-
Notifications
You must be signed in to change notification settings - Fork 342
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws_ssm lookup module throws an exception on missing fail_json #1528
Comments
Thanks for opening this issue. Please note that an error/exception is the expected behaviour when encountering a missing attribute or a permissions issue. Please see the documentation for information: https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_ssm_lookup.html#parameter-on_missing That said, the error you've encountered is significantly more spammy that it should be. This is caused by us raising the "wrong" type of error. That issue has been fixed in the "main" branch which we hope to release as 6.0.0 within the next week. Additionally I've opened #1534 which will clean up the error messages in the next 5.x release. |
[stable-5] lookup plugins - raise correct error SUMMARY Lookup plugins are currently raising "AnsibleError" this is in turn leading to a surprising error. Our tests didn't catch this because we expected an error (just a clean error) and our error message was still in there. fixes: #1528 ISSUE TYPE Bugfix Pull Request COMPONENT NAME aws_ssm ADDITIONAL INFORMATION TASK [lookup_aws_ssm : lookup a missing key (error)] *************************** task path: /root/ansible_collections/amazon/aws/tests/output/.tmp/integration/lookup_aws_ssm-uhhi4kie-ÅÑŚÌβŁÈ/tests/integration/targets/lookup_aws_ssm/tasks/main.yml:43 AWS_ssm name lookup term: ['/ansible-test-32065799-mchappel/Simple'] exception during Jinja2 execution: Traceback (most recent call last): File "/root/ansible_collections/amazon/aws/plugins/lookup/aws_ssm.py", line 272, in get_parameter_value response = client.get_parameter(**ssm_dict) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/dist-packages/botocore/client.py", line 386, in _api_call return self._make_api_call(operation_name, kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/dist-packages/botocore/client.py", line 705, in _make_api_call raise error_class(parsed_response, operation_name) botocore.errorfactory.ParameterNotFound: An error occurred (ParameterNotFound) when calling the GetParameter operation: During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/root/ansible/lib/ansible/template/__init__.py", line 831, in _lookup ran = instance.run(loop_terms, variables=self._available_variables, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/root/ansible_collections/amazon/aws/plugins/lookup/aws_ssm.py", line 241, in run ret.append(self.get_parameter_value(client, ssm_dict, term, on_missing.lower(), on_denied.lower())) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/root/ansible_collections/amazon/aws/plugins/lookup/aws_ssm.py", line 276, in get_parameter_value raise AnsibleError("Failed to find SSM parameter %s (ResourceNotFound)" % term) ansible.errors.AnsibleError: Failed to find SSM parameter /ansible-test-32065799-mchappel/Simple (ResourceNotFound) fatal: [testhost]: FAILED! => { "msg": "An unhandled exception occurred while running the lookup plugin 'amazon.aws.aws_ssm'. Error was a <class 'ansible.errors.AnsibleError'>, original message: Failed to find SSM parameter /ansible-test-32065799-mchappel/Simple (ResourceNotFound). Failed to find SSM parameter /ansible-test-32065799-mchappel/Simple (ResourceNotFound)" } ...ignoring Direct to stable-5 as the issue was fixed during the refactor work in main. Reviewed-by: Alina Buzachis
Yeah that's what I meant in the expected result that in this case the code trying to catch-raise the AWS exception has by itself produced/raised an uncaught exception. Thanks for the quick fix :) BTW, looking at the commit code made me wonder what's the benefit of catching the exceptions from botocore? |
It's mostly to do with "failing cleanly". These are to an extent "expected" errors (things like 404/403), and in some cases we even drop them on the floor ( In the default case of |
6.0.0 has been released and fixes this issue. The next 5.x release will also include a fix, which would be expected in early June. |
Migrate rds_option_group* modules and tests Depends-On: ansible-collections#1056 Remove rds_option_group* modules and tests These modules have been migrated to amazon.aws Update runtime.yml with redirects to that collection Update ignore files Reviewed-by: Mark Chappell <None>
Migrate rds_option_group* modules and tests Depends-On: ansible-collections#1056 Remove rds_option_group* modules and tests These modules have been migrated to amazon.aws Update runtime.yml with redirects to that collection Update ignore files Reviewed-by: Mark Chappell <None>
Migrate rds_option_group* modules and tests Depends-On: ansible-collections#1056 Remove rds_option_group* modules and tests These modules have been migrated to amazon.aws Update runtime.yml with redirects to that collection Update ignore files Reviewed-by: Mark Chappell <None>
Summary
Try to run the lookup on a parameter with no permission or if it doesn't exist.
Result is an exception due to a missing method in the module instead of an error message with the relevant details.
Issue Type
Bug Report
Component Name
aws_ssm lookup
Ansible Version
Collection Versions
5.4.0
AWS SDK versions
Configuration
No response
OS / Environment
No response
Steps to Reproduce
Expected Results
Error message from AWS.
Actual Results
Exception from amazon.aws#aws_ssm module.
An unhandled exception occurred while templating '{{ lookup('aws_ssm', 'some_param', decrypt=True) }}'. Error was a <class 'ansible.errors.AnsibleError'>, original message: An unhandled exception occurred while running the lookup plugin 'aws_ssm'. Error was a <class 'AttributeError'>, original message: 'LookupModule' object has no attribute 'fail_json'. 'LookupModule' object has no attribute 'fail_json'
Code of Conduct
The text was updated successfully, but these errors were encountered: