External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-20 07:17:40 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7991 from bbayszczak/hashivault_auth_path_in_inputs

Browse Source 
hashivault_kv auth_path moved from metadata to inputs

Reviewed-by: Jake McDermott <yo@jakemcdermott.me>
             https://github.com/jakemcdermott
This commit is contained in:
softwarefactory-project-zuul[bot]
2020-09-14 15:28:07 +00:00
committed by GitHub
parent b69fad83b1 08c9219f48
commit 9d66b41e84
2 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
awx/main/credential_plugins/hashivault.py
View File

@@ -40,6 +40,13 @@ base_inputs = {
'multiline': False, 'multiline': False,
'secret': True, 'secret': True,
'help_text': _('The Secret ID for AppRole Authentication') 'help_text': _('The Secret ID for AppRole Authentication')
}, {
'id': 'default_auth_path',
'label': _('Path to Approle Auth'),
'type': 'string',
'multiline': False,
'default': 'approle',
'help_text': _('The AppRole Authentication path to use if one isn\'t provided in the metadata when linking to an input field. Defaults to \'approle\'')
} }
], ],
'metadata': [{ 'metadata': [{
@@ -47,10 +54,11 @@ base_inputs = {
'label': _('Path to Secret'), 'label': _('Path to Secret'),
'type': 'string', 'type': 'string',
'help_text': _('The path to the secret stored in the secret backend e.g, /some/secret/') 'help_text': _('The path to the secret stored in the secret backend e.g, /some/secret/')
},{ }, {
'id': 'auth_path', 'id': 'auth_path',
'label': _('Path to Auth'), 'label': _('Path to Auth'),
'type': 'string', 'type': 'string',
'multiline': False,
'help_text': _('The path where the Authentication method is mounted e.g, approle') 'help_text': _('The path where the Authentication method is mounted e.g, approle')
}], }],
'required': ['url', 'secret_path'], 'required': ['url', 'secret_path'],
@@ -118,7 +126,9 @@ def handle_auth(**kwargs):
def approle_auth(**kwargs): def approle_auth(**kwargs):
role_id = kwargs['role_id'] role_id = kwargs['role_id']
secret_id = kwargs['secret_id'] secret_id = kwargs['secret_id']
auth_path = kwargs.get('auth_path') or 'approle' # we first try to use the 'auth_path' from the metadata
# if not found we try to fetch the 'default_auth_path' from inputs
auth_path = kwargs.get('auth_path') or kwargs['default_auth_path']
url = urljoin(kwargs['url'], 'v1') url = urljoin(kwargs['url'], 'v1')
cacert = kwargs.get('cacert', None) cacert = kwargs.get('cacert', None)

3
awx_collection/test/awx/test_credential_input_source.py
View File

@@ -122,7 +122,8 @@ def source_cred_hashi_secret(organization):
"url": "https://secret.hash.example.com", "url": "https://secret.hash.example.com",
"token": "myApiKey", "token": "myApiKey",
"role_id": "role", "role_id": "role",
"secret_id": "secret" "secret_id": "secret",
"default_auth_path": "path-to-approle"
} }
) )