diff --git a/awx/main/conf.py b/awx/main/conf.py
index 9ae86d6a40..33ed4d9e13 100644
--- a/awx/main/conf.py
+++ b/awx/main/conf.py
@@ -514,6 +514,17 @@ register(
category_slug='jobs'
)
+register(
+ 'GALAXY_IGNORE_CERTS',
+ field_class=fields.BooleanField,
+ default=False,
+ label=_('Ignore Ansible Galaxy SSL Certificate Verification'),
+ help_text=_('If set to true, certificate validation will not be done when'
+ 'installing content from any Galaxy server.'),
+ category=_('Jobs'),
+ category_slug='jobs'
+)
+
register(
'STDOUT_MAX_BYTES_DISPLAY',
field_class=fields.IntegerField,
diff --git a/awx/main/models/notifications.py b/awx/main/models/notifications.py
index 9163e57e92..26ff15580f 100644
--- a/awx/main/models/notifications.py
+++ b/awx/main/models/notifications.py
@@ -269,6 +269,7 @@ class JobNotificationMixin(object):
'timeout', 'use_fact_cache', 'launch_type', 'status', 'failed', 'started', 'finished',
'elapsed', 'job_explanation', 'execution_node', 'controller_node', 'allow_simultaneous',
'scm_revision', 'diff_mode', 'job_slice_number', 'job_slice_count', 'custom_virtualenv',
+ 'approval_status', 'approval_node_name', 'workflow_url',
{'host_status_counts': ['skipped', 'ok', 'changed', 'failures', 'dark']},
{'playbook_counts': ['play_count', 'task_count']},
{'summary_fields': [{'inventory': ['id', 'name', 'description', 'has_active_failures',
@@ -366,6 +367,9 @@ class JobNotificationMixin(object):
'verbosity': 0},
'job_friendly_name': 'Job',
'url': 'https://towerhost/#/jobs/playbook/1010',
+ 'approval_status': 'approved',
+ 'approval_node_name': 'Approve Me',
+ 'workflow_url': 'https://towerhost/#/workflows/1010',
'job_metadata': """{'url': 'https://towerhost/$/jobs/playbook/13',
'traceback': '',
'status': 'running',
diff --git a/awx/main/tasks.py b/awx/main/tasks.py
index ad7d43e4a3..3a99d477dd 100644
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@@ -1938,7 +1938,8 @@ class RunProjectUpdate(BaseTask):
env['TMP'] = settings.AWX_PROOT_BASE_PATH
env['PROJECT_UPDATE_ID'] = str(project_update.pk)
env['ANSIBLE_CALLBACK_PLUGINS'] = self.get_path_to('..', 'plugins', 'callback')
- env['ANSIBLE_GALAXY_IGNORE'] = True
+ if settings.GALAXY_IGNORE_CERTS:
+ env['ANSIBLE_GALAXY_IGNORE'] = True
# Set up the public Galaxy server, if enabled
if settings.PUBLIC_GALAXY_ENABLED:
galaxy_servers = [settings.PUBLIC_GALAXY_SERVER]
diff --git a/awx/main/tests/functional/models/test_notifications.py b/awx/main/tests/functional/models/test_notifications.py
index 1b671efdcb..00cc217a82 100644
--- a/awx/main/tests/functional/models/test_notifications.py
+++ b/awx/main/tests/functional/models/test_notifications.py
@@ -88,6 +88,9 @@ class TestJobNotificationMixin(object):
'verbosity': int},
'job_friendly_name': str,
'job_metadata': str,
+ 'approval_status': str,
+ 'approval_node_name': str,
+ 'workflow_url': str,
'url': str}
diff --git a/awx/settings/defaults.py b/awx/settings/defaults.py
index 891331f65c..d105828225 100644
--- a/awx/settings/defaults.py
+++ b/awx/settings/defaults.py
@@ -605,6 +605,9 @@ PUBLIC_GALAXY_SERVER = {
'url': 'https://galaxy.ansible.com'
}
+# Applies to any galaxy server
+GALAXY_IGNORE_CERTS = False
+
# List of dicts of fallback (additional) Galaxy servers. If configured, these
# will be higher precedence than public Galaxy, but lower than primary Galaxy.
# Available options: 'id', 'url', 'username', 'password', 'token', 'auth_url'
diff --git a/awx/ui/client/src/notifications/notificationTemplates.form.js b/awx/ui/client/src/notifications/notificationTemplates.form.js
index 92ad403101..29f1764a72 100644
--- a/awx/ui/client/src/notifications/notificationTemplates.form.js
+++ b/awx/ui/client/src/notifications/notificationTemplates.form.js
@@ -598,7 +598,7 @@ export default ['i18n', function(i18n) {
'{{ url }}, or attributes of the job such as ' +
'{{ job.status }}. You may apply a number of possible ' +
'variables in the message. Refer to the ' +
- 'Ansible Tower documentation for more details.'),
closeable: false
},