diff options
| author | Ryan Petrello <rpetrell@redhat.com> | 2020-04-15 15:58:40 +0200 |
|---|---|---|
| committer | Ryan Petrello <rpetrell@redhat.com> | 2020-04-15 15:59:09 +0200 |
| commit | 8464ec5c49a9f2376b862b8b352956abca89ee3f (patch) | |
| tree | 3f4cab3d95b41b776b4cc852b3f9ecd424f683ca /docs | |
| parent | Merge pull request #6712 from ryanpetrello/tcp-timeout (diff) | |
| download | awx-8464ec5c49a9f2376b862b8b352956abca89ee3f.tar.xz awx-8464ec5c49a9f2376b862b8b352956abca89ee3f.zip | |
update custom credential plugin docs to point at an example project
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/credentials/credential_plugins.md | 74 |
1 files changed, 1 insertions, 73 deletions
diff --git a/docs/credentials/credential_plugins.md b/docs/credentials/credential_plugins.md index f60532ddf4..27ce7fbb31 100644 --- a/docs/credentials/credential_plugins.md +++ b/docs/credentials/credential_plugins.md @@ -49,79 +49,7 @@ registered using setuptools entrypoints Example plugins officially supported in AWX can be found in the source code at `awx.main.credential_plugins`. -Credential plugins are any Python object which defines attribute lookups for `.name`, `.inputs`, and `.backend`: - -```python -import collections - -CredentialPlugin = collections.namedtuple('CredentialPlugin', ['name', 'inputs', 'backend']) - -def some_callable(value_from_awx, **kwargs): - return some_libary.get_secret_key( - url=kwargs['url'], - token=kwargs['token'], - key=kwargs['secret_key'] - ) - -some_fancy_plugin = CredentialPlugin( - 'My Plugin Name', - # inputs will be used to create a new CredentialType() instance - # - # inputs.fields represents fields the user will specify *when they create* - # a credential of this type; they generally represent fields - # used for authentication (URL to the credential management system, any - # fields necessary for authentication, such as an OAuth2.0 token, or - # a username and password). They're the types of values you set up _once_ - # in AWX - # - # inputs.metadata represents values the user will specify *every time - # they link two credentials together* - # this is generally _pathing_ information about _where_ in the external - # management system you can find the value you care about i.e., - # - # "I would like Machine Credential A to retrieve its username using - # Credential-O-Matic B at secret_key=some_key" - inputs={ - 'fields': [{ - 'id': 'url', - 'label': 'Server URL', - 'type': 'string', - }, { - 'id': 'token', - 'label': 'Authentication Token', - 'type': 'string', - 'secret': True, - }], - 'metadata': [{ - 'id': 'secret_key', - 'label': 'Secret Key', - 'type': 'string', - 'help_text': 'The value of the key in My Credential System to fetch.' - }], - 'required': ['url', 'token', 'secret_key'], - }, - # backend is a callable function which will be passed all of the values - # defined in `inputs`; this function is responsible for taking the arguments, - # interacting with the third party credential management system in question - # using Python code, and returning the value from the third party - # credential management system - backend = some_callable -``` - -Plugins are registered by specifying an entry point in the `setuptools.setup()` -call (generally in the package's `setup.py` file - https://github.com/ansible/awx/blob/devel/setup.py): - -```python -setuptools.setup( - ..., - entry_points = { - ..., - 'awx.credential_plugins': [ - 'fancy_plugin = awx.main.credential_plugins.fancy:some_fancy_plugin', - ] - } -) -``` +For instructions on writing and installing your own custom credential plugin, see: https://github.com/ansible/awx-custom-credential-plugin-example Programmatic Secret Fetching ---------------------------- |