Ansible Automation Platform - Installing "azure-cli" via yum is failing looking for python-dnf

Question

I'm migrating a playbook from Ansible Tower to Ansible Automation Platform 4.3 that interacts with Azure DevOps. As such I need to install azure-cli for later commands, but it's failing.

- name: Install the application package (RedHat)
  # package:
  yum:
    name: "{{ azure_package_name }}"
    state: present

Note I've tried package, then yum, but always get this error message:

fatal: [localhost]: FAILED! => {"changed": false, "msg": "Could not import the dnf python module using /usr/bin/python (3.9.13 (main, Nov 9 2022, 13:16:24) [GCC 8.5.0 20210514 (Red Hat 8.5.0-15)]). Please install python3-dnf or python2-dnf package or ensure you have specified the correct ansible_python_interpreter. (attempted ['/usr/libexec/platform-python', '/usr/bin/python3', '/usr/bin/python2', '/usr/bin/python'])", "results": []}

I know AAP runs in Execution Environments now, I'm using the Automation Hub Default execution environment and talking to a RHEL system (the controller node itself.)

I don't think I should have to manipulate the EE, so was thinking any dependency can be installed within the playbook itself. What am I doing wrong?

Tried switching "package" to "yum", failed. Tried installing azure-cli via yum directly to the server, this succeeded, but I still get the same failure message from the playbook. I've been wondering ways I should just run "yum install azure-cli" natively, bypassing the need for this python module.

I'm expecting it will be able to install azure-cli or detect it's already installed.

Answer 1

You can directly make use of Azure CLI task in your Azure DevOps pipeline and run your ansible commands or add azure-cli installation commands in your ansible playbook itself and run it in the Devops pipeline like below:-

My ansible playbook stored in Azure Repos:-

install_azure_cli.yml:-

---
- hosts: localhost
  gather_facts: no
  tasks:
    - name: Install Azure CLI
      become: yes
      become_user: root
      apt:
        name: apt-transport-https
        state: present

    - name: Add Microsoft GPG key
      become: yes
      become_user: root
      apt_key:
        url: https://packages.microsoft.com/keys/microsoft.asc
        state: present

    - name: Determine distribution release
      command: lsb_release -cs
      register: distribution_release
      changed_when: false
      check_mode: no

    - name: Add Azure CLI Repository
      become: yes
      become_user: root
      apt_repository:
        repo: "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ {{ distribution_release.stdout }} main"
        state: present
        filename: azure-cli

    - name: Update apt cache
      become: yes
      become_user: root
      apt:
        update_cache: yes

    - name: Install Azure CLI
      become: yes
      become_user: root
      apt:
        name: azure-cli
        state: latest

My Azure DevOps pipeline:-

In this yaml code I am using Azure CLI task as well as I am running my ansible-playbook by installing Ansible via python. You can use any one method according to your requirement.

trigger:
- master

pool:
  vmImage: 'ubuntu-latest'

steps:

- task: UsePythonVersion@0
  displayName: 'Install Python'
  inputs:
    versionSpec: '3.9'

- task: AzureCLI@2
  displayName: 'Azure CLI'
  inputs:
    azureSubscription: 'ansible'
    scriptType: 'bash'
    scriptLocation: 'inlineScript'
    inlineScript: |
      echo "##vso[task.setvariable variable=ARM_SUBSCRIPTION_ID]$(az account show --query="id" -o tsv)"
      echo "##vso[task.setvariable variable=ARM_CLIENT_ID]${servicePrincipalId}"
      echo "##vso[task.setvariable variable=ARM_CLIENT_SECRET]${servicePrincipalKey}"
      echo "##vso[task.setvariable variable=ARM_TENANT_ID]${tenantId}"
    addSpnToEnvironment: true
- script: pip install ansible
  displayName: 'Install Ansible'

- script: pip install -r https://raw.githubusercontent.com/ansible-collections/azure/dev/requirements-azure.txt
  displayName: 'Install Azure modules needed'

- script: ansible-galaxy collection install azure.azcollection
  displayName: 'Install Ansible Azure Collection'
  
# - script: ansible-playbook -i inv site.yml
#   displayName: 'Run Ansible Playbook'
#   env:
#     AZURE_CLIENT_ID: $(ARM_CLIENT_ID)
#     AZURE_SECRET: $(ARM_CLIENT_SECRET)
#     AZURE_TENANT: $(ARM_TENANT_ID)
#     AZURE_SUBSCRIPTION_ID: $(ARM_SUBSCRIPTION_ID)

- script: ansible-playbook -i inv install_azure_cli.yml
  displayName: 'Run Ansible Playbook'
  env:
    AZURE_CLIENT_ID: $(ARM_CLIENT_ID)
    AZURE_SECRET: $(ARM_CLIENT_SECRET)
    AZURE_TENANT: $(ARM_TENANT_ID)
    AZURE_SUBSCRIPTION_ID: $(ARM_SUBSCRIPTION_ID)

Output:-