Allow deleting org of a running workflow job (#15374)

Old RBAC system hits DOESNOTEXIST query errors
if a user deletes an org while a workflow job is active.

The error is triggered by
1. starting workflow job
2. delete the org that the workflow job is a part of
3. The workflow changes status (e.g. pending to waiting)

This error message would surface
awx.main.models.rbac.Role.DoesNotExist: Role matching
query does not exist.

The fix is wrap the query in a try catch, and skip
over some logic if the roles don't exist.

---------

Signed-off-by: Seth Foster <fosterbseth@gmail.com>

.github/actions/awx_devel_image/action.yml

@@ -24,7 +24,7 @@ runs:
 
     - name: Pre-pull latest devel image to warm cache
       shell: bash
-      run: docker pull ghcr.io/${OWNER_LC}/awx_devel:${{ github.base_ref }}
+      run: docker pull -q ghcr.io/${OWNER_LC}/awx_devel:${{ github.base_ref }}
 
     - name: Build image for current source checkout
       shell: bash

.github/triage_replies.md

@@ -1,7 +1,7 @@
 ## General
 - For the roundup of all the different mailing lists available from AWX, Ansible, and beyond visit: https://docs.ansible.com/ansible/latest/community/communication.html
 - Hello, we think your question is answered in our FAQ. Does this: https://www.ansible.com/products/awx-project/faq cover your question?
-- You can find the latest documentation here: https://ansible.readthedocs.io/projects/awx/en/latest/userguide/index.html
+- You can find the latest documentation here: https://docs.ansible.com/automation-controller/latest/html/userguide/index.html
 
 
 

.github/workflows/dab-release.yml

@@ -0,0 +1,48 @@
+---
+name: django-ansible-base requirements update
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 6 * * *' # once an day @ 6 AM
+permissions:
+  pull-requests: write
+  contents: write
+jobs:
+  dab-pin-newest:
+    runs-on: ubuntu-latest
+    steps:
+      - id: dab-release
+        name: Get current django-ansible-base release version
+        uses: pozetroninc/github-action-get-latest-release@2a61c339ea7ef0a336d1daa35ef0cb1418e7676c # v0.8.0
+        with:
+          owner: ansible
+          repo: django-ansible-base
+          excludes: prerelease, draft
+
+      - name: Check out respository code
+        uses: actions/checkout@v4
+
+      - id: dab-pinned
+        name: Get current django-ansible-base pinned version
+        run:
+          echo "version=$(requirements/django-ansible-base-pinned-version.sh)" >> "$GITHUB_OUTPUT"
+
+      - name: Update django-ansible-base pinned version to upstream release
+        run:
+          requirements/django-ansible-base-pinned-version.sh -s ${{ steps.dab-release.outputs.release }}
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6
+        with:
+          base: devel
+          branch: bump-django-ansible-base
+          title: Bump django-ansible-base to ${{ steps.dab-release.outputs.release }}
+          body: |
+            Automated .github/workflows/dab-release.yml
+
+            django-ansible-base upstream released version == ${{ steps.dab-release.outputs.release }}
+            requirements_git.txt django-ansible-base pinned version ==  ${{ steps.dab-pinned.outputs.version }}
+          commit-message: |
+            Update django-ansible-base version to ${{ steps.dab-pinned.outputs.version }}
+          add-paths:
+            requirements/requirements_git.txt

.github/workflows/devel_images.yml

@@ -60,16 +60,26 @@ jobs:
         run: |
           echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
 
-      - name: Setup node and npm
+      - name: Setup node and npm for old UI build
         uses: actions/setup-node@v2
         with:
-          node-version: '16.13.1'
+          node-version: '16'
         if: matrix.build-targets.image-name == 'awx'
 
-      - name: Prebuild UI for awx image (to speed up build process)
+      - name: Prebuild old-UI for awx image (to speed up build process)
         run: |
           sudo apt-get install gettext
           make ui-release
+        if: matrix.build-targets.image-name == 'awx'
+
+      - name: Setup node and npm for the new UI build
+        uses: actions/setup-node@v2
+        with:
+          node-version: '18'
+        if: matrix.build-targets.image-name == 'awx'
+
+      - name: Prebuild new UI for awx image (to speed up build process)
+        run: |
           make ui-next
         if: matrix.build-targets.image-name == 'awx'
 

.github/workflows/stage.yml

@@ -136,9 +136,9 @@ jobs:
       - name: Pulling images for test deployment with awx-operator
         # awx operator molecue test expect to kind load image and buildx exports image to registry and not local
         run: |
-          docker pull ${AWX_OPERATOR_TEST_IMAGE}
-          docker pull ${AWX_EE_TEST_IMAGE}
-          docker pull ${AWX_TEST_IMAGE}:${AWX_TEST_VERSION}
+          docker pull -q ${AWX_OPERATOR_TEST_IMAGE}
+          docker pull -q ${AWX_EE_TEST_IMAGE}
+          docker pull -q ${AWX_TEST_IMAGE}:${AWX_TEST_VERSION}
 
       - name: Run test deployment with awx-operator
         working-directory: awx-operator

.github/workflows/upload_schema.yml

@@ -34,7 +34,7 @@ jobs:
 
       - name: Pre-pull image to warm build cache
         run: |
-          docker pull ghcr.io/${{ github.repository_owner }}/awx_devel:${GITHUB_REF##*/} || :
+          docker pull -q ghcr.io/${{ github.repository_owner }}/awx_devel:${GITHUB_REF##*/} || :
 
       - name: Build image
         run: |

README.md

@@ -35,4 +35,7 @@ We ask all of our community members and contributors to adhere to the [Ansible c
 Get Involved
 ------------
 
-We welcome your feedback and ideas. See the [AWX Communication guide](https://ansible.readthedocs.io/projects/awx/en/latest/contributor/communication.html) to learn how to join the conversation.
+We welcome your feedback and ideas. Here's how to reach us with feedback and questions:
+
+- Join the [Ansible AWX channel on Matrix](https://matrix.to/#/#awx:ansible.com)
+- Join the [Ansible Community Forum](https://forum.ansible.com)

awx/main/access.py

@@ -1419,10 +1419,6 @@ class ExecutionEnvironmentAccess(BaseAccess):
         else:
             if self.user not in obj.organization.execution_environment_admin_role:
                 raise PermissionDenied
-        if data and 'organization' in data:
-            new_org = get_object_from_data('organization', Organization, data, obj=obj)
-            if not new_org or self.user not in new_org.execution_environment_admin_role:
-                return False
         return self.check_related('organization', Organization, data, obj=obj, role_field='execution_environment_admin_role')
 
     def can_delete(self, obj):
@@ -2100,15 +2096,18 @@ class WorkflowJobTemplateAccess(NotificationAttachMixin, BaseAccess):
 
         if not self.check_related('organization', Organization, data, role_field='workflow_admin_role', mandatory=True):
             if data.get('organization', None) is None:
-                self.messages['organization'] = [_('An organization is required to create a workflow job template for normal user')]
+                if self.save_messages:
+                    self.messages['organization'] = [_('An organization is required to create a workflow job template for normal user')]
             return False
 
         if not self.check_related('inventory', Inventory, data, role_field='use_role'):
-            self.messages['inventory'] = [_('You do not have use_role to the inventory')]
+            if self.save_messages:
+                self.messages['inventory'] = [_('You do not have use_role to the inventory')]
             return False
 
         if not self.check_related('execution_environment', ExecutionEnvironment, data, role_field='read_role'):
-            self.messages['execution_environment'] = [_('You do not have read_role to the execution environment')]
+            if self.save_messages:
+                self.messages['execution_environment'] = [_('You do not have read_role to the execution environment')]
             return False
 
         return True

awx/main/migrations/_dab_rbac.py

@@ -277,7 +277,6 @@ def setup_managed_role_definitions(apps, schema_editor):
     to_create = {
         'object_admin': '{cls.__name__} Admin',
         'org_admin': 'Organization Admin',
-        'org_audit': 'Organization Audit',
         'org_children': 'Organization {cls.__name__} Admin',
         'special': '{cls.__name__} {action}',
     }
@@ -334,12 +333,19 @@ def setup_managed_role_definitions(apps, schema_editor):
             for perm in special_perms:
                 action = perm.codename.split('_')[0]
                 view_perm = Permission.objects.get(content_type=ct, codename__startswith='view_')
+                perm_list = [perm, view_perm]
+                # Handle special-case where adhoc role also listed use permission
+                if action == 'adhoc':
+                    for other_perm in object_perms:
+                        if other_perm.codename == 'use_inventory':
+                            perm_list.append(other_perm)
+                            break
                 managed_role_definitions.append(
                     get_or_create_managed(
                         to_create['special'].format(cls=cls, action=action.title()),
                         f'Has {action} permissions to a single {cls._meta.verbose_name}',
                         ct,
-                        [perm, view_perm],
+                        perm_list,
                         RoleDefinition,
                     )
                 )
@@ -355,18 +361,40 @@ def setup_managed_role_definitions(apps, schema_editor):
             )
         )
 
-    if 'org_audit' in to_create:
-        audit_permissions = [perm for perm in org_perms if perm.codename.startswith('view_')]
-        audit_permissions.append(Permission.objects.get(codename='audit_organization'))
-        managed_role_definitions.append(
-            get_or_create_managed(
-                to_create['org_audit'].format(cls=Organization),
-                'Has permission to view all objects inside of a single organization',
-                org_ct,
-                audit_permissions,
-                RoleDefinition,
-            )
+    # Special "organization action" roles
+    audit_permissions = [perm for perm in org_perms if perm.codename.startswith('view_')]
+    audit_permissions.append(Permission.objects.get(codename='audit_organization'))
+    managed_role_definitions.append(
+        get_or_create_managed(
+            'Organization Audit',
+            'Has permission to view all objects inside of a single organization',
+            org_ct,
+            audit_permissions,
+            RoleDefinition,
         )
+    )
+
+    org_execute_permissions = {'view_jobtemplate', 'execute_jobtemplate', 'view_workflowjobtemplate', 'execute_workflowjobtemplate', 'view_organization'}
+    managed_role_definitions.append(
+        get_or_create_managed(
+            'Organization Execute',
+            'Has permission to execute all runnable objects in the organization',
+            org_ct,
+            [perm for perm in org_perms if perm.codename in org_execute_permissions],
+            RoleDefinition,
+        )
+    )
+
+    org_approval_permissions = {'view_organization', 'view_workflowjobtemplate', 'approve_workflowjobtemplate'}
+    managed_role_definitions.append(
+        get_or_create_managed(
+            'Organization Approval',
+            'Has permission to approve any workflow steps within a single organization',
+            org_ct,
+            [perm for perm in org_perms if perm.codename in org_approval_permissions],
+            RoleDefinition,
+        )
+    )
 
     unexpected_role_definitions = RoleDefinition.objects.filter(managed=True).exclude(pk__in=[rd.pk for rd in managed_role_definitions])
     for role_definition in unexpected_role_definitions:

awx/main/models/credential/__init__.py

@@ -321,13 +321,14 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
             raise ValueError('{} is not a dynamic input field'.format(field_name))
 
     def validate_role_assignment(self, actor, role_definition):
-        if isinstance(actor, User):
-            if actor.is_superuser or Organization.access_qs(actor, 'change').filter(id=self.organization.id).exists():
-                return
-        if isinstance(actor, Team):
-            if actor.organization == self.organization:
-                return
-        raise DRFValidationError({'detail': _(f"You cannot grant credential access to a {actor._meta.object_name} not in the credentials' organization")})
+        if self.organization:
+            if isinstance(actor, User):
+                if actor.is_superuser or Organization.access_qs(actor, 'member').filter(id=self.organization.id).exists():
+                    return
+            if isinstance(actor, Team):
+                if actor.organization == self.organization:
+                    return
+            raise DRFValidationError({'detail': _(f"You cannot grant credential access to a {actor._meta.object_name} not in the credentials' organization")})
 
 
 class CredentialType(CommonModelNameNotUnique):

awx/main/models/execution_environments.py

@@ -68,5 +68,5 @@ class ExecutionEnvironment(CommonModel):
             raise ValidationError({'user': _('User must have view permission to Execution Environment organization')})
         if actor._meta.model_name == 'team':
             organization_cls = self._meta.get_field('organization').related_model
-            if self.orgaanization not in organization_cls.access_qs(actor, 'view'):
+            if self.organization not in organization_cls.access_qs(actor, 'view'):
                 raise ValidationError({'team': _('Team must have view permission to Execution Environment organization')})

awx/main/models/rbac.py

@@ -689,9 +689,15 @@ def sync_parents_to_new_rbac(instance, action, model, pk_set, reverse, **kwargs)
 
     for role_id in pk_set:
         if reverse:
-            child_role = Role.objects.get(id=role_id)
+            try:
+                child_role = Role.objects.get(id=role_id)
+            except Role.DoesNotExist:
+                continue
         else:
-            parent_role = Role.objects.get(id=role_id)
+            try:
+                parent_role = Role.objects.get(id=role_id)
+            except Role.DoesNotExist:
+                continue
 
         # To a fault, we want to avoid running this if triggered from implicit_parents management
         # we only want to do anything if we know for sure this is a non-implicit team role

awx/main/tasks/system.py

@@ -980,5 +980,15 @@ def periodic_resource_sync():
         if acquired is False:
             logger.debug("Not running periodic_resource_sync, another task holds lock")
             return
+        logger.debug("Running periodic resource sync")
 
-        SyncExecutor().run()
+        executor = SyncExecutor()
+        executor.run()
+        for key, item_list in executor.results.items():
+            if not item_list or key == 'noop':
+                continue
+            # Log creations and conflicts
+            if len(item_list) > 10 and settings.LOG_AGGREGATOR_LEVEL != 'DEBUG':
+                logger.info(f'Periodic resource sync {key}, first 10 items:\n{item_list[:10]}')
+            else:
+                logger.info(f'Periodic resource sync {key}:\n{item_list}')

awx/main/tests/functional/dab_rbac/test_dab_rbac_api.py

@@ -128,7 +128,7 @@ def test_assign_credential_to_user_of_another_org(setup_managed_roles, credentia
     rd = RoleDefinition.objects.get(name="Credential Admin")
     credential.organization = organization
     credential.save(update_fields=['organization'])
-    assert credential.organization not in Organization.access_qs(rando, 'change')
+    assert credential.organization not in Organization.access_qs(rando, 'member')
     url = django_reverse('roleuserassignment-list')
     resp = post(url=url, data={"user": rando.id, "role_definition": rd.id, "object_id": credential.id}, user=admin_user, expect=400)
     assert "You cannot grant credential access to a User not in the credentials' organization" in str(resp.data)
@@ -139,7 +139,7 @@ def test_assign_credential_to_user_of_another_org(setup_managed_roles, credentia
     post(url=url, data={"user": rando.id, "role_definition": rd.id, "object_id": credential.id}, user=admin_user, expect=201)
 
     # can assign credential to org_admin
-    assert credential.organization in Organization.access_qs(org_admin, 'change')
+    assert credential.organization in Organization.access_qs(org_admin, 'member')
     post(url=url, data={"user": org_admin.id, "role_definition": rd.id, "object_id": credential.id}, user=admin_user, expect=201)
 
 

awx/main/tests/functional/dab_rbac/test_translation_layer.py

@@ -1,4 +1,5 @@
 from unittest import mock
+import json
 
 import pytest
 
@@ -6,11 +7,13 @@ from django.contrib.contenttypes.models import ContentType
 
 from crum import impersonate
 
-from awx.main.models.rbac import get_role_from_object_role, give_creator_permissions
+from awx.main.fields import ImplicitRoleField
+from awx.main.models.rbac import get_role_from_object_role, give_creator_permissions, get_role_codenames, get_role_definition
 from awx.main.models import User, Organization, WorkflowJobTemplate, WorkflowJobTemplateNode, Team
 from awx.api.versioning import reverse
 
 from ansible_base.rbac.models import RoleUserAssignment, RoleDefinition
+from ansible_base.rbac import permission_registry
 
 
 @pytest.mark.django_db
@@ -24,6 +27,7 @@ from ansible_base.rbac.models import RoleUserAssignment, RoleDefinition
         'auditor_role',
         'read_role',
         'execute_role',
+        'approval_role',
         'notification_admin_role',
     ],
 )
@@ -39,6 +43,37 @@ def test_round_trip_roles(organization, rando, role_name, setup_managed_roles):
     assert old_role.id == getattr(organization, role_name).id
 
 
+@pytest.mark.django_db
+@pytest.mark.parametrize('model', sorted(permission_registry.all_registered_models, key=lambda cls: cls._meta.model_name))
+def test_role_migration_matches(request, model, setup_managed_roles):
+    fixture_name = model._meta.verbose_name.replace(' ', '_')
+    obj = request.getfixturevalue(fixture_name)
+    role_ct = 0
+    for field in obj._meta.get_fields():
+        if isinstance(field, ImplicitRoleField):
+            if field.name == 'read_role':
+                continue  # intentionally left as "Compat" roles
+            role_ct += 1
+            old_role = getattr(obj, field.name)
+            old_codenames = set(get_role_codenames(old_role))
+            rd = get_role_definition(old_role)
+            new_codenames = set(rd.permissions.values_list('codename', flat=True))
+            # all the old roles should map to a non-Compat role definition
+            if 'Compat' not in rd.name:
+                model_rds = RoleDefinition.objects.filter(content_type=ContentType.objects.get_for_model(obj))
+                rd_data = {}
+                for rd in model_rds:
+                    rd_data[rd.name] = list(rd.permissions.values_list('codename', flat=True))
+            assert (
+                'Compat' not in rd.name
+            ), f'Permissions for old vs new roles did not match.\nold {field.name}: {old_codenames}\nnew:\n{json.dumps(rd_data, indent=2)}'
+            assert new_codenames == set(old_codenames)
+
+    # In the old system these models did not have object-level roles, all others expect some model roles
+    if model._meta.model_name not in ('notificationtemplate', 'executionenvironment'):
+        assert role_ct > 0
+
+
 @pytest.mark.django_db
 def test_role_naming(setup_managed_roles):
     qs = RoleDefinition.objects.filter(content_type=ContentType.objects.get(model='jobtemplate'), name__endswith='dmin')

awx/main/tests/functional/test_rbac_execution_environment.py

@@ -3,7 +3,7 @@ import pytest
 from django.contrib.contenttypes.models import ContentType
 
 from awx.main.access import ExecutionEnvironmentAccess
-from awx.main.models import ExecutionEnvironment, Organization
+from awx.main.models import ExecutionEnvironment, Organization, Team
 from awx.main.models.rbac import get_role_codenames
 
 from awx.api.versioning import reverse
@@ -77,6 +77,26 @@ def test_org_member_required_for_assignment(org_ee, ee_rd, rando, admin_user, po
     assert 'User must have view permission to Execution Environment organization' in str(r.data)
 
 
+@pytest.mark.django_db
+def test_team_view_permission_required(org_ee, ee_rd, rando, admin_user, post):
+    org2 = Organization.objects.create(name='a different team')
+    team = Team.objects.create(name='a team', organization=org2)
+    team.member_role.members.add(rando)
+    assert org_ee not in ExecutionEnvironmentAccess(rando).get_queryset()  # user can not view the EE
+    url = django_reverse('roleteamassignment-list')
+    r = post(url, {'role_definition': ee_rd.pk, 'team': team.id, 'object_id': org_ee.pk}, user=admin_user, expect=400)
+    assert 'Team must have view permission to Execution Environment organization' in str(r.data)
+
+    org_view_rd = RoleDefinition.objects.create_from_permissions(
+        name='organization viewer role', permissions=['view_organization'], content_type=ContentType.objects.get_for_model(Organization)
+    )
+    org_view_rd.give_permission(team, org_ee.organization)
+    assert org_ee in ExecutionEnvironmentAccess(rando).get_queryset()  # user can view the EE now
+    # can give object roles to the team now
+    post(url, {'role_definition': ee_rd.pk, 'team': team.id, 'object_id': org_ee.pk}, user=admin_user, expect=201)
+    assert rando.has_obj_perm(org_ee, 'change')
+
+
 @pytest.mark.django_db
 def test_give_object_permission_to_ee(org_ee, ee_rd, org_member, check_user_capabilities):
     access = ExecutionEnvironmentAccess(org_member)
@@ -85,11 +105,29 @@ def test_give_object_permission_to_ee(org_ee, ee_rd, org_member, check_user_capa
     check_user_capabilities(org_member, org_ee, {'edit': False, 'delete': False, 'copy': False})
 
     ee_rd.give_permission(org_member, org_ee)
-    assert access.can_change(org_ee, {'name': 'new'})
+    assert access.can_change(org_ee, {'name': 'new', 'organization': org_ee.organization.id})
 
     check_user_capabilities(org_member, org_ee, {'edit': True, 'delete': True, 'copy': False})
 
 
+@pytest.mark.django_db
+def test_need_related_organization_access(org_ee, ee_rd, org_member):
+    org2 = Organization.objects.create(name='another organization')
+    ee_rd.give_permission(org_member, org_ee)
+    org2.member_role.members.add(org_member)
+    access = ExecutionEnvironmentAccess(org_member)
+    assert access.can_change(org_ee, {'name': 'new', 'organization': org_ee.organization})
+    assert access.can_change(org_ee, {'name': 'new', 'organization': org_ee.organization.id})
+    assert not access.can_change(org_ee, {'name': 'new', 'organization': org2.id})
+    assert not access.can_change(org_ee, {'name': 'new', 'organization': org2})
+
+    # User can make the change if they have relevant permission to the new organization
+    org_ee.organization.execution_environment_admin_role.members.add(org_member)
+    org2.execution_environment_admin_role.members.add(org_member)
+    assert access.can_change(org_ee, {'name': 'new', 'organization': org2.id})
+    assert access.can_change(org_ee, {'name': 'new', 'organization': org2})
+
+
 @pytest.mark.django_db
 @pytest.mark.parametrize('style', ['new', 'old'])
 def test_give_org_permission_to_ee(org_ee, organization, org_member, check_user_capabilities, style, org_ee_rd):
@@ -103,5 +141,5 @@ def test_give_org_permission_to_ee(org_ee, organization, org_member, check_user_
     else:
         organization.execution_environment_admin_role.members.add(org_member)
 
-    assert access.can_change(org_ee, {'name': 'new'})
+    assert access.can_change(org_ee, {'name': 'new', 'organization': organization.id})
     check_user_capabilities(org_member, org_ee, {'edit': True, 'delete': True, 'copy': True})

awx/main/tests/functional/test_rbac_organization.py

@@ -48,3 +48,17 @@ def test_org_resource_role(ext_auth, organization, rando, org_admin):
         assert access.can_attach(organization, rando, 'member_role.members') == ext_auth
         organization.member_role.members.add(rando)
         assert access.can_unattach(organization, rando, 'member_role.members') == ext_auth
+
+
+@pytest.mark.django_db
+def test_delete_org_while_workflow_active(workflow_job_template):
+    '''
+    Delete org while workflow job is active (i.e. changing status)
+    '''
+    assert workflow_job_template.organization  # sanity check
+    wj = workflow_job_template.create_unified_job()  # status should be new
+    workflow_job_template.organization.delete()
+    wj.refresh_from_db()
+    assert wj.status != 'pending'  # sanity check
+    wj.status = 'pending'  # status needs to change in order to trigger workflow_job_template.save()
+    wj.save(update_fields=['status'])

awx/main/utils/pglock.py

@@ -17,13 +17,13 @@ def advisory_lock(*args, lock_session_timeout_milliseconds=0, **kwargs):
             with connection.cursor() as cur:
                 idle_in_transaction_session_timeout = cur.execute('SHOW idle_in_transaction_session_timeout').fetchone()[0]
                 idle_session_timeout = cur.execute('SHOW idle_session_timeout').fetchone()[0]
-                cur.execute(f"SET idle_in_transaction_session_timeout = {lock_session_timeout_milliseconds}")
-                cur.execute(f"SET idle_session_timeout = {lock_session_timeout_milliseconds}")
+                cur.execute(f"SET idle_in_transaction_session_timeout = '{lock_session_timeout_milliseconds}'")
+                cur.execute(f"SET idle_session_timeout = '{lock_session_timeout_milliseconds}'")
         with django_pglocks_advisory_lock(*args, **kwargs) as internal_lock:
             yield internal_lock
             if lock_session_timeout_milliseconds > 0:
                 with connection.cursor() as cur:
-                    cur.execute(f"SET idle_in_transaction_session_timeout = {idle_in_transaction_session_timeout}")
-                    cur.execute(f"SET idle_session_timeout = {idle_session_timeout}")
+                    cur.execute(f"SET idle_in_transaction_session_timeout = '{idle_in_transaction_session_timeout}'")
+                    cur.execute(f"SET idle_session_timeout = '{idle_session_timeout}'")
     else:
         yield True

awx/templates/rest_framework/api.html

@@ -64,7 +64,7 @@
       <div class="col-sm-6">
       </div>
       <div class="col-sm-6 footer-copyright">
-        Copyright &copy; 2021 <a href="http://www.redhat.com" target="_blank">Red Hat</a>, Inc. All Rights Reserved.
+        Copyright &copy; 2024 <a href="http://www.redhat.com" target="_blank">Red Hat</a>, Inc. All Rights Reserved.
       </div>
     </div>
   </div>

awx/ui/src/screens/ActivityStream/ActivityStream.js

@@ -59,7 +59,7 @@ function ActivityStream() {
     {
       page: 1,
       page_size: 20,
-      order_by: '-timestamp',
+      order_by: '-id',
     },
     ['id', 'page', 'page_size']
   );

awx_collection/README.md

@@ -32,7 +32,7 @@ Installing the `tar.gz` involves no special instructions.
 ## Running
 
 Non-deprecated modules in this collection have no Python requirements, but
-may require the official [AWX CLI](https://pypi.org/project/awxkit/)
+may require the official [AWX CLI](https://docs.ansible.com/ansible-tower/latest/html/towercli/index.html)
 in the future. The `DOCUMENTATION` for each module will report this.
 
 You can specify authentication by a combination of either:
@@ -41,7 +41,8 @@ You can specify authentication by a combination of either:
  - host, OAuth2 token
 
 The OAuth2 token is the preferred method. You can obtain a token via the
-``login`` command with the AWX CLI.
+AWX CLI [login](https://docs.ansible.com/ansible-tower/latest/html/towercli/reference.html#awx-login)
+command.
 
 These can be specified via (from highest to lowest precedence):
 

awx_collection/plugins/lookup/controller_api.py

@@ -12,7 +12,7 @@ requirements:
   - None
 description:
   - Returns GET requests from the Automation Platform Controller API. See
-    U(https://docs.ansible.com/automation-controller/latest/html/towerapi/) for API usage.
+    U(https://docs.ansible.com/ansible-tower/latest/html/towerapi/index.html) for API usage.
   - For use that is cross-compatible between the awx.awx and ansible.controller collection
     see the controller_meta module
 options:

awx_collection/plugins/modules/job_template.py

@@ -16,9 +16,9 @@ DOCUMENTATION = '''
 ---
 module: job_template
 author: "Wayne Witzel III (@wwitzel3)"
-short_description: create, update, or destroy job templates.
+short_description: create, update, or destroy Automation Platform Controller job templates.
 description:
-    - Create, update, or destroy job templates. See
+    - Create, update, or destroy Automation Platform Controller job templates. See
       U(https://www.ansible.com/tower) for an overview.
 options:
     name:
@@ -320,8 +320,8 @@ extends_documentation_fragment: awx.awx.auth
 
 notes:
   - JSON for survey_spec can be found in the API Documentation. See
-    U(https://docs.ansible.com/automation-controller/latest/html/towerapi)
-    for job template survey creation and POST operation payload example.
+    U(https://docs.ansible.com/ansible-tower/latest/html/towerapi/api_ref.html#/Job_Templates/Job_Templates_job_templates_survey_spec_create)
+    for POST operation payload example.
 '''
 
 

awx_collection/tools/roles/template_galaxy/templates/README.md.j2

@@ -37,7 +37,7 @@ This collection should be installed from [Content Hub](https://cloud.redhat.com/
 ## Running
 
 Non-deprecated modules in this collection have no Python requirements, but
-may require the AWX CLI
+may require the official [AWX CLI](https://docs.ansible.com/ansible-tower/latest/html/towercli/index.html)
 in the future. The `DOCUMENTATION` for each module will report this.
 
 You can specify authentication by a combination of either:
@@ -46,7 +46,8 @@ You can specify authentication by a combination of either:
  - host, OAuth2 token
 
 The OAuth2 token is the preferred method. You can obtain a token via the
-``login`` command with the AWX CLI.
+AWX CLI [login](https://docs.ansible.com/ansible-tower/latest/html/towercli/reference.html#awx-login)
+command.
 
 These can be specified via (from highest to lowest precedence):
 

docs/auth/ldap.md

@@ -4,7 +4,7 @@ The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, ind
 
 # Configure LDAP Authentication
 
-Please see the [AWX documentation](https://ansible.readthedocs.io/projects/awx/en/latest/administration/ldap_auth.html) for basic LDAP configuration.
+Please see the [Tower documentation](https://docs.ansible.com/ansible-tower/latest/html/administration/ldap_auth.html) as well as [Ansible blog post](https://www.ansible.com/blog/getting-started-ldap-authentication-in-ansible-tower) for basic LDAP configuration.
 
 LDAP Authentication provides duplicate sets of configuration fields for authentication with up to six different LDAP servers.
 The default set of configuration fields take the form `AUTH_LDAP_<field name>`. Configuration fields for additional LDAP servers are numbered `AUTH_LDAP_<n>_<field name>`.

docs/auth/saml.md

@@ -3,7 +3,7 @@ Security Assertion Markup Language, or SAML, is an open standard for exchanging
 
 
 # Configure SAML Authentication
-Please see the [AWX documentation](https://ansible.readthedocs.io/projects/awx/en/latest/administration/ent_auth.html#saml-settings) for basic SAML configuration. Note that AWX's SAML implementation relies on `python-social-auth` which uses `python-saml`. AWX exposes three fields which are directly passed to the lower libraries:
+Please see the [Tower documentation](https://docs.ansible.com/ansible-tower/latest/html/administration/ent_auth.html#saml-authentication-settings) as well as the [Ansible blog post](https://www.ansible.com/blog/using-saml-with-red-hat-ansible-tower) for basic SAML configuration. Note that AWX's SAML implementation relies on `python-social-auth` which uses `python-saml`. AWX exposes three fields which are directly passed to the lower libraries:
 * `SOCIAL_AUTH_SAML_SP_EXTRA` is passed to the `python-saml` library configuration's `sp` setting.  
 * `SOCIAL_AUTH_SAML_SECURITY_CONFIG` is passed to the `python-saml` library configuration's `security` setting.
 * `SOCIAL_AUTH_SAML_EXTRA_DATA`

docs/docsite/conf.py

@@ -71,8 +71,8 @@ rst_epilog = """
 .. |aap| replace:: Ansible Automation Platform
 .. |ab| replace:: ansible-builder
 .. |ap| replace:: Automation Platform
-.. |at| replace:: AWX
-.. |At| replace:: AWX
+.. |at| replace:: automation controller
+.. |At| replace:: Automation controller
 .. |ah| replace:: Automation Hub
 .. |EE| replace:: Execution Environment
 .. |EEs| replace:: Execution Environments

docs/docsite/rst/administration/index.rst

@@ -13,7 +13,10 @@ Likewise content in this guide can be removed or replaced if it applies to funct
 
 **Join us online**
 
-Need help or want to discuss AWX including the documentation? See the :ref:`Communication guide<communication>` to learn how to join the conversation!
+We talk about AWX documentation on Matrix at `#docs:ansible.im <https://matrix.to/#/#docs:ansible.im>`_ and on libera IRC at ``#ansible-docs`` if you ever want to join us and chat about the docs!
+
+You can also find lots of AWX discussion and get answers to questions at `forum.ansible.com <https://forum.ansible.com/>`_.
+
 
 .. toctree::
   :maxdepth: 2

docs/docsite/rst/contributor/communication.rst

@@ -1,39 +0,0 @@
-.. _communication:
-
-Communication
-=============
-
-We welcome your feedback, questions and ideas. Here's how to reach the community.
-
-.. _code_of_conduct:
-
-Code of Conduct
----------------
-
-All communication and interactions in the Ansible Community are governed by our :ref:`code_of_conduct`. Please read and abide by it!
-Reach out to our community team at `codeofconduct@ansible.com <mailto:codeofconduct@ansible.com>`_ if you have any questions or need assistance.
-
-.. _forum:
-
-Forum
------
-
-Join the `Ansible Forum <https://forum.ansible.com>`_ as a single starting point and our default communication platform for questions and help, development discussions, events, and much more. `Register <https://forum.ansible.com/signup?>`_ to join the community. Search by categories and tags to find interesting topics or start a new one; subscribe only to topics you need!
-
-* `Get Help <https://forum.ansible.com/c/help/6>`_: get help or help others. Please add appropriate tags if you start new discussions, for example `awx`, `ee`, and  `documentation`.
-* `Posts tagged with 'awx' <https://forum.ansible.com/tag/awx>`_: subscribe to participate in project/technology-related conversations. There are other related tags in the forum you can use.
-* `Bullhorn newsletter <https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn>`_: used to announce releases and important changes.
-* `Social Spaces <https://forum.ansible.com/c/chat/4>`_: gather and interact with fellow enthusiasts.
-* `News & Announcements <https://forum.ansible.com/c/news/5>`_: track project-wide announcements including social events.
-
-For more information on the forum navigation, see `Navigating the Ansible forum <https://forum.ansible.com/t/navigating-the-ansible-forum-tags-categories-and-concepts/39>`_ post.
-
-Matrix
-------
-
-For real-time interactions, conversations in the AWX community happen over the Matrix protocol in the following channels:
-
-* `#awx:ansible.com <https://matrix.to/#/#awx:ansible.com>`_: AWX project-related discussions.
-* `#docs:ansible.im <https://matrix.to/#/#docs:ansible.im>`_: Ansible and AWX documentation-related discussions.
-
-For more information, see the community-hosted `Matrix FAQ <https://hackmd.io/@ansible-community/community-matrix-faq>`_.

docs/docsite/rst/contributor/index.rst

@@ -10,14 +10,13 @@ There are so many ways you can contribute to AWX.
 
 **Join us online**
 
-Need help or want to discuss AWX including the documentation? See the :ref:`Communication guide<communication>` to learn how to join the conversation!
+You can chat with us and ask questions on Matrix at `#awx:ansible.com <https://matrix.to/#/#awx:ansible.com>`_ or visit the `Ansible Community Forum <https://forum.ansible.com/c/project/7/>`_ to find contributor resources.
 
 .. toctree::
    :maxdepth: 2
    :numbered:
 
    intro
-   communication
    setting_up
    work_items
    report_issues

docs/docsite/rst/contributor/intro.rst

@@ -4,4 +4,6 @@ Introduction
 
 Hi there! We're excited to have you as a contributor.
 
-Get started with joining the community! See the :ref:`Communication guide<communication>` to learn how.
+Have questions about this document or anything not covered here? Come chat with us and ask questions on Matrix at `#awx:ansible.com <https://matrix.to/#/#awx:ansible.com>`_.
+
+Also visit the `Ansible Community Forum <https://forum.ansible.com/c/project/7/>`_ to find contributor resources where you can also submit your questions or concerns.

docs/docsite/rst/contributor/report_issues.rst

@@ -9,13 +9,14 @@ as possible. Version information, and an accurate reproducing scenario are criti
 
 Be sure to attach the ``component:docs`` label to your issue. These labels are determined by the template data. Please use the template and fill it out as accurately as possible.
 
-Please don't use the issue tracker as a way to ask how to do something. Instead, discuss it on on the Ansible Forum, or you can chat with us and ask questions on Matrix. See the :ref:`Communication guide<communication>` for details.
+Please don't use the issue tracker as a way to ask how to do something. Instead, discuss it on on the `Ansible Community Forum <https://forum.ansible.com/c/project/7/>`_, or you can chat with us and ask questions on Matrix at `#awx:ansible.com <https://matrix.to/#/#awx:ansible.com>`_.
 
 Before opening a new issue, please use the issue search feature to see if what you're experiencing has already been reported. If you have any extra detail to provide, please comment. Otherwise, rather than posting a "me too" comment, please consider giving it a `"thumbs up" <https://github.com/blog/2119-add-reactions-to-pull-requests-issues-and-comment>`_ to give us an indication of the severity of the problem.
 
 See `How issues are resolved <https://github.com/ansible/awx/blob/devel/ISSUES.md#how-issues-are-resolved>`_ for more information about the triaging and resolution process.
 
+
 Getting help
 -------------
 
-See the :ref:`Communication guide<communication>` to learn how to get help.
+If you require additional assistance, join the discussions on the `Ansible Community Forum <https://forum.ansible.com/c/project/7/>`_. Specify with tags ``#documentation`` and ``#awx`` to narrow down the area(s) of interest. For more information on tags, see `Navigating the Ansible forum — Tags, Categories, and Concepts <https://forum.ansible.com/t/navigating-the-ansible-forum-tags-categories-and-concepts/39>`_. You may also reach out to us and ask questions on Matrix at `#awx:ansible.com <https://matrix.to/#/#awx:ansible.com>`_.

docs/docsite/rst/contributor/work_items.rst

@@ -18,18 +18,19 @@ Fixing and updating the documentation are always appreciated, so reviewing the b
 Things to know prior to submitting revisions
 ----------------------------------------------
 
-- Please follow the `Ansible code of conduct <http://docs.ansible.com/ansible/latest/community/code_of_conduct.html>`_ in all your interactions with the community.
 - All doc revisions or additions are done through pull requests against the ``devel`` branch.
 - You must use ``git commit --signoff`` for any commit to be merged, and agree that usage of ``--signoff`` constitutes agreement with the terms of `DCO 1.1 <https://github.com/ansible/awx/blob/devel/DCO_1_1.md>`_.
 - Take care to make sure no merge commits are in the submission, and use ``git rebase`` vs ``git merge`` for this reason.
   - If collaborating with someone else on the same branch, consider using ``--force-with-lease`` instead of ``--force``. This will prevent you from accidentally overwriting commits pushed by someone else. For more information, see `git push docs <https://git-scm.com/docs/git-push#git-push---force-with-leaseltrefnamegt>`_.
-- If submitting a large doc change, it's a good idea to join the :ref:`Ansible Forum<forum>`, and talk about what you would like to do or add first. Use the ``#documentation`` and ``#awx`` tags to help notify relevant people of the topic. This not only helps everyone know what's going on, it also helps save time and effort, if the community decides some changes are needed.
+- If submitting a large doc change, it's a good idea to join the `Ansible Community Forum <https://forum.ansible.com/c/project/7/>`_, and talk about what you would like to do or add first. Use the ``#documentation`` and ``#awx`` tags to help notify relevant people of the topic. This not only helps everyone know what's going on, it also helps save time and effort, if the community decides some changes are needed. For more information on tags, see `Navigating the Ansible forum — Tags, Categories, and Concepts <https://forum.ansible.com/t/navigating-the-ansible-forum-tags-categories-and-concepts/39>`_.
+- We ask all of our community members and contributors to adhere to the `Ansible code of conduct <http://docs.ansible.com/ansible/latest/community/code_of_conduct.html>`_. If you have questions, or need assistance, please reach out to our community team at `codeofconduct@ansible.com <mailto:codeofconduct@ansible.com>`_.
+
 
 .. Note::
 
 	- Issue assignment will only be done for maintainers of the project. If you decide to work on an issue, please feel free to add a comment in the issue to let others know that you are working on it; but know that we will accept the first pull request from whomever is able to fix an issue. Once your PR is accepted we can add you as an assignee to an issue upon request. 
 
-	- If you work in a part of the docs that is going through active development, your changes may be rejected, or you may be asked to `rebase`. A good idea before starting work is to have a :ref:`discussion with the community<communication>`.
+	- If you work in a part of the docs that is going through active development, your changes may be rejected, or you may be asked to `rebase`. A good idea before starting work is to have a discussion with us and ask questions on Matrix at `#awx:ansible.com <https://matrix.to/#/#awx:ansible.com>`_ or discuss your ideas on the `Ansible Community Forum <https://forum.ansible.com/c/project/7/>`_.
 
 	- If you find an issue with the functions of the UI or API, please see the `Reporting Issues <https://github.com/ansible/awx/blob/devel/CONTRIBUTING.md#reporting-issues>`_ section to open an issue. 
 
@@ -39,4 +40,6 @@ Things to know prior to submitting revisions
 Translations
 -------------
 
-At this time we do not accept PRs for language translations.
+At this time we do not accept PRs for adding additional language translations as we have an automated process for generating our translations. This is because translations require constant care as new strings are added and changed in the code base. Because of this the .po files are overwritten during every translation release cycle. We also can't support a lot of translations on AWX as its an open source project and each language adds time and cost to maintain. If you would like to see AWX translated into a new language please create an issue and ask others you know to upvote the issue. Our translation team will review the needs of the community and see what they can do around supporting additional language.
+
+If you find an issue with an existing translation, please see the `Reporting Issues <https://github.com/ansible/awx/blob/devel/CONTRIBUTING.md#reporting-issues>`_ section to open an issue and our translation team will work with you on a resolution. 

docs/docsite/rst/quickstart/create_organization.rst

@@ -9,7 +9,7 @@ An organization is a logical collection of users, teams, projects, and inventori
 From the left navigation bar, click **Organizations**. 
 
 .. note::
-    AWX creates a default organization automatically.
+    AWX creates a default organization automatically. Users of Tower with a Self-support level license only have the 
 
 |Organizations - default view|
 

docs/docsite/rst/quickstart/create_project.rst

@@ -11,7 +11,7 @@ You can manage playbooks and playbook directories by either placing them manuall
 
 .. note::
 
-  It is recommended that, whenever possible, you use source control to manage your playbooks. This type of best practice provides the ability to treat your infrastructure as code and is in line with DevOps ideals. While this Quick Start Guide uses lightweight examples to get you up and running, we suggest using source control to manage your actual playbooks.
+  It is recommended that, whenever possible, you use source control to manage your playbooks. This type of best practice provides the ability to treat your infrastructure as code and is in line with DevOps ideals. While this Quick Start Guide uses lightweight examples to get you up and running, we suggest using source control to manage playbook for production purposes.
 
 To review existing projects, click **Projects** from the left navigation bar. 
 

docs/docsite/rst/quickstart/examine_dashboard.rst

@@ -15,7 +15,7 @@ Examine the AWX Dashboard
    pair: settings menu; help about
 
 
-The Dashboard offers a friendly graphical framework for your Ansible needs. Along the left side of the Dashboard is the navigation menu, where you can quickly display different views, navigate to your resources, grant access, and administer certain AWX features in the UI. 
+The Dashboard offers a friendly graphical framework for your IT orchestration needs. Along the left side of the Dashboard is the navigation menu, where you can quickly display different views, navigate to your resources, grant access, and administer certain AWX features in the UI. 
 
 .. note::
 
@@ -40,7 +40,7 @@ On the main Dashboard view, a summary appears listing your current **Job Status*
 
 The very last item in the navigation bar is **Settings**, which provides access to the AWX configuration Settings. 
 
-The Settings page allows administrators to configure authentication, jobs, system-level attributes, and customize the user interface. Refer to :ref:`ag_configure_awx` section for more detail.
+The Settings page allows administrators to configure authentication, jobs, system-level attributes, customize the user interface, and product license information. Refer to :ref:`ag_configure_awx` section for more detail.
 
 .. image:: ../common/images/ug-settings-menu-screen.png
 
@@ -50,4 +50,4 @@ Regardless of the window or action you're performing, the very top of each page
 .. |about| image:: ../common/images/help-about-icon.png
 
 .. note::
-	Keep in mind that the goal of this Quick Start is to launch a simple playbook. To do this, a number of configuration options must be setup. Completing the quick start configuration tasks now ensures that AWX is configured properly and allows for easier executions of more involved playbooks later on. 
+	Keep in mind that the goal of this Quick Start is to launch a simple playbook. To do this, a number of configuration options must be setup. Completing the quick start configuration tasks now ensures that tAWX is configured properly and allows for easier executions of more involved playbooks later on. 

docs/docsite/rst/quickstart/index.rst

@@ -12,7 +12,9 @@ Likewise content in this guide can be removed or replaced if it applies to funct
 
 **Join us online**
 
-Need help or want to discuss AWX including the documentation? See the :ref:`Communication guide<communication>` to learn how to join the conversation!
+We talk about AWX documentation on Matrix at `#docs:ansible.im <https://matrix.to/#/#docs:ansible.im>`_ and on libera IRC at ``#ansible-docs`` if you ever want to join us and chat about the docs!
+
+You can also find lots of AWX discussion and get answers to questions at `forum.ansible.com <https://forum.ansible.com/>`_.
 
 .. toctree::
    :maxdepth: 2

docs/docsite/rst/release_notes/index.rst

@@ -12,7 +12,9 @@ Likewise content in this guide can be removed or replaced if it applies to funct
 
 **Join us online**
 
-Need help or want to discuss AWX including the documentation? See the :ref:`Communication guide<communication>` to learn how to join the conversation!
+We talk about AWX documentation on Matrix at `#docs:ansible.im <https://matrix.to/#/#docs:ansible.im>`_ if you ever want to join us and chat about the docs!
+
+You can also find lots of AWX discussion and get answers to questions on the `Ansible Community Forum <https://forum.ansible.com/c/project/7/>`_.
 
 .. toctree::
    :maxdepth: 2

docs/docsite/rst/rest_api/filtering.rst

@@ -94,7 +94,7 @@ Field lookups may also be used for more advanced queries, by appending the looku
 
 The following field lookups are supported:
 
-- ``exact``: Exact match (default lookup if not specified).
+- ``exact``: Exact match (default lookup if not specified, refer to the following note for more information).
 - ``iexact``: Case-insensitive version of exact.
 - ``contains``: Field contains value.
 - ``icontains``: Case-insensitive version of contains.
@@ -122,3 +122,18 @@ Filtering based on the requesting user's level of access by query string paramet
 
 - ``role_level``: Level of role to filter on, such as ``admin_role``
 
+
+.. note::
+
+    Previous releases of AWX returned queries with **__exact** results by default, but you may find that the latest versions are returning a larger subset instead. As a workaround, set the ``limit`` to ``?limit__exact`` for the default filter. For example, ``/api/v2/jobs/?limit__exact=example.domain.com`` results in:
+
+    ::
+
+        {
+            "count": 1,
+            "next": null,
+            "previous": null,
+            "results": [
+        ... 
+
+.. this note is generically written for AWX. For downstream, the change started in AAP 2.0 so we can be more specific if necessary.

docs/docsite/rst/rest_api/index.rst

@@ -12,7 +12,9 @@ Likewise content in this guide can be removed or replaced if it applies to funct
 
 **Join us online**
 
-Need help or want to discuss AWX including the documentation? See the :ref:`Communication guide<communication>` to learn how to join the conversation!
+We talk about AWX documentation on Matrix at `#docs:ansible.im <https://matrix.to/#/#docs:ansible.im>`_ and on libera IRC at ``#ansible-docs`` if you ever want to join us and chat about the docs!
+
+You can also find lots of AWX discussion and get answers to questions at `forum.ansible.com <https://forum.ansible.com/>`_.
 
 .. toctree::
    :maxdepth: 2

docs/docsite/rst/upgrade_migration/index.rst

@@ -12,7 +12,9 @@ Likewise content in this guide can be removed or replaced if it applies to funct
 
 **Join us online**
 
-Need help or want to discuss AWX including the documentation? See the :ref:`Communication guide<communication>` to learn how to join the conversation!
+We talk about AWX documentation on Matrix at `#docs:ansible.im <https://matrix.to/#/#docs:ansible.im>`_ and on libera IRC at ``#ansible-docs`` if you ever want to join us and chat about the docs!
+
+You can also find lots of AWX discussion and get answers to questions at `forum.ansible.com <https://forum.ansible.com/>`_.
 
 .. toctree::
    :maxdepth: 2

docs/docsite/rst/userguide/index.rst

@@ -13,7 +13,9 @@ Likewise content in this guide can be removed or replaced if it applies to funct
 
 **Join us online**
 
-Need help or want to discuss AWX including the documentation? See the :ref:`Communication guide<communication>` to learn how to join the conversation!
+We talk about AWX documentation on Matrix at `#docs:ansible.im <https://matrix.to/#/#docs:ansible.im>`_ and on libera IRC at ``#ansible-docs`` if you ever want to join us and chat about the docs!
+
+You can also find lots of AWX discussion and get answers to questions at `forum.ansible.com <https://forum.ansible.com/>`_.
 
 .. toctree::
    :maxdepth: 2

docs/docsite/rst/userguide/inventories.rst

@@ -170,13 +170,10 @@ To use ``ansible_facts`` to define the host filter when creating Smart Inventori
 1. In the *Create new smart inventory screen*, click the |search| button next to the **Smart host filter** field to open a pop-up window to filter hosts for this inventory.
 
 .. image:: ../common/images/inventories-smart-create-filter-highlighted.png
-   :alt: Create smart inventory window with Smart host filter highlighted
-
 
 2. In the search pop-up window, change the search criteria from **Name** to **Advanced** and select **ansible_facts** from the **Key** field.
 
 .. image:: ../common/images/inventories-smart-define-host-filter.png
-   :alt: Host filter with drop-down menu options
 
 
 If you wanted to add an ansible fact of
@@ -189,29 +186,24 @@ If you wanted to add an ansible fact of
 In the search field, enter ``ansible_processor[]="GenuineIntel"`` (no extra spaces or ``__`` before the value) and press **[Enter]**.
 
 .. image:: ../common/images/inventories-smart-define-host-filter-facts.png
-   :alt: Example of an advanced search for host filter Ansible facts
 
 The resulting search criteria for the specified ansible fact populates in the lower part of the window.
 
 .. image:: ../common/images/inventories-smart-define-host-filter-facts2.png
-   :alt: Selected search criteria for host filter Ansible facts listed below search field
 
 3. Click **Select** to add it to the **Smart host filter** field.
 
 .. image:: ../common/images/inventories-smart-create-filter-added.png
-   :alt: Specified search criteria for host filter Ansible facts shown in the Smart host filter field of the Create new smart inventory window
 
 4. Click **Save** to save the new Smart Inventory.
 
 The Details tab of the new Smart Inventory opens and displays the specified ansible facts in the **Smart host filter** field.
 
 .. image:: ../common/images/inventories-smart-create-details.png
-   :alt: Details tab of the new Smart Inventory displaying the specified Ansible facts in the Smart host filter field
 
 5. From the Details view, you can edit the **Smart host filter** field by clicking **Edit** and delete existing filter(s), clear all existing filters, or add new ones.
 
 .. image:: ../common/images/inventories-smart-define-host-filter-facts-group.png
-   :alt: Specified search criteria consisting of host filter Ansible facts and groups listed below search field
 
 
 .. _ug_inventories_constructed:
@@ -254,7 +246,6 @@ The hosts inside the input inventory will fit one condition, the other condition
 neither, or both. This results in four hosts total for demonstration purposes.
 
 .. image:: ../common/images/inventories-constructed-inventory-venn.png
-   :alt: Venn diagram describing the input inventory content for a constructed inventory
 
 
 This folder defines the inventory as an ini type named ``two_conditions.ini``:
@@ -468,7 +459,7 @@ Follow the procedure described in the subsequent section, :ref:`ug_inventories_a
 Example of a constructed inventory details view:
 
 .. image:: ../common/images/inventories-constructed-inventory-details.png
-   :alt: Constructed inventory details
+
 
 
 .. _ug_inventories_plugins:
@@ -526,7 +517,6 @@ The type of inventory is identified at the top of the create form.
 |Inventories_create_new - create new inventory|
 
 .. |Inventories_create_new - create new inventory| image:: ../common/images/inventories-create-new-inventory.png
-   :alt: Create new inventory form
 
 2. Enter the appropriate details into the following fields:
 
@@ -540,7 +530,6 @@ The type of inventory is identified at the top of the create form.
 - **Instance Groups**: Click the |search| button to open a separate window. Choose the instance group(s) for this inventory to run on. If the list is extensive, use the search to narrow the options. You may select multiple instance groups and sort them in the order you want them ran.
 
 .. image:: ../common/images/select-instance-groups-modal.png
-   :alt: Select instance groups dialog
 
 - **Labels**: Optionally supply labels that describe this inventory, so they can be used to group and filter inventories and jobs.
 
@@ -572,7 +561,6 @@ The type of inventory is identified at the top of the create form.
 |Inventories_create_new_saved - create new inventory|
 
 .. |Inventories_create_new_saved - create new inventory| image:: ../common/images/inventories-create-new-saved-inventory.png
-   :alt: Example Create new inventory form filled out
 
 3. Click **Save** when done.
 
@@ -616,7 +604,6 @@ To create a new group for an inventory:
 |Inventories_manage_group_add|
 
 .. |Inventories_manage_group_add| image:: ../common/images/inventories-add-group-new.png
-   :alt: Create new group form for inventories
 
 2. Enter the appropriate details into the required and optional fields:
 
@@ -649,16 +636,12 @@ The **Create Group** window closes and the newly created group displays as an en
 |Inventories add group subgroup|
 
 .. |Inventories add group subgroup| image:: ../common/images/inventories-add-group-subgroup-added.png
-   :alt: Related Groups tab of the Groups form for inventories
-
 
 If you chose to add an existing group, available groups will appear in a separate selection window.
 
 |Inventories add group existing subgroup|
 
 .. |Inventories add group existing subgroup| image:: ../common/images/inventories-add-group-existing-subgroup.png
-   :alt: Existing group appearing in a separate selection window
-
 
 Once a group is selected, it displays as an entry in the list of groups associated with the group.
 
@@ -674,7 +657,6 @@ The list view displays all your inventory groups at once, or you can filter it t
 You may be able to delete a subgroup without concern for dependencies, since AWX will look for dependencies such as any child groups or hosts. If any exists, a confirmation dialog displays for you to choose whether to delete the root group and all of its subgroups and hosts; or promote the subgroup(s) so they become the top-level inventory group(s), along with their host(s).
 
 .. image:: ../common/images/inventories-groups-delete-root-with-children.png
-   :alt: Delete group confirmation dialog box with a prompt to select whether to delete all groups and hosts or promote child groups and hosts
 
 .. _ug_inventories_add_host:
 
@@ -690,8 +672,6 @@ You can configure hosts for the inventory as well as for groups and groups withi
 3. If creating a new host, select the |toggle button| button to specify whether or not to include this host while running jobs.
 
 .. |toggle button| image:: ../common/images/on-off-toggle-button.png
-   :alt: Toggle button to include this host while running jobs
-
 
 4. Enter the appropriate details into the required and optional fields:
 
@@ -706,16 +686,12 @@ The **Create Host** window closes and the newly created host displays as an entr
 |Inventories add group host|
 
 .. |Inventories add group host| image:: ../common/images/inventories-add-group-host-added.png
-   :alt: Hosts tab of the Groups window showing available hosts
-
 
 If you chose to add an existing host, available hosts will appear in a separate selection window.
 
 |Inventories add existing host|
 
 .. |Inventories add existing host| image:: ../common/images/inventories-add-existing-host.png
-   :alt: Existing host appearing in a separate selection window
-
 
 Once a host is selected, it displays as an entry in the list of hosts associated with the group. You can disassociate a host from this screen by selecting the host and click the **Disassociate** button.
 
@@ -730,16 +706,12 @@ list of hosts.
 |Inventories add group host emphasized|
 
 .. |Inventories add group host emphasized| image:: ../common/images/inventories-add-group-host-added-emphasized.png
-   :alt: Inventories add host emphasized
-
 
 This opens the Details tab of the selected host.
 
 |Inventories add group host details|
 
 .. |Inventories add group host details| image:: ../common/images/inventories-add-group-host-details.png
-   :alt: Host details tab for the selected inventory
-
 
 7. Click the **Groups** tab to configure groups for the host.
 
@@ -748,7 +720,6 @@ This opens the Details tab of the selected host.
     Available groups appear in a separate selection window.
 
     .. image:: ../common/images/inventories-add-group-hosts-add-groups.png
-       :alt: Select Groups dialog showing two available groups
 
   b. Click to select the group(s) to associate with the host and click **Save**.
 
@@ -757,14 +728,13 @@ This opens the Details tab of the selected host.
 8. If a host was used to run a job, you can view details about those jobs in the **Completed Jobs** tab of the host and click **Expanded** to view details about each job.
 
 .. image:: ../common/images/inventories-add-host-view-completed-jobs.png
-   :alt: Jobs tab showing list of completed jobs associated with the selected host
 
 
 .. _ug_inventories_add_host_bulk_api:
 
 .. note::
 
-  You may create hosts in bulk using the newly added endpoint in the API, ``/api/v2/bulk/host_create``. This endpoint accepts JSON and you can specify the target inventory and a list of hosts to add to the inventory. These hosts must be unique within the inventory. Either all hosts are added, or an error is returned indicating why the operation was not able to complete. Use the **OPTIONS** request to return relevant schema. For more information, see the `Bulk endpoint <https://ansible.readthedocs.io/projects/awx/en/latest/rest_api/api_ref.html#/Bulk>`_ of the *Reference* section of the |atapi|.
+  You may create hosts in bulk using the newly added endpoint in the API, ``/api/v2/bulk/host_create``. This endpoint accepts JSON and you can specify the target inventory and a list of hosts to add to the inventory. These hosts must be unique within the inventory. Either all hosts are added, or an error is returned indicating why the operation was not able to complete. Use the **OPTIONS** request to return relevant schema. For more information, see the `Bulk endpoint <https://docs.ansible.com/automation-controller/latest/html/controllerapi/api_ref.html#/Bulk>`_ of the *Reference* section of the |atapi|.
 
 .. _ug_inventories_add_source:
 
@@ -782,7 +752,6 @@ This opens the Create Source window.
 |Inventories create source|
 
 .. |Inventories create source| image:: ../common/images/inventories-create-source.png
-   :alt: Create new source form for inventory source
 
 
 3. Enter the appropriate details into the required and optional fields:
@@ -849,7 +818,6 @@ This opens the Create Source window.
     The **Notifications** tab is only present after you save the newly-created source.
 
     .. image:: ../common/images/inventories-create-source-with-notifications-tab.png
-       :alt: Notification tab for the inventory source
 
 12.  To configure notifications for the source, click the **Notifications** tab.
 
@@ -865,7 +833,6 @@ Once a source is defined, it displays as an entry in the list of sources associa
 |Inventories view sources|
 
 .. |Inventories view sources| image:: ../common/images/inventories-view-sources.png
-   :alt: Sources tab of the inventory showing one inventory source
 
 
 .. _ug_inventory_sources:
@@ -895,14 +862,12 @@ An inventory that is sourced from a project means that is uses the SCM type from
     This field only displays if the sourced project has the **Allow Branch Override** option checked:
 
     .. image:: ../common/images/projects-create-scm-project-branch-override-checked.png
-       :alt: Inventory sourced from a project with SCM project branch override checked
 
   - **Credential**: Optionally specify the credential to use for this source.
   - **Project**: Required. Pre-populates with a default project, otherwise, specify the project this inventory is using as its source. Click the |search| button to choose from a list of projects. If the list is extensive, use the search to narrow the options.
   - **Inventory File**: Required. Select an inventory file associated with the sourced project. If not already populated, you can type it into the text field within the drop down menu to filter the extraneous file types. In addition to a flat file inventory, you can point to a directory or an inventory script.
 
     .. image:: ../common/images/inventories-create-source-sourced-from-project-filter.png
-       :alt: Inventory file field of the Sourced from a project inventory type
 
 3. You can optionally specify the verbosity, host filter, enabled variable/value, and update options as described in the main procedure for :ref:`adding a source <ug_add_inv_common_fields>`.
 
@@ -938,8 +903,6 @@ Amazon Web Services EC2
 |Inventories - create source - AWS EC2 example|
 
 .. |Inventories - create source - AWS EC2 example| image:: ../common/images/inventories-create-source-AWS-example.png
-   :alt: Inventories create source AWS example
-
 
 .. note::
 
@@ -960,7 +923,6 @@ Google Compute Engine
 |Inventories - create source - GCE example|
 
 .. |Inventories - create source - GCE example| image:: ../common/images/inventories-create-source-GCE-example.png
-   :alt: Inventories create source Google compute engine example
 
 3. You can optionally specify the verbosity, host filter, enabled variable/value, and update options as described in the main procedure for :ref:`adding a source <ug_add_inv_common_fields>`.
 
@@ -986,7 +948,7 @@ Microsoft Azure Resource Manager
 |Inventories - create source - Azure RM example|
 
 .. |Inventories - create source - Azure RM example| image:: ../common/images/inventories-create-source-azurerm-example.png
-   :alt: Inventories create source Azure example
+
 
 .. _ug_source_vmvcenter:
 
@@ -1011,7 +973,7 @@ VMware vCenter
 |Inventories - create source - VMware example|
 
 .. |Inventories - create source - VMWare example| image:: ../common/images/inventories-create-source-vmware-example.png
-   :alt: Inventories create source VMWare example
+
 
 .. _ug_source_satellite:
 
@@ -1033,7 +995,6 @@ Red Hat Satellite 6
 |Inventories - create source - RH Satellite example|
 
 .. |Inventories - create source - RH Satellite example| image:: ../common/images/inventories-create-source-rhsat6-example.png
-   :alt: Inventories create source Red Hat Satellite example
 
 If you encounter an issue with AWX inventory not having the "related groups" from Satellite, you might need to define these variables in the inventory source. See the inventory plugins template example for :ref:`ir_plugin_satellite` in the |atir| for detail.
 
@@ -1058,7 +1019,7 @@ Red Hat Insights
 |Inventories - create source - RH Insights example|
 
 .. |Inventories - create source - RH Insights example| image:: ../common/images/inventories-create-source-insights-example.png
-   :alt: Inventories create source Red Hat Insights example
+
 
 .. _ug_source_openstack:
 
@@ -1080,7 +1041,7 @@ OpenStack
 |Inventories - create source - OpenStack example|
 
 .. |Inventories - create source - OpenStack example| image:: ../common/images/inventories-create-source-openstack-example.png
-   :alt: Inventories create source OpenStack example
+
 
 .. _ug_source_rhv:
 
@@ -1101,8 +1062,6 @@ Red Hat Virtualization
 |Inventories - create source - RHV example|
 
 .. |Inventories - create source - RHV example| image:: ../common/images/inventories-create-source-rhv-example.png
-   :alt: Inventories create source Red Hat Virtualization example
-
 
 .. note::
 
@@ -1124,7 +1083,6 @@ Red Hat Ansible Automation Platform
 3. You can optionally specify the verbosity, host filter, enabled variable/value, and update options as described in the main procedure for :ref:`adding a source <ug_add_inv_common_fields>`.
 
   .. image:: ../common/images/inventories-create-source-rhaap-example.png
-   :alt: Inventories create source Red Hat Ansible Automation Platform example
 
 4. Use the **Source Variables** field to override variables used by the ``controller`` inventory plugin. Enter variables using either JSON or YAML syntax. Use the radio button to toggle between the two. 
 
@@ -1159,7 +1117,6 @@ This inventory source uses the `terraform_state <https://github.com/ansible-coll
 5. Enter an |ee| in the **Execution Environment** field that contains a Terraform binary. This is required for the inventory plugin to run the Terraform commands that read inventory data from the Terraform state file. Refer to the `Terraform EE readme <https://github.com/ansible-cloud/terraform_ee>`_ that contains an example |ee| configuration with a Terraform binary.
 
   .. image:: ../common/images/inventories-create-source-terraform-example.png
-   :alt: Inventories create source Terraform example
 
 6. To add hosts for AWS EC2, GCE, and Azure instances, the Terraform state file in the backend must contain state for resources already deployed to EC2, GCE, or Azure. Refer to each of the Terraform providers' respective documentation to provision instances.
 
@@ -1195,7 +1152,6 @@ This inventory source uses a cluster that is able to deploy OpenShift (OCP) virt
 
 
   .. image:: ../common/images/inventories-create-source-ocpvirt-example.png
-   :alt: Inventories create source OpenShift virtualization example
 
 5. Save the configuration and click the **Sync** button to sync the inventory.
 
@@ -1277,7 +1233,10 @@ If an inventory was used to run a job, you can view details about those jobs in
 |Inventories view completed jobs|
 
 .. |Inventories view completed jobs| image:: ../common/images/inventories-view-completed-jobs.png
-   :alt: Inventories view completed jobs
+
+
+
+
 
 .. _ug_inventories_run_ad_hoc:
 
@@ -1296,15 +1255,12 @@ To run an ad hoc command:
 |ad hoc-commands-inventory-home|
 
 .. |ad hoc-commands-inventory-home| image:: ../common/images/inventories-add-group-host-added.png
-   :alt: Ad hoc commands inventory home
-
 
 2. Click the **Run Command** button.
 
 The Run command window opens.
 
 .. image:: ../common/images/ad-hoc-run-execute-command.png
-   :alt: Ad hoc run execute command
 
 3. Enter the details for the following fields:
 
@@ -1334,13 +1290,10 @@ The Run command window opens.
 |ad hoc-commands-inventory-run-command|
 
 .. |ad hoc-commands-inventory-run-command| image:: ../common/images/ad-hoc-commands-inventory-run-command.png
-   :alt: Ad hoc commands inventory run command
-
 
 4. Click **Next** to choose the |ee| you want the ad-hoc command to be run against.
 
 .. image:: ../common/images/ad-hoc-commands-inventory-run-command-ee.png
-   :alt: Ad hoc run command dialog prompting for Execution Environments with two listed to choose from
 
 5. Click **Next** to choose the credential you want to use and click the **Launch** button.
 
@@ -1350,5 +1303,3 @@ The results display in the **Output** tab of the module's job window.
 |ad hoc-commands-inventory-results-example|
 
 .. |ad hoc-commands-inventory-results-example| image:: ../common/images/ad-hoc-commands-inventory-results-example.png
-   :alt: Ad hoc commands inventory results example
-

docs/docsite/rst/userguide/job_templates.rst

@@ -473,7 +473,7 @@ When slice jobs are running, job lists display the workflow and job slices, as w
 
 .. note::
 
-  You may launch jobs in bulk using the newly added endpoint in the API, ``/api/v2/bulk/job_launch``. This endpoint accepts JSON and you can specify a list of unified job templates (such as job templates, project updates, etc) to launch. The user must have the appropriate permission to launch all the jobs. Either all jobs are launched, or an error is returned indicating why the operation was not able to complete. Use the **OPTIONS** request to return relevant schema. For more information, see the `Bulk endpoint <https://ansible.readthedocs.io/projects/awx/en/latest/rest_api/api_ref.html#/Bulk>`_ of the *Reference* section of the |atapi|.
+  You may launch jobs in bulk using the newly added endpoint in the API, ``/api/v2/bulk/job_launch``. This endpoint accepts JSON and you can specify a list of unified job templates (such as job templates, project updates, etc) to launch. The user must have the appropriate permission to launch all the jobs. Either all jobs are launched, or an error is returned indicating why the operation was not able to complete. Use the **OPTIONS** request to return relevant schema. For more information, see the `Bulk endpoint <https://docs.ansible.com/automation-controller/latest/html/controllerapi/api_ref.html#/Bulk>`_ of the *Reference* section of the |atapi|.
 
 
 Copy a Job Template

docs/tasks.md

@@ -187,14 +187,14 @@ This task spawns an `ansible` process, which then runs a command using Ansible.
 - Build a command line argument list for running Ansible, optionally using `ssh-agent` for public/private key authentication.
 - Return whether the task should use process isolation.
 
-For more information on ad hoc commands, read the [Running Ad Hoc Commands section](https://ansible.readthedocs.io/projects/awx/en/latest/userguide/inventories.html#running-ad-hoc-commands) of the Inventories chapter of _Automating with AWX_ guide.
+For more information on ad hoc commands, read the [Running Ad Hoc Commands section](https://docs.ansible.com/ansible-tower/latest/html/userguide/inventories.html#running-ad-hoc-commands) of the Inventories page of the Ansible Tower User Guide.
 
 
 #### Run Job
 
 This task is a definition and set of parameters for running `ansible-playbook` via a Job Template. It defines metadata about a given playbook run, such as a named identifier, an associated inventory to run against, the project and `.yml` playbook file to run, etc.
 
-For more information, visit the [Jobs chapter](https://ansible.readthedocs.io/projects/awx/en/latest/userguide/jobs.html) of the _Automating with AWX_ guide.
+For more information, visit the [Jobs page](https://docs.ansible.com/ansible-tower/latest/html/userguide/jobs.html) of the Ansible Tower User Guide.
 
 
 #### Run Project Update
@@ -203,7 +203,7 @@ When a Project Update is run in AWX, an `ansible-playbook` command is composed a
 
 This task also includes a helper method to build SCM url and extra vars with parameters needed for authentication, as well as a method for returning search/replace strings to prevent output URLs from showing sensitive passwords.
 
-To read more about this topic, visit the [Projects chapter](https://ansible.readthedocs.io/projects/awx/en/latest/userguide/projects.html) of the _Automating with AWX_ guide.
+To read more about this topic, visit the [Projects page](https://docs.ansible.com/ansible-tower/latest/html/userguide/projects.html) of the Ansible Tower User Guide.
 
 
 #### Run Inventory Update
@@ -214,14 +214,14 @@ In older versions of AWX, the `INI` files were not exclusive for either specific
 
 Additionally, inventory imports are run through a management command. Inventory in `args` get passed to that command, which results in it not being considered to be an Ansible inventory by Runner even though it is.
 
-To read more about inventories, visit the [Inventories chapter](https://ansible.readthedocs.io/projects/awx/en/latest/userguide/inventories.html) of the _Automating with AWX_ guide. For more detail about Runner, visit the [Ansible Runner Integration Overview](https://github.com/ansible/awx/blob/devel/docs/ansible_runner_integration.md) AWX documentation page.
+To read more about inventories, visit the [Inventories page](https://docs.ansible.com/ansible-tower/latest/html/userguide/inventories.html) of the Ansible Tower User Guide. For more detail about Runner, visit the [Ansible Runner Integration Overview](https://github.com/ansible/awx/blob/devel/docs/ansible_runner_integration.md) AWX documentation page.
 
 
 #### System Jobs
 
 The main distinctive feature of a System Job (as compared to all other Unified Jobs) is that a system job runs management commands, which are given the highest priority for execution hierarchy purposes. They also implement a database lock while running, _i.e._, no other jobs can be run during that time on the same node. Additionally, they have a fixed fork impact of 5 vs 1.
 
-You can read more about [Ansible Tower Capacity Determination and Job Impact](https://ansible.readthedocs.io/projects/awx/en/latest/userguide/jobs.html#awx-capacity-determination-and-job-impact) in the Jobs chapter of the _Automating with AWX_ guide.
+You can read more about [Ansible Tower Capacity Determination and Job Impact](https://docs.ansible.com/ansible-tower/latest/html/userguide/jobs.html#at-capacity-determination-and-job-impact) in the Jobs section of the Ansible Tower User Guide.
 
 
 ### Periodic Background Tasks
@@ -247,7 +247,7 @@ The `smart_inventories` field in AWX uses a membership lookup table that identif
 
 An important thing to note is that this task is only run if the `AWX_REBUILD_SMART_MEMBERSHIP` is set to `True` (default is `False`).
 
-For more information, visit the [Smart Inventories section](https://ansible.readthedocs.io/projects/awx/en/latest/userguide/inventories.html#smart-inventories) of the Inventories chapter of the _Automating with AWX_ guide.
+For more information, visit the [Smart Inventories section](https://docs.ansible.com/ansible-tower/latest/html/userguide/inventories.html#smart-inventories) of the Tower User Guide's "Inventory" page or the AWX documentation page [Inventory Refresh Overview page](https://github.com/ansible/awx/blob/devel/docs/inventory_refresh.md#inventory-changes) in this repo.
 
 
 #### Deep Copy Model Object
@@ -277,7 +277,7 @@ This task allows the user to turn on a global profiler in their system, so that
 
 The analytics collection `gather()` and `ship()` functions are called by an `awx-manage gather_analytics --ship` command, which runs on whichever instance it is invoked on. When these functions are called by Celery beat (currently at midnight local time), it is run on one `execution_node` by the Python in the AWX virtualenv.
 
-For more details about analytics, please visit the [Analytics gathering](https://ansible.readthedocs.io/projects/awx/en/latest/administration/awx-manage.html#analytics-gathering) section of the _Administering AWX Deployments_ guide.
+For more details about analytics, please visit the [Usability Analytics and Data Collection](https://docs.ansible.com/ansible-tower/latest/html/administration/usability_data_collection.html) page.
 
 
 #### Run Administrative Checks
@@ -308,4 +308,4 @@ When a user creates a notification template in `/api/v2/notification_templates`,
 
 Notifications assigned at certain levels will inherit traits defined on parent objects in different ways.  For example, ad hoc commands will use notifications defined on the Organization that the inventory is associated with.
 
-For more details on notifications, visit the [Notifications chapter](hhttps://ansible.readthedocs.io/projects/awx/en/latest/userguide/notifications.html) of the _Automating with AWX_ guide.
+For more details on notifications, visit the [Notifications page](https://docs.ansible.com/ansible-tower/3.4.3/html/userguide/notifications.html) of the Tower user guide, or the AWX documentation on [Notification System Overview](https://github.com/ansible/awx/blob/devel/docs/notification_system.md) in this repository.

requirements/django-ansible-base-pinned-version.sh

@@ -0,0 +1,77 @@
+#!/bin/bash
+set +x
+
+# CONSTANTS
+export REGEX_LEFT='https://github.com/ansible/django-ansible-base@'
+export REGEX_RIGHT='#egg=django-ansible-base'
+
+# GLOBALS
+SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+REQ_FILE=$SCRIPT_DIR/requirements_git.txt
+
+# Pin Function
+DESIRED_VERSION=''
+Pin()
+{
+    export DESIRED_VERSION
+    perl -p -i -e 's/\Q$ENV{REGEX_LEFT}\E(.*?)\Q$ENV{REGEX_RIGHT}\E/$ENV{REGEX_LEFT}$ENV{DESIRED_VERSION}$ENV{REGEX_RIGHT}/g' $REQ_FILE
+}
+
+# Current Function
+Current()
+{
+    REQUIREMENTS_LINE=$(grep django-ansible-base $REQ_FILE)
+
+    echo "$REQUIREMENTS_LINE" | perl -nE 'say $1 if /\Q$ENV{REGEX_LEFT}\E(.*?)\Q$ENV{REGEX_RIGHT}\E/'
+}
+
+
+Help()
+{
+   # Display Help
+   echo ""
+   echo "Help:"
+   echo ""
+   echo "Interact with django-ansible-base in $REQ_FILE."
+   echo "By default, output the current django-ansible-base pinned version."
+   echo
+   echo "Syntax: scriptTemplate [-s|h|v]"
+   echo "options:"
+   echo "s     Set django-ansible-base version to pin to."
+   echo "h     Print this Help."
+   echo "v     Verbose mode."
+   echo
+}
+
+if [ $# -eq 0 ]; then
+    Current
+    exit
+fi
+
+
+while getopts ":hs:" option; do
+   case $option in
+      h) # display Help
+         Help
+         exit
+         ;;
+      s)
+         DESIRED_VERSION=$OPTARG;;
+      :)
+         echo "Option -${OPTARG} requires an argument."
+         Help
+         exit 1
+         ;;
+     \?) # Invalid option
+         echo "Error: Invalid option"
+         echo ""
+         Help
+         exit;;
+   esac
+done
+
+if [ -n "$DESIRED_VERSION" ]; then
+    Pin
+    Current
+fi
+

tools/ansible/roles/dockerfile/templates/Dockerfile.j2

@@ -5,7 +5,7 @@
 ###
 
 # Build container
-FROM quay.io/centos/centos:stream9 as builder
+FROM quay.io/centos/centos:stream9 AS builder
 
 ENV LANG en_US.UTF-8
 ENV LANGUAGE en_US:en

tools/scripts/post_webhook.py

@@ -37,7 +37,7 @@ def post_webhook(file, webhook_key, url, verbose, event_type, insecure):
 
     \b
     For setting up webhooks in AWX see:
-        https://ansible.readthedocs.io/projects/awx/en/latest/userguide/webhooks.html
+        https://docs.ansible.com/ansible-tower/latest/html/userguide/webhooks.html
 
     \b
     Example usage for GitHub: