Skip to content

F add test machine env password option#638

Open
carebare47 wants to merge 11 commits intomasterfrom
F_add_test_machine_env_password_option
Open

F add test machine env password option#638
carebare47 wants to merge 11 commits intomasterfrom
F_add_test_machine_env_password_option

Conversation

@carebare47
Copy link
Contributor

@carebare47 carebare47 commented Feb 5, 2025

Proposed changes

add option for password to be read from a vault file (for test machine infrastructure)

Checklist

Before posting a PR ensure that from each of the below categories AT LEAST ONE BOX HAS BEEN CHECKED. If more than one category is applicable then more can be checked. Also ensure that the proposed changes have been filled out with relevant information for reviewers.

Tests

  • No tests required to be added. (For small changes that will be tested by CI/CD infrastructure).
  • Added/Modified automated and PhantomHand CI tests (if a new class is added (Python or C++), the interface of that class must be unit tested).
  • Manually tested in simulation (if simulation specific or no hardware required to test the functionality).
  • Manually tested on hardware (if hardware specific or related).

Documentation

  • No documentation required to be added.
  • Added documentation (For any new feature, explain what it does and how to use it. Write the documentation in a relevant space, e.g. Github, Confluence, etc).
  • Updated documentation (For changes to pre-existing features mentioned in the documentation).

@carebare47 carebare47 requested review from a team as code owners February 5, 2025 17:18
toliver
toliver requested changes Feb 6, 2025
View reviewed changes
bin/run-ansible.sh
aurora_inventory="ansible/inventory/${aurora_inventory}"
ansible_flags="${ansible_flags} --ask-become-pass"
if [[ "${test_machine}" != "true" ]]; then
ansible_flags="${ansible_flags} --ask-become-pass"
Copy link
Contributor

@toliver toliver Feb 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why don't we need the become password in the test_machine case?

bin/run-ansible.sh
fi
ansible_flags="${ansible_flags} --ask-vault-pass"
if [[ "${test_machine}" = "true" ]]; then
ansible_flags="${ansible_flags} --vault-password-file /home/$USER/vault.sh"
Copy link
Contributor

@toliver toliver Feb 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How does the vault.sh file look like? Should we add an exmple file? or a comment describing the contents of such file?

bin/run-ansible.sh
echo ""

if [[ "${test_machine}" = "true" ]]; then
echo $test_password | sudo -S echo "Running on testing machine. Retrieving passwords from ENV..."
Copy link
Contributor

@toliver toliver Feb 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where does the variable test_password get set? Should we add an example or instructions or a script that calls run-ansible.sh after setting this variable?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@toliver toliver toliver requested changes

@niko-holmes niko-holmes niko-holmes approved these changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@carebare47 @toliver @niko-holmes