search

newrelic / ansible-install

Building installation support for our customers are using ansible to manage their infrastructure and services at scale
Apache License 2.0
7 stars 7 forks source link

Object of type AnsibleVaultEncryptedUnicode is not JSON serializable #66

Open davetapley opened 10 months ago

davetapley commented 10 months ago

Description

Trying to switch from newrelic.newrelic-infra to newrelic.newrelic_install and getting error.

Steps to Reproduce

Following instructions here: https://docs.newrelic.com/docs/infrastructure/install-infrastructure-agent/config-management-tools/configure-infrastructure-agent-using-ansible/#getting-started

I used to have:

- role: newrelic.newrelic_install
  vars:
     nrinfragent_os_name: Windows
     nrinfragent_os_version: all
     nrinfragent_config:
     display_name: "{{ inventory_hostname }}"
     # https://github.com/newrelic/infrastructure-agent-ansible/issues/93
     nrinfragent_license_key: !vault |
     $ANSIBLE_VAULT;1.1;AES256
...

So I tried updating to:

- name: Install New Relic
  hosts:
    - web
  roles:
    - role: newrelic.newrelic_install
      vars:
        targets:
          - infrastructure
          - logs
  environment:
    NEW_RELIC_ACCOUNT_ID: XXXXXX
    NEW_RELIC_API_KEY: !vault |
      $ANSIBLE_VAULT;1.1;AES256

Expected Behavior

It works.

Relevant Logs / Console output

PLAY [Install New Relic] *******************************************************************

TASK [Gathering Facts] *********************************************************************
task path: /workspace/.ansible/deploy.yml:681
redirecting (type: modules) ansible.builtin.setup to ansible.windows.setup
The full traceback is:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/ansible/executor/task_executor.py", line 159, in run
    res = self._execute()
  File "/usr/lib/python3/dist-packages/ansible/executor/task_executor.py", line 617, in _execute
    result = self._handler.run(task_vars=variables)
  File "/usr/lib/python3/dist-packages/ansible/plugins/action/gather_facts.py", line 100, in run
    res = self._execute_module(module_name=fact_module, module_args=mod_args, task_vars=task_vars, wrap_async=False)
  File "/usr/lib/python3/dist-packages/ansible/plugins/action/__init__.py", line 994, in _execute_module
    (module_style, shebang, module_data, module_path) = self._configure_module(module_name=module_name, module_args=module_args, task_vars=task_vars)
  File "/usr/lib/python3/dist-packages/ansible/plugins/action/__init__.py", line 232, in _configure_module
    (module_data, module_style, module_shebang) = modify_module(module_name, module_path, module_args, self._templar,
  File "/usr/lib/python3/dist-packages/ansible/executor/module_common.py", line 1365, in modify_module
    (b_module_data, module_style, shebang) = _find_module_utils(module_name, b_module_data, module_path, module_args, task_vars, templar, module_compression,
  File "/usr/lib/python3/dist-packages/ansible/executor/module_common.py", line 1307, in _find_module_utils
    b_module_data = ps_manifest._create_powershell_wrapper(
  File "/usr/lib/python3/dist-packages/ansible/executor/powershell/module_manifest.py", line 399, in _create_powershell_wrapper
    b_json = to_bytes(json.dumps(exec_manifest))
  File "/usr/lib/python3.8/json/__init__.py", line 231, in dumps
    return _default_encoder.encode(obj)
  File "/usr/lib/python3.8/json/encoder.py", line 199, in encode
    chunks = self.iterencode(o, _one_shot=True)
  File "/usr/lib/python3.8/json/encoder.py", line 257, in iterencode
    return _iterencode(o, 0)
  File "/usr/lib/python3.8/json/encoder.py", line 179, in default
    raise TypeError(f'Object of type {o.__class__.__name__} '
TypeError: Object of type AnsibleVaultEncryptedUnicode is not JSON serializable
fatal: [web_prod]: FAILED! => {
    "msg": "Unexpected failure during module execution.",
    "stdout": ""
}
rthorn-nr commented 10 months ago

Hi @davetapley, you'll need to use an API (user) key instead of a license key, although I don't believe this is the source of the issue.

I looks like newrelic-infra supports setting the license key with an object from Ansible vault via vars, and we're using environment for the user key, which likely is the source of the issue -- the 2.8 docs mention that this inlining only works for vars.

I think we could and arguably should support both ways of setting the user key, especially since it seems environment doesn't allow Ansible vault to be used for the key.

So although this isn't strictly a bug (we do not intend to have parity with the newrelic-infra role), I'll treat it as such for now and will try to get this work prioritized. Please see if you can find a workaround in the meantime, and let me know how else I can help.