diff --git a/awx/main/credential_plugins/hashivault.py b/awx/main/credential_plugins/hashivault.py index 28f213061b..7e262912a4 100644 --- a/awx/main/credential_plugins/hashivault.py +++ b/awx/main/credential_plugins/hashivault.py @@ -40,6 +40,13 @@ base_inputs = { 'multiline': False, 'secret': True, 'help_text': _('The Secret ID for AppRole Authentication') + }, { + 'id': 'default_auth_path', + 'label': _('Path to Approle Auth'), + 'type': 'string', + 'multiline': False, + 'default': 'approle', + 'help_text': _('The AppRole Authentication path to use if one isn\'t provided in the metadata when linking to an input field. Defaults to \'approle\'') } ], 'metadata': [{ @@ -47,10 +54,11 @@ base_inputs = { 'label': _('Path to Secret'), 'type': 'string', 'help_text': _('The path to the secret stored in the secret backend e.g, /some/secret/') - },{ + }, { 'id': 'auth_path', 'label': _('Path to Auth'), 'type': 'string', + 'multiline': False, 'help_text': _('The path where the Authentication method is mounted e.g, approle') }], 'required': ['url', 'secret_path'], @@ -118,7 +126,9 @@ def handle_auth(**kwargs): def approle_auth(**kwargs): role_id = kwargs['role_id'] secret_id = kwargs['secret_id'] - auth_path = kwargs.get('auth_path') or 'approle' + # we first try to use the 'auth_path' from the metadata + # if not found we try to fetch the 'default_auth_path' from inputs + auth_path = kwargs.get('auth_path') or kwargs['default_auth_path'] url = urljoin(kwargs['url'], 'v1') cacert = kwargs.get('cacert', None) diff --git a/awx_collection/test/awx/test_credential_input_source.py b/awx_collection/test/awx/test_credential_input_source.py index a676ab15cb..703ad4adb3 100644 --- a/awx_collection/test/awx/test_credential_input_source.py +++ b/awx_collection/test/awx/test_credential_input_source.py @@ -122,7 +122,8 @@ def source_cred_hashi_secret(organization): "url": "https://secret.hash.example.com", "token": "myApiKey", "role_id": "role", - "secret_id": "secret" + "secret_id": "secret", + "default_auth_path": "path-to-approle" } )