foreman_ansible_core 4.1.3 → 4.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1ca3b309e4ee2869e3eeca882b6e296a68728ec7f6722ff294dcba365c912ffc
-  data.tar.gz: 6215aa8ddb560b6d140873c7c390af83cca70af62a0a8571cf51f1d6b6db0bae
+  metadata.gz: e4ff48b6e2aec734e0eda53fe020e2ce1aa4d6abd92b42ed2d9089931d4b7097
+  data.tar.gz: 373035eea1363c5441cef6b566818d882c362232d263effa78a7b36aa683b611
 SHA512:
-  metadata.gz: 8d507685ceb4cc8278ae333d4edc12fabd45a998123dd3c69158b88b0c7bd987ec792bd76b59b75f43e77a2b2db066595c3582895f6d9cf1be69bd6b36ac9ae7
-  data.tar.gz: 8968f788db24c21d1222d9c0729f88371d7469910c3429335290d6fd72cfbad4a9084373a227b27a4d72188de6abce473d7e3121838efdf7afaeb35b5c947e8b
+  metadata.gz: c1fbf6b61ee93b5699c72b6f1cc221d2943c54eac1e0b52f325528f801c54c40a562a2ddc9624c1628eb7317d136e012cf339d4abc7db739868055b98b47bf51
+  data.tar.gz: 33ef3f280d7f16460573dee1e69095ac1ea26e79eb327f7f06ccd249deca24e30454a74ba253a3e43b301594d90d6dccb5661607ad4dadc27ed4026c4a70aa19

data/lib/foreman_ansible_core/runner/ansible_runner.rb

@@ -1,4 +1,5 @@
 require 'shellwords'
+require 'yaml'
 
 module ForemanAnsibleCore
   module Runner
@@ -14,12 +15,14 @@ module ForemanAnsibleCore
         @verbosity_level = action_input[:verbosity_level]
         @rex_command = action_input[:remote_execution_command]
         @check_mode = action_input[:check_mode]
+        @passphrase = action_input['secrets']['key_passphrase']
       end
 
       def start
         prepare_directory_structure
         write_inventory
         write_playbook
+        write_ssh_key if !@passphrase.nil? && !@passphrase.empty?
         start_ansible_runner
       end
 
@@ -113,6 +116,19 @@ module ForemanAnsibleCore
         File.write(File.join(@root, 'project', 'playbook.yml'), @playbook)
       end
 
+      def write_ssh_key
+        key_path = File.join(@root, 'env', 'ssh_key')
+        File.symlink(File.expand_path(ForemanRemoteExecutionCore.settings[:ssh_identity_key_file]), key_path)
+
+        passwords_path = File.join(@root, 'env', 'passwords')
+        # here we create a secrets file for ansible-runner, which uses the key as regexp
+        # to match line asking for password, given the limitation to match only first 100 chars
+        # and the fact the line contains dynamically created temp directory, the regexp
+        # mentions only things that are always there, such as artifacts directory and the key name
+        secrets = YAML.dump({ "for.*/artifacts/.*/ssh_key_data:" => @passphrase })
+        File.write(passwords_path, secrets, perm: 0o600)
+      end
+
       def start_ansible_runner
         env = {}
         env['FOREMAN_CALLBACK_DISABLE'] = '1' if @rex_command
@@ -136,7 +152,7 @@ module ForemanAnsibleCore
       end
 
       def prepare_directory_structure
-        inner = %w[inventory project].map { |part| File.join(@root, part) }
+        inner = %w[inventory project env].map { |part| File.join(@root, part) }
         ([@root] + inner).each do |path|
           FileUtils.mkdir_p path
         end

data/lib/foreman_ansible_core/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ForemanAnsibleCore
-  VERSION = '4.1.3'
+  VERSION = '4.2.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_ansible_core
 version: !ruby/object:Gem::Version
-  version: 4.1.3
+  version: 4.2.0
 platform: ruby
 authors:
 - Daniel Lobato Garcia
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-22 00:00:00.000000000 Z
+date: 2021-09-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: foreman_remote_execution_core