Open lmnogues opened 3 years ago
So, I actually did a POC playbook for this last year that we may be able to reuse and incorporate into this role. There are some drawbacks and constraints to pulling apps from Splunkbase, namely:
All that said, this is possible. Here's the POC playbook that I wrote for reference:
# ansible-playbook --connection=local --inventory 127.0.0.1, install_splunkbase_app_rest.yml
- hosts:
- localhost
gather_facts: no
vars:
- splunkbase_username: user@splunk.com
- splunkbase_password: somepassword
- splunkbase_auth_url: https://splunkbase.splunk.com/api/account:login/
- splunk_host: mysplunkhost
- splunk_user: admin
- splunk_password: somepassword
- app_url: https://splunkbase.splunk.com/app/833/release/8.1.0/download
tasks:
- name: Get splunkbase authentication token
uri:
url: "{{ splunkbase_auth_url }}"
method: POST
return_content: yes
body_format: form-urlencoded
body:
username: "{{ splunkbase_username }}"
password: "{{ splunkbase_password }}"
register: login
- name: Create splunkbase_token var
set_fact:
splunkbase_token: "{{ login.content | regex_search('<id>(.*)<\\/id>', '\\1' ) | first }}"
- name: Install Splunkbase app
uri:
url: "https://{{ splunk_host }}:8089/services/apps/local"
method: POST
user: "{{ splunk_user }}"
password: "{{ splunk_password }}"
validate_certs: false
body:
name: "{{ app_url }}"
update: "true"
filename: "true"
auth: "{{ splunkbase_token }}"
body_format: "form-urlencoded"
status_code: [ 200, 201 ]
timeout: 300
when:
- "'splunkbase.splunk.com' in app_url"
- splunkbase_token is defined
- splunkbase_token != None
One consideration for implementing this task: We will likely want to support installing apps from both Splunkbase and from Git on the same host.
For splunkbase url you can do https://splunkbase.splunk.com/apps/id/lookup_editor to get the app number
As a Splunk Admin with a restricted git repo size, I want to be able to automatically install application from Splunk Base instead of GIT.