External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-25 15:06:02 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7033 from chrismeyersfsu/fix-3801

Browse Source 
use newest aws env var names for creds
This commit is contained in:
Chris Meyers
2017-07-13 08:09:24 -04:00
committed by GitHub
parent 4b9385a233 6511d2968e
commit 2f7a720ba1
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
awx/main/tasks.py
View File

@@ -557,7 +557,7 @@ class BaseTask(Task):
urlpass_re = re.compile(r'^.*?://[^:]+:(.*?)@.*?$') urlpass_re = re.compile(r'^.*?://[^:]+:(.*?)@.*?$')
safe_env = dict(env) safe_env = dict(env)
for k,v in safe_env.items(): for k,v in safe_env.items():
if k in ('REST_API_URL', 'AWS_ACCESS_KEY', 'AWS_ACCESS_KEY_ID'): if k in ('REST_API_URL', 'AWS_ACCESS_KEY_ID'):
continue continue
elif k.startswith('ANSIBLE_') and not k.startswith('ANSIBLE_NET'): elif k.startswith('ANSIBLE_') and not k.startswith('ANSIBLE_NET'):
continue continue
@@ -943,8 +943,8 @@ class RunJob(BaseTask):
cred_files = kwargs.get('private_data_files', {}).get('credentials', {}) cred_files = kwargs.get('private_data_files', {}).get('credentials', {})
for cloud_cred in job.cloud_credentials: for cloud_cred in job.cloud_credentials:
if cloud_cred and cloud_cred.kind == 'aws': if cloud_cred and cloud_cred.kind == 'aws':
env['AWS_ACCESS_KEY'] = cloud_cred.username env['AWS_ACCESS_KEY_ID'] = cloud_cred.username
env['AWS_SECRET_KEY'] = decrypt_field(cloud_cred, 'password') env['AWS_SECRET_ACCESS_KEY'] = decrypt_field(cloud_cred, 'password')
if len(cloud_cred.security_token) > 0: if len(cloud_cred.security_token) > 0:
env['AWS_SECURITY_TOKEN'] = decrypt_field(cloud_cred, 'security_token') env['AWS_SECURITY_TOKEN'] = decrypt_field(cloud_cred, 'security_token')
# FIXME: Add EC2_URL, maybe EC2_REGION! # FIXME: Add EC2_URL, maybe EC2_REGION!

8
awx/main/tests/unit/test_tasks.py
View File

@@ -494,8 +494,8 @@ class TestJobCredentials(TestJobExecution):
call_args, _ = self.run_pexpect.call_args_list[0] call_args, _ = self.run_pexpect.call_args_list[0]
args, cwd, env, stdout = call_args args, cwd, env, stdout = call_args
assert env['AWS_ACCESS_KEY'] == 'bob' assert env['AWS_ACCESS_KEY_ID'] == 'bob'
assert env['AWS_SECRET_KEY'] == 'secret' assert env['AWS_SECRET_ACCESS_KEY'] == 'secret'
assert 'AWS_SECURITY_TOKEN' not in env assert 'AWS_SECURITY_TOKEN' not in env
def test_aws_cloud_credential_with_sts_token(self): def test_aws_cloud_credential_with_sts_token(self):
@@ -514,8 +514,8 @@ class TestJobCredentials(TestJobExecution):
call_args, _ = self.run_pexpect.call_args_list[0] call_args, _ = self.run_pexpect.call_args_list[0]
args, cwd, env, stdout = call_args args, cwd, env, stdout = call_args
assert env['AWS_ACCESS_KEY'] == 'bob' assert env['AWS_ACCESS_KEY_ID'] == 'bob'
assert env['AWS_SECRET_KEY'] == 'secret' assert env['AWS_SECRET_ACCESS_KEY'] == 'secret'
assert env['AWS_SECURITY_TOKEN'] == 'token' assert env['AWS_SECURITY_TOKEN'] == 'token'
def test_gce_credentials(self): def test_gce_credentials(self):