Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Image Update] Remove ansible installed using pip #402

Open
surajssd opened this issue Apr 24, 2024 · 4 comments
Open

[Image Update] Remove ansible installed using pip #402

surajssd opened this issue Apr 24, 2024 · 4 comments

Comments

@surajssd
Copy link
Member

Right now we install ansible using tdnf and pip both.

So remove the pip based installer.
@surajssd
Copy link
Member Author

surajssd commented Apr 24, 2024
edited
Loading

Blocker on using ansible from the mariner repo

If you install the ansible using tdnf the ansible-galaxy fails to run with an error: ERROR! ansible-galaxy requires resolvelib<0.9.0,>=0.5.3.

The current version of ansible-galaxy (on mariner) needs resolvelib of certain version (anything between 0.5.3 and 0.9.0). The ansible (and ansible-galaxy) shipped with mariner repo is older ansible-2.14.12-1.cm2.noarch.rpm 14-Jan-2024 22:05, hence needs older resolvelib.

But the resolvelib library itself that mariner ships is newer. The current version of resolvelib is python3-resolvelib-1.0.1-1.cm2.noarch.rpm 03-Aug-2023 02:37, can be found here: https://packages.microsoft.com/cbl-mariner/2.0/prod/base/x86_64/Packages/p/

Reproducing problem

cat <<EOF >linux/ansible.Dockerfile
FROM mcr.microsoft.com/cbl-mariner/base/core:2.0

SHELL ["/bin/bash","-c"]

COPY linux/tdnfinstall.sh .

RUN tdnf update -y --refresh && \
    bash ./tdnfinstall.sh \
    mariner-repos-extended && \
    tdnf update -y --refresh && \
    bash ./tdnfinstall.sh \
    python3 \
    python3-pip \
    python3-virtualenv \
    python3-packaging \
    ansible \
    ca-certificates \
    ca-certificates-legacy \
    # Install Ansible dependencies
    glibc-lang \
    glibc-i18n

# Setup locale to en_US.utf8
RUN echo en_US UTF-8 >> /etc/locale.conf && locale-gen.sh
ENV LANG="en_US.utf8"
EOF

Build the docker image:

docker build -t ansible -f linux/ansible.Dockerfile .
$ docker run -it ansible bash
root [ / ]# ansible-galaxy collection install azure.azcollection --force -p /usr/share/ansible/collections
Starting galaxy collection install process
Process install dependency map
ERROR! ansible-galaxy requires resolvelib<0.9.0,>=0.5.3

@surajssd
Copy link
Member Author

We can skip installing ansible altogether using the package manager tdnf and let user install it using pip.

cat <<EOF >linux/ansible.Dockerfile
FROM mcr.microsoft.com/cbl-mariner/base/core:2.0

SHELL ["/bin/bash","-c"]

COPY linux/tdnfinstall.sh .

RUN tdnf update -y --refresh && \
    bash ./tdnfinstall.sh \
    mariner-repos-extended && \
    tdnf update -y --refresh && \
    bash ./tdnfinstall.sh \
    python3 \
    python3-pip \
    python3-virtualenv \
    python3-packaging \
    # Install the certificates needed to reach out to external services
    ca-certificates \
    ca-certificates-legacy \
    # Install Ansible dependencies
    glibc-lang \
    glibc-i18n

# Setup locale to en_US.utf8
RUN echo en_US UTF-8 >> /etc/locale.conf && locale-gen.sh
ENV LANG="en_US.utf8"
EOF

Build docker image

docker build -t ansible -f linux/ansible.Dockerfile .

Start the container

docker run -it ansible bash

Install ansible using pip3 inside the container and then run the ansible-galaxy command:

pip3 install ansible
ansible-galaxy collection install azure.azcollection --force -p /usr/share/ansible/collections

Sample run:

root [ / ]# pip3 install ansible
Collecting ansible
  Downloading ansible-8.7.0-py3-none-any.whl (48.4 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 48.4/48.4 MB 23.6 MB/s eta 0:00:00
Collecting ansible-core~=2.15.7
  Downloading ansible_core-2.15.11-py3-none-any.whl (2.3 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 2.3/2.3 MB 64.6 MB/s eta 0:00:00
Collecting importlib-resources<5.1,>=5.0
  Downloading importlib_resources-5.0.7-py3-none-any.whl (24 kB)
Collecting cryptography
  Downloading cryptography-42.0.5-cp39-abi3-manylinux_2_28_x86_64.whl (4.6 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 4.6/4.6 MB 76.5 MB/s eta 0:00:00
Collecting resolvelib<1.1.0,>=0.5.3
  Downloading resolvelib-1.0.1-py2.py3-none-any.whl (17 kB)
Requirement already satisfied: packaging in /usr/lib/python3.9/site-packages (from ansible-core~=2.15.7->ansible) (21.3)
Collecting jinja2>=3.0.0
  Downloading Jinja2-3.1.3-py3-none-any.whl (133 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 133.2/133.2 kB 20.9 MB/s eta 0:00:00
Collecting PyYAML>=5.1
  Downloading PyYAML-6.0.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (738 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 738.9/738.9 kB 49.9 MB/s eta 0:00:00
Collecting MarkupSafe>=2.0
  Downloading MarkupSafe-2.1.5-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (25 kB)
Collecting cffi>=1.12
  Downloading cffi-1.16.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (443 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 443.4/443.4 kB 43.1 MB/s eta 0:00:00
Requirement already satisfied: pyparsing!=3.0.5,>=2.0.2 in /usr/lib/python3.9/site-packages (from packaging->ansible-core~=2.15.7->ansible) (3.0.7)
Collecting pycparser
  Downloading pycparser-2.22-py3-none-any.whl (117 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 117.6/117.6 kB 18.4 MB/s eta 0:00:00
Installing collected packages: resolvelib, PyYAML, pycparser, MarkupSafe, importlib-resources, jinja2, cffi, cryptography, ansible-core, ansible
Successfully installed MarkupSafe-2.1.5 PyYAML-6.0.1 ansible-8.7.0 ansible-core-2.15.11 cffi-1.16.0 cryptography-42.0.5 importlib-resources-5.0.7 jinja2-3.1.3 pycparser-2.22 resolvelib-1.0.1
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv

[notice] A new release of pip is available: 23.0.1 -> 24.0
[notice] To update, run: pip install --upgrade pip


root [ / ]# ansible-galaxy collection install azure.azcollection --force -p /usr/share/ansible/collections
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Downloading https://galaxy.ansible.com/api/v3/plugin/ansible/content/published/collections/artifacts/azure-azcollection-2.3.0.tar.gz to /root/.ansible/tmp/ansible-local-9abq8200c/tmpczz29dqz/azure-azcollection-2.3.0-ggkgzxuf
Installing 'azure.azcollection:2.3.0' to '/usr/share/ansible/collections/ansible_collections/azure/azcollection'
azure.azcollection:2.3.0 was installed successfully

@surajssd
Copy link
Member Author

I wonder if this installation works without sudo!

@surajssd surajssd mentioned this issue Apr 24, 2024
Closed
@surajssd
Copy link
Member Author

I wonder if this installation works without sudo!

Yes, it does.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove ansible from the base and tools images surajssd/CloudShell
1 participant
@surajssd