Skip to content

atexit wrapper orphans temp files with kubernetes.core.k8s ansible module #1360

New issue
New issue
Open
Open
atexit wrapper orphans temp files with kubernetes.core.k8s ansible module#1360
Labels
affects-0.3Issues related to 0.3.X Mitogen releasesbugCode feature that hinders desired execution outcome
@dmurnane

Description

@dmurnane
dmurnane
opened on Nov 13, 2025

Environment:
Rocky Linux 9.6
python3-3.9.21-2.el9_6.2.x86_64
python3-mitogen-0.3.22-1.noarch
ansible-core-2.14.18-1.el9.x86_64
python3-kubernetes-26.1.0-3.el9.noarch

The python kubernetes module creates temp files to hold certificates to communicate with the kubernetes API server. It registers an atexit handler for kubernetes.config.kube_config._cleanup_temp_files in order to remove those files on exit. It appears that the mitogen AtExitWrapper is masking that cleanup, so these files accumulate over time when kubernetes.core.k8s tasks are run. mitogen_task_isolation: fork does not resolve the issue, but switching to strategy: linear does properly clean up the files.

Patching _atexit__register in ansible_mitogen/runner.py with if func == shutil.rmtree or func == kubernetes.config.kube_config._cleanup_temp_files: appears to clean up the files but this feels rather more fragile than is reasonable.

Reproduction:

[dmurnane@localhost ~]$ ls /tmp/tmp*
ls: cannot access '/tmp/tmp*': No such file or directory
[dmurnane@localhost ~]$ cat k8s-test.yml
# code: language=ansible
---
- name: Testing
  hosts: localhost
  tasks:
    - name: Get coredns deployment
      kubernetes.core.k8s_info:
        api_version: apps/v1
        kind: Deployment
        name: coredns
        namespace: kube-system
[dmurnane@localhost ~]$ ansible-playbook k8s-test.yml

PLAY [Testing] ****************************************************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Get coredns deployment] *************************************************************************************************************************************************************************************
ok: [localhost]

PLAY RECAP ********************************************************************************************************************************************************************************************************
localhost                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

[dmurnane@localhost ~]$ ls /tmp/tmp*
/tmp/tmpte9emays  /tmp/tmputdhak8k  /tmp/tmpwtgoybri

Update: retested with mitogen 0.3.31 and observed the same behavior.

Metadata

Metadata

Assignees

No one assigned

    Labels

    affects-0.3Issues related to 0.3.X Mitogen releasesbugCode feature that hinders desired execution outcome

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions