Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement #9650 Add parameter hooks to inventory plugin iocage #9651

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
+68 −0
Open

Implement #9650 Add parameter hooks to inventory plugin iocage #9651

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8f182b8
Add parameter hooks to inventory plugin iocage.
vbotka Jan 30, 2025
1b43185
Add changelog fragment.
vbotka Jan 30, 2025
97197b0
Update plugins/inventory/iocage.py
vbotka Jan 31, 2025
318238b
Parameter renamed to hooks_results
vbotka Feb 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions changelogs/fragments/9651-iocage-inventory-hooks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
minor_changes:
- iocage inventory plugin - the new parameter ``hooks`` of the plugin is a list of files inside a jail that provide configuration parameters for the inventory. The inventory plugin reads the files from the jails and put the contents into the items of created variable ``iocage_hooks`` (https://github.com/ansible-collections/community.general/issues/9650, https://github.com/ansible-collections/community.general/pull/9651).
66 changes: 66 additions & 0 deletions plugins/inventory/iocage.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,15 @@
- Enable O(sudo_preserve_env) if O(sudo) is enabled.
type: dict
default: {}
hooks_results:
description:
- List of paths to the files in a jail.
- Content of the files is stored in the items of the list C(iocage_hooks).
- If a file is not available the item keeps the dash character C(-).
- The variable C(iocage_hooks) is not created if O(hooks_results) is empty.
type: list
elements: path
version_added: 10.4.0
notes:
- You might want to test the command C(ssh user@host iocage list -l) on
the controller before using this inventory plugin with O(user) specified
Expand Down Expand Up @@ -142,6 +151,18 @@
key: iocage_release
- prefix: state
key: iocage_state

---
# Read the file /var/db/dhclient-hook.address.epair0b in the jails and use it as ansible_host
plugin: community.general.iocage
host: 10.1.0.73
user: admin
hooks_results:
- /var/db/dhclient-hook.address.epair0b
compose:
ansible_host: iocage_hooks.0
groups:
test: inventory_hostname.startswith('test')
'''

import re
Expand Down Expand Up @@ -226,6 +247,7 @@ def get_inventory(self, path):
sudo_preserve_env = self.get_option('sudo_preserve_env')
env = self.get_option('env')
get_properties = self.get_option('get_properties')
hooks_results = self.get_option('hooks_results')

cmd = []
my_env = os.environ.copy()
Expand Down Expand Up @@ -286,6 +308,50 @@ def get_inventory(self, path):

self.get_properties(t_stdout, results, hostname)

if hooks_results:
cmd_get_pool = cmd.copy()
cmd_get_pool.append(self.IOCAGE)
cmd_get_pool.append('get')
cmd_get_pool.append('--pool')
try:
p = Popen(cmd_get_pool, stdout=PIPE, stderr=PIPE, env=my_env)
stdout, stderr = p.communicate()
if p.returncode != 0:
raise AnsibleError(
f'Failed to run cmd={cmd_get_pool}, rc={p.returncode}, stderr={to_native(stderr)}')
try:
iocage_pool = to_text(stdout, errors='surrogate_or_strict').strip()
except UnicodeError as e:
raise AnsibleError(f'Invalid (non unicode) input returned: {e}') from e
except Exception as e:
raise AnsibleError(f'Failed to get pool: {e}') from e

for hostname, host_vars in results['_meta']['hostvars'].items():
iocage_hooks = []
for hook in hooks_results:
path = "/" + iocage_pool + "/iocage/jails/" + hostname + "/root" + hook
cmd_cat_hook = cmd.copy()
cmd_cat_hook.append('cat')
cmd_cat_hook.append(path)
try:
p = Popen(cmd_cat_hook, stdout=PIPE, stderr=PIPE, env=my_env)
stdout, stderr = p.communicate()
if p.returncode != 0:
iocage_hooks.append('-')
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe a warning should be printed in this case? (Or the behavior should be configurable - ignore, warn, error.)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The jails may be heterogeneous, and a hook that works for one jail may not work for the other. I want to keep the spirit of silently ignoring No such file or any other error:

  1. I don't want to complicate the use case where different jails use different hooks or no hooks at all. Just list all hooks and let the compose option pick what is needed.

  2. The dash "-" is used in iocage to represent a missing value. See for example ioc_list.py#L259 or ioc_list.py#L276. We've already used it too:

if iocage_ip4_dict['ip4']:
    iocage_ip4 = ','.join([d['ip'] for d in iocage_ip4_dict['ip4']])
else:
    iocage_ip4 = '-'
  1. The admins should be responsible for intercepting anything. And they should be used to it, especially in the case of the hooks. For example, the /etc/dhclient-enter-hooks and /etc/dhclient-exit-hooks silently ignore any failing lines in the scripts. It is expected, that the admin is responsible for checking what a hook is doing. There are also security implications.

We can add the options (ignore, warn, error) later if needed.

continue

try:
iocage_hook = to_text(stdout, errors='surrogate_or_strict').strip()
except UnicodeError as e:
raise AnsibleError(f'Invalid (non unicode) input returned: {e}') from e

except Exception:
iocage_hooks.append('-')
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here.

Also, why not using None instead of -? None can never appear as a real value, so you can distinguish "error happened" from "- was actually read".

else:
iocage_hooks.append(iocage_hook)

results['_meta']['hostvars'][hostname]['iocage_hooks'] = iocage_hooks

return results

def get_jails(self, t_stdout, results):
Expand Down