search

univention / ansible-modules

Ansible Modules for UCS
GNU General Public License v3.0
11 stars 6 forks source link

univention_directory_manager: 'NoneType' object is not iterable #3

Closed Stormrice closed 1 year ago

Stormrice commented 2 years ago

Versions

Ansible: 5.1.0 (from pip3) Ansible-core: 2.12.1 (from pip3) UCS: 5.0-1 errata192 (from Univention VirtualBox VM image) univention.ucs_modules: 1.1.0 (from ansible-galaxy collection command) univention.ucs_roles: 2.6.1 (from ansible-galaxy collection command)

Description

I have the following error when using univention_directory_manager Ansible module to add a policy object:

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: TypeError: 'NoneType' object is not iterable fatal: [srv-univention]: FAILED! => {"changed": false, "module_stderr": "Shared connection to x.x.x.x closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/root/.ansible/tmp/ansible-tmp-1643018830.3840706-2917-182128446665730/AnsiballZ_univention_directory_manager.py\", line 107, in \r\n _ansiballz_main()\r\n File \"/root/.ansible/tmp/ansible-tmp-1643018830.3840706-2917-182128446665730/AnsiballZ_univention_directory_manager.py\", line 99, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File \"/root/.ansible/tmp/ansible-tmp-1643018830.3840706-2917-182128446665730/AnsiballZ_univention_directory_manager.py\", line 48, in invoke_module\r\n run_name='main', alter_sys=True)\r\n File \"/usr/lib/python3.7/runpy.py\", line 205, in run_module\r\n return _run_module_code(code, init_globals, run_name, mod_spec)\r\n File \"/usr/lib/python3.7/runpy.py\", line 96, in _run_module_code\r\n mod_name, mod_spec, pkg_name, script_name)\r\n File \"/usr/lib/python3.7/runpy.py\", line 85, in _run_code\r\n exec(code, run_globals)\r\n File \"/tmp/ansible_univention.ucs_modules.univention_directory_manager_payload_stup9fux/ansible_univention.ucs_modules.univention_directory_manager_payload.zip/ansible_collections/univention/ucs_modules/plugins/modules/univention_directory_manager.py\", line 320, in \r\n File \"/tmp/ansible_univention.ucs_modules.univention_directory_manager_payload_stup9fux/ansible_univention.ucs_modules.univention_directory_manager_payload.zip/ansible_collections/univention/ucs_modules/plugins/modules/univention_directory_manager.py\", line 297, in run_module\r\n File \"/tmp/ansible_univention.ucs_modules.univention_directory_manager_payload_stup9fux/ansible_univention.ucs_modules.univention_directory_manager_payload.zip/ansible_collections/univention/ucs_modules/plugins/modules/univention_directory_manager.py\", line 168, in _create_or_modify_object\r\n File \"/tmp/ansible_univention.ucs_modules.univention_directory_manager_payload_stup9fux/ansible_univention.ucs_modules.univention_directory_manager_payload.zip/ansible_collections/univention/ucs_modules/plugins/modules/univention_directory_manager.py\", line 184, in _create_object\r\nTypeError: 'NoneType' object is not iterable\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

Ansible snippet

Thanks a lot :)

zumvorde commented 2 years ago

Thank you for the bug report. I will look into this. The information should be enough to replicate the issue.

Stormrice commented 2 years ago

Thank you for your reply.

After digging into the python code, I saw that UDM policy and options are not implemented yet (# TODO).

Is there a roadmap for Univention's Ansible modules and roles, to know if they are still maintained ?

I appreciate your consideration, thank you :)

zumvorde commented 2 years ago

There is a bit of a "chicken and egg" problem with these modules. They are somewhat new and are not used a lot. But the more they are used the more effort we can justifiably invest into them. Yes, they are still maintained but not officially supported. We intend to add the feature to use policies and options in the near future. What features will be added to the modules depends on what they will be used for next. The current roadmap for the modules and roles contains:

Stormrice commented 2 years ago

A great thank you for your response !

For now, I send udm command via the Ansible command module. It is not ideal, but it works.

The registry module is working great though.

Thanks again for your time :)

PS : Do I have to close this issue?

ofriedri commented 2 years ago

Hello @Stormrice,

thanks for your patience & support with this. As the behavior you have described clearly is a bug, I suggest we leave this issue open until it's fixed.

zumvorde commented 2 years ago

It took way to long, but we have a fix for the issue. We took the chance to also refactor the module, to make its maintenance easier. The fix is currently in the QA (quality assessment) and we will inform you on this issue once it is merged into the main branch.

redtux commented 2 years ago

Hi, any news on this? I'd be interested as well.

BTW: It would be nice to have some sample playbooks and more documentation (like in schulangebot).

zumvorde commented 2 years ago

Hi, the module got refactored and in the process i also added the options to edit policies and options directly with it. The change however got stuck in QA. I now merged it into master and it should be available from ansible galaxy.

Thank you for the comment on the documentation. I agree, the documentation has to be improved. That will be one of the next steps. In the time being i hope this small example will help with using the new options.

    - name: modify testuser3 - remove an option
      univention_directory_manager:
        module: 'users/user'
        state: 'present'
        filter: '(uid=testuser3)'
        options:
          - default
    - name: add a policy to a user
      univention_directory_manager:
        module: 'users/user'
        state: 'present'
        filter: '(uid=testuser3)'
        policies:
          - "cn=default-settings,cn=pwhistory,cn=users,cn=policies,{{ ldap_base }}"
HunterZeroSix commented 1 year ago

I close this issue.

Feel free to reopen or create a new issue if the error occurs again.