search

ansible / molecule

Molecule aids in the development and testing of Ansible content: collections, playbooks and roles
https://ansible.readthedocs.io/projects/molecule/
MIT License
3.88k stars 662 forks source link

ssh_connection - Additional properties are not allowed ('retries', 'ssh_args' were unexpected) #3707

Closed isuftin closed 2 years ago

isuftin commented 2 years ago

Issue Type

Molecule and Ansible details

ansible --version && molecule --version
ansible [core 2.13.5]
  config file = /Users/isuftin/.ansible.cfg
  configured module search path = ['/Users/isuftin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /Users/isuftin/.pyenv/versions/3.9.10/envs/ctek-development/lib/python3.9/site-packages/ansible
  ansible collection location = /Users/isuftin/.ansible/collections:/usr/share/ansible/collections
  executable location = /Users/isuftin/.pyenv/versions/ctek-development/bin/ansible
  python version = 3.9.10 (main, Jan 31 2022, 16:09:50) [Clang 12.0.0 (clang-1200.0.32.29)]
  jinja version = 3.1.2
  libyaml = True
INFO     Found config file /Users/isuftin/Development/CTek/internal/ctek/automation/ansible/roles/stig/.config/molecule/config.yml
molecule 4.0.3 using python 3.9 
    ansible:2.13.5
    delegated:4.0.3 from molecule
    docker:2.1.0 from molecule_docker requiring collections: community.docker>=3.0.2 ansible.posix>=1.4.0
    ec2:0.4 from molecule_ec2
    vagrant:1.0.0 from molecule_vagrant

Molecule installation method (one of): pip

Ansible installation method (one of): pip

Detail any linters or test runners used:

Desired Behavior

No configuration errors

Actual Behaviour

With Molecule 4.0.3, I am seeing an error coming back which I haven't seen in previous versions:

INFO     Found config file /my/role/.config/molecule/config.yml
CRITICAL Failed to validate /my/role/molecule/my_scenario/molecule.yml

["Additional properties are not allowed ('retries', 'ssh_args' were unexpected)"]

config.yml:

---
# This is common configuration for all concrete molecule scenarios
dependency:
  name: galaxy
  options:
    role-file: ${ANSIBLE_MOLECULE_ROLE_FILE}
    requirements-file: ${ANSIBLE_MOLECULE_COLLECTIONS_FILE}
    force: True

lint: |
  set -e
  yamllint .
  ansible-lint --project-dir .
  flake8 --exclude "molecule/**/tests/*"

driver:
  name: ec2

provisioner:
  name: ansible
  log: True
  config_options:
    defaults:
      bin_ansible_callbacks: True
      callbacks_enabled: ${ANSIBLE_CALLBACKS}
      display_args_to_stdout: True
      pipelining: True
      show_custom_stats: True
      stdout_callback: ${ANSIBLE_STDOUT_CALLBACK}
      timeout: ${ANSIBLE_CONNECTION_TIMEOUT}
      use_persistent_connections: True
      verbosity: ${ANSIBLE_STDOUT_VERBOSITY}
      fact_caching: jsonfile
      fact_caching_connection: ${MOLECULE_EPHEMERAL_DIRECTORY}/facts_cache
      fact_caching_timeout: 7200
    diff:
      always: True
    galaxy:
      display_progress: False
    ssh_connection:
      ssh_args: ${SSH_ARGS}
      retries: ${SSH_RETRIES}
  playbooks:
    converge: ../common/converge.yml

verifier:
  name: testinfra
  directory: '../common/tests'
  options:
    v: True
    junit-xml: junit.xml
    s: true
    r: fEs

senario YAML:


platforms:
  - name: '${MOLECULE_SCENARIO_NAME}-${ROLE_NAME}-${MOLECULE_ANSIBLE_VERSION:-localtest}'
    region: ${AWS_REGION}
    vpc_id: ${AWS_VPC_ID}
    vpc_subnet_id: ${AWS_SUBNET}
    instance_type: ${AWS_INSTANCE_TYPE}
    security_groups: ${AWS_SECURITY_GROUPS}
    aws_iam_role: ${AWS_IAM_ROLE}
    tags:
      wma:project_id: enterprise
      wma:molecule_pipeline_id: ${CI_PIPELINE_ID:-manual}
      wma:ansible_managed: 'true'
      Name: Ansible Molecule - ${MOLECULE_SCENARIO_NAME}-${ROLE_NAME}-${MOLECULE_ANSIBLE_VERSION:-localtest}
    key_inject_method: ec2
    image: ${MY_AMI}

provisioner:
  env:
    SSH_USERNAME: ec2-user
  inventory:
    links:
      host_vars: ../common/ec2/host_vars
  playbooks:
    create: ../common/ec2/create.yml
    destroy: ../common/ec2/destroy.yml

If I comment out the ssh_connection params under provisioner, this works fine. However, I thought that this was valid configuration as per https://github.com/ansible/ansible/blob/5037dc4e69b140a2f5345711fe9318d3fdea730e/lib/ansible/constants.py#L300-L304

Am I doing it wrong or is this a regression in Molecule in 4.0.3?

isuftin commented 2 years ago

It looks like when I change ssh_connection to ssh and retries to reconnection_retries, this works fine.

provisioner:
  name: ansible
  log: True
  config_options:
    defaults:
      bin_ansible_callbacks: True
      callbacks_enabled: ${ANSIBLE_CALLBACKS}
      display_args_to_stdout: True
      pipelining: True
      show_custom_stats: True
      stdout_callback: ${ANSIBLE_STDOUT_CALLBACK}
      timeout: ${ANSIBLE_CONNECTION_TIMEOUT}
      use_persistent_connections: True
      verbosity: ${ANSIBLE_STDOUT_VERBOSITY}
      fact_caching: jsonfile
      fact_caching_connection: ${MOLECULE_EPHEMERAL_DIRECTORY}/facts_cache
      fact_caching_timeout: 7200
    diff:
      always: True
    galaxy:
      display_progress: False
    ssh:
      ssh_args: ${SSH_ARGS}
      reconnection_retries: ${SSH_RETRIES}
mnaser commented 2 years ago

@isuftin it looks like the pipelining issue was fixed for me, but ssh_args did not do the trick, I think it's no longer being read/parsed.

Related: https://github.com/ansible/ansible/issues/78750

mnaser commented 2 years ago

I'm attempting to workaround with this :)

https://github.com/vexxhost/atmosphere/commit/c5e4ff2f62e5d7dd6a443e8b5df34e9f6554f9c4