search

ansible / ansible-builder

An Ansible execution environment builder
Other
289 stars 93 forks source link

Malformed bindep.txt files do not halt execution #90

Open AlanCoding opened 4 years ago

AlanCoding commented 4 years ago

See https://github.com/ansible/ansible-builder/pull/89

We don't know how to determine of the bindep CLI command is successful in finding the missing deps, or if it has erred.

AlanCoding commented 3 years ago

Issue was filed upstream for bindep here https://storyboard.openstack.org/#!/story/2008049

Ping @pabelanger, this can create situations which are really difficult to debug. I mainly hit it where it would error without a trailing newline at the end of the input bindep.txt file (but there are many other things that can go wrong, from collection bindep.txt files). It keeps running deep into the build process because there's no indicator to alert the code to the error (meaning of return code is overloaded for other purpose), and by the time it does error it is a nightmare to figure out. This is a big part of the reason we write the intermediary files like bindep_combined.txt - because this file might contain an error dump from the bindep CLI, and there's no way for the user to know. I would say that assemble becomes obligated to handle these errors, but I honestly don't think it can because this is a pretty fundamental problem.

AlanCoding commented 3 years ago

I'm increasingly thinking that the best solution is to make ansible-builder depend on bindep as a python package and call it directly in code.

    if depends is None:
        depends = bindep.depends.get_depends(args.filename)
        if not depends:
            return 1

    if args.profiles:
        logging.info("Platform profiles:")
        for profile in depends.platform_profiles():
            logging.info("%s", profile)
        logging.info("")
        logging.info("Configuration profiles:")
        for profile in depends.profiles():
            logging.info("%s", profile)
        return 0

The cases which are actually painful for us look like fairly intentional return 1 or 0 cases in code, and we could error handle just fine if we were doing this in python, IMO.

But now we're calling this via the assemble script, and this leads back to my idea that we may be better off to combine those with introspect to create multiple documented tools with a CLI to go with them.

AlanCoding commented 3 years ago

I am likely to combine this with https://github.com/ansible/ansible-builder/issues/201

felixfontein commented 2 years ago

Hmm, I think I also encountered that: https://github.com/ansible-collections/community.sops/runs/6039420137?check_suite_focus=true

I had URLs in my bindep.txt file, which made bindep barf, but the build process just continued and ended with Complete!. (Obviously the dependency wasn't in the EE image and thus the tests expecting it to be there failed...)