From c825ca1578b857ad0d62db375bf7dfe1eb06e395 Mon Sep 17 00:00:00 2001
From: Rodrigo Navarro <rnavarro@pagerduty.com>
Date: Mon, 8 Jul 2024 19:04:49 -0400
Subject: [PATCH] add test for node executor with password auth

---
 .../functional/BasicIntegrationSpec.groovy    | 21 +++++++++-
 .../functional/EncryptedInventorySpec.groovy  |  3 +-
 .../PluginGroupIntegrationSpec.groovy         |  3 +-
 .../base/BaseTestConfiguration.groovy         | 11 ++++--
 .../resources/docker/ansible/inventory.ini    |  1 +
 .../docker/ansible/rundeckNodes.yaml          |  6 +++
 .../test/resources/docker/docker-compose.yml  | 11 +++---
 .../files/acls/node-acl.aclpolicy             |  8 ++++
 .../files/etc/project.properties              | 38 +++++++++++++++++++
 ...b-f04f17a9-77cf-4feb-aec1-889a3de0f5ae.xml | 30 +++++++++++++++
 10 files changed, 120 insertions(+), 12 deletions(-)
 create mode 100644 functional-test/src/test/resources/docker/ansible/rundeckNodes.yaml
 create mode 100644 functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/files/acls/node-acl.aclpolicy
 create mode 100644 functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/files/etc/project.properties
 create mode 100644 functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/jobs/job-f04f17a9-77cf-4feb-aec1-889a3de0f5ae.xml

diff --git a/functional-test/src/test/groovy/functional/BasicIntegrationSpec.groovy b/functional-test/src/test/groovy/functional/BasicIntegrationSpec.groovy
index b00ecfca..7508cfe3 100644
--- a/functional-test/src/test/groovy/functional/BasicIntegrationSpec.groovy
+++ b/functional-test/src/test/groovy/functional/BasicIntegrationSpec.groovy
@@ -10,10 +10,29 @@ import org.testcontainers.spock.Testcontainers
 class BasicIntegrationSpec extends BaseTestConfiguration {
 
     static String PROJ_NAME = 'ansible-test'
+    static String DEFAULT_NODE_NAME = "ssh-node"
 
     def setupSpec() {
         startCompose()
-        configureRundeck(PROJ_NAME)
+        configureRundeck(PROJ_NAME, DEFAULT_NODE_NAME)
+    }
+
+    def "ansible node executor with ssh password"(){
+        setup:
+        String ansibleNodeExecutorProjectName = "sshPasswordProject"
+        String nodeName = "ssh-node-password"
+        configureRundeck(ansibleNodeExecutorProjectName, nodeName)
+        when:
+        def jobId = "f04f17a9-77cf-4feb-aec1-889a3de0f5ae"
+        JobRun request = new JobRun()
+        request.loglevel = 'INFO'
+        def result = client.apiCall {api-> api.runJob(jobId, request)}
+        def executionState = waitForJob(result.id)
+        def logs = getLogs(result.id)
+        Map<String, Integer> ansibleNodeExecutionStatus = TestUtil.getAnsibleNodeResult(logs)
+        then:
+        executionState!=null
+        executionState.getExecutionState()=="SUCCEEDED"
     }
 
     def "test simple inline playbook"(){
diff --git a/functional-test/src/test/groovy/functional/EncryptedInventorySpec.groovy b/functional-test/src/test/groovy/functional/EncryptedInventorySpec.groovy
index e7cad1e5..1b4046b4 100644
--- a/functional-test/src/test/groovy/functional/EncryptedInventorySpec.groovy
+++ b/functional-test/src/test/groovy/functional/EncryptedInventorySpec.groovy
@@ -7,10 +7,11 @@ import org.testcontainers.spock.Testcontainers
 class EncryptedInventorySpec extends BaseTestConfiguration {
 
     static String PROJ_NAME = 'ansible-encrypted-inventory'
+    static String DEFAULT_NODE_NAME = "ssh-node"
 
     def setupSpec() {
         startCompose()
-        configureRundeck(PROJ_NAME)
+        configureRundeck(PROJ_NAME, DEFAULT_NODE_NAME)
     }
 
     def "test encrypted inventory"(){
diff --git a/functional-test/src/test/groovy/functional/PluginGroupIntegrationSpec.groovy b/functional-test/src/test/groovy/functional/PluginGroupIntegrationSpec.groovy
index 09ca61cf..f3ef63a0 100644
--- a/functional-test/src/test/groovy/functional/PluginGroupIntegrationSpec.groovy
+++ b/functional-test/src/test/groovy/functional/PluginGroupIntegrationSpec.groovy
@@ -10,10 +10,11 @@ import org.testcontainers.spock.Testcontainers
 class PluginGroupIntegrationSpec extends BaseTestConfiguration {
 
     static String PROJ_NAME = 'ansible-plugin-group-test'
+    static String DEFAULT_NODE_NAME = "ssh-node"
 
     def setupSpec() {
         startCompose()
-        configureRundeck(PROJ_NAME)
+        configureRundeck(PROJ_NAME, DEFAULT_NODE_NAME)
     }
 
     def "test simple inline playbook"(){
diff --git a/functional-test/src/test/groovy/functional/base/BaseTestConfiguration.groovy b/functional-test/src/test/groovy/functional/base/BaseTestConfiguration.groovy
index 47fd531f..4ad0ba5e 100644
--- a/functional-test/src/test/groovy/functional/base/BaseTestConfiguration.groovy
+++ b/functional-test/src/test/groovy/functional/base/BaseTestConfiguration.groovy
@@ -85,7 +85,7 @@ class BaseTestConfiguration extends Specification{
         return logs
     }
 
-    def configureRundeck(String projectName){
+    def configureRundeck(String projectName, String nodeName){
 
         //add private key
         RequestBody requestBody = RequestBody.create(new File("src/test/resources/docker/keys/id_rsa"), Client.MEDIA_TYPE_OCTET_STREAM)
@@ -125,15 +125,18 @@ class BaseTestConfiguration extends Specification{
                 api.importProjectArchive(projectName,  "preserve", true, true, true, true, true, true, true, [:], body)
         )
 
-        //wait for node to be available
+        waitForNodeAvailability(projectName, nodeName)
+
+    }
+
+    def waitForNodeAvailability(String projectName, String nodeName){
         def result = client.apiCall {api-> api.listNodes(projectName,".*")}
         def count =0
 
-        while(result.get("ssh-node")==null && count<5){
+        while(result.get(nodeName)==null && count<5){
             sleep(2000)
             result = client.apiCall {api-> api.listNodes(projectName,".*")}
             count++
         }
-
     }
 }
diff --git a/functional-test/src/test/resources/docker/ansible/inventory.ini b/functional-test/src/test/resources/docker/ansible/inventory.ini
index 10bf2572..f019bb8e 100644
--- a/functional-test/src/test/resources/docker/ansible/inventory.ini
+++ b/functional-test/src/test/resources/docker/ansible/inventory.ini
@@ -1,2 +1,3 @@
 [servers]
 ssh-node ansible_host=ssh-node
+ssh-node-password ansible_host=ssh-node ansible_connection=ssh ansible_user=rundeck ansible_ssh_pass=testpassword123
\ No newline at end of file
diff --git a/functional-test/src/test/resources/docker/ansible/rundeckNodes.yaml b/functional-test/src/test/resources/docker/ansible/rundeckNodes.yaml
new file mode 100644
index 00000000..bd46aeca
--- /dev/null
+++ b/functional-test/src/test/resources/docker/ansible/rundeckNodes.yaml
@@ -0,0 +1,6 @@
+ssh-node-password:
+  nodename: ssh-node-password
+  hostname: ssh-node
+  osFamily: Linux
+  username: rundeck
+  tags: ''
\ No newline at end of file
diff --git a/functional-test/src/test/resources/docker/docker-compose.yml b/functional-test/src/test/resources/docker/docker-compose.yml
index f2942cdc..e31a9910 100644
--- a/functional-test/src/test/resources/docker/docker-compose.yml
+++ b/functional-test/src/test/resources/docker/docker-compose.yml
@@ -5,19 +5,19 @@ services:
     build:
       context: node
     environment:
-      NODE_USER_PASSWORD: ${NODE_USER_PASSWORD:-rundeck}
+      NODE_USER_PASSWORD: testpassword123
     networks:
       - rundeck
     ports:
       - "2222:22"
     volumes:
-      - ${PWD}/keys:/configuration:rw
+      - ./keys:/configuration:rw
 
   rundeck:
     build:
       context: rundeck
       args:
-        RUNDECK_IMAGE: ${RUNDECK_IMAGE:-rundeck/rundeck:SNAPSHOT}
+        RUNDECK_IMAGE: rundeck/rundeck:SNAPSHOT
     image: rundeck-ansible-plugin:latest
     command: "-Dansible.debug=false"
     environment:
@@ -30,9 +30,10 @@ services:
     networks:
       - rundeck
     ports:
-      - "4440"
+      - "4440:4440"
     volumes:
-    - ${PWD}/ansible:/home/rundeck/ansible:rw
+    - ./ansible:/home/rundeck/ansible:rw
+    - ./ansible/ansible.cfg:/etc/ansible/ansible.cfg:rw
 
 volumes:
   rundeck-data:
diff --git a/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/files/acls/node-acl.aclpolicy b/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/files/acls/node-acl.aclpolicy
new file mode 100644
index 00000000..b052b490
--- /dev/null
+++ b/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/files/acls/node-acl.aclpolicy
@@ -0,0 +1,8 @@
+by:
+  urn: project:sshPasswordProject
+for:
+  storage:
+    - match: 
+        path: 'keys/project/sshPasswordProject/.*'
+      allow: [read] 
+description: Allow access to key storage
\ No newline at end of file
diff --git a/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/files/etc/project.properties b/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/files/etc/project.properties
new file mode 100644
index 00000000..ba5c5de4
--- /dev/null
+++ b/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/files/etc/project.properties
@@ -0,0 +1,38 @@
+#Mon Jul 08 21:50:51 GMT 2024
+#edit below
+project.ansible-binaries-dir-path=/usr/local/bin/
+project.ansible-config-file-path=/home/rundeck/ansible/ansible.cfg
+project.ansible-executable=/bin/bash
+project.ansible-generate-inventory=true
+project.ansible-ssh-auth-type=password
+project.ansible-ssh-passphrase-option=option.password
+project.ansible-ssh-password-storage-path=keys/project/sshPasswordProject/ssh-node.pass
+project.ansible-ssh-user=rundeck
+project.description=
+project.disable.executions=false
+project.disable.schedule=false
+project.execution.history.cleanup.batch=500
+project.execution.history.cleanup.enabled=false
+project.execution.history.cleanup.retention.days=60
+project.execution.history.cleanup.retention.minimum=50
+project.execution.history.cleanup.schedule=0 0 0 1/1 * ? *
+project.jobs.gui.groupExpandLevel=1
+project.label=
+project.later.executions.disable=false
+project.later.executions.enable=false
+project.later.schedule.disable=false
+project.later.schedule.enable=false
+project.name=sshPasswordProject
+project.nodeCache.enabled=false
+project.nodeCache.firstLoadSynch=true
+project.output.allowUnsanitized=false
+project.retry-counter=3
+project.ssh-authentication=privateKey
+resources.source.1.type=local
+resources.source.2.config.file=/home/rundeck/ansible/rundeckNodes.yaml
+resources.source.2.config.format=resourceyaml
+resources.source.2.config.generateFileAutomatically=true
+resources.source.2.config.writeable=true
+resources.source.2.type=file
+service.FileCopier.default.provider=sshj-scp
+service.NodeExecutor.default.provider=com.batix.rundeck.plugins.AnsibleNodeExecutor
\ No newline at end of file
diff --git a/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/jobs/job-f04f17a9-77cf-4feb-aec1-889a3de0f5ae.xml b/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/jobs/job-f04f17a9-77cf-4feb-aec1-889a3de0f5ae.xml
new file mode 100644
index 00000000..85f104ee
--- /dev/null
+++ b/functional-test/src/test/resources/project-import/sshPasswordProject/rundeck-sshPasswordProject/jobs/job-f04f17a9-77cf-4feb-aec1-889a3de0f5ae.xml
@@ -0,0 +1,30 @@
+<joblist>
+  <job>
+    <defaultTab>nodes</defaultTab>
+    <description>it targets a single ansible node</description>
+    <dispatch>
+      <excludePrecedence>true</excludePrecedence>
+      <keepgoing>false</keepgoing>
+      <rankOrder>ascending</rankOrder>
+      <successOnEmptyNodeFilter>false</successOnEmptyNodeFilter>
+      <threadcount>1</threadcount>
+    </dispatch>
+    <executionEnabled>true</executionEnabled>
+    <id>f04f17a9-77cf-4feb-aec1-889a3de0f5ae</id>
+    <loglevel>INFO</loglevel>
+    <name>simpleCommand</name>
+    <nodeFilterEditable>false</nodeFilterEditable>
+    <nodefilters>
+      <filter>name: ssh-node-password </filter>
+    </nodefilters>
+    <nodesSelectedByDefault>true</nodesSelectedByDefault>
+    <plugins />
+    <scheduleEnabled>true</scheduleEnabled>
+    <sequence keepgoing='false' strategy='node-first'>
+      <command>
+        <exec>whoami</exec>
+      </command>
+    </sequence>
+    <uuid>f04f17a9-77cf-4feb-aec1-889a3de0f5ae</uuid>
+  </job>
+</joblist>
\ No newline at end of file