Add validate app task (#590)

Dynatrace · Feb 26, 2024 · 48e02e5 · 48e02e5
1 parent 8e09198
commit 48e02e5
Show file tree

Hide file tree

Showing 3 changed files with 108 additions and 31 deletions.
diff --git a/user-skel/ansible_collections/ace_box/ace_box/roles/dt-platform/README.md b/user-skel/ansible_collections/ace_box/ace_box/roles/dt-platform/README.md
@@ -15,11 +15,11 @@ Requires vars:
 |dt_oauth_client_id|Dynatrace OAuth client id. Make sure scope `app-engine:apps:install app-engine:apps:run hub:catalog:read` is assigned to your OAuth client|
 |dt_oauth_client_secret|Dynatrace OAuth client secret|
 |dt_oauth_account_urn|Dynatrace OAuth account URN|
-|dt_app_id|App id, e.g. `dynatrace.site.reliability.guardian`|
+|dt_app_id|Dynatrace app id, e.g. `dynatrace.site.reliability.guardian`|
 
 ## install-app-artifact
 
-Installs an App from the provided artifact (zip file).
+Installs an App from the provided artifact (zip file) or skips installation if the specified app is already installed.
 
 Requires vars:
 
@@ -31,6 +31,26 @@ Requires vars:
 |dt_oauth_client_secret|Dynatrace OAuth client secret|
 |dt_oauth_account_urn|Dynatrace OAuth account URN|
 |dt_app_artifact_path|Path to App artifact (zip)|
+|dt_app_id|Dynatrace app id, e.g. `my.dynatrace.jenkins.tobias.gremmer`|
 
 Sets facts:
 - dt_app_id
+
+## validate-app-version
+
+Sets `dt_app_version` if a specific Dynatarce app is installed. `dt_app_version` is undefined if app isn't found. This task can be used to validate installation status of a required app and e.g. fail deployment early.
+
+Requires vars:
+
+|Variable name|Description|
+|---|---|
+|dt_environment_url_gen3|Dynatrace Gen3 environment url, e.g. `https://<YOUR ENVIRONMENT ID>.sprint.apps.dynatracelabs.com`|
+|dt_oauth_sso_endpoint|Dynatrace OAuth endpoint, e.g. `https://sso-sprint.dynatracelabs.com/sso/oauth2/token`|
+|dt_oauth_client_id|Dynatrace OAuth client id. Make sure scope `app-engine:apps:install` is assigned to your OAuth client|
+|dt_oauth_client_secret|Dynatrace OAuth client secret|
+|dt_oauth_account_urn|Dynatrace OAuth account URN|
+|dt_app_artifact_path|Path to App artifact (zip)|
+|dt_app_id|Dynatrace app id, e.g. `my.dynatrace.jenkins.tobias.gremmer`|
+
+Sets facts:
+- dt_app_version
diff --git a/...skel/ansible_collections/ace_box/ace_box/roles/dt-platform/tasks/install-app-artifact.yml b/...skel/ansible_collections/ace_box/ace_box/roles/dt-platform/tasks/install-app-artifact.yml
@@ -1,33 +1,51 @@
 ---
 - block:
-  - name: Request a DT OAuth access token
-    ansible.builtin.uri:
-      url: "{{ dt_oauth_sso_endpoint }}"
-      method: POST
-      status_code: 200
-      headers:
-        Content-Type: "application/x-www-form-urlencoded"
-      body_format: form-urlencoded
-      body:
-        grant_type: "client_credentials"
-        client_id: "{{ dt_oauth_client_id }}"
-        client_secret: "{{ dt_oauth_client_secret }}"
-        scope: "app-engine:apps:install"
-        resource: "{{ dt_oauth_account_urn }}"
-    register: auth_response_raw
-  - set_fact:
-      dt_oauth_access_token: "{{ auth_response_raw.json.access_token }}"
+    - name: Request a DT OAuth access token
+      ansible.builtin.uri:
+        url: "{{ dt_oauth_sso_endpoint }}"
+        method: POST
+        status_code: 200
+        headers:
+          Content-Type: "application/x-www-form-urlencoded"
+        body_format: form-urlencoded
+        body:
+          grant_type: "client_credentials"
+          client_id: "{{ dt_oauth_client_id }}"
+          client_secret: "{{ dt_oauth_client_secret }}"
+          scope: "app-engine:apps:install"
+          resource: "{{ dt_oauth_account_urn }}"
+      register: auth_response_raw
+    - set_fact:
+        dt_oauth_access_token: "{{ auth_response_raw.json.access_token }}"
 
-- name: "Install or update app {{ dt_app_artifact_path | basename }}"
-  ansible.builtin.uri:
-    url: "{{ dt_environment_url_gen3.rstrip('/') }}/platform/app-engine/registry/v1/apps"
-    method: POST
-    status_code: 202
-    headers:
-      Content-Type: "application/zip"
-      Authorization: "Bearer {{ dt_oauth_access_token }}"
-    src: "{{ dt_app_artifact_path }}"
-  register: post_apps_response_raw
+- include_role:
+    name: dt-platform
+    tasks_from: validate-app-version
+  vars:
+    dt_environment_url_gen3: "{{ extra_vars.dt_environment_url_gen3 }}"
+    dt_oauth_sso_endpoint: "{{ extra_vars.dt_oauth_sso_endpoint }}"
+    dt_oauth_client_id: "{{ extra_vars.dt_oauth_client_id }}"
+    dt_oauth_client_secret: "{{ extra_vars.dt_oauth_client_secret }}"
+    dt_oauth_account_urn: "{{ extra_vars.dt_oauth_account_urn }}"
 
-- set_fact:
-    dt_app_id: "{{ post_apps_response_raw.json.id }}"
+- block:
+    - debug:
+        msg: "{{ dt_app_version }} of {{ dt_app_id }} is installed in target environment already. Skipping installation."
+    - set_fact:
+        dt_app_id: "{{ dt_app_id }}"
+  when: dt_app_version is defined and dt_app_version is not none
+
+- block:
+    - name: "Install app {{ dt_app_id }}"
+      ansible.builtin.uri:
+        url: "{{ dt_environment_url_gen3.rstrip('/') }}/platform/app-engine/registry/v1/apps"
+        method: POST
+        status_code: 202
+        headers:
+          Content-Type: "application/zip"
+          Authorization: "Bearer {{ dt_oauth_access_token }}"
+        src: "{{ dt_app_artifact_path }}"
+      register: post_apps_response_raw
+    - set_fact:
+        dt_app_id: "{{ post_apps_response_raw.json.id }}"
+  when: dt_app_version is not defined or dt_app_version is none
diff --git a/...skel/ansible_collections/ace_box/ace_box/roles/dt-platform/tasks/validate-app-version.yml b/...skel/ansible_collections/ace_box/ace_box/roles/dt-platform/tasks/validate-app-version.yml
@@ -0,0 +1,39 @@
+---
+- block:
+    - name: Request a DT OAuth access token
+      ansible.builtin.uri:
+        url: "{{ dt_oauth_sso_endpoint }}"
+        method: POST
+        status_code: 200
+        headers:
+          Content-Type: "application/x-www-form-urlencoded"
+        body_format: form-urlencoded
+        body:
+          grant_type: "client_credentials"
+          client_id: "{{ dt_oauth_client_id }}"
+          client_secret: "{{ dt_oauth_client_secret }}"
+          scope: "hub:catalog:read app-engine:apps:run"
+          resource: "{{ dt_oauth_account_urn }}"
+      register: auth_response_raw
+    - set_fact:
+        dt_oauth_access_token: "{{ auth_response_raw.json.access_token }}"
+
+- name: "Get app {{ dt_app_id }}"
+  ansible.builtin.uri:
+    url: "{{ dt_environment_url_gen3.rstrip('/') }}/platform/app-engine/registry/v1/apps/{{ dt_app_id }}"
+    method: GET
+    status_code: [200, 404]
+    headers:
+      Content-Type: "application/json"
+      Authorization: "Bearer {{ dt_oauth_access_token }}"
+  register: get_app_response_raw
+# - set_fact:
+#     dt_app_version: null
+#   when: get_app_response_raw.status == 404
+
+# - set_fact:
+#     dt_app_version: "{{ get_app_response_raw.json.version }}"
+#   when: get_app_response_raw.status == 200
+
+- set_fact:
+    dt_app_version: "{{ get_app_response_raw.json.version | default(omit) }}"