Feature #37735
open
Add a setting to exclude infrastructure hosts from remote execution search query
Description
Clone from: https://issues.redhat.com/browse/SAT-27244
In many use cases, user only interested to run the remote execution job against all Satellite managed clients using the "host ~ *" query. Having infrastructure hosts included in search query will cause the REX jobs of the infrastructure hosts to fail and resulting bad host statuses because user doesn't setup a ssh public key trust for the infrastructure hosts.
The bad host status is also causing the Red Herring and confusion to the Satellite users and it requires the user to clear the bad host status every time.
Currently, this can only be workaround by limiting the "execute_jobs_on_infrastructure_hosts" permission for non-admin users. There is no way to limit the admin users.
In "foreman_remote_execution-12.0.5/app/models/concerns/foreman_remote_execution/host_extensions.rb"
scope :execution_scope, lambda {
if User.current&.can?('execute_jobs_on_infrastructure_hosts')
self
else
search_for('not (infrastructure_facet.foreman = true or set? infrastructure_facet.smart_proxy_id)')
end
}
Updated by