From ca1e30d4054d1742329df462a4fc70479c15061e Mon Sep 17 00:00:00 2001 From: Gilles Cornu Date: Mon, 10 Feb 2014 10:23:10 +0100 Subject: [PATCH] Ansible: Support multiple private keys Note that this feature requires to force `--connection=ssh`. This is not a big deal as `paramiko` mode is deprecated and in most cases `smart` mode enables `ssh` mode. --- plugins/provisioners/ansible/provisioner.rb | 42 +++++++++++++++------ 1 file changed, 30 insertions(+), 12 deletions(-) diff --git a/plugins/provisioners/ansible/provisioner.rb b/plugins/provisioners/ansible/provisioner.rb index 51d6f5a6c..cd716f00d 100644 --- a/plugins/provisioners/ansible/provisioner.rb +++ b/plugins/provisioners/ansible/provisioner.rb @@ -5,11 +5,10 @@ module VagrantPlugins @logger = Log4r::Logger.new("vagrant::provisioners::ansible") ssh = @machine.ssh_info - # Connect with Vagrant user (unless --user or --private-key are - # overidden by 'raw_arguments'). - # - # TODO: multiple private key support - options = %W[--private-key=#{ssh[:private_key_path][0]} --user=#{ssh[:username]}] + # Connect with Vagrant SSH identity, forcing 'ssh' ansible connection mode + # as 'paramiko' mode cannot support multiple keys. + # These default settings can be overridden by 'raw_arguments' option. + options = %W[--connection=ssh --private-key=#{ssh[:private_key_path][0]} --user=#{ssh[:username]}] # By default we limit by the current machine. # This can be overridden by the limit config option. @@ -33,15 +32,22 @@ module VagrantPlugins # Assemble the full ansible-playbook command command = (%w(ansible-playbook) << options << config.playbook).flatten + # Some Ansible options must be passed as environment variables + env = { + "ANSIBLE_FORCE_COLOR" => "true", + "ANSIBLE_HOST_KEY_CHECKING" => "#{config.host_key_checking}", + + # Ensure Ansible output isn't buffered so that we receive ouput + # on a task-by-task basis. + "PYTHONUNBUFFERED" => 1 + } + # Support Multiple SSH keys: + ansible_ssh_args = get_ansible_ssh_args + env["ANSIBLE_SSH_ARGS"] = ansible_ssh_args if !ansible_ssh_args.empty? + # Write stdout and stderr data, since it's the regular Ansible output command << { - :env => { - "ANSIBLE_FORCE_COLOR" => "true", - "ANSIBLE_HOST_KEY_CHECKING" => "#{config.host_key_checking}", - # Ensure Ansible output isn't buffered so that we receive ouput - # on a task-by-task basis. - "PYTHONUNBUFFERED" => 1 - }, + :env => env, :notify => [:stdout, :stderr], :workdir => @machine.env.root_path.to_s } @@ -149,6 +155,18 @@ module VagrantPlugins end end + def get_ansible_ssh_args + ssh = @machine.ssh_info + ssh_options = [] + + # Multiple Private Keys + ssh[:private_key_path].drop(1).each do |key| + ssh_options << "-o IdentityFile=#{key}" + end + + return ssh_options.join(' ') + end + def as_list_argument(v) v.kind_of?(Array) ? v.join(',') : v end