Aap 48489 (#7003)

* collect controller ldap configuration * translate role mapping and submit ldap authenticator * implement require and deny group mapping * remove all references of awx in the naming * fix linter issues * address PR feedback * update ldap authenticator naming * update github authenticator naming * assume that server_uri is always a string * update order of evaluation for require and deny groups * cleanup and move ldap related functions into the ldap migrator * add skip option for saml * update saml authenticator to new slug format * update azuread authenticator to new slug format
2026-03-09 13:39:27 -02:30 · 2025-07-11 18:05:23 +02:00
parent 6b2e9a66d5
commit c5e55fe0f5
10 changed files with 1137 additions and 87 deletions
--- a/awx/main/management/commands/import_auth_config_to_gateway.py
+++ b/awx/main/management/commands/import_auth_config_to_gateway.py
@@ -4,6 +4,7 @@ import os
 from django.core.management.base import BaseCommand
 from awx.sso.utils.azure_ad_migrator import AzureADMigrator
 from awx.sso.utils.github_migrator import GitHubMigrator
+from awx.sso.utils.ldap_migrator import LDAPMigrator
 from awx.sso.utils.oidc_migrator import OIDCMigrator
 from awx.sso.utils.saml_migrator import SAMLMigrator
 from awx.main.utils.gateway_client import GatewayClient, GatewayAPIError
@@ -16,6 +17,7 @@ class Command(BaseCommand):
        parser.add_argument('--skip-oidc', action='store_true', help='Skip importing GitHub and generic OIDC authenticators')
        parser.add_argument('--skip-ldap', action='store_true', help='Skip importing LDAP authenticators')
        parser.add_argument('--skip-ad', action='store_true', help='Skip importing Azure AD authenticator')
+        parser.add_argument('--skip-saml', action='store_true', help='Skip importing SAML authenticator')

    def handle(self, *args, **options):
        # Read Gateway connection parameters from environment variables
@@ -25,8 +27,9 @@ class Command(BaseCommand):
        gateway_skip_verify = os.getenv('GATEWAY_SKIP_VERIFY', '').lower() in ('true', '1', 'yes', 'on')

        skip_oidc = options['skip_oidc']
-        # skip_ldap = options['skip_ldap']
+        skip_ldap = options['skip_ldap']
        skip_ad = options['skip_ad']
+        skip_saml = options['skip_saml']

        # If the management command isn't called with all parameters needed to talk to Gateway, consider
        # it a dry-run and exit cleanly
@@ -56,12 +59,16 @@ class Command(BaseCommand):
                if not skip_oidc:
                    migrators.append(GitHubMigrator(gateway_client, self))
                    migrators.append(OIDCMigrator(gateway_client, self))
+
+                if not skip_saml:
                    migrators.append(SAMLMigrator(gateway_client, self))
-                # if not skip_ldap:
-                #     migrators.append(LDAPMigrator(gateway_client, self))
+
                if not skip_ad:
                    migrators.append(AzureADMigrator(gateway_client, self))

+                if not skip_ldap:
+                    migrators.append(LDAPMigrator(gateway_client, self))
+
                # Run migrations
                total_results = {
                    'created': 0,