perf: push account automation (#9497)

Co-authored-by: feng <1304903146@qq.com>

apps/accounts/automations/change_secret/host/windows/main.yml

@@ -8,11 +8,18 @@
 #      debug:
 #        msg: "Username: {{ account.username }}, Password: {{ account.secret }}"
 
+
+    - name: Get groups of a Windows user
+      ansible.windows.win_user:
+        name: "{{ jms_account.username }}"
+      register: user_info
+
     - name: Change password
       ansible.windows.win_user:
         name: "{{ account.username }}"
         password: "{{ account.secret }}"
-        groups: "Administrators"
+        groups: "{{ user_info.groups[0].name }}"
+        groups_action: add
         update_password: always
       when: account.secret_type == "password"
 

apps/accounts/automations/change_secret/manager.py

@@ -22,6 +22,8 @@ logger = get_logger(__name__)
 
 
 class ChangeSecretManager(AccountBasePlaybookManager):
+    ansible_account_prefer = ''
+
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
         self.method_hosts_mapper = defaultdict(list)

apps/accounts/automations/gather_accounts/filter.py

@@ -30,6 +30,10 @@ class GatherAccountsFilter:
         result = {}
         for line in info:
             data = line.split('@')
+            if len(data) == 1:
+                result[line] = {}
+                continue
+
             if len(data) != 3:
                 continue
             username, address, dt = data

apps/accounts/automations/gather_accounts/host/posix/main.yml

@@ -4,8 +4,13 @@
     - name: Gather posix account
       ansible.builtin.shell:
         cmd: >
-           users=$(getent passwd | grep -v nologin | grep -v shutdown | awk -F":" '{ print $1 }');for i in $users;
-           do last -w -F $i -1 | head -1 | grep -v ^$ | awk '{ print $1"@"$3"@"$5,$6,$7,$8 }';done
+          users=$(getent passwd | grep -v nologin | grep -v shutdown | awk -F":" '{ print $1 }');for i in $users;
+          do k=$(last -w -F $i -1 | head -1 | grep -v ^$ | awk '{ print $1"@"$3"@"$5,$6,$7,$8 }')
+            if [ -n "$k" ]; then
+              echo $k
+            else
+              echo $i
+            fi;done
       register: result
 
     - name: Define info by set_fact

apps/accounts/automations/push_account/manager.py

@@ -12,6 +12,7 @@ logger = get_logger(__name__)
 
 
 class PushAccountManager(ChangeSecretManager, AccountBasePlaybookManager):
+    ansible_account_prefer = ''
 
     @classmethod
     def method_type(cls):

apps/assets/automations/base/manager.py

@@ -25,6 +25,7 @@ class PlaybookCallback(DefaultCallback):
 class BasePlaybookManager:
     bulk_size = 100
     ansible_account_policy = 'privileged_first'
+    ansible_account_prefer = 'root,Administrator'
 
     def __init__(self, execution):
         self.execution = execution
@@ -123,6 +124,7 @@ class BasePlaybookManager:
     def generate_inventory(self, platformed_assets, inventory_path):
         inventory = JMSInventory(
             assets=platformed_assets,
+            account_prefer=self.ansible_account_prefer,
             account_policy=self.ansible_account_policy,
             host_callback=self.host_callback,
         )

apps/ops/api/job.py

@@ -14,7 +14,7 @@ __all__ = ['JobViewSet', 'JobExecutionViewSet', 'JobRunVariableHelpAPIView',
 from ops.tasks import run_ops_job_execution
 from ops.variables import JMS_JOB_VARIABLE_HELP
 from orgs.mixins.api import OrgBulkModelViewSet
-from orgs.utils import tmp_to_org, get_current_org_id, get_current_org
+from orgs.utils import tmp_to_org, get_current_org
 from accounts.models import Account