From fd2e63eaafd90b76c6e58616ff8dd50cc13697e9 Mon Sep 17 00:00:00 2001 From: Santiago Orobon Date: Thu, 1 Feb 2018 14:32:00 +0100 Subject: [PATCH 1/3] Adding support for addons like java-agents --- .travis.yml | 2 +- .yamllint | 6 +- CHANGELOG.md | 2 + defaults/main.yml | 28 +- molecule/agent/Dockerfile.j2 | 9 + molecule/agent/INSTALL.rst | 16 + molecule/agent/create.yml | 60 ++++ molecule/agent/destroy.yml | 27 ++ molecule/agent/group_vars/tomcat/main.yml | 20 ++ molecule/agent/molecule.yml | 30 ++ molecule/agent/playbook.yml | 13 + molecule/agent/prepare.yml | 5 + molecule/agent/requirements.yml | 5 + .../tomcat/agents/newrelic/newrelic.yml.j2 | 300 ++++++++++++++++++ .../tomcat/conf/test/test_template.xml.j2 | 2 + .../tests/test_tomcat.yml.j2} | 0 molecule/agent/verifier.yml | 61 ++++ molecule/default/requirements.yml | 2 +- molecule/default/tests/test_tomcat.yml.j2 | 39 +++ tasks/agent.yml | 79 +++++ tasks/main.yml | 14 +- templates/setagentenv.sh.j2 | 7 + templates/setenv.sh.j2 | 14 +- 23 files changed, 726 insertions(+), 15 deletions(-) create mode 100644 molecule/agent/Dockerfile.j2 create mode 100644 molecule/agent/INSTALL.rst create mode 100644 molecule/agent/create.yml create mode 100644 molecule/agent/destroy.yml create mode 100644 molecule/agent/group_vars/tomcat/main.yml create mode 100644 molecule/agent/molecule.yml create mode 100644 molecule/agent/playbook.yml create mode 100644 molecule/agent/prepare.yml create mode 100644 molecule/agent/requirements.yml create mode 100644 molecule/agent/templates/tomcat/agents/newrelic/newrelic.yml.j2 create mode 100644 molecule/agent/templates/tomcat/conf/test/test_template.xml.j2 rename molecule/{default/tests/test_tomcat.yml => agent/tests/test_tomcat.yml.j2} (100%) create mode 100644 molecule/agent/verifier.yml create mode 100644 molecule/default/tests/test_tomcat.yml.j2 create mode 100644 tasks/agent.yml create mode 100644 templates/setagentenv.sh.j2 diff --git a/.travis.yml b/.travis.yml index 04bb954..d9d0683 100644 --- a/.travis.yml +++ b/.travis.yml @@ -15,7 +15,7 @@ install: - pip install ansible==${ansible_version} - pip install -r test-requirements.txt script: - - molecule test + - molecule test --all notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/.yamllint b/.yamllint index d0a059b..3a2255e 100644 --- a/.yamllint +++ b/.yamllint @@ -1,9 +1,5 @@ extends: default -ignore: | - *.travis.yml - test_*.yml - rules: braces: max-spaces-inside: 1 @@ -14,4 +10,4 @@ rules: line-length: disable # NOTE(retr0h): Templates no longer fail this lint rule. # Uncomment if running old Molecule templates. - truthy: disable + # truthy: disable diff --git a/CHANGELOG.md b/CHANGELOG.md index e7c99bc..7d19208 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,8 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a changelog](https://github.com/olivierlacan/keep-a-changelog). ## [Unreleased](https://github.com/idealista/tomcat-role/tree/develop) +### Added +- *[#40](https://github.com/idealista/tomcat-role/issues/40) Support for addons like java-agents* @sorobon ## [1.4.0](https://github.com/idealista/tomcat-role/tree/1.4.0) diff --git a/defaults/main.yml b/defaults/main.yml index 1633de9..c66d4c9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -38,7 +38,7 @@ tomcat_ajp_connector_port: 8009 tomcat_connector_redirect_port: 8443 ## CATALINA_OPTS -catalina_opts: +tomcat_catalina_opts: - -Xms512m - -Xmx512m @@ -78,3 +78,29 @@ tomcat_pre_installed_folders_deployed: deployed: true host-manager: deployed: true + +## TOMCAT AGENTS + +newrelic_url: http://download.newrelic.com/newrelic/java-agent/newrelic-agent +newrelic_file: newrelic-java.zip +newrelic_java_agent_url: "{{ newrelic_url }}/{{ newrelic_version }}/{{ newrelic_file }}" + +tomcat_agents_reinstall: false + +## Agent configuration (optional) + +# tomcat_agents_required_libs: +# - unzip +# - apt-transport-https + +# tomcat_agents_config: +# - name: "agent_name" +# download_url: "download_url" +# catalina_opts: +# - '-javaagent:{{ tomcat_install_path }}/agent_name/agent_file' +# configuration_files: +# - "configuration_file.yml" +# params: { +# application_name: "application_name", +# license_key: "license_key" +# } diff --git a/molecule/agent/Dockerfile.j2 b/molecule/agent/Dockerfile.j2 new file mode 100644 index 0000000..f8b4e75 --- /dev/null +++ b/molecule/agent/Dockerfile.j2 @@ -0,0 +1,9 @@ +# Molecule managed + +FROM {{ item.image }} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get upgrade -y && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python2-dnf bash && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum update -y && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper update -y && zypper install -y python sudo bash python-xml && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; fi diff --git a/molecule/agent/INSTALL.rst b/molecule/agent/INSTALL.rst new file mode 100644 index 0000000..e26493b --- /dev/null +++ b/molecule/agent/INSTALL.rst @@ -0,0 +1,16 @@ +******* +Install +******* + +Requirements +============ + +* Docker Engine +* docker-py + +Install +======= + +.. code-block:: bash + + $ sudo pip install docker-py diff --git a/molecule/agent/create.yml b/molecule/agent/create.yml new file mode 100644 index 0000000..10fac31 --- /dev/null +++ b/molecule/agent/create.yml @@ -0,0 +1,60 @@ +--- +- name: Create + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}" + vars: + molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}" + molecule_ephemeral_directory: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}" + molecule_scenario_directory: "{{ lookup('env', 'MOLECULE_SCENARIO_DIRECTORY') }}" + molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}" + tasks: + - name: Create Dockerfiles from image names + template: + src: "{{ molecule_scenario_directory }}/Dockerfile.j2" + dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}" + with_items: "{{ molecule_yml.platforms }}" + register: platforms + + - name: Discover local Docker images + docker_image_facts: + name: "molecule_local/{{ item.item.name }}" + with_items: "{{ platforms.results }}" + register: docker_images + + - name: Build an Ansible compatible image + docker_image: + path: "{{ molecule_ephemeral_directory }}" + name: "molecule_local/{{ item.item.image }}" + dockerfile: "{{ item.item.dockerfile | default(item.invocation.module_args.dest) }}" + force: "{{ item.item.force | default(true) }}" + with_items: "{{ platforms.results }}" + when: platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0 + + - name: Create molecule instance(s) + docker_container: + name: "{{ item.name }}" + hostname: "{{ item.name }}" + image: "molecule_local/{{ item.image }}" + state: started + recreate: false + log_driver: json-file + command: "{{ item.command | default('bash -c \"while true; do sleep 10000; done\"') }}" + privileged: "{{ item.privileged | default(omit) }}" + volumes: "{{ item.volumes | default(omit) }}" + capabilities: "{{ item.capabilities | default(omit) }}" + ports: "{{ item.exposed_ports | default(omit) }}" + ulimits: "{{ item.ulimits | default(omit) }}" + register: server + with_items: "{{ molecule_yml.platforms }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) creation to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: docker_jobs + until: docker_jobs.finished + retries: 300 + with_items: "{{ server.results }}" diff --git a/molecule/agent/destroy.yml b/molecule/agent/destroy.yml new file mode 100644 index 0000000..3ce7478 --- /dev/null +++ b/molecule/agent/destroy.yml @@ -0,0 +1,27 @@ +--- +- name: Destroy + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}" + vars: + molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}" + molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}" + tasks: + - name: Destroy molecule instance(s) + docker_container: + name: "{{ item.name }}" + state: absent + force_kill: "{{ item.force_kill | default(true) }}" + register: server + with_items: "{{ molecule_yml.platforms }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) deletion to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: docker_jobs + until: docker_jobs.finished + retries: 300 + with_items: "{{ server.results }}" diff --git a/molecule/agent/group_vars/tomcat/main.yml b/molecule/agent/group_vars/tomcat/main.yml new file mode 100644 index 0000000..0048dd2 --- /dev/null +++ b/molecule/agent/group_vars/tomcat/main.yml @@ -0,0 +1,20 @@ +--- + +## JAVA +java_implementation: openjdk + +tomcat_agents_required_libs: + - unzip + - apt-transport-https + +tomcat_agents_config: + - name: "newrelic" + download_url: "http://download.newrelic.com/newrelic/java-agent/newrelic-agent/current/newrelic-java.zip" + catalina_opts: + - '-javaagent:{{ tomcat_install_path }}/newrelic/newrelic.jar' + configuration_files: + - "newrelic.yml" + params: { + application_name: "application_sample_name", + license_key: "sddsasd" + } diff --git a/molecule/agent/molecule.yml b/molecule/agent/molecule.yml new file mode 100644 index 0000000..f3e76a2 --- /dev/null +++ b/molecule/agent/molecule.yml @@ -0,0 +1,30 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint + +platforms: + - name: tomcat + groups: + - tomcat + image: idealista/java-role:latest + privileged: True + capabilities: + - SYS_ADMIN + volumes: + - '/sys/fs/cgroup:/sys/fs/cgroup:ro' + command: '/lib/systemd/systemd' + +provisioner: + name: ansible + lint: + name: ansible-lint +scenario: + name: agent +verifier: + name: goss + lint: + name: 'None' diff --git a/molecule/agent/playbook.yml b/molecule/agent/playbook.yml new file mode 100644 index 0000000..d04d28f --- /dev/null +++ b/molecule/agent/playbook.yml @@ -0,0 +1,13 @@ +--- +- name: Converge + hosts: all + pre_tasks: + - name: Tomcat | Installing required dependencies + apt: + pkg: "{{ item }}" + state: present + with_items: + - net-tools + roles: + - java + - tomcat-role diff --git a/molecule/agent/prepare.yml b/molecule/agent/prepare.yml new file mode 100644 index 0000000..5358b3b --- /dev/null +++ b/molecule/agent/prepare.yml @@ -0,0 +1,5 @@ +--- +- name: Prepare + hosts: all + gather_facts: false + tasks: [] diff --git a/molecule/agent/requirements.yml b/molecule/agent/requirements.yml new file mode 100644 index 0000000..a5fa168 --- /dev/null +++ b/molecule/agent/requirements.yml @@ -0,0 +1,5 @@ +--- + +- src: idealista.java-role + version: 2.0.1 + name: java diff --git a/molecule/agent/templates/tomcat/agents/newrelic/newrelic.yml.j2 b/molecule/agent/templates/tomcat/agents/newrelic/newrelic.yml.j2 new file mode 100644 index 0000000..cbccdc4 --- /dev/null +++ b/molecule/agent/templates/tomcat/agents/newrelic/newrelic.yml.j2 @@ -0,0 +1,300 @@ +# This file configures the New Relic Agent. New Relic monitors +# Java applications with deep visibility and low overhead. For more details and additional +# configuration options visit https://docs.newrelic.com/docs/java/java-agent-configuration. +# +# {{ ansible_managed }} +# +# This section is for settings common to all environments. +# Do not add anything above this next line. +common: &default_settings + + # ============================== LICENSE KEY =============================== + # You must specify the license key associated with your New Relic + # account. For example, if your license key is 12345 use this: + # license_key: '12345' + # The key binds your Agent's data to your account in the New Relic service. + license_key: '{{ item.params.license_key }}' + + # Agent Enabled + # Use this setting to disable the agent instead of removing it from the startup command. + # Default is true. + agent_enabled: true + + # Set the name of your application as you'd like it show up in New Relic. + # If enable_auto_app_naming is false, the agent reports all data to this application. + # Otherwise, the agent reports only background tasks (transactions for non-web applications) + # to this application. To report data to more than one application + # (useful for rollup reporting), separate the application names with ";". + # For example, to report data to "My Application" and "My Application 2" use this: + # app_name: My Application;My Application 2 + # This setting is required. Up to 3 different application names can be specified. + # The first application name must be unique. + app_name: {{ item.params.application_name }} + + # To enable high security, set this property to true. When in high + # security mode, the agent will use SSL and obfuscated SQL. Additionally, + # request parameters and message parameters will not be sent to New Relic. + high_security: false + + # Set to true to enable support for auto app naming. + # The name of each web app is detected automatically + # and the agent reports data separately for each one. + # This provides a finer-grained performance breakdown for + # web apps in New Relic. + # Default is false. + enable_auto_app_naming: false + + # Set to true to enable component-based transaction naming. + # Set to false to use the URI of a web request as the name of the transaction. + # Default is true. + enable_auto_transaction_naming: true + + # The agent uses its own log file to keep its logging + # separate from that of your application. Specify the log level here. + # This setting is dynamic, so changes do not require restarting your application. + # The levels in increasing order of verboseness are: + # off, severe, warning, info, fine, finer, finest + # Default is info. + log_level: info + + # Log all data sent to and from New Relic in plain text. + # This setting is dynamic, so changes do not require restarting your application. + # Default is false. + audit_mode: false + + # The number of backup log files to save. + # Default is 1. + log_file_count: 1 + + # The maximum number of kbytes to write to any one log file. + # The log_file_count must be set greater than 1. + # Default is 0 (no limit). + log_limit_in_kbytes: 0 + + # Override other log rolling configuration and roll the logs daily. + # Default is false. + log_daily: false + + # The name of the log file. + # Default is newrelic_agent.log. + log_file_name: newrelic_agent.log + + # The log file directory. + # Default is the logs directory in the newrelic.jar parent directory. + #log_file_path: + + # The agent communicates with New Relic via https by + # default. If you want to communicate with newrelic via http, + # then turn off SSL by setting this value to false. + # This work is done asynchronously to the threads that process your + # application code, so response times will not be directly affected + # by this change. + # Default is true. + ssl: true + + # Proxy settings for connecting to the New Relic server: + # If a proxy is used, the host setting is required. Other settings + # are optional. Default port is 8080. The username and password + # settings will be used to authenticate to Basic Auth challenges + # from a proxy server. + #proxy_host: hostname + #proxy_port: 8080 + #proxy_user: username + #proxy_password: password + + # Limits the number of lines to capture for each stack trace. + # Default is 30 + max_stack_trace_lines: 30 + + # Provides the ability to configure the attributes sent to New Relic. These + # attributes can be found in transaction traces, traced errors, Insight's + # transaction events, and Insight's page views. + attributes: + + # When true, attributes will be sent to New Relic. The default is true. + enabled: true + + #A comma separated list of attribute keys whose values should + # be sent to New Relic. + #include: + + # A comma separated list of attribute keys whose values should + # not be sent to New Relic. + #exclude: + + + # Transaction tracer captures deep information about slow + # transactions and sends this to the New Relic service once a + # minute. Included in the transaction is the exact call sequence of + # the transactions including any SQL statements issued. + transaction_tracer: + + # Transaction tracer is enabled by default. Set this to false to turn it off. + # This feature is not available to Lite accounts and is automatically disabled. + # Default is true. + enabled: true + + # Threshold in seconds for when to collect a transaction + # trace. When the response time of a controller action exceeds + # this threshold, a transaction trace will be recorded and sent to + # New Relic. Valid values are any float value, or (default) "apdex_f", + # which will use the threshold for the "Frustrated" Apdex level + # (greater than four times the apdex_t value). + # Default is apdex_f. + transaction_threshold: apdex_f + + # When transaction tracer is on, SQL statements can optionally be + # recorded. The recorder has three modes, "off" which sends no + # SQL, "raw" which sends the SQL statement in its original form, + # and "obfuscated", which strips out numeric and string literals. + # Default is obfuscated. + record_sql: obfuscated + + # Set this to true to log SQL statements instead of recording them. + # SQL is logged using the record_sql mode. + # Default is false. + log_sql: false + + # Threshold in seconds for when to collect stack trace for a SQL + # call. In other words, when SQL statements exceed this threshold, + # then capture and send to New Relic the current stack trace. This is + # helpful for pinpointing where long SQL calls originate from. + # Default is 0.5 seconds. + stack_trace_threshold: 0.5 + + # Determines whether the agent will capture query plans for slow + # SQL queries. Only supported for MySQL and PostgreSQL. + # Default is true. + explain_enabled: true + + # Threshold for query execution time below which query plans will not + # not be captured. Relevant only when `explain_enabled` is true. + # Default is 0.5 seconds. + explain_threshold: 0.5 + + # Use this setting to control the variety of transaction traces. + # The higher the setting, the greater the variety. + # Set this to 0 to always report the slowest transaction trace. + # Default is 20. + top_n: 20 + + # Error collector captures information about uncaught exceptions and + # sends them to New Relic for viewing. + error_collector: + + # This property enables the collection of errors. If the property is not + # set or the property is set to false, then errors will not be collected. + # Default is true. + enabled: true + + # Use this property to exclude specific exceptions from being reported as errors + # by providing a comma separated list of full class names. + # The default is to exclude akka.actor.ActorKilledException. If you want to override + # this, you must provide any new value as an empty list is ignored. + ignore_errors: akka.actor.ActorKilledException + + # Use this property to exclude specific http status codes from being reported as errors + # by providing a comma separated list of status codes. + # The default is to exclude 404s. If you want to override + # this, you must provide any new value as an empty list is ignored. + ignore_status_codes: 404 + + # Transaction Events are used for Histograms and Percentiles. Unaggregated data is collected + # for each web transaction and sent to the server on harvest. + transaction_events: + + # Set to false to disable transaction events. + # Default is true. + enabled: true + + # Events are collected up to the configured amount. Afterwards, events are sampled to + # maintain an even distribution across the harvest cycle. + # Default is 2000. Setting to 0 will disable. + max_samples_stored: 2000 + + # Cross Application Tracing adds request and response headers to + # external calls using supported HTTP libraries to provide better + # performance data when calling applications monitored by other New Relic Agents. + cross_application_tracer: + + # Set to false to disable cross application tracing. + # Default is true. + enabled: true + + # Thread profiler measures wall clock time, CPU time, and method call counts + # in your application's threads as they run. + # This feature is not available to Lite accounts and is automatically disabled. + thread_profiler: + + # Set to false to disable the thread profiler. + # Default is true. + enabled: true + + # New Relic Real User Monitoring gives you insight into the performance real users are + # experiencing with your website. This is accomplished by measuring the time it takes for + # your users' browsers to download and render your web pages by injecting a small amount + # of JavaScript code into the header and footer of each page. + browser_monitoring: + + # By default the agent automatically inserts API calls in compiled JSPs to + # inject the monitoring JavaScript into web pages. Not all rendering engines are supported. + # See https://docs.newrelic.com/docs/java/real-user-monitoring-in-java#manual_instrumentation + # for instructions to add these manually to your pages. + # Set this attribute to false to turn off this behavior. + auto_instrument: true + + class_transformer: + # This instrumentation reports the name of the user principal returned from + # HttpServletRequest.getUserPrincipal() when servlets and filters are invoked. + com.newrelic.instrumentation.servlet-user: + enabled: false + + com.newrelic.instrumentation.spring-aop-2: + enabled: false + + # Classes loaded by classloaders in this list will not be instrumented. + # This is a useful optimization for runtimes which use classloaders to + # load dynamic classes which the agent would not instrument. + classloader_excludes: + groovy.lang.GroovyClassLoader$InnerLoader, + org.codehaus.groovy.runtime.callsite.CallSiteClassLoader, + com.collaxa.cube.engine.deployment.BPELClassLoader, + org.springframework.data.convert.ClassGeneratingEntityInstantiator$ObjectInstantiatorClassGenerator, + org.mvel2.optimizers.impl.asm.ASMAccessorOptimizer$ContextClassLoader, + gw.internal.gosu.compiler.SingleServingGosuClassLoader, + + # User-configurable custom labels for this agent. Labels are name-value pairs. + # There is a maximum of 64 labels per agent. Names and values are limited to 255 characters. + # Names and values may not contain colons (:) or semicolons (;). + labels: + + # An example label + #label_name: label_value + + +# Application Environments +# ------------------------------------------ +# Environment specific settings are in this section. +# You can use the environment to override the default settings. +# For example, to change the app_name setting. +# Use -Dnewrelic.environment= on the Java startup command line +# to set the environment. +# The default environment is production. + +# NOTE if your application has other named environments, you should +# provide configuration settings for these environments here. + +development: + <<: *default_settings + app_name: My Application (Development) + +test: + <<: *default_settings + app_name: My Application (Test) + +production: + <<: *default_settings + +staging: + <<: *default_settings + app_name: My Application (Staging) diff --git a/molecule/agent/templates/tomcat/conf/test/test_template.xml.j2 b/molecule/agent/templates/tomcat/conf/test/test_template.xml.j2 new file mode 100644 index 0000000..2fc3838 --- /dev/null +++ b/molecule/agent/templates/tomcat/conf/test/test_template.xml.j2 @@ -0,0 +1,2 @@ + +{{ tomcat_conf_path }} diff --git a/molecule/default/tests/test_tomcat.yml b/molecule/agent/tests/test_tomcat.yml.j2 similarity index 100% rename from molecule/default/tests/test_tomcat.yml rename to molecule/agent/tests/test_tomcat.yml.j2 diff --git a/molecule/agent/verifier.yml b/molecule/agent/verifier.yml new file mode 100644 index 0000000..20a129a --- /dev/null +++ b/molecule/agent/verifier.yml @@ -0,0 +1,61 @@ +--- +# This is an example playbook to execute goss tests. +# Tests need distributed to the appropriate ansible host/groups +# prior to execution by `goss validate`. +# +# The goss ansible module is installed with molecule. The ANSIBLE_LIBRARY +# path is updated appropriately on `molecule verify`. + +# Details about ansible module: +# - https://github.com/indusbox/goss-ansible + +- name: Verify + hosts: all + vars: + goss_version: v0.3.5 + goss_arch: amd64 + goss_dst: /usr/local/bin/goss + goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}" + goss_test_directory: /tmp + goss_format: documentation + + vars_files: + - ../../defaults/main.yml + - ../../vars/main.yml + - "{{ playbook_dir }}/group_vars/tomcat/main.yml" + + + tasks: + - name: Download and install Goss + get_url: + url: "{{ goss_url }}" + dest: "{{ goss_dst }}" + mode: 0755 + + - name: Copy Goss tests to remote + template: + src: "{{ item }}" + dest: "{{ goss_test_directory }}/{{ item | basename }}" + with_fileglob: + - "{{ playbook_dir }}/tests/test_*.yml" + + - name: Register test files + shell: "ls {{ goss_test_directory }}/test_*.yml" + register: test_files + + - name: Execute Goss tests + command: "goss -g {{ item }} validate --format {{ goss_format }}" + register: test_results + with_items: "{{ test_files.stdout_lines }}" + ignore_errors: true + + - name: Display details about the goss results + debug: + msg: "{{ item.stdout_lines }}" + with_items: "{{ test_results.results }}" + + - name: Fail when tests fail + fail: + msg: "Goss failed to validate" + when: item.rc != 0 + with_items: "{{ test_results.results }}" diff --git a/molecule/default/requirements.yml b/molecule/default/requirements.yml index 4bd5b50..a5fa168 100644 --- a/molecule/default/requirements.yml +++ b/molecule/default/requirements.yml @@ -1,5 +1,5 @@ --- - src: idealista.java-role - version: 2.0.0 + version: 2.0.1 name: java diff --git a/molecule/default/tests/test_tomcat.yml.j2 b/molecule/default/tests/test_tomcat.yml.j2 new file mode 100644 index 0000000..dae9691 --- /dev/null +++ b/molecule/default/tests/test_tomcat.yml.j2 @@ -0,0 +1,39 @@ +--- + +http: + http://localhost:{{ tomcat_http_connector_port }}: + status: 200 + {% for agent_config in tomcat_agents_config %} + {{ agent_config.download_url }} + status: 200 + {% endfor %} + +service: + tomcat: + enabled: true + running: true + +user: + {{ tomcat_user }}: + exists: true + groups: + - {{ tomcat_group }} + +group: + {{ tomcat_group }}: + exists: true + +port: + tcp:{{ tomcat_http_connector_port }}: + listening: true +{% for agent_config in tomcat_agents_config.items() %} + {{ agent_config.installation_path }} + filetype: directory + exists: true + owner: {{ tomcat_user }} + group: {{ tomcat_group }} + {{ agent_config.installation_path }}/{{ agent_config.configuration_file_name }} + exists: true + {{ agent_config.installation_path }}/{{ agent_config.agent_file }} + exists: true +{% endfor %} diff --git a/tasks/agent.yml b/tasks/agent.yml new file mode 100644 index 0000000..3efb7ab --- /dev/null +++ b/tasks/agent.yml @@ -0,0 +1,79 @@ +--- + +- name: Tomcat agent installation | Install required packages + apt: + pkg: "{{ item }}" + state: present + with_items: '{{ tomcat_agents_required_libs }}' + +- name: Tomcat agent installation | Ensure install path + file: + path: "{{ tomcat_install_path }}/{{ item.name }}" + state: directory + owner: "{{ tomcat_user }}" + group: "{{ tomcat_group }}" + with_items: '{{ tomcat_agents_config }}' + +- name: Tomcat agent installation | Check if agent is installed + stat: + path: "{{ tomcat_install_path }}/{{ item.0.name }}/{{ item.1 | basename }}" + register: agent_file_exists + with_subelements: + - "{{ tomcat_agents_config }}" + - catalina_opts + +- name: Tomcat agent installation | Download agent + get_url: + dest: "/tmp" + url: "{{ item.download_url }}" + owner: "{{ tomcat_user }}" + group: "{{ tomcat_group }}" + register: agent_downloaded + with_items: '{{ tomcat_agents_config }}' + +- name: Tomcat agent installation | Unarchive package + unarchive: + src: "/tmp/newrelic-java.zip" + dest: "{{ tomcat_install_path }}" + remote_src: yes + owner: "{{ tomcat_user }}" + group: "{{ tomcat_group }}" + mode: 0755 + when: agent_downloaded.changed + with_items: '{{ tomcat_agents_config }}' + tags: + - skip_ansible_lint + +- name: Tomcat agent installation | Check configuration files + set_fact: + tomcat_agent_configuration: "{{ tomcat_agent_configuration|default([]) + [ {'name': item.0.name, 'file': item.1, 'params': item.0.params}] }}" + with_subelements: + - "{{ tomcat_agents_config }}" + - configuration_files + +- name: Tomcat agent installation | Configure the Java agent + template: + src: "{{ playbook_dir }}/templates/tomcat/agents/{{ item.name }}/{{ item.file }}.j2" + dest: "{{ tomcat_install_path }}/{{ item.name }}/{{ item.file }}" + owner: "{{ tomcat_user }}" + group: "{{ tomcat_group }}" + with_items: + - '{{ tomcat_agent_configuration }}' + +- name: Tomcat agent installation | Check catalina options + set_fact: + tomcat_agent_catalina_opts: "{% set tomcat_agent_catalina_opts = tomcat_agent_catalina_opts|default([]) + [item.1] %}{{tomcat_agent_catalina_opts|list}}" + with_subelements: + - "{{ tomcat_agents_config }}" + - catalina_opts + +- name: Tomcat agent installation | Configure catalina options + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: 0640 + owner: "{{ tomcat_user }}" + group: "{{ tomcat_group }}" + with_items: + - { src: "setagentenv.sh.j2", dest: "{{ tomcat_bin_path }}/setagentenv.sh" } + notify: restart tomcat diff --git a/tasks/main.yml b/tasks/main.yml index b96f90d..094ef94 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,21 +1,27 @@ --- - name: Tomcat | Install - include: install.yml + import_tasks: install.yml tags: - install - name: Tomcat | Service - include: service.yml + import_tasks: service.yml tags: - service - name: Tomcat | Config - include: config.yml + import_tasks: config.yml tags: - config +- name: Tomcat | Agent config + import_tasks: agent.yml + tags: + - agent_config + when: tomcat_agents_config is defined + - name: Tomcat | Deploy - include: deploy.yml + import_tasks: deploy.yml tags: - deploy diff --git a/templates/setagentenv.sh.j2 b/templates/setagentenv.sh.j2 new file mode 100644 index 0000000..02b6243 --- /dev/null +++ b/templates/setagentenv.sh.j2 @@ -0,0 +1,7 @@ +#! /bin/sh + +{% if tomcat_agent_catalina_opts is defined %} +{% for option in tomcat_agent_catalina_opts %} +export CATALINA_OPTS="$CATALINA_OPTS {{ option }}" +{% endfor %} +{% endif%} diff --git a/templates/setenv.sh.j2 b/templates/setenv.sh.j2 index 14d455e..7654928 100644 --- a/templates/setenv.sh.j2 +++ b/templates/setenv.sh.j2 @@ -1,5 +1,13 @@ #! /bin/sh -{% for item in catalina_opts %} -export CATALINA_OPTS="$CATALINA_OPTS {{ item }}" -{% endfor %} \ No newline at end of file +{% for option in tomcat_catalina_opts %} +export CATALINA_OPTS="$CATALINA_OPTS {{ option }}" +{% endfor %} + +{% if tomcat_agents_config is defined %} +if [ -r "$CATALINA_BASE/bin/setagentenv.sh" ]; then + . "$CATALINA_BASE/bin/setagentenv.sh" +elif [ -r "$CATALINA_HOME/bin/setagentenv.sh" ]; then + . "$CATALINA_HOME/bin/setagentenv.sh" +fi +{% endif %} From 2fb00e1b4c0a583bdba5f3f22b5919c4cf4f5420 Mon Sep 17 00:00:00 2001 From: Santiago Orobon Date: Thu, 1 Feb 2018 16:02:28 +0100 Subject: [PATCH 2/3] Adding support for addons like java-agents (cleaned unused configuration) --- defaults/main.yml | 8 -------- tasks/agent.yml | 2 +- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index c66d4c9..6077b3a 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -79,14 +79,6 @@ tomcat_pre_installed_folders_deployed: host-manager: deployed: true -## TOMCAT AGENTS - -newrelic_url: http://download.newrelic.com/newrelic/java-agent/newrelic-agent -newrelic_file: newrelic-java.zip -newrelic_java_agent_url: "{{ newrelic_url }}/{{ newrelic_version }}/{{ newrelic_file }}" - -tomcat_agents_reinstall: false - ## Agent configuration (optional) # tomcat_agents_required_libs: diff --git a/tasks/agent.yml b/tasks/agent.yml index 3efb7ab..14e3d87 100644 --- a/tasks/agent.yml +++ b/tasks/agent.yml @@ -33,7 +33,7 @@ - name: Tomcat agent installation | Unarchive package unarchive: - src: "/tmp/newrelic-java.zip" + src: "/tmp/{{ item.download_url | basename }}" dest: "{{ tomcat_install_path }}" remote_src: yes owner: "{{ tomcat_user }}" From 78b57dafe5776052babff9db19ba1ab65442d055 Mon Sep 17 00:00:00 2001 From: Santiago Orobon Date: Thu, 1 Feb 2018 18:05:25 +0100 Subject: [PATCH 3/3] Update CHANGELOG.md Release 1.5.0 --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7d19208..ca2d51d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,8 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a changelog](https://github.com/olivierlacan/keep-a-changelog). ## [Unreleased](https://github.com/idealista/tomcat-role/tree/develop) + +## [1.5.0](https://github.com/idealista/tomcat-role/tree/1.5.0) ### Added - *[#40](https://github.com/idealista/tomcat-role/issues/40) Support for addons like java-agents* @sorobon