stackstorm-exchange / stackstorm-ansible Goto Github PK

st2 content pack containing ansible integrations

Home Page: https://exchange.stackstorm.org/

License: Apache License 2.0

Python 100.00%

stackstorm-ansible's Introduction

Ansible Integration Pack

This pack provides Ansible integration to perform remote operations on both local and remote machines. After pack installation all ansible executable files are available in pack virtualenv and ready to use.

Requirements

This pack installs Ansible from pip and therefore may require some OS-level packages to be in place. Ubuntu:

sudo apt-get install gcc libkrb5-dev

RHEL/CentOS:

sudo yum install gcc krb5-devel

Actions

command - Run single Ad-Hoc command. It has all the regular parameters of ansible executable.
command_local - Perform single ansible Ad-Hoc command (module) locally.
playbook - Action to run Ansible Playbook (ansible-playbook executable).
vault.encrypt - Encrypt ansible data files (playbooks, vars, roles, etc) with password (ansible-vault executable).
vault.decrypt - Decrypt ansible data files (playbooks, vars, roles, etc) with password (ansible-vault executable).
galaxy.install - Install role from Ansible Galaxy - hub of community developed roles (ansible-galaxy).
galaxy.list - List installed from Ansible Galaxy roles (ansible-galaxy executable).
galaxy.remove - Remove the role installed from Ansible Galaxy (ansible-galaxy executable).

Examples

See StackStorm with Ansible on Vagrant demo for more examples

`ansible.command` examples

# run ansible command with optional verbose parameter
st2 run ansible.command hosts=all args='hostname -i' verbose=vv

Action ansible.command_local is helper for the ansible.command with predefined parameters to run the command locally. So this is the same:

st2 run ansible.command_local args='echo $TERM'
st2 run ansible.command connection=local inventory_file='127.0.0.1,' hosts=all args='echo $TERM'

which is equivalent of ansible commands:

ansible all -c local -i '127.0.0.1,' -a 'echo $TERM'
ansible all --connection=local --inventory-file='127.0.0.1,' --args='echo $TERM'

`ansible.playbook` examples

# run some simple playbook
st2 run ansible.playbook playbook=/etc/ansible/playbooks/nginx.yml

# run playbook on last machine listed in inventory file
st2 run ansible.playbook playbook=/etc/ansible/playbooks/nginx.yml limit='all[-1]'

`ansible.vault` examples

# encrypt /tmp/nginx.yml playbook with password containing in vault.txt
st2 run ansible.vault.encrypt vault_password_file=vault.txt files=/tmp/nginx.yml

# decrypt /etc/ansible/nginx.yml and /etc/ansible/db.yml files
st2 run ansible.vault.decrypt cwd=/etc/ansible vault_password_file=vault.txt files='nginx.yml db.yml'

# decrypt all files in /etc/ansible/playbooks directory
st2 run ansible.vault.decrypt cwd=/etc/ansible vault_password_file=vault.txt files='playbooks/*'

`ansible.galaxy` examples

# download many roles
st2 run ansible.galaxy.install roles='bennojoy.mysql kosssi.composer'

# list rolex
st2 run ansible.galaxy.list roles_path=/etc/ansible/roles

Tips & Tricks

Using Ansible `extra_vars` in StackStorm Workflow

This is an example from a workflow that passes several different variables to the playbook as extra-vars:

sample_task:
  action: ansible.playbook
  input:
    playbook: /path/to/playbook.yml
    extra_vars:
      #
      # as key=value pairs
      - key1=value1
      - key2=value2
      #
      # variables from a yaml (or json) file
      - '@/path/to/file.yml'
      #
      # an arbitrarily complex dict of variables (passed as JSON to ansible)
      -
        key3: "{{ value3 }}"
        key4: [ value4a, value4b ]
        key5:
          - value5a
          - { value5bkey: value5bvalue }
        key6:
          key7: value7
          key8: value8

Structured output

# get structured JSON output from a playbook
st2 run ansible.playbook playbook=/etc/ansible/playbooks/nginx.yml env='{"ANSIBLE_STDOUT_CALLBACK":"json"}'

Using the JSON stdout_callback leads to JSON output which enables access to details of the result of the playbook in actions following the playbook execution, e.g. posting the results to Slack in an action-alias.

format: | 
    *Execution Overview*
    {% for host, result in execution.result.stdout.stats.iteritems() %}
        {{ host }}: ```{{ result }}```
    {% endfor %}

There is, however, a bug that breaks the JSON when the playbook execution fails (example output below). See this issue for more information. Manual handling of this case is necessary until the bug is fixed.

	to retry, use: --limit @/etc/ansible/playbooks/top.retry
{
    "plays": [
        {
            "play": {
                "id": "b5fe7b50-9d7d-4927-ac17-6886218bcabc", 
                "name": "some-host.com"
            }, 
            ...
}

Relative path to playbooks within StackStorm workflows

Current working directory (CWD) defaults to pack dir you're invoking Ansible pack actions from. That means if you're calling ansible.playbook from the custom.workflow, then you can use relative path to playbooks you'd ship with the custom pack (infra-as-code, yeah).

version: '2.0'
custom.workflow:
  description: A sample workflow that demonstrates how to use relative paths to playbooks shipped with pack.
  type: direct
  tasks:
    a:
      action: ansible.playbook
      input:
        # 'ansible_play.yml' is part of the 'custom' pack
        playbook: "ansible_play.yml"
        inventory_file: "localhost,"

This eliminates the need to specify absolute path to Ansible playbook file, located somewhere in /opt/stackstorm/packs/....

Windows Hosts

Connecting to windows is possibe as of version v0.5.2 of this pack. This is accomplished using ansible's builtin windows support.

Prior to executing a playbook on a Windows host, the host must be configured to accept WinRM connections. To accomplish this, execute the ansible setup PowerShell script on every Windows host you connect to. We recommend performing this on your Windows VM templates.

The following extra_vars must be passed in when executing a playbook on a Windows host:

ansible_user : User to connect as (prefer [email protected] over domain\user)
ansible_password : Password to use when connecting
ansible_connection : Connection method to use (winrm for windows)
ansible_port : Port to use for the connection (5986 for WinRM)
ansible_winrm_transport : WinRM transport to use for the connection (suggested: ntlm or credssp, for more information consult the pywinrm documentation.
ansible_winrm_server_cert_validation : Should the SSL cert be validated. (suggested: ignore)

Connecting via NTLM using a [email protected] style login:

st2 run ansible.playbook playbook=/etc/ansible/playbooks/windows_playbook.yaml inventory_file="winvm01.domain.tld," extra_vars='["[email protected]","ansible_password=xxx","ansible_port=5986","ansible_connection=winrm","ansible_winrm_server_cert_validation=ignore","ansible_winrm_transport=ntlm"]'

Connecting via CredSSP using a DOMAIN\user style login (note the extra \):

st2 run ansible.playbook playbook=/etc/ansible/playbooks/windows_playbook.yaml inventory_file="winvm01.domain.tld," extra_vars='["ansible_user=DOMAIN\\\\user","ansible_password=xxx","ansible_port=5986","ansible_connection=winrm","ansible_winrm_server_cert_validation=ignore","ansible_winrm_transport=credssp"]'

stackstorm-ansible's People

Contributors

Stargazers

Watchers

stackstorm-ansible's Issues

Ansible dependencies issues with st2 ansible pack

Ansible modules for network uses APIs, which means "connection: local" must be set in the playbooks, which means all the python library dependencies has be installed locally.
This isn't working using st2 ansible pack despite I pip installed the dependencies locally.
Broadly, how the manage the st2 virtual environnement (python libraries, ansible versions ...)

Install Ansible Roles from galaxy

mab@mab-infra:~/automation/ansible$ sudo ansible-galaxy list
mab@mab-infra:~/automation/ansible$ sudo ansible-galaxy install Juniper.junos
- downloading role 'junos', owned by Juniper
- downloading role from https://github.com/Juniper/ansible-junos-stdlib/archive/1.4.2.tar.gz
- extracting Juniper.junos to /etc/ansible/roles/Juniper.junos
- Juniper.junos (1.4.2) was installed successfully
mab@mab-infra:~/automation/ansible$ sudo ansible-galaxy list
- Juniper.junos, 1.4.2

Install python libraries required for the role:

mab@mab-infra:~/automation/ansible$ pip list | grep junos
junos-eznc (2.1.1)
You are using pip version 8.1.1, however version 9.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

mab@mab-infra:~/automation/ansible$ python 
Python 2.7.12 (default, Nov 19 2016, 06:48:10) 
[GCC 5.4.0 20160609] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from jnpr.junos import Device
>>> dir()
['Device', '__builtins__', '__doc__', '__name__', '__package__']
>>> exit()

Ansible configuration file:

mab@mab-infra:~/automation/ansible$ more /home/mab/automation/ansible/ansible.cfg
[defaults]
inventory = hosts
roles_path = /etc/ansible/roles:./
deprecation_warnings=False

Ansible version:

mab@mab-infra:~/automation/ansible$ ansible --version
ansible 2.3.0.0
  config file = /home/mab/automation/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]

Ansible playbook details:

The junos_get_facts module requires jnpr.junos python library as shown here: https://github.com/Juniper/ansible-junos-stdlib/blob/master/library/junos_get_facts#L163
The playbook uses "connection: local". so the jnpr.junos python library has to be installed locally (hence the above pip and python commands)

mab@mab-infra:~/automation/ansible$ cat junos_get_facts/pb.yml 
---
 - name: create inventory directory
   hosts: localhost
   gather_facts: no
   
   tasks:
    
   - name: create inventory directory
     file: path={{playbook_dir}}/inventory state=directory
     
 - name: Get Facts
   hosts: vmx
   roles:       
    - Juniper.junos
   connection: local
   gather_facts: no
   
   tasks:
   
   - name: remove host from inventory directory
     file: path={{playbook_dir}}/inventory/{{inventory_hostname}}.conf state=absent
     
   - name: Retrieve information from devices running Junos
     junos_get_facts:
      host={{ credentials.host }}
      user={{ credentials.username }}
      passwd={{ credentials.password }}
      savedir={{playbook_dir}}/inventory
     register: junos

   - name: Print some facts
     debug: msg="device {{junos["facts"]["hostname"]}} runs version {{junos.facts.version}}" 
     when: junos.facts.version != "12.3R11.2"

Ansible variables:

mab@mab-infra:~/automation/ansible$ cat group_vars/vmx/credentials.yml 
---
credentials:
  host: "{{ junos_host }}"
  ssh_key: /home/mab/.ssh/id_rsa
  username: mab
  password: mab123

Ansible playbook execution using ansible-playbook command (OK):

mab@mab-infra:~/automation/ansible$ sudo ansible-playbook junos_get_facts/pb.yml 

PLAY [create inventory directory] **************************************************************************************************************************************************************************

TASK [create inventory directory] **************************************************************************************************************************************************************************
ok: [localhost]

PLAY [Get Facts] *******************************************************************************************************************************************************************************************

TASK [remove host from inventory directory] ****************************************************************************************************************************************************************
ok: [vmx1]
ok: [vmx2]

TASK [Retrieve information from devices running Junos] *****************************************************************************************************************************************************
ok: [vmx2]
ok: [vmx1]

TASK [Print some facts] ************************************************************************************************************************************************************************************
ok: [vmx2] => {
    "changed": false, 
    "msg": "device vmx2 runs version 14.1R4.9"
}
ok: [vmx1] => {
    "changed": false, 
    "msg": "device vmx1 runs version 14.1R4.9"
}

PLAY RECAP *************************************************************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=0   
vmx1                       : ok=3    changed=0    unreachable=0    failed=0   
vmx2                       : ok=3    changed=0    unreachable=0    failed=0

Ansible pack for st2 installed:

mab@mab-infra:~/automation/ansible$ sudo st2 pack get ansible
+-------------+--------------------------------------------------+
| Property    | Value                                            |
+-------------+--------------------------------------------------+
| name        | ansible                                          |
| version     | 0.4.0                                            |
| author      | StackStorm, Inc.                                 |
| email       | [email protected]                              |
| keywords    | [                                                |
|             |     "ansible",                                   |
|             |     "cfg management",                            |
|             |     "configuration management"                   |
|             | ]                                                |
| description | st2 content pack containing ansible integrations |
+-------------+--------------------------------------------------+

Verify the details st2 ansible pack is going to use:

mab@mab-infra:~/automation/ansible$ sudo st2 run ansible.playbook playbook=/home/mab/automation/ansible/junos_get_facts/pb.yml cwd=/home/mab/automation/ansible/ version=true
.
id: 590f2f8e7cae220956aeb02d
status: succeeded
parameters: 
  cwd: /home/mab/automation/ansible/
  playbook: /home/mab/automation/ansible/junos_get_facts/pb.yml
  version: true
result: 
  failed: false
  return_code: 0
  stderr: ''
  stdout: "ansible-playbook 2.3.0.0
  config file = /home/mab/automation/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]"
  succeeded: true

Ansible playbook execution using st2 Ansible pack (KO):

See error displayed: ImportError: No module named jnpr.junos
Despite jnpr.junos python library correctly installed as proved above

mab@mab-infra:~/automation/ansible$ sudo st2 run ansible.playbook playbook=/home/mab/automation/ansible/junos_get_facts/pb.yml cwd=/home/mab/automation/ansible/ 
.
id: 590f2fd47cae220956aeb030
status: failed
parameters: 
  cwd: /home/mab/automation/ansible/
  playbook: /home/mab/automation/ansible/junos_get_facts/pb.yml
result: 
  failed: true
  return_code: 2
  stderr: Executed command "/opt/stackstorm/virtualenvs/ansible/bin/ansible-playbook /home/mab/automation/ansible/junos_get_facts/pb.yml"
  stdout: "
PLAY [create inventory directory] **********************************************

TASK [create inventory directory] **********************************************
ok: [localhost]

PLAY [Get Facts] ***************************************************************

TASK [remove host from inventory directory] ************************************
ok: [vmx1]
ok: [vmx2]

TASK [Retrieve information from devices running Junos] *************************
fatal: [vmx2]: FAILED! => {"changed": false, "failed": true, "msg": "ImportError: No module named jnpr.junos"}
fatal: [vmx1]: FAILED! => {"changed": false, "failed": true, "msg": "ImportError: No module named jnpr.junos"}
  to retry, use: --limit @/home/mab/automation/ansible/junos_get_facts/pb.retry

PLAY RECAP *********************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=0   
vmx1                       : ok=1    changed=0    unreachable=0    failed=1   
vmx2                       : ok=1    changed=0    unreachable=0    failed=1   
"
  succeeded: false

Same command in verbose mode:

mab@mab-infra:~/automation/ansible$ sudo st2 run ansible.playbook playbook=/home/mab/automation/ansible/junos_get_facts/pb.yml cwd=/home/mab/automation/ansible/ verbose=vvvv
.
id: 590f2fe17cae220956aeb033
status: failed
parameters: 
  cwd: /home/mab/automation/ansible/
  playbook: /home/mab/automation/ansible/junos_get_facts/pb.yml
  verbose: vvvv
result: 
  failed: true
  return_code: 2
  stderr: Executed command "/opt/stackstorm/virtualenvs/ansible/bin/ansible-playbook -vvvv /home/mab/automation/ansible/junos_get_facts/pb.yml"
  stdout: "Using /home/mab/automation/ansible/ansible.cfg as config file
Loading callback plugin default of type stdout, v2.0 from /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc
Loading callback plugin jsnapy of type aggregate, v2.0 from /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc

PLAYBOOK: pb.yml ***************************************************************
2 plays in /home/mab/automation/ansible/junos_get_facts/pb.yml

PLAY [create inventory directory] **********************************************
META: ran handlers

TASK [create inventory directory] **********************************************
task path: /home/mab/automation/ansible/junos_get_facts/pb.yml:8
Using module file /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/ansible/modules/files/file.py
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~ && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1494167521.98-137850814807689 `" && echo ansible-tmp-1494167521.98-137850814807689="` echo /root/.ansible/tmp/ansible-tmp-1494167521.98-137850814807689 `" ) && sleep 0'
<127.0.0.1> PUT /tmp/tmpDz9pYO TO /root/.ansible/tmp/ansible-tmp-1494167521.98-137850814807689/file.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1494167521.98-137850814807689/ /root/.ansible/tmp/ansible-tmp-1494167521.98-137850814807689/file.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/opt/stackstorm/virtualenvs/ansible/bin/python /root/.ansible/tmp/ansible-tmp-1494167521.98-137850814807689/file.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1494167521.98-137850814807689/" > /dev/null 2>&1 && sleep 0'
ok: [localhost] => {
    "changed": false, 
    "diff": {
        "after": {
            "path": "/home/mab/automation/ansible/junos_get_facts/inventory"
        }, 
        "before": {
            "path": "/home/mab/automation/ansible/junos_get_facts/inventory"
        }
    }, 
    "gid": 0, 
    "group": "root", 
    "invocation": {
        "module_args": {
            "attributes": null, 
            "backup": null, 
            "content": null, 
            "delimiter": null, 
            "diff_peek": null, 
            "directory_mode": null, 
            "follow": false, 
            "force": false, 
            "group": null, 
            "mode": null, 
            "original_basename": null, 
            "owner": null, 
            "path": "/home/mab/automation/ansible/junos_get_facts/inventory", 
            "recurse": false, 
            "regexp": null, 
            "remote_src": null, 
            "selevel": null, 
            "serole": null, 
            "setype": null, 
            "seuser": null, 
            "src": null, 
            "state": "directory", 
            "unsafe_writes": null, 
            "validate": null
        }
    }, 
    "mode": "0755", 
    "owner": "root", 
    "path": "/home/mab/automation/ansible/junos_get_facts/inventory", 
    "size": 4096, 
    "state": "directory", 
    "uid": 0
}
META: ran handlers
META: ran handlers

PLAY [Get Facts] ***************************************************************
META: ran handlers

TASK [remove host from inventory directory] ************************************
task path: /home/mab/automation/ansible/junos_get_facts/pb.yml:20
Using module file /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/ansible/modules/files/file.py
<vmx1> ESTABLISH LOCAL CONNECTION FOR USER: root
<vmx1> EXEC /bin/sh -c 'echo ~ && sleep 0'
Using module file /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/ansible/modules/files/file.py
<vmx2> ESTABLISH LOCAL CONNECTION FOR USER: root
<vmx2> EXEC /bin/sh -c 'echo ~ && sleep 0'
<vmx1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1494167522.14-179148203693750 `" && echo ansible-tmp-1494167522.14-179148203693750="` echo /root/.ansible/tmp/ansible-tmp-1494167522.14-179148203693750 `" ) && sleep 0'
<vmx2> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1494167522.14-144286707166271 `" && echo ansible-tmp-1494167522.14-144286707166271="` echo /root/.ansible/tmp/ansible-tmp-1494167522.14-144286707166271 `" ) && sleep 0'
<vmx1> PUT /tmp/tmpDZeWox TO /root/.ansible/tmp/ansible-tmp-1494167522.14-179148203693750/file.py
<vmx1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1494167522.14-179148203693750/ /root/.ansible/tmp/ansible-tmp-1494167522.14-179148203693750/file.py && sleep 0'
<vmx2> PUT /tmp/tmpdozB1Q TO /root/.ansible/tmp/ansible-tmp-1494167522.14-144286707166271/file.py
<vmx2> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1494167522.14-144286707166271/ /root/.ansible/tmp/ansible-tmp-1494167522.14-144286707166271/file.py && sleep 0'
<vmx1> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1494167522.14-179148203693750/file.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1494167522.14-179148203693750/" > /dev/null 2>&1 && sleep 0'
<vmx2> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1494167522.14-144286707166271/file.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1494167522.14-144286707166271/" > /dev/null 2>&1 && sleep 0'
ok: [vmx1] => {
    "changed": false, 
    "invocation": {
        "module_args": {
            "attributes": null, 
            "backup": null, 
            "content": null, 
            "delimiter": null, 
            "diff_peek": null, 
            "directory_mode": null, 
            "follow": false, 
            "force": false, 
            "group": null, 
            "mode": null, 
            "original_basename": null, 
            "owner": null, 
            "path": "/home/mab/automation/ansible/junos_get_facts/inventory/vmx1.conf", 
            "recurse": false, 
            "regexp": null, 
            "remote_src": null, 
            "selevel": null, 
            "serole": null, 
            "setype": null, 
            "seuser": null, 
            "src": null, 
            "state": "absent", 
            "unsafe_writes": null, 
            "validate": null
        }
    }, 
    "path": "/home/mab/automation/ansible/junos_get_facts/inventory/vmx1.conf", 
    "state": "absent"
}
ok: [vmx2] => {
    "changed": false, 
    "invocation": {
        "module_args": {
            "attributes": null, 
            "backup": null, 
            "content": null, 
            "delimiter": null, 
            "diff_peek": null, 
            "directory_mode": null, 
            "follow": false, 
            "force": false, 
            "group": null, 
            "mode": null, 
            "original_basename": null, 
            "owner": null, 
            "path": "/home/mab/automation/ansible/junos_get_facts/inventory/vmx2.conf", 
            "recurse": false, 
            "regexp": null, 
            "remote_src": null, 
            "selevel": null, 
            "serole": null, 
            "setype": null, 
            "seuser": null, 
            "src": null, 
            "state": "absent", 
            "unsafe_writes": null, 
            "validate": null
        }
    }, 
    "path": "/home/mab/automation/ansible/junos_get_facts/inventory/vmx2.conf", 
    "state": "absent"
}

TASK [Retrieve information from devices running Junos] *************************
task path: /home/mab/automation/ansible/junos_get_facts/pb.yml:23
Using module file /etc/ansible/roles/Juniper.junos/library/junos_get_facts
Using module file /etc/ansible/roles/Juniper.junos/library/junos_get_facts
<vmx1> ESTABLISH LOCAL CONNECTION FOR USER: root
<vmx1> EXEC /bin/sh -c 'echo ~ && sleep 0'
<vmx2> ESTABLISH LOCAL CONNECTION FOR USER: root
<vmx2> EXEC /bin/sh -c 'echo ~ && sleep 0'
<vmx1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1494167522.41-211162944277752 `" && echo ansible-tmp-1494167522.41-211162944277752="` echo /root/.ansible/tmp/ansible-tmp-1494167522.41-211162944277752 `" ) && sleep 0'
<vmx2> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1494167522.41-231247062974027 `" && echo ansible-tmp-1494167522.41-231247062974027="` echo /root/.ansible/tmp/ansible-tmp-1494167522.41-231247062974027 `" ) && sleep 0'
<vmx1> PUT /tmp/tmpHmAo7T TO /root/.ansible/tmp/ansible-tmp-1494167522.41-211162944277752/junos_get_facts
<vmx1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1494167522.41-211162944277752/ /root/.ansible/tmp/ansible-tmp-1494167522.41-211162944277752/junos_get_facts && sleep 0'
<vmx2> PUT /tmp/tmpvj5ql9 TO /root/.ansible/tmp/ansible-tmp-1494167522.41-231247062974027/junos_get_facts
<vmx2> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1494167522.41-231247062974027/ /root/.ansible/tmp/ansible-tmp-1494167522.41-231247062974027/junos_get_facts && sleep 0'
<vmx1> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1494167522.41-211162944277752/junos_get_facts; rm -rf "/root/.ansible/tmp/ansible-tmp-1494167522.41-211162944277752/" > /dev/null 2>&1 && sleep 0'
<vmx2> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1494167522.41-231247062974027/junos_get_facts; rm -rf "/root/.ansible/tmp/ansible-tmp-1494167522.41-231247062974027/" > /dev/null 2>&1 && sleep 0'
fatal: [vmx1]: FAILED! => {
    "changed": false, 
    "failed": true, 
    "invocation": {
        "module_args": {
            "console": null, 
            "host": "192.168.0.30", 
            "logfile": null, 
            "mode": null, 
            "passwd": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
            "port": "830", 
            "savedir": "/home/mab/automation/ansible/junos_get_facts/inventory", 
            "ssh_private_key_file": null, 
            "user": "mab"
        }
    }, 
    "msg": "ImportError: No module named jnpr.junos"
}
fatal: [vmx2]: FAILED! => {
    "changed": false, 
    "failed": true, 
    "invocation": {
        "module_args": {
            "console": null, 
            "host": "192.168.0.40", 
            "logfile": null, 
            "mode": null, 
            "passwd": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
            "port": "830", 
            "savedir": "/home/mab/automation/ansible/junos_get_facts/inventory", 
            "ssh_private_key_file": null, 
            "user": "mab"
        }
    }, 
    "msg": "ImportError: No module named jnpr.junos"
}
  to retry, use: --limit @/home/mab/automation/ansible/junos_get_facts/pb.retry

PLAY RECAP *********************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=0   
vmx1                       : ok=1    changed=0    unreachable=0    failed=1   
vmx2                       : ok=1    changed=0    unreachable=0    failed=1   
"
  succeeded: false

Ansible-playbook is not accepting JSON args properly

Problem

When running the ansible.playbook action and passing in "structure" data for extra_vars, Ansible is not interpreting them properly.

    ansible_playbook_linux:
      action: ansible.playbook
      input:
        playbook: "{{ _.playbook }}"
        inventory_file: "{{ _.server }},"
        extra_vars:
          - wait_timeout: 2
            wait_sleep: 2
            wait_connect_timeout: 2
            ansible_user: "user"
            ansible_ssh_pass: "xxx"
            ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"

Looking at the output of ps -aef | grep ansible i see the following:

root     12711  2520  0 10:02 pts/0    00:00:00 sudo -E -- bash -c /opt/stackstorm/packs/ansible/actions/ansible_playbook.py --extra_vars='[{u'"'"'wait_sleep'"'"': 2, u'"'"'ansible_ssh_pass'"'"': u'"'"'xxx'"'"', u'"'"'ansible_user'"'"': u'"'"'user'"'"', u'"'"'wait_timeout'"'"': 2, u'"'"'wait_connect_timeout'"'"': 2}]' --inventory_file=host.domain.tld, -vvv /opt/encore/ansible/playbooks/wait_for_connection.yaml
root     12712 12711  0 10:02 pts/0    00:00:00 python /opt/stackstorm/packs/ansible/actions/ansible_playbook.py --extra_vars=[{u'wait_sleep': 2, u'ansible_ssh_pass': u'xxx', u'ansible_user': u'user', u'wait_timeout': 2, u'wait_connect_timeout': 2}] --inventory_file=host.domain.tld, -vvv /opt/encore/ansible/playbooks/wait_for_connection.yaml
root     12713 12712 12 10:02 pts/0    00:00:00 /opt/stackstorm/virtualenvs/ansible/bin/python /opt/stackstorm/virtualenvs/ansible/bin/ansible-playbook --inventory-file=host.domain.tld, -vvv /opt/encore/ansible/playbooks/wait_for_connection.yaml --extra-vars='{"wait_timeout": 2, "wait_connect_timeout": 2, "wait_sleep": 2, "ansible_user": "user", "ansible_ssh_pass": "xxx"}'
root     12726 12713  2 10:02 pts/0    00:00:00 /opt/stackstorm/virtualenvs/ansible/bin/python /opt/stackstorm/virtualenvs/ansible/bin/ansible-playbook --inventory-file=host.domain.tld, -vvv /opt/encore/ansible/playbooks/wait_for_connection.yaml --extra-vars='{"wait_timeout": 2, "wait_connect_timeout": 2, "wait_sleep": 2, "ansible_user": "user", "ansible_ssh_pass": "xxx"}'

This ansible command times out after the default 10 minutes for the playbook.

System Details

$ ansible --version
ansible 2.3.2.0
  config file = 
  configured module search path = Default w/o overrides
  python version = 2.7.5 (default, Nov  6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]

$ st2 --version
st2 2.4.0

$ st2 pack get ansible
+-------------+--------------------------------------------------+
| Property    | Value                                            |
+-------------+--------------------------------------------------+
| name        | ansible                                          |
| version     | 0.5.2                                            |
| author      | StackStorm, Inc.                                 |
| email       | [email protected]                              |
| keywords    | [                                                |
|             |     "ansible",                                   |
|             |     "cfg management",                            |
|             |     "configuration management"                   |
|             | ]                                                |
| description | st2 content pack containing ansible integrations |
+-------------+--------------------------------------------------+

Debugging

Manually running the following command executes just, ansible logs in immediately and no timeouts.

 /opt/stackstorm/virtualenvs/ansible/bin/python /opt/stackstorm/virtualenvs/ansible/bin/ansible-playbook --inventory-file=host.domain.tld, -vvv /opt/encore/ansible/playbooks/wait_for_connection.yaml --extra-vars='{"wait_timeout": 2, "wait_connect_timeout": 2, "wait_sleep": 2, "ansible_user": "user", "ansible_ssh_pass": "xxx"}'

However, running the following does NOT work (waits forever until a timeout).

sudo -E -- bash -c /opt/stackstorm/packs/ansible/actions/ansible_playbook.py --extra_vars='[{u'"'"'wait_sleep'"'"': 2, u'"'"'ansible_ssh_pass'"'"': u'"'"'xxx'"'"', u'"'"'ansible_user'"'"': u'"'"'user'"'"', u'"'"'wait_timeout'"'"': 2, u'"'"'wait_connect_timeout'"'"': 2}]' --inventory_file=host.domain.tld, -vvv /opt/encore/ansible/playbooks/wait_for_connection.yaml

I next added a print statement to my playbook

  pre_tasks:
    - name: Display all variables/facts
      debug:
        msg: "{{ vars | to_nice_json(indent=4) }}"

Now i compared the outputs from the first command to the second command.

Output from the first command that invokes ansible_playbook.py:


TASK [Display all variables/facts] ************************************************************************************
task path: /opt/encore/ansible/playbooks/wait_for_connection.yaml:13
ok: [host.domain.tld] => {
    "msg": {
        "_raw_params": "'{\"wait_timeout\": 2, \"wait_connect_timeout\": 2, \"wait_sleep\": 2, \"ansible_user\": \"user\", \"ansible_ssh_pass\": \"xxx\"}'",                                                                             
        "ansible_check_mode": false, 
        "ansible_play_batch": [
            "host.domain.tld"
        ], 
        "ansible_play_hosts": [
            "host.domain.tld"
        ],
....
 
        "wait_connect_timeout": 5, 
        "wait_sleep": 1, 
        "wait_timeout": 600
    }
}

Output from the second command that invoking ansible directly:


TASK [Display all variables/facts] ************************************************************************************
ok: [host.domain.tld] => {
    "msg": {
        "ansible_check_mode": false, 
        "ansible_play_batch": [
            "host.domain.tld"
        ], 
        "ansible_play_hosts": [
            "host.domain.tld"
        ], 
        "ansible_play_hosts_all": [
            "host.domain.tld"
        ], 
        "ansible_playbook_python": "/opt/stackstorm/virtualenvs/ansible/bin/python", 
        "ansible_ssh_pass": "xxx", 
        "ansible_user": "user", 
....
        "wait_connect_timeout": 2, 
        "wait_sleep": 2, 
        "wait_timeout": 2
    }
}

As you can see, when invoking ansible_playbook.py the variables are are not merged properly into the vars dict, causing the connection to fail repeatedly until the timeout of 10 minutes (default) occurs.

Conversely, when we invoke it from shell, the --extra-vars is merged properly with the vars dict and the connection works as expected.

Proposed Solution

The ansible-playbook is where the command is being executed here https://github.com/StackStorm-Exchange/stackstorm-ansible/blob/master/actions/lib/ansible_base.py#L105 .

If we change that line to use a shell, and convert the command from a list to a string (see below), then everything works as expected.

exit_code = subprocess.call(' '.join(self.cmd), env=os.environ.copy(), shell=True)

How to install collection ?

Hello,
How would I install collection so it can be used with stackstorm-ansible integration ? ( I'm running stackstorm in docker, but also on bare metal... )

`become` privilege escalation issues

(Copied from StackStorm/st2contrib#330)

Running Ansible via StackStorm pack with privilege escalation options like become doesn't work (?).

When running Ansible pack with command equivalent:

Executed command "/opt/stackstorm/virtualenvs/ansible/bin/ansible-playbook --become-user=ubuntu --inventory-file=/home/ubuntu/configurations/ansible/hosts --become --become-method=su /home/ubuntu/configurations/ansible/staging.yml"

Ansible can't read ~/.ssh/config of ubuntu user.

Reported by @vikrantpogula:

Ansible playbook is not able to resolve the hostnames because my playbook uses hostnames from the ~/.ssh/config
Basically instead of saying <IP_ADDRESS> in my playbook i just use a Hostname which is then pointed to the actual servers ip address (using the config file)

How to enforce a specific ansible version ?

mab@mab-infra:~/automation/ansible$ ansible --version
ansible 2.2.0.0
  config file = /home/mab/automation/ansible/ansible.cfg
  configured module search path = Default w/o overrides
mab@mab-infra:~/automation/ansible$ 
mab@mab-infra:~/automation/ansible$ 
mab@mab-infra:~/automation/ansible$ 
mab@mab-infra:~/automation/ansible$ sudo st2 run ansible.playbook playbook=/home/mab/automation/ansible/junos_template/pb.bgp.2.yml cwd=/home/mab/automation/ansible version=true 
.
id: 590f23547cae220956aeb00c
status: succeeded
parameters: 
  cwd: /home/mab/automation/ansible
  playbook: /home/mab/automation/ansible/junos_template/pb.bgp.2.yml
  version: true
result: 
  failed: false
  return_code: 0
  stderr: ''
  stdout: "ansible-playbook 2.3.0.0
  config file = /home/mab/automation/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]"
  succeeded: true
mab@mab-infra:~/automation/ansible$ `
mab@mab-infra:~/automation/ansible$ sudo st2 pack get ansible
+-------------+--------------------------------------------------+
| Property    | Value                                            |
+-------------+--------------------------------------------------+
| name        | ansible                                          |
| version     | 0.4.0                                            |
| author      | StackStorm, Inc.                                 |
| email       | [email protected]                              |
| keywords    | [                                                |
|             |     "ansible",                                   |
|             |     "cfg management",                            |
|             |     "configuration management"                   |
|             | ]                                                |
| description | st2 content pack containing ansible integrations |
+-------------+--------------------------------------------------+

Getting error while installing Ansible pack on StackStorm Version st2 3.4.1, on Python 3.6.9

Hello,

I want to install ansible pack on stackstorm, but while installing seeing the below error. I have StackStorm running in the Azure VM.

root@CNAS-STACKSTORM:/opt/stackstorm/packs# st2 pack install ansible

For the "ansible" pack, the following content will be registered:

Installation may take a while for packs with many items.

[ succeeded ] init_task
[ succeeded ] download_pack
[ succeeded ] make_a_prerun
[ succeeded ] get_pack_dependencies
[ succeeded ] check_dependency_and_conflict_list
[  failed   ] install_pack_requirements

id: 63b51a225a69f8aa31eec630
action.ref: packs.install
parameters:
packs:

ansible
status: failed
start_timestamp: Wed, 04 Jan 2023 06:18:10 UTC
end_timestamp: Wed, 04 Jan 2023 06:18:35 UTC
result:
errors:

message: Execution failed. See result for details.
result:
exit_code: 1
result: None
stderr: "st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Setting up virtualenv for pack "ansible" (/opt/stackstorm/packs/ansible)
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Removing virtualenv in "/opt/stackstorm/virtualenvs/ansible"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Virtualenv successfull removed.
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Creating virtualenv for pack "ansible" in "/opt/stackstorm/virtualenvs/ansible"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Creating virtualenv in "/opt/stackstorm/virtualenvs/ansible" using Python binary "/opt/stackstorm/st2/bin/python"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Running command "/opt/stackstorm/st2/bin/virtualenv -p /opt/stackstorm/st2/bin/python --always-copy --verbose --no-download /opt/stackstorm/virtualenvs/ansible" to create virtualenv.
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Installing base requirements
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Installing requirement six>=1.9.0,<2.0 with command /opt/stackstorm/virtualenvs/ansible/bin/pip install six>=1.9.0,<2.0.
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Installing pack specific requirements from "/opt/stackstorm/packs/ansible/requirements.txt"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG Installing requirements from file /opt/stackstorm/packs/ansible/requirements.txt with command /opt/stackstorm/virtualenvs/ansible/bin/pip install -U -r /opt/stackstorm/packs/ansible/requirements.txt.
Traceback (most recent call last):
File "/opt/stackstorm/st2/lib/python3.6/site-packages/python_runner/python_action_wrapper.py", line 334, in
obj.run()
File "/opt/stackstorm/st2/lib/python3.6/site-packages/python_runner/python_action_wrapper.py", line 193, in run
output = action.run(**self._parameters)
File "/opt/stackstorm/packs/packs/actions/pack_mgmt/setup_virtualenv.py", line 89, in run
no_download=no_download)
File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2common/util/virtualenvs.py", line 112, in setup_pack_virtualenv
logger=logger)
File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2common/util/virtualenvs.py", line 252, in install_requirements
(requirements_file_path, stdout, stderr))
Exception: Failed to install requirements from "/opt/stackstorm/packs/ansible/requirements.txt": Collecting ansible>=1.9 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
Collecting pywinrm[credssp,kerberos]>=0.2.2 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 2))

=============================DEBUG ASSISTANCE=============================
If you are seeing a compilation error please try the following steps to
successfully install cryptography:

Upgrade to the latest pip and try again. This will fix errors for most
users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip
Read https://cryptography.io/en/latest/installation/ for specific
instructions for your platform.
Check our frequently asked questions for more information:
https://cryptography.io/en/latest/faq/
Ensure you have a recent Rust toolchain installed:
https://cryptography.io/en/latest/installation/#rust

Python: 3.6.9
platform: Linux-5.4.0-1095-azure-x86_64-with-Ubuntu-18.04-bionic
pip: n/a
setuptools: 59.6.0
setuptools_rust: 1.1.2
rustc: n/a
=============================DEBUG ASSISTANCE=============================

Can someone please help me to fix this issue?

post_tasks did not run for all hosts after 1 host failed block in role

Hi guys,

I am encountering behavior when executing playbook via StackStorm or using virtualenv ansible that I don't see using plain ansible.

Ran a playbook against 2 hosts: host1 and host2 using StackStorm ansible.playbook action

e.g.
Executed command "/opt/stackstorm/virtualenvs/ansible/bin/ansible-playbook --limit=test_hosts test.yml"

Extract of playbook:

roles:

role: a
role: b
role: c
post_tasks:
name: Post Task 1
::::::::::::::::::::::::::
name: Post Task 2
::::::::::::::::::::::::::
name: Post Task 3
::::::::::::::::::::::::::

In role c the main task is like:

block:
- include: x.yml
- include: y.yml
- include: z.yml
  rescue:
- fail: msg="There was a failure in main!!"

y.yml is like:

block:
- name: Task 1
  ::::::::::::::::::::::::::
- name: Task 2
  ::::::::::::::::::::::::::
- name: Task 3
  ::::::::::::::::::::::::::
  rescue:
- fail: msg="There was a failure in y!!"

host2 failed a task in y.yml. Task was a command and it actually failed. It was not a connection / ansible error.

As expected all other tasks in z.yml were executed for host1

However, neither host1 or host2 executed any of the post tasks. I did not expect this to be the behavior. I thought host1 should execute the post tasks.

This does not happen if I run the same playbook on a plain ansible installation i.e. not using the virtual env ansible

Could anybody please help me to understand why this happens?

Thanks a lot,
Daniel

Multiple extra-vars are not supported in playbook action

From the ansible command line it is possible to specify multiple extra-vars by including multiple -e\--extra-vars arguments when running a playbook.

Example:
ansible-playbook playbook.yml -e @path_to_file_with_vars.yaml|json -e key1=value1 -e key2=value2

Currently only a single extra-vars entry is supported. I was able to work around this limitation using the following hack to the AnsibleBaseRunner class:

class AnsibleBaseRunner(object):
    """
    Base class for all Ansible Runners
    """
...
    def __init__(self, args):
        """
        :param args: Input command line arguments
        :type args: ``list``
        """
        self.args = args[1:]
        for i, arg in enumerate(self.args):
            if '--extra_vars' in arg:
                for var in arg.split("--extra_vars=")[1].split(','):
                    self.args.append("-e {0}".format(var))
                del self.args[i]
                break
        self._prepend_venv_path()

This allows you to comma separate a list of extra-vars which are then appended to the list of args passed to ansible.

Obviously there are cleaner ways to do this. From a UX perspective I'd love to see the extra_vars parameter turned into a list similar to how env works (with a list of strings instead of a dict since you can pass both file paths and k\v pairs). That makes it clear to the user that multiple extra_vars can be used and also will make it easier to iterate under the hood to add multiple arguments. It also looks cleaner than comma separation when reading through a workflow.

Example inside of a mistral workflow:

ansible.deploy.service:
  input:
    - project
    - playbook_dir
  tasks:
    create_image:
      # [300, 50]
      action: ansible.playbook
      input:
        cwd: "{{ _.playbook_dir }}"
        playbook: playbook.yml
        extra_vars: 
            - "@vars/gce-{{ _.project }}/test_service.yml"
            - "service_image_name=test-image-201704111529"
        inventory_file: "{{ _.playbook_dir }}/inventory/gce-{{ _.project }}/"
        env:
          ANSIBLE_CONFIG: ansible-gce-{{ _.project }}.cfg
          GCE_PROJECT: gce-{{ _.project }}
...

Let me know if you have any questions!

In playbook.yaml, support `vault_password`

This issue is a feature request.

When I call the ansible.playbook command, I want to be able to specify the vault password without using a vault password file. That way, I can set the vault password in the stackstorm key/value store and use it from a rule like this like this:

action:
    ref: "ansible.playbook"
    parameters:
        playbook: "playbook.yaml"
        vault_password: "{{ st2kv.system.vault_password }}"

Through Stackstorm- stanley user Ansible playbook is not working

[root@------ st2]# st2 --version
st2 3.0.1, on Python 2.7.5
[root@------ st2]# pip show st2client
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7.
[root@----- st2]# uname -a
Linux 3.10.0-957.10.1.el7.x86_64 #1 SMP Thu Feb 7 07:12:53 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
[root@----- st2]# python --version
Python 2.7.5
Ansible version: ansible 2.8.5

Below is output of "st2 get execution"
Problem: I trying to fetch data from windows server but seems error.

My Observation: from root user ansible playbook is working
from Stanley user: ansible playbook reporting error. Please help to solve issue.

[root@------ ~]# st2 execution get 5ea02200e8182d2642231eca
id: 5ea02200e8182d2642231eca
status: failed (8s elapsed)
parameters:
cmd: ansible-playbook /etc/ansible/database/bchecktest1.yml -i /etc/ansible/database/host -e 'HOSTNAME=hostname'
result:
failed: true
return_code: 2
stderr: ' [WARNING]: Consider using the replace, lineinfile or template module rather
than running ''sed''. If you need to use command because replace, lineinfile or
template is insufficient you can add ''warn: false'' to this command task or set
''command_warnings=False'' in ansible.cfg to get rid of this message.'
stdout: "
PLAY [Firstcheck] **************************************************************

TASK [printing echo] ***********************************************************
changed: [hostname]

TASK [debug] *******************************************************************
ok: [hostname] => {
"echo.stdout": "hostname"
}

TASK [printing ip] *************************************************************
changed: [hostname]

TASK [debug] *******************************************************************
ok: [hostname] => {

TASK [seting facts] ************************************************************
ok: [hostname -> localhost]

TASK [copy] ********************************************************************
ok: [hostname -> localhost]

TASK [hostname_grepping] *******************************************************
changed: [hostname -> localhost]

TASK [value finding] ***********************************************************
changed: [hostname -> localhost]

TASK [check last Backup status(checking hostname is present in the backup list or not )] ***
fatal: [hostname]: FAILED! => {"msg": "winrm or requests is not installed: No module named winrm"}
...ignoring

TASK [fetching file from windows] **********************************************
fatal: [hostname -> 123.2312.123.0]: FAILED! => {"changed": false, "file": "L:\automation\hostname.txt", "msg": "unable to calculate the checksum of the remote file"}

PLAY RECAP *********************************************************************
hostname : ok=11 changed=4 unreachable=0 failed=1 skipped=0 rescued=0 ignored=1
"
succeeded: false
[root@------ ~]#

Support pack config

Would it make sense to have certain things as pack config? Very much like ansible.cfg in a way.

The config could set variables that are commonly used across all runs such as:

private_key
inventory_file
and some global env values if need be.

Feature request: Show playbook tasks as subactions (like a workflow)

At some point in the future, it would be nice to have ansible playbooks integrate more directly with the StackStorm infrastructure. A playbook is essentially a special kind of workflow that runs through the ansible 'engine'. It would be nice to show the tasks as sub-actions in st2web and from the cli.

That would allow, for example, quickly seeing which task a playbook failed on. You can get that by looking at the stdout embedded in the json output. But it'd be nice to have this feel more like a first class citizen.

This is probably a very significant change that would probably require additional support from within st2.

It might also require switching the action_runner (at least for playbooks) from local-shell-script to python-script to hopefully have easier integration with the rest of the st2 apis.

Maybe that would mean that the playbook would be running with a special callback or with verbose turned on so that StackStorm could get a deeper view into what happened in each task.

So, does anybody else like the idea of making playbooks feel more like a special kind of workflow?

Pass the parameter '-i' to ansible playbooks

Hi everyone,

Is it possible to use the option '-i' on an ansible playbook? I want to achieve that I can run a stackstorm action from the UI and pass an IP address to it. So I would be able to run a playbook without adding hosts to the ansible inventory file.
The user doesn't have do be worried about ansible. They could add an ip address on the stackstorm UI an runthe action without knowing that ansible is called in the background.

Thank you
Remo

how to integrate an ansible on a dedicated server?

Hi,

is there a way to define an stackstorm endpoint for this integration?
Means to have stackstorm and ansible installed on different servers.

Thanks
Erik

dependencies issue when installing ansible

I have been trying solve this issue for several days, but there is end up no result.

I downloaded stackstorm for docker from github repository and did the following:

docker-compose up -d
docker-compose exec st2client bash

sudo apt-get update
sudo apt-get install libkrb5-dev gcc python3-dev python-dev

st2 login st2admin -p mypass
st2 pack install ansible

During installation I got the following error messages:

root@bc772a9689a3:/opt/stackstorm# st2 pack install ansible 

For the "ansible" pack, the following content will be registered:

actions   |  8
rules     |  0
sensors   |  0
aliases   |  0
triggers  |  0

Installation may take a while for packs with many items.

	[ succeeded ] init_task
	[ succeeded ] download_pack
	[ succeeded ] make_a_prerun
	[ succeeded ] get_pack_dependencies
	[ succeeded ] check_dependency_and_conflict_list
	[  failed   ] install_pack_requirements

id: 5fb83ef40c5d67e8030fdeb0
action.ref: packs.install
parameters: 
  packs:
  - ansible
  python3: false
status: failed
start_timestamp: Fri, 20 Nov 2020 22:11:00 UTC
end_timestamp: Fri, 20 Nov 2020 22:15:40 UTC
result: 
  errors:
  - message: Execution failed. See result for details.
    result:
      exit_code: 1
      result: None
      stderr: "st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Setting up virtualenv for pack "ansible" (/opt/stackstorm/packs/ansible)
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Removing virtualenv in "/opt/stackstorm/virtualenvs/ansible"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Creating virtualenv for pack "ansible" in "/opt/stackstorm/virtualenvs/ansible"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Creating virtualenv in "/opt/stackstorm/virtualenvs/ansible" using Python binary "/opt/stackstorm/st2/bin/python"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Running command "/opt/stackstorm/st2/bin/virtualenv -p /opt/stackstorm/st2/bin/python --always-copy --no-download /opt/stackstorm/virtualenvs/ansible" to create virtualenv.
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing base requirements
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing requirement six>=1.9.0,<2.0 with command /opt/stackstorm/virtualenvs/ansible/bin/pip install six>=1.9.0,<2.0.
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing pack specific requirements from "/opt/stackstorm/packs/ansible/requirements.txt"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing requirements from file /opt/stackstorm/packs/ansible/requirements.txt with command /opt/stackstorm/virtualenvs/ansible/bin/pip install -U -r /opt/stackstorm/packs/ansible/requirements.txt.
Traceback (most recent call last):
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/python_runner/python_action_wrapper.py", line 334, in <module>
    obj.run()
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/python_runner/python_action_wrapper.py", line 193, in run
    output = action.run(**self._parameters)
  File "/opt/stackstorm/packs/packs/actions/pack_mgmt/setup_virtualenv.py", line 89, in run
    no_download=no_download)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2common/util/virtualenvs.py", line 123, in setup_pack_virtualenv
    logger=logger)
  File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2common/util/virtualenvs.py", line 273, in install_requirements
    (requirements_file_path, stdout, stderr))
Exception: Failed to install requirements from "/opt/stackstorm/packs/ansible/requirements.txt": Collecting ansible>=1.9 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/9c/f4/c156b10d7ae90ba6b99b1b126f7d30628adc1e733a6fbd63569852948f21/ansible-2.10.3.tar.gz (28.0MB)
Collecting pywinrm[credssp,kerberos]>=0.2.2 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/fc/88/be0ea1af44c3bcc54e4c41e4056986743551693c77dfe50b48a3f4ba1bf7/pywinrm-0.4.1.tar.gz
Collecting netaddr>=0.7.19 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 3))
  Downloading https://files.pythonhosted.org/packages/ff/cd/9cdfea8fc45c56680b798db6a55fa60a22e2d3d3ccf54fc729d083b50ce4/netaddr-0.8.0-py2.py3-none-any.whl (1.9MB)
Collecting ansible-base<2.11,>=2.10.3 (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/2e/d1/92422f8f53ae2d4e75ebdc2be2186a9ca2796b5d9679f20ed0239e86d8cf/ansible-base-2.10.3.tar.gz (5.8MB)
Collecting xmltodict (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/28/fd/30d5c1d3ac29ce229f6bdc40bbc20b28f716e8b363140c26eff19122d8a5/xmltodict-0.12.0-py2.py3-none-any.whl
Collecting requests>=2.9.1 (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/39/fc/f91eac5a39a65f75a7adb58eac7fa78871ea9872283fb9c44e6545998134/requests-2.25.0-py2.py3-none-any.whl (61kB)
Collecting requests_ntlm>=0.3.0 (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/03/4b/8b9a1afde8072c4d5710d9fa91433d504325821b038e00237dc8d6d833dc/requests_ntlm-1.1.0-py2.py3-none-any.whl
Requirement already satisfied, skipping upgrade: six in ./virtualenvs/ansible/lib/python3.6/site-packages (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2)) (1.15.0)
Collecting requests-credssp>=1.0.0 (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/5c/fa/8c4742147b7071f1309e250a9f82949dd199c3b636b0dc565a47bce836eb/requests_credssp-1.2.0-py2.py3-none-any.whl
Collecting pykerberos<2.0.0,>=1.2.1 (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/9a/b8/1ec56b6fa8a2e2a81420bd3d90e70b59fc83f6b857fb2c2c37accddc8be3/pykerberos-1.2.1.tar.gz
Collecting importlib-resources; python_version < "3.7" (from netaddr>=0.7.19->-r /opt/stackstorm/packs/ansible/requirements.txt (line 3))
  Downloading https://files.pythonhosted.org/packages/c5/1f/ec86d2a5c48ac6490d4471b297885603cf0e8da89d5ffbf0bce6e57f4d64/importlib_resources-3.3.0-py2.py3-none-any.whl
Collecting jinja2 (from ansible-base<2.11,>=2.10.3->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/30/9e/f663a2aa66a09d838042ae1a2c5659828bb9b41ea3a6efa20a20fd92b121/Jinja2-2.11.2-py2.py3-none-any.whl (125kB)
Collecting PyYAML (from ansible-base<2.11,>=2.10.3->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/64/c2/b80047c7ac2478f9501676c988a5411ed5572f35d1beff9cae07d321512c/PyYAML-5.3.1.tar.gz (269kB)
Collecting cryptography (from ansible-base<2.11,>=2.10.3->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/4c/a2/6565c5271a79e3c96d7a079053b4d8408a740d4bf365f0f5f244a807bd09/cryptography-3.2.1-cp35-abi3-manylinux2010_x86_64.whl (2.6MB)
Collecting packaging (from ansible-base<2.11,>=2.10.3->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/46/19/c5ab91b1b05cfe63cccd5cfc971db9214c6dd6ced54e33c30d5af1d2bc43/packaging-20.4-py2.py3-none-any.whl
Collecting chardet<4,>=3.0.2 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/bc/a9/01ffebfb562e4274b6487b4bb1ddec7ca55ec7510b22e4c51f14098443b8/chardet-3.0.4-py2.py3-none-any.whl (133kB)
Collecting urllib3<1.27,>=1.21.1 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/f5/71/45d36a8df68f3ebb098d6861b2c017f3d094538c0fb98fa61d4dc43e69b9/urllib3-1.26.2-py2.py3-none-any.whl (136kB)
Collecting certifi>=2017.4.17 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/c1/6f/3d85f0850962279a7e4c622695d7b3171e95ac65308a57d3b29738b27149/certifi-2020.11.8-py2.py3-none-any.whl (155kB)
Collecting idna<3,>=2.5 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/a2/38/928ddce2273eaa564f6f50de919327bf3a00f091b5baba8dfa9460f3a8a8/idna-2.10-py2.py3-none-any.whl (58kB)
Collecting ntlm-auth>=1.0.2 (from requests_ntlm>=0.3.0->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/ff/84/97c550164b54942b0e908c31ef09d9469f3ba4cd7332a671e2125732f63b/ntlm_auth-1.5.0-py2.py3-none-any.whl
Collecting pyasn1>=0.3.1 (from requests-credssp>=1.0.0->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/62/1e/a94a8d635fa3ce4cfc7f506003548d0a2447ae76fd5ca53932970fe3053f/pyasn1-0.4.8-py2.py3-none-any.whl (77kB)
Collecting pyOpenSSL>=16.0.0 (from requests-credssp>=1.0.0->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/9e/de/f8342b68fa9e981d348039954657bdf681b2ab93de27443be51865ffa310/pyOpenSSL-19.1.0-py2.py3-none-any.whl (53kB)
Collecting pyspnego (from requests-credssp>=1.0.0->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/0a/76/18d75e793e52cb24880cbdaad78bd410e4902b79f487f5f8a695cac5e223/pyspnego-0.1.3-py2.py3-none-any.whl (107kB)
Collecting zipp>=0.4; python_version < "3.8" (from importlib-resources; python_version < "3.7"->netaddr>=0.7.19->-r /opt/stackstorm/packs/ansible/requirements.txt (line 3))
  Downloading https://files.pythonhosted.org/packages/41/ad/6a4f1a124b325618a7fb758b885b68ff7b058eec47d9220a12ab38d90b1f/zipp-3.4.0-py3-none-any.whl
Collecting MarkupSafe>=0.23 (from jinja2->ansible-base<2.11,>=2.10.3->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/b2/5f/23e0023be6bb885d00ffbefad2942bc51a620328ee910f64abe5a8d18dd1/MarkupSafe-1.1.1-cp36-cp36m-manylinux1_x86_64.whl
Collecting cffi!=1.11.3,>=1.8 (from cryptography->ansible-base<2.11,>=2.10.3->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/50/ca/bbca0fd95b24a1d4f0d2e016f09f35ae68d4fe72bf34cc538d0a0d2d3e10/cffi-1.14.3-cp36-cp36m-manylinux1_x86_64.whl (400kB)
Collecting pyparsing>=2.0.2 (from packaging->ansible-base<2.11,>=2.10.3->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/8a/bb/488841f56197b13700afd5658fc279a2025a39e22449b7cf29864669b15d/pyparsing-2.4.7-py2.py3-none-any.whl (67kB)
Collecting pycparser (from cffi!=1.11.3,>=1.8->cryptography->ansible-base<2.11,>=2.10.3->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/ae/e7/d9c3a176ca4b02024debf82342dab36efadfc5776f9c8db077e8f6e71821/pycparser-2.20-py2.py3-none-any.whl (112kB)
Building wheels for collected packages: ansible, pywinrm, ansible-base, pykerberos, PyYAML
  Building wheel for ansible (setup.py): started
  Building wheel for ansible (setup.py): finished with status 'done'
  Stored in directory: /root/.cache/pip/wheels/41/79/b5/1f6f77b8a80eab71e9edd46169ab72940d15dba1e346a64134
  Building wheel for pywinrm (setup.py): started
  Building wheel for pywinrm (setup.py): finished with status 'done'
  Stored in directory: /root/.cache/pip/wheels/8f/db/f3/3028984b926c1c0165d7be4ead1092d219bee6ef71e9219578
  Building wheel for ansible-base (setup.py): started
  Building wheel for ansible-base (setup.py): finished with status 'done'
  Stored in directory: /root/.cache/pip/wheels/46/c4/89/c154e9a421044e3ac0712b644709c44e8cd5767b6162825a09
  Building wheel for pykerberos (setup.py): started
  Building wheel for pykerberos (setup.py): finished with status 'error'
  Running setup.py clean for pykerberos
  Building wheel for PyYAML (setup.py): started
  Building wheel for PyYAML (setup.py): finished with status 'done'
  Stored in directory: /root/.cache/pip/wheels/a7/c1/ea/cf5bd31012e735dc1dfea3131a2d5eae7978b251083d6247bd
Successfully built ansible pywinrm ansible-base PyYAML
Failed to build pykerberos
Installing collected packages: MarkupSafe, jinja2, PyYAML, pycparser, cffi, cryptography, pyparsing, packaging, ansible-base, ansible, xmltodict, chardet, urllib3, certifi, idna, requests, ntlm-auth, requests-ntlm, pyasn1, pyOpenSSL, pyspnego, requests-credssp, pykerberos, pywinrm, zipp, importlib-resources, netaddr
  Running setup.py install for pykerberos: started
    Running setup.py install for pykerberos: finished with status 'error'
 (stderr:   ERROR: Complete output from command /opt/stackstorm/virtualenvs/ansible/bin/python -u -c 'import setuptools, tokenize;__file__='"'"'/tmp/pip-install-ekbnisby/pykerberos/setup.py'"'"';f=getattr(\okenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\
'"'"', '"'"'\
'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' bdist_wheel -d /tmp/pip-wheel-1lt86pfy --python-tag cp36:
  ERROR: running bdist_wheel
  running build
  running build_ext
  building 'kerberos' extension
  creating build
  creating build/temp.linux-x86_64-3.6
  creating build/temp.linux-x86_64-3.6/src
  x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.6m -I/opt/stackstorm/virtualenvs/ansible/include/python3.6m -c src/kerberos.c -o build/temp.linux-x86_64-3.6/src/kerberos.o
  unable to execute 'x86_64-linux-gnu-gcc': No such file or directory
  error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
  ----------------------------------------
  ERROR: Failed building wheel for pykerberos
    ERROR: Complete output from command /opt/stackstorm/virtualenvs/ansible/bin/python -u -c 'import setuptools, tokenize;__file__='"'"'/tmp/pip-install-ekbnisby/pykerberos/setup.py'"'"';f=getattr(tokenize\ '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\
'"'"', '"'"'\
'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-96df44pv/install-record.txt --single-version-externally-managed --compile --install-headers /opt/stackstorm/virtualenvs/ansible/include/site/python3.6/pykerberos:
    ERROR: running install
    running build
    running build_ext
    building 'kerberos' extension
    creating build
    creating build/temp.linux-x86_64-3.6
    creating build/temp.linux-x86_64-3.6/src
    x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.6m -I/opt/stackstorm/virtualenvs/ansible/include/python3.6m -c src/kerberos.c -o build/temp.linux-x86_64-3.6/src/kerberos.o
    unable to execute 'x86_64-linux-gnu-gcc': No such file or directory
    error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
    ----------------------------------------
ERROR: Command "/opt/stackstorm/virtualenvs/ansible/bin/python -u -c 'import setuptools, tokenize;__file__='"'"'/tmp/pip-install-ekbnisby/pykerberos/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(\_file__);code=f.read().replace('"'"'\
'"'"', '"'"'\
'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-96df44pv/install-record.txt --single-version-externally-managed --compile --install-headers /opt/stackstorm/virtualenvs/ansible/include/site/python3.6/pykerberos" failed with error code 1 in /tmp/pip-install-ekbnisby/pykerberos/
WARNING: You are using pip version 19.1.1, however version 20.2.4 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
)
"
      stdout: ''
    task_id: install_pack_requirements
    type: error
  output:
    conflict_list: []
    message: ''
    packs_list:
    - ansible
    warning_list: null
+--------------------------+------------------------+------------------------------------+-----------------------------+-------------------------------+
| id                       | status                 | task                               | action                      | start_timestamp               |
+--------------------------+------------------------+------------------------------------+-----------------------------+-------------------------------+
| 5fb83ef54d9ec79272e88120 | succeeded (0s elapsed) | init_task                          | core.noop                   | Fri, 20 Nov 2020 22:11:01 UTC |
| 5fb83ef64d9ec79272e88130 | succeeded (3s elapsed) | download_pack                      | packs.download              | Fri, 20 Nov 2020 22:11:02 UTC |
| 5fb83ef94d9ec79272e88140 | succeeded (0s elapsed) | make_a_prerun                      | packs.virtualenv_prerun     | Fri, 20 Nov 2020 22:11:05 UTC |
| 5fb83efa4d9ec79272e88150 | succeeded (1s elapsed) | get_pack_dependencies              | packs.get_pack_dependencies | Fri, 20 Nov 2020 22:11:06 UTC |
| 5fb83efb4d9ec79272e88160 | succeeded (0s elapsed) | check_dependency_and_conflict_list | core.noop                   | Fri, 20 Nov 2020 22:11:07 UTC |
| 5fb83efc4d9ec79272e88170 | failed (272s elapsed)  | install_pack_requirements          | packs.setup_virtualenv      | Fri, 20 Nov 2020 22:11:08 UTC |
+--------------------------+------------------------+------------------------------------+-----------------------------+-------------------------------+

What dependencies are missed? I haven't found anymore...

Waiting for your answer, thanks in advance!

support json in extra_vars

If I'm reading this right, ansible.playbook doesn't support anything other than files and var=value definitions, not inline yaml or inline json, right?

According to the ansible docs, --extra-vars supports inline json (>=v1.2) and inline yaml (>=v1.3). (of course json is yaml, so only bother with json). Could this be enhanced to support that as well?

I'm using a playbook in an action chain, and I would like to pass in yaml like this:

---
chain:
  -
    name: "my_great_action_chain_action"
    ref: "ansible.playbook"
    parameters:
      playbook: "playbooks/cool.yaml"
      extra_vars:
        -
          important_var_name:
            - { name: '{{ var_from_earlier_action }}', otherkey: '{{ var_from_earlier_action }}' }

This would approximate how I would add the vars if I added them directly to the playbook under vars.

Fix 0.5.0 tag

My mistake. In PR #7, I changed pack.yaml in the first commit, so it was that commit that got tagged as 0.5.0.
Could someone move the tag from 5a274bb to ddde896 (or the merge commit: c2e9cfd)?

There are some important fixes in c33da61 - the actions won't work without them.

Thanks, and sorry!

Ansible 2.8? pyvcloud?

Is there are road map to use ansible 2.8 with this pack?

How to include pyvcloud in this pack?

No such file or directory : ~/.ansible/tmp/ansible-tmp-.../wait_for.py

Hi,

Im testing to stackstorm-ansible to test if we could use it to update Ubuntu servers.

I have a good know playbook that I can successfully run using the standard ansible-playbook command, to run that playbook using Strackstorm Im using the following command:

# st2 run ansible.playbook playbook=/root/git/stash/linux-update/linux-update.yml inventory_file=/root/git/stash/linux-update/linux-update.ini

The task is the following:

---
  - name: Wait for host to boot
    become: false
    local_action: wait_for
    args:
      host: "{{ inventory_hostname }}"
      port: 22
      state: started
      delay: 30
      timeout: 200

And it is failing with the following error:

TASK [linux-update : Wait for host to boot] ************************************
fatal: [192.168.56.101]: FAILED! =>
{"msg": "failed to transfer file to ~/.ansible/tmp/ansible-tmp-1524245385.09-134125845791648/wait_for.py:
[Errno 2] No such file or directory: '~/.ansible/tmp/ansible-tmp-1524245385.09-134125845791648/wait_for.py'"}
	to retry, use: --limit @/root/git/stash/linux-update/linux-update.retry

Is it possible the path is not correct since Im using Stackstrom?

Regards,
Carlos

Update: The Workaround/Solution

There is a bug in Ansible (ansible/ansible#21562) and they got really a lot of reports like this. They're trying to put everything together and fix it in some future release: ansible/ansible#31022

Until that:

Workaround 1

Set in ansible.cfg:

remote_tmp = $HOME/.ansible/tmp
local_tmp = $HOME/.ansible/tmp

Workaround 2

Pass those environment variables to ansible command:

ANSIBLE_LOCAL_TEMP=$HOME/.ansible/tmp
ANSIBLE_REMOTE_TEMP=$HOME/.ansible/tmp

Workaround 3

Downgrade of Ansible to version 2.2.0.

Failed to install this pack with st2-docker

There seems to be an issue with the kerberos extension and its dependencies (gssapi.h):

$ docker exec -it stackstorm /bin/bash
ckstorm-ansible02:/# st2 pack install https://github.com/StackStorm-Exchange/sta

	[ succeeded ] download pack
	[ succeeded ] make a prerun
	[  failed   ] install pack dependencies

id: 5a277319d6874c00d0070577
action.ref: packs.install
parameters:
  packs:
  - https://github.com/StackStorm-Exchange/stackstorm-ansible
status: failed
result_task: install pack dependencies
result:
  exit_code: 1
  result: None
  stderr: "st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Setting up virtualenv for pack \"ansible\" (/opt/stackstorm/packs/ansible)\nst2.actions.python.SetupVirtualEnvironmentAction: INFO     Virtualenv path \"/opt/stackstorm/virtualenvs/ansible\" doesn't exist\nst2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Creating virtualenv for pack \"ansible\" in \"/opt/stackstorm/virtualenvs/ansible\"\nst2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Creating virtualenv in \"/opt/stackstorm/virtualenvs/ansible\" using Python binary \"/opt/stackstorm/st2/bin/python\"\nst2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Running command \"/opt/stackstorm/st2/bin/virtualenv -p /opt/stackstorm/st2/bin/python --always-copy /opt/stackstorm/virtualenvs/ansible\" to create virtualenv.\nst2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing base requirements\nst2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing requirement six>=1.9.0,<2.0 with command /opt/stackstorm/virtualenvs/ansible/bin/pip install six>=1.9.0,<2.0.\nst2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing pack specific requirements from \"/opt/stackstorm/packs/ansible/requirements.txt\"\nst2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing requirements from file /opt/stackstorm/packs/ansible/requirements.txt with command /opt/stackstorm/virtualenvs/ansible/bin/pip install -U -r /opt/stackstorm/packs/ansible/requirements.txt.\nTraceback (most recent call last):\n  File \"/opt/stackstorm/st2/local/lib/python2.7/site-packages/st2common/runners/python_action_wrapper.py\", line 259, in <module>\n    obj.run()\n  File \"/opt/stackstorm/st2/local/lib/python2.7/site-packages/st2common/runners/python_action_wrapper.py\", line 155, in run\n    output = action.run(**self._parameters)\n  File \"/opt/stackstorm/packs/packs/actions/pack_mgmt/setup_virtualenv.py\", line 88, in run\n    proxy_config=self.proxy_config)\n  File \"/opt/stackstorm/st2/lib/python2.7/site-packages/st2common/util/virtualenvs.py\", line 102, in setup_pack_virtualenv\n    logger=logger)\n  File \"/opt/stackstorm/st2/lib/python2.7/site-packages/st2common/util/virtualenvs.py\", line 222, in install_requirements\n    (requirements_file_path, stdout, stderr))\nException: Failed to install requirements from \"/opt/stackstorm/packs/ansible/requirements.txt\": Collecting ansible>=1.9 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading ansible-2.4.2.0.tar.gz (6.5MB)\nCollecting pywinrm[credssp,kerberos]>=0.2.2 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Downloading pywinrm-0.2.2-py2.py3-none-any.whl\nCollecting jinja2 (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading Jinja2-2.10-py2.py3-none-any.whl (126kB)\nCollecting PyYAML (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\nCollecting paramiko (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading paramiko-2.4.0-py2.py3-none-any.whl (192kB)\nCollecting cryptography (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading cryptography-2.1.4-cp27-cp27mu-manylinux1_x86_64.whl (2.2MB)\nRequirement already up-to-date: setuptools in /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\nCollecting xmltodict (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Downloading xmltodict-0.11.0-py2.py3-none-any.whl\nCollecting requests-ntlm>=0.3.0 (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Downloading requests_ntlm-1.1.0-py2.py3-none-any.whl\nRequirement already up-to-date: six in /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\nCollecting requests>=2.9.1 (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Using cached requests-2.18.4-py2.py3-none-any.whl\nCollecting requests-credssp>=0.0.1; extra == \"credssp\" (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Downloading requests_credssp-0.1.0-py2.py3-none-any.whl\nCollecting requests-kerberos>=0.10.0; extra == \"kerberos\" (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Downloading requests_kerberos-0.11.0-py2.py3-none-any.whl\nCollecting MarkupSafe>=0.23 (from jinja2->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading MarkupSafe-1.0.tar.gz\nCollecting pynacl>=1.0.1 (from paramiko->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading PyNaCl-1.2.1-cp27-cp27mu-manylinux1_x86_64.whl (696kB)\nCollecting bcrypt>=3.1.3 (from paramiko->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading bcrypt-3.1.4-cp27-cp27mu-manylinux1_x86_64.whl (57kB)\nCollecting pyasn1>=0.1.7 (from paramiko->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading pyasn1-0.4.2-py2.py3-none-any.whl (71kB)\nCollecting cffi>=1.7; platform_python_implementation != \"PyPy\" (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading cffi-1.11.2-cp27-cp27mu-manylinux1_x86_64.whl (405kB)\nCollecting enum34; python_version < \"3\" (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Using cached enum34-1.1.6-py2-none-any.whl\nCollecting idna>=2.1 (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Using cached idna-2.6-py2.py3-none-any.whl\nCollecting asn1crypto>=0.21.0 (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading asn1crypto-0.23.0-py2.py3-none-any.whl (99kB)\nCollecting ipaddress; python_version < \"3\" (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading ipaddress-1.0.18-py2-none-any.whl\nCollecting ntlm-auth>=1.0.2 (from requests-ntlm>=0.3.0->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Downloading ntlm_auth-1.0.6-py2.py3-none-any.whl\nCollecting urllib3<1.23,>=1.21.1 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Using cached urllib3-1.22-py2.py3-none-any.whl\nCollecting chardet<3.1.0,>=3.0.2 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Using cached chardet-3.0.4-py2.py3-none-any.whl\nCollecting certifi>=2017.4.17 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Using cached certifi-2017.11.5-py2.py3-none-any.whl\nCollecting pyOpenSSL>=16.0.0 (from requests-credssp>=0.0.1; extra == \"credssp\"->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Downloading pyOpenSSL-17.5.0-py2.py3-none-any.whl (53kB)\nCollecting pykerberos<2.0.0,>=1.1.8; sys_platform != \"win32\" (from requests-kerberos>=0.10.0; extra == \"kerberos\"->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))\n  Downloading pykerberos-1.1.14.tar.gz\nCollecting pycparser (from cffi>=1.7; platform_python_implementation != \"PyPy\"->cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))\n  Downloading pycparser-2.18.tar.gz (245kB)\nBuilding wheels for collected packages: ansible, MarkupSafe, pykerberos, pycparser\n  Running setup.py bdist_wheel for ansible: started\n  Running setup.py bdist_wheel for ansible: finished with status 'done'\n  Stored in directory: /root/.cache/pip/wheels/82/72/89/bcdf63814af976426a34174577b5775d8604b268b1b21fdc1a\n  Running setup.py bdist_wheel for MarkupSafe: started\n  Running setup.py bdist_wheel for MarkupSafe: finished with status 'done'\n  Stored in directory: /root/.cache/pip/wheels/88/a7/30/e39a54a87bcbe25308fa3ca64e8ddc75d9b3e5afa21ee32d57\n  Running setup.py bdist_wheel for pykerberos: started\n  Running setup.py bdist_wheel for pykerberos: finished with status 'error'\n  Complete output from command /opt/stackstorm/virtualenvs/ansible/bin/python -u -c \"import setuptools, tokenize;__file__='/tmp/pip-build-bJBxdS/pykerberos/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\\r\\n', '\\n');f.close();exec(compile(code, __file__, 'exec'))\" bdist_wheel -d /tmp/tmpghrygfpip-wheel- --python-tag cp27:\n  running bdist_wheel\n  running build\n  running build_ext\n  building 'kerberos' extension\n  creating build\n  creating build/temp.linux-x86_64-2.7\n  creating build/temp.linux-x86_64-2.7/src\n  x86_64-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -I/usr/include/python2.7 -c src/kerberos.c -o build/temp.linux-x86_64-2.7/src/kerberos.o\n  In file included from src/kerberos.c:19:0:\n  src/kerberosbasic.h:17:27: fatal error: gssapi/gssapi.h: No such file or directory\n   #include <gssapi/gssapi.h>\n                             ^\n  compilation terminated.\n  error: command 'x86_64-linux-gnu-gcc' failed with exit status 1\n  \n  ----------------------------------------\n  Running setup.py clean for pykerberos\n  Running setup.py bdist_wheel for pycparser: started\n  Running setup.py bdist_wheel for pycparser: finished with status 'done'\n  Stored in directory: /root/.cache/pip/wheels/95/14/9a/5e7b9024459d2a6600aaa64e0ba485325aff7a9ac7489db1b6\nSuccessfully built ansible MarkupSafe pycparser\nFailed to build pykerberos\nInstalling collected packages: MarkupSafe, jinja2, PyYAML, pycparser, cffi, pynacl, enum34, idna, asn1crypto, ipaddress, cryptography, bcrypt, pyasn1, paramiko, ansible, xmltodict, ntlm-auth, urllib3, chardet, certifi, requests, requests-ntlm, pyOpenSSL, requests-credssp, pykerberos, requests-kerberos, pywinrm\n  Running setup.py install for pykerberos: started\n    Running setup.py install for pykerberos: finished with status 'error'\n    Complete output from command /opt/stackstorm/virtualenvs/ansible/bin/python -u -c \"import setuptools, tokenize;__file__='/tmp/pip-build-bJBxdS/pykerberos/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\\r\\n', '\\n');f.close();exec(compile(code, __file__, 'exec'))\" install --record /tmp/pip-NrK7Jm-record/install-record.txt --single-version-externally-managed --compile --install-headers /opt/stackstorm/virtualenvs/ansible/include/site/python2.7/pykerberos:\n    running install\n    running build\n    running build_ext\n    building 'kerberos' extension\n    creating build\n    creating build/temp.linux-x86_64-2.7\n    creating build/temp.linux-x86_64-2.7/src\n    x86_64-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -I/usr/include/python2.7 -c src/kerberos.c -o build/temp.linux-x86_64-2.7/src/kerberos.o\n    In file included from src/kerberos.c:19:0:\n    src/kerberosbasic.h:17:27: fatal error: gssapi/gssapi.h: No such file or directory\n     #include <gssapi/gssapi.h>\n                               ^\n    compilation terminated.\n    error: command 'x86_64-linux-gnu-gcc' failed with exit status 1\n    \n    ----------------------------------------\n (stderr: /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning.\n  SNIMissingWarning\n/opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.\n  InsecurePlatformWarning\n  Failed building wheel for pykerberos\nCommand \"/opt/stackstorm/virtualenvs/ansible/bin/python -u -c \"import setuptools, tokenize;__file__='/tmp/pip-build-bJBxdS/pykerberos/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\\r\\n', '\\n');f.close();exec(compile(code, __file__, 'exec'))\" install --record /tmp/pip-NrK7Jm-record/install-record.txt --single-version-externally-managed --compile --install-headers /opt/stackstorm/virtualenvs/ansible/include/site/python2.7/pykerberos\" failed with error code 1 in /tmp/pip-build-bJBxdS/pykerberos/\n)\n"
  stdout: ''
error: st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Setting up virtualenv for pack "ansible" (/opt/stackstorm/packs/ansible)
st2.actions.python.SetupVirtualEnvironmentAction: INFO     Virtualenv path "/opt/stackstorm/virtualenvs/ansible" doesn't exist
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Creating virtualenv for pack "ansible" in "/opt/stackstorm/virtualenvs/ansible"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Creating virtualenv in "/opt/stackstorm/virtualenvs/ansible" using Python binary "/opt/stackstorm/st2/bin/python"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Running command "/opt/stackstorm/st2/bin/virtualenv -p /opt/stackstorm/st2/bin/python --always-copy /opt/stackstorm/virtualenvs/ansible" to create virtualenv.
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing base requirements
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing requirement six>=1.9.0,<2.0 with command /opt/stackstorm/virtualenvs/ansible/bin/pip install six>=1.9.0,<2.0.
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing pack specific requirements from "/opt/stackstorm/packs/ansible/requirements.txt"
st2.actions.python.SetupVirtualEnvironmentAction: DEBUG    Installing requirements from file /opt/stackstorm/packs/ansible/requirements.txt with command /opt/stackstorm/virtualenvs/ansible/bin/pip install -U -r /opt/stackstorm/packs/ansible/requirements.txt.
Traceback (most recent call last):
  File "/opt/stackstorm/st2/local/lib/python2.7/site-packages/st2common/runners/python_action_wrapper.py", line 259, in <module>
    obj.run()
  File "/opt/stackstorm/st2/local/lib/python2.7/site-packages/st2common/runners/python_action_wrapper.py", line 155, in run
    output = action.run(**self._parameters)
  File "/opt/stackstorm/packs/packs/actions/pack_mgmt/setup_virtualenv.py", line 88, in run
    proxy_config=self.proxy_config)
  File "/opt/stackstorm/st2/lib/python2.7/site-packages/st2common/util/virtualenvs.py", line 102, in setup_pack_virtualenv
    logger=logger)
  File "/opt/stackstorm/st2/lib/python2.7/site-packages/st2common/util/virtualenvs.py", line 222, in install_requirements
    (requirements_file_path, stdout, stderr))
Exception: Failed to install requirements from "/opt/stackstorm/packs/ansible/requirements.txt": Collecting ansible>=1.9 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading ansible-2.4.2.0.tar.gz (6.5MB)
Collecting pywinrm[credssp,kerberos]>=0.2.2 (from -r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading pywinrm-0.2.2-py2.py3-none-any.whl
Collecting jinja2 (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading Jinja2-2.10-py2.py3-none-any.whl (126kB)
Collecting PyYAML (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
Collecting paramiko (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading paramiko-2.4.0-py2.py3-none-any.whl (192kB)
Collecting cryptography (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading cryptography-2.1.4-cp27-cp27mu-manylinux1_x86_64.whl (2.2MB)
Requirement already up-to-date: setuptools in /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages (from ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
Collecting xmltodict (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading xmltodict-0.11.0-py2.py3-none-any.whl
Collecting requests-ntlm>=0.3.0 (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading requests_ntlm-1.1.0-py2.py3-none-any.whl
Requirement already up-to-date: six in /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
Collecting requests>=2.9.1 (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Using cached requests-2.18.4-py2.py3-none-any.whl
Collecting requests-credssp>=0.0.1; extra == "credssp" (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading requests_credssp-0.1.0-py2.py3-none-any.whl
Collecting requests-kerberos>=0.10.0; extra == "kerberos" (from pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading requests_kerberos-0.11.0-py2.py3-none-any.whl
Collecting MarkupSafe>=0.23 (from jinja2->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading MarkupSafe-1.0.tar.gz
Collecting pynacl>=1.0.1 (from paramiko->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading PyNaCl-1.2.1-cp27-cp27mu-manylinux1_x86_64.whl (696kB)
Collecting bcrypt>=3.1.3 (from paramiko->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading bcrypt-3.1.4-cp27-cp27mu-manylinux1_x86_64.whl (57kB)
Collecting pyasn1>=0.1.7 (from paramiko->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading pyasn1-0.4.2-py2.py3-none-any.whl (71kB)
Collecting cffi>=1.7; platform_python_implementation != "PyPy" (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading cffi-1.11.2-cp27-cp27mu-manylinux1_x86_64.whl (405kB)
Collecting enum34; python_version < "3" (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Using cached enum34-1.1.6-py2-none-any.whl
Collecting idna>=2.1 (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Using cached idna-2.6-py2.py3-none-any.whl
Collecting asn1crypto>=0.21.0 (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading asn1crypto-0.23.0-py2.py3-none-any.whl (99kB)
Collecting ipaddress; python_version < "3" (from cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading ipaddress-1.0.18-py2-none-any.whl
Collecting ntlm-auth>=1.0.2 (from requests-ntlm>=0.3.0->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading ntlm_auth-1.0.6-py2.py3-none-any.whl
Collecting urllib3<1.23,>=1.21.1 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Using cached urllib3-1.22-py2.py3-none-any.whl
Collecting chardet<3.1.0,>=3.0.2 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Using cached chardet-3.0.4-py2.py3-none-any.whl
Collecting certifi>=2017.4.17 (from requests>=2.9.1->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Using cached certifi-2017.11.5-py2.py3-none-any.whl
Collecting pyOpenSSL>=16.0.0 (from requests-credssp>=0.0.1; extra == "credssp"->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading pyOpenSSL-17.5.0-py2.py3-none-any.whl (53kB)
Collecting pykerberos<2.0.0,>=1.1.8; sys_platform != "win32" (from requests-kerberos>=0.10.0; extra == "kerberos"->pywinrm[credssp,kerberos]>=0.2.2->-r /opt/stackstorm/packs/ansible/requirements.txt (line 2))
  Downloading pykerberos-1.1.14.tar.gz
Collecting pycparser (from cffi>=1.7; platform_python_implementation != "PyPy"->cryptography->ansible>=1.9->-r /opt/stackstorm/packs/ansible/requirements.txt (line 1))
  Downloading pycparser-2.18.tar.gz (245kB)
Building wheels for collected packages: ansible, MarkupSafe, pykerberos, pycparser
  Running setup.py bdist_wheel for ansible: started
  Running setup.py bdist_wheel for ansible: finished with status 'done'
  Stored in directory: /root/.cache/pip/wheels/82/72/89/bcdf63814af976426a34174577b5775d8604b268b1b21fdc1a
  Running setup.py bdist_wheel for MarkupSafe: started
  Running setup.py bdist_wheel for MarkupSafe: finished with status 'done'
  Stored in directory: /root/.cache/pip/wheels/88/a7/30/e39a54a87bcbe25308fa3ca64e8ddc75d9b3e5afa21ee32d57
  Running setup.py bdist_wheel for pykerberos: started
  Running setup.py bdist_wheel for pykerberos: finished with status 'error'
  Complete output from command /opt/stackstorm/virtualenvs/ansible/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-bJBxdS/pykerberos/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('
', '
');f.close();exec(compile(code, __file__, 'exec'))" bdist_wheel -d /tmp/tmpghrygfpip-wheel- --python-tag cp27:
  running bdist_wheel
  running build
  running build_ext
  building 'kerberos' extension
  creating build
  creating build/temp.linux-x86_64-2.7
  creating build/temp.linux-x86_64-2.7/src
  x86_64-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -I/usr/include/python2.7 -c src/kerberos.c -o build/temp.linux-x86_64-2.7/src/kerberos.o
  In file included from src/kerberos.c:19:0:
  src/kerberosbasic.h:17:27: fatal error: gssapi/gssapi.h: No such file or directory
   #include <gssapi/gssapi.h>
                             ^
  compilation terminated.
  error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

  ----------------------------------------
  Running setup.py clean for pykerberos
  Running setup.py bdist_wheel for pycparser: started
  Running setup.py bdist_wheel for pycparser: finished with status 'done'
  Stored in directory: /root/.cache/pip/wheels/95/14/9a/5e7b9024459d2a6600aaa64e0ba485325aff7a9ac7489db1b6
Successfully built ansible MarkupSafe pycparser
Failed to build pykerberos
Installing collected packages: MarkupSafe, jinja2, PyYAML, pycparser, cffi, pynacl, enum34, idna, asn1crypto, ipaddress, cryptography, bcrypt, pyasn1, paramiko, ansible, xmltodict, ntlm-auth, urllib3, chardet, certifi, requests, requests-ntlm, pyOpenSSL, requests-credssp, pykerberos, requests-kerberos, pywinrm
  Running setup.py install for pykerberos: started
    Running setup.py install for pykerberos: finished with status 'error'
    Complete output from command /opt/stackstorm/virtualenvs/ansible/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-bJBxdS/pykerberos/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('
', '
');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-NrK7Jm-record/install-record.txt --single-version-externally-managed --compile --install-headers /opt/stackstorm/virtualenvs/ansible/include/site/python2.7/pykerberos:
    running install
    running build
    running build_ext
    building 'kerberos' extension
    creating build
    creating build/temp.linux-x86_64-2.7
    creating build/temp.linux-x86_64-2.7/src
    x86_64-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -I/usr/include/python2.7 -c src/kerberos.c -o build/temp.linux-x86_64-2.7/src/kerberos.o
    In file included from src/kerberos.c:19:0:
    src/kerberosbasic.h:17:27: fatal error: gssapi/gssapi.h: No such file or directory
     #include <gssapi/gssapi.h>
                               ^
    compilation terminated.
    error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

    ----------------------------------------
 (stderr: /opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning.
  SNIMissingWarning
/opt/stackstorm/virtualenvs/ansible/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
  Failed building wheel for pykerberos
Command "/opt/stackstorm/virtualenvs/ansible/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-bJBxdS/pykerberos/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('
', '
');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-NrK7Jm-record/install-record.txt --single-version-externally-managed --compile --install-headers /opt/stackstorm/virtualenvs/ansible/include/site/python2.7/pykerberos" failed with error code 1 in /tmp/pip-build-bJBxdS/pykerberos/
)

traceback: None
failed_on: install pack dependencies
start_timestamp: 2017-12-06T04:33:29.375003Z
end_timestamp: 2017-12-06T04:34:22.350326Z
+--------------------------+------------------------+------+--------+-----------------+
| id                       | status                 | task | action | start_timestamp |
+--------------------------+------------------------+------+--------+-----------------+
| 5a277319d6874c005b0db034 | succeeded (5s elapsed) | down | packs. | Wed, 06 Dec     |
|                          |                        | load | downlo | 2017 04:33:29   |
|                          |                        | pack | ad     | UTC             |
| 5a27731ed6874c005b0db036 | succeeded (1s elapsed) | make | packs. | Wed, 06 Dec     |
|                          |                        | a pr | virtua | 2017 04:33:34   |
|                          |                        | erun | lenv_p | UTC             |
|                          |                        |      | rerun  |                 |
| 5a277320d6874c005b0db039 | failed (46s elapsed)   | inst | packs. | Wed, 06 Dec     |
|                          |                        | all  | setup_ | 2017 04:33:36   |
|                          |                        | pack | virtua | UTC             |
|                          |                        | depe | lenv   |                 |
|                          |                        | nden |        |                 |
|                          |                        | cies |        |                 |
+--------------------------+------------------------+------+--------+-----------------+
root@9d76c52d1202:/#

Not reading ansible.cfg file

When I try to execute our ansible playbook with the module, it does not seem to be reading the ansible.cfg at all. So most of my job fails due to host key or wrong user issue.

What do you need to set for the module to read ansible.cfg?

No module named six

Installing the Ansible pack with --python3 installs fine but no commands can be run as the install appears to think it's missing the module 'six'.

This might be somewhat related to #5

root@ss01:/opt/stackstorm# st2 run ansible.command_local args="echo 'hi'"
..
id: 5c7d9592253fde2e09b23a24
status: failed
parameters:
  args: echo 'hi'
  cwd: /opt/stackstorm/packs/ansible
result:
  failed: true
  return_code: 1
  stderr: "Traceback (most recent call last):
  File "/opt/stackstorm/packs/ansible/actions/ansible.py", line 4, in <module>
    from lib.ansible_base import AnsibleBaseRunner
  File "/opt/stackstorm/packs/ansible/actions/lib/ansible_base.py", line 7, in <module>
    import six
ImportError: No module named six"
  stdout: ''
  succeeded: false

(ansible) root@ss01:/opt/stackstorm# ansible --version
ansible 2.7.8
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/stackstorm/virtualenvs/ansible/lib/python3.5/site-packages/ansible
  executable location = /opt/stackstorm/virtualenvs/ansible/bin/ansible
  python version = 3.5.2 (default, Nov 12 2018, 13:43:14) [GCC 5.4.0 20160609]

(ansible) root@ss01:/opt/stackstorm# pip list --format=columns
Package           Version
----------------- ----------
ansible           2.7.8
asn1crypto        0.24.0
bcrypt            3.1.6
certifi           2018.11.29
cffi              1.12.2
chardet           3.0.4
cryptography      2.6.1
idna              2.8
Jinja2            2.10
MarkupSafe        1.1.1
ntlm-auth         1.2.0
paramiko          2.4.2
pip               9.0.1
pyasn1            0.4.5
pycparser         2.19
pykerberos        1.2.1
PyNaCl            1.3.0
pyOpenSSL         19.0.0
pywinrm           0.3.0
PyYAML            3.13
requests          2.21.0
requests-credssp  1.0.2
requests-kerberos 0.12.0
requests-ntlm     1.1.0
setuptools        40.8.0
six               1.12.0
urllib3           1.24.1
wheel             0.29.0
xmltodict         0.12.0

Consider removing default `sudo: true`

(Content copied from StackStorm/st2contrib#363)

Consider removing default sudo: true in Ansible pack.
Verify/Test if all possible cases/showcases still works well and all user stories are still covered.

ansible doesn't support dynamic inventory

We run ansible on aws account, and slowly implement st2 to expose some ops tasks via chatops. It seems that the pack doesn't support dynamic inventory? Are there plans to add this functionality?
As a workaround I run ec2.py via local-shell-cmd runner, but of course this isn't right way.
Thanks
-B

Ansible playbooks not running with stackstorm on ubuntu 18.04 with ansible pack

OS: Ubuntu 18.04
Installation method: One liner

I have an ansible playbook that runs in ansible fine, but fails in stackstorm using ansible pack.

Error:

"stderr": "Traceback (most recent call last):\n File \"/opt/stackstorm/packs/ansible/actions/ansible_playbook.py\", line 4, in <module>\n from lib.ansible_base import AnsibleBaseRunner\n File \"/opt/stackstorm/packs/ansible/actions/lib/ansible_base.py\", line 4, in <module>\n import shell\nModuleNotFoundError: No module named 'shell'"
Accoring to https://docs.stackstorm.com/install/u18.html

StackStorm on Ubuntu 18.04 runs all services, actions and sensors using Python 3 only. It does not support Python2 actions.

Could this be an issue?

@nmaludy suggested this could be:

bug in the ansible pack or maybe stackstorm core might not be setting up the PYTHONPATH correctly

Could someone have a look?

ansible-vault execution failed

Hi
I try to run command just like examples
st2 run ansible.vault.decrypt vault_password_file=vault_pass files=vars.yaml
but result is failed:
ansible-vault: error: unrecognized arguments: --vault-password-file=vault_pass

Same result with Web GUI

How to run playbook with vault password file

Hi I want to run playbook with vault password file.

For example I have playbook with vault file inside playbook with "vars_files", the vault file contains credentials and I can run playbook with --vault-password-file or --ask-vault-pass outside stackstorm.

How to run playbook from stackstorm with vault password file?

Allow relative paths to playbooks that are part of the automation pack

I would like to store some of my playbooks with the StackStorm workflows that call them.

Right now, their is no current working directory for the action-runner, so relative paths can't be resolved by ansible-playbook.

So, I see two ways to add playbook-in-the-pack support:

Set the current working directory to the pack directory
Check for relative paths before passing them to ansible-playbook and resolve them to a directory inside the pack directory

Also, what should the paths be relative to? The pack directory itself, or the action directory? I think I would be okay with (assuming packs are installed in /opt/stackstorm/packs/) one of these:

/opt/stackstorm/packs/<pack>/
/opt/stackstorm/packs/<pack>/actions/
/opt/stackstorm/packs/<pack>/actions/playbooks/
/opt/stackstorm/packs/<pack>/playbooks/

If we did a path relative to a standard playbooks directory, then the existence of the directory would implictly enable/disable relative paths for actions in that automation pack.