Skip to content

Commit

Permalink
Respect AZURE_CLIENT_ID, ANSIBLE_AZURE_AUTH_SOURCE on inventory plugin (
Browse files Browse the repository at this point in the history
#713)

* Attemp to pull environment variables if not set.

* Set ansible azure auth source further upstream

* Updates to documentation

* Update plugins/doc_fragments/azure.py

Co-authored-by: Fred-sun <37327967+Fred-sun@users.noreply.github.com>

* doc_fragments/azure.py Documentation update

* Update plugins/doc_fragments/azure.py

Co-authored-by: Fred-sun <37327967+Fred-sun@users.noreply.github.com>

* Move all logic within azure_rm_common.py

* Removed unused import

* Move back to setting auth source in inventory

---------

Co-authored-by: Fred-sun <37327967+Fred-sun@users.noreply.github.com>
  • Loading branch information
kingsleyadam and Fred-sun authored Mar 22, 2024
1 parent 56fd8ab commit d753177
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 2 deletions.
3 changes: 2 additions & 1 deletion plugins/doc_fragments/azure.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ class ModuleDocFragment(object):
type: str
client_id:
description:
- Azure client ID. Use when authenticating with a Service Principal.
- Azure client ID. Use when authenticating with a Service Principal or Managed Identity (msi).
- Can also be set via the C(AZURE_CLIENT_ID) environment variable.
type: str
secret:
description:
Expand Down
4 changes: 3 additions & 1 deletion plugins/inventory/azure_rm.py
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,7 @@
from ansible.module_utils.parsing.convert_bool import boolean
from ansible.module_utils._text import to_native, to_bytes, to_text
from itertools import chain
from os import environ

try:
from azure.core._pipeline_client import PipelineClient
Expand Down Expand Up @@ -234,8 +235,9 @@ def parse(self, inventory, loader, path, cache=True):
raise

def _credential_setup(self):
auth_source = environ.get('ANSIBLE_AZURE_AUTH_SOURCE', None) or self.get_option('auth_source')
auth_options = dict(
auth_source=self.get_option('auth_source'),
auth_source=auth_source,
profile=self.get_option('profile'),
subscription_id=self.get_option('subscription_id'),
client_id=self.get_option('client_id'),
Expand Down
1 change: 1 addition & 0 deletions plugins/module_utils/azure_rm_common.py
Original file line number Diff line number Diff line change
Expand Up @@ -1606,6 +1606,7 @@ def _get_msi_credentials(self, subscription_id=None, client_id=None, _cloud_envi
except Exception as exc:
self.fail("cloud_environment {0} could not be resolved: {1}".format(_cloud_environment, str(exc)), exception=traceback.format_exc())

client_id = client_id or self._get_env('client_id')
credential = managed_identity.ManagedIdentityCredential(client_id=client_id, cloud_environment=cloud_environment)
subscription_id = subscription_id or self._get_env('subscription_id')
if not subscription_id:
Expand Down

0 comments on commit d753177

Please sign in to comment.