New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
hashi_vault: allow mount_point for approle auth #46352
Conversation
As already made for LDAP, this will allow to specify a mount point for approle authentication. Default values for mount points ('ldap' for LDAP, 'AppRole' for approle) are already default values in hvac library
|
||
self.client.auth_ldap(username, password, mount_point) | ||
if not mount_point: | ||
self.client.auth_ldap(username, password) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this going to alter the default behavior of the module or is the mount_point = 'ldap'
inferred by client.auth_ldap
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The default mount_point will stay ldap
.
This module is using hvac
as library and ldap
is the default mount point if not specified:
DEFAULT_MOUNT_POINT = 'ldap'
...
def login(self, username, password, use_token=True, mount_point=DEFAULT_MOUNT_POINT):
https://github.com/hvac/hvac/blob/5b42620ddac5474574eb98437d2645dade1824c1/hvac/api/auth_methods/ldap.py#L8
https://github.com/hvac/hvac/blob/5b42620ddac5474574eb98437d2645dade1824c1/hvac/api/auth_methods/ldap.py#L355
@bbayszczak this looks good, would you mind adding something to the integration testing to exercise the new functionality? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shipit
needs_info |
cc @defionscode |
@bbayszczak This pullrequest is waiting for your response. Please respond or the pullrequest will be closed. |
@bbayszczak Could you please rebase this branch and let me know ? Thanks. |
@bbayszczak You have not responded to information requests in this pullrequest so we will assume it no longer affects you. If you are still interested in this, please create a new pullrequest with the requested information. |
SUMMARY
mount_point parameter is not used when using approle authentication
Default values are removed ('ldap' for LDAP, 'AppRole' for approle) because there
is already default values in hvac library
ISSUE TYPE
COMPONENT NAME
hashi_vault
ANSIBLE VERSION
ADDITIONAL INFORMATION
Lookup request
Before
After