External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-04 18:21:03 -03:30
Code Issues Packages Projects Releases Wiki Activity

Updates to network credentials

Browse Source 
Separating out the network credential used fields
This commit is contained in:
Matthew Jones
2016-04-21 16:43:31 -04:00
parent efebb3701b
commit fe360ca8e3
5 changed files with 28 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
awx/api/serializers.py
View File

@@ -1560,7 +1560,8 @@ class CredentialSerializer(BaseSerializer):
'password', 'security_token', 'project', 'domain', 'password', 'security_token', 'project', 'domain',
'ssh_key_data', 'ssh_key_unlock', 'ssh_key_data', 'ssh_key_unlock',
'become_method', 'become_username', 'become_password', 'become_method', 'become_username', 'become_password',
'vault_password', 'subscription', 'tenant', 'secret', 'client') 'vault_password', 'subscription', 'tenant', 'secret', 'client',
'authorize', 'authorize_password')
def build_standard_field(self, field_name, model_field): def build_standard_field(self, field_name, model_field):
field_class, field_kwargs = super(CredentialSerializer, self).build_standard_field(field_name, model_field) field_class, field_kwargs = super(CredentialSerializer, self).build_standard_field(field_name, model_field)

10
awx/main/migrations/0014_v300_invsource_cred.py
View File

@@ -23,6 +23,16 @@ class Migration(migrations.Migration):
name='network_credential', name='network_credential',
field=models.ForeignKey(related_name='jobtemplates_as_network_credential+', on_delete=django.db.models.deletion.SET_NULL, default=None, blank=True, to='main.Credential', null=True), field=models.ForeignKey(related_name='jobtemplates_as_network_credential+', on_delete=django.db.models.deletion.SET_NULL, default=None, blank=True, to='main.Credential', null=True),
), ),
migrations.AddField(
model_name='credential',
name='authorize',
field=models.BooleanField(default=False, help_text='Whether to use the authorize mechanism.'),
),
migrations.AddField(
model_name='credential',
name='authorize_password',
field=models.CharField(default=b'', help_text='Password used by the authorize mechanism.', max_length=1024, blank=True),
),
migrations.AlterField( migrations.AlterField(
model_name='credential', model_name='credential',
name='deprecated_team', name='deprecated_team',

12
awx/main/models/credential.py
View File

@@ -56,7 +56,7 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
] ]
PASSWORD_FIELDS = ('password', 'security_token', 'ssh_key_data', 'ssh_key_unlock', PASSWORD_FIELDS = ('password', 'security_token', 'ssh_key_data', 'ssh_key_unlock',
'become_password', 'vault_password', 'secret') 'become_password', 'vault_password', 'secret', 'authorize_password')
class Meta: class Meta:
app_label = 'main' app_label = 'main'
@@ -169,6 +169,16 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
default='', default='',
help_text=_('Vault password (or "ASK" to prompt the user).'), help_text=_('Vault password (or "ASK" to prompt the user).'),
) )
authorize = models.BooleanField(
default=False,
help_text=_('Whether to use the authorize mechanism.'),
)
authorize_password = models.CharField(
max_length=1024,
blank=True,
default='',
help_text=_('Password used by the authorize mechanism.'),
)
client = models.CharField( client = models.CharField(
max_length=128, max_length=128,
blank=True, blank=True,

4
awx/main/tasks.py
View File

@@ -823,10 +823,10 @@ class RunJob(BaseTask):
env['ANSIBLE_NET_USERNAME'] = network_cred.username env['ANSIBLE_NET_USERNAME'] = network_cred.username
env['ANSIBLE_NET_PASSWORD'] = decrypt_field(network_cred, 'password') env['ANSIBLE_NET_PASSWORD'] = decrypt_field(network_cred, 'password')
authorize = network_cred.become_method == 'sudo' authorize = network_cred.authorize
env['ANSIBLE_NET_AUTHORIZE'] = unicode(int(authorize)) env['ANSIBLE_NET_AUTHORIZE'] = unicode(int(authorize))
if authorize: if authorize:
env['ANSIBLE_NET_AUTHORIZE_PASSWORD'] = decrypt_field(network_cred, 'become_password') env['ANSIBLE_NET_AUTHORIZE_PASSWORD'] = decrypt_field(network_cred, 'authorize_password')
# Set environment variables related to scan jobs # Set environment variables related to scan jobs
if job.job_type == PERM_INVENTORY_SCAN: if job.job_type == PERM_INVENTORY_SCAN:

6
awx/main/tests/unit/test_network_credential.py
View File

@@ -12,8 +12,8 @@ def options():
'username':'test', 'username':'test',
'password':'test', 'password':'test',
'ssh_key_data': """-----BEGIN PRIVATE KEY-----\nstuff==\n-----END PRIVATE KEY-----""", 'ssh_key_data': """-----BEGIN PRIVATE KEY-----\nstuff==\n-----END PRIVATE KEY-----""",
'become_method': 'sudo', 'authorize': True,
'become_password': 'passwd', 'authorize_password': 'passwd',
} }
@@ -30,7 +30,7 @@ def test_net_cred_parse(mocker, options):
assert env['ANSIBLE_NET_USERNAME'] == options['username'] assert env['ANSIBLE_NET_USERNAME'] == options['username']
assert env['ANSIBLE_NET_PASSWORD'] == options['password'] assert env['ANSIBLE_NET_PASSWORD'] == options['password']
assert env['ANSIBLE_NET_AUTHORIZE'] == '1' assert env['ANSIBLE_NET_AUTHORIZE'] == '1'
assert env['ANSIBLE_NET_AUTHORIZE_PASSWORD'] == options['become_password'] assert env['ANSIBLE_NET_AUTHORIZE_PASSWORD'] == options['authorize_password']
def test_net_cred_ssh_agent(mocker, options): def test_net_cred_ssh_agent(mocker, options):