From fe5b4b9e6c0fc59a9975d511d8e20f7efe2ce04f Mon Sep 17 00:00:00 2001 From: Oleh Fedorenko Date: Thu, 21 Oct 2021 11:29:36 +0000 Subject: [PATCH] Refs #33760 - Add host_reports proxy plugin --- manifests/plugin/ansible.pp | 6 +++ manifests/plugin/ansible/params.pp | 2 + manifests/plugin/reports.pp | 40 +++++++++++++++++++ .../foreman_proxy__plugin__ansible_spec.rb | 5 +++ .../foreman_proxy__plugin__reports_spec.rb | 24 +++++++++++ templates/plugin/ansible.cfg.erb | 2 + templates/plugin/reports.yml.erb | 17 ++++++++ 7 files changed, 96 insertions(+) create mode 100644 manifests/plugin/reports.pp create mode 100644 spec/classes/foreman_proxy__plugin__reports_spec.rb create mode 100644 templates/plugin/reports.yml.erb diff --git a/manifests/plugin/ansible.pp b/manifests/plugin/ansible.pp index 53d61d454..a4b05f375 100644 --- a/manifests/plugin/ansible.pp +++ b/manifests/plugin/ansible.pp @@ -36,6 +36,10 @@ # # $collections_paths:: Paths where to look for ansible collections # +# $report_type:: Set to "foreman" for no changes. If set to "proxy", +# the Reports plugin for proxy must be enabled in order +# to actually make use of the new format of reports +# class foreman_proxy::plugin::ansible ( Boolean $enabled = $foreman_proxy::plugin::ansible::params::enabled, Foreman_proxy::ListenOn $listen_on = $foreman_proxy::plugin::ansible::params::listen_on, @@ -50,11 +54,13 @@ String $callback = $foreman_proxy::plugin::ansible::params::callback, String $runner_package_name = $foreman_proxy::plugin::ansible::params::runner_package_name, Array[Stdlib::Absolutepath] $collections_paths = $foreman_proxy::plugin::ansible::params::collections_paths, + Enum['foreman', 'proxy'] $report_type = $foreman_proxy::plugin::ansible::params::report_type, ) inherits foreman_proxy::plugin::ansible::params { $foreman_url = $foreman_proxy::foreman_base_url $foreman_ssl_cert = pick($foreman_proxy::foreman_ssl_cert, $foreman_proxy::ssl_cert) $foreman_ssl_key = pick($foreman_proxy::foreman_ssl_key, $foreman_proxy::ssl_key) $foreman_ssl_ca = pick($foreman_proxy::foreman_ssl_ca, $foreman_proxy::ssl_ca) + $proxy_url = $foreman_proxy::real_registered_proxy_url file {"${foreman_proxy::config_dir}/ansible.cfg": ensure => file, diff --git a/manifests/plugin/ansible/params.pp b/manifests/plugin/ansible/params.pp index 1087bf2df..5b0b92786 100644 --- a/manifests/plugin/ansible/params.pp +++ b/manifests/plugin/ansible/params.pp @@ -13,6 +13,8 @@ $ssh_args = '-o ProxyCommand=none -C -o ControlMaster=auto -o ControlPersist=60s' $install_runner = true $collections_paths = ['/etc/ansible/collections', '/usr/share/ansible/collections'] + # No reports are redirected by default + $report_type = 'foreman' case $facts['os']['family'] { 'RedHat': { $callback = 'theforeman.foreman.foreman' diff --git a/manifests/plugin/reports.pp b/manifests/plugin/reports.pp new file mode 100644 index 000000000..a4a5b4a41 --- /dev/null +++ b/manifests/plugin/reports.pp @@ -0,0 +1,40 @@ +# = Foreman Proxy Reports plugin +# +# This class installs the Reports plugin +# +# === Parameters: +# +# $keep_reports:: Keep sent reports in spool_dir directory +# when enabled, move files from the place on +# a regular basis (e.g. via cronjob). +# +# === Advanced parameters: +# +# $proxy_name:: Proxy hostname to appear in reports JSON +# +# $spool_dir:: Spool directory with processed reports +# +# $enabled:: enables/disables the host_reports plugin +# +# $listen_on:: proxy feature listens on http, https, or both +# +# $version:: plugin package version, it's passed to ensure parameter of package resource +# can be set to specific version number, 'latest', 'present' etc. +# +class foreman_proxy::plugin::host_reports ( + Optional[String] $proxy_name = undef, + Stdlib::Absolutepath $spool_dir = '/var/lib/foreman-proxy/reports', + Boolean $keep_reports = false, + Boolean $enabled = true, + Foreman_proxy::ListenOn $listen_on = 'https', + Optional[String] $version = undef, +) { + $reported_proxy_hostname = pick($proxy_name, $foreman_proxy::registered_name) + + foreman_proxy::plugin::module { 'reports': + enabled => $enabled, + feature => 'Reports', + listen_on => $listen_on, + version => $version, + } +} diff --git a/spec/classes/foreman_proxy__plugin__ansible_spec.rb b/spec/classes/foreman_proxy__plugin__ansible_spec.rb index 2ce1652e5..db933be75 100644 --- a/spec/classes/foreman_proxy__plugin__ansible_spec.rb +++ b/spec/classes/foreman_proxy__plugin__ansible_spec.rb @@ -44,6 +44,8 @@ 'host_key_checking = False', 'stdout_callback = yaml', '[callback_foreman]', + 'report_type = foreman', + 'proxy_url = https://foo.example.com:8443', 'url = https://foo.example.com', 'ssl_key = /etc/puppetlabs/puppet/ssl/private_keys/foo.example.com.pem', 'ssl_cert = /etc/puppetlabs/puppet/ssl/certs/foo.example.com.pem', @@ -65,6 +67,7 @@ host_key_checking: true, stdout_callback: 'debug', manage_runner_repo: false, + report_type: 'proxy', } end @@ -95,6 +98,8 @@ 'host_key_checking = True', 'stdout_callback = debug', '[callback_foreman]', + 'report_type = proxy', + 'proxy_url = https://foo.example.com:8443', 'url = https://foo.example.com', 'ssl_key = /etc/puppetlabs/puppet/ssl/private_keys/foo.example.com.pem', 'ssl_cert = /etc/puppetlabs/puppet/ssl/certs/foo.example.com.pem', diff --git a/spec/classes/foreman_proxy__plugin__reports_spec.rb b/spec/classes/foreman_proxy__plugin__reports_spec.rb new file mode 100644 index 000000000..6586ac227 --- /dev/null +++ b/spec/classes/foreman_proxy__plugin__reports_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'foreman_proxy::plugin::reports' do + on_plugin_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + let(:pre_condition) { 'include foreman_proxy' } + + describe 'with default settings' do + it { should contain_foreman_proxy__plugin__module('reports') } + it 'should contain the correct configuration in reports.yml' do + verify_exact_contents(catalogue, '/etc/foreman-proxy/settings.d/reports.yml', [ + '---', + ':enabled: https', + ':reported_proxy_hostname: foo.example.com', + ':debug_payload: false', + ':spool_dir: /var/lib/foreman-proxy/reports', + ':keep_reports: false' + ]) + end + end + end + end +end diff --git a/templates/plugin/ansible.cfg.erb b/templates/plugin/ansible.cfg.erb index e099923c8..2eec8cca7 100644 --- a/templates/plugin/ansible.cfg.erb +++ b/templates/plugin/ansible.cfg.erb @@ -7,6 +7,8 @@ roles_path = <%= @roles_path.join(':') %> collections_paths = <%= @collections_paths.join(':') %> [callback_foreman] +report_type = <%= @report_type %> +proxy_url = <%= @proxy_url %> url = <%= @foreman_url %> ssl_cert = <%= @foreman_ssl_cert %> ssl_key = <%= @foreman_ssl_key %> diff --git a/templates/plugin/reports.yml.erb b/templates/plugin/reports.yml.erb new file mode 100644 index 000000000..866187b89 --- /dev/null +++ b/templates/plugin/reports.yml.erb @@ -0,0 +1,17 @@ +--- +# Use https for production deployments. http and true only make sense in development +:enabled: <%= @module_enabled %> + +# Proxy hostname to appear in reports JSON +:reported_proxy_hostname: <%= scope.lookupvar('foreman_proxy::plugin::reports::reported_proxy_hostname') %> + +# Print input and output to the debug level +:debug_payload: false + +# Spool directory with processed reports +:spool_dir: <%= scope.lookupvar('foreman_proxy::plugin::reports::spool_dir') %> + +# Keep sent reports in spool_dir/done directory +# - when enabled, move files from the place on +# a regular basis (e.g. via cronjob). +:keep_reports: <%= scope.lookupvar('foreman_proxy::plugin::reports::keep_reports') %>