[AAP-47877] Backport collection updates (#6992)

* Update collection args (#16025) * update collection arguments * Add integration testing for new param * fix: sanity check failures --------- Co-authored-by: Sean Sullivan <ssulliva@redhat.com> Co-authored-by: Alan Rominger <arominge@redhat.com> * update formatting for sanity testing * fixing indentation for sanity suite * adjust tests to use new token name * update tests to use aap_token instead of controller_oauthtoken * add back aliases for backward compat * we have integration tests that still leverage the old token name * while we can rename these, this tells me that customers might still have them in the wild and breaking them in a z stream is no bueno * revert alias changes --------- Co-authored-by: Peter Braun <pbraun@redhat.com> Co-authored-by: Sean Sullivan <ssulliva@redhat.com> Co-authored-by: Alan Rominger <arominge@redhat.com>
2026-01-11 01:57:35 -03:30 · 2025-07-10 10:14:40 -04:00 · 2025-07-10 10:14:40 -04:00 · 03cd450669
commit 03cd450669
parent 1d4b555a2c
6 changed files with 68 additions and 32 deletions
--- a/awx_collection/plugins/doc_fragments/auth.py
+++ b/awx_collection/plugins/doc_fragments/auth.py
@ -19,20 +19,20 @@ options:
    - If value not set, will try environment variable C(CONTROLLER_HOST) and then config files
    - If value not specified by any means, the value of C(127.0.0.1) will be used
    type: str
-    aliases: [ tower_host ]
+    aliases: [ tower_host, aap_hostname ]
  controller_username:
    description:
    - Username for your controller instance.
    - If value not set, will try environment variable C(CONTROLLER_USERNAME) and then config files
    type: str
-    aliases: [ tower_username ]
+    aliases: [ tower_username, aap_username ]
  controller_password:
    description:
    - Password for your controller instance.
    - If value not set, will try environment variable C(CONTROLLER_PASSWORD) and then config files
    type: str
-    aliases: [ tower_password ]
-  controller_oauthtoken:
+    aliases: [ tower_password , aap_password ]
+  aap_token:
    description:
    - The OAuth token to use.
    - This value can be in one of two formats.
@ -41,7 +41,6 @@ options:
    - If value not set, will try environment variable C(CONTROLLER_OAUTH_TOKEN) and then config files
    type: raw
    version_added: "3.7.0"
-    aliases: [ tower_oauthtoken ]
  validate_certs:
    description:
    - Whether to allow insecure connections to AWX.
@ -49,18 +48,19 @@ options:
    - This should only be used on personally controlled sites using self-signed certificates.
    - If value not set, will try environment variable C(CONTROLLER_VERIFY_SSL) and then config files
    type: bool
-    aliases: [ tower_verify_ssl ]
+    aliases: [ tower_verify_ssl, aap_validate_certs ]
  request_timeout:
    description:
    - Specify the timeout Ansible should use in requests to the controller host.
    - Defaults to 10s, but this is handled by the shared module_utils code
    type: float
+    aliases: [ aap_request_timeout ]
  controller_config_file:
    description:
    - Path to the controller config file.
    - If provided, the other locations for config files will not be considered.
    type: path
-    aliases: [tower_config_file]
+    aliases: [ tower_config_file ]

 notes:
 - If no I(config_file) is provided we will attempt to use the tower-cli library
--- a/awx_collection/plugins/doc_fragments/auth_plugin.py
+++ b/awx_collection/plugins/doc_fragments/auth_plugin.py
@ -17,43 +17,38 @@ options:
    description: The network address of your Automation Platform Controller host.
    env:
    - name: CONTROLLER_HOST
-    - name: TOWER_HOST
      deprecated:
        collection_name: 'awx.awx'
        version: '4.0.0'
        why: Collection name change
-        alternatives: 'CONTROLLER_HOST'
+        alternatives: 'TOWER_HOST, AAP_HOSTNAME'
  username:
    description: The user that you plan to use to access inventories on the controller.
    env:
    - name: CONTROLLER_USERNAME
-    - name: TOWER_USERNAME
      deprecated:
        collection_name: 'awx.awx'
        version: '4.0.0'
        why: Collection name change
-        alternatives: 'CONTROLLER_USERNAME'
+        alternatives: 'TOWER_USERNAME, AAP_USERNAME'
  password:
    description: The password for your controller user.
    env:
    - name: CONTROLLER_PASSWORD
-    - name: TOWER_PASSWORD
      deprecated:
        collection_name: 'awx.awx'
        version: '4.0.0'
        why: Collection name change
-        alternatives: 'CONTROLLER_PASSWORD'
-  oauth_token:
+        alternatives: 'TOWER_PASSWORD, AAP_PASSWORD'
+  aap_token:
    description:
    - The OAuth token to use.
    env:
-    - name: CONTROLLER_OAUTH_TOKEN
-    - name: TOWER_OAUTH_TOKEN
+    - name: AAP_TOKEN
      deprecated:
        collection_name: 'awx.awx'
        version: '4.0.0'
        why: Collection name change
-        alternatives: 'CONTROLLER_OAUTH_TOKEN'
  verify_ssl:
    description:
    - Specify whether Ansible should verify the SSL certificate of the controller host.
@ -61,12 +56,11 @@ options:
    type: bool
    env:
    - name: CONTROLLER_VERIFY_SSL
-    - name: TOWER_VERIFY_SSL
      deprecated:
        collection_name: 'awx.awx'
        version: '4.0.0'
        why: Collection name change
-        alternatives: 'CONTROLLER_VERIFY_SSL'
+        alternatives: 'TOWER_VERIFY_SSL, AAP_VALIDATE_CERTS'
    aliases: [ validate_certs ]
  request_timeout:
    description:
@ -76,7 +70,12 @@ options:
    type: float
    env:
    - name: CONTROLLER_REQUEST_TIMEOUT
-
+      deprecated:
+        collection_name: 'awx.awx'
+        version: '4.0.0'
+        why: Support for AAP variables
+        alternatives: 'AAP_REQUEST_TIMEOUT'
+    aliases: [ aap_request_timeout ]
 notes:
 - If no I(config_file) is provided we will attempt to use the tower-cli library
  defaults to find your host information.
--- a/awx_collection/plugins/module_utils/controller_api.py
+++ b/awx_collection/plugins/module_utils/controller_api.py
@ -47,15 +47,40 @@ class ItemNotDefined(Exception):
 class ControllerModule(AnsibleModule):
    url = None
    AUTH_ARGSPEC = dict(
-        controller_host=dict(required=False, aliases=['tower_host'], fallback=(env_fallback, ['CONTROLLER_HOST', 'TOWER_HOST'])),
-        controller_username=dict(required=False, aliases=['tower_username'], fallback=(env_fallback, ['CONTROLLER_USERNAME', 'TOWER_USERNAME'])),
-        controller_password=dict(no_log=True, aliases=['tower_password'], required=False, fallback=(env_fallback, ['CONTROLLER_PASSWORD', 'TOWER_PASSWORD'])),
-        validate_certs=dict(type='bool', aliases=['tower_verify_ssl'], required=False, fallback=(env_fallback, ['CONTROLLER_VERIFY_SSL', 'TOWER_VERIFY_SSL'])),
-        request_timeout=dict(type='float', required=False, fallback=(env_fallback, ['CONTROLLER_REQUEST_TIMEOUT'])),
-        controller_oauthtoken=dict(
-            type='raw', no_log=True, aliases=['tower_oauthtoken'], required=False, fallback=(env_fallback, ['CONTROLLER_OAUTH_TOKEN', 'TOWER_OAUTH_TOKEN'])
+        controller_host=dict(
+            required=False,
+            aliases=['tower_host', 'aap_hostname'],
+            fallback=(env_fallback, ['CONTROLLER_HOST', 'TOWER_HOST', 'AAP_HOSTNAME'])),
+        controller_username=dict(
+            required=False,
+            aliases=['tower_username', 'aap_username'],
+            fallback=(env_fallback, ['CONTROLLER_USERNAME', 'TOWER_USERNAME', 'AAP_USERNAME'])),
+        controller_password=dict(
+            no_log=True,
+            aliases=['tower_password', 'aap_password'],
+            required=False,
+            fallback=(env_fallback, ['CONTROLLER_PASSWORD', 'TOWER_PASSWORD', 'AAP_PASSWORD'])),
+        validate_certs=dict(
+            type='bool',
+            aliases=['tower_verify_ssl', 'aap_validate_certs'],
+            required=False,
+            fallback=(env_fallback, ['CONTROLLER_VERIFY_SSL', 'TOWER_VERIFY_SSL', 'AAP_VALIDATE_CERTS'])),
+        request_timeout=dict(
+            type='float',
+            aliases=['aap_request_timeout'],
+            required=False,
+            fallback=(env_fallback, ['CONTROLLER_REQUEST_TIMEOUT', 'AAP_REQUEST_TIMEOUT'])),
+        aap_token=dict(
+            type='raw',
+            no_log=True,
+            required=False,
+            fallback=(env_fallback, ['CONTROLLER_OAUTH_TOKEN', 'TOWER_OAUTH_TOKEN', 'AAP_TOKEN'])
        ),
-        controller_config_file=dict(type='path', aliases=['tower_config_file'], required=False, default=None),
+        controller_config_file=dict(
+            type='path',
+            aliases=['tower_config_file'],
+            required=False,
+            default=None),
    )
    # Associations of these types are ordered and have special consideration in the modified associations function
    ordered_associations = ['instance_groups', 'galaxy_credentials', 'input_inventories']
--- a/awx_collection/test/awx/test_organization.py
+++ b/awx_collection/test/awx/test_organization.py
@ -20,7 +20,7 @@ def test_create_organization(run_module, admin_user):
        'controller_username': None,
        'controller_password': None,
        'validate_certs': None,
-        'controller_oauthtoken': None,
+        'aap_token': None,
        'controller_config_file': None,
    }

@ -53,7 +53,7 @@ def test_galaxy_credential_order(run_module, admin_user):
        'controller_username': None,
        'controller_password': None,
        'validate_certs': None,
-        'controller_oauthtoken': None,
+        'aap_token': None,
        'controller_config_file': None,
        'galaxy_credentials': cred_ids,
    }
@ -78,7 +78,7 @@ def test_galaxy_credential_order(run_module, admin_user):
        'controller_username': None,
        'controller_password': None,
        'validate_certs': None,
-        'controller_oauthtoken': None,
+        'aap_token': None,
        'controller_config_file': None,
        'galaxy_credentials': cred_ids,
    }
--- a/awx_collection/test/awx/test_token.py
+++ b/awx_collection/test/awx/test_token.py
@ -18,7 +18,7 @@ def test_create_token(run_module, admin_user):
        'controller_username': None,
        'controller_password': None,
        'validate_certs': None,
-        'controller_oauthtoken': None,
+        'aap_token': None,
        'controller_config_file': None,
    }

--- a/awx_collection/tests/integration/targets/params/tasks/main.yml
+++ b/awx_collection/tests/integration/targets/params/tasks/main.yml
@ -0,0 +1,12 @@
+---
+- name: Perform an action with a different hostname via aap_hostname
+  inventory:
+    name: "Demo Inventory"
+    organization: Default
+    aap_hostname: https://foohostbar.invalid
+  ignore_errors: true
+  register: result
+
+- assert:
+    that:
+      - "'foohostbar' in result.msg"