Refactor to support Ansible 2.8

[jackivanov]

Upgrades and Fixes

• Upgrade to Ansible 2.8.3
• Upgrade to Python 3
• Big documentation changes

Cloud provider changes

• Add a new cloud provider - Hetzner Cloud. (Fixes Add Hetzner Cloud #988)
• Fix Scaleway instance creating issue. (Fixes Instance creation issue(Scaleway) #1502)
• Remove deprecated DigitalOcean (Fixes Digital Ocean Droplet creation failed with DoError: found unpermitted parameters: virtio #1571) and GCE modules

Breaking changes

• python virtual environment location is now .env
• GCE: from now, the installer expects you to specify a region (eg: us-east1), instead of a zone (eg: us-east1-a).

Types of changes

• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

• I have read the CONTRIBUTING document.
• My code follows the code style of this project.
• I have updated the documentation accordingly.
• All new and existing tests passed.

[davidemyers]

I tried a few tests. Starting with a new Ubuntu Server 19.04 container I ran cloud deployments to Vultr and DigitalOcean. Then I created an Ubuntu Server 19.04 droplet on DigitalOcean and did a local install. All tested fine using WireGuard on iOS.

[phaer]

Besides adding the api-token to the 2 places described, I had to add a tasks in roles/common/tasks/ubuntu.yaml to wait for unattended-upgrades to finish, which seemed to start as soon as the hcloud server had been provisioned:

    - name: Wait for any possibly running unattended upgrade to finish
      raw: systemd-run --property="After=apt-daily.service apt-daily-upgrade.service" --wait /bin/true
 
    - name: Install software updates

After that it worked fine.

[jackivanov]

Thanks @phaer! Somehow I missed the api tokens. I just sent another solution for the apt lock, works well.

[phaer]

I just sent another solution for the apt lock, works well.
Ah yes, thanks! My ansible skills are a bit rusty, didn't think about that.

[davidemyers]

An Ubuntu Server 18.04 droplet local install works OK too.

[davidemyers]

Also, just for "fun", an Ubuntu Server 19.04 droplet local install works if you replace python with python3 in the setup instructions. 😄

[TC1977]

Update docs?

[jackivanov]

@TC1977 I would appreciate your help :) I guess, you can commit directly to this branch?

[TC1977]

Working on it now 😄 I can't commit directly, but I can submit a PR to this branch.

[jackivanov]

Yes, that's OK

[TC1977]

Ok, I think I'm all set. #1552

[davidemyers]

A cloud deployment from an Ubuntu Server 19.04 container to DigitalOcean using python3 works with these new DO modules.

It works if LANG=C.UTF-8 but fails if LANG="en_US.UTF-8" on this bit where the p12 password is generated:

openssl rand 8 |
      python -c 'import sys,string; chars=string.ascii_letters + string.digits + "_@"; print("".join([chars[ord(c) % 64] for c in list(sys.stdin.read())]))'

Edited to add: On Ubuntu Server 18.04 I needed to use LANG=C.

[davidemyers]

A cloud deployment from macOS 10.14.6 to DigitalOcean using python3 and LANG=C.UTF-8 also works.

Since I already had Homebrew installed I set up the dependencies like this:

brew install python
python3 -m pip install --upgrade virtualenv # Don't need --user

I think when the time comes to move to python3 the instructions for macOS users might want to include both using Homebrew and installing the official Python 3 package as options. Homebrew is convenient but if you're not already using it it's kind of a big dependency. Though I wonder if the official Python 3 package will require updating the certificate store like the Python 2 package does, as discussed in #1545.

Edited to add one more note about Python 3: When running a local or DO deploy on Ubuntu the only prerequisite package I needed to install was python3-virtualenv. That's a considerable reduction in required packages for those doing cloud deploys.

[jackivanov]

@davidemyers I think we need to address python3 in a separate issue

[davidemyers]

@jackivanov I agree, I was just curious to know what already worked and thought I'd record what I found in case it's useful later.

[jackivanov]

Actually, I'd like to switch to python3 in this pr, so still work in progress

[davidemyers]

I'm not a Python expert, but I think PEP 538 explains the issue with generating the p12 password in Python 3. This works at the command line on 18.04, 19.04, and macOS:

openssl rand 8 | LANG=C python3 -c 'import sys,string; chars=string.ascii_letters + string.digits + "_@"; print("".join([chars[ord(c) % 64] for c in list(sys.stdin.read())]))'

I haven't tried it this way yet when invoked from Ansible.

[davidemyers]

algo needs env -> .env. After being reverted, I guess.

[bhawkins]

I just installed from this branch on WSL, though I had to patch an Ansible script:

$ diff -Naur .env/lib/python3.5/site-packages/ansible/modules/cloud/digital_ocean/di
gital_ocean_sshkey.py{.orig,}
--- .env/lib/python3.5/site-packages/ansible/modules/cloud/digital_ocean/digital_ocean_sshkey.py.orig   2019-08-31 15:01:22.606761500 -0700
+++ .env/lib/python3.5/site-packages/ansible/modules/cloud/digital_ocean/digital_ocean_sshkey.py        2019-08-31 15:02:23.758253300 -0700
@@ -107,7 +107,7 @@
                 return json.loads(self.info["body"])
             return None
         try:
-            return json.loads(self.body)
+            return json.loads(self.body.decode())
         except ValueError:
             return None

[jackivanov]

It appears that the minimum required version of python should be 3.6, and it seems like ubuntu 16.04 is incompatible now

[davidemyers]

You should also remove the sentence that starts with "On Ubuntu 16.04 LTS ..." that I recently added to the README.

[davidemyers]

This branch works again without library/digital_ocean_droplet.py.

[btonic]

Could this be simplified to the following?:

module.exit_json(**dict(resources=items.get('items', [])))

[btonic]

I think we could make this a little more concise with list comprehensions:

def query_options(filters):
    if not filters:
        return ''
    elif len(filters) == 1:
        return filters[0]
    else:
        return ' '.join(
            filter if (filter.startswith('(') and filter.endswith(')'))
                   else f"({filter})"
            for filter in filters
        )

[btonic]

Actually, the first two cases are implicitly handled if we turn it into a generator:

def query_options(filters):
    return ' '.join(
        filter if (filter.startswith('(') and filter.endswith(')'))
               else f"({filter})"
        for filter in filters
    )

[btonic]

we can merge these together:

if response.status_code in (404, 204,):
    return None

[reaperhulk]

Thanks for your contribution! I have sanity checked this patch and tried to look through it. To the extent that it's possible to review this looks okay, but in the future it would be much easier to do a thorough review job without putting so many distinct changes in a PR.

Ideally each of the changes listed in this PR would have been a separate PR, so instead of one 2000 line diff we'd be looking at ~8 separate PRs, each with manageable diff sizes.

@btonic provided some review feedback that it would be nice to see in a followup PR as well, but for now we'll merge the changes. Thanks again for your work!