External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-07 17:37:37 -02:30
Code Issues Packages Projects Releases Wiki Activity

use credential input access methods in injectors.py

Browse Source
This commit is contained in:
Jake McDermott
2019-01-17 21:22:37 -05:00
parent 3a58a5b772
commit 2dadfbcc14
1 changed files with 30 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
awx/main/models/credential/injectors.py
View File

@@ -3,25 +3,28 @@ import os
import stat import stat
import tempfile import tempfile
from awx.main.utils import decrypt_field
from django.conf import settings from django.conf import settings
def aws(cred, env, private_data_dir): def aws(cred, env, private_data_dir):
env['AWS_ACCESS_KEY_ID'] = cred.username env['AWS_ACCESS_KEY_ID'] = cred.get_input('username', default='')
env['AWS_SECRET_ACCESS_KEY'] = decrypt_field(cred, 'password') env['AWS_SECRET_ACCESS_KEY'] = cred.get_input('password', default='')
if len(cred.security_token) > 0:
env['AWS_SECURITY_TOKEN'] = decrypt_field(cred, 'security_token') if cred.has_input('security_token'):
env['AWS_SECURITY_TOKEN'] = cred.get_input('security_token', default='')
def gce(cred, env, private_data_dir): def gce(cred, env, private_data_dir):
env['GCE_EMAIL'] = cred.username project = cred.get_input('project', default='')
env['GCE_PROJECT'] = cred.project username = cred.get_input('username', default='')
env['GCE_EMAIL'] = username
env['GCE_PROJECT'] = project
json_cred = { json_cred = {
'type': 'service_account', 'type': 'service_account',
'private_key': decrypt_field(cred, 'ssh_key_data'), 'private_key': cred.get_input('ssh_key_data', default=''),
'client_email': cred.username, 'client_email': username,
'project_id': cred.project 'project_id': project
} }
handle, path = tempfile.mkstemp(dir=private_data_dir) handle, path = tempfile.mkstemp(dir=private_data_dir)
f = os.fdopen(handle, 'w') f = os.fdopen(handle, 'w')
@@ -32,21 +35,25 @@ def gce(cred, env, private_data_dir):
def azure_rm(cred, env, private_data_dir): def azure_rm(cred, env, private_data_dir):
if len(cred.client) and len(cred.tenant): client = cred.get_input('client', default='')
env['AZURE_CLIENT_ID'] = cred.client tenant = cred.get_input('tenant', default='')
env['AZURE_SECRET'] = decrypt_field(cred, 'secret')
env['AZURE_TENANT'] = cred.tenant if len(client) and len(tenant):
env['AZURE_SUBSCRIPTION_ID'] = cred.subscription env['AZURE_CLIENT_ID'] = client
env['AZURE_TENANT'] = tenant
env['AZURE_SECRET'] = cred.get_input('secret', default='')
env['AZURE_SUBSCRIPTION_ID'] = cred.get_input('subscription', default='')
else: else:
env['AZURE_SUBSCRIPTION_ID'] = cred.subscription env['AZURE_SUBSCRIPTION_ID'] = cred.get_input('subscription', default='')
env['AZURE_AD_USER'] = cred.username env['AZURE_AD_USER'] = cred.get_input('username', default='')
env['AZURE_PASSWORD'] = decrypt_field(cred, 'password') env['AZURE_PASSWORD'] = cred.get_input('password', default='')
if cred.inputs.get('cloud_environment', None):
env['AZURE_CLOUD_ENVIRONMENT'] = cred.inputs['cloud_environment'] if cred.has_input('cloud_environment'):
env['AZURE_CLOUD_ENVIRONMENT'] = cred.get_input('cloud_environment')
def vmware(cred, env, private_data_dir): def vmware(cred, env, private_data_dir):
env['VMWARE_USER'] = cred.username env['VMWARE_USER'] = cred.get_input('username', default='')
env['VMWARE_PASSWORD'] = decrypt_field(cred, 'password') env['VMWARE_PASSWORD'] = cred.get_input('password', default='')
env['VMWARE_HOST'] = cred.host env['VMWARE_HOST'] = cred.get_input('host', default='')
env['VMWARE_VALIDATE_CERTS'] = str(settings.VMWARE_VALIDATE_CERTS) env['VMWARE_VALIDATE_CERTS'] = str(settings.VMWARE_VALIDATE_CERTS)