provisioners/ansible: provide ssh identities via ANSIBLE_SSH_ARGS (when necessary)

When provisioning multiple machines in sequence (the default vagrant behaviour), it doesn't make sense to require to provide the private ssh key(s) via the custom ansible inventory script/file. To align with the handling of multiple ssh keys per machine, we won't rely any longer on `--private-key` command line argument, but only pass the keys via `ANSIBLE_SSH_ARGS` environment variable. Note that when vagrant generates the ansible inventory and that only one key is associated to a VM, this step would be redundant, and therefore won't be applied. This change fixes the breaking change introduced by 3d62a91.
2015-05-29 10:18:21 +02:00 · 2015-05-29 10:18:21 +02:00 · 3842a1f710
parent 76651a413d
commit 3842a1f710
2 changed files with 10 additions and 6 deletions
--- a/plugins/provisioners/ansible/provisioner.rb
+++ b/plugins/provisioners/ansible/provisioner.rb
@ -242,8 +242,10 @@ module VagrantPlugins
        ssh_options << "-o IdentitiesOnly=yes" unless Vagrant::Util::Platform.solaris?

        # Multiple Private Keys
-        @ssh_info[:private_key_path].drop(1).each do |key|
-          ssh_options << "-o IdentityFile=#{key}"
+        unless !config.inventory_path && @ssh_info[:private_key_path].size == 1
+          @ssh_info[:private_key_path].each do |key|
+            ssh_options << "-o IdentityFile=#{key}"
+          end
        end

        # SSH Forwarding
--- a/test/unit/plugins/provisioners/ansible/provisioner_test.rb
+++ b/test/unit/plugins/provisioners/ansible/provisioner_test.rb
@ -513,14 +513,14 @@ VF
        config.skip_tags = %w(foo bar)
        config.limit = 'machine*:&vagrant:!that_one'
        config.start_at_task = 'an awesome task'
-        config.raw_arguments = ["--why-not", "--su-user=foot", "--ask-su-pass", "--limit=all"]
+        config.raw_arguments = ["--why-not", "--su-user=foot", "--ask-su-pass", "--limit=all", "--private-key=./myself.key"]

        # environment variables
        config.host_key_checking = true
        config.raw_ssh_args = ['-o ControlMaster=no']
      end

-      it_should_set_arguments_and_environment_variables 20, 4, true
+      it_should_set_arguments_and_environment_variables 21, 4, true
      it_should_explicitly_enable_ansible_ssh_control_persist_defaults
      it_should_set_optional_arguments({  "extra_vars"          => "--extra-vars=@#{File.expand_path(__FILE__)}",
                                          "sudo"                => "--sudo",
@ -537,15 +537,17 @@ VF

      it "also includes given raw arguments" do
        expect(Vagrant::Util::Subprocess).to receive(:execute).with { |*args|
+          expect(args).to include("--why-not")
          expect(args).to include("--su-user=foot")
          expect(args).to include("--ask-su-pass")
-          expect(args).to include("--why-not")
+          expect(args).to include("--limit=all")
+          expect(args).to include("--private-key=./myself.key")
        }
      end

      it "shows the ansible-playbook command, with additional quotes when required" do
        expect(machine.env.ui).to receive(:detail).with { |full_command|
-          expect(full_command).to eq("PYTHONUNBUFFERED=1 ANSIBLE_HOST_KEY_CHECKING=true ANSIBLE_FORCE_COLOR=true ANSIBLE_SSH_ARGS='-o IdentitiesOnly=yes -o IdentityFile=/my/key2 -o ForwardAgent=yes -o ControlMaster=no -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --user=testuser --connection=ssh --timeout=30 --limit='machine*:&vagrant:!that_one' --inventory-file=#{generated_inventory_dir} --extra-vars=@#{File.expand_path(__FILE__)} --sudo --sudo-user=deployer -vvv --ask-sudo-pass --ask-vault-pass --vault-password-file=#{File.expand_path(__FILE__)} --tags=db,www --skip-tags=foo,bar --start-at-task='an awesome task' --why-not --su-user=foot --ask-su-pass --limit='all' playbook.yml")
+          expect(full_command).to eq("PYTHONUNBUFFERED=1 ANSIBLE_HOST_KEY_CHECKING=true ANSIBLE_FORCE_COLOR=true ANSIBLE_SSH_ARGS='-o IdentitiesOnly=yes -o IdentityFile=/my/key1 -o IdentityFile=/my/key2 -o ForwardAgent=yes -o ControlMaster=no -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --user=testuser --connection=ssh --timeout=30 --limit='machine*:&vagrant:!that_one' --inventory-file=#{generated_inventory_dir} --extra-vars=@#{File.expand_path(__FILE__)} --sudo --sudo-user=deployer -vvv --ask-sudo-pass --ask-vault-pass --vault-password-file=#{File.expand_path(__FILE__)} --tags=db,www --skip-tags=foo,bar --start-at-task='an awesome task' --why-not --su-user=foot --ask-su-pass --limit='all' --private-key=./myself.key playbook.yml")
        }
      end
    end