External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-11 18:09:57 -03:30
Code Issues Packages Projects Releases Wiki Activity

Fix k8s credentials that use a custom ca cert

Browse Source
This commit is contained in:
Shane McDonald 2021-03-29 17:33:40 -04:00
parent 03ab9f4e2a
commit 4beeeae9f1
No known key found for this signature in database
GPG Key ID: 6F374AF6E9EB9374
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
awx/main/models/credential/injectors.py
View File

@ -115,6 +115,6 @@ def kubernetes_bearer_token(cred, env, private_data_dir):
with os.fdopen(handle, 'w') as f:
os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
f.write(cred.get_input('ssl_ca_cert'))
env['K8S_AUTH_SSL_CA_CERT'] = path
env['K8S_AUTH_SSL_CA_CERT'] = os.path.join('/runner', os.path.basename(path))
else:
env['K8S_AUTH_VERIFY_SSL'] = 'False'

3
awx/main/tests/unit/test_tasks.py
View File

@ -1003,7 +1003,8 @@ class TestJobCredentials(TestJobExecution):
if verify:
assert env['K8S_AUTH_VERIFY_SSL'] == 'True'
cert = open(env['K8S_AUTH_SSL_CA_CERT'], 'r').read()
local_path = os.path.join(private_data_dir, os.path.basename(env['K8S_AUTH_SSL_CA_CERT']))
cert = open(local_path, 'r').read()
assert cert == 'CERTDATA'
else:
assert env['K8S_AUTH_VERIFY_SSL'] == 'False'