Revision 4fed5385
Added by Ohad Levy over 11 years ago
- ID 4fed53854b31165812045ecec152186d434602eb
app/models/host.rb | ||
---|---|---|
FactValue.delete_all("host_id = #{id}")
|
||
end
|
||
|
||
def set_token
|
||
return unless Setting[:token_duration] != 0
|
||
self.create_token(:value => Foreman.uuid,
|
||
:expires => Time.now.utc + Setting[:token_duration].minutes)
|
||
end
|
||
|
||
def expire_tokens
|
||
# this clean up other hosts as well, but reduce the need for another task to cleanup tokens.
|
||
Token.delete_all(["expires < ? or host_id = ?", Time.now.utc.to_s(:db), id])
|
||
end
|
||
|
||
# Called from the host build post install process to indicate that the base build has completed
|
||
# Build is cleared and the boot link and autosign entries are removed
|
||
# A site specific build script is called at this stage that can do site specific tasks
|
||
def built(installed = true)
|
||
|
||
# delete all expired tokens
|
||
expire_tokens
|
||
self.build = false
|
||
self.installed_at = Time.now.utc if installed
|
||
self.save
|
||
... | ... | |
def setBuild
|
||
clearFacts
|
||
clearReports
|
||
if Setting[:token_duration] != 0
|
||
self.create_token(:value => Foreman.uuid,
|
||
:expires => Time.now.utc + Setting[:token_duration].minutes)
|
||
end
|
||
|
||
self.build = true
|
||
self.save
|
||
errors.empty?
|
||
... | ... | |
self.certname = Foreman.uuid if read_attribute(:certname).blank? or new_record?
|
||
end
|
||
|
||
def expire_tokens
|
||
# this clean up other hosts as well, but reduce the need for another task to cleanup tokens.
|
||
Token.delete_all(["expires < ? or host_id = ?", Time.now.utc.to_s(:db), id])
|
||
end
|
||
|
||
end
|
app/models/host_observer.rb | ||
---|---|---|
class HostObserver < ActiveRecord::Observer
|
||
|
||
def after_destroy(host)
|
||
# Sets and expire provisioning tokens
|
||
# this has to happen post validation and before the orchesration queue is starting to
|
||
# process, as the token value is required within the tftp config file manipulations
|
||
def after_validation(host)
|
||
# new server in build mode
|
||
if host.new_record? and host.build?
|
||
host.set_token
|
||
end
|
||
# existing server change build mode
|
||
if host.old and host.build? != host.old.build?
|
||
host.build? ? host.set_token : host.expire_tokens
|
||
end
|
||
end
|
||
|
||
end
|
test/unit/host_observer_test.rb | ||
---|---|---|
require 'test_helper'
|
||
|
||
class HostObserverTest < ActiveSupport::TestCase
|
||
# HostObserver is not yet implemented, we can write no tests.
|
||
end
|
||
test "tokens should be removed based on build state" do
|
||
disable_orchestration
|
||
h = hosts(:one)
|
||
as_admin do
|
||
Setting[:token_duration] = 60
|
||
assert_difference('Token.count') do
|
||
h.build = true
|
||
h.save!
|
||
end
|
||
assert_difference('Token.count', -1) do
|
||
h.build = false
|
||
h.save!
|
||
end
|
||
end
|
||
end
|
||
|
||
test "pxe template should have a token when created" do
|
||
disable_orchestration
|
||
host = as_admin do
|
||
Setting[:token_duration] = 30
|
||
host = Host.create! :name => "foo", :mac => "aabbeeddccff", :ip => "2.3.4.244", :managed => true,
|
||
:build => true, :architecture => architectures(:x86_64), :environment => Environment.first, :puppet_proxy_id => 1,
|
||
:domain => Domain.first, :operatingsystem => operatingsystems(:centos5_3), :subnet => subnets(:one),
|
||
:request_url => 'http://foreman'
|
||
end
|
||
|
||
assert host.token.try(:value).present?
|
||
|
||
assert host.send(:generate_pxe_template)["token=#{host.token.value}"]
|
||
end
|
||
|
||
end
|
test/unit/host_test.rb | ||
---|---|---|
h = hosts(:one)
|
||
h.create_token(:value => "aaaaaa", :expires => Time.now)
|
||
assert_equal Token.all.size, 1
|
||
h.built(false)
|
||
h.expire_tokens
|
||
assert_equal Token.all.size, 0
|
||
end
|
||
|
||
... | ... | |
h = hosts(:one)
|
||
h.create_token(:value => "aaaaaa", :expires => Time.now)
|
||
assert_equal Token.all.size, 1
|
||
h.built(false)
|
||
h.expire_tokens
|
||
assert_equal Token.all.size, 0
|
||
end
|
||
|
test/unit/token_test.rb | ||
---|---|---|
h1.create_token(:value => "aaaaaa", :expires => Time.now + 1.minutes)
|
||
h2.create_token(:value => "bbbbbb", :expires => Time.now - 1.minutes)
|
||
assert_equal Token.count, 2
|
||
h1.send(:expire_tokens) # access a private method
|
||
h1.expire_tokens
|
||
assert_equal 0, Token.count
|
||
end
|
||
|
||
end
|
Also available in: Unified diff
fixes #1892 - auto generate provisioning tokens based on build state