* Remove oauth provider
This removes the oauth provider functionality from awx. The
oauth2_provider app and all references to it have been removed.
Migrations to delete the two tables that locally overwrote
oauth2_provider tables are included. This change does not include
migrations to delete the tables provided by the oauth2_provider app.
Also not included here are changes to awxkit, awx_collection or the ui.
* Fix linters
* Update migrations after rebase
* Update collection tests for auth changes
The changes in https://github.com/ansible/awx/pull/15554 will cause a
few collection tests to fail, depending on what the test configuration
is. This changes the tests to look for a specific warning rather than
counting the number of warnings emitted.
* Update migration
* Removed unused oauth_scopes references
---------
Co-authored-by: Mike Graves <mgraves@redhat.com>
Co-authored-by: Alan Rominger <arominge@redhat.com>
In essence, this configures Python to turn any warnings emitted in
runtime into errors[[1]]. This is the best practice that allows
reacting to future deprecation announcements that are coming from the
dependencies (direct, or transitive, or even CPython itself)[[2]].
The typical workflow looks like this:
1. If a dependency is updated an a warning is hit in tests, the
deprecated thing should be replaced with newer APIs.
2. If a dependency is transitive or we have no control over it
otherwise, the specific warning and a regex matching its message,
plus the module reference (where possible) can be added to the
list of temporary ignores in `pytest.ini`.
3. The list of temporary ignores should be reevaluated periodically,
including when dependency re-pinning in lockfile is happening.
[1]: https://docs.python.org/3/using/cmdline.html#cmdoption-W
[2]: https://pytest-with-eric.com/configuration/pytest-ignore-warnings/
* Add descriptions for plugin names
* Update serializers to display plugin and plugin description
* Add function to extract plugin name descriptions
* Add description for scm
* Conditionalize scm and file descriptions
* Replaced with larger graphic.
* Revert "Replaced with larger graphic."
This reverts commit 1214b00052b43c46c5ee9b2833e61c779884ec1c.
* Removed UI-focused user docs from AWX.
* Fixed indentation for release notes
* Removed/updated image files no longer needed.
By stable, we mean future occurrences of the rrule
should be the same before and after the fast forward
operation.
The problem before was that we were fast forwarding to
7 days ago. For some rrules, this does not retain the old
occurrences. Thus, jobs would launch at unexpected times.
This change makes sure we fast forward in increments of
the rrule INTERVAL, thus the new dtstart should be in the
occurrence list of the old rrule.
Additionally, code is updated to fast forward
EXRULE (exclusion rules) in addition to RRULE
---------
Signed-off-by: Seth Foster <fosterbseth@gmail.com>
Co-authored-by: 🇺🇦 Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
* Add back git requirements as comments
* Add comment to commented out git lines for clarity
* Re run the updater script
* Add new licenses
* Fix library name
* Add gateway support to awxkit
This updates awxkit to add support for gateway when fetching oauth
tokens, which is used during the `login` subcommand. awxkit will first
try fetching a token from gateway and if that fails, fallback to
existing behavior. This change is backwards compatible.
Signed-off-by: Mike Graves <mgraves@redhat.com>
* Address review feedback
This:
* adds coverage for the get_oauth2_token() method
* changes AuthUrls to a TypedDict
* changes the url used for personal token access in gateway
* Address review feedback
This is just minor stylistic changes.
---------
Signed-off-by: Mike Graves <mgraves@redhat.com>
Remove RADIUS authentication from AWX
Do not remove models fields and tables let it for a stage where all the work of removing external auth finished AAP-27707
Co-authored-by: Hao Liu <44379968+TheRealHaoLiu@users.noreply.github.com>
This is a rather hacky, but fixes the DRF pages when going through a
trusted proxy.
Notably: This is meant to primarily fix the DRF pages on downstream
builds while leaving the upstream to function as-is.
When using a trusted proxy, the DRF login and logout endpoints now
redirect to the Platform login page (which respects ?next) and logout
endpoint respectively.
The CSS and JS is inlined because the trusted proxy might only proxy
to /api/ and not /static/ which is a harder problem to solve.
Signed-off-by: Rick Elrod <rick@elrod.me>
