From ae1bd9d1e9b40a5e883bb71064e0441302864433 Mon Sep 17 00:00:00 2001 From: Mathieu Mallet Date: Mon, 26 Aug 2019 17:12:41 +0200 Subject: [PATCH 1/2] tower_credential: Missing 'kind' attribute (#61324) In the 'tower_credential' module, when the credential 'kind' is set to 'vault', the code expects the other parameter 'vault_id' to be set. Unfortunately, in the module 'credential_type_for_v1_kind' method, the 'kind' parameter is popped, i.e. remove from the module dict of parameters leading to the following error: > Parameter 'vault_id' is only valid if parameter 'kind' is specified as 'vault' Fixes: #45644, #61324 Testing Done: Manually create a playbook with a task as follow - name: Create vault with ID 'bar' exists tower_credential: name: Foobar vault organization: Foobar kind: vault vault_id: bar vault_password: foobar --- awx_collection/plugins/modules/tower_credential.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/awx_collection/plugins/modules/tower_credential.py b/awx_collection/plugins/modules/tower_credential.py index f43d7f5ab3..a87d76fecb 100644 --- a/awx_collection/plugins/modules/tower_credential.py +++ b/awx_collection/plugins/modules/tower_credential.py @@ -255,7 +255,7 @@ OLD_INPUT_NAMES = ( def credential_type_for_kind(params): credential_type_res = tower_cli.get_resource('credential_type') - kind = params.pop('kind') + kind = params.get('kind') arguments = {'managed_by_tower': True} if kind == 'ssh': if params.get('vault_password'): From 59e1c6d492d27ed6b5064621df6d13a80d9bd862 Mon Sep 17 00:00:00 2001 From: AlanCoding Date: Tue, 29 Oct 2019 15:34:32 -0400 Subject: [PATCH 2/2] Add collection test coverage for creating vault credential --- awx_collection/test/awx/test_credential.py | 43 +++++++++++++++++++--- 1 file changed, 38 insertions(+), 5 deletions(-) diff --git a/awx_collection/test/awx/test_credential.py b/awx_collection/test/awx/test_credential.py index 12b4935ff7..5225573baf 100644 --- a/awx_collection/test/awx/test_credential.py +++ b/awx_collection/test/awx/test_credential.py @@ -7,20 +7,52 @@ from awx.main.models import Credential, CredentialType, Organization def test_create_machine_credential(run_module, admin_user): Organization.objects.create(name='test-org') # create the ssh credential type - CredentialType.defaults['ssh']().save() + ct = CredentialType.defaults['ssh']() + ct.save() # Example from docs result = run_module('tower_credential', dict( - name='Team Name', - description='Team Description', + name='Test Machine Credential', organization='test-org', kind='ssh', state='present' ), admin_user) + assert result.get('changed'), result - cred = Credential.objects.get(name='Team Name') + cred = Credential.objects.get(name='Test Machine Credential') + assert cred.credential_type == ct result.pop('invocation') assert result == { - "credential": "Team Name", + "credential": "Test Machine Credential", + "state": "present", + "id": cred.pk, + "changed": True + } + + +@pytest.mark.django_db +def test_create_vault_credential(run_module, admin_user): + # https://github.com/ansible/ansible/issues/61324 + Organization.objects.create(name='test-org') + ct = CredentialType.defaults['vault']() + ct.save() + + result = run_module('tower_credential', dict( + name='Test Vault Credential', + organization='test-org', + kind='vault', + vault_id='bar', + vault_password='foobar', + state='present' + ), admin_user) + assert result.get('changed'), result + + cred = Credential.objects.get(name='Test Vault Credential') + assert cred.credential_type == ct + assert 'vault_id' in cred.inputs + assert 'vault_password' in cred.inputs + result.pop('invocation') + assert result == { + "credential": "Test Vault Credential", "state": "present", "id": cred.pk, "changed": True @@ -39,6 +71,7 @@ def test_create_custom_credential_type(run_module, admin_user): state='present', validate_certs='false' ), admin_user) + assert result.get('changed'), result ct = CredentialType.objects.get(name='Nexus') result.pop('invocation')