Project

General

Profile

Actions

Feature #37735

open

Add a setting to exclude infrastructure hosts from remote execution search query

Added by Hao Yu 3 months ago. Updated 3 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Foreman
Target version:
-
Difficulty:
Triaged:
No
Fixed in Releases:
Found in Releases:

Description

Clone from: https://issues.redhat.com/browse/SAT-27244

In many use cases, user only interested to run the remote execution job against all Satellite managed clients using the "host ~ *" query. Having infrastructure hosts included in search query will cause the REX jobs of the infrastructure hosts to fail and resulting bad host statuses because user doesn't setup a ssh public key trust for the infrastructure hosts.

The bad host status is also causing the Red Herring and confusion to the Satellite users and it requires the user to clear the bad host status every time.

Currently, this can only be workaround by limiting the "execute_jobs_on_infrastructure_hosts" permission for non-admin users. There is no way to limit the admin users.

 

In "foreman_remote_execution-12.0.5/app/models/concerns/foreman_remote_execution/host_extensions.rb"

scope :execution_scope, lambda {
if User.current&.can?('execute_jobs_on_infrastructure_hosts')
self
else
search_for('not (infrastructure_facet.foreman = true or set? infrastructure_facet.smart_proxy_id)')
end
}

 

Actions

Also available in: Atom PDF