Extensible attributes for Ansible Tower Credentials #13826
Conversation
|
@miq-bot add_labels wip, enhancement, providers/ansible_tower |
jameswnl
force-pushed
the
tower-creds-2
branch
from
e029707
to
b6b9f74
Compare
jameswnl
force-pushed
the
tower-creds-2
branch
from
b6b9f74
to
71aa933
Compare
|
Hardcoded is fine right now. Don't worry about AlignHash in this instance, but do fix the other rubocops. |
| @@ -1,2 +1,85 @@ | |||
| class ManageIQ::Providers::AnsibleTower::AutomationManager::MachineCredential < ManageIQ::Providers::AutomationManager::Authentication | |||
| def self.fields | |||
| return { | |||
| @@ -0,0 +1,5 @@ | |||
| class AddOptionsColumnToAuthentication < ActiveRecord::Migration[5.0] | |||
| def change | |||
| add_column :notifications, :options, :text | |||
There was a problem hiding this comment.
You're pointing to the wrong table...
| :type => 'string', | ||
| :required => false, | ||
| :label => 'Description', | ||
| :help_text => 'Optional description of this credential.', |
There was a problem hiding this comment.
These strings need I18N. @himdel is that the _N method?
There was a problem hiding this comment.
So.. depends.. it's either N_ or _, the first if you want the string to get in the translation catalog but don't want to translate it right away (meaning you have to pass it through _ at some later point), the latter if you want it translated right away.
Right now, help_text is never used anywhere in the UI, so .. no idea which :).
There was a problem hiding this comment.
Either way, the same goes for label
jameswnl
force-pushed
the
tower-creds-2
branch
8 times, most recently
from
76acfaf
to
dcd74ba
Compare
|
@Fryguy @bdunne @blomquisg I've added attribute accessor to the |
jameswnl
force-pushed
the
tower-creds-2
branch
4 times, most recently
from
37436b7
to
1b83e6d
Compare
jameswnl
force-pushed
the
tower-creds-2
branch
from
1b83e6d
to
f4ded8d
Compare
| @@ -1,2 +1,5 @@ | |||
| class ManageIQ::Providers::AnsibleTower::AutomationManager::AmazonCredential < ManageIQ::Providers::AnsibleTower::AutomationManager::CloudCredential | |||
| ATTRIBUTES = [:description, :username, :security_token].freeze | |||
There was a problem hiding this comment.
Not crazy about calling it ATTRIBUTES, I don't want it to be confused with #attributes. Maybe EXTRA_ATTRIBUTES?
There was a problem hiding this comment.
sure, will update this
| module ManageIQ::Providers::AnsibleTower::AutomationManager::CredentialMixin | ||
| extend ActiveSupport::Concern | ||
|
|
||
| FIELDS = { |
There was a problem hiding this comment.
I don't think this belongs in the mixin. Not all of these fields apply to all credential types.
| options && options[attr] ? options[attr] : FIELDS[attr][:default] | ||
| end | ||
|
|
||
| define_method(:"#{attr}=") do |value| |
There was a problem hiding this comment.
Do we even need writer methods for this? Shouldn't all of this be pulled from refresh?
There was a problem hiding this comment.
Why would the UI be writing this? Any UI changes should be an update that is pushed to Tower and the refresh should update the columns.
|
|
||
| included do | ||
| self::ATTRIBUTES.each do |attr| | ||
| define_method(:"#{attr}") do |
There was a problem hiding this comment.
yes, check the spec
There was a problem hiding this comment.
I guess I'm just surprised at the complexity when it could just be define_method(attr) do
There was a problem hiding this comment.
On a side note, I'm kind of amazed at this:
irb(main):011:0> attr = :abc
=> :abc
irb(main):012:0> attr.object_id
=> 16075548
irb(main):013:0> (:"#{attr}").object_id
=> 16075548There was a problem hiding this comment.
Either way, I'm still against the dynamically defined methods.
|
|
||
| included do | ||
| self::ATTRIBUTES.each do |attr| | ||
| define_method(:"#{attr}") do |
There was a problem hiding this comment.
Dynamically defining methods makes it really hard to troubleshoot later. I don't see the methods changing often, can we just define the necessary methods on the appropriate models? Or set up a few mixins that get included?
| self.options[attr] = value | ||
| end | ||
|
|
||
| define_method(:"#{attr}_meta") do |
There was a problem hiding this comment.
Welcome suggestions to remove/add these
|
|
||
| module ClassMethods | ||
| def fields | ||
| self::ATTRIBUTES.each_with_object({}) do |field_key, hash| |
There was a problem hiding this comment.
There is no need to rebuild this on every call. It should probably be in a constant.
| @@ -0,0 +1,19 @@ | |||
| class DummyCredential < ::Authentication | |||
There was a problem hiding this comment.
Please don't create class constants in the test environment. They are not limited in scope to this test and have conflicted in the past and troubleshooting is painful. Instead, if needed:
let(:test_class) do
class.new(::Authentication) do
ATTRIBUTES = []
etc...
end
end
jameswnl
force-pushed
the
tower-creds-2
branch
from
f4ded8d
to
ffcf068
Compare
| @@ -0,0 +1,25 @@ | |||
| describe ManageIQ::Providers::AnsibleTower::AutomationManager::CredentialMixin do | |||
| let(:credential) { FactoryGirl.create(:authentication) } | |||
| let(:credential_class) do | |||
There was a problem hiding this comment.
This was updated during review. Pasting my original comment since it still applies...
Please don't create class constants in the test environment. They are not limited in scope to this test and have conflicted in the past and troubleshooting is painful. Instead, if needed:
let(:test_class) do
class.new(::Authentication) do
ATTRIBUTES = []
etc...
end
endThere was a problem hiding this comment.
cool, wish I had known this earlier! Thanks
| :help_text => _('The hostname or IP address to use.'), | ||
| :max_length => 1024, | ||
| :encrypted => false, | ||
| :default => '' |
There was a problem hiding this comment.
If every default is '', why have it?
There was a problem hiding this comment.
These are all from Tower API returns (except the :encrypted which is added by me). I think they want this to be generic so that if there is fields with different defaults.
I can remove this if we want to.
|
|
||
| FIELDS = { | ||
| :description => { | ||
| :type => 'string', |
There was a problem hiding this comment.
I feel like this should be a symbol, but not sure.
|
There was a concern from @jameswnl and @bdunne how to present the "shared fields" to the UI such that they can build them dynamically, but also so that we can store them in the proper columns in the auth record. My thoughts are as follows: At the model level, I think extra attributes are a completely separate thing from regular columns, so the EXTRA_ATTRIBUTES hash would only have the extra stuff. Separately, perhaps we have a second constant that represents the "regular" columns. class ManageIQ::Providers::AnsibleTower::AutomationManager::AmazonCredential < ManageIQ::Providers::AnsibleTower::AutomationManager::CloudCredential
COMMON_ATTRIBUTES = {
:userid => {
#Might be ok to leave out type because it's column based, so just use the column type
:label => N_("Access Key"),
:help_text => N_("AWS Access Key for this credentials")
}
:password => {
:type => :password,
:label => N_("Secret Token"),
:help_text => N_("AWS Secret Token for this credentials")
}
}.freeze
EXTRA_ATTRIBUTES = {
:security_token => {
:type => :password,
:label => N_('Security Token'),
:help_text => N_('Security Token for this credential'),
:max_length => 1024
}
}.freeze
API_ATTRIBUTES = COMMON_ATTRIBUTES.merge(EXTRA_ATTRIBUTES).freeze # This also enforces that COMMON ones should be presented first
endThen,
|
jameswnl
force-pushed
the
tower-creds-2
branch
from
178fa68
to
f480692
Compare
| :label => N_('Private key'), | ||
| :help_text => N_('RSA or DSA private key to be used instead of password') | ||
| } | ||
| }.freeze |
There was a problem hiding this comment.
Does this not need API_ATTRIBUTES as well?
There was a problem hiding this comment.
yes, it does. Done. thanks
|
charting test failures ... kicking tests |
jameswnl
force-pushed
the
tower-creds-2
branch
from
f480692
to
bbe10b3
Compare
|
This pull request is not mergeable. Please rebase and repush. |
jameswnl
force-pushed
the
tower-creds-2
branch
2 times, most recently
from
59a4bce
to
aca09e2
Compare
| :type => :choice, | ||
| :label => N_('Privilege Escalation'), | ||
| :help_text => N_('Privilege escalation method'), | ||
| :choices => %w(sudo su pbrun pfexec).insert(0, '') |
There was a problem hiding this comment.
@jameswnl What is the purpose of the insert(0, ''). Is blank a valid choice, or is this for UI purposes? If the latter, then that's a UI concern, and should not be here in the model at all.
There was a problem hiding this comment.
The API takes an empty string as choice of not having escalation privilege set.
There was a problem hiding this comment.
Per offline chat with Jason, I've update this to an array
|
One more comment @jameswnl . The rest looks good to me.
Yeah, let's add that in the follow up PR that includes the API changes, if we think it belongs there. @jntullo Are you working on the API changes? |
|
@Fryguy yup I am and can add in those changes 👍 |
jameswnl
force-pushed
the
tower-creds-2
branch
from
aca09e2
to
15a8d8c
Compare
|
This pull request is not mergeable. Please rebase and repush. |
jameswnl
force-pushed
the
tower-creds-2
branch
from
15a8d8c
to
2bc24d2
Compare
|
Checked commit jameswnl@2bc24d2 with ruby 2.2.6, rubocop 0.47.1, and haml-lint 0.20.0 app/models/manageiq/providers/ansible_tower/shared/automation_manager/amazon_credential.rb
app/models/manageiq/providers/ansible_tower/shared/automation_manager/machine_credential.rb
app/models/manageiq/providers/ansible_tower/shared/automation_manager/scm_credential.rb
app/models/manageiq/providers/ansible_tower/shared/automation_manager/vmware_credential.rb
|
No description provided.