Commit Graph

69 Commits

Author SHA1 Message Date
Gilles Cornu f96636587a provisioners/ansible: don't read/write known_hosts
Like Vagrant's default SSH behaviors (e.g ssh or ssh-config commands),
the Ansible provisioner should by default not modify or read the user
known host file (e.g. ~/.ssh/known_hosts).

Given that `UserKnownHostsFile=/dev/null` SSH option is usually combined
with `StrictHostKeyChecking=no`, it seems quite reasonable to bind the
activation/disactivation of both options to `host_key_checking`
provisioner attribute.

For the records, a discussion held in Ansible-Development mailing list
clearly confirmed that there is no short-term plan to adapt Ansible to
offer an extra option or change the behavior of
ANSIBLE_HOST_KEY_CHECKING. For this reason, the current implementation
seems reasonable and should be stable on the long run.

Close #3900

Related References:

- https://groups.google.com/forum/#!msg/ansible-devel/iuoZs1oImNs/6xrj5oa1CmoJ
- https://github.com/ansible/ansible/issues/9442
2014-11-30 09:55:48 +01:00
Gilles Cornu 178942cf27 provisioners/ansible: change arguments arrangement
- force `--connection=ssh` (any other modes like paramiko or smart are not
  supported)
- give the highest priority to `raw_arguments` for sake of simplicity (in
  usage, in code and in documentation)
- fix position of the `--limit` argument (the generated inventory could be
  shadowed by `raw_arguments`, while ansible.limit was able to override
  `raw_arguments`

ref #3396
2014-11-30 09:50:50 +01:00
Gilles Cornu 306c4f7eda provisioners/ansible: force --connection=ssh
When `--connection` argument is not specified, Ansible will use the
'smart' mode, which can either use `ssh` or `paramiko` transports,
depending of the version of OpenSSH available. If OpenSSH version is new
enough to support ControlPersist technology, `ssh` will be used.
See also http://docs.ansible.com/intro_configuration.html#transport.

In order to support some advanced features of Vagrant (e.g. multiple ssh
private key identities or ssh forwarding), the Ansible provisioner
already must force `ssh` connection mode.

Having to deal with the possible fallback to `paramiko` increase the
burden of special cases that Ansible provisioner must handle, without
any added value, as Vagrant is based on OpenSSH and its users are
usually using modern operating systems.

With this change, the Ansible provisioner will officially only support
`ssh`. It will still be possible to switch to another connection mode
via `raw_arguments`, but it will breach the "contract", and no
(community) support can be expected in such use case.

ref #3900, #3396
2014-11-30 09:50:50 +01:00
Gilles Cornu 1c884fa4e5 provisioners/ansible: Show Ansible command when VAGRANT_LOG=debug 2014-11-25 08:12:43 +01:00
Kalman Hazins bb052366f7 Change symbols inside hashes to 1.9 JSON-like syntax 2014-05-22 12:35:12 -04:00
Gilles Cornu e884dfad71 provisioners/ansible: try to improve unit tests
I still cannot explain the cause of these random errors in this unit test,
but it is anyway safe and suitable to update the test code as following:
- use stricter regular expression matching (-l is included in --limit)
- array lengths substraction instead of array contents substraction
2014-05-05 09:25:35 +02:00
Gilles Cornu 52a44de10c provisioners/ansible: show ansible-playbook in use
Motivation:
By printing out the ansible command used behind the scene, we can ease
the support effort to very quickly identify whether a problem is due to
Vagrant provisioner or Ansible itself.
2014-05-04 22:54:12 +02:00
Gilles Cornu a394d80254 provisioners/ansible: minor change in unit tests 2014-05-04 21:25:43 +02:00
Gilles Cornu de6ad1d5d3 provisioners/ansible: fix unit tests for [GH-3491] 2014-04-26 14:08:10 +02:00
jjshoe 7ef8477e43 provisioners/ansible: Don't run with two --limits
Conflicts:
	test/unit/plugins/provisioners/ansible/provisioner_test.rb
2014-04-26 11:55:59 +02:00
Gilles Cornu 557a451e2f provisioners/ansible: fix an error in a unit test 2014-04-25 22:11:13 +02:00
Gilles Cornu 4465eba753 provisioners/ansible: minor change in unit tests
Combine a maximum of options in the last test:
- Ansible Vault options from [GH-3338]
- raw_arguments

Note: it is not expected from Vagrant to reject incoherent combinations
2014-04-25 21:59:39 +02:00
Emilien Kenler 744e5b9b30 More tests 2014-04-21 13:56:17 -07:00
Emilien Kenler b77bd3e6bb Unit test + vault password file existence check 2014-04-21 13:56:16 -07:00
Gilles Cornu 7ed17ae9ed provisioners/ansible: use strict boolean options
With this change, the ansible provisioner fully complies with
the current user documentation.
2014-04-12 13:48:15 +02:00
Gilles Cornu ad038890bb provisioners/ansible: update specs after [GH-3436] 2014-04-12 10:53:02 +02:00
Gilles Cornu baf0649dcf provisioners/ansible: add more unit tests
Remove wrong usage of shared examples and introduce embedded class methods
(as kind of simple "RSpec macros") to reduce code duplication.
2014-04-12 10:53:01 +02:00
Gilles Cornu e32783312b provisioners/ansible: improve unit tests (wip)
- Don't mock the config object, but use a true instance
- When possible, take advantage of Rpsec before/after hooks to
  reduce code repetitions
- Add an example ("with inventory_path option")
- Use a global variable to store the path of the generated inventory
- Miscellaneous changes in existing examples (style, fixes)
2014-04-12 08:18:35 +02:00
Gilles Cornu f0a596b47c provisioners/ansible: add first unit tests 2014-04-12 08:18:34 +02:00