Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lock versions of dependencies #18

Open
ohthehugemanatee opened this issue Jun 16, 2024 · 6 comments
Open

Lock versions of dependencies #18

ohthehugemanatee opened this issue Jun 16, 2024 · 6 comments

Comments

@ohthehugemanatee
Copy link
Contributor

Today I tried running the update playbook and ended up in a broken state because of docker/docker-py#3256 . I suggest pinning versions of the installed packages to avoid this kind of breakage in future.
@shaderecker
Copy link
Owner

Hi @ohthehugemanatee, I welcome the idea in general, but don't really know how it can be implemented efficiently.
Currently we have one pip package here https://github.com/shaderecker/ansible-pihole/blob/master/roles/docker/tasks/main.yaml#L29 (docker)
But only pinning this package alone won't do the trick since indirect dependencies are still not pinned then. Not sure what would be the best approach here, but welcome to ideas.

@bramwalet
Copy link

Hi @shaderecker,

I have stumbled upon your repository while searching for an example setting up Pi-Hole with Ansible. Great work!

I've forked your repository to make some changes of my own. For example, implementing a custom /etc/dnsmasq.d file for wildcard DNS lookups (Local DNS). Also, I've implemented synchronization using Orbital Sync.

My repository can be found here: https://github.com/bramwalet/ansible-pihole-cluster

I got a lot of inspiration watching Jeff Geerlings content and specifically this presentation: https://www.youtube.com/watch?v=kNDL13MJG6Y. I already implemented version locking of all my depencencies. I use the Renovate bot in order to check for the latest version.

Renovate bot:

How to specify versions:

In order for this to work efficiently, I am implementing integration tests using Ansible Molecule. I have a single node setup working currently (See the GitHub Actions tab on my Repo) and working on a clustered version. One issue I'm stumbling upon is the use of ansible_host for the IP address within the Orbital Sync task.

I am also refactoring the playbooks. It looks like your playbooks are written to be performed in a specific sequence (bootstrap-pihole.yaml, keepalived to enable HA, then periodically sync.yaml and update-pihole.yaml).
I am working towards a playbook setup where I define one playbook to cover the entire installation of the Pi including all necessary software (based upon your settings, so HA=true or false), and one playbook (which imports the master playbook) which skips certain roles or tasks (using Ansible tags) in order to update all necessary software (this will skip for example the bootstrap role).

Let me know what you think of my setup!

@shaderecker
Copy link
Owner

Hi @bramwalet,
Thank you for sharing this, it is really cool stuff that you are building there!
I'm looking forward to seeing how the clustered version will work.

Thank you also for the suggestion with renovatebot.
I am wondering if this would also help with this specific problem that @ohthehugemanatee found (pinning the version of the docker pip package and its indirect dependencies)?

bramwalet added a commit to bramwalet/ansible-pihole-cluster that referenced this issue Jun 28, 2024
@bramwalet
Downgrade community.docker version in order to break the build becaus…
90da264 
…e of requests dependency (see shaderecker#18)
@bramwalet
Copy link

bramwalet commented Jun 28, 2024
edited
Loading

Hi @bramwalet, Thank you for sharing this, it is really cool stuff that you are building there! I'm looking forward to seeing how the clustered version will work.

Thanks! I will keep you updated. I committed my work in progress in a separate branch.

I am wondering if this would also help with this specific problem that @ohthehugemanatee found (pinning the version of the docker pip package and its indirect dependencies)?

Ansible collection community.docker has fixed this problem in version 3.10.2, see the release notes:
https://docs.ansible.com/ansible/latest/collections/community/docker/changelog.html#v3-10-2

I've tested this:

  1. I created a separate branch
  2. Triggered a CI run (Lint + Molecule Test) with version 3.10.4 (latest):
    https://github.com/bramwalet/ansible-pihole-cluster/actions/runs/9711370574
  3. I then downgraded community.docker plugin to 3.10.1:
    bramwalet@90da264
  4. Triggered a CI run (Lint + Molecule test), see the result here:
    https://github.com/bramwalet/ansible-pihole-cluster/actions/runs/9711466701
    It then breaks because of the requests problem mentioned in this issue.

However, while running the test against version 3.10.0 of the collection, the build also breaks. It looks like community.docker hasn't fixed their dependency versions (requests) either, so then it won't fix the problem.

@bramwalet
Copy link

bramwalet commented Jun 28, 2024
edited
Loading

I realized community.docker requires requests to be installed, it can be done manually. So in my molecule/prepare.yml and prepare steps for Github Actions, I used to install this using the latest version.
When I specify a version in a requirements.txt file, to the older version 2.31.0, things won't break.

See changes and more changes and build result.

@shaderecker
Copy link
Owner

Ok cool, nice catch! Thank you for testing this so thoroughly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ohthehugemanatee @bramwalet @shaderecker