RubyGems - foreman_remote_execution - Versions diffs - 3.3.4 → 4.1.0 - Mend

foreman_remote_execution 3.3.4 → 4.1.0

Files changed (57) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: af3cd3861fdf9ca798dff28f5da9441110f6442b9cb156604325c0c535dd7d27
-  data.tar.gz: 24188a80f5231e8d15826d85322ff410a23bb62cded5a6ab5d30a87063eb8b85
+  metadata.gz: 1ed74f64c21956170e95cbab53cd7580205f0620166573980c12efe06e90b960
+  data.tar.gz: 6ca59984908170bc003eb797883bb37c53c5a01a9f5a7bb5a95db2c8242b1fb5
 SHA512:
-  metadata.gz: bdb4f63c31a63b4a54268f7fa36174cdf11ba90393159862370b29679d90a46ea5e0b8f86a0d98708166fa89fc0af0223dd4f93990fd0bc6e12c9dac473ab6e2
-  data.tar.gz: 4c03fa3ead970d7817e00e884a32857a5a17ae1e41462e40db4057a57f4def05f04d6ad1a16829807a883482d3a684fe344b06e367c72a99cc13c1faacb7b673
+  metadata.gz: '0588d33348d69b3ecae2b0c50c143f564a8f32fbff548e31b7da2a8b055b2e400784136f4eb98fc4d2d26740d907ced7cb27522856c6fcbf8736cf94fc5e2a93'
+  data.tar.gz: 1069f8025c92c09c3e9c780ae8b5040e8dd15c5a282d76a9195569226b18c0801e5dc533635c804d4f3e377bebcd48501de57abd9141040c6b46b13e7496415b

data/.github/workflows/ci.yml CHANGED

@@ -30,7 +30,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        foreman-core-branch: [2.1-stable, develop]
+        foreman-core-branch: [develop]
         ruby-version: [2.5, 2.6]
         node-version: [12]
     steps:

data/app/controllers/api/v2/job_invocations_controller.rb CHANGED

@@ -80,6 +80,7 @@ module Api
         end
         composer.trigger!
         @job_invocation = composer.job_invocation
+        @hosts = @job_invocation.targeting.hosts
         process_response @job_invocation
       end

data/app/controllers/foreman_remote_execution/concerns/api/v2/subnets_controller_extensions.rb ADDED

@@ -0,0 +1,21 @@
+module ForemanRemoteExecution
+  module Concerns
+    module Api::V2::SubnetsControllerExtensions
+      module ApiPieExtensions
+        extend ::Apipie::DSL::Concern
+        update_api(:create, :update) do
+          param :subnet, Hash do
+            param :remote_execution_proxy_ids, Array, _('List of proxy IDs to be used for remote execution')
+          end
+        end
+      end
+      extend ActiveSupport::Concern
+      included do
+        include ApiPieExtensions
+      end
+    end
+  end
+end

data/app/controllers/job_invocations_controller.rb CHANGED

@@ -52,16 +52,18 @@ class JobInvocationsController < ApplicationController
   def show
     @job_invocation = resource_base.includes(:template_invocations => :run_host_job_task).find(params[:id])
-    @auto_refresh = @job_invocation.task.try(:pending?)
-    @resource_base = @job_invocation.targeting.hosts.authorized(:view_hosts, Host)
-    # There's no need to do the joining if we're not filtering
-    unless params[:search].nil?
-      @resource_base = @resource_base.joins(:template_invocations)
-                                     .where(:template_invocations => { :job_invocation_id => @job_invocation.id})
-    end
-    @hosts = resource_base_search_and_page
     @job_organization = Taxonomy.find_by(id: @job_invocation.task.input[:current_organization_id])
     @job_location = Taxonomy.find_by(id: @job_invocation.task.input[:current_location_id])
+    @auto_refresh = @job_invocation.task.try(:pending?)
+    respond_to do |format|
+      format.json do
+        targeting_hosts_resources
+      end
+      format.html
+      format.js
+    end
   end
   def index
@@ -153,4 +155,16 @@ class JobInvocationsController < ApplicationController
       JobInvocationComposer.from_ui_params(with_triggering)
     end
   end
+  def targeting_hosts_resources
+    @auto_refresh = @job_invocation.task.try(:pending?)
+    @resource_base = @job_invocation.targeting.hosts.authorized(:view_hosts, Host)
+    unless params[:search].nil?
+      @resource_base = @resource_base.joins(:template_invocations)
+                                     .where(:template_invocations => { :job_invocation_id => @job_invocation.id})
+    end
+    @hosts = resource_base_search_and_page
+    @total_hosts = resource_base_with_search.size
+  end
 end

data/app/helpers/job_invocations_helper.rb CHANGED

@@ -1,10 +1,11 @@
 # frozen_string_literal:true
 module JobInvocationsHelper
-  def minicard(icon, number, text)
+  def minicard(icon, number, text, tooltip: nil)
+    tooltip_options = tooltip ? { :'data-original-title' => tooltip, :rel => 'twipsy' } : {}
     content_tag(:div, :class => 'card-pf card-pf-accented
                 card-pf-aggregate-status card-pf-aggregate-status-mini') do
-      content_tag(:h2, :class => 'card-pf-title', :style => 'line-height: 1.1') do
+      content_tag(:h2, { :class => 'card-pf-title', :style => 'line-height: 1.1' }.merge(tooltip_options)) do
         icon_text(icon, '', :kind => 'pficon') +
         content_tag(:span, number, :class =>'card-pf-aggregate-status-count') +
         text

data/app/lib/actions/remote_execution/run_host_job.rb CHANGED

@@ -60,7 +60,7 @@ module Actions
       def secrets(host, job_invocation, provider)
         job_secrets = { :ssh_password => job_invocation.password,
                         :key_passphrase => job_invocation.key_passphrase,
-                        :sudo_password => job_invocation.sudo_password }
+                        :effective_user_password => job_invocation.effective_user_password }
         job_secrets.merge(provider.secrets(host)) { |_key, job_secret, provider_secret| job_secret || provider_secret }
       end

data/app/lib/actions/remote_execution/run_hosts_job.rb CHANGED

@@ -47,7 +47,7 @@ module Actions
       end
       def finalize
-        job_invocation.password = job_invocation.key_passphrase = job_invocation.sudo_password = nil
+        job_invocation.password = job_invocation.key_passphrase = job_invocation.effective_user_password = nil
         job_invocation.save!
         Rails.logger.debug "cleaning cache for keys that begin with 'job_invocation_#{job_invocation.id}'"
@@ -57,7 +57,8 @@ module Actions
       end
       def job_invocation
-        @job_invocation ||= JobInvocation.find(input[:job_invocation_id])
+        id = input[:job_invocation_id] || input.fetch(:job_invocation, {})[:id]
+        @job_invocation ||= JobInvocation.find(id)
       end
       def batch(from, size)
@@ -65,7 +66,7 @@ module Actions
       end
       def total_count
-        hosts.count
+        output[:total_count] || hosts.count
       end
       def hosts

data/app/lib/foreman_remote_execution/renderer/scope/input.rb CHANGED

@@ -3,14 +3,33 @@ module ForemanRemoteExecution
     module Scope
       class Input < ::Foreman::Renderer::Scope::Template
         include Foreman::Renderer::Scope::Macros::HostTemplate
+        extend ApipieDSL::Class
         attr_reader :template, :host, :invocation, :input_template_instance, :current_user
         delegate :input, to: :input_template_instance
+        apipie :class, 'Macros related to template rendering' do
+          name 'Template Input Render'
+          sections only: %w[all jobs]
+        end
+        apipie :method, 'Always raises an error with a description provided as an argument' do
+          desc 'This method is useful for aborting script execution if some of the conditions are not met'
+          required :message, String, desc: 'Description for the error'
+          raises error: ::InputTemplateRenderer::RenderError, desc: 'The error is always being raised'
+          returns nil, desc: "Doesn't return anything"
+          example "<%
+  @host.operatingsystem #=> nil
+  render_error(N_('Unsupported or no operating system found for this host.')) unless @host.operatingsystem #=> InputTemplateRenderer::RenderError is raised and the execution of the script is aborted
+%>"
+        end
         def render_error(message)
           raise ::InputTemplateRenderer::RenderError.new(message)
         end
+        apipie :method, 'Check whether the template in preview mode or not' do
+          returns one_of: [true, false], desc: 'Returns true if the template in preview mode, false otherwise'
+        end
         def preview?
           !!@preview
         end
@@ -23,6 +42,16 @@ module ForemanRemoteExecution
           Rails.cache.fetch(cache_key, &block)
         end
+        # rubocop:disable Lint/InterpolationCheck
+        apipie :method, 'Render template by given name' do
+          required :template_name, String, desc: 'name of the template to render'
+          optional :input_values, Hash, desc: 'key:value list of input values for the template'
+          optional :options, Hash, desc: 'Additional options such as :with_foreign_input_set. Set to true if a foreign input set should be considered when rendering the template'
+          raises error: StandardError, desc: 'raises an error if there is no template or template input with such name'
+          returns String, desc: 'Rendered template'
+          example '<%= render_template("Run Command - Ansible Default", command: "yum -y group install #{input("package")}") %>'
+        end
+        # rubocop:enable Lint/InterpolationCheck
         def render_template(template_name, input_values = {}, options = {})
           options.assert_valid_keys(:with_foreign_input_set)
           with_foreign_input_set = options.fetch(:with_foreign_input_set, true)
@@ -59,6 +88,12 @@ module ForemanRemoteExecution
           input_values.merge(overrides).with_indifferent_access
         end
+        apipie :method, 'Returns the value of template input' do
+          required :name, String, desc: 'name of the template input'
+          raises error: UndefinedInput, desc: 'when there is no input with such name defined for the current template'
+          returns Object, desc: 'The value of template input'
+          example 'input("Include Facts") #=> "yes"'
+        end
         def input(name)
           return template_input_values[name.to_s] if template_input_values.key?(name.to_s)

data/app/models/concerns/api/v2/interfaces_controller_extensions.rb ADDED

@@ -0,0 +1,13 @@
+module Api
+  module V2
+    module InterfacesControllerExtensions
+      extend Apipie::DSL::Concern
+      update_api(:create, :update) do
+        param :interface, Hash do
+          param :execution, :bool, :desc => N_('Should this interface be used for remote execution?')
+        end
+      end
+    end
+  end
+end

data/app/models/concerns/foreman_remote_execution/orchestration/ssh.rb CHANGED

@@ -15,9 +15,13 @@ module ForemanRemoteExecution
       proxy = ::SmartProxy.find(proxy_id)
       begin
         proxy.drop_host_from_known_hosts(target)
-      rescue RestClient::ResourceNotFound => e
-        # ignore 404 when known_hosts entry is missing or the module was not enabled
-        Foreman::Logging.exception "Proxy failed to delete SSH known_hosts for #{name}, #{ip}", e, :level => :error
+      rescue ::ProxyAPI::ProxyException => e
+        if e.wrapped_exception.is_a?(RestClient::NotFound)
+          # ignore 404 when known_hosts entry is missing or the module was not enabled
+          Foreman::Logging.exception "Proxy failed to delete SSH known_hosts for #{name}, #{ip}", e, :level => :error
+        else
+          raise e
+        end
       rescue => e
         Rails.logger.warn e.message
         return false
@@ -29,7 +33,10 @@ module ForemanRemoteExecution
       logger.debug "Scheduling SSH known_hosts cleanup"
       host, _kind, _target = host_kind_target
-      proxies = host.remote_execution_proxies('SSH').values
+      # #remote_execution_proxies may not be defined on the host object in some case
+      # for example Host::Discovered does not have it defined, even though these hosts
+      # have Nic::Managed interfaces associated with them
+      proxies = (host.try(:remote_execution_proxies, 'SSH') || {}).values
       proxies.flatten.uniq.each do |proxy|
         queue.create(id: queue_id(proxy.id), name: _("Remove SSH known hosts for %s") % self,
           priority: 200, action: [self, :drop_from_known_hosts, proxy.id])

data/app/models/job_invocation.rb CHANGED

@@ -41,7 +41,10 @@ class JobInvocation < ApplicationRecord
   has_many :template_invocation_tasks, :through => :template_invocations,
                                        :class_name => 'ForemanTasks::Task',
                                        :source => 'run_host_job_task'
+  has_one :user, through: :task
+  scoped_search relation: :user, on: :login, rename: 'user', complete_value: true,
+                value_translation: ->(value) { value == 'current_user' ? User.current.login : value },
+                special_values: [:current_user], aliases: ['owner'], :only_explicit => true
   scoped_search :relation => :task, :on => :started_at, :rename => 'started_at', :complete_value => true
   scoped_search :relation => :task, :on => :start_at, :rename => 'start_at', :complete_value => true
   scoped_search :relation => :task, :on => :ended_at, :rename => 'ended_at', :complete_value => true
@@ -70,7 +73,7 @@ class JobInvocation < ApplicationRecord
   delegate :start_at, :to => :task, :allow_nil => true
-  encrypts :password, :key_passphrase, :sudo_password
+  encrypts :password, :key_passphrase, :effective_user_password
   def self.search_by_status(key, operator, value)
     conditions = HostStatus::ExecutionStatus::ExecutionTaskStatusMapper.sql_conditions_for(value)
@@ -139,7 +142,7 @@ class JobInvocation < ApplicationRecord
       invocation.pattern_template_invocations = self.pattern_template_invocations.map(&:deep_clone)
       invocation.password = self.password
       invocation.key_passphrase = self.key_passphrase
-      invocation.sudo_password = self.sudo_password
+      invocation.effective_user_password = self.effective_user_password
     end
   end
@@ -170,7 +173,7 @@ class JobInvocation < ApplicationRecord
   def total_hosts_count
     if targeting.resolved?
-      targeting.hosts.count
+      task&.main_action&.total_count || targeting.hosts.count
     else
       _('N/A')
     end
@@ -240,6 +243,10 @@ class JobInvocation < ApplicationRecord
     !task.pending?
   end
+  def missing_hosts_count
+    targeting.resolved? ? total_hosts_count - targeting.hosts.count : 0
+  end
   private
   def failed_template_invocations

data/app/models/job_invocation_composer.rb CHANGED

@@ -15,7 +15,7 @@ class JobInvocationComposer
         :description_format => job_invocation_base[:description_format],
         :password => blank_to_nil(job_invocation_base[:password]),
         :key_passphrase => blank_to_nil(job_invocation_base[:key_passphrase]),
-        :sudo_password => blank_to_nil(job_invocation_base[:sudo_password]),
+        :effective_user_password => blank_to_nil(job_invocation_base[:effective_user_password]),
         :concurrency_control => concurrency_control_params,
         :execution_timeout_interval => execution_timeout_interval,
         :template_invocations => template_invocations_params }.with_indifferent_access
@@ -348,7 +348,7 @@ class JobInvocationComposer
     job_invocation.execution_timeout_interval = params[:execution_timeout_interval]
     job_invocation.password = params[:password]
     job_invocation.key_passphrase = params[:key_passphrase]
-    job_invocation.sudo_password = params[:sudo_password]
+    job_invocation.effective_user_password = params[:effective_user_password]
     if @reruns && job_invocation.targeting.static?
       job_invocation.targeting.host_ids = JobInvocation.find(@reruns).targeting.host_ids

data/app/models/remote_execution_provider.rb CHANGED

@@ -57,8 +57,8 @@ class RemoteExecutionProvider
       [true, 'true', 'True', 'TRUE', '1'].include?(setting)
     end
-    def sudo_password(host)
-      host_setting(host, :remote_execution_sudo_password)
+    def effective_user_password(host)
+      host_setting(host, :remote_execution_effective_user_password)
     end
     def effective_interfaces(host)

data/app/models/setting/remote_execution.rb CHANGED

@@ -1,6 +1,6 @@
 class Setting::RemoteExecution < Setting
-  ::Setting::BLANK_ATTRS.concat %w{remote_execution_ssh_password remote_execution_ssh_key_passphrase remote_execution_sudo_password remote_execution_cockpit_url remote_execution_form_job_template}
+  ::Setting::BLANK_ATTRS.concat %w{remote_execution_ssh_password remote_execution_ssh_key_passphrase remote_execution_sudo_password remote_execution_effective_user_password remote_execution_cockpit_url remote_execution_form_job_template}
   def self.default_settings
     [
@@ -27,7 +27,7 @@ class Setting::RemoteExecution < Setting
         N_('Effective User Method'),
         nil,
         { :collection => proc { Hash[SSHExecutionProvider::EFFECTIVE_USER_METHODS.map { |method| [method, method] }] } }),
-      self.set('remote_execution_sudo_password', N_("Sudo password"), '', N_("Sudo password"), nil, {:encrypted => true}),
+      self.set('remote_execution_effective_user_password', N_("Effective user password"), '', N_("Effective user password"), nil, {:encrypted => true}),
       self.set('remote_execution_sync_templates',
         N_('Whether we should sync templates from disk when running db:seed.'),
         true,

data/app/models/ssh_execution_provider.rb CHANGED

@@ -32,7 +32,7 @@ class SSHExecutionProvider < RemoteExecutionProvider
       {
         :ssh_password => ssh_password(host),
         :key_passphrase => ssh_key_passphrase(host),
-        :sudo_password => sudo_password(host),
+        :effective_user_password => effective_user_password(host),
       }
     end

data/app/views/api/v2/interfaces/execution_flag.json.rabl ADDED

	@@ -0,0 +1 @@
1	+ attributes :execution

data/app/views/api/v2/job_invocations/base.json.rabl CHANGED

@@ -8,6 +8,7 @@ node do |invocation|
     :failed    => invocation_count(invocation, :output_key => :failed_count),
     :pending   => invocation_count(invocation, :output_key => :pending_count),
     :total     => invocation_count(invocation, :output_key => :total_count),
+    :missing   => invocation.missing_hosts_count,
   }
 end

data/app/views/api/v2/job_invocations/main.json.rabl CHANGED

@@ -19,7 +19,7 @@ child :targeting do
   attributes :bookmark_id, :search_query, :targeting_type, :user_id, :status, :status_label,
     :randomized_ordering
-  child @hosts do
+  child @hosts => :hosts do
     extends 'api/v2/hosts/base'
     if params[:host_status] == 'true'

data/app/views/api/v2/subnets/remote_execution_proxies.json.rabl ADDED

@@ -0,0 +1,3 @@
+child :remote_execution_proxies => :remote_execution_proxies do
+  attributes :name, :id
+end

data/app/views/job_invocations/_form.html.erb CHANGED

@@ -95,7 +95,7 @@
     <div class="advanced hidden">
       <%= password_f f, :password, :placeholder => '*****', :label => _('Password'), :label_help => N_('Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
       <%= password_f f, :key_passphrase, :placeholder => '*****', :label => _('Private key passphrase'), :label_help => N_('Key passhprase is only applicable for SSH provider. Other providers ignore this field. <br> Passphrase is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
-      <%= password_f f, :sudo_password, :placeholder => '*****', :label => _('Sudo password'), :label_help => N_('Sudo password is only applicable for SSH provider. Other providers ignore this field. <br> Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
+      <%= password_f f, :effective_user_password, :placeholder => '*****', :label => _('Effective user password'), :label_help => N_('Effective user password is only applicable for SSH provider. Other providers ignore this field. <br> Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
     </div>
     <div class="advanced hidden">

data/app/views/job_invocations/_tab_hosts.html.erb CHANGED

@@ -1,24 +1,5 @@
 <% if job_invocation.resolved? %>
-  <%= form_with url: job_invocation_path(job_invocation), method: "get", id: "search-form" do |f| %>
-    <div class="row">
-      <div class="title_filter col-md-6">
-        <div class="input-group">
-            <%= autocomplete_f(f, :search, value: params[:search].try(:squeeze, " "), placeholder: _("Filter") + ' ...', path: hosts_path, only_input: true) %>
-            <span class="input-group-btn">
-              <button class="btn btn-default" type="submit">
-                <%= icon_text('search', content_tag(:span, _('Search'), :class => 'hidden-xs', :kind => 'fa')) %>
-              </button>
-            </span>
-        </div>
-      </div>
-    </div>
-  <% end %>
-  <br>
-  <div id="targeting_hosts">
-    <%= mount_react_component('TargetingHosts', '#targeting_hosts') %>
-  </div>
-  <%= will_paginate_with_info @hosts, :container => true %>
+  <%= react_component('TargetingHosts' ) %>
 <% else %>
   <div class="alert alert-warning">
     <%=

data/app/views/job_invocations/_tab_overview.html.erb CHANGED

@@ -9,7 +9,19 @@
   <% template_invocations.each do |template_invocation| %>
     <%= minicard('user', template_invocation.effective_user || Setting[:remote_execution_effective_user],
                  template_invocation.template.name + ' ' + _('effective user')) %>
-    <%= minicard('cluster', job_invocation.total_hosts_count, _('Total hosts')) %>
+    <div class="row">
+      <% missing = job_invocation.missing_hosts_count %>
+      <% size = missing.zero? ? 12 : 6 %>
+      <div class="col-xs-12 col-sm-<%= size %> col-md-<%= size %>" >
+        <%= minicard('cluster', job_invocation.total_hosts_count, _('Total hosts')) %>
+      </div>
+      <% unless missing.zero? %>
+      <div class="col-xs-12 col-sm-6 col-md-6" >
+          <%= minicard('warning-triangle-o', missing, _('Hosts gone missing'),
+                       :tooltip => _('This can happen if the host is removed or moved to another organization or location after the job was started')) %>
+      </div>
+    <% end %>
+    </div>
     <% if template_invocation.input_values.present? %>
       <%= render :partial => 'card_user_input', :locals => { :template_invocation => template_invocation } %>
     <% end %>