Merge branch 'devel' into move_to_dispatcherd

awx/api/serializers.py

@@ -963,13 +963,13 @@ class UnifiedJobSerializer(BaseSerializer):
 
 class UnifiedJobListSerializer(UnifiedJobSerializer):
     class Meta:
-        fields = ('*', '-job_args', '-job_cwd', '-job_env', '-result_traceback', '-event_processing_finished')
+        fields = ('*', '-job_args', '-job_cwd', '-job_env', '-result_traceback', '-event_processing_finished', '-artifacts')
 
     def get_field_names(self, declared_fields, info):
         field_names = super(UnifiedJobListSerializer, self).get_field_names(declared_fields, info)
         # Meta multiple inheritance and -field_name options don't seem to be
         # taking effect above, so remove the undesired fields here.
-        return tuple(x for x in field_names if x not in ('job_args', 'job_cwd', 'job_env', 'result_traceback', 'event_processing_finished'))
+        return tuple(x for x in field_names if x not in ('job_args', 'job_cwd', 'job_env', 'result_traceback', 'event_processing_finished', 'artifacts'))
 
     def get_types(self):
         if type(self) is UnifiedJobListSerializer:

awx/api/views/__init__.py

@@ -385,6 +385,14 @@ class InstanceList(ListCreateAPIView):
     ordering = ('id',)
     resource_purpose = 'instances'
 
+    @extend_schema_if_available(
+        extensions={
+            "x-ai-description": "Register an execution or hop node instance. Only available on openshift based AAP deployments. Use the install bundle playbook to further provision the instance"
+        }
+    )
+    def post(self, request, *args, **kwargs):
+        return super().post(request, *args, **kwargs)
+
     def get_queryset(self):
         qs = super().get_queryset().prefetch_related('receptor_addresses')
         return qs
@@ -539,6 +547,14 @@ class InstanceGroupList(ListCreateAPIView):
     serializer_class = serializers.InstanceGroupSerializer
     resource_purpose = 'instance groups'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of instance groups."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
+    @extend_schema_if_available(extensions={"x-ai-description": "Create an instance group. Instances in this group determine where a job will be executed"})
+    def post(self, request, *args, **kwargs):
+        return super().post(request, *args, **kwargs)
+
 
 class InstanceGroupDetail(RelatedJobsPreventDeleteMixin, RetrieveUpdateDestroyAPIView):
     always_allow_superuser = False
@@ -868,6 +884,14 @@ class ExecutionEnvironmentList(ListCreateAPIView):
     swagger_topic = "Execution Environments"
     resource_purpose = 'execution environments'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of execution environments."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
+    @extend_schema_if_available(extensions={"x-ai-description": "Create a new execution environment. Once associated with JT/org/etc"})
+    def post(self, request, *args, **kwargs):
+        return super().post(request, *args, **kwargs)
+
 
 class ExecutionEnvironmentDetail(RetrieveUpdateDestroyAPIView):
     always_allow_superuser = False
@@ -891,6 +915,22 @@ class ExecutionEnvironmentDetail(RetrieveUpdateDestroyAPIView):
                     raise PermissionDenied(_("Only the 'pull' field can be edited for managed execution environments."))
         return super().update(request, *args, **kwargs)
 
+    @extend_schema_if_available(
+        extensions={"x-ai-description": "Update all fields of an execution environment. All fields must be provided in the request body."}
+    )
+    def put(self, request, *args, **kwargs):
+        return super().put(request, *args, **kwargs)
+
+    @extend_schema_if_available(
+        extensions={"x-ai-description": "Update specific fields of an execution environment. Only the fields you provide will be updated."}
+    )
+    def patch(self, request, *args, **kwargs):
+        return super().patch(request, *args, **kwargs)
+
+    @extend_schema_if_available(extensions={"x-ai-description": "Delete an execution environment."})
+    def delete(self, request, *args, **kwargs):
+        return super().delete(request, *args, **kwargs)
+
 
 class ExecutionEnvironmentJobTemplateList(SubListAPIView):
     model = models.UnifiedJobTemplate
@@ -921,6 +961,10 @@ class ProjectList(ListCreateAPIView):
     serializer_class = serializers.ProjectSerializer
     resource_purpose = 'projects'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of projects."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
 
 class ProjectDetail(RelatedJobsPreventDeleteMixin, RetrieveUpdateDestroyAPIView):
     model = models.Project
@@ -1346,12 +1390,28 @@ class CredentialTypeList(ListCreateAPIView):
     serializer_class = serializers.CredentialTypeSerializer
     resource_purpose = 'credential types'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of credential types"})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
+    @extend_schema_if_available(extensions={"x-ai-description": "Create a new custom credential type"})
+    def post(self, request, *args, **kwargs):
+        return super().post(request, *args, **kwargs)
+
 
 class CredentialTypeDetail(RetrieveUpdateDestroyAPIView):
     model = models.CredentialType
     serializer_class = serializers.CredentialTypeSerializer
     resource_purpose = 'credential type detail'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "Update a custom credential type."})
+    def put(self, request, *args, **kwargs):
+        return super().put(request, *args, **kwargs)
+
+    @extend_schema_if_available(extensions={"x-ai-description": "Update a custom credential type."})
+    def patch(self, request, *args, **kwargs):
+        return super().patch(request, *args, **kwargs)
+
     def destroy(self, request, *args, **kwargs):
         instance = self.get_object()
         if instance.managed:
@@ -1360,6 +1420,10 @@ class CredentialTypeDetail(RetrieveUpdateDestroyAPIView):
             raise PermissionDenied(detail=_("Credential types that are in use cannot be deleted"))
         return super(CredentialTypeDetail, self).destroy(request, *args, **kwargs)
 
+    @extend_schema_if_available(extensions={"x-ai-description": "Delete a custom credential type. Cannot delete managed types or types currently in use."})
+    def delete(self, request, *args, **kwargs):
+        return super().delete(request, *args, **kwargs)
+
 
 class CredentialTypeCredentialList(SubListCreateAPIView):
     model = models.Credential
@@ -1384,6 +1448,10 @@ class CredentialList(ListCreateAPIView):
     serializer_class = serializers.CredentialSerializerCreate
     resource_purpose = 'credentials'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of credentials"})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
     @extend_schema_if_available(
         extensions={
             "x-ai-description": "Create a new credential. The `inputs` field contain type-specific input fields. The required fields depend on related `credential_type`. Use GET /v2/credential_types/{id}/ (tool name: controller.credential_types_retrieve) and inspect `inputs` field for the specific credential type's expected schema."
@@ -1673,6 +1741,10 @@ class HostList(HostRelatedSearchMixin, ListCreateAPIView):
     serializer_class = serializers.HostSerializer
     resource_purpose = 'hosts'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of hosts."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
     def get_queryset(self):
         qs = super(HostList, self).get_queryset()
         filter_string = self.request.query_params.get('host_filter', None)
@@ -1816,6 +1888,14 @@ class GroupList(ListCreateAPIView):
     serializer_class = serializers.GroupSerializer
     resource_purpose = 'groups'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of groups."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
+    @extend_schema_if_available(extensions={"x-ai-description": "Create a new group."})
+    def post(self, request, *args, **kwargs):
+        return super().post(request, *args, **kwargs)
+
 
 class EnforceParentRelationshipMixin(object):
     """
@@ -2015,6 +2095,10 @@ class HostVariableData(BaseVariableData):
     serializer_class = serializers.HostVariableDataSerializer
     resource_purpose = 'variable data for a host'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "The extra variable configuration for this host."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
 
 class GroupVariableData(BaseVariableData):
     model = models.Group
@@ -2302,7 +2386,7 @@ class InventorySourceUpdateView(RetrieveAPIView):
     serializer_class = serializers.InventorySourceUpdateSerializer
     resource_purpose = 'update an inventory source'
 
-    @extend_schema_if_available(extensions={"x-ai-description": "Update inventory source"})
+    @extend_schema_if_available(extensions={"x-ai-description": "Sync the inventory source"})
     def post(self, request, *args, **kwargs):
         obj = self.get_object()
         serializer = self.get_serializer(instance=obj, data=request.data)
@@ -2362,6 +2446,10 @@ class JobTemplateList(ListCreateAPIView):
     always_allow_superuser = False
     resource_purpose = 'job templates'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of job templates."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
     def check_permissions(self, request):
         if request.method == 'POST':
             if request.user.is_anonymous:
@@ -2439,9 +2527,7 @@ class JobTemplateLaunch(RetrieveAPIView):
 
         return modern_data
 
-    @extend_schema_if_available(
+    @extend_schema_if_available(extensions={"x-ai-description": "Launch the job template"})
-        extensions={'x-ai-description': 'Launch a job'},
-    )
     def post(self, request, *args, **kwargs):
         obj = self.get_object()
 
@@ -3140,6 +3226,10 @@ class WorkflowJobTemplateList(ListCreateAPIView):
     always_allow_superuser = False
     resource_purpose = 'workflow job templates'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of workflow job templates."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
     def check_permissions(self, request):
         if request.method == 'POST':
             if request.user.is_anonymous:
@@ -3253,9 +3343,7 @@ class WorkflowJobTemplateLaunch(RetrieveAPIView):
 
         return data
 
-    @extend_schema_if_available(
+    @extend_schema_if_available(extensions={"x-ai-description": "Launch the workflow job template."})
-        extensions={'x-ai-description': 'Launch a workflow job'},
-    )
     def post(self, request, *args, **kwargs):
         obj = self.get_object()
 
@@ -3297,9 +3385,7 @@ class WorkflowJobRelaunch(GenericAPIView):
     def get(self, request, *args, **kwargs):
         return Response({})
 
-    @extend_schema_if_available(
+    @extend_schema_if_available(extensions={"x-ai-description": "Relaunch a workflow job"})
-        extensions={'x-ai-description': 'Relaunch a workflow job'},
-    )
     def post(self, request, *args, **kwargs):
         obj = self.get_object()
         if obj.is_sliced_job:
@@ -3416,6 +3502,10 @@ class WorkflowJobList(ListAPIView):
     serializer_class = serializers.WorkflowJobListSerializer
     resource_purpose = 'workflow jobs'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of workflow jobs."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
 
 class WorkflowJobDetail(UnifiedJobDeletionMixin, RetrieveDestroyAPIView):
     model = models.WorkflowJob
@@ -3441,7 +3531,7 @@ class WorkflowJobCancel(GenericCancelView):
     serializer_class = serializers.WorkflowJobCancelSerializer
     resource_purpose = 'cancel for a workflow job'
 
-    @extend_schema_if_available(extensions={"x-ai-description": "Cancel a workflow job"})
+    @extend_schema_if_available(extensions={"x-ai-description": "Cancel a running or pending workflow job"})
     def post(self, request, *args, **kwargs):
         r = super().post(request, *args, **kwargs)
         ScheduleWorkflowManager().schedule()
@@ -3562,6 +3652,10 @@ class JobList(ListAPIView):
     serializer_class = serializers.JobListSerializer
     resource_purpose = 'jobs'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of jobs."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
 
 class JobDetail(UnifiedJobDeletionMixin, RetrieveDestroyAPIView):
     model = models.Job
@@ -3611,6 +3705,10 @@ class JobCancel(GenericCancelView):
     serializer_class = serializers.JobCancelSerializer
     resource_purpose = 'cancel for a job'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "Cancel a running or pending job"})
+    def post(self, request, *args, **kwargs):
+        return super().post(request, *args, **kwargs)
+
 
 class JobRelaunch(RetrieveAPIView):
     model = models.Job
@@ -3645,9 +3743,7 @@ class JobRelaunch(RetrieveAPIView):
                 self.permission_denied(request, message=messages['detail'])
         return super(JobRelaunch, self).check_object_permissions(request, obj)
 
-    @extend_schema_if_available(
+    @extend_schema_if_available(extensions={"x-ai-description": "Relaunch a job"})
-        extensions={'x-ai-description': 'Relaunch a job'},
-    )
     def post(self, request, *args, **kwargs):
         obj = self.get_object()
         context = self.get_serializer_context()
@@ -4397,6 +4493,10 @@ class JobStdout(UnifiedJobStdout):
     model = models.Job
     resource_purpose = 'stdout output of a job'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "Get the standard output for the selected job."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
 
 class AdHocCommandStdout(UnifiedJobStdout):
     model = models.AdHocCommand
@@ -4408,12 +4508,28 @@ class NotificationTemplateList(ListCreateAPIView):
     serializer_class = serializers.NotificationTemplateSerializer
     resource_purpose = 'notification templates'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of notification templates."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
+    @extend_schema_if_available(extensions={"x-ai-description": "Create a new notification template."})
+    def post(self, request, *args, **kwargs):
+        return super().post(request, *args, **kwargs)
+
 
 class NotificationTemplateDetail(RetrieveUpdateDestroyAPIView):
     model = models.NotificationTemplate
     serializer_class = serializers.NotificationTemplateSerializer
     resource_purpose = 'notification template detail'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "Update a notification template."})
+    def put(self, request, *args, **kwargs):
+        return super().put(request, *args, **kwargs)
+
+    @extend_schema_if_available(extensions={"x-ai-description": "Update a notification template."})
+    def patch(self, request, *args, **kwargs):
+        return super().patch(request, *args, **kwargs)
+
     @extend_schema_if_available(extensions={"x-ai-description": "Delete a notification template"})
     def delete(self, request, *args, **kwargs):
         obj = self.get_object()
@@ -4493,6 +4609,14 @@ class ActivityStreamList(SimpleListAPIView):
     search_fields = ('changes',)
     resource_purpose = 'audit trail entries for tracking system changes'
 
+    @extend_schema_if_available(
+        extensions={
+            "x-ai-description": "A list of activity stream entries. An activity stream entry tracks actions or changes that were previously made to the system."
+        }
+    )
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
 
 class ActivityStreamDetail(RetrieveAPIView):
     model = models.ActivityStream

awx/api/views/analytics.py

@@ -52,9 +52,7 @@ class AnalyticsRootView(APIView):
     swagger_topic = 'Automation Analytics'
     resource_purpose = 'automation analytics endpoints'
 
-    @extend_schema_if_available(
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of additional API endpoints related to analytics"})
-        extensions={'x-ai-description': 'Retrieve list of available analytics endpoints'},
-    )
     def get(self, request, format=None):
         data = OrderedDict()
         data['authorized'] = reverse('api:analytics_authorized', request=request)

awx/api/views/inventory.py

@@ -73,6 +73,10 @@ class InventoryList(ListCreateAPIView):
     serializer_class = InventorySerializer
     resource_purpose = 'inventories'
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of inventories."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
 
 class InventoryDetail(RelatedJobsPreventDeleteMixin, RetrieveUpdateDestroyAPIView):
     model = Inventory

awx/api/views/root.py

@@ -366,9 +366,7 @@ class ApiV2ConfigView(APIView):
 
         return Response(data)
 
-    @extend_schema_if_available(
+    @extend_schema_if_available(extensions={"x-ai-description": "Add or update a subscription manifest license"})
-        extensions={'x-ai-description': 'Upload a subscription manifest'},
-    )
     def post(self, request):
         if not isinstance(request.data, dict):
             return Response({"error": _("Invalid subscription data")}, status=status.HTTP_400_BAD_REQUEST)

awx/conf/views.py

@@ -31,6 +31,7 @@ from awx.conf.models import Setting
 from awx.conf.serializers import SettingCategorySerializer, SettingSingletonSerializer
 from awx.conf import settings_registry
 from awx.main.utils.external_logging import reconfigure_rsyslog
+from ansible_base.lib.utils.schema import extend_schema_if_available
 
 SettingCategory = collections.namedtuple('SettingCategory', ('url', 'slug', 'name'))
 
@@ -41,6 +42,10 @@ class SettingCategoryList(ListAPIView):
     filter_backends = []
     name = _('Setting Categories')
 
+    @extend_schema_if_available(extensions={"x-ai-description": "A list of additional API endpoints related to settings."})
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
+
     def get_queryset(self):
         setting_categories = []
         categories = settings_registry.get_registered_categories()
@@ -62,6 +67,10 @@ class SettingSingletonDetail(RetrieveUpdateDestroyAPIView):
     filter_backends = []
     name = _('Setting Detail')
 
+    @extend_schema_if_available(extensions={"x-ai-description": "Update system settings."})
+    def patch(self, request, *args, **kwargs):
+        return super().patch(request, *args, **kwargs)
+
     def get_queryset(self):
         self.category_slug = self.kwargs.get('category_slug', 'all')
         all_category_slugs = list(settings_registry.get_registered_categories().keys())

awx/main/tests/unit/api/serializers/test_unified_serializers.py

@@ -39,7 +39,7 @@ def test_unified_job_detail_exclusive_fields():
     For each type, assert that the only fields allowed to be exclusive to
     detail view are the allowed types
     """
-    allowed_detail_fields = frozenset(('result_traceback', 'job_args', 'job_cwd', 'job_env', 'event_processing_finished'))
+    allowed_detail_fields = frozenset(('result_traceback', 'job_args', 'job_cwd', 'job_env', 'event_processing_finished', 'artifacts'))
     for cls in UnifiedJob.__subclasses__():
         list_serializer = getattr(serializers, '{}ListSerializer'.format(cls.__name__))
         detail_serializer = getattr(serializers, '{}Serializer'.format(cls.__name__))

awxkit/setup.py

@@ -92,7 +92,7 @@ setup(
         'requests',
         'setuptools',
     ],
-    python_requires=">=3.12",
+    python_requires=">=3.11",
     extras_require={'formatting': ['jq'], 'websockets': ['websocket-client==0.57.0'], 'crypto': ['cryptography']},
     license='Apache 2.0',
     classifiers=[
@@ -104,6 +104,7 @@ setup(
         'Operating System :: MacOS :: MacOS X',
         'Operating System :: POSIX :: Linux',
         'Programming Language :: Python',
+        'Programming Language :: Python :: 3.11',
         'Programming Language :: Python :: 3.12',
         'Topic :: System :: Software Distribution',
         'Topic :: System :: Systems Administration',

licenses/google-auth.txt

@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.

licenses/rsa.txt

@@ -1,13 +0,0 @@
-Copyright 2011 Sybren A. Stüvel <sybren@stuvel.eu>
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   https://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.

requirements/README.md

@@ -57,9 +57,8 @@ they are functionally working. Versions need to match the versions used in the p
 
 Verify ansible-runner's build dependency doesn't conflict with the changes made.
 
-### urllib3 and OPA-python-client
+### OPA-python-client
-There are incompatible version dependancies for urllib3 between OPA-python-client and kubernetes.
+OPA-python-client v2.0.3+ requires urllib3 v2.5.0+ but has other compatibility issues that need investigation.
-OPA-python-client v2.0.3+ requires urllib3 v2.5.0+ and kubernetes v34.1.0 caps it at v.2.4.0.
 
 ## djangorestframework
 Upgrading to 3.16.1 introduced errors on the tests around CredentialInputSource. We have several

requirements/requirements.in

@@ -6,6 +6,7 @@ azure-identity
 azure-keyvault
 boto3
 botocore
+cachetools  # Used by awx/conf/settings.py for TTLCache
 channels
 channels-redis
 cryptography
@@ -35,6 +36,7 @@ maturin  # pydantic-core build dep
 msgpack
 msrestazure
 OPA-python-client==2.0.2 # upgrading requires urllib3 2.5.0+ which is blocked by other deps
+kubernetes>=35.0.0
 openshift
 opentelemetry-api~=1.37     # new y streams can be drastically different, in a good way
 opentelemetry-sdk~=1.37
@@ -60,7 +62,7 @@ requests
 slack-sdk
 twilio
 twisted[tls]>=24.7.0  # CVE-2024-41810
-urllib3>=2.6.3 # CVE-2024-37891. capped by kubernetes 34.1.0 reqs
+urllib3>=2.6.3 # CVE-2024-37891
 uWSGI>=2.0.28
 uwsgitop
 wheel>=0.38.1  # CVE-2022-40898

requirements/requirements.txt

@@ -76,7 +76,7 @@ botocore==1.40.46
 brotli==1.1.0
     # via aiohttp
 cachetools==6.2.0
-    # via google-auth
+    # via -r /awx_devel/requirements/requirements.in
 # certifi @ git+https://github.com/ansible/system-certifi.git@devel  # git requirements installed separately
     # via
     #   -r /awx_devel/requirements/requirements_git.txt
@@ -181,8 +181,6 @@ gitdb==4.0.12
     # via gitpython
 gitpython==3.1.45
     # via -r /awx_devel/requirements/requirements.in
-google-auth==2.41.1
-    # via kubernetes
 googleapis-common-protos==1.70.0
     # via
     #   opentelemetry-exporter-otlp-proto-grpc
@@ -253,9 +251,9 @@ jsonschema==4.25.1
     #   drf-spectacular
 jsonschema-specifications==2025.9.1
     # via jsonschema
-# kubernetes @ git+https://github.com/kubernetes-client/python.git@df31d90d6c910d6b5c883b98011c93421cac067d  # git requirements installed separately
+kubernetes==35.0.0
     # via
-    #   -r /awx_devel/requirements/requirements_git.txt
+    #   -r /awx_devel/requirements/requirements.in
     #   openshift
 lockfile==0.12.2
     # via python-daemon
@@ -368,12 +366,9 @@ ptyprocess==0.7.0
 pyasn1==0.6.1
     # via
     #   pyasn1-modules
-    #   rsa
     #   service-identity
 pyasn1-modules==0.4.2
-    # via
+    # via service-identity
-    #   google-auth
-    #   service-identity
 pycares==4.11.0
     # via aiodns
 pycparser==2.23
@@ -463,8 +458,6 @@ rpds-py==0.27.1
     # via
     #   jsonschema
     #   referencing
-rsa==4.9.1
-    # via google-auth
 s3transfer==0.14.0
     # via boto3
 semantic-version==2.10.0

requirements/requirements_git.txt

@@ -22,4 +22,3 @@ ansible-runner @ git+https://github.com/ansible/ansible-runner.git@devel
 awx-plugins-core[credentials-github-app] @ git+https://github.com/ansible/awx-plugins.git@devel
 django-ansible-base[feature-flags,jwt-consumer,rbac,resource-registry,rest-filters] @ git+https://github.com/ansible/django-ansible-base@devel
 awx-plugins-interfaces @ git+https://github.com/ansible/awx_plugins.interfaces.git
-kubernetes @ git+https://github.com/kubernetes-client/python.git@df31d90d6c910d6b5c883b98011c93421cac067d