Project

General

Profile

« Previous | Next » 

Revision 4fed5385

Added by Ohad Levy over 11 years ago

  • ID 4fed53854b31165812045ecec152186d434602eb

fixes #1892 - auto generate provisioning tokens based on build state

View differences:

app/models/host.rb
FactValue.delete_all("host_id = #{id}")
end
def set_token
return unless Setting[:token_duration] != 0
self.create_token(:value => Foreman.uuid,
:expires => Time.now.utc + Setting[:token_duration].minutes)
end
def expire_tokens
# this clean up other hosts as well, but reduce the need for another task to cleanup tokens.
Token.delete_all(["expires < ? or host_id = ?", Time.now.utc.to_s(:db), id])
end
# Called from the host build post install process to indicate that the base build has completed
# Build is cleared and the boot link and autosign entries are removed
# A site specific build script is called at this stage that can do site specific tasks
def built(installed = true)
# delete all expired tokens
expire_tokens
self.build = false
self.installed_at = Time.now.utc if installed
self.save
......
def setBuild
clearFacts
clearReports
if Setting[:token_duration] != 0
self.create_token(:value => Foreman.uuid,
:expires => Time.now.utc + Setting[:token_duration].minutes)
end
self.build = true
self.save
errors.empty?
......
self.certname = Foreman.uuid if read_attribute(:certname).blank? or new_record?
end
def expire_tokens
# this clean up other hosts as well, but reduce the need for another task to cleanup tokens.
Token.delete_all(["expires < ? or host_id = ?", Time.now.utc.to_s(:db), id])
end
end
app/models/host_observer.rb
class HostObserver < ActiveRecord::Observer
def after_destroy(host)
# Sets and expire provisioning tokens
# this has to happen post validation and before the orchesration queue is starting to
# process, as the token value is required within the tftp config file manipulations
def after_validation(host)
# new server in build mode
if host.new_record? and host.build?
host.set_token
end
# existing server change build mode
if host.old and host.build? != host.old.build?
host.build? ? host.set_token : host.expire_tokens
end
end
end
test/unit/host_observer_test.rb
require 'test_helper'
class HostObserverTest < ActiveSupport::TestCase
# HostObserver is not yet implemented, we can write no tests.
end
test "tokens should be removed based on build state" do
disable_orchestration
h = hosts(:one)
as_admin do
Setting[:token_duration] = 60
assert_difference('Token.count') do
h.build = true
h.save!
end
assert_difference('Token.count', -1) do
h.build = false
h.save!
end
end
end
test "pxe template should have a token when created" do
disable_orchestration
host = as_admin do
Setting[:token_duration] = 30
host = Host.create! :name => "foo", :mac => "aabbeeddccff", :ip => "2.3.4.244", :managed => true,
:build => true, :architecture => architectures(:x86_64), :environment => Environment.first, :puppet_proxy_id => 1,
:domain => Domain.first, :operatingsystem => operatingsystems(:centos5_3), :subnet => subnets(:one),
:request_url => 'http://foreman'
end
assert host.token.try(:value).present?
assert host.send(:generate_pxe_template)["token=#{host.token.value}"]
end
end
test/unit/host_test.rb
h = hosts(:one)
h.create_token(:value => "aaaaaa", :expires => Time.now)
assert_equal Token.all.size, 1
h.built(false)
h.expire_tokens
assert_equal Token.all.size, 0
end
......
h = hosts(:one)
h.create_token(:value => "aaaaaa", :expires => Time.now)
assert_equal Token.all.size, 1
h.built(false)
h.expire_tokens
assert_equal Token.all.size, 0
end
test/unit/token_test.rb
h1.create_token(:value => "aaaaaa", :expires => Time.now + 1.minutes)
h2.create_token(:value => "bbbbbb", :expires => Time.now - 1.minutes)
assert_equal Token.count, 2
h1.send(:expire_tokens) # access a private method
h1.expire_tokens
assert_equal 0, Token.count
end
end

Also available in: Unified diff