Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws_ssm: add profile support in connections #278

Merged
merged 7 commits into from
Apr 10, 2021
Merged

aws_ssm: add profile support in connections #278

merged 7 commits into from
Apr 10, 2021

Conversation

amaxine
Copy link
Contributor

@amaxine amaxine commented Oct 23, 2020

SUMMARY

The aws_ssm connection type had no way of setting a profile except via environment variable. We have a specific need to set the profile name for this connection type, and this achieves that.

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

plugins/connection/aws_ssm.py

felixfontein
felixfontein approved these changes Oct 28, 2020
View reviewed changes
Copy link
Contributor

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cannot judge whether the changes to _get_boto_client are good, but the rest looks good!

@tremble tremble mentioned this pull request Nov 13, 2020
Merged
@amaxine
Copy link
Contributor Author

amaxine commented Nov 13, 2020

Added a minor fix to the integration test that should hopefully unbreak it - I was able to successfully run it with just that change. I did not enable the test because I'm not sure how this can account for the flakiness that was brought up in IRC.

@tremble tremble mentioned this pull request Nov 13, 2020
Merged
@tremble
Copy link
Contributor

tremble commented Nov 14, 2020

@maxeaubrey,

I've applied this change over the top of #295 and I'm consistently getting an exception:

Traceback (most recent call last):
  File "/root/ansible_collections/community/aws/plugins/connection/aws_ssm.py", line 217, in wrapped
    return_tuple = func(self, *args, **kwargs)
  File "/root/ansible_collections/community/aws/plugins/connection/aws_ssm.py", line 356, in exec_command
    super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable)
  File "/root/ansible/lib/ansible/plugins/connection/__init__.py", line 34, in wrapped
    self._connect()
  File "/root/ansible_collections/community/aws/plugins/connection/aws_ssm.py", line 291, in _connect
    self.start_session()
  File "/root/ansible_collections/community/aws/plugins/connection/aws_ssm.py", line 336, in start_session
    bufsize=0,
  File "/usr/lib/python3.6/subprocess.py", line 729, in __init__
    restore_signals, start_new_session)
  File "/usr/lib/python3.6/subprocess.py", line 1295, in _execute_child
    restore_signals, start_new_session, preexec_fn)
TypeError: expected str, bytes or os.PathLike object, not NoneType

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/root/ansible/lib/ansible/executor/task_executor.py", line 159, in run
    res = self._execute()
  File "/root/ansible/lib/ansible/executor/task_executor.py", line 574, in _execute
    result = self._handler.run(task_vars=variables)
  File "/root/ansible/lib/ansible/plugins/action/raw.py", line 42, in run
    result.update(self._low_level_execute_command(self._task.args.get('_raw_params'), executable=executable))
  File "/root/ansible/lib/ansible/plugins/action/__init__.py", line 1240, in _low_level_execute_command
    rc, stdout, stderr = self._connection.exec_command(cmd, in_data=in_data, sudoable=sudoable)
  File "/root/ansible_collections/community/aws/plugins/connection/aws_ssm.py", line 239, in wrapped
    self.close()
  File "/root/ansible_collections/community/aws/plugins/connection/aws_ssm.py", line 594, in close
    self._session.communicate(cmd)
AttributeError: 'NoneType' object has no attribute 'communicate'

I need to dig into this a little further to understand why, but it looks like something's not quite right with the change, possibly how it handles not being passed a profile (that's a wild guess).

tremble
tremble requested changes Nov 14, 2020
View reviewed changes
Copy link
Contributor

@tremble tremble left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really appreciate you spending the time to track down the policy issue that was breaking the tests. For what it's worth, doing so appears to have uncovered a couple of small issues with the changes.

plugins/connection/aws_ssm.py Outdated Show resolved Hide resolved
plugins/connection/aws_ssm.py Show resolved Hide resolved
@ansibullbot ansibullbot added affects_2.10 connection connection plugin feature This issue/PR relates to a feature request integration tests/integration needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR needs_triage new_contributor Help guide this first time contributor plugins plugin (any type) tests tests labels Nov 16, 2020
@ansibullbot ansibullbot added the needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html label Jan 14, 2021
@goneri
Copy link
Member

goneri commented Feb 19, 2021

Hi @maxeaubrey,

Can you please rebase your PR, this way we will be able to continue this review. Thank you for your contribution.

@amaxine
Copy link
Contributor Author

amaxine commented Feb 19, 2021

Thanks, I've rebased - though admittedly I did not retest this myself as I won't be able to until Monday 😅

@ansibullbot ansibullbot removed the needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html label Feb 19, 2021
@alinabuzachis
Copy link
Contributor

alinabuzachis commented Feb 24, 2021
edited
Loading

Hi @maxeaubrey, thank you for your contribution. There was one was task failing due to timeout, so I will rerun the CI. May I ask you to add a changeling fragment https://docs.ansible.com/ansible/latest/community/development_process.html#changelogs?

@amaxine
Copy link
Contributor Author

amaxine commented Feb 24, 2021

@alinabuzachis Happily! Pushed a commit for it, hope it's good.

dekimsey
dekimsey reviewed Mar 30, 2021
View reviewed changes
plugins/connection/aws_ssm.py
@@ -304,10 +309,10 @@ def start_session(self):
raise AnsibleError("failed to find the executable specified %s."
" Please verify if the executable exists and re-try." % executable)

profile_name = ''
profile_name = self.get_option('profile') or ''
Copy link
Contributor

@dekimsey dekimsey Mar 30, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could this be better set as an entry on the configuration blob above?
Perhaps with AWS_PROFILE support too?

profile:
   ...
   default: ''
   env:
    - name: AWS_PROFILE

@amaxine @tremble
aws_ssm: add profile support in connections
b359bbb
@amaxine @tremble
aws_ssm: fix entry for profile
33f8c5b
@amaxine @tremble
aws_ssm: readd description to profile entry
ad4eb30
@amaxine @tremble
aws_ssm: fallback value when profile_name is unset
88b13bf 
`cmd` in `start_session` needs `profile_name` to be set to a string
we oblige by having a fallback when it's set to None, changing it to be
an empty string instead
@amaxine @tremble
aws_ssm: set profile for all clients
d330d9f 
not all uses of _get_boto_client had a profile passed to them, now s3
sessions will also use the specified profile
@ansibullbot ansibullbot added community_review needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR and removed needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR community_review labels Apr 10, 2021
tremble
tremble approved these changes Apr 10, 2021
View reviewed changes
Copy link
Contributor

@tremble tremble left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally

@ansibullbot ansibullbot added community_review and removed needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR labels Apr 10, 2021
@tremble
Copy link
Contributor

tremble commented Apr 10, 2021

LGTM

@goneri goneri added the gate label Apr 10, 2021
@ansible-zuul ansible-zuul bot merged commit a46a90e into ansible-collections:main Apr 10, 2021
@tremble
Copy link
Contributor

tremble commented Apr 10, 2021

Hi @maxeaubrey,

sorry it's taken so long to get this merged. The feature should be available once v1.5.0 of this collection is released (probably sometime this month)

@tremble
Copy link
Contributor

tremble commented Apr 10, 2021

Thanks for your contribution

@amaxine
Copy link
Contributor Author

amaxine commented Apr 10, 2021

@tremble Awesome! Thanks for helping me get this into a mergeable state!

alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this pull request Jul 19, 2021
@ansible-zuul
Merge pull request ansible-collections#278 from maxeaubrey/maxine/con…
11efcca 
…n_profile_support

aws_ssm: add profile support in connections

Reviewed-by: https://github.com/apps/ansible-zuul
alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this pull request Jul 19, 2021
@ansible-zuul
Merge pull request ansible-collections#278 from maxeaubrey/maxine/con…
2f8d52e 
…n_profile_support

aws_ssm: add profile support in connections

Reviewed-by: https://github.com/apps/ansible-zuul
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dekimsey dekimsey dekimsey left review comments

@markuman markuman markuman left review comments

@felixfontein felixfontein felixfontein approved these changes

@tremble tremble tremble approved these changes

Assignees
No one assigned
Labels
affects_2.10 community_review connection connection plugin feature This issue/PR relates to a feature request integration tests/integration new_contributor Help guide this first time contributor plugins plugin (any type) tests tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@amaxine @tremble @goneri @alinabuzachis @dekimsey @markuman @felixfontein @ansibullbot