I am working on an automation pipeline for our users of Sensu-go. We particularly used Chef to manage Sensu-Core, but we are moving away from chef. In chef you could pin versions of cookbooks for the version of the sensu check.
My question is, using sensuctl and assets, is there a way to pin a check to a particular version of an asset so when we push a change, it does not affect all of our nodes that are subscribed?
We are using Artifactory to host our assets, and gitlab for our asset files.
Although not formally supported (there is not yet a concept of Asset “tags” in Sensu Go like there is with Docker images), you can employ an asset versioning scheme that is roughly equivalent to Docker image “tags”.
Example:
sensu/monitoring-plugins:2.6.0
NOTE: both the asset resource name and the asset reference (i.e. runtime_assets values) must match.
By employing this asset naming convention you may register multiple versions of the same asset, and you can effectively “pin” versions as needed.
PS - if you use the sensuctl asset add command, it does support this pseudo-tagging syntax to fetch specific asset versions, but it does not include version tags in the resulting Asset resource name by default, so you would need to use the --rename flag, like this: