Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect possible inventory plugin files #4171

Draft
wants to merge 5 commits into
base: devel
Choose a base branch
from
Draft

Detect possible inventory plugin files #4171

wants to merge 5 commits into from

Conversation

philipsd6
Copy link
Contributor

@philipsd6 philipsd6 commented Jun 26, 2019
edited by jessicamack
Loading

SUMMARY

AWX ignores inventory plugin files when choosing inventory files from a Project source. This PR lets yaml and json files slip through after a very basic check for a couple of keywords that would be in a yaml or json inventory file or an inventory plugin file.

related #3491

ISSUE TYPE
  • New or Enhanced Feature
COMPONENT NAME
  • UI
AWX VERSION
awx: 5.0.0
ADDITIONAL INFORMATION

@softwarefactory-project-zuul
Copy link
Contributor

Build succeeded.

@softwarefactory-project-zuul
Copy link
Contributor

Build succeeded.

@softwarefactory-project-zuul
Copy link
Contributor

Build succeeded.

AlanCoding
AlanCoding reviewed Jun 27, 2019
View reviewed changes
awx/main/utils/ansible.py Outdated
if not valid_inventory_re.match(line):
return None
else:
return None
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would fail to include files such as

https://github.com/ansible/awx/blob/devel/awx/main/tests/data/inventory/plugins/ec2/files/aws_ec2.yml

Because the plugin: keyword is not in the first 10 lines of the file.

the regex IIRC is fairly specifically targeted toward ini-type files (including those that don't actually have the .ini extension explicitly). Moving forward, the only thing that makes sense to me is to break this logic up for different extension types (or lack thereof). I would still prefer to avoid doing a json.loads on all YAML files in source due to performance concerns. Maybe larger YAML files should just get included by default. Maybe we specifically exclude only YAML files that are under 10 lines and don't have the "plugin:" syntax.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd not noticed that there was such a large inventory plugin file there! It seems weird to me that the plugin key isn't at the beginning, but sure, there's no reason why it can't be at the end. My idea was to make just a tiny nudge to help improve the situation without making a large adjustment, and not expecting to catch everything. But I am ok with making this a deeper change. I'll update the PR.

Regardless, this isn't the best solution, as the UI still limits the total results to 50 (and I have a project with >1000 inventory files!) I think the best way to handle it is the same way we pick projects -- a modal box that is filterable, and additionally, able to drill down into directories. But I don't think I can spend the time to implement that.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems weird to me that the plugin key isn't at the beginning, but sure, there's no reason why it can't be at the end.

The standard python YAML library sorts keys alphabetically, so that's why in this case.

@jlmitch5 might have some opinions on the UI comments. I think the API itself has some limit. I don't think playbook / inventory files I don't think have ever had filtering applied to them, like with the related items you mention.

@AlanCoding
Copy link
Member

Thanks for the contribution! I hope we can get this merged with some modifications. To get it out of the way now, next time you push, it would help to get the --signoff from:

https://github.com/ansible/awx/blob/d8c4f118c23fde9f59f38334974381264d22f120/DCO_1_1.md

@philipsd6
Copy link
Contributor Author

I've been caught up in my primary work, but I'll --signoff when I next update this PR.

@ryanpetrello
Copy link
Contributor

@AlanCoding @philipsd6 either of you have any updates on this PR?

@AlanCoding
Copy link
Member

This is definitely on my agenda at some point. There are just too many other things ahead of it. I can't get to it soon.

@AlanCoding AlanCoding mentioned this pull request Oct 15, 2019
Closed
@AlanCoding AlanCoding mentioned this pull request Nov 22, 2019
Closed
@TheRealHaoLiu TheRealHaoLiu mentioned this pull request Feb 10, 2023
Closed
@philipsd6 philipsd6 force-pushed the feature/detect_inventory_plugin_files branch 3 times, most recently from e8a4b2d to 67aa4f8 Compare February 12, 2023 00:17
@philipsd6
Copy link
Contributor Author

philipsd6 commented Feb 12, 2023
edited
Loading

I just rebased add added my sign-off, but didn't change the logic of the original PR for now.

I would still prefer to avoid doing a json.loads on all YAML files in source due to performance concerns.

I agree @AlanCoding, and I'm thinking a potential way to keep the existing login, if we need to potentially read the entire file, we could try using mmap to relieve the performance concerns of reading more than 10 lines?

@jessicamack jessicamack force-pushed the feature/detect_inventory_plugin_files branch from 67aa4f8 to a1c1a0b Compare April 12, 2023 19:30
@rebeccahhh
Copy link
Member

it looks like there are a couple of failing tests that will need to be resolved for this:

FAILED awx/main/tests/unit/utils/test_ansible.py::test_is_not_inventory[not_an_inventory.yml]
FAILED awx/main/tests/unit/utils/test_ansible.py::test_is_not_inventory[not_an_inventory.json]

@philipsd6 philipsd6 force-pushed the feature/detect_inventory_plugin_files branch from a1c1a0b to 371b10e Compare May 18, 2023 21:33
@philipsd6
Copy link
Contributor Author

it looks like there are a couple of failing tests that will need to be resolved for this:

FAILED awx/main/tests/unit/utils/test_ansible.py::test_is_not_inventory[not_an_inventory.yml]
FAILED awx/main/tests/unit/utils/test_ansible.py::test_is_not_inventory[not_an_inventory.json]

I'm not sure when or how this ever could have worked honestly. The logic is based around opening up access to json/yaml inventory files, and checks for a couple of inventory related keywords to confirm validity, but the regex also passes anything, and since we won't/can't actually do a yaml/json load on the files to really confirm for sure, a valid yaml file that is NOT an inventory is always going to match the regex, even the old one. So the best I think we can do for now is fall back to the original valid_inventory_re and rely on the plugin and all line checks to enable typical yaml/json inventories to pass, but since the not_an_inventory.yml file was still going to pass the original regex, I just deleted it. We'll end up with some false positives in the inventory list, but I don't see how we can 100% avoid that without actually loading the yaml.

@philipsd6 philipsd6 requested a review from AlanCoding May 19, 2023 13:18
@philipsd6 philipsd6 force-pushed the feature/detect_inventory_plugin_files branch from a23f2fa to d0cb117 Compare June 5, 2023 13:51
@cypress
Copy link

cypress bot commented Jun 13, 2023

12 failed and 1 flaky tests on run #15142 ↗︎

12 701 611 0 Flakiness 1

Details:

Fix api-lint error 'too few spaces before comment'
Project: AWX - Functional Commit: d0cb117013
Status: Failed Duration: 12:53 💡
Started: Jun 13, 2023 7:42 PM Ended: Jun 13, 2023 8:55 PM
Failed  job-templates/job-template-crud.cy.js • 5 failed tests

View Output Video

Test Artifacts
Job Templates- Create > can create a job template but not if a JT with the same name already exists Output Screenshots Video
Job Templates- Create > can create a job template from inventory job template tab and see the template appear in that list Output Screenshots Video
Job Templates- Create > can create a job template from project job template tab and see the template appear in that list Output Screenshots Video
Job Templates- Create > can create a job template from credential job template tab and see the template appear in that list Output Screenshots Video
Job Templates- Create > can create a JT will all optional fields Output Screenshots Video
Failed  inventories/inventory-sources.cy.js • 4 failed tests

View Output Video

Test Artifacts
Inventory Sources > can apply required options to an inventory source Output Screenshots Video
Inventory Sources Form > can fill in an inventory source that was sourced from a project Output Screenshots Video
Operations on inventory sources > can edit an existing inv source to add enabled var and enabled value Output Screenshots Video
Inventory Sourced from a Project With Content Signing Enabled > can use a project with content signature verification as an inventory source and successfully sync an inventory source Output Screenshots Video
Failed  job-templates/job-template-prompt-on-launch.cy.js • 2 failed tests

View Output Video

Test Artifacts
Prompt on Launch - JT-Specific Credential Prompts- Adding to JT on Prompt > can add one of each credential type to a job Output Screenshots Video
Prompt on Launch - JT-Specific Credential Prompts > can add two different types of credentials to a job through prompt on launch wizard Output Screenshots Video
Failed  host_metrics/host-metrics.cy.js • 1 failed test

View Output Video

Test Artifacts
Host Metrics - Sanity > can view all automated hosts in the table Output Screenshots Video
Flakiness  cypress/e2e/integration/workflows/workflow-visualizer/workflow-viz-jt-node-prompt-and-survey.cy.js • 1 flaky test

View Output Video

Test Artifacts
JT Branch Override on a WFJT > can create a WFJT using a JT with prompt on launch enabled for source branch and verify that that branch was used Output Screenshots

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings.

@dmzoneill dmzoneill marked this pull request as draft February 13, 2024 14:44
@philipsd6 @dmzoneill
Detect possible inventory plugin files
f381e2a 
Signed-off-by: Philip Douglass <philip@philipdouglass.com>
@philipsd6 @dmzoneill
Ensure non-matching yaml/json files don't fall through.
e510c1a 
Signed-off-by: Philip Douglass <philip@philipdouglass.com>
@philipsd6 @dmzoneill
Add test inventories for validating could_be_inventory()
5f90ee3 
Signed-off-by: Philip Douglass <philip@philipdouglass.com>
@philipsd6 @dmzoneill
Fix api-test, api-lint errors related to could_be_inventory()
924d69b 
Signed-off-by: Philip Douglass <philip@philipdouglass.com>
@philipsd6 @dmzoneill
Fix api-lint error 'too few spaces before comment'
12e49a2
@dmzoneill dmzoneill force-pushed the feature/detect_inventory_plugin_files branch from d0cb117 to 12e49a2 Compare February 28, 2024 20:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlanCoding AlanCoding Awaiting requested review from AlanCoding

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
community component:api type:enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@philipsd6 @AlanCoding @ryanpetrello @rebeccahhh @mabashian @awxbot @john-westcott-iv