Nr 164383 roles for infra agent testing (#53)

* NR-164383 feat: assert_permissions role (#41)

* NR-164383 feat: role for newrelic-cli (#42)

* NR-164383 feat: assert version on Windows (#44)

* NR-164383 feat: package install win/mac (#46)

* NR-164383 feat: fail if unexpected caps found (#47)

* NR-164383 feat: assert not service in Windows (#48)

* NR-164383 feat: install docker in old suse distributions (#49)

* NR-164383 feat: role to install the infra agent (#50)

* NR-164383 feat: roles for HNR alerts (#43)

* NR-164383 feat: roles for HNR alerts

* single role for HNR

* NR-164383 feat: cleanup on windows (#45)

* NR-164383 feat: cleanup on windows

* remove leftover

caos.ansible_roles/roles/assert_no_service/tasks/assert-no-service-Win32NT.yaml

@@ -0,0 +1,13 @@
+---
+
+- name: get info for an enabled single service
+  ansible.windows.win_service_info:
+    name: "{{ service_name }}"
+  register: service_info
+
+- name: ensure service does not exist
+  assert:
+    that:
+      - not service_info.exists
+
+...

caos.ansible_roles/roles/assert_permissions/README.md

@@ -0,0 +1,12 @@
+Assert file permissions.
+
+```yaml
+
+- name: Assert permissions
+  include_role:
+    name: caos.ansible_roles.assert_permissions
+  vars:
+    files:
+      /etc/fstab: "0644"
+      /this/is/another/path: "0765"
+```

caos.ansible_roles/roles/assert_permissions/tasks/check-Linux.yaml

@@ -0,0 +1,15 @@
+---
+
+- name: stat on files
+  stat:
+    path: "{{ item.key }}"
+  register: st
+  loop: "{{ files | dict2items }}"
+
+- name: fail if permissions are incorrect
+  fail:
+    msg: "{{ item.item.key }} permissions {{ item.stat.mode }} should be {{ item.item.value }}"
+  when: item.item.value  != item.stat.mode
+  loop: "{{ st.results }}"
+
+...

caos.ansible_roles/roles/assert_permissions/tasks/main.yaml

@@ -0,0 +1,5 @@
+---
+
+- ansible.builtin.include_tasks: "check-{{ ansible_system }}.yaml"
+
+...

caos.ansible_roles/roles/assert_permissions/vars/main.yaml

@@ -0,0 +1,10 @@
+# unix permission mask ~ "0754"
+bin_mode: ""
+# files array (ensure ordered iteration)
+# files:
+#  - file: /some/file
+#    mode: "0755"
+#  - file: /another/file
+#    mode: "0600"
+files: []
+

caos.ansible_roles/roles/assert_privileged_caps/tasks/check_Linux.yaml

@@ -14,4 +14,10 @@
       - getcap.stdout is search(item)
   loop: "{{ caps }}"
 
+- name: fail if caps are found and were not expected
+  fail:
+    msg: "caps were not expected"
+  when:
+    - caps | length  == 0 and getcap.stdout != ""
+
 ...

caos.ansible_roles/roles/assert_version/README.md

@@ -1,6 +1,7 @@
 Assert application version.
 
 ```yaml
+# Linux
 - name: assert version
   include_role:
     name: caos.ansible_roles.assert_version
@@ -10,4 +11,14 @@ Assert application version.
         version: "1.36.1"
       - exec: "otelcol-contrib --version"
         version: "0.70.0"
-```
+
+# Windows
+
+- name: Assert version
+  include_role:
+    name: caos.ansible_roles.assert_version
+  vars:
+    target_versions:
+      - exec: '"C:\Program Files\New Relic\newrelic-infra\newrelic-infra.exe" "--version"'
+        version: "1.47.2"
+```

caos.ansible_roles/roles/assert_version/tasks/assert-version-Win32NT.yaml

@@ -0,0 +1,14 @@
+---
+
+- name: Assert expected version
+  ansible.windows.win_command: '{{ item.exec }}'
+  register: check
+  loop: "{{ target_versions }}"
+
+- name: Stdout from version grep
+  ansible.builtin.assert:
+    that: "{{ item.stdout | regex_search('([0-9\\.]+)', '\\1') | first  == item.item.version }}"
+    fail_msg: "{{ item.stdout | regex_search('([0-9\\.]+)', '\\1') | first }} does not match {{ item.item.version }}"
+  loop: "{{ check.results }}"
+
+...

caos.ansible_roles/roles/assert_version/vars/main.yaml

@@ -1,8 +1,13 @@
 ---
 
+# Linux
 #target_versions:
 #   - exec: "/usr/bin/newrelic-infra --version"
 #    version: "1.34.0"
+# Windows:
+#   - exec: "C:\Program Files\New Relic\newrelic-infra\newrelic-infra.exe" "--version"
+#     version: "1.34.0"
+#
 target_versions: []
 
 ...

caos.ansible_roles/roles/cleanup/tasks/files-Win32NT.yaml

@@ -0,0 +1,9 @@
+---
+
+- name: remove files and directories
+  ansible.windows.win_file:
+    path: "{{ item }}"
+    state: absent
+  loop: "{{ files_to_cleanup|flatten(levels=1) }}"
+
+...

caos.ansible_roles/roles/cleanup/tasks/package-Windows.yaml

@@ -0,0 +1,16 @@
+---
+
+- name: Get infra agent productID
+  ansible.windows.win_powershell:
+    script: (Get-WmiObject win32_product | where{$_.name -eq "{{ item }}"}).IdentifyingNumber
+  register: packages_info
+  loop: "{{ packages_to_cleanup }}"
+
+- name: Uninstall package
+  win_package:
+    product_id: "{{ item.output[0] }}"
+    state: absent
+  when: item.output[0] != None
+  loop: "{{ packages_info.results | flatten(levels=1) }}"
+
+...

caos.ansible_roles/roles/cleanup/tasks/service-Win32NT.yaml

@@ -0,0 +1,11 @@
+---
+
+- name: stop service
+  win_service:
+    name: "{{ item }}"
+    state: stopped
+  ignore_errors: true
+  failed_when: false
+  loop: "{{ services_to_stop | flatten(levels=1) }}"
+
+...

caos.ansible_roles/roles/docker_install/files/open-suse-15.1.repo

@@ -0,0 +1,6 @@
+[Docker]
+name=Docker
+enabled=1
+autorefresh=0
+baseurl=http://download.opensuse.org/distribution/leap/15.1/repo/oss/
+type=rpm-md

caos.ansible_roles/roles/docker_install/tasks/install-docker-SLES.yaml

@@ -9,8 +9,13 @@
     force: yes
   retries: 5
   delay: 60
+  when: ansible_distribution_version not in suse_versions_wo_docker
+
+- name: install docker in old version
+  ansible.builtin.include_tasks: "install-docker-SLES_old.yaml"
+  when: ansible_distribution_version in suse_versions_wo_docker
 
 - name: install docker-compose (manual)
   shell: "DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker} && mkdir -p $DOCKER_CONFIG/cli-plugins && mkdir -p /usr/local/lib/docker/cli-plugins/ && curl -SL https://github.com/docker/compose/releases/download/v{{ docker_compose_version }}/docker-compose-linux-{{ ansible_architecture }} -o $DOCKER_CONFIG/cli-plugins/docker-compose && sudo cp $DOCKER_CONFIG/cli-plugins/docker-compose /usr/local/lib/docker/cli-plugins/docker-compose && sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose"
 
-...
+...

caos.ansible_roles/roles/docker_install/tasks/install-docker-SLES_old.yaml

@@ -0,0 +1,33 @@
+---
+
+# Use OpenSUSE 15.1 repo to install docker
+- name: install OpenSUSE 15.1 repo for docker
+  copy:
+    src: open-suse-15.1.repo
+    dest: /etc/zypp/repos.d/open-suse-15.1.repo
+
+- name: zypper refresh Docker
+  command: zypper refresh Docker
+
+  # python-PyYAML is used by aws-cli that we don't use in canaries
+- name: remove python-PyYAML that conflicts with this version of docker
+  zypper:
+    name: "python-PyYAML"
+    state: absent
+    oldpackage: yes
+    update_cache: yes
+    force: yes
+
+- name: install docker and docker-compose
+  command: zypper install -y --from Docker docker
+
+# remove repo
+- name: install OpenSUSE 15.1 repo for docker
+  file:
+    path: /etc/zypp/repos.d/open-suse-15.1.repo
+    state: absent
+
+- name: zypper refresh
+  command: zypper refresh
+
+...

caos.ansible_roles/roles/docker_install/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: install docker
-  include: "install-docker-{{ ansible_distribution }}.yaml"
+  ansible.builtin.include_tasks: "install-docker-{{ ansible_distribution }}.yaml"
 
 - name: ensure docker service is started
   ansible.builtin.service:

caos.ansible_roles/roles/docker_install/vars/main.yml

@@ -1 +1,4 @@
-docker_compose_version: 2.12.2
+docker_compose_version: 2.12.2
+suse_versions_wo_docker:
+  - "12.3"
+  - "12.4"

caos.ansible_roles/roles/infra_agent/README.md

@@ -0,0 +1,77 @@
+Role to install the Infra Agent for Canaries and Packaging tests, similar to `nr_otel_distribution`.
+
+This role is based on the deprecated roles used for Canaries and Packaging tests in the Infra Agent repo.
+
+* It has `repo_setup` as dependency
+* It includes the next config options:
+```yaml
+# flag to control if the Infra Agent is installed or uninstalled
+uninstall: false
+# flag to control environment: on-host | container
+is_containerized: false
+
+# package repository
+repo_endpoint: "https://download.newrelic.com/infrastructure_agent"
+
+# agent config:
+nr_license_key: ""
+display_name: "{{ inventory_hostname }}"
+log_level: "{{ nria_log_level | default('info') }}"
+log_forward: "{{ nria_log_forward | default('false') }}"
+log_rotation_mb: "{{ nria_log_rotation_mb | default('0') }}"
+log_rotation_max_files: "{{ nria_log_rotation_max_files | default('0') }}"
+log_rotation_compressed: "{{ nria_log_rotation_compressed | default('false') }}"
+staging: true
+custom_attributes: {}
+enable_process_metrics: 'true'
+self_instrumentation: false
+
+# flag to forward docker logs to nr1
+forward_docker_logs: false
+```
+
+
+```yaml
+# Install latest version on host
+- name: install agent
+  include_role:
+    name: caos.ansible_roles.infra_agent
+
+# Install pinned version on host
+- name: install agent
+  include_role:
+    name: caos.ansible_roles.infra_agent
+  vars:
+    target_version: "{{ target_agent_version }}"
+
+# Uninstall
+- name: uninstall agent on host
+  include_role:
+    name: caos.ansible_roles.infra_agent
+  vars:
+    uninstall: true
+
+# Install latest version on container
+- name: install agent
+  include_role:
+    name: caos.ansible_roles.infra_agent
+  vars:
+    is_containerized: true
+
+# Install pinned version on container
+- name: install agent
+  include_role:
+    name: caos.ansible_roles.infra_agent
+  vars:
+    target_version: "{{ target_agent_version }}"
+    is_containerized: true
+
+# Uninstall on container
+- name: install agent
+  include_role:
+    name: caos.ansible_roles.infra_agent
+  vars:
+    is_containerized: true
+    uninstall: true
+
+```

caos.ansible_roles/roles/infra_agent/defaults/main.yaml

@@ -0,0 +1,16 @@
+---
+# Latest version
+target_version: ""
+# Default image for the containerized collector
+image: "newrelic/{{ distribution }}"
+# Default name for the collector container
+container_name: "{{ distribution }}"
+# Collector configuration inside the container
+container_config: "/etc/{{ distribution }}/config.yaml"
+# Collector configuration in the host to be mounted in the container
+container_host_config: "/tmp/{{ distribution }}_config.yaml"
+
+# Custom variables for configuration templates
+template_vars: {}
+
+...

caos.ansible_roles/roles/infra_agent/files/logging-docker.yml

@@ -0,0 +1,4 @@
+# Send Docker containers logs to NR
+logs:
+  - name: docker
+    systemd: docker

caos.ansible_roles/roles/infra_agent/tasks/containerized/containerized-install.yaml

@@ -0,0 +1,37 @@
+---
+
+- name: Install docker
+  include_role:
+    name: docker_install
+
+- name: default to latest version
+  set_fact:
+    target_agent_version_or_latest: "latest"
+  when: target_agent_version | length == 0
+
+- name: default to latest version
+  set_fact:
+    target_agent_version_or_latest: "{{ target_agent_version }}"
+  when: target_agent_version | length > 0
+
+- name: Create folder for docker-compose
+  file:
+    path: "/srv/newrelic-infra_{{ target_agent_version_or_latest }}/"
+    state: directory
+    mode: '0755'
+
+- name: copy compose to the machine
+  template:
+    src: docker-compose.yml.j2
+    dest: "/srv/newrelic-infra_{{ target_agent_version_or_latest }}/docker-compose_{{ target_agent_version_or_latest }}.yml"
+    mode: 0644
+
+- name: Run docker compose
+  shell: "/usr/local/lib/docker/cli-plugins/docker-compose -f /srv/newrelic-infra_{{ target_agent_version_or_latest }}/docker-compose_{{ target_agent_version_or_latest }}.yml up -d --force-recreate"
+  when: ansible_distribution in ['Amazon','Debian','SLES','Ubuntu']
+
+- name: Run docker compose
+  shell: "docker compose -f /srv/newrelic-infra_{{ target_agent_version_or_latest }}/docker-compose_{{ target_agent_version_or_latest }}.yml up -d --force-recreate"
+  when: ansible_distribution in ['CentOS','RedHat']
+
+...

caos.ansible_roles/roles/infra_agent/tasks/containerized/containerized-uninstall.yaml

@@ -0,0 +1,10 @@
+---
+- name: Run docker compose
+  shell: "/usr/local/lib/docker/cli-plugins/docker-compose -f /srv/newrelic-infra_{{ target_agent_version }}/docker-compose_{{ target_agent_version }}.yml down"
+  when: ansible_distribution in ['Amazon','Debian','SLES','Ubuntu']
+
+- name: Run docker compose
+  shell: "docker compose -f /srv/newrelic-infra_{{ target_agent_version }}/docker-compose_{{ target_agent_version }}.yml down"
+  when: ansible_distribution in ['CentOS','RedHat']
+
+...