-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move injectors to ManagedCredentialType #57
Move injectors to ManagedCredentialType #57
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Putting this in my own words...
The custom logic like awx_plugins.credentials.injectors.aws
already lived here, but there was no link in the plugin definition to the custom logic. So somehow that got referenced by a literal name like "aws"
.
My only gripe would be that post_injectors
doesn't feel like a great name. Like, sure, maybe it runs after the other stuff (templates)? But it's usually an alternative to the templates, making that detail kind of irrelevant practically. It's more important that it runs custom python logic like a caveman, as opposed to any structured injector definition.
|
I'd lean towards (2) myself. |
I had an alternative idea with ansible/awx_plugins.interfaces#10 / #50 / ansible/awx#15595 FTR |
ce238b7
to
888f5b4
Compare
I slightly lean towards the sentiment @chrismeyersfsu expressed in ansible/awx#15595
But even if we did nothing, it wouldn't bother me that much, since they already live in the plugins repo. |
037a5c9
to
e56d661
Compare
@chrismeyersfsu typing change handling instructions:
|
76512fe
to
8b22499
Compare
8b22499
to
e71e0bd
Compare
5e3dea9
to
576d32d
Compare
( | ||
'py:class', | ||
'awx_plugins.interfaces._temporary_private_credential_api.Credential', | ||
), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Injectors are a bail-out mechanism for when you need to do something that the templating engine does not support, for a particular credential type. They are strongly tied to one and only one credential type. Before this change they lived far away from the ManagedCredentialType they are associated for. The link was the credential kind string was the same as the injector function name. This was a very loose coupling. This change is a tighter coupling.
* Defining an injector as code is an override. The previous name made it sound like the template engine would run, then the custom injector. This is not the case. If the custom injector is defined then the templating engine doens't run.
* ManagedCredentialType custom callback functions now use a proper Credential class defined in awx_plugins.interfaces
* I am not sure why the docs can not find the Credential class. Feels like maybe I'm pointing at a stale awx_plugins.interfaces. Also kind of feels like sphinx is confused by this repo being named awx_plugins and there being another repo/package with a similarish name so it is searching ansible/awx_plugins instead of ansible/awx_plugins.interfaces
66d9ed3
to
2663734
Compare
2663734
to
7f6ba7e
Compare
Injectors are a bail-out mechanism for when you need to do something that the templating engine does not support, for a particular credential type. They are strongly tied to one and only one credential type. Before this change they lived far away from the ManagedCredentialType they are associated for. The link was the credential kind string was the same as the injector function name. This was a very loose coupling. This change is a tighter coupling.