foreman_rh_cloud 5.0.32 → 5.0.35

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5991354b7fcd361491a962af732a7543402245af2516964876fee68b1bfd6e07
-  data.tar.gz: 6232fd7c367092e0afb3591c313f3347c751610fa2a3b4d38e2f59de08cd2313
+  metadata.gz: 437d70d98a43e88f7835426bf1a8ae7995a2b759038e3a5908dc41e122544ed1
+  data.tar.gz: a655276cda12b06662db3670019747c518e9204c22ca8ad3591024945dd48fb8
 SHA512:
-  metadata.gz: d38647081b45704673ed8c77b51ade6e90ee8955bf5bd8433bdca9f3072667d505b314ece193e1dd488af51c8cdf6396de5d987acb718693e6c0cecd7e1c7a18
-  data.tar.gz: 2622868402ef0d3a0fa55d74652e1985b97c95b1dd42bab865e86dd8b68929e95ebd5dd1bc3bba8fb9fef2fa8d7e4af23b9f00c959d5aca8eb4d4ee180722fb6
+  metadata.gz: 3d59ebbe9a845efd88c9d70f1d44ff9ebae7e5faabd947c3ba3d48e5f22435c97052be363839805208b381fea29f643a35ef241f2ff0ae462d1720d6ff5fd538
+  data.tar.gz: f7d94f184cbeba9d50b6e8a83d71db08a3c6417972b6d51b6ca247558a4769a6f17fbfdae37f9e4f5efe2a73a8095885a44e109d2b736fbc1d824f9e68528fe1

data/app/controllers/api/v2/rh_cloud/cloud_request_controller.rb

@@ -0,0 +1,83 @@
+module Api::V2::RhCloud
+  class CloudRequestController < ::Api::V2::BaseController
+    layout false
+
+    KNOWN_DIRECTIVES = {
+      'playbook-sat' => :handle_run_playbook_request,
+      'foreman_rh_cloud' => :handle_run_playbook_request,
+    }
+
+    def update
+      handler = KNOWN_DIRECTIVES[directive]
+
+      unless handler
+        render json: {
+          :message => "No valid handler is found for directive: #{directive}",
+        }, status: :bad_request
+        return
+      end
+
+      send(handler)
+
+      render json: {
+        :message => "Handled #{directive} by #{handler}",
+      }
+    end
+
+    private
+
+    def metadata
+      params['metadata']
+    end
+
+    def content
+      # the content received as base 64 of the string in double quotes
+      Base64.decode64(params['content']).tr('"', '')
+    end
+
+    def directive
+      params['directive']
+    end
+
+    def handle_run_playbook_request
+      logger.error("API token is not set, unable to fetch data from the cloud") && return if Setting[:rh_cloud_token].empty?
+      logger.error("Playbook URL is not valid: #{content}") && return unless valid_url?(content)
+      logger.error("Reporting URL is not valid: #{metadata['return_url']}") && return unless valid_url?(metadata['return_url'])
+
+      hosts = metadata['hosts'].split(',')
+      host_ids = host_ids(hosts)
+
+      logger.warn("Some hosts were not found. Looked for: #{hosts}, found ids: #{host_ids}") unless host_ids.length == hosts.length
+
+      logger.error("sat_org_id is not present in the metadata") && return unless metadata['sat_org_id']
+      org_id = metadata['sat_org_id'].to_i
+      organization = Organization.find(org_id)
+
+      composer = nil
+      Organization.as_org(organization) do
+        composer = ::JobInvocationComposer.for_feature(
+          :rh_cloud_connector_run_playbook,
+          host_ids,
+          {
+            playbook_url: content,
+            report_url: metadata['return_url'],
+            report_interval: metadata['response_interval'].to_i,
+            correlation_id: metadata['correlation_id'],
+          }
+        )
+        composer.trigger!
+      end
+
+      composer.job_invocation
+    end
+
+    def valid_url?(url)
+      parsed = URI(url)
+      ForemanRhCloud.cloud_url_validator.match(parsed.host)
+    end
+
+    def host_ids(hosts)
+      InsightsFacet.where(uuid: hosts).pluck(:host_id)
+    end
+  end
+end

data/app/controllers/foreman_inventory_upload/uploads_controller.rb

@@ -18,6 +18,13 @@ module ForemanInventoryUpload
     end
 
     def enable_cloud_connector
+      Organization.unscoped.each do |org|
+        presence = ForemanRhCloud::CloudPresence.new(org, logger)
+        presence.announce_to_sources
+      rescue StandardError => ex
+        logger.warn(ex)
+      end
+
       cloud_connector = ForemanRhCloud::CloudConnector.new
       render json: cloud_connector.install.to_json
     end

data/app/controllers/insights_cloud/api/machine_telemetries_controller.rb

@@ -37,14 +37,25 @@ module InsightsCloud::Api
         return send_data @cloud_response, disposition: @cloud_response.headers[:content_disposition], type: @cloud_response.headers[:content_type]
       end
 
+      # Append redhat-specific headers
+      @cloud_response.headers.each do |key, value|
+        assign_header(response, @cloud_response, key, false) if key.to_s.start_with?('x_rh_')
+      end
+      # Append general headers
       assign_header(response, @cloud_response, :x_resource_count, true)
-      assign_header(response, @cloud_response, :x_rh_insights_request_id, false)
+      headers[Rack::ETAG] = @cloud_response.headers[:etag]
 
       render json: @cloud_response, status: @cloud_response.code
     end
 
     def branch_info
-      render :json => ForemanRhCloud::BranchInfo.new.generate(@uuid, @host, @branch_id, request.host).to_json
+      payload = nil
+
+      User.as_anonymous_admin do
+        payload = ForemanRhCloud::BranchInfo.new.generate(@uuid, @host, @branch_id, request.host).to_json
+      end
+
+      render :json => payload
     end
 
     def assign_header(res, cloud_res, header, transform)

data/app/controllers/insights_cloud/hits_controller.rb

@@ -14,9 +14,16 @@ module InsightsCloud
 
     def show
       host = Host.where(id: host_id_param).first
+      hits = host.insights&.hits
+
+      unless hits
+        return render json: {
+          error: 'No recommendations were found for this host',
+        }, status: :not_found
+      end
 
       render json: {
-        hits: host.insights.hits,
+        hits: hits,
       }, status: :ok
     end
 

data/app/models/setting/rh_cloud.rb

@@ -1,5 +1,5 @@
 class Setting::RhCloud < Setting
-  ::Setting::BLANK_ATTRS.concat %w{rh_cloud_token}
+  ::Setting::BLANK_ATTRS.concat %w{rh_cloud_token rhc_instance_id}
 
   def self.load_defaults
     return false unless table_exists?
@@ -20,6 +20,7 @@ class Setting::RhCloud < Setting
       set('rh_cloud_token', N_('Authentication token to Red Hat cloud services. Used to authenticate requests to cloud APIs'), nil, N_('Red Hat Cloud token'), nil, encrypted: true),
       set('exclude_installed_packages', N_('Exclude installed packages from being uploaded to the Red Hat cloud'), false, N_("Exclude installed Packages")),
       set('include_parameter_tags', N_('Should import include parameter tags from Foreman?'), false, N_('Include parameters in insights-client reports')),
+      set('rhc_instance_id', N_('RHC daemon id'), nil, N_('ID of the RHC(Yggdrasil) daemon')),
     ]
   end
 

data/app/services/foreman_rh_cloud/cloud_connector.rb

@@ -16,7 +16,7 @@ module ForemanRhCloud
         composer = ::JobInvocationComposer.for_feature(
           CLOUD_CONNECTOR_FEATURE,
           [target_host.id],
-          {:satellite_user => service_user.login, :satellite_password => token_value}
+          {:satellite_cloud_connector_user => service_user.login, :satellite_cloud_connector_password => token_value}
         )
         composer.trigger!
       end

data/app/services/foreman_rh_cloud/cloud_presence.rb

@@ -0,0 +1,124 @@
+module ForemanRhCloud
+  class CloudPresence
+    include InsightsCloud::CandlepinCache
+    include ForemanRhCloud::CloudRequest
+
+    attr_reader :organization, :logger
+
+    def initialize(organization, logger)
+      @organization = organization
+      @logger = logger
+    end
+
+    def announce_to_sources
+      register_rhc_instance
+    end
+
+    def satellite_source_type
+      @satellite_source_type ||= begin
+        source_type_response = JSON.parse(
+          execute_cloud_request(
+            method: :get,
+            url: source_type_url,
+            headers: {
+              content_type: :json,
+            },
+            ssl_client_cert: OpenSSL::X509::Certificate.new(certs[:cert]),
+            ssl_client_key: OpenSSL::PKey::RSA.new(certs[:key])
+          )
+        )
+
+        source_type_response['data'].first['id']
+      end
+    end
+
+    def satellite_instance_source
+      @satellite_instance_source ||= begin
+        source_response = JSON.parse(
+          execute_cloud_request(
+            method: :get,
+            url: satellite_instance_source_url,
+            headers: {
+              content_type: :json,
+            },
+            ssl_client_cert: OpenSSL::X509::Certificate.new(certs[:cert]),
+            ssl_client_key: OpenSSL::PKey::RSA.new(certs[:key])
+          )
+        )
+
+        result = source_response['data'].first
+        result&.dig('id')
+      end
+    end
+
+    def create_satellite_instance_source
+      create_response = JSON.parse(
+        execute_cloud_request(
+          method: :post,
+          url: create_satellite_instance_source_url,
+          headers: {
+            content_type: :json,
+          },
+          ssl_client_cert: OpenSSL::X509::Certificate.new(certs[:cert]),
+          ssl_client_key: OpenSSL::PKey::RSA.new(certs[:key]),
+          payload: {
+            name: "satellite: #{Foreman.instance_id} org: #{@organization.name}",
+            source_ref: Foreman.instance_id,
+            source_type_id: satellite_source_type,
+          }.to_json
+        )
+      )
+
+      @satellite_instance_source = create_response['id']
+    end
+
+    def register_rhc_instance
+      raise Foreman::Exception.new('rhc_instance_id is empty, cannot register RHC to the cloud') if Setting[:rhc_instance_id].empty?
+      source_id = satellite_instance_source || create_satellite_instance_source
+
+      create_response = JSON.parse(
+        execute_cloud_request(
+          method: :post,
+          url: create_rhc_connections_url,
+          headers: {
+            content_type: :json,
+          },
+          ssl_client_cert: OpenSSL::X509::Certificate.new(certs[:cert]),
+          ssl_client_key: OpenSSL::PKey::RSA.new(certs[:key]),
+          payload: {
+            source_id: source_id,
+            rhc_id: Setting[:rhc_instance_id],
+          }.to_json
+        )
+      )
+
+      @satellite_instance_source = create_response['id']
+    end
+
+    private
+
+    def sources_url(path)
+      "#{ForemanRhCloud.cert_base_url}/api/sources/v3.1#{path}"
+    end
+
+    def source_type_url
+      sources_url('/source_types?filter[name]=satellite')
+    end
+
+    def satellite_instance_source_url
+      sources_url("/sources?filter[source_ref]=#{Foreman.instance_id}")
+    end
+
+    def create_satellite_instance_source_url
+      sources_url('/sources')
+    end
+
+    def create_rhc_connections_url
+      sources_url('/rhc_connections')
+    end
+
+    def certs
+      @certs ||= candlepin_id_cert(@organization)
+    end
+  end
+end

data/app/services/foreman_rh_cloud/cloud_request.rb

@@ -8,7 +8,14 @@ module ForemanRhCloud
         proxy: ForemanRhCloud.transformed_http_proxy_string(logger: logger),
       }.deep_merge(params)
 
-      RestClient::Request.execute(final_params)
+      response = RestClient::Request.execute(final_params)
+
+      logger.debug("Response headers for request url #{final_params[:url]} are: #{response.headers}")
+
+      response
+    rescue RestClient::Exception => ex
+      logger.debug("Failed response with code #{ex.http_code} headers for request url #{final_params[:url]} are: #{ex.http_headers} and body: #{ex.http_body}")
+      raise ex
     end
   end
 end

data/app/services/foreman_rh_cloud/cloud_request_forwarder.rb

@@ -25,11 +25,12 @@ module ForemanRhCloud
       base_params = {
         method: original_request.method,
         payload: forward_payload,
-        headers: {
-          params: forward_params,
-          user_agent: http_user_agent(original_request),
-          content_type: original_request.media_type.presence || original_request.format.to_s,
-        },
+        headers: original_headers(original_request).merge(
+          {
+            params: forward_params,
+            user_agent: http_user_agent(original_request),
+            content_type: original_request.media_type.presence || original_request.format.to_s,
+          }),
       }
       base_params.merge(path_params(original_request.path, certs))
     end
@@ -80,6 +81,16 @@ module ForemanRhCloud
       end
     end
 
+    def original_headers(original_request)
+      headers = {
+        if_none_match: original_request.if_none_match,
+        if_modified_since: original_request.if_modified_since,
+      }.compact
+
+      logger.debug("Sending headers: #{headers}")
+      headers
+    end
+
     def platform_request?
       ->(request_path) { request_path.include? '/platform' }
     end

data/app/services/foreman_rh_cloud/hit_remediations_retriever.rb

@@ -0,0 +1,67 @@
+module ForemanRhCloud
+  class HitRemediationsRetriever < RemediationsRetriever
+    def initialize(hit_remediation_pairs, logger: Logger.new(IO::NULL))
+      super(logger: logger)
+      @hit_remediation_pairs = hit_remediation_pairs
+      logger.debug("Querying playbook for #{hit_remediation_pairs}")
+    end
+
+    private
+
+    def hit_ids
+      @hit_remediation_pairs.map { |pair| pair["hit_id"] }
+    end
+
+    def remediation_ids
+      @hit_remediation_pairs.map { |pair| pair["resolution_id"] }
+    end
+
+    def hits
+      @hits ||= Hash[
+        InsightsHit.joins(:insights_facet).where(id: hit_ids).pluck(:id, 'insights_facets.uuid')
+      ]
+    end
+
+    def pairs_by_remediation_id
+      @hit_remediation_pairs.group_by { |pair| pair["resolution_id"] }
+    end
+
+    def remediations
+      @remediations ||= Hash[
+        InsightsResolution.where(id: remediation_ids).pluck(:id, :resolution_type, :rule_id).map do |id, resolution_type, rule_id|
+          [id, {resolution_type: resolution_type, rule_id: rule_id}]
+        end
+      ]
+    end
+
+    def playbook_request
+      {
+        issues: pairs_by_remediation_id.map do |remediation_id, pairs|
+          {
+            resolution: remediations[remediation_id][:resolution_type],
+            id: InsightsCloud.remediation_rule_id(remediations[remediation_id][:rule_id]),
+            systems: pairs.map do |pair|
+              hits[pair["hit_id"]]
+            end,
+          }
+        end,
+      }
+    end
+
+    def playbook_url
+      InsightsCloud.playbook_url
+    end
+
+    def headers
+      super
+    end
+
+    def payload
+      playbook_request.to_json
+    end
+
+    def method
+      :post
+    end
+  end
+end

data/app/services/foreman_rh_cloud/remediations_retriever.rb

@@ -4,11 +4,8 @@ module ForemanRhCloud
 
     attr_reader :logger
 
-    def initialize(hit_remediation_pairs, logger: Logger.new(IO::NULL))
-      @hit_remediation_pairs = hit_remediation_pairs
+    def initialize(logger: Logger.new(IO::NULL))
       @logger = logger
-
-      logger.debug("Querying playbook for #{hit_remediation_pairs}")
     end
 
     def create_playbook
@@ -26,55 +23,29 @@ module ForemanRhCloud
 
     private
 
-    def hit_ids
-      @hit_remediation_pairs.map { |pair| pair["hit_id"] }
-    end
-
-    def remediation_ids
-      @hit_remediation_pairs.map { |pair| pair["resolution_id"] }
-    end
-
-    def hits
-      @hits ||= Hash[
-        InsightsHit.joins(:insights_facet).where(id: hit_ids).pluck(:id, 'insights_facets.uuid')
-      ]
-    end
-
-    def pairs_by_remediation_id
-      @hit_remediation_pairs.group_by { |pair| pair["resolution_id"] }
+    def query_playbook
+      execute_cloud_request(
+        method: method,
+        url: playbook_url,
+        headers: headers,
+        payload: payload
+      )
     end
 
-    def remediations
-      @remediations ||= Hash[
-        InsightsResolution.where(id: remediation_ids).pluck(:id, :resolution_type, :rule_id).map do |id, resolution_type, rule_id|
-          [id, {resolution_type: resolution_type, rule_id: rule_id}]
-        end
-      ]
+    def playbook_url
     end
 
-    def playbook_request
+    def headers
       {
-        issues: pairs_by_remediation_id.map do |remediation_id, pairs|
-          {
-            resolution: remediations[remediation_id][:resolution_type],
-            id: InsightsCloud.remediation_rule_id(remediations[remediation_id][:rule_id]),
-            systems: pairs.map do |pair|
-              hits[pair["hit_id"]]
-            end,
-          }
-        end,
+        content_type: :json,
       }
     end
 
-    def query_playbook
-      execute_cloud_request(
-        method: :post,
-        url: InsightsCloud.playbook_url,
-        headers: {
-          content_type: :json,
-        },
-        payload: playbook_request.to_json
-      )
+    def payload
+    end
+
+    def method
+      :get
     end
   end
 end

data/app/services/foreman_rh_cloud/template_renderer_helper.rb

@@ -15,8 +15,20 @@ module ForemanRhCloud
     end
     def remediations_playbook(hit_remediation_pairs)
       hit_remediation_pairs = JSON.parse(hit_remediation_pairs)
-      retriever = ForemanRhCloud::RemediationsRetriever.new(hit_remediation_pairs, logger: template_logger)
+      retriever = ForemanRhCloud::HitRemediationsRetriever.new(hit_remediation_pairs, logger: template_logger)
       retriever.create_playbook
     end
+
+    apipie :method, 'Returns a Red Hat remediation playbook compiled on console.redhat.com' do
+      required :remediation_path, String, desc: ''
+      returns String, desc: 'Playbook downloaded from the cloud'
+    end
+    def download_rh_playbook(playbook_url)
+      retriever = ForemanRhCloud::UrlRemediationsRetriever.new(url: playbook_url, logger: template_logger)
+
+      cached("rh_playbook_#{playbook_url}") do
+        retriever.create_playbook
+      end
+    end
   end
 end

data/app/services/foreman_rh_cloud/url_remediations_retriever.rb

@@ -0,0 +1,37 @@
+module ForemanRhCloud
+  class UrlRemediationsRetriever < RemediationsRetriever
+    attr_reader :url, :payload, :headers
+
+    def initialize(url:, payload: '', headers: {}, logger: Logger.new(IO::NULL))
+      super(logger: logger)
+
+      @url = url
+      @payload = payload
+      @headers = headers
+    end
+
+    private
+
+    def query_playbook
+      logger.debug("Querying playbook at: #{url} with payload: #{payload} and headers: #{headers}")
+
+      super
+    end
+
+    def playbook_url
+      @url
+    end
+
+    def headers
+      super.deep_merge(@headers)
+    end
+
+    def payload
+      @payload.to_json
+    end
+
+    def method
+      :get
+    end
+  end
+end

data/app/views/job_templates/cloud_connector.erb

@@ -0,0 +1,30 @@
+<%#
+name: Configure Cloud Connector
+snippet: false
+template_inputs:
+- name: satellite_cloud_connector_user
+  required: true
+  input_type: user
+  advanced: false
+  value_type: plain
+  hidden_value: false
+- name: satellite_cloud_connector_password
+  required: true
+  input_type: user
+  advanced: false
+  value_type: plain
+  hidden_value: true
+model: JobTemplate
+job_category: Maintenance Operations
+description_format: "%{template_name}"
+provider_type: Ansible
+kind: job_template
+feature: ansible_configure_cloud_connector
+%>
+
+---
+- hosts: all
+  vars:
+    satellite_cloud_connector_url: "<%= foreman_server_url %>"
+  roles:
+    - redhat.satellite_operations.cloud_connector

data/app/views/job_templates/rh_cloud_download_playbook.erb

@@ -0,0 +1,26 @@
+<%#
+kind: job_template
+name: Run a playbook downloaded from RH cloud
+job_category: Red Hat Insights
+description_format: 'Playbook generated by RH Cloud'
+feature: rh_cloud_connector_run_playbook
+template_inputs:
+- name: playbook_url
+  description: URL of the playbook to run
+  input_type: user
+  required: true
+- name: report_url
+  description: URL for calling the report callback
+  input_type: user
+  required: true
+- name: correlation_id
+  description: correlation ID used to identify the original calling message
+  input_type: user
+  required: true
+- name: report_interval
+  description: Reporting interval for the task. A report will be generated every report_interval seconds.
+  input_type: user
+  required: true
+provider_type: Ansible
+%>
+<%= download_rh_playbook(input('playbook_url')) %>

data/config/routes.rb

@@ -58,6 +58,8 @@ Rails.application.routes.draw do
 
       namespace 'rh_cloud' do
         post 'enable_connector', to: 'inventory#enable_cloud_connector'
+
+        post 'cloud_request', to: 'cloud_request#update'
       end
     end
   end