ansible · chrismeyersfsu · Nov 15, 2024 · Nov 15, 2024
diff --git a/awx/main/models/credential.py b/awx/main/models/credential.py
@@ -53,7 +53,6 @@
 )
 from awx.main.models import Team, Organization
 from awx.main.utils import encrypt_field
-from awx_plugins.credentials import injectors as builtin_injectors
 
 # DAB
 from ansible_base.resource_registry.tasks.sync import get_resource_server_client
@@ -429,6 +428,7 @@
         default=dict,
         help_text=_('Enter injectors using either JSON or YAML syntax. Refer to the documentation for example syntax.'),
     )
+    post_injectors = None
 
     @classmethod
     def from_db(cls, db, field_names, values):
@@ -437,6 +437,7 @@
             native = ManagedCredentialType.registry[instance.namespace]
             instance.inputs = native.inputs
             instance.injectors = native.injectors
+            instance.post_injectors = native.post_injectors
         return instance
 
     def get_absolute_url(self, request=None):
@@ -538,6 +539,7 @@
 
     @classmethod
     def load_plugin(cls, ns, plugin):
+        # TODO: User "side-loaded" credential post_injectors isn't supported
         ManagedCredentialType(namespace=ns, name=plugin.name, kind='external', inputs=plugin.inputs)
 
     def inject_credential(self, credential, env, safe_env, args, private_data_dir):
@@ -566,9 +568,9 @@
                                  files)
         """
         if not self.injectors:
-            if self.managed and credential.credential_type.namespace in dir(builtin_injectors):
+            if self.managed and credential.credential_type.post_injectors:
                 injected_env = {}
-                getattr(builtin_injectors, credential.credential_type.namespace)(credential, injected_env, private_data_dir)
+                credential.credential_type.post_injectors(credential, injected_env, private_data_dir)
                 env.update(injected_env)
                 safe_env.update(build_safe_env(injected_env))
             return
@@ -678,6 +680,7 @@
         for k in ('inputs', 'injectors'):
             if k not in kwargs:
                 kwargs[k] = {}
+        kwargs.setdefault('post_injectors', None)
         super(ManagedCredentialType, self).__init__(namespace=namespace, **kwargs)
         if namespace in ManagedCredentialType.registry:
             raise ValueError(

diff --git a/requirements/requirements_git.txt b/requirements/requirements_git.txt
@@ -2,5 +2,5 @@ git+https://github.com/ansible/system-certifi.git@devel#egg=certifi
 # Remove pbr from requirements.in when moving ansible-runner to requirements.in
 git+https://github.com/ansible/ansible-runner.git@devel#egg=ansible-runner
 django-ansible-base @ git+https://github.com/ansible/django-ansible-base@devel#egg=django-ansible-base[rest_filters,jwt_consumer,resource_registry,rbac]
-awx-plugins-core @ git+https://[email protected]/ansible/awx-plugins.git@devel#egg=awx-plugins-core
+awx-plugins-core @ git+https://[email protected]/chrismeyersfsu/awx-plugins.git@AAP-35749-move-inject-credential#egg=awx-plugins-core
 awx_plugins.interfaces @ git+https://github.com/ansible/awx_plugins.interfaces.git