Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support verify_ssl=false for container auth #829

Merged
merged 8 commits into from
Sep 30, 2021
Merged

Support verify_ssl=false for container auth #829

merged 8 commits into from
Sep 30, 2021

Conversation

AlanCoding
Copy link
Member

This is needed for Automation Hub where we can't install trusted certs for testing.

This is absorbing AWX code from ansible/awx#9951

This was referenced Sep 15, 2021
Merged
Merged
@AlanCoding
Copy link
Member Author

I have now tested this against a real Automation Hub instance.

  • I downloaded the awx-ee image
  • I made a new tag with the AH URL as the base from that image
  • pushed the image to AH with superuser account
  • added demo/env/settings file with all the basic containerization & auth parameters
  • ansible-runner run demo -p test.yml

without setting verify_ssl=false

This shows the certificate failure (from pulp registry), as it hasn't been set up in this case.

$ ansible-runner run demo -p test.yml
Error: Error initializing source docker://ec2-54-174-150-99.compute-1.amazonaws.com/alan/awx-ee:latest: error pinging docker registry ec2-54-174-150-99.compute-1.amazonaws.com: Get "https://ec2-54-174-150-99.compute-1.amazonaws.com/v2/": x509: certificate signed by unknown authority

with setting verify_ssl=false

it runs the test.yml playbook

@AlanCoding AlanCoding marked this pull request as ready for review September 15, 2021 20:37
@AlanCoding AlanCoding requested a review from a team as a code owner September 15, 2021 20:37
@AlanCoding AlanCoding changed the title WIP - support verify_ssl=false for container auth Support verify_ssl=false for container auth Sep 16, 2021
@AlanCoding AlanCoding mentioned this pull request Sep 16, 2021
Closed
3 tasks
@shanemcd
Copy link
Member

Once this lands in RHEL maybe we can refactor to be a bit more elegant containers/podman#11205

@AlanCoding AlanCoding mentioned this pull request Sep 16, 2021
Open
samdoran
samdoran approved these changes Sep 16, 2021
View reviewed changes
ansible_runner/config/_base.py Outdated Show resolved Hide resolved
ansible_runner/config/_base.py Show resolved Hide resolved
test/integration/containerized/test_container_management.py Outdated Show resolved Hide resolved
AlanCoding and others added 2 commits September 16, 2021 14:47
@AlanCoding @samdoran
Add trailing comma from review suggestions
dbc9757 
Co-authored-by: Sam Doran <sdoran@redhat.com>
@AlanCoding @samdoran
Simplify code path for podman vs. docker in integration test
f104d28 
Co-authored-by: Sam Doran <sdoran@redhat.com>
@samdoran
Copy link
Contributor

recheck

@samdoran samdoran added the gate label Sep 30, 2021
ansible-zuul[bot]
ansible-zuul bot approved these changes Sep 30, 2021
View reviewed changes
Copy link
Contributor

@ansible-zuul ansible-zuul bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@ansible-zuul ansible-zuul bot merged commit b9a4a79 into ansible:devel Sep 30, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shanemcd shanemcd shanemcd approved these changes

@samdoran samdoran samdoran approved these changes

@beeankha beeankha beeankha approved these changes

@ansible-zuul ansible-zuul[bot] ansible-zuul approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@AlanCoding @shanemcd @samdoran @beeankha