introduction
With the new Ansible Inside feature of CloudForms 4.5, it is necessary to sync with Git repositories in order to import playbooks for use with automation. This post will describe how to configure that to run over a http(s)_proxy.
what we're after
CloudForms supports http_proxy and https_proxy; these are configurable under the Advanced tab in the configuration menu. Unfortunately, due to a current bug, adding a Git repository under the automation menu does not use this proxy information. In the interim, we want to find a way to sync the Git repos using a proxy.
the code
CloudForms actually syncs the Git repos in Automation/Ansible/Repositories using a playbook. That playbook is located here:
/var/lib/awx/venv/tower/lib/python2.7/site-packages/awx/playbooks/project_update.yml
In the playbook, starting around line 14, you'll see this:
- hosts: all
connection: local
gather_facts: false
tasks:
Right after line 16 (gather_facts) add the following:
- hosts: all
connection: local
gather_facts: false
environment:
http_proxy: http://your.special.proxy:PORT
https_proxy: https://your.special.proxy:PORT
After saving the changes, try to add (or sync) the repository again and it should work.
If you have a password for the proxy you can use the following syntax:
http_proxy: http://username:pass@proxy.com:8080
some other things
If you happened to have set a proxy in the advanced settings while testing this and now you don't need it, there is unfortunately another bug that might cause you some issues. The full bug is here, but the main point is that currently, blank values for http_proxy are not saved. Changing the proxy is not an issue, but if you want to remove it entirely, it's currently necessary to remove it directly from the DB. Engineering is working hard on a fix so this might not be an issue at the time of reading, keep an eye on the bug for updates.