From 05c2c1845faab03e9033ec3568540ce3c223dcc6 Mon Sep 17 00:00:00 2001
From: Chris Croome <chris@webarchitects.co.uk>
Date: Fri, 4 Oct 2024 15:41:38 +0100
Subject: [PATCH] update for ANSIBLE_INJECT_FACT_VARS: "0"
---
.gitlab-ci.yml | 1 +
tasks/apt.yml | 24 ++++++++++++------------
tasks/firewall.yml | 6 +++---
templates/host.conf.j2 | 6 +++---
4 files changed, 19 insertions(+), 18 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 800e44d..46da4e6 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -12,6 +12,7 @@ variables:
ANSIBLE_CALLBACK_RESULT_FORMAT: "yaml"
ANSIBLE_DISPLAY_SKIPPED_HOSTS: "0"
ANSIBLE_FORCE_COLOR: "1"
+ ANSIBLE_INJECT_FACT_VARS: "0"
ANSIBLE_REMOTE_TMP: "/tmp"
ANSIBLE_SHELL_ALLOW_WORLD_READABLE_TEMP: "1"
DEBIAN_FRONTEND: noninteractive
diff --git a/tasks/apt.yml b/tasks/apt.yml
index 78a7acd..545f62b 100644
--- a/tasks/apt.yml
+++ b/tasks/apt.yml
@@ -83,7 +83,7 @@
signed_by: /usr/share/keyrings/icinga-archive-keyring.gpg
suites: "icinga-{{ ansible_facts.distribution_release }}"
types: deb
- uris: "https://packages.icinga.com/{{ ansible_distribution | lower }}"
+ uris: "https://packages.icinga.com/{{ ansible_facts.distribution | lower }}"
check_mode: true
changed_when: false
register: icinga_sources_check
@@ -123,7 +123,7 @@
signed_by: /usr/share/keyrings/icinga-archive-keyring.gpg
suites: "icinga-{{ ansible_facts.distribution_release }}"
types: deb
- uris: "https://packages.icinga.com/{{ ansible_distribution | lower }}"
+ uris: "https://packages.icinga.com/{{ ansible_facts.distribution | lower }}"
register: icinga_sources
when: icinga_archive_keyring_pub_key.stat.exists | bool
@@ -197,7 +197,7 @@
gpg --dearmor < /root/icinga.asc > /etc/apt/keyrings/icinga.gpg
chmod 644 /etc/apt/keyrings/icinga.gpg
args:
- executable: "{{ ansible_local.bash.path }}"
+ executable: "{{ ansible_facts.ansible_local.bash.path }}"
when: ( icinga_tmp_asc_file.changed | bool ) or ( not icinga_gpg_file.stat.exists | bool )
- name: Stat Icinga gpg dearmored file
@@ -207,18 +207,18 @@
- name: Debug disto
ansible.builtin.debug:
- var: ansible_distribution
+ var: ansible_facts.distribution
verbosity: 2
- name: Debug disto version
ansible.builtin.debug:
- var: ansible_distribution_version
+ var: ansible_facts.distribution_version
verbosity: 2
- name: Icinga gpg key check command
ansible.builtin.command: >
gpg --with-colons
- {% if ansible_local.gpg.version is version('2.2.12', '<') %}
+ {% if ansible_facts.ansible_local.gpg.version is version('2.2.12', '<') %}
--with-fingerprint --with-subkey-fingerprint
{% else %}
--show-keys
@@ -236,8 +236,8 @@
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
when:
- ansible_loop.first | bool
- - ansible_distribution == "Debian"
- - ansible_distribution_version is version('10', '<')
+ - ansible_facts.distribution == "Debian"
+ - ansible_facts.distribution_version is version('10', '<')
loop: "{{ icinga_gpg_fingerprints }}"
loop_control:
extended: true
@@ -250,8 +250,8 @@
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
when:
- ansible_loop.first | bool
- - ansible_distribution == "Ubuntu"
- - ansible_distribution_version is version('18.04', '<=')
+ - ansible_facts.distribution == "Ubuntu"
+ - ansible_facts.distribution_version is version('18.04', '<=')
loop: "{{ icinga_gpg_fingerprints }}"
loop_control:
extended: true
@@ -263,8 +263,8 @@
- icinga_fpr in icinga_gpg.stdout
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
when: >
- ( ( ansible_distribution == "Debian" ) and ( ansible_distribution_version is version('10', '>=') ) ) or
- ( ( ansible_distribution == "Ubuntu" ) and ( ansible_distribution_version is version('18.04', '>') ) )
+ ( ( ansible_facts.distribution == "Debian" ) and ( ansible_facts.distribution_version is version('10', '>=') ) ) or
+ ( ( ansible_facts.distribution == "Ubuntu" ) and ( ansible_facts.distribution_version is version('18.04', '>') ) )
loop: "{{ icinga_gpg_fingerprints }}"
loop_control:
loop_var: icinga_fpr
diff --git a/tasks/firewall.yml b/tasks/firewall.yml
index 06519bb..77166f1 100644
--- a/tasks/firewall.yml
+++ b/tasks/firewall.yml
@@ -74,8 +74,8 @@
ansible.builtin.include_tasks: iptables.yml
when:
- icinga_port_state != "open"
- - ( "iptables-persistent" in ansible_local.dpkg.installed )
- - ( "ufw" not in ansible_local.dpkg.installed )
+ - ( "iptables-persistent" in ansible_facts.ansible_local.dpkg.installed )
+ - ( "ufw" not in ansible_facts.ansible_local.dpkg.installed )
- name: Include the UFW role when port 5665 is not open on the agent mode
ansible.builtin.include_role:
@@ -86,7 +86,7 @@
from_ip: "{{ icinga_master_node_ipv4 }}"
when:
- icinga_port_state != "open"
- - ( "ufw" in ansible_local.dpkg.installed )
+ - ( "ufw" in ansible_facts.ansible_local.dpkg.installed )
tags:
- icinga
diff --git a/templates/host.conf.j2 b/templates/host.conf.j2
index eeb4579..5d3a580 100644
--- a/templates/host.conf.j2
+++ b/templates/host.conf.j2
@@ -10,10 +10,10 @@ object Host "{{ icinga_host }}" {
{% if icinga_remote_node is defined and not icinga_remote_node | bool %}
{% if hostvars[icinga_host]['ansible_system'] is defined %}
- vars.os = "{{ hostvars[icinga_host]['ansible_system'] }}"
+ vars.os = "{{ hostvars[icinga_host]['ansible_facts']['system'] }}"
{% endif %}
-{% if hostvars[icinga_host]['ansible_os_family'] is defined %}
- vars.os_family = "{{ hostvars[icinga_host]['ansible_os_family'] }}"
+{% if hostvars[icinga_host]['ansible_facts']['os_family'] is defined %}
+ vars.os_family = "{{ hostvars[icinga_host]['ansible_facts']['os_family'] }}"
{% endif %}
{% endif %}
--
GitLab