External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-20 18:37:39 -02:30
Code Issues Packages Projects Releases Wiki Activity

Add ability to provide token for private repo for requirements_git in container build (#15831)

Browse Source 
Add ability to provide auth to private repo for requirements_git
This commit is contained in:
Hao Liu
2025-02-12 14:20:13 -05:00
committed by GitHub
parent 69a60493a3
commit f8ff48fe5c
8 changed files with 39 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.github/actions/awx_devel_image/action.yml vendored
View File

@@ -4,6 +4,10 @@ inputs:
github-token: github-token:
description: GitHub Token for registry access description: GitHub Token for registry access
required: true required: true
private-github-token:
description: GitHub Token for private repositories
required: false
default: ''
runs: runs:
using: composite using: composite
steps: steps:
@@ -22,6 +26,11 @@ runs:
run: | run: |
echo "${{ inputs.github-token }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin echo "${{ inputs.github-token }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Add Private github token to requirements_git.credentials.txt
shell: bash
run: echo "https://x-access-token:${{ inputs.private-github-token }}@github.com" >> requirements/requirements_git.credentials.txt
if: ${{ inputs.private-github-token != '' }}
- name: Pre-pull latest devel image to warm cache - name: Pre-pull latest devel image to warm cache
shell: bash shell: bash
run: | run: |

5
.github/actions/run_awx_devel/action.yml vendored
View File

@@ -9,6 +9,10 @@ inputs:
required: false required: false
default: false default: false
type: boolean type: boolean
private-github-token:
description: GitHub Token for private repositories
required: false
default: ''
outputs: outputs:
ip: ip:
description: The IP of the tools_awx_1 container description: The IP of the tools_awx_1 container
@@ -28,6 +32,7 @@ runs:
uses: ./.github/actions/awx_devel_image uses: ./.github/actions/awx_devel_image
with: with:
github-token: ${{ inputs.github-token }} github-token: ${{ inputs.github-token }}
private-github-token: ${{ inputs.private-github-token}}
- name: Upgrade ansible-core - name: Upgrade ansible-core
shell: bash shell: bash

10
.github/workflows/ci.yml vendored
View File

@@ -3,6 +3,7 @@ name: CI
env: env:
LC_ALL: "C.UTF-8" # prevent ERROR: Ansible could not initialize the preferred locale: unsupported locale setting LC_ALL: "C.UTF-8" # prevent ERROR: Ansible could not initialize the preferred locale: unsupported locale setting
CI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CI_PRIVATE_GITHUB_TOKEN: ${{ secrets.PRIVATE_GITHUB_TOKEN }}
DEV_DOCKER_OWNER: ${{ github.repository_owner }} DEV_DOCKER_OWNER: ${{ github.repository_owner }}
COMPOSE_TAG: ${{ github.base_ref || 'devel' }} COMPOSE_TAG: ${{ github.base_ref || 'devel' }}
UPSTREAM_REPOSITORY_ID: 91594105 UPSTREAM_REPOSITORY_ID: 91594105
@@ -54,6 +55,7 @@ jobs:
uses: ./.github/actions/awx_devel_image uses: ./.github/actions/awx_devel_image
with: with:
github-token: ${{ secrets.GITHUB_TOKEN }} github-token: ${{ secrets.GITHUB_TOKEN }}
private-github-token: ${{ secrets.PRIVATE_GITHUB_TOKEN }}
- name: Run check ${{ matrix.tests.name }} - name: Run check ${{ matrix.tests.name }}
id: make-run id: make-run
@@ -138,6 +140,7 @@ jobs:
with: with:
build-ui: false build-ui: false
github-token: ${{ secrets.GITHUB_TOKEN }} github-token: ${{ secrets.GITHUB_TOKEN }}
private-github-token: ${{ secrets.PRIVATE_GITHUB_TOKEN }}
- name: Run live dev env tests - name: Run live dev env tests
run: docker exec tools_awx_1 /bin/bash -c "make live_test" run: docker exec tools_awx_1 /bin/bash -c "make live_test"
@@ -179,6 +182,12 @@ jobs:
run: | run: |
python3 -m pip install docker python3 -m pip install docker
- name: Add Private github token to requirements_git.credentials.txt
shell: bash
working-directory: awx
run: echo "https://x-access-token:${{ env.CI_PRIVATE_GITHUB_TOKEN }}@github.com" >> requirements/requirements_git.credentials.txt
if: ${{ env.CI_PRIVATE_GITHUB_TOKEN != '' }}
- name: Build AWX image - name: Build AWX image
working-directory: awx working-directory: awx
run: | run: |
@@ -286,6 +295,7 @@ jobs:
with: with:
build-ui: false build-ui: false
github-token: ${{ secrets.GITHUB_TOKEN }} github-token: ${{ secrets.GITHUB_TOKEN }}
private-github-token: ${{ secrets.PRIVATE_GITHUB_TOKEN }}
- name: Install dependencies for running tests - name: Install dependencies for running tests
run: | run: |

6
.github/workflows/devel_images.yml vendored
View File

@@ -3,6 +3,7 @@ name: Build/Push Development Images
env: env:
LC_ALL: "C.UTF-8" # prevent ERROR: Ansible could not initialize the preferred locale: unsupported locale setting LC_ALL: "C.UTF-8" # prevent ERROR: Ansible could not initialize the preferred locale: unsupported locale setting
DOCKER_CACHE: "--no-cache" # using the cache will not rebuild git requirements and other things DOCKER_CACHE: "--no-cache" # using the cache will not rebuild git requirements and other things
CI_PRIVATE_GITHUB_TOKEN: ${{ secrets.PRIVATE_GITHUB_TOKEN }}
on: on:
workflow_dispatch: workflow_dispatch:
push: push:
@@ -73,6 +74,11 @@ jobs:
make ui make ui
if: matrix.build-targets.image-name == 'awx' if: matrix.build-targets.image-name == 'awx'
- name: Add private GitHub token to requirements_git.credentials.txt
shell: bash
run: echo "https://x-access-token:${{ secrets.PRIVATE_GITHUB_TOKEN }}@github.com"" >> requirements/requirements_git.credentials.txt
if: ${{ env.CI_PRIVATE_GITHUB_TOKEN != '' }}
- name: Build and push AWX devel images - name: Build and push AWX devel images
run: | run: |
make ${{ matrix.build-targets.make-target }} make ${{ matrix.build-targets.make-target }}

1
.gitignore vendored
View File

@@ -122,6 +122,7 @@ reports
local/ local/
*.mo *.mo
requirements/vendor requirements/vendor
requirements/requirements_git.credentials.txt
.i18n_built .i18n_built
.idea/* .idea/*
*credentials*.y*ml* *credentials*.y*ml*

1
MANIFEST.in
View File

@@ -28,3 +28,4 @@ include COPYING
include Makefile include Makefile
prune awx/public prune awx/public
prune awx/projects prune awx/projects
prune requirements/requirements_git.credentials.txt

2
requirements/requirements_git.credentials.txt Normal file
View File

@@ -0,0 +1,2 @@
# If sources in requirements_git.txt require authentication add git-credentials in this file, Example:
# https://x-access-token:${PAT}@github.com"

4
tools/ansible/roles/dockerfile/templates/Dockerfile.j2
View File

@@ -74,8 +74,10 @@ RUN mkdir /tmp/requirements
ADD requirements/requirements.txt \ ADD requirements/requirements.txt \
requirements/requirements_tower_uninstall.txt \ requirements/requirements_tower_uninstall.txt \
requirements/requirements_git.txt \ requirements/requirements_git.txt \
requirements/requirements_git.credentials.txt \
/tmp/requirements/ /tmp/requirements/
RUN git config --global credential.helper "store --file=/tmp/requirements/requirements_git.credentials.txt"
RUN cd /tmp && make requirements_awx RUN cd /tmp && make requirements_awx
ARG VERSION ARG VERSION
@@ -102,6 +104,8 @@ RUN DJANGO_SETTINGS_MODULE=awx.settings.defaults SKIP_SECRET_KEY_CHECK=yes SKIP_
{% endif %} {% endif %}
RUN rm /tmp/requirements/requirements_git.credentials.txt
# Final container(s) # Final container(s)
FROM quay.io/centos/centos:stream9 FROM quay.io/centos/centos:stream9