add credential file support

Signed-off-by: sezanzeb <proxima@sezanzeb.de>

awxkit/awxkit/cli/format.py

@@ -5,6 +5,22 @@ from distutils.util import strtobool
 import yaml
 
 from awxkit.cli.utils import colored
+from awxkit import config
+
+
+def get_config_credentials():
+    """Load username and password from config.credentials.default.
+
+    In order to respect configurations from AWXKIT_CREDENTIAL_FILE.
+    """
+    default_username = 'admin'
+    default_password = 'password'
+
+    if not hasattr(config, 'credentials'):
+        return default_username, default_password
+
+    default = config.credentials.get('default', {})
+    return (default.get('username', default_username), default.get('password', default_password))
 
 
 def add_authentication_arguments(parser, env):
@@ -20,16 +36,20 @@ def add_authentication_arguments(parser, env):
         help='an OAuth2.0 token (get one by using `awx login`)',
         metavar='TEXT',
     )
+
+    config_username, config_password = get_config_credentials()
+    # options configured via cli args take higher precedence than those from the config
     auth.add_argument(
         '--conf.username',
-        default=env.get('CONTROLLER_USERNAME', env.get('TOWER_USERNAME', 'admin')),
+        default=env.get('CONTROLLER_USERNAME', env.get('TOWER_USERNAME', config_username)),
         metavar='TEXT',
     )
     auth.add_argument(
         '--conf.password',
-        default=env.get('CONTROLLER_PASSWORD', env.get('TOWER_PASSWORD', 'password')),
+        default=env.get('CONTROLLER_PASSWORD', env.get('TOWER_PASSWORD', config_password)),
         metavar='TEXT',
     )
+
     auth.add_argument(
         '-k',
         '--conf.insecure',

awxkit/test/cli/test_config.py

@@ -1,3 +1,5 @@
+import os
+import json
 import pytest
 from requests.exceptions import ConnectionError
 
@@ -49,3 +51,58 @@ def test_config_precedence():
 
     assert config.credentials.default.username == 'mary'
     assert config.credentials.default.password == 'secret'
+
+
+def test_config_file_precedence():
+    """Ignores AWXKIT_CREDENTIAL_FILE if cli args are set"""
+    os.makedirs('/tmp/awx-test/', exist_ok=True)
+    with open('/tmp/awx-test/config.json', 'w') as f:
+        json.dump({'default': {'username': 'IGNORE', 'password': 'IGNORE'}}, f)
+
+    cli = CLI()
+    cli.parse_args(
+        ['awx', '--conf.username', 'mary', '--conf.password', 'secret'],
+        env={
+            'AWXKIT_CREDENTIAL_FILE': '/tmp/awx-test/config.json',
+        },
+    )
+    with pytest.raises(ConnectionError):
+        cli.connect()
+
+    assert config.credentials.default.username == 'mary'
+    assert config.credentials.default.password == 'secret'
+
+
+def test_config_file_precedence_2():
+    """Ignores AWXKIT_CREDENTIAL_FILE if TOWER_* vars are set."""
+    os.makedirs('/tmp/awx-test/', exist_ok=True)
+    with open('/tmp/awx-test/config.json', 'w') as f:
+        json.dump({'default': {'username': 'IGNORE', 'password': 'IGNORE'}}, f)
+
+    cli = CLI()
+    cli.parse_args(['awx'], env={'AWXKIT_CREDENTIAL_FILE': '/tmp/awx-test/config.json', 'TOWER_USERNAME': 'mary', 'TOWER_PASSWORD': 'secret'})
+    with pytest.raises(ConnectionError):
+        cli.connect()
+
+    assert config.credentials.default.username == 'mary'
+    assert config.credentials.default.password == 'secret'
+
+
+def test_config_file():
+    """Reads username and password from AWXKIT_CREDENTIAL_FILE."""
+    os.makedirs('/tmp/awx-test/', exist_ok=True)
+    with open('/tmp/awx-test/config.json', 'w') as f:
+        json.dump({'default': {'username': 'mary', 'password': 'secret'}}, f)
+
+    cli = CLI()
+    cli.parse_args(
+        ['awx'],
+        env={
+            'AWXKIT_CREDENTIAL_FILE': '/tmp/awx-test/config.json',
+        },
+    )
+    with pytest.raises(ConnectionError):
+        cli.connect()
+
+    assert config.credentials.default.username == 'mary'
+    assert config.credentials.default.password == 'secret'