Install required packages for get_url module

To prevent Ansible get_url module from generating SNI warnings
several system packages are being installed so that system python
will allow us to get pip and install it.

The strategy for using system pip to install the python packages
to prevent SNI warnings causes additional issues as system package
pip versions may be broken in spectacular ways which prevent us from
upgrading to pinned versions of each of pip, setuptools, wheel.

Change-Id: I45e3eff716dba4fb2926794bc25bfb079bb328bf
Closes-Bug: 1612377

defaults/main.yml

@@ -27,9 +27,6 @@ pip_fallback_url: https://raw.githubusercontent.com/pypa/get-pip/master/get-pip.
 pip_offline_install: false
 pip_tmp_packages: /tmp/pip_install
 
-# Allow the deployer to enable binary installation of pip using a distro package
-pip_binary_install: true
-
 # Additional options that you might want to pass to "get-pip.py" when installing pip.
 # Default `pip_get_pip_options` is an empty string.
 pip_get_pip_options: ""
@@ -41,9 +38,8 @@ pip_packages:
   - pip
 
 pip_required_pip_packages:
-  - pyOpenSSL # SSL SNI support
-  - pyasn1 # SSL SNI support
   - ndg-httpsclient # SSL SNI support
+  - requests # SSL SNI support
 
 # Validate Certificates when downloading pip. May be set to "no" when proxy server
 # is intercepting the certificates.

run_tests.sh

@@ -22,6 +22,10 @@ if [ "$(which apt-get)" ]; then
   apt-get install -y build-essential python2.7 python-dev git-core libssl-dev libffi-dev
 fi
 
+if [ "$(which yum)" ]; then
+  yum install -y '@Development Tools' python-devel git libffi-devel openssl-devel
+fi
+
 # get pip, if necessary
 if [ ! "$(which pip)" ]; then
   curl --silent --show-error --retry 5 \

tasks/install.yml

@@ -13,16 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: pre_install.yml
+
 - include: install_online.yml
   when:
     - not pip_offline_install | bool
-    - not pip_binary_install | bool
 
 - include: install_offline.yml
   when:
     - pip_offline_install | bool
-    - not pip_binary_install | bool
-
-- include: install_binary.yml
-  when:
-    - pip_binary_install | bool

tasks/install_binary.yml

@@ -1,104 +0,0 @@
----
-# Copyright 2014, Rackspace US, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-- name: Install python-pip (yum)
-  yum:
-    pkg: "{{ python_pip_package }}"
-    state: "{{ pip_install_package_state }}"
-  register: install_packages
-  until: install_packages|success
-  retries: 5
-  delay: 2
-  when:
-    - ansible_pkg_mgr == 'yum'
-
-- name: Install python-pip (apt)
-  apt:
-    pkg: "{{ python_pip_package }}"
-    state: "{{ pip_install_package_state }}"
-  register: install_packages
-  until: install_packages|success
-  retries: 5
-  delay: 2
-  when:
-    - ansible_pkg_mgr == 'apt'
-
-- name: Install yum packages
-  yum:
-    pkg: "{{ item }}"
-    state: "{{ pip_install_package_state }}"
-  register: install_packages
-  until: install_packages|success
-  retries: 5
-  delay: 2
-  with_items: "{{ python_packages }}"
-  when:
-    - ansible_pkg_mgr == 'yum'
-
-- name: Install apt packages
-  apt:
-    pkg: "{{ item }}"
-    state: "{{ pip_install_package_state }}"
-  register: install_packages
-  until: install_packages|success
-  retries: 5
-  delay: 2
-  with_items: "{{ python_packages }}"
-  when:
-    - ansible_pkg_mgr == 'apt'
-
-- name: Install pip packages and upgrade
-  pip:
-    name: "{{ pip_packages | map('quote') | join (' ') }}"
-    state: latest
-    extra_args: "--upgrade --force-reinstall"
-  ignore_errors: true
-  register: install_packages
-  until: install_packages|success
-  retries: 5
-  delay: 2
-
-- name: Install pip packages and upgrade (fall back mode)
-  pip:
-    name: "{{ pip_packages | map('quote') | join (' ') }}"
-    state: latest
-    extra_args: "--upgrade --force-reinstall --isolated"
-  when: install_packages | failed
-  register: install_packages
-  until: install_packages|success
-  retries: 5
-  delay: 2
-
-- name: Install required pip packages
-  pip:
-    name: "{{ pip_required_pip_packages | map('quote') | join(' ') }}"
-    state: latest
-    extra_args: "--upgrade --force-reinstall"
-  ignore_errors: true
-  register: install_packages_required
-  until: install_packages_required|success
-  retries: 5
-  delay: 2
-
-- name: Install required pip packages (fall back mode)
-  pip:
-    name: "{{ pip_required_pip_packages | map('quote') | join(' ') }}"
-    state: latest
-    extra_args: "--upgrade --force-reinstall --isolated"
-  when: install_packages_required | failed
-  register: install_packages_required
-  until: install_packages_required|success
-  retries: 5
-  delay: 2

tasks/pre_install.yml

@@ -0,0 +1,38 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Install yum packages
+  yum:
+    pkg: "{{ item }}"
+    state: "{{ pip_install_package_state }}"
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items: "{{ python_packages }}"
+  when:
+    - ansible_pkg_mgr == 'yum'
+
+- name: Install apt packages
+  apt:
+    pkg: "{{ item }}"
+    state: "{{ pip_install_package_state }}"
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items: "{{ python_packages }}"
+  when:
+    - ansible_pkg_mgr == 'apt'

vars/redhat.yml

@@ -13,7 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-python_pip_package: python-pip
 python_packages:
   - libffi-devel
   - openssl-devel
+  - python-pyasn1
+  - pyOpenSSL

vars/ubuntu-14.04.yml

@@ -13,7 +13,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-python_pip_package: python-pip
 python_packages:
+  - build-essential
+  - python-setuptools
   - libffi-dev
   - libssl-dev
+  - python-openssl
+  - python-pyasn1

vars/ubuntu-16.04.yml

@@ -0,0 +1,23 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+python_packages:
+  - build-essential
+  - python-dev
+  - python-setuptools
+  - libffi-dev
+  - libssl-dev
+  - python-openssl
+  - python-pyasn1