smart_proxy_ansible 3.6.0 → 3.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c94b0334ddc75bab338d79841ac4cc17d813b5f40c5e06c6f739cfd531d88320
-  data.tar.gz: bcf96f811ef107f4737bfa5f37ee9f2ac757bf50ac4a7b64b3e8c31397f60fc0
+  metadata.gz: 5485a4ab8fc4f53bc9cacdcabf3fb6bd9181e2389686c4da6dee9d6586b54cf2
+  data.tar.gz: fbd95ce8ef2496a94d92cb51d50d6c32eb2ae0dc9cd5bb5620eb0aaf93f9bb88
 SHA512:
-  metadata.gz: f4f41d9c0a2875c5f33d245d8fec3fb8a15b457102c344bd20bd801e54911de91eabdced4816c968b3ce655ebae3e9292a822f2d75d57553c073aee93e4ac1a6
-  data.tar.gz: 8fbbf65cb55fc9082ed7194fee478f8334a15a90a1ab3302fef22cde827e920dce29aac775b374b2ba5d651240425c233a08ec72fe6404329137b148aa453e85
+  metadata.gz: f13d23b788defd429202867247a12e0ee538990a77076b83d2db304e2a147a58f989b0651c787c168c098451bd4ef7db31ea4289597b2bbdb75028fd61fff5a8
+  data.tar.gz: d8694581e202966086f7766fbacc66cfebcaa4b038d50e66ab644db4776bab48279b80a513ce74db5530444672f6c43d48841938f7ec6f06421bd8e945466116

data/lib/smart_proxy_ansible/runner/ansible_runner.rb

@@ -23,11 +23,13 @@ module Proxy::Ansible
         @rex_command = action_input[:remote_execution_command]
         @check_mode = action_input[:check_mode]
         @job_check_mode = action_input[:job_check_mode]
+        @diff_mode = action_input[:diff_mode]
         @tags = action_input[:tags]
         @tags_flag = action_input[:tags_flag]
         @passphrase = action_input['secrets']['key_passphrase']
         @execution_timeout_interval = action_input[:execution_timeout_interval]
         @cleanup_working_dirs = action_input.fetch(:cleanup_working_dirs, true)
+        prune_known_hosts_on_first_execution
       end
 
       def start
@@ -128,7 +130,7 @@ module Proxy::Ansible
 
       def handle_host_event(hostname, event)
         log_event("for host: #{hostname.inspect}", event)
-        publish_data_for(hostname, event['stdout'] + "\n", 'stdout') if event['stdout']
+        publish_data_for(hostname, event['stdout'] + "\n", 'stdout', id: event['uuid'], timestamp: parse_timestamp(event['created'])) if event['stdout']
         case event['event']
         when 'runner_on_ok'
           publish_exit_status_for(hostname, 0) if @exit_statuses[hostname].nil?
@@ -154,11 +156,11 @@ module Proxy::Ansible
             host = inventory_hosts.find { |host| row =~ /#{host}/ }
             line = row + "\n"
             unless host
-              broadcast_data(line, 'stdout')
+              broadcast_data(line, 'stdout', id: event['uuid'], timestamp: parse_timestamp(event['created']))
               next
             end
 
-            publish_data_for(host, line, 'stdout')
+            publish_data_for(host, line, 'stdout', id: event['uuid'], timestamp: parse_timestamp(event['created']))
 
             # If the task has been rescued, it won't consider a failure
             if @exit_statuses[host].to_i != 0 && failures[host].to_i <= 0 && unreachable[host].to_i <= 0 && rescued[host].to_i > 0
@@ -166,7 +168,7 @@ module Proxy::Ansible
             end
           end
         else
-          broadcast_data(event['stdout'] + "\n", 'stdout')
+          broadcast_data(event['stdout'] + "\n", 'stdout', id: event['uuid'], timestamp: parse_timestamp(event['created']))
         end
 
         # If the run ends early due to an error - fail all other tasks
@@ -214,7 +216,7 @@ module Proxy::Ansible
       end
 
       def cmdline
-        cmd_args = [tags_cmd, check_cmd].reject(&:empty?)
+        cmd_args = [tags_cmd, check_cmd, diff_cmd].reject(&:empty?)
         return nil unless cmd_args.any?
         cmd_args.join(' ')
       end
@@ -232,6 +234,10 @@ module Proxy::Ansible
         end
       end
 
+      def diff_cmd
+        diff_mode? ? '"--diff"' : ''
+      end
+
       def verbosity
         '-' + 'v' * @verbosity_level.to_i
       end
@@ -248,6 +254,10 @@ module Proxy::Ansible
         @job_check_mode == true
       end
 
+      def diff_mode?
+        @diff_mode == true
+      end
+
       def prepare_directory_structure
         inner = %w[inventory project env].map { |part| File.join(@root, part) }
         ([@root] + inner).each do |path|
@@ -261,21 +271,40 @@ module Proxy::Ansible
         logger.debug("[foreman_ansible] - handling event #{description}: #{JSON.pretty_generate(event)}") if logger.level <= ::Logger::DEBUG
       end
 
-      # Each per-host task has inventory only for itself, we must
-      # collect all the partial inventories into one large inventory
-      # containing all the hosts.
+      # Rebuilds a unified Ansible inventory from multiple per-host inventories.
+      # @param input [Hash] The input hash mapping hostnames to inventory data.
+      # @return [Hash] The merged inventory.
       def rebuild_inventory(input)
-        action_inputs = input.values.map { |hash| hash[:input][:action_input] }
-        inventories = action_inputs.map { |hash| hash[:ansible_inventory] }
-        host_vars = inventories.map { |i| i['_meta']['hostvars'] }.reduce({}) do |acc, hosts|
-          hosts.reduce(acc) do |inner_acc, (hostname, vars)|
+        action_inputs = input.values.map { |entry| entry['input']['action_input'] }
+        inventories = action_inputs.map { |action_input| action_input['ansible_inventory'] }
+        first_execution_by_host = action_inputs.to_h { |action_input| [action_input['name'], action_input['first_execution']] }
+
+        host_vars = merge_hostvars_from_inventories(inventories)
+
+        # Use the first inventory's group vars as a base, fallback to empty hash if missing
+        group_vars = inventories.first.dig('all', 'vars') || {}
+
+        inventory = {
+          'all' => {
+            'hosts' => host_vars,
+            'vars' => group_vars
+          }
+        }
+
+        update_first_execution_flags(inventory['all']['hosts'], first_execution_by_host)
+
+        inventory
+      end
+
+      # Helper: Merges hostvars from a list of inventories, ensuring ssh key is set.
+      def merge_hostvars_from_inventories(inventories)
+        inventories.each_with_object({}) do |inventory, acc|
+          inventory.dig('_meta', 'hostvars')&.each do |hostname, vars|
+            # Ensure the ssh key is set for each host
             vars[:ansible_ssh_private_key_file] ||= Proxy::RemoteExecution::Ssh::Plugin.settings[:ssh_identity_key_file]
-            inner_acc.merge(hostname => vars)
+            acc[hostname] = vars
           end
         end
-
-        { 'all' => { 'hosts' => host_vars,
-                     'vars' => inventories.first['all']['vars'] } }
       end
 
       def working_dir
@@ -303,6 +332,64 @@ module Proxy::Ansible
 
         inventory
       end
+
+      # Removes known hosts entries for hosts marked as 'first_execution' in the inventory.
+      # This ensures SSH host key checking does not fail on first connection.
+      # @return [void]
+      def prune_known_hosts_on_first_execution
+        @inventory.dig('all', 'hosts')&.each_value do |host_data|
+          next unless host_data.dig("foreman", "first_execution")
+
+          interface = host_data.dig("foreman", "foreman_interfaces", 0)
+          next unless interface
+
+          extract_host_identifiers(interface, host_data).each do |host|
+            extract_ports(host_data).each do |port|
+              Proxy::RemoteExecution::Utils.prune_known_hosts!(host, port, logger)
+            end
+          end
+        end
+      end
+
+      private
+
+      # Updates the 'first_execution' flag in the foreman data for each host in the inventory.
+      # @param hosts [Hash] hostname => host data hash
+      # @param execution_flags [Hash] hostname => boolean (first_execution)
+      # @return [void]
+      def update_first_execution_flags(hosts, execution_flags)
+        hosts.each do |hostname, vars|
+          foreman = vars['foreman']
+          next unless foreman
+
+          if execution_flags.key?(hostname)
+            foreman['first_execution'] = execution_flags[hostname]
+          end
+        end
+      end
+
+      def extract_host_identifiers(interface, host_data)
+        [
+          interface["ip"],
+          interface["ip6"],
+          host_data["ansible_host"],
+          interface["name"]
+        ].compact.uniq
+      end
+
+      def extract_ports(host_data)
+        [
+          host_data["ansible_ssh_port"],
+          host_data["ansible_port"]
+        ].compact.uniq
+      end
+
+      def parse_timestamp(ts)
+        Time.iso8601(ts)
+      rescue ArgumentError
+        logger.warn("Failed to parse '#{ts}' (#{ts.class}) as iso8601 timestamp, defaulting to current timestamp")
+        Time.now.getlocal
+      end
     end
   end
 end

data/lib/smart_proxy_ansible/version.rb

@@ -2,6 +2,6 @@ module Proxy
   # Version, this allows the proxy and other plugins know
   # what version of the Ansible plugin is running
   module Ansible
-    VERSION = '3.6.0'
+    VERSION = '3.7.0'
   end
 end

metadata

@@ -1,15 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_ansible
 version: !ruby/object:Gem::Version
-  version: 3.6.0
+  version: 3.7.0
 platform: ruby
 authors:
 - Ivan Nečas
 - Daniel Lobato
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-05-08 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -29,30 +28,42 @@ dependencies:
   name: smart_proxy_dynflow
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.4
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 1.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.9.4
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
 - !ruby/object:Gem::Dependency
   name: smart_proxy_remote_execution_ssh
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.4'
+        version: 0.5.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.4'
+        version: 2.0.0
 description: "    Smart-Proxy ansible plugin\n"
 email:
 - inecas@redhat.com
@@ -60,8 +71,8 @@ email:
 executables: []
 extensions: []
 extra_rdoc_files:
-- README.md
 - LICENSE
+- README.md
 files:
 - LICENSE
 - README.md
@@ -87,7 +98,6 @@ homepage: https://github.com/theforeman/smart_proxy_ansible
 licenses:
 - GPL-3.0-only
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -95,15 +105,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.7'
+      version: '3.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.23
-signing_key:
+rubygems_version: 3.6.9
 specification_version: 4
 summary: Smart-Proxy Ansible plugin
 test_files: []