Initial check in for Icinga2 Provider/Resource #8306
Conversation
…S Certs will skip verification. Controllable via provider or env variable being set
|
Icinga is something I have on my list of things to explore, so this is interesting. Ideally, I think all of the Icinga interactions would be wrapped up into a separate Go Icinga client library, so in the Terraform provider, you'd just end up doing things like: checkResult, err := icinga.CreateCheck(...)As well, all of the JSON bodies could be wrapped into some Go structs and you could have Go do most of the JSON building for you. There are a few providers in Terraform that you can use as examples. The first one I found was Grafana. Note how the Grafana interactions are in a separate library and how that library structures the data. Just some thoughts! I think this would be awesome to have in Terraform and if I had more time, I'd love to jump in and help 😄 |
|
Hi @lrsmith Any thoughts on how this PR is progressing? Is this something that you are going to continue working on? Paul |
stack72
added
the
waiting-response
|
Paul I'm refactoring based on some feedback to make it more like the grafana and rundeck providers. So I've been working on https://github.com/lrsmith/go-icinga2-api and I will modify the icinga2 provider to use that. I am continuing to work on it just got pulled away for a bit. I should be back to it his week and have something for review soon. |
|
Very nice - look forward to trying it out. Please let me know when you need another review / testing Paul |
stack72
removed
the
waiting-response
…alidates basic host creation and deletion
|
Hi @lrsmith Just checking back in on this :) Paul |
|
I am finishing up the services code and once I commit that should be ready for review and comments. I'm shooting for next week to commit the code. |
lrsmith
changed the title
|
Ready for initial review |
There was a problem hiding this comment.
Hi @lrsmith
Thanks for the work here - as you can see, from the first 2 resources, there are similar comments in place. If you can fix those up across the entire set of resources that would be excellent
Also, the PR needs documentation - right now, users won't understand what is required and what is not
Thanks
Paul
| Type: schema.TypeBool, | ||
| Optional: true, | ||
| DefaultFunc: EnvBoolDefaultFunc("ICINGA2_INSECURE_SKIP_TLS_VERIFY", false), | ||
| Description: descriptions["insecure"], |
There was a problem hiding this comment.
I can't see "insecure" in the descriptions map?
| d.Get("insecure").(bool), | ||
| ) | ||
|
|
||
| return config, nil |
There was a problem hiding this comment.
Are there any conditions we can actually throw an error when creating a new Client?
There was a problem hiding this comment.
Still need to look at this one.
| func init() { | ||
| descriptions = map[string]string{ | ||
| "api_url": "The address of the Icinga2 server.\n", | ||
| "api_user": "The user to authenticate to the Iccinga2 Server as.\n", |
| t.Fatal("ICINGA2_API_PASSWORD must be set for acceptance tests") | ||
| } | ||
|
|
||
| v = os.Getenv("ICINGA2_INSECURE_SKIP_TLS_VERIFY") |
There was a problem hiding this comment.
Is this 100% required? It defaults to false right?
| Type: schema.TypeString, | ||
| Required: true, | ||
| ForceNew: true, | ||
| //Elem: &schema.Schema{Type: schema.TypeString}, |
There was a problem hiding this comment.
Cleanup old comments please
| return nil | ||
| } | ||
|
|
||
| func resourceIcinga2CheckcommandUpdate(d *schema.ResourceData, meta interface{}) error { |
There was a problem hiding this comment.
IF we don't need an Update, then we can omit this
|
|
||
| name := d.Get("name").(string) | ||
|
|
||
| return client.DeleteCheckcommand(name) |
There was a problem hiding this comment.
does this not return any errors if failure?
There was a problem hiding this comment.
DeleteCheckCommand will return an error or nil, so I was just passing that back up.
|
|
||
| for _, host := range hosts { | ||
| if host.Name == hostname { | ||
| d.SetId(hostname) |
There was a problem hiding this comment.
We should error out if we don't find our host
There was a problem hiding this comment.
See CheckCommand suggestion on this
| } | ||
| } | ||
|
|
||
| return nil |
| return nil | ||
| } | ||
|
|
||
| func resourceIcinga2HostUpdate(d *schema.ResourceData, meta interface{}) error { |
stack72
added
the
waiting-response
|
Went through and made changes on other resource per comments |
|
|
||
| for _, checkcommand := range checkcommands { | ||
| if checkcommand.Name == name { | ||
| d.SetId(name) |
There was a problem hiding this comment.
I think maybe a better way to handle this would be to do something like this
found := false
for _, checkcommand := range checkcommands {
if checkcommand.Name == name {
d.SetId(name)
found = true
}
}
if !found {
return fmt.Errorf("Failed to create Checkcommand %s : %s", name, err)
}
|
|
||
| for _, host := range hosts { | ||
| if host.Name == hostname { | ||
| d.SetId(hostname) |
There was a problem hiding this comment.
See CheckCommand suggestion on this
| return err | ||
| } | ||
|
|
||
| for _, hostgroup := range hostgroups { |
There was a problem hiding this comment.
See CheckCommand for how I think this should be addressed
| return err | ||
| } | ||
|
|
||
| for _, service := range services { |
There was a problem hiding this comment.
see CheckCommand for how I think this should be addressed
|
Hi @lrsmith I just ran the tests and got a panic. I set up the tests as follows: Then the command |
|
Paul, thanks I will take a look. I definitely need to put some more code around catching this and I'll add that shortly. The API_URL is missing a bit, it needs "/v1" on the end. My original intent was to require it on that line since it looks like in was there to allow for v2 of the api etc. Thinking about it now, I will look at making the a variable that can be over-written and will default to v1. I'll also work on the changes above. Update PR coming soon. I pulled down the docker container and it worked with it set to Looks like the 'default' hosts in the docker image are different then the vagrant too, so some of the acceptance tests will fail. I'll use the docker container and adjust and add the in too. Thanks |
|
Paul, Set a bad port on server, via ENV variable--- FAIL: TestAccCreateCheckcommand (0.00s) Forget to add /v1 or invalid URL path to ENV variable--- FAIL: TestAccCreateCheckcommand (0.00s) or Server is down--- FAIL: TestAccCreateCheckcommand (60.01s) |
|
Hi @lrsmith Thanks for making the changes here - do you know of a docker container I can use to test this now? When i run it against the official container, I get the following: |
|
Ignore that comment - I should have added /v1 to the end of the URL! This LGTM now :) Thanks for all the work here Paul |
|
Cool! @lrsmith very nice work! |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
Initial check in for review and comment for an Icinga2 Provider. New to GO and test all comments/critiques appreciated.
Need to add one more resource for Icinga2 Service Checks.
Need to address disabling SSL VERIFY option. disabled for now due to self signed cert.