diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4b64812..4ce3512 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,7 +8,7 @@ jobs: rubocop: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Setup Ruby uses: ruby/setup-ruby@v1 with: @@ -31,7 +31,7 @@ jobs: strategy: fail-fast: false matrix: - foreman-core-branch: [2.3-stable, 2.4-stable, 2.5-stable, 3.0-stable, 3.1-stable, 3.2-stable, 3.3-stable, develop] + foreman-core-branch: [3.1-stable, 3.2-stable, 3.3-stable, 3.4-stable, 3.5-stable, 3.6-stable, develop] ruby-version: [2.7] node-version: [14] steps: @@ -39,18 +39,11 @@ jobs: run: | sudo apt-get update sudo apt-get install build-essential libcurl4-openssl-dev libvirt-dev ruby-libvirt zlib1g-dev libpq-dev - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: - clean: false repository: theforeman/foreman ref: ${{ matrix.foreman-core-branch }} - fetch-depth: 0 - - name: Apply patches for Foreman < 3.0 - if: ${{ contains(fromJson('["2.3-stable", "2.4-stable", "2.5-stable"]'), matrix.foreman-core-branch) }} - run: | - git cherry-pick -n bad15051387b21563ffc0843a60f9dccfb2d3e17 # pin rdoc to use psych < 4.0.0 - git cherry-pick -n f5a3dd2dedb569a0e6c5e8bb311c1da75906fc4f # use webpack-dev-server-without-h2 - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: path: foreman_vault - name: Setup Ruby @@ -58,7 +51,7 @@ jobs: with: ruby-version: ${{ matrix.ruby-version }} - name: Setup Node - uses: actions/setup-node@v1 + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - name: Setup Bundler @@ -69,7 +62,7 @@ jobs: echo "gem 'foreman_vault', path: './foreman_vault'" > bundler.d/foreman_vault.local.rb bundle lock --update - name: Cache gems - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: vendor/bundle key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }} diff --git a/app/models/setting/vault.rb b/app/models/setting/vault.rb deleted file mode 100644 index 0d98eba..0000000 --- a/app/models/setting/vault.rb +++ /dev/null @@ -1,104 +0,0 @@ -# frozen_string_literal: true - -class Setting - class Vault < ::Setting - BLANK_ATTRS << 'vault_connection' - BLANK_ATTRS << 'vault_policy_template' - - def self.default_settings - [set_vault_connection, set_vault_policy_template, set_vault_orchestration_enabled] - end - - # rubocop:disable Metrics/AbcSize, Metrics/MethodLength - def self.load_defaults - return unless Gem::Version.new(SETTINGS[:version].notag) < Gem::Version.new('3.4') - - # Check the table exists - return unless super - - transaction do - default_settings.each do |s| - setting = create! s.update(category: 'Setting::Vault') - - Foreman.try(:settings)&._add( - s[:name], - s.slice(:description, :default, :full_name, :encrypted) - .merge(category: 'Setting::Vault') - .yield_self do |params| - unless Gem::Version.new(SETTINGS[:version].notag) < Gem::Version.new('2.6') - params[:context] = :vault - params[:type] = setting.settings_type - end - params - end - ) - end - end - - true - end - # rubocop:enable Metrics/AbcSize, Metrics/MethodLength - - def self.humanized_category - N_('Vault') - end - - class << self - private - - def set_vault_connection - set( - 'vault_connection', - N_('Default Vault Connection that can be override using parameters'), - default_vault_connection, - N_('Default Vault Connection'), - nil, - collection: vault_connections_collection, - include_blank: _('Select Vault Connection') - ) - end - - def default_vault_connection - return nil unless VaultConnection.table_exists? - return unless VaultConnection.unscoped.count == 1 - - VaultConnection.unscoped.first.name - end - - def vault_connections_collection - return [] unless VaultConnection.table_exists? - - proc { Hash[VaultConnection.unscoped.all.map { |vc| [vc.name, vc.name] }] } - end - - def set_vault_policy_template - set( - 'vault_policy_template', - N_('The name of the ProvisioningTemplate that will be used for Vault Policy'), - default_vault_policy_template, - N_('Vault Policy template name'), - nil, - collection: vault_policy_templates_collection, - include_blank: _('Select Template') - ) - end - - def default_vault_policy_template - ProvisioningTemplate.unscoped.of_kind(:VaultPolicy).find_by(name: 'Default Vault Policy')&.name - end - - def vault_policy_templates_collection - proc { Hash[ProvisioningTemplate.unscoped.of_kind(:VaultPolicy).map { |tmpl| [tmpl.name, tmpl.name] }] } - end - - def set_vault_orchestration_enabled - set( - 'vault_orchestration_enabled', - N_('Enable or disable the Vault orchestration step for managing policies and auth methods'), - false, - N_('Vault Orchestration enabled') - ) - end - end - end -end diff --git a/db/migrate/20230309072504_fix_vault_settings_category_to_dsl.rb b/db/migrate/20230309072504_fix_vault_settings_category_to_dsl.rb new file mode 100644 index 0000000..49d2495 --- /dev/null +++ b/db/migrate/20230309072504_fix_vault_settings_category_to_dsl.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +class FixVaultSettingsCategoryToDsl < ActiveRecord::Migration[6.0] + def up + # rubocop:disable Rails/SkipsModelValidations + Setting.where(category: 'Setting::Vault').update_all(category: 'Setting') if column_exists?(:settings, :category) + # rubocop:enable Rails/SkipsModelValidations + end +end diff --git a/lib/foreman_vault/engine.rb b/lib/foreman_vault/engine.rb index 4efe0e0..4e2cea0 100644 --- a/lib/foreman_vault/engine.rb +++ b/lib/foreman_vault/engine.rb @@ -12,14 +12,6 @@ class Engine < ::Rails::Engine config.autoload_paths += Dir["#{config.root}/app/lib"] config.autoload_paths += Dir["#{config.root}/app/jobs"] - initializer 'foreman_vault.load_default_settings', before: :load_config_initializers do - require_dependency File.expand_path('../../app/models/setting/vault.rb', __dir__) if begin - Setting.table_exists? - rescue StandardError - (false) - end - end - # Add any db migrations initializer 'foreman_vault.load_app_instance_data' do |app| ForemanVault::Engine.paths['db/migrate'].existent.each do |path| @@ -29,7 +21,7 @@ class Engine < ::Rails::Engine initializer 'foreman_vault.register_plugin', before: :finisher_hook do |_app| Foreman::Plugin.register :foreman_vault do - requires_foreman '>= 2.3' + requires_foreman '>= 3.1' apipie_documented_controllers ["#{ForemanVault::Engine.root}/app/controllers/api/v2/*.rb"] @@ -45,30 +37,27 @@ class Engine < ::Rails::Engine 'api/v2/vault_connections': [:destroy] }, resource_type: 'VaultConnection' end - # New settings definition DSL is available from Foreman 3.0 - if respond_to?(:settings) - settings do - category(:vault, N_('Vault')) do - setting('vault_connection', - full_name: N_('Default Vault connection'), - type: :string, - description: N_('Default Vault Connection that can be override using parameters'), - default: VaultConnection.table_exists? && VaultConnection.unscoped.count == 1 ? VaultConnection.unscoped.first.name : nil, - collection: VaultConnection.table_exists? ? proc { Hash[VaultConnection.unscoped.all.map { |vc| [vc.name, vc.name] }] } : [], - include_blank: _('Select Vault Connection')) - setting('vault_policy_template', - full_name: N_('Vault Policy template name'), - type: :string, - description: N_('The name of the ProvisioningTemplate that will be used for Vault Policy'), - default: ProvisioningTemplate.unscoped.of_kind(:VaultPolicy).find_by(name: 'Default Vault Policy')&.name, - collection: proc { Hash[ProvisioningTemplate.unscoped.of_kind(:VaultPolicy).map { |tmpl| [tmpl.name, tmpl.name] }] }, - include_blank: _('Select Template')) - setting('vault_orchestration_enabled', - full_name: N_('Vault Orchestration enabled'), - type: :boolean, - description: N_('Enable or disable the Vault orchestration step for managing policies and auth methods'), - default: false) - end + settings do + category(:vault, N_('Vault')) do + setting('vault_connection', + full_name: N_('Default Vault connection'), + type: :string, + description: N_('Default Vault Connection that can be override using parameters'), + default: VaultConnection.table_exists? && VaultConnection.unscoped.count == 1 ? VaultConnection.unscoped.first.name : nil, + collection: VaultConnection.table_exists? ? proc { Hash[VaultConnection.unscoped.all.map { |vc| [vc.name, vc.name] }] } : [], + include_blank: _('Select Vault Connection')) + setting('vault_policy_template', + full_name: N_('Vault Policy template name'), + type: :string, + description: N_('The name of the ProvisioningTemplate that will be used for Vault Policy'), + default: ProvisioningTemplate.unscoped.of_kind(:VaultPolicy).find_by(name: 'Default Vault Policy')&.name, + collection: proc { Hash[ProvisioningTemplate.unscoped.of_kind(:VaultPolicy).map { |tmpl| [tmpl.name, tmpl.name] }] }, + include_blank: _('Select Template')) + setting('vault_orchestration_enabled', + full_name: N_('Vault Orchestration enabled'), + type: :boolean, + description: N_('Enable or disable the Vault orchestration step for managing policies and auth methods'), + default: false) end end