Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add Azure config dump #15134

Open
wants to merge 4 commits into
base: devel
Choose a base branch
from
Open

add Azure config dump #15134

wants to merge 4 commits into from

Conversation

jessicamack
Copy link
Member

SUMMARY

dump_auth_config will now also dump Azure AD config data.

ISSUE TYPE
  • New or Enhanced Feature
COMPONENT NAME
  • Other
AWX VERSION
awx: 24.2.1.
ADDITIONAL INFORMATION

if Azure AD is not configured

    {
        "AZURE_missing_fields": [
            "KEY"
        ]
    }

if Azure AD is configured

    {
        "type": "ansible_base.authentication.authenticator_plugins.azuread",
        "name": "AZUREAD",
        "enabled": true,
        "create_objects": true,
        "users_unique": false,
        "remove_users": true,
        "configuration": {
            "CALLBACK_URL": "https://towerhost/sso/complete/azuread-oauth2/",
            "KEY": "b380e716-01ae-11ef-8fb0-0242ac140004",
            "SECRET": "test"
        }
    }

jbradberry
jbradberry reviewed May 30, 2024
View reviewed changes
awx/main/management/commands/dump_auth_config.py
@@ -174,6 +187,22 @@ def handle(self, *args, **options):
else:
data.append({f"LDAP_{awx_ldap_name}_missing_fields": ldap_missing_fields})

# dump AZURE settings
awx_azure_settings = self.get_awx_azure_settings()
awx_azure_enabled, azure_missing_fields = self.is_enabled(awx_azure_settings, self.DAB_AZURE_AUTHENTICATOR_KEYS)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see that is_enabled is a method that is already established prior to this PR, but I'm concerned that it treats an explicit None the same as a missing key/value. Worse, now that I'm thinking of it, any explicit value that evaluates as false-like. This is IMO a bug waiting to happen.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The way I'd deal with it:

  • establish a module variable MISSING = object()
  • condition becomes if required and settings.get(key, MISSING) is MISSING:

jbradberry
jbradberry requested changes May 30, 2024
View reviewed changes
Copy link
Member

@jbradberry jbradberry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See my comments.

@jbradberry jbradberry mentioned this pull request May 30, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbradberry jbradberry jbradberry requested changes

@chrismeyersfsu chrismeyersfsu Awaiting requested review from chrismeyersfsu

@john-westcott-iv john-westcott-iv Awaiting requested review from john-westcott-iv

@TheRealHaoLiu TheRealHaoLiu Awaiting requested review from TheRealHaoLiu

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
component:api
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jessicamack @jbradberry