Skip to content

feat: Add option to disable validate_certs#576

Merged
anusshukla merged 3 commits intoansible:mainfrom
KB-perByte:feat/ee-validate-certs-add
Apr 13, 2026
Merged

feat: Add option to disable validate_certs#576
anusshukla merged 3 commits intoansible:mainfrom
KB-perByte:feat/ee-validate-certs-add

Conversation

@KB-perByte
Copy link
Copy Markdown
Member

@KB-perByte KB-perByte commented Apr 7, 2026
edited
Loading

Summary

Adds an optional validate_certs field on each galaxy_servers entry in EE configuration (--ee-config / --ee-config-file). When set to false, the generated ansible.cfg includes validate_certs = false for that [galaxy_server.] section so ansible-galaxy can talk to hubs that use certificates the EE image does not trust (for example, internal Automation Hub with a private CA).

Example

{
  "galaxy_servers": [
    {
      "id": "private_hub",
      "url": "https://pah.example.com/api/galaxy/content/published/",
      "token_required": true,
      "validate_certs": false
    }
  ]
}

Steps to check

rm -rf /tmp/ee-validate-certs-test
uv run ansible-creator init execution_env /tmp/ee-validate-certs-test \
  --ee-config '{
    "base_image": "registry.redhat.io/ansible-automation-platform-25/ee-minimal-rhel8:latest",
    "galaxy_servers": [
      {
        "id": "private_hub",
        "url": "https://pah.example.com/api/galaxy/content/published/",
        "token_required": true,
        "validate_certs": false
      },
      {
        "id": "galaxy",
        "url": "https://galaxy.ansible.com/"
      }
    ],
    "collections": [{"name": "ansible.posix"}]
  }'

Tests

 uv run pytest tests/units/test_init_ee.py::test_ee_project_with_galaxy_servers \
  tests/units/test_init_ee.py::test_galaxy_server_from_dict_validate_certs_false -q
======================================================== test session starts =========================================================
platform linux -- Python 3.13.12, pytest-9.0.2, pluggy-1.6.0
cachedir: .cache/.pytest
rootdir: /home/kbperbyte/Work/contributions/ansible-creator
configfile: pyproject.toml
plugins: instafail-0.5.0, xdist-3.8.0, plus-0.8.1
collected 2 items                                                                                                                    

tests/units/test_init_ee.py ..                                                                                                 [100%]

======================================================== slowest 10 durations ========================================================
0.01s call     tests/units/test_init_ee.py::test_ee_project_with_galaxy_servers

(5 durations < 0.005s hidden.  Use -vv to show these durations.)

@KB-perByte KB-perByte requested a review from a team as a code owner April 7, 2026 14:47
@github-actions github-actions bot added the feat label Apr 7, 2026
rockygeekz
rockygeekz requested changes Apr 8, 2026
View reviewed changes
Comment thread docs/ee_scaffolding.md Outdated
KB-perByte
KB-perByte commented Apr 8, 2026
View reviewed changes
Comment thread docs/ee_scaffolding.md Outdated
@github-actions github-actions bot added feat and removed feat labels Apr 8, 2026
@github-project-automation github-project-automation bot moved this from In Progress to Review in 🧰 devtools project board Apr 8, 2026
@KB-perByte KB-perByte closed this Apr 9, 2026
@github-project-automation github-project-automation bot moved this from Review to Done in 🧰 devtools project board Apr 9, 2026
@KB-perByte KB-perByte reopened this Apr 9, 2026
@github-project-automation github-project-automation bot moved this from Done to Review in 🧰 devtools project board Apr 9, 2026
@KB-perByte KB-perByte enabled auto-merge (squash) April 13, 2026 05:47
@anusshukla anusshukla disabled auto-merge April 13, 2026 08:43
@anusshukla anusshukla merged commit 45f7dde into ansible:main Apr 13, 2026
28 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rockygeekz rockygeekz rockygeekz approved these changes

Assignees

No one assigned

Labels

feat

Projects

🧰 devtools project board
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@KB-perByte @rockygeekz @anusshukla