vars.icingaweb2_modules.x509 not resolving variables when called #263
Description
I apologize in advance for any confusion or incorrect verbiage as I'm very new to Ansible and Icinga, but I encountered an issue when trying to setup x509 using the icingaweb2 module where any values provided as a variable was being passed to the DB setup steps as a literal string of the Jinja2 template instead of the value the given variable is assigned to. For context, this is the relevant snippet of my variable declarations from my main playbook;
x509:
source: package
enabled: true
database:
import_schema: true
host: localhost
name: x509
user: x509
password: "{{ icingaweb_x509_password }}"
The following is the error message when running said playbook.
TASK [icinga.icinga.icingaweb2 : MySQL import db schema] **********************
fatal: [default]: FAILED! => {"changed": true, "cmd": "mysql -P \"3306\" -u \"x509\" -p\"{{ icingaweb_x509_password }}\" \"x509\" < /usr/share/icingaweb2/modules/x509/schema/mysql.schema.sql\n", "delta": "0:00:00.041462", "end": "2024-01-31 18:23:22.321880", "msg": "non-zero return code", "rc": 1, "start": "2024-01-31 18:23:22.280418", "stderr": "ERROR 1045 (28000): Access denied for user 'x509'@'localhost' (using password: YES)", "stderr_lines": ["ERROR 1045 (28000): Access denied for user 'x509'@'localhost' (using password: YES)"], "stdout": "", "stdout_lines": []}
I was able to resolve this issue by changing line 34 of roles/icingaweb2/tasks/modules/x509.yml from
password: "{{ vars['icingaweb2_modules'][_module]['database']['password'] | default(omit) }}"
to
password: "{{ icingaweb2_modules[_module]['database']['password'] | default(omit) }}"
Here is the output after fixing how the variable is pulled. (I know the password sucks, it's temporary while I figure things out)
TASK [icinga.icinga.icingaweb2 : MySQL import db schema] **********************
changed: [default] => {"changed": true, "cmd": "mysql -P \"3306\" -u \"x509\" -p\"x509Password\" \"x509\" < /usr/share/icingaweb2/modules/x509/schema/mysql.schema.sql\n", "delta": "0:00:00.389707", "end": "2024-01-31 20:38:51.287429", "rc": 0, "start": "2024-01-31 20:38:50.897722", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
For the sake of sanity, I checked if this issue happened with other variables passed into the x509 database setup and confirmed name and user both have the same issue, here is the output to show that.
TASK [icinga.icinga.icingaweb2 : MySQL import db schema] **********************
fatal: [default]: FAILED! => {"changed": true, "cmd": "mysql -P \"3306\" -u \"{{ x509}} \" -p\"{{ icingaweb_x509_password }}\" \"{{ x509 }}\" < /usr/share/icingaweb2/modules/x509/schema/mysql.schema.sql\n", "delta": "0:00:00.032673", "end": "2024-01-31 20:08:46.991885", "msg": "non-zero return code", "rc": 1, "start": "2024-01-31 20:08:46.959212", "stderr": "ERROR 1044 (42000): Access denied for user 'x509'@'%' to database '{{ x509 }}'", "stderr_lines": ["ERROR 1044 (42000): Access denied for user 'x509'@'%' to database '{{ x509 }}'"], "stdout": "", "stdout_lines": []}
I'm confident in saying this needs fixed for lines 31 through 41 of the aforementioned file, and I'd hazard a guess it also needs changed at other points that reference vars[key] instead of key for the dictionary being used. Line 24 is an example I assume needs changed, as are lines 49 and 70
The following is my ansible version and icinga.icinga collection version for the sake of sharing that information.
$ ansible --version
ansible 2.10.8
$ ansible-galaxy collection list icinga.icinga
Collection Version
------------- -------
icinga.icinga 0.3.3
I'd submit these changes myself, but I've never contributed to an opensource project before and haven't the slightest clue how that should be done, so if someone could either instruct me on how to submit these changes myself or submit the changes themselves, I'd be greatly appreciative!