Closed Et7f3 closed 8 months ago
The API needs authentication. That's how it works, I'm sorry.
You can provide it via the environment, and also you can use api tokens in place of the password. Maybe that helps not to put the admin password into a file. ... i mean vault.
You can provide it via the environment
You suggest using global parameter ? Ok if it is the recommended way.
i mean vault
Using vault would still need an initial password stored and accessible to from ansible.
I thought like mysql/postgres/docker we could authentificate with unix socket instead of https endpoint
I thought like mysql/postgres/docker we could authentificate with unix socket instead of https endpoint
If foreman allowed this...
SUMMARY
When we see the documentation the expectation seems to be run outside of the satellite. We have cron based script that use hammer and we would like to use ansible (so we get the audit built into foreman). However it seems odd that we need service account from the same machine (If attacker is on the machine we have already lost)
ISSUE TYPE