improve(inventory): Support more authentication methods and Change us…

…er_agent

contrib/inventory/alicloud.ini

@@ -109,3 +109,8 @@ group_by_tag_none = True
 #
 # alicloud_access_key = Abcd1234
 # alicloud_secret_key = Abcd2345
+# alicloud_region=cn-beijing
+# alicloud_profile=test
+# alicloud_role_arn=acs:ram::1182725234319447:role/role_name
+# alicloud_assume_role_session_name=ansible-test
+# alicloud_assume_role_policy={"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": "*"}],"Version": "1"}

contrib/inventory/alicloud.py

@@ -25,7 +25,7 @@
 import configparser
 
 from time import time
-from ansible.module_utils.alicloud_ecs import connect_to_acs
+from ansible.module_utils.alicloud_ecs import connect_to_acs, get_profile
 
 try:
     import json
@@ -141,11 +141,50 @@ def read_settings(self):
         if not security_token:
             security_token = self.get_option(config, 'credentials', 'alicloud_security_token')
 
-        self.credentials = {
-            'acs_access_key_id': access_key,
-            'acs_secret_access_key': secret_key,
+        alicloud_region = os.environ.get('ALICLOUD_REGION', None)
+        if not alicloud_region:
+            alicloud_region = self.get_option(config, 'credentials', 'alicloud_region')
+
+        ecs_role_name = os.environ.get('ALICLOUD_ECS_ROLE_NAME', None)
+        if not ecs_role_name:
+            ecs_role_name = self.get_option(config, 'credentials', 'alicloud_ecs_role_name')
+
+        profile = os.environ.get('ALICLOUD_PROFILE', None)
+        if not profile:
+            profile = self.get_option(config, 'credentials', 'alicloud_profile')
+
+        shared_credentials_file = os.environ.get('ALICLOUD_SHARED_CREDENTIALS_FILE', None)
+        if not shared_credentials_file:
+            shared_credentials_file = self.get_option(config, 'credentials', 'alicloud_shared_credentials_file')
+
+        role_arn = os.environ.get('ALICLOUD_ASSUME_ROLE_ARN', None)
+        if not role_arn:
+            role_arn = self.get_option(config, 'credentials', 'alicloud_role_arn')
+
+        assume_role_session_name = os.environ.get('ALICLOUD_ASSUME_ROLE_SESSION_NAME', None)
+        if not assume_role_session_name:
+            assume_role_session_name = self.get_option(config, 'credentials', 'alicloud_assume_role_session_name')
+
+        assume_role_session_expiration = os.environ.get('ALICLOUD_ASSUME_ROLE_SESSION_EXPIRATION', None)
+        if not assume_role_session_expiration:
+            assume_role_session_expiration = self.get_option(config, 'credentials', 'alicloud_assume_role_session_expiration')
+
+        alicloud_assume_role_policy = self.get_option(config, 'credentials', 'alicloud_assume_role_policy')
+
+        credentials = {
+            'alicloud_access_key': access_key,
+            'alicloud_secret_key': secret_key,
             'security_token': security_token,
+            'ecs_role_name': ecs_role_name,
+            'profile': profile,
+            'shared_credentials_file': shared_credentials_file,
+            'alicloud_assume_role_policy': alicloud_assume_role_policy,
+            'alicloud_assume_role_arn': role_arn,
+            'alicloud_assume_role_session_name': assume_role_session_name,
+            'alicloud_assume_role_session_expiration': assume_role_session_expiration,
+            'alicloud_region': alicloud_region
         }
+        self.credentials = get_profile(credentials)
 
         # Regions
         config_regions = self.get_option(config, 'ecs', 'regions')
@@ -441,7 +480,7 @@ def connect_to_ecs(self, module, region):
 
         # Check module args for credentials, then check environment vars access key pair and region
         connect_args = self.credentials
-        connect_args['user_agent'] = 'Ansible-Provider-Alicloud'
+        connect_args['user_agent'] = 'Ansible-Provider-Inventory'
         conn = connect_to_acs(module, region, **connect_args)
         if conn is None:
             self.fail_with_error("region name: %s likely not supported. Connection to region failed." % region)