Support !import and !include in awx import -f yaml command

[neoaggelos]

SUMMARY

Closes #8135

ISSUE TYPE

• Feature Pull Request

COMPONENT NAME

• API

AWX VERSION

awx: 14.1.0

ADDITIONAL INFORMATION

The description in #8135 should be enough, let me know if something is not clear.

[neoaggelos]

This is a proposal solution, keeping the diff as small as possible. I can update/change as required if something more complex may be needed.

[softwarefactory-project-zuul]

Build failed.

• awx-api-lint : SUCCESS in 9m 57s
• awx-api : FAILURE in 14m 45s
• awx-ui : SUCCESS in 10m 57s
• awx-ui-next : SUCCESS in 15m 27s
• awx-swagger : SUCCESS in 15m 06s
• awx-detect-schema-change : SUCCESS in 15m 30s (non-voting)
• awx-ansible-modules : SUCCESS in 9m 55s

[softwarefactory-project-zuul]

Build succeeded.

• awx-api-lint : SUCCESS in 2m 02s
• awx-api : SUCCESS in 7m 40s
• awx-ui : SUCCESS in 3m 50s
• awx-ui-next : SUCCESS in 7m 40s
• awx-swagger : SUCCESS in 8m 08s
• awx-detect-schema-change : SUCCESS in 9m 26s (non-voting)
• awx-ansible-modules : SUCCESS in 2m 28s

[ryanpetrello]

There's some alarm bells going off for me for the security implications here:

https://pyyaml.org/wiki/PyYAMLDocumentation

Warning: It is not safe to call yaml.load with any data received from an untrusted source! yaml.load is as powerful as pickle.load and so may call any Python function. Check the yaml.safe_load function though.

[neoaggelos]

Yes, I am aware of load vs safe_load, but this is not an issue here, since we do specify a "safe" loader.

The safety implications of yaml.load() stem from the fact that yaml.Loader is unsafe. Here, we use awxkit.yaml_file.Loader which inherits from yaml.SafeLoader, so to me it seems equivalent from a safety standpoint.

Also, yaml.safe_load() is simply an alias for yaml.load(..., loader=SafeLoader).

[ryanpetrello]

Ah, yep!

Sorry, I wasn't looking closely enough at this PR. Thanks, @neoaggelos.

[ryanpetrello]

This looks pretty reasonable to me.

@jbradberry or @elyezer either of you want to give it awhirl and sign off?

[jbradberry]

Works for me, barring some problems with a dependency that wasn't installed.

[softwarefactory-project-zuul]

Build succeeded (gate pipeline).

• awx-api-lint : SUCCESS in 2m 27s
• awx-api : SUCCESS in 6m 30s
• awx-ui : SUCCESS in 4m 10s
• awx-ui-next : SUCCESS in 8m 47s
• awx-swagger : SUCCESS in 7m 34s
• awx-detect-schema-change : SUCCESS in 7m 49s (non-voting)
• awx-ansible-modules : SUCCESS in 2m 34s
• awx-push-new-schema : SUCCESS in 8m 03s (non-voting)