foreman_ansible_core 3.0.1 → 4.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cc5b524830b6cf92b7715fdc19d9bc65e9e863b247ecb3dbe2f35aa7c8ee4e46
|
|
4
|
+
data.tar.gz: e3c669c0942e9d128d24ba4ffcf8896c9602d69058e286d1398dd531edd73ebf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c037f11562f8a20db823fefec5d9ffbc1aef49aa3a445fe78555acbc2ded7a84fea2863cfb1e88cb04ef8d11e93ad51b9700e6f81dedec1987e63e7677134125
|
|
7
|
+
data.tar.gz: dc1dce5cc48e298bee1708f9bfef4f20d86423860ac7761ea440b179ce3e4a44f70ef65aabee9299a95bae4e0a99640602e007035fcbca53ed62900951a17f37
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'shellwords'
|
|
2
|
+
|
|
1
3
|
module ForemanAnsibleCore
|
|
2
4
|
module Runner
|
|
3
5
|
class AnsibleRunner < ForemanTasksCore::Runner::Parent
|
|
@@ -5,9 +7,13 @@ module ForemanAnsibleCore
|
|
|
5
7
|
|
|
6
8
|
def initialize(input, suspended_action:)
|
|
7
9
|
super input, :suspended_action => suspended_action
|
|
8
|
-
@inventory = rebuild_inventory(input)
|
|
9
|
-
|
|
10
|
+
@inventory = rebuild_secrets(rebuild_inventory(input), input)
|
|
11
|
+
action_input = input.values.first[:input][:action_input]
|
|
12
|
+
@playbook = action_input[:script]
|
|
10
13
|
@root = working_dir
|
|
14
|
+
@verbosity_level = action_input[:verbosity_level]
|
|
15
|
+
@rex_command = action_input[:remote_execution_command]
|
|
16
|
+
@check_mode = action_input[:check_mode]
|
|
11
17
|
end
|
|
12
18
|
|
|
13
19
|
def start
|
|
@@ -35,13 +41,18 @@ module ForemanAnsibleCore
|
|
|
35
41
|
end
|
|
36
42
|
end
|
|
37
43
|
|
|
44
|
+
def close
|
|
45
|
+
super
|
|
46
|
+
FileUtils.remove_entry(@root) if @tmp_working_dir
|
|
47
|
+
end
|
|
48
|
+
|
|
38
49
|
private
|
|
39
50
|
|
|
40
51
|
def handle_event_file(event_file)
|
|
41
52
|
logger.debug("[foreman_ansible] - parsing event file #{event_file}")
|
|
42
53
|
begin
|
|
43
54
|
event = JSON.parse(File.read(event_file))
|
|
44
|
-
if (hostname = event
|
|
55
|
+
if (hostname = event.dig('event_data', 'host'))
|
|
45
56
|
handle_host_event(hostname, event)
|
|
46
57
|
else
|
|
47
58
|
handle_broadcast_data(event)
|
|
@@ -62,7 +73,7 @@ module ForemanAnsibleCore
|
|
|
62
73
|
when 'runner_on_unreachable'
|
|
63
74
|
publish_exit_status_for(hostname, 1)
|
|
64
75
|
when 'runner_on_failed'
|
|
65
|
-
publish_exit_status_for(hostname, 2) if event
|
|
76
|
+
publish_exit_status_for(hostname, 2) if event.dig('event_data', 'ignore_errors').nil?
|
|
66
77
|
end
|
|
67
78
|
end
|
|
68
79
|
|
|
@@ -80,14 +91,14 @@ module ForemanAnsibleCore
|
|
|
80
91
|
end
|
|
81
92
|
|
|
82
93
|
def write_inventory
|
|
94
|
+
path = File.join(@root, 'inventory', 'hosts')
|
|
95
|
+
data_path = File.join(@root, 'data')
|
|
83
96
|
inventory_script = <<~INVENTORY_SCRIPT
|
|
84
97
|
#!/bin/sh
|
|
85
|
-
cat
|
|
86
|
-
#{JSON.dump(@inventory)}
|
|
87
|
-
EOS
|
|
98
|
+
cat #{::Shellwords.escape data_path}
|
|
88
99
|
INVENTORY_SCRIPT
|
|
89
|
-
path = File.join(@root, 'inventory', 'hosts')
|
|
90
100
|
File.write(path, inventory_script)
|
|
101
|
+
File.write(data_path, JSON.dump(@inventory))
|
|
91
102
|
File.chmod(0o0755, path)
|
|
92
103
|
end
|
|
93
104
|
|
|
@@ -96,11 +107,27 @@ module ForemanAnsibleCore
|
|
|
96
107
|
end
|
|
97
108
|
|
|
98
109
|
def start_ansible_runner
|
|
99
|
-
|
|
110
|
+
env = {}
|
|
111
|
+
env['FOREMAN_CALLBACK_DISABLE'] = '1' if @rex_command
|
|
112
|
+
command = [env, 'ansible-runner', 'run', @root, '-p', 'playbook.yml']
|
|
113
|
+
command << '--cmdline' << '"--check"' if check_mode?
|
|
114
|
+
command << verbosity if verbose?
|
|
100
115
|
initialize_command(*command)
|
|
101
116
|
logger.debug("[foreman_ansible] - Running command '#{command.join(' ')}'")
|
|
102
117
|
end
|
|
103
118
|
|
|
119
|
+
def verbosity
|
|
120
|
+
'-' + 'v' * @verbosity_level.to_i
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
def verbose?
|
|
124
|
+
@verbosity_level.to_i.positive?
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
def check_mode?
|
|
128
|
+
@check_mode == true
|
|
129
|
+
end
|
|
130
|
+
|
|
104
131
|
def prepare_directory_structure
|
|
105
132
|
inner = %w[inventory project].map { |part| File.join(@root, part) }
|
|
106
133
|
([@root] + inner).each do |path|
|
|
@@ -120,8 +147,13 @@ module ForemanAnsibleCore
|
|
|
120
147
|
def rebuild_inventory(input)
|
|
121
148
|
action_inputs = input.values.map { |hash| hash[:input][:action_input] }
|
|
122
149
|
hostnames = action_inputs.map { |hash| hash[:name] }
|
|
123
|
-
inventories = action_inputs.map { |hash|
|
|
124
|
-
host_vars = inventories.map { |i| i['_meta']['hostvars'] }.reduce(
|
|
150
|
+
inventories = action_inputs.map { |hash| hash[:ansible_inventory] }
|
|
151
|
+
host_vars = inventories.map { |i| i['_meta']['hostvars'] }.reduce({}) do |acc, hosts|
|
|
152
|
+
hosts.reduce(acc) do |inner_acc, (hostname, vars)|
|
|
153
|
+
vars[:ansible_ssh_private_key_file] ||= ForemanRemoteExecutionCore.settings[:ssh_identity_key_file]
|
|
154
|
+
inner_acc.merge(hostname => vars)
|
|
155
|
+
end
|
|
156
|
+
end
|
|
125
157
|
|
|
126
158
|
{ '_meta' => { 'hostvars' => host_vars },
|
|
127
159
|
'all' => { 'hosts' => hostnames,
|
|
@@ -138,6 +170,21 @@ module ForemanAnsibleCore
|
|
|
138
170
|
Dir.mktmpdir(nil, File.expand_path(dir))
|
|
139
171
|
end
|
|
140
172
|
end
|
|
173
|
+
|
|
174
|
+
def rebuild_secrets(inventory, input)
|
|
175
|
+
input.each do |host, host_input|
|
|
176
|
+
secrets = host_input['input']['action_input']['secrets']
|
|
177
|
+
per_host = secrets['per-host'][host]
|
|
178
|
+
|
|
179
|
+
new_secrets = {
|
|
180
|
+
'ansible_password' => inventory['ssh_password'] || per_host['ansible_password'],
|
|
181
|
+
'ansible_become_password' => inventory['effective_user_password'] || per_host['ansible_become_password']
|
|
182
|
+
}
|
|
183
|
+
inventory['_meta']['hostvars'][host].update(new_secrets)
|
|
184
|
+
end
|
|
185
|
+
|
|
186
|
+
inventory
|
|
187
|
+
end
|
|
141
188
|
end
|
|
142
189
|
end
|
|
143
190
|
end
|
|
@@ -14,7 +14,7 @@ module ForemanAnsibleCore
|
|
|
14
14
|
|
|
15
15
|
def initialize(inventory, playbook, options = {}, suspended_action:)
|
|
16
16
|
super :suspended_action => suspended_action
|
|
17
|
-
@inventory = inventory
|
|
17
|
+
@inventory = rebuild_secrets(inventory, options[:secrets])
|
|
18
18
|
unknown_hosts.each do |host|
|
|
19
19
|
add_to_known_hosts(host)
|
|
20
20
|
end
|
|
@@ -52,7 +52,7 @@ module ForemanAnsibleCore
|
|
|
52
52
|
|
|
53
53
|
def write_inventory
|
|
54
54
|
ensure_directory(File.dirname(inventory_file))
|
|
55
|
-
File.write(inventory_file, @inventory)
|
|
55
|
+
File.write(inventory_file, JSON.dump(@inventory))
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
def write_playbook
|
|
@@ -103,7 +103,7 @@ module ForemanAnsibleCore
|
|
|
103
103
|
end
|
|
104
104
|
|
|
105
105
|
def unknown_hosts
|
|
106
|
-
|
|
106
|
+
@inventory['all']['hosts'].select do |host|
|
|
107
107
|
Net::SSH::KnownHosts.search_for(host).empty?
|
|
108
108
|
end
|
|
109
109
|
end
|
|
@@ -118,6 +118,20 @@ module ForemanAnsibleCore
|
|
|
118
118
|
logger.error('[foreman_ansible] - Failed to save host key for '\
|
|
119
119
|
"#{host}: #{e}")
|
|
120
120
|
end
|
|
121
|
+
|
|
122
|
+
def rebuild_secrets(inventory, secrets)
|
|
123
|
+
inventory['all']['hosts'].each do |name|
|
|
124
|
+
per_host = secrets['per-host'][name]
|
|
125
|
+
|
|
126
|
+
new_secrets = {
|
|
127
|
+
'ansible_password' => inventory['ssh_password'] || per_host['ansible_password'],
|
|
128
|
+
'ansible_become_password' => inventory['effective_user_password'] || per_host['ansible_become_password']
|
|
129
|
+
}
|
|
130
|
+
inventory['_meta']['hostvars'][name].update(new_secrets)
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
inventory
|
|
134
|
+
end
|
|
121
135
|
end
|
|
122
136
|
end
|
|
123
137
|
end
|
|
@@ -17,6 +17,12 @@ module ForemanAnsibleCore
|
|
|
17
17
|
Runner::AnsibleRunner
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
+
# Discard everything apart from hostname to be able to tell the actions
|
|
21
|
+
# apart when debugging
|
|
22
|
+
def transform_input(input)
|
|
23
|
+
{ 'action_input' => input['action_input'].slice('name') }
|
|
24
|
+
end
|
|
25
|
+
|
|
20
26
|
# def self.input_format
|
|
21
27
|
# {
|
|
22
28
|
# $UUID => {
|
metadata
CHANGED
|
@@ -1,29 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_ansible_core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 4.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Lobato Garcia
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-05-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
|
-
name:
|
|
14
|
+
name: foreman_remote_execution_core
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
20
|
-
type: :
|
|
19
|
+
version: '1.1'
|
|
20
|
+
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '
|
|
26
|
+
version: '1.1'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: foreman-tasks-core
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -38,20 +38,6 @@ dependencies:
|
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: 0.3.2
|
|
41
|
-
- !ruby/object:Gem::Dependency
|
|
42
|
-
name: foreman_remote_execution_core
|
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
|
44
|
-
requirements:
|
|
45
|
-
- - "~>"
|
|
46
|
-
- !ruby/object:Gem::Version
|
|
47
|
-
version: '1.1'
|
|
48
|
-
type: :runtime
|
|
49
|
-
prerelease: false
|
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
-
requirements:
|
|
52
|
-
- - "~>"
|
|
53
|
-
- !ruby/object:Gem::Version
|
|
54
|
-
version: '1.1'
|
|
55
41
|
- !ruby/object:Gem::Dependency
|
|
56
42
|
name: net-ssh
|
|
57
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -106,7 +92,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
106
92
|
- !ruby/object:Gem::Version
|
|
107
93
|
version: '0'
|
|
108
94
|
requirements: []
|
|
109
|
-
rubygems_version: 3.
|
|
95
|
+
rubygems_version: 3.1.2
|
|
110
96
|
signing_key:
|
|
111
97
|
specification_version: 4
|
|
112
98
|
summary: 'Ansible integration with Foreman (theforeman.org): core bits'
|