fix agent auth in ssh communicator for ansible provisioner (#9488)

2020-07-23 16:03:01 +03:00 · 2020-07-23 16:03:01 +03:00 · c0048daed5
parent b55396e677
commit c0048daed5
2 changed files with 4 additions and 2 deletions
--- a/common/step_provision.go
+++ b/common/step_provision.go
@ -85,6 +85,7 @@ func PopulateProvisionHookData(state multistep.StateBag) map[string]interface{}
 	hookData["SSHPublicKey"] = string(commConf.SSHPublicKey)
 	hookData["SSHPrivateKey"] = string(commConf.SSHPrivateKey)
 	hookData["SSHPrivateKeyFile"] = commConf.SSHPrivateKeyFile
+	hookData["SSHAgentAuth"] = commConf.SSHAgentAuth

 	// Backwards compatibility; in practice, WinRMPassword is fulfilled by
 	// Password.
--- a/provisioner/ansible/provisioner.go
+++ b/provisioner/ansible/provisioner.go
@ -561,7 +561,8 @@ func (p *Provisioner) Provision(ctx context.Context, ui packer.Ui, comm packer.C
 			// In this situation, we need to make sure we have the
 			// private key we actually use to access the instance.
 			SSHPrivateKeyFile := generatedData["SSHPrivateKeyFile"].(string)
-			if SSHPrivateKeyFile != "" {
+			SSHAgentAuth := generatedData["SSHAgentAuth"].(bool)
+			if SSHPrivateKeyFile != "" || SSHAgentAuth {
 				privKeyFile = SSHPrivateKeyFile
 			} else {
 				// See if we can get a private key and write that to a tmpfile
@ -695,7 +696,7 @@ func (p *Provisioner) createCmdArgs(httpAddr, inventory, playbook, privKeyFile s
 		args = append(args, "-e", fmt.Sprintf("packer_http_addr=%s", httpAddr))
 	}

-	if p.generatedData["ConnType"] == "ssh" {
+	if p.generatedData["ConnType"] == "ssh" && len(privKeyFile) > 0 {
 		// Add ssh extra args to set IdentitiesOnly
 		args = append(args, "--ssh-extra-args", "'-o IdentitiesOnly=yes'")
 	}