mirror of
https://github.com/ansible/awx.git
synced 2026-05-08 01:47:35 -02:30
Merge pull request #13725 from l3acon/collection-existential-state-for-credential-module
[collection] Add "exists" state for credential module
This commit is contained in:
Hao Liu
GitHub
@@ -87,7 +87,7 @@ options:
|
|||||||
update_secrets:
|
update_secrets:
|
||||||
description:
|
description:
|
||||||
- C(true) will always update encrypted values.
|
- C(true) will always update encrypted values.
|
||||||
- C(false) will only updated encrypted values if a change is absolutely known to be needed.
|
- C(false) will only update encrypted values if a change is absolutely known to be needed.
|
||||||
type: bool
|
type: bool
|
||||||
default: true
|
default: true
|
||||||
user:
|
user:
|
||||||
@@ -100,8 +100,8 @@ options:
|
|||||||
type: str
|
type: str
|
||||||
state:
|
state:
|
||||||
description:
|
description:
|
||||||
- Desired state of the resource.
|
- Desired state of the resource. C(exists) will not modify the resource if it is present.
|
||||||
choices: ["present", "absent"]
|
choices: ["present", "absent", "exists"]
|
||||||
default: "present"
|
default: "present"
|
||||||
type: str
|
type: str
|
||||||
|
|
||||||
@@ -216,7 +216,7 @@ def main():
|
|||||||
update_secrets=dict(type='bool', default=True, no_log=False),
|
update_secrets=dict(type='bool', default=True, no_log=False),
|
||||||
user=dict(),
|
user=dict(),
|
||||||
team=dict(),
|
team=dict(),
|
||||||
state=dict(choices=['present', 'absent'], default='present'),
|
state=dict(choices=['present', 'absent', 'exists'], default='present'),
|
||||||
)
|
)
|
||||||
|
|
||||||
# Create a module for ourselves
|
# Create a module for ourselves
|
||||||
@@ -265,6 +265,10 @@ def main():
|
|||||||
# If the state was absent we can let the module delete it if needed, the module will handle exiting from this
|
# If the state was absent we can let the module delete it if needed, the module will handle exiting from this
|
||||||
module.delete_if_needed(credential)
|
module.delete_if_needed(credential)
|
||||||
|
|
||||||
|
if state == 'exists' and credential is not None:
|
||||||
|
# If credential exists and state is exists, we're done here.
|
||||||
|
module.exit_json(**module.json_output)
|
||||||
|
|
||||||
# Attempt to look up the related items the user specified (these will fail the module if not found)
|
# Attempt to look up the related items the user specified (these will fail the module if not found)
|
||||||
if user:
|
if user:
|
||||||
user_id = module.resolve_name_to_id('users', user)
|
user_id = module.resolve_name_to_id('users', user)
|
||||||
|
|||||||
@@ -132,3 +132,20 @@ def test_secret_field_write_twice(run_module, organization, admin_user, cred_typ
|
|||||||
else:
|
else:
|
||||||
assert result.get('changed') is False, result
|
assert result.get('changed') is False, result
|
||||||
assert Credential.objects.get(id=result['id']).get_input('token') == val1
|
assert Credential.objects.get(id=result['id']).get_input('token') == val1
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.django_db
|
||||||
|
@pytest.mark.parametrize('state', ('present', 'absent', 'exists'))
|
||||||
|
def test_credential_state(run_module, organization, admin_user, cred_type, state):
|
||||||
|
result = run_module(
|
||||||
|
'credential',
|
||||||
|
dict(
|
||||||
|
name='Galaxy Token for Steve',
|
||||||
|
organization=organization.name,
|
||||||
|
credential_type=cred_type.name,
|
||||||
|
inputs={'token': '7rEZK38DJl58A7RxA6EC7lLvUHbBQ1'},
|
||||||
|
state=state,
|
||||||
|
),
|
||||||
|
admin_user,
|
||||||
|
)
|
||||||
|
assert not result.get('failed', False), result.get('msg', result)
|
||||||
|
|||||||
@@ -178,6 +178,60 @@
|
|||||||
that:
|
that:
|
||||||
- result is changed
|
- result is changed
|
||||||
|
|
||||||
|
- name: Delete an SSH credential
|
||||||
|
credential:
|
||||||
|
name: "{{ ssh_cred_name2 }}"
|
||||||
|
organization: Default
|
||||||
|
state: absent
|
||||||
|
credential_type: Machine
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that:
|
||||||
|
- "result is changed"
|
||||||
|
|
||||||
|
- name: Ensure existence of SSH credential
|
||||||
|
credential:
|
||||||
|
name: "{{ ssh_cred_name2 }}"
|
||||||
|
organization: Default
|
||||||
|
state: exists
|
||||||
|
credential_type: Machine
|
||||||
|
description: An example SSH awx.awx.credential
|
||||||
|
inputs:
|
||||||
|
username: joe
|
||||||
|
password: secret
|
||||||
|
become_method: sudo
|
||||||
|
become_username: superuser
|
||||||
|
become_password: supersecret
|
||||||
|
ssh_key_data: "{{ ssh_key_data }}"
|
||||||
|
ssh_key_unlock: "passphrase"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that:
|
||||||
|
- result is changed
|
||||||
|
|
||||||
|
- name: Ensure existence of SSH credential, not updating any inputs
|
||||||
|
credential:
|
||||||
|
name: "{{ ssh_cred_name2 }}"
|
||||||
|
organization: Default
|
||||||
|
state: exists
|
||||||
|
credential_type: Machine
|
||||||
|
description: An example SSH awx.awx.credential
|
||||||
|
inputs:
|
||||||
|
username: joe
|
||||||
|
password: no-update-secret
|
||||||
|
become_method: sudo
|
||||||
|
become_username: some-other-superuser
|
||||||
|
become_password: some-other-secret
|
||||||
|
ssh_key_data: "{{ ssh_key_data }}"
|
||||||
|
ssh_key_unlock: "another-pass-phrase"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that:
|
||||||
|
- result is not changed
|
||||||
|
|
||||||
- name: Create an invalid SSH credential (passphrase required)
|
- name: Create an invalid SSH credential (passphrase required)
|
||||||
credential:
|
credential:
|
||||||
name: SSH Credential
|
name: SSH Credential
|
||||||
|
|||||||
Reference in New Issue
Block a user