External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-02 09:18:48 -03:30
Code Issues Packages Projects Releases Wiki Activity
27,132 Commits 57 Branches 102 Tags
1a15f18be3c07e4ddb6a90273a52427bdf27edbd
Commit Graph

70 Commits

Author SHA1 Message Date
Ryan Petrello
011822b1f0 make a global "managed by AWX/Tower" Credential to represent Galaxy 2020-09-01 13:45:03 -04:00
Ryan Petrello
130e279012 add a data migration for Galaxy credentials 
see: https://github.com/ansible/awx/issues/7813
 2020-09-01 13:45:02 -04:00
Ryan Petrello
b8e0d087e5 add model support, an API, and a migration for Org -> Galaxy credentials 
see: https://github.com/ansible/awx/issues/7813
 2020-09-01 13:44:59 -04:00
Ryan Petrello
2bdd83e029 use jinja2.sandbox for credential type injectors 2020-07-08 15:48:47 -04:00
John Westcott IV
f091de438e Adding help text 2020-06-24 09:14:30 -04:00
John Westcott IV
8a25f385e4 Modifying tower credential type to include an oauth otken 2020-06-24 09:14:30 -04:00
Dave Lewis
08323a11b6 Addition of project domain name to OpenStack Credential 
Keystone v3 requires user_domain_id and project_domain_name to authenticate, but AWX openstack credential only requests the user_domain_id.
Added in project_domain_name into the credential templating. Not added as a required field as this is only needed when using Keystone v3.
 2020-04-23 11:24:51 +01:00
Marliana Lara
15c665ea52 Add Credential Detail view 
* Add Credential and CredentialDetail unit tests
* Add credential_type mock data
 2020-01-16 09:14:30 -05:00
Seth Foster
9c04e08b4d Fix secret lookup links when credentials are copied 
- When a credential that contains secret lookups (e.g. HashiCorp Vault
  Secret Lookup) is copied, the lookup fields are not properly copied
- This change adds the necessary fields to FIELDS_TO_PRESERVE_AT_COPY
  for both Credential and CredentialInputSource classes to ensure a
  proper copy
 2019-10-22 17:49:10 -04:00
AlanCoding
85c99cc38a Redact env vars for Galaxy token or password 2019-10-07 14:02:43 -04:00
Shane McDonald
bd5003ca98 Task manager / scheduler Kubernetes integration 2019-10-04 13:21:21 -04:00
Shane McDonald
a9059edc65 Allow associating a credential with an instance group 2019-10-04 12:54:31 -04:00
Jeff Bradberry
b6b70e55fb Address a variety of small review issues 2019-09-30 13:32:23 -04:00
Jeff Bradberry
6aa6471b7c Add help_text to the new fields 2019-09-30 13:32:23 -04:00
Jeff Bradberry
885841caea Drop Bitbucket support 
since only the Bitbucket Server product supports signed payloads,
bitbucket.org does not.  And we are requiring signed payloads.
 2019-09-30 13:32:22 -04:00
Jeff Bradberry
4dba9916dc Add a new set of personal access token credential types 2019-09-30 13:26:03 -04:00
Ryan Petrello
d30d51d72c fix a bug that prevents launch-time passphrases w/ cred plugins 
with the advent of credential plugins there's no way for us to *actually
know* the RSA key value at the time the credential is _created_, because
the order of operations is:

1.  Create the credential with a specified passphrase
2.  Associate a new dynamic inventory source pointed at some third party
    provider (hashi, cyberark, etc...)

this commit removes the code that warns you about an extraneous
passphrase (if you don't specify a private key)

additionally, the code for determining whether or not a credential
_requires_ a password/phrase at launch time has been updated to test
private key validity based on the *actual* value from the third party
provider

see: https://github.com/ansible/awx/issues/4791
 2019-09-26 17:14:25 -04:00
Ryan Petrello
a107a17bc9 fix a few minor CLI bugs 
see: https://github.com/ansible/awx/issues/4608
 2019-08-29 08:54:17 -04:00
Jeff Bradberry
6737bd4c19 Replace {} as field default values with the callable dict 2019-07-12 15:11:22 -04:00
Ryan Petrello
6da445f7c0 remove /api/v1 and deprecated credential fields 2019-06-06 12:23:00 -04:00
AlanCoding
f4c18843a3 Resolve default ordering warnings from tests 2019-05-20 10:58:36 -04:00
AlanCoding
8c2b3e9b84 Fix Django 2.0 deprecation warnings 2019-04-22 14:17:14 -04:00
Jake McDermott
165405ad3f include externally sourced input fields for injection 2019-04-02 11:24:36 -04:00
Ryan Petrello
0768c6ac1d store the public key for HashiVault signing in the plugin metadata 2019-04-02 11:21:47 -04:00
Ryan Petrello
011d7eb892 clean up access to various CredentialInputSource fields (#3336) 2019-04-02 11:21:21 -04:00
Jake McDermott
e9532dea8e cache dynamic input fields 
Query dynamic input fields once on attribute access and then cache it for future use.
 2019-04-02 11:21:10 -04:00
Ryan Petrello
b911f8bf77 allow creation at /api/v2/credential_input_sources 2019-04-02 11:21:06 -04:00
Ryan Petrello
e727909a61 rename the CredentialInputSource related_names so they're plural 2019-04-02 11:21:02 -04:00
Ryan Petrello
13366c1e75 Encrypt machine.ssh_public_key_data (in case users paste in signed data) 2019-04-02 11:20:58 -04:00
Ryan Petrello
69368d874e move path parameterization to the CredentialInputSource model 2019-04-02 11:20:36 -04:00
Jake McDermott
0ee223f799 add api for testing credential plugins 2019-04-02 11:20:33 -04:00
Ryan Petrello
7a43f00a5d add support for HashiCorp signed SSH certificates 2019-04-02 11:20:29 -04:00
Ryan Petrello
0a87469225 give credential plugins an explicit namespace 2019-04-02 11:20:22 -04:00
Jake McDermott
d87144c4a7 add api for managing credential input sources 2019-04-02 11:19:56 -04:00
Jake McDermott
c209955400 add credential plugin system and minimal working hashivault 2019-04-02 11:19:26 -04:00
AlanCoding
b9d489c788 Use randomized file names for injector credential files 2019-03-26 10:29:38 -04:00
chris meyers
827ad0fa75 remove safe_args and add status_handler 
* safe_args no longer makes sense. We have moved extra_vars to a file
and thus do not pass sensitive content on the cmdline
 2019-03-18 14:21:47 -04:00
Ryan Petrello
b1a33869dc convey OpenStack verify_ssl defaults in the CredentialType schema 2019-02-20 09:02:48 -05:00
Hideki Saito
9f04fbe4a4 Add verify_ssl to OpenStack credential type 
To avoid verification failures when using a self-signed certificate file,
 Added "Verify SSL" check box to the openstack credential type edit page.

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2019-02-19 12:53:13 -05:00
Ryan Petrello
43ca4526b1 define native CredentialType inputs/injectors in code, not in the DB 
This has a few benefits:

1.  It makes adding new fields to built-in CredentialTypes _much_
    simpler.  In the past, we've had to write a migration every time we
    want to modify an existing type (changing a label/help text,
    changing options like the recent become_method changes) or
    when adding a new field entirely

2.  It paves the way for third party credential plugins support, where
    importable libraries will define their own source code-based schema
 2019-02-19 10:22:26 -05:00
AlanCoding
fbf6315a8c remove star imports in tasks and non-base models 2019-02-12 19:50:30 -05:00
Jeff Bradberry
6e1deed79e Removed the special-case logic for maintaining the schema of the become_method field 
related #2630

Signed-off-by: Jeff Bradberry <jeff.bradberry@gmail.com>
 2019-01-29 14:06:26 -05:00
Jeff Bradberry
0ecd6542bf Changed the become_method field into one that takes arbitrary input 
related #2630

Signed-off-by: Jeff Bradberry <jeff.bradberry@gmail.com>
 2019-01-28 16:53:54 -05:00
Ryan Petrello
daeeaf413a clean up unnecessary usage of the six library (awx only supports py3) 2019-01-25 00:19:48 -05:00
Jake McDermott
a8728670e1 handle credential.inputs in decryption utils 2019-01-22 22:56:24 -05:00
Jake McDermott
a86e270905 add credential input access methods 2019-01-20 13:08:23 -05:00
Ryan Petrello
f223df303f convert py2 -> py3 2019-01-15 14:09:01 -05:00
Bill Nottingham
479ad13630 Fix some more typos while here. 2018-12-18 16:23:17 -05:00
AlanCoding
40b5ce4b2e link v1 pages to v2 credential type page 2018-12-06 15:41:26 -05:00
Ryan Petrello
7252883094 allow encrypted fields in custom credentials to be empty 2018-11-30 14:07:56 -05:00