Comments (7)
Hello @neevnuv, after further research we have determined we don't yet have this functionality for this type of credential. I have added the feature flag to this and have added this to our backlog. PRs are welcome!
from awx.
@neevnuv Since the API endpoint is of type SubListCreateAPIView
(i.e. it can take a full object instead of just an id to attach), adding it to the DEPENDENT_EXPORT
list is probably what you want. You should be aware, though, that the downside of this is that on every import a new credential input source will be created, instead of an existing one reused. If that seems unacceptable, credential input sources do have a top-level API endpoint, so they could be added to EXPORTABLE_RESOURCES
instead. The downside of that, though, is that you would need to make sure that the type is included in your exports (you either export everything, or include a --credential_input_sources
flag in your awx export
command). You will also have to add a natural key to the page type if you go this route.
Other things to care about when adding a new resource like this is whether we have a Page
type for it somewhere in awxkit/awxkit/api/pages/
(and it appears that we do for these), and if we have url patterns in awxkit/awxkit/api/resources.py
that match the endpoints (and it looks like we do).
I'd say go ahead and add it to DEPENDENT_EXPORT
and try it out, both exporting and importing. I suspect that it will just work. To answer your question, the import machinery also makes use of that list, so there should be nothing special that you need to do there.
from awx.
Hello @neevnuv,
I am exploring this issue now. Just to confirm, in your exported file resources.json
there is no actual json in the file, is that correct? Are you just seeing two empty curly brackets?
from awx.
After creating a HashiCorp Vault Secret Lookup credential, I created another credential that uses the Hashicorp secret lookup credential in order to fetch its secure data, as you'll see in the image below:
After doing so, when exporting the credentials using the cli, the output json does not contain any data about the credential input sources. Even though the input sources do not contain any important data (data that should be encrypted).
For example, when I ran the following command to get the git credential:
awx export --credentials <git-cred-id> --conf.host http://my-awx.com --conf.username <my-user> --conf.token <my-token> resources.json
I receive the following json:
{
"credentials": [
{
"name": "Git Credential",
"description": "My Cool Git Credential",
"organization": null,
"inputs": {},
"credential_type": {
"name": "Source Control",
"kind": "scm",
"type": "credential_type"
},
"user": {
"username": "admin",
"type": "user"
},
"natural_key": {
"organization": null,
"name": "Git Credential",
"credential_type": {
"name": "Source Control",
"kind": "scm",
"type": "credential_type"
},
"type": "credential"
}
}
]
}
I am hoping the credential input sources would be also visible here, for exporting/importing awx instances. It would allow me to backup the tower credential resources without losing the data inside them (without having to reconfigure the secret lookup for vault each time I import the credentials back).
from awx.
Thank you so much for providing this additional information! I can confirm I can duplicate this on my end.
from awx.
Will it solve the export issue if we add the credential_input_source to the export command to the list of DEPENDENT_EXPORT?
Here:
awx/awxkit/awxkit/api/pages/api.py
Lines 38 to 51 in f69f600
And should there be any change in the import process?
from awx.
Hello, I opened a PR and tested it on a local minikube awx instance, the PR doesn't contain a lot of changes.
I ran a few tests on it, they all worked well. I would love if you take a look and gave me feedback. #14798
from awx.
Related Issues (20)
- No ability to specify null values for source_project (ansible.controller.inventory_source)
- Inventory and Host modules are not idempotent in --check mode HOT 4
- Modules that take password are not idempotent in --check mode HOT 2
- Unformatted help text is popped out when peers for intances are changed HOT 7
- Large netbox dynamic inventory ouput doesn't allow sync hosts HOT 2
- When job is running, selected EE is not visible in the UI, it appears only after it finishes HOT 8
- Is there a way to get the awx user info in the launch job vars? HOT 1
- Atomic on provision_instance masks errors HOT 4
- Access to XMLHttpRequest at 'https://domain/api/logout/' from origin 'https://domain' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. HOT 1
- AWX Jobs Failing with "Task was canceled due to receiving a shutdown signal." HOT 2
- fork (for job adhoc command) start with high value (512) and finish with default value of 5 HOT 2
- Add `/api/v2/` link to service-index navigation view
- Error on project update since 23.9.0 ("No file was found when using first_found." on "Fetch galaxy roles and collections from requirements") HOT 12
- Add docker DNS resolver configuration option HOT 2
- [DOCS] Add terraform inventory source to Inventories chapter of Userguide HOT 5
- Allow Vault Credentials for Project SCM Type Inventories to process inventory plugin parameters HOT 3
- Postpone "Last Login" update
- AWX Community Meeting Agenda - March 2024 HOT 6
- Share link for template launch with predefined parameters
- Smart Inventory - Searching on host variables using a regex returns wrong results HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from awx.