mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-26 14:41:23 -07:00
Create onepassword_ssh_key
plugin (#9580)
* add 1password_ssh_key lookup
* refactor
* Delete onepassword_ssh_key.py
* Revert "Delete onepassword_ssh_key.py"
This reverts commit e17ff7e232
.
* Delete onepassword_ssh_key.py
* add tests
* add test license
* cleanup
* refactor
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix indentation
* fix RETURN indentation
* use get_option to get ssh_format
* linting
* update project year in copyright
* add plugin to BOTMETA.yml
* use OnePassCLIv2's get_raw and use OnePass's token
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
af0118278b
commit
25a262bdcf
6 changed files with 252 additions and 0 deletions
|
@ -293,3 +293,39 @@ MOCK_ENTRIES = {
|
|||
},
|
||||
],
|
||||
}
|
||||
|
||||
SSH_KEY_MOCK_ENTRIES = [
|
||||
# loads private key in PKCS#8 format by default
|
||||
{
|
||||
"vault_name": "Personal",
|
||||
"queries": ["ssh key"],
|
||||
"expected": [
|
||||
"-----BEGIN PRIVATE KEY-----\n..........=\n-----END PRIVATE KEY-----\n"
|
||||
],
|
||||
"output": load_file("ssh_key_output.json"),
|
||||
},
|
||||
# loads private key in PKCS#8 format becasue ssh_format=false
|
||||
{
|
||||
"vault_name": "Personal",
|
||||
"queries": ["ssh key"],
|
||||
"kwargs": {
|
||||
"ssh_format": False,
|
||||
},
|
||||
"expected": [
|
||||
"-----BEGIN PRIVATE KEY-----\n..........=\n-----END PRIVATE KEY-----\n"
|
||||
],
|
||||
"output": load_file("ssh_key_output.json"),
|
||||
},
|
||||
# loads private key in ssh format
|
||||
{
|
||||
"vault_name": "Personal",
|
||||
"queries": ["ssh key"],
|
||||
"kwargs": {
|
||||
"ssh_format": True,
|
||||
},
|
||||
"expected": [
|
||||
"-----BEGIN OPENSSH PRIVATE KEY-----\r\n.....\r\n-----END OPENSSH PRIVATE KEY-----\r\n"
|
||||
],
|
||||
"output": load_file("ssh_key_output.json"),
|
||||
},
|
||||
]
|
||||
|
|
|
@ -0,0 +1,57 @@
|
|||
{
|
||||
"id": "wdtryfeh3jlx2dlanqgg4dqxmy",
|
||||
"title": "ssh key",
|
||||
"version": 1,
|
||||
"vault": {
|
||||
"id": "5auhrjy66hc7ndhe2wvym6gadv",
|
||||
"name": "Personal"
|
||||
},
|
||||
"category": "SSH_KEY",
|
||||
"last_edited_by": "LSGPJERUYBH7BFPHMZ2KKGL6AU",
|
||||
"created_at": "2025-01-10T16:57:16Z",
|
||||
"updated_at": "2025-01-10T16:57:16Z",
|
||||
"additional_information": "SHA256:frHmQAgblahD5HHgNj2O714",
|
||||
"fields": [
|
||||
{
|
||||
"id": "public_key",
|
||||
"type": "STRING",
|
||||
"label": "public key",
|
||||
"value": "ssh-ed255.....",
|
||||
"reference": "op://Personal/ssh key/public key"
|
||||
},
|
||||
{
|
||||
"id": "fingerprint",
|
||||
"type": "STRING",
|
||||
"label": "fingerprint",
|
||||
"value": "SHA256:frHmQAgy7zBKeFDxHMW0QltZ/5O4N8gD5HHgNj2O614",
|
||||
"reference": "op://Personal/ssh key/fingerprint"
|
||||
},
|
||||
{
|
||||
"id": "private_key",
|
||||
"type": "SSHKEY",
|
||||
"label": "private key",
|
||||
"value": "-----BEGIN PRIVATE KEY-----\n..........=\n-----END PRIVATE KEY-----\n",
|
||||
"reference": "op://Personal/ssh key/private key",
|
||||
"ssh_formats": {
|
||||
"openssh": {
|
||||
"reference": "op://Personal/ssh key/private key?ssh-format=openssh",
|
||||
"value": "-----BEGIN OPENSSH PRIVATE KEY-----\r\n.....\r\n-----END OPENSSH PRIVATE KEY-----\r\n"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "key_type",
|
||||
"type": "STRING",
|
||||
"label": "key type",
|
||||
"value": "ed25519",
|
||||
"reference": "op://Personal/ssh key/key type"
|
||||
},
|
||||
{
|
||||
"id": "notesPlain",
|
||||
"type": "STRING",
|
||||
"purpose": "NOTES",
|
||||
"label": "notesPlain",
|
||||
"reference": "op://Personal/ssh key/notesPlain"
|
||||
}
|
||||
]
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: 2025, Ansible Project
|
30
tests/unit/plugins/lookup/test_onepassword_ssh_key.py
Normal file
30
tests/unit/plugins/lookup/test_onepassword_ssh_key.py
Normal file
|
@ -0,0 +1,30 @@
|
|||
# Copyright (c) 2025 Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from __future__ import (absolute_import, division, print_function)
|
||||
__metaclass__ = type
|
||||
|
||||
import json
|
||||
import pytest
|
||||
|
||||
from .onepassword_common import SSH_KEY_MOCK_ENTRIES
|
||||
|
||||
from ansible.plugins.loader import lookup_loader
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
("vault", "queries", "kwargs", "output", "expected"),
|
||||
(
|
||||
(item["vault_name"], item["queries"], item.get("kwargs", {}), item["output"], item["expected"])
|
||||
for item in SSH_KEY_MOCK_ENTRIES
|
||||
)
|
||||
)
|
||||
def test_ssh_key(mocker, vault, queries, kwargs, output, expected):
|
||||
mocker.patch("ansible_collections.community.general.plugins.lookup.onepassword.OnePass.assert_logged_in", return_value=True)
|
||||
mocker.patch("ansible_collections.community.general.plugins.lookup.onepassword.OnePassCLIBase._run", return_value=(0, json.dumps(output), ""))
|
||||
|
||||
op_lookup = lookup_loader.get("community.general.onepassword_ssh_key")
|
||||
result = op_lookup.run(queries, vault=vault, **kwargs)
|
||||
|
||||
assert result == expected
|
Loading…
Add table
Add a link
Reference in a new issue