Improve idempotency of the registration tasks in the agent

CONTRIBUTING.md

@@ -94,7 +94,7 @@ The following are guidelines to keep in mind, when creating or changing roles an
         - `checkmk_server_foo` for a server role variable
         - `checkmk_agent_bar` for a agent role variable
         - `checkmk_var_bat` for general variables
-    - Internal variables, not intended to be changed by a user should be prefixed with a double underscore (`__`).
+    - Internal variables, not intended to be changed by a user should be prefixes with a double underscore (`__`).
 - Tags
     - When tagging roles or playbooks, separate single words with dashes (`my-custom-tag`)
 

roles/agent/tasks/Linux.yml

@@ -87,6 +87,18 @@
     path: /usr/bin/cmk-agent-ctl
   register: __checkmk_agent_controller_binary
 
+- name: "{{ ansible_system }}: Read Agent Controller State."  # noqa no-changed-when
+  become: true
+  ansible.builtin.command: cat /var/lib/cmk-agent/registered_connections.json
+  register: __checkmk_agent_registered_connections
+
+- name: "{{ ansible_system }}: Read Updater State."  # noqa no-changed-when
+  become: true
+  ansible.builtin.command: cat /var/lib/check_mk_agent/cache/plugins_cmk-update-agent.cache
+  register: __checkmk_agent_updater_state
+  changed_when: checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_updater_state.stdout
+  failed_when: __checkmk_agent_updater_state.rc == "255"
+
 - name: "{{ ansible_system }}: Register Agent for automatic Updates using User Password."  # noqa no-changed-when
   become: true
   ansible.builtin.shell: |
@@ -101,6 +113,7 @@
     and checkmk_agent_update | bool
     and (checkmk_agent_pass is defined and checkmk_agent_pass | length)
     and (checkmk_agent_secret is not defined)
+    and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_updater_state.stdout
 
 - name: "{{ ansible_system }}: Register Agent for automatic Updates using Automation Secret."  # noqa no-changed-when
   become: true
@@ -115,6 +128,7 @@
     and __checkmk_agent_updater_binary.stat.exists | bool
     and checkmk_agent_update | bool
     and (checkmk_agent_secret is defined and checkmk_agent_secret | length)
+    and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_updater_state.stdout
 
 - name: "{{ ansible_system }}: Register Agent for TLS."  # noqa no-changed-when
   become: true
@@ -128,6 +142,7 @@
     __checkmk_agent_controller_binary.stat.exists | bool
     and checkmk_agent_tls | bool
     and (__checkmk_agent_auth is defined and __checkmk_agent_auth | length)
+    and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_registered_connections.stdout
 
 - name: "{{ ansible_system }}: Verify Checkmk Agent Port is open."
   ansible.builtin.wait_for:

roles/agent/tasks/Win32NT.yml

@@ -40,6 +40,18 @@
     path: "{{ __checkmk_agent_binary_path }}"
   register: __checkmk_agent_binary
 
+- name: "{{ ansible_system }}: Read Agent Controller State."  # noqa no-changed-when
+  ansible.windows.win_command: powershell.exe -
+  args:
+    stdin: Get-Content -ErrorAction Ignore -LiteralPath C:\ProgramData\checkmk\agent\registered_connections.json ; Exit 0
+  register: __checkmk_agent_registered_connections
+
+- name: "{{ ansible_system }}: Read Updater State."  # noqa no-changed-when
+  ansible.windows.win_command: powershell.exe -
+  args:
+    stdin: Get-Content -ErrorAction Ignore -LiteralPath C:\ProgramData\checkmk\agent\config\cmk-update-agent.state ; Exit 0
+  register: __checkmk_agent_updater_state
+
 - name: "{{ ansible_system }}: Register Agent for automatic Updates using User Password."  # noqa no-changed-when
   ansible.windows.win_command: |
     check_mk_agent.exe updater register -H {{ checkmk_agent_host_name }} \
@@ -55,6 +67,7 @@
     and checkmk_agent_update | bool
     and (checkmk_agent_pass is defined and checkmk_agent_pass | length)
     and (checkmk_agent_secret is not defined)
+    and not '\'server\': \'' + checkmk_agent_registration_server + '\', \'site\': \'' + checkmk_agent_registration_site + '\'' in __checkmk_agent_updater_state.stdout
 
 - name: "{{ ansible_system }}: Register Agent for automatic Updates using Automation Secret."  # noqa no-changed-when
   ansible.windows.win_command: |
@@ -70,6 +83,7 @@
     and __checkmk_agent_binary.stat.exists | bool
     and checkmk_agent_update | bool
     and (checkmk_agent_secret is defined and checkmk_agent_secret | length)
+    and not '\'server\': \'' + checkmk_agent_registration_server + '\', \'site\': \'' + checkmk_agent_registration_site + '\'' in __checkmk_agent_updater_state.stdout
 
 - name: "Trigger Activate Changes to enable TLS registration."
   ansible.builtin.meta:
@@ -88,6 +102,7 @@
     __checkmk_agent_controller_binary.stat.exists | bool
     and checkmk_agent_tls | bool
     and (__checkmk_agent_auth is defined and __checkmk_agent_auth | length)
+    and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_registered_connections.stdout
 
 - name: "{{ ansible_system }}: Verify Checkmk Agent Port is open."
   ansible.windows.win_wait_for: