Add setting for auth_url

Also adjust public galaxy URL setting to allow using only the primary Galaxy server Include auth_url in token exclusivity validation
2026-05-13 20:37:39 -02:30 · 2019-10-04 13:24:39 -04:00
parent 85c99cc38a
commit c09039e963
6 changed files with 55 additions and 20 deletions
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@@ -52,7 +52,7 @@ import ansible_runner

 # AWX
 from awx import __version__ as awx_application_version
-from awx.main.constants import CLOUD_PROVIDERS, PRIVILEGE_ESCALATION_METHODS, STANDARD_INVENTORY_UPDATE_ENV
+from awx.main.constants import CLOUD_PROVIDERS, PRIVILEGE_ESCALATION_METHODS, STANDARD_INVENTORY_UPDATE_ENV, GALAXY_SERVER_FIELDS
 from awx.main.access import access_registry
 from awx.main.models import (
    Schedule, TowerScheduleState, Instance, InstanceGroup,
@@ -1883,18 +1883,24 @@ class RunProjectUpdate(BaseTask):
        env['TMP'] = settings.AWX_PROOT_BASE_PATH
        env['PROJECT_UPDATE_ID'] = str(project_update.pk)
        env['ANSIBLE_CALLBACK_PLUGINS'] = self.get_path_to('..', 'plugins', 'callback')
+        env['ANSIBLE_GALAXY_IGNORE'] = True
+        # Set up the fallback server, which is the normal Ansible Galaxy by default
+        galaxy_servers = list(settings.FALLBACK_GALAXY_SERVERS)
        # If private galaxy URL is non-blank, that means this feature is enabled
        if settings.PRIMARY_GALAXY_URL:
-            # set up the fallback server, which is the normal Ansible Galaxy
-            env['ANSIBLE_GALAXY_SERVER_GALAXY_URL'] = settings.PUBLIC_GALAXY_URL
-            for key in ('url', 'username', 'password', 'token'):
-                setting_name = 'PRIMARY_GALAXY_{}'.format(key.upper())
-                value = getattr(settings, setting_name)
+            galaxy_servers = [{'id': 'primary_galaxy'}] + galaxy_servers
+            for key in GALAXY_SERVER_FIELDS:
+                value = getattr(settings, 'PRIMARY_GALAXY_{}'.format(key.upper()))
                if value:
-                    env_key = 'ANSIBLE_GALAXY_SERVER_PRIMARY_GALAXY_{}'.format(key.upper())
-                    env[env_key] = value
-            # now set the precedence
-            env['ANSIBLE_GALAXY_SERVER_LIST'] = 'primary_galaxy,galaxy'
+                    galaxy_servers[0][key] = value
+        for server in galaxy_servers:
+            for key in GALAXY_SERVER_FIELDS:
+                if not server.get(key):
+                    continue
+                env_key = ('ANSIBLE_GALAXY_SERVER_{}_{}'.format(server.get('id', 'unnamed'), key)).upper()
+                env[env_key] = server[key]
+        # now set the precedence of galaxy servers
+        env['ANSIBLE_GALAXY_SERVER_LIST'] = ','.join([server.get('id', 'unnamed') for server in galaxy_servers])
        return env

    def _build_scm_url_extra_vars(self, project_update):