ECSOPS-329 update ansible roles python3 #107
Conversation
roles/docker/defaults/main.yml
Outdated
| ubuntu_docker_ce_version: "{{ docker_ubuntu_ce_version }}~ce~3-0~ubuntu" | ||
| centos_docker_ce_version: "{{ docker_centos_ce_version }}.ce" | ||
| debian_docker_ce_version: "{{ (ansible_distribution_release == 'buster') | ternary('5:20.10.7~3-0~debian-buster', '5:19.03.15~3-0~debian-stretch') }}" | ||
| ubuntu_docker_ce_version: "5:20.10.7~3-0~ubuntu-bionic" |
There was a problem hiding this comment.
I haven't checked these ubuntu and debian Docker versions yet. Are they LTS? Are there any security vulnerabilities in our current install? Update Docker needs more testing and research based on my experience, so I'd recommend creating another ticket to take care of the Docker update or the scope of this ticket will be super huge.
There was a problem hiding this comment.
There are many vulnerabilities and at least one serious vuln. I reversed this commit and I'll make a ticket to do further testing.
| # Ubuntu pip2 path doesnt set correctly | ||
| - name: install docker with pip2 (Ubuntu) | ||
| shell: | ||
| cmd: /usr/bin/python3.6 -m pip install docker-compose |
There was a problem hiding this comment.
Looks like you are using Python3 to install docker-compose here, instead of using pip2?
There was a problem hiding this comment.
I corrected the language I used. Ansible docker modules on ubuntu use this python regardless of what defaults you set and I couldnt find a way around that.
| name: python-pip | ||
| name: | ||
| - python-pip | ||
| - python-typing |
There was a problem hiding this comment.
What is python-typing for?
There was a problem hiding this comment.
its a requirement for the packages installed with pip later in this file
No description provided.