Start migrating the /runner path references

2026-03-06 19:21:06 -03:30 · 2021-04-22 10:05:25 -04:00
parent d33a748eea
commit 623cf0b4cd
5 changed files with 21 additions and 12 deletions
--- a/awx/main/models/credential/init.py
+++ b/awx/main/models/credential/init.py
@@ -31,6 +31,7 @@ from awx.main.fields import (
 )
 from awx.main.utils import decrypt_field, classproperty
 from awx.main.utils.safe_yaml import safe_dump
+from awx.main.utils.execution_environments import to_container_path
 from awx.main.validators import validate_ssh_private_key
 from awx.main.models.base import CommonModelNameNotUnique, PasswordFieldsModel, PrimordialModel
 from awx.main.models.mixins import ResourceMixin
@@ -497,8 +498,7 @@ class CredentialType(CommonModelNameNotUnique):
            with open(path, 'w') as f:
                f.write(data)
            os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
-            # FIXME: develop some better means of referencing paths inside containers
-            container_path = os.path.join('/runner', 'env', os.path.basename(path))
+            container_path = to_container_path(path, private_data_dir)

            # determine if filename indicates single file or many
            if file_label.find('.') == -1:
@@ -535,8 +535,7 @@ class CredentialType(CommonModelNameNotUnique):

            if extra_vars:
                path = build_extra_vars_file(extra_vars, private_data_dir)
-                # FIXME: develop some better means of referencing paths inside containers
-                container_path = os.path.join('/runner', 'env', os.path.basename(path))
+                container_path = to_container_path(path, private_data_dir)
                args.extend(['-e', '@%s' % container_path])


--- a/awx/main/models/credential/injectors.py
+++ b/awx/main/models/credential/injectors.py
@@ -6,6 +6,8 @@ import tempfile

 from django.conf import settings

+from awx.main.utils.execution_environments import to_container_path
+

 def aws(cred, env, private_data_dir):
    env['AWS_ACCESS_KEY_ID'] = cred.get_input('username', default='')
@@ -30,9 +32,9 @@ def gce(cred, env, private_data_dir):
    json.dump(json_cred, f, indent=2)
    f.close()
    os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
-    cred_path = os.path.join('/runner', 'env', os.path.basename(path))
-    env['GCE_CREDENTIALS_FILE_PATH'] = cred_path
-    env['GCP_SERVICE_ACCOUNT_FILE'] = cred_path
+    container_path = to_container_path(path, private_data_dir)
+    env['GCE_CREDENTIALS_FILE_PATH'] = container_path
+    env['GCP_SERVICE_ACCOUNT_FILE'] = container_path

    # Handle env variables for new module types.
    # This includes gcp_compute inventory plugin and
@@ -103,8 +105,7 @@ def openstack(cred, env, private_data_dir):
    yaml.safe_dump(openstack_data, f, default_flow_style=False, allow_unicode=True)
    f.close()
    os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
-    # TODO: constant for container base path
-    env['OS_CLIENT_CONFIG_FILE'] = os.path.join('/runner', 'env', os.path.basename(path))
+    env['OS_CLIENT_CONFIG_FILE'] = to_container_path(path, private_data_dir)


 def kubernetes_bearer_token(cred, env, private_data_dir):
@@ -116,6 +117,6 @@ def kubernetes_bearer_token(cred, env, private_data_dir):
        with os.fdopen(handle, 'w') as f:
            os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
            f.write(cred.get_input('ssl_ca_cert'))
-        env['K8S_AUTH_SSL_CA_CERT'] = os.path.join('/runner', 'env', os.path.basename(path))
+        env['K8S_AUTH_SSL_CA_CERT'] = to_container_path(path, private_data_dir)
    else:
        env['K8S_AUTH_VERIFY_SSL'] = 'False'