ansible-builder 3.x does not copy the content of dependency files right

[erlingtonjcardoza]

Was able to reproduce this error on all 3.x versions.

When running ansible-builder build or ansible-builder create, the files in the dependencies are not filled in correctly causing this error:

#15 [galaxy 5/6] RUN ansible-galaxy role install  -r requirements.yml --roles-path "/usr/share/ansible/roles"
#15 0.399 ERROR! Expecting requirements yaml to be a list or dictionary but got str
#15 ERROR: process "/bin/sh -c ansible-galaxy role install $ANSIBLE_GALAXY_CLI_ROLE_OPTS -r requirements.yml --roles-path \"/usr/share/ansible/roles\"" did not complete successfully: exit code: 1
------
 > [galaxy 5/6] RUN ansible-galaxy role install  -r requirements.yml --roles-path "/usr/share/ansible/roles":
0.399 ERROR! Expecting requirements yaml to be a list or dictionary but got str
------

 4 warnings found (use docker --debug to expand):
 - FromAsCasing: 'as' and 'FROM' keywords' casing do not match (line 49)
 - FromAsCasing: 'as' and 'FROM' keywords' casing do not match (line 70)
 - FromAsCasing: 'as' and 'FROM' keywords' casing do not match (line 10)
 - FromAsCasing: 'as' and 'FROM' keywords' casing do not match (line 31)
Dockerfile:45
--------------------
  43 |     
  44 |     RUN mkdir -p /usr/share/ansible
  45 | >>> RUN ansible-galaxy role install $ANSIBLE_GALAXY_CLI_ROLE_OPTS -r requirements.yml --roles-path "/usr/share/ansible/roles"
  46 |     RUN ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path "/usr/share/ansible/collections"
  47 |     
--------------------
ERROR: failed to solve: process "/bin/sh -c ansible-galaxy role install $ANSIBLE_GALAXY_CLI_ROLE_OPTS -r requirements.yml --roles-path \"/usr/share/ansible/roles\"" did not complete successfully: exit code: 1

The content of each file is its path instead of its content

bindep.txt
builder/dependencies/bindep.txt

requirements.txt
builder/dependencies/requirements.txt

requirements.yml
builder/dependencies/requirements.yml

Dir structure

context/
├── Dockerfile
└── _build
    ├── bindep.txt
    ├── requirements.txt
    ├── requirements.yml
    └── scripts
        ├── assemble
        ├── check_ansible
        ├── check_galaxy
        ├── entrypoint
        ├── install-from-bindep
        ├── introspect.py
        └── pip_install

Real content of the dependency files

bindep.txt
python3-devel [platform:rpm compile]
gcc [platform:rpm compile]
gcc-c++ [platform:rpm compile]
subversion [platform:rpm]
subversion [platform:dpkg]
git-lfs [platform:rpm]

requirements.txt
ansible-builder>=3.0.0

requirements.yml
---
collections:
  - name: community.hashi_vault
  - name: community.general
  - name: community.windows
  - name: infoblox.nios_modules

execution-environment.yml

---
version: 3

images:
  base_image:
    name: quay.io/ansible/awx-ee:latest

build_arg_defaults:
  ANSIBLE_GALAXY_CLI_COLLECTION_OPTS: --ignore-certs

dependencies:
  ansible_core:
    package_pip: ansible-core>=2.15.13
  ansible_runner:
    package_pip: ansible-runner>=2.4.0
  system:
  - builder/dependencies/bindep.txt
  python:
  - builder/dependencies/requirements.txt
  galaxy:
  - builder/dependencies/requirements.yml

additional_build_steps:
  prepend_base:
  - WORKDIR /build
  - ENV OKTA_CLI_VERSION=0.7.20240423-190427.c88a8ae
  - ENV VAULT_VERSION=1.16.2
  - ENV VAULT_BIN=/awx/projects/bin/vault
  append_final:
  - WORKDIR /build
  - RUN yum install -y yum-utils unzip sudo
  - RUN yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
  - RUN pip3 install pymongo hvac infoblox-client
  - RUN curl -o /tmp/vault.zip "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" && cd /tmp && unzip /tmp/vault.zip
  - RUN mkdir -p /awx/projects/bin /var/lib/awx/projects/bin
  - RUN cp /tmp/vault ${VAULT_BIN}
  - RUN rm -f vault*
  - RUN ln -s ${VAULT_BIN} /var/lib/awx/projects/bin/
  - RUN curl -L "https://repo.splunkdev.net/artifactory/generic/okta-cli/${OKTA_CLI_VERSION}/linux/okta-artifactory-login" --output /okta-artifactory-login
  - RUN chmod 755 /okta-artifactory-login
  - ENV PATH="${PATH}:/awx/projects/bin"

Workaround

• Do ansible-builder create to create the context
• Copy the files inside context/_build
• Run docker build <options> context/

[sivel]

The dependencies structure you have provided does not match the documentation:

python - This may either be a filename, or a list of requirements
galaxy - This may be a filename, a dictionary, or a multi-line string representation of an Ansible Galaxy requirements.yml file
system - This may either be a filename, or a list of requirements

In all cases, you can either provide a string of just a filename, or a datastructure representative of the contents of the dependency file.

As such, your dependencies should look like the following:

dependencies:
  ansible_core:
    package_pip: ansible-core>=2.15.13
  ansible_runner:
    package_pip: ansible-runner>=2.4.0
  system: builder/dependencies/bindep.txt
  python: builder/dependencies/requirements.txt
  galaxy: builder/dependencies/requirements.yml

When you provide something other than a string of the filename, the contents get inserted into the file as you have seen.