Rest API - Delete Host "ETag didn't match?"

Greetings!!

I am looking for some guidance on the new REST API available in version 2.0. I am trying to send an API call to delete a Host but when I try to run the command I get the results below.

{
"title": "Precondition failed",
"status": 412,
"detail": "ETag didn't match. Probable cause: Object changed by another user.",
"ext": null
}

The same host I created through the API and looking through the info, I didn’t find an “ETag” value anywhere in the API return. I have searched through the API document and can’t seem to find where or what generates an “ETag”. Provided is a screenshot of the example provided by the CheckMK API Document.

Does anyone have any idea where I can find the “ETag” value and/or what it’s purpose is? It’s very strange that the only time it seems to ask for it is on DELETE API calls as opposed to GET, POST, PUT calls.

All other commands seem to work perfectly fine. I was able to add the host and activate the change through the API without any issues.

Below is some following backend info:
CheckMK Edition = CheckMK Raw
CheckMK Version = 2.0.0b5
CheckMK OS = CentOS 7.7.1908
Agent OS = CentOS 7.6.1810

Let me know if anyone needs additional details and I will be more than happy to provide them.

Thanks!
Ben

As far as I understand the REST API, you first have to query for the host object. The ETag is embedded in the HTTP headers and must be used to alter the host object. The ETag is a temporary ID to prevent changes in between requests from other users.

There will be an API client implementation available that should handle these things.

1 Like

Ahhh that’s where it shows up. Thanks for pointing that out! Within my automation, I will probably have to query the host first to grab the ETag value before I delete it. A sucky extra step but makes sense.

1 Like

I also do not understand why this is necessary for operations like delete. For edit I understand that you want to prevent a situation where the host has been edited by a third party. Maybe someone from the development team can chime in here, @fayepal?

An unfortunate extra process but was able to get around it.

Below is an example of a Ansible Role that I setup to handle the deletions. I wanted to share this with anyone who is running into the same issues I was with this. Hopefully this helps out someone with issues they are having.

If you’re new to Ansible or have never used it, the values in the {{ }} are variables. You would just replace the {{ }} values with your true values.

---
- name: Query Host
  uri:
    url: "{{ checkmk_url }}/{{ test_site }}/check_mk/api/v0/objects/host_config/{{ global_server_name}}.{{ global_domain}}"
    method: GET
    body_format: json
    return_content: yes
    headers:
      Authorization: "Bearer {{ checkmk_username }} {{ checkmk_password }}"
      Content-Type: application/json
      Accept: application/json
  register: checkmk_query_host_return

- name: Delete Host
  uri:
    url: "{{ checkmk_url }}/{{ test_site }}/check_mk/api/v0/objects/host_config/{{ global_server_name }}.{{ global_domain }}"
    method: DELETE
    body_format: json
    return_content: yes
    headers:
      Authorization: "Bearer {{ checkmk_username }} {{ checkmk_password }}"
      Content-Type: application/json
      Accept: application/json
      If-Match: "{{ checkmk_query_host_return.etag | from_json }}"
    status_code: 204

- name: Activate Change
  uri:
    url: "{{ checkmk_url }}/{{ test_site }}/check_mk/api/v0/domain-types/activation_run/actions/activate-changes/invoke"
    method: POST
    body_format: json
    return_content: yes
    validate_certs: no
    headers:
      Authorization: "Bearer {{ checkmk_username }} {{ checkmk_password }}"
      Content-Type: application/json
      Accept: application/json
    body:
      redirect: false
      sites: ["{{ test_site }}"]