perf: ansible env to jms

apps/accounts/api/automations/check_account.py

@@ -129,11 +129,13 @@ class AccountRiskViewSet(OrgBulkModelViewSet):
             s.validated_data, ("asset", "username", "action", "risk")
         )
         handler = RiskHandler(asset=asset, username=username, request=self.request)
-        data = handler.handle(act, risk)
+
-        if not data:
+        try:
-            return Response(data={"message": "Success"})
+            risk = handler.handle(act, risk)
-        s = serializers.AccountRiskSerializer(instance=data)
+            s = serializers.AccountRiskSerializer(instance=risk)
-        return Response(data=s.data)
+            return Response(data=s.data)
+        except Exception as e:
+            return Response(status=400, data=str(e))
 
 
 class CheckAccountEngineViewSet(JMSModelViewSet):

apps/accounts/risk_handlers.py

@@ -117,6 +117,15 @@ class RiskHandler:
     def handle_delete_remote(self):
         self._handle_delete(delete="remote")
 
+    @staticmethod
+    def start_execution(execution):
+        execution.save()
+        execution.start()
+
+        if execution.status != "success":
+            msg = _("Execution failed: {}").format(execution.status)
+            raise ValidationError(msg)
+
     def _handle_delete(self, delete="both"):
         asset = self.asset
         execution = AutomationExecution()
@@ -128,9 +137,7 @@ class RiskHandler:
             "delete": delete,
             "risk": self.risk
         }
-        execution.save()
+        self.start_execution(execution)
-        execution.start()
-        return execution.summary
 
     def handle_delete_both(self):
         self._handle_delete(delete="both")
@@ -138,7 +145,11 @@ class RiskHandler:
     def handle_change_password(self):
         asset = self.asset
         execution = AutomationExecution()
-        account = self.asset.accounts.get(username=self.username)
+        account = self.asset.accounts.filter(username=self.username, secret_type=SecretType.PASSWORD).first()
+
+        if not account:
+            raise ValidationError("Account not found")
+
         execution.snapshot = {
             "assets": [str(asset.id)],
             "accounts": [str(account.id)],
@@ -147,9 +158,7 @@ class RiskHandler:
             "secret_strategy": "random",
             "name": "Change account password: {}@{}".format(self.username, asset.name),
         }
-        execution.save()
+        self.start_execution(execution)
-        execution.start()
-        return execution.summary
 
     def handle_change_password_add(self):
         asset = self.asset
@@ -178,10 +187,10 @@ class RiskHandler:
             'check_conn_after_change': True,
             "name": "Push account password: {}@{}".format(self.username, asset.name),
         }
-        execution.save()
+        self.start_execution(execution)
-        execution.start()
 
-        GatheredAccount.objects.filter(asset=self.asset, username=self.username).update(
+        (
-            present=True
+            GatheredAccount.objects
+            .filter(asset=self.asset, username=self.username)
+            .update(present=True)
         )
-        return execution.summary

apps/common/management/commands/services/services/celery_base.py

@@ -12,15 +12,6 @@ class CeleryBaseService(BaseService):
     @property
     def cmd(self):
         print('\n- Start Celery as Distributed Task Queue: {}'.format(self.queue.capitalize()))
-        ansible_config_path = os.path.join(settings.APPS_DIR, 'libs', 'ansible', 'ansible.cfg')
-        ansible_modules_path = os.path.join(settings.APPS_DIR, 'libs', 'ansible', 'modules')
-        os.environ.setdefault('LC_ALL', 'en_US.UTF-8')
-        os.environ.setdefault('LANG', 'en_US.UTF-8')
-        os.environ.setdefault('PYTHONOPTIMIZE', '1')
-        os.environ.setdefault('ANSIBLE_FORCE_COLOR', 'True')
-        os.environ.setdefault('ANSIBLE_CONFIG', ansible_config_path)
-        os.environ.setdefault('ANSIBLE_LIBRARY', ansible_modules_path)
-        os.environ.setdefault('PYTHONPATH', settings.APPS_DIR)
 
         if os.getuid() == 0:
             os.environ.setdefault('C_FORCE_ROOT', '1')

jms

@@ -20,6 +20,16 @@ sys.path.insert(0, APP_DIR)
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "jumpserver.settings")
 django.setup()
 
+ansible_config_path = os.path.join(APP_DIR, 'libs', 'ansible', 'ansible.cfg')
+ansible_modules_path = os.path.join(APP_DIR, 'libs', 'ansible', 'modules')
+os.environ.setdefault('LC_ALL', 'en_US.UTF-8')
+os.environ.setdefault('LANG', 'en_US.UTF-8')
+os.environ.setdefault('PYTHONOPTIMIZE', '1')
+os.environ.setdefault('ANSIBLE_FORCE_COLOR', 'True')
+os.environ.setdefault('ANSIBLE_CONFIG', ansible_config_path)
+os.environ.setdefault('ANSIBLE_LIBRARY', ansible_modules_path)
+os.environ.setdefault('PYTHONPATH', APP_DIR)
+
 logging.basicConfig(level=logging.DEBUG, format="%(asctime)s %(message)s", datefmt="%Y-%m-%d %H:%M:%S")
 
 try: