foreman_ansible 1.0 → 1.1

data/app/models/host_ansible_role.rb

@@ -1,8 +1,6 @@
 # Join model that hosts the connection between hosts and ansible_roles
 class HostAnsibleRole < ActiveRecord::Base
   audited :associated_with => :host, :allow_mass_assignment => true
-  attr_accessible :host_id, :host, :ansible_role_id, :ansible_role
-
   belongs_to_host
   belongs_to :ansible_role
 

data/app/models/hostgroup_ansible_role.rb

@@ -0,0 +1,8 @@
+# Join model that hosts the connection between hostgroups and ansible_roles
+class HostgroupAnsibleRole < ActiveRecord::Base
+  belongs_to :hostgroup
+  belongs_to :ansible_role
+
+  validates :ansible_role_id, :presence => true,
+                              :uniqueness => { :scope => :hostgroup_id }
+end

data/app/overrides/ansible_roles_tab.rb

@@ -3,12 +3,12 @@ Deface::Override.new(
   :virtual_path => 'hosts/_form',
   :name => 'ansible_roles_tab',
   :insert_after => 'li.active',
-  :partial => 'foreman_ansible/hosts/tab_title'
+  :partial => 'foreman_ansible/ansible_roles/select_tab_title'
 )
 
 Deface::Override.new(
   :virtual_path => 'hosts/_form',
   :name => 'ansible_roles_tab_content',
   :insert_after => 'div.tab-pane.active',
-  :partial => 'foreman_ansible/hosts/tab_content'
+  :partial => 'foreman_ansible/ansible_roles/select_tab_content'
 )

data/app/overrides/hostgroup_ansible_roles_tab.rb

@@ -0,0 +1,14 @@
+# Displays Ansible roles tab on Hostgroup form
+Deface::Override.new(
+  :virtual_path => 'hostgroups/_form',
+  :name => 'hostgroup_ansible_roles_tab',
+  :insert_after => 'li.active',
+  :partial => 'foreman_ansible/ansible_roles/select_tab_title'
+)
+
+Deface::Override.new(
+  :virtual_path => 'hostgroups/_form',
+  :name => 'hostgroup_ansible_roles_tab_content',
+  :insert_after => 'div.tab-pane.active',
+  :partial => 'foreman_ansible/ansible_roles/select_tab_content'
+)

data/app/services/foreman_ansible/api_roles_importer.rb

@@ -0,0 +1,16 @@
+module ForemanAnsible
+  # imports Ansible roles through API
+  class ApiRolesImporter < RolesImporter
+    def import!
+      new_roles = import_role_names[:new]
+      new_roles.map(&:save)
+      new_roles
+    end
+
+    def obsolete!
+      obsolete_roles = import_role_names[:obsolete]
+      obsolete_roles.map(&:destroy)
+      obsolete_roles
+    end
+  end
+end

data/app/services/foreman_ansible/fact_importer.rb

@@ -20,7 +20,8 @@ module ForemanAnsible
       @counters[:added] = 0
       add_missing_facts(FactSparser.unsparse(@original_facts))
       logger.debug(
-        "Merging facts for '#{host}': added #{@counters[:added]} facts")
+        "Merging facts for '#{host}': added #{@counters[:added]} facts"
+      )
     end
 
     def add_missing_facts(imported_facts, parent = nil, prefix = '')

data/app/services/foreman_ansible/inventory_creator.rb

@@ -8,11 +8,43 @@ module ForemanAnsible
       @hosts = hosts
     end
 
-    def tempfile
-      tempfile = Tempfile.new("foreman-#{SecureRandom.uuid}-inventory")
-      tempfile.write(hosts.map(&:fqdn).join('\n'))
-      tempfile.close
-      tempfile
+    # It returns a hash in a format that Ansible understands.
+    # See http://docs.ansible.com/ansible/developing_inventory.html
+    # for more details.
+    # For now, we don't group the hosts based on different paramters
+    # (use https://github.com/theforeman/foreman_ansible_inventory for
+    # more advanced cases). Therefore we have only the 'all' group
+    # with all hosts.
+    def to_hash
+      { 'all' => { 'hosts' => hosts.map(&:fqdn) },
+        '_meta' => { 'hostvars' => host_vars } }
+    end
+
+    def host_vars
+      hosts.reduce({}) do |hash, host|
+        hash.update(host.fqdn =>
+                    { 'foreman' => host_attributes(host),
+                      'foreman_params' => host_params(host),
+                      'foreman_ansible_roles' => host_roles(host) })
+      end
+    end
+
+    def host_roles(host)
+      host.all_ansible_roles.map(&:name)
+    end
+
+    def host_attributes(host)
+      render_rabl(host, 'api/v2/hosts/main')
+    end
+
+    def host_params(host)
+      host.host_params
+    end
+
+    private
+
+    def render_rabl(host, template)
+      Rabl.render(host, template, :format => 'hash')
     end
   end
 end

data/app/services/foreman_ansible/playbook_creator.rb

@@ -1,15 +1,14 @@
 module ForemanAnsible
   # Service to generate a playbook given roles and a list of hosts
   class PlaybookCreator
-    attr_reader :fqdn, :role_names
+    attr_reader :role_names
 
-    def initialize(fqdn, role_names)
-      @fqdn = fqdn
+    def initialize(role_names)
       @role_names = role_names
     end
 
     def roles_playbook
-      playbook = ['hosts' => fqdn, 'roles' => role_names]
+      playbook = ['hosts' => 'all', 'roles' => role_names]
       playbook.to_yaml
     end
 

data/app/services/foreman_ansible/proxy_selector.rb

@@ -0,0 +1,19 @@
+module ForemanAnsible
+  # Contains proxy selection rules for a host playbook run
+  class ProxySelector < ::ForemanTasks::ProxySelector
+    def available_proxies(host)
+      proxies = {}
+      proxies[:fallback] = host.smart_proxies.with_features('Ansible')
+      proxies[:global] = proxy_scope(host).authorized.with_features('Ansible')
+      proxies
+    end
+
+    private
+
+    def proxy_scope(host)
+      return ::SmartProxy unless Taxonomy.enabled_taxonomies.any?
+      ::SmartProxy.with_taxonomy_scope_override(host.location,
+                                                host.organization)
+    end
+  end
+end

data/app/services/foreman_ansible/roles_importer.rb

@@ -1,24 +1,51 @@
 module ForemanAnsible
-  # Service to import roles from the filesystem.
-  # Should be extracted to a gem that both the proxy and Foreman can use.
+  # imports roles from smart proxy
   class RolesImporter
-    class << self
-      def import!
-        list_roles_in_fs.each do |role_name|
-          role = AnsibleRole.new(:name => role_name)
-          next if role.save
-          Rails.logger.debug("Failed to save role #{role_name}: "\
-                            "#{role.errors.full_messages.join(', ')}")
-        end
+    attr_reader :ansible_proxy
+
+    def initialize(proxy = nil)
+      @ansible_proxy = proxy
+    end
+
+    def import_role_names
+      return import_roles remote_roles if ansible_proxy
+      import_roles local_roles
+    end
+
+    def import_roles(roles)
+      imported = roles.map do |role_name|
+        ::AnsibleRole.find_or_initialize_by(:name => role_name)
       end
+      detect_changes imported
+    end
+
+    def detect_changes(imported)
+      changes = {}.with_indifferent_access
+      old, changes[:new] = imported.partition { |role| role.id.present? }
+      changes[:obsolete] = ::AnsibleRole.where.not(:id => old.map(&:id))
+      changes
+    end
+
+    private
 
-      private
+    def find_proxy_api
+      raise ::Foreman::Exception.new(N_('Proxy not found')) unless ansible_proxy
+      @proxy_api = ::ProxyAPI::Ansible.new(:url => ansible_proxy.url)
+    end
 
-      def list_roles_in_fs
-        Dir.glob('/etc/ansible/roles/*').map do |path|
-          path.split('/').last
-        end
+    def proxy_api
+      return @proxy_api if @proxy_api
+      find_proxy_api
+    end
+
+    def local_roles
+      Dir.glob('/etc/ansible/roles/*').map do |path|
+        path.split('/').last
       end
     end
+
+    def remote_roles
+      proxy_api.roles
+    end
   end
 end

data/app/services/foreman_ansible/ui_roles_importer.rb

@@ -0,0 +1,26 @@
+module ForemanAnsible
+  # imports ansible roles through UI
+  class UiRolesImporter < RolesImporter
+    def import!
+      import_role_names
+    end
+
+    def finish_import(changes)
+      return unless changes.present?
+      create_new_roles changes['new'] if changes['new']
+      delete_old_roles changes['obsolete'] if changes['obsolete']
+    end
+
+    def create_new_roles(changes)
+      changes.values.each do |new_role|
+        ::AnsibleRole.create(JSON.parse(new_role))
+      end
+    end
+
+    def delete_old_roles(changes)
+      changes.values.each do |old_role|
+        ::AnsibleRole.find(JSON.parse(old_role)['id']).destroy
+      end
+    end
+  end
+end

data/app/views/ansible_roles/import.html.erb

@@ -0,0 +1,51 @@
+<% title _("Changed Ansible roles") %>
+<%= form_tag confirm_import_ansible_roles_path do %>
+  <h4><%= _("Select the changes you want to realize in Foreman") %></h4>
+  <h6>
+  <%= _("Toggle") %>:
+  <%= link_to_function(icon_text("check", _("New")),
+                       "toggleCheckboxesBySelector('.role_select_boxes_new')",
+                       :title => _("Check/Uncheck new")) %> |
+  <%= link_to_function(icon_text("check", _("Obsolete")),
+                       "toggleCheckboxesBySelector('.role_select_boxes_obsolete')",
+                       :title => _("Check/Uncheck obsolete")) %>
+  </h6>
+  <table class="<%= table_css_classes %>">
+    <thead>
+      <tr>
+        <th class="ca">
+          <%= link_to_function(icon_text("check"),
+                               "toggleCheckboxesBySelector('.role_select_boxes')",
+                               :title => _("Check/Uncheck all")) %>
+        </th>
+        <th><%= _("Name") %></th>
+        <th class="col-md-2"><%= _("Hosts count") %></th>
+        <th class="col-md-2"><%= _("Hostgroups count") %></th>
+        <th><%= _("Operation") %></th>
+      </tr>
+    </thead>
+    <tbody>
+      <% changed.each do |kind, roles| %>
+        <% roles.each do |role| %>
+          <tr>
+            <td>
+              <%= check_box_tag "changed[#{kind}][#{role}]", role.to_json, false, :class => "role_select_boxes role_select_boxes_#{kind} role_select_boxes_role_#{role}" %>
+            </td>
+            <td>
+              <%= link_to_function("#{role}", "toggleCheckboxesBySelector('.role_select_boxes_role_#{role}')", :title => _("Check/Uncheck all %s changes") % role) %>
+            </td>
+            <td><%= role.hosts.count %></td>
+            <td><%= role.hostgroups.count %></td>
+            <td>
+              <%= { "new" => _("Add"), "obsolete" => _("Remove") }[kind] %>
+            </td>
+          </tr>
+        <% end %>
+      <% end %>
+    </tbody>
+  </table>
+  <div>
+    <%= link_to _("Cancel"), ansible_roles_path, :class => "btn btn-default" %>
+    <%= submit_tag _("Update"), :class => "btn btn-primary" %>
+  </div>
+<% end %>

data/app/views/ansible_roles/index.html.erb

@@ -0,0 +1,30 @@
+<% title _("Ansible Roles") %>
+
+<% title_actions ansible_proxy_import(hash_for_import_ansible_roles_path) %>
+
+<table class="<%= table_css_classes 'table-fixed' %>">
+  <thead>
+    <tr>
+      <th class="col-md-3"><%= sort :name, :as => s_("Role|Name") %></th>
+      <th class="col-md-3"><%= _("Imported at") %></th>
+      <th class="col-md-1"><%= _("Actions") %></th>
+    </tr>
+  </thead>
+  <tbody>
+    <% @ansible_roles.each do |role| %>
+      <tr>
+        <td class="ellipsis"><%= role.name %></td>
+        <td class="ellipsis"><%= import_time role %></td>
+        <td>
+          <%
+            links = [display_delete_if_authorized(hash_for_ansible_role_path(:id => role).merge(:auth_object => role, :authorizer => authorizer),
+                      :data => { :confirm => _("Delete %s?") % role.name }, :action => :delete)]
+          %>
+          <%= action_buttons(*links) %>
+        </td>
+      </tr>
+    <% end %>
+  </tbody>
+</table>
+
+<%= will_paginate_with_info @ansible_roles %>

data/app/views/ansible_roles/welcome.html.erb

@@ -0,0 +1,14 @@
+<% content_for(:title, _("Ansible Roles")) %>
+<div class="blank-slate-pf">
+  <div class="blank-slate-pf-icon">
+    <%= icon_text("play", "", :kind => "fa") %>
+  </div>
+  <h1><%= _('Ansible Roles') %></h1>
+  <p><%= _('No ansible roles were found in Foreman. If you want to assign roles to your hosts,
+             you have to import them first.').html_safe %>
+  </p>
+  <p><%= link_to(_('Learn more about this in the documentation.'), ansible_doc_url) %></p>
+  <div class="blank-slate-pf-secondary-action">
+    <%= ansible_proxy_import(hash_for_import_ansible_roles_path) %>
+  </div>
+</div>

data/app/views/api/v2/ansible_roles/import.json.rabl

@@ -0,0 +1,3 @@
+collection @imported => :imported
+
+extends 'api/v2/ansible_roles/show'

data/app/views/api/v2/ansible_roles/index.json.rabl

@@ -0,0 +1,3 @@
+collection @ansible_roles
+
+extends 'api/v2/ansible_roles/show'

data/app/views/api/v2/ansible_roles/obsolete.json.rabl

@@ -0,0 +1,3 @@
+collection @obsoleted => :obsoleted
+
+extends 'api/v2/ansible_roles/show'

data/app/views/api/v2/ansible_roles/show.json.rabl

@@ -0,0 +1,3 @@
+object @ansible_role
+
+attributes :name, :created_at, :updated_at

data/app/views/foreman_ansible/ansible_roles/_select_tab_content.html.erb

@@ -0,0 +1,6 @@
+<div class='tab-pane' id='ansible_roles'>
+  <%= multiple_selects(f, :ansible_roles, AnsibleRole, f.object.all_ansible_roles.map(&:id),
+                           {:disabled => f.object.inherited_ansible_roles.map(&:id),
+                            :label => _('Available roles')},
+                           { 'data-inheriteds' => f.object.inherited_ansible_roles.map(&:id).to_json }) %>
+</div>

data/config/routes.rb

@@ -1,6 +1,6 @@
 Rails.application.routes.draw do
-  scope :ansible, :path => '/ansible', :as => 'ansible' do
-    constraints(:id => /[^\/]+/) do
+  scope '/ansible' do
+    constraints(:id => %r{[^\/]+}) do
       resources :hosts, :only => [] do
         member do
           get :play_roles
@@ -10,5 +10,28 @@ Rails.application.routes.draw do
         end
       end
     end
+
+    resources :ansible_roles, :only => [:index, :destroy] do
+      collection do
+        get :import
+        post :confirm_import
+      end
+    end
+
+    namespace :api do
+      scope '(:apiv)',
+            :module      => :v2,
+            :defaults    => { :apiv => 'v2' },
+            :apiv        => /v1|v2/,
+            :constraints => ApiConstraints.new(:version => 2) do
+
+        resources :ansible_roles, :only => [:show, :index, :destroy] do
+          collection do
+            put :import
+            put :obsolete
+          end
+        end
+      end
+    end
   end
 end

data/db/migrate/20160705082036_create_ansible_role.rb

@@ -1,7 +1,8 @@
+# Creates simple model of Ansible Role
 class CreateAnsibleRole < ActiveRecord::Migration
   def change
     create_table :ansible_roles do |t|
-      t.string :name, :null => false, :limit => 255
+      t.string :name, :null => false, :limit => 255, :unique => true
     end
   end
 end