Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow aliases for env vars #60960

Open
wants to merge 2 commits into
base: devel
from

Conversation

@dbanttari
Copy link
Contributor

commented Aug 20, 2019

SUMMARY

Allow permutations of env var keys to support (eg) Jenkins' AzureCredentials
plugin, which provides env vars via AZURE_CLIENT_SECRET and
AZURE_TENANT_ID which we previously would ignore

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

azure_rm_common

ADDITIONAL INFORMATION

with this environment (n.b. all of these vars are ignored in current code):

>printenv | grep AZ
AZURE_SUBSCRIPTION=********
AZURE_TENANT_ID=********
AZURE_CLIENT_SECRET=********
AZURE_CLIENT=********

before:

TASK [test-keyvault : set_fact] ************************************************************************************************
fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'azure_keyvault_secret'. Error was a <class 'ansible.module_utils.azure_rm_common.AzureRMAuthException'>, original message: Failed to get credentials. Either pass as parameters, set environment variables, define a profile in ~/.azure/credentials, or log in with Azure CLI (`az login`)."}

after:

TASK [test-keyvault : set_fact] ************************************************************************************************
ok: [localhost]
@dbanttari

This comment has been minimized.

Copy link
Contributor Author

commented Aug 20, 2019

n.b. for this test, I'm using the azure_keyvault_secret lookup from Azure/azure_preview_modules#297 which uses AzureRMAuth. The task code is:

- set_fact:
    shhhh: "{{ lookup('azure_keyvault_secret', '********', vault_url='https://********.vault.azure.net/') | b64decode }}"
  connection: local
@ansibot

This comment has been minimized.

@dbanttari

This comment has been minimized.

Copy link
Contributor Author

commented Aug 20, 2019

If accepted, it would be helpful to update the documentation at https://docs.ansible.com/ansible/latest/scenario_guides/guide_azure.html#providing-credentials-to-azure-modules , which I'll be happy to do if someone can point me at the source for that.

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Aug 20, 2019

The test ansible-test sanity --test pylint [explain] failed with 9 errors:

lib/ansible/module_utils/azure_rm_common.py:43:28: bad-whitespace Exactly one space required after comma     profile=['AZURE_PROFILE','AZURE_PROFILE_ID','AZURE_CLIENT_PROFILE'],                             ^
lib/ansible/module_utils/azure_rm_common.py:43:47: bad-whitespace Exactly one space required after comma     profile=['AZURE_PROFILE','AZURE_PROFILE_ID','AZURE_CLIENT_PROFILE'],                                                ^
lib/ansible/module_utils/azure_rm_common.py:44:44: bad-whitespace Exactly one space required after comma     subscription_id=['AZURE_SUBSCRIPTION_ID','AZURE_SUBSCRIPTION'],                                             ^
lib/ansible/module_utils/azure_rm_common.py:45:32: bad-whitespace Exactly one space required after comma     client_id=['AZURE_CLIENT_ID','AZURE_CLIENT'],                                 ^
lib/ansible/module_utils/azure_rm_common.py:46:26: bad-whitespace Exactly one space required after comma     secret=['AZURE_SECRET','AZURE_SECRET_ID','AZURE_CLIENT_SECRET'],                           ^
lib/ansible/module_utils/azure_rm_common.py:46:44: bad-whitespace Exactly one space required after comma     secret=['AZURE_SECRET','AZURE_SECRET_ID','AZURE_CLIENT_SECRET'],                                             ^
lib/ansible/module_utils/azure_rm_common.py:47:26: bad-whitespace Exactly one space required after comma     tenant=['AZURE_TENANT','AZURE_TENANT_ID'],                           ^
lib/ansible/module_utils/azure_rm_common.py:48:28: bad-whitespace Exactly one space required after comma     ad_user=['AZURE_AD_USER','AZURE_AD_USER_ID'],                             ^
lib/ansible/module_utils/azure_rm_common.py:49:30: bad-whitespace Exactly one space required after comma     password=['AZURE_PASSWORD','AZURE_AD_PASSWORD'],                               ^

The test ansible-test sanity --test pep8 [explain] failed with 9 errors:

lib/ansible/module_utils/azure_rm_common.py:43:29: E231 missing whitespace after ','
lib/ansible/module_utils/azure_rm_common.py:43:48: E231 missing whitespace after ','
lib/ansible/module_utils/azure_rm_common.py:44:45: E231 missing whitespace after ','
lib/ansible/module_utils/azure_rm_common.py:45:33: E231 missing whitespace after ','
lib/ansible/module_utils/azure_rm_common.py:46:27: E231 missing whitespace after ','
lib/ansible/module_utils/azure_rm_common.py:46:45: E231 missing whitespace after ','
lib/ansible/module_utils/azure_rm_common.py:47:27: E231 missing whitespace after ','
lib/ansible/module_utils/azure_rm_common.py:48:29: E231 missing whitespace after ','
lib/ansible/module_utils/azure_rm_common.py:49:31: E231 missing whitespace after ','

click here for bot help

@dbanttari

This comment has been minimized.

Copy link
Contributor Author

commented Aug 20, 2019

Looks like test failures were just timeouts

@Fred-sun

This comment has been minimized.

Copy link
Contributor

commented Aug 21, 2019

@dbanttari You can turn it off and open it again to trigger CI verify. Thank you!

@ansibot ansibot added the has_issue label Aug 21, 2019

@dbanttari dbanttari closed this Aug 21, 2019

@dbanttari dbanttari reopened this Aug 21, 2019

@dbanttari

This comment has been minimized.

Copy link
Contributor Author

commented Aug 21, 2019

-label needs_ci

@dbanttari

This comment has been minimized.

Copy link
Contributor Author

commented Aug 21, 2019

hm, only two tests timed out this time. Not sure I can do anything other than keep retrying until I get lucky and they complete in time.

@dbanttari dbanttari closed this Aug 23, 2019

@dbanttari dbanttari reopened this Aug 23, 2019

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Aug 27, 2019

@dbanttari this PR contains the following merge commits:

Please rebase your branch to remove these commits.

click here for bot help

dbanttari added 2 commits Aug 20, 2019
Allow aliases for env vars
eg Jenkins' AzureCredentials plugin provides env vars `AZURE_CLIENT_SECRET`
and `AZURE_TENANT_ID` which we previously would ignore

@dbanttari dbanttari force-pushed the dbanttari:feature/env-var-permutations branch from 1226aac to dbeaca1 Aug 28, 2019

@ansibot ansibot removed the merge_commit label Aug 28, 2019

@ansibot ansibot removed the needs_rebase label Aug 28, 2019

@Fred-sun

This comment has been minimized.

Copy link
Contributor

commented Sep 4, 2019

ready_for_review

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.