Make SCP the default for provisioner/ansible
Add a new option, `use_sftp` to the ansible provisioner. It's default value is false; ansible provisioner will use SCP by default. Refactor to consistently set all configure options for ansible provisioner in the Prepare step. Remove incorrect information about `ANSIBLE_HOST_KEY_CHECKING=False` being set when `ansible_env_vars` is not set in the packer template. Update BATS tests for the ansible provisioner to actually check that the fetched directory contains the contents expected. This revealed a problem with the all_options template that required adding a host to the hosts list in the test playbook.
This commit is contained in:
Billie H. Cleek
parent
e6a0e523e2
commit
f760ab2fd8
|
|
@ -52,6 +52,7 @@ type Config struct {
|
||||||
SSHHostKeyFile string `mapstructure:"ssh_host_key_file"`
|
SSHHostKeyFile string `mapstructure:"ssh_host_key_file"`
|
||||||
SSHAuthorizedKeyFile string `mapstructure:"ssh_authorized_key_file"`
|
SSHAuthorizedKeyFile string `mapstructure:"ssh_authorized_key_file"`
|
||||||
SFTPCmd string `mapstructure:"sftp_command"`
|
SFTPCmd string `mapstructure:"sftp_command"`
|
||||||
|
UseSFTP bool `mapstructure:"use_sftp"`
|
||||||
inventoryFile string
|
inventoryFile string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -106,6 +107,12 @@ func (p *Provisioner) Prepare(raws ...interface{}) error {
|
||||||
log.Println(p.config.SSHHostKeyFile, "does not exist")
|
log.Println(p.config.SSHHostKeyFile, "does not exist")
|
||||||
errs = packer.MultiErrorAppend(errs, err)
|
errs = packer.MultiErrorAppend(errs, err)
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
p.config.AnsibleEnvVars = append(p.config.AnsibleEnvVars, "ANSIBLE_HOST_KEY_CHECKING=False")
|
||||||
|
}
|
||||||
|
|
||||||
|
if !p.config.UseSFTP {
|
||||||
|
p.config.AnsibleEnvVars = append(p.config.AnsibleEnvVars, "ANSIBLE_SCP_IF_SSH=True")
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(p.config.LocalPort) > 0 {
|
if len(p.config.LocalPort) > 0 {
|
||||||
|
|
@ -277,7 +284,7 @@ func (p *Provisioner) Provision(ui packer.Ui, comm packer.Communicator) error {
|
||||||
}()
|
}()
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := p.executeAnsible(ui, comm, k.privKeyFile, !hostSigner.generated); err != nil {
|
if err := p.executeAnsible(ui, comm, k.privKeyFile); err != nil {
|
||||||
return fmt.Errorf("Error executing Ansible: %s", err)
|
return fmt.Errorf("Error executing Ansible: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -294,7 +301,7 @@ func (p *Provisioner) Cancel() {
|
||||||
os.Exit(0)
|
os.Exit(0)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *Provisioner) executeAnsible(ui packer.Ui, comm packer.Communicator, privKeyFile string, checkHostKey bool) error {
|
func (p *Provisioner) executeAnsible(ui packer.Ui, comm packer.Communicator, privKeyFile string) error {
|
||||||
playbook, _ := filepath.Abs(p.config.PlaybookFile)
|
playbook, _ := filepath.Abs(p.config.PlaybookFile)
|
||||||
inventory := p.config.inventoryFile
|
inventory := p.config.inventoryFile
|
||||||
var envvars []string
|
var envvars []string
|
||||||
|
|
@ -315,10 +322,6 @@ func (p *Provisioner) executeAnsible(ui packer.Ui, comm packer.Communicator, pri
|
||||||
cmd.Env = append(cmd.Env, envvars...)
|
cmd.Env = append(cmd.Env, envvars...)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !checkHostKey {
|
|
||||||
cmd.Env = append(cmd.Env, "ANSIBLE_HOST_KEY_CHECKING=False")
|
|
||||||
}
|
|
||||||
|
|
||||||
stdout, err := cmd.StdoutPipe()
|
stdout, err := cmd.StdoutPipe()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
|
@ -435,7 +438,6 @@ func newUserKey(pubKeyFile string) (*userKey, error) {
|
||||||
|
|
||||||
type signer struct {
|
type signer struct {
|
||||||
ssh.Signer
|
ssh.Signer
|
||||||
generated bool
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func newSigner(privKeyFile string) (*signer, error) {
|
func newSigner(privKeyFile string) (*signer, error) {
|
||||||
|
|
@ -464,7 +466,6 @@ func newSigner(privKeyFile string) (*signer, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.New("Failed to extract private key from generated key pair")
|
return nil, errors.New("Failed to extract private key from generated key pair")
|
||||||
}
|
}
|
||||||
signer.generated = true
|
|
||||||
|
|
||||||
return signer, nil
|
return signer, nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@
|
||||||
"-vvvv", "--private-key", "ansible-test-id"
|
"-vvvv", "--private-key", "ansible-test-id"
|
||||||
],
|
],
|
||||||
"sftp_command": "/usr/lib/sftp-server -e -l INFO",
|
"sftp_command": "/usr/lib/sftp-server -e -l INFO",
|
||||||
|
"use_sftp": true,
|
||||||
"ansible_env_vars": ["PACKER_ANSIBLE_TEST=1", "ANSIBLE_HOST_KEY_CHECKING=False"],
|
"ansible_env_vars": ["PACKER_ANSIBLE_TEST=1", "ANSIBLE_HOST_KEY_CHECKING=False"],
|
||||||
"groups": ["PACKER_TEST"],
|
"groups": ["PACKER_TEST"],
|
||||||
"empty_groups": ["PACKER_EMPTY_GROUP"],
|
"empty_groups": ["PACKER_EMPTY_GROUP"],
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
- hosts: default
|
- hosts: default:packer-test
|
||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- raw: touch /root/ansible-raw-test
|
- raw: touch /root/ansible-raw-test
|
||||||
|
|
|
||||||
|
|
@ -7,10 +7,9 @@
|
||||||
"extra_arguments": [
|
"extra_arguments": [
|
||||||
"-vvvv"
|
"-vvvv"
|
||||||
],
|
],
|
||||||
"ansible_env_vars": ["ANSIBLE_SCP_IF_SSH=True"],
|
|
||||||
"sftp_command": "/usr/bin/false"
|
"sftp_command": "/usr/bin/false"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"builders": [
|
"builders": [
|
||||||
{
|
{
|
||||||
"type": "googlecompute",
|
"type": "googlecompute",
|
||||||
|
|
|
||||||
|
|
@ -12,9 +12,10 @@
|
||||||
}, {
|
}, {
|
||||||
"type": "ansible",
|
"type": "ansible",
|
||||||
"playbook_file": "./playbook.yml",
|
"playbook_file": "./playbook.yml",
|
||||||
"sftp_command": "/usr/lib/sftp-server -e -l INFO"
|
"sftp_command": "/usr/lib/sftp-server -e -l INFO",
|
||||||
|
"use_sftp": true
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"builders": [
|
"builders": [
|
||||||
{
|
{
|
||||||
"type": "googlecompute",
|
"type": "googlecompute",
|
||||||
|
|
|
||||||
|
|
@ -48,6 +48,7 @@ teardown() {
|
||||||
run packer build ${USER_VARS} $FIXTURE_ROOT/minimal.json
|
run packer build ${USER_VARS} $FIXTURE_ROOT/minimal.json
|
||||||
[ "$status" -eq 0 ]
|
[ "$status" -eq 0 ]
|
||||||
[ "$(gc_has_image "packerbats-minimal")" -eq 1 ]
|
[ "$(gc_has_image "packerbats-minimal")" -eq 1 ]
|
||||||
|
diff -r dir fetched-dir/default/tmp/remote-dir > /dev/null
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "ansible provisioner: build all_options.json" {
|
@test "ansible provisioner: build all_options.json" {
|
||||||
|
|
@ -55,6 +56,7 @@ teardown() {
|
||||||
run packer build ${USER_VARS} $FIXTURE_ROOT/all_options.json
|
run packer build ${USER_VARS} $FIXTURE_ROOT/all_options.json
|
||||||
[ "$status" -eq 0 ]
|
[ "$status" -eq 0 ]
|
||||||
[ "$(gc_has_image "packerbats-alloptions")" -eq 1 ]
|
[ "$(gc_has_image "packerbats-alloptions")" -eq 1 ]
|
||||||
|
diff -r dir fetched-dir/packer-test/tmp/remote-dir > /dev/null
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "ansible provisioner: build scp.json" {
|
@test "ansible provisioner: build scp.json" {
|
||||||
|
|
@ -62,6 +64,7 @@ teardown() {
|
||||||
run packer build ${USER_VARS} $FIXTURE_ROOT/scp.json
|
run packer build ${USER_VARS} $FIXTURE_ROOT/scp.json
|
||||||
[ "$status" -eq 0 ]
|
[ "$status" -eq 0 ]
|
||||||
[ "$(gc_has_image "packerbats-scp")" -eq 1 ]
|
[ "$(gc_has_image "packerbats-scp")" -eq 1 ]
|
||||||
|
diff -r dir fetched-dir/default/tmp/remote-dir > /dev/null
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "ansible provisioner: build sftp.json" {
|
@test "ansible provisioner: build sftp.json" {
|
||||||
|
|
@ -69,4 +72,6 @@ teardown() {
|
||||||
run packer build ${USER_VARS} $FIXTURE_ROOT/sftp.json
|
run packer build ${USER_VARS} $FIXTURE_ROOT/sftp.json
|
||||||
[ "$status" -eq 0 ]
|
[ "$status" -eq 0 ]
|
||||||
[ "$(gc_has_image "packerbats-sftp")" -eq 1 ]
|
[ "$(gc_has_image "packerbats-sftp")" -eq 1 ]
|
||||||
|
diff -r dir fetched-dir/default/tmp/remote-dir > /dev/null
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -78,10 +78,12 @@ Optional Parameters:
|
||||||
- `sftp_command` (string) - The command to run on the machine being provisioned
|
- `sftp_command` (string) - The command to run on the machine being provisioned
|
||||||
by Packer to handle the SFTP protocol that Ansible will use to transfer
|
by Packer to handle the SFTP protocol that Ansible will use to transfer
|
||||||
files. The command should read and write on stdin and stdout, respectively.
|
files. The command should read and write on stdin and stdout, respectively.
|
||||||
SCP can be used instead of SFTP by setting `ANSIBLE_SCP_IF_SSH=True` in
|
|
||||||
`ansible_env_vars`.
|
|
||||||
Defaults to `/usr/lib/sftp-server -e`.
|
Defaults to `/usr/lib/sftp-server -e`.
|
||||||
|
|
||||||
|
- `use_sftp` (boolean) - Whether to use SFTP. When false,
|
||||||
|
`ANSIBLE_SCP_IF_SSH=True` will be automatically added to `ansible_env_vars`.
|
||||||
|
Defaults to false.
|
||||||
|
|
||||||
- `extra_arguments` (array of strings) - Extra arguments to pass to Ansible.
|
- `extra_arguments` (array of strings) - Extra arguments to pass to Ansible.
|
||||||
Usage example:
|
Usage example:
|
||||||
|
|
||||||
|
|
@ -90,8 +92,7 @@ Optional Parameters:
|
||||||
```
|
```
|
||||||
|
|
||||||
- `ansible_env_vars` (array of strings) - Environment variables to set before
|
- `ansible_env_vars` (array of strings) - Environment variables to set before
|
||||||
running Ansible. If unset, defaults to `ANSIBLE_HOST_KEY_CHECKING=False`.
|
running Ansible.
|
||||||
Set `ANSIBLE_SCP_IF_SSH=True` to use SCP instead of SFTP.
|
|
||||||
Usage example:
|
Usage example:
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue