Skip to content

Role fails in Ansible Check mode #548

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
gwvandesteeg opened this issue Apr 3, 2025 · 4 comments
Open

Role fails in Ansible Check mode #548

gwvandesteeg opened this issue Apr 3, 2025 · 4 comments
Assignees
@alessfg
Labels
bug Something isn't working
Milestone
0.7.2

Comments

@gwvandesteeg
Copy link

gwvandesteeg commented Apr 3, 2025
edited
Loading

Bug Overview

Role fails when run in check mode on ansible 2.16+

Expected Behavior

When I run the playbook in check mode all the roles should function correctly and check things without creating resources

Steps to Reproduce the Bug

  1. I have deployed/run the NGINX config Ansible role using the following playbook.yml...
    - role: nginxinc.nginx
      become: true
      vars:
        nginx_type: "opensource"
        nginx_manage_repo: false
        nginx_branch: stable
        nginx_setup_license: false
        nginx_modules:
          - geoip
        nginx_logrorate_conf_enable: true

    # configure nginx using the official nginx role
    - role: nginxinc.nginx_config
      become: true
      vars:
        nginx_config_start: true
        nginx_config_debug_output: true
        # don't try to upload TLS certificates, that's handled by cert-manager
        nginx_config_upload_ssl_enable: false
        nginx_config_cleanup: false
        nginx_config_cleanup_paths:
          - directory:
              - /etc/nginx/conf.d
            recurse: false
        nginx_config_cleanup_files:
          - /etc/nginx/conf.d/default.conf
        # replace the default config file with one from the template
        nginx_config_main_template_enable: true
        # could be www-data
        nginx_config_user: www-data
        # the rest of the config is irrelevant since the error is not related to the configuration of nginx
  1. I have seen the following error(s) on my terminal/logs...
TASK [nginxinc.nginx : Verify that you are using a supported Jinja2 version on your Ansible host] ****************************************************************************************
task path: /home/redacted/.ansible/roles/nginxinc.nginx/tasks/validate/validate.yml:19
Thursday 03 April 2025  14:27:28 +1300 (0:00:00.188)       0:51:45.577 ********
Thursday 03 April 2025  14:27:28 +1300 (0:00:00.188)       0:51:45.575 ********
fatal: [redacted -> localhost]: FAILED! => {
    "msg": "Unexpected templating type error occurred on (Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\\\\d.]+)', '\\\\1') | first }} is supported.): 'NoneType' object is not iterable. 'NoneType' object is not iterable"
}

Environment Details

  • Target deployment platforms: [e.g. AWS/GCP/local cluster/etc...] AWS EC2 accessed via a bastion host
  • Target OSs: [e.g. RHEL 9/Ubuntu 24.04/etc...] Ubuntu 22.04.5 LTS (GNU/Linux 6.8.0-1024-aws x86_64)
  • Host OS (where you are running Ansible from): [e.g. RHEL 9/Ubuntu 24.04/etc...] Ubuntu 24.04.2 LTS
  • Version of the NGINX Ansible role (or specific commit): [e.g. 0.25.0/commit hash]
    • src: nginxinc.nginx
      version: 0.25.0
    • src: nginxinc.nginx_config
      version: 0.7.1
  • Version of Ansible: [e.g. 2.16.5]
$ ansible --version
ansible [core 2.16.14]
  config file = /home/redacted/src/redacted/ansible.cfg
  configured module search path = ['/home/redacted/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/redacted/src/redacted/.venv/lib/python3.12/site-packages/ansible
  ansible collection location = /home/redacted/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/redacted/src/redacted/.venv/bin/ansible
  python version = 3.12.3 (main, Feb  4 2025, 14:48:35) [GCC 13.3.0] (/home/redacted/src/redacted/.venv/bin/python3)
  jinja version = 3.1.6
  libyaml = True
  • How is Ansible being managed: [e.g. CLI/pipeline/Automation Hub/etc...] CLI + Git + Makefile
  • Version of Jinja2 (if you are using any templating capability): [e.g. 3.1.1] - 3.1.6

Additional Context

Connection is from Localhost -> SSH Bastion host -> Target instance

$ cat ansible.cfg
[defaults]
hash_behaviour=merge
nocows=True
max_diff_size=1048576
host_key_checking=False
callbacks_enabled = timer, profile_tasks, profile_roles
forks=30
pipelining=True
timeout=30

[ssh_connection]
ssh_args = -4 -o ControlMaster=auto -o ControlPersist=120s

and

ansible_ssh_common_args: '-o ProxyCommand="ssh -4 -q -A -W %h:%p redacted-user@redacted-bastion-host"'
@gwvandesteeg gwvandesteeg added the bug Something isn't working label Apr 3, 2025
@fliespl
Copy link

fliespl commented Apr 20, 2025

Happened to me as well :)

@fliespl
Copy link

fliespl commented Apr 20, 2025

#485 provides a fix for that

@alessfg alessfg added this to the 0.7.2 milestone May 5, 2025
@alessfg
Copy link
Member

alessfg commented May 5, 2025

The Ansible collections check also needs to be tweaked (see https://github.com/nginx/ansible-role-nginx/pull/841/files#diff-4feccf59327756479a380b673c6421f545c7feb15291a903595fe071de8d85ccR34) but after that I really should get around to creating a new release for this role.

@alessfg
Copy link
Member

alessfg commented May 7, 2025

I opened a PR to add the missing check mode setting #558.

@alessfg alessfg self-assigned this May 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alessfg alessfg

Labels
bug Something isn't working
Projects
None yet
Milestone
0.7.2
Development

No branches or pull requests
3 participants
@fliespl @alessfg @gwvandesteeg