Can anyone help me with the error deleting obsolete replication agents using the aem_agent module (https://github.com/lean-delivery/ansible-modules-aem/blob/master/aem_agent.py)?
I face an error:
"msg": "failed to delete agent: 405 - "
Here is a task:
- name: Remove dispatcher flush agents
aem_agent:
name: "{{ obsolete_dispatcher }}"
state: absent
folder: 'agents.publish'
admin_user: '{{ admin_login }}'
admin_password: '{{ admin_password }}'
host: 'http://localhost'
port: '4502'
From the error.log:
XX.XX.XXXX XX:XX:XX.XXX *ERROR* [127.0.0.1 [XXXXXXXXXXXXX] DELETE /etc/replication/agents.publish/ip-XX-XX-XXX-XXX-XX-XXXX-X-compute-internal-dispatcher HTTP/1.1] org.apache.sling.servlets.resolver.internal.SlingServletResolver handleError: Recursive invocation. Not further handling status 405(Method DELETE not supported)
The HTTP DELETE method isn't supported when you disable the WebDav bundles per the security checklist.
You can either re-enable WebDAV or modify the code in the Ansible aemagent project to delete using the Sling POST servlet instead. The request would be a POST with parameter ":operation=delete" to the path.
For examples, see the Sling documentation.
As was advised, I modified a code (delete_agent function). Changes:
request method from delete => post
added data to the request: {':operation': 'delete'}
also, I've created PR to add these changes in the code.
It works for me. Thank you, Andrew Khoury, very much!
Related
I have an old ansible repository that I forked some time ago (2 years+) where I had not much idea about ansible. There are a lot of tasks written in a form that I don't know if it is correct or if it is deprecated. They use the action: section of the task, and then they write what looks like standard ansible actions (in fact, ansible-link complains that I should use FQN for built in actions on those).
I tried searching but all the results that I find are not relevant, so I am asking here how is this module action usually referred to, and should I change it to plain yaml?
- name: Disallow password authentication
action: lineinfile dest=/etc/ssh/sshd_config regexp="^PasswordAuthentication" line="PasswordAuthentication no" state=present
notify: restart ssh
Q: "Should I change it to plain YAML?"
A: Yes. The YAML format is the best practice
- name: Disallow password authentication
lineinfile:
dest: /etc/ssh/sshd_config
regexp: "^PasswordAuthentication"
line: "PasswordAuthentication no"
state: present
notify: restart ssh
To see details and examples about lineinfile run
shell> ansible-doc -t module lineinfile
Regarding your question
How is this module action usually referred to
you may have a look into Playbook Keywords
"For example, action in task can be substituted by the name of any Ansible module."
"The ‘action’ to execute for a task, it normally translates into a C(module) or action plugin.".
Regarding your question
Is it deprecated?
Since it is referenced in the actual documenation without a note it seems to be not.
Regarding your question
There are a lot of tasks written in a form that I don't know if it is correct
Since it is referenced in the actual documenation without a note it seems to be correct syntax.
Therefore it is possible to write tasks like
- name: Gather stored entitlement from repository service
action:
module: uri
url: "https://{{ REPOSITORY_URL }}/api/system/security/certificates"
method: GET
url_username: "{{ ansible_user }}"
url_password: "{{ ansible_password }}"
validate_certs: yes
return_content: yes
status_code: 200
body_format: json
check_mode: false
register: result
- name: Show result
debug:
msg: "{{ result.json }}"
check_mode: false
which in example gather installed certificates from a JFrog Artifactory repository service via REST API call, as well
- name: Gather stored entitlement from repository service
local_action:
module: uri
...
local_action
Same as action but also implies delegate_to: localhost
for Controlling where tasks run: delegation and local actions.
Nevertheless, the YAML format is the best practice. Therefore you should change it to plain YAML if possible.
Trying to get the ansible expect module going for a list style response rather than a text response.
I've read the ansible documentation for this module and its not so clear how to achieve this, I've also looked around google for examples similar to what I'm trying to achieve without any success.
Perhaps I'm trying to use the wrong module for the wrong thing?
I'm basically trying to run 'npx #vue/cli create frontend' using ansible, but be able to select 'merge' and 'Default ([Vue 2] babel, eslint)' when they show up as options.
Any suggestions on getting this going would be much appreciated.
Here is an example of the list style response expected in the terminal.
example of list response
And here is a code snippet of what I've got so far:
- name: create node package in front-end directory
expect:
command:
cmd: 'npx #vue/cli create frontend'
args:
chdir: '{{ app_root }}'
virtualenv: '{{ virtualenv_dir }}'
responses:
already exists. Pick an action: Merge
Please pick a preset: Default ([Vue 2] babel, eslint)
become_user: '{{ username }}'
Thanks to the user mdaniel for providing a workaround to my issue.
Working code snippet is as follows:
- name: Vue | create node package in frontend directory
become_user: '{{ username }}'
command: 'npx #vue/cli create {{ frontend_name }} --merge --default'
args:
chdir: '{{ app_root }}'
I have been trying to login a web page and get/download some specific data from there, but couldn't make it. Is it possible?
If you need to download a specific file, and you can get it via http://username:password#example.com/path/file.conf then you can use the get_url module:
- name: < Fetch file that requires authentication.
get_url:
url: http://example.com/path/file.conf
dest: /etc/foo.conf
url_username: bar
url_password: '{{ mysecret }}'
https://docs.ansible.com/ansible/latest/modules/get_url_module.html
If you need arbitrary auth, why not just write it in normal python/bash and trigger the script with Ansible so that you aren't constrained by Ansible's auth support?
https://docs.ansible.com/ansible/latest/modules/script_module.html
I am trying to Post an app on marathon using Ansible and then I am trying to delete the same app with my Playbook. Everything works fine, the only problem is that I am getting below error when I am running my playbook for delete.
fatal: [localhost]: FAILED! =>
{
"cache_control":"no-cache, no-store, must-revalidate",
"changed":false,
"connection":"close",
"content":"{\"version\":\"2016-10-12T16:51:47.641Z\",\"deploymentId\":\"46edbf12-e837-45c5-9360-9824a4143868\"}",
"content_length":"92",
"content_type":"application/json; qs=2",
"date":"Wed, 12 Oct 2016 16:51:02 GMT",
"expires":"0",
"failed":true,
"json":{
"deploymentId":"46edbf12-e837-45c5-9360-9824a4143868",
"version":"2016-10-12T16:51:47.641Z"
},
"msg":"Status code was not [201]: OK (92 bytes)",
"pragma":"no-cache",
"redirected":false,
"server":"openresty/1.7.10.2",
"status":200,
"url":"http://mywebsite.com:19092/v2/apps/demoansible",
"x_marathon_leader":"http://10.201.160.1:31392"
}
As you can see above, the json shows successful response and status is 200, also when I check on Marathon UI, the app is deleted. But the only problem is the fatal:[ localhost]: FAILED! => error. Is there any way, I can remove that error?
here is my playbook for delete:
---
- hosts: local
gather_facts: false
tasks:
-
uri:
body: "{{ lookup('file','app.json') }}"
body_format: json
force_basic_auth: true
method: DELETE
password: password
status_code: 201
url: "url/v2/apps/demoansible"
user: user1
What I see from your playbook is that, you are using it for deleting an app on your marathon, and you have already given your app id in the url, I dont think you need a body in your playbook. Please remove the body and also the status code, and I think it should work fine.
The reason, you dont need body is that you are using it for deleting. And for deleting a running app on marathon, app id is more than sufficient, you dont need to pass your app.json file to delete an app. This will remove the fatal error which you are facing.
Hope this helps.
I'm trying to download a protected file using HTTP from a remote server with the get_url module but the username password does not seem to get passed in the request and the task therefore fails.
I'm using Ansible 1.9.2
Here is the get_url definition I'm using:
- name: Downloading Artifact
get_url:
url: "http://myserver/somefile.tar.gz"
dest: "/home/jdoe/somefile.tar.gz"
url_username: "jdoe"
url_password: "mysecret"
mode: 0600
Here is the error I get:
failed: [myserver] => {"dest": "/home/jdoe/somefile.tar.gz", "failed": true,
"response": "HTTP Error 403: Forbidden", "state": "absent",
"status_code": 403, "url": "http://myserver/somefile.tar.gz"}
msg: Request failed
FATAL: all hosts have already failed -- aborting
Now, I tried to download the file using cURL and it works.
Any help is appreciated as I've struggling with this for 2 days.
You can use the uri module:
---
- hosts: hostname
tasks:
- name: "download file"
uri:
url: "http://somedomain.com/file.json"
method: GET
user: "{{ somedomain.user }}"
password: "{{ somedomain.password }}"
force_basic_auth: yes
dest: /tmp/somedomain.file.json
return_content: yes
If this doesn't work, probably it will have something to do with the httplib2 library version.
The problem is that your server does not return 401 status so that the httplib2 library can send over the BASIC authentication credentials afterwards. The solution is to upgrade to ansible >= 2.0 and use force_basic_auth: True so that the BASIC authentication credentials from the beginning.
I've had a similar issue in ansible 2.9.
Turns out curl was also getting HTTP 403 but showing content anyway. GET_URL module is just more strict.
For me, the issue was solved by switching from the default Apache welcome page to the smth custom made.