From f655593b9e761bb188363fccc1ed7099e88e43be Mon Sep 17 00:00:00 2001 From: Greg Schueler Date: Fri, 29 Mar 2024 14:49:38 -0700 Subject: [PATCH 1/3] Enable encrypt extra vars by default --- .../com/rundeck/plugins/ansible/ansible/AnsibleDescribable.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleDescribable.java b/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleDescribable.java index 46649b92..be574e71 100644 --- a/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleDescribable.java +++ b/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleDescribable.java @@ -526,5 +526,6 @@ public static String[] getValues() { .required(false) .title("Encrypt Extra Vars.") .description("Encrypt the value of the extra vars keys.") + .defaultValue("true") .build(); } From aeb696e0da0fa2c6dc11cd91c7d58ae6745c4567 Mon Sep 17 00:00:00 2001 From: Greg Schueler Date: Fri, 29 Mar 2024 15:06:53 -0700 Subject: [PATCH 2/3] Enable default true value --- .../plugins/ansible/ansible/AnsibleRunnerContextBuilder.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunnerContextBuilder.java b/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunnerContextBuilder.java index 77f3294f..29a3da55 100644 --- a/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunnerContextBuilder.java +++ b/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunnerContextBuilder.java @@ -810,7 +810,7 @@ public String getPassphraseStorageData(String storagePath) throws ConfigurationE public boolean encryptExtraVars() throws ConfigurationException { return PropertyResolver.resolveBooleanProperty( AnsibleDescribable.ANSIBLE_ENCRYPT_EXTRA_VARS, - false, + true, getFrameworkProject(), getFramework(), getNode(), From 9b6bc53ab9fcd9bc9c33492baca03f28687637e4 Mon Sep 17 00:00:00 2001 From: Greg Schueler Date: Fri, 29 Mar 2024 15:11:33 -0700 Subject: [PATCH 3/3] Add tests for default true for encrypt extra vars --- .../functional/BasicIntegrationSpec.groovy | 33 ++++++++++++- ...b-0f714bfb-a0a4-4668-8279-35a8c4167db9.xml | 49 +++++++++++++++++++ 2 files changed, 81 insertions(+), 1 deletion(-) create mode 100644 functional-test/src/test/resources/project-import/ansible-test/rundeck-ansible-test/jobs/job-0f714bfb-a0a4-4668-8279-35a8c4167db9.xml diff --git a/functional-test/src/test/groovy/functional/BasicIntegrationSpec.groovy b/functional-test/src/test/groovy/functional/BasicIntegrationSpec.groovy index a2a4b7dd..f0100efd 100644 --- a/functional-test/src/test/groovy/functional/BasicIntegrationSpec.groovy +++ b/functional-test/src/test/groovy/functional/BasicIntegrationSpec.groovy @@ -138,7 +138,7 @@ class BasicIntegrationSpec extends Specification { } - def "test inline playbook encrypt env vars"(){ + def "test inline playbook encrypt env vars true"(){ when: def jobId = "284e1a6e-bae0-4778-a838-50647fb340e3" @@ -155,6 +155,37 @@ class BasicIntegrationSpec extends Specification { Map ansibleNodeExecutionStatus = TestUtil.getAnsibleNodeResult(logs) + then: + executionState!=null + executionState.getExecutionState()=="SUCCEEDED" + ansibleNodeExecutionStatus.get("ok")!=0 + ansibleNodeExecutionStatus.get("unreachable")==0 + ansibleNodeExecutionStatus.get("failed")==0 + ansibleNodeExecutionStatus.get("skipped")==0 + ansibleNodeExecutionStatus.get("ignored")==0 + logs.findAll {it.log.contains("encryptVariable password")}.size() == 1 + logs.findAll {it.log.contains("encryptVariable username")}.size() == 1 + logs.findAll {it.log.contains("\"msg\": \"rundeck\"")}.size() == 1 + logs.findAll {it.log.contains("\"msg\": \"demo\"")}.size() == 1 + + } + def "test inline playbook encrypt env vars default true"(){ + when: + + def jobId = "0f714bfb-a0a4-4668-8279-35a8c4167db9" + + JobRun request = new JobRun() + request.loglevel = 'DEBUG' + + def result = client.apiCall {api-> api.runJob(jobId, request)} + def executionId = result.id + + def executionState = waitForJob(executionId) + + def logs = getLogs(executionId) + Map ansibleNodeExecutionStatus = TestUtil.getAnsibleNodeResult(logs) + + then: executionState!=null executionState.getExecutionState()=="SUCCEEDED" diff --git a/functional-test/src/test/resources/project-import/ansible-test/rundeck-ansible-test/jobs/job-0f714bfb-a0a4-4668-8279-35a8c4167db9.xml b/functional-test/src/test/resources/project-import/ansible-test/rundeck-ansible-test/jobs/job-0f714bfb-a0a4-4668-8279-35a8c4167db9.xml new file mode 100644 index 00000000..391c1508 --- /dev/null +++ b/functional-test/src/test/resources/project-import/ansible-test/rundeck-ansible-test/jobs/job-0f714bfb-a0a4-4668-8279-35a8c4167db9.xml @@ -0,0 +1,49 @@ + + + + + + + nodes + + + true + false + ascending + false + 1 + + true + Ansible + 0f714bfb-a0a4-4668-8279-35a8c4167db9 + INFO + simple-inline-playbook-encrypt-vars + false + + name: ssh-node + + true + + true + + + + + + + + + + + + + + + + + + 0f714bfb-a0a4-4668-8279-35a8c4167db9 + + \ No newline at end of file