iSharkFly-Docs
/
packer-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #9639 from nextus/provision-sshagent-fix 

fix agent auth in ssh communicator for ansible provisioner (#9488)
This commit is contained in:
Megan Marsh 2020-07-27 18:50:56 -07:00 committed by GitHub
parent 943cb1275d bec367347d
commit 882fcd9367
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
common/step_provision.go
View File

@ -85,6 +85,7 @@ func PopulateProvisionHookData(state multistep.StateBag) map[string]interface{}
hookData["SSHPublicKey"] = string(commConf.SSHPublicKey) hookData["SSHPublicKey"] = string(commConf.SSHPublicKey)
hookData["SSHPrivateKey"] = string(commConf.SSHPrivateKey) hookData["SSHPrivateKey"] = string(commConf.SSHPrivateKey)
hookData["SSHPrivateKeyFile"] = commConf.SSHPrivateKeyFile hookData["SSHPrivateKeyFile"] = commConf.SSHPrivateKeyFile
hookData["SSHAgentAuth"] = commConf.SSHAgentAuth
// Backwards compatibility; in practice, WinRMPassword is fulfilled by // Backwards compatibility; in practice, WinRMPassword is fulfilled by
// Password. // Password.

5
provisioner/ansible/provisioner.go
View File

@ -561,7 +561,8 @@ func (p *Provisioner) Provision(ctx context.Context, ui packer.Ui, comm packer.C
// In this situation, we need to make sure we have the // In this situation, we need to make sure we have the
// private key we actually use to access the instance. // private key we actually use to access the instance.
SSHPrivateKeyFile := generatedData["SSHPrivateKeyFile"].(string) SSHPrivateKeyFile := generatedData["SSHPrivateKeyFile"].(string)
if SSHPrivateKeyFile != "" { SSHAgentAuth := generatedData["SSHAgentAuth"].(bool)
if SSHPrivateKeyFile != "" || SSHAgentAuth {
privKeyFile = SSHPrivateKeyFile privKeyFile = SSHPrivateKeyFile
} else { } else {
// See if we can get a private key and write that to a tmpfile // See if we can get a private key and write that to a tmpfile
@ -695,7 +696,7 @@ func (p *Provisioner) createCmdArgs(httpAddr, inventory, playbook, privKeyFile s
args = append(args, "-e", fmt.Sprintf("packer_http_addr=%s", httpAddr)) args = append(args, "-e", fmt.Sprintf("packer_http_addr=%s", httpAddr))
} }
if p.generatedData["ConnType"] == "ssh" { if p.generatedData["ConnType"] == "ssh" && len(privKeyFile) > 0 {
// Add ssh extra args to set IdentitiesOnly // Add ssh extra args to set IdentitiesOnly
args = append(args, "--ssh-extra-args", "'-o IdentitiesOnly=yes'") args = append(args, "--ssh-extra-args", "'-o IdentitiesOnly=yes'")
} }

17
provisioner/ansible/provisioner_test.go
View File

@ -473,6 +473,7 @@ func basicGenData(input map[string]interface{}) map[string]interface{} {
"ConnType": "ssh", "ConnType": "ssh",
"SSHPrivateKeyFile": "", "SSHPrivateKeyFile": "",
"SSHPrivateKey": "asdf", "SSHPrivateKey": "asdf",
"SSHAgentAuth": false,
"User": "PartyPacker", "User": "PartyPacker",
"PackerHTTPAddr": common.HttpAddrNotImplemented, "PackerHTTPAddr": common.HttpAddrNotImplemented,
"PackerHTTPIP": common.HttpIPNotImplemented, "PackerHTTPIP": common.HttpIPNotImplemented,
@ -544,7 +545,7 @@ func TestCreateCmdArgs(t *testing.T) {
"PackerHTTPAddr": "123.45.67.89", "PackerHTTPAddr": "123.45.67.89",
}), }),
callArgs: []string{"123.45.67.89", "/var/inventory", "test-playbook.yml", ""}, callArgs: []string{"123.45.67.89", "/var/inventory", "test-playbook.yml", ""},
ExpectedArgs: []string{"-e", "packer_build_name=\"packerparty\"", "-e", "packer_builder_type=fakebuilder", "-e", "packer_http_addr=123.45.67.89", "--ssh-extra-args", "'-o IdentitiesOnly=yes'", "-e", "hello-world", "-i", "/var/inventory", "test-playbook.yml"}, ExpectedArgs: []string{"-e", "packer_build_name=\"packerparty\"", "-e", "packer_builder_type=fakebuilder", "-e", "packer_http_addr=123.45.67.89", "-e", "hello-world", "-i", "/var/inventory", "test-playbook.yml"},
ExpectedEnvVars: []string{}, ExpectedEnvVars: []string{},
}, },
{ {
@ -600,7 +601,7 @@ func TestCreateCmdArgs(t *testing.T) {
ExtraArguments: []string{"-e", "hello-world", "-e", "ansible_password=ilovebananapancakes"}, ExtraArguments: []string{"-e", "hello-world", "-e", "ansible_password=ilovebananapancakes"},
AnsibleEnvVars: []string{"ENV_1=pancakes", "ENV_2=bananas"}, AnsibleEnvVars: []string{"ENV_1=pancakes", "ENV_2=bananas"},
callArgs: []string{"123.45.67.89", "/var/inventory", "test-playbook.yml", ""}, callArgs: []string{"123.45.67.89", "/var/inventory", "test-playbook.yml", ""},
ExpectedArgs: []string{"-e", "packer_builder_type=fakebuilder", "-e", "packer_http_addr=123.45.67.89", "--ssh-extra-args", "'-o IdentitiesOnly=yes'", "-e", "hello-world", "-e", "ansible_password=ilovebananapancakes", "-e", "ansible_host_key_checking=False", "-i", "/var/inventory", "test-playbook.yml"}, ExpectedArgs: []string{"-e", "packer_builder_type=fakebuilder", "-e", "packer_http_addr=123.45.67.89", "-e", "hello-world", "-e", "ansible_password=ilovebananapancakes", "-e", "ansible_host_key_checking=False", "-i", "/var/inventory", "test-playbook.yml"},
ExpectedEnvVars: []string{"ENV_1=pancakes", "ENV_2=bananas"}, ExpectedEnvVars: []string{"ENV_1=pancakes", "ENV_2=bananas"},
}, },
{ {
@ -614,7 +615,7 @@ func TestCreateCmdArgs(t *testing.T) {
ExtraArguments: []string{"-e", "hello-world", "-e", "ansible_password=ilovebananapancakes"}, ExtraArguments: []string{"-e", "hello-world", "-e", "ansible_password=ilovebananapancakes"},
AnsibleEnvVars: []string{"ENV_1=pancakes", "ENV_2=bananas", "ANSIBLE_HOST_KEY_CHECKING=False"}, AnsibleEnvVars: []string{"ENV_1=pancakes", "ENV_2=bananas", "ANSIBLE_HOST_KEY_CHECKING=False"},
callArgs: []string{"123.45.67.89", "/var/inventory", "test-playbook.yml", ""}, callArgs: []string{"123.45.67.89", "/var/inventory", "test-playbook.yml", ""},
ExpectedArgs: []string{"-e", "packer_builder_type=fakebuilder", "-e", "packer_http_addr=123.45.67.89", "--ssh-extra-args", "'-o IdentitiesOnly=yes'", "-e", "hello-world", "-e", "ansible_password=ilovebananapancakes", "-i", "/var/inventory", "test-playbook.yml"}, ExpectedArgs: []string{"-e", "packer_builder_type=fakebuilder", "-e", "packer_http_addr=123.45.67.89", "-e", "hello-world", "-e", "ansible_password=ilovebananapancakes", "-i", "/var/inventory", "test-playbook.yml"},
ExpectedEnvVars: []string{"ENV_1=pancakes", "ENV_2=bananas", "ANSIBLE_HOST_KEY_CHECKING=False"}, ExpectedEnvVars: []string{"ENV_1=pancakes", "ENV_2=bananas", "ANSIBLE_HOST_KEY_CHECKING=False"},
}, },
{ {
@ -627,12 +628,20 @@ func TestCreateCmdArgs(t *testing.T) {
ExpectedArgs: []string{"-e", "packer_build_name=\"packerparty\"", "-e", "packer_builder_type=fakebuilder", "-e", "ansible_ssh_private_key_file=/path/to/privkey.pem", "--ssh-extra-args", "'-o IdentitiesOnly=yes'", "-e", "hello-world", "-i", "/var/inventory", "test-playbook.yml"}, ExpectedArgs: []string{"-e", "packer_build_name=\"packerparty\"", "-e", "packer_builder_type=fakebuilder", "-e", "ansible_ssh_private_key_file=/path/to/privkey.pem", "--ssh-extra-args", "'-o IdentitiesOnly=yes'", "-e", "hello-world", "-i", "/var/inventory", "test-playbook.yml"},
ExpectedEnvVars: []string{}, ExpectedEnvVars: []string{},
}, },
{
TestName: "Use SSH Agent",
UseProxy: confighelper.TriTrue,
generatedData: basicGenData(nil),
callArgs: []string{common.HttpAddrNotImplemented, "/var/inventory", "test-playbook.yml", ""},
ExpectedArgs: []string{"-e", "packer_builder_type=fakebuilder", "-i", "/var/inventory", "test-playbook.yml"},
ExpectedEnvVars: []string{},
},
{ {
// No builder name. This shouldn't cause an error, it just shouldn't be set. HCL, yo. // No builder name. This shouldn't cause an error, it just shouldn't be set. HCL, yo.
TestName: "No builder name. This shouldn't cause an error, it just shouldn't be set. HCL, yo.", TestName: "No builder name. This shouldn't cause an error, it just shouldn't be set. HCL, yo.",
generatedData: basicGenData(nil), generatedData: basicGenData(nil),
callArgs: []string{common.HttpAddrNotImplemented, "/var/inventory", "test-playbook.yml", ""}, callArgs: []string{common.HttpAddrNotImplemented, "/var/inventory", "test-playbook.yml", ""},
ExpectedArgs: []string{"-e", "packer_builder_type=fakebuilder", "--ssh-extra-args", "'-o IdentitiesOnly=yes'", "-i", "/var/inventory", "test-playbook.yml"}, ExpectedArgs: []string{"-e", "packer_builder_type=fakebuilder", "-i", "/var/inventory", "test-playbook.yml"},
ExpectedEnvVars: []string{}, ExpectedEnvVars: []string{},
}, },
} }