-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bitbucket: Support Basic Auth #2045
bitbucket: Support Basic Auth #2045
Conversation
This comment has been minimized.
This comment has been minimized.
cc @catcombo |
Hey @felixfontein, I would need some advice on how to handle the |
If |
c624557
to
4387c4b
Compare
The test
The test
The test
The test
|
Hi @maxbrunet if you could prepend (Also feel free to ask for help - here or in the IRC channel) |
@maxbrunet do you still plan to work on this in the near future? needs_info |
Not sure, maybe if I have time, but not really my priority, sorry |
…own_host.py Co-authored-by: Felix Fontein <felix@fontein.de>
…own_host.py Co-authored-by: Felix Fontein <felix@fontein.de>
…riable.py Co-authored-by: Felix Fontein <felix@fontein.de>
…riable.py Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
…y_pair.py Co-authored-by: Felix Fontein <felix@fontein.de>
Thank you for the review and suggestions @felixfontein
It must be because it is from a fork in my company's org, I do not have control over the setting, I will open PRs from my account next time. I have documented the precedence between OAuth and Basic Auth credentials, it is usually how multiple credential sources are handled, but I considered making them mutually exclusive, I leave the patch here in case I have a change of mind. mutually_exclusive.diffdiff --git a/plugins/module_utils/source_control/bitbucket.py b/plugins/module_utils/source_control/bitbucket.py
index bb50626a..4fa9ebc6 100644
--- a/plugins/module_utils/source_control/bitbucket.py
+++ b/plugins/module_utils/source_control/bitbucket.py
@@ -31,6 +31,10 @@ class BitbucketHelper:
password=dict(type='str', no_log=True, fallback=(env_fallback, ['BITBUCKET_PASSWORD'])),
)
+ @staticmethod
+ def bitbucket_mutually_exclusive():
+ return [[oauth, basic] for oauth in ["client_id", "client_secret"] for basic in ["user", "password"]]
+
@staticmethod
def bitbucket_required_one_of():
return [['client_id', 'client_secret', 'user', 'password']]
diff --git a/plugins/modules/source_control/bitbucket/bitbucket_access_key.py b/plugins/modules/source_control/bitbucket/bitbucket_access_key.py
index 6451d729..94280e51 100644
--- a/plugins/modules/source_control/bitbucket/bitbucket_access_key.py
+++ b/plugins/modules/source_control/bitbucket/bitbucket_access_key.py
@@ -227,6 +227,7 @@ def main():
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
+ mutually_exclusive=BitbucketHelper.bitbucket_mutually_exclusive(),
required_one_of=BitbucketHelper.bitbucket_required_one_of(),
required_together=BitbucketHelper.bitbucket_required_together(),
)
diff --git a/plugins/modules/source_control/bitbucket/bitbucket_pipeline_key_pair.py b/plugins/modules/source_control/bitbucket/bitbucket_pipeline_key_pair.py
index 5d42419d..9d1703c7 100644
--- a/plugins/modules/source_control/bitbucket/bitbucket_pipeline_key_pair.py
+++ b/plugins/modules/source_control/bitbucket/bitbucket_pipeline_key_pair.py
@@ -164,6 +164,7 @@ def main():
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
+ mutually_exclusive=BitbucketHelper.bitbucket_mutually_exclusive(),
required_one_of=BitbucketHelper.bitbucket_required_one_of(),
required_together=BitbucketHelper.bitbucket_required_together(),
)
diff --git a/plugins/modules/source_control/bitbucket/bitbucket_pipeline_known_host.py b/plugins/modules/source_control/bitbucket/bitbucket_pipeline_known_host.py
index 9f4f2b94..2c93feea 100644
--- a/plugins/modules/source_control/bitbucket/bitbucket_pipeline_known_host.py
+++ b/plugins/modules/source_control/bitbucket/bitbucket_pipeline_known_host.py
@@ -265,6 +265,7 @@ def main():
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
+ mutually_exclusive=BitbucketHelper.bitbucket_mutually_exclusive(),
required_one_of=BitbucketHelper.bitbucket_required_one_of(),
required_together=BitbucketHelper.bitbucket_required_together(),
)
diff --git a/plugins/modules/source_control/bitbucket/bitbucket_pipeline_variable.py b/plugins/modules/source_control/bitbucket/bitbucket_pipeline_variable.py
index e5701184..b9458291 100644
--- a/plugins/modules/source_control/bitbucket/bitbucket_pipeline_variable.py
+++ b/plugins/modules/source_control/bitbucket/bitbucket_pipeline_variable.py
@@ -226,6 +226,7 @@ def main():
module = BitBucketPipelineVariable(
argument_spec=argument_spec,
supports_check_mode=True,
+ mutually_exclusive=BitbucketHelper.bitbucket_mutually_exclusive(),
required_one_of=BitbucketHelper.bitbucket_required_one_of(),
required_together=BitbucketHelper.bitbucket_required_together(),
) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Besides the two version_added
s below (sorry I missed them before), this needs a changelog fragment:
- A
minor_changes
section for the new options (user
,password
); - A
deprecated_features
section for thatusername
has been renamed toworkspace
and the old nameusername
(now an alias) will be removed in community.general 6.0.0; - A
major_changes
entry thatclient_id
is no longer marked asno_log=True
. (major_changes
so that this gets included in the porting guide; if anyone things theirclient_id
is sensitive they need to take precautions to keep it out of logs - if it's announced that publicly nobody can complain :) ).
Co-authored-by: Felix Fontein <felix@fontein.de>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some wording and formatting issues in the changelog:
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If CI doesn't come up with a surprise, I'll merge this :)
@maxbrunet thanks a lot for contributing this! |
* bitbucket: Support Basic Auth * Rename username to user * Document user/password options * Rename username to workspace * Deprecate username * Fix credentials_required error_message * Fix credentials_required error_message * Test user/password/workspace options and env vars * Update a test to use user/password/workspace for each module * Fix check auth arguments * Use required_one_of/required_together * Fix required typo * Fix fetch_access_token * Fix tests 🤞 * Switch things up in test_bitbucket_access_key * Fix username/password are None * Remove username/password properties, use params directly * Update plugins/doc_fragments/bitbucket.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/module_utils/source_control/bitbucket.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/module_utils/source_control/bitbucket.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/module_utils/source_control/bitbucket.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/source_control/bitbucket/bitbucket_access_key.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/source_control/bitbucket/bitbucket_pipeline_key_pair.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/source_control/bitbucket/bitbucket_pipeline_known_host.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/source_control/bitbucket/bitbucket_pipeline_known_host.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/source_control/bitbucket/bitbucket_pipeline_variable.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/source_control/bitbucket/bitbucket_pipeline_variable.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/source_control/bitbucket/bitbucket_access_key.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/source_control/bitbucket/bitbucket_pipeline_key_pair.py Co-authored-by: Felix Fontein <felix@fontein.de> * Document OAuth/Basic Auth precedence * Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> * Remove no_log=False from user argument * Add changelog fragment * Correct wording and formatting in changelog Co-authored-by: Felix Fontein <felix@fontein.de> * Update changelogs/fragments/2045-bitbucket_support_basic_auth.yaml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
SUMMARY
Support Basic Auth
TODO:
username
parameter (and potentially on how migrate/deprecate as needed)Option 1. Rename currentusername
toworkspace
to follow API semantic (that did confuse me at first as my company is not a username)user
for Basic Auth username (risk to be confusing, deprecate current usage ofusername
)Option 3. ?Close #2044
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
bitbucket_access_key
bitbucket_pipeline_key_pair
bitbucket_pipeline_known_host
bitbucket_pipeline_variable
ADDITIONAL INFORMATION
Bitbucket API - Authentication methods:
https://developer.atlassian.com/bitbucket/api/2/reference/meta/authentication#app-pw