Getting CSRF error when logging in to AWX Operator

virtualhobbit · May 13, 2024, 8:32pm

I have exported my old 17.1.0 PostgreSQL database and deployed a fresh 2.16.1 AWX Operator. All task and web pods come up correctly, and the database migration container completes successfully.

I have retrieved my admin password from the awx-admin-password secret (it was the same one I configured), however, I am unable to login.

I see the following error in the awx-web pods:

2024-05-13 15:47:47,776 WARNING [95ff42d1d82648e0aa003d8c78e06a90] django.security.csrf Forbidden (CSRF token missing.): /api/login/

Does anyone know why this would happen?

Many thanks.

gundalow · May 14, 2024, 9:19am

Hi,
Older GitHub issue, but does CORS errors after upgrading to AWX 22.3.0 · Issue #14024 · ansible/awx · GitHub help?

virtualhobbit · May 14, 2024, 1:48pm

Unfortunately not. Added the domain to the extra settings, redeployed and delete the web pods. No joy.

Exact error is:

2024-05-14 13:28:45,474 WARNING [3fc21d82e56f4f17bc3d9d58a58499be] django.security.csrf Forbidden (CSRF token missing.): /api/login/

virtualhobbit · May 14, 2024, 7:03pm

https://ansible.readthedocs.io/projects/awx-operator/en/latest/user-guide/advanced-configuration/csrf-cookie-secure-setting.html

Does anyone know if this turns CSRF checking off?

spec:
csrf_cookie_secure: ‘False’

If so, after I add this to my AWX object and reapply, is there anything else I have to do to apply it?