zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-04-30 20:01:48 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix a variety of bugs that break vault pass injection for playbook runs

Browse Source 
see: #6924
This commit is contained in:
Ryan Petrello
2017-07-07 12:19:31 -04:00
parent 463ef9d4b0
commit 3c2fe5e6db
4 changed files with 56 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
awx/main/tasks.py
View File

@@ -872,15 +872,19 @@ class RunJob(BaseTask):
and ansible-vault.
'''
passwords = super(RunJob, self).build_passwords(job, **kwargs)
creds = job.credential
if creds:
for field in ('ssh_key_unlock', 'ssh_password', 'become_password', 'vault_password'):
if field == 'ssh_password':
value = kwargs.get(field, decrypt_field(creds, 'password'))
else:
value = kwargs.get(field, decrypt_field(creds, field))
if value not in ('', 'ASK'):
passwords[field] = value
for cred, fields in {
'credential': ('ssh_key_unlock', 'ssh_password', 'become_password'),
'vault_credential': ('vault_password',)
}.items():
cred = getattr(job, cred, None)
if cred:
for field in fields:
if field == 'ssh_password':
value = kwargs.get(field, decrypt_field(cred, 'password'))
else:
value = kwargs.get(field, decrypt_field(cred, field))
if value not in ('', 'ASK'):
passwords[field] = value
return passwords
def build_env(self, job, **kwargs):