gantsign / ansible-role-visual-studio-code Goto Github PK
View Code? Open in Web Editor NEWAnsible role for installing the Visual Studio Code IDE
Home Page: https://galaxy.ansible.com/gantsign/visual-studio-code
License: MIT License
Ansible role for installing the Visual Studio Code IDE
Home Page: https://galaxy.ansible.com/gantsign/visual-studio-code
License: MIT License
While Visual Studio Code is well featured out of the box I usually end up installing a few extensions. It'd be nice if these extensions were installed by the Ansible role.
I am getting an error when trying to install extensions on a RedHat 7.9 Workstation system:
"msg": "Error querying installed extensions [vscjava.vscode-java-pack]: Error: /lib64/libstdc++.so.6: version `CXXABI_1.3.9' not found (required by /usr/share/code/resources/app/node_modules.asar.unpacked/spdlog/build/Release/spdlog.node)\n at process.func [as dlopen] (electron/js2c/asar_bundle.js:5:1812)\n at Object.Module._extensions..node (internal/modules/cjs/loader.js:1250:18)\n at Object.func [as .node] (electron/js2c/asar_bundle.js:5:2039)\n at Module.load (internal/modules/cjs/loader.js:1039:32)\n at Module._load (internal/modules/cjs/loader.js:932:14)\n at Function.f._load (electron/js2c/asar_bundle.js:5:12738)\n at Module.require (internal/modules/cjs/loader.js:1079:19)\n at require (internal/modules/cjs/helpers.js:72:18)\n at bindings (/usr/share/code/resources/app/node_modules.asar/bindings/bindings.js:112:48)\n at Object. (/usr/share/code/resources/app/node_modules.asar/spdlog/index.js:3:35)\n at Module._compile (internal/modules/cjs/loader.js:1199:30)\n at Object.Module._extensions..js (internal/modules/cjs/loader.js:1220:10)\n at Module.load (internal/modules/cjs/loader.js:1039:32)\n at Module._load (internal/modules/cjs/loader.js:932:14)\n at Function.f._load (electron/js2c/asar_bundle.js:5:12738)\n at Module.require (internal/modules/cjs/loader.js:1079:19)\n at require (internal/modules/cjs/helpers.js:72:18)\n at t (/usr/share/code/resources/app/out/vs/loader.js:4:101)\n at r.load (/usr/share/code/resources/app/out/vs/loader.js:3:13249)\n at r.load (/usr/share/code/resources/app/out/vs/loader.js:3:10262)\n at c (/usr/share/code/resources/app/out/vs/loader.js:4:10314)\n at Object.errorback (/usr/share/code/resources/app/out/vs/loader.js:4:10435)\n at r.triggerErrorback (/usr/share/code/resources/app/out/vs/loader.js:3:10626)\n at /usr/share/code/resources/app/out/vs/loader.js:3:10332\n at r.load (/usr/share/code/resources/app/out/vs/loader.js:3:13266)\n at r.load (/usr/share/code/resources/app/out/vs/loader.js:3:10262)\n at c (/usr/share/code/resources/app/out/vs/loader.js:4:10314)\n at r._loadModule (/usr/share/code/resources/app/out/vs/loader.js:4:10444)\n at r._resolve (/usr/share/code/resources/app/out/vs/loader.js:5:452)\n at r.defineModule (/usr/share/code/resources/app/out/vs/loader.js:4:6145)\n at r._relativeRequire (/usr/share/code/resources/app/out/vs/loader.js:4:6831)\n at n (/usr/share/code/resources/app/out/vs/loader.js:4:9420)\n at f (/usr/share/code/resources/app/out/vs/code/node/cliProcessMain.js:13:42562)\n at new Promise ()\n at b (/usr/share/code/resources/app/out/vs/code/node/cliProcessMain.js:13:42542)\n at m._createSpdLogLogger (/usr/share/code/resources/app/out/vs/code/node/cliProcessMain.js:13:43517)\n at new m (/usr/share/code/resources/app/out/vs/code/node/cliProcessMain.js:13:43322)\n at c.initServices (/usr/share/code/resources/app/out/vs/code/node/cliProcessMain.js:16:57027)\n at async c.run (/usr/share/code/resources/app/out/vs/code/node/cliProcessMain.js:16:56421)\n at async Object.h [as main] (/usr/share/code/resources/app/out/vs/code/node/cliProcessMain.js:16:59927)\n at async C (/usr/share/code/resources/app/out/vs/code/node/cli.js:12:13346) {\n phase: 'loading',\n moduleId: 'spdlog',\n neededBy: [ '===anonymous5===' ]\n}\n"
}
When I query the library, it does not have the required version as the error says:
$ nm -D /lib64/libstdc++.so.6 | grep CXXABI
0000000000000000 A CXXABI_1.3
0000000000000000 A CXXABI_1.3.1
0000000000000000 A CXXABI_1.3.2
0000000000000000 A CXXABI_1.3.3
0000000000000000 A CXXABI_1.3.4
0000000000000000 A CXXABI_1.3.5
0000000000000000 A CXXABI_1.3.6
0000000000000000 A CXXABI_1.3.7
0000000000000000 A CXXABI_TM_1
I am pretty sure this worked before though. Any idea what may be wrong?
Hi,
i wanted to use your role, but ran into an issue with custom configurations.
TASK [ansible-role-visual-studio-code : create config directories for users] ************************************************************************************************************************************** failed: [localhost] (item=({u'username': u'domano', u'visual_studio_code_settings': {u'files.autoSave': u'afterDelay', u'files.autoSaveDelay': 1000, u'git.autofetch': True, u'explorer.openEditors.visible': 0}}, u'Ansible')) => {"changed": false, "gid": (removed groupid here), "group": "somegroup", "item": [{"username": "domano", "visual_studio_code_settings": {"explorer.openEditors.visible": 0, "files.autoSave": "afterDelay", "files.autoSaveDelay": 1000, "git.autofetch": true}}, "Ansible"], "mode": "0711", "msg": "chgrp failed: failed to look up group domano", "owner": "domano", "path": "/home/domano/.config", "size": 4096, "state": "directory", "uid": (removed my user id here)}
My playbook looks like this (at least the relevant part):
visual_studio_code_version: '1.21' users: - username: domano visual_studio_code_extensions: - Ansible - ansible-autocomplete - Go - IntelliJ IDEA Keybindings - language-Ansible visual_studio_code_settings: { "explorer.openEditors.visible": 0, "git.autofetch": true, "files.autoSave": "afterDelay", "files.autoSaveDelay": 1000 }
It'd be useful to preconfigure Visual Studio Code, by writing the settings.json
for the user, based on configuration supplied in the playbook.
Putting the downloads into the system /tmp
directory opens a security hole as other users have a chance to modify them. The default directory should be under the home folder of the user running Ansible (where other users normally won't have write access).
The variable name local_ansible_data_path
is potentially confusing as it's actually a path on the remote machine (from the Ansible perspective); also, given this is a visual-studio-code
role the variable should be prefixed with visual_studio_code_
.
It's still beneficial to support a common variable for where to store downloads so visual_studio_code_download_dir
will default to x_ansible_download_dir
if set.
Renaming the variable to visual_studio_code_download_dir
will be clearer and less misleading.
I use Home-brew Cask to install VS Code on my Mac. I would like to request a feature where you can install VS code beforehand and use the role just of installing the plugins.
The role can be customized for MacOS only as Home-brew cask is built for Mac.
Don't really know why, but until a few days ago your role was working fine and, now, it seems that MS changed something into their repository and I got this error:
TASK [vscode : install VS Code repo (apt)] *************************************
fatal: [default]: FAILED! => {"changed": false, "msg": "Failed to update apt cache: E:Failed to fetch https://packages.microsoft.com/repos/vscode/dists/stable/InRelease Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?), E:The repository 'https://packages.microsoft.com/repos/vscode stable InRelease' is not signed."}
I've googled around and found this issue that has nearly the same problem and fixed it by updating the URL from https://packages.microsoft.com/repos/vscode ti https://packages.microsoft.com/repos/code
So this is the suggested patch, left here in case you find it useful to integrate and/or any other user of your role encounter the same issue
diff --git a/ansible/roles/vscode/tasks/install-apt.yml b/ansible/roles/vscode/tasks/install-apt.yml
index 70f9ea4..c6ff75c 100644
--- a/ansible/roles/vscode/tasks/install-apt.yml
+++ b/ansible/roles/vscode/tasks/install-apt.yml
@@ -24,7 +24,7 @@
- name: install VS Code repo (apt)
become: yes
apt_repository:
- repo: 'deb [arch=amd64] {{ visual_studio_code_mirror }}/repos/vscode stable main'
+ repo: 'deb [arch=amd64] {{ visual_studio_code_mirror }}/repos/code stable main'
filename: vscode
state: present
Hello @gantsign, after latest ansible-lint, now all playbooks that use ansible-role-visual-studio-code will fail until the name on Galaxy is role_name: visual_studio_code
on meta/main.yml:
ansible/ansible-lint#3566 (comment)
You can even put role_name as visual-studio-code
it gets automatically converted as extensively documented here: https://galaxy.ansible.com/docs/contributing/creating_role.html
Would you mind changing the name?
Thanks for building this role!
The one thing it doesn't have is declarative vs code extensions. By that, I mean if you run it multiple times while changing the list of extensions, it just keeps adding extensions rather than making the extensions match what the user has declared. It would be great for the list of extensions to truly reflect what extensions are installed.
Thanks again!
I'd like to add user specific settigns to settings.json, e.g. update the file with additional settings once it has been written (or even overwrite existing setttings).
Background: We provide a default setup of vscode to all team members, but things like the theme are pretty much down to each users preferences.
Currently the privilege escalation isn't being declared for the tasks that need it; because of this, to use this role you have to declare the privilege escalation for the role in your playbook, or run the whole playbook using sudo.
If the privilege escalation is declared for the tasks of this role, it'll work out of the box with no additional config required by the user.
This role works correctly on Ubuntu Trusty and Xenial but these versions are not declared in the Ansible Galaxy metadata as supported versions.
Since Trusty and Xenial are the current and previous LTS versions of Ubuntu it would be helpful to declare them as supported.
The config directory for insiders edition should be 'Code - Insiders', not Code-Insiders.
On Debian, this role leads to duplicate entries for the microsoft apt repository:
This creates warnings about duplicate entries:
W: Target Packages (main/binary-amd64/Packages) is configured multiple times in /etc/apt/sources.list.d/packages_microsoft_com_repos_vscode.list:1 and /etc/apt/sources.list.d/vscode.list:3
I suggest removing the entry that is created by the role and relying on the one that is created by vs-code during installation.
macOS Catalina
Installed via cask.
While gantsign.visual-studio-code successfully installs VS Code (via cask), it fails to install extensions because macOS pops up this dialog (repeatedly):
If you click "Show in Finder", right click Visual Studio Code and choose "Open" then you get the same dialog but with an extra button to "Open". Once you've opened VS Code once, then you can re-run the role and it will work as expected.
Hello,
currently when adding the APT repository the AMD64 architecture is hardcoded.
deb [arch=amd64...
https://github.com/gantsign/ansible-role-visual-studio-code/blob/master/tasks/install-apt.yml#L37
this doesn't allow the use of the ansible role on arm64 or otherwise non amd64 architectures.
One can likely use the ansible_architecture fact/variable for condition based matching of repo to architecture.
Let me start by saying this role is completely awesome and has saved me a lot of pain! :-)
When running the role with extensions that are already installed I'm getting a lot of interactive vscode windows opening up. I've been able to reproduce the problem manually, and it looks like it has to do with the order of the parameters provided to vscode.
I think the issue is in the install_extension
function in visual_studio_code_install_extension.py
.
rc, out, err = module.run_command( ['code', '--install-extension', '--force', name])
Should be:
rc, out, err = module.run_command( ['code', '--install-extension', name, '--force'])
Currently running with:
I see you support 16.04 and 18.04. It would be very nice if this role supports latest LTS.
I am having sometimes 503 erros while installing the defined extensions for multiple machines and multiple users per machine at the same time.
I fixed this by adding the register, until, retries and delay. It would be great if you would add such functionality in install_extensions.yml so that the internal module would be called again in case of those errors.
---
- name: Install extensions
become: yes
become_user: "{{ item.0.username }}"
visual_studio_code_install_extension:
executable: "{{ visual_studio_code_exe }}"
name: "{{ item.1 }}"
with_subelements:
- "{{ users }}"
- visual_studio_code_extensions
- skip_missing: yes
loop_control:
label: "{{ item.0.username }}: {{ item.1 }}"
register: install_extension_result
until: install_extension_result is successful
retries: 5
delay: 10
implement flag visual_studio_code_add_repo
with a default of true, which could be used to disable adding the repo
this feature request was discussed here: #200 (comment) as an alternativ
Sometimes it is needed to mark the microsoft ssl certificate as trusted. for example when you are behind a company proxy and this proxy changes the certificate a bit.
in APT you can mark the repo cert as trusted with trusted=yes
example: deb [arch=amd64 trusted=yes] https://packages.microsoft.com//repos/code stable main
source list documentation: https://manpages.debian.org/jessie/apt/sources.list.5.en.html
trusted=yes can be set to indicate that packages from this source are always authenticated even if the Release file is not signed or the signature can't be checked. This disables parts of apt-secure(8) and should therefore only be used in a local and trusted context. trusted=no is the opposite which handles even correctly authenticated sources as not authenticated.
For RPM source files a similar config value is gpgcheck
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sec-configuring_yum_and_yum_repositories
gpgcheck=value
where value is one of:
0 โ Disable GPG signature-checking on packages in all repositories, including local package installation.
1 โ Enable GPG signature-checking on all packages in all repositories, including local package installation. gpgcheck=1 is the default, and thus all packages' signatures are checked.
this feature request was proposed here: #200 (comment)
I don't really think this is an issue with this project but I'm hoping you might provide some guidance.
I am Molecule-izing a large playbook to get it to run a full CI inside a GitHub Action workflow. Regardless of whether I run it locally or on the workflow, I need to get the Molecule Docker container running first with privilege and then as a non-root "ansible" user for this extension to work. I do so here and have the username for this role set in requirements.yml
here:
- src: gantsign.visual-studio-code
users:
- username: "{{ ansible_user }}"
visual_studio_code_extensions:
- Shan.code-settings-sync
However, when I run Molecule on my local system or on a GitHub Actions workflow I get an error at:
TASK [gantsign.visual-studio-code : install extensions] ************************
fatal: [instance]: FAILED! => {"msg": "Failed to set permissions on the temporary files Ansible needs to create when becoming an unprivileged user (rc: 1, err: chown: invalid user: 'artis3n'\n}). For information on working around this, see https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user"}
For the GitHub Workflow I get the same error for the user runner
.
I've tried modifying the ansible_user
via molecule.yml
:
provisioner:
name: ansible
lint:
name: ansible-lint
options:
'vault-id': ../../.vault_pass
inventory:
host_vars:
instance:
ansible_user: ansible
and my playbook.yml
:
- name: Converge
hosts: all
gather_facts: yes
vars:
ansible_user: ansible
But it looks like ansible_user
isn't correctly being set when the roles are run. Or, maybe there is something else happening in your role that I am completely missing? This should correspond to this:
- name: install extensions
become: yes
become_user: '{{ item.0.username }}'
visual_studio_code_install_extension:
executable: '{{ visual_studio_code_exe }}'
name: '{{ item.1 }}'
with_subelements:
- '{{ users }}'
- visual_studio_code_extensions
- skip_missing: yes
which suggests it should be accepting my modified ansible_user
as ansible
.
Do you have any suggestions how I might continue to troubleshoot this?
Testing Ansible roles manually with Docker is a bit of a pain; Molecule (http://molecule.readthedocs.io/) makes it easy. It also provides a way to unify local unit testing with the tests ran by Travis CI.
Configure the project for running Molecule and change the Travis CI build to use Molecule.
When I run the role on an already configured instance of vscode, ansible can hang if a newer version of the extension is available:
% code --install-extension ms-vscode.Go
> Extension 'ms-vscode.Go' v0.6.91 is already installed, but a newer version 0.6.93 is available in the marketplace. Would you like to update? Yes(0) | No(1)
>
Adding a "--force" will avoid the hang and update the extension to the latest version.
diff --git a/tasks/install-extensions.yml b/tasks/install-extensions.yml
index 71b030b..7aa763a 100644
--- a/tasks/install-extensions.yml
+++ b/tasks/install-extensions.yml
@@ -44,7 +44,7 @@
- name: install extensions
become: yes
become_user: '{{ item.0.username }}'
- command: "code --install-extension '{{ item.1 }}'"
+ command: "code --install-extension '{{ item.1 }}' --force"
with_subelements:
- '{{ users }}'
- visual_studio_code_extensions
I am currently setup a development environment on SLES and I can see that vscode is not updated when no version is set:
- name: Install VS Code (zypper)
become: yes
community.general.zypper:
name: "{{ visual_studio_code_package }}{{ (visual_studio_code_version | length > 0) | ternary('=' + visual_studio_code_version, '') }}"
state: present
The code should be changed so that it installes the latest when no version is set:
- name: Install VS Code (zypper)
become: yes
community.general.zypper:
name: "{{ visual_studio_code_package }}{{ (visual_studio_code_version | length > 0) | ternary('=' + visual_studio_code_version, '') }}"
state: "{{ (visual_studio_code_version | length > 0) | ternary('present', 'latest') }}"
When using the role on a recent Kali image you would encounter a error during the dependency installation:
TASK [ansible-role-visual-studio-code : Install dependencies (apt)] ***********************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "No package matching 'gconf2' is available"}
Installing most of the dependencies is not necessary at this step and will be handled by apt at the time of installation. Only ca-certificates
and apt-transport-https
ar required. I would suggest changing the task to something like this:
- name: Install dependencies (apt)
become: yes
ansible.builtin.apt:
name:
- ca-certificates
- apt-transport-https
state: present
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.