Remove TACACS+ authentication (#15547)

Remove TACACS+ authentication from AWX.

Co-authored-by: Hao Liu <44379968+TheRealHaoLiu@users.noreply.github.com>

tools/docker-compose/README.md

@@ -273,7 +273,6 @@ $ make docker-compose
 - [Start with Minikube](#start-with-minikube)
 - [SAML and OIDC Integration](#saml-and-oidc-integration)
 - [Splunk Integration](#splunk-integration)
-- [tacacs+ Integration](#tacacs+-integration)
 
 ### Start a Shell
 
@@ -465,30 +464,6 @@ ansible-playbook tools/docker-compose/ansible/plumb_splunk.yml
 
 Once the playbook is done running Splunk should now be setup in your development environment. You can log into the admin console (see above for username/password) and click on "Searching and Reporting" in the left hand navigation. In the search box enter `source="http:tower_logging_collections"` and click search.
 
-### - tacacs+ Integration
-
-tacacs+ is an networking protocol that provides external authentication which can be used with AWX. This section describes how to build a reference tacacs+ instance and plumb it with your AWX for testing purposes.
-
-First, be sure that you have the awx.awx collection installed by running `make install_collection`.
-
-Anytime you want to run a tacacs+ instance alongside AWX we can start docker-compose with the TACACS option to get a containerized instance with the command:
-```bash
-TACACS=true make docker-compose
-```
-
-Once the containers come up a new port (49) should be exposed and the tacacs+ server should be running on those ports.
-
-Now we are ready to configure and plumb tacacs+ with AWX. To do this we have provided a playbook which will:
-* Backup and configure the tacacsplus adapter in AWX. NOTE: this will back up your existing settings but the password fields can not be backed up through the API, you need a DB backup to recover this.
-
-```bash
-export CONTROLLER_USERNAME=<your username>
-export CONTROLLER_PASSWORD=<your password>
-ansible-playbook tools/docker-compose/ansible/plumb_tacacs.yml
-```
-
-Once the playbook is done running tacacs+ should now be setup in your development environment. This server has the accounts listed on https://hub.docker.com/r/dchidell/docker-tacacs
-
 ### HashiVault Integration
 
 Run a HashiVault container alongside of AWX.

tools/docker-compose/ansible/plumb_tacacs.yml

@@ -1,32 +0,0 @@
----
-- name: Plumb a tacacs+ instance
-  hosts: localhost
-  connection: local
-  gather_facts: False
-  vars:
-    awx_host: "https://localhost:8043"
-  tasks:
-    - name: Load existing and new tacacs+ settings
-      ansible.builtin.set_fact:
-        existing_tacacs: "{{ lookup('awx.awx.controller_api', 'settings/tacacsplus', host=awx_host, verify_ssl=false) }}"
-        new_tacacs: "{{ lookup('template', 'tacacsplus_settings.json.j2') }}"
-
-    - name: Display existing tacacs+ configuration
-      ansible.builtin.debug:
-        msg:
-          - "Here is your existing tacacsplus configuration for reference:"
-          - "{{ existing_tacacs }}"
-
-    - ansible.builtin.pause:
-        prompt: "Continuing to run this will replace your existing tacacs settings (displayed above). They will all be captured. Be sure that is backed up before continuing"
-
-    - name: Write out the existing content
-      ansible.builtin.copy:
-        dest: "../_sources/existing_tacacsplus_adapter_settings.json"
-        content: "{{ existing_tacacs }}"
-
-    - name: Configure AWX tacacs+ adapter
-      awx.awx.settings:
-        settings: "{{ new_tacacs }}"
-        controller_host: "{{ awx_host }}"
-        validate_certs: False

tools/docker-compose/ansible/roles/sources/templates/docker-compose.yml.j2

@@ -188,14 +188,6 @@ services:
       - "grafana_storage:/var/lib/grafana:rw"
     depends_on:
       - prometheus
-{% endif %}
-{% if enable_tacacs|bool %}
-  tacacs:
-    image: dchidell/docker-tacacs
-    container_name: tools_tacacs_1
-    hostname: tacacs
-    ports:
-      - "49:49"
 {% endif %}
   # A useful container that simply passes through log messages to the console
   # helpful for testing awx/tower logging

tools/docker-compose/ansible/templates/tacacsplus_settings.json.j2

@@ -1,7 +0,0 @@
-{
-    "TACACSPLUS_HOST": "tacacs",
-    "TACACSPLUS_PORT": 49,
-    "TACACSPLUS_SECRET": "ciscotacacskey",
-    "TACACSPLUS_SESSION_TIMEOUT": 5,
-    "TACACSPLUS_AUTH_PROTOCOL": "ascii"
-}