Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add auth_mode to azure_rm_storageblob #1315

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 7 additions & 3 deletions plugins/module_utils/azure_rm_common.py
Original file line number Diff line number Diff line change
Expand Up @@ -675,19 +675,23 @@ def check_provisioning_state(self, azure_object, requested_state='present'):
self.fail("Error {0} has a provisioning state of {1}. Expecting state to be {2}.".format(
azure_object.name, azure_object.provisioning_state, AZURE_SUCCESS_STATE))

def get_blob_service_client(self, resource_group_name, storage_account_name):
def get_blob_service_client(self, resource_group_name, storage_account_name, auth_mode='key'):
try:
self.log("Getting storage account detail")
account = self.storage_client.storage_accounts.get_properties(resource_group_name=resource_group_name, account_name=storage_account_name)
account_keys = self.storage_client.storage_accounts.list_keys(resource_group_name=resource_group_name, account_name=storage_account_name)
if auth_mode == 'login' and self.azure_auth.credentials.get('credential'):
credential = self.azure_auth.credentials['credential']
else:
account_keys = self.storage_client.storage_accounts.list_keys(resource_group_name=resource_group_name, account_name=storage_account_name)
credential = account_keys.keys[0].value
except Exception as exc:
self.fail("Error getting storage account detail for {0}: {1}".format(storage_account_name, str(exc)))

try:
self.log("Create blob service client")
return BlobServiceClient(
account_url=account.primary_endpoints.blob,
credential=account_keys.keys[0].value,
credential=credential,
)
except Exception as exc:
self.fail("Error creating blob service client for storage account {0} - {1}".format(storage_account_name, str(exc)))
Expand Down
20 changes: 19 additions & 1 deletion plugins/modules/azure_rm_storageblob.py
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,17 @@
- the module can work exclusively in three modes, when C(batch_upload_src) is set, it is working in batch upload mode;
when C(src) is set, it is working in upload mode and when C(dst) is set, it is working in dowload mode.
options:
auth_mode:
description:
- The mode in which to run the command. C(login) mode will directly use your login credentials for the authentication.
- The legacy C(key) mode will attempt to query for an account key if no authentication parameters for the account are provided.
- Can also be set via the environment variable C(AZURE_STORAGE_AUTH_MODE).
default: key
type: str
choices:
- key
- login
version_added: "1.19.0"
storage_account_name:
description:
- Name of the storage account to use.
Expand Down Expand Up @@ -214,13 +225,20 @@
pass

from ansible_collections.azure.azcollection.plugins.module_utils.azure_rm_common import AzureRMModuleBase
from ansible.module_utils.basic import env_fallback
ephracis marked this conversation as resolved.
Show resolved Hide resolved


class AzureRMStorageBlob(AzureRMModuleBase):

def __init__(self):

self.module_arg_spec = dict(
auth_mode=dict(
type='str',
choices=['key', 'login'],
fallback=(env_fallback, ['AZURE_STORAGE_AUTH_MODE']),
default="key"
),
storage_account_name=dict(required=True, type='str', aliases=['account_name', 'storage_account']),
blob=dict(type='str', aliases=['blob_name']),
blob_type=dict(type='str', default='block', choices=['block', 'page']),
Expand Down Expand Up @@ -281,7 +299,7 @@ def exec_module(self, **kwargs):

# add file path validation

self.blob_service_client = self.get_blob_service_client(self.resource_group, self.storage_account_name)
self.blob_service_client = self.get_blob_service_client(self.resource_group, self.storage_account_name, self.auth_mode)
self.container_obj = self.get_container()
if self.blob:
self.blob_obj = self.get_blob()
Expand Down
2 changes: 2 additions & 0 deletions tests/integration/targets/azure_rm_storageblob/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,14 @@

- name: Create container
azure_rm_storageblob:
auth_mode: login
resource_group: "{{ resource_group }}"
account_name: "{{ storage_account }}"
container_name: my-blobs

- name: Force upload blob
azure_rm_storageblob:
auth_mode: login
resource_group: "{{ resource_group }}"
account_name: "{{ storage_account }}"
container_name: my-blobs
Expand Down