Implement #9650 Add parameter hooks to inventory plugin iocage #9651
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| minor_changes: | ||
| - iocage inventory plugin - the new parameter ``hooks`` of the plugin is a list of files inside a jail that provide configuration parameters for the inventory. The inventory plugin reads the files from the jails and put the contents into the items of created variable ``iocage_hooks`` (https://github.com/ansible-collections/community.general/issues/9650, https://github.com/ansible-collections/community.general/pull/9651). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -71,6 +71,15 @@ | |
| - Enable O(sudo_preserve_env) if O(sudo) is enabled. | ||
| type: dict | ||
| default: {} | ||
| hooks_results: | ||
| description: | ||
| - List of paths to the files in a jail. | ||
| - Content of the files is stored in the items of the list C(iocage_hooks). | ||
| - If a file is not available the item keeps the dash character C(-). | ||
| - The variable C(iocage_hooks) is not created if O(hooks_results) is empty. | ||
| type: list | ||
| elements: path | ||
| version_added: 10.4.0 | ||
| notes: | ||
| - You might want to test the command C(ssh user@host iocage list -l) on | ||
| the controller before using this inventory plugin with O(user) specified | ||
|
|
@@ -142,6 +151,18 @@ | |
| key: iocage_release | ||
| - prefix: state | ||
| key: iocage_state | ||
|
|
||
| --- | ||
| # Read the file /var/db/dhclient-hook.address.epair0b in the jails and use it as ansible_host | ||
| plugin: community.general.iocage | ||
| host: 10.1.0.73 | ||
| user: admin | ||
| hooks_results: | ||
| - /var/db/dhclient-hook.address.epair0b | ||
| compose: | ||
| ansible_host: iocage_hooks.0 | ||
| groups: | ||
| test: inventory_hostname.startswith('test') | ||
| ''' | ||
|
|
||
| import re | ||
|
|
@@ -226,6 +247,7 @@ def get_inventory(self, path): | |
| sudo_preserve_env = self.get_option('sudo_preserve_env') | ||
| env = self.get_option('env') | ||
| get_properties = self.get_option('get_properties') | ||
| hooks_results = self.get_option('hooks_results') | ||
|
|
||
| cmd = [] | ||
| my_env = os.environ.copy() | ||
|
|
@@ -286,6 +308,50 @@ def get_inventory(self, path): | |
|
|
||
| self.get_properties(t_stdout, results, hostname) | ||
|
|
||
| if hooks_results: | ||
| cmd_get_pool = cmd.copy() | ||
| cmd_get_pool.append(self.IOCAGE) | ||
| cmd_get_pool.append('get') | ||
| cmd_get_pool.append('--pool') | ||
| try: | ||
| p = Popen(cmd_get_pool, stdout=PIPE, stderr=PIPE, env=my_env) | ||
| stdout, stderr = p.communicate() | ||
| if p.returncode != 0: | ||
| raise AnsibleError( | ||
| f'Failed to run cmd={cmd_get_pool}, rc={p.returncode}, stderr={to_native(stderr)}') | ||
| try: | ||
| iocage_pool = to_text(stdout, errors='surrogate_or_strict').strip() | ||
| except UnicodeError as e: | ||
| raise AnsibleError(f'Invalid (non unicode) input returned: {e}') from e | ||
| except Exception as e: | ||
| raise AnsibleError(f'Failed to get pool: {e}') from e | ||
|
|
||
| for hostname, host_vars in results['_meta']['hostvars'].items(): | ||
| iocage_hooks = [] | ||
| for hook in hooks_results: | ||
| path = "/" + iocage_pool + "/iocage/jails/" + hostname + "/root" + hook | ||
| cmd_cat_hook = cmd.copy() | ||
| cmd_cat_hook.append('cat') | ||
| cmd_cat_hook.append(path) | ||
| try: | ||
| p = Popen(cmd_cat_hook, stdout=PIPE, stderr=PIPE, env=my_env) | ||
| stdout, stderr = p.communicate() | ||
| if p.returncode != 0: | ||
| iocage_hooks.append('-') | ||
| continue | ||
|
|
||
| try: | ||
| iocage_hook = to_text(stdout, errors='surrogate_or_strict').strip() | ||
| except UnicodeError as e: | ||
| raise AnsibleError(f'Invalid (non unicode) input returned: {e}') from e | ||
|
|
||
| except Exception: | ||
| iocage_hooks.append('-') | ||
|
There was a problem hiding this comment. Same here. Also, why not using There was a problem hiding this comment. The dash "-" is used in iocage to represent a missing value. See for example ioc_list.py#L259 or ioc_list.py#L276. We've already used it too: if iocage_ip4_dict['ip4']:
iocage_ip4 = ','.join([d['ip'] for d in iocage_ip4_dict['ip4']])
else:
iocage_ip4 = '-' |
||
| else: | ||
| iocage_hooks.append(iocage_hook) | ||
|
|
||
| results['_meta']['hostvars'][hostname]['iocage_hooks'] = iocage_hooks | ||
|
|
||
| return results | ||
|
|
||
| def get_jails(self, t_stdout, results): | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe a warning should be printed in this case? (Or the behavior should be configurable - ignore, warn, error.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The jails may be heterogeneous, and a hook that works for one jail may not work for the other. I want to keep the spirit of silently ignoring
No such fileor any other error:I don't want to complicate the use case where different jails use different hooks or no hooks at all. List all hooks and let the compose option pick what is needed.
The admins should be responsible for
interceptinganything. And they should be used to it, especially in the case of thehooks. For example, the /etc/dhclient-enter-hooks and /etc/dhclient-exit-hooks silently ignore any failing lines in the scripts. It is expected, that the admin is responsible for checking what a hook is doing. There are also security implications.We can add the options (ignore, warn, error) later.