Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Your wish is my command... #6

Closed
wants to merge 1 commit into from
Closed

Your wish is my command... #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 3 additions & 4 deletions app/models/manageiq/providers/embedded_ansible/automation_manager/playbook.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
class ManageIQ::Providers::EmbeddedAnsible::AutomationManager::Playbook < ManageIQ::Providers::EmbeddedAutomationManager::ConfigurationScriptPayload
has_many :jobs, :class_name => 'OrchestrationStack', :foreign_key => :configuration_script_base_id

include AnsibleRunnerAuthTranslations

def path
configuration_script_source.path_to_playbook(name)
end
Expand Down Expand Up @@ -46,10 +48,7 @@ def build_parameter_list(options)
:extra_vars => options[:extra_vars].try(:to_json)
}

%i(credential vault_credential cloud_credential network_credential).each do |credential|
cred_sym = "#{credential}_id".to_sym
params[credential] = Authentication.find(options[cred_sym]).native_ref if options[cred_sym].present?
end
translate_credentials!(options, :other_hash => params)

params.compact
end
Expand Down
11 changes: 2 additions & 9 deletions app/models/manageiq/providers/embedded_ansible/automation_manager/playbook_runner.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
class ManageIQ::Providers::EmbeddedAnsible::AutomationManager::PlaybookRunner < ::Job
DEFAULT_EXECUTION_TTL = 10 # minutes

include AnsibleRunnerAuthTranslations

# options are job table columns, including options column which is the playbook context info
def self.create_job(options)
super(name, options.with_indifferent_access)
Expand Down Expand Up @@ -35,15 +37,6 @@ def create_job_template
my_signal(minimize_indirect, :post_ansible_run, err.message, 'error')
end

def translate_credentials!(launch_options)
%i[credential vault_credential cloud_credential network_credential].each do |cred_type|
credential_id = launch_options.delete("#{cred_type}_id".to_sym)
next if credential_id.blank?

launch_options[cred_type] = Authentication.find(credential_id).native_ref
end
end

LAUNCH_OPTIONS_KEYS = %i[
cloud_credential_id
credential_id
Expand Down
21 changes: 21 additions & 0 deletions app/models/mixins/ansible_runner_auth_translations.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
module AnsibleRunnerAuthTranslations
AUTH_TYPES = %i[credential vault_credential cloud_credential network_credential]

module_function
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By making this method a module_function, this can be called in two ways:

  • By includeing it, and calling it as we have done currently (as if it were a method in the class)
  • Calling it from it's module directly as if it was a class method (similar to FileUtils)

The second form would look like:

AnsibleRunnerAuthTranslations.translate_credentials(options)

Which has the advantage of not adding methods to the classes we are writing this for, though, when adding a module that has module_functions, it should add them into the private space (I think...).


# Translates options hash with credential_ids into auth
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Along the same lines with my comment about adding specs, the docs on this probably could be fleshed out a bit too.

#
# @param [Hash] options Hash containing the credential_ids
# @param [Hash] other_hash (options) Data to be updated if differs from <options>
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

# @param [Hash] other_hash ...

#namingIsHard™

# @param [Boolean] mutate_options (false) If passed in option keys should be removed, set to true
#
def translate_credentials!(options, other_hash: nil, mutate_options: false)
other_hash ||= options

AUTH_TYPES.each do |credential|
credential_sym = "#{credential}_id".to_sym
credential_id = mutate_options ? options.delete(credential_sym) : options[credential_sym]
other_hash[credential] = Authentication.find(credential_id).native_ref if credential_id.present?
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I covered all of the corner cases with this by using :other_hash and :mutate_options, but please check my work. I already forgot to assign this to other_hash instead of options.

Probably want to test this mixin directly and heavily just in case someone comes and changes this method and does something unexpected.

end
end
end
11 changes: 2 additions & 9 deletions app/models/service_ansible_playbook.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
class ServiceAnsiblePlaybook < ServiceGeneric
include AnsibleExtraVarsMixin
include AnsibleRunnerAuthTranslations

delegate :job_template, :to => :service_template, :allow_nil => true

Expand Down Expand Up @@ -95,14 +96,6 @@ def config_options(action)
options.fetch_path(:config_info, action.downcase.to_sym).slice(*CONFIG_OPTIONS_WHITELIST).with_indifferent_access
end

def translate_credentials!(job_options)
%i[credential vault_credential network_credential cloud_credential].each do |cred|
cred_sym = "#{cred}_id".to_sym
credential_id = job_options.delete(cred_sym)
job_options[cred] = Authentication.find(credential_id).native_ref if credential_id.present?
end
end

def save_job_options(action, overrides)
job_options = config_options(action)

Expand All @@ -112,7 +105,7 @@ def save_job_options(action, overrides)

job_options.deep_merge!(parse_dialog_options) unless action == ResourceAction::RETIREMENT
job_options.deep_merge!(overrides)
translate_credentials!(job_options)
translate_credentials!(job_options, :mutate_options => true)

options[job_option_key(action)] = job_options
save!
Expand Down
7 changes: 3 additions & 4 deletions app/models/service_template_ansible_playbook.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ class ServiceTemplateAnsiblePlaybook < ServiceTemplateGeneric
before_destroy :check_retirement_potential, :prepend => true
around_destroy :around_destroy_callback, :prepend => true

extend AnsibleRunnerAuthTranslations

RETIREMENT_ENTRY_POINTS = {
'yes_without_playbook' => '/Service/Generic/StateMachines/GenericLifecycle/Retire_Basic_Resource',
'no_without_playbook' => '/Service/Generic/StateMachines/GenericLifecycle/Retire_Basic_Resource_None',
Expand Down Expand Up @@ -105,10 +107,7 @@ def self.build_parameter_list(name, description, info)
end.to_json
end

%i(credential vault_credential cloud_credential network_credential).each do |credential|
cred_sym = "#{credential}_id".to_sym
params[credential] = Authentication.find(info[cred_sym]).native_ref if info[cred_sym]
end
translate_credentials!(params, :other_hash => info)

[tower, params.compact]
end
Expand Down