Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support pyrax.auth_with_token in rackspace modules #29440

Open
wants to merge 1 commit into
base: devel
from

Conversation

@kouk
Copy link

commented Sep 11, 2017

SUMMARY

When automating ansible or running in a less than fully trusted
environment it's desirable to use the scoped and short-lived
auth token

that rackspace supports. For this we should optionally be able to use pyrax.auth_with_token instead of the credentials file.

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

rax

ANSIBLE VERSION
ansible 2.5.0 (rax_auth_token 52daaa08db) last updated 2017/09/11 12:16:40 (GMT +300)
  config file = None
  configured module search path = [u'/Users/kouk/code/ansible/library']
  ansible python module location = /Users/kouk/code/ansible/lib/ansible
  executable location = /Users/kouk/code/ansible/bin/ansible
  python version = 2.7.13 (default, Jul 18 2017, 09:17:00) [GCC 4.2.1 Compatible Apple LLVM 8.1.0 (clang-802.0.42)]
ADDITIONAL INFORMATION

This pr adds support for retrieving the auth token either from the
rax modules arguments or from the environment. It also uses the tenant
name since it is required when authenticating via auth token.

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Sep 11, 2017

@kouk Greetings! Thanks for taking the time to open this pullrequest. In order for the community to handle your pullrequest effectively, we need a bit more information.

Here are the items we could not find in your description:

  • issue type

Please set the description of this pullrequest with this template:
https://raw.githubusercontent.com/ansible/ansible/devel/.github/PULL_REQUEST_TEMPLATE.md

click here for bot help

@kouk

This comment has been minimized.

Copy link
Author

commented Sep 26, 2017

bot_status

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Sep 26, 2017

waiting_on: ansible
component: None
supported_by: core
changes_requested_by: null
needs_info: False
needs_revision: False
needs_rebase: False
merge_commits: []
mergeable_state: clean
shippable_status: success
maintainer_shipits (module maintainers): False
community_shipits (namespace maintainers): False
ansible_shipits (core team members): False
shipit_actors (maintainer or core team member): None
shipit_actors_other:

click here for bot help

@kouk

This comment has been minimized.

Copy link
Author

commented Oct 9, 2017

any news on this?

@kouk

This comment has been minimized.

Copy link
Author

commented Nov 9, 2017

bump?

@ansibot ansibot added feature and removed feature_pull_request labels Mar 2, 2018

@kouk kouk force-pushed the kouk:rax_auth_token branch Mar 20, 2018

@ansibot ansibot removed the stale_ci label Mar 20, 2018

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Mar 20, 2018

The test ansible-test sanity --test validate-modules [explain] failed with 24 errors:

lib/ansible/modules/cloud/rackspace/rax_cbs.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_cbs_attachments.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_cdb.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_cdb_database.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_cdb_user.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_clb.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_clb_ssl.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_dns.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_dns_record.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_facts.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_files.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_files_objects.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_identity.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_keypair.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_meta.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_mon_alarm.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_mon_check.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_mon_entity.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_mon_notification.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_mon_notification_plan.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_network.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_queue.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_scaling_group.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/rackspace/rax_scaling_policy.py:0:0: E322 "auth_token" is listed in the argument_spec, but not documented in the module

click here for bot help

lib/ansible/module_utils/rax.py Outdated
@@ -244,6 +244,7 @@ def rax_argument_spec():
return dict(
api_key=dict(type='str', aliases=['password'], no_log=True),
auth_endpoint=dict(type='str'),
auth_token=dict(type='str'),

This comment has been minimized.

Copy link
@mattclay

mattclay Mar 23, 2018

Member

This needs to be documented in the rackspace docs fragment.

This comment has been minimized.

Copy link
@kouk

kouk Apr 18, 2018

Author

Thanks, I missed that. I've pushed the necessary changes (waiting for CI).

This comment has been minimized.

Copy link
@kouk

kouk Apr 18, 2018

Author

CI passed.

This comment has been minimized.

Copy link
@mattclay

mattclay Nov 7, 2018

Member

Since this is a credential no_log=True should be set here.

@ansibot ansibot added the stale_ci label Mar 31, 2018

@kouk kouk force-pushed the kouk:rax_auth_token branch Apr 18, 2018

@ansibot ansibot removed the ci_verified label Apr 18, 2018

@ansibot ansibot removed the stale_review label Nov 23, 2018

@kouk

This comment has been minimized.

Copy link
Author

commented Nov 26, 2018

@Erethon can you take a look?

@Erethon

This comment has been minimized.

Copy link
Contributor

commented Dec 5, 2018

LGTM, been using it for a while with the new variable names without any issues.

@ansibot ansibot removed the support:core label Dec 13, 2018

@kouk

This comment has been minimized.

Copy link
Author

commented Jan 2, 2019

ping @mattclay

Out-of-date review.

@kouk kouk force-pushed the kouk:rax_auth_token branch Feb 23, 2019

@kouk

This comment has been minimized.

Copy link
Author

commented Feb 23, 2019

@mattclay @Erethon i rebased onto devel but it seems an apparently unrelated test in shippable finished with an error. Can we retry the build?

Support pyrax.auth_with_token in rackspace modules
When automating ansible or running in a less than fully trusted
environment it's desirable to use the [scoped and short-lived
auth token](https://developer.rackspace.com/docs/cloud-servers/v2/getting-started/authenticate/)
that rackspace supports. For this we can use `pyrax.auth_with_token`.

This pr adds support for retrieving the auth token either from the
rax modules arguments or from the environment. It also uses the tenant
name since it is required when authenticating via auth token.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.