1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-30 22:21:13 +03:00
Commit Graph

409 Commits

Author SHA1 Message Date
Ryan Petrello
eacf819caf
add a reasonable default Content Security Policy
ideally we'd improve this over time to remove the `unsafe-inline` lines,
but we can't due that today because Angular1 makes use of a lot of
inline <script> and <style> tag generation

see: https://github.com/ansible/awx/issues/2056
2019-06-26 10:46:26 -04:00
aubrel
e9ac44f561 Change docker_service to docker_compose.
Signed-off-by: aubrel <red_clover@riseup.net>
2019-06-25 15:58:52 -04:00
Marcelo Mello
52712a0d9a Introduces the ability to pass annotations to the Kubernetes Ingress Controllers 2019-06-20 16:40:08 -04:00
Marcelo Mello
7d77727a60 project_data_dir is not required in the awx_task containers 2019-06-19 21:35:49 -04:00
Marcelo Mello
47560fdf7c Fixes ca_trust_dir and project_data_dir for Kubernetes 2019-06-19 21:21:35 -04:00
softwarefactory-project-zuul[bot]
3fcf3b20c4
Merge pull request #4005 from shanemcd/sdist-builder-node
Update node in AWX installer sdist builder

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-06-05 11:48:30 +00:00
Anand kumar
3d7bd8579b
Multiple installation of same dependency
python-pip is being installed multiple times.
2019-06-05 12:38:52 +05:30
Shane McDonald
99704af302 Fix some ansible warnings 2019-06-04 20:37:03 -04:00
Shane McDonald
a13b733191 Update node in sdist builder image 2019-06-04 20:36:39 -04:00
Yanis Guenane
11630a8803 Installer: quote password where it applies
Prior to this change, password having shell interpretable character
would break the installer (e.g '&', '(', etc... )

This commits rely on the `quote` filter from ansible to ensure those
password are properly quoted where it applies

Fixes: https://github.com/ansible/awx/issues/3943
Signed-off-by: Yanis Guenane <yguenane@redhat.com>
2019-06-03 11:50:52 +02:00
Yanis Guenane
99296cf5f1 openshift: Ensure char in password are not interpreted
If password contains ';' (and potentially any shell interpretable chars)
it won't be interpreted properly as the openshift password.

Signed-off-by: Yanis Guenane <yguenane@redhat.com>
2019-05-31 03:00:13 +02:00
Jose OrPa
84b6866875
#3004 Add proxy support to postgresql, memcached and rabbitmq images 2019-05-30 10:04:17 -04:00
softwarefactory-project-zuul[bot]
9c90694f12
Merge pull request #3604 from athenahealth/complete-ssl-support
Update SSL support for docker-compose install

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-05-28 13:51:43 +00:00
itdependsnetworks
f085b828e4 Update the ports for memcache and rabbitmq to be variablized 2019-05-16 19:59:57 -04:00
Shane McDonald
0be8fe521a Refactor Dockerfiles
This commit does a few things:

- Add the `--squash` option to the `awx-devel-build` make target. This reduces the resulting image size from 2.12 GB to 1.37 GB. I think we can get this down even more by inspecting the image contents.
- Reorganize commands so that the cache expires less often. Before this commit, any changes to the Makefile would essentially cause the entire image to rebuild.
- Break yum dependencies up into multiple lines. This makes it easier to see what changes in a diff.
- Use `n` to install our required version of node (rather `curl node | bash`). I’ve found this to be easier to maintain / more portable when working with other Dockerfiles.
- General organizational changes to make things easier to parse visually.
2019-05-08 20:36:41 -04:00
Ryan Petrello
50f9c70afd
remove references to the (now defunct) fact receiver 2019-05-01 23:48:05 -04:00
Bill Nottingham
0d18d46ccc Sync docker-compose dockerfile with image build dockerfile.
It was installing an IUS repo, rabbitmq-server, and other unneeded things.
2019-04-18 16:50:38 -04:00
Shane McDonald
3bfb54d2fd Fix memcached configuration in local Docker installs
Related: https://github.com/ansible/awx/issues/3719
Signed-off-by: Shane McDonald <me@shanemcd.com>
2019-04-16 12:51:28 -04:00
Jeff Byrnes
98ec5c8250
Fix comment on awx branding inventory var
Fix a conflict with the “AWX Branding” in INSTALL.md, which
has the correct instructions.
2019-04-10 14:49:37 -04:00
Uriel Mandujano
4821a94944 Removes failing symlink to /usr/bin/python3 during the image build
Installing the latest python36-setuptools automatically creates the symlink from python3 -> python3.6 and from python36 -> /usr/bin/python3.6. Building the images fails when the symlink is created explicitly in the AWX installer.

Signed-off-by: Uriel Mandujano <uriel.mandujano14@gmail.com>
2019-04-06 11:13:41 -05:00
Uriel Mandujano
97e030dd1f Revert "Removes failing symlink to /usr/bin/python3 because that file already exists"
This reverts commit 13fadd3838.
2019-04-06 11:10:35 -05:00
Uriel Mandujano
13fadd3838 Removes failing symlink to /usr/bin/python3 because that file already exists 2019-04-05 16:53:20 -05:00
Jeff Byrnes
7b636a7566
Set up HTTPS w/ proper port & HTTP redirect
HTTPS is, by default, expected to be on port 443.

Also, with HSTS set, we need to be sure that users attempting to arrive
via HTTP are properly redirected to HTTPS.

This does so by:

* Setting up a 301 redirect for any URL to its HTTPS version
* Adjusting the internal port for HTTPS traffic to 8053
* Setting docker-compose to share port 443 → 8053
    - This is configurable via an inventory variable
2019-04-05 16:13:23 -04:00
Jeff Byrnes
28e3c63562
Add optional SSL cert to docker-compose install
In #3322, this mount was added, but only to the standalone
Docker install setup:

github.com/ansible/awx/pull/3322/files#diff-596e32ab54a52bfed763f8a639499fe0

This ensures that the SSL cert is loaded when using docker-compose,
which is the only Docker-based method available as of v4.0.0
2019-04-05 16:13:23 -04:00
Jeff Byrnes
cb806b1699
Set docker_compose_dir like other inventory vars
When docker-compose become the sole method for using
Docker directly, some of this was shifted around in ways that
are inconsistent with other elements.

This adjusts it so that:

* The inventory variable default is set like the others, and
is less confusing
* We no longer mention the Standalone Docker in inventory
* We format our INSTALL docs w/r/t this var
2019-04-03 11:52:10 -04:00
Shane McDonald
298eaa0b32 Move secret key from configmap to secret 2019-03-29 15:24:50 -04:00
Shane McDonald
fcf6b4ae45 Fix bug where init scripts didnt create the admin user correctly 2019-03-27 19:43:47 -04:00
Shane McDonald
c3ba851908 Fix docker-compose installs
In a series of unfortunate events, my patch yesterday didnt actually work. This fixes that.
2019-03-27 13:06:55 -04:00
Shane McDonald
c44bf6f903 Allow for platform specific variables in docker-compose install
This changes the default docker_compose_dir on macos to a writeable location
2019-03-27 09:32:04 -04:00
Shane McDonald
a6d031f46f Fix permissions of sensitive files in docker-compose installation 2019-03-27 09:31:10 -04:00
Shane McDonald
2b6cf97157 Do not set credentials via environment variables 2019-03-26 15:13:28 -04:00
Shane McDonald
07e5a00f14 Remove “standalone Docker” installation path
This has been a burden to maintain. docker-compose is now required
2019-03-26 15:13:28 -04:00
softwarefactory-project-zuul[bot]
3d9a47f0d9
Merge pull request #3424 from falencastro/devel
Makes daphne websocket_timeout infinite.

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-03-19 12:08:50 +00:00
Felipe Alencastro
7d384262e4 Makes daphne websocket_timeout infinite.
Daphne has a default timeout of 86400 seconds, so after 1 day of starting
awx_web container, the stdout stops refreshing automatically on the web UI.
This fixes this issue by making the timeout infinite, so the connection
between nginx and daphne's websocket never closes.
2019-03-14 17:17:09 -03:00
Bruno Thomsen
2e0edcbabd docker: yum: use https for postgresql rpm download.
Signed-off-by: Bruno Thomsen <bruno.thomsen@gmail.com>
2019-03-14 17:14:17 +01:00
Jake Jackson
9e528ea898
typo in inventory
simple typo fix `this` -> `these`
2019-03-12 11:48:41 -04:00
Markus Opahle
ed568f569c only use ssl if certificate is specified
Signed-off-by: Markus Opahle <3225748+mopahle@users.noreply.github.com>
2019-02-28 14:06:59 +01:00
walkafwalka
3a7bf6a8ac Add SSL suport for docker install
Signed-off-by: walkafwalka <41709139+walkafwalka@users.noreply.github.com>
2019-02-27 10:45:34 +01:00
softwarefactory-project-zuul[bot]
889dae357b
Merge pull request #3235 from ryanpetrello/sql-profiling
add a custom DB backend that provides system-level SQL profiling

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-02-15 21:56:28 +00:00
Klaas Demter
8f36e21c97
Avoid pg password ending up in syslog/shell output
Currently if an error occurs the pgpassword would be exposed to syslog / shell during playbook backup.yml
2019-02-15 16:15:33 +01:00
Ryan Petrello
eed94b641e
add a custom DB backend that provides system-level SQL profiling
run this command on _any_ node in an awx cluster:

$ awx-manage profile_sql --threshold=2.0 --minutes=1

...and for 1 minute, the timing for _every_ SQL query in _every_ awx
Python process that uses the Django ORM will be measured

queries that run longer than (in this example) 2 seconds will be
written to a per-process sqlite database in /var/lib/awx/profile, and
the file will contain an EXPLAIN VERBOSE for the query and the full
Python stack that led to that SQL query's execution (this includes not
just WSGI requests, but background processes like the runworker and
dispatcher)

$ awx-manage profile_sql --threshold=0

...can be used to disable profiling again (if you don't want to wait for
the minute to expire)
2019-02-14 15:04:46 -05:00
softwarefactory-project-zuul[bot]
a1cef744a7
Merge pull request #3230 from impca/patch-1
Update compose configuration

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-02-14 15:45:41 +00:00
impca
9add96a0d3
update docker compose installer
Only run commands to update certs when config changes.
2019-02-14 08:29:47 +01:00
impca
c29275315e
Update compose configuration
When running awx via docker-compose and using custom certificates (for LDAP auth or whatever else...), update-ca-trust has to be called afer starting the container to actually use new certificates (just as it is called when using docker to run - https://github.com/ansible/awx/blob/devel/installer/roles/local_docker/tasks/standalone.yml#L119-L120 ).
2019-02-13 15:39:52 +01:00
Mathieu Mallet
dce3795e0c update-ca-trust: Ensure CA trust is updated in awx_task container
Related #3010

Both awx_web and awx_task containers can have a volume mounted in
specified by the ca_trust_dir variable. Unfortunately only the
awx_web container's trust is updated. This patch makes sure the
awx_task container's trust is updated as well

Testing Done: ansible-playbook --syntax-check installer/install.yml

Signed-off-by: Mathieu Mallet <mmallet@digipok.io>
2019-02-06 16:51:14 +00:00
Marius Rieder
072919040b Omit DATABASE_SSLMODE if not set. 2019-01-22 17:24:44 +01:00
Marius Rieder
589531163a Add pg_sslmode option.
Allows to use PostgreSQL over SSL #709
2019-01-21 19:47:34 +01:00
Yanis Guenane
44c48d1d66 Nginx: Specify X-Frame-Options "DENY" header
Adding the X-Frame-Options "DENY"; header to avoid possible clickjacking
attack.

More info of the why available here:
https://www.owasp.org/index.php/Testing_for_Clickjacking_(OTG-CLIENT-009)

Signed-off-by: Yanis Guenane <yguenane@redhat.com>
2019-01-21 12:34:17 +01:00
softwarefactory-project-zuul[bot]
5f01c3f5a8
Merge pull request #2994 from coreywan/pod-limits
Add POD Limits

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-01-18 04:28:11 +00:00
softwarefactory-project-zuul[bot]
7b39198f26
Merge pull request #2995 from coreywan/postgres_helm
adds persistence.storageClass and limits to postgress helm install

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-01-18 04:24:18 +00:00
softwarefactory-project-zuul[bot]
57b8aa4892
Merge pull request #3002 from themr0c/pg_password_10_character_limit
pg_password should be random 10 character alphanumeric string, when p…

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-01-17 18:15:38 +00:00
softwarefactory-project-zuul[bot]
474876872e
Merge pull request #2999 from themr0c/issue-2991
related #2991 - Helm creation of postgreql on multiple namespaces

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-01-17 14:28:05 +00:00
Fabrice Flore-Thebault
b6c30e8ef5 it's a limitation of the official postgres helm chart
Signed-off-by: Fabrice Flore-Thebault <themr0c@users.noreply.github.com>
2019-01-17 12:56:17 +01:00
Fabrice Flore-Thebault
d938c96a76 pg_password should be random 10 character alphanumeric string, when postgresql is running on kubernetes
Signed-off-by: Fabrice Flore-Thebault <themr0c@users.noreply.github.com>
2019-01-17 12:56:06 +01:00
Corey Wanless
aebeeb170e adds pod limits
Signed-off-by: Corey Wanless <corey.wanless@wwt.com>
2019-01-16 09:23:18 -06:00
Fabrice Flore-Thebault
c434d38876 adding helm chart version for postgresql
Signed-off-by: Fabrice Flore-Thebault <themr0c@users.noreply.github.com>
2019-01-16 09:40:49 +01:00
Shane McDonald
04da4503db
Python 3 / Upstream Kubernetes 2019-01-15 14:09:05 -05:00
Ryan Petrello
96b9bd6ab6
make py3 packaging work for k8s 2019-01-15 14:09:05 -05:00
Fabrice Flore-Thebault
7b32262f75 revert pg_hostname
Signed-off-by: Fabrice Flore-Thebault <themr0c@users.noreply.github.com>
2019-01-15 14:59:17 +01:00
Fabrice Flore-Thebault
d69f6acf64 add helm repo update and fix helm upgrade
Signed-off-by: Fabrice Flore-Thebault <themr0c@users.noreply.github.com>
2019-01-15 14:48:26 +01:00
Fabrice Flore-Thebault
ef3aab1357 related #2991 - unify postgresql_service_name
Signed-off-by: Fabrice Flore-Thebault <themr0c@users.noreply.github.com>
2019-01-15 11:44:08 +01:00
Corey Wanless
0c074e0988 * adds persistence.storageClass and limits to postgress helm install
* adds new variables to the inventory

Signed-off-by: Corey Wanless <corey.wanless@wwt.com>
2019-01-14 11:28:21 -06:00
softwarefactory-project-zuul[bot]
32c705a62a
Merge pull request #2996 from coreywan/setup-postgress-activation-wait
adds wait time for postgres setup as a variable

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2019-01-14 17:22:54 +00:00
Fabrice Flore-Thebault
d43521bb77 fix #2991 - make Helm creation of postgreql succeed when installing multiple AWX on different namespaces on same kubernetes
Signed-off-by: Fabrice Flore-Thebault <themr0c@users.noreply.github.com>
2019-01-14 10:32:21 +01:00
Corey Wanless
b1710f9523 adds wait time for postgres setup as a variable 2019-01-11 22:23:43 -06:00
marcel
0b3e51458d Fix typo in ca_trust_dir
The correct path is used in docker-compose template:
- "{{ ca_trust_dir +':/etc/pki/ca-trust/source/anchors:ro' }}"
2019-01-07 19:29:34 +01:00
Ryan Petrello
4858868428
configure an HA policy for openshift/k8s installs 2018-12-14 14:08:30 -05:00
Hideki Saito
f16a72081a Fixed issue where admin_user and password change are not reflected
- No effect of changing admin_user and admin_password when using docker-compose #2666
2018-11-13 18:21:18 +09:00
Idan Bidani
a213e01491 updating default Postgresql version to 9.6 2018-11-10 18:27:22 -05:00
westfood
694e494484 Using new Helm parameters for PostgreSQL access. 2018-10-28 11:55:36 +01:00
softwarefactory-project-zuul[bot]
3e4738d948
Merge pull request #2430 from dmt/devel
Fix installer volume definitions

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-25 22:12:25 +00:00
softwarefactory-project-zuul[bot]
94083f55c7
Merge pull request #2510 from Intermax-Cloudsourcing/awx-web-dockerfile-tmp
Empties /tmp in awx_web Dockerfile

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-25 21:59:42 +00:00
Daniel Temme
6ecd18b2e2 make volume concatenation work
The second list gets interpreted as part of the else block, effectively
dropping it. Separating both list definitions with braces seems to work.

# Conflicts:
#	installer/roles/local_docker/tasks/standalone.yml
2018-10-25 17:54:10 -04:00
Daniel Temme
4e9c705997 Partial revert for "Bugfix for ca_trust_dir"
# Conflicts:
#	installer/roles/local_docker/tasks/standalone.yml

# Conflicts:
#	installer/roles/local_docker/tasks/standalone.yml
2018-10-25 17:53:12 -04:00
softwarefactory-project-zuul[bot]
1803a76a4d
Merge pull request #2485 from wwt/fix-tiller-namespace
Pass tiller namespace down to helm task

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-25 21:40:08 +00:00
softwarefactory-project-zuul[bot]
86ca1875f1
Merge pull request #2486 from wwt/remove-rabbit-cluster-name
Remove .cluster.local from service name for rabbitmq

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-25 21:37:54 +00:00
wilmardo
bf5c259d92 Empties /tmp in web Dockerfile 2018-10-25 17:12:26 -04:00
Igor Vuk
c133b35162 Update variable names for local Docker daemon installation
Signed-off-by: Igor Vuk <parcijala@gmail.com>
2018-10-25 12:47:25 -04:00
David Moreau Simard
1dd44df471
Let users disable create_preload_data if it isn't necessary
The demo things might not be desirable in a production environment.
2018-10-24 11:36:33 -04:00
James Evans
88819ada6b Remove .cluster.local from service name for rabbitmq
FQDNs are not required for service discovery, and having the FQDN in the
name prevents the discovery from working in clusters not named
cluster.local.
2018-10-18 14:00:05 -05:00
Yanis Guenane
b185c1e0a2
Merge branch 'devel' into devel 2018-10-18 18:00:16 +02:00
James Evans
4198227116 Pass tiller namespace down to helm task 2018-10-18 09:34:13 -05:00
Ilkka Tengvall
42a0192425
Merge branch 'devel' into ikke-t-selinux-fix 2018-10-17 21:44:48 +03:00
Numblesix
6d0fed6d9a
Added some Doc for ca_trust_dir 2018-10-17 11:32:26 -04:00
softwarefactory-project-zuul[bot]
0a964b2bf6
Merge pull request #2266 from ansible/celery-tastes-bad
replace the celery-based task queue with a kombu-based implementation

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-12 18:40:54 +00:00
Daniel Temme
921231fe3d fix indentation for register variable 2018-10-12 11:13:42 +02:00
softwarefactory-project-zuul[bot]
6721ea54e9
Merge pull request #1956 from droopy4096/devel
allow nginx config extension

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-11 22:38:36 +00:00
softwarefactory-project-zuul[bot]
99a42e91fe
Merge pull request #2235 from ChrisRo89/devel
Extracted more variables which a related to rabbitmq/postgresql from tasks to defaults

Reviewed-by: Shane McDonald <me@shanemcd.com>
             https://github.com/shanemcd
2018-10-11 21:54:38 +00:00
softwarefactory-project-zuul[bot]
9a580ba644
Merge pull request #2416 from fantashley/fix-openshift-auth
Fix openshift auth broken by undefined vars

Reviewed-by: Ashley Nelson <fantashley@gmail.com>
             https://github.com/fantashley
2018-10-11 21:51:20 +00:00
softwarefactory-project-zuul[bot]
74fcdabc22
Merge pull request #2156 from Decstasy/patch-1
Bugfix for ca_trust_dir

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-11 21:31:45 +00:00
Ashley Nelson
9bec7cf3b0 Fix openshift auth broken by undefined vars
Signed-off-by: Ashley Nelson <fantashley@gmail.com>
2018-10-11 16:25:55 -05:00
softwarefactory-project-zuul[bot]
f79debac42
Merge pull request #2164 from atgreen/devel
Fix token based openshift logins during installation - fixes #489

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-11 20:36:39 +00:00
softwarefactory-project-zuul[bot]
a9f3eeef05
Merge pull request #2131 from walkafwalka/docker_install_awx_hostnames
Add inventory vars to set docker install hostnames

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-11 20:29:32 +00:00
softwarefactory-project-zuul[bot]
6f55cde6d3
Merge pull request #2091 from stoned/force_boolean_eval
force boolean evaluation

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2018-10-11 20:17:48 +00:00
Ashley Nelson
2bf2412759 Add serviceName to Kubernetes StatefulSet spec
Signed-off-by: Ashley Nelson <fantashley@gmail.com>
2018-10-11 11:49:08 -05:00
Christian.Rohr
96ad2b2b28 Extracted more variables which a related to rabbitmq 2018-10-11 12:16:01 -04:00
Anthony Green
c39370dbd0 Fix token based openshift logins 2018-10-11 12:10:41 -04:00
Ryan Petrello
ff1e8cc356
replace celery task decorators with a kombu-based publisher
this commit implements the bulk of `awx-manage run_dispatcher`, a new
command that binds to RabbitMQ via kombu and balances messages across
a pool of workers that are similar to celeryd workers in spirit.
Specifically, this includes:

- a new decorator, `awx.main.dispatch.task`, which can be used to
  decorate functions or classes so that they can be designated as
  "Tasks"
- support for fanout/broadcast tasks (at this point in time, only
  `conf.Setting` memcached flushes use this functionality)
- support for job reaping
- support for success/failure hooks for job runs (i.e.,
  `handle_work_success` and `handle_work_error`)
- support for auto scaling worker pool that scale processes up and down
  on demand
- minimal support for RPC, such as status checks and pool recycle/reload
2018-10-11 10:53:30 -04:00
Shane McDonald
ee1d5e43b9 Fix fallout from https://github.com/ansible/awx/pull/2392
There were some upstream changes that I overwrote but shouldn’t have.
2018-10-10 11:41:34 -04:00
Yanis Guenane
5d22fc2bd7
Merge branch 'devel' into non-root-docker-tests 2018-10-10 09:44:01 +02:00
Ilkka Tengvall
b4919f9ebd
Merge branch 'devel' into ikke-t-selinux-fix 2018-10-10 08:23:46 +03:00
Shane McDonald
de60165a49 Fix broken defaults in awx installer 2018-10-09 19:15:32 -04:00
Shane McDonald
b9279ebd5e Port downstream installer changes 2018-10-09 14:39:39 -04:00
Shane McDonald
b75f8ceca6 Do not default to pulling latest from DockerHub 2018-10-03 17:50:07 -05:00
Shane McDonald
bfc74497b0 Fix error in image_build role
I think I derped up and commited something in an old stash.
2018-10-03 14:44:26 -05:00
Shane McDonald
3701567ad7 Revert "first-parent requires git >= 1.8.4"
This reverts commit 1af0ee2f8c.

# Conflicts:
#	installer/roles/image_build/templates/Dockerfile.j2
2018-09-28 15:48:33 -04:00
Shane McDonald
86140dec08 Revert "Fix sdist builder image"
This reverts commit 97472cb91b.

# Conflicts:
#	installer/roles/image_build/tasks/main.yml
2018-09-28 15:48:33 -04:00
Shane McDonald
50fe0392ed Updates to versioning system.
https://github.com/ansible/awx/issues?q=%22--first-parent%22
2018-09-28 15:48:33 -04:00
Dmytro Makovey
f8d2a32756 merge and resolve conflict 2018-09-18 11:35:35 -07:00
Shane McDonald
1b4c3f56fa
Merge pull request #2113 from kialam/upgrade-node-lts
Upgrade Node and NPM to LTS
2018-09-18 12:46:30 -04:00
Shane McDonald
89e656b2a4 Update Node version in sdist builder 2018-09-18 12:17:52 -04:00
Shane McDonald
2b9954c373 Pull in downstream k8s installer changes
- Secretification of secret stuff
- Backup / restore
2018-08-14 12:37:19 -04:00
Shane McDonald
2e6a7205e7 Fix broken conditional 2018-08-14 11:19:15 -04:00
Matthew Jones
14685901aa skip migrations If an environment variable is set
This is to help k8s/openshift migrations which will perform migrations
in a separate pod.
2018-08-14 11:00:51 -04:00
Matthew Jones
4dcd379d1e Add some env variables to the web deployment
This allows the start script to properly wait on services to come
online rather than getting stuck and waiting for the full timeout
2018-08-13 13:27:00 -04:00
Ryan Petrello
18f6f68540
Merge remote-tracking branch 'tower/release_3.3.0' into devel 2018-08-10 11:54:34 -04:00
Dennis U
a294a6f06e
Bugfix for ca_trust_dir
Changed syntax as ca_trust_dir was not correctly mounted in awx_web container and added command to update CA trust inside awx_web container after creation.
2018-08-09 14:07:29 +02:00
Ryan Petrello
2d4fbffb91
set the correct X-Forwarded-Port header to fix SAML auth
see: https://github.com/ansible/tower/issues/2314
2018-08-07 10:07:06 -04:00
walkafwalka
d2ab7bd54d Add inventory vars to set docker install hostnames
Signed-off-by: walkafwalka <41709139+walkafwalka@users.noreply.github.com>
2018-08-04 01:49:07 -07:00
Shane McDonald
be7a40daf3 Fix syntax in nginx config
Broke in 6f5259d017
2018-08-02 11:24:51 -04:00
Ryan Petrello
6f5259d017
remove the network UI 2018-07-30 11:03:53 -04:00
Ryan Petrello
7588e65786
change openshift edge termination policy to redirect (enforce https)
see: https://github.com/ansible/tower/issues/2591
related: https://docs.openshift.org/latest/architecture/networking/routes.html
2018-07-27 10:34:07 -04:00
Stoned Elipot
ada2d65547 force boolean evaluation 2018-07-25 19:10:31 +02:00
Shane McDonald
467a1fafcc
Merge pull request #1880 from luisico/compose-web-wait-for
AWX launchers should wait for other containers to be ready
2018-07-16 13:11:06 -04:00
Shane McDonald
ad33dff6af
Merge pull request #1949 from willthames/k8s_use_context
Use use-context to set Kubernetes context
2018-07-16 12:59:36 -04:00
Shane McDonald
9b941e8b05
Merge pull request #2040 from kivio/tiller-namespace-configuration
#2039 add tiller-namespace as argument
2018-07-16 10:10:23 -04:00
Marcin Karkocha
a19df9b3b3 #2039 add tiller-namespace as argument 2018-07-02 12:33:26 +00:00
Ilkka Tengvall
0443bd3099
fixes selinux permissions for awx data.
fixes issue #2036 and  #1896
2018-07-02 09:22:36 +03:00
V.Gouvalas
1239195289 FIX nginx use selected log formatting 2018-06-28 14:09:13 +03:00
Ryan Petrello
471ff69257
stop setting celery's hostname dynamically (it's passed via the cli) 2018-06-19 12:16:00 -04:00
Ryan Petrello
88e3c46810
add a background process to spot celery hangs and reload the worker pool
see: https://github.com/ansible/tower/issues/2085
2018-06-11 12:22:21 -04:00
Will Thames
b899096f99 Use use-context to set Kubernetes context
`kubectl config use-context` is the command to set the current context,
not `set-context`

Signed-off-by: Will Thames <will@thames.id.au>
2018-06-06 13:02:26 +10:00
Dmytro Makovey
adaa164a19 allow nginx config extension 2018-06-05 08:16:08 -07:00
Matthew Jones
72f2994cc5
Merge branch 'release_3.3.0' into devel 2018-05-17 16:07:47 -04:00
chris meyers
ceedc135b2 add variables to inventory mentioned in docs
* Also better error message when openshift cert failure
2018-05-15 14:44:43 -04:00
Luis Gracia
8e85a57c1a AWX launchers should wait for other containers to be ready 2018-05-15 11:45:54 -04:00
Wayne Witzel III
5d016c0dcb
Merge pull request #1705 from benthomasson/network_ui_openshift_fix
Adds websocket for network_ui to the installer version of nginx.conf
2018-05-10 09:41:11 -04:00
Ben Thomasson
33ef12002f Adds websocket for network_ui to the installer version of nginx.conf 2018-05-07 13:42:29 -04:00
AlanCoding
59744e421f
send our oddball loggers to external logger too 2018-05-02 15:33:58 -04:00
Shane McDonald
4fdf462b98 Merge branch 'release_3.3.0' into awx/devel
# Conflicts:
#	awx/ui/client/src/standard-out/standard-out-factories/main.js
#	awx/ui/package.json
2018-04-27 10:17:59 -04:00
Shane McDonald
5313e069ca
Merge pull request #1799 from shanemcd/devel
Fix Helm PostgreSQL deployment name
2018-04-25 11:22:39 -04:00
Shane McDonald
e5faf0798f Always pull memcached image 2018-04-25 11:17:37 -04:00
Shane McDonald
e623c3d7cd Don’t hardcode Helm PostgreSQL deployment name 2018-04-25 11:17:26 -04:00
Matthew Jones
d04bbde3c2
Merge pull request #1786 from shanemcd/devel
Fix image build role when not deploying to localhost
2018-04-20 13:46:50 -04:00
Shane McDonald
e2deab485e
Merge pull request #1776 from enginvardar/devel
Install unzip for awx_task docker image to enable usage of unarchive …
2018-04-20 09:11:23 -04:00
Engin Vardar
6b06d1896e Install unzip to enable usage of unarchive module
Signed-off-by: Engin Vardar <enginvardar@gmail.com>
2018-04-20 09:17:27 +02:00
Shane McDonald
98a9e82d2d Fix image build role when not deploying to localhost 2018-04-20 00:07:25 -04:00
Shane McDonald
590d5ccad1
Merge pull request #1718 from soumikgh/devel
Bind mount to custom certs to `source/anchors` subfolder
2018-04-19 22:33:36 -04:00
Shane McDonald
cf5149ecf4 Use Deployment on Kubernetes
I messed this up when rebasing.
2018-04-18 10:28:50 -04:00
Shane McDonald
40d7751fbd Remove image push logic from installer roles
I’m going to be reusing this code on the Tower side, and I’m trying to refactor some of the AWX specific bits out. There will probably be more to come, but this is a good start.
2018-04-16 19:01:43 -04:00