From b1fdb8c7d9fb64393220f4f96fa91656dbc23734 Mon Sep 17 00:00:00 2001 From: xtruthx Date: Mon, 24 Apr 2023 14:19:58 +0200 Subject: [PATCH 01/10] make usage of bundled openjdk possible by choice --- templates/graylog.server.default.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/templates/graylog.server.default.j2 b/templates/graylog.server.default.j2 index bda3fdf..4cdb915 100644 --- a/templates/graylog.server.default.j2 +++ b/templates/graylog.server.default.j2 @@ -1,4 +1,6 @@ +{% if graylog_server_java is defined and graylog_server_java|length %} JAVA="{{ graylog_server_java }}" +{% endif %} GRAYLOG_SERVER_JAVA_OPTS="{{ graylog_server_java_opts }}" GRAYLOG_SERVER_ARGS="{{ graylog_server_args }}" GRAYLOG_COMMAND_WRAPPER="{{ graylog_server_wrapper }}" From 32c90757cce12aef69cd8440cf0d0750fadc4e8c Mon Sep 17 00:00:00 2001 From: xtruthx Date: Mon, 24 Apr 2023 14:32:33 +0200 Subject: [PATCH 02/10] add installation methods for new graylog packaging up to version 5.x with open and enterprise package --- defaults/main.yml | 12 ++++++++++-- tasks/setup-Debian.yml | 15 +++++++++++++++ tasks/setup-RedHat.yml | 17 ++++++++++++++++- 3 files changed, 41 insertions(+), 3 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 3e033f9..c8814e0 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -187,7 +187,7 @@ graylog_web_thread_pool_size: 16 # JVM graylog_gc_warning_threshold: "1s" graylog_server_heap_size: "1500m" -graylog_server_java: "/usr/bin/java" +graylog_server_java: "/usr/bin/java" # For usage of the bundled openjdk version within graylog leave varviable blank graylog_server_java_opts_extra: "" graylog_server_java_opts: "-Djava.net.preferIPv4Stack=true -Xms{{ graylog_server_heap_size }} -Xmx{{ graylog_server_heap_size }} -XX:NewRatio=1 -server -XX:+ResizeTLAB -XX:-OmitStackTraceInFastThrow {{graylog_server_java_opts_extra}}" graylog_server_args: "" @@ -202,11 +202,19 @@ graylog_install_java: True # Disable steps which break tests graylog_not_testing: True -# Plugins +# Plugins for Graylog Versions <5.0 graylog_install_enterprise_plugins: False graylog_install_integrations_plugins: False graylog_install_enterprise_integrations_plugins: False +# package version for Graylog Version >=5.0 +graylog_install_enterprise_package: False +graylog_install_open_package: True + +# Graylog Version to install +graylog_version: 5.0 +graylog_full_version: "" + graylog_additional_config: {} required_vars: diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 3ecebf5..5981204 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -28,6 +28,21 @@ apt: name: "graylog-server{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" + when: (graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '<')) + notify: "restart graylog-server" + +- name: "Graylog Open server package should be installed" + apt: + name: "graylog-server{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" + state: "{{ graylog_package_state }}" + when: (graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>=')) + notify: "restart graylog-server" + +- name: "Graylog Enterprise server package should be installed" + apt: + name: "graylog-enterprise{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" + state: "{{ graylog_package_state }}" + when: (graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" - name: "setup-Debian.yml | Set elasticsearch priority to {{ graylog_es_debian_pin_version }} apt_preferences" diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 8d44a23..b2dd4c6 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -12,7 +12,22 @@ yum: name: "graylog-server{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - notify: restart graylog-server + when: (graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '<')) + notify: "restart graylog-server" + +- name: "Graylog Open server package should be installed" + yum: + name: "graylog-server{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" + state: "{{ graylog_package_state }}" + when: (graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>=')) + notify: "restart graylog-server" + +- name: "Graylog Enterprise server package should be installed" + yum: + name: "graylog-enterprise{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" + state: "{{ graylog_package_state }}" + when: (graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>=')) + notify: "restart graylog-server" - name: "Installing graylog-enterprise-plugins" yum: From dde428295225e4cfd2587b11284a712fd9856ef3 Mon Sep 17 00:00:00 2001 From: etgraylog Date: Wed, 8 Jan 2025 11:35:00 -0500 Subject: [PATCH 03/10] Refine conditionals to check both vars relevant to package type. --- tasks/setup-Debian.yml | 4 ++-- tasks/setup-RedHat.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 5981204..d9ea1e9 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -35,14 +35,14 @@ apt: name: "graylog-server{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: (graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>=')) + when: (graylog_install_open_package | bool == true and graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" - name: "Graylog Enterprise server package should be installed" apt: name: "graylog-enterprise{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: (graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>=')) + when: (graylog_install_open_package | bool == false and graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" - name: "setup-Debian.yml | Set elasticsearch priority to {{ graylog_es_debian_pin_version }} apt_preferences" diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index b2dd4c6..b5f5a39 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -19,14 +19,14 @@ yum: name: "graylog-server{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: (graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>=')) + when: (graylog_install_open_package | bool == true and graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" - name: "Graylog Enterprise server package should be installed" yum: name: "graylog-enterprise{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: (graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>=')) + when: (graylog_install_open_package | bool == false and graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" - name: "Installing graylog-enterprise-plugins" From 1d15fc6f29015980a6c648232aad2720c6f0ff64 Mon Sep 17 00:00:00 2001 From: etgraylog Date: Wed, 8 Jan 2025 11:35:59 -0500 Subject: [PATCH 04/10] Refine conditionals insure plug-ins only installed when ver < 5.0. --- tasks/setup-Debian.yml | 6 +++--- tasks/setup-RedHat.yml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index d9ea1e9..72387fd 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -56,19 +56,19 @@ apt: name: "graylog-enterprise-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: graylog_install_enterprise_plugins + when: (graylog_install_enterprise_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server - name: "Installing graylog-integrations-plugins" apt: name: "graylog-integrations-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: graylog_install_integrations_plugins + when: (graylog_install_integrations_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server - name: "Installing graylog-enterprise-integrations-plugins" apt: name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: graylog_install_enterprise_integrations_plugins + when: (graylog_install_enterprise_integrations_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index b5f5a39..51b0281 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -33,19 +33,19 @@ yum: name: "graylog-enterprise-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: graylog_install_enterprise_plugins + when: (graylog_install_enterprise_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server - name: "Installing graylog-integrations-plugins" yum: name: "graylog-integrations-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: graylog_install_integrations_plugins + when: (graylog_install_integrations_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server - name: "Installing graylog-enterprise-integrations-plugins" yum: name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: graylog_install_enterprise_integrations_plugins + when: (graylog_install_enterprise_integrations_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server From bf77d53bee243c5c1498159d41fdf2ca20d2fddc Mon Sep 17 00:00:00 2001 From: etgraylog Date: Wed, 8 Jan 2025 13:21:28 -0500 Subject: [PATCH 05/10] Define PyYAML==5.3.1 to avoid compat issue with 5.4.1 and cython_sources --- requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.txt b/requirements.txt index 8a1110d..ccddf0c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,6 +7,7 @@ molecule-docker==1.0.2 molecule-vagrant==0.6 python-vagrant==0.5.15 pytest-testinfra==6.1.0 +PyYAML==5.3.1 selenium==3.141.0 yamllint==1.25.0 webdriver-manager From 76239265168b97b5065a88b40428cd1ff5eea757 Mon Sep 17 00:00:00 2001 From: etgraylog Date: Thu, 9 Jan 2025 13:52:46 -0500 Subject: [PATCH 06/10] Remove unnecessary conditional when graylog_version is < 5.0, graylog_install_enterprise_package does not apply in that case. --- tasks/setup-Debian.yml | 2 +- tasks/setup-RedHat.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 72387fd..130e772 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -28,7 +28,7 @@ apt: name: "graylog-server{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: (graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '<')) + when: graylog_version is version('5.0', '<') notify: "restart graylog-server" - name: "Graylog Open server package should be installed" diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 51b0281..2dedad4 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -12,7 +12,7 @@ yum: name: "graylog-server{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" - when: (graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '<')) + when: graylog_version is version('5.0', '<') notify: "restart graylog-server" - name: "Graylog Open server package should be installed" From c787398f0fa0a5dfcfc48ca3b5814c529ec93376 Mon Sep 17 00:00:00 2001 From: etgraylog Date: Thu, 9 Jan 2025 13:54:19 -0500 Subject: [PATCH 07/10] Enhance conditionals to avoid failure from graylog_full_version being defined without a value. --- tasks/setup-Debian.yml | 12 ++++++------ tasks/setup-RedHat.yml | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 130e772..e110e81 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -26,21 +26,21 @@ - name: "Graylog server package should be installed" apt: - name: "graylog-server{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" + name: "graylog-server{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: graylog_version is version('5.0', '<') notify: "restart graylog-server" - name: "Graylog Open server package should be installed" apt: - name: "graylog-server{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" + name: "graylog-server{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_open_package | bool == true and graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" - name: "Graylog Enterprise server package should be installed" apt: - name: "graylog-enterprise{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" + name: "graylog-enterprise{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_open_package | bool == false and graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" @@ -54,21 +54,21 @@ - name: "Installing graylog-enterprise-plugins" apt: - name: "graylog-enterprise-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" + name: "graylog-enterprise-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_enterprise_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server - name: "Installing graylog-integrations-plugins" apt: - name: "graylog-integrations-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" + name: "graylog-integrations-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_integrations_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server - name: "Installing graylog-enterprise-integrations-plugins" apt: - name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}" + name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_enterprise_integrations_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 2dedad4..75fe48d 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -10,42 +10,42 @@ - name: "Graylog server should be installed" yum: - name: "graylog-server{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" + name: "graylog-server{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: graylog_version is version('5.0', '<') notify: "restart graylog-server" - name: "Graylog Open server package should be installed" yum: - name: "graylog-server{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" + name: "graylog-server{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_open_package | bool == true and graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" - name: "Graylog Enterprise server package should be installed" yum: - name: "graylog-enterprise{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" + name: "graylog-enterprise{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_open_package | bool == false and graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>=')) notify: "restart graylog-server" - name: "Installing graylog-enterprise-plugins" yum: - name: "graylog-enterprise-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" + name: "graylog-enterprise-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_enterprise_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server - name: "Installing graylog-integrations-plugins" yum: - name: "graylog-integrations-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" + name: "graylog-integrations-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_integrations_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server - name: "Installing graylog-enterprise-integrations-plugins" yum: - name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}" + name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}" state: "{{ graylog_package_state }}" when: (graylog_install_enterprise_integrations_plugins | bool == true and graylog_version is version('5.0', '<')) notify: restart graylog-server From 4bbd0aaf576584d0ff1e46a681d14a6d9edd1362 Mon Sep 17 00:00:00 2001 From: etgraylog Date: Thu, 9 Jan 2025 14:04:07 -0500 Subject: [PATCH 08/10] Project currently requires Python 3.9.17 --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 85dfe10..aa5a24a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -17,10 +17,10 @@ jobs: with: path: 'graylog2.graylog-ansible-role' - - name: Set up Python 3. + - name: Set up Python 3.9.17 uses: actions/setup-python@v2 with: - python-version: '3.x' + python-version: '3.9.17' - name: Install test dependencies. run: pip3 install yamllint @@ -49,7 +49,7 @@ jobs: - name: Set up Python 3. uses: actions/setup-python@v2 with: - python-version: '3.x' + python-version: '3.9.17' - name: Install test dependencies. run: pip3 install -r requirements.txt From 0b902a0cd8d5b138d1bd0a40d626a4aa570da48f Mon Sep 17 00:00:00 2001 From: etgraylog Date: Thu, 9 Jan 2025 14:07:27 -0500 Subject: [PATCH 09/10] Fix invalid value for python-version --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index aa5a24a..65a2cc6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -17,10 +17,10 @@ jobs: with: path: 'graylog2.graylog-ansible-role' - - name: Set up Python 3.9.17 + - name: Set up Python 3.9 uses: actions/setup-python@v2 with: - python-version: '3.9.17' + python-version: '3.9' - name: Install test dependencies. run: pip3 install yamllint @@ -49,7 +49,7 @@ jobs: - name: Set up Python 3. uses: actions/setup-python@v2 with: - python-version: '3.9.17' + python-version: '3.9' - name: Install test dependencies. run: pip3 install -r requirements.txt From 272d8ec17d5e642c5e8d5d0c8cdb37076d407fae Mon Sep 17 00:00:00 2001 From: etgraylog Date: Thu, 9 Jan 2025 14:38:36 -0500 Subject: [PATCH 10/10] 1st attempt to packaging issue with ansible==4.2.0 --- .github/workflows/ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 65a2cc6..ee8e3d6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,6 +54,9 @@ jobs: - name: Install test dependencies. run: pip3 install -r requirements.txt + - name: Install ansible 4.2.0 to work-around packaging issue (issue-2904) + run: pip3 install --force 'ansible==4.2.0' + - name: Run Molecule tests. run: molecule test --scenario-name=ci env: