search

telekom-mms / ansible-collection-icinga-director

An Ansible collection that contains modules to change objects in Icinga 2 using the director API.
GNU General Public License v3.0
81 stars 30 forks source link

[Enhancement] Add implicit deletion function #231

Open flkhndlr opened 12 months ago

flkhndlr commented 12 months ago

Description

You currently need to explicitly state the Icinga Director Objects you want to delete. We encountered several situations, where a object was deleted as code, but not removed. The reason is, that you need to state them as a deletion office. A solution could be to implicitly delete the Objects when removed in Ansible

We came up with following solution as a playbook:

---
- hosts: localhost
  gather_facts: false
  collections:
    - t_systems_mms.icinga_director
  tasks:
    - name: include Vars
      ansible.builtin.include_vars:
        file: vars/icinga_service.yml

    - name: get all object configs
      telekom_mms.icinga_director.icinga_service_info:
        url: "{{ icinga_host }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        query: "*"
        force_basic_auth: true
      register: result

    - name: create objects scheduled for deletion
      set_fact:
        icinga_services: "{{ icinga_services + [{'service_object': [item.object_name], 'state': 'absent' }] }}"
      when: not icinga_services|selectattr('service_object', 'contains', item.object_name)
      loop: "{{ result.objects }}"

  roles:
    - ansible_icinga
  vars:
    icinga_force_basic_auth: true

Is there a way to include this either into the collection as an example or create a solution in the role or modules itself? Thanks in advance!

Additional information

No response

schurzi commented 12 months ago

Your code shows how to select all objects for deletion, but it does not actually delete them, if I understand right. Can you extend this to also delete them with our collection?

I am thinkging how we can document this, since this shows an important part of the usage, that is hard to get right. My first thought was to add it in playbooks/ to offer a ready to use implementation where one is only expected to add their variables and everything else is ready to use.

Another approach might be to add further documentation in docs/ to illustrate all kinds of usage patterns and also describe tradeoffs and offer help to decide on specific implementations. (covering tutorials or how-tos as described in https://diataxis.fr/)

rndmh3ro commented 12 months ago

Is there a way to include this either into the collection as an example or create a solution in the role or modules itself?

I don't think this should be part of a module, but I like the idea of creating a new role that does exactly this for all resources. Or alternatively document it like @schurzi described.

Your code shows how to select all objects for deletion, but it does not actually delete them, if I understand right. Can you extend this to also delete them with our collection?

It already does in the set_fact step. There's the state: absent part.

My first thought was to add it in playbooks/ to offer a ready to use implementation where one is only expected to add their variables and everything else is ready to use.

I'm not sure this will work. vars_files doesn't work for import_playbook (see), so you'd have to do some workaround like described here.

schurzi commented 12 months ago

I don't think this should be part of a module, but I like the idea of creating a new role that does exactly this for all resources.

I like the idea of a separate "cleanup" role. (Or maybe an additional flag for the existing role?)

It already does in the set_fact step. There's the state: absent part.

Yeah, I missed that part. All good.