Is That Really The Latest Version?

Recently, when working on updating our Ansible and Packer automations for building the TeraSky TKG / TCE / TAP Admin VM appliance we encountered an edge case with ansible that was very interesting.

Within the Admin VM appliance we install many different tools and CLIs that can be helpful to have when administering a kubernetes environment.

One of the tools we decided to add was antctl which is a CLI tool for working with the Antrea CNI which is the default CNI in Tanzu based clusters.

Antctl is released with every version of Antrea and we decided that we should install the latest version to get the latest and greatest functionality when building the appliance and it worked great.

We used the github_release module to find the latest release and then downloaded the binary and finally configured the antctl bash completion to make the UX as good as possible as can be seen bellow:

---
- name: Install GitHub module for Python
ansible.builtin.pip:
name: github3.py
- name: Get Antctl latest release
community.general.github_release:
user: antrea-io
repo: antrea
action: latest_release
token: "{{ github_access_token }}"
register: antctl_latest_release
- name: Download and install Antctl
ansible.builtin.get_url:
url: "https://github.com/antrea-io/antrea/releases/download/{{ antctl_latest_release.tag }}/antctl-linux-x86_64"
dest: /usr/local/bin/antctl
mode: "0755"
- name: Configure Antctl Bash completion
ansible.builtin.blockinfile:
path: /etc/profile
marker: "# {mark} ANSIBLE MANAGED BLOCK - antctl bash completion"
block: |
source <(antctl completion bash)

The issue arose 2 days later when we added some additional functionality to the Admin VM Ansible playbook and then the bash completion task would simply fail as it could not find the antctl subcommand “completion”.

This seemed very weird as I didnt think that Antrea would have removed the bash completion capability so I started debugging.

What we found was that there is an unexpected behavior in the Github Release module in which was triggered by a change in the Antrea repo.

Antrea like many Open Source tools such as Kubernetes, ETCD, Ansible, Grafana etc. have the need to sometimes release a patch version for an older release branch. This means that while the for example Antrea is currently developing and releasing versions 1.6.x they still are releasing patches for the 1.5.x releases.

The Github Release module of ansible simply gets the latest version released but that doesnt take into account patch releases that may be for older releases which means that we cant be certain we will actually be getting the latest and greatest when using this module.

This made me understand that the issue was the fact that we were getting an antctl release (specifically 1.2.4) which didnt have bash completion because that functionality was added in a later release of Antrea and was not backported to the 1.2 branch.

After a bunch of investigation and testing different ideas, we found a solution that works y well and can help solve these issues.

There is a great python based tool called “lastversion” which solves this exact issue.

As per the official Github of this project:

lastversion allows finding well-formatted, the latest release version of a project from these supported locations:
* Github
* GitLab
* BitBucket
* PyPi
* Mercurial
* SourceForge
* Wikipedia
* Arbitrary software sites which publish releases in RSS/ATOM feeds

This sounded perfect to us and solved our issue so we decided to try and integrate it into our Ansible Roles and it works great!

---
- name: Install lastversion pip package
ansible.builtin.pip:
name: lastversion
- name: Get antctl latest release
ansible.builtin.command:
cmd: lastversion antrea-io/antrea --assets --filter ^antctl-linux-x86_64$
environment:
GITHUB_API_TOKEN: "{{ github_access_token }}"
register: antctl_latest_release_url
changed_when: false
- name: Download and install Antctl
ansible.builtin.get_url:
url: "{{ antctl_latest_release_url.stdout }}"
dest: /usr/local/bin/antctl
mode: "0755"
- name: Configure Antctl Bash completion
ansible.builtin.blockinfile:
path: /etc/profile
marker: "# {mark} ANSIBLE MANAGED BLOCK - antctl bash completion"
block: |
source <(antctl completion bash)

We have since making this change to antctl, seen this issue arise many other times as well in different tools and binaries we were downloading which made it clear we needed to make this change across the board which we did about a week ago and ever since we haven’t seen these issues arise which is really great.
While running commands directly using the ansible.builtin.command module is not the best option and it is better to use modules that are purpose built for specific tasks, this seems to be a perfect example of a use case where the current modules out there just don’t provide a needed functionality and therefore using the command module was warranted.

Hopefully this limitation will be resolved in the Github Release module in the future and we will be able to move back to using it instead of shelling out to this CLI tool, but till then, this solution helped us and I’m sure it could help many others in their own Ansible Playbooks or even other automation tools where bringing in an external release at the latest version is what they need.