Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin the Python package ansible-core to earlier than 2.16.3 #311

Merged
merged 4 commits into from
Mar 10, 2024
Merged

Pin the Python package ansible-core to earlier than 2.16.3 #311

merged 4 commits into from
Mar 10, 2024

Conversation

jsf9k
Copy link
Member

@jsf9k jsf9k commented Mar 8, 2024
edited
Loading

🗣 Description

This pull request pins the ansible-core Python package's version to earlier than 2.16.3.

💭 Motivation and context

ansible-core 2.16.3 and later suffer from the bug discussed in ansible/ansible#82702, which breaks any symlinked files in vars, tasks, etc. for any Ansible role installed via ansible-galaxy. This results in AMI build failures as seen in cisagov/openvpn-packer#101.

🧪 Testing

All automated testing passes in this pull request, and in cisagov/openvpn-packer#101 the build gets further than it did upon addition of these changes. (The build continues to fail, but for a different reason.)

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All future TODOs are captured in issues, which are referenced in code comments.
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.

@jsf9k
Pin ansible-core to earlier than 2.16.3
e603f65 
ansible-core 2.16.3 and later suffer from the bug discussed in
ansible/ansible#82702, which breaks any symlinked files in vars,
tasks, etc. for any Ansible role installed via ansible-galaxy.
@jsf9k jsf9k added bug This issue or pull request addresses broken functionality dependencies Pull requests that update a dependency file kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release labels Mar 8, 2024
@jsf9k
Copy link
Member Author

jsf9k commented Mar 8, 2024

I believe the Snyk failure can be ignored, since we must pin in order for the code to function.

@jsf9k jsf9k mentioned this pull request Mar 8, 2024
Merged
10 tasks
@jsf9k jsf9k marked this pull request as ready for review March 8, 2024 21:38
@jsf9k jsf9k requested a review from a team March 8, 2024 21:38
dav3r
dav3r approved these changes Mar 8, 2024
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 🔎

mcdonnnj
mcdonnnj approved these changes Mar 9, 2024
View reviewed changes
Copy link
Member

@mcdonnnj mcdonnnj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for hunting this down. One comment for your consideration and then a question: Should we do the same thing for cisagov/skeleton-ansible-role?

src/version.txt Outdated Show resolved Hide resolved
@jsf9k jsf9k force-pushed the bugfix/pin-ansible-core branch 2 times, most recently from 68b5c50 to 99fda06 Compare March 10, 2024 16:21
jsf9k added 2 commits March 10, 2024 12:22
@jsf9k
Include a reference to #312
21c2ca4 
This issue reminds us to remove the pin against ansible-core when that
becomes possible.
@jsf9k
Mention the related issue cisagov/skeleton-ansible-role#178
842e165
@jsf9k jsf9k force-pushed the bugfix/pin-ansible-core branch from 99fda06 to 842e165 Compare March 10, 2024 16:22
@jsf9k jsf9k mentioned this pull request Mar 10, 2024
Merged
7 tasks
mcdonnnj
mcdonnnj reviewed Mar 10, 2024
View reviewed changes
requirements.txt Outdated Show resolved Hide resolved
@jsf9k jsf9k added this pull request to the merge queue Mar 10, 2024
Merged via the queue into develop with commit fbefbdb Mar 10, 2024
8 of 9 checks passed
@jsf9k jsf9k deleted the bugfix/pin-ansible-core branch March 10, 2024 20:35
@jsf9k jsf9k mentioned this pull request May 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mcdonnnj mcdonnnj mcdonnnj approved these changes

@dv4harr10 dv4harr10 dv4harr10 approved these changes

@dav3r dav3r dav3r approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jasonodoom jasonodoom Awaiting requested review from jasonodoom

Assignees

@jsf9k jsf9k

@mcdonnnj mcdonnnj

Labels
bug This issue or pull request addresses broken functionality dependencies Pull requests that update a dependency file kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release
Projects
Next Kraken
Status: Done
Skeleton Maintenance
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jsf9k @dav3r @mcdonnnj @dv4harr10