search

ansible / awx-ee

An Ansible execution environment for AWX project
https://quay.io/ansible/awx-ee
Other
132 stars 158 forks source link

Ansible uri module fails in awx-ee:latest #112

Closed ronivay closed 2 years ago

ronivay commented 2 years ago

Ansible uri module is broken (likely something else as well, but this is what i noticed problem with) in container with latest tag. /usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py is trying to reference to a missing attribute, causing uri module to fail.

Can be reproduced like this:

docker run -it quay.io/ansible/awx-ee:latest /bin/bash

Create sample playbook to /tmp/play.yml with content:

---

- name: test
  hosts: localhost

  tasks:
  - name: test
    uri:
      url: "https://github.com"
      method: GET
      status_code: 200

run it:

bash-4.4$ ansible-playbook play.yml
/usr/local/lib/python3.8/site-packages/paramiko/transport.py:236: CryptographyDeprecationWarning: Blowfish has been deprecated
  "class": algorithms.Blowfish,
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [test] ********************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *********************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [test] ********************************************************************************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/home/runner/.ansible/tmp/ansible-tmp-1651047435.8167667-59-205387513469591/AnsiballZ_uri.py\", line 107, in <module>\n    _ansiballz_main()\n  File \"/home/runner/.ansible/tmp/ansible-tmp-1651047435.8167667-59-205387513469591/AnsiballZ_uri.py\", line 99, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/home/runner/.ansible/tmp/ansible-tmp-1651047435.8167667-59-205387513469591/AnsiballZ_uri.py\", line 47, in invoke_module\n    runpy.run_module(mod_name='ansible.modules.uri', init_globals=dict(_module_fqn='ansible.modules.uri', _modlib_path=modlib_path),\n  File \"/usr/lib64/python3.8/runpy.py\", line 207, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib64/python3.8/runpy.py\", line 97, in _run_module_code\n    _run_code(code, mod_globals, init_globals,\n  File \"/usr/lib64/python3.8/runpy.py\", line 87, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_ansible.legacy.uri_payload_qe4x8_yb/ansible_ansible.legacy.uri_payload.zip/ansible/modules/uri.py\", line 446, in <module>\n  File \"<frozen importlib._bootstrap>\", line 991, in _find_and_load\n  File \"<frozen importlib._bootstrap>\", line 975, in _find_and_load_unlocked\n  File \"<frozen importlib._bootstrap>\", line 655, in _load_unlocked\n  File \"<frozen importlib._bootstrap>\", line 618, in _load_backward_compatible\n  File \"<frozen zipimport>\", line 259, in load_module\n  File \"/tmp/ansible_ansible.legacy.uri_payload_qe4x8_yb/ansible_ansible.legacy.uri_payload.zip/ansible/module_utils/urls.py\", line 115, in <module>\n  File \"/usr/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py\", line 46, in <module>\n    import OpenSSL.SSL\n  File \"/usr/local/lib/python3.8/site-packages/OpenSSL/__init__.py\", line 8, in <module>\n    from OpenSSL import crypto, SSL\n  File \"/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py\", line 1517, in <module>\n    class X509StoreFlags(object):\n  File \"/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py\", line 1537, in X509StoreFlags\n    CB_ISSUER_CHECK = _lib.X509_V_FLAG_CB_ISSUER_CHECK\nAttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

PLAY RECAP *********************************************************************************************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0
ivantomica commented 2 years ago

Probably related to this issue:

eselvam commented 2 years ago

Yes. we also got same error: awx AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK

as we used custom Ee to over come this. shall we know when we can expect AWX EE to be patched to fix this?

nabheet commented 1 year ago

It seems this same error is occurring again over the past 12 hours or so. Looks like the container image was updated recently. Can anyone confirm if the same error is occurring right now?

nabheet commented 1 year ago

Someone already opened another issue: https://github.com/ansible/awx-ee/issues/134