diff --git a/awx/main/models/credential/__init__.py b/awx/main/models/credential/__init__.py index ffe0af2d79..e43defe730 100644 --- a/awx/main/models/credential/__init__.py +++ b/awx/main/models/credential/__init__.py @@ -1039,30 +1039,68 @@ ManagedCredentialType( }, ) -ManagedCredentialType( +insights = ManagedCredentialType( namespace='insights', kind='insights', name=gettext_noop('Insights'), managed=True, inputs={ 'fields': [ - {'id': 'username', 'label': gettext_noop('Username'), 'type': 'string'}, - {'id': 'password', 'label': gettext_noop('Password'), 'type': 'string', 'secret': True}, + { + 'id': 'username', + 'label': gettext_noop('Username'), + 'type': 'string', + 'help_text': gettext_noop( + 'Required for basic authentication. ' 'May be blank if using client_id and client_secret', + ), + }, + { + 'id': 'password', + 'label': gettext_noop('Password'), + 'type': 'string', + 'secret': True, + 'help_text': gettext_noop( + 'Required for basic authentication. ' 'May be blank if using client_id and client_secret', + ), + }, + { + 'id': 'client_id', + 'label': gettext_noop('Client ID'), + 'type': 'string', + 'help_text': gettext_noop( + 'Required for service account authentication. ' 'May be blank if using username and password', + ), + }, + { + 'id': 'client_secret', + 'label': gettext_noop('Client Secret'), + 'type': 'string', + 'secret': True, + 'help_text': gettext_noop( + 'Required for service account authentication. ' 'May be blank if using username and password', + ), + }, ], - 'required': ['username', 'password'], + 'required': [], }, injectors={ 'extra_vars': { - "scm_username": "{{username}}", - "scm_password": "{{password}}", + 'scm_username': '{{username}}', + 'scm_password': '{{password}}', + 'client_id': '{{client_id}}', + 'client_secret': '{{client_secret}}', + 'authentication': '{% if client_id %}service_account{% else %}basic{% endif %}', }, 'env': { 'INSIGHTS_USER': '{{username}}', 'INSIGHTS_PASSWORD': '{{password}}', + 'INSIGHTS_CLIENT_ID': '{{client_id}}', + 'INSIGHTS_CLIENT_SECRET': '{{client_secret}}', }, }, ) + ManagedCredentialType( namespace='rhv', kind='cloud', diff --git a/awx/main/models/inventory.py b/awx/main/models/inventory.py index 7d4d8df388..7beafd3f98 100644 --- a/awx/main/models/inventory.py +++ b/awx/main/models/inventory.py @@ -1695,6 +1695,14 @@ class insights(PluginFileInjector): downstream_collection = 'insights' use_fqcn = True + def inventory_as_dict(self, inventory_update, private_data_dir): + inventory_data = super().inventory_as_dict(inventory_update, private_data_dir) + credential = inventory_update.get_cloud_credential() + if credential.get_input('client_id', default=''): + inventory_data['authentication'] = 'service_account' + + return inventory_data + class openshift_virtualization(PluginFileInjector): plugin_name = 'kubevirt' diff --git a/awx/main/tests/data/inventory/plugins/insights/env.json b/awx/main/tests/data/inventory/plugins/insights/env.json index b87328e761..bbece6a48f 100644 --- a/awx/main/tests/data/inventory/plugins/insights/env.json +++ b/awx/main/tests/data/inventory/plugins/insights/env.json @@ -1,4 +1,6 @@ { "INSIGHTS_USER": "fooo", - "INSIGHTS_PASSWORD": "fooo" + "INSIGHTS_PASSWORD": "fooo", + "INSIGHTS_CLIENT_ID": "fooo", + "INSIGHTS_CLIENT_SECRET": "fooo" }