search

cisagov / cyhy_amis

AWS infrastructure for Cyber Hygiene and BOD 18-01 scanning
Creative Commons Zero v1.0 Universal
19 stars 5 forks source link

Explore using Python 3 on the remote host when building certain AMIs #808

Closed mcdonnnj closed 2 months ago

mcdonnnj commented 3 months ago

🚀 Feature Proposal

We should try to remove the hard-coded ansible_python_interpreter=auto_legacy_silent argument use to force Python 2 usage on the remote host when building the dashboard, database, and reporter AMIs. This should result in Ansible using the Python 3 interpreter it discovers instead.

Motivation

ansible-core 2.17 dropped support for Python 2 and Python 3.6, thus requiring Python 3.7+ on remotes to function. We must pin under this version until we are able to build AMIs using the Python 3 interpreter, which is not ideal in the long term.

mcdonnnj commented 2 months ago

I verified that the following Python 2 reliant Ansible roles which are used to build AMIs specify an executable argument with the ansible.builtin.pip module: