diff --git a/calm/dsl/api/util.py b/calm/dsl/api/util.py index c4e47bea..8f8eb997 100644 --- a/calm/dsl/api/util.py +++ b/calm/dsl/api/util.py @@ -122,6 +122,35 @@ def strip_entity_secret_variables( not_stripped_secrets.append( (path_list + [field_name, var_idx], variable["value"]) ) + # For dynamic variables having http task with auth + opts = variable.get("options", None) + auth = None + if opts: + auth = opts["attrs"].get("authentication", None) + if auth and auth.get("auth_type") == "basic": + basic_auth = auth.get("basic_auth") + username = basic_auth.get("username") + password = basic_auth.pop("password") + secret_variables.append( + ( + path_list + + [ + field_name, + var_idx, + "options", + "attrs", + "authentication", + "basic_auth", + "password", + ], + password.get("value", None), + username, + ) + ) + basic_auth["password"] = { + "value": None, + "attrs": {"is_secret_modified": False}, + } def strip_action_secret_variables(path_list, obj): diff --git a/calm/dsl/decompile/runbook.py b/calm/dsl/decompile/runbook.py index 117ac047..4d1debd9 100644 --- a/calm/dsl/decompile/runbook.py +++ b/calm/dsl/decompile/runbook.py @@ -85,7 +85,14 @@ def render_runbook_template( ) variables = [] for variable in runbook_cls.variables: - variables.append(render_variable_template(variable, entity_context)) + variables.append( + render_variable_template( + variable, + entity_context, + credentials_list=credentials_list, + rendered_credential_list=rendered_credential_list, + ) + ) secret_files = get_secret_variable_files() secret_files.extend(get_cred_files()) if not (variables or tasks): diff --git a/calm/dsl/decompile/schemas/task_http_delete.py.jinja2 b/calm/dsl/decompile/schemas/task_http_delete.py.jinja2 index 21e863de..2d9c60f0 100644 --- a/calm/dsl/decompile/schemas/task_http_delete.py.jinja2 +++ b/calm/dsl/decompile/schemas/task_http_delete.py.jinja2 @@ -1,12 +1,12 @@ {%- macro http_delete_task(obj) -%} {%- if obj.target is not defined and obj.attrs.request_body is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.delete({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.delete({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %}{% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- elif obj.target is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.delete({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.delete({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %}{% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- elif obj.attrs.request_body is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.delete({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.delete({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %}{% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- else %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.delete({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.delete({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %}{% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- endif %} {%- endmacro %} diff --git a/calm/dsl/decompile/schemas/task_http_get.py.jinja2 b/calm/dsl/decompile/schemas/task_http_get.py.jinja2 index 91a3719a..a391069f 100644 --- a/calm/dsl/decompile/schemas/task_http_get.py.jinja2 +++ b/calm/dsl/decompile/schemas/task_http_get.py.jinja2 @@ -1,8 +1,8 @@ {%- macro http_get_task(obj) -%} {%- if obj.target is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.get({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference %}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.get({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference %}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- else %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.get({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference %}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.get({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %}{% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference %}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- endif %} {%- endmacro %} diff --git a/calm/dsl/decompile/schemas/task_http_post.py.jinja2 b/calm/dsl/decompile/schemas/task_http_post.py.jinja2 index 39b50e4a..79ac5296 100644 --- a/calm/dsl/decompile/schemas/task_http_post.py.jinja2 +++ b/calm/dsl/decompile/schemas/task_http_post.py.jinja2 @@ -1,12 +1,12 @@ {%- macro http_post_task(obj) -%} {%- if obj.target is not defined and obj.attrs.request_body is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.post({%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.post({%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- elif obj.target is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.post({%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.post({%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- elif obj.attrs.request_body is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.post({%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.post({%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- else %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.post({%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.post({%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- endif %} {%- endmacro %} diff --git a/calm/dsl/decompile/schemas/task_http_put.py.jinja2 b/calm/dsl/decompile/schemas/task_http_put.py.jinja2 index 4557927a..c414408c 100644 --- a/calm/dsl/decompile/schemas/task_http_put.py.jinja2 +++ b/calm/dsl/decompile/schemas/task_http_put.py.jinja2 @@ -1,12 +1,12 @@ {%- macro http_put_task(obj) -%} {%- if obj.target is not defined and obj.attrs.request_body is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.put({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.put({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- elif obj.target is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.put({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.put({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}'{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- elif obj.attrs.request_body is not defined %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.put({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.put({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- else %} -{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.put({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) +{%- if obj.calm_var_task %}CalmVarTask{%- else %}CalmTask{%- endif %}.HTTP.put({%- if obj.relative_url %}relative_url={%- endif %}{%- if obj.attrs.url %}'{{obj.attrs.url}}', {%- endif %}body=json.dumps({{obj.attrs.request_body}}), headers={{obj.headers}}, secret_headers={{obj.secret_headers}} , content_type='{{obj.attrs.content_type}}', verify={{obj.attrs.tls_verify}}, status_mapping={{obj.status_mapping}}, response_paths={{obj.response_paths}}, name='{{obj.name}}', target={{obj.target}}{%- if obj.cred %}, cred={{obj.cred}}{%- endif %} {% if obj.credentials_list %}, credential={{obj.credentials_list | replace("'","")}}{% endif %} {%- if obj.attrs.tunnel_reference%}, tunnel=Ref.Tunnel(name="{{ obj.attrs.tunnel_reference.name }}"){%- endif %} {%- if obj.attrs.relative_url %}, relative_url='{{obj.attrs.relative_url}}'{%- endif %}) {%- endif %} {%- endmacro %} diff --git a/calm/dsl/decompile/task.py b/calm/dsl/decompile/task.py index ce7cf981..2f95b4cb 100644 --- a/calm/dsl/decompile/task.py +++ b/calm/dsl/decompile/task.py @@ -4,7 +4,11 @@ from calm.dsl.decompile.render import render_template from calm.dsl.decompile.ndb import get_schema_file_and_user_attrs from calm.dsl.decompile.ref import render_ref_template -from calm.dsl.decompile.credential import get_cred_var_name +from calm.dsl.builtins import CredentialType +from calm.dsl.decompile.credential import ( + get_cred_var_name, + render_credential_template, +) from calm.dsl.decompile.file_handler import get_scripts_dir, get_scripts_dir_key from calm.dsl.builtins import TaskType from calm.dsl.db.table_config import AccountCache @@ -22,6 +26,8 @@ def render_task_template( CONFIG_SPEC_MAP={}, context="", secrets_dict=[], + credentials_list=[], + rendered_credential_list=[], ): LOG.debug("Rendering {} task template".format(cls.name)) if not isinstance(cls, TaskType): @@ -148,6 +154,17 @@ def render_task_template( getattr(auth_cred, "name", "") or auth_cred.__name__ ) ) + elif auth_type == "basic": + cred_dict = { + "username": auth_obj["username"], + "password": auth_obj["password"], + "type": "PASSWORD", + } + cred = CredentialType.decompile(cred_dict) + rendered_credential_list.append(render_credential_template(cred)) + cred = get_cred_var_name(cred.name) + user_attrs["credentials_list"] = cred + credentials_list.append(cred) user_attrs["response_paths"] = attrs.get("response_paths", {}) method = attrs["method"] diff --git a/calm/dsl/decompile/variable.py b/calm/dsl/decompile/variable.py index baec8d2f..58b64ee6 100644 --- a/calm/dsl/decompile/variable.py +++ b/calm/dsl/decompile/variable.py @@ -10,7 +10,14 @@ SECRET_VAR_FILES = [] -def render_variable_template(cls, entity_context, context="", secrets_dict=[]): +def render_variable_template( + cls, + entity_context, + context="", + secrets_dict=[], + credentials_list=[], + rendered_credential_list=[], +): LOG.debug("Rendering {} variable template".format(cls.__name__)) if not isinstance(cls, VariableType): @@ -149,7 +156,10 @@ def render_variable_template(cls, entity_context, context="", secrets_dict=[]): task = TaskType.decompile(options) task.__name__ = "SampleTask" user_attrs["value"] = render_task_template( - task, entity_context=entity_context + task, + entity_context=entity_context, + credentials_list=credentials_list, + rendered_credential_list=rendered_credential_list, ) if data_type == "BASE": diff --git a/tests/unit/jsons/runbook_http_var.json b/tests/unit/jsons/runbook_http_var.json new file mode 100644 index 00000000..8bf2e5a1 --- /dev/null +++ b/tests/unit/jsons/runbook_http_var.json @@ -0,0 +1,292 @@ +{ + "status": { + "description": "", + "message_list": [], + "name": "test_var_decompile", + "state": "ACTIVE", + "critical": false, + "attrs": {}, + "resources": { + "endpoints_information": [], + "endpoint_definition_list": [], + "credential_definition_list": [ + { + "username": "admin", + "description": "", + "state": "ACTIVE", + "message_list": [], + "uuid": "4e0f475c-acf9-5e00-e073-d03e3b7770b6", + "secret": { + "attrs": { + "is_secret_modified": false, + "secret_reference": {} + } + }, + "editables": {}, + "cred_class": "static", + "type": "PASSWORD", + "name": "c111" + } + ], + "runbook": { + "task_definition_list": [ + { + "retries": "0", + "description": "", + "type": "DAG", + "uuid": "9c21fd89-d2c7-084a-a1b5-f40ee8fc275f", + "child_tasks_local_reference_list": [ + { + "kind": "app_task", + "name": "Task 1", + "uuid": "2f3d09c3-7100-a908-b4ac-66c2d76c4315" + } + ], + "state": "ACTIVE", + "attrs": { + "edges": [], + "type": "" + }, + "timeout_secs": "0", + "inherit_target": false, + "message_list": [], + "variable_list": [], + "name": "a8d5a418_dag" + }, + { + "target_any_local_reference": { + "kind": "app_endpoint", + "name": "ep2", + "uuid": "c1b409e3-3135-42d6-615c-2d4c0361f43b" + }, + "retries": "0", + "description": "", + "type": "EXEC", + "uuid": "2f3d09c3-7100-a908-b4ac-66c2d76c4315", + "child_tasks_local_reference_list": [], + "state": "ACTIVE", + "attrs": { + "script_type": "sh", + "type": "", + "command_line_args": "", + "exit_status": [], + "script": "echo \"hello\"" + }, + "timeout_secs": "0", + "inherit_target": false, + "message_list": [], + "variable_list": [], + "name": "Task 1" + } + ], + "description": "", + "message_list": [], + "uuid": "ed37a255-f657-8a76-affc-672903587318", + "state": "ACTIVE", + "variable_list": [ + { + "regex": {}, + "val_type": "STRING", + "is_mandatory": false, + "description": "", + "data_type": "BASE", + "message_list": [], + "uuid": "4689ecc1-3a79-b4da-9616-0904187e19f8", + "value": "", + "label": "", + "state": "ACTIVE", + "attrs": { + "type": "" + }, + "editables": { + "value": true + }, + "is_hidden": false, + "type": "HTTP_LOCAL", + "options": { + "type": "HTTP", + "attrs": { + "expected_response_params": [ + { + "status": "SUCCESS", + "code": 200, + "type": "" + } + ], + "request_body": "", + "retry_count": 1, + "url": "/a/b/c", + "response_paths": { + "http_dyn_var_get": "$.x.y" + }, + "retry_interval": 1, + "proxy_type": "", + "headers": [], + "authentication": { + "username": "admin", + "password": { + "attrs": { + "is_secret_modified": false, + "secret_reference": {} + } + }, + "type": "basic" + }, + "tls_verify": false, + "content_type": "application/json", + "connection_timeout": 120, + "type": "HTTP", + "method": "GET" + } + }, + "name": "http_dyn_var_get" + } + ], + "main_task_local_reference": { + "kind": "app_task", + "name": "a8d5a418_dag", + "uuid": "9c21fd89-d2c7-084a-a1b5-f40ee8fc275f" + }, + "name": "3d01474d_runbook" + }, + "type": "workflow", + "default_target_reference": { + "kind": "app_endpoint", + "name": "ep2", + "uuid": "c1b409e3-3135-42d6-615c-2d4c0361f43b" + } + } + }, + "spec": { + "name": "test_var_decompile", + "resources": { + "runbook": { + "main_task_local_reference": { + "kind": "app_task", + "uuid": "9c21fd89-d2c7-084a-a1b5-f40ee8fc275f" + }, + "task_definition_list": [ + { + "attrs": { + "edges": [] + }, + "type": "DAG", + "name": "a8d5a418_dag", + "child_tasks_local_reference_list": [ + { + "kind": "app_task", + "uuid": "2f3d09c3-7100-a908-b4ac-66c2d76c4315" + } + ], + "uuid": "9c21fd89-d2c7-084a-a1b5-f40ee8fc275f" + }, + { + "target_any_local_reference": { + "kind": "app_endpoint", + "uuid": "c1b409e3-3135-42d6-615c-2d4c0361f43b", + "name": "ep2" + }, + "uuid": "2f3d09c3-7100-a908-b4ac-66c2d76c4315", + "inherit_target": false, + "child_tasks_local_reference_list": [], + "attrs": { + "script_type": "sh", + "script": "echo \"hello\"" + }, + "type": "EXEC", + "variable_list": [], + "name": "Task 1" + } + ], + "name": "3d01474d_runbook", + "variable_list": [ + { + "val_type": "STRING", + "name": "http_dyn_var_get", + "data_type": "BASE", + "uuid": "4689ecc1-3a79-b4da-9616-0904187e19f8", + "label": "", + "attrs": {}, + "editables": { + "value": true + }, + "is_hidden": false, + "type": "HTTP_LOCAL", + "options": { + "type": "HTTP", + "attrs": { + "expected_response_params": [ + { + "status": "SUCCESS", + "code": "200" + } + ], + "headers": [], + "url": "/a/b/c", + "response_paths": { + "http_dyn_var_get": "$.x.y" + }, + "retry_interval": 1, + "retry_count": 1, + "authentication": { + "username": "admin", + "password": { + "attrs": { + "is_secret_modified": false + } + }, + "type": "basic" + }, + "content_type": "application/json", + "connection_timeout": 120, + "type": "HTTP", + "method": "GET" + } + }, + "description": "" + } + ], + "uuid": "ed37a255-f657-8a76-affc-672903587318" + }, + "endpoint_definition_list": [], + "credential_definition_list": [ + { + "username": "admin", + "uuid": "4e0f475c-acf9-5e00-e073-d03e3b7770b6", + "secret": { + "attrs": { + "is_secret_modified": false + } + }, + "cred_class": "static", + "type": "PASSWORD", + "name": "c111" + } + ], + "default_target_reference": { + "kind": "app_endpoint", + "uuid": "c1b409e3-3135-42d6-615c-2d4c0361f43b", + "name": "ep2" + } + } + }, + "api_version": "3.0", + "metadata": { + "last_update_time": "1696930012521107", + "owner_reference": { + "kind": "user", + "uuid": "00000000-0000-0000-0000-000000000000", + "name": "admin" + }, + "kind": "runbook", + "uuid": "16d5478a-ce86-5393-7f6f-b6c5abd94b25", + "project_reference": { + "kind": "project", + "name": "default", + "uuid": "7702830e-e0c0-430b-91ed-f8259c5d72fe" + }, + "spec_version": 7, + "creation_time": "1695970830674979", + "name": "test_var_decompile" + } +} \ No newline at end of file diff --git a/tests/unit/test_decompile_http_var_with_basic_auth.py b/tests/unit/test_decompile_http_var_with_basic_auth.py new file mode 100644 index 00000000..3c2c44d2 --- /dev/null +++ b/tests/unit/test_decompile_http_var_with_basic_auth.py @@ -0,0 +1,34 @@ +import os +import json +import shutil +from calm.dsl.runbooks import RunbookType +from calm.dsl.decompile.variable import render_variable_template +from calm.dsl.decompile.file_handler import init_runbook_dir + + +def test_runbook_var_with_basic_creds(): + _, _, script_dir = init_runbook_dir( + "./tests/test_runbook_http_var_with_basic_auth/" + ) + dir_path = os.path.dirname(os.path.realpath(__file__)) + file_path = os.path.join(dir_path, "jsons/runbook_http_var.json") + rb_dict = json.loads(open(file_path).read()) + rb_cls = RunbookType.decompile(rb_dict["status"]["resources"]["runbook"]) + credentials_list = [] + rendered_credential_list = [] + variables = [] + for variable in rb_cls.variables: + variables.append( + render_variable_template( + variable, + "", + credentials_list=credentials_list, + rendered_credential_list=rendered_credential_list, + ) + ) + assert len(credentials_list) == 1, "Basic auth in variable was not decompiled" + shutil.rmtree(script_dir) + + +if __name__ == "__main__": + test_runbook_var_with_basic_creds()