foreman_ansible_core 3.0.1 → 4.1.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cc5b524830b6cf92b7715fdc19d9bc65e9e863b247ecb3dbe2f35aa7c8ee4e46
|
|
4
|
+
data.tar.gz: e3c669c0942e9d128d24ba4ffcf8896c9602d69058e286d1398dd531edd73ebf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c037f11562f8a20db823fefec5d9ffbc1aef49aa3a445fe78555acbc2ded7a84fea2863cfb1e88cb04ef8d11e93ad51b9700e6f81dedec1987e63e7677134125
|
|
7
|
+
data.tar.gz: dc1dce5cc48e298bee1708f9bfef4f20d86423860ac7761ea440b179ce3e4a44f70ef65aabee9299a95bae4e0a99640602e007035fcbca53ed62900951a17f37
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'shellwords'
|
|
2
|
+
|
|
1
3
|
module ForemanAnsibleCore
|
|
2
4
|
module Runner
|
|
3
5
|
class AnsibleRunner < ForemanTasksCore::Runner::Parent
|
|
@@ -5,9 +7,13 @@ module ForemanAnsibleCore
|
|
|
5
7
|
|
|
6
8
|
def initialize(input, suspended_action:)
|
|
7
9
|
super input, :suspended_action => suspended_action
|
|
8
|
-
@inventory = rebuild_inventory(input)
|
|
9
|
-
|
|
10
|
+
@inventory = rebuild_secrets(rebuild_inventory(input), input)
|
|
11
|
+
action_input = input.values.first[:input][:action_input]
|
|
12
|
+
@playbook = action_input[:script]
|
|
10
13
|
@root = working_dir
|
|
14
|
+
@verbosity_level = action_input[:verbosity_level]
|
|
15
|
+
@rex_command = action_input[:remote_execution_command]
|
|
16
|
+
@check_mode = action_input[:check_mode]
|
|
11
17
|
end
|
|
12
18
|
|
|
13
19
|
def start
|
|
@@ -35,13 +41,18 @@ module ForemanAnsibleCore
|
|
|
35
41
|
end
|
|
36
42
|
end
|
|
37
43
|
|
|
44
|
+
def close
|
|
45
|
+
super
|
|
46
|
+
FileUtils.remove_entry(@root) if @tmp_working_dir
|
|
47
|
+
end
|
|
48
|
+
|
|
38
49
|
private
|
|
39
50
|
|
|
40
51
|
def handle_event_file(event_file)
|
|
41
52
|
logger.debug("[foreman_ansible] - parsing event file #{event_file}")
|
|
42
53
|
begin
|
|
43
54
|
event = JSON.parse(File.read(event_file))
|
|
44
|
-
if (hostname = event
|
|
55
|
+
if (hostname = event.dig('event_data', 'host'))
|
|
45
56
|
handle_host_event(hostname, event)
|
|
46
57
|
else
|
|
47
58
|
handle_broadcast_data(event)
|
|
@@ -62,7 +73,7 @@ module ForemanAnsibleCore
|
|
|
62
73
|
when 'runner_on_unreachable'
|
|
63
74
|
publish_exit_status_for(hostname, 1)
|
|
64
75
|
when 'runner_on_failed'
|
|
65
|
-
publish_exit_status_for(hostname, 2) if event
|
|
76
|
+
publish_exit_status_for(hostname, 2) if event.dig('event_data', 'ignore_errors').nil?
|
|
66
77
|
end
|
|
67
78
|
end
|
|
68
79
|
|
|
@@ -80,14 +91,14 @@ module ForemanAnsibleCore
|
|
|
80
91
|
end
|
|
81
92
|
|
|
82
93
|
def write_inventory
|
|
94
|
+
path = File.join(@root, 'inventory', 'hosts')
|
|
95
|
+
data_path = File.join(@root, 'data')
|
|
83
96
|
inventory_script = <<~INVENTORY_SCRIPT
|
|
84
97
|
#!/bin/sh
|
|
85
|
-
cat
|
|
86
|
-
#{JSON.dump(@inventory)}
|
|
87
|
-
EOS
|
|
98
|
+
cat #{::Shellwords.escape data_path}
|
|
88
99
|
INVENTORY_SCRIPT
|
|
89
|
-
path = File.join(@root, 'inventory', 'hosts')
|
|
90
100
|
File.write(path, inventory_script)
|
|
101
|
+
File.write(data_path, JSON.dump(@inventory))
|
|
91
102
|
File.chmod(0o0755, path)
|
|
92
103
|
end
|
|
93
104
|
|
|
@@ -96,11 +107,27 @@ module ForemanAnsibleCore
|
|
|
96
107
|
end
|
|
97
108
|
|
|
98
109
|
def start_ansible_runner
|
|
99
|
-
|
|
110
|
+
env = {}
|
|
111
|
+
env['FOREMAN_CALLBACK_DISABLE'] = '1' if @rex_command
|
|
112
|
+
command = [env, 'ansible-runner', 'run', @root, '-p', 'playbook.yml']
|
|
113
|
+
command << '--cmdline' << '"--check"' if check_mode?
|
|
114
|
+
command << verbosity if verbose?
|
|
100
115
|
initialize_command(*command)
|
|
101
116
|
logger.debug("[foreman_ansible] - Running command '#{command.join(' ')}'")
|
|
102
117
|
end
|
|
103
118
|
|
|
119
|
+
def verbosity
|
|
120
|
+
'-' + 'v' * @verbosity_level.to_i
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
def verbose?
|
|
124
|
+
@verbosity_level.to_i.positive?
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
def check_mode?
|
|
128
|
+
@check_mode == true
|
|
129
|
+
end
|
|
130
|
+
|
|
104
131
|
def prepare_directory_structure
|
|
105
132
|
inner = %w[inventory project].map { |part| File.join(@root, part) }
|
|
106
133
|
([@root] + inner).each do |path|
|
|
@@ -120,8 +147,13 @@ module ForemanAnsibleCore
|
|
|
120
147
|
def rebuild_inventory(input)
|
|
121
148
|
action_inputs = input.values.map { |hash| hash[:input][:action_input] }
|
|
122
149
|
hostnames = action_inputs.map { |hash| hash[:name] }
|
|
123
|
-
inventories = action_inputs.map { |hash|
|
|
124
|
-
host_vars = inventories.map { |i| i['_meta']['hostvars'] }.reduce(
|
|
150
|
+
inventories = action_inputs.map { |hash| hash[:ansible_inventory] }
|
|
151
|
+
host_vars = inventories.map { |i| i['_meta']['hostvars'] }.reduce({}) do |acc, hosts|
|
|
152
|
+
hosts.reduce(acc) do |inner_acc, (hostname, vars)|
|
|
153
|
+
vars[:ansible_ssh_private_key_file] ||= ForemanRemoteExecutionCore.settings[:ssh_identity_key_file]
|
|
154
|
+
inner_acc.merge(hostname => vars)
|
|
155
|
+
end
|
|
156
|
+
end
|
|
125
157
|
|
|
126
158
|
{ '_meta' => { 'hostvars' => host_vars },
|
|
127
159
|
'all' => { 'hosts' => hostnames,
|
|
@@ -138,6 +170,21 @@ module ForemanAnsibleCore
|
|
|
138
170
|
Dir.mktmpdir(nil, File.expand_path(dir))
|
|
139
171
|
end
|
|
140
172
|
end
|
|
173
|
+
|
|
174
|
+
def rebuild_secrets(inventory, input)
|
|
175
|
+
input.each do |host, host_input|
|
|
176
|
+
secrets = host_input['input']['action_input']['secrets']
|
|
177
|
+
per_host = secrets['per-host'][host]
|
|
178
|
+
|
|
179
|
+
new_secrets = {
|
|
180
|
+
'ansible_password' => inventory['ssh_password'] || per_host['ansible_password'],
|
|
181
|
+
'ansible_become_password' => inventory['effective_user_password'] || per_host['ansible_become_password']
|
|
182
|
+
}
|
|
183
|
+
inventory['_meta']['hostvars'][host].update(new_secrets)
|
|
184
|
+
end
|
|
185
|
+
|
|
186
|
+
inventory
|
|
187
|
+
end
|
|
141
188
|
end
|
|
142
189
|
end
|
|
143
190
|
end
|
|
@@ -14,7 +14,7 @@ module ForemanAnsibleCore
|
|
|
14
14
|
|
|
15
15
|
def initialize(inventory, playbook, options = {}, suspended_action:)
|
|
16
16
|
super :suspended_action => suspended_action
|
|
17
|
-
@inventory = inventory
|
|
17
|
+
@inventory = rebuild_secrets(inventory, options[:secrets])
|
|
18
18
|
unknown_hosts.each do |host|
|
|
19
19
|
add_to_known_hosts(host)
|
|
20
20
|
end
|
|
@@ -52,7 +52,7 @@ module ForemanAnsibleCore
|
|
|
52
52
|
|
|
53
53
|
def write_inventory
|
|
54
54
|
ensure_directory(File.dirname(inventory_file))
|
|
55
|
-
File.write(inventory_file, @inventory)
|
|
55
|
+
File.write(inventory_file, JSON.dump(@inventory))
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
def write_playbook
|
|
@@ -103,7 +103,7 @@ module ForemanAnsibleCore
|
|
|
103
103
|
end
|
|
104
104
|
|
|
105
105
|
def unknown_hosts
|
|
106
|
-
|
|
106
|
+
@inventory['all']['hosts'].select do |host|
|
|
107
107
|
Net::SSH::KnownHosts.search_for(host).empty?
|
|
108
108
|
end
|
|
109
109
|
end
|
|
@@ -118,6 +118,20 @@ module ForemanAnsibleCore
|
|
|
118
118
|
logger.error('[foreman_ansible] - Failed to save host key for '\
|
|
119
119
|
"#{host}: #{e}")
|
|
120
120
|
end
|
|
121
|
+
|
|
122
|
+
def rebuild_secrets(inventory, secrets)
|
|
123
|
+
inventory['all']['hosts'].each do |name|
|
|
124
|
+
per_host = secrets['per-host'][name]
|
|
125
|
+
|
|
126
|
+
new_secrets = {
|
|
127
|
+
'ansible_password' => inventory['ssh_password'] || per_host['ansible_password'],
|
|
128
|
+
'ansible_become_password' => inventory['effective_user_password'] || per_host['ansible_become_password']
|
|
129
|
+
}
|
|
130
|
+
inventory['_meta']['hostvars'][name].update(new_secrets)
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
inventory
|
|
134
|
+
end
|
|
121
135
|
end
|
|
122
136
|
end
|
|
123
137
|
end
|
|
@@ -17,6 +17,12 @@ module ForemanAnsibleCore
|
|
|
17
17
|
Runner::AnsibleRunner
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
+
# Discard everything apart from hostname to be able to tell the actions
|
|
21
|
+
# apart when debugging
|
|
22
|
+
def transform_input(input)
|
|
23
|
+
{ 'action_input' => input['action_input'].slice('name') }
|
|
24
|
+
end
|
|
25
|
+
|
|
20
26
|
# def self.input_format
|
|
21
27
|
# {
|
|
22
28
|
# $UUID => {
|
metadata
CHANGED
|
@@ -1,29 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_ansible_core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 4.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Lobato Garcia
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-05-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
|
-
name:
|
|
14
|
+
name: foreman_remote_execution_core
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
20
|
-
type: :
|
|
19
|
+
version: '1.1'
|
|
20
|
+
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '
|
|
26
|
+
version: '1.1'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: foreman-tasks-core
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -38,20 +38,6 @@ dependencies:
|
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: 0.3.2
|
|
41
|
-
- !ruby/object:Gem::Dependency
|
|
42
|
-
name: foreman_remote_execution_core
|
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
|
44
|
-
requirements:
|
|
45
|
-
- - "~>"
|
|
46
|
-
- !ruby/object:Gem::Version
|
|
47
|
-
version: '1.1'
|
|
48
|
-
type: :runtime
|
|
49
|
-
prerelease: false
|
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
-
requirements:
|
|
52
|
-
- - "~>"
|
|
53
|
-
- !ruby/object:Gem::Version
|
|
54
|
-
version: '1.1'
|
|
55
41
|
- !ruby/object:Gem::Dependency
|
|
56
42
|
name: net-ssh
|
|
57
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -106,7 +92,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
106
92
|
- !ruby/object:Gem::Version
|
|
107
93
|
version: '0'
|
|
108
94
|
requirements: []
|
|
109
|
-
rubygems_version: 3.
|
|
95
|
+
rubygems_version: 3.1.2
|
|
110
96
|
signing_key:
|
|
111
97
|
specification_version: 4
|
|
112
98
|
summary: 'Ansible integration with Foreman (theforeman.org): core bits'
|