Hello,
Im trying to create an execution environment to run a particular ansible collection but failing to do so. The collection is this Forcepoint collection. As you can see, it has a nonstandard way of installing all the modules and i cannot get it to work in an execution environment for the life of me (yes, skill issue, I know…).
Here is my execution-environment.yml file:
version: 3
images:
base_image:
name: [myautomationhub]/ee-minimal-rhel8:latest
depedencies:
ansible-core:
package_pip: ansible-core==2.14.4
ansible_runner:
package_pip: ansible-runner
python:
- six
- psutil
- pip
options:
package_manager_path: /usr/bin/microdnf
additional_build_files:
- src: /path/to/folder/forcepoint_repo_unzipped
dest: forcepoint
additional_build_steps:
prepend_base:
- RUN mkdir -p /opt/forcepoint
- COPY _build/forcepoint/ /opt/forcepoint
append_final:
- RUN python3 -p pip install -r /opt/forcepoint/requirements.txt
- RUN python3 /opt/forcepoint/install.py
Sorry if the code formatting is off, it is correct in the EE yml.
Hi. Can you share what kind of error’s you’re getting when trying to use this EE? That will help to diagnose what isn’t happening as expected.
It’s not finding the modules, the common “couldn’t resolve module/action”. If I would have to guess why it is not working, it’s because for some reason the EE does not find the collection after installing it with the python script.
If i follow the installation instructions and install the collection to a test virtual machine with clean ansible installation, it works with the playbook im testing it with, so the module name is correct.
I wasn’t able to get an image to build using the contents you shared, but these few tweaks did make one successfully. Do you have any test-code that you could share that we can run against it?
---
version: 3
images:
base_image:
name: ghcr.io/ansible-community/community-ee-base:latest
dependencies:
python:
- ansible-runner
- ansible-core==2.14.4
- six
- psutil
- pip
options:
package_manager_path: /usr/bin/microdnf
additional_build_files:
- src: src/fp-NGFW-SMC
dest: forcepoint
additional_build_steps:
prepend_base:
- RUN mkdir -p /opt/forcepoint
- COPY _build/forcepoint/ /opt/forcepoint
append_final:
- RUN python3 -m pip install -r /opt/forcepoint/requirements.txt
- RUN python3 /opt/forcepoint/install.py
Here is an example from the repository itself:
- name: Obtain facts about Network Elements
hosts: localhost
gather_facts: no
tasks:
- name: Retrieve all Group level objects, limit of 50
network_element_facts:
element: group
limit: 50
It should fail at connecting, since no api keys are provided. Im assuming that you do not have a spare forcepoint firewall lying around in your house 
But it should not throw errors about missing module if your EE build worked.
Also you did download the repository contents to the folder
src/forcepoint
in your EE build?
I downloaded the .zip from github and extracted it to src/fp-NFGW-SMC
I managed to solve the issue with some AI assistance. Asked ChatGPT to walk me trough the install.py file line by line in detail.
Turns out that the install.py script does not copy the modules located in the library-folder to the default modules path. I just set /etc/ansible/ansible.cfg to:
[defaults]
library = /opt/forcepoint/library
module_utils = /opt/forcepoint/module_utils
It sure feels dumb now that it was such a simple fix, but this is what happens when you don’t know any python 