diff --git a/provision-contest/ansible/group_vars/onprem/secret.yml.example b/provision-contest/ansible/group_vars/onprem/secret.yml.example index c73b8be0..bdd179a5 100644 --- a/provision-contest/ansible/group_vars/onprem/secret.yml.example +++ b/provision-contest/ansible/group_vars/onprem/secret.yml.example @@ -72,3 +72,4 @@ PRESCLIENT_CONTEST: nwerc18 # GlitchTip # GLITCHTIP_SECRET: {some-strong-glitchtip-password} +# GLITCHTIP_PASSWORD: {some-strong-glitchtip-password} diff --git a/provision-contest/ansible/roles/glitchtip/defaults/main.yml b/provision-contest/ansible/roles/glitchtip/defaults/main.yml index b09e4f05..52c2ae7c 100644 --- a/provision-contest/ansible/roles/glitchtip/defaults/main.yml +++ b/provision-contest/ansible/roles/glitchtip/defaults/main.yml @@ -1 +1,2 @@ GLITCHTIP_PORT: 8000 +GLITCHTIP_TOKEN: diff --git a/provision-contest/ansible/roles/glitchtip/tasks/create-monitor.yml b/provision-contest/ansible/roles/glitchtip/tasks/create-monitor.yml new file mode 100644 index 00000000..b1d42a82 --- /dev/null +++ b/provision-contest/ansible/roles/glitchtip/tasks/create-monitor.yml @@ -0,0 +1,28 @@ +--- +- name: Fetch the project id + ansible.builtin.uri: + method: GET + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/teams/domjudge/DOMjudge/projects/" + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + register: glitchtip_proj +- set_fact: + TEMP_QUERY0: "[?name=='{{ item }}'].id" +- ansible.builtin.uri: + method: POST + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/organizations/domjudge/monitors/" + status_code: 201 + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + body: + expectedBody: "" + expectedStatus: 200 + timeout: 5 + interval: 2 + monitorType: "GET" + url: "https://{{ hostvars[item].ansible_host }}/public" + name: "{{ item }}" + project_id: "{{ glitchtip_proj.json | community.general.json_query(TEMP_QUERY0) | first }}" + body_format: json diff --git a/provision-contest/ansible/roles/glitchtip/tasks/main.yml b/provision-contest/ansible/roles/glitchtip/tasks/main.yml index ddc85269..dbdd8885 100644 --- a/provision-contest/ansible/roles/glitchtip/tasks/main.yml +++ b/provision-contest/ansible/roles/glitchtip/tasks/main.yml @@ -15,3 +15,151 @@ project_src: /opt/glitchtip files: - docker-compose.yaml + +- name: Assume we don't have an account if we didn't specify the token + when: not GLITCHTIP_TOKEN + block: + - name: Wait for stable GlitchTip migrations + ansible.builtin.wait_for: + timeout: 10 + - name: Fetch CSRF from login page + ansible.builtin.uri: + method: GET + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/docs" + register: glitchtip_csrf + + - name: Register DOMjudge account + ansible.builtin.uri: + method: POST + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/_allauth/browser/v1/auth/signup" + status_code: 200 + headers: + Cookie: "{{ glitchtip_csrf.cookies_string }}" + X-CSRFTOKEN: "{{ glitchtip_csrf.cookies_string | regex_search('csrftoken=([a-zA-Z0-9]+)', '\\1') | first }}" + body: + email: "team@domjudge.org" + password: "{{ GLITCHTIP_PASSWORD }}" + body_format: json + register: glitchtip_register + + - name: Create API token + ansible.builtin.uri: + method: POST + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/api-tokens/" + status_code: 201 + headers: + Cookie: "{{ glitchtip_register.cookies_string }}" + X-CSRFTOKEN: "{{ glitchtip_register.cookies_string | regex_search('csrftoken=([a-zA-Z0-9]+)', '\\1') | first }}" + body: + label: "ansible" + scopes: [ + "project:read", + "project:write", + "project:admin", + "project:releases", + "team:read", + "team:write", + "team:admin", + "event:read", + "event:write", + "event:admin", + "org:read", + "org:write", + "org:admin", + "member:read", + "member:write", + "member:admin" + ] + body_format: json + register: glitchtip_token + + - name: Set API token + ansible.builtin.set_fact: + GLITCHTIP_TOKEN: "{{ glitchtip_token.json.token }}" + +- name: Check for existing organizations + ansible.builtin.uri: + method: GET + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/organizations/" + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + register: glitchtip_org + +- name: Create DOMjudge organization + when: glitchtip_org.json | community.general.json_query("[?name=='DOMjudge']") == [] + ansible.builtin.uri: + method: POST + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/organizations/" + status_code: 201 + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + body: + name: "DOMjudge" + body_format: json + register: glitchtip_org + +- name: Check for existing teams + ansible.builtin.uri: + method: GET + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/organizations/domjudge/teams/" + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + register: glitchtip_team + +- name: Create DOMjudge team + when: glitchtip_team.json | community.general.json_query("[?slug=='DOMjudge']") == [] + ansible.builtin.uri: + method: POST + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/organizations/domjudge/teams/" + status_code: 201 + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + body: + slug: "DOMjudge" + body_format: json + register: glitchtip_team + +- name: Check for existing projects + ansible.builtin.uri: + method: GET + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/teams/domjudge/DOMjudge/projects/" + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + register: glitchtip_proj + +- name: Create DOMjudge projects + when: glitchtip_proj.json | community.general.json_query("[?name=='{{ item }}']") == [] + ansible.builtin.uri: + method: POST + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/teams/domjudge/DOMjudge/projects/" + status_code: 201 + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + body: + name: "{{ item }}" + platform: "php-symfony" + body_format: json + loop: "{{ ['setup-phase'] + groups['domserver'] }}" + +- name: Check for existing monitors + ansible.builtin.uri: + method: GET + return_content: yes + url: "http://localhost:{{ GLITCHTIP_PORT }}/api/0/organizations/domjudge/monitors/" + headers: + Authorization: "Bearer {{ GLITCHTIP_TOKEN }}" + register: glitchtip_mon + +- name: Create DOMjudge monitors + when: glitchtip_mon.json | community.general.json_query("[?name=='{{ item }}']") == [] + loop: "{{ groups['domserver'] }}" + include_tasks: create-monitor.yml diff --git a/provision-contest/ansible/roles/glitchtip/templates/docker-compose.yaml.j2 b/provision-contest/ansible/roles/glitchtip/templates/docker-compose.yaml.j2 index d53dca42..64e0898b 100644 --- a/provision-contest/ansible/roles/glitchtip/templates/docker-compose.yaml.j2 +++ b/provision-contest/ansible/roles/glitchtip/templates/docker-compose.yaml.j2 @@ -4,7 +4,7 @@ x-environment: &default-environment DATABASE_URL: postgres://postgres:postgres@postgres:5432/postgres SECRET_KEY: {{ GLITCHTIP_SECRET }} - PORT: {{ GLITCHTIP_PORT}} + PORT: {{ GLITCHTIP_PORT }} EMAIL_URL: consolemail:// GLITCHTIP_DOMAIN: http://glitchtip:{{ GLITCHTIP_PORT }} DEFAULT_FROM_EMAIL: email@glitchtip