setup datadog agent on each host.

- set agent version to 7
2022-01-22 14:59:15 -05:00
parent 449eb42c36
commit f723e4ac2e
61 changed files with 3661 additions and 0 deletions
--- a/ansible-5/roles/datadog.datadog/tasks/pkg-suse.yml
+++ b/ansible-5/roles/datadog.datadog/tasks/pkg-suse.yml
@@ -0,0 +1,133 @@
+---
+- name: Find out whether to set repo_gpgcheck or not
+  set_fact:
+    do_zypper_repo_gpgcheck: >-
+      {{ datadog_zypper_repo_gpgcheck if datadog_zypper_repo_gpgcheck != '' else (
+        'yes' if datadog_zypper_repo == '' and datadog_agent_major_version|int != 5 else 'no'
+      ) }}
+
+- block:  # Work around due to SNI check for SLES11
+  - name: Stat if current RPM key already exists
+    stat:
+      path: /tmp/DATADOG_RPM_KEY_CURRENT.public
+    register: ddkeycurrent
+  - name: Download current RPM key (SLES11)
+    get_url:
+      url: "{{ datadog_zypper_gpgkey_current }}"
+      dest: /tmp/DATADOG_RPM_KEY_CURRENT.public
+      force: yes
+    when: not ddkeycurrent.stat.exists
+  when: ansible_distribution_version|int == 11
+
+- name: Download current RPM key
+  get_url:
+    url: "{{ datadog_zypper_gpgkey_current }}"
+    dest: /tmp/DATADOG_RPM_KEY_CURRENT.public
+    force: yes
+  when: ansible_distribution_version|int >= 12
+
+- name: Import current RPM key
+  rpm_key:
+    key: /tmp/DATADOG_RPM_KEY_CURRENT.public
+    state: present
+  when: not ansible_check_mode
+
+# Do not import old key if installing Agent 7, as all Agent 7 packages are signed with the new key
+- block:  # Work around due to SNI check for SLES11
+  - name: Stat if RPM key already exists
+    stat:
+      path: /tmp/DATADOG_RPM_KEY.public
+    register: ddkey
+  - name: Download RPM key (SLES11)
+    get_url:
+      url: "{{ datadog_zypper_gpgkey }}"
+      dest: /tmp/DATADOG_RPM_KEY.public
+    when: not ddkey.stat.exists
+  when: datadog_agent_major_version|int < 7 and ansible_distribution_version|int == 11
+
+# Do not import old key if installing Agent 7, as all Agent 7 packages are signed with the new key
+- name: Download RPM key
+  get_url:
+    url: "{{ datadog_zypper_gpgkey }}"
+    dest: /tmp/DATADOG_RPM_KEY.public
+    checksum: "sha256:{{ datadog_zypper_gpgkey_sha256sum }}"
+  when: datadog_agent_major_version|int < 7 and ansible_distribution_version|int >= 12
+
+- name: Import RPM key
+  rpm_key:
+    key: /tmp/DATADOG_RPM_KEY.public
+    state: present
+  when: datadog_agent_major_version|int < 7 and not ansible_check_mode
+
+- block:  # Work around due to SNI check for SLES11
+  - name: Stat if E09422B3 key (Expires 2022) RPM key already exists
+    stat:
+      path: /tmp/DATADOG_RPM_KEY_E09422B3.public
+    register: ddnewkey
+  - name: Download E09422B3 key (Expires 2022) RPM key (SLES11)
+    get_url:
+      url: "{{ datadog_zypper_gpgkey_e09422b3 }}"
+      dest: /tmp/DATADOG_RPM_KEY_E09422B3.public
+    when: not ddnewkey.stat.exists
+  when: ansible_distribution_version|int == 11
+
+- name: Download E09422B3 key (Expires 2022) RPM key
+  get_url:
+    url: "{{ datadog_zypper_gpgkey_e09422b3 }}"
+    dest: /tmp/DATADOG_RPM_KEY_E09422B3.public
+    checksum: "sha256:{{ datadog_zypper_gpgkey_e09422b3_sha256sum }}"
+  when: ansible_distribution_version|int >= 12
+
+- name: Import E09422B3 key (Expires 2022) RPM key
+  rpm_key:
+    key: /tmp/DATADOG_RPM_KEY_E09422B3.public
+    state: present
+  when: not ansible_check_mode
+
+- block:  # Work around due to SNI check for SLES11
+  - name: Stat if 20200908 key (Expires 2024) RPM key already exists
+    stat:
+      path: /tmp/DATADOG_RPM_KEY_20200908.public
+    register: ddnewkey_20200908
+  - name: Download 20200908 key (Expires 2024) RPM key (SLES11)
+    get_url:
+      url: "{{ datadog_zypper_gpgkey_20200908 }}"
+      dest: /tmp/DATADOG_RPM_KEY_20200908.public
+    when: not  ddnewkey_20200908.stat.exists
+  when: ansible_distribution_version|int == 11
+
+- name: Download 20200908 key (Expires 2024) RPM key
+  get_url:
+    url: "{{ datadog_zypper_gpgkey_20200908 }}"
+    dest: /tmp/DATADOG_RPM_KEY_20200908.public
+    checksum: "sha256:{{ datadog_zypper_gpgkey_20200908_sha256sum }}"
+  when: ansible_distribution_version|int >= 12
+
+- name: Import 20200908 key (Expires 2024) RPM key
+  rpm_key:
+    key: /tmp/DATADOG_RPM_KEY_20200908.public
+    state: present
+  when: not ansible_check_mode
+
+# ansible don't allow repo_gpgcheck to be set, we have to create the repo file manually
+- name: Install DataDog zypper repo
+  template:
+    src: zypper.repo.j2
+    dest: /etc/zypp/repos.d/datadog.repo
+    owner: "root"
+    group: "root"
+    mode: 0644
+  register: datadog_zypper_repo
+
+# refresh zypper repos only if the template changed
+- name: refresh Datadog zypper_repos  # noqa 503
+  command: zypper refresh datadog
+  when: datadog_zypper_repo.changed and not ansible_check_mode
+  args:
+    warn: false  # silence warning about using zypper directly
+
+- include_tasks: pkg-suse/install-pinned.yml
+  when: datadog_agent_suse_version is defined
+
+- include_tasks: pkg-suse/install-latest.yml
+  when: datadog_agent_suse_version is not defined