From 4dc897d559cd631554691a2a4d3d82e34325686c Mon Sep 17 00:00:00 2001 From: Eric C Chong Date: Thu, 5 Jan 2023 15:36:07 -0500 Subject: [PATCH] redhat_subscription: Add support for Red Hat API token (#5725) Add support for Red Hat API token fix mixed up fix version --- ...hat_subscription-add-red-hat-api-token.yml | 2 ++ plugins/modules/redhat_subscription.py | 24 ++++++++++---- .../modules/test_redhat_subscription.py | 31 +++++++++++++++++++ 3 files changed, 51 insertions(+), 6 deletions(-) create mode 100644 changelogs/fragments/5725-redhat_subscription-add-red-hat-api-token.yml diff --git a/changelogs/fragments/5725-redhat_subscription-add-red-hat-api-token.yml b/changelogs/fragments/5725-redhat_subscription-add-red-hat-api-token.yml new file mode 100644 index 0000000000..980e91ceb2 --- /dev/null +++ b/changelogs/fragments/5725-redhat_subscription-add-red-hat-api-token.yml @@ -0,0 +1,2 @@ +minor_changes: + - redhat_subscription - adds ``token`` parameter for subscription-manager authentication using Red Hat API token (https://github.com/ansible-collections/community.general/pull/5725). diff --git a/plugins/modules/redhat_subscription.py b/plugins/modules/redhat_subscription.py index 8836b78564..2649092e8a 100644 --- a/plugins/modules/redhat_subscription.py +++ b/plugins/modules/redhat_subscription.py @@ -40,6 +40,11 @@ options: description: - access.redhat.com or Red Hat Satellite or Katello password type: str + token: + description: + - sso.redhat.com API access token. + type: str + version_added: 6.3.0 server_hostname: description: - Specify an alternative Red Hat Subscription Management or Red Hat Satellite or Katello server @@ -294,10 +299,11 @@ class RegistrationBase(object): REDHAT_REPO = "/etc/yum.repos.d/redhat.repo" - def __init__(self, module, username=None, password=None): + def __init__(self, module, username=None, password=None, token=None): self.module = module self.username = username self.password = password + self.token = token def configure(self): raise NotImplementedError("Must be implemented by a sub-class") @@ -340,8 +346,8 @@ class RegistrationBase(object): class Rhsm(RegistrationBase): - def __init__(self, module, username=None, password=None): - RegistrationBase.__init__(self, module, username, password) + def __init__(self, module, username=None, password=None, token=None): + RegistrationBase.__init__(self, module, username, password, token) self.module = module def enable(self): @@ -397,7 +403,7 @@ class Rhsm(RegistrationBase): else: return False - def register(self, username, password, auto_attach, activationkey, org_id, + def register(self, username, password, token, auto_attach, activationkey, org_id, consumer_type, consumer_name, consumer_id, force_register, environment, release): ''' @@ -433,6 +439,8 @@ class Rhsm(RegistrationBase): if activationkey: args.extend(['--activationkey', activationkey]) + elif token: + args.extend(['--token', token]) else: if username: args.extend(['--username', username]) @@ -794,6 +802,7 @@ def main(): 'state': {'default': 'present', 'choices': ['present', 'absent']}, 'username': {}, 'password': {'no_log': True}, + 'token': {'no_log': True}, 'server_hostname': {}, 'server_insecure': {}, 'server_prefix': {}, @@ -831,17 +840,20 @@ def main(): ['server_proxy_hostname', 'server_proxy_port'], ['server_proxy_user', 'server_proxy_password']], mutually_exclusive=[['activationkey', 'username'], + ['activationkey', 'token'], + ['token', 'username'], ['activationkey', 'consumer_id'], ['activationkey', 'environment'], ['activationkey', 'auto_attach'], ['pool', 'pool_ids']], - required_if=[['state', 'present', ['username', 'activationkey'], True]], + required_if=[['state', 'present', ['username', 'activationkey', 'token'], True]], ) rhsm.module = module state = module.params['state'] username = module.params['username'] password = module.params['password'] + token = module.params['token'] server_hostname = module.params['server_hostname'] server_insecure = module.params['server_insecure'] server_prefix = module.params['server_prefix'] @@ -914,7 +926,7 @@ def main(): try: rhsm.enable() rhsm.configure(**module.params) - rhsm.register(username, password, auto_attach, activationkey, org_id, + rhsm.register(username, password, token, auto_attach, activationkey, org_id, consumer_type, consumer_name, consumer_id, force_register, environment, release) if syspurpose and 'sync' in syspurpose and syspurpose['sync'] is True: diff --git a/tests/unit/plugins/modules/test_redhat_subscription.py b/tests/unit/plugins/modules/test_redhat_subscription.py index 865f041141..e3f4cdd812 100644 --- a/tests/unit/plugins/modules/test_redhat_subscription.py +++ b/tests/unit/plugins/modules/test_redhat_subscription.py @@ -102,6 +102,37 @@ TEST_CASES = [ 'msg': "System successfully registered to 'satellite.company.com'." } ], + # Test simple registration using token + [ + { + 'state': 'present', + 'server_hostname': 'satellite.company.com', + 'token': 'fake_token', + }, + { + 'id': 'test_registeration_token', + 'run_command.calls': [ + ( + ['/testbin/subscription-manager', 'identity'], + {'check_rc': False}, + (1, '', '') + ), + ( + ['/testbin/subscription-manager', 'config', '--server.hostname=satellite.company.com'], + {'check_rc': True}, + (0, '', '') + ), + ( + ['/testbin/subscription-manager', 'register', + '--token', 'fake_token'], + {'check_rc': True, 'expand_user_and_vars': False}, + (0, '', '') + ) + ], + 'changed': True, + 'msg': "System successfully registered to 'satellite.company.com'." + } + ], # Test unregistration, when system is unregistered [ {