Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Genisys server component for listening for new clients to come online and provision them with Ansible playbooks #53

Merged
merged 22 commits into from
Feb 15, 2024
Merged

Genisys server component for listening for new clients to come online and provision them with Ansible playbooks #53

merged 22 commits into from
Feb 15, 2024

Conversation

xeluior
Copy link
Owner

@xeluior xeluior commented Feb 1, 2024

This PR creates a new genisys subsystem which creates an HTTP(S) server that listens for clients to send their "hello"s on first boot (see PR #51). On receiving a new hello, the server records the new client in the specified Ansible inventory and runs the specified set of playbooks on the new client.

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 1, 2024
View reviewed changes
genisys/server.py Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 1, 2024
View reviewed changes
genisys/server.py Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 1, 2024
View reviewed changes
genisys/server/tls.py

# write the certs to their files
with cert_path.open('w') as cert_file:
cert_file.write(pem_cert.decode())

Check failure

Code scanning / CodeQL

Clear-text storage of sensitive information High

This expression stores
sensitive data (certificate)
Loading
as clear text.
This was linked to issues Feb 9, 2024
Server program to listen for client "hello"s and generate inventory #47
Closed
Run ansible playbook for new clients #48
Closed
@xeluior xeluior requested review from HenrithicusGreenson, BBergle, r-akers and patedm01 and removed request for HenrithicusGreenson and BBergle February 9, 2024 18:01
@xeluior xeluior marked this pull request as ready for review February 9, 2024 18:02
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 9, 2024
View reviewed changes
genisys/server/http.py
ansible_cmd = ['ansible', '--inventory', body['hostname']]
for playbook in server.config.get_section('ansible').get('playbooks', []):
ansible_cmd.append(playbook)
subprocess.run(ansible_cmd, check=True)

Check failure

Code scanning / CodeQL

Uncontrolled command line Critical

This command line depends on a
user-provided value
Loading
.
@xeluior xeluior linked an issue Feb 14, 2024 that may be closed by this pull request
Framework for configure services on booted clients #35
Closed
@xeluior xeluior merged commit 62888ab into main Feb 15, 2024
9 checks passed
@xeluior xeluior deleted the server branch February 15, 2024 13:21
@xeluior xeluior linked an issue Feb 28, 2024 that may be closed by this pull request
Application configuration on clients #32
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BBergle BBergle BBergle approved these changes

@r-akers r-akers Awaiting requested review from r-akers

@HenrithicusGreenson HenrithicusGreenson Awaiting requested review from HenrithicusGreenson

@patedm01 patedm01 Awaiting requested review from patedm01

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@xeluior @BBergle