The Schedules role is failing to get instance_groups and execution_environments

[ivarmu]

Summary

• If instance_groups are specified in the input schedule, the Schedule role fails to get the specified instance group
• If execution_environment is specified in the input schedule, the Schedule role fails to get the specified execution_environment

Issue Type

• Bug Report

Ansible, Collection, Controller details

$ ansible --version
ansible [core 2.14.5]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ivan/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.11/site-packages/ansible
  ansible collection location = /home/ivan/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.3 (main, May 24 2023, 00:00:00) [GCC 12.3.1 20230508 (Red Hat 12.3.1-1)] (/usr/bin/python3)
  jinja version = 3.0.3
  libyaml = True

ansible-galaxy collection list

# /home/ivan/.ansible/collections/ansible_collections
Collection         Version
------------------ -------
ansible.controller 4.3.0  
ansible.tower      3.8.3  
awx.awx            22.3.0 
community.vmware   1.13.0 
containers.podman  1.8.2  
kubernetes.core    2.3.2  

# /usr/lib/python3.11/site-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    5.4.0  
ansible.netcommon             4.1.0  
ansible.posix                 1.5.2  
ansible.utils                 2.9.0  
ansible.windows               1.13.0 
arista.eos                    6.0.1  
awx.awx                       21.14.0
azure.azcollection            1.15.0 
check_point.mgmt              4.0.0  
chocolatey.chocolatey         1.4.0  
cisco.aci                     2.6.0  
cisco.asa                     4.0.0  
cisco.dnac                    6.7.1  
cisco.intersight              1.0.27 
cisco.ios                     4.5.0  
cisco.iosxr                   4.1.0  
cisco.ise                     2.5.12 
cisco.meraki                  2.15.1 
cisco.mso                     2.4.0  
cisco.nso                     1.0.3  
cisco.nxos                    4.3.0  
cisco.ucs                     1.8.0  
cloud.common                  2.1.3  
cloudscale_ch.cloud           2.2.4  
community.aws                 5.4.0  
community.azure               2.0.0  
community.ciscosmb            1.0.5  
community.crypto              2.12.0 
community.digitalocean        1.23.0 
community.dns                 2.5.3  
community.docker              3.4.3  
community.fortios             1.0.0  
community.general             6.6.0  
community.google              1.0.0  
community.grafana             1.5.4  
community.hashi_vault         4.2.0  
community.hrobot              1.8.0  
community.libvirt             1.2.0  
community.mongodb             1.5.2  
community.mysql               3.6.0  
community.network             5.0.0  
community.okd                 2.3.0  
community.postgresql          2.3.2  
community.proxysql            1.5.1  
community.rabbitmq            1.2.3  
community.routeros            2.8.0  
community.sap                 1.0.0  
community.sap_libs            1.4.1  
community.skydive             1.0.0  
community.sops                1.6.1  
community.vmware              3.5.0  
community.windows             1.12.0 
community.zabbix              1.9.3  
containers.podman             1.10.1 
cyberark.conjur               1.2.0  
cyberark.pas                  1.0.17 
dellemc.enterprise_sonic      2.0.0  
dellemc.openmanage            6.3.0  
dellemc.os10                  1.1.1  
dellemc.os6                   1.0.7  
dellemc.os9                   1.0.4  
dellemc.powerflex             1.6.0  
dellemc.unity                 1.6.0  
f5networks.f5_modules         1.23.0 
fortinet.fortimanager         2.1.7  
fortinet.fortios              2.2.3  
frr.frr                       2.0.2  
gluster.gluster               1.0.2  
google.cloud                  1.1.3  
grafana.grafana               1.1.1  
hetzner.hcloud                1.11.0 
hpe.nimble                    1.1.4  
ibm.qradar                    2.1.0  
ibm.spectrum_virtualize       1.11.0 
infinidat.infinibox           1.3.12 
infoblox.nios_modules         1.4.1  
inspur.ispim                  1.3.0  
inspur.sm                     2.3.0  
junipernetworks.junos         4.1.0  
kubernetes.core               2.4.0  
lowlydba.sqlserver            1.3.1  
mellanox.onyx                 1.0.0  
microsoft.ad                  1.0.0  
netapp.aws                    21.7.0 
netapp.azure                  21.10.0
netapp.cloudmanager           21.22.0
netapp.elementsw              21.7.0 
netapp.ontap                  22.5.0 
netapp.storagegrid            21.11.1
netapp.um_info                21.8.0 
netapp_eseries.santricity     1.4.0  
netbox.netbox                 3.12.0 
ngine_io.cloudstack           2.3.0  
ngine_io.exoscale             1.0.0  
ngine_io.vultr                1.1.3  
openstack.cloud               1.10.0 
openvswitch.openvswitch       2.1.0  
ovirt.ovirt                   2.4.1  
purestorage.flasharray        1.17.2 
purestorage.flashblade        1.11.0 
purestorage.fusion            1.4.2  
sensu.sensu_go                1.13.2 
splunk.es                     2.1.0  
t_systems_mms.icinga_director 1.32.2 
theforeman.foreman            3.10.0 
vmware.vmware_rest            2.3.1  
vultr.cloud                   1.7.0  
vyos.vyos                     4.0.2  
wti.remote                    1.0.4  

Controller version: Ansible Automation Platform Controller 4.3.8

• ansible installation method: OS package,

OS / ENVIRONMENT

RHEL9

Desired Behavior

The input values exists in the controller, so they should be successfully located by the Schedules role.

Actual Behavior

Please give some details of what is actually happening. Include a minimum complete verifiable example with:

• playbook / task

  
  ---

• name: Schedules dispatch Test hosts: all connection: local gather_facts: false vars: controller_username: "{{ vault_controller_username | default(lookup('env', 'CONTROLLER_USERNAME')) }}" controller_password: "{{ vault_controller_password | default(lookup('env', 'CONTROLLER_PASSWORD')) }}" controller_hostname: "{{ vault_controller_hostname | default(lookup('env', 'CONTROLLER_HOST')) }}" controller_validate_certs: "{{ vault_controller_validate_certs | default(lookup('env', 'CONTROLLER_VERIFY_SSL')) }}"

  pre_tasks:

  • name: "Setup authentication (block)"

    no_log: "{{ controller_configuration_filetree_create_secure_logging }}"

    when: controller_oauthtoken is not defined tags:

    • always block:

    • name: "Get the Authentication Token for the future requests" ansible.builtin.uri: url: "https://{{ controller_hostname }}/api/v2/tokens/" user: "{{ controller_username }}" password: "{{ controller_password }}" method: POST force_basic_auth: true validate_certs: "{{ controller_validate_certs }}" status_code: 201 register: authtoken_res

    • name: "Set the oauth token to be used since now" ansible.builtin.set_fact: controller_oauthtoken: "{{ authtoken_res.json.token }}" controller_oauthtoken_url: "{{ authtoken_res.json.url }}"

  roles:

  • infra.controller_configuration.dispatch

  post_tasks:

  • name: "Delete the Authentication Token used" ansible.builtin.uri: url: "https://{{ controller_hostname }}{{ controller_oauthtoken_url }}" user: "{{ controller_username }}" password: "{{ controller_password }}" method: DELETE force_basic_auth: true validate_certs: "{{ controller_validate_certs }}" status_code: 204 when: controller_oauthtoken_url is defined ...

- configuration file / list
```yaml
---
controller_schedules:
  - name: "test"
    description: ""
    organization: "neworg"
    enabled: True
    unified_job_template: "testJT"
    inventory: "Workshop Inventory"
    instance_groups:
      - "myinstancegroup"
    dtstart: "2023-06-14T13:00:00Z"
    dtend: "2023-06-14T13:00:00Z"
    timezone: "Europe/Madrid"
    rrule: "DTSTART;TZID=Europe/Madrid:20230614T150000 RRULE:INTERVAL=1;COUNT=1;FREQ=MINUTELY"
    extra_data:
      var: value
    scm_branch: ""
    forks: 10
    job_slice_count: 10
    labels:
      - "testing"
    timeout: 0
    job_type: "run"
    job_tags: "schedules"
    skip_tags: "credentials"
    limit: "localhost"
    diff_mode: True
    verbosity: 1
...

• error

$ ansible-playbook -i localhost, test.yml -e '{input_tag: [schedules]}' -e @/tmp/filetree_output/schedules/7_test.yaml --tags schedules -vvvv
ansible-playbook [core 2.14.5]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ivan/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.11/site-packages/ansible
  ansible collection location = /home/ivan/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-playbook
  python version = 3.11.3 (main, May 24 2023, 00:00:00) [GCC 12.3.1 20230508 (Red Hat 12.3.1-1)] (/usr/bin/python3)
  jinja version = 3.0.3
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
Set default localhost to localhost
Parsed localhost, inventory source with host_list plugin
Loading collection infra.controller_configuration from /tmp/workdir/collections/ansible_collections/infra/controller_configuration
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python3.11/site-packages/ansible/plugins/callback/default.py
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: test.yml ***************************************************************************************************************************************************************************************************************************
Positional arguments: test.yml
verbosity: 4
connection: smart
timeout: 10
become_method: sudo
tags: ('schedules',)
inventory: ('localhost,',)
extra_vars: ('{input_tag: [schedules]}', '@/tmp/filetree_output/schedules/7_test.yaml')
forks: 5
1 plays in test.yml

PLAY [Schedules dispatch Test] ***************************************************************************************************************************************************************************************************************
...
...
...
<localhost> EXEC /bin/sh -c 'echo ~ivan && sleep 0'
<localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/ivan/.ansible/tmp `"&& mkdir "` echo /home/ivan/.ansible/tmp/ansible-tmp-1686818020.8602357-677215-168962299828365 `" && echo ansible-tmp-1686818020.8602357-677215-168962299828365="` echo /home/ivan/.ansible/tmp/ansible-tmp-1686818020.8602357-677215-168962299828365 `" ) && sleep 0'
Using module file /usr/lib/python3.11/site-packages/ansible/modules/async_status.py
<localhost> PUT /home/ivan/.ansible/tmp/ansible-local-677141lp6ojs_e/tmpks4nazha TO /home/ivan/.ansible/tmp/ansible-tmp-1686818020.8602357-677215-168962299828365/AnsiballZ_async_status.py
<localhost> EXEC /bin/sh -c 'chmod u+x /home/ivan/.ansible/tmp/ansible-tmp-1686818020.8602357-677215-168962299828365/ /home/ivan/.ansible/tmp/ansible-tmp-1686818020.8602357-677215-168962299828365/AnsiballZ_async_status.py && sleep 0'
<localhost> EXEC /bin/sh -c '/usr/bin/python3 /home/ivan/.ansible/tmp/ansible-tmp-1686818020.8602357-677215-168962299828365/AnsiballZ_async_status.py && sleep 0'
<localhost> EXEC /bin/sh -c 'rm -f -r /home/ivan/.ansible/tmp/ansible-tmp-1686818020.8602357-677215-168962299828365/ > /dev/null 2>&1 && sleep 0'
failed: [localhost] (item={'failed': 0, 'started': 1, 'finished': 0, 'ansible_job_id': 'j339570088658.677208', 'results_file': '/tmp/.ansible_async/j339570088658.677208', 'changed': False, '__controller_schedule_item': {'name': 'test', 'description': '', 'organization': 'neworg', 'enabled': True, 'unified_job_template': 'testJT', 'inventory': 'Workshop Inventory', 'instance_groups': ['myinstancegroup'], 'dtstart': '2023-06-14T13:00:00Z', 'dtend': '2023-06-14T13:00:00Z', 'timezone': 'Europe/Madrid', 'rrule': 'DTSTART;TZID=Europe/Madrid:20230614T150000 RRULE:INTERVAL=1;COUNT=1;FREQ=MINUTELY', 'extra_data': {'var': 'value'}, 'scm_branch': '', 'forks': 10, 'job_slice_count': 10, 'labels': ['testing'], 'timeout': 0, 'job_type': 'run', 'job_tags': 'schedules', 'skip_tags': 'credentials', 'limit': 'localhost', 'diff_mode': True, 'verbosity': 1}, 'ansible_loop_var': '__controller_schedule_item'}) => {
    "__controller_schedule_job_async_results_item": {
        "__controller_schedule_item": {
            "description": "",
            "diff_mode": true,
            "dtend": "2023-06-14T13:00:00Z",
            "dtstart": "2023-06-14T13:00:00Z",
            "enabled": true,
            "extra_data": {
                "var": "value"
            },
            "forks": 10,
            "instance_groups": [
                "myinstancegroup"
            ],
            "inventory": "Workshop Inventory",
            "job_slice_count": 10,
            "job_tags": "schedules",
            "job_type": "run",
            "labels": [
                "testing"
            ],
            "limit": "localhost",
            "name": "test",
            "organization": "neworg",
            "rrule": "DTSTART;TZID=Europe/Madrid:20230614T150000 RRULE:INTERVAL=1;COUNT=1;FREQ=MINUTELY",
            "scm_branch": "",
            "skip_tags": "credentials",
            "timeout": 0,
            "timezone": "Europe/Madrid",
            "unified_job_template": "testJT",
            "verbosity": 1
        },
        "ansible_job_id": "j339570088658.677208",
        "ansible_loop_var": "__controller_schedule_item",
        "changed": false,
        "failed": 0,
        "finished": 0,
        "results_file": "/tmp/.ansible_async/j339570088658.677208",
        "started": 1
    },
    "ansible_job_id": "j339570088658.677208",
    "ansible_loop_var": "__controller_schedule_job_async_results_item",
    "attempts": 6,
    "changed": false,
    "finished": 1,
    "invocation": {
        "module_args": {
            "controller_config_file": null,
            "controller_host": "student1-dev.ans-workshop-00.sandbox3012.opentlc.com",
            "controller_oauthtoken": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "controller_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "controller_username": "admin",
            "credentials": null,
            "description": "",
            "diff_mode": true,
            "enabled": true,
            "execution_environment": "",
            "extra_data": {
                "var": "value"
            },
            "forks": 10,
            "instance_groups": [
                "myinstancegroup"
            ],
            "inventory": "Workshop Inventory",
            "job_slice_count": 10,
            "job_tags": "schedules",
            "job_type": "run",
            "labels": [
                "testing"
            ],
            "limit": "localhost",
            "name": "test",
            "new_name": null,
            "organization": "neworg",
            "rrule": "DTSTART;TZID=Europe/Madrid:20230614T150000 RRULE:INTERVAL=1;COUNT=1;FREQ=MINUTELY",
            "scm_branch": "",
            "skip_tags": "credentials",
            "state": "present",
            "timeout": null,
            "unified_job_template": "testJT",
            "validate_certs": false,
            "verbosity": 1
        }
    },
    "msg": "Could not find instance_group entry with name myinstancegroup",
    "results_file": "/tmp/.ansible_async/j339570088658.677208",
    "started": 1,
    "stderr": "",
    "stderr_lines": [],
    "stdout": "",
    "stdout_lines": []
}

PLAY RECAP ***********************************************************************************************************************************************************************************************************************************
localhost                  : ok=5    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0   

Instance groups exported from the Controller:

$ cat /tmp/filetree_output/current_instance_groups.yaml

---
controller_instance_groups:
  - name: "controlplane"
    policy_instance_minimum: "0"
    policy_instance_percentage: "100"
    instances:
      - "172.16.223.111"
  - name: "default"
    policy_instance_minimum: "0"
    policy_instance_percentage: "100"
    instances:
      - "172.16.223.111"
  - name: "myinstancegroup"
    policy_instance_minimum: "0"
    policy_instance_percentage: "0"
    instances:
      - "172.16.223.111"
...

STEPS TO REPRODUCE

Shown above.

[sean-m-sullivan]

This does seem to be a failure of the module, as it is erroring in the module, it's hard to tell why it is failing though, what happens when you do a search for a name on the api for that instance group https://github.com/ansible/awx/blob/ba99ddfd822ed50b7e58543b48e9f6126042db23/awx_collection/plugins/modules/schedule.py#LL299C21-L299C21

[ivarmu]

This does seem to be a failure of the module, as it is erroring in the module, it's hard to tell why it is failing though, what happens when you do a search for a name on the api for that instance group https://github.com/ansible/awx/blob/ba99ddfd822ed50b7e58543b48e9f6126042db23/awx_collection/plugins/modules/schedule.py#LL299C21-L299C21

It returns correctly the instance_group information:

Endpoint: api/v2/instance_groups/?name=myinstancegroup

[ivarmu]

The problem is that the data sent to the instance_group endpoint includes information for the organization, but an instance group doesn't belong to any organization... Similarly, the execution environments can have or not (globally available) an organization associated.

I've opened the PR https://github.com/ansible/awx/pull/14223 ...

[ivarmu]

The PR has been merged. Will be solved whith the next AWX release.