mirror of
https://github.com/ansible/awx.git
synced 2026-03-25 04:45:03 -02:30
ff68d6196d
Add install-time feature flag for OIDC workload identity credential types Implements FEATURE_OIDC_WORKLOAD_IDENTITY_ENABLED feature flag to gate HashiCorp Vault OIDC credential types as a Technology Preview feature. When the feature flag is disabled (default), OIDC credential types are not loaded into the plugin registry at application startup and do not exist in the database. When enabled, OIDC credential types are loaded normally and function as expected. Changes: - Add FEATURE_OIDC_WORKLOAD_IDENTITY_ENABLED setting (defaults to False) - Add OIDC_CREDENTIAL_TYPE_NAMESPACES constant for maintainability - Modify load_credentials() to skip OIDC types when flag is disabled - Add test coverage (2 test cases) This is an install-time flag that requires application restart to take effect. The flag is checked during application startup when credential types are loaded from plugins. Fixes: AAP-64510 Assisted-By: Claude Sonnet 4.5 <noreply@anthropic.com>