fix(create_secret): prevent moving existing credentials to root if no path is provided

Author: Sylfwood

galaxy.yml

@@ -1,6 +1,6 @@
 namespace: devolutions
 name: dvls
-version: 1.2.2
+version: 1.2.3
 readme: README.md
 authors:
 - Danny Bédard <[email protected]>

plugins/module_utils/vaults.py

@@ -117,8 +117,8 @@ def get_vault_entries(server_base_url, token, vault_id):
         raise Exception(f"An error occurred while getting vault entries: {e}")
 
 
-def find_entry_by_name(entries, name):
+def find_entry_by_name(entries, name, path=""):
     for entry in entries:
-        if entry.get("name") == name:
+        if entry.get("name") == name and entry.get("path") == path:
             return entry
     return None

plugins/modules/create_secret.py

@@ -150,9 +150,13 @@ def run_module():
     password = secret.get("value")
     secret_type = secret.get("secret_type")
     secret_subtype = secret.get("secret_subtype")
-    secret_path = secret.get("secret_path")
     description = secret.get("secret_description")
 
+    if secret.get("secret_path") is None:
+        secret_path = ""
+    else:
+        secret_path = secret.get("secret_path")
+
     vault_id = module.params.get("vault_id")
 
     try:
@@ -178,7 +182,7 @@ def run_module():
         )
 
         # when an existing entry is found, it gets updated. Otherwise a new entry gets created
-        entry = find_entry_by_name(path_entries, secret_name)
+        entry = find_entry_by_name(path_entries, secret_name, secret_path)
         if entry:
             vault_url = f"{server_base_url}/api/v1/vault/{vault_id}/entry/{entry['id']}"
             response = requests.put(vault_url, headers=vault_headers, json=vault_body)