Seed plugin ansible playbooks #17185
Conversation
| # ruggedize this | ||
| `git init` | ||
| `git add -A` | ||
| `git commit -m "YOLO Initial Commit"` |
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
from
9f48ca9
to
af75367
Compare
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
3 times, most recently
from
3f92cea
to
f76697c
Compare
|
@syncrou @gmcculloug @gtanzillo other than writing tests and doing cleanup, this is ready for high level review. Am I missing anything? |
|
@carbonin too of course ^ |
|
|
||
| options = {} | ||
| options[:tree] = index.write_tree(repo) | ||
| options[:author] = options[:committer] = { :email => "user@example.com", :name => 'Author', :time => Time.now } |
There was a problem hiding this comment.
This is weird. Are the things like email required?
Can we make this use the product name or something? Not sure if this gets exposed in our UI anywhere.
There was a problem hiding this comment.
Yeah, good question @syncrou @gmcculloug. Do we care?
There was a problem hiding this comment.
@jrafanie - I don't think we care. I would just ask that is consistent, but largely because that seems the right thing to do.
On my testing, I received errors on the commit if the email wasn't set, but that obviously would not be a problem here.
There was a problem hiding this comment.
I can try not specifying the author and commiter. On CLI, if there's not author/commit it just warns to STDERR but still commits.
There was a problem hiding this comment.
Ugh, rugged requires both author and email for git commits 😞
There was a problem hiding this comment.
irb(main):002:0> EmbeddedAnsibleWorker.new.ensure_plugin_playbooks_project_seeded(Provider.first, EmbeddedAnsible.new)
Rugged::ConfigError: Config value 'user.name' was not found
| options = {} | ||
| options[:tree] = index.write_tree(repo) | ||
| options[:author] = options[:committer] = { :email => "user@example.com", :name => 'Author', :time => Time.now } | ||
| options[:message] = "YOLO Initial Commit" |
There was a problem hiding this comment.
Again, do we care? I can change it but I left something ridiculous so we remembered to change it.
There was a problem hiding this comment.
Same - It doesn't matter, other than being consistent with whatever is picked.
| end | ||
| end | ||
|
|
||
| PLUGIN_PLAYBOOK_PROJECT_NAME = "Default ManageIQ Playbook Project".freeze |
There was a problem hiding this comment.
Does this get displayed in the UI? If so we should use the product name.
There was a problem hiding this comment.
@syncrou @gmcculloug Yeah, I have no idea. This was me just naming it knowing it would change.
There was a problem hiding this comment.
@syncrou @gmcculloug naming is hard. Let me know what name you want. 🏃 🚌
There was a problem hiding this comment.
I would stick with the convention from the other objects so something like "#{I18n.t("product.name")} Default Project"
| end | ||
|
|
||
| def create_playbook_project(connection) | ||
| connection.api.projects.create!(PLAYBOOK_PROJECT_ATTRIBUTES.to_json) |
There was a problem hiding this comment.
Does anyone else need this id? Should we save it against the provider like we do for the other initial objects?
There was a problem hiding this comment.
@syncrou and I discussed this briefly and it didn't seem that this project would ever get accessed in manageiq after the fact, which is why we're searching by name for the "update" part. If we would need schema changes, we can't really backport that though.
There was a problem hiding this comment.
We wouldn't need schema changes. These are built using custom attributes https://github.com/ManageIQ/manageiq/blob/master/app/models/manageiq/providers/embedded_ansible/provider/default_ansible_objects.rb
There was a problem hiding this comment.
ok, @gmcculloug should I capture the project id for this?
There was a problem hiding this comment.
@syncrou what do you think of this? I can store it if needed.
There was a problem hiding this comment.
@jrafanie - I can't think of a reason we need it, if we can rebuild the entire system from the db when enabling the role on another machine (or upgrading ), then it seems to me that id is not needed at all.
|
|
||
| #TODO: make this a public api via an attr_reader | ||
| Vmdb::Plugins.instance.instance_variable_get(:@registered_ansible_content).each do |content| | ||
| FileUtils.cp_r(Dir.glob("#{content.path}/*"), CONSOLIDATED_PLUGIN_PLAYBOOKS_TEMPDIR) |
There was a problem hiding this comment.
I think this is wrong. I need to know what namespaced_role_directories and namespaced_playbook_files means so we don't have collisions on content. @syncrou do you have examples of what these values should be for the manageiq-content repo?
There was a problem hiding this comment.
@jrafanie - They're namespaced by a ., and that namespace will be completely up to us. e.g. we currently plan on prefixing all miq-core seeded roles with miq-core as the naming is shown here
The namespace collision protection is a documentation and PR reviewer issue. Ansible doesn't care ( mostly ) what the names of the roles are, so we're duplicating what galaxy uses to separate out roles with potential name collisions.
There was a problem hiding this comment.
- Note, I'm copying from the
content.pathdown. It's assuming that theroles_pathis a child directory of thepath. I don't know if this is a valid assumption.
irb(main):001:0> Vmdb::Plugins.instance.instance_variable_get(:@registered_ansible_content)
=> [#<Vmdb::Plugins::AnsibleContent:0x00000001303a58 @roles_path=#<Pathname:/opt/rh/cfme-gemset/bundler/gems/cfme-content-e5c494e59a7b/content/ansible/roles>, @path=#<Pathname:/opt/rh/cfme-gemset/bundler/gems/cfme-content-e5c494e59a7b/content/ansible>>]
I can instead copy them as two separate operations if needed but it was easier to just do cp_r so I don't need to copy recursively by myself.
- With this said, this is how the current
CONSOLIDATED_PLUGIN_PLAYBOOKS_TEMPDIRlooks after this method is complete. It appears to be namespace in that the original filenames are namespaced. As long as this is the expectation, I think we're ok here. Right?
[root@localhost vmdb]# tree /var/lib/awx_consolidated_source/projects/gem_ansible_content/
/var/lib/awx_consolidated_source/projects/gem_ansible_content/
└── roles
├── miq-core.manageiq-automate
│ ├── action_plugins
│ │ └── manageiq_automate.py
│ ├── defaults
│ │ └── main.yml
│ ├── examples
│ ├── handlers
│ │ └── main.yml
│ ├── library
│ │ └── manageiq_automate.py
│ ├── LICENSE
│ ├── meta
│ │ └── main.yml
│ ├── README.md
│ ├── tasks
│ │ └── main.yml
│ ├── tests
│ │ ├── inventory
│ │ └── test.yml
│ └── vars
│ └── main.yml
└── miq-core.manageiq-vmdb
├── action_plugins
│ └── manageiq_vmdb.py
├── defaults
│ └── main.yml
├── handlers
│ └── main.yml
├── library
│ └── manageiq_vmdb.py
├── LICENSE
├── meta
│ └── main.yml
├── README.md
├── tasks
│ └── main.yml
├── tests
│ ├── inventory
│ └── test.yml
└── vars
└── main.yml
There was a problem hiding this comment.
@jrafanie - That all looks right. If there were playbooks added to this from other repos we would place them under the content.path as well.
There was a problem hiding this comment.
Ok, sounds good. Instead of guessing, I'll keep it as is and change when/if we have to. As long as the gems follow the rules and namespace themselves, this should just work.
|
|
||
| options = {} | ||
| options[:tree] = index.write_tree(repo) | ||
| options[:author] = options[:committer] = { :email => "user@example.com", :name => 'Author', :time => Time.now } |
There was a problem hiding this comment.
Yeah, good question @syncrou @gmcculloug. Do we care?
| options = {} | ||
| options[:tree] = index.write_tree(repo) | ||
| options[:author] = options[:committer] = { :email => "user@example.com", :name => 'Author', :time => Time.now } | ||
| options[:message] = "YOLO Initial Commit" |
There was a problem hiding this comment.
Again, do we care? I can change it but I left something ridiculous so we remembered to change it.
| end | ||
| end | ||
|
|
||
| PLUGIN_PLAYBOOK_PROJECT_NAME = "Default ManageIQ Playbook Project".freeze |
There was a problem hiding this comment.
@syncrou @gmcculloug Yeah, I have no idea. This was me just naming it knowing it would change.
| end | ||
|
|
||
| def create_playbook_project(connection) | ||
| connection.api.projects.create!(PLAYBOOK_PROJECT_ATTRIBUTES.to_json) |
There was a problem hiding this comment.
@syncrou and I discussed this briefly and it didn't seem that this project would ever get accessed in manageiq after the fact, which is why we're searching by name for the "update" part. If we would need schema changes, we can't really backport that though.
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
2 times, most recently
from
53e2043
to
3754fe3
Compare
|
|
||
| commit_git_plugin_content | ||
|
|
||
| if project = existing_plugin_playbook_project(connection) |
There was a problem hiding this comment.
@jrafanie did you mean to use == here?
There was a problem hiding this comment.
No. I can split the assignment and conditional to appease the rubocop.
| private | ||
|
|
||
| CONSOLIDATED_PLUGIN_PLAYBOOKS_TEMPDIR = Pathname.new("/var/lib/awx_consolidated_source/projects/gem_ansible_content").freeze | ||
| def clean_consolidated_plugin_directory |
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
from
3754fe3
to
076bcce
Compare
| end | ||
|
|
||
| PLUGIN_PLAYBOOK_PROJECT_NAME = "Default ManageIQ Playbook Project".freeze | ||
| PLAYBOOK_PROJECT_ATTRIBUTES = { |
There was a problem hiding this comment.
Does a project need to be added to an organization? Or is it okay to not specify that here?
There was a problem hiding this comment.
@carbonin - It does need to be added to an Organization. It would be ok to specify that here. There is a chance the 'Default' organization would be set if the organization id is not passed in.
|
Note, I added and then mostly reverted a change to remove the temporary git repo. Basically, we can't remove it until it's cloned into the ansible project and there isn't a synchronous way to create the project so we don't really know when it's done unless we poll ansible or something like that. It doesn't seem worth it, at least for now. We'll leave it around and remove it on role activation to ensure we start clean. |
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
from
f585c71
to
5c6c5ff
Compare
|
@jrafanie is this still a WIP? |
|
@JPrause yes, I need to finish writing tests and squash some commits |
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
from
5c6c5ff
to
3bc082b
Compare
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
from
3bc082b
to
b5dec8d
Compare
jrafanie
changed the title
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
2 times, most recently
from
6c7facb
to
4a80166
Compare
We can't remove this repo until it's been cloned in the ansible project. It's not worth the complexity to poll ansible to see if it's complete.
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
from
4a80166
to
907612a
Compare
|
Ok, this is finally ready @syncrou @gmcculloug |
| @@ -53,4 +54,91 @@ def ensure_host(provider, connection) | |||
| :variables => {'ansible_connection' => "local"}.to_yaml | |||
| ).id | |||
| end | |||
|
|
|||
| CONSOLIDATED_PLUGIN_PLAYBOOKS_TEMPDIR = Pathname.new("/var/lib/awx_consolidated_source").freeze | |||
There was a problem hiding this comment.
Can this live either down with the method that uses it or up at the top of the class?
| def copy_plugin_ansible_content | ||
| FileUtils.mkdir_p(self.class.consolidated_plugin_directory) | ||
|
|
||
| # TODO: make this a public api via an attr_reader |
There was a problem hiding this comment.
Should this block this PR? Is this simple to do now?
jrafanie
force-pushed
the
seed_plugin_ansible_playbooks
branch
from
907612a
to
eb7f90c
Compare
|
Checked commits jrafanie/manageiq@7adff04~...eb7f90c with ruby 2.3.3, rubocop 0.52.1, haml-lint 0.20.0, and yamllint 1.10.0 |
|
@miq-bot add_label blocker |
Seed plugin ansible playbooks (cherry picked from commit c9e7f02) https://bugzilla.redhat.com/show_bug.cgi?id=1566658
|
Gaprindashvili backport details: |
ManageIQ/manageiq-design#40
https://bugzilla.redhat.com/show_bug.cgi?id=1539762
All of this depends on:
#17096
ManageIQ/manageiq-content#254
To test this on downstream appliances: