AAP: import/export (HMS-8836) (HMS-8837) #1651

lzap · 2025-07-28T14:01:42Z

This is an API breaking change, will UI be ready when we merge this? It will go straight into stage.

UI is done, but will need a review.
It contains playwright test that was waiting for these changes to include import and export. I can tag people for review today, but it will need to be merged after this gets merged.

Is it? It's just additive, isn't it?

It is a refactoring, see the hunk above.

Well, if there are no upgrade concerns, I am fine.

-Original file line number
+Diff line change
@@ Expand Up / @@ -8,6 +8,12 @@ @@
       ],
       "snapshot_date": "2012-12-20",
       "customizations": {
+        "aap_registration": {
+          "ansible_callback_url": "https://aap-gw.example.com/api/controller/v2/job_templates/42/callback/",
+          "host_config_key": "",
+          "skip_tls_verification": false,
+          "tls_certificate_authority": "-----BEGIN CERTIFICATE-----\nMIIC0DCCAbigAwIBAgIUI...\n-----END CERTIFICATE-----"
+        },
         "custom_repositories": [
           {
             "baseurl": [
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -1258,8 +1258,6 @@ components: @@
               type: string
               description: |
                 Name of the content template. Used when registering the system to Insights.
-            aap_registration:
-              $ref: '#/components/schemas/AAPRegistration'
         ImageTypes:
           type: string
           enum:
@@ Expand Down Expand Up / @@ -1783,6 +1781,8 @@ components: @@
               $ref: '#/components/schemas/Installer'
             cacerts:
               $ref: '#/components/schemas/CACertsCustomization'
+            aap_registration:
+              $ref: '#/components/schemas/AAPRegistration'
         Container:
           type: object
           required:
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -87,6 +87,12 @@ func (bb *BlueprintBody) RedactCertificates() { @@
     	bb.Customizations.Cacerts = nil
     }
+    func (bb *BlueprintBody) RedactAAPRegistration() {
+    	if bb.Customizations.AAPRegistration != nil {
+    		bb.Customizations.AAPRegistration.HostConfigKey = ""
+    	}
+    }
     // Merges Password or SshKey from other User struct to this User struct if it is not set
     func (u *User) MergeExisting(other User) {
     	if u.Password == nil {
@@ Expand Down Expand Up / @@ -179,6 +185,12 @@ func WithRedactedCertificates() BlueprintBodyOption { @@
     	}
     }
+    func WithRedactedAAPRegistration() BlueprintBodyOption {
+    	return func(bp *BlueprintBody) {
+    		bp.RedactAAPRegistration()
+    	}
+    }
     func WithRedactedFiles(paths []string) BlueprintBodyOption {
     	return func(bp *BlueprintBody) {
     		if bp.Customizations.Files != nil {
@@ Expand Down Expand Up @@
     		blueprintEntry,
     		WithRedactedPasswords(),
     		WithRedactedCertificates(),
+    		WithRedactedAAPRegistration(),
     		WithRedactedFiles([]string{
     			"/etc/systemd/system/register-satellite.service",
     			"/usr/local/sbin/register-satellite",
+    			"/usr/local/sbin/aap-first-boot-reg",
     		}),
     	)
     	if err != nil {
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -71,6 +71,12 @@ func TestHandlers_CreateBlueprint(t *testing.T) { @@
     				{"name": "user", "password": "test"},
     				{"name": "user2", "ssh_key": "ssh-rsa AAAAB3NzaC1"},
     			},
+    			"aap_registration": map[string]interface{}{
+    				"ansible_callback_url":      "https://aap-gw.example.com/api/controller/v2/job_templates/42/callback/",
+    				"host_config_key":           "test-host-config-key-12345",
+    				"tls_certificate_authority": "-----BEGIN CERTIFICATE-----\nMIIC0DCCAbigAwIBAgIUI...\n-----END CERTIFICATE-----",
+    				"skip_tls_verification":     false,
+    			},
     		},
     		"distribution": "centos-9",
     		"image_requests": []map[string]interface{}{
@@ Expand All / @@ -93,6 +99,15 @@ func TestHandlers_CreateBlueprint(t *testing.T) { @@
     	require.NoError(t, err)
     	require.Nil(t, be.Metadata)
+    	blueprint, err := v1.BlueprintFromEntry(be)
+    	require.NoError(t, err)
+    	require.NotNil(t, blueprint.Customizations.AAPRegistration)
+    	require.Equal(t, "https://aap-gw.example.com/api/controller/v2/job_templates/42/callback/", blueprint.Customizations.AAPRegistration.AnsibleCallbackUrl)
+    	require.Equal(t, "test-host-config-key-12345", blueprint.Customizations.AAPRegistration.HostConfigKey)
+    	require.Equal(t, "-----BEGIN CERTIFICATE-----\nMIIC0DCCAbigAwIBAgIUI...\n-----END CERTIFICATE-----", blueprint.Customizations.AAPRegistration.TlsCertificateAuthority)
+    	require.NotNil(t, blueprint.Customizations.AAPRegistration.SkipTlsVerification)
+    	require.False(t, *blueprint.Customizations.AAPRegistration.SkipTlsVerification)
     	// Test unique name constraint
     	statusCode, resp := tutils.PostResponseBody(t, srvURL+"/api/image-builder/v1/blueprints", body)
     	require.Equal(t, http.StatusUnprocessableEntity, statusCode)
@@ Expand Down Expand Up @@
     		result, err := v1.BlueprintFromEntry(
     			be,
     			v1.WithRedactedPasswords(),
-    			v1.WithRedactedCertificates(),
     			v1.WithRedactedFiles([]string{
     				"/etc/systemd/system/register-satellite.service",
     				"/usr/local/sbin/register-satellite",
     			}),
     		)
     		require.NoError(t, err)
-    		require.Nil(t, result.Customizations.Cacerts)
+    		require.NotNil(t, result.Customizations.Cacerts)
     		require.Nil(t, result.Customizations.Files)
     	})
@@ Expand Down Expand Up @@
     		result, err := v1.BlueprintFromEntry(
     			be,
     			v1.WithRedactedPasswords(),
-    			v1.WithRedactedCertificates(),
     			v1.WithRedactedFiles([]string{
     				"/etc/systemd/system/register-satellite.service",
     				"/usr/local/sbin/register-satellite",
@@ Expand Down Expand Up / @@ -1127,6 +1140,12 @@ func TestHandlers_ExportBlueprint(t *testing.T) { @@
     			Subscription: &v1.Subscription{
     				ActivationKey: "aaa",
     			},
+    			AAPRegistration: &v1.AAPRegistration{
+    				AnsibleCallbackUrl:      "https://aap-gw.example.com/api/controller/v2/job_templates/42/callback/",
+    				HostConfigKey:           "test-host-config-key-12345",
+    				TlsCertificateAuthority: "-----BEGIN CERTIFICATE-----\nMIIC0DCCAbigAwIBAgIUI...\n-----END CERTIFICATE-----",
+    				SkipTlsVerification:     common.ToPtr(false),
+    			},
     			Users: common.ToPtr([]v1.User{
     				{
     					Name:     "user",
@@ Expand Down Expand Up / @@ -1257,6 +1276,12 @@ func TestHandlers_ExportBlueprint(t *testing.T) { @@
     			Subscription: &v1.Subscription{
     				ActivationKey: "aaa",
     			},
+    			AAPRegistration: &v1.AAPRegistration{
+    				AnsibleCallbackUrl:      "https://aap-gw.example.com/api/controller/v2/job_templates/42/callback/",
+    				HostConfigKey:           "test-host-config-key-12345",
+    				TlsCertificateAuthority: "-----BEGIN CERTIFICATE-----\nMIIC0DCCAbigAwIBAgIUI...\n-----END CERTIFICATE-----",
+    				SkipTlsVerification:     common.ToPtr(false),
+    			},
     			Users: common.ToPtr([]v1.User{
     				{
     					Name:     "user",
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up @@
     		}
     	}
-    	if aap := cr.ImageRequests[0].AAPRegistration; aap != nil {
+    	if aap := cust.AAPRegistration; aap != nil {
     		script, err := tmpl.RenderAAPRegistrationScript(ctx.Request().Context(), tmpl.AAPRegistrationParams{
     			HostConfigKey:       aap.HostConfigKey,
     			AnsibleCallbackUrl:  aap.AnsibleCallbackUrl,
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

AAP: import/export (HMS-8836) (HMS-8837) #1651

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!

lzap Jul 28, 2025

Uh oh!

ksiekl Jul 28, 2025

Uh oh!

achilleas-k Jul 28, 2025

Uh oh!

lzap Jul 28, 2025

Uh oh!

Uh oh!

Uh oh!

-Original file line number
+Diff line change
@@ Expand Up / @@ -2955,8 +2955,14 @@ func TestComposeCustomizations(t *testing.T) { @@
     		// aap first boot registration
     		{
     			imageBuilderRequest: v1.ComposeRequest{
-    				Customizations: &v1.Customizations{},
-    				Distribution:   "rhel-8",
+    				Customizations: &v1.Customizations{
+    					AAPRegistration: &v1.AAPRegistration{
+    						AnsibleCallbackUrl:      "http://some-url.org/api/controller/v2/job_templates/38/callback/",
+    						HostConfigKey:           "some-key",
+    						TlsCertificateAuthority: "---BEGIN CERTIFICATE---\nMIIC0DCCAbigAwIBAgIUI...\n---END CERTIFICATE---",
+    					},
+    				},
+    				Distribution: "rhel-8",
     				ImageRequests: []v1.ImageRequest{
     					{
     						Architecture: "x86_64",
@@ Expand All / @@ -2965,11 +2971,6 @@ func TestComposeCustomizations(t *testing.T) { @@
     							Type:    v1.UploadTypesAwsS3,
     							Options: uo,
     						},
-    						AAPRegistration: &v1.AAPRegistration{
-    							AnsibleCallbackUrl:      "http://some-url.org/api/controller/v2/job_templates/38/callback/",
-    							HostConfigKey:           "some-key",
-    							TlsCertificateAuthority: "---BEGIN CERTIFICATE---\nMIIC0DCCAbigAwIBAgIUI...\n---END CERTIFICATE---",
-    						},
     					},
     				},
     			},
@@ Expand Down @@

AAP: import/export (HMS-8836) (HMS-8837) #1651

Uh oh!

AAP: import/export (HMS-8836) (HMS-8837) #1651

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!

lzap Jul 28, 2025

Choose a reason for hiding this comment

Uh oh!

ksiekl Jul 28, 2025

Choose a reason for hiding this comment

Uh oh!

achilleas-k Jul 28, 2025

Choose a reason for hiding this comment

Uh oh!

lzap Jul 28, 2025

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!