Make agent registration via the rest API idempotent
Check whether an error was returned by the HTTP POST to the `agents/` endpoint before invoking `/var/ossec/bin/manage_agents` in order to register a new agent. It seems like that if an agent has already been registered under the given name, the HTTP POST will return an error that'll cause the next task, which is meant to retrieve the agent information, to be skipped. That'll cause the agent registration task to fail in return. Instead, this change will cause the aforementioned task to be skipped, too. So, if an agent has already been successfully registered and the playbook is re-run, it'll run all the way to the end. If anything goes wrong (during the registration process) and the agent fails to start, the `restart wazuh-agent` handler will still fail.
This commit is contained in:
Christos Pollalis
parent
719e0fb8ce
commit
f6e020631e
@ -124,7 +124,6 @@
|
||||
password: "{{ api_pass }}"
|
||||
register: newagent_api
|
||||
notify: restart wazuh-agent
|
||||
# changed_when: newagent_api.json.error == 0
|
||||
vars:
|
||||
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"
|
||||
when:
|
||||
@ -133,7 +132,7 @@
|
||||
become: false
|
||||
ignore_errors: true
|
||||
|
||||
- name: Linux | Retieve new agent data via rest-API
|
||||
- name: Linux | Retrieve new agent data via rest-API
|
||||
uri:
|
||||
url: >-
|
||||
"{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address
|
||||
@ -164,7 +163,7 @@
|
||||
when:
|
||||
- not check_keys.stat.exists or check_keys.stat.size == 0
|
||||
- wazuh_agent_authd.registration_address is not none
|
||||
- newagent_api.changed
|
||||
- newagent_api.json.error == 0
|
||||
notify: restart wazuh-agent
|
||||
|
||||
when:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user