fix: allow for RHAPP, file content and env vars from SMS (#1383)

mkanoor · web-flow · commit b743b94d4ffb · 2025-08-21T09:50:24.000-04:00
We missed this file when working on PR #1361 https://issues.redhat.com/browse/AAP-51904 We are adding an ATF test to do the real integration test https://issues.redhat.com/browse/AAP-51905
diff --git a/src/aap_eda/wsapi/consumers.py b/src/aap_eda/wsapi/consumers.py
@@ -24,6 +24,7 @@
 )
 from aap_eda.core.utils.credentials import (
     add_default_values_to_user_inputs,
+    get_resolved_secrets,
     get_secret_fields,
 )
 from aap_eda.core.utils.strings import extract_variables, substitute_variables
@@ -323,9 +324,7 @@ def insert_audit_rule_data(self, message: ActionMessage) -> None:
                     )
                 )
                 if credentials:
-                    inputs = yaml.safe_load(
-                        credentials[0].inputs.get_secret_value()
-                    )
+                    inputs = get_resolved_secrets(credentials[0])
 
             url = self._get_url(message, inputs)
             audit_action = models.AuditAction.objects.create(
@@ -436,9 +435,8 @@ def get_controller_info_from_aap_cred(
             )
             for eda_credential in activation.eda_credentials.all():
                 if eda_credential.credential_type.id == aap_credential_type.id:
-                    inputs = yaml.safe_load(
-                        eda_credential.inputs.get_secret_value()
-                    )
+                    inputs = get_resolved_secrets(eda_credential)
+
                     return ControllerInfo(
                         url=inputs["host"],
                         token=inputs.get("oauth_token", ""),
@@ -470,7 +468,7 @@ def get_eda_system_vault_passwords(
         for credential in activation.eda_credentials.filter(
             credential_type_id=vault_credential_type.id
         ).union(vault):
-            inputs = yaml.safe_load(credential.inputs.get_secret_value())
+            inputs = get_resolved_secrets(credential)
 
             vault_passwords.append(
                 VaultPassword(
@@ -526,7 +524,7 @@ def get_file_contents_from_credentials(
         file_template_names = []
         file_messages = []
         for eda_credential in activation.eda_credentials.all():
-            inputs = yaml.safe_load(eda_credential.inputs.get_secret_value())
+            inputs = get_resolved_secrets(eda_credential)
             injectors = eda_credential.credential_type.injectors
             binary_fields = []
             for field in eda_credential.credential_type.inputs.get(
@@ -569,9 +567,7 @@ def get_env_vars_from_credentials(
 
                 schema_inputs = eda_credential.credential_type.inputs
                 secret_fields = get_secret_fields(schema_inputs)
-                user_inputs = yaml.safe_load(
-                    eda_credential.inputs.get_secret_value()
-                )
+                user_inputs = get_resolved_secrets(eda_credential)
 
                 add_default_values_to_user_inputs(schema_inputs, user_inputs)
 
@@ -626,8 +622,9 @@ def get_vault_password_and_id(
         activation: models.Activation,
     ) -> [tp.Optional[str], tp.Optional[str]]:
         if activation.eda_system_vault_credential:
-            vault_inputs = activation.eda_system_vault_credential.inputs
-            vault_inputs = yaml.safe_load(vault_inputs.get_secret_value())
+            vault_inputs = get_resolved_secrets(
+                activation.eda_system_vault_credential
+            )
             return vault_inputs["vault_password"], vault_inputs["vault_id"]
         return None, None
 
