diff --git a/playbooks/oracle_backup/get_facts.yml b/playbooks/oracle_backup/get_facts.yml index 55d05bdc..94974509 100644 --- a/playbooks/oracle_backup/get_facts.yml +++ b/playbooks/oracle_backup/get_facts.yml @@ -33,7 +33,7 @@ - name: Set Emcli Catalog Host Name Command set_fact: emcli_commands: | - {{ emcli }} get_targets -noheader -targets="%:oracle_oms" | awk '{print $NF}' | cut -d: -f1 + {{ emcli }} get_targets -noheader -targets="%:oracle_oms" | awk '{print $NF}' | cut -d: -f1 | head -1 - name: Get Catalog Host Name ansible.builtin.command: > @@ -41,6 +41,7 @@ environment: ACCOUNT_NAME: "{{ account_name }}" ASSUME_ROLE_NAME: "{{ assume_role_name }}" + OEM_SECRET: "{{ secretsmanager_passwords['emrep'].secret }}" EMCLI_COMMANDS: "{{ emcli_commands }}" register: getcataloghostname changed_when: false @@ -63,7 +64,7 @@ environment: ACCOUNT_NAME: "{{ account_name }}" ASSUME_ROLE_NAME: "{{ assume_role_name }}" - CATALOG_SECRET: "{{ secretsmanager_passwords['catalog'].secret }}" + OEM_SECRET: "{{ secretsmanager_passwords['emrep'].secret }}" EMCLI_COMMANDS: "{{ emcli_commands }}" register: getslackchannel changed_when: false diff --git a/playbooks/oracle_backup/templates/get_facts_script.sh.j2 b/playbooks/oracle_backup/templates/get_facts_script.sh.j2 index 7e22f950..43ad367e 100644 --- a/playbooks/oracle_backup/templates/get_facts_script.sh.j2 +++ b/playbooks/oracle_backup/templates/get_facts_script.sh.j2 @@ -2,7 +2,7 @@ . ~/.bash_profile -OEM_ACCOUNT_ID=$(aws ssm get-parameters --with-decryption --name account_ids | jq --arg ACCOUNT_NAME ${ACCOUNT_NAME} -r 'with_entries(if (.key|test($ACCOUNT_NAME)) then ( {key: .key, value: .value}) else empty end)' | jq -r 'to_entries|.[0].value') +OEM_ACCOUNT_ID=$(aws ssm get-parameters --with-decryption --name account_ids | jq -r .Parameters[].Value | jq --arg ACCOUNT_NAME ${ACCOUNT_NAME} -r 'with_entries(if (.key|test($ACCOUNT_NAME)) then ( {key: .key, value: .value}) else empty end)' | jq -r 'to_entries|.[0].value') OEM_SECRET_ARN="arn:aws:secretsmanager:eu-west-2:${OEM_ACCOUNT_ID}:secret:${OEM_SECRET}" ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text) OEM_ROLE_ARN="arn:aws:iam::${ACCOUNT_ID}:role/${ASSUME_ROLE_NAME}" @@ -11,12 +11,13 @@ export AWS_ACCESS_KEY_ID=$(echo "${CREDS}" | tail -1 | cut -f1) export AWS_SECRET_ACCESS_KEY=$(echo "${CREDS}" | tail -1 | cut -f2) export AWS_SESSION_TOKEN=$(echo "${CREDS}" | tail -1 | cut -f3) -SYSMAN_PASSWORD=$(aws secretsmanager get-secret-value --secret-id "${OEM_SECRET_ARN}" --query SecretString --output text | jq -r .sysman) -export PATH=$PATH:/u01/app/oracle/product/oem-agent/agent_{{ OEM_AGENT_VERSION }}/oracle_common/jdk/jre/bin -{{ emcli }} sync 1>/dev/null 2>&1 || ( {{ emcli }} login -username=sysman -password=${SYSMAN_PASSWORD} -force && {{ emcli }} sync ) 1>/dev/null 2>&1 - -[[ ! -z "${EMCLI_COMMANDS}" ]] && eval ${EMCLI_COMMANDS} -if [[ "${STEP}" == "CONNECT_CATALOG" ]] +if [[ ! -z "${EMCLI_COMMANDS}" ]] +then + SYSMAN_PASSWORD=$(aws secretsmanager get-secret-value --secret-id "${OEM_SECRET_ARN}" --query SecretString --output text | jq -r .sysman) + export PATH=$PATH:/u01/app/oracle/product/oem-agent/agent_{{ OEM_AGENT_VERSION }}/oracle_common/jdk/jre/bin + {{ emcli }} sync 1>/dev/null 2>&1 || ( {{ emcli }} login -username=sysman -password=${SYSMAN_PASSWORD} -force && {{ emcli }} sync ) 1>/dev/null 2>&1 + eval ${EMCLI_COMMANDS} +elif [[ "${STEP}" == "CONNECT_CATALOG" ]] then RCVCATOWNER_PASSWORD=$(aws secretsmanager get-secret-value --secret-id "arn:aws:secretsmanager:eu-west-2:${OEM_ACCOUNT_ID}:secret:${CATALOG_SECRET}" --query SecretString --output text | jq -r .rcvcatowner) sqlplus -s /nolog << EOF