diff --git a/awx/main/tasks.py b/awx/main/tasks.py index c9a901f26c..f4364d5490 100644 --- a/awx/main/tasks.py +++ b/awx/main/tasks.py @@ -1532,7 +1532,7 @@ class RunJob(BaseTask): cred_files = private_data_files.get('credentials', {}) for cloud_cred in job.cloud_credentials: if cloud_cred and cloud_cred.credential_type.namespace == 'openstack': - env['OS_CLIENT_CONFIG_FILE'] = os.path.join('/runner', 'env', os.path.basename(cred_files.get(cloud_cred, ''))) + env['OS_CLIENT_CONFIG_FILE'] = to_container_path(cred_files.get(cloud_cred, ''), private_data_dir) for network_cred in job.network_credentials: env['ANSIBLE_NET_USERNAME'] = network_cred.get_input('username', default='') @@ -1564,8 +1564,7 @@ class RunJob(BaseTask): for path in config_values[config_setting].split(':'): if path not in paths: paths = [config_values[config_setting]] + paths - # FIXME: again, figure out more elegant way for inside container - paths = [os.path.join('/runner', folder)] + paths + paths = [os.path.join(CONTAINER_ROOT, folder)] + paths env[env_key] = os.pathsep.join(paths) return env @@ -2391,8 +2390,7 @@ class RunInventoryUpdate(BaseTask): for path in config_values[config_setting].split(':'): if path not in paths: paths = [config_values[config_setting]] + paths - # FIXME: containers - paths = [os.path.join('/runner', folder)] + paths + paths = [os.path.join(CONTAINER_ROOT, folder)] + paths env[env_key] = os.pathsep.join(paths) return env @@ -2421,14 +2419,14 @@ class RunInventoryUpdate(BaseTask): # Add arguments for the source inventory file/script/thing rel_path = self.pseudo_build_inventory(inventory_update, private_data_dir) - container_location = os.path.join('/runner', rel_path) # TODO: make container paths elegant + container_location = os.path.join(CONTAINER_ROOT, rel_path) source_location = os.path.join(private_data_dir, rel_path) args.append('-i') args.append(container_location) args.append('--output') - args.append(os.path.join('/runner', 'artifacts', str(inventory_update.id), 'output.json')) + args.append(os.path.join(CONTAINER_ROOT, 'artifacts', str(inventory_update.id), 'output.json')) if os.path.isdir(source_location): playbook_dir = container_location @@ -2479,10 +2477,9 @@ class RunInventoryUpdate(BaseTask): - SCM, where source needs to live in the project folder """ src = inventory_update.source - container_dir = '/runner' # TODO: make container paths elegant if src == 'scm' and inventory_update.source_project_update: - return os.path.join(container_dir, 'project') - return container_dir + return os.path.join(CONTAINER_ROOT, 'project') + return CONTAINER_ROOT def build_playbook_path_relative_to_cwd(self, inventory_update, private_data_dir): return None diff --git a/awx/main/tests/functional/test_inventory_source_injectors.py b/awx/main/tests/functional/test_inventory_source_injectors.py index 5ab319aa75..aff0356b59 100644 --- a/awx/main/tests/functional/test_inventory_source_injectors.py +++ b/awx/main/tests/functional/test_inventory_source_injectors.py @@ -9,6 +9,7 @@ from awx.main.tasks import RunInventoryUpdate from awx.main.models import InventorySource, Credential, CredentialType, UnifiedJob, ExecutionEnvironment from awx.main.constants import CLOUD_PROVIDERS, STANDARD_INVENTORY_UPDATE_ENV from awx.main.tests import data +from awx.main.utils.execution_environments import to_container_path from django.conf import settings @@ -111,7 +112,7 @@ def read_content(private_data_dir, raw_env, inventory_update): continue # Ansible runner abs_file_path = os.path.join(private_data_dir, filename) file_aliases[abs_file_path] = filename - runner_path = abs_file_path.replace(private_data_dir, '/runner') # host path to container path + runner_path = to_container_path(abs_file_path, private_data_dir) if runner_path in inverse_env: referenced_paths.add(abs_file_path) alias = 'file_reference' diff --git a/awx/main/tests/unit/test_tasks.py b/awx/main/tests/unit/test_tasks.py index 893a3deff6..77a13b24fe 100644 --- a/awx/main/tests/unit/test_tasks.py +++ b/awx/main/tests/unit/test_tasks.py @@ -37,6 +37,7 @@ from awx.main.models.credential import ManagedCredentialType from awx.main import tasks from awx.main.utils import encrypt_field, encrypt_value from awx.main.utils.safe_yaml import SafeLoader +from awx.main.utils.execution_environments import CONTAINER_ROOT, to_container_path, to_host_path from awx.main.utils.licensing import Licenser @@ -341,8 +342,8 @@ def pytest_generate_tests(metafunc): def parse_extra_vars(args, private_data_dir): extra_vars = {} for chunk in args: - if chunk.startswith('@/runner/'): - local_path = chunk[len('@') :].replace('/runner', private_data_dir) # container path to host path + if chunk.startswith(f'@{CONTAINER_ROOT}'): + local_path = chunk[len('@') :].replace(CONTAINER_ROOT, private_data_dir) # container path to host path with open(local_path, 'r') as f: extra_vars.update(yaml.load(f, Loader=SafeLoader)) return extra_vars @@ -892,10 +893,7 @@ class TestJobCredentials(TestJobExecution): if verify: assert env['K8S_AUTH_VERIFY_SSL'] == 'True' - # local_path = os.path.join(private_data_dir, os.path.basename(env['K8S_AUTH_SSL_CA_CERT'])) - local_path = env['K8S_AUTH_SSL_CA_CERT'].replace('/runner', private_data_dir) # container path to host path - print('env') - print(env['K8S_AUTH_SSL_CA_CERT']) + local_path = to_host_path(env['K8S_AUTH_SSL_CA_CERT'], private_data_dir) cert = open(local_path, 'r').read() assert cert == 'CERTDATA' else: @@ -945,7 +943,7 @@ class TestJobCredentials(TestJobExecution): safe_env = {} credential.credential_type.inject_credential(credential, env, safe_env, [], private_data_dir) runner_path = env['GCE_CREDENTIALS_FILE_PATH'] - local_path = runner_path.replace('/runner', private_data_dir) # container path to host path + local_path = to_host_path(runner_path, private_data_dir) json_data = json.load(open(local_path, 'rb')) assert json_data['type'] == 'service_account' assert json_data['private_key'] == self.EXAMPLE_PRIVATE_KEY @@ -1017,8 +1015,7 @@ class TestJobCredentials(TestJobExecution): env = task.build_env(job, private_data_dir, private_data_files=private_data_files) credential.credential_type.inject_credential(credential, env, {}, [], private_data_dir) - # convert container path to host machine path - config_loc = env['OS_CLIENT_CONFIG_FILE'].replace('/runner', private_data_dir) # container path to host path + config_loc = to_host_path(env['OS_CLIENT_CONFIG_FILE'], private_data_dir) shade_config = open(config_loc, 'r').read() assert shade_config == '\n'.join( [ @@ -1053,7 +1050,7 @@ class TestJobCredentials(TestJobExecution): credential.credential_type.inject_credential(credential, env, safe_env, [], private_data_dir) config = configparser.ConfigParser() - host_path = env['OVIRT_INI_PATH'].replace('/runner', private_data_dir) # container path to host path + host_path = to_host_path(env['OVIRT_INI_PATH'], private_data_dir) config.read(host_path) assert config.get('ovirt', 'ovirt_url') == 'some-ovirt-host.example.org' assert config.get('ovirt', 'ovirt_username') == 'bob' @@ -1267,7 +1264,7 @@ class TestJobCredentials(TestJobExecution): env = {} credential.credential_type.inject_credential(credential, env, {}, [], private_data_dir) - path = env['MY_CLOUD_INI_FILE'].replace('/runner', private_data_dir) # container path to host path + path = to_host_path(env['MY_CLOUD_INI_FILE'], private_data_dir) assert open(path, 'r').read() == '[mycloud]\nABC123' def test_custom_environment_injectors_with_unicode_content(self, private_data_dir): @@ -1287,7 +1284,7 @@ class TestJobCredentials(TestJobExecution): env = {} credential.credential_type.inject_credential(credential, env, {}, [], private_data_dir) - path = env['MY_CLOUD_INI_FILE'].replace('/runner', private_data_dir) # container path to host path + path = to_host_path(env['MY_CLOUD_INI_FILE'], private_data_dir) assert open(path, 'r').read() == value def test_custom_environment_injectors_with_files(self, private_data_dir): @@ -1306,8 +1303,8 @@ class TestJobCredentials(TestJobExecution): env = {} credential.credential_type.inject_credential(credential, env, {}, [], private_data_dir) - cert_path = env['MY_CERT_INI_FILE'].replace('/runner', private_data_dir) # container path to host path - key_path = env['MY_KEY_INI_FILE'].replace('/runner', private_data_dir) # container path to host path + cert_path = to_host_path(env['MY_CERT_INI_FILE'], private_data_dir) + key_path = to_host_path(env['MY_KEY_INI_FILE'], private_data_dir) assert open(cert_path, 'r').read() == '[mycert]\nCERT123' assert open(key_path, 'r').read() == '[mykey]\nKEY123' @@ -1330,7 +1327,7 @@ class TestJobCredentials(TestJobExecution): assert env['AZURE_AD_USER'] == 'bob' assert env['AZURE_PASSWORD'] == 'secret' - path = env['GCE_CREDENTIALS_FILE_PATH'].replace('/runner', private_data_dir) # container path to host path + path = to_host_path(env['GCE_CREDENTIALS_FILE_PATH'], private_data_dir) json_data = json.load(open(path, 'rb')) assert json_data['type'] == 'service_account' assert json_data['private_key'] == self.EXAMPLE_PRIVATE_KEY @@ -1711,7 +1708,7 @@ class TestInventoryUpdateCredentials(TestJobExecution): private_data_files = task.build_private_data_files(inventory_update, private_data_dir) env = task.build_env(inventory_update, private_data_dir, private_data_files) - path = env['OS_CLIENT_CONFIG_FILE'].replace('/runner', private_data_dir) # container path to host path + path = to_host_path(env['OS_CLIENT_CONFIG_FILE'], private_data_dir) shade_config = open(path, 'r').read() assert ( '\n'.join(