Skip to content

Add Foreman development environment #259

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 10, 2025
Merged

Add Foreman development environment #259

merged 2 commits into from
Nov 10, 2025

Conversation

@ehelms
Copy link
Member

@ehelms ehelms commented Oct 22, 2025

This adds a way to deploy a development environment similar to how the devel boxes in Forklift work. This deploys the backend services as containers to match production, and clones the source code directly to the VM and installs and configures.

In my testing, timing with this to get to a working development setup:

Forklift: 29 minutes
foremanctl: 16 minutes

I think this is a good starting baseline, as it provides a way to develop using our container-based installation that is similar to how developers work today. I'll be exploring other development setups that can be follow-ons to this method. The important bit for me is getting an environment that works within the context of this repository and our containers.

I did try running a development container and mounting the code into the development container. Within the VM environment this proved to be incredibly slow, likely due to the amount of files being shared and the I/O overhead.

@ehelms ehelms force-pushed the add-development-source branch from 8d0ad78 to 941076a Compare October 22, 2025 14:41
adamruzicka
adamruzicka reviewed Oct 22, 2025
View reviewed changes
@ehelms ehelms force-pushed the add-development-source branch from 941076a to 86d7cfb Compare October 23, 2025 16:35
@ehelms
Copy link
Member Author

ehelms commented Oct 23, 2025

Updates support broker hosts now, for example:

ANSIBLE_ASK_PASS=true ./forge deploy-dev --target-host <host> --foreman-development-user ehelms

I opened a change to Obsah to support the password ask naturally: theforeman/obsah#91

@ehelms ehelms force-pushed the add-development-source branch 6 times, most recently from 2123829 to bfca664 Compare October 24, 2025 11:25
adamruzicka
adamruzicka reviewed Oct 24, 2025
View reviewed changes
@adamruzicka
Copy link

adamruzicka commented Oct 24, 2025
edited
Loading

If anyone wants to follow along and doesn't have a properly set up machine (like me), here's a handy scriptlet to run this within a container to set up a remote machine (remote from the container's point of view, chances are it could be the machine hosting the container)

Spawn a fedora 42 container

podman run -ti --rm fedora:42 bash

Inside

USER=<remote_ssh_username>
HOST=<remote_hostname>

dnf install -y git python3 python3-virtualenv make

git clone https://github.com/theforeman/foremanctl
cd foremanctl
git fetch origin refs/pull/259/head
git checkout FETCH_HEAD

echo "$HOST ansible_user=$USER" >inventories/$HOST

./setup-environment
source .venv/bin/activate
ANSIBLE_ASK_PASS=true ./forge deploy-dev \
    --target-host $HOST \
    --foreman-development-enabled-plugins="katello,foreman_remote_execution,foreman_ansible,foreman_openscap" \
    --foreman-development-user $USER

ekohl
ekohl reviewed Oct 24, 2025
View reviewed changes
evgeni
evgeni reviewed Oct 27, 2025
View reviewed changes
@evgeni evgeni force-pushed the add-development-source branch from bfca664 to 1c67bb0 Compare October 27, 2025 11:16
evgeni
evgeni reviewed Oct 27, 2025
View reviewed changes
evgeni
evgeni reviewed Oct 27, 2025
View reviewed changes
evgeni
evgeni reviewed Oct 27, 2025
View reviewed changes
@evgeni evgeni force-pushed the add-development-source branch from 1c67bb0 to 548b173 Compare October 27, 2025 11:51
@ehelms ehelms force-pushed the add-development-source branch from 548b173 to afb8d33 Compare October 27, 2025 17:51
@ehelms ehelms marked this pull request as ready for review October 27, 2025 17:51
@ehelms ehelms force-pushed the add-development-source branch 2 times, most recently from 7d527e4 to 45d07b5 Compare October 27, 2025 19:49
evgeni
evgeni reviewed Oct 28, 2025
View reviewed changes
evgeni
evgeni reviewed Oct 28, 2025
View reviewed changes
evgeni
evgeni reviewed Oct 28, 2025
View reviewed changes
ekohl
ekohl reviewed Oct 28, 2025
View reviewed changes
Copy link
Member

@ekohl ekohl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On a related note, I've looked at using Puma directly to serve HTTPS (https://community.theforeman.org/t/setting-up-ssl-for-running-foreman-on-https/36168/4) and I still think that's an interesting model: keep all services able to function fully standalone, claiming the entire hostname & port combination.

IMHO this works towards the goal of getting rid of a mandatory Apache in front of all services, allowing you to compose it all from independent services.

@ehelms ehelms force-pushed the add-development-source branch 3 times, most recently from 2e69d19 to 711d283 Compare October 29, 2025 15:22
@ehelms ehelms force-pushed the add-development-source branch from 52b72ba to 555dd8f Compare November 3, 2025 15:02
@ehelms
Copy link
Member Author

ehelms commented Nov 3, 2025

  • What targets do we want to support here? In the vagrant case we default to CentOS Stream 9 boxes, which "just work" for a lot of things. But you also add a target-host that basically allows any arbitrary host to become one. And then you add some RHEL-isms that we can't verify in CI here.

I was thinking of starting with documenting where we have tested / developers are known to use this t deploy to. I'd love to be as formal as possible by testing combinations, but I also know that with development setups there is a lot more creativity applied.

@ehelms
Copy link
Member Author

ehelms commented Nov 3, 2025

  • What is the purpose of the plugin settings YAMLs you provide, without any way to adjust them? (I see why we need a katello.yml, but otherwise?)

Fair question. I asked myself the same of the Foreman settings.yaml and which values are actually needed in there. To be honest, I had not audited any of that yet, I translated from what was known to work in puppet-katello_devel.

I think that's part of the question for me -- do we merge a working version and then edit it or do we edit and narrow this down and then merge.

@ehelms ehelms force-pushed the add-development-source branch 2 times, most recently from f9c03fc to e6d195e Compare November 3, 2025 15:45
@ehelms ehelms requested a review from evgeni November 4, 2025 12:08
@evgeni
Copy link
Member

evgeni commented Nov 4, 2025

  • What targets do we want to support here? In the vagrant case we default to CentOS Stream 9 boxes, which "just work" for a lot of things. But you also add a target-host that basically allows any arbitrary host to become one. And then you add some RHEL-isms that we can't verify in CI here.

I was thinking of starting with documenting where we have tested / developers are known to use this t deploy to. I'd love to be as formal as possible by testing combinations, but I also know that with development setups there is a lot more creativity applied.

How about we write in the development setup readme something like:

## Prerequisites

- A running EL9 virtual machine, and inventory that contains knowledge of the VM. For example, using `./forge vms start`.
  - CentOS Stream 9 is recommended and tested
  - Other EL9 variants should work too. Please report if they do not.
- Run `./setup-environment` and activate the virtual environment

@evgeni
Copy link
Member

evgeni commented Nov 4, 2025

  • What is the purpose of the plugin settings YAMLs you provide, without any way to adjust them? (I see why we need a katello.yml, but otherwise?)

Fair question. I asked myself the same of the Foreman settings.yaml and which values are actually needed in there. To be honest, I had not audited any of that yet, I translated from what was known to work in puppet-katello_devel.

I think that's part of the question for me -- do we merge a working version and then edit it or do we edit and narrow this down and then merge.

Ideally, the templates here and in prod are identical (if they can be). I am fine merging as is and converging later, but we need to do that, as otherwise we'll be in "dev and prod diverge too much" land quickly again.

@ehelms ehelms force-pushed the add-development-source branch from e6d195e to fd2e64d Compare November 4, 2025 15:29
bherrin3
bherrin3 reviewed Nov 5, 2025
View reviewed changes
evgeni
evgeni reviewed Nov 6, 2025
View reviewed changes
@ehelms ehelms force-pushed the add-development-source branch from fd2e64d to 05dcb40 Compare November 6, 2025 13:53
@ehelms ehelms requested a review from evgeni November 6, 2025 14:20
evgeni
evgeni reviewed Nov 7, 2025
View reviewed changes
evgeni
evgeni reviewed Nov 7, 2025
View reviewed changes
evgeni
evgeni reviewed Nov 7, 2025
View reviewed changes
evgeni
evgeni reviewed Nov 7, 2025
View reviewed changes
evgeni
evgeni reviewed Nov 7, 2025
View reviewed changes
@evgeni
Copy link
Member

evgeni commented Nov 7, 2025

I tested locally (with vagrant) with the following patch and things work as expected (I enabled foreman_ansible etc)

diff --git development/playbooks/deploy-dev/metadata.obsah.yaml development/playbooks/deploy-dev/metadata.obsah.yaml
index 49f925a..ebe86e6 100644
--- development/playbooks/deploy-dev/metadata.obsah.yaml
+++ development/playbooks/deploy-dev/metadata.obsah.yaml
@@ -3,10 +3,11 @@ help: |
   Deploy and manage Foreman development environment with git-based Foreman and containerized backend services.
 
 variables:
-  foreman_development_enabled_plugin:
+  foreman_development_enabled_plugins:
     help: Plugin to enable (can be used multiple times)
     action: append
     default: [katello, foreman_remote_execution]
+    parameter: --foreman-development-enabled-plugin
   target_host:
     help: Target hostname or IP address for deployment
     action: store
diff --git development/roles/foreman_development/tasks/main.yaml development/roles/foreman_development/tasks/main.yaml
index 3eb8465..8d54a8e 100644
--- development/roles/foreman_development/tasks/main.yaml
+++ development/roles/foreman_development/tasks/main.yaml
@@ -149,6 +149,14 @@
   loop: "{{ foreman_development_enabled_plugins }}"
   loop_control:
     loop_var: plugin_item
+  vars:
+    foreman_development_plugin_config: "{{ foreman_development_plugin_registry[plugin_item] }}"
+    foreman_development_plugin_name: "{{ foreman_development_plugin_config.name.split('/')[1] }}"
+    foreman_development_plugin_org: "{{ foreman_development_plugin_config.name.split('/')[0] }}"
+    foreman_development_plugin_repo_url: "https://github.com/{{ foreman_development_plugin_config.name }}.git"
+    foreman_development_plugin_manage_repo: "{{ foreman_development_plugin_config.manage_repo | default(true) }}"
+    foreman_development_plugin_settings_template: "{{ foreman_development_plugin_config.settings_template | default('') }}"
+    foreman_development_plugin_extra_gemfiles: "{{ foreman_development_plugin_config.extra_gemfiles | default([]) }}"
 
 - name: Install Ruby dependencies
   ansible.builtin.command:
diff --git development/roles/foreman_development/tasks/plugin.yaml development/roles/foreman_development/tasks/plugin.yaml
index 5bd8419..5fb2215 100644
--- development/roles/foreman_development/tasks/plugin.yaml
+++ development/roles/foreman_development/tasks/plugin.yaml
@@ -1,17 +1,4 @@
 ---
-- name: Resolve plugin configuration
-  ansible.builtin.set_fact:
-    foreman_development_plugin_config: "{{ foreman_development_plugin_registry[plugin_item] }}"
-
-- name: Set plugin variables
-  ansible.builtin.set_fact:
-    foreman_development_plugin_name: "{{ foreman_development_plugin_config.name.split('/')[1] }}"
-    foreman_development_plugin_org: "{{ foreman_development_plugin_config.name.split('/')[0] }}"
-    foreman_development_plugin_repo_url: "https://github.com/{{ foreman_development_plugin_config.name }}.git"
-    foreman_development_plugin_manage_repo: "{{ foreman_development_plugin_config.manage_repo | default(true) }}"
-    foreman_development_plugin_settings_template: "{{ foreman_development_plugin_config.settings_template | default('') }}"
-    foreman_development_plugin_extra_gemfiles: "{{ foreman_development_plugin_config.extra_gemfiles | default([]) }}"
-
 - name: Clone plugin repository  # noqa latest[git]
   ansible.builtin.git:
     repo: "{{ foreman_development_plugin_repo_url }}"

I did not test remote deployments with broker etc, but I think it's fine enough for now to go in and be polished later.

@ehelms ehelms force-pushed the add-development-source branch 4 times, most recently from d2a4f55 to 0c93184 Compare November 7, 2025 21:06
evgeni
evgeni approved these changes Nov 10, 2025
View reviewed changes
Copy link
Member

@evgeni evgeni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

two nitpicks, but otherwise LGTM

@ehelms ehelms force-pushed the add-development-source branch from 0c93184 to 146963e Compare November 10, 2025 15:52
@ehelms ehelms force-pushed the add-development-source branch from 146963e to f447023 Compare November 10, 2025 16:00
@ehelms ehelms merged commit b569046 into theforeman:master Nov 10, 2025
9 of 12 checks passed
@evgeni evgeni mentioned this pull request Nov 13, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@evgeni evgeni evgeni approved these changes

@ekohl ekohl ekohl left review comments

+2 more reviewers

@adamruzicka adamruzicka adamruzicka left review comments

@bherrin3 bherrin3 bherrin3 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Could we have a procedure for enabling debug output conditionaly

5 participants

@ehelms @adamruzicka @evgeni @ekohl @bherrin3