provisioners/ansible: provide ssh identities via ANSIBLE_SSH_ARGS (when necessary)

When provisioning multiple machines in sequence (the default vagrant
behaviour), it doesn't make sense to require to provide the private ssh
key(s) via the custom ansible inventory script/file.

To align with the handling of multiple ssh keys per machine, we won't
rely any longer on `--private-key` command line argument, but only pass
the keys via `ANSIBLE_SSH_ARGS` environment variable.

Note that when vagrant generates the ansible inventory and that only one
key is associated to a VM, this step would be redundant, and therefore
won't be applied.

This change fixes the breaking change introduced by 3d62a91.
This commit is contained in:
Gilles Cornu 2015-05-29 10:18:21 +02:00
parent 76651a413d
commit 3842a1f710
2 changed files with 10 additions and 6 deletions

View File

@ -242,9 +242,11 @@ module VagrantPlugins
ssh_options << "-o IdentitiesOnly=yes" unless Vagrant::Util::Platform.solaris?
# Multiple Private Keys
@ssh_info[:private_key_path].drop(1).each do |key|
unless !config.inventory_path && @ssh_info[:private_key_path].size == 1
@ssh_info[:private_key_path].each do |key|
ssh_options << "-o IdentityFile=#{key}"
end
end
# SSH Forwarding
ssh_options << "-o ForwardAgent=yes" if @ssh_info[:forward_agent]

View File

@ -513,14 +513,14 @@ VF
config.skip_tags = %w(foo bar)
config.limit = 'machine*:&vagrant:!that_one'
config.start_at_task = 'an awesome task'
config.raw_arguments = ["--why-not", "--su-user=foot", "--ask-su-pass", "--limit=all"]
config.raw_arguments = ["--why-not", "--su-user=foot", "--ask-su-pass", "--limit=all", "--private-key=./myself.key"]
# environment variables
config.host_key_checking = true
config.raw_ssh_args = ['-o ControlMaster=no']
end
it_should_set_arguments_and_environment_variables 20, 4, true
it_should_set_arguments_and_environment_variables 21, 4, true
it_should_explicitly_enable_ansible_ssh_control_persist_defaults
it_should_set_optional_arguments({ "extra_vars" => "--extra-vars=@#{File.expand_path(__FILE__)}",
"sudo" => "--sudo",
@ -537,15 +537,17 @@ VF
it "also includes given raw arguments" do
expect(Vagrant::Util::Subprocess).to receive(:execute).with { |*args|
expect(args).to include("--why-not")
expect(args).to include("--su-user=foot")
expect(args).to include("--ask-su-pass")
expect(args).to include("--why-not")
expect(args).to include("--limit=all")
expect(args).to include("--private-key=./myself.key")
}
end
it "shows the ansible-playbook command, with additional quotes when required" do
expect(machine.env.ui).to receive(:detail).with { |full_command|
expect(full_command).to eq("PYTHONUNBUFFERED=1 ANSIBLE_HOST_KEY_CHECKING=true ANSIBLE_FORCE_COLOR=true ANSIBLE_SSH_ARGS='-o IdentitiesOnly=yes -o IdentityFile=/my/key2 -o ForwardAgent=yes -o ControlMaster=no -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --user=testuser --connection=ssh --timeout=30 --limit='machine*:&vagrant:!that_one' --inventory-file=#{generated_inventory_dir} --extra-vars=@#{File.expand_path(__FILE__)} --sudo --sudo-user=deployer -vvv --ask-sudo-pass --ask-vault-pass --vault-password-file=#{File.expand_path(__FILE__)} --tags=db,www --skip-tags=foo,bar --start-at-task='an awesome task' --why-not --su-user=foot --ask-su-pass --limit='all' playbook.yml")
expect(full_command).to eq("PYTHONUNBUFFERED=1 ANSIBLE_HOST_KEY_CHECKING=true ANSIBLE_FORCE_COLOR=true ANSIBLE_SSH_ARGS='-o IdentitiesOnly=yes -o IdentityFile=/my/key1 -o IdentityFile=/my/key2 -o ForwardAgent=yes -o ControlMaster=no -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --user=testuser --connection=ssh --timeout=30 --limit='machine*:&vagrant:!that_one' --inventory-file=#{generated_inventory_dir} --extra-vars=@#{File.expand_path(__FILE__)} --sudo --sudo-user=deployer -vvv --ask-sudo-pass --ask-vault-pass --vault-password-file=#{File.expand_path(__FILE__)} --tags=db,www --skip-tags=foo,bar --start-at-task='an awesome task' --why-not --su-user=foot --ask-su-pass --limit='all' --private-key=./myself.key playbook.yml")
}
end
end