The way ansible-galaxy works to checkout requirements is that it formulates a git command from the src line and executes the git commandline.

To do what's asked here relies on git prompting the user, and for that prompting to be passed through ansible-galaxy in a way that pexpect() could possibly supply the password... and even so would only work if there's a single password required for all roles that might be checked out.

Hm is there any possibility to load Roles from third party git Repositorys ? because the same issue applies to git submodules. When cloning a Project, the submodules get cloned without authentication.

?

The example you posted is effectively a third-party git repository - it would attempt to be cloned regardless of where the original project is located.

@wenottingham thats correct, but how can i supply credentals from AWX to clone submodules. When cloning a project with submodules, the credentials get used for the actuall git repo(project). however when AWX clones the git submodules of that project, it does not provide the (same)credentials thus the clone of the project fails because it cant clone the git submodules.

Effectively there is no way i see to keep parts of a playbook, like roles in a seperate git repository which needs authentication because neither git submodules can be cloned nor can Galaxy clone additional requirements via a git repo which needs authentication.

That will hit the exact same issue - if you have multiple submodules with different username/password, you can't reliably prompt for that; you'd need to encode the auth in the URL.

Got it working by choosing the same communication method for the repo and submodules. When the repo used https to clone and the submudules where ssh, AWX somehow didnt provide the credentials to the submodules. I switched the submodules to https and voila, AWX uses the credentials of the main repo for the submodules ;)

folks.. I think there is a bug in it.

i have fixed in project_update.yml file modified it
default stats command mentioned in the file doesn't work
Also, scm_full_checkout value doesn't exists and hence fails to execute the roles

1

- name: detect requirements.yml
  stat:
    path: "{{project_path|quote}}/roles/requirements.yml"
  register: doesRequirementsExist

2

- name: fetch galaxy roles from requirements.yml
  command: ansible-galaxy install -r requirements.yml -p {{project_path|quote}}/roles/ --force
  args:
    chdir: "{{project_path|quote}}/roles"
  when: doesRequirementsExist.stat.exists

@srinivasakp
Thanks for posting a resolution, this resolved my issue with galaxy roles as well.

@srinivasakp thanks!!!
but for me is necessary to add for example an option
acceptkey: yes

Got it working by choosing the same communication method for the repo and submodules. When the repo used https to clone and the submudules where ssh, AWX somehow didnt provide the credentials to the submodules. I switched the submodules to https and voila, AWX uses the credentials of the main repo for the submodules ;)

I am struggling with something similar. I want to have one repo with the playbooks and one with vars. How can I use a awx-job (playbook repo) and use vars from the vars repo? Both repos are on a on premise gitlab server and awx should use the same credentials over https.