-
Notifications
You must be signed in to change notification settings - Fork 23.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
apt: include apt preferences (e.g. pinning) when selecting packages #78327
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the quick fix.
Would you be able to complete this with tests? Feel free to modify those that are here if it's convenient: https://github.com/ansible/ansible/pull/78319/files.
Sure, question then: What do we expect the behavior to be if someone has pinned version 1.0, and they do |
it should 'fail' and note the conflict so user can either override the pinning or remove the version specified |
676f62d
to
c15eb79
Compare
The test
The test
|
c15eb79
to
0a1ebee
Compare
0a1ebee
to
f9fd32f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From what I see, ansible now is not providing version to that apt when it's not required. And pinning usecases I tried seems working now as well.
lib/ansible/modules/apt.py
Outdated
if (not installed and not only_upgrade) or (installed and not installed_version) or (upgrade and version_installable): | ||
if version_installable or version: | ||
pkg_list.append("'%s=%s'" % (name, version_installable or version)) | ||
if (not installed and not only_upgrade) or (installed and not installed_version and version_installable) or (upgrade and version_installable): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure I read this logic properly, or well, fully see all cases when version will be specified for the package installation (either because of my skills or overall code readability), so having some comment about intended behavior would be useful here IMO.
No, it's the opposite. It's now passing the version more. There were a few corner cases where it wasn't passing the version. |
f9fd32f
to
eb802dc
Compare
well, even with debug ansible not showing actual command that is ran, but according to output I'd say that version is not provided here:
But why explicitly add version to the package, when operator haven't asked for it? What motivation is behind that and why not just trust system dependency resolution? |
eb802dc
to
7c38a51
Compare
Ok, doing this required a little more change than just the original 2 lines. However it also fixed a few cases where if you asked the module to install a version, but no version matched, it would silently do nothing (no change, but also no error). Note that the way I addressed this was though this: https://github.com/ansible/ansible/pull/78327/files#diff-821fcd0036eed7308025fa9e825de90fb23fd6ffe6d86e82db56802c5fddc0f7R715-R718. However for virtual packages where we can't figure out what real package to install, and where we pass |
@noonedeadpunk debug will log the actual commands to the log of the remote system (syslog/journal) @phemmer I'm ok with splitting that into it's own PR |
7c38a51
to
50e4ecb
Compare
That's a virtual package. When the module can't figure out what real package is to satisfy a virtual package, it stops trying and lets
It doesn't matter if the operator has asked for it. The operator asked for a package, why should it matter if ansible figures out the version or if apt-get figures out the version?
Because ansible needs to know what the version candidates are so that it can properly do change detection. Once ansible knows the version, there is no harm in using the version. Yes we could add code to explicitly strip the version off when the user didn't specify it, but there is no point to doing so.
Because as mentioned, ansible needs to figure out whether it should do something before actually doing it. In the process of checking whether there is a package that can be installed, it also obtains the version information. So determining the version and passing it to |
@noonedeadpunk The dependency resolution would need to happen regardless - if no version is specified, the module checks for upgrades. This just also identifies which upgrade - which, you're right, is not strictly necessary if no version or release is specified since the outcome should be identical. But this seems simpler to me than special-casing no version + no release. It also has the perk of allowing check mode + diff mode to reflect what would be installed. |
yeah, eventually it's in history.log and command had version specified: Ok, thanks for explanation. |
Hold on merging. I think I see an issue around the use of |
50e4ecb
to
2ad5d68
Compare
Was actually no issue. So good to go. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changes still lgtm
2ad5d68
to
d616279
Compare
rebuild_merge |
…nsible#78327) Fixes ansible#77969 (cherry picked from commit 04e8927)
SUMMARY
Factor in apt's preferences files when determining candidate packages to install.
Fixes #77969
ISSUE TYPE
COMPONENT NAME
apt
ADDITIONAL INFORMATION