fix namespaced url params
SUMMARY
Fixes issues when multiple lists are on the page (generally only occurs now when on a list page with an open modal that contains a second list) — Navigating within the modal list currently wipes out URL parameters for the main list, causing the page to reload, which closes the modal. The fix prevents changes to one set of namespaced URL parameters from wiping out URL parameters from another namespace
Refactors query string utils to consolidate a lot of repeated logic from components into a new util, updateQueryString. Use this function to modify query string parameters while maintaining params for multiple namespaces at the same time.
QS utils that are no longer needed have been deleted: replaceParams and encodeNonDefaultQueryString
Addresses #10181 and #9218
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
UI
Reviewed-by: Keith Grant <keithjgrant@gmail.com>
Reviewed-by: John Mitchell <None>
Reviewed-by: Alex Corey <Alex.swansboro@gmail.com>
Adds ouiaId to YAML and JSON buttons in Variables Detail
small change to add a better locator to these buttons. if we do not do this, our locators for our visual tests are not good and will eventually break tests
Reviewed-by: Jake McDermott <yo@jakemcdermott.me>
Include the EE set on a workflow template in the resolver hierarchy
SUMMARY
This step comes immediately after checking the actual job/template for
an explicitly set EE.
Note that now, because of how jobs are spawned off of workflow nodes,
the call to .resolve_execution_environment() no longer happens in
.create_unified_job(). The job instance within .create_unified_job()
doesn't yet have access to the node that it will be attached to,
making it impossible to use this information in the resolver if called
there.
related #9560
ISSUE TYPE
Feature Pull Request
Bugfix Pull Request
COMPONENT NAME
API
AWX VERSION
Reviewed-by: Shane McDonald <me@shanemcd.com>
Reviewed-by: Christian Adams <rooftopcellist@gmail.com>
when sharing paths use little z
AWX_ISOLATION_SHOW_PATHS will be shared between containers. Strange
file not found error can crop up when concurrently accessing shared
directories between multiple containers that are bind mounted with big
Z. So make sure we use little z.
Fixes errors like below:
fatal: [localhost]: FAILED! => {"changed": false, "cmd": "/usr/bin/git ls-remote file:///opt/tmpawx/at_DrunkMail525450112299457413919634186288881628802211907645041298254_test/ -h refs/heads/HEAD", "msg": "fatal: '/opt/tmpawx/at_DrunkMail525450112299457413919634186288881628802211907645041298254_test/' does not appear to be a git repository\\nfatal: Could not read from remote repository.\\n\\nPlease make sure you have the correct access rights\\nand the repository exists.", "rc": 128, "stderr": "fatal: '/opt/tmpawx/at_DrunkMail525450112299457413919634186288881628802211907645041298254_test/' does not appear to be a git repository\\nfatal: Could not read from remote repository.\\n\\nPlease make sure you have the correct access rights\\nand the repository exists.\\n", "stderr_lines": ["fatal: '/opt/tmpawx/at_DrunkMail525450112299457413919634186288881628802211907645041298254_test/' does not appear to be a git repository", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "", "stdout_lines": []}```
Reviewed-by: Shane McDonald <me@shanemcd.com>
* AWX_ISOLATION_SHOW_PATHS will be shared between containers. Strange
file not found error can crop up when concurrently accessing shared
directories between multiple containers that are bind mounted with big
Z. So make sure we use little z.
Adds resource name and description to launch and schedule prompt wizards
SUMMARY
link #8249
link #7254
Launch with description:
Launch without description:
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
UI
Reviewed-by: Keith Grant <keithjgrant@gmail.com>
Reviewed-by: Kersom <None>
Reviewed-by: Michael Abashian <None>
Reviewed-by: Tiago Góes <tiago.goes2009@gmail.com>
clarify format of date for host_metric
SUMMARY
@amolgautam25 @AlanCoding let me know what you think -- I was taking a second look at the CLI and took me a bit to remember the format it wants is YYYY-MM-DD
Reviewed-by: Alan Rominger <arominge@redhat.com>
Reviewed-by: Amol Gautam <amol_gautam25@yahoo.co.in>
This step comes immediately after checking the actual job/template for
an explicitly set EE.
Note that now, because of how jobs are spawned off of workflow nodes,
the call to .resolve_execution_environment() no longer happens in
.create_unified_job(). The job instance within .create_unified_job()
doesn't yet have access to the node that it will be attached to,
making it impossible to use this information in the resolver if called
there.
Fixes bug where users were unable to click on text next to checkboxes/radios in modals
SUMMARY
link #8852
This should impact lists in modals where the user can select one or more of the rows. They should now be able to click on the text/row in order to select. Examples:
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
UI
Reviewed-by: Kersom <None>
Reviewed-by: Tiago Góes <tiago.goes2009@gmail.com>
Add the ability to disable local authentication
SUMMARY
When an external authentication system is enabled, users would like the ability to disable local authentication for enhanced security.
related #4553
TODO
create a configure-Tower-in-Tower setting, DISABLE_LOCAL_AUTH
expose the setting in the settings UI
be able to query out all local-only users
User.objects.filter(Q(profile__isnull=True) | Q(profile__ldap_dn=''), enterprise_auth__isnull=True, social_auth__isnull=True)
see: awx/main/utils/common.py, get_external_account
write a thin wrapper around the Django model-based auth backend
update the UI tests to include the new setting
be able to trigger a side-effect when this setting changes
revoke all OAuth2 tokens for users that do not have a remote
auth backend associated with them
revoke sessions for local-only users
ultimately I did this by adding a new middleware that checks the value of this new setting and force-logouts any local-only user making a request after it is enabled
settings API endpoint raises a validation error if there are no external users or auth sources configured
The remote user existence validation has been removed, since ultimately we can't know for sure if a sysadmin-level user will still have access to the UI. This is being dealt with by using a confirmation modal, see below.
add a modal asking the user to confirm that they want to turn this setting on
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
API
UI
AWX VERSION
Reviewed-by: Jeff Bradberry <None>
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
Reviewed-by: Mat Wilson <mawilson@redhat.com>
Reviewed-by: Michael Abashian <None>
Reviewed-by: Chris Meyers <None>
Remove explicit eula acceptance
SUMMARY
Issue: ansible/tower#4948
This PR changes the entitlement process to no require explicit acceptance of the Eula, but still display it for the user to read.
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
API
UI
AWX VERSION
19.1.0
ADDITIONAL INFO
If the eula_accepted field is passed, it will just be ignored.
Reviewed-by: Bill Nottingham <None>
Move irc references to point to irc.libera.chat
c.f. ansible-community/community-topics#19 (comment)
Reviewed-by: Alan Rominger <arominge@redhat.com>
Reviewed-by: Matthew Jones <bsdmatburt@gmail.com>
Reviewed-by: Shane McDonald <me@shanemcd.com>
Redirect documentation to awx-operator docs
SUMMARY
CC: @shanemcd
Related: ansible/awx-operator#330
The PR ansible/awx-operator#330 enhances the AWX installation process via the awx-operator.
This PR redirects the installation notes to the awx-operator page so we can simplify and easy maintain the docs in one place.
ISSUE TYPE
Docs Pull Request
Reviewed-by: Shane McDonald <me@shanemcd.com>
The list secrets role rule is no longer not needed for container groups
SUMMARY
The list secrets role rule is no longer not needed for container groups. This was simplified to just get the single matching secret using the read_namespaced_secret() method.
Reviewed-by: Seth Foster <None>
Converts Options lists and other modal lists to tables
SUMMARY
This addresses #10162. Note this issue I found while working on this #10181
Kicked Off E2E
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
UI
AWX VERSION
ADDITIONAL INFORMATION
Reviewed-by: Jake McDermott <yo@jakemcdermott.me>
Reviewed-by: Keith Grant <keithjgrant@gmail.com>
Reviewed-by: Tiago Góes <tiago.goes2009@gmail.com>
Fixes bug where activity stream changes were displaying as [object object]
SUMMARY
Resolves#10138
Here it is working:
In this case the value passed to the VariablesDetail component is a straight up JSON object (not a stringified JSON object) which that component does not seem to like in its current state.
Rather than looking at changing the VariablesDetail implementation I decided to just stringify the object before it gets passed in. Since this object is generated by the backend I think it's safe to assume it will always be an object.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
UI
Reviewed-by: Kersom <None>
Reviewed-by: Tiago Góes <tiago.goes2009@gmail.com>
Update migration page as per latest name changes
Update migration page as per latest name changes
rename.mov
See: #8355
Reviewed-by: Tiago Góes <tiago.goes2009@gmail.com>
Reviewed-by: Jake McDermott <yo@jakemcdermott.me>
Container groups registry creds
SUMMARY
Fixes#10114
In VM-based installs, the user provides image pull creds to us, then we put them in an authfile and give it to podman via --authfile.
This is not so simple with ContainerGroups because we need to use the k8s API to apply a podspec to create containers in this paradigm.
Currently, the EE pod gets created, but errors when pulling the custom EE in from the private repo:
This work will modify the init() for the AWXReceptorJob class to create a k8s secret in the given namespace, then specify that secret name in the pod-spec as an imagePullSecret
Also, the imagePullPolicy was not being enforced when running JT's in EE's using container groups, this is because the imagePullPolicy nevery got set on the pod spec.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
API
AWX VERSION
devel
ADDITIONAL INFORMATION
Issues that this solves:
Image pull secret now gets created in the cluster namespace specified by the user for that container group.
imagePullSecret name gets set on the pod spec
If the pull secret already exists in the namespace, delete it, then create it. (kube_api.replace_namespaced_secret did not work for this case...)
Enforce imagePullPolicy for EE's in container groups
Basic error handling
Reviewed-by: Alan Rominger <arominge@redhat.com>
Reviewed-by: Christian Adams <rooftopcellist@gmail.com>
Reviewed-by: Jeff Bradberry <None>
Reviewed-by: Shane McDonald <me@shanemcd.com>
Reviewed-by: Chris Meyers <None>
