Unable to start rulebook activation: ERROR: No username set in the environment

robinr1 · March 18, 2026, 7:32pm

I’m a long time user of Ansible, AWX and ARA but new to EDA. I tried setting up an EDA instance using eda-server-operator:main, and after a lot of trail and error, it looks like it is now running correctly. This is my eda-server-operator config:

apiVersion: eda.ansible.com/v1alpha1
kind: EDA
metadata:
  name: eda
spec:
  admin_user: admin
  admin_password_secret: eda-admin-password
  
  automation_server_url: http://awx-service:5082         # internal kubernetes address of awx running in same cluster
  
  image: quay.io/ansible/eda-server
  image_version: sha-b4030df              # newer versions break eda-ui authentication (https://github.com/ansible/eda-server/issues/1504)
  image_web: quay.io/ansible/eda-ui
  image_web_version: "2.5"

  service_type: ClusterIP
  ingress_type: none
  
  extra_settings:
    - setting: EDA_ALLOW_LOCAL_RESOURCE_MANAGEMENT
      value: true
    - setting: EDA_EVENT_STREAM_BASE_URL
      value: "https://eda/eda-event-streams"
  
  db_fields_encryption_secret: eda-db-encryption-secret
  
  database:
    postgres_storage_class: netapp-nfs-volume
    
  bundle_cacert_secret: eda-custom-certs

  # debug:
  no_log: false

I then set up a rulebook activation with a small test rulebook in a git repo:

- name: Listen for events on a webhook
  hosts: all
  sources:
    - ansible.eda.webhook:
        host: 0.0.0.0
        port: 5001

  rules:
    - name: debug
      condition: event.payload is defined
      action:
        debug:
          msg: "{{ event.payload }}"

I added a new project pointing to the git repo containing the rulebook
I registered a user and a token for EDA in AWX
I added a “Red Hat Ansible Automation Platform”-type credential to EDA where I set the AWX host (the same as I set in the automation_server_url parameter for the operator) and the generated oAuth token
I built a Decision Environment:

---
version: 3

images:
  base_image:
    name: quay.io/fedora/fedora:41

dependencies:
  galaxy:
    collections:
      - ansible.eda
  python:
    - azure-servicebus
    - aiobotocore
    - aiohttp
    - aiokafka
    - gssapi
    - watchdog
    - systemd-python
    - dpath
    - ansible-rulebook
  ansible_core:
    package_pip: ansible-core~=2.16.0
  ansible_runner:
    package_pip: ansible-runner
  system:
    - gcc [platform:rpm compile]
    - gcc-c++ [platform:rpm compile]
    - make [platform:rpm compile]
    - python3-devel [platform:rpm]
    - systemd-devel [platform:rpm] # required for systemd-python
    - krb5-devel [platform:rpm] # required for gssapi
    - java-17-openjdk-devel [platform:rpm]

additional_build_steps:
  prepend_base:
    - RUN dnf install -y python3 python3-pip python3-libdnf5
  append_final:
    - RUN /usr/local/bin/ansible-galaxy collection list

I registered the DE in EDA
I configured a rulebook activation pointing to the above rulebook, the DE image built using above config and added the AWX credentials I created earlier

When I now try to activate the rulebook I get this logging (level: debug):

Python executable = /usr/bin/python3
Platform = Linux-6.4.0-150600.23.81-default-x86_64-with-glibc2.40
ansible_rulebook.util - ERROR - Cannot list installed collections: Command '['/usr/local/bin/ansible-galaxy', 'collection', 'list']' returned non-zero exit status 5.
ansible_rulebook.app - DEBUG - No collections found
ansible_rulebook.app - INFO - Starting worker mode
ansible_rulebook.websocket - INFO - websocket ws://eda-daphne:8001/api/eda/ws/ansible-rulebook
ansible_rulebook.websocket - INFO - attempt websocket connection
ansible_rulebook.websocket - INFO - workload websocket connected
ansible_rulebook.collection - ERROR - Error listing collections: b'ERROR: No username set in the environment\n'
ansible_rulebook.condition_parser - DEBUG - OperatorExpressionFactory tokens: [Identifier(value='event.payload'), 'is', String(value='defined')]
ansible_rulebook.cli - ERROR - Terminating: End Of File (EOF). Exception style platform.
<pexpect.pty_spawn.spawn object at 0x7ff174ca1d30>
command: /usr/local/bin/ansible-vault
args: ['/usr/local/bin/ansible-vault', 'decrypt', '--vault-id', 'EDA_SERVER@/tmp/tmpyx5mf6g7']
buffer (last 100 chars): b''
before (last 100 chars): b'ERROR: No username set in the environment\r\n'
after: <class 'pexpect.exceptions.EOF'>
match: None
match_index: None
exitstatus: None
flag_eof: True
pid: 121
child_fd: 9
closed: False
timeout: 30
delimiter: <class 'pexpect.exceptions.EOF'>
logfile: None
logfile_read: None
logfile_send: None
maxread: 2000
ignorecase: False
searchwindowsize: None
delaybeforesend: 0.05
delayafterclose: 0.1
delayafterterminate: 0.1
searcher: searcher_re:
0: re.compile(b'Reading ciphertext input from stdin')
Secret activation-secret-1 is deleted.
Service netbox-events is deleted.
Pod 'activation-job-1-46' is deleted.
Job activation-job-1-46 is cleaned up.
Activation failed. Restart policy is not applicable.

For what I understand from this message is that ansible-galaxy collection list seems to fail, and seems to expect some username being set in the environment ?

I don’t have a local Ansible galaxy instance running so I don’t know what this now expects from me and/or what username I have to set in what variable?

I tried spinning up the DE container myself, set the same env variables as the “Red Hat Ansible Automation Platform”-type credential should insert into the container, for in case this error is triggered by an empty username var set by it (as I only have set the oAuth parameter, but I also tried setting a username/password, but to no avail) and I tried running:

bash-5.2$ ansible-galaxy collection list

# /usr/share/ansible/collections/ansible_collections
Collection  Version
----------- -------
ansible.eda 2.11.0

I also added the above playbook locally into the running container as test.yml and tried ansible-rulebook:

bash-5.2$ ansible-rulebook -r test.yml -vv
2026-03-18 15:07:41,448 - asyncio - DEBUG - Using selector: EpollSelector
2026-03-18 15:07:41,448 - ansible_rulebook.app - DEBUG - Loading rules from the file system test.yml
2026-03-18 15:07:41,684 - ansible_rulebook.condition_parser - DEBUG - OperatorExpressionFactory tokens: [Identifier(value='event.payload'), 'is', String(value='defined')]
2026-03-18 15:07:41,685 - ansible_rulebook.app - INFO - Starting sources
2026-03-18 15:07:41,685 - ansible_rulebook.app - INFO - Starting rules
2026-03-18 15:07:41,685 - ansible_rulebook.engine - DEBUG - run_ruleset
2026-03-18 15:07:41,685 - drools.ruleset - INFO - Using jar: /usr/local/lib/python3.13/site-packages/drools/jars/drools-ansible-rulebook-integration-runtime-1.0.11-SNAPSHOT.jar
2026-03-18 15:07:41,735 - drools.ruleset - DEBUG - Creating Drools Ruleset
2026-03-18 15:07:41 993 [main] INFO org.drools.ansible.rulebook.integration.api.rulesengine.MemoryMonitorUtil - Memory occupation threshold set to 90%
2026-03-18 15:07:41 994 [main] INFO org.drools.ansible.rulebook.integration.api.rulesengine.MemoryMonitorUtil - Memory check event count threshold set to 64
2026-03-18 15:07:41 994 [main] INFO org.drools.ansible.rulebook.integration.api.rulesengine.MemoryMonitorUtil - Exit above memory occupation threshold set to false
2026-03-18 15:07:41 998 [main] INFO org.drools.ansible.rulebook.integration.api.rulesengine.AbstractRulesEvaluator - Start automatic pseudo clock with a tick every 100 milliseconds
2026-03-18 15:07:42,000 - drools.ruleset - DEBUG - Ruleset Session ID : 1
2026-03-18 15:07:42,000 - ansible_rulebook.engine - DEBUG - ruleset define: {"name": "Listen for netbox events on a webhook", "hosts": ["all"], "sources": [{"EventSource": {"name": "ansible.eda.webhook", "source_name": "ansible.eda.webhook", "source_args": {"host": "0.0.0.0", "port": 5001}, "source_filters": []}}], "rules": [{"Rule": {"name": "debug", "condition": {"AllCondition": [{"IsDefinedExpression": {"Event": "payload"}}]}, "actions": [{"Action": {"action": "debug", "action_args": {"msg": "{{ event.payload }}"}}}], "enabled": true}}]}
2026-03-18 15:07:42,000 - drools.dispatch - DEBUG - Establishing async channel
2026-03-18 15:07:42,006 - ansible_rulebook.engine - INFO - load source ansible.eda.webhook
2026-03-18 15:07:42,045 - ansible_rulebook.engine - INFO - loading source filter eda.builtin.insert_meta_info
2026-03-18 15:07:42,259 - ansible_rulebook.engine - DEBUG - Calling main in ansible.eda.webhook
2026-03-18 15:07:42,261 - ansible_rulebook.engine - INFO - Waiting for all ruleset tasks to end
2026-03-18 15:07:42,261 - ansible_rulebook.rule_set_runner - INFO - Waiting for actions on events from Listen for netbox events on a webhook
2026-03-18 15:07:42,261 - ansible_rulebook.rule_set_runner - INFO - Waiting for events, ruleset: Listen for netbox events on a webhook
2026-03-18 15:07:42 262 [drools-async-evaluator-thread] INFO org.drools.ansible.rulebook.integration.api.io.RuleExecutorChannel - Async channel connected

So I have no idea what is complaining about a missing username, why and how to fix it..I also don’t find anything in any documentation about this.

Topic		Replies	Views
EDA UI how to set inventory Get Help eda-server	4	801	December 15, 2023
Eda-server not importing runbooks on project import/sync Get Help awx , ansible-rulebook , eda-server , eda-operator	10	704	November 26, 2023
Event driven Ansible Controller - Custom Credentials to rulebooks - example kafka user name and passwords Get Help awx , eda-operator , event-driven	2	201	October 2, 2024
ansible-rulebook questions Ansible Project	0	15	June 3, 2024
Planned changes in ansible-rulebook & ansible.eda Collection Development galaxy-ng , collections , ansible-rulebook , eda-server , aws , azure , aap , event-driven , eda	0	69	January 30, 2026

Unable to start rulebook activation: ERROR: No username set in the environment

Related topics