remove aiohttp

[kbrock]

This was added to support all possible vmware clients But we don't use this client, none of our customers requested it and it looks to have security issues

@Fryguy your call if we want to go this route or want to resolve the issues

This resolves quite a few Mend issues (High and Medium) like https://github.com/ManageIQ/manageiq-rpm_build/issues/501 and https://github.com/ManageIQ/manageiq-rpm_build/issues/502

[Fryguy]

I'm curious what @agrare thinks. We didn't have it before, so it's not like it worked previously.

@agrare Background is there are 2 vmware clients for python.

• The community/vmware ansible collection one requires pyvmomi plus a git repo for vsphere-automation-sdk-python (ref)
• The ansible collection vmware/vmware_rest requires aiohttp (ref)

I'm pretty sure we've only every worked with community/vmware, but I wasn't sure if you had other experiences in the wild.

[kbrock]

In that note. We've worked fine without the git package

[agrare]

I haven't run into it previously but it states it is part of the "Red Hat Ansible Certified Content for VMware" Are these security issues with aiohttp being ignored by upstream?

[kbrock]

I just added in https://github.com/ManageIQ/manageiq-rpm_build/pull/495 Think we want to drop this