* Add pygithub for new app token support
* fixed git requirements file with new
* added new github dep and relevant deps it needs
* add required licenses
* Add artifacts to satisfy license check
* Remove duplicated license
---------
Co-authored-by: Andrea Restle-Lay <arestlel@redhat.com>
Co-authored-by: Alan Rominger <arominge@redhat.com>
* feat: 38589 GitHub App Authentication
Allows both git@<personal-token> and x-access-token@<github-access-token> when authenticating using git.
This allows GitHub App tokens to work without interfering with existing authentication types.
---------
Co-authored-by: Jake Jackson <thedoubl3j@Jakes-MacBook-Pro.local>
* - add new entry points
- add logic to check what version of the project is running
* remove former discovery method
* update custom_injectors and remove unused import
* fix how we load external creds
* remove stale code to match devel
* fix cloudforms test and move credential loading
* add load credentials method to get tests passing
* Conditionalize integration tests if the cred is present
* remove inventory source test
* inventory source is covered in the workflow job template target
* Add `awx_plugins.interfaces` runtime dependency
* Use `awx_plugins.interfaces` for runtime detection
The original function name was `server_product_name()` but it didn't
really represent what it did. So it was renamed into
`detect_server_product_name()` in an attempt of disambiguation.
* Use `awx_plugins.interfaces` to map container path
The original function `to_container_path` has been renamed into
`get_incontainer_path()` to represent what it does better and make
the imports more obvious.
* Add license file for awx_plugins.interfaces
---------
Co-authored-by: Hao Liu <44379968+TheRealHaoLiu@users.noreply.github.com>
* #egg _could_ be awx-plugins.some.other.provided.package
* Also point at ansible devel instead of a forked branch since the
entrypoints PR has now merged to devel
Adds the following managed Role Definitions
Controller Team Admin
Controller Team Member
Controller Organization Admin
Controller Organization Member
These have the same permission set as the
platform roles (without the Controller prefix)
Adding members to teams and orgs via the legacy RBAC system
will use these role definitions.
Other changes:
- Bump DAB to 2024.08.22
- Set ALLOW_LOCAL_ASSIGNING_JWT_ROLES to False in defaults.py.
This setting prevents assignments to the platform roles (e.g. Team Member).
Signed-off-by: Seth Foster <fosterbseth@gmail.com>
Develop ability to list permissions for existing roles
Create a model registry for RBAC-tracked models
Write the data migration logic for creating
the preloaded role definitions
Write migration to migrate old Role into ObjectRole model
This loops over the old Role model, knowing it is unique
on object and role_field
Most of the logic is concerned with identifying the
needed permissions, and then corresponding role definition
As needed, object roles are created and users then teams
are assigned
Write re-computation of cache logic for teams
and then for object role permissions
Migrate new RBAC internals to ansible_base
Migrate tests to ansible_base
Implement solution for visible_roles
Expose URLs for DAB RBAC
* add resources api to controller
* update setting
models are not the source of truth in AWX
* Force creation of ServiceID object in tests
* fix typo
* settings fix for CI
---------
Co-authored-by: Alan Rominger <arominge@redhat.com>
- upgrades
- Django 3.2.12
- pytz 2021.3 (from 2019.3)
- oauthlib 3.2.0 (from 3.1.0)
- requests-oauthlib 1.3.1 (from 1.3.0)
- django-guid 3.2.1 (from 2.2.1)
- django-solo 2.0.0 (from 1.1.3)
- django-taggit 2.1.0 (from 1.2.0)
- netaddr 0.8.0 (from 0.7.19)
- pyrad 2.4 (from 2.3)
- django-radius devel (from 1.3.3)
- future devel (from 0.16.0)
- django-guid, django-solo, and django-taggit are upgraded to fix the
AppConfig deprecation warning. FIXME: django-guid devel has the
fix, but it hasn't been released yet.
- Released versions of django-radius have a hard-coded pin to
future==0.16.0, which has a Python warning due to an improperly
escaped character. This is fixed in future devel, so for now we are
pinning to references to the git repos.
- netaddr had a bunch of Python syntax and deprecation warnings
This requires corresponding ansible-runner changes
which are only available in devel branch
to do this, requirements are changed
to install ansible-runner devel as it did before
Revert "Use ansible-runner 2.1.1 build"
This reverts commit f0ede010176bd6bfcb45b4fee4194096a91c0003.
Add back in change from updater.sh that we want to keep
- remove requirements_ansible logic from the update script
- removed the need for py2-specific system dependencies
- update to the latest pip-tools and move to the new long format
(https://github.com/jazzband/pip-tools/pull/1237)
- fixed a few busted references to receptorctl @ devel
