Packages in requirements.txt needs an update

[alwaysharsha]

SUMMARY

Packages in the requirements.txt needs to be updated to match the compatible versions

ISSUE TYPE

• Bug Report

COMPONENT NAME

requirements.txt we need to update the pin the version of packaging and also address the issue with portalocker. ERROR: azure-cli-telemetry 1.0.6 has requirement portalocker~=1.2, but you'll have portalocker 2.7.0 which is incompatible. ERROR: azure-cli-core 2.34.0 has requirement packaging<22.0,>=20.9, but you'll have packaging 23.1 which is incompatible.

ANSIBLE VERSION

ansible --version
ansible [core 2.13.9]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.8/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.8.10 (default, Mar 13 2023, 10:26:41) [GCC 9.4.0]
  jinja version = 3.1.2
  libyaml = True

COLLECTION VERSION

ansible-galaxy collection list  

# /usr/local/lib/python3.8/dist-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    3.5.0  
ansible.netcommon             3.1.3  
ansible.posix                 1.4.0  
ansible.utils                 2.8.0  
ansible.windows               1.12.0 
arista.eos                    5.0.1  
awx.awx                       21.10.0
azure.azcollection            1.14.0 
check_point.mgmt              2.3.0  
chocolatey.chocolatey         1.3.1  
cisco.aci                     2.3.0  
cisco.asa                     3.1.0  
cisco.dnac                    6.6.1  
cisco.intersight              1.0.22 
cisco.ios                     3.3.2  
cisco.iosxr                   3.3.1  
cisco.ise                     2.5.9  
cisco.meraki                  2.13.0 
cisco.mso                     2.1.0  
cisco.nso                     1.0.3  
cisco.nxos                    3.2.0  
cisco.ucs                     1.8.0  
cloud.common                  2.1.2  
cloudscale_ch.cloud           2.2.3  
community.aws                 3.6.0  
community.azure               1.1.0  
community.ciscosmb            1.0.5  
community.crypto              2.9.0  
community.digitalocean        1.22.0 
community.dns                 2.4.2  
community.docker              2.7.3  
community.fortios             1.0.0  
community.general             5.8.3  
community.google              1.0.0  
community.grafana             1.5.3  
community.hashi_vault         3.4.0  
community.hrobot              1.6.0  
community.libvirt             1.2.0  
community.mongodb             1.4.2  
community.mysql               3.5.1  
community.network             4.0.2  
community.okd                 2.2.0  
community.postgresql          2.3.1  
community.proxysql            1.4.0  
community.rabbitmq            1.2.3  
community.routeros            2.5.0  
community.sap                 1.0.0  
community.sap_libs            1.4.0  
community.skydive             1.0.0  
community.sops                1.5.0  
community.vmware              2.10.2 
community.windows             1.11.1 
community.zabbix              1.9.0  
containers.podman             1.10.1 
cyberark.conjur               1.2.0  
cyberark.pas                  1.0.14 
dellemc.enterprise_sonic      1.1.2  
dellemc.openmanage            5.5.0  
dellemc.os10                  1.1.1  
dellemc.os6                   1.0.7  
dellemc.os9                   1.0.4  
f5networks.f5_modules         1.21.0 
fortinet.fortimanager         2.1.7  
fortinet.fortios              2.2.1  
frr.frr                       2.0.0  
gluster.gluster               1.0.2  
google.cloud                  1.0.2  
hetzner.hcloud                1.9.0  
hpe.nimble                    1.1.4  
ibm.qradar                    2.1.0  
ibm.spectrum_virtualize       1.10.0 
infinidat.infinibox           1.3.12 
infoblox.nios_modules         1.4.1  
inspur.ispim                  1.2.0  
inspur.sm                     2.3.0  
junipernetworks.junos         3.1.0  
kubernetes.core               2.3.2  
lowlydba.sqlserver            1.2.0  
mellanox.onyx                 1.0.0  
netapp.aws                    21.7.0 
netapp.azure                  21.10.0
netapp.cloudmanager           21.21.0
netapp.elementsw              21.7.0 
netapp.ontap                  21.24.1
netapp.storagegrid            21.11.1
netapp.um_info                21.8.0 
netapp_eseries.santricity     1.3.1  
netbox.netbox                 3.9.0  
ngine_io.cloudstack           2.3.0  
ngine_io.exoscale             1.0.0  
ngine_io.vultr                1.1.2  
openstack.cloud               1.10.0 
openvswitch.openvswitch       2.1.0  
ovirt.ovirt                   2.4.1  
purestorage.flasharray        1.15.0 
purestorage.flashblade        1.10.0 
purestorage.fusion            1.2.0  
sensu.sensu_go                1.13.1 
servicenow.servicenow         1.0.6  
splunk.es                     2.1.0  
t_systems_mms.icinga_director 1.31.4 
theforeman.foreman            3.7.0  
vmware.vmware_rest            2.2.0  
vultr.cloud                   1.3.1  
vyos.vyos                     3.0.1  
wti.remote                    1.0.4  

# /root/.ansible/collections/ansible_collections
Collection         Version
------------------ -------
ansible.windows    1.14.0 
azure.azcollection 1.15.0 

CONFIGURATION

No need for this issue

OS / ENVIRONMENT

STEPS TO REPRODUCE

Docker file creation

# Install Ansible
RUN pip3 install \
    ansible \
    redis

# Install Python pip packages
RUN pip3 install \
    requests \
    pywinrm \
    XenAPI \
    netaddr \
    pyopenssl

# File copied from https://raw.githubusercontent.com/ansible-collections/azure/dev/requirements-azure.txt
COPY requirements-azure.txt /tmp/requirements-azure.txt

# Install Python pip packages
RUN pip3 install -r /tmp/requirements-azure.txt

RUN ansible-galaxy collection install azure.azcollection
RUN ansible-galaxy collection install ansible.windows

EXPECTED RESULTS

All packages are installed without errors

ACTUAL RESULTS

**requirements.txt** we need to update the pin the version of packaging and also address the issue with portalocker.
ERROR: azure-cli-telemetry 1.0.6 has requirement portalocker~=1.2, but you'll have portalocker 2.7.0 which is incompatible.
ERROR: azure-cli-core 2.34.0 has requirement packaging<22.0,>=20.9, but you'll have packaging 23.1 which is incompatible.

[Fred-sun]

@alwaysharsha Neither of these packages(packaging and portalocker) is required for our installation and is not defined in the requirment file. To avoid this problem, you can pre-install the packages you need to specify into your local environment. Thanks!

[mrjameswillis]

the recommended way to use this library (requirements-azure.txt) installs azure-cli-core==2.34.0 which has a lock on packaging<22.0. Other libraries I use require packaging>22.0. This needs to be updated to 2.46.0+ to remove that lock.

https://github.com/Azure/azure-cli/commit/97effd78072b03b6f7f49e651e4972616133519e

[shortcord]

As another note, currently ansible-core==2.15.3 pulls packaging==23.1.

Since installing ansible==8.2.0 pulls the listed ansible-core version, fresh installs of stable Ansible will also have problems related to this collection.

I would like to see this get fixed as I don't like downgrading ansible itself just to manage my Azure stack.

[gygitlab]

A security vulnerability was reported this week that is present in paramiko 2.12.0 today that is required by azure-cli-core==2.34.0:

pipdeptree -r --packages paramiko
paramiko==2.12.0
└── azure-cli-core==2.34.0 [requires: paramiko>=2.0.8,<3.0.0]

The current version of azure-cli-core, 2.55.0, has a more updated requirement 'paramiko>=2.0.8,<4.0.0'.

This may need to be updated as a priority.

[MallocArray]

The current version of azure-cli-core, 2.55.0, has a more updated requirement 'paramiko>=2.0.8,<4.0.0'.

Came here for this exact reason.

[Fred-sun]

All related package has upgrade to latest! Thanks!