Please install google-auth library – Ansible problem

Ansible is a great tool used by many engineers to automate their work. Also, Ansible is growing very, very fast. It means, that there are many bugs inside that tool. Sometimes bug is not a problem – especially when it doesn’t exist – but not fully written documentation. This is probably the reason for the problem I want to describe. If you use Ansible for GCP deployment, you may face the failure reason saying “Please install google-auth library”. But what if you are sure, that you have this library installed?

TL;DR – just give me a solution!

Run your playbook with an additional parameter:

or add it to ansible.cfg file:

When I faced “Please install google-auth library”?

This is my case I had few days ago. A bunch of information:

  • I use macOS on a daily basis
  • I have the default python version installed (Python 2.7), but I don’t use it
  • Pyenv is my tool to switching between Python versions
  • Almost all my projects (including Ansible) are built with virtualenv

Ok, so what happened to me is:

Normally, I use Python 3.7.4 (via pyenv) and Ansible 2.7.13 installed for that Python:

So everything looks great, right? Yup. And Ansible had been working without any problem. Until I wanted to use GCP modules. And in this scenario, I decided to use virtualenv with Ansible 2.8 (some of the modules require Ansible 2.8, so I just wanted to have the newest, possible version). So I created a new directories structure, new virtualenv with Ansible, requirements file with requests and google-auth library and wrote the simple playbook (gcp_sql_instance module). And when I tried to run the playbook…

But, wait. I have installed this library.

So what the hell is wrong with that? I found this issue on GitHub, but it didn’t help me at all. But, you know, it’s Python, and I use virtualenv, hence I can make some changes in Ansible files without any fear, right? Yup, right!

What is the problem?

After some research, I found out that conditional responsible for my message is placed in lib/ansible/module_utils/gcp_utils.py. Please take a look at this code:

Ok, it makes sense… I was sure, that everything on my side is ok, but I created a simple python script to confirm that:

As I expected, the output looked that:

According to Python documentation, sys.path:

A list of strings that specifies the search path for modules. Initialized from the environment variable PYTHONPATH, plus an installation-dependent default.

Everything looks fine, what now?

Not good, everything looks fine. But the problem still exists. So I thought, that maybe I should print sys.path in the gcp_utils.py file and see what will happen. As I thought, I did. I modified gcp_utils.py one more time and change

to this:

And also import sys library. After that, I run my playbook and the output changed to this one:

YEAH! Bingo! Wrong module paths. Ansible takes my default installation of Python to look for modules. But I don’t have installed google-auth for this Python version, so everything is clear right now.

But why?!

The answer is simple and we can find it in the documentation. Please take a look at this fragment:

Detects the target OS platform, distribution, and version, then consults a table listing the correct Python interpreter and path for each platform/distribution/version. If an entry is found, and /usr/bin/python is absent, uses the discovered interpreter (and path). If an entry is found, and /usr/bin/python is present, uses /usr/bin/python and issues a warning. This exception provides temporary compatibility with previous versions of Ansible that always defaulted to /usr/bin/python, so if you have installed Python and other dependencies at usr/bin/python on some hosts, Ansible will find and use them with this setting. If no entry is found, or the listed Python is not present on the target host, searches a list of common Python interpreter paths and uses the first one found; also issues a warning that future installation of another Python interpreter could alter the one chosen.

And I have /usr/bin/python binary.

Ok, so how can I solve “Please install google-auth library”?

It’s more workaround than a solution (from my perspective), but you can use one of the following methods:

  1. Run your playbooks with -e ‘ansible_python_interpreter=/PATH/TO/YOUR/INTERPRETER’
  2. Add python_interpreter=/PATH/TO/YOUR/INTERPRETER to your ansible.cfg in [defaults] section.

To confirm that this solution works, I made another change in gcp_utils.py:

Thanks to that, it should fail at validation and print me the modules’ paths. And it did that. And look what I saw after I run my playbook with -e ‘ansible_python_interpreter=/Users/amph/Documents/Nauka/php-k8s-poc/ansible-setup/venv/bin/python’:

As you see, there is no “Please install google-auth library” anymore!

/Users/amph/Documents/Nauka/php-k8s-poc/ansible-setup/venv is of course a path to my virtualenv. After I had removed unnecessary changes in Ansible files, module worked as expected.

So if you face this problem, try to solve that in that way. But if you have a better solution, I will be more than grateful if you can share it with me (and all persons reading this post).

Bibliography:

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.