community.kubernetes.helm: release_values makes ansible always show changed state

SpikePy commented 4 years ago

SUMMARY

When using values_files: /tmp/{{ role_name }}/values_rabbitmq.yml in the new helm module ansible always shows a changed state after running it (even though the file has the same content), but if I use release_values: "{{ lookup('template', 'values_rabbitmq.yml') | from_yaml }}" with the same content it just shows ok and only shows change when something actually changed in the given values.

ISSUE TYPE

Bug Report

COMPONENT NAME

community.kubernetes.helm

ANSIBLE VERSION

ansible 2.10.2
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.9.0 (default, Oct 13 2020, 20:25:37) [GCC 8.3.0]

CONFIGURATION

DEFAULT_LOAD_CALLBACK_PLUGINS(env: ANSIBLE_LOAD_CALLBACK_PLUGINS) = True
DEFAULT_STDOUT_CALLBACK(env: ANSIBLE_STDOUT_CALLBACK) = yaml

OS / ENVIRONMENT

Linux work 5.8.0-3-amd64 #1 SMP Debian 5.8.14-1 (2020-10-10) x86_64 GNU/Linux

STEPS TO REPRODUCE

# rabbitmq
- name: Create temporary directory for values
  file:
    path: /tmp/{{ role_name }}
    state: directory
  changed_when: false

- name: Write configs to temporary file
  template:
    src: "{{ item }}"
    dest: /tmp/{{ role_name }}/{{ item | basename | regex_replace('\.j2$','') }}
  with_fileglob:
    - ../templates/*.j2
  changed_when: false

- name: Install rabbitmq cluster
  community.kubernetes.helm:
    chart_repo_url: https://charts.bitnami.com/bitnami
    chart_ref: rabbitmq
    release_namespace: "{{ rabbitmq_namespace }}"
    name: "{{ rabbitmq_install_name }}"
    chart_version: "{{ rabbitmq_helm_version }}"
    values_files: /tmp/{{ role_name }}/values_rabbitmq.yml
    #release_values: "{{ lookup('template', 'values_rabbitmq.yml.j2') | from_yaml }}"

EXPECTED RESULTS

Ansible should show a changed state only if there were changes in the configuration-/values-file

ACTUAL RESULTS

ansible always shows changed state

ansible-playbook --vault-password-file=/misc/vault_key /project/infrastructure/deploy.yml -i /project/infrastructure/inventory --extra-vars stage=$stage --tags k8s_rabbitmq

PLAY [azure] ********************************************************************************************************************************************************************************************************

PLAY [k8s_sbx] ******************************************************************************************************************************************************************************************************

TASK [azure_get_kubeconfig : Preparing kubectl directory] ***********************************************************************************************************************************************************
ok: [sbx]

TASK [azure_get_kubeconfig : get kubeconfig] ************************************************************************************************************************************************************************
[WARNING]: Azure API profile latest does not define an entry for ContainerServiceClient
ok: [sbx]

TASK [azure_get_kubeconfig : Save kube_config from AKS-Information to ~/.kube/config] *******************************************************************************************************************************
ok: [sbx]

TASK [k8s_rabbitmq : Create temporary directory for values] *********************************************************************************************************************************************************
ok: [sbx]

TASK [k8s_rabbitmq : Write configs to temporary file] ***************************************************************************************************************************************************************
ok: [sbx] => (item=/root/.ansible/roles/k8s_rabbitmq/tasks/../templates/values_rabbitmq.yml.j2)
ok: [sbx] => (item=/root/.ansible/roles/k8s_rabbitmq/tasks/../templates/rabbitmq_credentials_secret.yml.j2)

TASK [k8s_rabbitmq : Install rabbitmq cluster] **********************************************************************************************************************************************************************
changed: [sbx]

TASK [k8s_rabbitmq : Deploy rabbitmq credentials-secret] ************************************************************************************************************************************************************
ok: [sbx]

PLAY RECAP **********************************************************************************************************************************************************************************************************
sbx                        : ok=7    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

goneri commented 3 years ago

Hi @SpikePy, thank for reporting this.

Helm provides a plugin called helm-diff that would be handy to address this problem. However since it's a plugin, we're not sure if it's a good idea to rely on it. On the other side, we don't feel like it's a good idea to rewrite it internally just for this case. @fabianvf how do you feel about that?

Akasurde commented 3 years ago

resolved_by_pr #332

Akasurde commented 3 years ago

@SpikePy Could you please check if #332 works for you and let us know? Thanks.

SpikePy commented 3 years ago

@Akasurde Just had time and the opportunity to test it and it worked like a charm. showed changed state if i changed the charts version tag and if I re-rolled it with the same module parameters without any changes it shows "ok" 👍

ansible-collections / community.kubernetes