@
    cmd: nmap -sn "{{ subnet.address }}" -oX -
  become: true
  register: nmap_scan
+
+
 - name: Get subnets Address'
  ansible.builtin.include_tasks:
    file: tasks/api_call.yaml
  vars:
-    api_client_name: "{{ client_name }}"
-    api_token: "{{ client_token }}"
+    api_client_name: "{{ nofusscomputing_phpipam_scan_agent.client_name }}"
+    api_token: "{{ nofusscomputing_phpipam_scan_agent.client_token }}"
    api_path: "{{ api_address }}"
    api_query_string: "filter_by=subnetId&filter_value={{ subnet.id }}"

@ -65,11 +67,13 @@

 - name: Upload Scan Results - {{ subnet.address }}
  ansible.builtin.uri:
-    url: "{{ nfc_c_http_server }}:{{ nfc_c_http_port }}/"
+    url: "{{
+      nofusscomputing_phpipam_scan_agent.http_server | default(nfc_c_http_server)
+      }}:{{ nofusscomputing_phpipam_scan_agent.http_port | default(nfc_c_http_port) }}/"
    method: POST
    body_format: json
    body: {
-      "code": "{{ scanagent_code }}",
+      "code": "{{ nofusscomputing_phpipam_scan_agent.scanagent_code }}",
      "scan": {
        "subnet": "{{ subnet.address }}",
        "results": "{{ subnet_scan_results }}"
--- a/playbooks/tasks/subnets.yaml
+++ b/playbooks/tasks/subnets.yaml
@ -9,8 +9,8 @@
  ansible.builtin.include_tasks:
    file: tasks/api_call.yaml
  vars:
-    api_client_name: "{{ client_name }}"
-    api_token: "{{ client_token }}"
+    api_client_name: "{{ nofusscomputing_phpipam_scan_agent.client_name }}"
+    api_token: "{{ nofusscomputing_phpipam_scan_agent.client_token }}"
    api_path: "{{ api_subnets }}"
    api_query_string: "filter_by=scanAgent&filter_value={{ nfc_c_scan_agent_id }}"