smart_proxy_remote_execution_ssh 0.10.0 → 0.10.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '048f8694430967060fae6bd7790fe56930b5c2bac37f3bc26e7b13db69081da6'
-  data.tar.gz: 5a3b1e344a47aa4c97dcce97f43dc9e424d398f79c67a6f1e066d670758c99f0
+  metadata.gz: e155b0459ac25c633c9c38de0d288b22779f5ea7f6d82146e5505b83cfd7e12e
+  data.tar.gz: 700810a05b8fac1b57ebcc4ca52c5c2de45575dac1b81fe9b84f5c066c6f1dad
 SHA512:
-  metadata.gz: a4bc90b3dda6d190c8f94aeb6731a3a6679788ea4f950e1bb4196c1d5da4630b170fe152e9c96a5e4cb7dcd25ba1d6371292e52b4059773759c1fbe8461bd347
-  data.tar.gz: f4849b32f7529cbb29d127ae1c4c9fd9642b0700c834b1e3eebf59b5d9cfca282fca674188a734a37b36d45ff3e423096aa3512ceae118aef7ff831cb1600a38
+  metadata.gz: 11d92de711f06ee33deabf98442e5eb998a24cbd78f8b548a977cd2189a19e7ee998106d8935dbbfe7f1d7b74cc0fc7eb924430fb6f6a98b9565bcde09f917fd
+  data.tar.gz: f23cce7baef47c6651c1ef894b7f39d27b6b043153ed04e388940bab4898633689acd5aa66587be5f01651037d754357c8dd79f162e3d8a72a3430d6f7294efd

data/lib/smart_proxy_remote_execution_ssh/actions/pull_script.rb

@@ -4,9 +4,20 @@ require 'time'
 
 module Proxy::RemoteExecution::Ssh::Actions
   class PullScript < Proxy::Dynflow::Action::Runner
+    include ::Dynflow::Action::Timeouts
+
     JobDelivered = Class.new
     PickupTimeout = Class.new
 
+    # The proxy has the job stored in its job storage
+    READY_FOR_PICKUP = 'ready_for_pickup'
+    # The host was notified over MQTT at least once
+    NOTIFIED = 'notified'
+    # The host has picked up the job
+    DELIVERED = 'delivered'
+    # We received at least one output from the host
+    RUNNING = 'running'
+
     execution_plan_hooks.use :cleanup, :on => :stopped
 
     def plan(action_input, mqtt: false)
@@ -16,14 +27,22 @@ module Proxy::RemoteExecution::Ssh::Actions
 
     def run(event = nil)
       if event == JobDelivered
-        output[:state] = :delivered
+        output[:state] = DELIVERED
         suspend
       elsif event == PickupTimeout
         process_pickup_timeout
+      elsif event == ::Dynflow::Action::Timeouts::Timeout
+        process_timeout
+      elsif event.nil?
+        if (timeout = input['execution_timeout_interval'])
+          schedule_timeout(timeout, optional: true)
+        end
+        super
       else
         super
       end
     rescue => e
+      cleanup
       action_logger.error(e)
       process_update(Proxy::Dynflow::Runner::Update.encode_exception('Proxy error', e))
     end
@@ -35,8 +54,10 @@ module Proxy::RemoteExecution::Ssh::Actions
 
       plan_event(PickupTimeout, input[:time_to_pickup], optional: true) if input[:time_to_pickup]
 
-      input[:job_uuid] = job_storage.store_job(host_name, execution_plan_id, run_step_id, input[:script].tr("\r", ''), effective_user: input[:effective_user])
-      output[:state] = :ready_for_pickup
+      input[:job_uuid] = 
+        job_storage.store_job(host_name, execution_plan_id, run_step_id, input[:script].tr("\r", ''), 
+                              effective_user: input[:effective_user])
+      output[:state] = READY_FOR_PICKUP
       output[:result] = []
 
       mqtt_start(otp_password) if input[:with_mqtt]
@@ -50,7 +71,7 @@ module Proxy::RemoteExecution::Ssh::Actions
     end
 
     def process_external_event(event)
-      output[:state] = :running
+      output[:state] = RUNNING
       data = event.data
       case data['version']
       when nil
@@ -64,7 +85,11 @@ module Proxy::RemoteExecution::Ssh::Actions
 
     def process_external_unversioned(payload)
       continuous_output = Proxy::Dynflow::ContinuousOutput.new
-      Array(payload['output']).each { |line| continuous_output.add_output(line, payload['type']) } if payload.key?('output')
+      if payload.key?('output')
+        Array(payload['output']).each do |line|
+          continuous_output.add_output(line, payload['type'])
+        end
+      end
       exit_code = payload['exit_code'].to_i if payload['exit_code']
       process_update(Proxy::Dynflow::Runner::Update.new(continuous_output, exit_code))
     end
@@ -89,19 +114,34 @@ module Proxy::RemoteExecution::Ssh::Actions
       process_update(Proxy::Dynflow::Runner::Update.new(continuous_output, exit_code))
     end
 
-    def kill_run
+    def process_timeout
+      kill_run "Execution timeout exceeded"
+    end
+
+    def kill_run(fail_msg = 'The job was cancelled by the user')
+      continuous_output = Proxy::Dynflow::ContinuousOutput.new
+      exit_code = nil
+
       case output[:state]
-      when :ready_for_pickup
+      when READY_FOR_PICKUP, NOTIFIED
         # If the job is not running yet on the client, wipe it from storage
         cleanup
-        # TODO: Stop the action
-      when :notified, :running
+        exit_code = 'EXCEPTION'
+      when DELIVERED, RUNNING
         # Client was notified or is already running, dealing with this situation
         # is only supported if mqtt is available
         # Otherwise we have to wait it out
-        mqtt_cancel if input[:with_mqtt]
+        if input[:with_mqtt]
+          mqtt_cancel 
+          fail_msg += ', notifying the host over MQTT'
+        else
+          fail_msg += ', however the job was triggered without MQTT and cannot be stopped'
+        end
       end
-      suspend
+      continuous_output.add_output(fail_msg + "\n")
+      process_update(Proxy::Dynflow::Runner::Update.new(continuous_output, exit_code))
+
+      suspend unless exit_code
     end
 
     def mqtt_start(otp_password)
@@ -118,12 +158,12 @@ module Proxy::RemoteExecution::Ssh::Actions
         },
       )
       Proxy::RemoteExecution::Ssh::MQTT::Dispatcher.instance.new(input[:job_uuid], mqtt_topic, payload)
-      output[:state] = :notified
+      output[:state] = NOTIFIED
     end
 
     def mqtt_cancel
-      cleanup
       payload = mqtt_payload_base.merge(
+        content: "#{input[:proxy_url]}/ssh/jobs/#{input[:job_uuid]}/cancel",
         metadata: {
           'event': 'cancel',
           'job_uuid': input[:job_uuid]
@@ -163,11 +203,9 @@ module Proxy::RemoteExecution::Ssh::Actions
     end
 
     def process_pickup_timeout
-      if output[:state] != :delivered
-        raise "The job was not picked up in time"
-      else
-        suspend
-      end
+      suspend unless [READY_FOR_PICKUP, NOTIFIED].include? output[:state]
+
+      kill_run 'The job was not picked up in time'
     end
   end
 end

data/lib/smart_proxy_remote_execution_ssh/api.rb

@@ -71,6 +71,14 @@ module Proxy::RemoteExecution
         end
       end
 
+      get "/jobs/:job_uuid/cancel" do |job_uuid|
+        do_authorize_with_ssl_client
+
+        with_authorized_job(job_uuid) do |job_record|
+          {}
+        end
+      end
+
       private
 
       def notify_job(job_record, event)

data/lib/smart_proxy_remote_execution_ssh/mqtt/dispatcher.rb

@@ -2,15 +2,39 @@ require 'concurrent'
 require 'mqtt'
 
 class Proxy::RemoteExecution::Ssh::MQTT
+  class DispatcherSupervisor < Concurrent::Actor::RestartingContext
+    def initialize
+      limit = Proxy::RemoteExecution::Ssh::Plugin.settings[:mqtt_rate_limit]
+      @dispatcher = DispatcherActor.spawn('MQTT dispatcher',
+                                          Proxy::Dynflow::Core.world.clock,
+                                          limit)
+    end
+
+    def on_message(message)
+      case message
+      when :dispatcher_reference
+        @dispatcher
+      when :resumed
+        # Carry on
+      else
+        pass
+      end
+    end
+
+    # In case an exception is raised during processing, instruct concurrent-ruby
+    # to keep going without losing state
+    def behaviour_definition
+      Concurrent::Actor::Behaviour.restarting_behaviour_definition(:resume!)
+    end
+  end
+
   class Dispatcher
     include Singleton
 
     attr_reader :reference
     def initialize
-      limit = Proxy::RemoteExecution::Ssh::Plugin.settings[:mqtt_rate_limit]
-      @reference = DispatcherActor.spawn('MQTT dispatcher',
-                                         Proxy::Dynflow::Core.world.clock,
-                                         limit)
+      @supervisor = DispatcherSupervisor.spawn(name: 'RestartingSupervisor', args: [])
+      @reference = @supervisor.ask!(:dispatcher_reference)
     end
 
     def new(uuid, topic, payload)
@@ -159,11 +183,5 @@ class Proxy::RemoteExecution::Ssh::MQTT
     def timer_off
       @timer.shutdown
     end
-
-    # In case an exception is raised during processing, instruct concurrent-ruby
-    # to keep going without losing state
-    def behaviour_definition
-      Concurrent::Actor::Behaviour.restarting_behaviour_definition(:resume!)
-    end
   end
 end

data/lib/smart_proxy_remote_execution_ssh/multiplexed_ssh_connection.rb

@@ -103,7 +103,8 @@ module Proxy::RemoteExecution::Ssh::Runners
       # does not close its stderr which trips up the process manager which
       # expects all FDs to be closed
 
-      full_command = [method.ssh_command_prefix, 'ssh', establish_ssh_options, method.ssh_options, @host, 'true'].flatten
+      full_command = [method.ssh_command_prefix, 'ssh', establish_ssh_options, method.ssh_options, @host,
+                      'true'].flatten
       log_command(full_command)
       pm = Proxy::Dynflow::ProcessManager.new(full_command)
       pm.start!
@@ -154,6 +155,8 @@ module Proxy::RemoteExecution::Ssh::Runners
       ssh_options << "-o ControlPath=#{socket_file}"
       ssh_options << "-o ControlPersist=yes"
       ssh_options << "-o ProxyCommand=none"
+      ssh_options << "-o ServerAliveInterval=15"
+      ssh_options << "-o ServerAliveCountMax=3" # This is the default, but let's be explicit
       @establish_ssh_options = ssh_options
     end
 

data/lib/smart_proxy_remote_execution_ssh/runners/script_runner.rb

@@ -90,7 +90,6 @@ module Proxy::RemoteExecution::Ssh::Runners
     def reset; end
   end
 
-  # rubocop:disable Metrics/ClassLength
   class ScriptRunner < Proxy::Dynflow::Runner::Base
     include Proxy::Dynflow::Runner::ProcessManagerCommand
     include CommandLogging
@@ -180,7 +179,10 @@ module Proxy::RemoteExecution::Ssh::Runners
       @output_path = File.join(File.dirname(@remote_script), 'output')
       @exit_code_path = File.join(File.dirname(@remote_script), 'exit_code')
       @pid_path = File.join(File.dirname(@remote_script), 'pid')
-      @remote_script_wrapper = upload_data("echo $$ > #{@pid_path}; exec \"$@\";", File.join(File.dirname(@remote_script), 'script-wrapper'), 555)
+      @remote_script_wrapper = upload_data(
+        "echo $$ > #{@pid_path}; exec \"$@\";",
+        File.join(File.dirname(@remote_script), 'script-wrapper'),
+        555)
     end
 
     # the script that initiates the execution
@@ -192,7 +194,11 @@ module Proxy::RemoteExecution::Ssh::Runners
         #{@remote_script_wrapper} #{@user_method.cli_command_prefix}#{su_method ? "'#{@remote_script} < /dev/null '" : "#{@remote_script} < /dev/null"}
         echo \\$?>#{@exit_code_path}
         EOF
-        exit $(cat #{@exit_code_path})
+        if [ -f #{@exit_code_path} ] && [ $(wc -l < #{@exit_code_path}) -gt 0 ]; then
+          exit $(cat #{@exit_code_path})
+        else
+          exit 1
+        fi
       SCRIPT
     end
 
@@ -394,5 +400,4 @@ module Proxy::RemoteExecution::Ssh::Runners
       end
     end
   end
-  # rubocop:enable Metrics/ClassLength
 end

data/lib/smart_proxy_remote_execution_ssh/version.rb

@@ -1,7 +1,7 @@
 module Proxy
   module RemoteExecution
     module Ssh
-      VERSION = '0.10.0'
+      VERSION = '0.10.2'
     end
   end
 end

data/lib/smart_proxy_remote_execution_ssh.rb

@@ -50,7 +50,10 @@ module Proxy::RemoteExecution
         raise 'mqtt_port has to be set when pull-mqtt mode is used' if Plugin.settings.mqtt_port.nil?
 
         if Plugin.settings.mqtt_tls.nil?
-          Plugin.settings.mqtt_tls = [[:foreman_ssl_cert, :ssl_certificate], [:foreman_ssl_key, :ssl_private_key], [:foreman_ssl_ca, :ssl_ca_file]].all? { |(client, server)| ::Proxy::SETTINGS[client] || ::Proxy::SETTINGS[server] }
+          Plugin.settings.mqtt_tls = [[:foreman_ssl_cert, :ssl_certificate], [:foreman_ssl_key, :ssl_private_key],
+                                      [:foreman_ssl_ca, :ssl_ca_file]].all? do |(client, server)|
+            ::Proxy::SETTINGS[client] || ::Proxy::SETTINGS[server]
+          end
         end
       end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_remote_execution_ssh
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.10.2
 platform: ruby
 authors:
 - Ivan Nečas
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-12-12 00:00:00.000000000 Z
+date: 2023-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
@@ -192,7 +192,7 @@ homepage: https://github.com/theforeman/smart_proxy_remote_execution_ssh
 licenses:
 - GPL-3.0
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -207,8 +207,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.20
-signing_key:
+rubygems_version: 3.1.6
+signing_key: 
 specification_version: 4
 summary: Ssh remote execution provider for Foreman Smart-Proxy
 test_files: []