OK, further testing leads me to understand that @DomaNitro is correct in that it's not the script
module itself per-say that requires python, but the creates
option in particular, because that uses a stat
python script.
However, things still seem to work fine because in the initial check for the creates
marker file, ansible will do: /usr/bin/python /home/plyons/.ansible/tmp/ansible-tmp-1396271950.37-134911276396535/stat
, which will fail because /usr/bin/python
is not present, but that's fine because we want the script to run anyway.
Once my ansible_prereqs.sh
script runs, ansible's stat
module will start working because /usr/bin/python
is now installed, so subsequent reruns will see the marker file exists and bypass the script.
So I don't need to implement the creates
logic in my shell script code. Here's my final working playbook:
---
-
hosts: all
gather_facts: no
sudo: yes
tasks:
-
name: install ansible prerequisites
script: ansible_prereqs.sh creates=/root/.ansible_prereqs_installed
And here's the script it runs ansible_prereqs.sh
:
#!/bin/bash
set -e
apt-get -qq update
apt-get -qq --yes install python python-apt python-pycurl sshpass
touch /root/.ansible_prereqs_installed
Here's some ansible-playbook -vvv
output with explanatory comments added.
<10.9.8.31> ESTABLISH CONNECTION FOR USER: plyons
#Not sure exactly what this does, but presumably some basic
#bootstrap sanity checking
<10.9.8.31> EXEC ['ssh', '-C', '-tt',
'-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o',
'ControlPath=/Users/plyons/.ansible/cp/ansible-ssh-%h-%p-%r', '-o',
'StrictHostKeyChecking=no', '-o', 'KbdInteractiveAuthentication=no',
'-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-
keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o',
'ConnectTimeout=10', '10.9.8.31', "/bin/sh -c 'mkdir -p
$HOME/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174 && chmod
a+rx $HOME/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174 &&
echo $HOME/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174'"]
#OK the "creates" option causes ansible to upload the "stat"
#python program
<10.9.8.31> PUT
/var/folders/n4/8skjkv9s5hbc4t5r0tr0xrk80000gn/T/tmp5CVz6i TO
/home/plyons/.ansible/tmp/ansible-
tmp-1396273094.39-170062058638174/stat
#Then ansible attempts to run it with /usr/bin/python
#This fails but ansible seems to proceed anyway, which is OK
<10.9.8.31> EXEC ['ssh', '-C', '-tt', '-q', '-o', 'ControlMaster=auto', '-o',
'ControlPersist=60s', '-o', 'ControlPath=/Users/plyons/.ansible/cp
/ansible-ssh-%h-%p-%r', '-o', 'StrictHostKeyChecking=no', '-o',
'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications
=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o',
'PasswordAuthentication=no', '-o', 'ConnectTimeout=10', '10.9.8.31',
'/bin/sh -c \'sudo -k && sudo -H -S -p "[sudo via ansible,
key=llljvkxiztigvqonzohgzwwekusxtprk] password: " -u root /bin/sh -c
\'"\'"\'echo SUDO-SUCCESS-llljvkxiztigvqonzohgzwwekusxtprk;
/usr/bin/python /home/plyons/.ansible/tmp/ansible-
tmp-1396273094.39-170062058638174/stat\'"\'"\'\'']
#Now ansible uploads my script
<10.9.8.31> PUT
/Users/plyons/projects/redacted/deploy/ansible_prereqs.sh
TO /home/plyons/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174/ansible_prereqs.sh
#Then it marks it executable
<10.9.8.31> EXEC ['ssh', '-C',
'-tt', '-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s',
'-o', 'ControlPath=/Users/plyons/.ansible/cp/ansible-ssh-%h-%p-%r',
'-o', 'StrictHostKeyChecking=no', '-o',
'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications
=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o',
'PasswordAuthentication=no', '-o', 'ConnectTimeout=10', '10.9.8.31',
u'/bin/sh -c \'sudo -k && sudo -H -S -p "[sudo via ansible,
key=cgmwlvtjoxuighdqujwmmpvioiumveac] password: " -u root /bin/sh -c
\'"\'"\'echo SUDO-SUCCESS-cgmwlvtjoxuighdqujwmmpvioiumveac; chmod +rx
/home/plyons/.ansible/tmp/ansible-
tmp-1396273094.39-170062058638174/ansible_prereqs.sh\'"\'"\'\'']
#Then it runs it
<10.9.8.31> EXEC ['ssh', '-C', '-tt', '-q', '-o',
'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o',
'ControlPath=/Users/plyons/.ansible/cp/ansible-ssh-%h-%p-%r', '-o',
'StrictHostKeyChecking=no', '-o', 'KbdInteractiveAuthentication=no',
'-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-
keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o',
'ConnectTimeout=10', '10.9.8.31', u'/bin/sh -c \'sudo -k && sudo -H -S
-p "[sudo via ansible, key=cqqswbszbeabpclraxsxwzzatbolgmgf] password:
" -u root $SHELL -c \'"\'"\'echo SUDO-SUCCESS-
cqqswbszbeabpclraxsxwzzatbolgmgf; /home/plyons/.ansible/tmp/ansible-
tmp-1396273094.39-170062058638174/ansible_prereqs.sh \'"\'"\'\'']
#Then it deletes it
<10.9.8.31> EXEC ['ssh', '-C', '-tt',
'-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o',
'ControlPath=/Users/plyons/.ansible/cp/ansible-ssh-%h-%p-%r', '-o',
'StrictHostKeyChecking=no', '-o', 'KbdInteractiveAuthentication=no',
'-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-
keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o',
'ConnectTimeout=10', '10.9.8.31', "/bin/sh -c 'rm -rf
/home/plyons/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174/
>/dev/null 2>&1'"]