Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ec2_security_group - Module failure when mixing rules with 'group_name' and 'ip_prefix' with --diff #2373

Closed
1 task done
fabricat-mdb opened this issue Oct 31, 2024 · 0 comments · Fixed by #2404
Closed
1 task done

ec2_security_group - Module failure when mixing rules with 'group_name' and 'ip_prefix' with --diff #2373

fabricat-mdb opened this issue Oct 31, 2024 · 0 comments · Fixed by #2404
Labels
bug This issue/PR relates to a bug verified

Comments

@fabricat-mdb
Copy link

Summary

When I try to use the ec2_security_group module using a mixed set of rules (some with group_name and other with ip_prefix), the module fails, but only when I running in diff mode!

Issue Type

Bug Report

Component Name

ec2_security_group

Ansible Version

$ ansible --version
ansible [core 2.17.5]
  config file = /Users/fab/workdir/ansible/ansible.cfg
  configured module search path = ['/Users/fab/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/homebrew/Cellar/ansible/10.5.0/libexec/lib/python3.12/site-packages/ansible
  ansible collection location = /Users/fab/.ansible/collections:/usr/share/ansible/collections
  executable location = /opt/homebrew/bin/ansible
  python version = 3.12.7 (main, Oct  1 2024, 02:05:46) [Clang 15.0.0 (clang-1500.3.9.4)] (/opt/homebrew/Cellar/ansible/10.5.0/libexec/bin/python)
  jinja version = 3.1.4
  libyaml = True

Collection Versions

$ ansible-galaxy collection list
Collection                               Version
---------------------------------------- -------
amazon.aws                               8.2.1
ansible.posix                            1.6.2
community.aws                            8.0.0
community.general                        9.5.0
prometheus.prometheus                    0.19.0

AWS SDK versions

$ pip show boto boto3 botocore
WARNING: Package(s) not found: boto
Name: boto3
Version: 1.34.109
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /Users/fab/Library/Python/3.12/lib/python/site-packages
Requires: botocore, jmespath, s3transfer
Required-by:
---
Name: botocore
Version: 1.34.109
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /Users/fab/Library/Python/3.12/lib/python/site-packages
Requires: jmespath, python-dateutil, urllib3
Required-by: boto3, s3transfer

Configuration

$ ansible-config dump --only-changed
CACHE_PLUGIN(/Users/fab/workdir/ansible/ansible.cfg) = ansible.builtin.jsonfile
CACHE_PLUGIN_CONNECTION(/Users/fab/workdir/ansible/ansible.cfg) = /tmp/ansible_facts
CALLBACKS_ENABLED(/Users/fab/workdir/ansible/ansible.cfg) = ['community.general.log_plays']
CONFIG_FILE() = /Users/fab/workdir/ansible/ansible.cfg
DEFAULT_GATHERING(/Users/fab/workdir/ansible/ansible.cfg) = smart
DEFAULT_HOST_LIST(/Users/fab/workdir/ansible/ansible.cfg) = ['/Users/fab/workdir/ansible/inventory']
DEFAULT_LOAD_CALLBACK_PLUGINS(/Users/fab/workdir/ansible/ansible.cfg) = True
INTERPRETER_PYTHON(/Users/fab/workdir/ansible/ansible.cfg) = auto_silent
INVENTORY_CACHE_ENABLED(/Users/fab/workdir/ansible/ansible.cfg) = True
INVENTORY_CACHE_PLUGIN(/Users/fab/workdir/ansible/ansible.cfg) = ansible.builtin.jsonfile
INVENTORY_CACHE_PLUGIN_CONNECTION(/Users/fab/workdir/ansible/ansible.cfg) = /tmp/ansible_inventory
TRANSFORM_INVALID_GROUP_CHARS(/Users/fab/workdir/ansible/ansible.cfg) = always

OS / Environment

MacBook Pro
Chip: Apple M1 Pro
macOS: Sonoma 14.6.1
GNU bash, version 3.2.57(1)-release (arm64-apple-darwin23)
Homebrew 4.4.2

Steps to Reproduce

Tested with this simple playbook:

- name: Deploy AWS infrastructure
  hosts: localhost
  gather_facts: false
  become: false
  tasks:
    - name: Security Groups test
      diff: true
      amazon.aws.ec2_security_group:
        name: "test"
        description: "test"
        vpc_id: "{{ vpc_id }}"
        rules:
          - rule_desc: "traffic from ELB"
            proto: tcp
            ports: 80
            group_name: "test-elb"
          - rule_desc: "traffic from Prefix List"
            proto: tcp
            ports: 80
            ip_prefix: "{{ pl_office_ips }}"

Run the playbook with the --diff

Expected Results

I expected the task to succeed.

Actual Results

The task fails.

These details are obtained with -vvv verbosity.

The full traceback is:
Traceback (most recent call last):
  File "/Users/fab/.ansible/tmp/ansible-tmp-1730383349.294612-15017-244652880603202/AnsiballZ_ec2_security_group.py", line 107, in <module>
    _ansiballz_main()
  File "/Users/fab/.ansible/tmp/ansible-tmp-1730383349.294612-15017-244652880603202/AnsiballZ_ec2_security_group.py", line 99, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/Users/fab/.ansible/tmp/ansible-tmp-1730383349.294612-15017-244652880603202/AnsiballZ_ec2_security_group.py", line 47, in invoke_module
    runpy.run_module(mod_name='ansible_collections.amazon.aws.plugins.modules.ec2_security_group', init_globals=dict(_module_fqn='ansible_collections.amazon.aws.plugins.modules.ec2_security_group', _modlib_path=modlib_path),
  File "<frozen runpy>", line 226, in run_module
  File "<frozen runpy>", line 98, in _run_module_code
  File "<frozen runpy>", line 88, in _run_code
  File "/var/folders/4d/j1qvv2mn3hb3zcvw97k58hd80000gp/T/ansible_amazon.aws.ec2_security_group_payload_0n6mkmxx/ansible_amazon.aws.ec2_security_group_payload.zip/ansible_collections/amazon/aws/plugins/modules/ec2_security_group.py", line 1776, in <module>
  File "/var/folders/4d/j1qvv2mn3hb3zcvw97k58hd80000gp/T/ansible_amazon.aws.ec2_security_group_payload_0n6mkmxx/ansible_amazon.aws.ec2_security_group_payload.zip/ansible_collections/amazon/aws/plugins/modules/ec2_security_group.py", line 1768, in main
  File "/var/folders/4d/j1qvv2mn3hb3zcvw97k58hd80000gp/T/ansible_amazon.aws.ec2_security_group_payload_0n6mkmxx/ansible_amazon.aws.ec2_security_group_payload.zip/ansible_collections/amazon/aws/plugins/modules/ec2_security_group.py", line 1447, in sort_security_group
TypeError: '<' not supported between instances of 'NoneType' and 'str'
fatal: [localhost]: FAILED! => {
    "changed": false,
    "module_stderr": "Traceback (most recent call last):\n  File \"/Users/fab/.ansible/tmp/ansible-tmp-1730383349.294612-15017-244652880603202/AnsiballZ_ec2_security_group.py\", line 107, in <module>\n    _ansiballz_main()\n  File \"/Users/fab/.ansible/tmp/ansible-tmp-1730383349.294612-15017-244652880603202/AnsiballZ_ec2_security_group.py\", line 99, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/Users/fab/.ansible/tmp/ansible-tmp-1730383349.294612-15017-244652880603202/AnsiballZ_ec2_security_group.py\", line 47, in invoke_module\n    runpy.run_module(mod_name='ansible_collections.amazon.aws.plugins.modules.ec2_security_group', init_globals=dict(_module_fqn='ansible_collections.amazon.aws.plugins.modules.ec2_security_group', _modlib_path=modlib_path),\n  File \"<frozen runpy>\", line 226, in run_module\n  File \"<frozen runpy>\", line 98, in _run_module_code\n  File \"<frozen runpy>\", line 88, in _run_code\n  File \"/var/folders/4d/j1qvv2mn3hb3zcvw97k58hd80000gp/T/ansible_amazon.aws.ec2_security_group_payload_0n6mkmxx/ansible_amazon.aws.ec2_security_group_payload.zip/ansible_collections/amazon/aws/plugins/modules/ec2_security_group.py\", line 1776, in <module>\n  File \"/var/folders/4d/j1qvv2mn3hb3zcvw97k58hd80000gp/T/ansible_amazon.aws.ec2_security_group_payload_0n6mkmxx/ansible_amazon.aws.ec2_security_group_payload.zip/ansible_collections/amazon/aws/plugins/modules/ec2_security_group.py\", line 1768, in main\n  File \"/var/folders/4d/j1qvv2mn3hb3zcvw97k58hd80000gp/T/ansible_amazon.aws.ec2_security_group_payload_0n6mkmxx/ansible_amazon.aws.ec2_security_group_payload.zip/ansible_collections/amazon/aws/plugins/modules/ec2_security_group.py\", line 1447, in sort_security_group\nTypeError: '<' not supported between instances of 'NoneType' and 'str'\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 1
}

Code of Conduct

  • I agree to follow the Ansible Code of Conduct
@gravesm gravesm added bug This issue/PR relates to a bug needs_verified Some one might want to take a look at this and reproduce it to confirm and removed needs_triage labels Nov 5, 2024
@abikouo abikouo added verified and removed needs_verified Some one might want to take a look at this and reproduce it to confirm labels Nov 29, 2024
@abikouo abikouo mentioned this issue Dec 2, 2024
Merged
patchback bot pushed a commit that referenced this issue Dec 13, 2024
@abikouo @patchback
ec2_security_group - fix diff mode issue when creating security group…
00ab92d 
… containing at least one rule with a managed prefix list (#2404)

SUMMARY
Closes #2373
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME

ec2_security_group

Reviewed-by: Alina Buzachis
(cherry picked from commit 6712ec6)
@patchback patchback bot mentioned this issue Dec 13, 2024
Merged
patchback bot pushed a commit that referenced this issue Dec 13, 2024
@abikouo @patchback
ec2_security_group - fix diff mode issue when creating security group…
e96b951 
… containing at least one rule with a managed prefix list (#2404)

SUMMARY
Closes #2373
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME

ec2_security_group

Reviewed-by: Alina Buzachis
(cherry picked from commit 6712ec6)
@patchback patchback bot mentioned this issue Dec 13, 2024
Merged
softwarefactory-project-zuul bot pushed a commit that referenced this issue Dec 13, 2024
@patchback
ec2_security_group - fix diff mode issue when creating security group…
90dff60 
… containing at least one rule with a managed prefix list (#2404) (#2424)

This is a backport of PR #2404 as merged into main (6712ec6).
SUMMARY
Closes #2373
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

ec2_security_group

Reviewed-by: Bikouo Aubin
softwarefactory-project-zuul bot pushed a commit that referenced this issue Dec 13, 2024
@patchback
ec2_security_group - fix diff mode issue when creating security group…
b1b6678 
… containing at least one rule with a managed prefix list (#2404) (#2423)

This is a backport of PR #2404 as merged into main (6712ec6).
SUMMARY
Closes #2373
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

ec2_security_group

Reviewed-by: Bikouo Aubin
alinabuzachis pushed a commit to alinabuzachis/amazon.aws that referenced this issue Jan 15, 2025
@abikouo @alinabuzachis
ec2_security_group - fix diff mode issue when creating security group…
1d9e007 
… containing at least one rule with a managed prefix list (ansible-collections#2404)

SUMMARY
Closes ansible-collections#2373
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

ec2_security_group

Reviewed-by: Alina Buzachis
alinabuzachis pushed a commit to alinabuzachis/amazon.aws that referenced this issue Jan 15, 2025
@abikouo @alinabuzachis
ec2_security_group - fix diff mode issue when creating security group…
c96a227 
… containing at least one rule with a managed prefix list (ansible-collections#2404)

SUMMARY
Closes ansible-collections#2373
ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

ec2_security_group

Reviewed-by: Alina Buzachis
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue/PR relates to a bug verified
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

ec2_security_group - Fix diff mode issue abikouo/amazon.aws
3 participants
@gravesm @abikouo @fabricat-mdb