Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move injectors to ManagedCredentialType #57

Open
wants to merge 5 commits into
base: devel
Choose a base branch
from
Open

Move injectors to ManagedCredentialType #57

wants to merge 5 commits into from

Conversation

chrismeyersfsu
Copy link
Member

Injectors are a bail-out mechanism for when you need to do something that the templating engine does not support, for a particular credential type. They are strongly tied to one and only one credential type. Before this change they lived far away from the ManagedCredentialType they are associated for. The link was the credential kind string was the same as the injector function name. This was a very loose coupling. This change is a tighter coupling.

@chrismeyersfsu
Move injectors to ManagedCredentialType
318eb62 
Injectors are a bail-out mechanism for when you need to do something
that the templating engine does not support, for a particular credential
type. They are strongly tied to one and only one credential type. Before
this change they lived far away from the ManagedCredentialType they are
associated for. The link was the credential kind string was the same as
the injector function name. This was a very loose coupling. This change
is a tighter coupling.
@chrismeyersfsu chrismeyersfsu mentioned this pull request Nov 15, 2024
Open
AlanCoding
AlanCoding approved these changes Nov 15, 2024
View reviewed changes
Copy link
Member

@AlanCoding AlanCoding left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Putting this in my own words...

The custom logic like awx_plugins.credentials.injectors.aws already lived here, but there was no link in the plugin definition to the custom logic. So somehow that got referenced by a literal name like "aws".

My only gripe would be that post_injectors doesn't feel like a great name. Like, sure, maybe it runs after the other stuff (templates)? But it's usually an alternative to the templates, making that detail kind of irrelevant practically. It's more important that it runs custom python logic like a caveman, as opposed to any structured injector definition.

@chrismeyersfsu
Copy link
Member Author

  1. injectors_override
  2. custom_injectors
  3. alt_injectors
  4. injectors_fn

@AlanCoding
Copy link
Member

I'd lean towards (2) myself.

@webknjaz
Copy link
Member

webknjaz commented Nov 15, 2024
edited
Loading

I had an alternative idea with ansible/awx_plugins.interfaces#10 / #50 / ansible/awx#15595 FTR

@chrismeyersfsu chrismeyersfsu force-pushed the AAP-35749-move-inject-credential branch 3 times, most recently from ce238b7 to 888f5b4 Compare November 18, 2024 17:58
@AlanCoding
Copy link
Member

I slightly lean towards the sentiment @chrismeyersfsu expressed in ansible/awx#15595

So I lean more towards getting rid of this "problem" by bringing these custom injectors closer to the ManagedCredentialType they are related to.

But even if we did nothing, it wouldn't bother me that much, since they already live in the plugins repo.

@chrismeyersfsu
Rename injector callback
ebc23bc 
* Defining an injector as code is an override. The previous name made it
  sound like the template engine would run, then the custom injector.
  This is not the case. If the custom injector is defined then the
  templating engine doens't run.
@chrismeyersfsu
Fix lint
8bf79b0
@webknjaz
Copy link
Member

webknjaz commented Nov 19, 2024
edited
Loading

@chrismeyersfsu typing change handling instructions:

  1. Merge Adopt the custom_injectors callback awx_plugins.interfaces#13
  2. Click Run workflow @ https://github.com/ansible/awx_plugins.interfaces/actions/workflows/ci-cd.yml, entering 0.0.1a2 precisely in the version field. Don't enter anything else and submit the form.
  3. Wait until the newly created workflow run completes tests and pauses, then approve releasing on the workflow run summary page.
  4. Wait until the workflow run completes fully.
  5. Click Run workflow @ https://github.com/ansible/awx-plugins/actions/workflows/pip-tools.yml, entering awx_plugins.interfaces in the only input field.
  6. Wait until that workflow completes and opens a PR with the version bump in the lock files.
  7. Go to that PR and undraft it. You can approve it and enable auto-merge at this point.
  8. Once that PR is merged, you can rebase this one.

@webknjaz webknjaz mentioned this pull request Nov 20, 2024
Merged
webknjaz
webknjaz reviewed Nov 20, 2024
View reviewed changes
src/awx_plugins/credentials/injectors.py
@@ -6,6 +6,9 @@
import stat
import tempfile

from awx_plugins.interfaces._temporary_private_api import ( # noqa: WPS436
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
from awx_plugins.interfaces._temporary_private_api import ( # noqa: WPS436
from awx_plugins.interfaces._temporary_private_credential_api import ( # noqa: WPS436

webknjaz
webknjaz reviewed Nov 20, 2024
View reviewed changes
src/awx_plugins/credentials/injectors.py
@@ -16,7 +19,7 @@
import yaml


def aws(cred, env, private_data_dir):
def aws(cred: Credential, env: dict, private_data_dir: str):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While on it, could you also mark the returned type for all of the functions in the module?

Suggested change
def aws(cred: Credential, env: dict, private_data_dir: str):
def aws(cred: Credential, env: dict, private_data_dir: str) -> None:

webknjaz
webknjaz reviewed Nov 20, 2024
View reviewed changes
src/awx_plugins/credentials/plugins.py
@@ -8,6 +8,16 @@
gettext_noop,
)

from awx_plugins.credentials.injectors import (
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Always use relative imports for local modules:

Suggested change
from awx_plugins.credentials.injectors import (
from .injectors import (

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlanCoding AlanCoding AlanCoding approved these changes

@webknjaz webknjaz webknjaz left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chrismeyersfsu @AlanCoding @webknjaz