Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

database secrets engine config #133

Merged
merged 23 commits into from
Jun 18, 2019
Merged

database secrets engine config #133

Changes from 1 commit
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
3b31b19
include but disable db tests
drewmullen May 31, 2019
7261209
include idemp db config module
drewmullen May 31, 2019
e6c3914
init module
drewmullen May 31, 2019
d5b3d4d
include but disable tests
drewmullen May 31, 2019
851ea04
enable tests
drewmullen Jun 3, 2019
bb3310d
init module secret eng mgmt
drewmullen Jun 3, 2019
4684e46
deprecate nonconformative modules
drewmullen Jun 3, 2019
0d4725a
disable test until hvac 9.2 is released
drewmullen Jun 3, 2019
8e25519
fix idempotence check for eng config
drewmullen Jun 4, 2019
2220906
fix idempotent checks az auth cfg
drewmullen Jun 4, 2019
9d17e88
revert deprecated name change, docs failing
drewmullen Jun 4, 2019
7fdd60e
fix idempotence check for auth_method
drewmullen Jun 4, 2019
a283ca0
wip
drewmullen Jun 4, 2019
c892e4f
nocows =1 by default
drewmullen Jun 4, 2019
79a8868
quoting docstring dictionaries
drewmullen Jun 6, 2019
225acfe
default var causing doc job failure?
drewmullen Jun 7, 2019
0bd59ab
replace non-problems with original changes
drewmullen Jun 7, 2019
d29a420
hvac 9.2 required
drewmullen Jun 10, 2019
de33a46
enable tests
drewmullen Jun 10, 2019
a8f02ff
fix tests but remain disabled
drewmullen Jun 10, 2019
723f695
fix function name and un/pw vars
drewmullen Jun 10, 2019
41d0101
upgrade test framework to 3.7. hold breath"
drewmullen Jun 10, 2019
0fc7868
remove required check
drewmullen Jun 10, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix idempotent checks az auth cfg
  • Loading branch information
@drewmullen
drewmullen committed Jun 4, 2019
commit 22209069049bc8aab3e7cd42447c04c366789067
35 changes: 21 additions & 14 deletions ansible/modules/hashivault/hashivault_azure_auth_config.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,8 @@ def hashivault_azure_auth_config(module):
changed = False
config_file = params.get('config_file')
mount_point = params.get('mount_point')
desired_state = dict()
current_state = dict()

# do not want a trailing slash in mount_point
if mount_point[-1]:
Expand All @@ -134,36 +136,41 @@ def hashivault_azure_auth_config(module):
# if config_file is set, set sub_id, ten_id, client_id, client_secret from file
# else set from passed args
if config_file:
config = json.loads(open(params.get('config_file'), 'r').read())
tenant_id = config.get('tenant_id')
client_id = config.get('client_id')
client_secret = config.get('client_secret')
resource = config.get('resource')
desired_state = json.loads(open(params.get('config_file'), 'r').read())
if 'resource' not in desired_state:
desired_state['resource'] = params.get('resource')
if 'environment' not in desired_state:
desired_state['environment'] = params.get('environment')
else:
tenant_id = params.get('tenant_id')
client_id = params.get('client_id')
client_secret = params.get('client_secret')
resource = params.get('resource')
desired_state['tenant_id'] = params.get('tenant_id')
desired_state['client_id'] = params.get('client_id')
desired_state['client_secret'] = params.get('client_secret')
desired_state['resource'] = params.get('resource')
desired_state['environment'] = params.get('environment')

# check if engine is enabled
if (mount_point + "/") not in client.sys.list_auth_methods()['data'].keys():
return {'failed': True, 'msg': 'auth mount is not enabled', 'rc': 1}

# check if any config exists
try:
current = client.auth.azure.read_config()
current_state = client.auth.azure.read_config()
except:
changed = True

# check if current config matches desired config values, if they dont match, set changed true
if changed == False:
mismatched = {k:v for k, v in current.items() if params[k] != v}
if mismatched:
for k, v in current_state.items():
if v != desired_state[k]:
changed = True

# if changed == False:
# mismatched = {k:v for k, v in current.items() if params[k] != v}
# if mismatched:
# changed = True

# if configs dont match and checkmode is off, complete the change
if changed == True and not module.check_mode:
result = client.auth.azure.configure(tenant_id=tenant_id, client_id=client_id, client_secret=client_secret, resource=resource, mount_point=mount_point)
result = client.auth.azure.configure(mount_point=mount_point, **desired_state)

return {'changed': changed}

Expand Down