Awx: After Upgrade, Admin Password Needs To Be Reset

Created on 5 Feb 2020  路  7Comments  路  Source: ansible/awx
ISSUE TYPE
  • Bug Report
SUMMARY

I've noticed with my last two updates, to 9.1.0 and to 9.1.1, following the upgrade I need to open a console to awx-web and run awx-manage changepassword admin to fix my password. I am using the official instructions to provide a vars file with the admin_password key defined.

ENVIRONMENT
  • AWX version: >= 9.1.0
  • AWX install method: kubernetes
  • Ansible version: 2.9.x
  • Operating System:
  • Web Browser:
STEPS TO REPRODUCE
  1. Run update from 9.1.0, with a vars file defining admin_password
  2. Can no longer login with admin credentials after update
EXPECTED RESULTS

Admin credentials still work as before

ACTUAL RESULTS

Login with credentials fails.

ADDITIONAL INFORMATION
installer bug
Source
picture andrew-landsverk-win
👍1

All 7 comments

Also if you are doing this using a script or in the CD pipeline which there is no interctivity, it's better to do the following, so it doesn't show any prompt.

awx-manage migrate
awx-manage createsuperuser --username=admin [email protected] --noinput
awx-manage update_password --username=admin --password=changeme

or in the kubernetes:

kubectl exec -ti taskpodname -- awx-manage migrate
kubectl exec -ti taskpodname -- awx-manage createsuperuser --username=admin [email protected] --noinput
kubectl exec -ti taskpodname -- awx-manage update_password --username=admin --password=changeme
margani picture margani on 12 Feb 2020
👍1

I'm doing kubectl exec and opening a shell, then running awx-manage. However, the issue here is that upon upgrade, the existing admin user password is getting reset to something that it shouldn't be.

andrew-landsverk-win picture andrew-landsverk-win on 12 Feb 2020

I'm doing kubectl exec and opening a shell, then running awx-manage. However, the issue here is that upon upgrade, the existing admin user password is getting reset to something that it shouldn't be.

Yes I know, I am facing the same issue, and I thought it would be helpful for people who get stuck like me.
I know it's not a solution but a workaround.

margani picture margani on 12 Feb 2020
👍1

Heads up, I was unaware that this was the case, and after upgrading, our servers were hit with an automated cryptojacking attack.

At the very least, this should be made much more obvious. Having a crypto miner installed on our servers was fortunately much less nefarious than it could have been, but I was pretty surprised to see the default admin user being created again.

tcd156 picture tcd156 on 19 Jan 2021

When using a vars file, it appears the default value from the inventory file must take precedence. I've opened up https://github.com/ansible/awx/pull/9111 which completely removes the default value, and forces users to provide it.

shanemcd picture shanemcd on 19 Jan 2021
👍1

PR linked above has been merged. Next version of AWX will be out sometime this week.

shanemcd picture shanemcd on 19 Jan 2021

Thanks @shanemcd!

tcd156 picture tcd156 on 19 Jan 2021
Was this page helpful?
0 / 5 - 0 ratings

Related issues

worsco picture worsco  路  3Comments
gamuniz picture gamuniz  路  3Comments
IshwarKanse picture IshwarKanse  路  3Comments
astraios picture astraios  路  3Comments
mwiora picture mwiora  路  3Comments