Simplify gce inventory plugin injector

This consumes the change made in Ansible core
ansible/ansible#54407
which is in Ansible 2.8, allowing the plugin
injection logic to share the script logic and
to be simplified

awx/main/models/credential/injectors.py

@@ -18,8 +18,6 @@ def gce(cred, env, private_data_dir):
     project = cred.get_input('project', default='')
     username = cred.get_input('username', default='')
 
-    env['GCE_EMAIL'] = username
-    env['GCE_PROJECT'] = project
     json_cred = {
         'type': 'service_account',
         'private_key': cred.get_input('ssh_key_data', default=''),

awx/main/models/inventory.py

@@ -1911,13 +1911,14 @@ def _get_shared_env(self, inventory_update, private_data_dir, private_data_files
         # some sources may have no credential, specifically ec2
         if credential is None:
             return injected_env
+        if self.base_injector in ('managed', 'template'):
+            injected_env['INVENTORY_UPDATE_ID'] = str(inventory_update.pk)  # so injector knows this is inventory
         if self.base_injector == 'managed':
             from awx.main.models.credential import injectors as builtin_injectors
             cred_kind = inventory_update.source.replace('ec2', 'aws')
             if cred_kind in dir(builtin_injectors):
                 getattr(builtin_injectors, cred_kind)(credential, injected_env, private_data_dir)
         elif self.base_injector == 'template':
-            injected_env['INVENTORY_UPDATE_ID'] = str(inventory_update.pk)  # so injector knows this is inventory
             safe_env = injected_env.copy()
             args = []
             credential.credential_type.inject_credential(
@@ -2326,6 +2327,12 @@ class gce(PluginFileInjector):
 
     def get_script_env(self, inventory_update, private_data_dir, private_data_files):
         env = super(gce, self).get_script_env(inventory_update, private_data_dir, private_data_files)
+        cred = inventory_update.get_cloud_credential()
+        # these environment keys are unique to the script operation, and are not
+        # concepts in the modern inventory plugin or gce Ansible module
+        # email and project are redundant with the creds file
+        env['GCE_EMAIL'] = cred.get_input('username', default='')
+        env['GCE_PROJECT'] = cred.get_input('project', default='')
         env['GCE_ZONE'] = inventory_update.source_regions if inventory_update.source_regions != 'all' else ''  # noqa
 
         # by default, the GCE inventory source caches results on disk for
@@ -2366,8 +2373,6 @@ def inventory_as_dict(self, inventory_update, private_data_dir):
         credential = inventory_update.get_cloud_credential()
 
         # auth related items
-        from awx.main.models.credential.injectors import gce as builtin_injector
-        ret['service_account_file'] = builtin_injector(credential, {}, private_data_dir)
         ret['projects'] = [credential.get_input('project', default='')]
         ret['auth_kind'] = "serviceaccount"
 
@@ -2413,11 +2418,6 @@ def inventory_as_dict(self, inventory_update, private_data_dir):
             ret['zones'] = inventory_update.source_regions.split(',')
         return ret
 
-    def get_plugin_env(self, inventory_update, private_data_dir, private_data_files):
-        # gce wants everything defined in inventory & cred files
-        # this explicitly turns off injection of environment variables
-        return {}
-
 
 class vmware(PluginFileInjector):
     # plugin_name = 'vmware_vm_inventory'  # FIXME: implement me

awx/main/tests/data/inventory/plugins/gce/env.json

@@ -1,3 +1,4 @@
 {
-    "ANSIBLE_TRANSFORM_INVALID_GROUP_CHARS": "never"
+    "ANSIBLE_TRANSFORM_INVALID_GROUP_CHARS": "never",
+    "GCE_CREDENTIALS_FILE_PATH": "{{ file_reference }}"
 }

awx/main/tests/data/inventory/plugins/gce/files/gcp_compute.yml

@@ -44,7 +44,6 @@ plugin: gcp_compute
 projects:
 - fooo
 retrieve_image_info: true
-service_account_file: {{ file_reference }}
 use_contrib_script_compatible_sanitization: true
 zones:
 - us-east4-a