From f8b5e47b0e4f9121ed4fe2fe6d1482dd04f09bd2 Mon Sep 17 00:00:00 2001
From: Sven Ketelsen <sven.ketelsen@netgo.de>
Date: Wed, 10 May 2023 07:56:31 +0200
Subject: [PATCH] DEV-1028: added role version check

---
 galaxy-requirements.yml | 10 ++---
 provisioning.yml        | 33 +++++++++++++++++
 setup.yml               | 81 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 119 insertions(+), 5 deletions(-)

diff --git a/galaxy-requirements.yml b/galaxy-requirements.yml
index 9b02166..d74cc7d 100644
--- a/galaxy-requirements.yml
+++ b/galaxy-requirements.yml
@@ -25,23 +25,23 @@ roles:
 - name: hetzner-ansible-filebeat
   src: git@git.dev-at.de:smardigo-hetzner/ansible/hetzner-ansible-roles/hetzner-ansible-filebeat-role.git
   scm: git
-  version: 0.0.4
+  version: 0.0.6
 - name: hetzner-ansible-metricbeat
   src: git@git.dev-at.de:smardigo-hetzner/ansible/hetzner-ansible-roles/hetzner-ansible-metricbeat-role.git
   scm: git
-  version: 0.0.3
+  version: 0.0.5
 - name: hetzner-ansible-node-exporter
   src: git@git.dev-at.de:smardigo-hetzner/ansible/hetzner-ansible-roles/hetzner-ansible-node-exporter-role.git
   scm: git
-  version: 0.0.3
+  version: 0.0.4
 - name: hetzner-ansible-traefik
   src: git@git.dev-at.de:smardigo-hetzner/ansible/hetzner-ansible-roles/hetzner-ansible-traefik-role.git
   scm: git
-  version: 0.0.3
+  version: 0.0.4
 - name: hetzner-ansible-sma-deploy
   src: git@git.dev-at.de:smardigo-hetzner/ansible/hetzner-ansible-roles/hetzner-ansible-sma-deploy-role.git
   scm: git
-  version: 0.0.3
+  version: 0.0.4
 
 
 collections:
diff --git a/provisioning.yml b/provisioning.yml
index e1e65ab..387f07d 100644
--- a/provisioning.yml
+++ b/provisioning.yml
@@ -3,6 +3,9 @@
 - name: 'apply setup to {{ host | default("all") }}'
   hosts: '{{ host | default("all") }}'
   serial: "{{ serial_number | default(5) }}"
+  vars:
+    hetzner_ansible_dns_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-dns\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
+    hetzner_ansible_hcloud_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-hcloud\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
   gather_facts: no
   become: no
 
@@ -15,6 +18,36 @@
       tags:
         - always
 
+    - name: "get hetzner-ansible-dns version"
+      include_role:
+        name: hetzner-ansible-dns
+        tasks_from: _get_version.yml
+      tags:
+        - always
+
+    - name: "Check if hetzner-ansible-dns version matches"
+      assert:
+        that:
+          - "'{{ hetzner_ansible_dns_version }}' in {{ hetzner_ansible_dns_current_version }}" 
+        msg: "The current hetzner-ansible-dns version has to be {{ hetzner_ansible_dns_current_version }}"
+      tags:
+        - always
+
+    - name: "get hetzner-ansible-hcloud version"
+      include_role:
+        name: hetzner-ansible-hcloud
+        tasks_from: _get_version.yml
+      tags:
+        - always
+
+    - name: "Check if hetzner-ansible-hcloud version matches"
+      assert:
+        that:
+          - "'{{ hetzner_ansible_hcloud_version }}' in {{ hetzner_ansible_hcloud_current_version }}" 
+        msg: "The current hetzner-ansible-dns version has to be {{ hetzner_ansible_hcloud_current_version }}"
+      tags:
+        - always
+
     - name: "Getting all firewalls from hetzner"
       uri:
         url: "https://api.hetzner.cloud/v1/firewalls"
diff --git a/setup.yml b/setup.yml
index fb4652d..1120f97 100644
--- a/setup.yml
+++ b/setup.yml
@@ -6,6 +6,11 @@
   strategy: free
   vars:
     ansible_ssh_host: "{{ stage_server_domain }}"
+    hetzner_ansible_common_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-common\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
+    hetzner_ansible_node_exporter_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-node-exporter\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
+    hetzner_ansible_filebeat_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-filebeat\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
+    hetzner_ansible_metricbeat_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-metricbeat\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
+    hetzner_ansible_traefik_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-traefik\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
   remote_user: root
   become: yes
 
@@ -18,6 +23,82 @@
       tags:
         - always
 
+    - name: "get hetzner-ansible-common version"
+      include_role:
+        name: hetzner-ansible-common
+        tasks_from: _get_version.yml
+      tags:
+        - always
+
+    - name: "Check if hetzner-ansible-common version matches"
+      assert:
+        that:
+          - "'{{ hetzner_ansible_common_version }}' in {{ hetzner_ansible_common_current_version }}" 
+        msg: "The current hetzner-ansible-common version has to be {{ hetzner_ansible_common_current_version }}"
+      tags:
+        - always
+
+    - name: "get hetzner-ansible-node-exporter version"
+      include_role:
+        name: hetzner-ansible-node-exporter
+        tasks_from: _get_version.yml
+      tags:
+        - always
+
+    - name: "Check if hetzner-ansible-node-exporter version matches"
+      assert:
+        that:
+          - "'{{ hetzner_ansible_node_exporter_version }}' in {{ hetzner_ansible_node_exporter_current_version }}" 
+        msg: "The current hetzner-ansible-node_exporter version has to be {{ hetzner_ansible_node_exporter_current_version }}"
+      tags:
+        - always
+
+    - name: "get hetzner-ansible-filebeat version"
+      include_role:
+        name: hetzner-ansible-filebeat
+        tasks_from: _get_version.yml
+      tags:
+        - always
+
+    - name: "Check if hetzner-ansible-filebeat version matches"
+      assert:
+        that:
+          - "'{{ hetzner_ansible_filebeat_version }}' in {{ hetzner_ansible_filebeat_current_version }}" 
+        msg: "The current hetzner-ansible-filebeat version has to be {{ hetzner_ansible_filebeat_current_version }}"
+      tags:
+        - always
+
+
+    - name: "get hetzner-ansible-metricbeat version"
+      include_role:
+        name: hetzner-ansible-metricbeat
+        tasks_from: _get_version.yml
+      tags:
+        - always
+
+    - name: "Check if hetzner-ansible-metricbeat version matches"
+      assert:
+        that:
+          - "'{{ hetzner_ansible_metricbeat_version }}' in {{ hetzner_ansible_metricbeat_current_version }}" 
+        msg: "The current hetzner-ansible-metricbeat version has to be {{ hetzner_ansible_metricbeat_current_version }}"
+      tags:
+        - always
+
+    - name: "get hetzner-ansible-traefik version"
+      include_role:
+        name: hetzner-ansible-traefik
+        tasks_from: _get_version.yml
+      tags:
+        - always
+
+    - name: "Check if hetzner-ansible-traefik version matches"
+      assert:
+        that:
+          - "'{{ hetzner_ansible_traefik_version }}' in {{ hetzner_ansible_traefik_current_version }}" 
+        msg: "The current hetzner-ansible-traefik version has to be {{ hetzner_ansible_traefik_current_version }}"
+      tags:
+        - always
+
     - name: Remove outdated dependencies
       apt:
         name: [