Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #37897 - Separate autosign key generation and configuration #211

Merged
merged 2 commits into from
Oct 15, 2024
+30 −10
Merged

Fixes #37897 - Separate autosign key generation and configuration #211

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7111860
Fixes #37897 - Separate autosign key generation and configuration
bastian-src Oct 9, 2024
d7c76fb
Rubocop: Set MaxModuleLength to 150
bastian-src Oct 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .rubocop_todo.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ Metrics/MethodLength:
# Offense count: 1
# Configuration parameters: CountComments, CountAsOne.
Metrics/ModuleLength:
Max: 112
Max: 150

# Offense count: 5
# Configuration parameters: IgnoredMethods.
Expand Down
38 changes: 29 additions & 9 deletions app/models/foreman_salt/concerns/host_managed_extensions.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ def inherited_attributes

validate :salt_modules_in_host_environment

before_provision :ensure_salt_autosign, if: ->(host) { host.salt_proxy }
before_destroy :remove_salt_minion, if: ->(host) { host.salt_proxy }
after_validation :queue_ensure_salt_autosign, if: ->(host) { host.salt_proxy }
before_destroy :queue_remove_salt_minion, if: ->(host) { host.salt_proxy }
end

def salt_params
Expand Down Expand Up @@ -107,10 +107,32 @@ def derive_salt_grains(use_autosign: false)

private

def queue_ensure_salt_autosign
return unless new_record? || build_changed?

generate_salt_autosign_key
queue.create(id: "ensure_salt_autosign_#{id}", name: _('Configure Salt Autosign key for %s') % self,
priority: 101, action: [self, :ensure_salt_autosign])
end

def queue_remove_salt_minion
queue.create(id: "queue_remove_salt_minion_#{id}", name: _('Remove Salt Minion for %s') % self,
priority: 101, action: [self, :remove_salt_minion])
end

def generate_salt_autosign_key
if salt_autosign_key.nil?
Rails.logger.info("Generate salt autosign key for #{fqdn}")
self.salt_autosign_key = generate_provisioning_key
else
Rails.logger.info("Use existing salt autosign key for #{fqdn}")
end
self.salt_status = ForemanSalt::SaltStatus.minion_auth_waiting
end

def ensure_salt_autosign
remove_salt_key
remove_salt_autosign
create_salt_autosign
configure_salt_autosign
end

def remove_salt_minion
Expand Down Expand Up @@ -140,13 +162,11 @@ def generate_provisioning_key
SecureRandom.hex(10)
end

def create_salt_autosign
Rails.logger.info("Create salt autosign key for host #{fqdn}")
def configure_salt_autosign
Rails.logger.info("Configure salt autosign key for host #{fqdn} on #{salt_proxy.url}")
nadjaheitmann marked this conversation as resolved.
Show resolved Hide resolved
api = ProxyAPI::Salt.new(url: salt_proxy.url)
key = generate_provisioning_key
key = salt_autosign_key
nadjaheitmann marked this conversation as resolved.
Show resolved Hide resolved
api.autosign_create_key(key)
update(salt_autosign_key: key)
update(salt_status: ForemanSalt::SaltStatus.minion_auth_waiting)
rescue Foreman::Exception => e
Rails.logger.warn("Unable to create salt autosign for #{fqdn}: #{e}")
end
Expand Down