group_vars and properties in nodeexecutor

Author: edbaltra

src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunner.java

@@ -128,7 +128,7 @@ public static AnsibleRunner buildAnsibleRunner(AnsibleRunnerContextBuilder conte
         }
 
         Boolean generateInventoryNodeAuth = contextBuilder.generateInventoryNodesAuth();
-        if(generateInventoryNodeAuth){
+        if(generateInventoryNodeAuth != null && generateInventoryNodeAuth){
             Map<String, Map<String, String>> nodesAuth = contextBuilder.getNodesAuthenticationMap();
             if (nodesAuth != null && !nodesAuth.isEmpty()) {
                 ansibleRunnerBuilder.addNodeAuthToInventory(true);
@@ -300,11 +300,13 @@ public static AnsibleRunner buildAnsibleRunner(AnsibleRunnerContextBuilder conte
     File tempSshVarsFile ;
     File tempBecameVarsFile ;
     File vaultPromptFile;
-    File tempNodeAuthFile = null;
+    File tempNodeAuthFile;
+    File groupVarsDir;
 
     String customTmpDirPath;
 
-    Boolean addNodeAuthToInventory;
+    @Builder.Default
+    Boolean addNodeAuthToInventory = false;
     Map<String, Map<String, String>> nodesAuthentication;
 
     public void deleteTempDirectory(Path tempDirectory) throws IOException {
@@ -410,7 +412,7 @@ public int run() throws Exception {
                 procArgs.add("-i");
                 procArgs.add(inventory);
 
-                if(addNodeAuthToInventory) {
+                if(addNodeAuthToInventory != null && addNodeAuthToInventory && nodesAuthentication != null && !nodesAuthentication.isEmpty()) {
                     Map<String, String> hostUsers = new LinkedHashMap<>();
                     Map<String, String> hostPasswords = new LinkedHashMap<>();
                     nodesAuthentication.forEach((nodeName, authValues) -> {
@@ -437,7 +439,30 @@ public int run() throws Exception {
                     yamlData.put("host_users", hostUsers);
                     try {
                         String yamlContent = mapperYaml.writeValueAsString(yamlData);
-                        tempNodeAuthFile = AnsibleUtil.createTemporaryFile("", "all.yaml", yamlContent, customTmpDirPath);
+
+                        // Create group_vars directory structure
+                        File inventoryFile = new File(inventory);
+                        File inventoryParentDir = inventoryFile.getParentFile();
+
+                        if (inventoryParentDir != null) {
+                            groupVarsDir = new File(inventoryParentDir, "group_vars");
+
+                            if (!groupVarsDir.exists()) {
+                                if (!groupVarsDir.mkdirs()) {
+                                    throw new RuntimeException("Failed to create group_vars directory at: " + groupVarsDir.getAbsolutePath());
+                                }
+                            }
+
+                            // Create all.yaml in group_vars directory
+                            tempNodeAuthFile = new File(groupVarsDir, "all.yaml");
+                            java.nio.file.Files.writeString(tempNodeAuthFile.toPath(), yamlContent);
+                            tempNodeAuthFile.deleteOnExit();
+                            groupVarsDir.deleteOnExit();
+                        } else {
+                            // Fallback to temp file if inventory has no parent directory
+                            tempNodeAuthFile = AnsibleUtil.createTemporaryFile("group_vars", "all.yaml", yamlContent, customTmpDirPath);
+                        }
+
                     } catch (IOException e) {
                         throw new RuntimeException("Failed to write all.yaml for node auth", e);
                     }
@@ -712,6 +737,12 @@ public int run() throws Exception {
                 tempNodeAuthFile.deleteOnExit();
             }
 
+            if (groupVarsDir != null && groupVarsDir.exists()) {
+                if (!groupVarsDir.delete()) {
+                    groupVarsDir.deleteOnExit();
+                }
+            }
+
             if (usingTempDirectory && !retainTempDirectory) {
                 deleteTempDirectory(baseDirectory);
             }

src/main/groovy/com/rundeck/plugins/ansible/plugin/AnsibleNodeExecutor.java

@@ -36,6 +36,7 @@ public class AnsibleNodeExecutor implements NodeExecutor, AnsibleDescribable, Pr
         builder.property(WINDOWS_EXECUTABLE_PROP);
         builder.property(CONFIG_FILE_PATH);
         builder.property(GENERATE_INVENTORY_PROP);
+        builder.property(GENERATE_INVENTORY_NODES_AUTH);
         builder.property(SSH_AUTH_TYPE_PROP);
         builder.property(SSH_USER_PROP);
         builder.property(SSH_PASSWORD_STORAGE_PROP);
@@ -63,6 +64,8 @@ public class AnsibleNodeExecutor implements NodeExecutor, AnsibleDescribable, Pr
         builder.frameworkMapping(ANSIBLE_CONFIG_FILE_PATH,FWK_PROP_PREFIX + ANSIBLE_CONFIG_FILE_PATH);
         builder.mapping(ANSIBLE_GENERATE_INVENTORY,PROJ_PROP_PREFIX + ANSIBLE_GENERATE_INVENTORY);
         builder.frameworkMapping(ANSIBLE_GENERATE_INVENTORY,FWK_PROP_PREFIX + ANSIBLE_GENERATE_INVENTORY);
+        builder.mapping(ANSIBLE_GENERATE_INVENTORY_NODES_AUTH,PROJ_PROP_PREFIX + ANSIBLE_GENERATE_INVENTORY_NODES_AUTH);
+        builder.frameworkMapping(ANSIBLE_GENERATE_INVENTORY_NODES_AUTH,FWK_PROP_PREFIX + ANSIBLE_GENERATE_INVENTORY_NODES_AUTH);
         builder.mapping(ANSIBLE_SSH_AUTH_TYPE,PROJ_PROP_PREFIX + ANSIBLE_SSH_AUTH_TYPE);
         builder.frameworkMapping(ANSIBLE_SSH_AUTH_TYPE,FWK_PROP_PREFIX + ANSIBLE_SSH_AUTH_TYPE);
         builder.mapping(ANSIBLE_SSH_USER,PROJ_PROP_PREFIX + ANSIBLE_SSH_USER);
@@ -197,7 +200,13 @@ public List<String> listSecretsPath(ExecutionContext context, INodeEntry node) {
         jobConf.put(AnsibleDescribable.ANSIBLE_LIMIT,node.getNodename());
         AnsibleRunnerContextBuilder builder = new AnsibleRunnerContextBuilder(node, context, context.getFramework(), jobConf);
 
-        return AnsibleUtil.getSecretsPath(builder);
+        List<String> secretPaths = AnsibleUtil.getSecretsPath(builder);
+        List<String> secretPathsNodes = builder.getListNodesKeyPath();
+
+        if(secretPathsNodes != null && !secretPathsNodes.isEmpty()){
+            secretPaths.addAll(secretPathsNodes);
+        }
+        return secretPaths;
     }
 }
 

src/main/groovy/com/rundeck/plugins/ansible/plugin/AnsiblePlaybookInlineWorkflowStep.java

@@ -43,8 +43,6 @@ public class AnsiblePlaybookInlineWorkflowStep implements StepPlugin, AnsibleDes
         builder.property(PLAYBOOK_INLINE_PROP);
         builder.property(EXTRA_VARS_PROP);
         builder.property(CONFIG_ENCRYPT_EXTRA_VARS);
-        builder.property(GENERATE_INVENTORY_PROP);
-        builder.property(GENERATE_INVENTORY_NODES_AUTH);
         builder.property(INVENTORY_INLINE_PROP);
         builder.property(VAULT_KEY_FILE_PROP);
         builder.property(VAULT_KEY_STORAGE_PROP);

src/main/groovy/com/rundeck/plugins/ansible/plugin/AnsiblePlaybookWorkflowStep.java

@@ -43,8 +43,6 @@ public class AnsiblePlaybookWorkflowStep implements StepPlugin, AnsibleDescribab
         builder.property(EXTRA_VARS_PROP);
         builder.property(CONFIG_ENCRYPT_EXTRA_VARS);
         builder.property(INVENTORY_INLINE_PROP);
-        builder.property(GENERATE_INVENTORY_PROP);
-        builder.property(GENERATE_INVENTORY_NODES_AUTH);
         builder.property(VAULT_KEY_FILE_PROP);
         builder.property(VAULT_KEY_STORAGE_PROP);
         builder.property(EXTRA_ATTRS_PROP);