Deploy hammer and smart proxy for development (#373)

Author: adamruzicka

development/playbooks/_flavor_features/metadata.obsah.yaml

@@ -0,0 +1,6 @@
+---
+variables:
+  features:
+    parameter: --add-feature
+    help: Additional features to enable in this deployment.
+    action: append_unique

development/playbooks/deploy-dev/metadata.obsah.yaml

@@ -29,3 +29,6 @@ variables:
   foreman_development_github_username:
     help: GitHub username to add as additional remote for git checkouts
     action: store
+
+include:
+  - _flavor_features

development/roles/foreman_development/defaults/main.yaml

@@ -4,6 +4,8 @@ foreman_development_group: "{{ foreman_development_user }}"
 foreman_development_deployment_dir: "/home/{{ foreman_development_user }}"
 foreman_development_foreman_dir: "{{ foreman_development_deployment_dir }}/foreman"
 foreman_development_cert_dir: "{{ foreman_development_deployment_dir }}/foreman-certs"
+foreman_development_hammer_dir: "{{ foreman_development_deployment_dir }}/hammer-cli"
+foreman_development_smart_proxy_dir: "{{ foreman_development_deployment_dir }}/smart-proxy"
 
 foreman_development_ca_certificate: "{{ foreman_ca_certificate }}"
 foreman_development_client_certificate: "{{ foreman_client_certificate }}"
@@ -16,6 +18,10 @@ foreman_development_git_repo: "https://github.com/theforeman/foreman.git"
 foreman_development_git_revision: "develop"
 foreman_development_github_username: ""
 
+foreman_development_hammer_git_repo: "https://github.com/theforeman/hammer-cli.git"
+
+foreman_development_smart_proxy_git_repo: "https://github.com/theforeman/smart-proxy.git"
+
 foreman_development_rails_port: 3000
 foreman_development_rails_command: "puma -w 2 -p {{ foreman_development_rails_port }} --preload -b tcp://0.0.0.0"
 
@@ -36,43 +42,106 @@ foreman_development_plugin_registry:
     manage_repo: true
     extra_gemfiles:
       - "gemfile.d/test.rb"
+    hammer:
+      gem: hammer_cli_katello
+      name: "Katello/hammer-cli-katello"
+      module_config: katello.yml
   foreman_remote_execution:
     name: "theforeman/foreman_remote_execution"
     manage_repo: true
+    hammer:
+      name: "theforeman/hammer_cli_foreman_remote_execution"
+      module_config: foreman_remote_execution.yml
+    smart_proxy:
+      name: "theforeman/smart_proxy_remote_execution_ssh"
+      module_config: remote_execution_ssh.yml
   foreman_ansible:
     name: "theforeman/foreman_ansible"
     settings_template: "foreman_ansible.yaml.j2"
     manage_repo: true
+    hammer:
+      gem: hammer_cli_foreman_ansible
+      name: "theforeman/hammer-cli-foreman-ansible"
+      module_config: foreman_ansible.yml
+    smart_proxy:
+      name: "theforeman/smart_proxy_ansible"
+      module_config: ansible.yml
   foreman_rh_cloud:
     name: "theforeman/foreman_rh_cloud"
     manage_repo: true
+    hammer:
+      gem: hammer_cli_foreman_rh_cloud
+      name: "theforeman/hammer-cli-foreman-rh-cloud"
+      module_config: foreman_rh_cloud.yml
   foreman_discovery:
     name: "theforeman/foreman_discovery"
     manage_repo: true
+    hammer:
+      gem: hammer_cli_foreman_discovery
+      name: "theforeman/hammer-cli-foreman-discovery"
+      module_config: foreman_discovery.yml
+    smart_proxy:
+      name: "theforeman/smart_proxy_discovery"
+      module_config: discovery.yml
   foreman_openscap:
     name: "theforeman/foreman_openscap"
     manage_repo: true
+    hammer:
+      name: "theforeman/hammer_cli_foreman_openscap"
+      module_config: foreman_openscap.yml
+    smart_proxy:
+      name: "theforeman/smart_proxy_openscap"
+      module_config: openscap.yml
   foreman_bootdisk:
     name: "theforeman/foreman_bootdisk"
     manage_repo: true
+    hammer:
+      name: "theforeman/hammer_cli_foreman_bootdisk"
+      module_config: foreman_bootdisk.yml
   foreman_theme_satellite:
     name: "redhatsatellite/foreman_theme_satellite"
     manage_repo: true
   foreman_tasks:
     name: "theforeman/foreman-tasks"
     manage_repo: true
+    hammer:
+      gem: hammer_cli_foreman_tasks
+      name: "theforeman/hammer-cli-foreman-tasks"
+      module_config: foreman_tasks.yml
+    smart_proxy:
+      name: "theforeman/smart_proxy_dynflow"
+      module_config: dynflow.yml
   foreman_webhooks:
     name: "theforeman/foreman_webhooks"
     manage_repo: true
+    hammer:
+      gem: hammer_cli_foreman_webhooks
+      name: "theforeman/hammer-cli-foreman-webhooks"
+      module_config: foreman_webhooks.yml
+    smart_proxy:
+      name: "theforeman/smart_proxy_shellhooks"
+      module_config: shellhooks.yml
   foreman_templates:
     name: "theforeman/foreman_templates"
     manage_repo: true
+    hammer:
+      gem: hammer_cli_foreman_templates
+      name: "theforeman/hammer-cli-foreman-templates"
+      module_config: foreman_templates.yml
   foreman_leapp:
     name: "theforeman/foreman_leapp"
     manage_repo: true
+    hammer:
+      gem: hammer_cli_foreman_leapp
+      name: "theforeman/hammer-cli-foreman-leapp"
+      module_config: foreman_leapp.yml
   foreman_puppet:
     name: "theforeman/foreman_puppet"
     manage_repo: true
+    hammer:
+      gem: hammer_cli_foreman_puppet
+      name: "theforeman/hammer-cli-foreman-puppet"
+      module_config: foreman_puppet.yml
 
 foreman_development_default_plugins:
   - katello

development/roles/foreman_development/tasks/hammer/main.yml

@@ -0,0 +1,47 @@
+- name: Deploy Hammer git repository
+  ansible.builtin.include_role:
+    name: git_repository
+  vars:
+    git_repository_destination_dir: "{{ foreman_development_hammer_dir }}"
+    git_repository_user: "{{ foreman_development_user }}"
+    git_repository_repository_owner: "theforeman"
+    git_repository_repository_name: "hammer-cli"
+    git_repository_revision: "{{ foreman_development_hammer_git_revision }}"
+    git_repository_secondary_remote_owner: "{{ foreman_development_github_username }}"
+
+- name: Setup hammer-cli-foreman
+  ansible.builtin.include_tasks: hammer/plugin.yml
+  vars:
+    foreman_development_plugin_name: "hammer_cli_foreman"
+    foreman_development_plugin_org: "theforeman"
+    foreman_development_plugin_repo_url: "https://github.com/theforeman/hammer-cli-foreman.git"
+    foreman_development_plugin_manage_repo: true
+    foreman_development_plugin_settings_template: "hammer/foreman.yml.j2"
+    foreman_development_plugin_extra_gemfiles: []
+
+- name: Setup plugins
+  ansible.builtin.include_tasks: hammer/plugin.yml
+  vars:
+    foreman_development_plugin_config: "{{ (foreman_development_plugin_registry[plugin_item] | default({})).hammer | default({}) }}"
+    foreman_development_plugin_name: "{{ foreman_development_plugin_config.name.split('/')[1] }}"
+    foreman_development_plugin_gem: "{{ foreman_development_plugin_config.gem }}"
+    foreman_development_plugin_org: "{{ foreman_development_plugin_config.name.split('/')[0] }}"
+    foreman_development_plugin_repo_url: "https://github.com/{{ foreman_development_plugin_config.name }}.git"
+    foreman_development_plugin_manage_repo: "{{ foreman_development_plugin_config.manage_repo | default(true) }}"
+    foreman_development_plugin_settings_template: "{{ foreman_development_plugin_config.settings_template | default('') }}"
+    foreman_development_plugin_module_config: "{{ foreman_development_plugin_config.module_config | default('') }}"
+    foreman_development_plugin_extra_gemfiles: []
+  when: foreman_development_plugin_config != {}
+  loop: "{{ foreman_development_default_plugins + foreman_development_enabled_plugins }}"
+  loop_control:
+    loop_var: plugin_item
+
+- name: Install Ruby dependencies
+  ansible.builtin.command:
+    cmd: bundle install --path .vendor --jobs 3
+    chdir: "{{ foreman_development_hammer_dir }}"
+  become: true
+  become_user: "{{ foreman_development_user }}"
+  environment:
+    PATH: "/usr/bin:/bin:/usr/local/bin"
+  changed_when: true

development/roles/foreman_development/tasks/hammer/plugin.yml

@@ -0,0 +1,48 @@
+---
+- name: "Deploy plugin git repository for {{ foreman_development_plugin_name }}"
+  ansible.builtin.include_role:
+    name: git_repository
+  vars:
+    git_repository_destination_dir: "{{ foreman_development_deployment_dir }}/{{ foreman_development_plugin_name }}"
+    git_repository_user: "{{ foreman_development_user }}"
+    git_repository_repository_owner: "{{ foreman_development_plugin_org }}"
+    git_repository_repository_name: "{{ foreman_development_plugin_name }}"
+    git_repository_secondary_remote_owner: "{{ foreman_development_github_username }}"
+  when: foreman_development_plugin_manage_repo
+
+- name: "Create settings file for {{ foreman_development_plugin_name }}"
+  ansible.builtin.template:
+    src: "{{ foreman_development_plugin_settings_template }}"
+    dest: "{{ foreman_development_hammer_dir }}/config/cli.modules.d/{{ foreman_development_plugin_settings_template.split('/')[1] | replace('.j2', '') }}"
+    owner: "{{ foreman_development_user }}"
+    group: "{{ foreman_development_group }}"
+    mode: "0644"
+  become: true
+  become_user: "{{ foreman_development_user }}"
+  when: foreman_development_plugin_settings_template != ""
+
+- name: "Copy module config file for {{ foreman_development_plugin_name }}"
+  ansible.builtin.shell: |
+    cp {{ foreman_development_deployment_dir }}/{{ foreman_development_plugin_name }}/config/{{ foreman_development_plugin_module_config }} \
+       {{ foreman_development_hammer_dir }}/config/cli.modules.d/{{ foreman_development_plugin_module_config }}
+  args:
+    creates: "{{ foreman_development_hammer_dir }}/config/cli.modules.d/{{ foreman_development_plugin_module_config }}"
+  become: true
+  become_user: "{{ foreman_development_user }}"
+  when:
+    - foreman_development_plugin_settings_template == ""
+    - foreman_development_plugin_module_config | default("") != ""
+
+- name: "Create bundler configuration for {{ foreman_development_plugin_name }}"
+  ansible.builtin.lineinfile:
+    line: >-
+      gem '{{ foreman_development_plugin_gem | default(foreman_development_plugin_name) }}',
+      path: '{{ foreman_development_deployment_dir }}/{{ foreman_development_plugin_name }}'
+    path: "{{ foreman_development_hammer_dir }}/Gemfile.local.rb"
+    create: true
+    state: present
+    regexp: "^\\s*gem '{{ foreman_development_plugin_name }}'"
+    mode: "0644"
+  become: true
+  become_user: "{{ foreman_development_user }}"
+  when: foreman_development_plugin_name != ""

development/roles/foreman_development/tasks/main.yaml

@@ -241,3 +241,13 @@
     name: foreman-development
     state: stopped
     enabled: false
+
+- name: Configure smart-proxy for development
+  ansible.builtin.include_tasks: smart-proxy/main.yml
+  when:
+    - "'foreman-proxy' in enabled_features"
+
+- name: Configure hammer for development
+  ansible.builtin.include_tasks: hammer/main.yml
+  when:
+    - "'hammer' in enabled_features"

development/roles/foreman_development/tasks/smart-proxy/main.yml

@@ -0,0 +1,141 @@
+---
+- name: Deploy smart-proxy git repository
+  ansible.builtin.include_role:
+    name: git_repository
+  vars:
+    git_repository_destination_dir: "{{ foreman_development_smart_proxy_dir }}"
+    git_repository_user: "{{ foreman_development_user }}"
+    git_repository_repository_owner: "theforeman"
+    git_repository_repository_name: "smart-proxy"
+    git_repository_secondary_remote_owner: "{{ foreman_development_github_username }}"
+
+- name: Create cert directories
+  ansible.builtin.file:
+    path: "{{ foreman_development_cert_dir }}/smart-proxy"
+    state: directory
+    mode: "0750"
+    owner: "{{ foreman_development_user }}"
+
+- name: Deploy certificates
+  ansible.builtin.copy:
+    src: "{{ item.src }}"
+    dest: "{{ foreman_development_cert_dir }}/smart-proxy/{{ item.dest }}"
+    remote_src: true
+    mode: "0640"
+    owner: "{{ foreman_development_user }}"
+  loop:
+    - src: "{{ httpd_server_ca_certificate }}"
+      dest: "ca.crt"
+    - src: "{{ httpd_server_certificate }}"
+      dest: "proxy.crt"
+    - src: "{{ httpd_server_key }}"
+      dest: "proxy.key"
+
+- name: Create smart-proxy settings.d file from template
+  ansible.builtin.template:
+    src: "smart-proxy/settings.yml.j2"
+    dest: "{{ foreman_development_smart_proxy_dir }}/config/settings.yml"
+    owner: "{{ foreman_development_user }}"
+    group: "{{ foreman_development_group }}"
+    mode: "0644"
+  become: true
+  become_user: "{{ foreman_development_user }}"
+
+- name: Setup smart-proxy plugins
+  ansible.builtin.include_tasks: smart-proxy/plugin.yml
+  vars:
+    foreman_development_plugin_config: "{{ (foreman_development_plugin_registry[plugin_item] | default({})).smart_proxy | default({}) }}"
+    foreman_development_plugin_name: "{{ foreman_development_plugin_config.name.split('/')[1] }}"
+    foreman_development_plugin_gem: "{{ foreman_development_plugin_config.gem | default(foreman_development_plugin_config.name.split('/')[1]) }}"
+    foreman_development_plugin_org: "{{ foreman_development_plugin_config.name.split('/')[0] }}"
+    foreman_development_plugin_repo_url: "https://github.com/{{ foreman_development_plugin_config.name }}.git"
+    foreman_development_plugin_manage_repo: "{{ foreman_development_plugin_config.manage_repo | default(true) }}"
+    foreman_development_plugin_settings_template: "{{ foreman_development_plugin_config.settings_template | default('') }}"
+    foreman_development_plugin_module_config: "{{ foreman_development_plugin_config.module_config | default('') }}"
+    foreman_development_plugin_bundler_path_prefix: "../../"
+    foreman_development_plugin_extra_gemfiles: []
+  when: foreman_development_plugin_config != {}
+  loop: "{{ foreman_development_default_plugins + foreman_development_enabled_plugins }}"
+  loop_control:
+    loop_var: plugin_item
+
+- name: Ensure the crb repository is enabled
+  community.general.dnf_config_manager:
+    name: crb
+    state: enabled
+
+- name: Install smart-proxy dependencies
+  ansible.builtin.package:
+    name:
+      - libvirt-devel
+      - krb5-devel
+      - libyaml-devel
+      - systemd-devel
+    state: present
+
+- name: Install smart-proxy Ruby dependencies
+  ansible.builtin.command:
+    cmd: bundle install --path .vendor --jobs 3
+    chdir: "{{ foreman_development_smart_proxy_dir }}"
+  become: true
+  become_user: "{{ foreman_development_user }}"
+  environment:
+    PATH: "/usr/bin:/bin:/usr/local/bin"
+  changed_when: true
+
+- name: Create smart-proxy development systemd service
+  ansible.builtin.template:
+    src: smart-proxy/smart-proxy-development.service.j2
+    dest: /etc/systemd/system/smart-proxy-development.service
+    owner: root
+    group: root
+    mode: "0644"
+
+- name: Reload systemd daemon
+  ansible.builtin.systemd:
+    daemon_reload: true
+
+- name: Enable and start smart-proxy development service
+  ansible.builtin.systemd:
+    name: smart-proxy-development
+    enabled: true
+    state: started
+
+- name: Wait for smart-proxy development server to be accessible
+  ansible.builtin.uri:
+    url: "http://{{ ansible_facts['fqdn'] }}:8000/features"
+    validate_certs: false
+  until: foreman_development_smart_proxy_status.status == 200
+  retries: 30
+  delay: 5
+  register: foreman_development_smart_proxy_status
+
+- name: Enable and start Foreman development service
+  ansible.builtin.systemd:
+    name: foreman-development
+    enabled: true
+    state: started
+
+- name: Wait for Foreman development server to be accessible
+  ansible.builtin.uri:
+    url: '{{ foreman_development_url }}/api/v2/ping'
+    validate_certs: false
+  until: foreman_development_status.status == 200
+  retries: 30
+  delay: 5
+  register: foreman_development_status
+
+- name: Configure smart-proxy for development
+  theforeman.foreman.smart_proxy:
+    name: "{{ ansible_facts['fqdn'] }}-dev"
+    url: "https://{{ ansible_facts['fqdn'] }}:8443"
+    server_url: "{{ foreman_development_url }}"
+    username: "{{ foreman_development_admin_user }}"
+    password: "{{ foreman_development_admin_password }}"
+    validate_certs: false
+
+- name: Stop smart-proxy development service after smart proxy registration
+  ansible.builtin.systemd:
+    name: smart-proxy-development
+    state: stopped
+    enabled: false