From a9059edc659c0efda36771c7b2b30867fdaa507e Mon Sep 17 00:00:00 2001 From: Shane McDonald Date: Tue, 11 Jun 2019 16:20:24 -0400 Subject: [PATCH] Allow associating a credential with an instance group --- .../migrations/0085_v360_container_groups.py | 24 ++++++++ awx/main/models/credential/__init__.py | 59 +++++++++++++++++++ awx/main/models/ha.py | 8 +++ 3 files changed, 91 insertions(+) create mode 100644 awx/main/migrations/0085_v360_container_groups.py diff --git a/awx/main/migrations/0085_v360_container_groups.py b/awx/main/migrations/0085_v360_container_groups.py new file mode 100644 index 0000000000..67c55d9eea --- /dev/null +++ b/awx/main/migrations/0085_v360_container_groups.py @@ -0,0 +1,24 @@ +# Generated by Django 2.2.4 on 2019-08-19 15:47 + +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + + dependencies = [ + ('main', '0084_v360_token_description'), + ] + + operations = [ + migrations.AddField( + model_name='instancegroup', + name='credential', + field=models.ForeignKey(blank=True, default=None, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='instancegroups', to='main.Credential'), + ), + migrations.AddField( + model_name='instancegroup', + name='pod_spec_override', + field=models.TextField(blank=True, default=''), + ), + ] diff --git a/awx/main/models/credential/__init__.py b/awx/main/models/credential/__init__.py index e8b4315abd..a839b87efa 100644 --- a/awx/main/models/credential/__init__.py +++ b/awx/main/models/credential/__init__.py @@ -135,6 +135,10 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin): def cloud(self): return self.credential_type.kind == 'cloud' + @property + def kubernetes(self): + return self.credential_type.kind == 'kubernetes' + def get_absolute_url(self, request=None): return reverse('api:credential_detail', kwargs={'pk': self.pk}, request=request) @@ -1117,6 +1121,61 @@ ManagedCredentialType( }, ) +ManagedCredentialType( + namespace='openshift_username_password', + kind='kubernetes', + name=ugettext_noop('OpenShift Username / Password'), + managed_by_tower=True, + inputs={ + 'fields': [{ + 'id': 'host', + 'label': ugettext_noop('OpenShift API URL'), + 'type': 'string', + 'help_text': ugettext_noop('The OpenShift API URL to authenticate with.') + }, { + 'id': 'username', + 'label': ugettext_noop('Username'), + 'type': 'string' + }, { + 'id': 'password', + 'label': ugettext_noop('Password'), + 'type': 'string', + 'secret': True, + }, { + 'id': 'verify_ssl', + 'label': ugettext_noop('Verify SSL'), + 'type': 'boolean', + 'secret': False + }], + 'required': ['host', 'username', 'password'], + } +) + +ManagedCredentialType( + namespace='kubernetes_bearer_token', + kind='kubernetes', + name=ugettext_noop('OpenShift or Kubernetes API Bearer Token'), + inputs={ + 'fields': [{ + 'id': 'host', + 'label': ugettext_noop('Kubernetes API Endpoint'), + 'type': 'string', + 'help_text': ugettext_noop('The Kubernetes API Endpoint to authenticate with.') + },{ + 'id': 'bearer_token', + 'label': ugettext_noop('Bearer token for service account'), + 'type': 'string', + 'secret': True, + },{ + 'id': 'verify_ssl', + 'label': ugettext_noop('Verify SSL'), + 'type': 'boolean', + 'secret': False + }], + 'required': ['host', 'bearer_token'], + } +) + class CredentialInputSource(PrimordialModel): diff --git a/awx/main/models/ha.py b/awx/main/models/ha.py index 7aba299121..b6cc2f816f 100644 --- a/awx/main/models/ha.py +++ b/awx/main/models/ha.py @@ -176,6 +176,14 @@ class InstanceGroup(HasPolicyEditsMixin, BaseModel, RelatedJobsMixin): null=True, on_delete=models.CASCADE ) + credential = models.ForeignKey( + 'Credential', + related_name='%(class)ss', + blank=True, + null=True, + default=None, + on_delete=models.SET_NULL, + ) policy_instance_percentage = models.IntegerField( default=0, help_text=_("Percentage of Instances to automatically assign to this group")