Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azure_rm_resourcegroup_info fails with segfault #1784

Open
mila-rodriguez-netapp opened this issue Dec 11, 2024 · 7 comments
Open

azure_rm_resourcegroup_info fails with segfault #1784

mila-rodriguez-netapp opened this issue Dec 11, 2024 · 7 comments
Labels
medium_priority Medium priority question Further information is requested work in In trying to solve, or in working with contributors

Comments

@mila-rodriguez-netapp
Copy link

SUMMARY

Simple azure_rm_resourcegroup_info task to identify if a resource group exists fails with a segfault.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

azure_rm_resourcegroup_info

ANSIBLE VERSION
/ # ansible --version
ansible [core 2.18.1]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.13/site-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.13.1 (main, Dec  9 2024, 20:39:36) [GCC 14.2.0] (/usr/local/bin/python)
  jinja version = 3.1.4
  libyaml = True
COLLECTION VERSION
# /usr/local/lib/python3.13/site-packages/ansible_collections
Collection                               Version
---------------------------------------- -------
amazon.aws                               9.0.0
ansible.netcommon                        7.1.0
ansible.posix                            1.6.2
ansible.utils                            5.1.2
ansible.windows                          2.5.0
arista.eos                               10.0.1
awx.awx                                  24.6.1
azure.azcollection                       3.1.0
check_point.mgmt                         6.2.1
chocolatey.chocolatey                    1.5.3
cisco.aci                                2.10.1
cisco.asa                                6.0.0
cisco.dnac                               6.25.0
cisco.intersight                         2.0.20
cisco.ios                                9.0.3
cisco.iosxr                              10.2.2
cisco.ise                                2.9.6
cisco.meraki                             2.18.3
cisco.mso                                2.9.0
cisco.nxos                               9.2.1
cisco.ucs                                1.14.0
cloud.common                             4.0.0
cloudscale_ch.cloud                      2.4.0
community.aws                            9.0.0
community.ciscosmb                       1.0.9
community.crypto                         2.22.3
community.digitalocean                   1.27.0
community.dns                            3.1.0
community.docker                         4.1.0
community.general                        10.1.0
community.grafana                        2.1.0
community.hashi_vault                    6.2.0
community.hrobot                         2.0.2
community.library_inventory_filtering_v1 1.0.2
community.libvirt                        1.3.0
community.mongodb                        1.7.8
community.mysql                          3.11.0
community.network                        5.1.0
community.okd                            4.0.0
community.postgresql                     3.9.0
community.proxysql                       1.6.0
community.rabbitmq                       1.3.0
community.routeros                       3.1.0
community.sap_libs                       1.4.2
community.sops                           2.0.0
community.vmware                         5.2.0
community.windows                        2.3.0
community.zabbix                         3.2.0
containers.podman                        1.16.2
cyberark.conjur                          1.3.1
cyberark.pas                             1.0.30
dellemc.enterprise_sonic                 2.5.1
dellemc.openmanage                       9.9.0
dellemc.powerflex                        2.5.0
dellemc.unity                            2.0.0
f5networks.f5_modules                    1.32.1
fortinet.fortimanager                    2.8.2
fortinet.fortios                         2.3.8
google.cloud                             1.4.1
grafana.grafana                          5.6.0
hetzner.hcloud                           4.2.2
ibm.qradar                               4.0.0
ibm.spectrum_virtualize                  2.0.0
ibm.storage_virtualize                   2.5.0
ieisystem.inmanage                       3.0.0
infinidat.infinibox                      1.4.5
infoblox.nios_modules                    1.7.1
inspur.ispim                             2.2.3
junipernetworks.junos                    9.1.0
kaytus.ksmanage                          2.0.0
kubernetes.core                          5.0.0
kubevirt.core                            2.1.0
lowlydba.sqlserver                       2.3.4
microsoft.ad                             1.7.1
netapp.cloudmanager                      21.24.0
netapp.ontap                             22.13.0
netapp.storagegrid                       21.13.0
netapp_eseries.santricity                1.4.1
netbox.netbox                            3.20.0
ngine_io.cloudstack                      2.5.0
openstack.cloud                          2.3.0
ovirt.ovirt                              3.2.0
purestorage.flasharray                   1.32.0
purestorage.flashblade                   1.19.1
sensu.sensu_go                           1.14.0
splunk.es                                4.0.0
telekom_mms.icinga_director              2.2.1
theforeman.foreman                       4.2.0
vmware.vmware                            1.7.1
vmware.vmware_rest                       4.3.0
vultr.cloud                              1.13.0
vyos.vyos                                5.0.0
wti.remote                               1.0.10
CONFIGURATION
CONFIG_FILE() = None

GALAXY_SERVERS:
OS / ENVIRONMENT
  • Docker container based on python:3.13.1-alpine3.21

Dockerfile:

FROM python:3.13.1-alpine3.21

RUN apk add --update \
    cargo \
    build-base \
    linux-headers \
    openssl-dev \
    openssh-keygen

RUN python -m pip install ansible==11.1.0
RUN ansible-galaxy collection install azure.azcollection

# CFLAGS with documented workaround here: https://github.com/Azure/azure-uamqp-python/issues/386#issuecomment-2138288404
RUN CFLAGS="-Wno-error=incompatible-pointer-types" python -m pip install -r /usr/local/lib/python3.13/site-packages/ansible_collections/azure/azcollection/requirements.txt
STEPS TO REPRODUCE

This task is intended to check for the existence of a resource group:

- name: Example
  hosts: localhost
  tasks:
    - name: Query for existing resource group
      azure.azcollection.azure_rm_resourcegroup_info:
        auth_source: env
        name: hello_world_example_rg
        list_resources: false
EXPECTED RESULTS

Expect a response with either information about the RG if it exists, or empty-ish if it doesn't. In either case it should resolve a response successfully.

ACTUAL RESULTS

Segfault, fatal error.

/ # AZURE_CLIENT_ID=*** AZURE_SECRET=*** AZURE_TENANT=*** ansible-playbook -vvv test.yml
ansible-playbook [core 2.18.1]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.13/site-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible-playbook
  python version = 3.13.1 (main, Dec  9 2024, 20:39:36) [GCC 14.2.0] (/usr/local/bin/python)
  jinja version = 3.1.4
  libyaml = True
No config file found; using defaults
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: test.yml **********************************************************************************************************************************************************************************************************************************************************************
1 plays in test.yml

PLAY [Example] *************************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *****************************************************************************************************************************************************************************************************************************************************************
task path: /test.yml:1
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1733934352.3048978-333-154882236383129 `" && echo ansible-tmp-1733934352.3048978-333-154882236383129="` echo /root/.ansible/tmp/ansible-tmp-1733934352.3048978-333-154882236383129 `" ) && sleep 0'
Using module file /usr/local/lib/python3.13/site-packages/ansible/modules/setup.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-326nl4les1y/tmptiej4v9w TO /root/.ansible/tmp/ansible-tmp-1733934352.3048978-333-154882236383129/AnsiballZ_setup.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1733934352.3048978-333-154882236383129/ /root/.ansible/tmp/ansible-tmp-1733934352.3048978-333-154882236383129/AnsiballZ_setup.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/local/bin/python /root/.ansible/tmp/ansible-tmp-1733934352.3048978-333-154882236383129/AnsiballZ_setup.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1733934352.3048978-333-154882236383129/ > /dev/null 2>&1 && sleep 0'
ok: [localhost]

TASK [Query for existing resource group] ***********************************************************************************************************************************************************************************************************************************************
task path: /test.yml:4
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1733934353.5832493-363-130550396386379 `" && echo ansible-tmp-1733934353.5832493-363-130550396386379="` echo /root/.ansible/tmp/ansible-tmp-1733934353.5832493-363-130550396386379 `" ) && sleep 0'
Using module file /usr/local/lib/python3.13/site-packages/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-326nl4les1y/tmpv58z1zsq TO /root/.ansible/tmp/ansible-tmp-1733934353.5832493-363-130550396386379/AnsiballZ_azure_rm_resourcegroup_info.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1733934353.5832493-363-130550396386379/ /root/.ansible/tmp/ansible-tmp-1733934353.5832493-363-130550396386379/AnsiballZ_azure_rm_resourcegroup_info.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/local/bin/python /root/.ansible/tmp/ansible-tmp-1733934353.5832493-363-130550396386379/AnsiballZ_azure_rm_resourcegroup_info.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1733934353.5832493-363-130550396386379/ > /dev/null 2>&1 && sleep 0'
fatal: [localhost]: FAILED! => {
    "changed": false,
    "module_stderr": "Segmentation fault (core dumped)\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE: No start of json char found\nSee stdout/stderr for the exact error",
    "rc": 139
}

PLAY RECAP *****************************************************************************************************************************************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

(Not sure where, if anywhere, See stdout/stderr for the exact error might be captured.)
@Fred-sun
Copy link
Collaborator

@mila-rodriguez-netapp I have tested in my local machine. However, the resource group information can be successfully returned. Can you provide more information to help solve this problem? Thank you!

@Fred-sun Fred-sun added question Further information is requested medium_priority Medium priority work in In trying to solve, or in working with contributors labels Dec 24, 2024
@mila-rodriguez-netapp
Copy link
Author

@mila-rodriguez-netapp I have tested in my local machine. However, the resource group information can be successfully returned. Can you provide more information to help solve this problem? Thank you!

What more information do you need? I see the same behavior whether I'm running the docker container locally in my WSL2-hosted docker desktop instance, or in my Rancher-hosted CI.

@Fred-sun
Copy link
Collaborator

Fred-sun commented Jan 2, 2025

@mila-rodriguez-netapp Ok, thank you very much for your feedback. In addition, I see that you specified I(auth_source=env), could you please provide the information displayed by 'export', thank you!

@Fred-sun
Copy link
Collaborator

Fred-sun commented Jan 2, 2025

@mila-rodriguez-netapp Can you get the resource group information in another way (for example, az group list --query "[?name=='RG_name']")? From your error, it appears that the error occurred when serializing the return value. Thank you!

@mila-rodriguez-netapp
Copy link
Author

mila-rodriguez-netapp commented Jan 2, 2025
edited
Loading

@mila-rodriguez-netapp Can you get the resource group information in another way (for example, az group list --query "[?name=='RG_name']")? From your error, it appears that the error occurred when serializing the return value. Thank you!

My ansible playbooks are currently all using raw AWS CLI queries. My assignment is to look into the possibility of transitioning to using the azure collections so that we can stop using az login and rely on using environment variable-based authentication.

Right now, we're currently doing the existence check like this:

    - name: Query for existing resource group
      ansible.builtin.command: >
        az group show --name {{ az_rg_name }}
      register: azure_existing_rg_query
      failed_when: 'azure_existing_rg_query.rc != 0 and "ResourceGroupNotFound" not in azure_existing_rg_query.stderr'

This is the original query which I'm trying to convert with the task that is now failing.

@mila-rodriguez-netapp Ok, thank you very much for your feedback. In addition, I see that you specified I(auth_source=env), could you please provide the information displayed by 'export', thank you!

/ansible # export
export AZURE_CLIENT_ID='*** REDACTED ***'
export AZURE_SECRET='*** REDACTED ***'
export AZURE_SUBSCRIPTION_ID='*** REDACTED ***'
export AZURE_TENANT='*** REDACTED ***'
export GPG_KEY='*** REDACTED ***'
export HOME='/root'
export HOSTNAME='be3610574f34'
export OLDPWD='/root'
export PATH='/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
export PWD='/ansible'
export PYTHON_SHA256='9cf9427bee9e2242e3877dd0f6b641c1853ca461f39d6503ce260a59c80bf0d9'
export PYTHON_VERSION='3.13.1'
export SHLVL='1'
export TERM='xterm'

The values in the AZURE_* env vars are for a service principal -- not sure if that makes a difference. In the CLI-based workflows I do a az login --service-principal ... with these same values.

@Fred-sun
Copy link
Collaborator

Fred-sun commented Jan 3, 2025

@mila-rodriguez-netapp Could you please provide some information about az group show --name rg_name? Thank you!

@mila-rodriguez-netapp
Copy link
Author

@mila-rodriguez-netapp Could you please provide some information about az group show --name rg_name? Thank you!

For a non-existent group:

/ansible # az group show --name test
(ResourceGroupNotFound) Resource group 'test' could not be found.
Code: ResourceGroupNotFound
Message: Resource group 'test' could not be found.

For an existent group:

/ansible # az group show --name cloud-shell-storage-eastus
{
  "id": "/subscriptions/*** REDACTED ***/resourceGroups/cloud-shell-storage-eastus",
  "location": "eastus",
  "managedBy": null,
  "name": "cloud-shell-storage-eastus",
  "properties": {
    "provisioningState": "Succeeded"
  },
  "tags": null,
  "type": "Microsoft.Resources/resourceGroups"
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
medium_priority Medium priority question Further information is requested work in In trying to solve, or in working with contributors
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Fred-sun @mila-rodriguez-netapp