smart_proxy_ansible_director 0.2.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/smart_proxy_ansible_director/actions/meta/build_push_ee.rb +13 -8
- data/lib/smart_proxy_ansible_director/actions/meta/run_playbook.rb +11 -5
- data/lib/smart_proxy_ansible_director/http_config.ru +1 -1
- data/lib/smart_proxy_ansible_director/plugin.rb +6 -0
- data/lib/smart_proxy_ansible_director/runners/ansible_builder_runner.rb +25 -8
- data/lib/smart_proxy_ansible_director/runners/ansible_navigator_runner.rb +51 -40
- data/lib/smart_proxy_ansible_director/runners/podman_pull_runner.rb +4 -0
- data/lib/smart_proxy_ansible_director/runners/podman_push_runner.rb +5 -1
- data/lib/smart_proxy_ansible_director/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 484417416974c62a817f560959aa0fcd95d5b5160d4481c5f22e3f4c449b71b3
|
|
4
|
+
data.tar.gz: 83dacaf8b923d9a63c6299854ab2b35c9d130b1e56df9bfde30c3fd8c26c7492
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 607b9d6729dd2c702753262a7c5f15db1322e5b8affcd8dade3fe4f71548bc82409be0218b79ae56659ebdc4ecbfed80871d3e5b8f013703bbd73dcd4df81686
|
|
7
|
+
data.tar.gz: 3b09d2453eed3b24c4a93bf0ee5e7c46417d8e7b2e6d61e13d6499996c6491019d5127cf3e718cbff520f6a160b967013a22d54c5de81fe25fe2e54a4abd9068
|
|
@@ -27,9 +27,11 @@ module Proxy
|
|
|
27
27
|
# }
|
|
28
28
|
# }
|
|
29
29
|
def plan(args)
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
30
|
+
execution_environment_definition = args['execution_environment']
|
|
31
|
+
|
|
32
|
+
ee_id = execution_environment_definition['id']
|
|
33
|
+
execution_environment_content = execution_environment_definition['content']
|
|
34
|
+
|
|
33
35
|
ee_base_image = execution_environment_content['base_image']
|
|
34
36
|
ee_base_image_tag = 'latest'
|
|
35
37
|
ee_ansible_core_version = execution_environment_content['ansible_core_version']
|
|
@@ -40,15 +42,18 @@ module Proxy
|
|
|
40
42
|
sequence do
|
|
41
43
|
plan_action ::Proxy::AnsibleDirector::Actions::BuildExecutionEnvironment, {
|
|
42
44
|
ee_id: ee_id,
|
|
43
|
-
|
|
44
|
-
|
|
45
|
+
ee_base_image_url: ee_base_image,
|
|
46
|
+
ee_built_image_tag: ee_base_image_tag,
|
|
45
47
|
ee_ansible_core_version: ee_ansible_core_version,
|
|
46
48
|
ee_formatted_content: ee_formatted_content,
|
|
47
49
|
is_base_image: true
|
|
48
50
|
}
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
51
|
+
# COMPAT 3.16 - 3
|
|
52
|
+
# Registry authorization has not been finalized.
|
|
53
|
+
# Further, granular capability usage is difficult with the current execution stack.
|
|
54
|
+
# plan_action ::Proxy::AnsibleDirector::Actions::PushExecutionEnvironment, {
|
|
55
|
+
# ee_id: ee_id
|
|
56
|
+
# }
|
|
52
57
|
end
|
|
53
58
|
end
|
|
54
59
|
end
|
|
@@ -12,6 +12,12 @@ module Proxy
|
|
|
12
12
|
class RunPlaybook < ::Proxy::Dynflow::Action::Runner
|
|
13
13
|
def plan(args)
|
|
14
14
|
execution_environment = args['execution_environment']
|
|
15
|
+
|
|
16
|
+
ee_id = execution_environment['id']
|
|
17
|
+
ee_registry_url = execution_environment['registry_url']
|
|
18
|
+
ee_ansible_core_version = execution_environment['ansible_core_version']
|
|
19
|
+
|
|
20
|
+
|
|
15
21
|
inventory = args['inventory']
|
|
16
22
|
playbook = args['playbook']
|
|
17
23
|
variables = args['variables']
|
|
@@ -21,10 +27,10 @@ module Proxy
|
|
|
21
27
|
|
|
22
28
|
sequence do
|
|
23
29
|
plan_action ::Proxy::AnsibleDirector::Actions::BuildExecutionEnvironment, {
|
|
24
|
-
ee_id:
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
ee_ansible_core_version:
|
|
30
|
+
ee_id: ee_id,
|
|
31
|
+
ee_base_image_url: ee_registry_url,
|
|
32
|
+
ee_built_image_tag: @caller_execution_plan_id,
|
|
33
|
+
ee_ansible_core_version: ee_ansible_core_version,
|
|
28
34
|
ee_formatted_content: content,
|
|
29
35
|
is_base_image: false
|
|
30
36
|
}
|
|
@@ -32,7 +38,7 @@ module Proxy
|
|
|
32
38
|
inventory: inventory,
|
|
33
39
|
playbook: playbook,
|
|
34
40
|
variables: variables,
|
|
35
|
-
execution_environment:
|
|
41
|
+
execution_environment: ee_registry_url.sub!("latest", @caller_execution_plan_id)
|
|
36
42
|
}
|
|
37
43
|
plan_action ::Proxy::Dynflow::Callback::Action,
|
|
38
44
|
args[:callback],
|
|
@@ -8,6 +8,12 @@ module Proxy
|
|
|
8
8
|
plugin :ansible_director, ::Proxy::AnsibleDirector::VERSION
|
|
9
9
|
rackup_path File.expand_path('http_config.ru', __dir__)
|
|
10
10
|
|
|
11
|
+
default_settings(
|
|
12
|
+
ansible_navigator_run_dir: "/usr/share/foreman-proxy/.ansible_director/run",
|
|
13
|
+
execution_env_build_dir: "/usr/share/foreman-proxy/.ansible_director/execution_env",
|
|
14
|
+
remove_workdirs: true
|
|
15
|
+
)
|
|
16
|
+
|
|
11
17
|
load_classes do
|
|
12
18
|
require 'smart_proxy_dynflow'
|
|
13
19
|
require 'smart_proxy_ansible_director/launchers'
|
|
@@ -16,12 +16,18 @@ module Proxy
|
|
|
16
16
|
# ee_formatted_content: ee_formatted_content
|
|
17
17
|
# }
|
|
18
18
|
def initialize(ansible_builder_input, suspended_action: nil)
|
|
19
|
+
# ID of the execution environment definition; supplied by Foreman
|
|
19
20
|
@ee_id = ansible_builder_input[:ee_id]
|
|
20
|
-
|
|
21
|
-
@
|
|
21
|
+
# TAGGED registry URL of the base image; supplied by Foreman
|
|
22
|
+
@ee_base_image_url = ansible_builder_input[:ee_base_image_url]
|
|
23
|
+
# Tag used at the end of building for this image
|
|
24
|
+
@ee_built_image_tag = ansible_builder_input[:ee_built_image_tag]
|
|
22
25
|
@ee_ansible_core_version = ansible_builder_input[:ee_ansible_core_version]
|
|
23
26
|
@ee_formatted_content = ansible_builder_input[:ee_formatted_content]
|
|
24
27
|
@is_base_image = ansible_builder_input[:is_base_image]
|
|
28
|
+
|
|
29
|
+
workdir_base = Proxy::AnsibleDirector::Plugin.settings[:execution_env_build_dir]
|
|
30
|
+
@runner_workdir = Dir.mktmpdir('execution_env', workdir_base)
|
|
25
31
|
super suspended_action: suspended_action
|
|
26
32
|
end
|
|
27
33
|
|
|
@@ -44,7 +50,7 @@ module Proxy
|
|
|
44
50
|
'version' => 3,
|
|
45
51
|
'images' => {
|
|
46
52
|
'base_image' => {
|
|
47
|
-
'name' =>
|
|
53
|
+
'name' => @ee_base_image_url
|
|
48
54
|
}
|
|
49
55
|
},
|
|
50
56
|
'dependencies' => {
|
|
@@ -87,15 +93,17 @@ module Proxy
|
|
|
87
93
|
build_args_str += "--build-arg #{k}=\"#{v}\" "
|
|
88
94
|
end
|
|
89
95
|
|
|
96
|
+
# COMPAT 3.16 - 2
|
|
97
|
+
# --extra-build-cli-args is not supported in ansible-builder 3.0.0
|
|
98
|
+
# Verbosity is chosen by passing -v {0, 1, 2, 3}
|
|
99
|
+
|
|
90
100
|
cmd = <<~CMD
|
|
91
|
-
|
|
92
|
-
echo $TMPDIR
|
|
93
|
-
cd $TMPDIR
|
|
101
|
+
echo "Running in #{@runner_workdir}"
|
|
94
102
|
|
|
95
|
-
cat <<EOF > "execution-environment.yml"
|
|
103
|
+
cat <<EOF > "#{@runner_workdir}/execution-environment.yml"
|
|
96
104
|
#{YAML.dump(ee_definition, indentation: 2)}
|
|
97
105
|
EOF
|
|
98
|
-
ansible-builder build --tag
|
|
106
|
+
ansible-builder build --tag ansible_director/#{@ee_id}:#{@ee_built_image_tag} -v 3 --file #{@runner_workdir}/execution-environment.yml #{build_args_str} --context #{@runner_workdir}
|
|
99
107
|
CMD
|
|
100
108
|
|
|
101
109
|
initialize_command('bash', '-c', cmd)
|
|
@@ -106,6 +114,15 @@ module Proxy
|
|
|
106
114
|
puts @continuous_output.raw_outputs
|
|
107
115
|
publish_exit_status(@process_manager.status) if @process_manager.done?
|
|
108
116
|
end
|
|
117
|
+
|
|
118
|
+
def close
|
|
119
|
+
remove_workdirs = Proxy::AnsibleDirector::Plugin.settings[:remove_workdirs]
|
|
120
|
+
FileUtils.rm_rf @runner_workdir if remove_workdirs
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
def publish_data(message, type = 'debug')
|
|
124
|
+
@continuous_output.add_output(message.force_encoding('UTF-8'), type)
|
|
125
|
+
end
|
|
109
126
|
end
|
|
110
127
|
end
|
|
111
128
|
end
|
|
@@ -21,64 +21,66 @@ module Proxy
|
|
|
21
21
|
@variables = ansible_input[:variables]
|
|
22
22
|
end
|
|
23
23
|
@execution_environment = ansible_input[:execution_environment]
|
|
24
|
+
|
|
25
|
+
workdir_base = Proxy::AnsibleDirector::Plugin.settings[:ansible_navigator_run_dir]
|
|
26
|
+
@runner_workdir = Dir.mktmpdir('navigator', workdir_base)
|
|
24
27
|
end
|
|
25
28
|
|
|
26
29
|
def start
|
|
27
30
|
# TODO: Find a way to request the auth token programmatically
|
|
28
31
|
cmd = <<~CMD
|
|
32
|
+
echo "Running in #{@runner_workdir}"
|
|
29
33
|
|
|
30
|
-
|
|
31
|
-
echo $TMPDIR
|
|
32
|
-
cd $TMPDIR#{' '}
|
|
33
|
-
|
|
34
|
-
cat > "playbook.yaml" <<'EOF'
|
|
34
|
+
cat > "#{@runner_workdir}/playbook.yaml" <<'EOF'
|
|
35
35
|
#{@playbook}
|
|
36
36
|
EOF
|
|
37
37
|
|
|
38
|
-
cat > "inventory.yaml" <<'EOF'
|
|
38
|
+
cat > "#{@runner_workdir}/inventory.yaml" <<'EOF'
|
|
39
39
|
#{@inventory}
|
|
40
40
|
EOF
|
|
41
41
|
|
|
42
|
-
mkdir vars
|
|
42
|
+
mkdir #{@runner_workdir}/vars
|
|
43
43
|
|
|
44
44
|
#{
|
|
45
45
|
@variables.map do |role_name, variables|
|
|
46
|
-
%(cat > "vars/#{role_name}_vars.yaml" <<'EOF'\n#{format_variables role_name, variables}EOF)
|
|
46
|
+
%(cat > "#{@runner_workdir}/vars/#{role_name}_vars.yaml" <<'EOF'\n#{format_variables role_name, variables}EOF)
|
|
47
47
|
end.join("\n\n")
|
|
48
48
|
}
|
|
49
49
|
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
50
|
+
cat > "#{@runner_workdir}/ansible-navigator.yml" <<'EOF'
|
|
51
|
+
---
|
|
52
|
+
ansible-navigator:
|
|
53
|
+
ansible:
|
|
54
|
+
inventory:
|
|
55
|
+
entries:
|
|
56
|
+
- #{@runner_workdir}/inventory.yaml
|
|
57
|
+
playbook:
|
|
58
|
+
path: #{@runner_workdir}/playbook.yaml
|
|
59
|
+
ansible-runner:
|
|
60
|
+
artifact-dir: #{@runner_workdir}
|
|
61
|
+
execution-environment:
|
|
62
|
+
image: #{@execution_environment}
|
|
63
|
+
pull:
|
|
64
|
+
arguments:
|
|
65
|
+
- "--tls-verify=false"
|
|
66
|
+
- "--authfile=$AUTHFILE"
|
|
67
|
+
policy: missing
|
|
68
|
+
volume-mounts:
|
|
69
|
+
- src: #{File.join(Dir.pwd, Proxy::SETTINGS.foreman_ssl_cert)}
|
|
70
|
+
dest: /run/secrets/foreman_ssl_cert
|
|
71
|
+
options: Z,ro
|
|
72
|
+
- src: #{File.join(Dir.pwd, Proxy::SETTINGS.foreman_ssl_key)}
|
|
73
|
+
dest: /run/secrets/foreman_ssl_key
|
|
74
|
+
options: Z,ro
|
|
75
|
+
- src: #{File.join(Dir.pwd, Proxy::SETTINGS.foreman_ssl_ca)}
|
|
76
|
+
dest: /run/secrets/foreman_ssl_verify
|
|
77
|
+
options: Z,ro
|
|
78
|
+
logging:
|
|
79
|
+
level: debug
|
|
80
|
+
mode: stdout
|
|
81
|
+
EOF
|
|
82
|
+
|
|
83
|
+
ANSIBLE_NAVIGATOR_CONFIG=#{@runner_workdir}/ansible-navigator.yml ansible-navigator run --mode stdout
|
|
82
84
|
CMD
|
|
83
85
|
initialize_command('bash', '-c', cmd)
|
|
84
86
|
end
|
|
@@ -89,6 +91,15 @@ module Proxy
|
|
|
89
91
|
publish_exit_status(@process_manager.status) if @process_manager.done?
|
|
90
92
|
end
|
|
91
93
|
|
|
94
|
+
def publish_data(message, type = 'debug')
|
|
95
|
+
@continuous_output.add_output(message.force_encoding('UTF-8'), type)
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
def close
|
|
99
|
+
remove_workdirs = Proxy::AnsibleDirector::Plugin.settings[:remove_workdirs]
|
|
100
|
+
FileUtils.rm_rf @runner_workdir if remove_workdirs
|
|
101
|
+
end
|
|
102
|
+
|
|
92
103
|
private
|
|
93
104
|
|
|
94
105
|
def format_variables(_role_name, variables)
|
|
@@ -26,6 +26,10 @@ module Proxy
|
|
|
26
26
|
puts @continuous_output.humanize
|
|
27
27
|
publish_exit_status(@process_manager.status) if @process_manager.done?
|
|
28
28
|
end
|
|
29
|
+
|
|
30
|
+
def publish_data(message, type = 'debug')
|
|
31
|
+
@continuous_output.add_output(message.force_encoding('UTF-8'), type)
|
|
32
|
+
end
|
|
29
33
|
end
|
|
30
34
|
end
|
|
31
35
|
end
|
|
@@ -18,7 +18,7 @@ module Proxy
|
|
|
18
18
|
def start
|
|
19
19
|
# TODO: Parametrize
|
|
20
20
|
|
|
21
|
-
image_name = "
|
|
21
|
+
image_name = "ansible_director/#{@ee_id}:latest"
|
|
22
22
|
registry = 'centos9-katello-devel-stable.example.com:4321'
|
|
23
23
|
|
|
24
24
|
cmd = <<~CMD
|
|
@@ -32,6 +32,10 @@ module Proxy
|
|
|
32
32
|
puts @continuous_output.humanize
|
|
33
33
|
publish_exit_status(@process_manager.status) if @process_manager.done?
|
|
34
34
|
end
|
|
35
|
+
|
|
36
|
+
def publish_data(message, type = 'debug')
|
|
37
|
+
@continuous_output.add_output(message.force_encoding('UTF-8'), type)
|
|
38
|
+
end
|
|
35
39
|
end
|
|
36
40
|
end
|
|
37
41
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: smart_proxy_ansible_director
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- ATIX AG
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date:
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: smart_proxy_dynflow
|
|
@@ -122,7 +122,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
122
122
|
- !ruby/object:Gem::Version
|
|
123
123
|
version: '0'
|
|
124
124
|
requirements: []
|
|
125
|
-
rubygems_version:
|
|
125
|
+
rubygems_version: 4.0.6
|
|
126
126
|
specification_version: 4
|
|
127
127
|
summary: Smart Proxy plugin to integrate Ansible Director with Foreman
|
|
128
128
|
test_files: []
|