RubyGems - foreman_remote_execution - Versions diffs - 3.3.4 → 4.1.0 - Mend

foreman_remote_execution 3.3.4 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (57) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: af3cd3861fdf9ca798dff28f5da9441110f6442b9cb156604325c0c535dd7d27
-  data.tar.gz: 24188a80f5231e8d15826d85322ff410a23bb62cded5a6ab5d30a87063eb8b85
+  metadata.gz: 1ed74f64c21956170e95cbab53cd7580205f0620166573980c12efe06e90b960
+  data.tar.gz: 6ca59984908170bc003eb797883bb37c53c5a01a9f5a7bb5a95db2c8242b1fb5
 SHA512:
-  metadata.gz: bdb4f63c31a63b4a54268f7fa36174cdf11ba90393159862370b29679d90a46ea5e0b8f86a0d98708166fa89fc0af0223dd4f93990fd0bc6e12c9dac473ab6e2
-  data.tar.gz: 4c03fa3ead970d7817e00e884a32857a5a17ae1e41462e40db4057a57f4def05f04d6ad1a16829807a883482d3a684fe344b06e367c72a99cc13c1faacb7b673
+  metadata.gz: '0588d33348d69b3ecae2b0c50c143f564a8f32fbff548e31b7da2a8b055b2e400784136f4eb98fc4d2d26740d907ced7cb27522856c6fcbf8736cf94fc5e2a93'
+  data.tar.gz: 1069f8025c92c09c3e9c780ae8b5040e8dd15c5a282d76a9195569226b18c0801e5dc533635c804d4f3e377bebcd48501de57abd9141040c6b46b13e7496415b

data/.github/workflows/ci.yml CHANGED

@@ -30,7 +30,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        foreman-core-branch: [2.1-stable, develop]
+        foreman-core-branch: [develop]
         ruby-version: [2.5, 2.6]
         node-version: [12]
     steps:

data/app/controllers/api/v2/job_invocations_controller.rb CHANGED

@@ -80,6 +80,7 @@ module Api
         end
         composer.trigger!
         @job_invocation = composer.job_invocation
+        @hosts = @job_invocation.targeting.hosts
         process_response @job_invocation
       end

data/app/controllers/foreman_remote_execution/concerns/api/v2/subnets_controller_extensions.rb ADDED

@@ -0,0 +1,21 @@
+module ForemanRemoteExecution
+  module Concerns
+    module Api::V2::SubnetsControllerExtensions
+      module ApiPieExtensions
+        extend ::Apipie::DSL::Concern
+        update_api(:create, :update) do
+          param :subnet, Hash do
+            param :remote_execution_proxy_ids, Array, _('List of proxy IDs to be used for remote execution')
+          end
+        end
+      end
+      extend ActiveSupport::Concern
+      included do
+        include ApiPieExtensions
+      end
+    end
+  end
+end

data/app/controllers/job_invocations_controller.rb CHANGED

@@ -52,16 +52,18 @@ class JobInvocationsController < ApplicationController
   def show
     @job_invocation = resource_base.includes(:template_invocations => :run_host_job_task).find(params[:id])
-    @auto_refresh = @job_invocation.task.try(:pending?)
-    @resource_base = @job_invocation.targeting.hosts.authorized(:view_hosts, Host)
-    # There's no need to do the joining if we're not filtering
-    unless params[:search].nil?
-      @resource_base = @resource_base.joins(:template_invocations)
-                                     .where(:template_invocations => { :job_invocation_id => @job_invocation.id})
-    end
-    @hosts = resource_base_search_and_page
     @job_organization = Taxonomy.find_by(id: @job_invocation.task.input[:current_organization_id])
     @job_location = Taxonomy.find_by(id: @job_invocation.task.input[:current_location_id])
+    @auto_refresh = @job_invocation.task.try(:pending?)
+    respond_to do |format|
+      format.json do
+        targeting_hosts_resources
+      end
+      format.html
+      format.js
+    end
   end
   def index
@@ -153,4 +155,16 @@ class JobInvocationsController < ApplicationController
       JobInvocationComposer.from_ui_params(with_triggering)
     end
   end
+  def targeting_hosts_resources
+    @auto_refresh = @job_invocation.task.try(:pending?)
+    @resource_base = @job_invocation.targeting.hosts.authorized(:view_hosts, Host)
+    unless params[:search].nil?
+      @resource_base = @resource_base.joins(:template_invocations)
+                                     .where(:template_invocations => { :job_invocation_id => @job_invocation.id})
+    end
+    @hosts = resource_base_search_and_page
+    @total_hosts = resource_base_with_search.size
+  end
 end

data/app/helpers/job_invocations_helper.rb CHANGED

@@ -1,10 +1,11 @@
 # frozen_string_literal:true
 module JobInvocationsHelper
-  def minicard(icon, number, text)
+  def minicard(icon, number, text, tooltip: nil)
+    tooltip_options = tooltip ? { :'data-original-title' => tooltip, :rel => 'twipsy' } : {}
     content_tag(:div, :class => 'card-pf card-pf-accented
                 card-pf-aggregate-status card-pf-aggregate-status-mini') do
-      content_tag(:h2, :class => 'card-pf-title', :style => 'line-height: 1.1') do
+      content_tag(:h2, { :class => 'card-pf-title', :style => 'line-height: 1.1' }.merge(tooltip_options)) do
         icon_text(icon, '', :kind => 'pficon') +
         content_tag(:span, number, :class =>'card-pf-aggregate-status-count') +
         text

data/app/lib/actions/remote_execution/run_host_job.rb CHANGED

@@ -60,7 +60,7 @@ module Actions
       def secrets(host, job_invocation, provider)
         job_secrets = { :ssh_password => job_invocation.password,
                         :key_passphrase => job_invocation.key_passphrase,
-                        :sudo_password => job_invocation.sudo_password }
+                        :effective_user_password => job_invocation.effective_user_password }
         job_secrets.merge(provider.secrets(host)) { |_key, job_secret, provider_secret| job_secret || provider_secret }
       end

data/app/lib/actions/remote_execution/run_hosts_job.rb CHANGED

@@ -47,7 +47,7 @@ module Actions
       end
       def finalize
-        job_invocation.password = job_invocation.key_passphrase = job_invocation.sudo_password = nil
+        job_invocation.password = job_invocation.key_passphrase = job_invocation.effective_user_password = nil
         job_invocation.save!
         Rails.logger.debug "cleaning cache for keys that begin with 'job_invocation_#{job_invocation.id}'"
@@ -57,7 +57,8 @@ module Actions
       end
       def job_invocation
-        @job_invocation ||= JobInvocation.find(input[:job_invocation_id])
+        id = input[:job_invocation_id] || input.fetch(:job_invocation, {})[:id]
+        @job_invocation ||= JobInvocation.find(id)
       end
       def batch(from, size)
@@ -65,7 +66,7 @@ module Actions
       end
       def total_count
-        hosts.count
+        output[:total_count] || hosts.count
       end
       def hosts

data/app/lib/foreman_remote_execution/renderer/scope/input.rb CHANGED

@@ -3,14 +3,33 @@ module ForemanRemoteExecution
     module Scope
       class Input < ::Foreman::Renderer::Scope::Template
         include Foreman::Renderer::Scope::Macros::HostTemplate
+        extend ApipieDSL::Class
         attr_reader :template, :host, :invocation, :input_template_instance, :current_user
         delegate :input, to: :input_template_instance
+        apipie :class, 'Macros related to template rendering' do
+          name 'Template Input Render'
+          sections only: %w[all jobs]
+        end
+        apipie :method, 'Always raises an error with a description provided as an argument' do
+          desc 'This method is useful for aborting script execution if some of the conditions are not met'
+          required :message, String, desc: 'Description for the error'
+          raises error: ::InputTemplateRenderer::RenderError, desc: 'The error is always being raised'
+          returns nil, desc: "Doesn't return anything"
+          example "<%
+  @host.operatingsystem #=> nil
+  render_error(N_('Unsupported or no operating system found for this host.')) unless @host.operatingsystem #=> InputTemplateRenderer::RenderError is raised and the execution of the script is aborted
+%>"
+        end
         def render_error(message)
           raise ::InputTemplateRenderer::RenderError.new(message)
         end
+        apipie :method, 'Check whether the template in preview mode or not' do
+          returns one_of: [true, false], desc: 'Returns true if the template in preview mode, false otherwise'
+        end
         def preview?
           !!@preview
         end
@@ -23,6 +42,16 @@ module ForemanRemoteExecution
           Rails.cache.fetch(cache_key, &block)
         end
+        # rubocop:disable Lint/InterpolationCheck
+        apipie :method, 'Render template by given name' do
+          required :template_name, String, desc: 'name of the template to render'
+          optional :input_values, Hash, desc: 'key:value list of input values for the template'
+          optional :options, Hash, desc: 'Additional options such as :with_foreign_input_set. Set to true if a foreign input set should be considered when rendering the template'
+          raises error: StandardError, desc: 'raises an error if there is no template or template input with such name'
+          returns String, desc: 'Rendered template'
+          example '<%= render_template("Run Command - Ansible Default", command: "yum -y group install #{input("package")}") %>'
+        end
+        # rubocop:enable Lint/InterpolationCheck
         def render_template(template_name, input_values = {}, options = {})
           options.assert_valid_keys(:with_foreign_input_set)
           with_foreign_input_set = options.fetch(:with_foreign_input_set, true)
@@ -59,6 +88,12 @@ module ForemanRemoteExecution
           input_values.merge(overrides).with_indifferent_access
         end
+        apipie :method, 'Returns the value of template input' do
+          required :name, String, desc: 'name of the template input'
+          raises error: UndefinedInput, desc: 'when there is no input with such name defined for the current template'
+          returns Object, desc: 'The value of template input'
+          example 'input("Include Facts") #=> "yes"'
+        end
         def input(name)
           return template_input_values[name.to_s] if template_input_values.key?(name.to_s)

data/app/models/concerns/api/v2/interfaces_controller_extensions.rb ADDED

@@ -0,0 +1,13 @@
+module Api
+  module V2
+    module InterfacesControllerExtensions
+      extend Apipie::DSL::Concern
+      update_api(:create, :update) do
+        param :interface, Hash do
+          param :execution, :bool, :desc => N_('Should this interface be used for remote execution?')
+        end
+      end
+    end
+  end
+end

data/app/models/concerns/foreman_remote_execution/orchestration/ssh.rb CHANGED

@@ -15,9 +15,13 @@ module ForemanRemoteExecution
       proxy = ::SmartProxy.find(proxy_id)
       begin
         proxy.drop_host_from_known_hosts(target)
-      rescue RestClient::ResourceNotFound => e
-        # ignore 404 when known_hosts entry is missing or the module was not enabled
-        Foreman::Logging.exception "Proxy failed to delete SSH known_hosts for #{name}, #{ip}", e, :level => :error
+      rescue ::ProxyAPI::ProxyException => e
+        if e.wrapped_exception.is_a?(RestClient::NotFound)
+          # ignore 404 when known_hosts entry is missing or the module was not enabled
+          Foreman::Logging.exception "Proxy failed to delete SSH known_hosts for #{name}, #{ip}", e, :level => :error
+        else
+          raise e
+        end
       rescue => e
         Rails.logger.warn e.message
         return false
@@ -29,7 +33,10 @@ module ForemanRemoteExecution
       logger.debug "Scheduling SSH known_hosts cleanup"
       host, _kind, _target = host_kind_target
-      proxies = host.remote_execution_proxies('SSH').values
+      # #remote_execution_proxies may not be defined on the host object in some case
+      # for example Host::Discovered does not have it defined, even though these hosts
+      # have Nic::Managed interfaces associated with them
+      proxies = (host.try(:remote_execution_proxies, 'SSH') || {}).values
       proxies.flatten.uniq.each do |proxy|
         queue.create(id: queue_id(proxy.id), name: _("Remove SSH known hosts for %s") % self,
           priority: 200, action: [self, :drop_from_known_hosts, proxy.id])

data/app/models/job_invocation.rb CHANGED

@@ -41,7 +41,10 @@ class JobInvocation < ApplicationRecord
   has_many :template_invocation_tasks, :through => :template_invocations,
                                        :class_name => 'ForemanTasks::Task',
                                        :source => 'run_host_job_task'
+  has_one :user, through: :task
+  scoped_search relation: :user, on: :login, rename: 'user', complete_value: true,
+                value_translation: ->(value) { value == 'current_user' ? User.current.login : value },
+                special_values: [:current_user], aliases: ['owner'], :only_explicit => true
   scoped_search :relation => :task, :on => :started_at, :rename => 'started_at', :complete_value => true
   scoped_search :relation => :task, :on => :start_at, :rename => 'start_at', :complete_value => true
   scoped_search :relation => :task, :on => :ended_at, :rename => 'ended_at', :complete_value => true
@@ -70,7 +73,7 @@ class JobInvocation < ApplicationRecord
   delegate :start_at, :to => :task, :allow_nil => true
-  encrypts :password, :key_passphrase, :sudo_password
+  encrypts :password, :key_passphrase, :effective_user_password
   def self.search_by_status(key, operator, value)
     conditions = HostStatus::ExecutionStatus::ExecutionTaskStatusMapper.sql_conditions_for(value)
@@ -139,7 +142,7 @@ class JobInvocation < ApplicationRecord
       invocation.pattern_template_invocations = self.pattern_template_invocations.map(&:deep_clone)
       invocation.password = self.password
       invocation.key_passphrase = self.key_passphrase
-      invocation.sudo_password = self.sudo_password
+      invocation.effective_user_password = self.effective_user_password
     end
   end
@@ -170,7 +173,7 @@ class JobInvocation < ApplicationRecord
   def total_hosts_count
     if targeting.resolved?
-      targeting.hosts.count
+      task&.main_action&.total_count || targeting.hosts.count
     else
       _('N/A')
     end
@@ -240,6 +243,10 @@ class JobInvocation < ApplicationRecord
     !task.pending?
   end
+  def missing_hosts_count
+    targeting.resolved? ? total_hosts_count - targeting.hosts.count : 0
+  end
   private
   def failed_template_invocations

data/app/models/job_invocation_composer.rb CHANGED

@@ -15,7 +15,7 @@ class JobInvocationComposer
         :description_format => job_invocation_base[:description_format],
         :password => blank_to_nil(job_invocation_base[:password]),
         :key_passphrase => blank_to_nil(job_invocation_base[:key_passphrase]),
-        :sudo_password => blank_to_nil(job_invocation_base[:sudo_password]),
+        :effective_user_password => blank_to_nil(job_invocation_base[:effective_user_password]),
         :concurrency_control => concurrency_control_params,
         :execution_timeout_interval => execution_timeout_interval,
         :template_invocations => template_invocations_params }.with_indifferent_access
@@ -348,7 +348,7 @@ class JobInvocationComposer
     job_invocation.execution_timeout_interval = params[:execution_timeout_interval]
     job_invocation.password = params[:password]
     job_invocation.key_passphrase = params[:key_passphrase]
-    job_invocation.sudo_password = params[:sudo_password]
+    job_invocation.effective_user_password = params[:effective_user_password]
     if @reruns && job_invocation.targeting.static?
       job_invocation.targeting.host_ids = JobInvocation.find(@reruns).targeting.host_ids

data/app/models/remote_execution_provider.rb CHANGED

@@ -57,8 +57,8 @@ class RemoteExecutionProvider
       [true, 'true', 'True', 'TRUE', '1'].include?(setting)
     end
-    def sudo_password(host)
-      host_setting(host, :remote_execution_sudo_password)
+    def effective_user_password(host)
+      host_setting(host, :remote_execution_effective_user_password)
     end
     def effective_interfaces(host)

data/app/models/setting/remote_execution.rb CHANGED

@@ -1,6 +1,6 @@
 class Setting::RemoteExecution < Setting
-  ::Setting::BLANK_ATTRS.concat %w{remote_execution_ssh_password remote_execution_ssh_key_passphrase remote_execution_sudo_password remote_execution_cockpit_url remote_execution_form_job_template}
+  ::Setting::BLANK_ATTRS.concat %w{remote_execution_ssh_password remote_execution_ssh_key_passphrase remote_execution_sudo_password remote_execution_effective_user_password remote_execution_cockpit_url remote_execution_form_job_template}
   def self.default_settings
     [
@@ -27,7 +27,7 @@ class Setting::RemoteExecution < Setting
         N_('Effective User Method'),
         nil,
         { :collection => proc { Hash[SSHExecutionProvider::EFFECTIVE_USER_METHODS.map { |method| [method, method] }] } }),
-      self.set('remote_execution_sudo_password', N_("Sudo password"), '', N_("Sudo password"), nil, {:encrypted => true}),
+      self.set('remote_execution_effective_user_password', N_("Effective user password"), '', N_("Effective user password"), nil, {:encrypted => true}),
       self.set('remote_execution_sync_templates',
         N_('Whether we should sync templates from disk when running db:seed.'),
         true,

data/app/models/ssh_execution_provider.rb CHANGED

@@ -32,7 +32,7 @@ class SSHExecutionProvider < RemoteExecutionProvider
       {
         :ssh_password => ssh_password(host),
         :key_passphrase => ssh_key_passphrase(host),
-        :sudo_password => sudo_password(host),
+        :effective_user_password => effective_user_password(host),
       }
     end

data/app/views/api/v2/interfaces/execution_flag.json.rabl ADDED

	@@ -0,0 +1 @@
1	+ attributes :execution

data/app/views/api/v2/job_invocations/base.json.rabl CHANGED

@@ -8,6 +8,7 @@ node do |invocation|
     :failed    => invocation_count(invocation, :output_key => :failed_count),
     :pending   => invocation_count(invocation, :output_key => :pending_count),
     :total     => invocation_count(invocation, :output_key => :total_count),
+    :missing   => invocation.missing_hosts_count,
   }
 end

data/app/views/api/v2/job_invocations/main.json.rabl CHANGED

@@ -19,7 +19,7 @@ child :targeting do
   attributes :bookmark_id, :search_query, :targeting_type, :user_id, :status, :status_label,
     :randomized_ordering
-  child @hosts do
+  child @hosts => :hosts do
     extends 'api/v2/hosts/base'
     if params[:host_status] == 'true'

data/app/views/api/v2/subnets/remote_execution_proxies.json.rabl ADDED

@@ -0,0 +1,3 @@
+child :remote_execution_proxies => :remote_execution_proxies do
+  attributes :name, :id
+end

data/app/views/job_invocations/_form.html.erb CHANGED

@@ -95,7 +95,7 @@
     <div class="advanced hidden">
       <%= password_f f, :password, :placeholder => '*****', :label => _('Password'), :label_help => N_('Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
       <%= password_f f, :key_passphrase, :placeholder => '*****', :label => _('Private key passphrase'), :label_help => N_('Key passhprase is only applicable for SSH provider. Other providers ignore this field. <br> Passphrase is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
-      <%= password_f f, :sudo_password, :placeholder => '*****', :label => _('Sudo password'), :label_help => N_('Sudo password is only applicable for SSH provider. Other providers ignore this field. <br> Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
+      <%= password_f f, :effective_user_password, :placeholder => '*****', :label => _('Effective user password'), :label_help => N_('Effective user password is only applicable for SSH provider. Other providers ignore this field. <br> Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
     </div>
     <div class="advanced hidden">

data/app/views/job_invocations/_tab_hosts.html.erb CHANGED

@@ -1,24 +1,5 @@
 <% if job_invocation.resolved? %>
-  <%= form_with url: job_invocation_path(job_invocation), method: "get", id: "search-form" do |f| %>
-    <div class="row">
-      <div class="title_filter col-md-6">
-        <div class="input-group">
-            <%= autocomplete_f(f, :search, value: params[:search].try(:squeeze, " "), placeholder: _("Filter") + ' ...', path: hosts_path, only_input: true) %>
-            <span class="input-group-btn">
-              <button class="btn btn-default" type="submit">
-                <%= icon_text('search', content_tag(:span, _('Search'), :class => 'hidden-xs', :kind => 'fa')) %>
-              </button>
-            </span>
-        </div>
-      </div>
-    </div>
-  <% end %>
-  <br>
-  <div id="targeting_hosts">
-    <%= mount_react_component('TargetingHosts', '#targeting_hosts') %>
-  </div>
-  <%= will_paginate_with_info @hosts, :container => true %>
+  <%= react_component('TargetingHosts' ) %>
 <% else %>
   <div class="alert alert-warning">
     <%=

data/app/views/job_invocations/_tab_overview.html.erb CHANGED

@@ -9,7 +9,19 @@
   <% template_invocations.each do |template_invocation| %>
     <%= minicard('user', template_invocation.effective_user || Setting[:remote_execution_effective_user],
                  template_invocation.template.name + ' ' + _('effective user')) %>
-    <%= minicard('cluster', job_invocation.total_hosts_count, _('Total hosts')) %>
+    <div class="row">
+      <% missing = job_invocation.missing_hosts_count %>
+      <% size = missing.zero? ? 12 : 6 %>
+      <div class="col-xs-12 col-sm-<%= size %> col-md-<%= size %>" >
+        <%= minicard('cluster', job_invocation.total_hosts_count, _('Total hosts')) %>
+      </div>
+      <% unless missing.zero? %>
+      <div class="col-xs-12 col-sm-6 col-md-6" >
+          <%= minicard('warning-triangle-o', missing, _('Hosts gone missing'),
+                       :tooltip => _('This can happen if the host is removed or moved to another organization or location after the job was started')) %>
+      </div>
+    <% end %>
+    </div>
     <% if template_invocation.input_values.present? %>
       <%= render :partial => 'card_user_input', :locals => { :template_invocation => template_invocation } %>
     <% end %>