add special case read-only support for isolated public/private keys

We recently made AWX_ISOLATED_PRIVATE_KEY and AWX_ISOLATED_PUBLIC_KEY read-only so that they're not inadvertently modified and/or deleted (which would cause isolated task execution to break). Tower's notion of a read-only setting, though, is really more like "hard-coded in a .py file". What we really need is support for settings that are not user configurable/changeable, but that we still want to display to users from the DB. In leiu of a complicated change to `awx.conf.settings`, this change provides special support to these two settings so they behave in the manner we expect. see: https://github.com/ansible/ansible-tower/issues/7375
2026-01-13 11:00:03 -03:30 · 2017-08-03 16:37:49 -04:00 · 2017-08-03 16:37:49 -04:00 · b34adcb10d
commit b34adcb10d
parent c1c5b01a07
1 changed files with 6 additions and 1 deletions
--- a/awx/conf/settings.py
+++ b/awx/conf/settings.py
@ -293,7 +293,12 @@ class SettingsWrapper(UserSettingsHolder):
        field = self.registry.get_setting_field(name)
        if value is empty:
            setting = None
-            if not field.read_only:
+            if not field.read_only or name in (
+                # these two values are read-only - however - we *do* want
+                # to fetch their value from the database
+                'AWX_ISOLATED_PRIVATE_KEY',
+                'AWX_ISOLATED_PUBLIC_KEY',
+            ):
                setting = Setting.objects.filter(key=name, user__isnull=True).order_by('pk').first()
            if setting:
                if getattr(field, 'encrypted', False):