Skip to content

ansible-galaxy - fixup role install failure handling #82052

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: devel
Choose a base branch
from
Draft

ansible-galaxy - fixup role install failure handling #82052

wants to merge 1 commit into from
+36 −12

Conversation

s-hertel
Copy link
Contributor

@s-hertel s-hertel commented Oct 20, 2023
edited
Loading

SUMMARY

Roles are now extracted to a tempdir to prevent partial installs.

Tarfile members outside of the role root are no longer installed (leading to broken roles).

This method is getting long, maybe it's time to refactor it.

  • Needs a test for tarfile containing members outside the role root
  • Needs a test for rolling back a failed install
ISSUE TYPE
  • Bugfix Pull Request

@ansibot ansibot added bug This issue/PR relates to a bug. needs_triage Needs a first human triage before being processed. has_issue labels Oct 20, 2023
@s-hertel s-hertel mentioned this pull request Oct 20, 2023
Closed
@mkrizek mkrizek removed the needs_triage Needs a first human triage before being processed. label Oct 24, 2023
@mkrizek mkrizek requested a review from nitzmahone October 24, 2023 15:19
@s-hertel s-hertel marked this pull request as ready for review October 24, 2023 19:02
@s-hertel s-hertel force-pushed the fix-role-install-misc-and-symlinks branch from 53ecfd5 to 9d54a6d Compare October 24, 2023 19:04
@s-hertel s-hertel marked this pull request as draft October 24, 2023 19:14
@ansibot ansibot added the needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. label Oct 24, 2023
@Akasurde Akasurde mentioned this pull request Oct 25, 2023
Closed
1 task
@s-hertel s-hertel force-pushed the fix-role-install-misc-and-symlinks branch 2 times, most recently from f5bc6ad to 81d0a32 Compare October 25, 2023 15:55
@s-hertel s-hertel marked this pull request as ready for review October 25, 2023 15:55
@ansibot ansibot removed the needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. label Oct 25, 2023
@s-hertel s-hertel mentioned this pull request Oct 26, 2023
Closed
@HarryWeppner HarryWeppner mentioned this pull request Oct 27, 2023
Closed
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Nov 3, 2023
@HarryWeppner
Copy link

@s-hertel and @nitzmahone, this PR promises to fix other galaxy roles as well - do you have an ETA when this will land? Thanks.

s-hertel
s-hertel commented Nov 7, 2023
View reviewed changes
lib/ansible/galaxy/role.py Outdated
Comment on lines 420 to 423
# Doesn't happen with our build process, but avoid extracting members that aren't adjacent to the role metadata
display.warning(f"Only extracting members in {n_archive_parent_dir}: ignoring {member.name}")
ignore_external.add(member)
continue
Copy link
Contributor Author

@s-hertel s-hertel Nov 7, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If a tarfile contains something like:

./role-data/
├── role-name
│   ├── meta/main.yml
│   └── tasks
└── hitchhiker
    └── keep

we find the meta/main.yml in the role-name directory, but install all tarfile members (not just those adjacent to the meta directory). On devel this ends up installing an invalid role (and so it needs to be manually deleted to reinstall).

This could be an error instead, but I thought the warning was better at least than installing a broken role.

@s-hertel s-hertel mentioned this pull request Nov 7, 2023
Merged
@s-hertel
Copy link
Contributor Author

s-hertel commented Nov 7, 2023

@HarryWeppner I don't have an ETA (it needs a review), but I decided to split the symlinks fix into a separate PR #82165 to make it safer to backport, since the other issues this is fixing are not new.

@s-hertel s-hertel removed the request for review from nitzmahone November 7, 2023 21:54
@s-hertel s-hertel changed the title ansible-galaxy - fixup role install failure and symlinks ansible-galaxy - fixup role install failure handling Nov 7, 2023
@s-hertel s-hertel marked this pull request as draft November 7, 2023 21:57
@ansibot ansibot added needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. and removed stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. labels Nov 7, 2023
@webknjaz
Copy link
Member

A rebase should fix the rpmfluff issue in CI.

@webknjaz webknjaz added the ci_verified Changes made in this PR are causing tests to fail. label Nov 28, 2023
@ansibot ansibot added the needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html label Dec 5, 2023
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Dec 12, 2023
@HarryWeppner

This comment was marked as resolved.

Sign in to view
@s-hertel

This comment was marked as resolved.

Sign in to view
@s-hertel

This comment was marked as resolved.

Sign in to view
@ansibot ansibot added the stale_pr This PR has not been pushed to for more than one year. label Jan 28, 2025
@s-hertel
Only install a role after it is successfully extracted
74ed460 
Make install more strict about what is extracted from the tarfile:
- fail on invalid content we previously skipped
- give a warning for excluded tarfile content that previously would have been
  included
@s-hertel s-hertel force-pushed the fix-role-install-misc-and-symlinks branch from 06fdc78 to 74ed460 Compare January 29, 2025 16:42
@ansibot ansibot removed needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html has_issue stale_pr This PR has not been pushed to for more than one year. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. ci_verified Changes made in this PR are causing tests to fail. stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. labels Jan 29, 2025
webknjaz
webknjaz reviewed Jan 30, 2025
View reviewed changes
lib/ansible/galaxy/role.py

from ansible import context
from ansible.errors import AnsibleError, AnsibleParserError
from ansible.galaxy.api import GalaxyAPI
from ansible.galaxy.collection import _tempdir
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be made a public API?

webknjaz
webknjaz reviewed Jan 30, 2025
View reviewed changes
lib/ansible/galaxy/role.py

for path in os.listdir(temporary_dest):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't it be more atomic to move the entire directory rather than parts of it one by one?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This really needs tests first, please disregard the draft.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was just rebasing PRs with the stale_pr label.

@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Feb 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@webknjaz webknjaz webknjaz left review comments

Assignees
No one assigned
Labels
bug This issue/PR relates to a bug. stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@s-hertel @HarryWeppner @webknjaz @mkrizek @ansibot