From 6d08e2151111f3c7adee6871e115a196d87117f6 Mon Sep 17 00:00:00 2001 From: John Westcott IV Date: Wed, 1 Apr 2020 11:10:45 -0400 Subject: [PATCH] Resolving comment and updating tests --- .../plugins/module_utils/tower_api.py | 8 +++++- awx_collection/test/awx/test_credential.py | 26 ++++++++++++------- 2 files changed, 23 insertions(+), 11 deletions(-) diff --git a/awx_collection/plugins/module_utils/tower_api.py b/awx_collection/plugins/module_utils/tower_api.py index 758e2dccc5..a7bbc93857 100644 --- a/awx_collection/plugins/module_utils/tower_api.py +++ b/awx_collection/plugins/module_utils/tower_api.py @@ -575,7 +575,13 @@ class TowerModule(AnsibleModule): self.exit_json(**self.json_output) # We need to be able to recursevly step through fields in the case of inputs for credentials. - # They are dicts and we can't just compare them at the top level because the dict returned from the tower api will have fields like $encrypted$ + # They are dicts and we can't just compare them at the top level because the dict from the tower api may have more fields that we have. + # For example, say someone did: + # - tower_credential: + # name: 'a cred' + # username: 'John' + # Our new dict would be like { 'username': 'new_name' } + # But the existing cred from tower might come back as: { 'username': 'new_name', 'password': '$encrypted$', 'field2': 'something else' } @staticmethod def compare_fields(new_item, existing_item): needs_update = False diff --git a/awx_collection/test/awx/test_credential.py b/awx_collection/test/awx/test_credential.py index 31ba9326ff..c0bcaee755 100644 --- a/awx_collection/test/awx/test_credential.py +++ b/awx_collection/test/awx/test_credential.py @@ -106,7 +106,7 @@ def test_create_custom_credential_type(run_module, admin_user): @pytest.mark.django_db -def test_kind_ct_exclusivity(run_module, admin_user, organization, cred_type, silence_deprecation): +def test_ct_precedence_over_kind(run_module, admin_user, organization, cred_type, silence_deprecation): result = run_module('tower_credential', dict( name='A credential', organization=organization.name, @@ -114,22 +114,28 @@ def test_kind_ct_exclusivity(run_module, admin_user, organization, cred_type, si credential_type=cred_type.name, state='present' ), admin_user) - assert result.get('failed', False), result.get('msg', result) - assert result['msg'] == 'parameters are mutually exclusive: kind|credential_type' + assert not result.get('failed', False), result.get('msg', result) + + cred = Credential.objects.get(name='A credential') + + assert cred.credential_type == cred_type.name @pytest.mark.django_db -def test_input_exclusivity(run_module, admin_user, organization): +def test_input_overrides_old_fields(run_module, admin_user, organization): result = run_module('tower_credential', dict( - name='A credential', + name='A Vault credential', organization=organization.name, - kind='ssh', - inputs={'token': '7rEZK38DJl58A7RxA6EC7lLvUHbBQ1'}, - security_token='7rEZK38DJl58A7RxA6EC7lLvUHbBQ1', + kind='Vault', + inputs={'vault_id': 'asdf'}, + vault_id='1234', state='present' ), admin_user) - assert result.get('failed', False), result - assert result['msg'] == 'parameters are mutually exclusive: inputs|security_token' + assert not result.get('failed', False), result + + cred = Credential.objects.get(name='A Vault credential') + + assert cred.inputs.vault_id == 'asdf' @pytest.mark.django_db