Remove Collections module parameters deprecated in Controller 4.0.0

2026-03-13 15:09:32 -02:30 · 2021-08-03 12:35:11 -04:00
parent dae3f1a164
commit 9409dc0085
7 changed files with 201 additions and 767 deletions
--- a/awx_collection/plugins/modules/credential.py
+++ b/awx_collection/plugins/modules/credential.py
@@ -49,15 +49,33 @@ options:
      type: str
    credential_type:
      description:
-        - Name of credential type.
+        - The credential type being created.
-        - Will be preferred over kind
+        - Can be a built-in credential type such as "Machine", or a custom credential type such as "My Credential Type"
      type: str
    inputs:
      description:
        - >-
          Credential inputs where the keys are var names used in templating.
          Refer to the Automation Platform Controller documentation for example syntax.
-        - Any fields in this dict will take prescedence over any fields mentioned below (i.e. host, username, etc)
+        - authorize (use this for net type)
        - authorize_password (password for net credentials that require authorize)
        - client (client or application ID for azure_rm type)
        - security_token (STS token for aws type)
        - secret (secret token for azure_rm type)
        - tenant (tenant ID for azure_rm type)
        - subscription (subscription ID for azure_rm type)
        - domain (domain for openstack type)
        - become_method (become method to use for privilege escalation; some examples are "None", "sudo", "su", "pbrun")
        - become_username (become username; use "ASK" and launch job to be prompted)
        - become_password (become password; use "ASK" and launch job to be prompted)
        - vault_password (the vault password; use "ASK" and launch job to be prompted)
        - project (project that should use this credential for GCP)
        - host (the host for this credential)
        - username (the username for this credential; ``access_key`` for AWS)
        - password (the password for this credential; ``secret_key`` for AWS, ``api_key`` for RAX)
        - ssh_key_data (SSH private key content; to extract the content from a file path, use the lookup function (see examples))
        - vault_id (the vault identifier; this parameter is only valid if C(kind) is specified as C(vault).)
        - ssh_key_unlock (unlock password for ssh_key; use "ASK" and launch job to be prompted)
      type: dict
    update_secrets:
      description:
@@ -73,119 +91,6 @@ options:
      description:
        - Team that should own this credential.
      type: str
    kind:
      description:
        - Type of credential being added.
        - The ssh choice refers to a Tower Machine credential.
        - Deprecated, please use credential_type
      required: False
      type: str
      choices: ["aws", "controller", "gce", "azure_rm", "openstack", "satellite6", "rhv", "vmware", "aim", "conjur", "hashivault_kv", "hashivault_ssh",
                "azure_kv", "insights", "kubernetes_bearer_token", "net", "scm", "ssh", "github_token", "gitlab_token", "vault"]
    host:
      description:
        - Host for this credential.
        - Deprecated, will be removed in a future release
      type: str
    username:
      description:
        - Username for this credential. ``access_key`` for AWS.
        - Deprecated, please use inputs
      type: str
    password:
      description:
        - Password for this credential. ``secret_key`` for AWS. ``api_key`` for RAX.
        - Use "ASK" and launch job to be prompted.
        - Deprecated, please use inputs
      type: str
    project:
      description:
        - Project that should use this credential for GCP.
        - Deprecated, will be removed in a future release
      type: str
    ssh_key_data:
      description:
        - SSH private key content. To extract the content from a file path, use the lookup function (see examples).
        - Deprecated, please use inputs
      type: str
    ssh_key_unlock:
      description:
        - Unlock password for ssh_key.
        - Use "ASK" and launch job to be prompted.
        - Deprecated, please use inputs
      type: str
    authorize:
      description:
        - Should use authorize for net type.
        - Deprecated, please use inputs
      type: bool
    authorize_password:
      description:
        - Password for net credentials that require authorize.
        - Deprecated, please use inputs
      type: str
    client:
      description:
        - Client or application ID for azure_rm type.
        - Deprecated, please use inputs
      type: str
    security_token:
      description:
        - STS token for aws type.
        - Deprecated, please use inputs
      type: str
    secret:
      description:
        - Secret token for azure_rm type.
        - Deprecated, please use inputs
      type: str
    subscription:
      description:
        - Subscription ID for azure_rm type.
        - Deprecated, please use inputs
      type: str
    tenant:
      description:
        - Tenant ID for azure_rm type.
        - Deprecated, please use inputs
      type: str
    domain:
      description:
        - Domain for openstack type.
        - Deprecated, please use inputs
      type: str
    become_method:
      description:
        - Become method to use for privilege escalation.
        - Some examples are "None", "sudo", "su", "pbrun"
        - Due to become plugins, these can be arbitrary
        - Deprecated, please use inputs
      type: str
    become_username:
      description:
        - Become username.
        - Use "ASK" and launch job to be prompted.
        - Deprecated, please use inputs
      type: str
    become_password:
      description:
        - Become password.
        - Use "ASK" and launch job to be prompted.
        - Deprecated, please use inputs
      type: str
    vault_password:
      description:
        - Vault password.
        - Use "ASK" and launch job to be prompted.
        - Deprecated, please use inputs
      type: str
    vault_id:
      description:
        - Vault identifier.
        - This parameter is only valid if C(kind) is specified as C(vault).
        - Deprecated, please use inputs
      type: str
    state:
      description:
        - Desired state of the resource.
@@ -290,53 +195,6 @@ EXAMPLES = '''
 from ..module_utils.controller_api import ControllerAPIModule
 KIND_CHOICES = {
    'aws': 'Amazon Web Services',
    'controller': 'Red Hat Ansible Automation Platform',
    'gce': 'Google Compute Engine',
    'azure_rm': 'Microsoft Azure Resource Manager',
    'openstack': 'OpenStack',
    'satellite6': 'Red Hat Satellite 6',
    'rhv': 'Red Hat Virtualization',
    'vmware': 'VMware vCenter',
    'aim': 'CyberArk AIM Central Credential Provider Lookup',
    'conjur': 'CyberArk Conjur Secret Lookup',
    'hashivault_kv': 'HashiCorp Vault Secret Lookup',
    'hashivault_ssh': 'HashiCorp Vault Signed SSH',
    'azure_kv': 'Microsoft Azure Key Vault',
    'insights': 'Insights',
    'kubernetes_bearer_token': 'OpenShift or Kubernetes API Bearer Token',
    'net': 'Network',
    'scm': 'Source Control',
    'ssh': 'Machine',
    'github_token': 'GitHub Personal Access Token',
    'gitlab_token': 'GitLab Personal Access Token',
    'vault': 'Vault',
 }
 OLD_INPUT_NAMES = (
    'authorize',
    'authorize_password',
    'client',
    'security_token',
    'secret',
    'tenant',
    'subscription',
    'domain',
    'become_method',
    'become_username',
    'become_password',
    'vault_password',
    'project',
    'host',
    'username',
    'password',
    'ssh_key_data',
    'vault_id',
    'ssh_key_unlock',
 )
 def main():
    # Any additional arguments that are not fields of the item can be added here
@@ -351,33 +209,11 @@ def main():
        update_secrets=dict(type='bool', default=True, no_log=False),
        user=dict(),
        team=dict(),
        # These are for backwards compatability
        kind=dict(choices=list(KIND_CHOICES.keys())),
        host=dict(),
        username=dict(),
        password=dict(no_log=True),
        project=dict(),
        ssh_key_data=dict(no_log=True),
        ssh_key_unlock=dict(no_log=True),
        authorize=dict(type='bool'),
        authorize_password=dict(no_log=True),
        client=dict(),
        security_token=dict(no_log=False),
        secret=dict(no_log=True),
        subscription=dict(),
        tenant=dict(),
        domain=dict(),
        become_method=dict(),
        become_username=dict(),
        become_password=dict(no_log=True),
        vault_password=dict(no_log=True),
        vault_id=dict(),
        # End backwards compatability
        state=dict(choices=['present', 'absent'], default='present'),
    )
    # Create a module for ourselves
-    module = ControllerAPIModule(argument_spec=argument_spec, required_one_of=[['kind', 'credential_type']])
+    module = ControllerAPIModule(argument_spec=argument_spec)
    # Extract our parameters
    name = module.params.get('name')
@@ -389,25 +225,9 @@ def main():
    inputs = module.params.get('inputs')
    user = module.params.get('user')
    team = module.params.get('team')
    # The legacy arguments are put into a hash down below
    kind = module.params.get('kind')
    # End backwards compatability
    state = module.params.get('state')
-    # Deprecation warnings
+    cred_type_id = module.resolve_name_to_id('credential_types', credential_type)
    for legacy_input in OLD_INPUT_NAMES:
        if module.params.get(legacy_input) is not None:
            module.deprecate(
                collection_name="awx.awx",
                msg='{0} parameter has been deprecated, please use inputs instead'.format(legacy_input),
                version="4.0.0")
    if kind:
        module.deprecate(
            collection_name="awx.awx",
            msg='The kind parameter has been deprecated, please use credential_type instead',
            version="4.0.0")
    cred_type_id = module.resolve_name_to_id('credential_types', credential_type if credential_type else KIND_CHOICES[kind])
    if organization:
        org_id = module.resolve_name_to_id('organizations', organization)
@@ -444,26 +264,14 @@ def main():
    if team:
        team_id = module.resolve_name_to_id('teams', team)
    # Create credential input from legacy inputs
    has_inputs = False
    credential_inputs = {}
    for legacy_input in OLD_INPUT_NAMES:
        if module.params.get(legacy_input) is not None:
            has_inputs = True
            credential_inputs[legacy_input] = module.params.get(legacy_input)
    if inputs:
        has_inputs = True
        credential_inputs.update(inputs)
    # Create the data that gets sent for create and update
    credential_fields = {
        'name': new_name if new_name else (module.get_item_name(credential) if credential else name),
        'credential_type': cred_type_id,
    }
    if has_inputs:
        credential_fields['inputs'] = credential_inputs
    if inputs:
        credential_fields['inputs'] = inputs
    if description:
        credential_fields['description'] = description
    if organization:
--- a/awx_collection/plugins/modules/job_wait.py
+++ b/awx_collection/plugins/modules/job_wait.py
@@ -33,16 +33,6 @@ options:
      required: False
      default: 1
      type: float
    min_interval:
      description:
        - Minimum interval in seconds, to request an update from the controller.
        - deprecated, use interval instead
      type: float
    max_interval:
      description:
        - Maximum interval in seconds, to request an update from the controller.
        - deprecated, use interval instead
      type: float
    timeout:
      description:
        - Maximum time in seconds to wait for a job to finish.
@@ -106,8 +96,6 @@ def main():
        job_id=dict(type='int', required=True),
        job_type=dict(choices=['project_updates', 'jobs', 'inventory_updates', 'workflow_jobs'], default='jobs'),
        timeout=dict(type='int'),
        min_interval=dict(type='float'),
        max_interval=dict(type='float'),
        interval=dict(type='float', default=1),
    )
@@ -118,25 +106,8 @@ def main():
    job_id = module.params.get('job_id')
    job_type = module.params.get('job_type')
    timeout = module.params.get('timeout')
    min_interval = module.params.get('min_interval')
    max_interval = module.params.get('max_interval')
    interval = module.params.get('interval')
    if min_interval is not None or max_interval is not None:
        # We can't tell if we got the default or if someone actually set this to 1.
        # For now if we find 1 and had a min or max then we will do the average logic.
        if interval == 1:
            if not min_interval:
                min_interval = 1
            if not max_interval:
                max_interval = 30
            interval = abs((min_interval + max_interval) / 2)
        module.deprecate(
            collection_name="awx.awx",
            msg="Min and max interval have been deprecated, please use interval instead; interval will be set to {0}".format(interval),
            version="4.0.0",
        )
    # Attempt to look up job based on the provided id
    job = module.get_one(
        job_type,
--- a/awx_collection/plugins/modules/notification_template.py
+++ b/awx_collection/plugins/modules/notification_template.py
@@ -63,141 +63,36 @@ options:
    notification_configuration:
      description:
        - The notification configuration file. Note providing this field would disable all notification-configuration-related fields.
        - username (the mail server username)
        - sender (the sender email address)
        - recipients (the recipients email addresses)
        - use_tls (the TLS trigger)
        - host (the mail server host)
        - use_ssl (the SSL trigger)
        - password (the mail server password)
        - port (the mail server port)
        - channels (the destination Slack channels)
        - token (the access token)
        - account_token (the Twillio account token)
        - from_number (the source phone number)
        - to_numbers (the destination phone numbers)
        - account_sid (the Twillio account SID)
        - subdomain (the PagerDuty subdomain)
        - service_key (the PagerDuty service/integration API key)
        - client_name (the PagerDuty client identifier)
        - message_from (the label to be shown with the notification)
        - color (the notification color)
        - notify (the notify channel trigger)
        - url (the target URL)
        - headers (the HTTP headers as JSON string)
        - server (the IRC server address)
        - nickname (the IRC nickname)
        - targets (the destination channels or users)
      type: dict
    messages:
      description:
        - Optional custom messages for notification template.
      type: dict
    username:
      description:
        - The mail server username.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    sender:
      description:
        - The sender email address.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    recipients:
      description:
        - The recipients email addresses.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: list
      elements: str
    use_tls:
      description:
        - The TLS trigger.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: bool
    host:
      description:
        - The mail server host.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    use_ssl:
      description:
        - The SSL trigger.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: bool
    password:
      description:
        - The mail server password.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    port:
      description:
        - The mail server port.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: int
    channels:
      description:
        - The destination Slack channels.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: list
      elements: str
    token:
      description:
        - The access token.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    account_token:
      description:
        - The Twillio account token.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    from_number:
      description:
        - The source phone number.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    to_numbers:
      description:
        - The destination phone numbers.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: list
      elements: str
    account_sid:
      description:
        - The Twillio account SID.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    subdomain:
      description:
        - The PagerDuty subdomain.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    service_key:
      description:
        - The PagerDuty service/integration API key.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    client_name:
      description:
        - The PagerDuty client identifier.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    message_from:
      description:
        - The label to be shown with the notification.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    color:
      description:
        - The notification color.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      choices: ["yellow", "green", "red", "purple", "gray", "random"]
      type: str
    notify:
      description:
        - The notify channel trigger.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: bool
    url:
      description:
        - The target URL.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    headers:
      description:
        - The HTTP headers as JSON string.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: dict
    server:
      description:
        - The IRC server address.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    nickname:
      description:
        - The IRC nickname.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: str
    targets:
      description:
        - The destination channels or users.
        - This parameter has been deprecated, please use 'notification_configuration' instead.
      type: list
      elements: str
    state:
      description:
        - Desired state of the resource.
@@ -315,34 +210,6 @@ RETURN = ''' # '''
 from ..module_utils.controller_api import ControllerAPIModule
 OLD_INPUT_NAMES = (
    'username',
    'sender',
    'recipients',
    'use_tls',
    'host',
    'use_ssl',
    'password',
    'port',
    'channels',
    'token',
    'account_token',
    'from_number',
    'to_numbers',
    'account_sid',
    'subdomain',
    'service_key',
    'client_name',
    'message_from',
    'color',
    'notify',
    'url',
    'headers',
    'server',
    'nickname',
    'targets',
 )
 def main():
    # Any additional arguments that are not fields of the item can be added here
@@ -355,31 +222,6 @@ def main():
        notification_type=dict(choices=['email', 'grafana', 'irc', 'mattermost', 'pagerduty', 'rocketchat', 'slack', 'twilio', 'webhook']),
        notification_configuration=dict(type='dict'),
        messages=dict(type='dict'),
        username=dict(),
        sender=dict(),
        recipients=dict(type='list', elements='str'),
        use_tls=dict(type='bool'),
        host=dict(),
        use_ssl=dict(type='bool'),
        password=dict(no_log=True),
        port=dict(type='int'),
        channels=dict(type='list', elements='str'),
        token=dict(no_log=True),
        account_token=dict(no_log=True),
        from_number=dict(),
        to_numbers=dict(type='list', elements='str'),
        account_sid=dict(),
        subdomain=dict(),
        service_key=dict(no_log=True),
        client_name=dict(),
        message_from=dict(),
        color=dict(choices=['yellow', 'green', 'red', 'purple', 'gray', 'random']),
        notify=dict(type='bool'),
        url=dict(),
        headers=dict(type='dict'),
        server=dict(),
        nickname=dict(),
        targets=dict(type='list', elements='str'),
        state=dict(choices=['present', 'absent'], default='present'),
    )
@@ -397,15 +239,6 @@ def main():
    messages = module.params.get('messages')
    state = module.params.get('state')
    # Deprecation warnings for all other params
    for legacy_input in OLD_INPUT_NAMES:
        if module.params.get(legacy_input) is not None:
            module.deprecate(
                collection_name="awx.awx",
                msg='{0} parameter has been deprecated, please use notification_configuration instead'.format(legacy_input),
                version="4.0.0"
            )
    # Attempt to look up the related items the user specified (these will fail the module if not found)
    organization_id = None
    if organization:
@@ -438,12 +271,7 @@ def main():
        # If the state was absent we can let the module delete it if needed, the module will handle exiting from this
        module.delete_if_needed(existing_item)
    # Create notification_configuration from legacy inputs
    final_notification_configuration = {}
    for legacy_input in OLD_INPUT_NAMES:
        if module.params.get(legacy_input) is not None:
            final_notification_configuration[legacy_input] = module.params.get(legacy_input)
    # Give anything in notification_configuration prescedence over the individual inputs
    if notification_configuration is not None:
        final_notification_configuration.update(notification_configuration)
--- a/awx_collection/test/awx/test_credential.py
+++ b/awx_collection/test/awx/test_credential.py
@@ -23,13 +23,20 @@ def cred_type():
@pytest.mark.django_db
-def test_create_machine_credential(run_module, admin_user, organization, silence_deprecation):
+def test_create_machine_credential(run_module, admin_user, organization):
    Organization.objects.create(name='test-org')
    # create the ssh credential type
    ct = CredentialType.defaults['ssh']()
    ct.save()
    # Example from docs
-    result = run_module('credential', dict(name='Test Machine Credential', organization=organization.name, kind='ssh', state='present'), admin_user)
+    result = run_module(
        'credential',
        dict(name='Test Machine Credential',
             organization=organization.name,
             credential_type='Machine',
             state='present'),
        admin_user,
    )
    assert not result.get('failed', False), result.get('msg', result)
    assert result.get('changed'), result
@@ -41,7 +48,7 @@ def test_create_machine_credential(run_module, admin_user, organization, silence
@pytest.mark.django_db
-def test_create_vault_credential(run_module, admin_user, organization, silence_deprecation):
+def test_create_vault_credential(run_module, admin_user, organization):
    # https://github.com/ansible/ansible/issues/61324
    Organization.objects.create(name='test-org')
    ct = CredentialType.defaults['vault']()
@@ -49,7 +56,11 @@ def test_create_vault_credential(run_module, admin_user, organization, silence_d
    result = run_module(
        'credential',
-        dict(name='Test Vault Credential', organization=organization.name, kind='vault', vault_id='bar', vault_password='foobar', state='present'),
+        dict(name='Test Vault Credential',
             organization=organization.name,
             credential_type='Vault',
             inputs={'vault_id': 'bar', 'vault_password': 'foobar'},
             state='present'),
        admin_user,
    )
    assert not result.get('failed', False), result.get('msg', result)
@@ -64,42 +75,6 @@ def test_create_vault_credential(run_module, admin_user, organization, silence_d
    assert result['id'] == cred.pk
@pytest.mark.django_db
 def test_ct_precedence_over_kind(run_module, admin_user, organization, cred_type, silence_deprecation):
    result = run_module(
        'credential', dict(name='A credential', organization=organization.name, kind='ssh', credential_type=cred_type.name, state='present'), admin_user
    )
    assert not result.get('failed', False), result.get('msg', result)
    cred = Credential.objects.get(name='A credential')
    assert cred.credential_type == cred_type
@pytest.mark.django_db
 def test_input_overrides_old_fields(run_module, admin_user, organization, silence_deprecation):
    # create the vault credential type
    ct = CredentialType.defaults['vault']()
    ct.save()
    result = run_module(
        'credential',
        dict(
            name='A Vault credential',
            organization=organization.name,
            kind='vault',
            vault_id='1234',
            inputs={'vault_id': 'asdf'},
            state='present',
        ),
        admin_user,
    )
    assert not result.get('failed', False), result.get('msg', result)
    cred = Credential.objects.get(name='A Vault credential')
    assert cred.inputs['vault_id'] == 'asdf'
@pytest.mark.django_db
 def test_missing_credential_type(run_module, admin_user, organization):
    Organization.objects.create(name='test-org')
--- a/awx_collection/tests/integration/targets/credential/tasks/main.yml
+++ b/awx_collection/tests/integration/targets/credential/tasks/main.yml
@@ -35,70 +35,24 @@
  set_fact:
    ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
- name: Test deprecation warnings
+- name: Create an Org-specific credential with an ID
  credential:
    name: "{{ ssh_cred_name1 }}"
    organization: Default
    kind: ssh
    authorize: false
    authorize_password: 'test'
    client: 'test'
    security_token: 'test'
    secret: 'test'
    tenant: 'test'
    subscription: 'test'
    domain: 'test'
    become_method: 'test'
    become_username: 'test'
    become_password: 'test'
    vault_password: 'test'
    project: 'test'
    host: 'test'
    username: 'test'
    password: 'test'
    ssh_key_data: 'test'
    vault_id: 'test'
    ssh_key_unlock: 'test'
    state: absent
  ignore_errors: true
  register: result
 - assert:
    that:
      - "'deprecations' in result"
      # The 20 comes from the length of OLD_INPUT_NAMES + 1 for kind
      - result['deprecations'] | length() == 20
 - name: Create an Org-specific credential (old school)
  credential:
    name: "{{ ssh_cred_name1 }}"
    organization: Default
    credential_type: Machine
    state: present
    kind: ssh
  register: result
 - assert:
    that:
      - "result is changed"
 - name: Re-create the Org-specific credential (new school) with an ID
  credential:
    name: "{{ result.id }}"
    organization: Default
    credential_type: 'Machine'
    state: present
  register: result
 - assert:
    that:
      - "result is not changed"
 - name: Delete a Org-specific credential
  credential:
    name: "{{ ssh_cred_name1 }}"
    organization: Default
    state: absent
-    kind: ssh
+    credential_type: Machine
  register: result
 - assert:
@@ -122,34 +76,14 @@
    name: "{{ ssh_cred_name1 }}"
    user: admin
    state: absent
-    kind: ssh
+    credential_type: 'Machine'
  register: result
 - assert:
    that:
      - "result is changed"
- name: Create a valid SSH credential (old school)
+- name: Create a valid SSH credential
  credential:
    name: "{{ ssh_cred_name2 }}"
    organization: Default
    state: present
    kind: ssh
    description: An example SSH credential
    username: joe
    password: secret
    become_method: sudo
    become_username: superuser
    become_password: supersecret
    ssh_key_data: "{{ ssh_key_data }}"
    ssh_key_unlock: "passphrase"
  register: result
 - assert:
    that:
      - "result is changed"
 - name: Create a valid SSH credential (new school)
  credential:
    name: "{{ ssh_cred_name2 }}"
    organization: Default
@@ -166,13 +100,11 @@
      ssh_key_unlock: "passphrase"
  register: result
 # This will be changed because we are setting ssh_key_data and ssh_key_unlock.
 # These will come out as $encrypted$ which will always compare false to the values.
 - assert:
    that:
      - result is changed
- name: Create a valid SSH credential (new school)
+- name: Create a valid SSH credential
  credential:
    name: "{{ ssh_cred_name2 }}"
    organization: Default
@@ -185,7 +117,6 @@
      become_username: superuser
  register: result
 # This shows as "changed" because these listed inputs replace the existing inputs from the previous task
 - assert:
    that:
      - result is changed
@@ -226,27 +157,7 @@
    that:
      - "result is changed"
- name: Create a valid SSH credential from lookup source (old school)
+- name: Create a valid SSH credential from lookup source
  credential:
    name: "{{ ssh_cred_name3 }}"
    organization: Default
    state: present
    kind: ssh
    description: An example SSH credential from lookup source
    username: joe
    password: secret
    become_method: sudo
    become_username: superuser
    become_password: supersecret
    ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
    ssh_key_unlock: "passphrase"
  register: result
 - assert:
    that:
      - "result is changed"
 - name: Create a valid SSH credential from lookup source (new school)
  credential:
    name: "{{ ssh_cred_name3 }}"
    organization: Default
@@ -263,42 +174,19 @@
      ssh_key_unlock: "passphrase"
  register: result
 # This will be changed because we are passing in ssh_key_data and password
 - assert:
    that:
      - result is changed
 - name: Fail to create an SSH credential from a file source (old school format)
  credential:
    name: "{{ ssh_cred_name4 }}"
    organization: Default
    state: present
    kind: ssh
    description: An example SSH credential from file source
    username: joe
    password: secret
    become_method: sudo
    become_username: superuser
    become_password: supersecret
    ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
    ssh_key_unlock: "passphrase"
  register: result
  ignore_errors: true
 - assert:
    that:
      - result is failed
      - "'Unable to create credential {{ ssh_cred_name4 }}' in result.msg"
      - "'Invalid certificate or key' in result.msg"
 - name: Create an invalid SSH credential (passphrase required)
  credential:
    name: SSH Credential
    organization: Default
    state: present
-    kind: ssh
+    credential_type: Machine
-    username: joe
+    inputs:
-    ssh_key_data: "{{ ssh_key_data }}"
+      username: joe
      ssh_key_data: "{{ ssh_key_data }}"
  ignore_errors: true
  register: result
@@ -312,8 +200,9 @@
    name: SSH Credential
    organization: Missing_Organization
    state: present
-    kind: ssh
+    credential_type: Machine
-    username: joe
+    inputs:
      username: joe
  ignore_errors: true
  register: result
@@ -329,7 +218,7 @@
    name: "{{ ssh_cred_name2 }}"
    organization: Default
    state: absent
-    kind: ssh
+    credential_type: Machine
  register: result
 - assert:
@@ -341,7 +230,7 @@
    name: "{{ ssh_cred_name3 }}"
    organization: Default
    state: absent
-    kind: ssh
+    credential_type: Machine
  register: result
 - assert:
@@ -353,7 +242,7 @@
    name: "{{ ssh_cred_name4 }}"
    organization: Default
    state: absent
-    kind: ssh
+    credential_type: Machine
  register: result
 # This one was never really created so it shouldn't be deleted
@@ -366,9 +255,11 @@
    name: "{{ vault_cred_name1 }}"
    organization: Default
    state: present
-    kind: vault
+    credential_type: Vault
    description: An example Vault credential
-    vault_password: secret-vault
+    inputs:
      vault_id: bar
      vault_password: secret-vault
  register: result
 - assert:
@@ -380,7 +271,7 @@
    name: "{{ vault_cred_name1 }}"
    organization: Default
    state: absent
-    kind: vault
+    credential_type: Vault
  register: result
 - assert:
@@ -392,7 +283,7 @@
    name: "{{ vault_cred_name2 }}"
    organization: Default
    state: absent
-    kind: vault
+    credential_type: Vault
  register: result
 # The creation of vault_cred_name2 never worked so we shouldn't actually need to delete it
@@ -405,11 +296,12 @@
    name: "{{ net_cred_name1 }}"
    organization: Default
    state: present
-    kind: net
+    credential_type: Network
-    username: joe
+    inputs:
-    password: secret
+      username: joe
-    authorize: true
+      password: secret
-    authorize_password: authorize-me
+      authorize: true
      authorize_password: authorize-me
  register: result
 - assert:
@@ -421,7 +313,7 @@
    name: "{{ net_cred_name1 }}"
    organization: Default
    state: absent
-    kind: net
+    credential_type: Network
  register: result
 - assert:
@@ -433,11 +325,12 @@
    name: "{{ scm_cred_name1 }}"
    organization: Default
    state: present
-    kind: scm
+    credential_type: Source Control
-    username: joe
+    inputs:
-    password: secret
+      username: joe
-    ssh_key_data: "{{ ssh_key_data }}"
+      password: secret
-    ssh_key_unlock: "passphrase"
+      ssh_key_data: "{{ ssh_key_data }}"
      ssh_key_unlock: "passphrase"
  register: result
 - assert:
@@ -449,7 +342,7 @@
    name: "{{ scm_cred_name1 }}"
    organization: Default
    state: absent
-    kind: scm
+    credential_type: Source Control
  register: result
 - assert:
@@ -461,10 +354,11 @@
    name: "{{ aws_cred_name1 }}"
    organization: Default
    state: present
-    kind: aws
+    credential_type: Amazon Web Services
-    username: joe
+    inputs:
-    password: secret
+      username: joe
-    security_token: aws-token
+      password: secret
      security_token: aws-token
  register: result
 - assert:
@@ -476,7 +370,7 @@
    name: "{{ aws_cred_name1 }}"
    organization: Default
    state: absent
-    kind: aws
+    credential_type: Amazon Web Services
  register: result
 - assert:
@@ -488,10 +382,11 @@
    name: "{{ vmware_cred_name1 }}"
    organization: Default
    state: present
-    kind: vmware
+    credential_type: VMware vCenter
-    host: https://example.org
+    inputs:
-    username: joe
+      host: https://example.org
-    password: secret
+      username: joe
      password: secret
  register: result
 - assert:
@@ -503,7 +398,7 @@
    name: "{{ vmware_cred_name1 }}"
    organization: Default
    state: absent
-    kind: vmware
+    credential_type: VMware vCenter
  register: result
 - assert:
@@ -515,10 +410,11 @@
    name: "{{ sat6_cred_name1 }}"
    organization: Default
    state: present
-    kind: satellite6
+    credential_type: Red Hat Satellite 6
-    host: https://example.org
+    inputs:
-    username: joe
+      host: https://example.org
-    password: secret
+      username: joe
      password: secret
  register: result
 - assert:
@@ -530,7 +426,7 @@
    name: "{{ sat6_cred_name1 }}"
    organization: Default
    state: absent
-    kind: satellite6
+    credential_type: Red Hat Satellite 6
  register: result
 - assert:
@@ -542,10 +438,11 @@
    name: "{{ gce_cred_name1 }}"
    organization: Default
    state: present
-    kind: gce
+    credential_type: Google Compute Engine
-    username: joe
+    inputs:
-    project: ABC123
+      username: joe
-    ssh_key_data: "{{ ssh_key_data }}"
+      project: ABC123
      ssh_key_data: "{{ ssh_key_data }}"
  register: result
 - assert:
@@ -557,7 +454,7 @@
    name: "{{ gce_cred_name1 }}"
    organization: Default
    state: absent
-    kind: gce
+    credential_type: Google Compute Engine
  register: result
 - assert:
@@ -569,10 +466,11 @@
    name: "{{ azurerm_cred_name1 }}"
    organization: Default
    state: present
-    kind: azure_rm
+    credential_type: Microsoft Azure Resource Manager
-    username: joe
+    inputs:
-    password: secret
+      username: joe
-    subscription: some-subscription
+      password: secret
      subscription: some-subscription
  register: result
 - assert:
@@ -584,11 +482,12 @@
    name: "{{ azurerm_cred_name1 }}"
    organization: Default
    state: present
-    kind: azure_rm
+    credential_type: Microsoft Azure Resource Manager
-    client: some-client
+    inputs:
-    secret: some-secret
+      client: some-client
-    tenant: some-tenant
+      secret: some-secret
-    subscription: some-subscription
+      tenant: some-tenant
      subscription: some-subscription
  register: result
 - assert:
@@ -600,7 +499,7 @@
    name: "{{ azurerm_cred_name1 }}"
    organization: Default
    state: absent
-    kind: azure_rm
+    credential_type: Microsoft Azure Resource Manager
  register: result
 - assert:
@@ -612,12 +511,13 @@
    name: "{{ openstack_cred_name1 }}"
    organization: Default
    state: present
-    kind: openstack
+    credential_type: OpenStack
-    host: https://keystone.example.org
+    inputs:
-    username: joe
+      host: https://keystone.example.org
-    password: secret
+      username: joe
-    project: tenant123
+      password: secret
-    domain: some-domain
+      project: tenant123
      domain: some-domain
  register: result
 - assert:
@@ -629,7 +529,7 @@
    name: "{{ openstack_cred_name1 }}"
    organization: Default
    state: absent
-    kind: openstack
+    credential_type: OpenStack
  register: result
 - assert:
@@ -641,10 +541,11 @@
    name: "{{ rhv_cred_name1 }}"
    organization: Default
    state: present
-    kind: rhv
+    credential_type: Red Hat Virtualization
-    host: https://example.org
+    inputs:
-    username: joe
+      host: https://example.org
-    password: secret
+      username: joe
      password: secret
  register: result
 - assert:
@@ -656,7 +557,7 @@
    name: "{{ rhv_cred_name1 }}"
    organization: Default
    state: absent
-    kind: rhv
+    credential_type: Red Hat Virtualization
  register: result
 - assert:
@@ -668,9 +569,10 @@
    name: "{{ insights_cred_name1 }}"
    organization: Default
    state: present
-    kind: insights
+    credential_type: Insights
-    username: joe
+    inputs:
-    password: secret
+      username: joe
      password: secret
  register: result
 - assert:
@@ -682,7 +584,7 @@
    name: "{{ insights_cred_name1 }}"
    organization: Default
    state: absent
-    kind: insights
+    credential_type: Insights
  register: result
 - assert:
@@ -694,10 +596,11 @@
    name: "{{ tower_cred_name1 }}"
    organization: Default
    state: present
-    kind: tower
+    credential_type: Red Hat Ansible Automation Platform
-    host: https://controller.example.org
+    inputs:
-    username: joe
+      host: https://controller.example.org
-    password: secret
+      username: joe
      password: secret
  register: result
 - assert:
@@ -709,7 +612,7 @@
    name: "{{ tower_cred_name1 }}"
    organization: Default
    state: absent
-    kind: tower
+    credential_type: Red Hat Ansible Automation Platform
  register: result
 - assert:
@@ -720,7 +623,7 @@
  credential:
    name: test-credential
    description: Credential Description
-    kind: ssh
+    credential_type: Machine
    organization: test-non-existing-org
    state: present
  register: result
--- a/awx_collection/tests/integration/targets/job_wait/tasks/main.yml
+++ b/awx_collection/tests/integration/targets/job_wait/tasks/main.yml
@@ -22,18 +22,6 @@
    extra_vars:
      sleep_interval: 300
 - name: Check deprecation warnings
  job_wait:
    min_interval: 10
    max_interval: 20
    job_id: "99999999"
  register: result
  ignore_errors: true
 - assert:
    that:
      - "'Min and max interval have been deprecated, please use interval instead; interval will be set to 15'"
 - name: Validate that interval superceeds min/max
  job_wait:
    min_interval: 10
--- a/awx_collection/tests/integration/targets/notification_template/tasks/main.yml
+++ b/awx_collection/tests/integration/targets/notification_template/tasks/main.yml
@@ -8,59 +8,15 @@
    pd_not: "AWX-Collection-tests-notification_template-pd-not-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}"
    irc_not: "AWX-Collection-tests-notification_template-irc-not-{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}"
 - name: Test deprecation warnings with legacy name
  notification_template:
    name: "{{ slack_not }}"
    organization: Default
    notification_type: slack
    username: maw
    sender: maw
    recipients:
      - everyone
    use_tls: true
    host: all
    use_ssl: false
    password: password
    port: 12
    channels:
      - general
    token: chunkecheese
    account_token: asdf1234
    from_number: "1 (888) 733-4281"
    to_numbers:
      - 867-5309
    account_sid: vicious
    subdomain: 'redhat.com'
    service_key: skeleton
    client_name: Bill
    message_from: me
    color: green
    notify: true
    url: ansible.com
    headers:
      X-Custom-Header: value123
    server: littimer.somewhere.com
    nickname: chalk
    targets:
      - zombie
    state: absent
  register: result
  ignore_errors: true
 - assert:
    that:
      - "'deprecations' in result"
      # The 25 can be count from the size of the OLD_INPUT_NAMES list in the module
      - result['deprecations'] | length() == 25
 - name: Create Slack notification with custom messages
  notification_template:
    name: "{{ slack_not }}"
    organization: Default
    notification_type: slack
-    token: a_token
+    notification_configuration:
-    channels:
+      token: a_token
-      - general
+      channels:
        - general
    messages:
      started:
        message: "{{ '{{' }} job_friendly_name {{' }}' }} {{ '{{' }} job.id {{' }}' }} started"
@@ -91,9 +47,10 @@
    name: "{{ webhook_not }}"
    organization: Default
    notification_type: webhook
-    url: http://www.example.com/hook
+    notification_configuration:
-    headers:
+      url: http://www.example.com/hook
-      X-Custom-Header: value123
+      headers:
        X-Custom-Header: value123
    state: present
  register: result
@@ -117,15 +74,16 @@
    name: "{{ email_not }}"
    organization: Default
    notification_type: email
-    username: user
+    notification_configuration:
-    password: s3cr3t
+      username: user
-    sender: tower@example.com
+      password: s3cr3t
-    recipients:
+      sender: tower@example.com
-      - user1@example.com
+      recipients:
-    host: smtp.example.com
+        - user1@example.com
-    port: 25
+      host: smtp.example.com
-    use_tls: false
+      port: 25
-    use_ssl: false
+      use_tls: false
      use_ssl: false
    state: present
  register: result
@@ -171,11 +129,12 @@
    name: "{{ twillo_not }}"
    organization: Default
    notification_type: twilio
-    account_token: a_token
+    notification_configuration:
-    account_sid: a_sid
+      account_token: a_token
-    from_number: '+15551112222'
+      account_sid: a_sid
-    to_numbers:
+      from_number: '+15551112222'
-      - '+15553334444'
+      to_numbers:
        - '+15553334444'
    state: present
  register: result
@@ -199,10 +158,11 @@
    name: "{{ pd_not }}"
    organization: Default
    notification_type: pagerduty
-    token: a_token
+    notification_configuration:
-    subdomain: sub
+      token: a_token
-    client_name: client
+      subdomain: sub
-    service_key: a_key
+      client_name: client
      service_key: a_key
    state: present
  register: result
@@ -226,13 +186,14 @@
    name: "{{ irc_not }}"
    organization: Default
    notification_type: irc
-    nickname: tower
+    notification_configuration:
-    password: s3cr3t
+      nickname: tower
-    targets:
+      password: s3cr3t
-      - user1
+      targets:
-    port: 8080
+        - user1
-    server: irc.example.com
+      port: 8080
-    use_ssl: false
+      server: irc.example.com
      use_ssl: false
    state: present
  register: result