18:00:05 <felixfontein> #startmeeting Ansible Community Meeting
18:00:05 <zodbot> Meeting started Wed Apr 13 18:00:05 2022 UTC.
18:00:05 <zodbot> This meeting is logged and archived in a public location.
18:00:05 <zodbot> The chair is felixfontein. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions.
18:00:05 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
18:00:05 <zodbot> The meeting name has been set to 'ansible_community_meeting'
18:00:06 <felixfontein> #topic Agenda https://github.com/ansible/community/issues/645
18:00:06 <felixfontein> acozine andersson007_ baptistemm bcoca briantist cyberpear cybette dericcrago dmsimard felixfontein geerlingguy gundalow gwmngilfen ikhan_ jillr jtanner lmodemal misc nitzmahone resmo samccann tadeboro cidrblock thaumos zbr: ping!
18:00:09 <felixfontein> #info Agenda: https://github.com/ansible/community/issues/645 / Topics: https://github.com/ansible-community/community-topics
18:00:12 <felixfontein> #topic Updates
18:00:14 <briantist> o/
18:00:17 <jillr> o/
18:00:22 <felixfontein> #chair briantist jillr
18:00:22 <zodbot> Current chairs: briantist felixfontein jillr
18:00:26 <gundalow> o/
18:00:30 <acozine> o/
18:00:37 * andersson007_ sitting with a sick kid, half here
18:00:40 <cybette> o/
18:00:41 <samccann> o/
18:00:46 <dmsimard> \o
18:00:49 <felixfontein> #chair gundalow acozine andersson007_ cybette samccann dmsimard
18:00:49 <zodbot> Current chairs: acozine andersson007_ briantist cybette dmsimard felixfontein gundalow jillr samccann
18:01:06 <felixfontein> andersson007_: I hope the kid gets well soon!
18:01:33 <andersson007_> felixfontein: thanks!
18:02:08 <gundalow> #info Thanks to the great work by [KeyboardInterrupt](https://github.com/KeyboardInterrupt) we now have [awesome-ansible](https://github.com/ansible-community/awesome-ansible) which has a curated list of cool Ansible projects. You may find something new. Suggestions for things to add, raise a PR!
18:02:15 <felixfontein> #info Ansible 6.0.0b1 and ansible-core 2.13.0b1 have been released. These are the first releases that ship with wheels!
18:02:21 <felixfontein> #undo
18:02:21 <zodbot> Removing item from minutes: INFO by felixfontein at 18:02:15 : Ansible 6.0.0b1 and ansible-core 2.13.0b1 have been released. These are the first releases that ship with wheels!
18:02:25 <felixfontein> #info Ansible 6.0.0a1 and ansible-core 2.13.0b1 have been released. These are the first releases that ship with wheels!
18:02:26 <briantist> shall we vote on whether we wish andersson007_[m] 's kid gets well soon? +1 from me
18:02:31 <briantist> 😜
18:02:41 <felixfontein> briantist: :P
18:02:41 <andersson007_> :)
18:03:39 <cybette> +1 from me too
18:04:00 <acozine> heh
18:04:16 <acozine> definitely +1 on kid feeling better
18:04:31 <felixfontein> #info yesterday's Contributor Summit was a great success!
18:04:46 <felixfontein> (hope nobody disagrees, but I think it's safe to say that :) )
18:04:55 <andersson007_> +1
18:04:58 <dmsimard> I agree
18:05:07 <jillr> definitely agree
18:05:08 <acozine> I missed more of it than I wanted to, but the parts I saw were great
18:05:16 * dmsimard still doesn't understand why his screen was flipped at one point
18:05:35 <cybette> thanks to everyone for your participation!!
18:06:03 <felixfontein> #info community member mariolenz joined the Ansible Community Engineering Steering Committee! Welcome, Mario!
18:06:14 <dmsimard> \o/
18:06:32 * cybette has herself labeled as away on jitsi for the whole event, oh well :)
18:06:37 <cybette> welcome Mario!
18:06:41 <briantist> yay! welcome Mario
18:06:51 <felixfontein> I don't think he's in this room, but maybe he reads the log :)
18:07:07 <andersson007_[m]> congratulations and welcome mariolenz!:)
18:07:18 <acozine> \o/
18:07:42 <briantist> it'll be on record that he was welcomed darn it! 😤
18:08:06 <felixfontein> yep
18:08:49 <felixfontein> #info if anyone else has change requests for https://github.com/ansible-collections/overview/pull/201 (Describe how collections can be removed from the Ansible package) please voice them ASAP, I'll probably start a vote on this tomorrow
18:09:17 <felixfontein> this is supposed to be a first version that should be extended, so no need to propose to add more sections ;)
18:09:39 <felixfontein> so, does anyone want to talk about a specific topic today?
18:11:36 <andersson007_> i've just sent Mario the agenda issue link to find the logs later
18:11:37 <felixfontein> if nobody is proposing something, I think I have something for a discussion
18:11:54 <acozine> sounds good, what's the topic?
18:12:06 <briantist> go4it
18:12:29 <felixfontein> some years ago (?) it was decided at the public ansible meeting that all env variables Ansible uses (that included plugins and modules) should start with ANSIBLE_ if there wasn't a good reason why they shouldn't
18:12:57 <briantist> oh this is a good one... very relevant to me...
18:13:11 <felixfontein> unfortunately AWX seems to have decided that env variables starting with ANSIBLE_ are special and cannot be used for some things, like configuring inventory plugins
18:13:36 <felixfontein> which is quite a problem, since it apparently prevents that inventory plugins sticking to that rule can be properly used with AWX
18:13:47 <felixfontein> (just got reminded of this mess today when https://github.com/ansible-collections/community.general/issues/4501 was filed)
18:14:35 <briantist> relevant issues from `community.hashi_vault`:
18:14:36 <briantist> - https://github.com/ansible-collections/community.hashi_vault/issues/49
18:14:36 <felixfontein> I guess for non-inventory plugins the workaround is to use Ansible variables, but that doesn't work for inventory plugins
18:14:36 <briantist> - https://github.com/ansible-collections/community.hashi_vault/issues/85
18:14:53 <felixfontein> I'm pretty sure there are more such issues/discussions in other collection repos
18:15:00 <remindbot[m]> @cybette:ansible.im cyb-clock chimes every 15 minutes during the community meeting
18:15:49 <briantist> yeah, AWX users come to us, AWX will not change their stance on it (there may be a justifiable reason for it), so it leads to some conflict
18:15:53 <felixfontein> thanks for coming up with these links briantist!
18:16:16 <felixfontein> indeed
18:16:17 <briantist> I was able to work around it for those users with Ansible vars luckily (which was something I wanted anyway so it worked out)
18:16:53 <felixfontein> did anyone else here encounter this problem?
18:17:01 <briantist> but yeah, inventory plugins are a different story I suppose... can they not use ansible vars at all?
18:18:16 <felixfontein> I'd think so, though *maybe* they can use vars defined for the `all` group
18:19:03 <felixfontein> since inventory plugins define groups and hosts you cannot use vars specific to groups and hosts (except possibly for the 'all' group, though I somehow doubt this)
18:19:14 <briantist> I had assumed that the AWX vars would be set as extra vars
18:19:32 <briantist> it refers specifically to the AWX "secrets" injection IIRC
18:20:59 <briantist> the PR where it was introduced (or more accurately, enforced): https://github.com/ansible/awx/pull/2363
18:21:03 <felixfontein> it seems to be forbidden for secrets, which is kind of bitter since that's exactly what you don't want to store in a YAML file on disk (in the inventory configuration) if possible
18:22:24 <felixfontein> though they probably didn't work before that PR, according to its description before they simply weren't injected, and that PR disallows them to be added in the first place (to save people from trying to figure out why it isn't working)
18:22:40 <briantist> right
18:25:07 <briantist> if I understand the AWX team's concern (and I don't think I do completely), it's that some `ANSIBLE_` vars drastically change the operation of Ansible in ways that might otherwise be restricted by a specific AWX configuration, so it'd be a way for someone who normally wouldn't have permission to change those settings, to workaround it by injecting a "secret"
18:25:26 <briantist> but I don't use AWX so I have very little familiarity with it
18:25:41 <felixfontein> https://meetbot.fedoraproject.org/ansible-meeting/2019-02-26/ansible_core_irc_public_meeting.2019-02-26-19.02.html / https://github.com/ansible/ansible/issues/52967#issuecomment-467588878 that's where this originally came from
18:26:12 <felixfontein> I also don't use AWX
18:26:34 <felixfontein> hmm
18:26:52 <felixfontein> maybe we need to discuss this in https://github.com/ansible-community/community-topics/, in the hope that more than us two will write something :)
18:27:03 <briantist> good idea :)
18:27:49 <briantist> and thanks for those links, I recognized the prefix as a convention, and it's why I wrote https://github.com/ansible-collections/community.hashi_vault/issues/10 (and eventually implemented it), but I wasn't sure there was an actual defined decision anywhere, that's good to know
18:28:59 <felixfontein> I somehow remembered that cyberpear was involved in it, and looked at his PRs in ansible/ansible :)
18:30:01 <remindbot[m]> @cybette:ansible.im cyb-clock chimes every 15 minutes during the community meeting
18:31:23 <briantist> well, I suppose we can move on for now, doesn't seem to be interesting to anyone else 😅
18:31:46 <samccann> heh more like can't really follow it except thar be problems
18:31:50 <jillr> sorry, I have nothing to offer on the topic! :)
18:31:56 * acozine has been pulled into production problems again, sorry
18:32:09 <felixfontein> poor acozine! I hope these problems will stop soon
18:32:12 <samccann> production should know you're busy! ;-)
18:32:27 <felixfontein> (on the other hand, it's a sign that your job is needed, so ... :) )
18:32:28 <acozine> if it ain't one #@$()$# database it
18:32:30 <jillr> the envvars all my collections use for auth are dictated by our sdks, so I haven't encountered the issue
18:32:32 <acozine> it's another
18:33:06 <jillr> hugops to acozine and team  :(
18:33:25 <samccann> hugOps ftw!
18:33:33 <samccann> 🤗
18:33:50 <briantist> speaking of which jillr , I need to follow your collections' use of those vars, because I use (some of) them too, for AWS auth to Vault. Before the collection split I proposed using your doc fragment directly, but went to copying afterwards to avoid inter-collection dependency
18:33:54 * samccann should resist emojis in meetings cuz they are probably useless in irc
18:33:55 <agaffney> Ops folks don't want hugs. we want alcohol and drugs
18:34:02 <samccann> HAH
18:34:16 <briantist> lol 🥂🍻💊
18:34:17 <felixfontein> agaffney: don't always project your own wishes on everyone else :P
18:34:39 <briantist> true, some of us want alcohol AND pancakes 🥞
18:34:42 <agaffney> fine, the majority of Ops folks want alcohol and drugs. there are some weird outliers that actually want the hugs instead
18:34:52 <agaffney> or pancakes :)
18:35:06 <felixfontein> pancakes <3
18:35:25 <samccann> ansible pancakes
18:35:32 <briantist> hugs pair better with alcohol than pancakes though, ime
18:35:34 <felixfontein> fortunately I just had dinner, so I'm not hungry :)
18:35:37 <jillr> briantist: we dont change the underlying module utils much and treat them as reusable by third party collections if you're making use of them
18:36:00 <jillr> let's move on from conversations about alcohol plus physical contact please
18:36:10 <felixfontein> jillr: I'd still avoid adding a collection deps just for one docs fragment :)
18:36:17 <briantist> yeah, but if I do that, installing `community.hashi_vault` will require installing a much larger collection, just for vars :-/
18:36:25 <jillr> felixfontein: oh absolutely if it's just the documentation, agreed
18:36:48 <samccann> is it worth moving that into ansible.utils or something? Common enuf that other collections might want to use it?
18:36:56 <samccann> not to make extra work for jillr...
18:37:00 <briantist> it's also for the `env:` entries for plugins, so not quite only documentation
18:37:05 <felixfontein> samccann: then both collections would have to depend on that one ;)
18:37:11 <briantist> but nah, I don't think it needs to be moved
18:37:14 <jillr> briantist: we've talked about (and to date, declinded) to move some of the amazon.aws module utils to cloud.common, if you have a good use case though it would be good to chat about - maybe in the AWS monthly irc meeting?
18:37:20 <briantist> I just need to pay attention to changes
18:37:20 <samccann> true but figured it was a smaller one
18:37:59 <briantist> it's ok, I'm good for now, thanks :)
18:38:05 <jillr> #info AWS community meeting in #/amazon-aws, agenda: https://github.com/ansible/community/issues/654
18:38:13 <felixfontein> samccann: after spending some time trying to get rid of collection deps due to quite some problems, I'm really cautious of adding new ones :)
18:38:25 <samccann> heh. good to know
18:38:39 <felixfontein> it's great that there's now a AWS community meeting! (even though I don't have time for it)
18:38:40 <briantist> thanks for the link! I will at least subscribe to that in case any topics come up that I'm interested in
18:43:11 <gundalow> jillr: Has the new AWS meeting been announced in The Bullhorn (couple of lines of markdown in  #social:ansible.com will do the trick, link to raw ICS and agenda)
18:43:23 <cybette> yes
18:43:45 <cybette> in bullhorn 51 https://mailchi.mp/redhat/the-bullhorn-51
18:44:04 <gundalow> Brilliant, thanks
18:44:18 <gotmax> I'm not part of the steering committee, but I was wondering if I could bring up https://github.com/ansible-community/community-topics/issues/84.
18:44:24 <jillr> gundalow: yes, but I think we missed adding the new amazon.cloud collection announcement yesterday so thank you for the reminder
18:44:26 <cybette> of course we can do a reminder before the next meeting :)
18:44:40 <gotmax> For context, I am one of the co-maintainers of ansible in Fedora
18:44:54 <briantist> hi gotmax ! welcome, this meeting isn't only for steering committee members :)
18:45:00 <remindbot[m]> @cybette:ansible.im cyb-clock chimes every 15 minutes during the community meeting
18:45:15 <gotmax> Thanks :)
18:47:16 <gotmax> It would make maintaining the package easier and lead to more timely updates of the package if we weren't tied to the latest version of ansible-core
18:48:19 <briantist> I was a little unsure in my first comment on that issue, but the more I think about it, the more I think it's a bad idea
18:48:35 <felixfontein> I created https://github.com/ansible-community/community-topics/issues/88 for the topic we discussed initially
18:48:52 <briantist> installing "ansible 5.5.0" from different places and getting different content just seems like it's asking for trouble
18:49:31 <briantist> thanks felixfontein
18:49:31 <dmsimard> You'd be surprised at the tradeoffs in distribution packaging
18:49:39 <felixfontein> gotmax: do you mention this because of the problem in Fedora that ansible-core is updated apparently slower than Ansible?
18:50:14 <gotmax> The only reason this is such an issue in Fedora is that we have a Python dependency generator that actually follows upstream version constraints
18:50:50 <gotmax> For Fedora we can work around it by updating them at the same time
18:51:00 <gotmax> It's more of an issue for EPEL
18:51:26 <gotmax> Because the RHEL ansible-core package tends to lag behind a little
18:51:39 <felixfontein> ah, so ansible-core comes from EPEL, but ansible does not?
18:51:49 <gotmax> Other way around
18:52:01 <felixfontein> ah
18:52:29 <dmsimard> ansible-core started shipping in rhel and centos stream
18:52:29 <gotmax> Our options are to delay updating ansible or disregard upstream's version constraints
18:52:37 <gotmax> dmsimard: yes
18:52:47 <gotmax> Currently, we still have 2.9.x in EPEL
18:52:47 <felixfontein> I would have expected that both are probably packaged by the same folks and they are in the same repo, so I was a bit surprised that one is getting out faster than the other :)
18:53:10 <gotmax> But we would like to update
18:53:19 <felixfontein> which is a good idea, 2.9.x is EOL soon :)
18:53:28 <felixfontein> (at least for non-paying customers and community)
18:53:29 <gotmax> Yes :)
18:53:53 <dmsimard> felixfontein: I had a whole presentation yesterday to point out the fragmentation across distros :p
18:54:14 <felixfontein> dmsimard: I don't remember all details from it anymore :)
18:54:24 <gotmax> Our other option is to just completely retire ansible in EPEL
18:54:55 <gotmax> That is our current plan, but I would like to see if we could get ansible 5.x packaged in EPEL.
18:55:02 <felixfontein> would it be possible to simply relax the dependency for ansible in EPEL a bit so it is >= the latest one available in RHEL at the time of release?
18:55:30 <gotmax> Yes, we could do that
18:55:31 <felixfontein> which is hopefully at most one patch level before the dependency that the upstream ansible package has
18:56:01 <gotmax> Yes, I believe it's currently 2.12.3
18:56:05 <felixfontein> I think that would be a lot better than not having ansible at all, or delaying it
18:56:06 <dmsimard> I'm interested in the topic but got to step away, will catch up
18:56:24 <felixfontein> (of course if we would decide to relax the upstream dependency then you can also do that ;) )
18:56:39 <gotmax> Yeah, I agree with your first point
18:56:53 <felixfontein> one problem that this approach has though is what samccann wrote here: https://github.com/ansible-community/community-topics/issues/84#issuecomment-1098376071
18:57:16 <felixfontein> if you see that the 5.5.0 changelog claims that bug X was fixed, but if you install 5.5.0 from EPEL and it still has bug X, that's not good
18:57:19 <briantist> while I won't pretend to understand the difficulties and tradeoffs of distro packaging, I am sympathetic to them. But I personally can't get over the issue of having different content, missing bugfixes, etc. while documentation and changelogs will point to those things being included. To me that's a huge issue...
18:57:47 <felixfontein> (at least there won't be differences in features...)
18:57:53 <gotmax> Isn't the ansible-core changelog separate from the ansible changelog?
18:58:08 <gotmax> dmsimard would know better, but I believe they are separate pages
18:58:24 <felixfontein> they have their own changelog, but the Ansible changelog contains that one, same as the docsite and the porting guide contain the corresponding parts of ansible-core
18:58:54 <felixfontein> see for example https://github.com/ansible-community/ansible-build-data/blob/main/6/CHANGELOG-v6.rst#ansible-core-1
18:58:55 <gotmax> I see
18:59:01 <samccann> could the distribution create its own changelog/porting guides?
19:00:02 <briantist> perhaps, but I assume it will be difficult to get folks to know to look at them. Installing "ansible==5.5.0" and then searching "ansible 5.5.0 changelog" will get the main one most likely
19:00:12 <gotmax> Is there really a separate porting guide for each minor/patch release?
19:00:54 <felixfontein> gotmax: there's an Ansible 6 porting guide, which gets new entries for minor releases since these can deprecate things
19:01:04 <briantist> it'd be better to call the package something else, "fedora-ansible" or something, maybe even different versioning, I dunno
19:01:08 <gotmax> Got it.
19:01:16 <felixfontein> see https://github.com/ansible-community/ansible-build-data/blob/main/5/porting_guide_5.rst#ansible-5-porting-guide for example
19:01:54 <gotmax> I guess we can just keep the ansible package a point release behind
19:01:55 <felixfontein> is it possible to speed up the ansible-core release in RHEL?
19:02:07 <felixfontein> that might be the easiest solution ;)
19:02:09 <gotmax> I don't think it makes sense for us to create a fedora-ansible package
19:02:13 <felixfontein> (next to keeping it behind)
19:02:34 <gotmax> I have no control over RHEL and I'm not sure that's possible
19:02:40 <felixfontein> creating a fedora-ansible package sounds like lots of extra work, I agree that it probably makes no sense
19:02:52 <gotmax> Yup
19:03:02 <felixfontein> do you know who / which teams are responsible for releasing ansible-core in RHEL?
19:03:14 <gotmax> Nope
19:03:21 <felixfontein> maybe the community team can try to find out and reach out to them
19:03:33 <felixfontein> dmsimard: gundalow: ^ sorry for giving you work ;)
19:04:10 <gundalow> :)
19:04:38 <felixfontein> ok, the meeting has been going for over one hour, we should come to an end :)
19:06:08 <felixfontein> #endmeeting