Remove need for settings.py during image build

awx/__init__.py

@@ -190,7 +190,7 @@ def manage():
         sys.stdout.write('%s\n' % __version__)
     # If running as a user without permission to read settings, display an
     # error message.  Allow --help to still work.
-    elif settings.SECRET_KEY == 'permission-denied':
+    elif not os.getenv('SKIP_SECRET_KEY_CHECK', False) and settings.SECRET_KEY == 'permission-denied':
         if len(sys.argv) == 1 or len(sys.argv) >= 2 and sys.argv[1] in ('-h', '--help', 'help'):
             execute_from_command_line(sys.argv)
             sys.stdout.write('\n')

awx/settings/defaults.py

@@ -6,6 +6,7 @@ import os
 import re  # noqa
 import sys
 import tempfile
+import socket
 from datetime import timedelta
 
 
@@ -1016,3 +1017,6 @@ JOB_WAITING_GRACE_PERIOD = 60
 # Number of seconds after a container group job finished time to wait
 # before the awx_k8s_reaper task will tear down the pods
 K8S_POD_REAPER_GRACE_PERIOD = 60
+
+# This is overridden downstream via /etc/tower/conf.d/cluster_host_id.py
+CLUSTER_HOST_ID = socket.gethostname()

tools/ansible/roles/dockerfile/files/settings.py

@@ -1,89 +0,0 @@
-# AWX settings file
-
-import os
-import base64
-
-
-def get_secret():
-    if os.path.exists("/etc/tower/SECRET_KEY"):
-        return open('/etc/tower/SECRET_KEY', 'rb').read().strip()
-    else:
-        return base64.encodebytes(os.urandom(32)).decode().rstrip()
-
-
-ADMINS = ()
-
-STATIC_ROOT = '/var/lib/awx/public/static'
-
-PROJECTS_ROOT = '/var/lib/awx/projects'
-
-JOBOUTPUT_ROOT = '/var/lib/awx/job_status'
-
-SECRET_KEY = get_secret()
-
-ALLOWED_HOSTS = ['*']
-
-CLUSTER_HOST_ID = "awx"
-SYSTEM_UUID = '00000000-0000-0000-0000-000000000000'
-
-CSRF_COOKIE_SECURE = False
-SESSION_COOKIE_SECURE = False
-
-###############################################################################
-# EMAIL SETTINGS
-###############################################################################
-
-SERVER_EMAIL = 'root@localhost'
-DEFAULT_FROM_EMAIL = 'webmaster@localhost'
-EMAIL_SUBJECT_PREFIX = '[AWX] '
-
-EMAIL_HOST = 'localhost'
-EMAIL_PORT = 25
-EMAIL_HOST_USER = ''
-EMAIL_HOST_PASSWORD = ''
-EMAIL_USE_TLS = False
-
-LOGGING['handlers']['console'] = {
-    '()': 'logging.StreamHandler',
-    'level': 'DEBUG',
-    'formatter': 'simple',
-    'filters': ['guid'],
-}
-
-LOGGING['loggers']['django.request']['handlers'] = ['console']
-LOGGING['loggers']['rest_framework.request']['handlers'] = ['console']
-LOGGING['loggers']['awx']['handlers'] = ['console', 'external_logger']
-LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console']
-LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console', 'external_logger']
-LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console', 'external_logger']
-LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console']
-LOGGING['loggers']['social']['handlers'] = ['console']
-LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console']
-LOGGING['loggers']['rbac_migrations']['handlers'] = ['console']
-LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'}
-LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'}
-LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'}
-LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'}
-LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'}
-LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'}
-LOGGING['handlers']['dispatcher'] = {'class': 'logging.NullHandler'}
-LOGGING['handlers']['job_lifecycle'] = {'class': 'logging.NullHandler'}
-LOGGING['handlers']['wsbroadcast'] = {'class': 'logging.NullHandler'}
-
-DATABASES = {
-    'default': {
-        'ATOMIC_REQUESTS': True,
-        'ENGINE': 'awx.main.db.profiled_pg',
-        'NAME': os.getenv("DATABASE_NAME", None),
-        'USER': os.getenv("DATABASE_USER", None),
-        'PASSWORD': os.getenv("DATABASE_PASSWORD", None),
-        'HOST': os.getenv("DATABASE_HOST", None),
-        'PORT': os.getenv("DATABASE_PORT", None),
-    }
-}
-
-if os.getenv("DATABASE_SSLMODE", False):
-    DATABASES['default']['OPTIONS'] = {'sslmode': os.getenv("DATABASE_SSLMODE")}
-
-USE_X_FORWARDED_HOST = True
-USE_X_FORWARDED_PORT = True

tools/ansible/roles/dockerfile/templates/Dockerfile.j2

@@ -77,8 +77,7 @@ WORKDIR /tmp/src/
 RUN make sdist && /var/lib/awx/venv/awx/bin/pip install dist/awx.tar.gz
 
 {% if not headless|bool %}
-ADD tools/ansible/roles/dockerfile/files/settings.py /etc/tower/settings.py
+RUN AWX_SETTINGS_FILE=/dev/null SKIP_SECRET_KEY_CHECK=yes SKIP_PG_VERSION_CHECK=yes /var/lib/awx/venv/awx/bin/awx-manage collectstatic --noinput --clear
-RUN SKIP_PG_VERSION_CHECK=yes /var/lib/awx/venv/awx/bin/awx-manage collectstatic --noinput --clear
 {% endif %}
 
 {% endif %}
@@ -210,7 +209,6 @@ ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanima
 {% else %}
 ADD tools/ansible/roles/dockerfile/files/launch_awx.sh /usr/bin/launch_awx.sh
 ADD tools/ansible/roles/dockerfile/files/launch_awx_task.sh /usr/bin/launch_awx_task.sh
-ADD tools/ansible/roles/dockerfile/files/settings.py /etc/tower/settings.py
 ADD tools/ansible/roles/dockerfile/files/uwsgi.ini /etc/tower/uwsgi.ini
 ADD {{ template_dest }}/supervisor.conf /etc/supervisord.conf
 ADD {{ template_dest }}/supervisor_task.conf /etc/supervisord_task.conf
@@ -228,7 +226,6 @@ RUN for dir in \
       /var/lib/awx/rsyslog/conf.d \
       /var/lib/awx/.local/share/containers/storage \
       /var/run/awx-rsyslog \
-      /var/log/tower \
       /var/log/nginx \
       /var/lib/postgresql \
       /var/run/supervisor \