External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-11 10:00:01 -03:30
Code Issues Packages Projects Releases Wiki Activity
34,279 Commits 54 Branches 19 Tags
Commit Graph

681 Commits

Author SHA1 Message Date
Matthew Sandoval
11a9a2b066
Pin receptorctl 1.5.7 (#6979) 2025-06-24 19:48:55 +00:00
Satoe Imaishi
a238c5dd09
Bump django to 4.2.21 (#6964) 2025-06-10 10:11:43 -04:00
Seth Foster
54db6c792b
Revert "unpin sqlparse dependency (#6911)" (#6950) 
This reverts commit 3e122778e4b51416c4c3535fe130007928208317.
 2025-05-16 22:53:54 +00:00
Peter Braun
3e122778e4
unpin sqlparse dependency (#6911) 
* unpin sqlparse dependency

* remove sqlparse license
 2025-05-15 15:51:34 -04:00
Matthew Sandoval
cae8a4e16c
Pin receptorctl 1.5.5 (#6931) 2025-04-29 11:01:22 -07:00
TVo
a3303bb74b
Pin ansible runner241 and receptorctl154 (#6919) 
* Updated pinned runner and receptorctl in controller.

* Bumped receptorctl to 1.5.4
 2025-04-22 11:13:58 -07:00
Alan Rominger
6a10e0ea5c
AAP-41139 [4.6][dependencies] Bump Django 2 minor versions (#6892) 
* Initial requirement bump for Django CVE

* Run updater script
 2025-04-16 14:41:05 -04:00
Bruno Rocha
6690d71357
[4.6][Backport][Feature] feat: Manage Django Settings with Dynaconf (#6910) 
Dynaconf is being added from DAB factory to load Django Settings
 2025-04-15 15:17:16 -04:00
Hao Liu
4532c627e3
Update dependencies for DAB (#6914) 
Co-authored-by: Satoe Imaishi <simaishi@redhat.com>
 2025-04-15 09:55:45 -04:00
Lila Yasin
9d9c125e47
[4.6][Backport][Feature] feat: 38589 GitHub App Authentication (#15807) (#6887) 
* feat: 38589 GitHub App Authentication (#15807)

* feat: 38589 GitHub App Authentication

Allows both git@<personal-token> and x-access-token@<github-access-token> when authenticating using git.
This allows GitHub App tokens to work without interfering with existing authentication types.

---------

Co-authored-by: Jake Jackson <thedoubl3j@Jakes-MacBook-Pro.local>

* revert change made to allow UI to accept x-access-token, just use htt… (#15851)

revert change made to allow UI to accept x-access-token, just use https:// instead

* Add Github dep for new cred support if used (#15850)

* Add pygithub for new app token support

* fixed git requirements file with new
* added new github dep and relevant deps it needs

* add required licenses

* Add artifacts to satisfy license check

* Remove duplicated license

---------

Co-authored-by: Andrea Restle-Lay <arestlel@redhat.com>
Co-authored-by: Alan Rominger <arominge@redhat.com>

* Remove deps update it came with the cherry-pick and is not needed in this version

Remove unneeded deps updates from requirements.in

Remove point to awx-plugins as it is not needed in tower

* Add a credential plugin that uses GitHub Apps to get tokens

* Add github app tests

* Ran requirements updater script

Ran black on github_app_test to fix formatting issue

Add scm_github_app to managed credentials

Ran updater script to reflect new deps

Added github app info to def build_passwords in jobs.py, cred now appears in credential types

Update ManagedCredentialType for GitHub App to match what we have in awx-plugins

Update inputs in maManagedCredentialType to github_app_inputs to communicate with awx/main/credential_plugins/github_app.py

Revert incorrect change in ManagedCredentialType, change github_app_lookup to call inputs instead of github_app_inputs

Updated namespace to github_app_lookup to agree with nomenclature used in the rest of the implementation and to resolve failing API test

Remove import pointing to awx plugins and update to point to credential_plugins

Remove references to gh_app_plugin_mod and change to github_app

Remove from awx_plugins.interfaces._temporary_private_django_api import (  # noqa: WPS436 to resolve failing test

Remove flake8 typing & typing references that do not exist in this version of Tower

Remove references in jobs.py and  __init__.py since this is an external cred type and registered it in setup.cfg instead

Remove blank line

REvise name in cfg from github_app_lookup to github_app to see if that ifxes module not found error

Revise first declaration of github_app to agree with file name to see if that resolves issue

Rename line 174 to agree with what's in config

Fix reference to github_app_lookup to github_app

Linters compliaining about the github_app in __all__ not being defined, renamed to see if that aligns them

Fix naming in test to correspond to naming of cred type

Update naming to be more specific and add blank line to setup.cfg

Remove __all__ from githubapp.py to satisfy linters

Revert formatting change since it is not needed in this repository

* Add blank line at the end of requirements.in

---------

Co-authored-by: Andrea Restle-Lay <andrearestlelay@gmail.com>
Co-authored-by: Jake Jackson <thedoubl3j@Jakes-MacBook-Pro.local>
Co-authored-by: Jake Jackson <jljacks93@gmail.com>
Co-authored-by: Andrea Restle-Lay <arestlel@redhat.com>
Co-authored-by: Alan Rominger <arominge@redhat.com>
 2025-04-10 14:32:17 -04:00
Alan Rominger
c7ac45717b Pin drf-yasg to make api-test pass (#15887) 
Ping drf-yasg to make api-test pass
 2025-03-12 13:50:19 -04:00
Alan Rominger
b5bc85e639
AAP-41692 [4.6] Update jinja2 for CVE (#6881) 
* Initial bump of jinja2 lib

* Run updater script
 2025-03-11 10:45:37 -04:00
Jake Jackson
f04bf5ccf0
update recetpor (#6869) 
* bumped receptor version to latest
 2025-03-04 15:16:58 -05:00
Hao Liu
698d769a7a
[Policy as Code] Monkey patch opa_client.base.BaseClient (#6865) 
Workaround bug described in https://github.com/Turall/OPA-python-client/issues/29
 2025-02-26 21:09:51 +00:00
Alan Rominger
b351dfb102
Undo temporary DAB change for requirements generation (#6862) 2025-02-25 09:30:15 -05:00
Alan Rominger
b502a9444a
[4.6 backport] Feature indirect host counting (#15802) (#6858) 
* Feature indirect host counting (#15802)

* AAP-37282 Add parse JQ data and test it for a `job` object in isolation (#15774)

* Add jq dependency

* Add file in progress

* Add license for jq

* Write test and get it passing

* Successfully test collection of `event_query.yml` data (#15761)

* Callback plugin method from cmeyers adapted to global collection list

Get tests passing

Mild rebranding

Put behind feature flag, flip true in dev

Add noqa flag

* Add missing wait_for_events

* feat: try grabbing query files from artifacts directory (#15776)

* Contract changes for the event_query collection callback plugin (#15785)

* Minor import changes to collection processing in callback plugin

* Move agreed location of event_query file

* feat: remaining schema changes for indirect host audits (#15787)

* Re-organize test file and move artifacts processing logic to callback (#15784)

* Rename the indirect host counting test file

* Combine artifacts saving logic

* Connect host audit model to jq logic via new task

* Add unit tests for indirect host counting (#15792)

* Do not get django flags from database (#15794)

* Document, implement, and test remaining indirect host audit fields (#15796)

* Document, implement, and test remaining indirect host audit fields

* Fix hashing

* AAP-39559 Wait for all event processing to finish, add fallback task (#15798)

* Wait for all event processing to finish, add fallback task

* Add flag check to periodic task

* feat: cleanup of old indirect host audit records (#15800)

* By default, do not count indirect hosts (#15801)

* By default, do not count indirect hosts

* Fix copy paste goof

* Fix linter issue from base branch

* prevent multiple tasks from processing the same job events, prevent p… (#15805)

prevent multiple tasks from processing the same job events, prevent periodic task from spawning another task per job

* Fix typos and other bugs found by Pablo review

* fix: rely on resolved_action instead of task, adapt to proposed query… (#15815)

* fix: rely on resolved_action instead of task, adapt to proposed query structure

* tests: update indirect host tests

* update remaining queries to new format

* update live test

* Remove polling loop for job finishing event processing (#15811)

* Remove polling loop for job finishing event processing

* Make awx/main/tests/live dramatically faster (#15780)

* AAP-37282 Add parse JQ data and test it for a `job` object in isolation (#15774)

* Add jq dependency

* Add file in progress

* Add license for jq

* Write test and get it passing

* Successfully test collection of `event_query.yml` data (#15761)

* Callback plugin method from cmeyers adapted to global collection list

Get tests passing

Mild rebranding

Put behind feature flag, flip true in dev

Add noqa flag

* Add missing wait_for_events

* feat: try grabbing query files from artifacts directory (#15776)

* Contract changes for the event_query collection callback plugin (#15785)

* Minor import changes to collection processing in callback plugin

* Move agreed location of event_query file

* feat: remaining schema changes for indirect host audits (#15787)

* Re-organize test file and move artifacts processing logic to callback (#15784)

* Rename the indirect host counting test file

* Combine artifacts saving logic

* Connect host audit model to jq logic via new task

* Document, implement, and test remaining indirect host audit fields (#15796)

* AAP-39559 Wait for all event processing to finish, add fallback task (#15798)

* Wait for all event processing to finish, add fallback task

* Add flag check to periodic task

* feat: cleanup of old indirect host audit records (#15800)

* prevent multiple tasks from processing the same job events, prevent p… (#15805)

prevent multiple tasks from processing the same job events, prevent periodic task from spawning another task per job

* Remove polling loop for job finishing event processing (#15811)

* Make awx/main/tests/live dramatically faster (#15780)

* reorder migrations to allow indirect instances backport

* cleanup for rebase and merge into devel

---------

Co-authored-by: Peter Braun <pbraun@redhat.com>
Co-authored-by: jessicamack <jmack@redhat.com>
Co-authored-by: Peter Braun <pbranu@redhat.com>
 2025-02-24 21:55:44 +00:00
Hao Liu
2d648d1225
[Feature][release_4.6] Policy as Code MVP part 1 (#6848) 2025-02-24 15:58:57 -05:00
Hao Liu
c0b9d3f428
Switch to ssh for private git requirements (#6838) 2025-02-17 22:44:29 -05:00
Hao Liu
ccb6360a96
AAP-39778[Backport][release_4.6] Add DAB Feature Flag common API (#6833) 
* [AAP-39138] - Add DAB Feature Flag common API (#15786)
* Update django-ansible-base reference to ansible-automation-platform/django-ansible-base@stable-2.5

---------

Co-authored-by: Zack Kayyali <zkayyali@redhat.com>
 2025-02-12 15:47:06 -05:00
Hao Liu
397fb297bf
Add ability to provide token for private repo for requirements_git in container build (#15831) (#6830) 
Add ability to provide auth to private repo for requirements_git
 2025-02-12 20:00:37 +00:00
Rodrigo Toshiaki Horie
2e8114394b
[4.6][dependency] update django for CVE-2024-56374 (#6784) 2025-01-20 18:58:30 -03:00
Jake Jackson
a209751f22
Fix CVE-2024-56201 update jinja2 (#6778) 2025-01-08 13:42:42 -05:00
Pablo H.
b361aef0fb
chore: addressing CVE 2024-53908 (#6768) 2024-12-16 14:16:00 -05:00
Seth Foster
df79fa4ae1
bump grpcio CVE-2024-11407 (#6766) 
Signed-off-by: Seth Foster <fosterbseth@gmail.com>
 2024-12-16 13:23:24 -05:00
Peter Braun
56d3933154
feat: enable django flags support (#15660) (#6755) 
* feat: enable django flags support

* add django flags license

* re-run updater script
 2024-12-09 09:40:28 +01:00
Peter Braun
148afce455
deps: receptorctl v1.5.1 (#6760) 2024-12-06 16:12:58 +01:00
Peter Braun
8174a28716
update receptorctl to v1.5.0 (#6749) 2024-11-25 15:37:01 +01:00
Satoe Imaishi
71a18c0d61
Bump uwsgi to 2.0.28 (#6736) 2024-11-22 10:54:52 -05:00
Hao Liu
c55fb369fa
Update receptorctl to 1.4.11 (#6746) 2024-11-21 16:31:09 -05:00
Jake Jackson
2c3b4ff5d7
[4.6][dependency] update aiohttp to address vuln CVE-2024-52304 (#6740) 
* update aiohttp to address vuln CVE-2024-52304

* add licenses for new deps
 2024-11-21 16:21:34 -05:00
Hao Liu
784ff3193d
Pin DAB to 2024.10.17 (#6721) 2024-10-21 19:25:05 +00:00
Hao Liu
7972486594
Update receptorctl to 1.4.9 (#6718) 2024-10-17 11:27:21 -04:00
Tomas Z
d1c85dae4d
Upgrade django and sqlparse to pickup CVE fixes (#6709) 2024-10-04 15:51:12 -04:00
Hao Liu
46becf15e9
Switch DAB back to devel to (#6713) 
Enable event 2 development
 2024-10-01 20:11:04 +00:00
Hao Liu
6574cfe3a9
Pin dependencies to prepare for release_4.6 release tag (#6707) 
* Pin deps to release prep
- ansible-runner@2.4.0
- receptorctl@1.4.8
- django-ansible-base@c8fbc1e345d4908cc97eaae20771238a5dd35aad
 2024-09-19 16:22:18 +00:00
Jake Jackson
fafed924e3
rebase and merge conflict resolution (#6692) 2024-09-17 16:46:12 +00:00
Jake Jackson
eb4f3c2864
update urllib to fix CVE-2024-37891 (#6700) 2024-09-17 12:14:28 -04:00
Jake Jackson
bcd18e161c
fix CVE-2024-21520 (#6687) 2024-09-16 16:04:11 -04:00
Elijah DeLee
059f52f314
Unpin django-ansible-base for now (#6681) 2024-09-09 21:51:20 +00:00
Seth Foster
85bd7c3ca0
[4.6] Make controller specific team and org roles (#6662) 
Adds the following managed Role Definitions

Controller Team Admin
Controller Team Member
Controller Organization Admin
Controller Organization Member

These have the same permission set as the
platform roles (without the Controller prefix)

Adding members to teams and orgs via the legacy RBAC system
will use these role definitions.

Other changes:
- Bump DAB to 2024.08.22
- Set ALLOW_LOCAL_ASSIGNING_JWT_ROLES to False in defaults.py.
This setting prevents assignments to the platform roles (e.g. Team Member).

Signed-off-by: Seth Foster <fosterbseth@gmail.com>
 2024-08-26 16:31:42 -04:00
Rick Elrod
9fa5be015c Bump DAB to 2024.8.19 
Signed-off-by: Rick Elrod <rick@elrod.me>
 2024-08-19 07:37:01 -05:00
Jake Jackson
8b293e7046
update django to 4.2.15 to address multiple CVEs (#6636) 2024-08-15 13:32:26 -04:00
Jake Jackson
467024bc54
fix CVE-2024-33663 and bring in updates for social-auth-app-django (#6634) 2024-08-15 13:32:09 -04:00
jessicamack
bdf3f81016
Unpin channels-redis (#15329) (#6647) 
* unpin channels-redis

The bug that initially caused the upgrade block has been resolved https://github.com/django/channels_redis/issues/332

* replace aioredis Exception with a redis Exception

Version 4.0.0 of channel-redis migrated the underlying Redis library from aioredis to redis-py. The Exception has been changed to an equivalent

* remove unused license

* remove UPGRADE BLOCKER in README

* remove hiredis

it was an indirect dependency from aioredis which was removed

* remove unused license

* add back hiredis

it's potentially providing a performance boost. install explicitly as a part of redis. upgrade to more recent version

* remove UPGRADE BLOCKER for hiredis

it was also addressed as a part of this PR
 2024-08-12 15:03:46 -04:00
github-actions[bot]
34fa897dda
Bump django-ansible-base to 2024.7.17 (#15373) 
Update django-ansible-base version to devel

Co-authored-by: chrismeyersfsu <722880+chrismeyersfsu@users.noreply.github.com>
 2024-07-26 09:11:12 -04:00
Chris Meyers
acd834df8b Check and update django-ansible-base 
* Check upstream django-ansible-base releases. If the version upstream
  does not match the version we are pinned to then submit a PR with the
  upstream version.
 2024-07-17 15:10:25 -04:00
Hao Liu
7c08b29827
Temporary workaround for CI failure (#15305) 
Workaround
```
ERROR awx/main/tests/functional/test_licenses.py - pip._vendor.distlib.DistlibException: Unable to locate finder for 'pip._vendor.distlib'
```
 2024-06-26 15:29:22 -04:00
Jake Jackson
bfd811f408
Upgrade aiohttp for cve 2024-23829 (#15257) 2024-06-12 19:20:40 +00:00
Jake Jackson
6dc4a4508d
fix cve 2024-24680 (#15250) 2024-06-04 15:44:09 -04:00
Hao Liu
cf09a4220d
Repin cython due to https://github.com/yaml/pyyaml/pull/702 (#15248) 
* Revert "Unpin cypthon (#15246)"

This reverts commit 659c3b64dec5fb8dd6eeabcb47e794cbbae9e8c4.

* Pin grpcio

Avoid cython 3 due to https://github.com/yaml/pyyaml/pull/702

* Delete asyncpg.txt
 2024-06-03 19:42:20 +00:00