External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-10 15:32:07 -03:30
Code Issues Packages Projects Releases Wiki Activity
34,253 Commits 54 Branches 19 Tags
Commit Graph

34253 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jake Jackson
825a48bb32
[4.6] Insights Credential Help Text Update (#6937) 
* Update help text for insights cred

* update help text for the insights cred per new mock ups
 2025-05-08 10:45:14 -04:00
thedoubl3j
eb6aebff00 Update logic to not over write ec2 replace 
* fix replace logic so that we don't over write and stay only at vmware
  when ec2 is selected
* add an env.json for functional testing
 2025-05-08 15:06:58 +02:00
thedoubl3j
60114ab929 add logic to replace cred name when using esxi 
* similar to aws, allow the use of the standard vmware cred
 2025-05-08 15:06:58 +02:00
Peter Braun
0e28d2590a
fix: keep processing events, even if previous event data cannot be pa… (#15965) (#6922) 
* fix: keep processing events, even if previous event data cannot be parsed

* change log level to warning
 2025-05-05 13:26:42 +02:00
jessicamack
2bc08b421d
Bring WFJT job access to parity with UnifiedJobAccess (#15344) (#6935) 
* Bring WFJT job access to parity with UnifiedJobAccess

* Run linters

Co-authored-by: Alan Rominger <arominge@redhat.com>
 2025-04-30 13:43:47 -04:00
Matthew Sandoval
cae8a4e16c
Pin receptorctl 1.5.5 (#6931) 2025-04-29 11:01:22 -07:00
Chris Meyers
41d3729501 Allow ipv6 address for TOWER_URL_BASE setting 
* Django url validators support ipv6, our custom URLField
  allow_plain_hostname feature was messing with the hostname before it
  was passed to Django validators.
* This change dodges the allow_plan_hostname transformations if the
  value looks like it's an ipv6 one.
 2025-04-29 09:55:16 -04:00
TVo
a3303bb74b
Pin ansible runner241 and receptorctl154 (#6919) 
* Updated pinned runner and receptorctl in controller.

* Bumped receptorctl to 1.5.4
 2025-04-22 11:13:58 -07:00
Alan Rominger
6a10e0ea5c
AAP-41139 [4.6][dependencies] Bump Django 2 minor versions (#6892) 
* Initial requirement bump for Django CVE

* Run updater script
 2025-04-16 14:41:05 -04:00
Bruno Rocha
6690d71357
[4.6][Backport][Feature] feat: Manage Django Settings with Dynaconf (#6910) 
Dynaconf is being added from DAB factory to load Django Settings
 2025-04-15 15:17:16 -04:00
Hao Liu
ae0a8a80eb
[4.6] Fix Cert base authentication for OPA (#6909) 
* Remove unused setting

* Fix mTLS auth to OPA server

- Workaround https://github.com/Turall/OPA-python-client/issues/32
- Add tests for `opa_cert_file` context manager
 2025-04-15 11:07:33 -04:00
Hao Liu
4532c627e3
Update dependencies for DAB (#6914) 
Co-authored-by: Satoe Imaishi <simaishi@redhat.com>
 2025-04-15 09:55:45 -04:00
Lila Yasin
87cb6dc0b9
AAP-39365 facts are unintentionally deleted when the inventory is modified during a job execution (#15910) (#6905) 
* Added test_jobs.py to the model unit test folder in orther to show the undesired behaviour with fact cache



* Added test_jobs.py to the model unit test folder in orther to show the undesired behaviour with fact cache



* Solved undesired behaviour with fact_cache



* Solved bug with slices



* Remove unused imports

Remove now unused line of code which was commented out by the contributor

Revert "Remove now unused line of code which was commented out by the contributor"

This reverts commit f1a056a2356d56bc7256957a18503bd14dcfd8aa.

* Add back line that had been commented out as this line makes hosts specific to the particular slice when applicable

Revise private_data_dir fixture to see if it improves code coverage

Checked out awx/main/tests/unit/models/test_jobs.py in devel to see if it resolves git diff issue

* Fix formatting in awx/main/tests/unit/models/test_jobs.py

Rename for loop from host in hosts to hosts in hosts_cahced and remove unneeded continue

Revise finish_fact_cache to utilize inventory rather than hosts

Remove local var hosts that was assigned but unused

Revert change in start_fact_cache hosts_cached back to hosts

Revise the way we are handling hosts_cached and joining the file

Revert "Revise the way we are handling hosts_cached and joining the file"

This reverts commit e6e3d2f09c1b79a9bce3647a72e3dad97fe0aed8.

Reapply "Revise the way we are handling hosts_cached and joining the file"

This reverts commit a42b7ae69133fee24d3a5f1b456d9c343d111df9.

Revert some of my changes to get back to a better working state

Rename for loop to host in hosts_cached and remove unneeded continue

Remove jobs job.get_hosts_for_fact_cache() from post run hook, fix if statement after continue block, and revise how we are calling hosts in finish for loop

Add test_invalid_host_facts to test_jobs to increase code coverage

Update method signature to use hosts_cached and updated other references to hosts in finish_facts_cached

Rename hosts iterator to hosts_cached to agree with naming elsewhere

Revise test_invalid_host_facts to get more code coverage

Revise test_invalid_host_facts to increase codecov

Revise test_pre_post_run_hook_facts_deleted_sliced to ensure we are hitting the assertionerror for code cov

Revise  mock_inventory.hosts. to hit assert failure

Add revision of hosts and facts to force failure to satisfy code cov

Fix failure in test_pre_post_run_hook_facts_deleted_sliced

Add back for loop to create failures and add assert to hit them

Remove hosts.iterator() from both start_fact_cache and finish_fact_cache

Remove unused import of Queryset to satisfy api-lint

Fix typo in docstring hasnot to has not

Move hosts_cached.append(host) to outer loop in start_fact_cache

Add class to help support cached hosts resolving host.name issue with hosts_cached

* Add live tests for ansible facts

Remove fixture needed for local work only maybe

Revert "Add class to help support cached hosts resolving host.name issue with hosts_cached"

This reverts commit 99d998cfb9960baafe887de80bd9b01af50513ec.

* Move hosts_cached.append(host) outside of try except

* Move hosts_cached.append(host) to the beginning of start_fact_cache

---------

Signed-off-by: onetti7 <davonebat@gmail.com>
Co-authored-by: onetti7 <davonebat@gmail.com>
Co-authored-by: Alan Rominger <arominge@redhat.com>
 2025-04-11 11:08:26 -04:00
Lila Yasin
bbcdef18a7
[2.5][Backport] AAP 30045 incorrect deprecation warning for awx.awx.schedule rrule (#6903) 
* Make lookup plugins return lists to fix failures (#15625)

* Make lookup plugins return lists to fix failures

* Update unit tests

* Use lookup for test failures, update docs

* Grammar fix from review

Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>

---------

Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>

* Fix cherry-pick merge issue, should resolve failing linter

---------

Co-authored-by: Alan Rominger <arominge@redhat.com>
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
 2025-04-11 11:02:45 -04:00
Jake Jackson
d35d7f62ec
Esxi inventory plugin (#6895) 
* Add in ESXI plugin as a choice

* added in vmware esxi as an inventory source
* made a migration that may not be needed but will need to circle back

* black formatting

* linter fixes that I missed in the first commit, squash

* Update esxi to use_fqcn to true

* added use_fqcn on the esxi cred to true to correctly lay down
  collection name

* add fqcn true

* updated vmware esxi to use true for fqcn

* Update defaults and re-order migrations

* updated defaults to add correct env var to get empty
* re-ordered migrations to be in line with others

* Add condition to replace vmware_esxi cred

* replace direct name match with vmware cred since source supports old
  cred

* add skeleton test

* quick pass, needs more
* squash this

* Add tests for creating inventory ESXI source

* add test case to test creating an inventory with different cred type
  to source name

* update test and linting

* added correct cred return since esxi uses same cred

* assert on status code

* assert that we received a 204

* Added new folder for vmware_exsi and empty json file.

* Corrected the misspelling of folder name to 'esxi'

* fixed misspelling for `vmware_`

---------

Co-authored-by: Thanhnguyet Vo <thavo@redhat.com>
 2025-04-10 14:32:17 -04:00
Lila Yasin
9d9c125e47
[4.6][Backport][Feature] feat: 38589 GitHub App Authentication (#15807) (#6887) 
* feat: 38589 GitHub App Authentication (#15807)

* feat: 38589 GitHub App Authentication

Allows both git@<personal-token> and x-access-token@<github-access-token> when authenticating using git.
This allows GitHub App tokens to work without interfering with existing authentication types.

---------

Co-authored-by: Jake Jackson <thedoubl3j@Jakes-MacBook-Pro.local>

* revert change made to allow UI to accept x-access-token, just use htt… (#15851)

revert change made to allow UI to accept x-access-token, just use https:// instead

* Add Github dep for new cred support if used (#15850)

* Add pygithub for new app token support

* fixed git requirements file with new
* added new github dep and relevant deps it needs

* add required licenses

* Add artifacts to satisfy license check

* Remove duplicated license

---------

Co-authored-by: Andrea Restle-Lay <arestlel@redhat.com>
Co-authored-by: Alan Rominger <arominge@redhat.com>

* Remove deps update it came with the cherry-pick and is not needed in this version

Remove unneeded deps updates from requirements.in

Remove point to awx-plugins as it is not needed in tower

* Add a credential plugin that uses GitHub Apps to get tokens

* Add github app tests

* Ran requirements updater script

Ran black on github_app_test to fix formatting issue

Add scm_github_app to managed credentials

Ran updater script to reflect new deps

Added github app info to def build_passwords in jobs.py, cred now appears in credential types

Update ManagedCredentialType for GitHub App to match what we have in awx-plugins

Update inputs in maManagedCredentialType to github_app_inputs to communicate with awx/main/credential_plugins/github_app.py

Revert incorrect change in ManagedCredentialType, change github_app_lookup to call inputs instead of github_app_inputs

Updated namespace to github_app_lookup to agree with nomenclature used in the rest of the implementation and to resolve failing API test

Remove import pointing to awx plugins and update to point to credential_plugins

Remove references to gh_app_plugin_mod and change to github_app

Remove from awx_plugins.interfaces._temporary_private_django_api import (  # noqa: WPS436 to resolve failing test

Remove flake8 typing & typing references that do not exist in this version of Tower

Remove references in jobs.py and  __init__.py since this is an external cred type and registered it in setup.cfg instead

Remove blank line

REvise name in cfg from github_app_lookup to github_app to see if that ifxes module not found error

Revise first declaration of github_app to agree with file name to see if that resolves issue

Rename line 174 to agree with what's in config

Fix reference to github_app_lookup to github_app

Linters compliaining about the github_app in __all__ not being defined, renamed to see if that aligns them

Fix naming in test to correspond to naming of cred type

Update naming to be more specific and add blank line to setup.cfg

Remove __all__ from githubapp.py to satisfy linters

Revert formatting change since it is not needed in this repository

* Add blank line at the end of requirements.in

---------

Co-authored-by: Andrea Restle-Lay <andrearestlelay@gmail.com>
Co-authored-by: Jake Jackson <thedoubl3j@Jakes-MacBook-Pro.local>
Co-authored-by: Jake Jackson <jljacks93@gmail.com>
Co-authored-by: Andrea Restle-Lay <arestlel@redhat.com>
Co-authored-by: Alan Rominger <arominge@redhat.com>
 2025-04-10 14:32:17 -04:00
Chris Meyers
5dd81a04ce
Aap 41580 indirect host count wildcard query (#15893) 
* Support <collection_namespace>.<collection_name>.* indirect host query
  to match ANY module in the <collection_namespace>.<collection_name>
* Add tests for new wildcard indirect host count
* error checking of ansible event name
* error checking of ansible event query
 2025-04-10 14:32:15 -04:00
Dirk Jülich
e060e44b05
AAP-37381 Apply Django password validators correctly. (#6902) 
* Move call to django_validate_password to the correct method were the user object is available.
* Added tests for the Django password validation functionality.
 2025-04-02 16:45:58 +02:00
Chris Meyers
db5b6d0019 Add changelog to awx collection 2025-03-25 13:41:53 -04:00
Chris Meyers
a2c8ecb4e6 Bump awx collection ansible required version 2025-03-25 13:41:53 -04:00
Chris Meyers
277bc581e7 Remove coarse grain unused import 
* It would seem that fine-grain noqa pylint ignores do the job and are
  already in place. Prefer that over the coarse entire file ignore.
 2025-03-25 13:41:53 -04:00
Chris Meyers
ef89c59a13 Fix ansible-lint empty lines in module docstrings 2025-03-25 13:41:53 -04:00
Chris Meyers
5872a88a57 Fix ansible-lint truthy in module docstrings 2025-03-25 13:41:53 -04:00
Chris Meyers
7fdd15f115 Fix ansible-lint indentation in module docstrings 2025-03-25 13:41:53 -04:00
Peter Braun
353f0adf36
[4.6][backport] do not count dark hosts as updated (#6877) 
* feat: do not count dark hosts as updated (#15872)

* feat: do not count dark hosts as updated

* update functional tests

* Fix test flake due to host metric id enumeration (#15875)

---------

Co-authored-by: Alan Rominger <arominge@redhat.com>
 2025-03-18 16:34:52 +01:00
Peter Braun
bdfd9dec74
update: use singular form ANSIBLE_COLLECTIONS_PATH (#15841) (#6876) 
* update: use singular form ANSIBLE_COLLECTIONS_PATH

* update functional tests
 2025-03-18 14:44:57 +01:00
Hao Liu
bad4e630ba
Basic runtime enforcement of policy as code part 2 (#6875) 
* Add `opa_query_path field` for Inventory, Organization and JobTemplate models (#6850)

Add `opa_query_path` model field to Inventory, Organizatio and JobTemplate. Add migration file and expose opa_query_path field in the related API serializers.

* Gather and evaluate `opa_query_path` fields and raise violation exceptions (#6864)

gather and evaluate all opa query related to a job execution during policy evaluation phase 

* Add OPA_AUTH_CUSTOM_HEADERS support (#6863)

* Extend policy input data serializers (#6890)

* Extend policy input data serializers

* Update help text for PaC related fields (#6891)

* Remove encrypted from OPA_AUTH_CUSTOMER_HEADER

Unable to encrypt a dict field

---------

Co-authored-by: Jiří Jeřábek (Jiri Jerabek) <Jerabekjirka@email.cz>
Co-authored-by: Alexander Saprykin <cutwatercore@gmail.com>
Co-authored-by: Tina Tien <98424339+tiyiprh@users.noreply.github.com>
 2025-03-18 02:39:26 +00:00
Seth Foster
e9f2a14ebd
Fix root container path for project updates in K8s 
Modifies to_container_path to accept an optional
container_root parameter.

Normally this defaults to /runner, but in K8S
environments, project updates run from the
private_data_dir, e.g. /tmp/awx_1_123abc, not
/runner.

In that situation, we just pass in private_data_dir
as the container_root.

---------

Signed-off-by: Seth Foster <fosterbseth@gmail.com>
Co-authored-by: TVo <thavo@redhat.com>
 2025-03-13 13:34:12 -04:00
Alan Rominger
01fae57de2 Fix indirect host counting task test race condition (#15871) 2025-03-12 13:50:19 -04:00
Alan Rominger
c7ac45717b Pin drf-yasg to make api-test pass (#15887) 
Ping drf-yasg to make api-test pass
 2025-03-12 13:50:19 -04:00
Alan Rominger
c7b6b43913
[4.6] Attempt to fix ui-lint check by clearing cache forcefully (main fork) (#6885) 
* Try to make ui-lint check pass in 4.6

* Implement solution suggested by Kia
 2025-03-11 11:52:30 -04:00
Alan Rominger
1e6a7c0749
Prevent system auditor from downloading install bundle (#6805) 2025-03-11 10:54:02 -04:00
Alan Rominger
b5bc85e639
AAP-41692 [4.6] Update jinja2 for CVE (#6881) 
* Initial bump of jinja2 lib

* Run updater script
 2025-03-11 10:45:37 -04:00
Jake Jackson
f04bf5ccf0
update recetpor (#6869) 
* bumped receptor version to latest
 2025-03-04 15:16:58 -05:00
Peter Braun
28712a4c6e
fix: audit record name should not be the hostname (#15864) (#6866) 
* fix: audit record name should not be the hostname

* fix: update tests
 2025-03-03 16:49:42 +01:00
Hao Liu
698d769a7a
[Policy as Code] Monkey patch opa_client.base.BaseClient (#6865) 
Workaround bug described in https://github.com/Turall/OPA-python-client/issues/29
 2025-02-26 21:09:51 +00:00
Alan Rominger
529ee73fcd
[4.6] Backport the "live" tests (#6859) 
* Create a new pytest folder for live system testing with normal services (#15688)

* PoC for running dev env tests

* Replace in github actions

* Move folder to better location

* Further streamlining of new test folders

* Consolidate fixture, add writeup docs

* Use star import

* Push the wait-for-job to the conftest

Fix misused project cache identifier (#15690)

Fix project cache identifiers for new updates

Finish test and discover viable solution

Add comment on related task code

AAP-37989 Tests for exclude list with multiple jobs (#15722)

* Tests for exclude list with multiple jobs

Create test for using manual & file projects (#15754)

* Create test for using a manual project

* Chang default project factory to git, remove project files monkeypatch

* skip update of factory project

* Initial file scaffolding for feature

* Fill in galaxy and names

* Add README, describe project folders and dependencies

Add ee cleanup tests

* Adds cleanup tests to the live test.

Fix rsyslog permission error in github ubuntu tests from apparmor (#15717)

* Add test to detect rsyslog config problems

* Get dmesg output

* Disable apparmor for rsyslogd

Make awx/main/tests/live dramatically faster (#15780)

* Make awx/main/tests/live dramatically faster

* Add new setting to exclude list

* Fix rebase issues

* Did not want to backport this
 2025-02-25 15:22:38 -05:00
jessicamack
ba053dfb51
Ship analytics data using service account token (#15812) (#6856) 
Use oidc client to ship analytics data
 2025-02-25 14:42:17 -05:00
Alan Rominger
b351dfb102
Undo temporary DAB change for requirements generation (#6862) 2025-02-25 09:30:15 -05:00
Alan Rominger
b502a9444a
[4.6 backport] Feature indirect host counting (#15802) (#6858) 
* Feature indirect host counting (#15802)

* AAP-37282 Add parse JQ data and test it for a `job` object in isolation (#15774)

* Add jq dependency

* Add file in progress

* Add license for jq

* Write test and get it passing

* Successfully test collection of `event_query.yml` data (#15761)

* Callback plugin method from cmeyers adapted to global collection list

Get tests passing

Mild rebranding

Put behind feature flag, flip true in dev

Add noqa flag

* Add missing wait_for_events

* feat: try grabbing query files from artifacts directory (#15776)

* Contract changes for the event_query collection callback plugin (#15785)

* Minor import changes to collection processing in callback plugin

* Move agreed location of event_query file

* feat: remaining schema changes for indirect host audits (#15787)

* Re-organize test file and move artifacts processing logic to callback (#15784)

* Rename the indirect host counting test file

* Combine artifacts saving logic

* Connect host audit model to jq logic via new task

* Add unit tests for indirect host counting (#15792)

* Do not get django flags from database (#15794)

* Document, implement, and test remaining indirect host audit fields (#15796)

* Document, implement, and test remaining indirect host audit fields

* Fix hashing

* AAP-39559 Wait for all event processing to finish, add fallback task (#15798)

* Wait for all event processing to finish, add fallback task

* Add flag check to periodic task

* feat: cleanup of old indirect host audit records (#15800)

* By default, do not count indirect hosts (#15801)

* By default, do not count indirect hosts

* Fix copy paste goof

* Fix linter issue from base branch

* prevent multiple tasks from processing the same job events, prevent p… (#15805)

prevent multiple tasks from processing the same job events, prevent periodic task from spawning another task per job

* Fix typos and other bugs found by Pablo review

* fix: rely on resolved_action instead of task, adapt to proposed query… (#15815)

* fix: rely on resolved_action instead of task, adapt to proposed query structure

* tests: update indirect host tests

* update remaining queries to new format

* update live test

* Remove polling loop for job finishing event processing (#15811)

* Remove polling loop for job finishing event processing

* Make awx/main/tests/live dramatically faster (#15780)

* AAP-37282 Add parse JQ data and test it for a `job` object in isolation (#15774)

* Add jq dependency

* Add file in progress

* Add license for jq

* Write test and get it passing

* Successfully test collection of `event_query.yml` data (#15761)

* Callback plugin method from cmeyers adapted to global collection list

Get tests passing

Mild rebranding

Put behind feature flag, flip true in dev

Add noqa flag

* Add missing wait_for_events

* feat: try grabbing query files from artifacts directory (#15776)

* Contract changes for the event_query collection callback plugin (#15785)

* Minor import changes to collection processing in callback plugin

* Move agreed location of event_query file

* feat: remaining schema changes for indirect host audits (#15787)

* Re-organize test file and move artifacts processing logic to callback (#15784)

* Rename the indirect host counting test file

* Combine artifacts saving logic

* Connect host audit model to jq logic via new task

* Document, implement, and test remaining indirect host audit fields (#15796)

* AAP-39559 Wait for all event processing to finish, add fallback task (#15798)

* Wait for all event processing to finish, add fallback task

* Add flag check to periodic task

* feat: cleanup of old indirect host audit records (#15800)

* prevent multiple tasks from processing the same job events, prevent p… (#15805)

prevent multiple tasks from processing the same job events, prevent periodic task from spawning another task per job

* Remove polling loop for job finishing event processing (#15811)

* Make awx/main/tests/live dramatically faster (#15780)

* reorder migrations to allow indirect instances backport

* cleanup for rebase and merge into devel

---------

Co-authored-by: Peter Braun <pbraun@redhat.com>
Co-authored-by: jessicamack <jmack@redhat.com>
Co-authored-by: Peter Braun <pbranu@redhat.com>
 2025-02-24 21:55:44 +00:00
Hao Liu
2d648d1225
[Feature][release_4.6] Policy as Code MVP part 1 (#6848) 2025-02-24 15:58:57 -05:00
Hao Liu
b8a1e90b06
[CI][release_4.6] Fix schema upload (#6840) 2025-02-18 09:19:50 -05:00
Hao Liu
c0b9d3f428
Switch to ssh for private git requirements (#6838) 2025-02-17 22:44:29 -05:00
Hao Liu
376a791052
[CI][release_4.6] backport push development image base on repo name (#6837) 
* Publish image base on git repo name instead of hard coded to AWX (#15828)

* Fix git credential for devel_image build (#15834)

* Continue if pre-warm cache fail in container build (#15835)

* Use correct devel image for docker-compose (#15836)
 2025-02-17 16:26:19 -05:00
TVo
cb2df43580
[4.6_Backport] Added helper method for fetching serviceaccount token (#6823) 2025-02-17 15:31:33 -05:00
Hao Liu
ccb6360a96
AAP-39778[Backport][release_4.6] Add DAB Feature Flag common API (#6833) 
* [AAP-39138] - Add DAB Feature Flag common API (#15786)
* Update django-ansible-base reference to ansible-automation-platform/django-ansible-base@stable-2.5

---------

Co-authored-by: Zack Kayyali <zkayyali@redhat.com>
 2025-02-12 15:47:06 -05:00
Hao Liu
397fb297bf
Add ability to provide token for private repo for requirements_git in container build (#15831) (#6830) 
Add ability to provide auth to private repo for requirements_git
 2025-02-12 20:00:37 +00:00
Alan Rominger
63bb4d66ef
Do not get django flags from database (#15794) (#6820) 2025-02-10 10:46:22 -05:00
Alan Rominger
7017c28706
Limit to python 3.12 for 4.6 branch (#6817) 2025-02-05 10:48:07 -05:00
Hao Liu
48ee5b05ee
Set feature flag base on setting (#15808) (#6811) 2025-02-05 09:30:32 +01:00