External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-22 11:25:08 -02:30
Code Issues Packages Projects Releases Wiki Activity

Add support for Kubernetes authentication method in Hashicorp Vault secret lookup

Browse Source 
Signed-off-by: liortamary <lior.tamary@houzz.com>
This commit is contained in:
liortamary
2022-02-22 13:04:58 +02:00
parent e0ce4c49f3
commit 85791f730c
1 changed files with 2 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
awx/main/credential_plugins/hashivault.py
View File

@@ -168,19 +168,14 @@ def handle_auth(**kwargs):
def approle_auth(**kwargs): def approle_auth(**kwargs):
role_id = kwargs['role_id'] return {'role_id': kwargs['role_id'], 'secret_id': kwargs['secret_id']}
secret_id = kwargs['secret_id']
# AppRole Login
return {'role_id': role_id, 'secret_id': secret_id}
def kubernetes_auth(**kwargs): def kubernetes_auth(**kwargs):
role = kwargs['kubernetes_role']
jwt_file = pathlib.Path('/var/run/secrets/kubernetes.io/serviceaccount/token') jwt_file = pathlib.Path('/var/run/secrets/kubernetes.io/serviceaccount/token')
with jwt_file.open('r') as jwt_fo: with jwt_file.open('r') as jwt_fo:
jwt = jwt_fo.read().rstrip() jwt = jwt_fo.read().rstrip()
# Kubernetes Login return {'role': kwargs['kubernetes_role'], 'jwt': jwt}
return {'role': role, 'jwt': jwt}
def method_auth(**kwargs): def method_auth(**kwargs):