Ansible Semaphore compatibility

SUMMARY

I am trying to use this plugin with Ansible Semaphore.

I am using a custom docker file:

# Dockerfile

FROM semaphoreui/semaphore:latest

USER root

# Install required packages and configure krb5.conf

#^ apk
RUN apk --no-cache add \
    su-exec \
    python3 \
    py3-pip \
    build-base \
    python3-dev \
    krb5-dev \
    krb5

#^ pip3 and packages 
RUN pip3 install --upgrade pip \
    && pip3 install \
    pywinrm \
    requests \
    pykerberos \
    krb5 \
    ldap3 \
    dnspython \
    pyspnego \
    pyspnego[kerberos] \
    sansldap

#FIXME: change your realms and domain controllers to your desired
#^ confiugre Kerberos
RUN  { \
        echo '[logging]'; \
        echo '# default = FILE:/var/log/krb5libs.log'; \
        echo '# kdc = FILE:/var/log/krb5kdc.log'; \
        echo '# admin_server = FILE:/var/log/kadmind.log'; \
        echo ''; \
        echo '[libdefaults]'; \
        echo 'dns_lookup_realm = false'; \
        echo 'ticket_lifetime = 24h'; \
        echo 'renew_lifetime = 7d'; \
        echo 'forwardable = true'; \
        echo 'rdns = false'; \
        echo ''; \
        echo '[realms]'; \
        echo 'DOMAIN1.COM = {'; \
        echo '  kdc = dc1.DOMAIN1.COM'; \
        echo '  kdc = dc2.DOMAIN1.COM'; \
        echo '}'; \
        echo 'DOMAIN2.COM = {'; \
        echo '  kdc = dc1.DOMAIN2.COM'; \
        echo '  kdc = dc2.DOMAIN2.COM'; \
        echo '}'; \
        echo ''; \
        echo '[domain_realm]'; \
        echo ''; \
    } > /etc/krb5.conf 

USER semaphore

(this, as basic as it is, meant to address all the pre-requisites for winrm and kerberos, including the modules listed as pre-requisites for this plugin).

deployed stack:

---
#FIXME: passwords should be comming from env vars - until this is fixed this file is Git-ignored
version: "2"

services:
  mysql:
    ports:
      - 3306:3306
    image: mysql:5.6
    container_name: mysql
    hostname: mysql
    environment:
      MYSQL_RANDOM_ROOT_PASSWORD: "yes"
      MYSQL_DATABASE: semaphore_db
      MYSQL_USER: semaphore_user
      MYSQL_PASSWORD: < strong password >
    volumes:
      - semaphore-mysql:/var/lib/mysql

  semaphore:
    build: .
    ports:
      - 443:3000
    container_name: semaphore
    environment:
      SEMAPHORE_DB_USER: semaphore_user
      SEMAPHORE_DB_PASS: < strong password >
      SEMAPHORE_DB_HOST: mysql
      SEMAPHORE_DB_PORT: 3306
      SEMAPHORE_DB: semaphore_db
      SEMAPHORE_PLAYBOOK_PATH: /tmp/semaphore/
      SEMAPHORE_ADMIN_PASSWORD: < password >
      SEMAPHORE_ADMIN_NAME: admin
      SEMAPHORE_ADMIN_EMAIL: admin@computingpost.com
      SEMAPHORE_ADMIN: admin
      SEMAPHORE_ACCESS_KEY_ENCRYPTION: MflCLIUF5bn6Lgkuwy4BoAdIFhoZ4Ief2oocXmuZSjs=
    depends_on:
      - mysql
volumes:
  semaphore-mysql: # to use postgres, switch to: semaphore-postgres

But it looks like Ansible / Semaphore has a hard time using this....

ISSUE TYPE

Bug Report

COMPONENT NAME

Not sure.

ANSIBLE VERSION

~ $ ansible --version
ansible [core 2.14.5]
  config file = None
  configured module search path = ['/home/semaphore/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.11/site-packages/ansible
  ansible collection location = /home/semaphore/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.6 (main, Oct  4 2023, 06:22:18) [GCC 12.2.1 20220924] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

COLLECTION VERSION

~ $ ansible-galaxy collection list community.general

# /usr/lib/python3.11/site-packages/ansible_collections
Collection        Version
----------------- -------
community.general 6.6.0
~ $

CONFIGURATION


~ $ ansible-config dump --only-changed
CONFIG_FILE() = None
~ $

but actually in the repo I use I have this:

[defaults]
collections_paths = /etc/ansible/collections:/opt/ansible/collections:collections
roles_path = /etc/ansible/roles:/opt/ansible/roles:roles

# You’ll also need to make sure that requiretty is disabled
# in /etc/sudoers on the remote host, or become won’t work
# with pipelining enabled.
[ssh_connection]
pipelining = True

OS / ENVIRONMENT

it is docker, but in the container:

~ $ cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.18.3
PRETTY_NAME="Alpine Linux v3.18"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"
~ $

STEPS TO REPRODUCE

# cat sig.microsoft.ad.ldap.yml
plugin: microsoft.ad.ldap
server: dc1.DOMAIN1.COM
port: 389
search_base: DC=domain1,DC=com
filter: (operatingSystem=*server*)
groups:
  windows: true
  all: true
  sig: true

# cat win_ping.yml
---
- name: Ping WIN hosts
  hosts: all
  gather_facts: false
  tasks:
    - name: Use Windows ping module
      win_ping:

EXPECTED RESULTS

ACTUAL RESULTS

5:22:01 PM
[WARNING]: * Failed to parse
5:22:01 PM
/tmp/semaphore/repository_1_8/inventories/sig.microsoft.ad.ldap.yml with auto
5:22:01 PM
plugin: inventory config
5:22:01 PM
'/tmp/semaphore/repository_1_8/inventories/sig.microsoft.ad.ldap.yml' specifies
5:22:01 PM
unknown plugin 'microsoft.ad.ldap'
5:22:01 PM
[WARNING]: * Failed to parse
5:22:01 PM
/tmp/semaphore/repository_1_8/inventories/sig.microsoft.ad.ldap.yml with yaml
5:22:01 PM
plugin: Plugin configuration YAML file, not YAML inventory
5:22:01 PM
[WARNING]: * Failed to parse
5:22:01 PM
/tmp/semaphore/repository_1_8/inventories/sig.microsoft.ad.ldap.yml with ini
5:22:01 PM
plugin: Invalid host pattern 'plugin:' supplied, ending in ':' is not allowed,
5:22:01 PM
this character is reserved to provide a port.
5:22:01 PM
[WARNING]: Unable to parse
5:22:01 PM
/tmp/semaphore/repository_1_8/inventories/sig.microsoft.ad.ldap.yml as an
5:22:01 PM
inventory source
5:22:01 PM
[WARNING]: No inventory was parsed, only implicit localhost is available
5:22:01 PM
[WARNING]: provided hosts list is empty, only localhost is available. Note that
5:22:01 PM
the implicit localhost does not match 'all'

ansible-collections / microsoft.ad

Ansible Semaphore compatibility #89