This repository was archived by the owner on Aug 27, 2024. It is now read-only.
This repository was archived by the owner on Aug 27, 2024. It is now read-only.
Set tenant token automatically based on PaaS token for oneagent_communication_hash #37
Description
--set-tenant-token can be ignored if the PaaS token is provided or the PaaS token should be used to generate the tenant token if the tenant token is omitted as it's trivial to generate the tenant token from it.
I updated this in my profile because the tenant token can expire, be revoked, or be generated again from the PaaS token and the profile started breaking agent installs with Puppet silently.
oneagent_communication_hash => {
'--set-server' => 'https://my-server.com:443',
'--set-tenant' => 'abc654321',
'--set-tenant-token' => 'abcdefg123456790',
'--set-proxy' => 'my-proxy.com',
},
Here's is a bash EPP template I currently have implemented for updating the tenant and tenant token along with an Exec resource. It uses Python to parse out the tenantToken from the response for convenience, but you could implement as a pure Bash or pure Python script.
<%- | String $cluster_url,
String $paas_token,
String $environment_id,
String $oneagentctl_path = '/opt/dynatrace/oneagent/agent/tools/oneagentctl',
| -%>
#!/bin/bash
cluster_url='<%= $cluster_url %>'
paas_token='<%= $paas_token %>'
environment_id='<%= $environment_id %>'
oneagentctl_path='<%= $oneagentctl_path %>'
tenant_token=$(curl -q -k -X GET "https://${cluster_url}/e/${environment_id}/api/v1/deployment/installer/agent/connectioninfo" \
-H "accept: application/json; charset=utf-8" \
-H "Content-Type: application/json; charset=utf-8" \
-H "Authorization: Api-Token ${paas_token}" \
| python -c "import sys, json; print(json.load(sys.stdin)['tenantToken'])")
if [[ ! -z $token_id ]]; then
sh -c "${oneagentctl_path} --restart-service --set-tenant ${environment_id} --set-tenant-token ${tenant_token}"
fi