From b9ab06734d4f449c6ada4b6eb8a6ef0d5b379678 Mon Sep 17 00:00:00 2001
From: Ryan Petrello <rpetrell@redhat.com>
Date: Tue, 27 Feb 2018 16:10:23 -0500
Subject: [PATCH] don't inject custom extra_vars for inventory updates

see: https://github.com/ansible/awx/issues/1366
---
 awx/main/models/credential/__init__.py | 38 ++++++++++++++------------
 1 file changed, 20 insertions(+), 18 deletions(-)

diff --git a/awx/main/models/credential/__init__.py b/awx/main/models/credential/__init__.py
index ebea41cc80..a7136ea327 100644
--- a/awx/main/models/credential/__init__.py
+++ b/awx/main/models/credential/__init__.py
@@ -648,27 +648,29 @@ class CredentialType(CommonModelNameNotUnique):
             env[env_var] = Template(tmpl).render(**namespace)
             safe_env[env_var] = Template(tmpl).render(**safe_namespace)
 
-        extra_vars = {}
-        safe_extra_vars = {}
-        for var_name, tmpl in self.injectors.get('extra_vars', {}).items():
-            extra_vars[var_name] = Template(tmpl).render(**namespace)
-            safe_extra_vars[var_name] = Template(tmpl).render(**safe_namespace)
+        if 'INVENTORY_UPDATE_ID' not in env:
+            # awx-manage inventory_update does not support extra_vars via -e
+            extra_vars = {}
+            safe_extra_vars = {}
+            for var_name, tmpl in self.injectors.get('extra_vars', {}).items():
+                extra_vars[var_name] = Template(tmpl).render(**namespace)
+                safe_extra_vars[var_name] = Template(tmpl).render(**safe_namespace)
 
-        def build_extra_vars_file(vars, private_dir):
-            handle, path = tempfile.mkstemp(dir = private_dir)
-            f = os.fdopen(handle, 'w')
-            f.write(json.dumps(vars))
-            f.close()
-            os.chmod(path, stat.S_IRUSR)
-            return path
+            def build_extra_vars_file(vars, private_dir):
+                handle, path = tempfile.mkstemp(dir = private_dir)
+                f = os.fdopen(handle, 'w')
+                f.write(json.dumps(vars))
+                f.close()
+                os.chmod(path, stat.S_IRUSR)
+                return path
 
-        if extra_vars:
-            path = build_extra_vars_file(extra_vars, private_data_dir)
-            args.extend(['-e', '@%s' % path])
+            if extra_vars:
+                path = build_extra_vars_file(extra_vars, private_data_dir)
+                args.extend(['-e', '@%s' % path])
 
-        if safe_extra_vars:
-            path = build_extra_vars_file(safe_extra_vars, private_data_dir)
-            safe_args.extend(['-e', '@%s' % path])
+            if safe_extra_vars:
+                path = build_extra_vars_file(safe_extra_vars, private_data_dir)
+                safe_args.extend(['-e', '@%s' % path])
 
 
 @CredentialType.default