Hello everyone,
I just noticed a service that invokes the AWX API from another website is not working because of AWX’s CORS policies.
Back there in version 15x I was using Docker and just updated this file under /etc/tower in the awx-web container:
settings.py
and added these lines:
MIDDLEWARE = [‘corsheaders.middleware.CorsMiddleware’] + MIDDLEWARE
CORS_ORIGIN_ALLOW_ALL = True
Reboot the containers and that’s it
But now with the Kubernetes deployment I have no idea how to customize this awx-web container, it just pulls it from quay.io as I can see in the configuration.
I’m using a custom Execution Environment that I’ve built with the ansible-builder, but idk if there’s a similar tool for web container.
Do I need to modify the https://quay.io/repository/ansible/awx image? And if so, how do I make the operator use my own image?
I’m guessing through the awx.yml?
Something like this? has anyone tried this?
web_images:
- image: quay.io//custom-awx-image:tag
Any help is appreciated.
Thanks in advance!
Regards
Alex
Hi Alex,
For customizing settings.py, did you try https://github.com/ansible/awx-operator#extra-settings?
Concerning overriding the image used, I am not sure this is how to do it, esp. w.r.t the fact that the variable is underscore-prefixed, hence meaning an internal scope: https://github.com/ansible/awx-operator/blob/devel/roles/installer/defaults/main.yml#L127
Let us know how it goes,
Vincent
Hi Vincent,
Thanks! that worked just for what I needed! I ended up modifying the AWX image but that’s no longer needed and it wasn’t working anyways because AWX ConfigMaps wasn’t getting updated and /etc/tower/settings.py had the default values.
With what you mentioned it added the values I needed for the CORS policy.
Before I was getting this error:
“https://url:port has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requestes resource.”
I just changed the spec in my awx.yaml
spec:
extra_settings:
- setting: MIDDLEWARE
value: “[‘corsheaders.middleware.CorsMiddleware’] + MIDDLEWARE”
- setting: CORS_ORIGIN_ALLOW_ALL
value: “True”
kubectl deploy -f awx.yaml
and AWX ConfigMaps was updated in Kubernetes, I noticed the containers didn’t update its settings.py even when the ConfigMaps was OK, I had to downscale deployment to 0 and back to 3 in my case so the changes were sent to the AWX containers.
Sent the REST API call again and now is working as intended.
Thank you!
Regards
Alex
Typo: the correct kubectl command used was:
kubectl apply -f awx.yaml
Hi Alex,
Thanks for reporting back and taking the time to explain what you did, this will be useful to others as well!