foreman_remote_execution 4.3.1 → 4.5.2

data/app/models/host_status/execution_status.rb

@@ -64,15 +64,15 @@ class HostStatus::ExecutionStatus < HostStatus::Status
 
       case status
         when OK
-          [ "state = 'stopped' AND result = 'success'" ]
+          [ "foreman_tasks_tasks.state = 'stopped' AND foreman_tasks_tasks.result = 'success'" ]
         when CANCELLED
-          [ "state = 'stopped' AND result = 'cancelled'" ]
+          [ "foreman_tasks_tasks.state = 'stopped' AND foreman_tasks_tasks.result = 'cancelled'" ]
         when ERROR
-          [ "state = 'stopped' AND (result = 'error' OR result = 'warning')" ]
+          [ "foreman_tasks_tasks.state = 'stopped' AND (foreman_tasks_tasks.result = 'error' OR foreman_tasks_tasks.result = 'warning')" ]
         when QUEUED
-          [ "state = 'scheduled' OR state IS NULL" ]
+          [ "foreman_tasks_tasks.state = 'scheduled' OR foreman_tasks_tasks.state IS NULL" ]
         when RUNNING
-          [ "state <> 'stopped'" ]
+          [ "foreman_tasks_tasks.state <> 'stopped'" ]
         else
           [ '1 = 0' ]
       end

data/app/models/invocation_provider_input_value.rb

@@ -0,0 +1,12 @@
+class InvocationProviderInputValue < ApplicationRecord
+  belongs_to :template_invocation
+
+  validates :name, :presence => true
+
+  validates :value, :inclusion => { :in => proc { |v| v.provider_input.options_array } },
+                    :if => proc { |v| v.provider_input.options_array.present? }
+
+  def provider_input
+    template_invocation.template.provider.provider_inputs.find { |item| item.name == name }
+  end
+end

data/app/models/job_invocation.rb

@@ -15,8 +15,9 @@ class JobInvocation < ApplicationRecord
 
   belongs_to :targeting, :dependent => :destroy
   has_many :all_template_invocations, :inverse_of => :job_invocation, :dependent => :destroy, :class_name => 'TemplateInvocation'
-  has_many :template_invocations, -> { where('host_id IS NOT NULL') }, :inverse_of => :job_invocation
-  has_many :pattern_template_invocations, -> { where('host_id IS NULL') }, :inverse_of => :job_invocation, :class_name => 'TemplateInvocation'
+  has_many :template_invocations, -> { where('template_invocations.host_id IS NOT NULL') }, :inverse_of => :job_invocation
+  has_many :pattern_template_invocations, -> { where('template_invocations.host_id IS NULL') }, :inverse_of => :job_invocation, :class_name => 'TemplateInvocation'
+  has_many :pattern_templates, :through => :pattern_template_invocations, :source => :template
 
   validates :targeting, :presence => true
   validates :job_category, :presence => true
@@ -44,26 +45,31 @@ class JobInvocation < ApplicationRecord
                                        :source => 'run_host_job_task'
   has_one :user, through: :task
   scoped_search relation: :user, on: :login, rename: 'user', complete_value: true,
-                value_translation: ->(value) { value == 'current_user' ? User.current.login : value },
-                special_values: [:current_user], aliases: ['owner'], :only_explicit => true
+    value_translation: ->(value) { value == 'current_user' ? User.current.login : value },
+    special_values: [:current_user], aliases: ['owner'], :only_explicit => true
   scoped_search :relation => :task, :on => :started_at, :rename => 'started_at', :complete_value => true
   scoped_search :relation => :task, :on => :start_at, :rename => 'start_at', :complete_value => true
   scoped_search :relation => :task, :on => :ended_at, :rename => 'ended_at', :complete_value => true
   scoped_search :relation => :task, :on => :state, :rename => 'status', :ext_method => :search_by_status,
-                :only_explicit => true, :complete_value => Hash[HostStatus::ExecutionStatus::STATUS_NAMES.values.map { |v| [v, v] }]
+    :only_explicit => true, :complete_value => Hash[HostStatus::ExecutionStatus::STATUS_NAMES.values.map { |v| [v, v] }]
 
   belongs_to :triggering, :class_name => 'ForemanTasks::Triggering'
   has_one :recurring_logic, :through => :triggering, :class_name => 'ForemanTasks::RecurringLogic'
 
   belongs_to :remote_execution_feature
 
-  scope :with_task, -> { references(:task) }
+  has_many :targeted_hosts, :through => :targeting, :source => :hosts
+  scoped_search :on => 'targeted_host_id', :rename => 'targeted_host_id', :operators => ['= '],
+    :complete_value => false, :only_explicit => true, :ext_method => :search_by_targeted_host
+
+  scoped_search :on => 'pattern_template_name', :rename => 'pattern_template_name', :operators => ['= '],
+    :complete_value => false, :only_explicit => true, :ext_method => :search_by_pattern_template
 
   scoped_search :relation => :recurring_logic, :on => 'id', :rename => 'recurring_logic.id'
 
   scoped_search :relation => :recurring_logic, :on => 'id', :rename => 'recurring',
-                :ext_method => :search_by_recurring_logic, :only_explicit => true,
-                :complete_value => { :true => true, :false => false }
+    :ext_method => :search_by_recurring_logic, :only_explicit => true,
+    :complete_value => { :true => true, :false => false }
 
   default_scope -> { order('job_invocations.id DESC') }
 
@@ -76,10 +82,22 @@ class JobInvocation < ApplicationRecord
 
   encrypts :password, :key_passphrase, :effective_user_password
 
+  class Jail < Safemode::Jail
+    allow :sub_task_for_host, :template_invocations_hosts
+  end
+
+  def self.search_by_targeted_host(key, operator, value)
+    { :conditions => sanitize_sql_for_conditions(["hosts.id = ?", value]), :joins => :targeted_hosts }
+  end
+
+  def self.search_by_pattern_template(key, operator, value)
+    { :conditions => sanitize_sql_for_conditions(["templates.name = ?", value]), :joins => :pattern_templates }
+  end
+
   def self.search_by_status(key, operator, value)
     conditions = HostStatus::ExecutionStatus::ExecutionTaskStatusMapper.sql_conditions_for(value)
     conditions[0] = "NOT (#{conditions[0]})" if operator == '<>'
-    { :conditions => sanitize_sql_for_conditions(conditions), :include => :task }
+    { :conditions => sanitize_sql_for_conditions(conditions), :joins => :task }
   end
 
   def self.search_by_recurring_logic(key, operator, value)
@@ -173,11 +191,16 @@ class JobInvocation < ApplicationRecord
   end
 
   def total_hosts_count
+    count = _('N/A')
+
     if targeting.resolved?
-      task&.main_action&.total_count || targeting.hosts.count
-    else
-      _('N/A')
+      count = if task&.main_action.respond_to?(:total_count)
+                task.main_action.total_count
+              else
+                targeting.hosts.count
+              end
     end
+    count
   end
 
   def pattern_template_invocation_for_host(host)

data/app/models/job_invocation_composer.rb

@@ -1,4 +1,7 @@
 class JobInvocationComposer
+  class JobTemplateNotFound < StandardError; end
+
+  class FeatureNotFound < StandardError; end
 
   class UiParams
     attr_reader :ui_params
@@ -64,6 +67,10 @@ class JobInvocationComposer
           values.merge(:template_input_id => id)
         end
 
+        provider_values_params = template_base.fetch(:provider_input_values, {})
+        template_base[:provider_input_values] = provider_values_params.map do |key, hash|
+          { :name => key, :value => hash[:value] }
+        end
         template_base
       end
     end
@@ -96,6 +103,17 @@ class JobInvocationComposer
 
     def initialize(api_params)
       @api_params = api_params
+
+      if api_params[:feature]
+        # set a default targeting type for backward compatibility
+        # when `for_feature` was used by the API it automatically set a default
+        api_params[:targeting_type] = Targeting::STATIC_TYPE
+      end
+
+      if api_params[:search_query].blank? && api_params[:host_ids].present?
+        translator = HostIdsTranslator.new(api_params[:host_ids])
+        api_params[:search_query] = translator.scoped_search
+      end
     end
 
     def params
@@ -103,12 +121,16 @@ class JobInvocationComposer
         :targeting => targeting_params,
         :triggering => triggering_params,
         :description_format => api_params[:description_format],
-        :remote_execution_feature_id => api_params[:remote_execution_feature_id],
+        :remote_execution_feature_id => remote_execution_feature_id,
         :concurrency_control => concurrency_control_params,
         :execution_timeout_interval => api_params[:execution_timeout_interval] || template.execution_timeout_interval,
         :template_invocations => template_invocations_params }.with_indifferent_access
     end
 
+    def remote_execution_feature_id
+      feature&.id || api_params[:remote_execution_feature_id]
+    end
+
     def targeting_params
       raise ::Foreman::Exception, _('Cannot specify both bookmark_id and search_query') if api_params[:bookmark_id] && api_params[:search_query]
 
@@ -147,19 +169,39 @@ class JobInvocationComposer
 
     def template_invocations_params
       template_invocation_params = { :template_id => template.id, :effective_user => api_params[:effective_user] }
+      template_invocation_params[:provider_input_values] = filter_provider_inputs api_params
       template_invocation_params[:input_values] = api_params.fetch(:inputs, {}).to_h.map do |name, value|
         input = template.template_inputs_with_foreign.find { |i| i.name == name }
         unless input
           raise ::Foreman::Exception, _('Unknown input %{input_name} for template %{template_name}') %
-              { :input_name => name, :template_name => template.name }
+            { :input_name => name, :template_name => template.name }
         end
         { :template_input_id => input.id, :value => value }
       end
       [template_invocation_params]
     end
 
+    def filter_provider_inputs(api_params)
+      return [] if template.provider.provider_input_namespace.empty?
+      inputs = api_params[template.provider.provider_input_namespace].to_h
+      provider_input_names = template.provider.provider_inputs.map(&:name)
+      inputs.select { |key, value| provider_input_names.include? key }.map { |key, value| { :name => key, :value => value } }
+    end
+
+    def feature
+      @feature ||= RemoteExecutionFeature.feature(api_params[:feature]) if api_params[:feature]
+    rescue => e
+      raise(FeatureNotFound, e.message)
+    end
+
+    def job_template_id
+      feature&.job_template_id || api_params[:job_template_id]
+    end
+
     def template
-      @template ||= JobTemplate.authorized(:view_job_templates).find(api_params[:job_template_id])
+      @template ||= JobTemplate.authorized(:view_job_templates).find(job_template_id)
+    rescue ActiveRecord::RecordNotFound
+      raise(JobTemplateNotFound, _("Template with id '%{id}' was not found") % { id: job_template_id })
     end
 
     private
@@ -227,25 +269,38 @@ class JobInvocationComposer
     end
   end
 
+  class HostIdsTranslator
+    attr_reader :bookmark, :hosts, :scoped_search, :host_ids
+
+    def initialize(input)
+      case input
+      when Bookmark
+        @bookmark = input
+      when Host::Base
+        @hosts = [input]
+      when Array
+        @hosts = input.map do |id|
+          Host::Managed.authorized.friendly.find(id)
+        end
+      when String
+        @scoped_search = input
+      else
+        @hosts = input
+      end
+
+      @scoped_search ||= Targeting.build_query_from_hosts(hosts.map(&:id)) if @hosts
+    end
+  end
+
   class ParamsForFeature
     attr_reader :feature_label, :feature, :provided_inputs
 
     def initialize(feature_label, hosts, provided_inputs = {})
       @feature = RemoteExecutionFeature.feature(feature_label)
       @provided_inputs = provided_inputs
-      if hosts.is_a? Bookmark
-        @host_bookmark = hosts
-      elsif hosts.is_a? Host::Base
-        @host_objects = [hosts]
-      elsif hosts.is_a? Array
-        @host_objects = hosts.map do |id|
-          Host::Managed.authorized.friendly.find(id)
-        end
-      elsif hosts.is_a? String
-        @host_scoped_search = hosts
-      else
-        @host_objects = hosts
-      end
+      translator = HostIdsTranslator.new(hosts)
+      @host_bookmark = translator.bookmark
+      @host_scoped_search = translator.scoped_search
     end
 
     def params
@@ -263,7 +318,6 @@ class JobInvocationComposer
       ret = {}
       ret['targeting_type'] = Targeting::STATIC_TYPE
       ret['search_query'] = @host_scoped_search if @host_scoped_search
-      ret['search_query'] = Targeting.build_query_from_hosts(@host_objects) if @host_objects
       ret['bookmark_id'] = @host_bookmark.id if @host_bookmark
       ret['user_id'] = User.current.id
       ret
@@ -351,7 +405,7 @@ class JobInvocationComposer
     job_invocation.effective_user_password = params[:effective_user_password]
 
     if @reruns && job_invocation.targeting.static?
-      job_invocation.targeting.host_ids = JobInvocation.find(@reruns).targeting.host_ids
+      job_invocation.targeting.assign_host_ids(JobInvocation.find(@reruns).targeting.host_ids)
       job_invocation.targeting.mark_resolved!
     end
 
@@ -503,6 +557,7 @@ class JobInvocationComposer
       input = template_invocation.template.template_inputs_with_foreign.find { |i| i.id.to_s == attributes[:template_input_id].to_s }
       input ? input.template_invocation_input_values.build(attributes) : nil
     end.compact
+    template_invocation.provider_input_values.build job_template_base.fetch('provider_input_values', [])
   end
 
   def build_targeting
@@ -540,7 +595,7 @@ class JobInvocationComposer
 
     params[:template_invocations].select { |t| valid_template_ids.include?(t[:template_id].to_i) }.map do |template_invocation_params|
       template_invocation = job_invocation.pattern_template_invocations.build(:template_id => template_invocation_params[:template_id],
-                                                                              :effective_user => build_effective_user(template_invocation_params))
+        :effective_user => build_effective_user(template_invocation_params))
       build_input_values_for(template_invocation, template_invocation_params)
       template_invocation
     end

data/app/models/remote_execution_provider.rb

@@ -20,7 +20,7 @@ class RemoteExecutionProvider
     end
 
     def proxy_command_options(template_invocation, host)
-      {:proxy_operation_name => proxy_operation_name}
+      {:proxy_operation_name => proxy_operation_name}.merge(proxy_command_provider_inputs(template_invocation))
     end
 
     def secrets(_host)
@@ -35,6 +35,9 @@ class RemoteExecutionProvider
       self.name
     end
 
+    def provider_input_namespace
+    end
+
     def supports_effective_user?
       false
     end
@@ -47,7 +50,7 @@ class RemoteExecutionProvider
       method = host_setting(host, :remote_execution_effective_user_method)
       unless EFFECTIVE_USER_METHODS.include?(method)
         raise _('Effective user method "%{current_value}" is not one of %{valid_methods}') %
-                  { :current_value => method, :valid_methods => EFFECTIVE_USER_METHODS}
+          { :current_value => method, :valid_methods => EFFECTIVE_USER_METHODS}
       end
       method
     end
@@ -95,8 +98,20 @@ class RemoteExecutionProvider
     def ssh_key_passphrase(_host)
     end
 
+    def provider_inputs
+      []
+    end
+
+    def provider_inputs_doc
+      {}
+    end
+
+    def proxy_command_provider_inputs(template_invocation)
+      {}
+    end
+
     def proxy_action_class
-      ForemanRemoteExecutionCore::Actions::RunScript
+      'ForemanRemoteExecutionCore::Actions::RunScript'
     end
 
     # Return a specific proxy selector to use for running a given template

data/app/models/setting/remote_execution.rb

@@ -70,9 +70,19 @@ class Setting::RemoteExecution < Setting
       self.set('remote_execution_form_job_template',
         N_('Choose a job template that is pre-selected in job invocation form'),
         'Run Command - SSH Default',
-        _('Form Job Template'),
+        N_('Form Job Template'),
         nil,
         { :collection => proc { Hash[JobTemplate.unscoped.map { |template| [template.name, template.name] }] } }),
+      self.set('remote_execution_job_invocation_report_template',
+        N_('Select a report template used for generating a report for a particular remote execution job'),
+        'Jobs - Invocation report template',
+        N_('Job Invocation Report Template'),
+        nil,
+        { :collection => proc { self.job_invocation_report_templates_select } }),
     ]
   end
+
+  def self.job_invocation_report_templates_select
+    Hash[ReportTemplate.unscoped.joins(:template_inputs).where(template_inputs: TemplateInput.where(name: 'job_id')).map { |template| [template.name, template.name] }]
+  end
 end

data/app/models/ssh_execution_provider.rb

@@ -2,10 +2,10 @@ class SSHExecutionProvider < RemoteExecutionProvider
   class << self
     def proxy_command_options(template_invocation, host)
       super.merge(:ssh_user => ssh_user(host),
-                  :effective_user => effective_user(template_invocation),
-                  :effective_user_method => effective_user_method(host),
-                  :cleanup_working_dirs => cleanup_working_dirs?(host),
-                  :ssh_port => ssh_port(host))
+        :effective_user => effective_user(template_invocation),
+        :effective_user_method => effective_user_method(host),
+        :cleanup_working_dirs => cleanup_working_dirs?(host),
+        :ssh_port => ssh_port(host))
     end
 
     def humanized_name

data/app/models/targeting.rb

@@ -46,9 +46,13 @@ class Targeting < ApplicationRecord
     #   pluck(:id) returns duplicate results for HostCollections
     host_ids = User.as(user.login) { Host.authorized(RESOLVE_PERMISSION, Host).search_for(search_query).order(:name, :id).pluck(:id).uniq }
     host_ids.shuffle!(random: Random.new) if randomized_ordering
+    self.assign_host_ids(host_ids)
+    self.save(:validate => false)
+  end
+
+  def assign_host_ids(host_ids)
     # this can be optimized even more, by introducing bulk insert
     self.targeting_hosts.build(host_ids.map { |id| { :host_id => id } })
-    self.save(:validate => false)
   end
 
   def dynamic?

data/app/models/template_invocation.rb

@@ -11,6 +11,7 @@ class TemplateInvocation < ApplicationRecord
   belongs_to :template, :class_name => 'JobTemplate', :foreign_key => 'template_id'
   belongs_to :job_invocation, :inverse_of => :template_invocations
   has_many :input_values, :class_name => 'TemplateInvocationInputValue', :dependent => :destroy
+  has_many :provider_input_values, :class_name => 'InvocationProviderInputValue', :dependent => :destroy
   has_one :targeting, :through => :job_invocation
   belongs_to :host, :class_name => 'Host::Managed', :foreign_key => :host_id
   has_one :host_group, :through => :host, :source => :hostgroup
@@ -77,6 +78,7 @@ class TemplateInvocation < ApplicationRecord
   def deep_clone
     self.dup.tap do |invocation|
       invocation.input_values = self.input_values.map(&:dup)
+      invocation.provider_input_values = self.provider_input_values.map(&:dup)
     end
   end
 

data/app/overrides/execution_interface.rb

@@ -1,9 +1,9 @@
-Deface::Override.new(:virtual_path    => 'hosts/_form',
-                     :name            => 'add_execution_interface_js',
-                     :insert_before   => 'div#primary',
-                     :text            => '<%= javascript "foreman_remote_execution/execution_interface" %>')
+Deface::Override.new(:virtual_path => 'hosts/_form',
+  :name            => 'add_execution_interface_js',
+  :insert_before   => 'div#primary',
+  :text            => '<%= javascript "foreman_remote_execution/execution_interface" %>')
 
-Deface::Override.new(:virtual_path  => 'nic/_base_form',
-                     :name          => 'add_execution_interface',
-                     :insert_after  => 'erb[loud]:contains("interface_provision")',
-                     :partial       => 'overrides/nics/execution_interface')
+Deface::Override.new(:virtual_path => 'nic/_base_form',
+  :name          => 'add_execution_interface',
+  :insert_after  => 'erb[loud]:contains("interface_provision")',
+  :partial       => 'overrides/nics/execution_interface')

data/app/overrides/subnet_proxies.rb

@@ -1,9 +1,9 @@
 Deface::Override.new(:virtual_path => 'subnets/_form',
-                     :name => 'add_remote_execution_proxies_tab',
-                     :insert_after => 'li.active',
-                     :partial => 'overrides/subnets/rex_tab')
+  :name => 'add_remote_execution_proxies_tab',
+  :insert_after => 'li.active',
+  :partial => 'overrides/subnets/rex_tab')
 
 Deface::Override.new(:virtual_path => 'subnets/_form',
-                     :name => 'add_remote_execution_proxies_tab_pane',
-                     :insert_after => 'div#proxies',
-                     :partial => 'overrides/subnets/rex_tab_pane')
+  :name => 'add_remote_execution_proxies_tab_pane',
+  :insert_after => 'div#proxies',
+  :partial => 'overrides/subnets/rex_tab_pane')