pp1l
/
os-upgrade-automation
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
os-upgrade-automation/playbook/roles/common/tasks/main.yml

161 lines
6.1 KiB
YAML
Raw Blame History

---
- name: Prüfe OS-Typ und Version
debug:
msg: "OS: {{ ansible_facts['os_family'] }} Version: {{ ansible_facts['distribution_version'] }}"
- name: Erstelle Log-Verzeichnis
file:
path: "{{ log_dir }}"
state: directory
mode: '0755'
register: logdir_result
ignore_errors: true
- name: Breche ab, wenn Log-Verzeichnis nicht erstellt werden kann
fail:
msg: "Log-Verzeichnis konnte nicht erstellt werden: {{ logdir_result.msg | default('Unbekannter Fehler') }}"
when: logdir_result is failed
- name: Konfiguriere mailx (Absender)
lineinfile:
path: /etc/mail.rc
line: "set from=auto-upgrade@{{ inventory_hostname }}"
create: yes
state: present
become: true
register: mailx_from_result
ignore_errors: true
- name: Logge Fehler bei mailx-Konfiguration (Absender)
copy:
content: "mailx-Konfigurations-Fehler: {{ mailx_from_result.msg | default('Unbekannter Fehler') }}"
dest: "{{ log_dir }}/mailx_error_{{ inventory_hostname }}.log"
when: mailx_from_result is failed
- name: Konfiguriere mailx für externen SMTP-Server (optional)
blockinfile:
path: /etc/mail.rc
block: |
set smtp=smtp://{{ mail_smtp_host }}:{{ mail_smtp_port }}
set smtp-auth=login
set smtp-auth-user={{ mail_smtp_user }}
set smtp-auth-password={{ mail_smtp_pass }}
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb
when: mail_smtp_host is defined and mail_smtp_user is defined and mail_smtp_pass is defined
become: true
register: mailx_smtp_result
ignore_errors: true
- name: Logge Fehler bei mailx-Konfiguration (SMTP)
copy:
content: "mailx-SMTP-Konfigurations-Fehler: {{ mailx_smtp_result.msg | default('Unbekannter Fehler') }}"
dest: "{{ log_dir }}/mailx_error_{{ inventory_hostname }}.log"
when: mailx_smtp_result is failed
- name: Sende Failsafe-Mail an app_mail und host_email bei Fehler
mail:
host: "localhost"
port: 25
to: |
{{ app_mail | default('') }}{{ ',' if app_mail is defined and app_mail != '' else '' }}{{ host_email | default(mail_to) }}
subject: "[FAILSAFE] Fehler beim Patch/Upgrade auf {{ inventory_hostname }}"
body: |
Es ist ein Fehler beim Patch/Upgrade auf {{ inventory_hostname }} (FQDN: {{ ansible_fqdn }}) aufgetreten.
Siehe Log-Verzeichnis: {{ log_dir }}
Zeit: {{ ansible_date_time.iso8601 }}
when: (ansible_failed_result is defined and ansible_failed_result is not none) or (rollback is defined and rollback)
ignore_errors: true
- name: Extrahiere Log-Summary für Admin-Mail
shell: |
tail -n 20 {{ log_dir }}/rhel_upgrade_check.log 2>/dev/null; tail -n 20 {{ log_dir }}/sles_upgrade_check.log 2>/dev/null; tail -n 20 {{ log_dir }}/rhel_upgrade_error_{{ inventory_hostname }}.log 2>/dev/null; tail -n 20 {{ log_dir }}/sles_upgrade_error_{{ inventory_hostname }}.log 2>/dev/null
register: log_summary
changed_when: false
ignore_errors: true
- name: Setze dynamische Liste der Log-Attachments
set_fact:
log_attachments: >-
{{
[
log_dir + '/rhel_upgrade_check.log',
log_dir + '/sles_upgrade_check.log',
log_dir + '/rhel_upgrade_error_' + inventory_hostname + '.log',
log_dir + '/sles_upgrade_error_' + inventory_hostname + '.log',
log_dir + '/snapshot_error_' + inventory_hostname + '.log',
log_dir + '/suma_api_error_' + inventory_hostname + '.log',
log_dir + '/mailx_error_' + inventory_hostname + '.log',
log_dir + '/package_report_' + inventory_hostname + '.log'
] | select('fileexists') | list
}}
- name: Sende Log an Linux-Admins (immer, mit Anhang und Summary)
mail:
host: "localhost"
port: 25
to: "{{ linux_admins_mail }}"
subject: "[LOG] Patch/Upgrade-Log für {{ inventory_hostname }} am {{ ansible_date_time.iso8601 }}"
body: |
Patch/Upgrade-Log für {{ inventory_hostname }} (FQDN: {{ ansible_fqdn }})
Zeit: {{ ansible_date_time.iso8601 }}
---
Log-Summary:
{{ log_summary.stdout | default('Keine Logdaten gefunden.') }}
---
Siehe Anhang für Details.
attach: "{{ log_attachments }}"
ignore_errors: true
- name: Slack-Benachrichtigung bei kritischen Fehlern (optional)
slack:
token: "{{ slack_token | default('xoxb-...') }}"
msg: "[CRITICAL] Fehler beim Patch/Upgrade auf {{ inventory_hostname }}: {{ ansible_failed_result.msg | default('Unbekannter Fehler') }}"
channel: "#linux-admins"
when: slack_enabled | default(false) and (ansible_failed_result is defined and ansible_failed_result is not none)
ignore_errors: true
- name: Dokumentiere Änderung im CHANGELOG
lineinfile:
path: "{{ playbook_dir }}/../CHANGELOG.md"
line: "{{ ansible_date_time.iso8601 }}: Patch/Upgrade auf {{ inventory_hostname }} (FQDN: {{ ansible_fqdn }}) durchgeführt. Ergebnis: {{ 'OK' if (ansible_failed_result is not defined or ansible_failed_result is none) else 'FEHLER' }}"
create: yes
delegate_to: localhost
ignore_errors: true
- name: Erfasse installierte Paketversionen (RHEL)
shell: rpm -qa --qf '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n'
register: rpm_list
when: ansible_facts['os_family'] == 'RedHat'
changed_when: false
ignore_errors: true
- name: Erfasse installierte Paketversionen (SLES)
shell: rpm -qa --qf '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n'
register: rpm_list
when: ansible_facts['os_family'] == 'Suse'
changed_when: false
ignore_errors: true
- name: Schreibe Paket-Report ins Log
copy:
content: "{{ rpm_list.stdout | default('Keine Paketdaten gefunden.') }}"
dest: "{{ log_dir }}/package_report_{{ inventory_hostname }}.log"
when: rpm_list is defined
ignore_errors: true
- name: Sende Paket-Report an Linux-Admins
mail:
host: "localhost"
port: 25
to: "{{ linux_admins_mail }}"
subject: "[REPORT] Paketversionen nach Patch für {{ inventory_hostname }} am {{ ansible_date_time.iso8601 }}"
body: |
Paket-Report für {{ inventory_hostname }} (FQDN: {{ ansible_fqdn }})
Zeit: {{ ansible_date_time.iso8601 }}
Siehe Anhang für Details.
attach:
- "{{ log_dir }}/package_report_{{ inventory_hostname }}.log"
when: rpm_list is defined
ignore_errors: true
Reference in New Issue View Git Blame Copy Permalink