Ansible checkmk.general.rule host_labels error

Troubleshooting
, , , ,
1

CMK version:
Checkmk Raw Edition 2.2.0p7

OS version:
checkmk/check-mk-raw:2.2.0-latest docker image

Error message:
TASK [checkmk : Create a rule in Kubernetes rule set] ********************************************************************************************************************************
fatal: [localhost]: FAILED! => {“ansible_facts”: {“discovered_interpreter_python”: “/usr/bin/python3.8”}, “changed”: false, “id”: “”, “msg”: "Error calling API. HTTP code 400. Details: b’{"title": "Bad Request", "status": 400, "detail": "These fields have problems: conditions", "fields": {"conditions": {"host_labels": {"0": {"_schema": ["Invalid input type."]}}}}}', "}

the above message appears while trying to create rule with host_labels in Ansible.
while

host_labels": []

works fine, the above error appears with the following

- name: "Create a rule in Kubernetes rule set"
  checkmk.general.rule:
    server_url: "{{ server_url }}"
    site: "{{ site }}"
    automation_user: "{{ automation_user }}"
    automation_secret: "{{ automation_secret }}"
    ruleset: "special_agents:kube"
    rule:
        conditions: {
            "host_labels": ["cmk/kubernetes/cluster:my-test-cluster2"],
        }
        properties: {
            "description": "k8s cluster"
        }
        value_raw: "{'cluster-name': 'my-test-cluster2',\n 'kubernetes-api-server': {'endpoint_v2': 'https://myurl.azmk8s.io:443',\n                           'verify-cert': False},\n 'monitored-objects': ['deployments',\n                       'daemonsets',\n                       'statefulsets',\n                       'namespaces',\n                       'nodes',\n                       'pods',\n                       'pvcs',\n                       'cronjobs'],\n 'namespaces': ('namespace-include-patterns', ['custom', 'infrastructure']),\n 'token': ('password', 'XXXXXXXXXXXXXX'),\n 'usage_endpoint': ('cluster-collector',\n                    {'endpoint_v2': 'http://myurl.io',\n                     'verify-cert': True})}"
        location:
            folder: "/"
            position: "top"
    state: "present"

EDIT:
in GUI it should be in Kubernetes rule under host labels:
has cmk/kubernetes/cluster:my-test-cluster2

when I try to include has

"host_labels": ["has":"cmk/kubernetes/cluster:my-test-cluster2"],

it outputs

fatal: [localhost]: FAILED! => {“ansible_facts”: {“discovered_interpreter_python”: “/usr/bin/python3.8”}, “changed”: false, “id”: “”, “msg”: "Error calling API. HTTP code 400. Details: b’{"title": "Bad Request", "status": 400, "detail": "These fields have problems: conditions", "fields": {"conditions": {"host_labels": {"0": {"key": ["Missing data for required field."], "value": ["Missing data for required field."], "has": ["Unknown field."]}}}}}', "}

2

You need the following format for the condition:

            "host_labels": [
              {
                "key": "cmk/kubernetes/cluster",
                "operator": "is",
                "value": "my-test-cluster2"
              }
            ],
3

thank you. it works.
would be nice to see it in the documentation though.

Is there a solution to make it idempotent?

I wanted to use your example from github for idempotency check but it

checkmk.general.rule:
...
register: response

- name: Show the ID of the new rule
  debug:
    msg: "RULE ID : {{ response.id }}"

fails with “this variable has no attribute id”

4

response.id works now.
Are there any practical workarounds to make the rule creation idempotant?

5

own api call of existing rules will make it idempotent.
in ansible using uri module.
with checkmks own module not possible yet

6

It is in the module documentation in the EXAMPLES section.

There is an underlying problem with the data structures, which needs to be tackled upstream. Maybe idempotency is possible in your case, but I cannot say for certain. The example you mention only works upon rule creation, as the ID is returned there.