Whitelist additional Provisioning Template Macros
If would like to have the following Provisioning Template macro's white listed so they can be used in templates with savemode_render set to true in provisioning settings.
#2 Updated by Ronny M over 6 years ago
The following macro's also only work if savemode_render is set to false which I would like to have white-listed so I they can be used with savemode_render is true.
#3 Updated by Lukas Zapletal over 6 years ago
- Category set to Templates
- Target version set to 1.3.0
go ahead; edit that and test that, it is defined in: lib/foreman/renderer.rb
I see you already edited http://projects.theforeman.org/projects/foreman/wiki/TemplateWriting - it's a bit early for this as the feature is not there yet.
#4 Updated by Ronny M over 6 years ago
Ok, I will do that and test it.
In my wiki updates there is a note that savemode_render should be set to false for it to work. :)
But I can remove the updates if you wish?
But then the entries about bmc (not made by me) in the wiki should probably also be removed, because they also only work if savemode_render is disabled.
#7 Updated by Ronny M over 6 years ago
For some reason I keep getting "http 500 errors" when viewing a template if I try to white-list methods in /usr/share/foreman/lib/foreman/renderer.rb and use them in my provisioning templates.
What I did:
With safemode_render set to false:
Added for example ", :sp_ip" to allowed_helpers as shown below:
allowed_helpers = [ :foreman_url, :grub_pass, :snippet, :snippets, :ks_console, :root_pass, :multiboot, :jumpstart_path, :install_path, :miniroot, :media_path, :sp_ip ]
Restarted everything to make sure changes are effective, also tried a reboot.
Viewing a template is now still ok.
Then added the following line using the template edit button for my host.
- <%= @host.sp_ip %>
Viewing the template still ok.
Then set safemode_render to true:
Error 500 when trying to view template and in logging.
Unfortunately no extra information in foreman debug log the explains what went wrong.
Any Ideas what is going wrong?
#11 Updated by Greg Sutcliffe about 6 years ago
The bootdisk iPXE example templates also have Safemode problems. Specifically the methods
which are used to get direct download links for the kernel/initrd from the install media. Neither work correctly in Safemode. In addtion, Debian.boot_files_uri requires @host.medium as an argument, which also cannot be rendered.
#15 Updated by Matt Darcy almost 6 years ago
puppet_ca_server on hostgroups will also need whitelisting, I'd expect also
ca_server = <%= @host.puppet_ca_server %>
certname = <%= @host.certname %>
environment = <%= @host.environment %>
server = <%= @host.puppetmaster %>
will need to be updated in hostgroups as I believe I'm only getting the error on puppet_ca_server is it's the first one in the list of the puppet.conf snippet.
#19 Updated by Lukas Zapletal almost 5 years ago
- Status changed from New to Assigned
- Assignee set to Lukas Zapletal
I have reviewed our docs while working on this issue:
Also as part of this review, added "facts" alias. Attribute "facts_hash" was never exposed via safemode.