foreman_ansible 3.0.9 → 4.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 31a09bd7451b630e412be3bcb6c0c83c52b20df0
-  data.tar.gz: ed465ebfdadc3b0f1e1f1f3f2f329be4e25511b2
+  metadata.gz: 75b0679707788dc074b4a0393b12f40e04129508
+  data.tar.gz: a94d06214e2975de3fe5db4e34a924f83f083a26
 SHA512:
-  metadata.gz: 1cc4bce728dffab8e2fefae5205816c35a3bddbb517afd4f549cce4ad2071a8e0fea89eeac90b8b4aa40c5ccf6068b2901f74d85077f56b08c2fa12510b72900
-  data.tar.gz: 0c1502b18beaed4ce8bb99b02f16ac9b0f93e8b1a04e34eddd17871d627b5e307e6d8ebefbb4ba45ce116e2022b21f1d3851455152ee479720d62e8eaf124226
+  metadata.gz: 44c06deccb3733c5e29bfbe294a0f5a31bf1005c3e1239397142c410224e06990a505d40a3d06c58686664b75e6aa2b0dfabf83b97fce7706d4afa3aa775e607
+  data.tar.gz: fd568be4b00eafbf89696d4a1468cd0996e5b0c9ecef42ed841982e67ee87bdbe3b3ff1265ebdecd2a402eb0abd4546ebf8ec2a92d5231374ae9dc29e51115f4

data/Rakefile

@@ -19,7 +19,7 @@ end
 begin
   require 'rubocop/rake_task'
   RuboCop::RakeTask.new
-rescue StandardError => _
+rescue StandardError => _e
   puts 'Rubocop not loaded.'
 end
 

data/app/controllers/api/v2/ansible_inventories_controller.rb

@@ -31,10 +31,52 @@ module Api
         show_inventory :hostgroup_ids, :hostgroup_id
       end
 
+      api :POST, '/ansible_inventories/schedule',
+          N_('Schedule generating of Ansible Inventory report')
+      param :input_values, Hash, N_('Hash of input values of type input=>value')
+      param :report_format, ReportTemplateFormat.selectable.map(&:id),
+            N_("Report format, defaults to '%s'") % 'json'
+      example <<-EXAMPLE
+      POST /ansible/api/ansible_inventories/schedule
+      {
+        "input_values": {
+          "Organization": "yes",
+          "Location": "yes",
+          "IPv4": "yes",
+          "Facts": "no"
+        }
+      }
+      200
+      {
+        "job_id": UNIQUE-REPORT-GENERATING-JOB-UUID
+        "data_url": "/api/v2/report_templates/1/report_data/UNIQUE-REPORT-GENERATING-JOB-UUID"
+      }
+      EXAMPLE
+
+      def schedule
+        @composer = ReportComposer.from_api_params(schedule_params)
+        if @composer.valid?
+          job = @composer.schedule_rendering
+          response = { :job_id => job.provider_job_id }
+          response[:data_url] = report_data_api_report_template_path(
+            @report_template, :job_id => job.provider_job_id
+          )
+          render :json => response
+        else
+          @ansible_inventory = @composer
+          process_resource_error(:resource => @ansible_inventory)
+        end
+      rescue StandardError => e
+        render_error 'standard_error', :status => :internal_error,
+                                       :locals => { :exception => e }
+      end
+
       def action_permission
         case params[:action]
         when 'hosts', 'hostgroups'
           :view
+        when 'schedule'
+          :generate
         else
           super
         end
@@ -42,6 +84,14 @@ module Api
 
       private
 
+      def schedule_params
+        template_name = Setting::Ansible.find_by(:name => 'ansible_inventory_template').value
+        @report_template = ReportTemplate.find_by!(:name => template_name)
+        params[:id] = @report_template.id
+        params[:report_format] = 'json' if params[:report_format].blank?
+        params
+      end
+
       def show_inventory(ids_key, condition_key)
         ids = params.fetch(ids_key, []).uniq
         render :json => ForemanAnsible::InventoryCreator.new(Host.where(condition_key => ids)).to_hash.to_json

data/app/models/ansible_variable.rb

@@ -4,6 +4,7 @@
 class AnsibleVariable < LookupKey
   belongs_to :ansible_role, :inverse_of => :ansible_variables
   validates :ansible_role_id, :presence => true
+  before_validation :cast_default_value, :if => :override?
   validates :key, :uniqueness => { :scope => :ansible_role_id }
   scoped_search :on => :key, :aliases => [:name], :complete_value => true
   scoped_search :on => :imported, :complete_value => { :true => true, :false => false }

data/app/models/foreman_ansible/ansible_provider.rb

@@ -23,6 +23,7 @@ if defined? ForemanRemoteExecution
             'ansible_inventory' => ::ForemanAnsible::InventoryCreator.new(
               [host], template_invocation
             ).to_hash.to_json,
+            :verbosity_level => Setting[:ansible_verbosity],
             :remote_execution_command => ansible_command?(
               template_invocation.template
             ),
@@ -30,12 +31,35 @@ if defined? ForemanRemoteExecution
           )
         end
 
+        def secrets(host)
+          {
+            'per-host' => {
+              host.name => {
+                'ansible_ssh_pass' => rex_ssh_password(host),
+                'ansible_sudo_pass' => rex_sudo_password(host)
+              }
+            }
+          }
+        end
+
+        def rex_ssh_password(host)
+          host_setting(host, 'remote_execution_ssh_password')
+        end
+
+        def rex_sudo_password(host)
+          host_setting(host, 'remote_execution_sudo_password')
+        end
+
+        def host_setting(host, setting)
+          host.params[setting.to_s] || Setting[setting]
+        end
+
         def supports_effective_user?
           true
         end
 
         def proxy_operation_name
-          Setting::Ansible[:ansible_implementation]
+          'ansible-runner'
         end
 
         private

data/app/models/foreman_ansible/fact_name.rb

@@ -6,7 +6,11 @@ module ForemanAnsible
   # in the fact values table (/fact_values)
   class FactName < ::FactName
     def origin
-      'foreman_ansible/Ansible'
+      'Ansible'
+    end
+
+    def icon_path
+      'foreman_ansible/Ansible.png'
     end
   end
 end

data/app/models/setting/ansible.rb

@@ -5,101 +5,94 @@ class Setting
   class Ansible < ::Setting
     class << self
       # It would be more disadvantages than advantages to split up
-      # load_defaults into multiple methods, this way it's already very
+      # default_settings into multiple methods, this way it's already very
       # manageable.
       # rubocop:disable AbcSize
       # rubocop:disable MethodLength
-      # rubocop:disable BlockLength
-      def load_defaults
-        return unless super
-        Setting::BLANK_ATTRS.push('ansible_ssh_private_key_file')
-        transaction do
-          [
-            set(
-              'ansible_ssh_private_key_file',
-              N_('Use this to supply a path to an SSH Private Key '\
-                 'that Ansible will use in lieu of a password '\
-                 'Override with "ansible_ssh_private_key_file" '\
-                 'host parameter'),
-              '',
-              N_('Private Key Path')
-            ),
-            set(
-              'ansible_connection',
-              N_('Use this connection type by default when running '\
-                 'Ansible playbooks. You can override this on hosts by '\
-                 'adding a parameter "ansible_connection"'),
-              'ssh',
-              N_('Connection type')
-            ),
-            set(
-              'ansible_winrm_server_cert_validation',
-              N_('Enable/disable WinRM server certificate '\
-                 'validation when running Ansible playbooks. You can override '\
-                 'this on hosts by adding a parameter '\
-                 '"ansible_winrm_server_cert_validation"'),
-              'validate',
-              N_('WinRM cert Validation')
-            ),
-            set(
-              'ansible_verbosity',
-              N_('Foreman will add this level of verbosity for '\
-                 'additional debugging output when running Ansible playbooks.'),
-              '0',
-              N_('Default verbosity level'),
-              nil,
-              :collection => lambda do
-                { '0' => N_('Disabled'),
-                  '1' => N_('Level 1 (-v)'),
-                  '2' => N_('Level 2 (-vv)'),
-                  '3' => N_('Level 3 (-vvv)'),
-                  '4' => N_('Level 4 (-vvvv)') }
-              end
-              # rubocop:enable BlockLength
-            ),
-            set(
-              'ansible_post_provision_timeout',
-              N_('Timeout (in seconds) to set when Foreman will trigger a '\
-                 'play Ansible roles task after a host is fully provisioned. '\
-                 'Set this to the maximum time you expect a host to take '\
-                 'until it is ready after a reboot.'),
-              '360',
-              N_('Post-provision timeout')
-            ),
-            set(
-              'ansible_interval',
-              N_('Timeout (in minutes) when hosts should have reported.'),
-              '30',
-              N_('Ansible report timeout')
-            ),
-            set(
-              'ansible_out_of_sync_disabled',
-              format(N_('Disable host configuration status turning to out of'\
-                 ' sync for %{cfgmgmt} after report does not arrive within'\
-                 ' configured interval'), :cfgmgmt => 'Ansible'),
-              false,
-              format(N_('%{cfgmgmt} out of sync disabled'),
-                     :cfgmgmt => 'Ansible')
-            ),
-            set(
-              'ansible_implementation',
-              N_('Foreman will run Ansible playbooks using this implementation'),
-              'ansible-playbook',
-              N_('Implementation for running Ansible'),
-              nil,
-              :collection => lambda do
-                Hash[%w[ansible-playbook ansible-runner].map { |x| [x, x] }]
-              end
-            )
-          ].compact.each do |s|
-            create(s.update(:category => 'Setting::Ansible'))
-          end
-        end
-        true
+      def default_settings
+        [
+          set(
+            'ansible_ssh_private_key_file',
+            N_('Use this to supply a path to an SSH Private Key '\
+               'that Ansible will use in lieu of a password '\
+               'Override with "ansible_ssh_private_key_file" '\
+               'host parameter'),
+            '',
+            N_('Private Key Path')
+          ),
+          set(
+            'ansible_connection',
+            N_('Use this connection type by default when running '\
+               'Ansible playbooks. You can override this on hosts by '\
+               'adding a parameter "ansible_connection"'),
+            'ssh',
+            N_('Connection type')
+          ),
+          set(
+            'ansible_winrm_server_cert_validation',
+            N_('Enable/disable WinRM server certificate '\
+               'validation when running Ansible playbooks. You can override '\
+               'this on hosts by adding a parameter '\
+               '"ansible_winrm_server_cert_validation"'),
+            'validate',
+            N_('WinRM cert Validation')
+          ),
+          set(
+            'ansible_verbosity',
+            N_('Foreman will add this level of verbosity for '\
+               'additional debugging output when running Ansible playbooks.'),
+            '0',
+            N_('Default verbosity level'),
+            nil,
+            :collection => lambda do
+              { '0' => N_('Disabled'),
+                '1' => N_('Level 1 (-v)'),
+                '2' => N_('Level 2 (-vv)'),
+                '3' => N_('Level 3 (-vvv)'),
+                '4' => N_('Level 4 (-vvvv)') }
+            end
+          ),
+          set(
+            'ansible_post_provision_timeout',
+            N_('Timeout (in seconds) to set when Foreman will trigger a '\
+               'play Ansible roles task after a host is fully provisioned. '\
+               'Set this to the maximum time you expect a host to take '\
+               'until it is ready after a reboot.'),
+            '360',
+            N_('Post-provision timeout')
+          ),
+          set(
+            'ansible_interval',
+            N_('Timeout (in minutes) when hosts should have reported.'),
+            '30',
+            N_('Ansible report timeout')
+          ),
+          set(
+            'ansible_out_of_sync_disabled',
+            format(N_('Disable host configuration status turning to out of'\
+               ' sync for %{cfgmgmt} after report does not arrive within'\
+               ' configured interval'), :cfgmgmt => 'Ansible'),
+            false,
+            format(N_('%{cfgmgmt} out of sync disabled'),
+                   :cfgmgmt => 'Ansible')
+          ),
+          set(
+            'ansible_inventory_template',
+            N_('Foreman will use this template to schedule the report '\
+               'with Ansible inventory'),
+            'Ansible Inventory',
+            N_('Default Ansible inventory report template')
+          )
+        ]
       end
       # rubocop:enable AbcSize
       # rubocop:enable MethodLength
 
+      def load_defaults
+        Setting::BLANK_ATTRS.push('ansible_ssh_private_key_file')
+        super
+      end
+
       def humanized_category
         N_('Ansible')
       end

data/app/services/foreman_ansible/fact_importer.rb

@@ -55,16 +55,13 @@ module ForemanAnsible
     end
 
     def missing_facts
-      db_fact_names = if db_facts.is_a? Hash
-                        db_facts.keys
-                      else
-                        db_facts
-                      end
-      # In Foreman versions prior to 1.14, the db_facts key
-      # used to be a hash. Now it's an ActiveRecord::AssociationRelation
       @missing_facts ||= facts.keys +
                          FactSparser.sparse(@original_facts).keys -
-                         db_fact_names
+                         host_fact_names
+    end
+
+    def host_fact_names
+      host.fact_names.where(:type => fact_name_class.to_s).pluck(:name)
     end
 
     # Returns pairs [id, fact_name]

data/app/services/foreman_ansible/fact_parser.rb

@@ -51,19 +51,27 @@ module ForemanAnsible
       end
     end
 
-    def get_facts_for_interface(interface)
-      interface.tr!('-', '_') # virbr1-nic -> virbr1_nic
+    def get_facts_for_interface(iface_name)
+      interface = iface_name.tr('-', '_') # virbr1-nic -> virbr1_nic
       interface_facts = facts[:"ansible_#{interface}"]
       ipaddress = ip_from_interface(interface)
       ipaddress6 = ipv6_from_interface(interface)
-      HashWithIndifferentAccess[
+      macaddress = mac_from_interface(interface)
+      iface_facts = HashWithIndifferentAccess[
         interface_facts.merge(:ipaddress => ipaddress,
-                              :ipaddress6 => ipaddress6)
+                              :ipaddress6 => ipaddress6,
+                              :macaddress => macaddress)
       ]
+      logger.debug { "Ansible interface #{interface} facts: #{iface_facts.inspect}" }
+      iface_facts
     end
 
     def ipmi_interface; end
 
+    def boot_timestamp
+      Time.zone.now.to_i - facts['ansible_uptime_seconds'].to_i
+    end
+
     private
 
     def ansible_interfaces
@@ -71,6 +79,10 @@ module ForemanAnsible
       facts[:ansible_interfaces].sort
     end
 
+    def mac_from_interface(interface)
+      facts[:"ansible_#{interface}"]['perm_macaddress'].presence || facts[:"ansible_#{interface}"]['macaddress']
+    end
+
     def ip_from_interface(interface)
       return if facts[:"ansible_#{interface}"]['ipv4'].blank?
       facts[:"ansible_#{interface}"]['ipv4']['address']

data/app/services/foreman_ansible/inventory_creator.rb

@@ -98,8 +98,7 @@ module ForemanAnsible
     def remote_execution_options(host)
       params = {
         'ansible_user' => host_setting(host, 'remote_execution_ssh_user'),
-        'ansible_ssh_pass' => rex_ssh_password(host),
-        'ansible_sudo_pass' => rex_sudo_password(host),
+        'ansible_become_method' => host_setting(host, 'remote_execution_effective_user_method'),
         'ansible_ssh_private_key_file' => ansible_or_rex_ssh_private_key(host),
         'ansible_port' => host_setting(host, 'remote_execution_ssh_port'),
         'ansible_host' => AnsibleProvider.find_ip_or_hostname(host)
@@ -123,16 +122,6 @@ module ForemanAnsible
       result
     end
 
-    def rex_ssh_password(host)
-      @template_invocation.job_invocation.password ||
-        host_setting(host, 'remote_execution_ssh_password')
-    end
-
-    def rex_sudo_password(host)
-      @template_invocation.job_invocation.sudo_password ||
-        host_setting(host, 'remote_execution_sudo_password')
-    end
-
     def ansible_or_rex_ssh_private_key(host)
       ansible_private_file = host_setting(host, 'ansible_ssh_private_key_file')
       if !ansible_private_file.empty?

data/app/views/foreman_ansible/job_templates/run_playbook-ansible_default.erb

@@ -0,0 +1,17 @@
+<%#
+name: Ansible - Run playbook
+snippet: false
+job_category: Ansible Playbook
+provider_type: Ansible
+kind: job_template
+feature: ansible_run_playbook
+template_inputs:
+- name: playbook
+  required: true
+  input_type: user
+  description: The playbook to run against given hosts
+  advanced: false
+  value_type: plain
+%>
+
+<%= input('playbook') %>