IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Prior to this change, password having shell interpretable character
would break the installer (e.g '&', '(', etc... )
This commits rely on the `quote` filter from ansible to ensure those
password are properly quoted where it applies
Fixes: https://github.com/ansible/awx/issues/3943
Signed-off-by: Yanis Guenane <yguenane@redhat.com>
If password contains ';' (and potentially any shell interpretable chars)
it won't be interpreted properly as the openshift password.
Signed-off-by: Yanis Guenane <yguenane@redhat.com>
This commit does a few things:
- Add the `--squash` option to the `awx-devel-build` make target. This reduces the resulting image size from 2.12 GB to 1.37 GB. I think we can get this down even more by inspecting the image contents.
- Reorganize commands so that the cache expires less often. Before this commit, any changes to the Makefile would essentially cause the entire image to rebuild.
- Break yum dependencies up into multiple lines. This makes it easier to see what changes in a diff.
- Use `n` to install our required version of node (rather `curl node | bash`). I’ve found this to be easier to maintain / more portable when working with other Dockerfiles.
- General organizational changes to make things easier to parse visually.
Installing the latest python36-setuptools automatically creates the symlink from python3 -> python3.6 and from python36 -> /usr/bin/python3.6. Building the images fails when the symlink is created explicitly in the AWX installer.
Signed-off-by: Uriel Mandujano <uriel.mandujano14@gmail.com>
HTTPS is, by default, expected to be on port 443.
Also, with HSTS set, we need to be sure that users attempting to arrive
via HTTP are properly redirected to HTTPS.
This does so by:
* Setting up a 301 redirect for any URL to its HTTPS version
* Adjusting the internal port for HTTPS traffic to 8053
* Setting docker-compose to share port 443 → 8053
- This is configurable via an inventory variable
In #3322, this mount was added, but only to the standalone
Docker install setup:
github.com/ansible/awx/pull/3322/files#diff-596e32ab54a52bfed763f8a639499fe0
This ensures that the SSL cert is loaded when using docker-compose,
which is the only Docker-based method available as of v4.0.0
When docker-compose become the sole method for using
Docker directly, some of this was shifted around in ways that
are inconsistent with other elements.
This adjusts it so that:
* The inventory variable default is set like the others, and
is less confusing
* We no longer mention the Standalone Docker in inventory
* We format our INSTALL docs w/r/t this var
Daphne has a default timeout of 86400 seconds, so after 1 day of starting
awx_web container, the stdout stops refreshing automatically on the web UI.
This fixes this issue by making the timeout infinite, so the connection
between nginx and daphne's websocket never closes.
run this command on _any_ node in an awx cluster:
$ awx-manage profile_sql --threshold=2.0 --minutes=1
...and for 1 minute, the timing for _every_ SQL query in _every_ awx
Python process that uses the Django ORM will be measured
queries that run longer than (in this example) 2 seconds will be
written to a per-process sqlite database in /var/lib/awx/profile, and
the file will contain an EXPLAIN VERBOSE for the query and the full
Python stack that led to that SQL query's execution (this includes not
just WSGI requests, but background processes like the runworker and
dispatcher)
$ awx-manage profile_sql --threshold=0
...can be used to disable profiling again (if you don't want to wait for
the minute to expire)
Related #3010
Both awx_web and awx_task containers can have a volume mounted in
specified by the ca_trust_dir variable. Unfortunately only the
awx_web container's trust is updated. This patch makes sure the
awx_task container's trust is updated as well
Testing Done: ansible-playbook --syntax-check installer/install.yml
Signed-off-by: Mathieu Mallet <mmallet@digipok.io>
The second list gets interpreted as part of the else block, effectively
dropping it. Separating both list definitions with braces seems to work.
# Conflicts:
# installer/roles/local_docker/tasks/standalone.yml
Extracted more variables which a related to rabbitmq/postgresql from tasks to defaults
Reviewed-by: Shane McDonald <me@shanemcd.com>
https://github.com/shanemcd
this commit implements the bulk of `awx-manage run_dispatcher`, a new
command that binds to RabbitMQ via kombu and balances messages across
a pool of workers that are similar to celeryd workers in spirit.
Specifically, this includes:
- a new decorator, `awx.main.dispatch.task`, which can be used to
decorate functions or classes so that they can be designated as
"Tasks"
- support for fanout/broadcast tasks (at this point in time, only
`conf.Setting` memcached flushes use this functionality)
- support for job reaping
- support for success/failure hooks for job runs (i.e.,
`handle_work_success` and `handle_work_error`)
- support for auto scaling worker pool that scale processes up and down
on demand
- minimal support for RPC, such as status checks and pool recycle/reload
Changed syntax as ca_trust_dir was not correctly mounted in awx_web container and added command to update CA trust inside awx_web container after creation.