foreman_remote_execution 1.5.1 → 1.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 9fcd52aa2585b165caee15553d3ceaaf4fc5cf69
-  data.tar.gz: d22298a49fa2ddc29e0d5c5ea022716461ecf527
+SHA256:
+  metadata.gz: cee9f09b684c8a829284e5eef226b75d241e91a3622fbad2f1626ff75855c812
+  data.tar.gz: 160de6767048860228ab7007394d548d937d757d8f19f3cd401e1257b96950ad
 SHA512:
-  metadata.gz: bf01f416ab54076ae74f0e13aead95fa68604e6600bac1df9936991e65e3e24fbcfaf8f97ade5c68bcb3a6b25701e27368071bed6de27a31a13b59e875e13756
-  data.tar.gz: 3283109dbb5554f722c00bcf8632e9513521641354afcc1f86484e0eefc74da05797fd70bd522b0e95d68ead7a1b28767d9e86e18f4e1da292aa1f9ecf4f8ba3
+  metadata.gz: c4c7c5c3a2d9173defa65b8a9fa81de541698345a623cf870f76f70a6c83792f8ecf9a70939f103fb78b0ef5fc4e8dd763bfd541df46f965bfbe532aa1cee9e8
+  data.tar.gz: 9311306fda1292ff48856e6f3c05808c61f89154f07491071f9e71bafbf089b13f18ef128749ad0c8726005d4f8d0658bc551ecacd3960d069fdce16387b485d

data/app/controllers/api/v2/job_invocations_controller.rb

@@ -77,7 +77,7 @@ module Api
       param :host_id, :identifier, :required => true
       param :since, String, :required => false
       def output
-        if @nested_obj.task.delayed?
+        if @nested_obj.task.scheduled?
           render :json => { :refresh => true, :output => [], :delayed => true, :start_at => @nested_obj.task.start_at }
           return
         end

data/app/helpers/remote_execution_helper.rb

@@ -140,6 +140,8 @@ module RemoteExecutionHelper
     options = { :unknown_string => 'N/A' }.merge(options)
     if invocation.queued?
       options[:unknown_string]
+    elsif options[:output_key] == :total_count
+      invocation.total_hosts_count
     else
       (invocation.task.try(:output) || {}).fetch(options[:output_key], options[:unknown_string])
     end

data/app/lib/actions/remote_execution/run_host_job.rb

@@ -7,6 +7,10 @@ module Actions
       middleware.do_not_use Dynflow::Middleware::Common::Transaction
       middleware.use Actions::Middleware::HideSecrets
 
+      def queue
+        ForemanRemoteExecution::DYNFLOW_QUEUE
+      end
+
       def resource_locks
         :link
       end
@@ -35,7 +39,8 @@ module Actions
         provider = template_invocation.template.provider
 
         secrets = { :ssh_password => job_invocation.password || provider.ssh_password(host),
-                    :key_passphrase => job_invocation.key_passphrase || provider.ssh_key_passphrase(host) }
+                    :key_passphrase => job_invocation.key_passphrase || provider.ssh_key_passphrase(host),
+                    :sudo_password => job_invocation.sudo_password || provider.sudo_password(host) }
 
         additional_options = { :hostname => provider.find_ip_or_hostname(host),
                                :script => script,
@@ -49,6 +54,7 @@ module Actions
       end
 
       def finalize(*args)
+        update_host_status
         check_exit_status
       end
 
@@ -112,6 +118,13 @@ module Actions
 
       private
 
+      def update_host_status
+        host = Host.find(input[:host][:id])
+        status = (host.execution_status_object ||= HostStatus::ExecutionStatus.new)
+        status.status = exit_status.zero? ? HostStatus::ExecutionStatus::OK : HostStatus::ExecutionStatus::ERROR
+        status.save!
+      end
+
       def delegated_output
         if input[:delegated_action_id]
           super

data/app/lib/actions/remote_execution/run_hosts_job.rb

@@ -4,9 +4,13 @@ module Actions
 
       include Dynflow::Action::WithBulkSubPlans
       include Dynflow::Action::WithPollingSubPlans
+      include Actions::RecurringAction
 
       middleware.use Actions::Middleware::BindJobInvocation
-      middleware.use Actions::Middleware::RecurringLogic
+
+      def queue
+        ForemanRemoteExecution::DYNFLOW_QUEUE
+      end
 
       def delay(delay_options, job_invocation)
         task.add_missing_task_groups(job_invocation.task_group)
@@ -38,7 +42,7 @@ module Actions
       end
 
       def finalize
-        job_invocation.password = job_invocation.key_passphrase = nil
+        job_invocation.password = job_invocation.key_passphrase = job_invocation.sudo_password = nil
         job_invocation.save!
 
         # creating the success notification should be the very last thing this tasks do

data/app/models/concerns/foreman_remote_execution/host_extensions.rb

@@ -45,13 +45,17 @@ module ForemanRemoteExecution
       @execution_status_label ||= get_status(HostStatus::ExecutionStatus).to_label(options)
     end
 
-    def host_params
+    def host_params_hash
       params = super
       keys = remote_execution_ssh_keys
-      params['remote_execution_ssh_keys'] = keys if keys.present?
+      source = 'global'
+      if keys.present?
+        params['remote_execution_ssh_keys'] = {:value => keys, :safe_value => keys, :source => source}
+      end
       [:remote_execution_ssh_user, :remote_execution_effective_user_method,
        :remote_execution_connect_by_ip].each do |key|
-        params[key.to_s] = Setting[key] unless params.key?(key.to_s)
+        value = Setting[key]
+        params[key.to_s] = {:value => value, :safe_value => value, :source => source} unless params.key?(key.to_s)
       end
       params
     end

data/app/models/host_status/execution_status.rb

@@ -15,7 +15,11 @@ class HostStatus::ExecutionStatus < HostStatus::Status
   end
 
   def to_status(options = {})
-    ExecutionTaskStatusMapper.new(last_stopped_task).status
+    if self.new_record?
+      ExecutionTaskStatusMapper.new(last_stopped_task).status
+    else
+      self.status
+    end
   end
 
   def to_global(options = {})

data/app/models/job_invocation.rb

@@ -1,9 +1,9 @@
 class JobInvocation < ApplicationRecord
+  audited :except => [:task_id, :targeting_id, :task_group_id, :triggering_id]
+
   include Authorizable
   include Encryptable
 
-  audited :except => [ :task_id, :targeting_id, :task_group_id, :triggering_id ]
-
   include ForemanRemoteExecution::ErrorsFlattener
   FLATTENED_ERRORS_MAPPING = {
     :pattern_template_invocations => lambda do |template_invocation|
@@ -68,7 +68,7 @@ class JobInvocation < ApplicationRecord
 
   delegate :start_at, :to => :task, :allow_nil => true
 
-  encrypts :password, :key_passphrase
+  encrypts :password, :key_passphrase, :sudo_password
 
   def self.search_by_status(key, operator, value)
     conditions = HostStatus::ExecutionStatus::ExecutionTaskStatusMapper.sql_conditions_for(value)
@@ -137,6 +137,7 @@ class JobInvocation < ApplicationRecord
       invocation.pattern_template_invocations = self.pattern_template_invocations.map(&:deep_clone)
       invocation.password = self.password
       invocation.key_passphrase = self.key_passphrase
+      invocation.sudo_password = self.sudo_password
     end
   end
 

data/app/models/job_invocation_composer.rb

@@ -15,6 +15,7 @@ class JobInvocationComposer
         :description_format => job_invocation_base[:description_format],
         :password => blank_to_nil(job_invocation_base[:password]),
         :key_passphrase => blank_to_nil(job_invocation_base[:key_passphrase]),
+        :sudo_password => blank_to_nil(job_invocation_base[:sudo_password]),
         :concurrency_control => concurrency_control_params,
         :execution_timeout_interval => execution_timeout_interval,
         :template_invocations => template_invocations_params }.with_indifferent_access
@@ -335,6 +336,7 @@ class JobInvocationComposer
     job_invocation.execution_timeout_interval = params[:execution_timeout_interval]
     job_invocation.password = params[:password]
     job_invocation.key_passphrase = params[:key_passphrase]
+    job_invocation.sudo_password = params[:sudo_password]
 
     self
   end

data/app/models/job_template.rb

@@ -1,4 +1,5 @@
 class JobTemplate < ::Template
+  audited
   include ::Exportable
 
   class NonUniqueInputsError < Foreman::Exception
@@ -12,7 +13,6 @@ class JobTemplate < ::Template
   friendly_id :name
   include Parameterizable::ByIdName
 
-  audited :allow_mass_assignment => true
   has_many :audits, :as => :auditable, :class_name => Audited.audit_class.name, :dependent => :nullify
   has_many :all_template_invocations, :dependent => :destroy, :foreign_key => 'template_id', :class_name => 'TemplateInvocation'
   has_many :template_invocations, -> { where('host_id IS NOT NULL') }, :foreign_key => 'template_id'
@@ -66,7 +66,7 @@ class JobTemplate < ::Template
     # Import a template from ERB, with YAML metadata in the first comment.  It
     # will overwrite (sync) an existing template if options[:update] is true.
     def import_raw(contents, options = {})
-      metadata = parse_metadata(contents)
+      metadata = Template.parse_metadata(contents)
       import_parsed(metadata['name'], contents, metadata, options)
     end
 
@@ -76,34 +76,17 @@ class JobTemplate < ::Template
       template
     end
 
-    # This method is used by foreman_templates to import templates, the API should be kept compatible with it
-    def import!(name, text, metadata, force = false)
-      metadata = metadata.dup
-      metadata.delete('associate')
-      JobTemplateImporter.import!(name, text, metadata)
-    end
-
-    # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
-    def import_parsed(name, text, metadata, options = {})
+    def import_parsed(name, text, _metadata, options = {})
       transaction do
-        return if metadata.blank? || metadata.delete('kind') != 'job_template' ||
-                  (metadata.key?('model') && metadata.delete('model') != self.to_s)
-        metadata['name'] = name
         # Don't look for existing if we should always create a new template
         existing = self.find_by(:name => name) unless options.delete(:build_new)
         # Don't update if the template already exists, unless we're told to
         return if !options.delete(:update) && existing
 
-        template = existing || self.new
-        template.sync_inputs(metadata.delete('template_inputs'))
-        template.sync_foreign_input_sets(metadata.delete('foreign_input_sets'))
-        template.sync_feature(metadata.delete('feature'))
-        template.locked = false if options.delete(:force)
-        template.assign_attributes(metadata.merge(:template => text.gsub(/<%\#.+?.-?%>\n?/m, '').strip).merge(options))
-        template.assign_taxonomies if template.new_record?
+        template = existing || self.new(:name => name)
+        template.import_without_save(text, options)
         template
       end
-      # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
     end
   end
 
@@ -215,9 +198,22 @@ class JobTemplate < ::Template
     end
   end
 
-  def self.parse_metadata(template)
-    match = template.match(/<%\#(.+?).-?%>/m)
-    match.nil? ? {} : YAML.safe_load(match[1])
+  def import_custom_data(options)
+    sync_inputs(@importing_metadata['template_inputs'])
+    sync_foreign_input_sets(@importing_metadata['foreign_input_sets'])
+    sync_feature(@importing_metadata['feature'])
+
+    %w(job_category description_format provider_type).each do |attribute|
+      value = @importing_metadata[attribute]
+      self.public_send "#{attribute}=", value if @importing_metadata.key?(attribute)
+    end
+
+    # this should be moved to core but meanwhile we support default attribute here
+    # see http://projects.theforeman.org/issues/23426 for more details
+    self.default = options[:default] unless options[:default].nil?
+
+    # job templates have too long metadata, we remove them on parsing until it's stored in separate attribute
+    self.template = self.template.gsub(/<%\#.+?.-?%>\n?/m, '').strip
   end
 
   private

data/app/models/remote_execution_provider.rb

@@ -44,6 +44,15 @@ class RemoteExecutionProvider
       method
     end
 
+    def cleanup_working_dirs?(host)
+      setting = host_setting(host, :remote_execution_cleanup_working_dirs)
+      [true, 'true', 'True', 'TRUE', '1'].include?(setting)
+    end
+
+    def sudo_password(host)
+      host_setting(host, :remote_execution_sudo_password)
+    end
+
     def effective_interfaces(host)
       interfaces = []
       %w(execution primary provision).map do |flag|
@@ -70,7 +79,7 @@ class RemoteExecutionProvider
     end
 
     def host_setting(host, setting)
-      host.params[setting.to_s] || Setting[setting]
+      host.host_param(setting.to_s) || Setting[setting]
     end
 
     def ssh_password(_host) end

data/app/models/setting/remote_execution.rb

@@ -1,8 +1,8 @@
 class Setting::RemoteExecution < Setting
 
-  ::Setting::BLANK_ATTRS.concat %w{remote_execution_ssh_password remote_execution_ssh_key_passphrase}
+  ::Setting::BLANK_ATTRS.concat %w{remote_execution_ssh_password remote_execution_ssh_key_passphrase remote_execution_sudo_password}
 
-  # rubocop:disable Metrics/MethodLength
+  # rubocop:disable Metrics/MethodLength,Metrics/AbcSize
   def self.load_defaults
     # Check the table exists
     return unless super
@@ -39,6 +39,7 @@ class Setting::RemoteExecution < Setting
                  N_('Effective User Method'),
                  nil,
                  { :collection => proc { Hash[SSHExecutionProvider::EFFECTIVE_USER_METHODS.map { |method| [method, method] }] } }),
+        self.set('remote_execution_sudo_password', N_("Sudo password"), '', N_("Sudo password"), nil, {:encrypted => true}),
         self.set('remote_execution_sync_templates',
                  N_('Whether we should sync templates from disk when running db:seed.'),
                  true,
@@ -63,12 +64,20 @@ class Setting::RemoteExecution < Setting
                  nil,
                  N_('Default SSH key passphrase'),
                  nil,
-                 { :encrypted => true })
+                 { :encrypted => true }),
+        self.set('remote_execution_workers_pool_size',
+                 N_('Amount of workers in the pool to handle the execution of the remote execution jobs. Restart of the dynflowd/foreman-tasks service is required.'),
+                 5,
+                 N_('Workers pool size')),
+        self.set('remote_execution_cleanup_working_dirs',
+                 N_('When enabled, working directories will be removed after task completion. You may override this per host by setting a parameter called remote_execution_cleanup_working_dirs.'),
+                 true,
+                 N_('Cleanup working directories'))
       ].each { |s| self.create! s.update(:category => 'Setting::RemoteExecution') }
     end
 
     true
   end
   # rubocop:enable AbcSize
-  # rubocop:enable Metrics/MethodLength
+  # rubocop:enable Metrics/MethodLength,Metrics/AbcSize
 end

data/app/models/ssh_execution_provider.rb

@@ -4,6 +4,8 @@ class SSHExecutionProvider < RemoteExecutionProvider
       super.merge(:ssh_user => ssh_user(host),
                   :effective_user => effective_user(template_invocation),
                   :effective_user_method => effective_user_method(host),
+                  :cleanup_working_dirs => cleanup_working_dirs?(host),
+                  :sudo_password => sudo_password(host),
                   :ssh_port => ssh_port(host))
     end
 
@@ -26,7 +28,7 @@ class SSHExecutionProvider < RemoteExecutionProvider
     private
 
     def ssh_user(host)
-      host.params['remote_execution_ssh_user']
+      host.host_param('remote_execution_ssh_user')
     end
 
     def ssh_port(host)

data/app/views/job_invocations/_form.html.erb

@@ -93,6 +93,7 @@
     <div class="advanced hidden">
       <%= password_f f, :password, :placeholder => '*****', :label => _('Password'), :label_help => N_('Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
       <%= password_f f, :key_passphrase, :placeholder => '*****', :label => _('Private key passphrase'), :label_help => N_('Key passhprase is only applicable for SSH provider. Other providers ignore this field. <br> Passphrase is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
+      <%= password_f f, :sudo_password, :placeholder => '*****', :label => _('Sudo password'), :label_help => N_('Sudo password is only applicable for SSH provider. Other providers ignore this field. <br> Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
     </div>
 
     <div class="advanced hidden">

data/app/views/job_invocations/show.html.erb

@@ -1,7 +1,9 @@
 <% title @job_invocation.description, trunc_with_tooltip(@job_invocation.description, 120) %>
 <% stylesheet 'foreman_remote_execution/job_invocations' %>
 <% javascript 'charts', 'foreman_remote_execution/template_invocation' %>
-<%= javascript_include_tag *webpack_asset_paths('remoteexecution', :extension => 'js'), "data-turbolinks-track" => true, 'defer' => 'defer' %>
+<%= javascript_include_tag *webpack_asset_paths('foreman_remote_execution', :extension => 'js'), "data-turbolinks-track" => true, 'defer' => 'defer' %>
+
+<%= breadcrumbs name_field: 'description' %>
 
 <% if @job_invocation.task %>
   <% title_actions(button_group(job_invocation_task_buttons(@job_invocation.task))) %>

data/app/views/job_templates/edit.html.erb

@@ -1,6 +1,19 @@
 <%= javascript 'lookup_keys' %>
 <%= javascript 'foreman_remote_execution/template_input' %>
 
+<%= breadcrumbs(
+    items: [
+      {
+        caption: _('Job Templates'),
+        url: url_for(job_templates_path)
+      },
+      {
+        caption: _('Edit %s' % @template.to_label)
+      }
+    ]
+  )
+%>
+
 <% title _("Edit Job Template") %>
 
 <%= render :partial => 'form' %>

data/app/views/job_templates/index.html.erb

@@ -7,7 +7,7 @@
                  link_to_function(_('Import'), 'show_import_job_template_modal();', :class => 'btn btn-default'),
                  new_link(_("New Job Template"))) %>
 
-<table class="<%= table_css_classes('table-two-pane table-fixed') %>">
+<table class="<%= table_css_classes('table-fixed') %>">
   <thead>
     <tr>
       <th class="col-md-6"><%= sort :name, :as => s_("JobTemplate|Name") %></th>

data/db/migrate/20180411160809_add_sudo_password_to_job_invocation.rb

@@ -0,0 +1,5 @@
+class AddSudoPasswordToJobInvocation < ActiveRecord::Migration[4.2]
+  def change
+    add_column :job_invocations, :sudo_password, :string
+  end
+end

data/foreman_remote_execution.gemspec

@@ -24,9 +24,9 @@ Gem::Specification.new do |s|
   s.extra_rdoc_files = Dir['README*', 'LICENSE']
 
   s.add_dependency 'deface'
-  s.add_dependency 'dynflow', '>= 1.0.0', '< 2.0.0'
+  s.add_dependency 'dynflow', '>= 1.0.1', '< 2.0.0'
   s.add_dependency 'foreman_remote_execution_core'
-  s.add_dependency 'foreman-tasks', '~> 0.12'
+  s.add_dependency 'foreman-tasks', '~> 0.13'
 
   s.add_development_dependency 'factory_bot_rails', '~> 4.8.0'
   s.add_development_dependency 'rubocop'

data/lib/foreman_remote_execution/engine.rb

@@ -1,6 +1,8 @@
 require 'foreman_remote_execution_core'
 
 module ForemanRemoteExecution
+  DYNFLOW_QUEUE = :remote_execution
+
   class Engine < ::Rails::Engine
     engine_name 'foreman_remote_execution'
 
@@ -26,6 +28,7 @@ module ForemanRemoteExecution
 
     initializer 'foreman_remote_execution.require_dynflow', :before => 'foreman_tasks.initialize_dynflow' do |app|
       ForemanTasks.dynflow.require!
+      ForemanTasks.dynflow.config.queues.add(DYNFLOW_QUEUE, :pool_size => Setting['remote_execution_workers_pool_size']) if Setting.table_exists? rescue(false)
       ForemanTasks.dynflow.config.eager_load_paths << File.join(ForemanRemoteExecution::Engine.root, 'app/lib/actions')
     end
 

data/lib/foreman_remote_execution/version.rb

@@ -1,3 +1,3 @@
 module ForemanRemoteExecution
-  VERSION = '1.5.1'.freeze
+  VERSION = '1.5.2'.freeze
 end

data/test/functional/api/v2/job_invocations_controller_test.rb

@@ -98,7 +98,7 @@ module Api
 
       test 'should provide output for delayed task' do
         host = @invocation.template_invocations_hosts.first
-        ForemanTasks::Task.any_instance.expects(:delayed?).returns(true)
+        ForemanTasks::Task.any_instance.expects(:scheduled?).returns(true)
         get :output, params: { :job_invocation_id => @invocation.id, :host_id => host.id }
         result = ActiveSupport::JSON.decode(@response.body)
         assert_equal result['delayed'], true

data/test/unit/actions/run_host_job_test.rb

@@ -0,0 +1,63 @@
+require 'test_plugin_helper'
+
+module ForemanRemoteExecution
+  class RunHostJobTest < ActiveSupport::TestCase
+    include Dynflow::Testing
+
+    subject { create_action(Actions::RemoteExecution::RunHostJob) }
+    let(:host) { FactoryBot.create(:host, :with_execution) }
+
+    before do
+      subject.stubs(:input).returns({ host: { id: host.id } })
+      Host.expects(:find).with(host.id).returns(host)
+    end
+
+    describe '#finalize' do
+      describe 'updates the host status' do
+        before do
+          subject.expects(:check_exit_status).returns(nil)
+        end
+
+        context 'with stubbed status' do
+          let(:stub_status) do
+            status = HostStatus::ExecutionStatus.new
+            status.stubs(:save!).returns(true)
+            status
+          end
+
+          before do
+            host.expects(:execution_status_object).returns(stub_status)
+          end
+
+          context 'exit_status is 0' do
+            it 'updates the host status to OK' do
+              subject.stubs(:exit_status).returns(0)
+              stub_status.expects(:"status=").with(HostStatus::ExecutionStatus::OK)
+              subject.finalize
+            end
+          end
+
+          context 'exit_status is NOT 0' do
+            it 'updates the host status to ERROR' do
+              subject.stubs(:exit_status).returns(1)
+              stub_status.expects(:"status=").with(HostStatus::ExecutionStatus::ERROR)
+              subject.finalize
+            end
+          end
+        end
+
+        context 'host has no execution status yet' do
+          before do
+            assert_nil host.execution_status_object
+            subject.stubs(:exit_status).returns(0)
+          end
+
+          it 'creates a new status' do
+            subject.finalize
+            refute_nil host.execution_status_object
+          end
+        end
+      end
+    end
+  end
+end

data/test/unit/actions/run_hosts_job_test.rb

@@ -14,6 +14,7 @@ module ForemanRemoteExecution
         invocation.description = 'Some short description'
         invocation.password = 'changeme'
         invocation.key_passphrase = 'changemetoo'
+        invocation.sudo_password = 'sudopassword'
         invocation.save
       end
     end

data/test/unit/concerns/host_extensions_test.rb

@@ -20,21 +20,21 @@ class ForemanRemoteExecutionHostExtensionsTest < ActiveSupport::TestCase
     end
 
     it 'has ssh user in the parameters' do
-      host.params['remote_execution_ssh_user'].must_equal Setting[:remote_execution_ssh_user]
+      host.host_param('remote_execution_ssh_user').must_equal Setting[:remote_execution_ssh_user]
     end
 
     it 'can override ssh user' do
       host.host_parameters << FactoryBot.create(:host_parameter, :host => host, :name => 'remote_execution_ssh_user', :value => 'amy')
-      host.params['remote_execution_ssh_user'].must_equal 'amy'
+      host.host_param('remote_execution_ssh_user').must_equal 'amy'
     end
 
     it 'has effective user method in the parameters' do
-      host.params['remote_execution_effective_user_method'].must_equal Setting[:remote_execution_effective_user_method]
+      host.host_param('remote_execution_effective_user_method').must_equal Setting[:remote_execution_effective_user_method]
     end
 
     it 'can override effective user method' do
       host.host_parameters << FactoryBot.create(:host_parameter, :host => host, :name => 'remote_execution_effective_user_method', :value => 'su')
-      host.params['remote_execution_effective_user_method'].must_equal 'su'
+      host.host_param('remote_execution_effective_user_method').must_equal 'su'
     end
 
     it 'has ssh keys in the parameters' do

data/test/unit/job_invocation_composer_test.rb

@@ -501,6 +501,18 @@ class JobInvocationComposerTest < ActiveSupport::TestCase
         end
       end
 
+      describe '#sudo_password' do
+        let(:sudo_password) { 'password' }
+        let(:params) do
+          { :job_invocation => { :sudo_password => sudo_password }}
+        end
+
+        it 'sets the sudo password properly' do
+          composer
+          composer.job_invocation.sudo_password.must_equal sudo_password
+        end
+      end
+
       describe '#targeting' do
         it 'triggers targeting on job_invocation' do
           composer

data/test/unit/remote_execution_provider_test.rb

@@ -72,15 +72,21 @@ class RemoteExecutionProviderTest < ActiveSupport::TestCase
 
     describe 'ssh user' do
       it 'uses the remote_execution_ssh_user on the host param' do
-        host.params['remote_execution_ssh_user'] = 'my user'
         host.host_parameters << FactoryBot.create(:host_parameter, :host => host, :name => 'remote_execution_ssh_user', :value => 'my user')
         proxy_options[:ssh_user].must_equal 'my user'
       end
     end
 
+    describe 'sudo password' do
+      it 'uses the remote_execution_sudo_password on the host param' do
+        host.params['remote_execution_sudo_password'] = 'mypassword'
+        host.host_parameters << FactoryBot.create(:host_parameter, :host => host, :name => 'remote_execution_sudo_password', :value => 'mypassword')
+        proxy_options[:sudo_password].must_equal 'mypassword'
+      end
+    end
+
     describe 'sudo' do
       it 'uses the remote_execution_ssh_user on the host param' do
-        host.params['remote_execution_effective_user_method'] = 'sudo'
         method_param = FactoryBot.create(:host_parameter, :host => host, :name => 'remote_execution_effective_user_method', :value => 'sudo')
         host.host_parameters << method_param
         proxy_options[:effective_user_method].must_equal 'sudo'
@@ -112,6 +118,25 @@ class RemoteExecutionProviderTest < ActiveSupport::TestCase
       end
     end
 
+    describe 'cleanup working directories setting' do
+      before do
+        Setting[:remote_execution_cleanup_working_dirs] = false
+      end
+
+      it 'updates the value via settings' do
+        proxy_options[:cleanup_working_dirs].must_equal false
+      end
+    end
+
+    describe 'cleanup working directories from parameters' do
+      it 'takes the value from host parameters' do
+        host.params['remote_execution_cleanup_working_dirs'] = 'false'
+        host.host_parameters << FactoryBot.build(:host_parameter, :name => 'remote_execution_cleanup_working_dirs', :value => 'false')
+        host.clear_host_parameters_cache!
+        proxy_options[:cleanup_working_dirs].must_equal false
+      end
+    end
+
     describe '#find_ip_or_hostname' do
       let(:host) do
         FactoryBot.create(:host) do |host|
@@ -139,7 +164,7 @@ class RemoteExecutionProviderTest < ActiveSupport::TestCase
       end
 
       it 'gets ip from flagged interfaces' do
-        host.params['remote_execution_connect_by_ip'] = true
+        host.host_params['remote_execution_connect_by_ip'] = true
         # no ip address set on relevant interface - fallback to fqdn
         SSHExecutionProvider.find_ip_or_hostname(host).must_equal 'somehost.somedomain.org'
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_remote_execution
 version: !ruby/object:Gem::Version
-  version: 1.5.1
+  version: 1.5.2
 platform: ruby
 authors:
 - Foreman Remote Execution team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-04-12 00:00:00.000000000 Z
+date: 2018-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: deface
@@ -30,7 +30,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.0
+        version: 1.0.1
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.0.0
@@ -40,7 +40,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.0
+        version: 1.0.1
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.0.0
@@ -64,14 +64,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.13'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.13'
 - !ruby/object:Gem::Dependency
   name: factory_bot_rails
   requirement: !ruby/object:Gem::Requirement
@@ -189,7 +189,6 @@ files:
 - app/models/job_invocation_task_group.rb
 - app/models/job_template.rb
 - app/models/job_template_effective_user.rb
-- app/models/job_template_importer.rb
 - app/models/remote_execution_feature.rb
 - app/models/remote_execution_provider.rb
 - app/models/setting/remote_execution.rb
@@ -318,6 +317,7 @@ files:
 - db/migrate/20180202072115_add_notification_builder_to_remote_execution_feature.rb
 - db/migrate/20180202123215_add_feature_id_to_job_invocation.rb
 - db/migrate/20180226095631_change_task_id_to_uuid.rb
+- db/migrate/20180411160809_add_sudo_password_to_job_invocation.rb
 - db/seeds.d/50-notification_blueprints.rb
 - db/seeds.d/60-ssh_proxy_feature.rb
 - db/seeds.d/70-job_templates.rb
@@ -364,6 +364,7 @@ files:
 - test/functional/api/v2/template_inputs_controller_test.rb
 - test/functional/job_invocations_controller_test.rb
 - test/test_plugin_helper.rb
+- test/unit/actions/run_host_job_test.rb
 - test/unit/actions/run_hosts_job_test.rb
 - test/unit/concerns/foreman_tasks_cleaner_extensions_test.rb
 - test/unit/concerns/host_extensions_test.rb
@@ -373,7 +374,6 @@ files:
 - test/unit/job_invocation_composer_test.rb
 - test/unit/job_invocation_test.rb
 - test/unit/job_template_effective_user_test.rb
-- test/unit/job_template_importer_test.rb
 - test/unit/job_template_test.rb
 - test/unit/remote_execution_feature_test.rb
 - test/unit/remote_execution_provider_test.rb
@@ -410,7 +410,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.12
+rubygems_version: 2.7.3
 signing_key: 
 specification_version: 4
 summary: A plugin bringing remote execution to the Foreman, completing the config
@@ -426,6 +426,7 @@ test_files:
 - test/functional/api/v2/template_inputs_controller_test.rb
 - test/functional/job_invocations_controller_test.rb
 - test/test_plugin_helper.rb
+- test/unit/actions/run_host_job_test.rb
 - test/unit/actions/run_hosts_job_test.rb
 - test/unit/concerns/foreman_tasks_cleaner_extensions_test.rb
 - test/unit/concerns/host_extensions_test.rb
@@ -435,7 +436,6 @@ test_files:
 - test/unit/job_invocation_composer_test.rb
 - test/unit/job_invocation_test.rb
 - test/unit/job_template_effective_user_test.rb
-- test/unit/job_template_importer_test.rb
 - test/unit/job_template_test.rb
 - test/unit/remote_execution_feature_test.rb
 - test/unit/remote_execution_provider_test.rb

data/app/models/job_template_importer.rb

@@ -1,36 +0,0 @@
-# This class is a shim to handle the importing of templates via the
-# foreman_templates plugin. It expects a method like
-#     def import(name, text, metadata)
-# but REx already has an import! method, so this class provides the
-# translation layer.
-
-class JobTemplateImporter
-  def self.import!(name, text, metadata, force = false)
-    skip = skip_locked(name, force)
-    return skip if skip
-
-    template = JobTemplate.import_parsed(name, text, metadata, :update => true, :force => force)
-    c_or_u = template.new_record? ? 'Created' : 'Updated'
-
-    result = "  #{c_or_u} Template #{id_string template}:#{name}"
-    { :old => template.template_was,
-      :new => template.template,
-      :status => template.save,
-      :result => result}
-  end
-
-  def self.skip_locked(name, force)
-    template = JobTemplate.find_by :name => name
-
-    if template && template.locked? && !template.new_record? && !force
-      { :old => template.template_was,
-        :new => template.template,
-        :status => false,
-        :result => "Skipping Template #{id_string template}:#{name} - template is locked" }
-    end
-  end
-
-  def self.id_string(template)
-    template ? template.id.to_s : ''
-  end
-end

data/test/unit/job_template_importer_test.rb

@@ -1,66 +0,0 @@
-require 'test_plugin_helper'
-
-class JobTemplateImporterTest < ActiveSupport::TestCase
-  context 'importing a new template' do
-    # JobTemplate tests handle most of this, we just check that the shim
-    # correctly loads a template returns a hash
-    let(:remote_execution_feature) do
-      FactoryBot.create(:remote_execution_feature)
-    end
-
-    let(:result) do
-      name = 'Community Service Restart'
-      metadata = {
-        'model' => 'JobTemplate',
-        'kind' => 'job_template',
-        'name' => 'Service Restart',
-        'job_category' => 'Service Restart',
-        'provider_type' => 'SSH',
-        'feature' => remote_execution_feature.label,
-        'template_inputs' => [
-          { 'name' => 'service_name', 'input_type' => 'user', 'required' => true },
-          { 'name' => 'verbose', 'input_type' => 'user' }
-        ]
-      }
-      text = <<-END_TEMPLATE.strip_heredoc
-        <%#
-        #{YAML.dump(metadata)}
-        %>
-
-        service <%= input("service_name") %> restart
-      END_TEMPLATE
-
-      JobTemplateImporter.import!(name, text, metadata)
-    end
-
-    let(:template) { JobTemplate.find_by name: 'Community Service Restart' }
-
-    it 'returns a valid foreman_templates hash' do
-      result[:status].must_equal true
-      result[:result].must_equal '  Created Template :Community Service Restart'
-      result[:old].must_be_nil
-      result[:new].must_equal template.template.squish
-    end
-  end
-
-  context 'updating locked template' do
-    it 'does not update locked template' do
-      name = 'Locked job template'
-      template = FactoryBot.create(:job_template, :locked => true, :name => name)
-      res = JobTemplateImporter.import!(name, 'some text', 'metadata')
-      assert_equal "Skipping Template #{template.id}:#{template.name} - template is locked", res[:result]
-    end
-
-    it 'updates locked template' do
-      name = 'Locked job template again'
-      metadata = {
-        'model' => 'JobTemplate',
-        'kind' => 'job_template',
-        'name' => name
-      }
-      template = FactoryBot.create(:job_template, :locked => true, :name => name)
-      res = JobTemplateImporter.import!(name, 'some text', metadata, true)
-      assert_equal "  Updated Template #{template.id}:Locked job template again", res[:result]
-    end
-  end
-end