provisioners/ansible: provide ssh identities via ANSIBLE_SSH_ARGS (when necessary)
When provisioning multiple machines in sequence (the default vagrant behaviour), it doesn't make sense to require to provide the private ssh key(s) via the custom ansible inventory script/file. To align with the handling of multiple ssh keys per machine, we won't rely any longer on `--private-key` command line argument, but only pass the keys via `ANSIBLE_SSH_ARGS` environment variable. Note that when vagrant generates the ansible inventory and that only one key is associated to a VM, this step would be redundant, and therefore won't be applied. This change fixes the breaking change introduced by 3d62a91.
This commit is contained in:
Gilles Cornu
parent
76651a413d
commit
3842a1f710
|
|
@ -242,8 +242,10 @@ module VagrantPlugins
|
||||||
ssh_options << "-o IdentitiesOnly=yes" unless Vagrant::Util::Platform.solaris?
|
ssh_options << "-o IdentitiesOnly=yes" unless Vagrant::Util::Platform.solaris?
|
||||||
|
|
||||||
# Multiple Private Keys
|
# Multiple Private Keys
|
||||||
@ssh_info[:private_key_path].drop(1).each do |key|
|
unless !config.inventory_path && @ssh_info[:private_key_path].size == 1
|
||||||
ssh_options << "-o IdentityFile=#{key}"
|
@ssh_info[:private_key_path].each do |key|
|
||||||
|
ssh_options << "-o IdentityFile=#{key}"
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
# SSH Forwarding
|
# SSH Forwarding
|
||||||
|
|
|
||||||
|
|
@ -513,14 +513,14 @@ VF
|
||||||
config.skip_tags = %w(foo bar)
|
config.skip_tags = %w(foo bar)
|
||||||
config.limit = 'machine*:&vagrant:!that_one'
|
config.limit = 'machine*:&vagrant:!that_one'
|
||||||
config.start_at_task = 'an awesome task'
|
config.start_at_task = 'an awesome task'
|
||||||
config.raw_arguments = ["--why-not", "--su-user=foot", "--ask-su-pass", "--limit=all"]
|
config.raw_arguments = ["--why-not", "--su-user=foot", "--ask-su-pass", "--limit=all", "--private-key=./myself.key"]
|
||||||
|
|
||||||
# environment variables
|
# environment variables
|
||||||
config.host_key_checking = true
|
config.host_key_checking = true
|
||||||
config.raw_ssh_args = ['-o ControlMaster=no']
|
config.raw_ssh_args = ['-o ControlMaster=no']
|
||||||
end
|
end
|
||||||
|
|
||||||
it_should_set_arguments_and_environment_variables 20, 4, true
|
it_should_set_arguments_and_environment_variables 21, 4, true
|
||||||
it_should_explicitly_enable_ansible_ssh_control_persist_defaults
|
it_should_explicitly_enable_ansible_ssh_control_persist_defaults
|
||||||
it_should_set_optional_arguments({ "extra_vars" => "--extra-vars=@#{File.expand_path(__FILE__)}",
|
it_should_set_optional_arguments({ "extra_vars" => "--extra-vars=@#{File.expand_path(__FILE__)}",
|
||||||
"sudo" => "--sudo",
|
"sudo" => "--sudo",
|
||||||
|
|
@ -537,15 +537,17 @@ VF
|
||||||
|
|
||||||
it "also includes given raw arguments" do
|
it "also includes given raw arguments" do
|
||||||
expect(Vagrant::Util::Subprocess).to receive(:execute).with { |*args|
|
expect(Vagrant::Util::Subprocess).to receive(:execute).with { |*args|
|
||||||
|
expect(args).to include("--why-not")
|
||||||
expect(args).to include("--su-user=foot")
|
expect(args).to include("--su-user=foot")
|
||||||
expect(args).to include("--ask-su-pass")
|
expect(args).to include("--ask-su-pass")
|
||||||
expect(args).to include("--why-not")
|
expect(args).to include("--limit=all")
|
||||||
|
expect(args).to include("--private-key=./myself.key")
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
it "shows the ansible-playbook command, with additional quotes when required" do
|
it "shows the ansible-playbook command, with additional quotes when required" do
|
||||||
expect(machine.env.ui).to receive(:detail).with { |full_command|
|
expect(machine.env.ui).to receive(:detail).with { |full_command|
|
||||||
expect(full_command).to eq("PYTHONUNBUFFERED=1 ANSIBLE_HOST_KEY_CHECKING=true ANSIBLE_FORCE_COLOR=true ANSIBLE_SSH_ARGS='-o IdentitiesOnly=yes -o IdentityFile=/my/key2 -o ForwardAgent=yes -o ControlMaster=no -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --user=testuser --connection=ssh --timeout=30 --limit='machine*:&vagrant:!that_one' --inventory-file=#{generated_inventory_dir} --extra-vars=@#{File.expand_path(__FILE__)} --sudo --sudo-user=deployer -vvv --ask-sudo-pass --ask-vault-pass --vault-password-file=#{File.expand_path(__FILE__)} --tags=db,www --skip-tags=foo,bar --start-at-task='an awesome task' --why-not --su-user=foot --ask-su-pass --limit='all' playbook.yml")
|
expect(full_command).to eq("PYTHONUNBUFFERED=1 ANSIBLE_HOST_KEY_CHECKING=true ANSIBLE_FORCE_COLOR=true ANSIBLE_SSH_ARGS='-o IdentitiesOnly=yes -o IdentityFile=/my/key1 -o IdentityFile=/my/key2 -o ForwardAgent=yes -o ControlMaster=no -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --user=testuser --connection=ssh --timeout=30 --limit='machine*:&vagrant:!that_one' --inventory-file=#{generated_inventory_dir} --extra-vars=@#{File.expand_path(__FILE__)} --sudo --sudo-user=deployer -vvv --ask-sudo-pass --ask-vault-pass --vault-password-file=#{File.expand_path(__FILE__)} --tags=db,www --skip-tags=foo,bar --start-at-task='an awesome task' --why-not --su-user=foot --ask-su-pass --limit='all' --private-key=./myself.key playbook.yml")
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue