From cea3b9e9f5e03b2ffe4e2f9015c73c2162895c6f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexander=20K=C3=A4b?= <alexander.kaeb@h-da.de>
Date: Wed, 1 Mar 2023 17:41:15 +0100
Subject: [PATCH] Change to direct rpm install instead of rpm repository

---
 defaults/main.yml |  6 ++++--
 tasks/sidecar.yml | 27 +++++++++++----------------
 2 files changed, 15 insertions(+), 18 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 5a49e87..d158483 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,7 +1,9 @@
 graylog_sidecar_node_id: 'file:/etc/machine-id'
 sidecar_repo_urls:
-  "RedHat": "https://packages.graylog2.org/repo/packages/graylog-sidecar-repository-1-5.noarch.rpm"
-  "Debian": "https://packages.graylog2.org/repo/packages/graylog-sidecar-repository_1-5_all.deb"
+  "RedHat": "https://github.com/Graylog2/collector-sidecar/releases/download/1.4.0/graylog-sidecar-1.4.0-1.x86_64.rpm"
+  "Debian": "https://github.com/Graylog2/collector-sidecar/releases/download/1.4.0/graylog-sidecar_1.4.0-1_amd64.deb"
+
+sidecar_checksum: https://github.com/Graylog2/collector-sidecar/releases/download/1.4.0/CHECKSUMS-SHA256.txt
 
 install_filebeat: true
 filebeat_repo_urls:
diff --git a/tasks/sidecar.yml b/tasks/sidecar.yml
index bd8f5c7..fce15a4 100644
--- a/tasks/sidecar.yml
+++ b/tasks/sidecar.yml
@@ -5,20 +5,21 @@
     - name: Download repository file (Debian | Ubuntu)
       ansible.builtin.get_url:
         url: "{{ sidecar_repo_urls['Debian'] }}"
-        dest: /tmp/graylog-sidecar-repository.deb
+        checksum: "sha256:{{ sidecar_checksum }}"
+        dest: /tmp/graylog-sidecar.deb
         mode: 0644
       delegate_to: localhost
       run_once: true
 
     - name: Copy DEB to nodes (Debian | Ubuntu)
       ansible.builtin.copy:
-        src: /tmp/graylog-sidecar-repository.deb
-        dest: /tmp/graylog-sidecar-repository.deb
+        src: /tmp/graylog-sidecar.deb
+        dest: /tmp/graylog-sidecar.deb
         mode: 0644
 
     - name: Add repository using dpkg (Debian | Ubuntu)
       ansible.builtin.command:
-        cmd: dpkg -i /tmp/graylog-sidecar-repository.deb
+        cmd: dpkg -i /tmp/graylog-sidecar.deb
       changed_when: false
 
 - name: Add sidecar repo (RedHat)
@@ -28,28 +29,22 @@
     - name: Download rpm file (RedHat)
       ansible.builtin.get_url:
         url: "{{ sidecar_repo_urls['RedHat'] }}"
-        dest: /tmp/graylog-sidecar-repository.rpm
+        checksum: "sha256:{{ sidecar_checksum }}"
+        dest: /tmp/graylog-sidecar.rpm
         mode: 0644
       delegate_to: localhost
       run_once: true
 
     - name: Copy RPM to nodes (RedHat)
       ansible.builtin.copy:
-        src: /tmp/graylog-sidecar-repository.rpm
-        dest: /tmp/graylog-sidecar-repository.rpm
+        src: /tmp/graylog-sidecar.rpm
+        dest: /tmp/graylog-sidecar.rpm
         mode: 0644
 
     - name: Install rpm (RedHat)
       ansible.builtin.yum:
-        name: /tmp/graylog-sidecar-repository.rpm
+        name: /tmp/graylog-sidecar.rpm
         state: present
-        disable_gpg_check: true # Here, we are installing the package that contains the gpg key
-
-- name: Install sidecar package
-  ansible.builtin.package:
-    name: graylog-sidecar
-    state: present
-  become: true
 
 - name: Run install command
   ansible.builtin.command:
@@ -72,4 +67,4 @@
     name: graylog-sidecar
     state: started
     enabled: true
-  become: true
\ No newline at end of file
+  become: true
-- 
GitLab