IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
environment.sh uses hostname for everything, and both environment and
credentials provide a default of 'memcached', so this should also be one less
variable to care about.
environment.sh uses hostname for everything, and both environment and
credentials provide a default of 'rabbitmq', so this should be one less
variable to care about.
The last update of this file added default values for passwords
but removed the 'quote' filter.
This is extremely problematic for database passwords that should always
be complex and contain special characters that the shell may interpret
wrongly.
As a sanity measure, adding the quote filter to all fields.
- use awx-python in shebang in dev env
- scl enable where needed for rhel7 & container installs
- use scram-sha-256 pg user hashing by default
- ensure psycopg2 is using the correct PG_CONFIG at build time for the right libpq version
Per #4167 a reasonable CSP was put in place, but unfortunately this
broke WebSockets support in Safari.
This is a quick fix to return support immediately. A more secure
implemetation would be beneficial in the longer term, however.
ideally we'd improve this over time to remove the `unsafe-inline` lines,
but we can't due that today because Angular1 makes use of a lot of
inline <script> and <style> tag generation
see: https://github.com/ansible/awx/issues/2056
Prior to this change, password having shell interpretable character
would break the installer (e.g '&', '(', etc... )
This commits rely on the `quote` filter from ansible to ensure those
password are properly quoted where it applies
Fixes: https://github.com/ansible/awx/issues/3943
Signed-off-by: Yanis Guenane <yguenane@redhat.com>
If password contains ';' (and potentially any shell interpretable chars)
it won't be interpreted properly as the openshift password.
Signed-off-by: Yanis Guenane <yguenane@redhat.com>
This commit does a few things:
- Add the `--squash` option to the `awx-devel-build` make target. This reduces the resulting image size from 2.12 GB to 1.37 GB. I think we can get this down even more by inspecting the image contents.
- Reorganize commands so that the cache expires less often. Before this commit, any changes to the Makefile would essentially cause the entire image to rebuild.
- Break yum dependencies up into multiple lines. This makes it easier to see what changes in a diff.
- Use `n` to install our required version of node (rather `curl node | bash`). I’ve found this to be easier to maintain / more portable when working with other Dockerfiles.
- General organizational changes to make things easier to parse visually.
Installing the latest python36-setuptools automatically creates the symlink from python3 -> python3.6 and from python36 -> /usr/bin/python3.6. Building the images fails when the symlink is created explicitly in the AWX installer.
Signed-off-by: Uriel Mandujano <uriel.mandujano14@gmail.com>
HTTPS is, by default, expected to be on port 443.
Also, with HSTS set, we need to be sure that users attempting to arrive
via HTTP are properly redirected to HTTPS.
This does so by:
* Setting up a 301 redirect for any URL to its HTTPS version
* Adjusting the internal port for HTTPS traffic to 8053
* Setting docker-compose to share port 443 → 8053
- This is configurable via an inventory variable
In #3322, this mount was added, but only to the standalone
Docker install setup:
github.com/ansible/awx/pull/3322/files#diff-596e32ab54a52bfed763f8a639499fe0
This ensures that the SSL cert is loaded when using docker-compose,
which is the only Docker-based method available as of v4.0.0
When docker-compose become the sole method for using
Docker directly, some of this was shifted around in ways that
are inconsistent with other elements.
This adjusts it so that:
* The inventory variable default is set like the others, and
is less confusing
* We no longer mention the Standalone Docker in inventory
* We format our INSTALL docs w/r/t this var
Daphne has a default timeout of 86400 seconds, so after 1 day of starting
awx_web container, the stdout stops refreshing automatically on the web UI.
This fixes this issue by making the timeout infinite, so the connection
between nginx and daphne's websocket never closes.
run this command on _any_ node in an awx cluster:
$ awx-manage profile_sql --threshold=2.0 --minutes=1
...and for 1 minute, the timing for _every_ SQL query in _every_ awx
Python process that uses the Django ORM will be measured
queries that run longer than (in this example) 2 seconds will be
written to a per-process sqlite database in /var/lib/awx/profile, and
the file will contain an EXPLAIN VERBOSE for the query and the full
Python stack that led to that SQL query's execution (this includes not
just WSGI requests, but background processes like the runworker and
dispatcher)
$ awx-manage profile_sql --threshold=0
...can be used to disable profiling again (if you don't want to wait for
the minute to expire)