galaxy_collection
galaxy_collection copied to clipboard
Published
20 hours ago •
ansible
ansible
Creating a group with group_roles fails and succeeds
Summary
Creating a group with group_roles fails, but the group is still created succesfully
Issue Type
- Bug Report
Ansible, Collection, Private Automation Hub details
Server version
4.7.3
Pulp Ansible Version
0.17.5
Ansible Automation Platform
2.4
UI Version
4.7.3
Username
admin
User Groups
Browser Version
firefox 115.0.0
Browser OS
Linux
ansible [core 2.14.10]
config file = None
configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/ansible/.local/pipx/venvs/ansible-core-2-14/lib/python3.11/site-packages/ansible
ansible collection location = /home/ansible/.ansible/collections:/usr/share/ansible/collections
executable location = /home/ansible/.local/bin/ansible
python version = 3.11.2 (main, Mar 13 2023, 12:18:29) [GCC 12.2.0] (/home/ansible/.local/pipx/venvs/ansible-core-2-14/bin/python)
jinja version = 3.1.2
libyaml = True
# /home/ansible/projects/rhlab/collections/ansible_collections
Collection Version
------------------------------ ---------
ansible.netcommon 5.2.0
ansible.posix 1.5.4
ansible.utils 2.11.0
ansible.windows 1.10.0
awx.awx 23.2.0
community.crypto 2.15.1
community.general 7.5.0
community.libvirt 1.3.0
community.mysql 3.7.2
community.postgresql 3.2.0
community.windows 1.10.0
community.zabbix 2.1.0
containers.podman 1.10.3
freeipa.ansible_freeipa 1.11.1
infoblox.nios_modules 1.5.0
infra.aap_utilities 2.3.0
infra.ah_configuration 2.0.4
infra.controller_configuration 2.5.2
infra.ee_utilities 3.1.2
kubernetes.core 2.4.0
recordsansible.ara 0.1.0
theforeman.foreman 3.14.0
thulium_drake.general 2023.43.2
- ansible installation method: one of source, pipx
OS / ENVIRONMENT
Debian 12
Desired Behavior
Create a group and continue the play
Actual Behavior
Creates a group and fails task
TASK [infra.ah_configuration.group_roles : Validating arguments against arg spec 'main' - An Ansible Role to create groups roles in Automation Hub.] ***
ok: [m-a12-01.rh.lab] => changed=false
msg: The arg spec validation passed
validate_args_context:
argument_spec_name: main
name: group_roles
path: /home/ansible/projects/rhlab/collections/ansible_collections/infra/ah_configuration/roles/group_roles
type: role
TASK [infra.ah_configuration.group_roles : Add Roles to Groups in Automation Hubs] **********************************
ok: [m-a12-01.rh.lab] => (item={'groups': ['ee_publisher'], 'role_list': [{'roles': ['galaxy.execution_environment_publisher']}], 'state': 'present'}) => changed=false
__group_role:
groups:
- ee_publisher
role_list:
- roles:
- galaxy.execution_environment_publisher
state: present
ansible_job_id: j488597877447.136954
ansible_loop_var: __group_role
finished: 0
results_file: /root/.ansible_async/j488597877447.136954
started: 1
TASK [infra.ah_configuration.group_roles : Add Roles to Groups | Wait for finish the group creation] ****************
failed: [m-a12-01.rh.lab] (item={'failed': 0, 'started': 1, 'finished': 0, 'ansible_job_id': 'j488597877447.136954', 'results_file': '/root/.ansible_async/j488597877447.136954', 'changed': False, '__group_role': {'groups': ['ee_publisher'], 'role_list': [{'roles': ['galaxy.execution_environment_publisher']}], 'state': 'present'}, 'ansible_loop_var': '__group_role'}) => changed=false
__group_roles_job_async_result_item:
__group_role:
groups:
- ee_publisher
role_list:
- roles:
- galaxy.execution_environment_publisher
state: present
ansible_job_id: j488597877447.136954
ansible_loop_var: __group_role
changed: false
failed: 0
finished: 0
results_file: /root/.ansible_async/j488597877447.136954
started: 1
ansible_job_id: j488597877447.136954
ansible_loop_var: __group_roles_job_async_result_item
attempts: 1
cmd: /home/ansible/.ansible/tmp/ansible-tmp-1698348055.9297695-590991-162874757899712/AnsiballZ_group_roles.py
data: ''
finished: 1
msg: |-
Traceback (most recent call last):
File "/tmp/ansible_ansible.legacy.async_wrapper_payload__hhybli1/ansible_ansible.legacy.async_wrapper_payload.zip/ansible/modules/async_wrapper.py", line 180, in _run_module
File "/tmp/ansible_ansible.legacy.async_wrapper_payload__hhybli1/ansible_ansible.legacy.async_wrapper_payload.zip/ansible/modules/async_wrapper.py", line 98, in _filter_non_json_lines
ValueError: No start of json char found
results_file: /root/.ansible_async/j488597877447.136954
started: 1
stderr: |-
Traceback (most recent call last):
File "/home/ansible/.ansible/tmp/ansible-tmp-1698348055.9297695-590991-162874757899712/AnsiballZ_group_roles.py", line 107, in <module>
_ansiballz_main()
File "/home/ansible/.ansible/tmp/ansible-tmp-1698348055.9297695-590991-162874757899712/AnsiballZ_group_roles.py", line 99, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/ansible/.ansible/tmp/ansible-tmp-1698348055.9297695-590991-162874757899712/AnsiballZ_group_roles.py", line 48, in invoke_module
run_name='__main__', alter_sys=True)
File "/usr/lib64/python3.6/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib64/python3.6/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/ansible_group_roles_payload_79vtr8t_/ansible_group_roles_payload.zip/ansible_collections/infra/ah_configuration/plugins/modules/group_roles.py", line 259, in <module>
File "/tmp/ansible_group_roles_payload_79vtr8t_/ansible_group_roles_payload.zip/ansible_collections/infra/ah_configuration/plugins/modules/group_roles.py", line 250, in main
KeyError: 'removed'
stderr_lines: <omitted>
stdout: ''
stdout_lines: <omitted>
Please give some details of what is actually happening. Include a [minimum complete verifiable example] with:
Run the below config/playbook once, it breaks with the error above. However, when you check in the WebUI, the group is actually created. Running the playbook twice will actually set up the user with that group and it has all permissions that are configured.
- playbook / task
---
- name: 'Sync collections into Automation Hub from Galaxy and RH AH'
hosts: 'ansible_automation_hub'
tasks:
- name: 'Ensure ee_publisher group'
ansible.builtin.import_role:
name: 'infra.ah_configuration.group_roles'
- name: 'Ensure ansible user'
ansible.builtin.import_role:
name: 'infra.ah_configuration.user'
- configuration file / list
ah_users:
- username: 'ansible'
groups:
- 'ee_publisher'
first_name: 'Ansible'
last_name: 'Automation'
email: '[email protected]'
is_superuser: false
password: 'allyourcontainersarebelongtous'
state: 'present'
ah_group_roles:
- groups:
- 'ee_publisher'
role_list:
- roles:
- 'galaxy.execution_environment_publisher'
state: 'present'
- error
Was able to recreate the issue. This happens when you're applying roles to a group that does not exist.
add this to your hub config before you create group roles
- name: Include group role
ansible.builtin.include_role:
name: infra.ah_configuration.group
And to your vars
ah_groups:
- name: ee_publisher
As explicit is better than implicit, what should actually happen is that the group should fail to create from group_roles
Good to know, I have updated my playbooks to also include making the group first, so the error is gone, but I still feel it should be addressed somewhere in the role as well. Either by just failing, or going the implicit route and still succeeding at the first go.