tripleo

Master/wallaby Security component "Standalone with ipa" and fs039 job are failing with ERROR! couldn't resolve module/action 'freeipa.ansible_freeipa.ipahost'. This often indicates a misspelling, missing collection, or incorrect module path.

Bug #1986755 reported by Sandeep Yadav on 2022-08-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	tripleo	Fix Released	Critical	Unassigned	tripleo zed-1

Bug Description

Master/wallaby Security component "Standalone with ipa" and fs039 job are failing with the below error:-

standalone-on-multinode-ipa failure snippet:-

https://logserver.rdoproject.org/46/28446/84/check/periodic-tripleo-ci-centos-9-standalone-on-multinode-ipa-security-master/206179f/logs/undercloud/home/zuul/standalone_deploy.log.txt.gz

~~~
2022-08-16 21:19:18.398698 | fa163ef9-e36d-5569-936e-000000001b34 | TIMING | include_role : tripleo_ipa_registration | undercloud | 0:09:57.093654 | 0.03s
ERROR! couldn't resolve module/action 'freeipa.ansible_freeipa.ipahost'. This often indicates a misspelling, missing collection, or incorrect module path.

The error appears to be in '/usr/share/ansible/roles/tripleo_ipa_registration/tasks/main.yml': line 47, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  block:
    - name: add new host with one-time password
      ^ here
[ERROR]: An include failure occurred, we will not continue to process after
this play completes.
~~~

feautureset 039 failure snippet:-

https://logserver.rdoproject.org/46/28446/84/check/periodic-tripleo-ci-centos-9-ovb-3ctlr_1comp_1supp-featureset039-security-master/e4a4d9d/logs/supplemental/home/cloud-user/ipa_prep.sh.log.txt.gz
~~~
22-08-16 21:14:14 | TASK [set perms, privs, roles] *************************************************
2022-08-16 21:14:14 | ERROR! couldn't resolve module/action 'freeipa.ansible_freeipa.ipapermission'. This often indicates a misspelling, missing collection, or incorrect module path.
2022-08-16 21:14:14 |
2022-08-16 21:14:14 | The error appears to be in '/usr/share/ansible/roles/tripleo_ipa_setup/tasks/setup.yml': line 52, column 3, but may
2022-08-16 21:14:14 | be elsewhere in the file depending on the exact syntax problem.
2022-08-16 21:14:14 |
2022-08-16 21:14:14 | The offending line appears to be:
2022-08-16 21:14:14 |
2022-08-16 21:14:14 |
2022-08-16 21:14:14 | - name: add nova host management permissions
2022-08-16 21:14:14 | ^ here
~~~

Seeing same issue in wallaby:-

https://logserver.rdoproject.org/57/42657/13/check/periodic-tripleo-ci-centos-9-ovb-3ctlr_1comp_1supp-featureset039-security-wallaby/cc6ce81/logs/supplemental/home/cloud-user/ipa_prep.sh.log.txt.gz

https://logserver.rdoproject.org/57/42657/13/check/periodic-tripleo-ci-centos-9-standalone-on-multinode-ipa-security-wallaby/c08df1e/logs/undercloud/home/zuul/standalone_deploy.log.txt.gz

Tags:

Revision history for this message

Sandeep Yadav (sandeepyadav93) wrote on 2022-08-17:

The same job is passing in the integration line but failing in the component line which means something which comes from the Security component is breaking the job.

Master Openstack rpm diff with last good known packages
========================================================

Last good known package:
python-barbican-tests-tempest-1.6.1-0.20220712131707.44c9ed2.el9
ansible-tripleo-ipa-0.2.3-0.20220722151511.6c0dc79.el9

Affected job:-
python-barbican-tests-tempest-1.6.1-0.20220816082335.45dd131.el9
ansible-tripleo-ipa-0.2.3-0.20220805171240.c049918.el9

Wallaby rpm diff with last good known packages:-
===============================================

Last good known package:
ansible-tripleo-ipa-0.2.3-0.20220730153433.52eab7d.el9

Affected rpm:-
ansible-tripleo-ipa-0.2.3-0.20220808222344.5d12dda.el9

Looks like breaking change is coming from ansible-tripleo-ipa rpm.

Revision history for this message

Sandeep Yadav (sandeepyadav93) wrote on 2022-08-17:

Looks like it started after below patch merged

~~~
848255: Replacing community.general ipa modules with ansible-freeipa | https://review.opendev.org/c/x/tripleo-ipa/+/848255
~~~

Revision history for this message

Sandeep Yadav (sandeepyadav93) wrote on 2022-08-17:

Thanks to Chandan for reproducer: https://paste.openstack.org/raw/blYRlwJY4JigwYwsrRKz/

so -- ipahost works - but freeipa.ansible_freeipa.ipahost doesn't.

Xek proposed a possible fix, https://review.opendev.org/c/x/tripleo-ipa/+/853478.

Testing that here: https://review.rdoproject.org/r/c/testproject/+/28446

An alternative could be to update https://gitlab.com/redhat/centos-stream/rpms/ansible-freeipa/-/blob/c9s/ansible-freeipa.spec#L160

copy those collections in %{_datadir}/ansible/collections/ - so that collection can be recognized

Revision history for this message

chandan kumar (chkumar246) wrote on 2022-08-17:

Download full text (4.4 KiB)

copying the pastebin content here:
```
[root@825f41e17acd ~]# rpm -qa | grep ansible-freeipa
ansible-freeipa-1.8.2-1.el9.noarch
[root@825f41e17acd ~]# cat foo.yaml
- hosts: localhost
  tasks:
    - name: add new host with one-time password
      freeipa.ansible_freeipa.ipahost:
        name: localhost
        random: true
        force: true
        state: present
[root@825f41e17acd ~]# ansible-playbook foo.yaml --check
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
ERROR! couldn't resolve module/action 'freeipa.ansible_freeipa.ipahost'. This often indicates a misspelling, missing collection, or incorrect module path.

The error appears to be in '/root/foo.yaml': line 3, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  tasks:
    - name: add new host with one-time password
      ^ here
[root@825f41e17acd ~]# vi foo.yaml
[root@825f41e17acd ~]# cat foo.yaml
- hosts: localhost
  tasks:
    - name: add new host with one-time password
      # freeipa.ansible_freeipa.ipahost:
      ipahost:
        name: localhost
        random: true
        force: true
        state: present
[root@825f41e17acd ~]# ansible-playbook foo.yaml --check
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [localhost] *************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************
ok: [localhost]

TASK [add new host with one-time password] ***********************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "The password is not set"}

PLAY RECAP *******************************************************************************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

[root@825f41e17acd ~]#
[root@825f41e17acd ~]# ansible-galaxy collection install freeipa.ansible_freeipa
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Downloading https://galaxy.ansible.com/download/freeipa-ansible_freeipa-1.8.3.tar.gz to /root/.ansible/tmp/ansible-local-546gi8bgjjm/tmpisep9h1l/freeipa-ansible_freeipa-1.8.3-ypveljtq
Installing 'freeipa.ansible_freeipa:1.8.3' to '/root/.ansible/collections/ansible_collections/freeipa/ansible_freeipa'
freeipa.ansible_freeipa:1.8.3 was installed successfully
[root@825f41e17acd ~]# ansible-galaxy collection list

copying the pastebin content here:
```
[root@825f41e17acd ~]# rpm -qa | grep ansible-freeipa
ansible-freeipa-1.8.2-1.el9.noarch
[root@825f41e17acd ~]# cat foo.yaml 
- hosts: localhost
  tasks:
    - name: add new host with one-time password
      freeipa.ansible_freeipa.ipahost:
        name: localhost
        random: true
        force: true
        state: present
[root@825f41e17acd ~]# ansible-playbook foo.yaml --check
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
ERROR! couldn't resolve module/action 'freeipa.ansible_freeipa.ipahost'. This often indicates a misspelling, missing collection, or incorrect module path.

The error appears to be in '/root/foo.yaml': line 3, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

tasks:
    - name: add new host with one-time password
      ^ here
[root@825f41e17acd ~]# vi foo.yaml 
[root@825f41e17acd ~]# cat foo.yaml 
- hosts: localhost
  tasks:
    - name: add new host with one-time password
      # freeipa.ansible_freeipa.ipahost:
      ipahost:
        name: localhost
        random: true
        force: true
        state: present
[root@825f41e17acd ~]# ansible-playbook foo.yaml --check
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [localhost] *************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************
ok: [localhost]

PLAY RECAP *******************************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

[root@825f41e17acd ~]# 
[root@825f41e17acd ~]# ansible-galaxy collection install freeipa.ansible_freeipa
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Downloading https://galaxy.ansible.com/download/freeipa-ansible_freeipa-1.8.3.tar.gz to /root/.ansible/tmp/ansible-local-546gi8bgjjm/tmpisep9h1l/freeipa-ansible_freeipa-1.8.3-ypveljtq
Installing 'freeipa.ansible_freeipa:1.8.3' to '/root/.ansible/collections/ansible_collections/freeipa/ansible_freeipa'
freeipa.ansible_freeipa:1.8.3 was installed successfully
[root@825f41e17acd ~]# ansible-galaxy collection list

# /root/.ansible/collections/ansible_collections
Collection              Version
----------------------- -------
freeipa.ansible_freeipa 1.8.3  
[root@825f41e17acd ~]# vi foo.yaml 
[root@825f41e17acd ~]# ansible-playbook foo.yaml --check
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [localhost] *************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************
ok: [localhost]

PLAY RECAP *******************************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

[root@825f41e17acd ~]# cat foo.yaml 
- hosts: localhost
  tasks:
    - name: add new host with one-time password
      freeipa.ansible_freeipa.ipahost:
      # ipahost:
        name: localhost
        random: true
        force: true
        state: present
[root@825f41e17acd ~]# 
```

Ronelle Landy (rlandy) on 2022-08-30

Changed in tripleo:
status:	Triaged → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.