search

ansible / awx-ee

An Ansible execution environment for AWX project
https://quay.io/ansible/awx-ee
Other
132 stars 158 forks source link

Pin pyOpenSSL lower bound #135

Closed relrod closed 1 year ago

relrod commented 1 year ago

Possible fix for #134.

Another possible solution is to put an upper bound on cryptography, but that seems like a less ideal solution. Curious what others think.

Signed-off-by: Rick Elrod rick@elrod.me

mlkiefer commented 1 year ago

Don't merge this. It does not work. When I run a container built with that, I get

Traceback (most recent call last):                                                                                                                                                                                                                                           
  File "/usr/local/bin/ansible-runner", line 5, in <module>                                                                                                                                                                                                                  
    from ansible_runner.__main__ import main                                                                                                                                                                                                                                 
  File "/usr/local/lib/python3.8/site-packages/ansible_runner/__main__.py", line 48, in <module>                                                                                                                                                                             
    VERSION = pkg_resources.require("ansible_runner")[0].version                                                                                                                                                                                                             
  File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 900, in require                                                                                                                                                                                   
     needed = self.resolve(parse_requirements(requirements))                                                                                                                                                                                                                  
   File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 791, in resolve                                                                                                                                                                                    
     raise VersionConflict(dist, req).with_context(dependent_req)                                                                                                                                                                                                             
 pkg_resources.ContextualVersionConflict: (pyOpenSSL 22.0.0 (/usr/local/lib/python3.8/site-packages), Requirement.parse('pyOpenSSL<20.0.0'), {'ansible-runner'})

pinning at least cryptography == 37.0.4 is the way to go; at least for me that works without errors.

relrod commented 1 year ago

Yep, confirmed, thanks. It fixed the ansible-galaxy case in my quick test, but not the ansible-runner case. Closing and will open a new PR pinning cryptography for now.

Edit to add: Opened #136 for that.