Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump ansible from 2.9.20 to 2.10.7 #928

Merged
merged 2 commits into from
Oct 23, 2024
Merged

Bump ansible from 2.9.20 to 2.10.7 #928

merged 2 commits into from
Oct 23, 2024

Conversation

mkllnk
Copy link
Member

@mkllnk mkllnk commented Jun 13, 2024
edited by dacook
Loading

If we want to keep using Ansible, we need to update to a modern version, supporting current versions of Python. This is just a first step.

Related:

Dev notes

It may be necessary to remove the old version of Ansible entirely. This will do the trick:

pyenv virtualenv-delete ofn-install-3.10.15
./bin/pyenv-install

@mkllnk mkllnk self-assigned this Jun 13, 2024
@dacook
Copy link
Member

dacook commented Oct 8, 2024

This is required for Ubuntu 20, due to ansible/ansible#68536

@dacook
Copy link
Member

dacook commented Oct 21, 2024
edited
Loading

A workaround was to comment out this line. We should be able to re-instate it with this upgrade:
ed59a6b

@mkllnk
Copy link
Member Author

mkllnk commented Oct 22, 2024

Okay, linting disabled. CI doesn't cover everything. @dacook, you could try to run the next provisioning with this branch?

@dacook
Copy link
Member

dacook commented Oct 22, 2024

@mkllnk I just noticed that we don't have an upgrade method documented for ansible.
The new pyenv-install script only runs pip if it's instaling a new version of python. So in the case of this upgrade, it gets skipped and you have to manually run pip install -r requirements.txt.

I think the best fix is to simply move that command to after the if block.

@dacook
Copy link
Member

dacook commented Oct 22, 2024

FYI @mkllnk I got this message:

Screenshot 2024-10-22 at 5 09 20 PM

I got interrupted, but will try the suggested steps soon and hopefully it will be fine.

@mkllnk
Copy link
Member Author

mkllnk commented Oct 22, 2024

I would delete the current virtualenv and start again:

pyenv virtualenv-delete ofn-install-3.10.15
./bin/pyenv-install

We could include the Ansible version in the virtualenv name to avoid conflicts...

@dacook
Copy link
Member

dacook commented Oct 23, 2024

Sure, I've done that instead.
There's other package versions specified in requirements.txt, so if going down that path, maybe we should use a hash of that file in the virtualenv name.

@dacook
Copy link
Member

dacook commented Oct 23, 2024

Tested on ca_prod2:

  • setup.yml
  • provision.yml
  • deploy.yml

dacook
dacook approved these changes Oct 23, 2024
View reviewed changes
Copy link
Member

@dacook dacook left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Couple of notes, but I don't think worth changing. Good to go.

README.md
@@ -80,7 +80,7 @@ Run the [ansible-lint](https://github.com/willthames/ansible-lint) checks using:
ansible-lint site.yml --exclude=community
```

This is also run in CI.
~~~This is also run in CI.~~~
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI Markdown strikeouts only need two tildes each side. But the intent is still clear.

.github/workflows/build.yml
- name: Ansible Lint
run: ansible-lint playbooks/*.yml --exclude community
# - name: Ansible Lint
# run: ansible-lint playbooks/*.yml --exclude community
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if there's a way we could configure it to always skip. Then it would still show in GitHub as an action that doesn't run (and hence remind there's something broken to fix one day)

@dacook dacook merged commit 778a013 into openfoodfoundation:master Oct 23, 2024
1 check passed
@dacook
Copy link
Member

dacook commented Oct 29, 2024
edited
Loading

Deployed on uk_staging, but the other staging servers are older and it doesn't work:

ansible-playbook playbooks/setup_remote_deployment.yml -l all_staging
...
TASK [remote_deployment : install ansible]
ok: [staging.openfoodnetwork.org.uk]
fatal: [staging.coopcircuits.fr]: FAILED!
fatal: [staging.openfoodnetwork.org.au]: FAILED!
...
Failed to update apt cache: unknown reason

I'm not sure it's worth investigating further right now.
I think it's fine to leave Workaround for Ubuntu 20 with Ansible < 2.10 in place until further notice.

@mkllnk mkllnk deleted the ansible-2.10 branch October 30, 2024 21:49
@mkllnk
Copy link
Member Author

mkllnk commented Oct 30, 2024

Looks like a different problem we should solve:

root@vps-2a25f087:~# apt update
Get:1 http://nova.clouds.archive.ubuntu.com/ubuntu bionic InRelease [242 kB]
Get:2 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates InRelease [102 kB]                                                                                                               
Get:3 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-backports InRelease [102 kB]                                                                                                             
Get:4 http://security.ubuntu.com/ubuntu bionic-security InRelease [102 kB]                                                                                                                         
Hit:5 http://nginx.org/packages/ubuntu bionic InRelease                                                                                                                                            
Get:6 https://deb.nodesource.com/node_14.x bionic InRelease [4584 B]                                                                                                                               
Hit:7 https://download.newrelic.com/infrastructure_agent/linux/apt bionic InRelease                                                     
Hit:8 http://ppa.launchpad.net/ansible/ansible/ubuntu bionic InRelease                                 
Hit:9 http://ppa.launchpad.net/certbot/certbot/ubuntu bionic InRelease
Hit:10 http://ppa.launchpad.net/redislabs/redis/ubuntu bionic InRelease
Err:5 http://nginx.org/packages/ubuntu bionic InRelease
  The following signatures were invalid: EXPKEYSIG ABF5BD827BD9BF62 nginx signing key <signing-key@nginx.com>
Fetched 552 kB in 1s (424 kB/s)
Reading package lists... Done
Building dependency tree       
Reading state information... Done
77 packages can be upgraded. Run 'apt list --upgradable' to see them.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://nginx.org/packages/ubuntu bionic InRelease: The following signatures were invalid: EXPKEYSIG ABF5BD827BD9BF62 nginx signing key <signing-key@nginx.com>
W: Failed to fetch http://nginx.org/packages/ubuntu/dists/bionic/InRelease  The following signatures were invalid: EXPKEYSIG ABF5BD827BD9BF62 nginx signing key <signing-key@nginx.com>
W: Some index files failed to download. They have been ignored, or old ones used instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dacook dacook dacook approved these changes

Assignees

@mkllnk mkllnk

Labels
None yet
Projects
OFN Delivery board
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mkllnk @dacook