disallow ask_at_runtime fields for custom credential types

2026-05-11 03:17:38 -02:30 · 2017-05-02 10:35:32 -04:00
parent bc20fa24f3
commit 61b3f7afb7
2 changed files with 36 additions and 6 deletions
--- a/awx/main/tests/functional/api/test_credential_type.py
+++ b/awx/main/tests/functional/api/test_credential_type.py
@@ -110,8 +110,7 @@ def test_create_with_valid_inputs(get, post, admin):
                'id': 'api_token',
                'label': 'API Token',
                'type': 'string',
-                'secret': True,
-                'ask_at_runtime': True
+                'secret': True
            }]
        },
        'injectors': {}
@@ -124,7 +123,6 @@ def test_create_with_valid_inputs(get, post, admin):
    assert len(fields) == 1
    assert fields[0]['id'] == 'api_token'
    assert fields[0]['label'] == 'API Token'
-    assert fields[0]['ask_at_runtime'] is True
    assert fields[0]['secret'] is True
    assert fields[0]['type'] == 'string'

@@ -142,7 +140,8 @@ def test_create_with_invalid_inputs_xfail(post, admin):


@pytest.mark.django_db
-def test_create_with_valid_injectors(get, post, admin):
+def test_ask_at_runtime_xfail(get, post, admin):
+    # ask_at_runtime is only supported by the built-in SSH and Vault types
    response = post(reverse('api:credential_type_list'), {
        'kind': 'cloud',
        'name': 'MyCloud',
@@ -161,6 +160,31 @@ def test_create_with_valid_injectors(get, post, admin):
            }
        }
    }, admin)
+    assert response.status_code == 400
+
+    response = get(reverse('api:credential_type_list'), admin)
+    assert response.data['count'] == 0
+
+
+@pytest.mark.django_db
+def test_create_with_valid_injectors(get, post, admin):
+    response = post(reverse('api:credential_type_list'), {
+        'kind': 'cloud',
+        'name': 'MyCloud',
+        'inputs': {
+            'fields': [{
+                'id': 'api_token',
+                'label': 'API Token',
+                'type': 'string',
+                'secret': True
+            }]
+        },
+        'injectors': {
+            'env': {
+                'ANSIBLE_MY_CLOUD_TOKEN': '{{api_token}}'
+            }
+        }
+    }, admin)
    assert response.status_code == 201

    response = get(reverse('api:credential_type_list'), admin)
@@ -193,8 +217,7 @@ def test_create_with_undefined_template_variable_xfail(post, admin):
                'id': 'api_token',
                'label': 'API Token',
                'type': 'string',
-                'secret': True,
-                'ask_at_runtime': True
+                'secret': True
            }]
        },
        'injectors': {