ansiblechecksumactivemq-artemisgeturl

Ansible get_url module: Unable to find a checksum for file

I'm trying to fetch ActiveMQ Artemis using the following:


- name: Download the ActiveMQ Artemis artifact
  get_url:
    url: "https://www.apache.org/dyn/closer.cgi?filename=activemq/activemq-artemis/{{ artemis_version }}/apache-artemis-{{ artemis_version }}-bin.tar.gz&action=download"
    dest: "/tmp/apache-artemis-{{ artemis_version }}-bin.tar.gz"
    #with fixed checksumm it works but breaks the idea of the version to be a variable.
    #checksum: "sha512:4990a6b742b08bff6a4c7b310d2610565b08a2a02e1a7aec065460d16f8a6fe3d4fe91a8040839f93d7c2eab09fd6a79848fb130f9820559ee3e81dcf8d51ead"
    #Getting "Unable to find a checksum for file 'closer.cgi' in 'https://downloads.apache.org/activemq/activemq-artemis/2.16.0/apache-artemis-2.16.0-bin.tar.gz.sha512'"
    checksum: "sha512:https://downloads.apache.org/activemq/activemq-artemis/{{ artemis_version }}/apache-artemis-{{ artemis_version }}-bin.tar.gz.sha512"
    #Also getting: fatal: [dev-broker-01]: FAILED! => {"changed": false, "dest": "/tmp/apache-artemis-2.16.0-bin.tar.gz", "elapsed": 0, "msg": "Request failed: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)>", "url": "https://www.apache.org/dyn/closer.cgi?filename=activemq/activemq-artemis/2.16.0/apache-artemis-2.16.0-bin.tar.gz&action=download"}
    validate_certs: no

and getting:

Unable to find a checksum for file 'closer.cgi' in 'https://downloads.apache.org/activemq/activemq-artemis/2.16.0/apache-artemis-2.16.0-bin.tar.gz.sha512'"
It's not picking up the filename from dest: "/tmp/apache-artemis-{{ artemis_version }}-bin.tar.gz"

Also having some issue validating the certificate.

Any ideas how can I solve both problems?

Solution

  • The error seems to suggest that it is looking for checksum of file closer.cgi rather than the actual tar.gz file. And the filename in the checksum URL is: apache-artemis-2.16.0-bin.tar.gz.

    The other way to specify the checksum, is to just supply the checksum string (without filename). Although for that we need to come up with a couple of tasks prior to get it.

    Something like below:

    - uri:
    url: "https://downloads.apache.org/activemq/activemq-artemis/{{ artemis_version }}/apache-artemis-{{ artemis_version }}-bin.tar.gz.sha512"
    return_content: true
  register: url_sha512
- set_fact:
    artemis_checksum: "{{ url_sha512.content.split('  ')[0] }}"      # there are 2 spaces
- get_url:
    url: "https://www.apache.org/dyn/closer.cgi?filename=activemq/activemq-artemis/{{ artemis_version }}/apache-artemis-{{ artemis_version }}-bin.tar.gz&action=download"
    dest: "/tmp/apache-artemis-{{ artemis_version }}-bin.tar.gz"
    checksum: "sha512:{{ artemis_checksum }}"
    # I was able to download without having below parameter
    # validate_certs: no

    Update:

    This kind of approach can be useful when site directory cannot be browsed, and file must be obtained from a mirrored URL.