onepassword - Support v2 #4728
Merged
onepassword - Support v2 #4728
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ansibullbot
added
WIP
felixfontein
added
check-before-release
|
Still working on this, just as time allows. |
samdoran
force-pushed
the
issue/4396-1p-cli-v2
branch
from
cc97ee2
to
d4aae5c
Compare
|
Making some good progress. It's mostly working (only the full login is not). I need to do some more polishing and update the tests. |
samdoran
force-pushed
the
issue/4396-1p-cli-v2
branch
from
d4aae5c
to
17a0cb0
Compare
ansibullbot
added
tests
This comment was marked as outdated.
This comment was marked as outdated.
samdoran
force-pushed
the
issue/4396-1p-cli-v2
branch
from
17a0cb0
to
5cdb3cc
Compare
samdoran
force-pushed
the
issue/4396-1p-cli-v2
branch
from
82e66a1
to
c34b332
Compare
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
The plugin relies on AnsibleLookupError() quite a bit which is not available in module code. Remove use of display for errors since section isn’t actually deprecated.
Still room for improvement, but this is at least a start.
samdoran
force-pushed
the
issue/4396-1p-cli-v2
branch
from
037cb13
to
1f96628
Compare
felixfontein
reviewed
Nov 4, 2022
ansibullbot
added
the
needs_revision
felixfontein
reviewed
Nov 4, 2022
This comment was marked as outdated.
This comment was marked as outdated.
samdoran
force-pushed
the
issue/4396-1p-cli-v2
branch
from
f7406da
to
0ede3ac
Compare
ansibullbot
removed
the
needs_revision
ansibullbot
added
needs_revision
|
This is good to merge now. |
felixfontein
approved these changes
Nov 4, 2022
|
Thanks for all the feedback and patience, everyone. |
russoz
pushed a commit
to russoz-ansible/community.general
that referenced
this pull request
Nov 5, 2022
…ections#5440) * Start using Ansible's config manager to handle options. * Docs improvements. * Fix documentation, make options actual lookup options. * The cyberarkpassword lookup does too strange things. * The onepassword lookups are converted in ansible-collections#4728, let's not interfere. * Improve docs. * Skip shelvefile as well. * Convert lmdb_kv. * Convert and fix credstash. * Convert manifold. * Drop chef_databag. * Convert dig. * Update examples. * Forgot the most important part. * Fix lmdb_kv docs. * Python 2.6 compatibility. * Convert AnsibleUnicode to str. * Load lookup with lookup loader. * Fix environment handling and error message checking. * Improve docs formatting.
felixfontein
removed
the
check-before-release
|
@samdoran thanks a lot for your contribution! |
bratwurzt
pushed a commit
to bratwurzt/community.general
that referenced
this pull request
Nov 7, 2022
…ections#5440) * Start using Ansible's config manager to handle options. * Docs improvements. * Fix documentation, make options actual lookup options. * The cyberarkpassword lookup does too strange things. * The onepassword lookups are converted in ansible-collections#4728, let's not interfere. * Improve docs. * Skip shelvefile as well. * Convert lmdb_kv. * Convert and fix credstash. * Convert manifold. * Drop chef_databag. * Convert dig. * Update examples. * Forgot the most important part. * Fix lmdb_kv docs. * Python 2.6 compatibility. * Convert AnsibleUnicode to str. * Load lookup with lookup loader. * Fix environment handling and error message checking. * Improve docs formatting.
bratwurzt
pushed a commit
to bratwurzt/community.general
that referenced
this pull request
Nov 7, 2022
…ections#5440) * Start using Ansible's config manager to handle options. * Docs improvements. * Fix documentation, make options actual lookup options. * The cyberarkpassword lookup does too strange things. * The onepassword lookups are converted in ansible-collections#4728, let's not interfere. * Improve docs. * Skip shelvefile as well. * Convert lmdb_kv. * Convert and fix credstash. * Convert manifold. * Drop chef_databag. * Convert dig. * Update examples. * Forgot the most important part. * Fix lmdb_kv docs. * Python 2.6 compatibility. * Convert AnsibleUnicode to str. * Load lookup with lookup loader. * Fix environment handling and error message checking. * Improve docs formatting.
russoz
pushed a commit
to russoz-ansible/community.general
that referenced
this pull request
Nov 10, 2022
…ections#5440) * Start using Ansible's config manager to handle options. * Docs improvements. * Fix documentation, make options actual lookup options. * The cyberarkpassword lookup does too strange things. * The onepassword lookups are converted in ansible-collections#4728, let's not interfere. * Improve docs. * Skip shelvefile as well. * Convert lmdb_kv. * Convert and fix credstash. * Convert manifold. * Drop chef_databag. * Convert dig. * Update examples. * Forgot the most important part. * Fix lmdb_kv docs. * Python 2.6 compatibility. * Convert AnsibleUnicode to str. * Load lookup with lookup loader. * Fix environment handling and error message checking. * Improve docs formatting.
russoz
pushed a commit
to russoz-ansible/community.general
that referenced
this pull request
Nov 10, 2022
* Begin building out separate classes to support different op cli versions Create separet base classes for each major version. Define the main interface in the base class. Create methods for getting the current version and instantiating the appropriate class based on the found version. * First pass at mostly working CLI version classes * Correct mismathched parameters * Update _run() method to allow updating enviroment This allows passing in the app secret as an env var, which is more secure than using a command line arg. * Continuing to improve the interface * Tear existing tests down to the studs These tests were based off of the LastPass unit tests. I’m going to just start from scratch given the new plugin code is vastly diffenent. * Fix sanity test * CLI config file path can be None * Improve required param checking - only report missing params - use proper grammer based on number of missing params * Change assert_logged_in() method return value Return a boolean value indicating whether or not account is signed in * Improve full login for v2 Have to do a bit of a dance to avoid hitting the interactive prompt if there are no accounts configured. * Remove unused methods * Add some tests * Fix linting errors * Move fixtures to separate file * Restructure mock test data and add more tests * Add boilerplate * Add test scenario for op v2 and increase coverage * Fix up copyright statements * Test v1 and v2 in all cases * Use a more descriptive variable name * Use docstrings rather than pass in abstract class This adds coverage to abstract methods with the least amount of hackery. * Increase test coverage for CLI classes * Sort test parameters to avoid collection errors * Update version tested in docs * Revere test parameter sorting for now The parameters need to be sorted to avoid the issue in older Python versions in CI, but I’m having trouble working out how to do that currently. * Allow passing kwargs to the lookup module under test * Favor label over id for v2 when looking for values Add tests * Display a warning for section on op v2 or greater There is no “value” in section fields. If we wanted to support sections in v2, we would also have to allow specifying the field name in order to override “value”. * Move test cases to their own file Getting a bit unwieldy having it in the test file * Move output into JSON files fore easier reuse * Switch to using get_options() * Add licenses for fixture files * Use get_option() since get_options() was added in Ansible Core 2.12 * Rearrange fixtures * Add changelog * Move common classes to module_utils * Move common classes back to lookup The plugin relies on AnsibleLookupError() quite a bit which is not available in module code. Remove use of display for errors since section isn’t actually deprecated. * Properly handle sections Still room for improvement, but this is at least a start. * Remove some comments that won’t be addressed * Make test gathering more deterministic to avoid failures * Update changelog fragment * Simple fix for making tests reliable
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
Fixes #4396.
Closes #4415.
The interface and data schema for
opversion two changed significantly. Create a base class defining the common interface then define version specific classes.The appropriate class will be used based on the discovered
opversion.The lookups/module will fail gracefully for unsupported versions.
ISSUE TYPE
COMPONENT NAME
plugins/lookup/onepassword.pyADDITIONAL INFORMATION
Still a work in progress. Open to feedback.