search

geerlingguy / ansible-role-php-versions

Ansible Role - PHP Versions
https://galaxy.ansible.com/geerlingguy/php-versions/
MIT License
98 stars 73 forks source link

Under RedHat enable codeready-builder repository #48

Closed mhitza closed 3 years ago

mhitza commented 4 years ago

On RedHat, after installing EPEL there is no PowerTools repository. Packages that normally are located in PowerTools can be found in the codeready-builder repository.

I've encountered this issue today while configuring a RedHat 8.2 instance on AWS. The error I've encountered

TASK geerlingguy.php : Ensure PHP packages are ******************************************************
fatal: [x.x.x.x]: FAILED! => {"changed": false, "failures": [], "msg": "Depsolve Error occured: \n
Problem: cannot install the best candidate for the job\n - nothing provides libedit-devel(x86-64)
needed by php-devel-7.3.18-1.el8.remi.x86_64", "rc": 1, "results": []}

While on CentOS that specific package (a dependency of php-devel) is located in the PowerTools repository, on RedHat it's located in the codeready-builder repository.

Also see https://fedoraproject.org/wiki/EPEL#Quickstart

geerlingguy commented 4 years ago

I'm wondering how this is passing tests in CentOS 8, then; could the AWS Red Hat instance AMI you were using be configured differently than a minimal CentOS 8 installation?

mhitza commented 4 years ago

To be honest I'm not quite sure. From what I've read AWS provides the RedHat images with their own set of repository mirrors, and nothing else. The only reason I've used RedHat was that there isn't yet an official CentOS8 AMI on AWS.

However, on the linked page from the Fedora wiki, it explicitly states that you need to enable this repository in RedHat if you're using EPEL.

epel

Also do note, that if you install EPEL in RedHat there is no PowerTools repository and yet the Ansible playbook doesn't fail when it reaches dnf config-manager --set-enabled PowerTools. That's why I've included the additional line without any error check.

mhitza commented 4 years ago

This seems to be a story about how RedHat is diverging from CentOS. Thanks, IBM? /s

@geerlingguy Here is a diff with which you can easily verify the issue on a standard RedHat container, called ubi-init (Red Hat Universal Base Image 8 Init). The molecule converge step will fail at the same step displayed in my PR description.

diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2
new file mode 100644
index 0000000..00d7ad1
--- /dev/null
+++ b/molecule/default/Dockerfile.j2
@@ -0,0 +1,5 @@
+FROM registry.access.redhat.com/ubi8/ubi-init
+
+RUN dnf install -y sudo python3-pip \
+      https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \
+    pip3 install ansible
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 2da47dd..11d4f07 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -9,12 +9,14 @@ lint: |
   ansible-lint
 platforms:
   - name: instance
-    image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
+    image: rh8:latest
+    dockerfile: Dockerfile.j2
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:ro
     privileged: true
-    pre_build_image: true
+    #pre_build_image: true
+    network_mode: host
 provisioner:
   name: ansible
   playbooks:

Now for the funny part. As hinted before the codeready-builder is the equivalent of PowerTools (CentOS 8 and codeready-developer repo). I'm just going to assume that the RedHat developer that replied to that email made a small error, as the repository that contains libedit-devel is codeready-builder. As confirmed by the RedHat portal

libedit-devel

Now, the exact repository to enable should be actually "\*codeready-builder\*", as the naming differs between the ubi/RedHat/RedHat AMI by Amazon. For even more head scratching, the ubi codeready-builder doesn't contain the libedit-devel package.

Maybe a note about the state of this is worth in some readme somewhere.

TL;DR

I don't know why php-devel is a default package choice in your geerlingguy.php role, but if we remove that default at least this entire issue with the dependency on libedit-devel is avoided. Tested by listing explicitly php_packages in converge.yml vars.

Additionally, it's worth to investigate why the Remi php-devel package depends on libedit-devel whereas the default php-devel does not.

stale[bot] commented 4 years ago

This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution!

Please read this blog post to see the reasons why I mark pull requests as stale.

MacFlurry commented 4 years ago

still an issue

stale[bot] commented 4 years ago

This issue is no longer marked for closure.

stale[bot] commented 3 years ago

This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution!

Please read this blog post to see the reasons why I mark pull requests as stale.

stale[bot] commented 3 years ago

This pull request has been closed due to inactivity. If you feel this is in error, please reopen the pull request or file a new PR with the relevant details.