Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62300

How we can send request through api/v2 for Ansible Tower version 3.6.4

    XMLWordPrintable

    Details

    • Similar Issues:
    • Released As:
      0.15.0

      Description

      Hi Team

      As we found that the ansible tower plugin has disabled api/v1, may i know how we can send request through api/v2 for Ansible Tower version 3.6.4

      We are using Jenkins version 2.184 and plugin version 0.8.5, thanks in advance. 

        Attachments

          Activity

          Hide
          bdrzazga Bartosz Drzazga added a comment -

          John Westcott I think the implementation of the mechanism you described has a bug. In file [TowerConnector.java|https://github.com/jenkinsci/ansible-tower-plugin/blob/master/src/main/java/org/jenkinsci/plugins/ansible_tower/util/TowerConnector.java] around line 200 there are check for specific endpoints but invocations of functions like getOAuthToken are not in a try-catch block. On exception there is no fallback to basic auth, Jenkins job just fails. The relevant code snippet: 

          if (this.towerSupports("/api/o/")) {                        
          logger.logMessage("Getting an oAuth token for "+ this.username);                        
          this.authorizationHeader = "Bearer " + this.getOAuthToken();
          }

          We use LDAP users to connect to AWX and we don't allow external (LDAP) users to create a token. I think the plugin should fallback to username/password on a failed attempt to obtain a token but it just fails a job run. Is it intentional or is it possible to fix this issue?

           

          On a side note, it would be great to have an option to force a specific connection method next to Trust Cert and Debugging options.

          Show
          bdrzazga Bartosz Drzazga added a comment - John Westcott I think the implementation of the mechanism you described has a bug. In file [TowerConnector.java| https://github.com/jenkinsci/ansible-tower-plugin/blob/master/src/main/java/org/jenkinsci/plugins/ansible_tower/util/TowerConnector.java ] around line 200 there are check for specific endpoints but invocations of functions like getOAuthToken are not in a try-catch block. On exception there is no fallback to basic auth, Jenkins job just fails. The relevant code snippet:  if ( this .towerSupports( "/api/o/" )) { logger.logMessage( "Getting an oAuth token for " + this .username); this .authorizationHeader = "Bearer " + this .getOAuthToken(); } We use LDAP users to connect to AWX and we don't allow external (LDAP) users to create a token. I think the plugin should fallback to username/password on a failed attempt to obtain a token but it just fails a job run. Is it intentional or is it possible to fix this issue?   On a side note, it would be great to have an option to force a specific connection method next to Trust Cert and Debugging options.
          Hide
          johnwestcottiv John Westcott added a comment -

          In your use case are you having users enter their credentials in Jenkins directly rather than using a service account to connect from Jenkins to Tower?

          Show
          johnwestcottiv John Westcott added a comment - In your use case are you having users enter their credentials in Jenkins directly rather than using a service account to connect from Jenkins to Tower?
          Hide
          bdrzazga Bartosz Drzazga added a comment -

          No, this is a service account which Jenkins uses to connect to AWX.

          Show
          bdrzazga Bartosz Drzazga added a comment - No, this is a service account which Jenkins uses to connect to AWX.
          Hide
          johnwestcottiv John Westcott added a comment -

          But an LDAP based account instead of a local account on the Tower server?

          Show
          johnwestcottiv John Westcott added a comment - But an LDAP based account instead of a local account on the Tower server?
          Hide
          johnwestcottiv John Westcott added a comment -

          After considering your scenario I decided that this was an acceptable pattern.
          If provided a username/password the login will now:
             Attempt to get an oauth toekn
             Attempt to get a legacy token
             Revert to basic auth

          Please test with version 0.15.0 and mark this ticket as done or let me know if you have issues.

          Show
          johnwestcottiv John Westcott added a comment - After considering your scenario I decided that this was an acceptable pattern. If provided a username/password the login will now:    Attempt to get an oauth toekn    Attempt to get a legacy token    Revert to basic auth Please test with version 0.15.0 and mark this ticket as done or let me know if you have issues.

            People

            Assignee:
            angelliang angel liang
            Reporter:
            angelliang angel liang
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: