From 5366264f4474fa6291286967938be68a7091c040 Mon Sep 17 00:00:00 2001 From: nd Date: Sat, 23 May 2020 14:44:31 +0200 Subject: [PATCH] add tls support to datasources --- defaults/main.yml | 4 ++-- tasks/main.yml | 24 +++++++++++++------- tasks/tls-path-to-data.yml | 45 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 63 insertions(+), 10 deletions(-) create mode 100644 tasks/tls-path-to-data.yml diff --git a/defaults/main.yml b/defaults/main.yml index 4df5b2d..44c6643 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -6,5 +6,5 @@ grafana: root_url: "https://localhost" plugins: "grafana-piechart-panel": {} - datasources: [] - dashboards: [] + datasources: {} + dashboards: {} diff --git a/tasks/main.yml b/tasks/main.yml index 1b33c10..e0b7b05 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -51,22 +51,30 @@ method: GET status_code: 200 +- name: convert tls paths to data (datasources) + include_tasks: tls-path-to-data.yml + vars: + grafanakey: datasources + loop: "{{ grafana.datasources|dict2items }}" + - name: create data sources - loop: "{{ grafana.datasources }}" + loop: "{{ grafana.datasources|dict2items }}" grafana_datasource: - name: "{{ item.name }}" + name: "{{ item.key }}" grafana_url: "http://127.0.0.1" grafana_user: "admin" grafana_password: "{{ grafana.adminpw }}" - ds_type: "{{ item.ds_type }}" - url: "{{ item.url }}" - is_default: "{{ item.is_default }}" - + ds_type: "{{ item.value.ds_type }}" + url: "{{ item.value.url }}" + is_default: "{{ item.value.is_default }}" + tls_ca_cert: "{{ item.value.tls_ca_cert|d(omit) }}" + tls_client_cert: "{{ item.value.tls_client_cert|d(omit) }}" + tls_client_key: "{{ item.value.tls_client_key|d(omit) }}" - name: import dashboards - loop: "{{ grafana.dashboards }}" + loop: "{{ grafana.dashboards||dict2items }}" grafana_dashboard: grafana_url: "http://127.0.0.1" grafana_user: "admin" grafana_password: "{{ grafana.adminpw }}" - path: "{{ item.path }}" + path: "{{ item.value.path }}" diff --git a/tasks/tls-path-to-data.yml b/tasks/tls-path-to-data.yml new file mode 100644 index 0000000..607945a --- /dev/null +++ b/tasks/tls-path-to-data.yml @@ -0,0 +1,45 @@ +- when: + - item.value.tls_ca_cert|d(False) + - item.value.tls_ca_cert is not search("-----.*-----") + block: + - name: slurp up ca_cert + slurp: + src: "{{ item.value.tls_ca_cert }}" + register: slurpfile + - name: replace string + set_fact: + grafana_inventory: "{{ grafana }}" + grafana_merge: '{ "{{ grafanakey }}": { "{{ item.key }}": { "tls_ca_cert": "{{ slurpfile.content|b64decode }}" } } }' + - name: merge into facts + set_fact: + grafana: "{{ {}|combine(grafana_inventory, (grafana_merge|replace('\n', '\\n')|from_json), recursive=True) }}" +- when: + - item.value.tls_client_cert|d(False) + - item.value.tls_client_cert is not search("-----.*-----") + block: + - name: slurp up client_cert + slurp: + src: "{{ item.value.tls_client_cert }}" + register: slurpfile + - name: replace string + set_fact: + grafana_inventory: "{{ grafana }}" + grafana_merge: '{ "{{ grafanakey }}": { "{{ item.key }}": { "tls_client_cert": "{{ slurpfile.content|b64decode }}" } } }' + - name: merge into facts + set_fact: + grafana: "{{ {}|combine(grafana_inventory, (grafana_merge|replace('\n', '\\n')|from_json), recursive=True) }}" +- when: + - item.value.tls_client_key|d(False) + - item.value.tls_client_key is not search("-----.*-----") + block: + - name: slurp up client_key + slurp: + src: "{{ item.value.tls_client_key }}" + register: slurpfile + - name: replace string + set_fact: + grafana_inventory: "{{ grafana }}" + grafana_merge: '{ "{{ grafanakey }}": { "{{ item.key }}": { "tls_client_key": "{{ slurpfile.content|b64decode }}" } } }' + - name: merge into facts + set_fact: + grafana: "{{ {}|combine(grafana_inventory, (grafana_merge|replace('\n', '\\n')|from_json), recursive=True) }}"