External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-26 15:36:04 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9744 from shanemcd/fix-k8s-ca

Browse Source 
Fix k8s credentials that use a custom ca cert

Reviewed-by: Elijah DeLee <kdelee@redhat.com>
This commit is contained in:
softwarefactory-project-zuul[bot]
2021-03-30 13:00:03 +00:00
committed by GitHub
parent 8673631e64 4beeeae9f1
commit 657f366e21
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
awx/main/models/credential/injectors.py
View File

@@ -115,6 +115,6 @@ def kubernetes_bearer_token(cred, env, private_data_dir):
with os.fdopen(handle, 'w') as f:
os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
f.write(cred.get_input('ssl_ca_cert'))
env['K8S_AUTH_SSL_CA_CERT'] = path
env['K8S_AUTH_SSL_CA_CERT'] = os.path.join('/runner', os.path.basename(path))
else:
env['K8S_AUTH_VERIFY_SSL'] = 'False'

3
awx/main/tests/unit/test_tasks.py
View File

@@ -1003,7 +1003,8 @@ class TestJobCredentials(TestJobExecution):
if verify:
assert env['K8S_AUTH_VERIFY_SSL'] == 'True'
cert = open(env['K8S_AUTH_SSL_CA_CERT'], 'r').read()
local_path = os.path.join(private_data_dir, os.path.basename(env['K8S_AUTH_SSL_CA_CERT']))
cert = open(local_path, 'r').read()
assert cert == 'CERTDATA'
else:
assert env['K8S_AUTH_VERIFY_SSL'] == 'False'