External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-18 06:47:41 -02:30
Code Issues Packages Projects Releases Wiki Activity

migrate v1 credentials to the new v2 credentialtype + credential model

Browse Source 
see: #5878
This commit is contained in:
Ryan Petrello
2017-04-20 15:30:35 -04:00
parent 3067435799
commit 97b2524156
6 changed files with 530 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
awx/main/migrations/0039_v320_add_credentialtype_model.py Normal file
View File

@@ -0,0 +1,57 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import migrations, models
import django.db.models.deletion
from django.conf import settings
import taggit.managers
import awx.main.fields
class Migration(migrations.Migration):
dependencies = [
('main', '0038_v320_data_migrations'),
]
operations = [
migrations.CreateModel(
name='CredentialType',
fields=[
('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
('created', models.DateTimeField(default=None, editable=False)),
('modified', models.DateTimeField(default=None, editable=False)),
('description', models.TextField(default=b'', blank=True)),
('name', models.CharField(max_length=512)),
('kind', models.CharField(max_length=32, choices=[(b'machine', 'Machine'), (b'net', 'Network'), (b'scm', 'Source Control'), (b'cloud', 'Cloud')])),
('managed_by_tower', models.BooleanField(default=False, editable=False)),
('inputs', awx.main.fields.CredentialTypeInputField(default={}, blank=True)),
('injectors', awx.main.fields.CredentialTypeInjectorField(default={}, blank=True)),
('created_by', models.ForeignKey(related_name="{u'class': 'credentialtype', u'app_label': 'main'}(class)s_created+", on_delete=django.db.models.deletion.SET_NULL, default=None, editable=False, to=settings.AUTH_USER_MODEL, null=True)),
('modified_by', models.ForeignKey(related_name="{u'class': 'credentialtype', u'app_label': 'main'}(class)s_modified+", on_delete=django.db.models.deletion.SET_NULL, default=None, editable=False, to=settings.AUTH_USER_MODEL, null=True)),
('tags', taggit.managers.TaggableManager(to='taggit.Tag', through='taggit.TaggedItem', blank=True, help_text='A comma-separated list of tags.', verbose_name='Tags')),
],
options={
'ordering': ('kind', 'name'),
},
),
migrations.AlterModelOptions(
name='credential',
options={'ordering': ('name',)},
),
migrations.AddField(
model_name='credential',
name='inputs',
field=awx.main.fields.CredentialInputField(default={}, blank=True),
),
migrations.AddField(
model_name='credential',
name='credential_type',
field=models.ForeignKey(related_name='credentials', to='main.CredentialType', null=True),
preserve_default=False,
),
migrations.AlterUniqueTogether(
name='credential',
unique_together=set([('organization', 'name', 'credential_type')]),
),
]

148
awx/main/migrations/0039_v320_migrate_credentials_to_credentialtypes.py
View File

@@ -1,148 +0,0 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import migrations, models
import django.db.models.deletion
from django.conf import settings
import taggit.managers
import awx.main.fields
from awx.main.migrations import _credentialtypes as credentialtypes
class Migration(migrations.Migration):
dependencies = [
('main', '0038_v320_data_migrations'),
]
operations = [
migrations.CreateModel(
name='CredentialType',
fields=[
('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
('created', models.DateTimeField(default=None, editable=False)),
('modified', models.DateTimeField(default=None, editable=False)),
('description', models.TextField(default=b'', blank=True)),
('name', models.CharField(max_length=512)),
('kind', models.CharField(max_length=32, choices=[(b'machine', 'Machine'), (b'net', 'Network'), (b'scm', 'Source Control'), (b'cloud', 'Cloud')])),
('managed_by_tower', models.BooleanField(default=False, editable=False)),
('inputs', awx.main.fields.CredentialTypeInputField(default={}, blank=True)),
('injectors', awx.main.fields.CredentialTypeInjectorField(default={}, blank=True)),
('created_by', models.ForeignKey(related_name="{u'class': 'credentialtype', u'app_label': 'main'}(class)s_created+", on_delete=django.db.models.deletion.SET_NULL, default=None, editable=False, to=settings.AUTH_USER_MODEL, null=True)),
('modified_by', models.ForeignKey(related_name="{u'class': 'credentialtype', u'app_label': 'main'}(class)s_modified+", on_delete=django.db.models.deletion.SET_NULL, default=None, editable=False, to=settings.AUTH_USER_MODEL, null=True)),
('tags', taggit.managers.TaggableManager(to='taggit.Tag', through='taggit.TaggedItem', blank=True, help_text='A comma-separated list of tags.', verbose_name='Tags')),
],
options={
'ordering': ('kind', 'name'),
},
),
migrations.AlterModelOptions(
name='credential',
options={'ordering': ('name',)},
),
migrations.AddField(
model_name='credential',
name='inputs',
field=awx.main.fields.CredentialInputField(default={}, blank=True),
),
migrations.AddField(
model_name='credential',
name='credential_type',
field=models.ForeignKey(related_name='credentials', to='main.CredentialType', null=True),
preserve_default=False,
),
migrations.AlterUniqueTogether(
name='credential',
unique_together=set([('organization', 'name', 'credential_type')]),
),
migrations.RunPython(credentialtypes.create_tower_managed_credential_types),
# MIGRATION TODO: For each credential, look at the columns below to
# determine the appropriate CredentialType (and assign it). Additionally,
# set `self.input` to the appropriate JSON blob
migrations.RemoveField(
model_name='credential',
name='authorize',
),
migrations.RemoveField(
model_name='credential',
name='authorize_password',
),
migrations.RemoveField(
model_name='credential',
name='become_method',
),
migrations.RemoveField(
model_name='credential',
name='become_password',
),
migrations.RemoveField(
model_name='credential',
name='become_username',
),
migrations.RemoveField(
model_name='credential',
name='client',
),
migrations.RemoveField(
model_name='credential',
name='cloud',
),
migrations.RemoveField(
model_name='credential',
name='domain',
),
migrations.RemoveField(
model_name='credential',
name='host',
),
migrations.RemoveField(
model_name='credential',
name='kind',
),
migrations.RemoveField(
model_name='credential',
name='password',
),
migrations.RemoveField(
model_name='credential',
name='project',
),
migrations.RemoveField(
model_name='credential',
name='secret',
),
migrations.RemoveField(
model_name='credential',
name='security_token',
),
migrations.RemoveField(
model_name='credential',
name='ssh_key_data',
),
migrations.RemoveField(
model_name='credential',
name='ssh_key_unlock',
),
migrations.RemoveField(
model_name='credential',
name='subscription',
),
migrations.RemoveField(
model_name='credential',
name='tenant',
),
migrations.RemoveField(
model_name='credential',
name='username',
),
migrations.RemoveField(
model_name='credential',
name='vault_password',
),
migrations.AlterUniqueTogether(
name='credentialtype',
unique_together=set([('name', 'kind')]),
),
# MIGRATION TODO: Once credentials are migrated, alter the credential_type
# foreign key to be non-NULLable
]

16
awx/main/migrations/0040_v320_migrate_v1_credentials.py Normal file
View File

@@ -0,0 +1,16 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import migrations
from awx.main.migrations import _credentialtypes as credentialtypes
class Migration(migrations.Migration):
dependencies = [
('main', '0039_v320_add_credentialtype_model'),
]
operations = [
migrations.RunPython(credentialtypes.migrate_to_v2_credentials),
]

98
awx/main/migrations/0041_v320_drop_v1_credential_fields.py Normal file
View File

@@ -0,0 +1,98 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('main', '0040_v320_migrate_v1_credentials'),
]
operations = [
migrations.RemoveField(
model_name='credential',
name='authorize',
),
migrations.RemoveField(
model_name='credential',
name='authorize_password',
),
migrations.RemoveField(
model_name='credential',
name='become_method',
),
migrations.RemoveField(
model_name='credential',
name='become_password',
),
migrations.RemoveField(
model_name='credential',
name='become_username',
),
migrations.RemoveField(
model_name='credential',
name='client',
),
migrations.RemoveField(
model_name='credential',
name='cloud',
),
migrations.RemoveField(
model_name='credential',
name='domain',
),
migrations.RemoveField(
model_name='credential',
name='host',
),
migrations.RemoveField(
model_name='credential',
name='kind',
),
migrations.RemoveField(
model_name='credential',
name='password',
),
migrations.RemoveField(
model_name='credential',
name='project',
),
migrations.RemoveField(
model_name='credential',
name='secret',
),
migrations.RemoveField(
model_name='credential',
name='security_token',
),
migrations.RemoveField(
model_name='credential',
name='ssh_key_data',
),
migrations.RemoveField(
model_name='credential',
name='ssh_key_unlock',
),
migrations.RemoveField(
model_name='credential',
name='subscription',
),
migrations.RemoveField(
model_name='credential',
name='tenant',
),
migrations.RemoveField(
model_name='credential',
name='username',
),
migrations.RemoveField(
model_name='credential',
name='vault_password',
),
migrations.AlterUniqueTogether(
name='credentialtype',
unique_together=set([('name', 'kind')]),
),
]

48
awx/main/migrations/_credentialtypes.py
View File

@@ -1,5 +1,49 @@
from awx.main.models import CredentialType
from django.db.models.signals import post_save
from awx.main.models import Credential, CredentialType
def create_tower_managed_credential_types(apps, schema_editor):
def migrate_to_v2_credentials(apps, schema_editor):
CredentialType.setup_tower_managed_defaults()
for cred in apps.get_model('main', 'Credential').objects.all():
data = {}
if getattr(cred, 'vault_password', None):
data['vault_password'] = cred.vault_password
credential_type = CredentialType.from_v1_kind(cred.kind, data)
defined_fields = credential_type.defined_fields
cred.credential_type = apps.get_model('main', 'CredentialType').objects.get(pk=credential_type.pk)
# temporarily disable implicit role signals; the class we're working on
# is the "pre-migration" credential model; our signals don't like that
# it differs from the "post-migration" credential model
for field in cred.__class__.__implicit_role_fields:
post_save.disconnect(field, cred.__class__, dispatch_uid='implicit-role-post-save')
for field in defined_fields:
if getattr(cred, field, None):
cred.inputs[field] = getattr(cred, field)
cred.save()
#
# If the credential contains a vault password, create a new
# *additional* credential with the proper CredentialType; this needs to
# perform a deep copy of the Credential that considers:
#
if cred.vault_password:
new_fields = {}
for field in CredentialType.from_v1_kind('ssh').defined_fields:
if getattr(cred, field, None):
new_fields[field] = getattr(cred, field)
if new_fields:
# We need to make an ssh credential, too
new_cred = Credential(credential_type=CredentialType.from_v1_kind('ssh'))
for field, value in new_fields.items():
new_cred.inputs[field] = value
# TODO: copy RBAC and Job Template assignments
new_cred.save()
# re-enable implicit role signals
for field in cred.__class__.__implicit_role_fields:
post_save.connect(field._post_save, cred.__class__, True, dispatch_uid='implicit-role-post-save')