From 2ce276455ad8bf252607759f8070b9f5f8f10838 Mon Sep 17 00:00:00 2001 From: Elijah DeLee Date: Mon, 7 Jun 2021 15:39:20 -0400 Subject: [PATCH 1/4] Break out control plane EE as its own thing --- ...register_default_execution_environments.py | 37 +++++++++++-------- awx/settings/defaults.py | 10 ++++- 2 files changed, 31 insertions(+), 16 deletions(-) diff --git a/awx/main/management/commands/register_default_execution_environments.py b/awx/main/management/commands/register_default_execution_environments.py index 67d101bba3..0a27c0dee7 100644 --- a/awx/main/management/commands/register_default_execution_environments.py +++ b/awx/main/management/commands/register_default_execution_environments.py @@ -51,7 +51,7 @@ class Command(BaseCommand): ) def handle(self, *args, **options): - changed = False + changed = [] registry_cred = None if options.get("registry_username"): @@ -68,12 +68,12 @@ class Command(BaseCommand): sys.stderr.write("No registry credential type found") sys.exit(1) - registry_cred, created = Credential.objects.get_or_create( + registry_cred, cred_created = Credential.objects.get_or_create( name="Default Execution Environment Registry Credential", managed_by_tower=True, credential_type=registry_cred_type[0] ) - if created: - print("Default Execution Environment Credential registered.") + if cred_created: + print("'Default Execution Environment Credential' registered.") inputs = { "host": options.get("registry_url"), @@ -84,21 +84,28 @@ class Command(BaseCommand): registry_cred.inputs = inputs registry_cred.save() - changed = True + changed.append(True) - if not created: - print('Updated Default Execution Environment Credential') + if not cred_created: + print("Updated 'Default Execution Environment Credential'") - for ee in reversed(settings.DEFAULT_EXECUTION_ENVIRONMENTS): - _, created = ExecutionEnvironment.objects.update_or_create( - name=ee["name"], defaults={"image": ee["image"], "managed_by_tower": True, "credential": registry_cred} - ) + # Create default globally available Execution Environments + for ee in reversed(settings.GLOBAL_JOB_EXECUTION_ENVIRONMENTS): + _, ee_created = ExecutionEnvironment.objects.update_or_create(name=ee["name"], image=ee["image"], credential=registry_cred) + if ee_created: + changed.append(True) + print(f"'{ee['name']}' Default Execution Environment registered.") - if created: - changed = True - print("Default Execution Environment(s) registered.") + # Create the control plane execution environment that is used for project updates and system jobs + control_plane_ee = settings.CONTROL_PLANE_EXECUTION_ENVIRONMENT + _cp_ee, cp_created = ExecutionEnvironment.objects.update_or_create( + name="Control Plane Execution Environment", defaults={'image': control_plane_ee, 'managed_by_tower': True, 'credential': registry_cred} + ) + if cp_created: + changed.append(True) + print("Control Plane Execution Environment registered.") - if changed: + if any(changed): print("(changed: True)") else: print("(changed: False)") diff --git a/awx/settings/defaults.py b/awx/settings/defaults.py index 1f4853b11d..a0b3250693 100644 --- a/awx/settings/defaults.py +++ b/awx/settings/defaults.py @@ -180,7 +180,15 @@ DEFAULT_EXECUTION_ENVIRONMENT = None # This list is used for creating default EEs when running awx-manage create_preload_data. # Should be ordered from highest to lowest precedence. -DEFAULT_EXECUTION_ENVIRONMENTS = [{'name': 'AWX EE 0.2.0', 'image': 'quay.io/ansible/awx-ee:0.2.0'}] +# The awx-manage register_default_execution_environments command reads this setting and registers the EE(s) +# If a registry credential is needed to pull the image, that can be provided to the awx-manage command +GLOBAL_JOB_EXECUTION_ENVIRONMENTS = [{'name': 'AWX EE 0.3.0', 'image': 'quay.io/ansible/awx-ee:0.3.0'}] +# This setting controls which EE will be used for project updates. +# The awx-manage register_default_execution_environments command reads this setting and registers the EE +# This image is distinguished from others by having "managed_by_tower" set to True and users have limited +# ability to modify it through the API. +# If a registry credential is needed to pull the image, that can be provided to the awx-manage command +CONTROL_PLANE_EXECUTION_ENVIRONMENT = 'quay.io/ansible/awx-ee:0.3.0' # Note: This setting may be overridden by database settings. STDOUT_MAX_BYTES_DISPLAY = 1048576 From 326184da0f094cb4ca343b79484e995930816bd7 Mon Sep 17 00:00:00 2001 From: Elijah DeLee Date: Mon, 7 Jun 2021 16:50:53 -0400 Subject: [PATCH 2/4] fixup changed behavior for EEso its accurate --- ...register_default_execution_environments.py | 32 +++++++++++++------ 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/awx/main/management/commands/register_default_execution_environments.py b/awx/main/management/commands/register_default_execution_environments.py index 0a27c0dee7..e0f081a291 100644 --- a/awx/main/management/commands/register_default_execution_environments.py +++ b/awx/main/management/commands/register_default_execution_environments.py @@ -15,7 +15,7 @@ class Command(BaseCommand): help = """ Creates or updates the execution environments set in settings.DEFAULT_EXECUTION_ENVIRONMENTS if they are not yet created. Optionally provide authentication details to create or update a container registry credential that will be set on all of these default execution environments. - Note that settings.DEFAULT_EXECUTION_ENVIRONMENTS is and ordered list, the first in the list will be used for project updates and system jobs. + Note that settings.DEFAULT_EXECUTION_ENVIRONMENTS is and ordered list, the first in the list will be used for project updates. """ # Preserves newlines in the help text @@ -51,7 +51,7 @@ class Command(BaseCommand): ) def handle(self, *args, **options): - changed = [] + changed = False registry_cred = None if options.get("registry_username"): @@ -84,28 +84,40 @@ class Command(BaseCommand): registry_cred.inputs = inputs registry_cred.save() - changed.append(True) + changed = True if not cred_created: print("Updated 'Default Execution Environment Credential'") # Create default globally available Execution Environments for ee in reversed(settings.GLOBAL_JOB_EXECUTION_ENVIRONMENTS): - _, ee_created = ExecutionEnvironment.objects.update_or_create(name=ee["name"], image=ee["image"], credential=registry_cred) + _this_ee, ee_created = ExecutionEnvironment.objects.get_or_create(name=ee["name"], defaults={'image': ee["image"], 'credential': registry_cred}) if ee_created: - changed.append(True) + changed = True print(f"'{ee['name']}' Default Execution Environment registered.") + elif _this_ee.image != ee["image"] or (registry_cred and _this_ee.credential_id != registry_cred.id): + _this_ee.image = ee["image"] + _this_ee.credential = registry_cred + _this_ee.save() + changed = True + print(f"'{ee['name']}' Default Execution Environment updated.") # Create the control plane execution environment that is used for project updates and system jobs - control_plane_ee = settings.CONTROL_PLANE_EXECUTION_ENVIRONMENT - _cp_ee, cp_created = ExecutionEnvironment.objects.update_or_create( - name="Control Plane Execution Environment", defaults={'image': control_plane_ee, 'managed_by_tower': True, 'credential': registry_cred} + control_plane_ee_image = settings.CONTROL_PLANE_EXECUTION_ENVIRONMENT + _cp_ee, cp_created = ExecutionEnvironment.objects.get_or_create( + name="Control Plane Execution Environment", defaults={'image': control_plane_ee_image, 'managed_by_tower': True, 'credential': registry_cred} ) if cp_created: - changed.append(True) + changed = True print("Control Plane Execution Environment registered.") + elif _cp_ee.image != control_plane_ee_image or (registry_cred and _cp_ee.credential_id != registry_cred.id): + _cp_ee.image = control_plane_ee_image + _cp_ee.credential = registry_cred + _cp_ee.save() + changed = True + print("Control Plane Execution Environment updated.") - if any(changed): + if changed: print("(changed: True)") else: print("(changed: False)") From e2b0a4f7a74b11b100b03b65ee60d061785318e4 Mon Sep 17 00:00:00 2001 From: Elijah DeLee Date: Mon, 7 Jun 2021 17:16:14 -0400 Subject: [PATCH 3/4] Make changed result accurate for credentials --- .../register_default_execution_environments.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/awx/main/management/commands/register_default_execution_environments.py b/awx/main/management/commands/register_default_execution_environments.py index e0f081a291..4005df877c 100644 --- a/awx/main/management/commands/register_default_execution_environments.py +++ b/awx/main/management/commands/register_default_execution_environments.py @@ -81,13 +81,13 @@ class Command(BaseCommand): "username": options.get("registry_username"), "verify_ssl": options.get("verify_ssl"), } - - registry_cred.inputs = inputs - registry_cred.save() - changed = True - - if not cred_created: - print("Updated 'Default Execution Environment Credential'") + for key, value in inputs.items(): + if registry_cred.get_input(key) != value: + registry_cred.inputs[key] = value + changed = True + if changed: + registry_cred.save() + print("'Default Execution Environment Credential' updated.") # Create default globally available Execution Environments for ee in reversed(settings.GLOBAL_JOB_EXECUTION_ENVIRONMENTS): From f2dac36dd1a30be6399053e6c4708112d18efa2c Mon Sep 17 00:00:00 2001 From: Elijah DeLee Date: Tue, 8 Jun 2021 15:52:53 -0400 Subject: [PATCH 4/4] Remove the cred too if not passed NOW....should be idempotent and remove the the cred if it is not passed --- ...register_default_execution_environments.py | 54 +++++++++++-------- 1 file changed, 33 insertions(+), 21 deletions(-) diff --git a/awx/main/management/commands/register_default_execution_environments.py b/awx/main/management/commands/register_default_execution_environments.py index 4005df877c..fdc9cca7ed 100644 --- a/awx/main/management/commands/register_default_execution_environments.py +++ b/awx/main/management/commands/register_default_execution_environments.py @@ -68,23 +68,28 @@ class Command(BaseCommand): sys.stderr.write("No registry credential type found") sys.exit(1) - registry_cred, cred_created = Credential.objects.get_or_create( - name="Default Execution Environment Registry Credential", managed_by_tower=True, credential_type=registry_cred_type[0] - ) - - if cred_created: - print("'Default Execution Environment Credential' registered.") - inputs = { "host": options.get("registry_url"), "password": options.get("registry_password"), "username": options.get("registry_username"), "verify_ssl": options.get("verify_ssl"), } + registry_cred, cred_created = Credential.objects.get_or_create( + name="Default Execution Environment Registry Credential", + managed_by_tower=True, + credential_type=registry_cred_type[0], + defaults={'inputs': inputs}, + ) + + if cred_created: + changed = True + print("'Default Execution Environment Credential' registered.") + for key, value in inputs.items(): - if registry_cred.get_input(key) != value: + if not registry_cred.inputs.get(key) or registry_cred.get_input(key) != value: registry_cred.inputs[key] = value changed = True + if changed: registry_cred.save() print("'Default Execution Environment Credential' updated.") @@ -95,27 +100,34 @@ class Command(BaseCommand): if ee_created: changed = True print(f"'{ee['name']}' Default Execution Environment registered.") - elif _this_ee.image != ee["image"] or (registry_cred and _this_ee.credential_id != registry_cred.id): - _this_ee.image = ee["image"] - _this_ee.credential = registry_cred + else: + if _this_ee.image != ee["image"]: + _this_ee.image = ee["image"] + changed = True + if _this_ee.credential != registry_cred: + _this_ee.credential = registry_cred + changed = True + if changed: _this_ee.save() - changed = True print(f"'{ee['name']}' Default Execution Environment updated.") # Create the control plane execution environment that is used for project updates and system jobs - control_plane_ee_image = settings.CONTROL_PLANE_EXECUTION_ENVIRONMENT - _cp_ee, cp_created = ExecutionEnvironment.objects.get_or_create( - name="Control Plane Execution Environment", defaults={'image': control_plane_ee_image, 'managed_by_tower': True, 'credential': registry_cred} + ee = settings.CONTROL_PLANE_EXECUTION_ENVIRONMENT + _this_ee, cp_created = ExecutionEnvironment.objects.get_or_create( + name="Control Plane Execution Environment", defaults={'image': ee, 'managed_by_tower': True, 'credential': registry_cred} ) if cp_created: changed = True print("Control Plane Execution Environment registered.") - elif _cp_ee.image != control_plane_ee_image or (registry_cred and _cp_ee.credential_id != registry_cred.id): - _cp_ee.image = control_plane_ee_image - _cp_ee.credential = registry_cred - _cp_ee.save() - changed = True - print("Control Plane Execution Environment updated.") + else: + if _this_ee.image != ee: + _this_ee.image = ee + changed = True + if _this_ee.credential != registry_cred: + _this_ee.credential = registry_cred + changed = True + if changed: + _this_ee.save() if changed: print("(changed: True)")