External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-28 00:51:27 -03:30
Code Issues Packages Projects Releases Wiki Activity
25,447 Commits 55 Branches 19 Tags
Commit Graph

116 Commits

Author SHA1 Message Date
Christian Adams
8d3ce206cd rsyslogd is only needed in the web container 2020-04-22 10:17:04 -04:00
softwarefactory-project-zuul[bot]
e19194b883
Merge pull request #6721 from shanemcd/dockerfile-cleanup 
Dockerfile organization

Reviewed-by: https://github.com/apps/softwarefactory-project-zuul
 2020-04-16 14:48:58 +00:00
Shane McDonald
29a582f869
Dockerfile organization 2020-04-15 14:43:59 -04:00
Christian Adams
c8ceb62269 Rename awx rsyslog socket and PID dir 2020-04-15 14:11:15 -04:00
Ryan Petrello
0f74a05fea
rsyslogd: ignore /dev/log when we load imuxsock 2020-04-14 11:34:58 -04:00
Ryan Petrello
9440785bdd
properly set the group on the rsyslog config 2020-04-13 19:46:34 -04:00
Christian Adams
ca7c840d8c Fix permissions on rsyslog.conf for k8s 2020-04-13 19:33:23 -04:00
Christian Adams
5d54877183 Add action to default rsyslog.conf so supervisor starts correctly the first time 2020-04-13 11:44:00 -04:00
Christian Adams
b942fde59a Ensure log messages have valid json 
- Fix messages getting contatenated at 8k
 - Fix rsyslog cutting off the opening brace of log messages
 - Make valid default conf and emit logs based on prescence of .sock and
 settings
 2020-04-13 11:44:00 -04:00
Christian Adams
70391f96ae Revert rsyslog valid config to one that fails intentionally 2020-04-13 11:43:59 -04:00
Christian Adams
2329c1b797 Add rsyslog config to container from file for consistency 2020-04-13 11:43:59 -04:00
Christian Adams
4d5507d344 Add default rsyslog.conf without including /etc/rsyslog.conf 2020-04-13 11:43:59 -04:00
Christian Adams
996d7ce054 Move supervisor and rsyslog sock files to their own dirs under /var/run 2020-04-13 11:43:59 -04:00
Shane McDonald
c0af3c537b Configure rsyslog to listen over a unix domain socket instead of a port 
- Add a placeholder rsyslog.conf so it doesn't fail on start
 - Create access restricted directory for unix socket to be created in
 - Create RSyslogHandler to exit early when logging socket doesn't exist
 - Write updated logging settings when dispatcher comes up and restart rsyslog so they  take effect
 - Move rsyslogd to the web container and create rpc supervisor.sock
 - Add env var for supervisor.conf path
 2020-04-13 11:43:59 -04:00
Christian Adams
f8afae308a Add rsyslog to supervisor for the task container 
- Add proper paths for rsyslog's supervisor logs
 - Do not enable debug mode for rsyslogd
 - Include system rsyslog.conf, and specify tower logging conf when
   starting rsyslog.
 2020-04-13 11:43:59 -04:00
Christian Adams
955d57bce6 Upstream rsyslog packaging changes 
- add rsyslog repo to Dockerfile for AWX installation
 - Update Library Notes for requests-futures removal
 2020-04-13 11:43:59 -04:00
softwarefactory-project-zuul[bot]
7de8a8700c
Merge pull request #6487 from lj020326/devel 
fix for CSRF issue in traefik configuration 

Reviewed-by: Shane McDonald <me@shanemcd.com>
             https://github.com/shanemcd
 2020-04-07 20:00:51 +00:00
Shane McDonald
bb319136e4
Merge pull request #6585 from shanemcd/cleanup-cleanup 
Tidy up the dev environment a bit
 2020-04-06 13:09:39 -04:00
Shane McDonald
6fc815937b
Tidy up the dev environment a bit 2020-04-06 11:13:51 -04:00
chris meyers
37a715c680 use memcached unix domain socket rather than tcp 2020-04-06 08:35:12 -04:00
lj020326
65e38aa37d
Update settings.py 
This is needed for LB (e.g., traefik) for proxying into nginx
otherwise, get CSRF error
ref: https://stackoverflow.com/questions/27533011/django-csrf-error-casused-by-nginx-x-forwarded-host

resolved by adding USE_X_FORWARDED_HOST using the following similar issue as a reference:
https://github.com/catmaid/CATMAID/issues/1781
 2020-03-30 16:27:40 -04:00
chris meyers
770b457430
redis socket support 2020-03-18 16:10:19 -04:00
chris meyers
b6b9802f9e
increase per-channel capacity 
* 100 is the default capacity for a channel. If the client doesn't read
the socket fast enough, websocket messages can and will be lost. This
increases the default to 10,000
 2020-03-18 16:10:18 -04:00
chris meyers
3c5c9c6fde
move broadcast websocket out into its own process 2020-03-18 16:10:18 -04:00
chris meyers
e94bb44082
replace rabbitmq with redis 
* local awx docker-compose and image build only.
 2020-03-18 16:10:17 -04:00
chris meyers
0b3e2cc7e3 pin virtualenv < 20 for awx_web builds 2020-02-11 08:43:26 -05:00
Shane McDonald
3f57061509
Add packages missing from base images 
Related:

- https://github.com/ansible/awx/issues/5770
- https://github.com/ansible/awx/issues/5724
 2020-02-07 13:06:42 -05:00
AlanCoding
d2289fe9c6
add pycurl to container images 2020-02-04 14:41:51 -05:00
Shane McDonald
bd8643d599
Set default value for create_preload_data in image_build role 
This caused our AWX release workflow to blow up
 2019-12-17 13:40:37 -05:00
Yanis Guenane
ca247182df yamllint: Make all files in awx pass yamllint 
This commit updates all files that weren't passing yamllint for them to
pass.

A new yamllint target has been added. One can run `tox -e yamllint` or
`yamllint -s .` locally to ensure yaml files are still passing.

This check will be enabled in the CI so it can get on every new
contributions, and prevent merging non-compliant code.

Signed-off-by: Yanis Guenane <yguenane@redhat.com>
 2019-12-02 15:12:51 +01:00
Sven-Hendrik Haase
4c32faa448
Use more modern version of OpenShift client 
3.9 is pretty old by now.
 2019-11-19 13:29:06 +01:00
Andrea Galbusera
1198c067b2
ensure "create_preload_data" is honored in docker-compose deployments 
Use a templated version of launch_awx_task.sh which conditionally preloads
sample data according to create_preload_data value.
 2019-11-12 10:44:27 -05:00
Shane McDonald
089bafa5d4
Set setuid bit on bwrap 
Related: https://github.com/ansible/awx/issues/5224
 2019-11-04 11:10:09 -05:00
Shane McDonald
69597c5654
Sync Dockerfiles 2019-11-01 08:38:37 -04:00
Shane McDonald
c019d873b9
Update AWX images to CentOS 8 2019-10-30 16:43:23 -04:00
Shane McDonald
28994d4b0b
Install oc and kubectl in upstream task image 2019-10-30 12:15:51 -04:00
Raphaël COMBEAU
712b07c136
Improve usage of ssl_certificate in local_docker 
Remove nginx.conf from container

Move nginx outside ssl_certificate block
 2019-10-28 17:37:14 -04:00
Christian Adams
19a6c70858 remove cruft leftover from the postgresql upgrade 2019-10-03 14:43:56 -04:00
softwarefactory-project-zuul[bot]
778b306208
Merge pull request #4824 from rooftopcellist/scl_in_containers 
Add needed scl enables for community container installs

Reviewed-by: https://github.com/apps/softwarefactory-project-zuul
 2019-09-26 19:40:21 +00:00
Christian Adams
9f8d975a19 revert to get needed scl enables for community container installs 2019-09-26 13:24:26 -04:00
Ryan Petrello
955bb4a44c
allow *.pendo.io as an img-src in our Content Security Policy 2019-09-26 13:12:54 -04:00
Ryan Petrello
d52aa11422
correct CSP header to allow all pendo.io traffic 2019-09-23 09:15:55 -04:00
softwarefactory-project-zuul[bot]
d3b413c125
Merge pull request #4752 from shanemcd/drop-pg-scl 
Stop using PG SCL in dev env

Reviewed-by: https://github.com/apps/softwarefactory-project-zuul
 2019-09-16 16:40:11 +00:00
Shane McDonald
3b89e894db Stop using PG SCL in dev env 2019-09-16 11:41:13 -04:00
Christian Adams
bdbbb2a4a2 Fix authentication bug with container installs 
- update awx-dev db password where needed
 2019-09-15 19:52:41 -04:00
Christian Adams
ec1e93cc69 Upgrade to postgres 10.6 
- use awx-python in shebang in dev env
  - scl enable where needed for rhel7 & container installs
  - use scram-sha-256 pg user hashing by default
  - ensure psycopg2 is using the correct PG_CONFIG at build time for the right libpq version
 2019-09-12 12:52:43 -04:00
Ryan Petrello
b82030b025
hide nginx server version headers 2019-08-20 14:34:04 -04:00
Jorge Machado
76933ed889 * upgrade from git on containers 
* agreed with terms of DCO 1.1

Signed-off-by: Jorge Machado <jorge@jmachado.me>
 2019-07-30 07:04:04 +02:00
Jeff Byrnes
987cfed649
Update Content Security Policy to allow websockets 
Per #4167 a reasonable CSP was put in place, but unfortunately this
broke WebSockets support in Safari.

This is a quick fix to return support immediately. A more secure
implemetation would be beneficial in the longer term, however.
 2019-07-05 16:12:27 -04:00
Ryan Petrello
75a72637dd
allow data: images in our Content Security Policy 
support for custom login logos relies on data:image/*;base64
see: https://github.com/ansible/awx/issues/4253
 2019-07-02 11:35:56 -04:00