foreman_ansible 5.1.3 → 6.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/ansible_inventories_controller.rb +2 -2
- data/app/helpers/foreman_ansible/ansible_reports_helper.rb +1 -1
- data/app/models/ansible_role.rb +6 -0
- data/app/models/concerns/foreman_ansible/host_managed_extensions.rb +5 -0
- data/app/models/concerns/foreman_ansible/hostgroup_extensions.rb +12 -0
- data/app/models/foreman_ansible/ansible_provider.rb +6 -10
- data/app/services/foreman_ansible/ansible_report_importer.rb +1 -1
- data/app/services/foreman_ansible/ansible_report_scanner.rb +9 -6
- data/app/services/foreman_ansible/operating_system_parser.rb +8 -2
- data/app/services/foreman_ansible/renderer_methods.rb +11 -0
- data/app/services/foreman_ansible/variables_importer.rb +3 -3
- data/app/views/ansible_roles/welcome.html.erb +1 -1
- data/app/views/foreman_ansible/job_templates/capsule_upgrade_-_ansible_default.erb +3 -4
- data/app/views/foreman_ansible/job_templates/configure_cloud_connector_-_ansible_default.erb +2 -1
- data/lib/foreman_ansible/register.rb +5 -1
- data/lib/foreman_ansible/remote_execution.rb +8 -1
- data/lib/foreman_ansible/version.rb +1 -1
- data/test/fixtures/report.json +2 -1
- data/test/unit/ansible_provider_test.rb +3 -3
- data/test/unit/lib/foreman_ansible_core/ansible_runner_test.rb +6 -6
- data/test/unit/lib/foreman_ansible_core/playbook_runner_test.rb +6 -6
- data/test/unit/services/inventory_creator_test.rb +3 -3
- data/webpack/components/ReportJsonViewer.js +1 -1
- metadata +23 -37
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '059c70bd67d597c230eea6135f738afd7c203c27cb1e1d1a7d5b3b88bada984f'
|
|
4
|
+
data.tar.gz: 2509eb475c69a745d46f726700a5308ee128823f90aaa8e852067b941797141e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 212613afe4068af042fcb9340bddab879afd4c0b7ced2a6748861561cd76ed185609d2582fed69b03af76f7753b83cb5a18923f2d2170480a1deb3e17fb34338
|
|
7
|
+
data.tar.gz: 4134c4f15af8a5567ddc319978f5c1538e982bc83923d9ba8a1c45a524fb0d7628f236079d6355c9ab5f5d5ca931a85f1bd1c52673efb2ae2e7f2ed8a21d4b9d
|
|
@@ -72,8 +72,8 @@ module Api
|
|
|
72
72
|
process_resource_error(:resource => @ansible_inventory)
|
|
73
73
|
end
|
|
74
74
|
rescue StandardError => e
|
|
75
|
-
render_error
|
|
76
|
-
|
|
75
|
+
render_error :custom_error, :status => :unprocessable_entity,
|
|
76
|
+
:locals => { :message => _("Scheduling Report template failed for: #{e.message}") }
|
|
77
77
|
end
|
|
78
78
|
|
|
79
79
|
def action_permission
|
|
@@ -68,7 +68,7 @@ module ForemanAnsible
|
|
|
68
68
|
prettyp.gsub!(/^(\[|\])/, '')
|
|
69
69
|
prettyp.gsub!(/^[\s]*$\n/, '')
|
|
70
70
|
paragraph_style = 'white-space:pre;padding: 2em 0'
|
|
71
|
-
|
|
71
|
+
tag(:p, prettyp, :style => paragraph_style)
|
|
72
72
|
end
|
|
73
73
|
|
|
74
74
|
def hash_with_keys_removed(hash)
|
data/app/models/ansible_role.rb
CHANGED
|
@@ -28,6 +28,12 @@ class AnsibleRole < ApplicationRecord
|
|
|
28
28
|
scoped_search :relation => :hostgroups,
|
|
29
29
|
:on => :name, :rename => :hostgroup, :only_explicit => true
|
|
30
30
|
|
|
31
|
+
apipie :class, "A class representing #{model_name.human} object" do
|
|
32
|
+
name 'Ansible role'
|
|
33
|
+
refs 'AnsibleRole'
|
|
34
|
+
sections only: %w[all additional]
|
|
35
|
+
property :name, String, desc: 'Returns name of the ansible role'
|
|
36
|
+
end
|
|
31
37
|
# Methods to be allowed in any template with safemode enabled
|
|
32
38
|
class Jail < Safemode::Jail
|
|
33
39
|
allow :name
|
|
@@ -67,6 +67,11 @@ end
|
|
|
67
67
|
|
|
68
68
|
module Host
|
|
69
69
|
class Managed
|
|
70
|
+
apipie :class do
|
|
71
|
+
property :all_ansible_roles, array_of: 'AnsibleRole', desc: 'Returns all ansible roles assigned to the host, both its own and inherited from the host group and its parents'
|
|
72
|
+
property :ansible_roles, array_of: 'AnsibleRole', desc: 'Returns ansible roles directly assigned to the host'
|
|
73
|
+
property :inherited_ansible_roles, array_of: 'AnsibleRole', desc: 'Returns only ansible roles assigned to the host\'s host group and its parents'
|
|
74
|
+
end
|
|
70
75
|
# Methods to be allowed in any template with safemode enabled
|
|
71
76
|
class Jail < Safemode::Jail
|
|
72
77
|
allow :all_ansible_roles, :ansible_roles, :inherited_ansible_roles
|
|
@@ -36,3 +36,15 @@ module ForemanAnsible
|
|
|
36
36
|
end
|
|
37
37
|
end
|
|
38
38
|
end
|
|
39
|
+
|
|
40
|
+
class Hostgroup
|
|
41
|
+
apipie :class do
|
|
42
|
+
property :all_ansible_roles, array_of: 'AnsibleRole', desc: 'Returns all ansible roles assigned to the host group, both its own and inherited from parent host groups'
|
|
43
|
+
property :ansible_roles, array_of: 'AnsibleRole', desc: 'Returns ansible roles directly assigned to the host group'
|
|
44
|
+
property :inherited_ansible_roles, array_of: 'AnsibleRole', desc: 'Returns only the inherited ansible roles assigned to the host group\'s parents'
|
|
45
|
+
end
|
|
46
|
+
# Methods to be allowed in any template with safemode enabled
|
|
47
|
+
class Jail < Safemode::Jail
|
|
48
|
+
allow :all_ansible_roles, :ansible_roles, :inherited_ansible_roles
|
|
49
|
+
end
|
|
50
|
+
end
|
|
@@ -35,8 +35,8 @@ if defined? ForemanRemoteExecution
|
|
|
35
35
|
{
|
|
36
36
|
'per-host' => {
|
|
37
37
|
host.name => {
|
|
38
|
-
'
|
|
39
|
-
'
|
|
38
|
+
'ansible_password' => rex_ssh_password(host),
|
|
39
|
+
'ansible_become_password' => rex_effective_user_password(host)
|
|
40
40
|
}
|
|
41
41
|
}
|
|
42
42
|
}
|
|
@@ -46,8 +46,8 @@ if defined? ForemanRemoteExecution
|
|
|
46
46
|
host_setting(host, 'remote_execution_ssh_password')
|
|
47
47
|
end
|
|
48
48
|
|
|
49
|
-
def
|
|
50
|
-
host_setting(host, '
|
|
49
|
+
def rex_effective_user_password(host)
|
|
50
|
+
host_setting(host, 'remote_execution_effective_user_password')
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
def host_setting(host, setting)
|
|
@@ -62,12 +62,8 @@ if defined? ForemanRemoteExecution
|
|
|
62
62
|
'ansible-runner'
|
|
63
63
|
end
|
|
64
64
|
|
|
65
|
-
def
|
|
66
|
-
|
|
67
|
-
::DefaultProxyProxySelector.new
|
|
68
|
-
else
|
|
69
|
-
super
|
|
70
|
-
end
|
|
65
|
+
def proxy_action_class
|
|
66
|
+
'ForemanAnsibleCore::TaskLauncher::Playbook::PlaybookRunnerAction'
|
|
71
67
|
end
|
|
72
68
|
|
|
73
69
|
private
|
|
@@ -9,7 +9,7 @@ module ForemanAnsible
|
|
|
9
9
|
included do
|
|
10
10
|
def host
|
|
11
11
|
hostname = name.downcase
|
|
12
|
-
if AnsibleReportScanner.ansible_report?(raw
|
|
12
|
+
if AnsibleReportScanner.ansible_report?(raw) &&
|
|
13
13
|
IPAddress.valid?(hostname) &&
|
|
14
14
|
Nic::Interface.find_by(:ip => hostname)
|
|
15
15
|
@host = Nic::Interface.find_by(:ip => hostname).host
|
|
@@ -5,14 +5,17 @@ module ForemanAnsible
|
|
|
5
5
|
# sets the origin of the report to 'Ansible'
|
|
6
6
|
class AnsibleReportScanner
|
|
7
7
|
class << self
|
|
8
|
-
def
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
8
|
+
def add_reporter_data(report, raw); end
|
|
9
|
+
|
|
10
|
+
def identify_origin(raw)
|
|
11
|
+
'Ansible' if ansible_report?(raw)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def ansible_report?(raw)
|
|
15
|
+
raw['reporter'] == 'ansible' || ansible_legacy_report?(raw['logs'])
|
|
13
16
|
end
|
|
14
17
|
|
|
15
|
-
def
|
|
18
|
+
def ansible_legacy_report?(logs)
|
|
16
19
|
return false if logs.blank?
|
|
17
20
|
logs.any? do |log|
|
|
18
21
|
log['log'].fetch('messages', {}).
|
|
@@ -80,8 +80,14 @@ module ForemanAnsible
|
|
|
80
80
|
facts[:ansible_os_name].tr(" \n\t", '') ||
|
|
81
81
|
facts[:ansible_distribution].tr(" \n\t", '')
|
|
82
82
|
else
|
|
83
|
-
facts[:ansible_distribution] ||
|
|
84
|
-
|
|
83
|
+
distribution = facts[:ansible_distribution] || facts[:ansible_lsb].try(:[], 'id')
|
|
84
|
+
|
|
85
|
+
if distribution == 'RedHat' &&
|
|
86
|
+
facts[:ansible_lsb].try(:[], 'id') == 'RedHatEnterpriseWorkstation'
|
|
87
|
+
distribution += '_Workstation'
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
distribution
|
|
85
91
|
end
|
|
86
92
|
end
|
|
87
93
|
|
|
@@ -4,7 +4,18 @@ module ForemanAnsible
|
|
|
4
4
|
# Macro to fetch RH Insights plan playbook
|
|
5
5
|
module RendererMethods
|
|
6
6
|
extend ActiveSupport::Concern
|
|
7
|
+
extend ApipieDSL::Module
|
|
7
8
|
|
|
9
|
+
apipie :class, 'Macros related to Ansible playbooks' do
|
|
10
|
+
name 'Ansible'
|
|
11
|
+
sections only: %w[all jobs]
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
apipie :method, 'Returns Insights maintenance plan for host' do
|
|
15
|
+
required :plan_id, String, desc: 'The playbook for the rule coming from insights'
|
|
16
|
+
optional :organization_id, Integer, desc: 'The Foreman organization associated with the Insights account', default: 'Current organization ID'
|
|
17
|
+
returns String, desc: 'Insights maintenance plan for host'
|
|
18
|
+
end
|
|
8
19
|
def insights_remediation(plan_id, organization_id = Organization.current.id)
|
|
9
20
|
return "$INSIGHTS_REMEDIATION[#{plan_id}, #{organization_id}]" if preview?
|
|
10
21
|
|
|
@@ -78,7 +78,7 @@ module ForemanAnsible
|
|
|
78
78
|
def create_new_variables(variables)
|
|
79
79
|
iterate_over_variables(variables) do |role, memo, attrs|
|
|
80
80
|
variable = AnsibleVariable.new(
|
|
81
|
-
JSON.parse(attrs)
|
|
81
|
+
JSON.parse(attrs)
|
|
82
82
|
)
|
|
83
83
|
variable.ansible_role = ::AnsibleRole.find_by(:name => role)
|
|
84
84
|
variable.save
|
|
@@ -88,7 +88,7 @@ module ForemanAnsible
|
|
|
88
88
|
|
|
89
89
|
def update_variables(variables)
|
|
90
90
|
iterate_over_variables(variables) do |_role, memo, attrs|
|
|
91
|
-
attributes = JSON.parse(attrs)
|
|
91
|
+
attributes = JSON.parse(attrs)
|
|
92
92
|
var = AnsibleVariable.find attributes['id']
|
|
93
93
|
var.update(attributes)
|
|
94
94
|
memo << var
|
|
@@ -98,7 +98,7 @@ module ForemanAnsible
|
|
|
98
98
|
def delete_old_variables(variables)
|
|
99
99
|
iterate_over_variables(variables) do |_role, memo, attrs|
|
|
100
100
|
variable = AnsibleVariable.find(
|
|
101
|
-
JSON.parse(attrs)['
|
|
101
|
+
JSON.parse(attrs)['id']
|
|
102
102
|
)
|
|
103
103
|
memo << variable.key
|
|
104
104
|
variable.destroy
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
<%= icon_text("play", "", :kind => "fa") %>
|
|
5
5
|
</div>
|
|
6
6
|
<h1><%= _('Ansible Roles') %></h1>
|
|
7
|
-
<p><%= _('No
|
|
7
|
+
<p><%= _('No Ansible Roles were found in Foreman. If you want to assign roles to your hosts,
|
|
8
8
|
you have to import them first.').html_safe %>
|
|
9
9
|
</p>
|
|
10
10
|
<p><%= link_to(_('Learn more about this in the documentation.'), documentation_url('#4.1ImportingRoles', :root_url => ansible_doc_url), target: '_blank') %></p>
|
|
@@ -15,7 +15,7 @@ template_inputs:
|
|
|
15
15
|
value_type: plain
|
|
16
16
|
hidden_value: false
|
|
17
17
|
model: JobTemplate
|
|
18
|
-
job_category:
|
|
18
|
+
job_category: Maintenance Operations
|
|
19
19
|
description_format: "%{template_name}"
|
|
20
20
|
provider_type: Ansible
|
|
21
21
|
kind: job_template
|
|
@@ -34,11 +34,10 @@ feature: ansible_run_capsule_upgrade
|
|
|
34
34
|
msg: "This playbook cannot be executed on a Satellite server. Use only on a Capsule server."
|
|
35
35
|
when: "'satellite' in ansible_facts.packages"
|
|
36
36
|
|
|
37
|
-
- name: Install satellite-maintain if not present
|
|
37
|
+
- name: Install|Update satellite-maintain if not present
|
|
38
38
|
package:
|
|
39
39
|
name: rubygem-foreman_maintain
|
|
40
|
-
state:
|
|
41
|
-
when: "'rubygem-foreman_maintain' not in ansible_facts.packages"
|
|
40
|
+
state: latest
|
|
42
41
|
|
|
43
42
|
- block:
|
|
44
43
|
<%- whitelist_option = if input('whitelist_options').present?
|
data/app/views/foreman_ansible/job_templates/configure_cloud_connector_-_ansible_default.erb
CHANGED
|
@@ -22,10 +22,11 @@ template_inputs:
|
|
|
22
22
|
hidden_value: false
|
|
23
23
|
description: You can specify a HTTP proxy address that should be used for Cloud Connector connection to the cloud.redhat.com. Note that it must be HTTP proxy, not HTTPS. The tunelling of SSL (secured web socket connection) in SSL (HTTPS proxy) is currently unsupported.
|
|
24
24
|
model: JobTemplate
|
|
25
|
-
job_category:
|
|
25
|
+
job_category: Maintenance Operations
|
|
26
26
|
description_format: "%{template_name}"
|
|
27
27
|
provider_type: Ansible
|
|
28
28
|
kind: job_template
|
|
29
|
+
feature: ansible_configure_cloud_connector
|
|
29
30
|
%>
|
|
30
31
|
|
|
31
32
|
---
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
Foreman::Plugin.register :foreman_ansible do
|
|
4
|
-
requires_foreman '>= 2.
|
|
4
|
+
requires_foreman '>= 2.2'
|
|
5
5
|
|
|
6
6
|
security_block :foreman_ansible do
|
|
7
7
|
permission :play_roles_on_host,
|
|
@@ -109,6 +109,10 @@ Foreman::Plugin.register :foreman_ansible do
|
|
|
109
109
|
apipie_documented_controllers [
|
|
110
110
|
"#{ForemanAnsible::Engine.root}/app/controllers/api/v2/*.rb"
|
|
111
111
|
]
|
|
112
|
+
ApipieDSL.configuration.dsl_classes_matchers += [
|
|
113
|
+
"#{ForemanAnsible::Engine.root}/app/models/*.rb",
|
|
114
|
+
"#{ForemanAnsible::Engine.root}/app/services/foreman_ansible/*.rb"
|
|
115
|
+
]
|
|
112
116
|
|
|
113
117
|
register_info_provider ForemanAnsible::AnsibleInfo
|
|
114
118
|
|
|
@@ -45,7 +45,14 @@ module ForemanAnsible
|
|
|
45
45
|
RemoteExecutionFeature.register(
|
|
46
46
|
:ansible_run_capsule_upgrade,
|
|
47
47
|
N_('Upgrade Capsules on given hosts'),
|
|
48
|
-
:description => N_('Upgrade Capsules on given Capsule server hosts')
|
|
48
|
+
:description => N_('Upgrade Capsules on given Capsule server hosts'),
|
|
49
|
+
:proxy_selector_override => ::RemoteExecutionProxySelector::INTERNAL_PROXY
|
|
50
|
+
)
|
|
51
|
+
RemoteExecutionFeature.register(
|
|
52
|
+
:ansible_configure_cloud_connector,
|
|
53
|
+
N_('Configure Cloud Connector on given hosts'),
|
|
54
|
+
:description => N_('Configure Cloud Connector on given hosts'),
|
|
55
|
+
:proxy_selector_override => ::RemoteExecutionProxySelector::INTERNAL_PROXY
|
|
49
56
|
)
|
|
50
57
|
end
|
|
51
58
|
end
|
data/test/fixtures/report.json
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
{
|
|
2
|
+
"reporter": "ansible",
|
|
2
3
|
"reported_at":"2018-01-15 17:31:36 521275",
|
|
3
4
|
"metrics": {
|
|
4
5
|
"time":
|
|
@@ -17,7 +18,7 @@
|
|
|
17
18
|
"source": "common : Install Common packages"
|
|
18
19
|
},
|
|
19
20
|
"messages": {
|
|
20
|
-
"message": "{\"msg\": \"All items completed\", \"changed\": false, \"results\": [{\"
|
|
21
|
+
"message": "{\"msg\": \"All items completed\", \"changed\": false, \"results\": [{\"changed\": false, \"_ansible_no_log\": false, \"cache_updated\": false, \"_ansible_item_result\": true, \"failed\": false, \"item\": \"git\", \"invocation\": {\"module_args\": {\"dpkg_options\": \"force-confdef,force-confold\", \"upgrade\": null, \"force\": false, \"force_apt_get\": false, \"package\": [\"git\"], \"autoclean\": false, \"name\": \"git\", \"purge\": false, \"allow_unauthenticated\": false, \"state\": \"present\", \"autoremove\": false, \"update_cache\": null, \"default_release\": null, \"only_upgrade\": false, \"cache_valid_time\": 0, \"deb\": null, \"install_recommends\": null}}, \"_ansible_ignore_errors\": null, \"cache_update_time\": 1515797094}, {\"_ansible_parsed\": true, \"changed\": false, \"_ansible_no_log\": false, \"cache_updated\": false, \"_ansible_item_result\": true, \"failed\": false, \"item\": \"htop\", \"invocation\": {\"module_args\": {\"dpkg_options\": \"force-confdef,force-confold\", \"upgrade\": null, \"force\": false, \"force_apt_get\": false, \"package\": [\"htop\"], \"autoclean\": false, \"name\": \"htop\", \"purge\": false, \"allow_unauthenticated\": false, \"state\": \"present\", \"autoremove\": false, \"update_cache\": null, \"default_release\": null, \"only_upgrade\": false, \"cache_valid_time\": 0, \"deb\": null, \"install_recommends\": null}}, \"_ansible_ignore_errors\": null, \"cache_update_time\": 1515797094}, {\"_ansible_parsed\": true, \"changed\": false, \"_ansible_no_log\": false, \"cache_updated\": false, \"_ansible_item_result\": true, \"failed\": false, \"item\": \"zsh\", \"invocation\": {\"module_args\": {\"dpkg_options\": \"force-confdef,force-confold\", \"upgrade\": null, \"force\": false, \"force_apt_get\": false, \"package\": [\"zsh\"], \"autoclean\": false, \"name\": \"zsh\", \"purge\": false, \"allow_unauthenticated\": false, \"state\": \"present\", \"autoremove\": false, \"update_cache\": null, \"default_release\": null, \"only_upgrade\": false, \"cache_valid_time\": 0, \"deb\": null, \"install_recommends\": null}}, \"_ansible_ignore_errors\": null, \"cache_update_time\": 1515797094}]}"},"level":"info"}},{"log":{"sources":{"source":"common : Copy default motd"},"messages":{"message":"{\"_ansible_parsed\": true, \"group\": \"root\", \"uid\": 0, \"checksum\": \"0a381ff6a86081af6dc957a77c7e2017a3244c4c\", \"changed\": false, \"owner\": \"root\", \"state\": \"file\", \"gid\": 0, \"mode\": \"0644\", \"diff\": {\"after\": {\"path\": \"/etc/motd\"}, \"before\": {\"path\": \"/etc/motd\"}}, \"invocation\": {\"module_args\": {\"directory_mode\": null, \"force\": false, \"remote_src\": null, \"path\": \"/etc/motd\", \"owner\": \"root\", \"follow\": false, \"group\": \"root\", \"unsafe_writes\": null, \"state\": \"file\", \"content\": null, \"serole\": null, \"diff_peek\": null, \"setype\": null, \"dest\": \"/etc/motd\", \"selevel\": null, \"original_basename\": \"motd.txt\", \"regexp\": null, \"validate\": null, \"src\": \"motd.txt\", \"seuser\": null, \"recurse\": false, \"delimiter\": null, \"mode\": null, \"attributes\": null, \"backup\": null}}, \"path\": \"/etc/motd\", \"size\": 1090, \"_ansible_no_log\": false}"
|
|
21
22
|
},
|
|
22
23
|
"level": "info"
|
|
23
24
|
}
|
|
@@ -35,13 +35,13 @@ class AnsibleProviderTest < ActiveSupport::TestCase
|
|
|
35
35
|
it 'generates secrets properly' do
|
|
36
36
|
params = {
|
|
37
37
|
'remote_execution_ssh_password' => 'password',
|
|
38
|
-
'
|
|
38
|
+
'remote_execution_effective_user_password' => 'letmein'
|
|
39
39
|
}
|
|
40
40
|
host.expects(:params).twice.returns(params)
|
|
41
41
|
secrets = ForemanAnsible::AnsibleProvider.secrets(host)
|
|
42
42
|
host_secrets = secrets['per-host'][host.name]
|
|
43
|
-
assert_equal host_secrets['
|
|
44
|
-
assert_equal host_secrets['
|
|
43
|
+
assert_equal host_secrets['ansible_password'], 'password'
|
|
44
|
+
assert_equal host_secrets['ansible_become_password'], 'letmein'
|
|
45
45
|
end
|
|
46
46
|
end
|
|
47
47
|
|
|
@@ -24,7 +24,7 @@ module ForemanAnsibleCore
|
|
|
24
24
|
'_meta' => { 'hostvars' => { 'foreman.example.com' => {} } } }
|
|
25
25
|
end
|
|
26
26
|
let(:input) do
|
|
27
|
-
host_secrets = { '
|
|
27
|
+
host_secrets = { 'ansible_password' => 'letmein', 'ansible_become_password' => 'iamroot' }
|
|
28
28
|
secrets = { 'per-host' => { 'foreman.example.com' => host_secrets } }
|
|
29
29
|
host_input = { 'input' => { 'action_input' => { 'secrets' => secrets } } }
|
|
30
30
|
{ 'foreman.example.com' => host_input }
|
|
@@ -32,18 +32,18 @@ module ForemanAnsibleCore
|
|
|
32
32
|
let(:runner) { ForemanAnsibleCore::Runner::AnsibleRunner.allocate }
|
|
33
33
|
|
|
34
34
|
test 'uses secrets from inventory' do
|
|
35
|
-
test_inventory = inventory.merge('ssh_password' => 'sshpass', '
|
|
35
|
+
test_inventory = inventory.merge('ssh_password' => 'sshpass', 'effective_user_password' => 'mypass')
|
|
36
36
|
rebuilt = runner.send(:rebuild_secrets, test_inventory, input)
|
|
37
37
|
host_vars = rebuilt.dig('_meta', 'hostvars', 'foreman.example.com')
|
|
38
|
-
assert_equal 'sshpass', host_vars['
|
|
39
|
-
assert_equal '
|
|
38
|
+
assert_equal 'sshpass', host_vars['ansible_password']
|
|
39
|
+
assert_equal 'mypass', host_vars['ansible_become_password']
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
test 'host secrets are used when not overriden by inventory secrest' do
|
|
43
43
|
rebuilt = runner.send(:rebuild_secrets, inventory, input)
|
|
44
44
|
host_vars = rebuilt.dig('_meta', 'hostvars', 'foreman.example.com')
|
|
45
|
-
assert_equal 'letmein', host_vars['
|
|
46
|
-
assert_equal 'iamroot', host_vars['
|
|
45
|
+
assert_equal 'letmein', host_vars['ansible_password']
|
|
46
|
+
assert_equal 'iamroot', host_vars['ansible_become_password']
|
|
47
47
|
end
|
|
48
48
|
end
|
|
49
49
|
end
|
|
@@ -87,24 +87,24 @@ class PlaybookRunnerTest < ActiveSupport::TestCase
|
|
|
87
87
|
'_meta' => { 'hostvars' => { 'foreman.example.com' => {} } } }
|
|
88
88
|
end
|
|
89
89
|
let(:secrets) do
|
|
90
|
-
host_secrets = { '
|
|
90
|
+
host_secrets = { 'ansible_password' => 'letmein', 'ansible_become_password' => 'iamroot' }
|
|
91
91
|
{ 'per-host' => { 'foreman.example.com' => host_secrets } }
|
|
92
92
|
end
|
|
93
93
|
let(:runner) { ForemanAnsibleCore::Runner::Playbook.allocate }
|
|
94
94
|
|
|
95
95
|
test 'uses secrets from inventory' do
|
|
96
|
-
test_inventory = inventory.merge('ssh_password' => 'sshpass', '
|
|
96
|
+
test_inventory = inventory.merge('ssh_password' => 'sshpass', 'effective_user_password' => 'mypass')
|
|
97
97
|
rebuilt = runner.send(:rebuild_secrets, test_inventory, secrets)
|
|
98
98
|
host_vars = rebuilt.dig('_meta', 'hostvars', 'foreman.example.com')
|
|
99
|
-
assert_equal 'sshpass', host_vars['
|
|
100
|
-
assert_equal '
|
|
99
|
+
assert_equal 'sshpass', host_vars['ansible_password']
|
|
100
|
+
assert_equal 'mypass', host_vars['ansible_become_password']
|
|
101
101
|
end
|
|
102
102
|
|
|
103
103
|
test 'host secrets are used when not overriden by inventory secrest' do
|
|
104
104
|
rebuilt = runner.send(:rebuild_secrets, inventory, secrets)
|
|
105
105
|
host_vars = rebuilt.dig('_meta', 'hostvars', 'foreman.example.com')
|
|
106
|
-
assert_equal 'letmein', host_vars['
|
|
107
|
-
assert_equal 'iamroot', host_vars['
|
|
106
|
+
assert_equal 'letmein', host_vars['ansible_password']
|
|
107
|
+
assert_equal 'iamroot', host_vars['ansible_become_password']
|
|
108
108
|
end
|
|
109
109
|
end
|
|
110
110
|
end
|
|
@@ -10,7 +10,7 @@ module ForemanAnsible
|
|
|
10
10
|
@host = FactoryBot.build(:host)
|
|
11
11
|
@template_invocation = OpenStruct.new(
|
|
12
12
|
:job_invocation => OpenStruct.new(:password => 'foobar',
|
|
13
|
-
:
|
|
13
|
+
:effective_user_password => 'foobar'),
|
|
14
14
|
:effective_user => 'foobar'
|
|
15
15
|
)
|
|
16
16
|
end
|
|
@@ -69,8 +69,8 @@ module ForemanAnsible
|
|
|
69
69
|
connection_params['ansible_winrm_server_cert_validation']
|
|
70
70
|
assert_equal Setting['remote_execution_effective_user_method'],
|
|
71
71
|
connection_params['ansible_become_method']
|
|
72
|
-
refute connection_params.key?('
|
|
73
|
-
refute connection_params.key?('
|
|
72
|
+
refute connection_params.key?('ansible_password')
|
|
73
|
+
refute connection_params.key?('ansible_become_password')
|
|
74
74
|
end
|
|
75
75
|
|
|
76
76
|
test 'ssh private key is passed when available' do
|
metadata
CHANGED
|
@@ -1,29 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_ansible
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 6.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Lobato Garcia
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-01-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
-
- !ruby/object:Gem::Dependency
|
|
14
|
-
name: rubocop
|
|
15
|
-
requirement: !ruby/object:Gem::Requirement
|
|
16
|
-
requirements:
|
|
17
|
-
- - "~>"
|
|
18
|
-
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.80.0
|
|
20
|
-
type: :development
|
|
21
|
-
prerelease: false
|
|
22
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
-
requirements:
|
|
24
|
-
- - "~>"
|
|
25
|
-
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.80.0
|
|
27
13
|
- !ruby/object:Gem::Dependency
|
|
28
14
|
name: foreman_ansible_core
|
|
29
15
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -58,14 +44,14 @@ dependencies:
|
|
|
58
44
|
requirements:
|
|
59
45
|
- - ">="
|
|
60
46
|
- !ruby/object:Gem::Version
|
|
61
|
-
version:
|
|
47
|
+
version: 4.2.0
|
|
62
48
|
type: :runtime
|
|
63
49
|
prerelease: false
|
|
64
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
51
|
requirements:
|
|
66
52
|
- - ">="
|
|
67
53
|
- !ruby/object:Gem::Version
|
|
68
|
-
version:
|
|
54
|
+
version: 4.2.0
|
|
69
55
|
- !ruby/object:Gem::Dependency
|
|
70
56
|
name: ipaddress
|
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -347,7 +333,7 @@ homepage: https://github.com/theforeman/foreman_ansible
|
|
|
347
333
|
licenses:
|
|
348
334
|
- GPL-3.0
|
|
349
335
|
metadata: {}
|
|
350
|
-
post_install_message:
|
|
336
|
+
post_install_message:
|
|
351
337
|
rdoc_options: []
|
|
352
338
|
require_paths:
|
|
353
339
|
- lib
|
|
@@ -362,8 +348,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
362
348
|
- !ruby/object:Gem::Version
|
|
363
349
|
version: '0'
|
|
364
350
|
requirements: []
|
|
365
|
-
rubygems_version: 3.
|
|
366
|
-
signing_key:
|
|
351
|
+
rubygems_version: 3.1.2
|
|
352
|
+
signing_key:
|
|
367
353
|
specification_version: 4
|
|
368
354
|
summary: Ansible integration with Foreman (theforeman.org)
|
|
369
355
|
test_files:
|
|
@@ -371,41 +357,41 @@ test_files:
|
|
|
371
357
|
- test/factories/ansible_roles.rb
|
|
372
358
|
- test/factories/ansible_variables.rb
|
|
373
359
|
- test/fixtures/insights_playbook.yaml
|
|
374
|
-
- test/fixtures/sample_facts.json
|
|
375
360
|
- test/fixtures/report.json
|
|
361
|
+
- test/fixtures/sample_facts.json
|
|
362
|
+
- test/functional/ansible_roles_controller_test.rb
|
|
363
|
+
- test/functional/ansible_variables_controller_test.rb
|
|
364
|
+
- test/functional/api/v2/ansible_inventories_controller_test.rb
|
|
376
365
|
- test/functional/api/v2/ansible_roles_controller_test.rb
|
|
366
|
+
- test/functional/api/v2/ansible_variables_controller_test.rb
|
|
377
367
|
- test/functional/api/v2/hostgroups_controller_test.rb
|
|
378
368
|
- test/functional/api/v2/hosts_controller_test.rb
|
|
379
|
-
- test/functional/api/v2/ansible_inventories_controller_test.rb
|
|
380
|
-
- test/functional/api/v2/ansible_variables_controller_test.rb
|
|
381
|
-
- test/functional/ansible_roles_controller_test.rb
|
|
382
|
-
- test/functional/ansible_variables_controller_test.rb
|
|
383
|
-
- test/functional/ui_ansible_roles_controller_test.rb
|
|
384
369
|
- test/functional/hosts_controller_test.rb
|
|
370
|
+
- test/functional/ui_ansible_roles_controller_test.rb
|
|
371
|
+
- test/test_plugin_helper.rb
|
|
385
372
|
- test/unit/actions/run_ansible_job_test.rb
|
|
386
373
|
- test/unit/actions/run_proxy_ansible_command_test.rb
|
|
374
|
+
- test/unit/ansible_role_test.rb
|
|
375
|
+
- test/unit/ansible_variable_test.rb
|
|
387
376
|
- test/unit/concerns/config_reports_extensions_test.rb
|
|
388
377
|
- test/unit/concerns/host_managed_extensions_test.rb
|
|
389
378
|
- test/unit/concerns/hostgroup_extensions_test.rb
|
|
390
379
|
- test/unit/helpers/ansible_reports_helper_test.rb
|
|
380
|
+
- test/unit/host_ansible_role_test.rb
|
|
381
|
+
- test/unit/hostgroup_ansible_role_test.rb
|
|
391
382
|
- test/unit/lib/foreman_ansible_core/command_creator_test.rb
|
|
392
383
|
- test/unit/lib/foreman_ansible_core/ansible_runner_test.rb
|
|
393
384
|
- test/unit/lib/foreman_ansible_core/playbook_runner_test.rb
|
|
394
385
|
- test/unit/lib/proxy_api/ansible_test.rb
|
|
386
|
+
- test/unit/services/ansible_report_importer_test.rb
|
|
387
|
+
- test/unit/services/ansible_variables_importer_test.rb
|
|
395
388
|
- test/unit/services/api_roles_importer_test.rb
|
|
389
|
+
- test/unit/services/fact_importer_test.rb
|
|
390
|
+
- test/unit/services/fact_parser_test.rb
|
|
396
391
|
- test/unit/services/fact_sparser_test.rb
|
|
397
392
|
- test/unit/services/insights_plan_runner_test.rb
|
|
398
393
|
- test/unit/services/roles_importer_test.rb
|
|
399
394
|
- test/unit/services/structured_fact_importer_test.rb
|
|
400
395
|
- test/unit/services/ui_roles_importer_test.rb
|
|
401
|
-
- test/unit/services/ansible_report_importer_test.rb
|
|
402
|
-
- test/unit/services/fact_importer_test.rb
|
|
403
|
-
- test/unit/services/fact_parser_test.rb
|
|
404
|
-
- test/unit/services/ansible_variables_importer_test.rb
|
|
405
396
|
- test/unit/services/inventory_creator_test.rb
|
|
406
|
-
- test/unit/ansible_role_test.rb
|
|
407
|
-
- test/unit/host_ansible_role_test.rb
|
|
408
|
-
- test/unit/hostgroup_ansible_role_test.rb
|
|
409
|
-
- test/unit/ansible_variable_test.rb
|
|
410
397
|
- test/unit/ansible_provider_test.rb
|
|
411
|
-
- test/test_plugin_helper.rb
|