From 15c46544b6032a23d24efa2fca55e7512ab989d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Budai?= <ondrej@budai.cz>
Date: Thu, 25 Nov 2021 19:55:37 +0100
Subject: [PATCH] packer/monit: remove verify_worker_connection
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is currently not working because workers in aoc no longer use mTLS.
Definitely something we want to fix in the future I think.

Signed-off-by: Ondřej Budai <ondrej@budai.cz>
---
 .../monit_scripts/verify_worker_connection    | 28 -------------------
 .../ansible/roles/common/tasks/monitoring.yml |  5 +---
 .../ansible/roles/common/templates/monitrc.j2 | 10 -------
 3 files changed, 1 insertion(+), 42 deletions(-)
 delete mode 100755 templates/packer/ansible/roles/common/files/monit_scripts/verify_worker_connection

diff --git a/templates/packer/ansible/roles/common/files/monit_scripts/verify_worker_connection b/templates/packer/ansible/roles/common/files/monit_scripts/verify_worker_connection
deleted file mode 100755
index e1d44d66d..000000000
--- a/templates/packer/ansible/roles/common/files/monit_scripts/verify_worker_connection
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/bash
-# Verifies that a composer worker can reach its composer server.
-
-# Get the hostname of the composer instance.
-COMPOSER_HOST=$(grep -Eo "[a-z0-9\.]+.composer.[a-z0-9\.]+" /etc/hosts)
-
-# Exit now if this is not a worker.
-if [[ -z "${COMPOSER_HOST}" ]]; then
-  echo "Not a worker. Skipping check."
-  exit 2
-fi
-
-# Test a connection to composer.
-CONNECTION_TEST=$(
-  curl -s --connect-timeout 5 \
-    --cert /etc/osbuild-composer/worker-crt.pem \
-    --key /etc/osbuild-composer/worker-key.pem \
-    --cacert /etc/osbuild-composer/ca-crt.pem \
-    https://${COMPOSER_HOST}:8700/api/worker/v1/status
-)
-
-if [[ $CONNECTION_TEST =~ OK ]]; then
-  echo "Connection to ${COMPOSER_HOST} succeeded."
-  exit 0
-fi
-
-echo "Connection to ${COMPOSER_HOST} failed."
-exit 1
diff --git a/templates/packer/ansible/roles/common/tasks/monitoring.yml b/templates/packer/ansible/roles/common/tasks/monitoring.yml
index f90be3a70..397414cc6 100644
--- a/templates/packer/ansible/roles/common/tasks/monitoring.yml
+++ b/templates/packer/ansible/roles/common/tasks/monitoring.yml
@@ -15,11 +15,8 @@
 
 - name: Deploy monit scripts
   copy:
-    src: "monit_scripts/{{ item }}"
+    src: monit_scripts/pozorbot_alert
     dest: /opt/monit/
     mode: "0755"
     owner: root
     group: root
-  loop:
-    - pozorbot_alert
-    - verify_worker_connection
diff --git a/templates/packer/ansible/roles/common/templates/monitrc.j2 b/templates/packer/ansible/roles/common/templates/monitrc.j2
index 3242d0c9d..926436076 100644
--- a/templates/packer/ansible/roles/common/templates/monitrc.j2
+++ b/templates/packer/ansible/roles/common/templates/monitrc.j2
@@ -48,13 +48,3 @@ CHECK HOST rhel_cdn WITH ADDRESS cdn.redhat.com
     with ssl options { CACERTIFICATEFILE: /etc/rhsm/ca/redhat-uep.pem }
     then exec {{ pozorbot_script }}
     else if succeeded then exec {{ pozorbot_script }}
-
-# Check for a valid connection to a composer server (valid for workers only).
-CHECK PROGRAM verify_worker_connection WITH PATH /opt/monit/verify_worker_connection
-  # A worker can't talk to its composer.
-  if status == 1
-    then exec {{ pozorbot_script }}
-    else if succeeded then exec {{ pozorbot_script }}
-  # This is not a worker.
-  if status == 2
-    then UNMONITOR