This is a backport of PR #915 as merged into main (6a0635a).
SUMMARY
By hiding fields first before creating a diff hidden fields will not be shown in the resulting diffs and therefore will also not trigger the changed condition.
The issue can only be reproduced when a mutating webhook changes the object while the kubernetes.core.k8s module is working with it.
kubevirt/kubevirt.core#145
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
kubernetes.core.module_utils.k8s.service
ADDITIONAL INFORMATION
Run kubernetes.core.k8s and create object with hidden fields. After run kubernetes.core.k8s again and let a webhook mutate the object that the module is working with. The module should return with changed: no.
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
This will make all stable-5 changelog content match main and stable-6 so there will no longer be formatting issues when doing release work in the future (basically a manual backport of #989).
Reviewed-by: Alina Buzachis
This is a backport of PR #998 as merged into main (448d3fe).
SUMMARY
This PR is essentially attempting Option B from issue #996 (Option A is implemented here); this code update accounts for the recent merge of sanity: warn on ansible.module_utils.six imports #85651.
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
Reviewed-by: Mandar Kulkarni <mandar242@gmail.com>
This reverts commit eb0aeeb from stable-5 (i.e., reapplies the changes from #965); this is a temporary fix for #782 as it will re-introduce #870.
Reviewed-by: Alina Buzachis
Reviewed-by: GomathiselviS <gomathiselvi@gmail.com>
This is a backport of PR #899 as merged into main (1705ced).
This reverts commit 6efabd3.
SUMMARY
Fixes#870
A better solution is necessary to address #782. The current code makes getting manifests practically unusable. We need to revert this commit until a better solution is found.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
kubeconfig
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
This is a backport of PR #946 as merged into main (642eb93).
SUMMARY
Fix the integration test for helm_registry_auth with helm >= 3.18.0 and clarify idempotency.
Fixes#944
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
helm_registry_auth
ADDITIONAL INFORMATION
Caused by the changes in helm starting from 3.18.0
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
This is a backport of PR #939 as merged into main (34fd40d).
Some unit tests are broken with ansible-core 2.19, this PR aims to fix them.
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
This is a backport of PR #893 as merged into main (0e7229c).
Release 3.3.1 is out; push changes to main branch
Reviewed-by: Bikouo Aubin
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
This is a backport of PR #901 as merged into main (914a16e).
SUMMARY
Added the option insecure_skip_tls_verify to the following helm modules:
helm_repository
helm
Unified the option with alias in helm_pull
For helm, added the option to the helm diff call, as it got fixed upstream.
Upstream Issue: databus23/helm-diff#503
Fixed with: helm/helm#12856Fixes#694
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
kubernetes.core.helm
kubernetes.core.helm_repository
kubernetes.core.helm_pull
ADDITIONAL INFORMATION
Basically the option was added in the parameters set in the ansible job, in the docs and then injected in the helm and helm diff binary calls if set. Defaults to False.
Example
---
- name: Test helm modules
tasks:
- name: Test helm repository insecure
kubernetes.core.helm_repository:
name: insecure
repo_url: "<helm-repo-with-self-signed-tls>"
state: present
insecure_skip_tls_verify: true
- name: Test helm pull insecure
kubernetes.core.helm_pull:
chart_ref: "oci://<helm-repo-with-self-signed-tls>/ptroject"
destination: /tmp
insecure_skip_tls_verify: true
- name: Test helm insecure
kubernetes.core.helm:
name: insecure
chart_ref: "oci://<helm-repo-with-self-signed-tls>/project"
namespace: helm-insecure-test
state: present
insecure_skip_tls_verify: true
Note
Might need an alias for telm_template, as the option is called insecure_registry, in the manual and docs of helm it would be --insecure-skip-tls-verify as well though.
Not included, as it was recently merged with #805
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
Reviewed-by: Mike Graves <mgraves@redhat.com>
This is a backport of PR #802 as merged into main (00699ac).
SUMMARY
Starting with version 3.14.0, Helm supports --reset-then-reuse-values. As discussed on the original PR. This greatly improves on --reuse-values as it allows to avoid templates errors when new features are added to an upgraded chart.
Closes#803
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
helm
ADDITIONAL INFORMATION
This PR is greatly 'inspired' by #575 and because I wasn't sure how I could provide additional tests for it, I actually copied those build previously for --reuse-values (as it is an improvement on this feature.
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
This is a backport of PR #905 as merged into main (d329e7e).
This PR is a rebase of #898 for CI to pass
Thanks @efussi for your collaboration.
Closes#892
Reviewed-by: Bikouo Aubin
Reviewed-by: Bianca Henderson <beeankha@gmail.com>
* fix integration test ``k8s_full`` running with ansible-core 2.19
* Fix templating issues
* fix test on current ansible version
* fix tests cases
* Fix additional tests
* fix the templating mechanism
* consider using variable_[start/end]_string while parsing template
* Remove support for omit into template option
* Remove unnecessary unit tests
(cherry picked from commit 2cb5d6c316)
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
This is a backport of PR #879 as merged into main (7cdf0d0).
SUMMARY
Fixes#869
During an OpenShift installation, one of the checks to see that the cluster is ready to proceed with configuration is to check to ensure that the Cluster Operators are in an Available: True Degraded: False Progressing: False state. While you can currently use the k8s_info module to get a json response, the resulting json needs to be iterated over several times to get the appropriate status.
This PR adds functionality into waiter.py which loops over all resource instances of the cluster operators. If any of them is not ready, waiter returns False and the task false. If the task returns, you can assume that all the cluster operators are healthy.
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
waiter.py
ADDITIONAL INFORMATION
A simple playbook will trigger the waiter.py to watch the ClusterOperator object
---
- name: get operators
hosts: localhost
gather_facts: false
tasks:
- name: Get cluster operators
kubernetes.core.k8s_info:
api_version: v1
kind: ClusterOperator
kubeconfig: "/home/ocp/one/auth/kubeconfig"
wait: true
wait_timeout: 30
register: cluster_operators
This will produce the simple response if everything is functioning properly:
PLAY [get operators] *************************************************************************************************
TASK [Get cluster operators] *****************************************************************************************
ok: [localhost]
PLAY RECAP ***********************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
If the timeout is reached:
PLAY [get operators] *************************************************************************************************
TASK [Get cluster operators] *****************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible_collections.kubernetes.core.plugins.module_utils.k8s.exceptions.CoreException: Failed to gather information about ClusterOperator(s) even after waiting for 30 seconds
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to gather information about ClusterOperator(s) even after waiting for 30 seconds"}
PLAY RECAP ***********************************************************************************************************
localhost : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
UNSOLVED: How to know which Operators are failing
Reviewed-by: Bikouo Aubin
This is a backport of PR #872 as merged into main (9ec6912).
SUMMARY
This allows us to ignore e.g. the last-applied-configuration annotation by specifying
metadata.annotations[kubectl.kubernetes.io/last-applied-configuration]
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
hidden_fields
This replaces #643 as I no longer have permissions to push to branches in this repo
Reviewed-by: Bikouo Aubin
SUMMARY
This release came with new module helm_registry_auth, and improvements to the error messages in the k8s_drain module, new parameter insecure_registry for helm_template module and several bug fixes.
ISSUE TYPE
New release pull request
Changelog
Minor Changes
Bump version of ansible-lint to minimum 24.7.0 (#765).
Parameter insecure_registry added to helm_template as equivalent of insecure-skip-tls-verify (#805).
connection/kubectl.py - Added an example of using the kubectl connection plugin to the documentation (#741).
k8s_drain - Improve error message for pod disruption budget when draining a node (#797).
Bugfixes
helm - Helm version checks did not support RC versions. They now accept any version tags. (#745).
helm_pull - Apply no_log=True to pass_credentials to silence false positive warning.. (#796).
k8s_drain - Fix k8s_drain does not wait for single pod (#769).
k8s_drain - Fix k8s_drain runs into a timeout when evicting a pod which is part of a stateful set (#792).
kubeconfig option should not appear in module invocation log (#782).
kustomize - kustomize plugin fails with deprecation warnings (#639).
waiter - Fix waiting for daemonset when desired number of pods is 0. (#756).
New Modules
helm_registry_auth - Helm registry authentication module
ADDITIONAL INFORMATION
Collection kubernets.core version 3.1.0 is compatible with ansible-core>=2.15.0
Reviewed-by: Mike Graves <mgraves@redhat.com>
This is a backport of PR #796 as merged into main (ecc64ca).
SUMMARY
Apply no_log=True to pass_credentials to silence false positive warning.
Fixes similar issue to: #423
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
changelog/fragements/796-false-positive-helmull.yaml
plugins/modules/helm_pull.py
* Parameter insecure_registry added to helm_template as equivalent of insecure-skip-tls-verify
(cherry picked from commit 6609abdd5a)
Co-authored-by: Yuriy Novostavskiy <yuriy@novostavskiy.kiev.ua>
This is a backport of PR #790 as merged into main (b8e9873).
SUMMARY
As part of the consolidating Ansible discussion platforms and communication channels was decided to use the Ansible forum as the main place for questions and discussion.
Reference: https://forum.ansible.com/t/proposal-consolidating-ansible-discussion-platforms/6812
As part of this change, the IRC channel was removed by the PRs #778 and #774.
However, the README.md file wasn't fully cleaned up from the outdated information.
The #ansible-kubernetes channel on libera.chat IRC isn't used by maintainers and contributors anymore.
The Wiki page on the https://github.com/ansible/community/ was deprecated a long time ago
ISSUE TYPE
Docs Pull Request
COMPONENT NAME
README.md
SUMMARY
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
This is a backport of PR #770 as merged into main (4c305e7).
SUMMARY
Fixes#769 .
k8s_drain was not checking if a pod has been deleted when there was only one pod on the node to be drained.
The list of pods, pods, was being "popped" before the first iteration of the while loop:
pod = pods.pop()
while (_elapsed_time() < wait_timeout or wait_timeout == 0) and pods:
When pods contains only one element, the while loop is skipped.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
k8s_drain
This is a backport of PR #767 as merged into main (fdb8af7).
SUMMARY
Refer: https://issues.redhat.com/browse/ACA-1749
This PR updates the README doc to match the template
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
This is a backport of PR #765 as merged into main (a89f19b).
SUMMARY
Bump the ansible-lint version to 24.7.0
ISSUE TYPE
COMPONENT NAME
ADDITIONAL INFORMATION
This is a backport of PR #798 as merged into main (52f2cb5).
SUMMARY
Closes#797 .
The error message "Too Many Requests" is confusing and is changed to a more meaningful message:
TASK [Drain node] *************************************************************************
Montag 25 November 2024 09:20:28 +0100 (0:00:00.014) 0:00:00.014 *******
fatal: [host -> localhost]: FAILED! => {"changed": false, "msg": "Failed to delete pod kube-public/draintest-6b84677b99-9jf7m due to: Cannot evict pod as it would violate the pod's disruption budget."}
The new task output would allow to deal with a pod disruption budget with the retries/until logic in a more controlled way:
---
- hosts: "{{ target }}"
serial: 1
gather_facts: false
tasks:
- name: Drain node
kubernetes.core.k8s_drain:
kubeconfig: "{{ kubeconfig_path }}"
name: "{{ inventory_hostname }}"
delete_options:
ignore_daemonsets: true
delete_emptydir_data: true
wait_timeout: 100
disable_eviction: false
wait_sleep: 1
delegate_to: localhost
retries: 10
delay: 5
until: drain_result is success or 'disruption budget' not in drain_result.msg
register: drain_result
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
k8s_drain
This is a backport of PR #793 as merged into main (fca0dc0).
SUMMARY
Fixes#792 .
The function wait_for_pod_deletion in k8s_drain never checks on which node a pod is actually running:
try:
response = self._api_instance.read_namespaced_pod(
namespace=pod[0], name=pod[1]
)
if not response:
pod = None
time.sleep(wait_sleep)
This means that if a pod is successfully evicted and restarted with the same name on a new node, k8s_drain does not notice and thinks that the original pod is still running. This is the case for pods which are part of a stateful set.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
k8s_drain
This is a backport of PR #789 as merged into main (cd68631).
This PR includes a trivial fix for the GitHub Actions issue #788 and related to switching milestone and devel branches of ansible/ansible to version 2.19 and prepare repo to be ready to include test with Python 3.13 when ansible-network/github_actions/pull/162 is merged.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
GitHub actions/test
Reviewed-by: Mike Graves <mgraves@redhat.com>
This is a backport of PR #728 as merged into main (5bc53db).
SUMMARY
error judgments are based on the exit codes of command execution, where 0 represents success and non-zero represents failure.
Optimize the run_command function to return a tuple like the run_command method of AnsibleModule.
Fixes#639
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
kustomize lookup plugin
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
This is a backport of PR #745 as merged into main (6a04f42).
SUMMARY
If the helm CLI version includes -rc.1 for example, the version checks fails due to an incomplete regex.
The error can be triggered if you use helm v3.15.0-rc.1 for example, and apply a helm chart with wait: true
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
helm
helm_pull
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
[PR #741/fb80d973 backport][stable-5] Doc: add example of using kubectl connection plugin
This is a backport of PR #741 as merged into main (fb80d97).
SUMMARY
Currently documentation for collection don't include any examples of using kubenrenes.core.kubectl connection plugin and it's hard to start using that plugin.
ISSUE TYPE
Docs Pull Request
COMPONENT NAME
kubenrenes.core.kubectl connection plugin
ADDITIONAL INFORMATION
This PR was inspired by #288 and based on feedback on that PR and my own experience. Thanks @tpo for his try and @geerlingguy for his Ansible for DevOps book
Reviewed-by: Mike Graves <mgraves@redhat.com>
Remove deprecated function from module_utils/common.py
SUMMARY
Remove deprecated functions and class from module_utils/common.py in order to prepare release 4.0.0
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
module_utils/common.py
Reviewed-by: Alina Buzachis
Defer removal of k8s inventory plugin to version 5.0.
SUMMARY
Defer removal of k8s inventory plugin to version 5.0.
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
inventory/k8s.py
ADDITIONAL INFORMATION
Reviewed-by: Bikouo Aubin
Reviewed-by: Mike Graves <mgraves@redhat.com>
k8s - remove support for merge_type=json
SUMMARY
Support for merge_type=json has been removed in version 4.0.0. Please use kubernetes.core.k8s_json_patch instead.
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
k8s.py
ADDITIONAL INFORMATION
Reviewed-by: Bikouo Aubin
Reviewed-by: Mike Graves <mgraves@redhat.com>
fixed typo in filename of 'k8s_json_patch'-action
SUMMARY
The filename/symlink of the action for the 'k8s_json_patch'-module was wrong. Renamed file from 'ks8_json_patch.py' to ' k8s_json_patch.py'
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
k8s_json_patch
ADDITIONAL INFORMATION
Because of the wrong filename things like unvaulting kubeconfig files did not worked.
Reviewed-by: Mike Graves <mgraves@redhat.com>
add support of kubectl_local_env_vars (#698)
SUMMARY
Support of local environmental variable that may be required to be set on Ansible Controller before the connection is set and may be used for kubectl command. This PR addressed for #698
The main idea is to have the support of additional/extra local environmental variable that may be required for kubectl itself, i.e. for authorization in case of public clouds
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
kubernetes.core.kubectl connection plugin
ADDITIONAL INFORMATION
This PR attempts to implement local env support for the kubectl connection plugin that may be useful in case of using kubectl against public cloud kubernetes environment that uses some authorization (i.e. aws cli) additionally to kubeconfig file. More detail in #698
The output that shows that the connection plugin can use local environment variable for kubectl command (with some debug that used during development but removed then):
root@ubuntu-shell:/# cat test.yaml
- hosts: localhost
gather_facts: no
any_errors_fatal: yes
vars:
ansible_connection: "kubectl"
ansible_kubectl_namespace: "test"
ansible_kubectl_config: "/.kube/config"
ansible_kubectl_pod: "ubuntu"
ansible_kubectl_container: "ubuntu"
ansible_kubectl_local_env_vars:
TESTVAR1: "test"
TESTVAR2: "test"
TESTVAR3: "test"
environment:
TEST_ENV1: value1
TEST_ENV2: value2
tasks:
- name: test
ansible.builtin.shell: env
register: result
- debug:
var: result.stdout_lines
root@ubuntu-shell:/# ansible-playbook test.yaml
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
PLAY [localhost] **************************************************************************************************************************************
TASK [test] *******************************************************************************************************************************************
changed: [localhost]
TASK [debug] ******************************************************************************************************************************************
ok: [localhost] => {
"result.stdout_lines": [
"KUBERNETES_PORT=tcp://10.96.0.1:443",
"KUBERNETES_SERVICE_PORT=443",
"HOSTNAME=ubuntu",
"HOME=/root",
"LC_CTYPE=C.UTF-8",
"TEST_ENV1=value1",
"TEST_ENV2=value2",
"TERM=xterm",
"KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"KUBERNETES_PORT_443_TCP_PORT=443",
"KUBERNETES_PORT_443_TCP_PROTO=tcp",
"KUBERNETES_SERVICE_PORT_HTTPS=443",
"KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443",
"KUBERNETES_SERVICE_HOST=10.96.0.1",
"PWD=/"
]
}
PLAY RECAP ********************************************************************************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
root@ubuntu-shell:/# ansible-playbook test.yaml -vvv
ansible-playbook [core 2.14.5]
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.10/dist-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible-playbook
python version = 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] (/usr/bin/python3)
jinja version = 3.1.3
libyaml = True
No config file found; using defaults
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: test.yaml ***********************************************************************************************************************************
1 plays in test.yaml
PLAY [localhost] **************************************************************************************************************************************
TASK [test] *******************************************************************************************************************************************
task path: /test.yaml:19
redirecting (type: connection) ansible.builtin.kubectl to kubernetes.core.kubectl
<127.0.0.1> ESTABLISH kubectl CONNECTION
<127.0.0.1> ENV: KUBERNETES_SERVICE_PORT_HTTPS=443
<127.0.0.1> ENV: KUBERNETES_SERVICE_PORT=443
<127.0.0.1> ENV: HOSTNAME=ubuntu-shell
<127.0.0.1> ENV: PWD=/
<127.0.0.1> ENV: HOME=/root
<127.0.0.1> ENV: KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
<127.0.0.1> ENV: LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:
<127.0.0.1> ENV: TERM=xterm
<127.0.0.1> ENV: SHLVL=1
<127.0.0.1> ENV: KUBERNETES_PORT_443_TCP_PROTO=tcp
<127.0.0.1> ENV: KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
<127.0.0.1> ENV: KUBERNETES_SERVICE_HOST=10.96.0.1
<127.0.0.1> ENV: KUBERNETES_PORT=tcp://10.96.0.1:443
<127.0.0.1> ENV: KUBERNETES_PORT_443_TCP_PORT=443
<127.0.0.1> ENV: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
<127.0.0.1> ENV: _=/usr/local/bin/ansible-playbook
<127.0.0.1> ENV: LC_CTYPE=C.UTF-8
<127.0.0.1> ENV: TESTVAR1=test
<127.0.0.1> ENV: TESTVAR2=test
<127.0.0.1> ENV: TESTVAR3=test
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', "/bin/sh -c 'echo ~ && sleep 0'"]
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', '/bin/sh -c \'( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133 `" && echo ansible-tmp-1713785852.548581-6866-69007595335133="` echo /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133 `" ) && sleep 0\'']
Using module file /usr/local/lib/python3.10/dist-packages/ansible/modules/command.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-6862s5_lr_wb/tmpxwmx0qeh TO /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/AnsiballZ_command.py
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', "/bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/ /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/AnsiballZ_command.py && sleep 0'"]
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', "/bin/sh -c 'TEST_ENV1=value1 TEST_ENV2=value2 /usr/bin/python3 /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/AnsiballZ_command.py && sleep 0'"]
<127.0.0.1> EXEC ['/usr/local/bin/kubectl', '-n', 'test', '--kubeconfig', '/.kube/config', 'exec', '-i', 'ubuntu', '-c', 'ubuntu', '--', '/bin/sh', '-c', "/bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1713785852.548581-6866-69007595335133/ > /dev/null 2>&1 && sleep 0'"]
changed: [localhost] => {
"changed": true,
"cmd": "env",
"delta": "0:00:00.005088",
"end": "2024-04-22 11:37:33.655340",
"invocation": {
"module_args": {
"_raw_params": "env",
"_uses_shell": true,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true
}
},
"msg": "",
"rc": 0,
"start": "2024-04-22 11:37:33.650252",
"stderr": "",
"stderr_lines": [],
"stdout": "KUBERNETES_PORT=tcp://10.96.0.1:443\nKUBERNETES_SERVICE_PORT=443\nHOSTNAME=ubuntu\nHOME=/root\nLC_CTYPE=C.UTF-8\nTEST_ENV1=value1\nTEST_ENV2=value2\nTERM=xterm\nKUBERNETES_PORT_443_TCP_ADDR=10.96.0.1\nPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\nKUBERNETES_PORT_443_TCP_PORT=443\nKUBERNETES_PORT_443_TCP_PROTO=tcp\nKUBERNETES_SERVICE_PORT_HTTPS=443\nKUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443\nKUBERNETES_SERVICE_HOST=10.96.0.1\nPWD=/",
"stdout_lines": [
"KUBERNETES_PORT=tcp://10.96.0.1:443",
"KUBERNETES_SERVICE_PORT=443",
"HOSTNAME=ubuntu",
"HOME=/root",
"LC_CTYPE=C.UTF-8",
"TEST_ENV1=value1",
"TEST_ENV2=value2",
"TERM=xterm",
"KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"KUBERNETES_PORT_443_TCP_PORT=443",
"KUBERNETES_PORT_443_TCP_PROTO=tcp",
"KUBERNETES_SERVICE_PORT_HTTPS=443",
"KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443",
"KUBERNETES_SERVICE_HOST=10.96.0.1",
"PWD=/"
]
}
TASK [debug] ******************************************************************************************************************************************
task path: /test.yaml:22
redirecting (type: connection) ansible.builtin.kubectl to kubernetes.core.kubectl
ok: [localhost] => {
"result.stdout_lines": [
"KUBERNETES_PORT=tcp://10.96.0.1:443",
"KUBERNETES_SERVICE_PORT=443",
"HOSTNAME=ubuntu",
"HOME=/root",
"LC_CTYPE=C.UTF-8",
"TEST_ENV1=value1",
"TEST_ENV2=value2",
"TERM=xterm",
"KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"KUBERNETES_PORT_443_TCP_PORT=443",
"KUBERNETES_PORT_443_TCP_PROTO=tcp",
"KUBERNETES_SERVICE_PORT_HTTPS=443",
"KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443",
"KUBERNETES_SERVICE_HOST=10.96.0.1",
"PWD=/"
]
}
PLAY RECAP ********************************************************************************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
root@ubuntu-shell:/#
Reviewed-by: Bikouo Aubin
Reviewed-by: Yuriy Novostavskiy
Reviewed-by: Mike Graves <mgraves@redhat.com>
k8s: Display warnings to users
SUMMARY
This changes K8sService and the k8s module so warnings returned by the K8S API are displayed to the user.
Fixeskubevirt/kubevirt.core#30Fixeskubevirt/kubevirt.core#31
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
k8s module
K8sService
ADDITIONAL INFORMATION
Before:
TASK [Create VM] **********************************************************************************************************************************************
ok: [localhost]
After:
TASK [Create VM] **********************************************************************************************************************************************
[WARNING]: unknown field "spec.template.spec.disk"
[WARNING]: unknown field "spec.template.spec.domain.bogus"
ok: [localhost]
Reviewed-by: Adam Miller <admiller@redhat.com>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Felix Matouschek <felix@matouschek.org>
helm - expand kubeconfig path with user's home dir
SUMMARY
Currently the helm module fails when providing the default kubeconfig path explicitly, while the same path is fine for the k8s module.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
helm
ADDITIONAL INFORMATION
- name: Deploy kubelet-csr-approver
delegate_to: client
run_once: true
kubernetes.core.helm:
update_repo_cache: true
kubeconfig: "~/.kube/config"
state: present
name: kubelet-csr-approver
namespace: kubelet-csr-approver
create_namespace: true
chart_ref: kubelet-csr-approver/kubelet-csr-approver
chart_version: 1.0.5
values: "{{ lookup('template', 'values.yaml.j2') | from_yaml }}"
atomic: true
Before change:
TASK [kubernetes/kubelet_csr_approver : Deploy kubelet-csr-approver] ***
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: FileNotFoundError: [Errno 2] No such file or directory: '~/.kube/config'
fatal: [node-1 -> client(192.168.121.56)]: FAILED! => {"changed": false, "module_stderr": "", "module_stdout": "Traceback (most recent call last):\r\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 107, in <module>\r\n _ansiballz_main()\r\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 99, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 47, in invoke_module\r\n runpy.run_module(mod_name='ansible_collections.kubernetes.core.plugins.modules.helm', init_globals=dict(_module_fqn='ansible_collections.kubernetes.core.plugins.modules.helm', _modlib_path=modlib_path),\r\n File \"/usr/lib/python3.10/runpy.py\", line 224, in run_module\r\n return _run_module_code(code, init_globals, run_name, mod_spec)\r\n File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\r\n _run_code(code, mod_globals, init_globals,\r\n File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\r\n exec(code, run_globals)\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 924, in <module>\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 737, in main\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 435, in run_repo_update\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 169, in run_helm_command\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 162, in env_update\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 120, in _prepare_helm_environment\r\nFileNotFoundError: [Errno 2] No such file or directory: '~/.kube/config'\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
After change:
TASK [kubernetes/kubelet_csr_approver : Deploy kubelet-csr-approver] ***
changed: [node-1 -> client(192.168.121.56)]
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bikouo Aubin
Align `helmdiff_check` behavior with the `deploy` function
SUMMARY
Align helmdiff_check behavior with the deploy function
Fixes#638
helmdiff_check respects set_values parameter
Fixes#669
helmdiff_check command line parameters sequence aligned to the deploy function
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
kubernetes.core.helm
Reviewed-by: Mike Graves <mgraves@redhat.com>
