From 57b317d4404fffe1e4f2b3c0af1e937c78305cf8 Mon Sep 17 00:00:00 2001
From: Shane McDonald <me@shanemcd.com>
Date: Wed, 3 Feb 2021 15:06:21 -0500
Subject: [PATCH] Get system jobs working under new deployment model (#9221)

---
 awx/main/models/ha.py    |  3 +++
 awx/main/tasks.py        | 37 +++++++++++++++++++++++++++++++------
 awx/settings/defaults.py |  2 +-
 3 files changed, 35 insertions(+), 7 deletions(-)

diff --git a/awx/main/models/ha.py b/awx/main/models/ha.py
index 6dd72861cc..94d4b8d462 100644
--- a/awx/main/models/ha.py
+++ b/awx/main/models/ha.py
@@ -255,6 +255,9 @@ class InstanceGroup(HasPolicyEditsMixin, BaseModel, RelatedJobsMixin):
 
     @property
     def is_container_group(self):
+        if settings.IS_K8S:
+            return True
+
         return bool(self.credential and self.credential.kubernetes)
 
     '''
diff --git a/awx/main/tasks.py b/awx/main/tasks.py
index ef0bd7e6e5..0b915ab909 100644
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@@ -893,6 +893,9 @@ class BaseTask(object):
         return os.path.abspath(os.path.join(os.path.dirname(__file__), *args))
 
     def build_execution_environment_params(self, instance):
+        if settings.IS_K8S:
+            return {}
+
         if instance.execution_environment_id is None:
             from awx.main.signals import disable_activity_stream
 
@@ -1423,6 +1426,9 @@ class BaseTask(object):
                 # Disable Ansible fact cache.
                 params['fact_cache_type'] = ''
 
+            if self.instance.is_container_group_task or settings.IS_K8S:
+                params['envvars'].pop('HOME', None)
+
             '''
             Delete parameters if the values are None or empty array
             '''
@@ -1433,8 +1439,16 @@ class BaseTask(object):
             self.dispatcher = CallbackQueueDispatcher()
 
             self.instance.log_lifecycle("running_playbook")
-            receptor_job = AWXReceptorJob(self, params)
-            res = receptor_job.run()
+            if isinstance(self.instance, SystemJob):
+                cwd = self.build_cwd(self.instance, private_data_dir)
+                res = ansible_runner.interface.run(project_dir=cwd,
+                                                   event_handler=self.event_handler,
+                                                   finished_callback=self.finished_callback,
+                                                   status_handler=self.status_handler,
+                                                   **params)
+            else:
+                receptor_job = AWXReceptorJob(self, params)
+                res = receptor_job.run()
 
             status = res.status
             rc = res.rc
@@ -1769,6 +1783,9 @@ class RunJob(BaseTask):
         return getattr(settings, 'AWX_PROOT_ENABLED', False)
 
     def build_execution_environment_params(self, instance):
+        if settings.IS_K8S:
+            return {}
+
         params = super(RunJob, self).build_execution_environment_params(instance)
         # If this has an insights agent and it is not already mounted then show it
         insights_dir = os.path.dirname(settings.INSIGHTS_SYSTEM_ID_FILE)
@@ -2398,6 +2415,9 @@ class RunProjectUpdate(BaseTask):
         return getattr(settings, 'AWX_PROOT_ENABLED', False)
 
     def build_execution_environment_params(self, instance):
+        if settings.IS_K8S:
+            return {}
+
         params = super(RunProjectUpdate, self).build_execution_environment_params(instance)
         project_path = instance.get_project_path(check_if_exists=False)
         cache_path = instance.get_cache_path()
@@ -3098,7 +3118,7 @@ class AWXReceptorJob:
     # Spawned in a thread so Receptor can start reading before we finish writing, we
     # write our payload to the left side of our socketpair.
     def transmit(self, _socket):
-        if self.work_type == 'local':
+        if not settings.IS_K8S and self.work_type == 'local':
             self.runner_params['only_transmit_kwargs'] = True
 
         ansible_runner.interface.run(streamer='transmit',
@@ -3121,12 +3141,14 @@ class AWXReceptorJob:
     def receptor_params(self):
         if self.task.instance.is_container_group_task:
             spec_yaml = yaml.dump(self.pod_definition, explicit_start=True)
-            kubeconfig_yaml = yaml.dump(self.kube_config, explicit_start=True)
 
             receptor_params = {
                 "secret_kube_pod": spec_yaml,
-                "secret_kube_config": kubeconfig_yaml
             }
+
+            if self.credential:
+                kubeconfig_yaml = yaml.dump(self.kube_config, explicit_start=True)
+                receptor_params["secret_kube_config"] = kubeconfig_yaml
         else:
             private_data_dir = self.runner_params['private_data_dir']
             receptor_params = {
@@ -3140,7 +3162,10 @@ class AWXReceptorJob:
     @property
     def work_type(self):
         if self.task.instance.is_container_group_task:
-            work_type = 'ocp'
+            if self.credential:
+                work_type = 'kubernetes-runtime-auth'
+            else:
+                work_type = 'kubernetes-incluster-auth'
         else:
             work_type = 'local'
 
diff --git a/awx/settings/defaults.py b/awx/settings/defaults.py
index 845bbe74d8..6b2f78479a 100644
--- a/awx/settings/defaults.py
+++ b/awx/settings/defaults.py
@@ -67,7 +67,7 @@ DATABASES = {
 IS_K8S = False
 
 # TODO: remove this setting in favor of a default execution environment
-AWX_EXECUTION_ENVIRONMENT_DEFAULT_IMAGE = 'quay.io/ansible/awx-ee'
+AWX_EXECUTION_ENVIRONMENT_DEFAULT_IMAGE = 'quay.io/shanemcd/awx-ee'
 
 AWX_CONTAINER_GROUP_K8S_API_TIMEOUT = 10
 AWX_CONTAINER_GROUP_POD_LAUNCH_RETRIES = 100