Description of problem: "Ansible Tower fails to sync when explicitly using v2 API. Add an Ansible Tower Provider using the 'v2' API ( i.e https://tower.example.com/api/v2 ). Version-Release number of selected component (if applicable): How reproducible: Consistently Steps to Reproduce: "Ansible Tower fails to sync when explicitly using v2 API. Add an Ansible Tower Provider using the 'v2' API ( i.e https://tower.example.com/api/v2 ). Force provider referesh. Tail evm.log. Ansible Tower Provider will fail to sync with error like: - MIQ(ManageIQ::Providers::AnsibleTower::AutomationManager::Refresher#refresh) EMS: [Tower Automation Manager], id: [99000000000005] Unable to perform refresh for the following targets: - undefined method `vault_password' for #<AnsibleTowerClient::Credential::Inputs:0x000055eea78a7578> Method:[block (2 levels) in <class:LogProxy>]"
You shouldn't have to explicitly pass the version in the URL, we will automatically build the URL in the provider code. Why did you explicitly want v2? V1 is deprecated but still on all supported versions of tower.
Adam- This is part of the testathon we're doing. We saw an RFE for v2, so we tested it out! Tower version 3.4.1 Differ URI settings and results-- With this: https://tower.example.com/api/v1 I get this for validate: Credential validation was successful With this: https://tower.example.com/api/v2 I get this for validate: Credential validation was successful With this: https://tower.example.com/api/ I get this for validate: Credential validation was not successful: {:headers=>{"server"=>"nginx/1.12.2", "date"=>"Tue, 13 Aug 2019 18:11:52 GMT", "content-type"=>"application/json", "content-length"=>"55", "connection"=>"close", "vary"=>"Accept, Accept-Language, Cookie", "x-api-total-time"=>"0.037s", "content-language"=>"en"}, :status=>404, :body=>"{\"detail\":\"The requested resource could not be found.\"}", :url=>#<URI::HTTPS https://tower.example.com/api/me/>} With this: https://tower.example.com/ I get this for validate: Credential validation was not successful: {:headers=>{"server"=>"nginx/1.12.2", "date"=>"Tue, 13 Aug 2019 18:10:56 GMT", "content-type"=>"text/html; charset=utf-8", "content-length"=>"3767", "connection"=>"close", "vary"=>"Accept-Language, Cookie", "x-api-total-time"=>"0.084s", "content-language"=>"en"}, :status=>404, :body=>"\n\n\n\n\n<!DOCTYPE html>\n<html>\n <head>\n \n\n \n <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n <meta name=\"robots\" content=\"NONE,NOARCHIVE\" />\n \n\n <title>Not Found · AWX</title>\n\n \n\n<link href=\"/static/assets/favicon.ico?v=3.4.1\" rel=\"shortcut icon\" />\n\n \n <link rel=\"stylesheet\" type=\"text/css\" href=\"/static/rest_framework/css/bootstrap.min.css\" />\n <link rel=\"stylesheet\" type=\"text/css\" href=\"/static/api/api.css?v=3.4.1\" />\n\n\n <link rel=\"stylesheet\" type=\"text/css\" href=\"/static/rest_framework/css/prettify.css\"/>\n <link rel=\"stylesheet\" type=\"text/css\" href=\"/static/rest_framework/css/default.css\"/>\n \n\n<style type=\"text/css\">\ndiv.request-info,\ndiv.response-info span.meta {\n display: none;\n}\n</style>\n\n\n \n </head>\n\n \n <body class=\"\">\n\n <div class=\"wrapper\">\n \n <div class=\"navbar navbar-fixed-top\">\n <div class=\"container\">\n <div class=\"navbar-header\">\n <a class=\"navbar-brand\" href=\"/\">\n <img class=\"logo\" src=\"/static/assets/logo-header.svg\">\n </a>\n <a class=\"navbar-title\" href=\"/me/\">\n <span> — Not Found</span>\n </a>\n </div>\n </div>\n </div>\n\n\n <div class=\"container\">\n \n\n <!-- Content -->\n <div id=\"content\" role=\"main\" aria-label=\"content\">\n \n\n <div class=\"region\" aria-label=\"request form\">\n \n\n \n\n \n\n \n </div>\n\n <div class=\"content-main\" role=\"main\" aria-label=\"main content\">\n <div class=\"page-header\">\n <h1>Not Found</h1>\n </div>\n <div style=\"float:left\">\n \n \n \n </div>\n\n \n\n <div class=\"request-info\" style=\"clear: both\" aria-label=\"request info\">\n <pre class=\"prettyprint\"><b>GET</b> /me/</pre>\n </div>\n\n <div class=\"response-info\" aria-label=\"response info\">\n <pre class=\"prettyprint\"><span class=\"meta nocode\"><b>HTTP </b>\n\n\n\n</span><span class=\"nocode\">The requested resource could not be found.</span></pre>\n </div>\n </div>\n\n \n \n </div><!-- /.content -->\n </div><!-- /.container -->\n </div><!-- ./wrapper -->\n\n \n\n \n<div id=\"footer\">\n <div class=\"container\">\n <div class=\"row\">\n <div class=\"col-sm-6\">\n </div>\n <div class=\"col-sm-6 footer-copyright\">\n Copyright © 2017 <a href=\"http://www.redhat.com\" target=\"_blank\">Red Hat</a>, Inc. All Rights Reserved.\n </div>\n </div>\n </div>\n</div>\n<div class=\"hidden\">\n <a class=\"hide-description pull-right js-tooltip\" href=\"#\" title=\"Hide Description\"><span class=\"glyphicon glyphicon-remove-sign\"></span></a>\n <a class=\"toggle-description js-tooltip\" href=\"#\" title=\"Show/Hide Description\"><span class=\"glyphicon glyphicon-question-sign\"></span></a>\n</div>\n\n <script>\n window.drf = {\n csrfHeaderName: \"X-CSRFToken\",\n csrfCookieName: \"csrftoken\"\n };\n </script>\n <script src=\"/static/rest_framework/js/jquery-1.12.4.min.js\"></script>\n <script src=\"/static/rest_framework/js/ajax-form.js\"></script>\n <script src=\"/static/rest_framework/js/csrf.js\"></script>\n <script src=\"/static/rest_framework/js/bootstrap.min.js\"></script>\n <script src=\"/static/rest_framework/js/prettify-min.js\"></script>\n <script src=\"/static/rest_framework/js/default.js\"></script>\n <script>\n $(document).ready(function() {\n $('form').ajaxForm();\n });\n </script>\n \n<script src=\"/static/api/api.js?v=3.4.1\"></script>\n\n\n </body>\n \n</html>\n", :url=>#<URI::HTTPS https://tower.example.com/me/>}
Alex can you take a look at why this is failing? Pretty sure we were stripping the version off in the ansible tower client but maybe I'm thinking of something else
Hi, You should enter URL to v2 API explicitly. If you enter just hostname without path, it will automatically try to use v1: https://github.com/ManageIQ/manageiq-providers-ansible_tower/blob/88aa135c1acd6146a17d01ad5ecbf65540c5890f/app/models/manageiq/providers/ansible_tower/shared/provider.rb#L64 If you enter any other path in the URL (like just `/api` in the comment #3) - it will not work (https://github.com/ManageIQ/manageiq-providers-ansible_tower/blob/88aa135c1acd6146a17d01ad5ecbf65540c5890f/app/models/manageiq/providers/ansible_tower/shared/provider.rb#L57) I see two comments with opposite observations, at the comment #1 you saying that you getting an error when enter URL with `/api/v2`, at the comment #3 you saying that it validation was successful. Which one is true?
I see two comments with opposite observations, at the comment #1 you saying that you getting an error when enter URL with `/api/v2`, at the comment #3 you saying that it validation was successful. Which one is true? User Validation is successful with v2, but Tower fails to Sync.
Looks like some Tower's API fields are not mandatory even if documented https://docs.ansible.com/ansible-tower/latest/html/towerapi/api_ref.html#/Credentials/Credentials_credentials_read PR: https://github.com/ansible/ansible_tower_client_ruby/pull/132
PR merged
Hi Everyone, When can we expect a fix for this? We are also facing the same issue Regards Irshad
Ahmed, fix is ready and merged, you should probably update your app.
Hi Alexander, We are using this version of cfme cfme-appliance-common-5.10.11.0-1.el7cf.x86_64 cfme-appliance-5.10.11.0-1.el7cf.x86_64 cfme-gemset-5.10.11.0-1.el7cf.x86_64 cfme-appliance-tools-5.10.8.0-1.el7cf.x86_64 rubygem-redhat_access_cfme-2.0.3-1.el7cf.noarch cfme-5.10.11.0-1.el7cf.x86_64 We updated it yesterday but still had the same issue But for a workaround we created a vault password in Ansible and that seems to fix the issue Regards Irshad
Satoe, can you please check, was this backported to the mentioned version?
Sorry, missed needinfo. This isn't fixed in any 5.10.z release yet.
*** Bug 1788106 has been marked as a duplicate of this bug. ***
Hi, please, is this fixed in any production version? Thanks, mheppler
Hi mheppler, Just thought i'd let you know I got around this by putting the full api url in the MIQ ansible provider URL - eg https://blah.local/api/v2 rather than just https://blah.local/ - I'm assuming this will also work for Cloudforms (haven't tried) but this works talking from MIQ to Tower 3.6.3. /api/v1 was removed in Tower 3.6
Hi gocallag, thank you, but when customer specify API version, CF starts messing with URL: https://tower/api/v2/project_updates/api/v2/project_updates/18352/ And with missing API version, CF are not able to validate credentials.
Hi, please, is this fixed in any production version? Or when it will be fixed? Thanks, mheppler
Hi mheppler, this has been triaged and has a target release of 5.11.3
*** Bug 1792570 has been marked as a duplicate of this bug. ***
New commit detected on ManageIQ/manageiq-providers-ansible_tower/master: https://github.com/ManageIQ/manageiq-providers-ansible_tower/commit/06c76fab1b0b8487f55fae6ddd88b8b44cf7ce33 commit 06c76fab1b0b8487f55fae6ddd88b8b44cf7ce33 Author: Adam Grare <agrare> AuthorDate: Wed Jan 22 09:56:31 2020 -0500 Commit: Adam Grare <agrare> CommitDate: Wed Jan 22 09:56:31 2020 -0500 Bump ansible_tower_client to v0.20.2 Pull in fixes for using the ansible_tower v2 API Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1740860 manageiq-providers-ansible_tower.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
is there going to be a backport to 5.10?
This was backported to 5.10.z (https://bugzilla.redhat.com/show_bug.cgi?id=1794047) and released in version 5.10.15