don't auto-coerce boolean-like extra_vars for credential injection

ansible itself already does this for you (albeit, with its own set of quirks): https://github.com/ansible/ansible/issues/11905 see: #6900
2026-01-16 12:20:45 -03:30 · 2017-07-07 16:09:47 -04:00 · 2017-07-07 16:09:47 -04:00 · 7f286b50b8
commit 7f286b50b8
parent 3ae9578725
2 changed files with 2 additions and 9 deletions
--- a/awx/main/models/credential.py
+++ b/awx/main/models/credential.py
@ -30,7 +30,7 @@ from awx.main.models.rbac import (
    ROLE_SINGLETON_SYSTEM_ADMINISTRATOR,
    ROLE_SINGLETON_SYSTEM_AUDITOR,
 )
-from awx.main.utils import encrypt_field, to_python_boolean
+from awx.main.utils import encrypt_field

 __all__ = ['Credential', 'CredentialType', 'V1Credential']

@ -576,13 +576,6 @@ class CredentialType(CommonModelNameNotUnique):
            extra_vars[var_name] = Template(tmpl).render(**namespace)
            safe_extra_vars[var_name] = Template(tmpl).render(**safe_namespace)

-            # If the template renders to a stringified Boolean, they've _probably_
-            # set up an extra_var injection with a boolean field; extra_vars supports JSON,
-            # so give them the actual boolean type they want
-            for v in (extra_vars, safe_extra_vars):
-                if v[var_name] in ('True', 'False'):
-                    v[var_name] = to_python_boolean(v[var_name])
-
        if extra_vars:
            args.extend(['-e', json.dumps(extra_vars)])

--- a/awx/main/tests/unit/test_tasks.py
+++ b/awx/main/tests/unit/test_tasks.py
@ -915,7 +915,7 @@ class TestJobCredentials(TestJobExecution):
        assert self.run_pexpect.call_count == 1
        call_args, _ = self.run_pexpect.call_args_list[0]
        args, cwd, env, stdout = call_args
-        assert '-e {"turbo_button": true}' in ' '.join(args)
+        assert '-e {"turbo_button": "True"}' in ' '.join(args)

    def test_custom_environment_injectors_with_complicated_boolean_template(self):
        some_cloud = CredentialType(