Ansible Roles fails to run in Interactive mode with local_action module.
171 views
Skip to first unread message
Know Your Tech
Apr 13, 2017, 12:45:42 PM4/13/17
to Ansible Project
Issue Type: user question
Ansible version: 2.1.0.0
Ansible module: local_action
*********
I am using ansible roles called "mgr"
/tmp/roles/mgr/tasks/spull.yml:17 is below:
more /tmp/roles/mgr/files/renew.sh
Running ansible roles as below gives error
Running this command from renew.sh without ansible is interactive and desirable
but when the same is triggered using ansible it does not prompt the same way as it does above.
Can you please help explain and fix ?
Ansible version: 2.1.0.0
Ansible module: local_action
*********
I am using ansible roles called "mgr"
/tmp/roles/mgr/tasks/spull.yml:17 is below:
17 - name: ==== Run script renew.sh on LOCAL hosts with ID 'ansibleuser' ====
18
19 local_action: "shell {{ ROLE_PATH }}mgr/files/renew.sh {{ DOMAIN_NAME }} {{ LOCAL_CERT_HOME }}dump chdir={{ ROLE_PATH }}mgr/files/ "
more /tmp/roles/mgr/files/renew.sh
echo "CERT RENEWAL:"$1".jks"
echo "keytool -genkey -alias $1 -keyalg RSA -sigalg SHA256withRSA -keystore $2"/"$1.jks -keysize 2048"
keytool -genkey -alias $1 -keyalg RSA -sigalg SHA256withRSA -keystore $2"/"$1.jks -keysize 2048 < /dev/ttyRunning ansible roles as below gives error
ansible-playbook -vvv site.yml -i /web/hostfiles/host.txt
TASK [mgr : ==== Run script install_cert.sh on LOCAL hosts at location=/tmp/roles/ with ID 'user1' ====] ***
task path: /tmp/roles/mgr/tasks/spull.yml:17
<localhost> ESTABLISH LOCAL CONNECTION FOR USER: ansibleuser
<localhost> EXEC /bin/sh -c 'LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python && sleep 0'
changed: [remote.com -> localhost] => {"changed": true, "cmd": "/tmp/roles/mgr/files/renew.sh mydom /tmp/moht/dump", "delta": "0:00:58.055556", "end": "2017-04-13 03:41:54.653376", "invocation": {"module_args": {"_raw_params": "/tmp/roles/mgr/files/renew.sh mydom /tmp/moht/dump", "_uses_shell": true, "chdir": "/tmp/roles/mgr/files/", "creates": null, "executable": null, "removes": null, "warn": true}, "module_name": "command"}, "rc": 0, "start": "2017-04-13 03:40:56.597820", "stderr": "Enter keystore password: Keystore password is too short - must be at least 6 characters\nEnter keystore password: Keystore password is too short - must be at least 6 characters\nEnter keystore password: Keystore password is too short - must be at least 6 characters\nToo many failures - try later", "stdout": "CERT RENEWAL:mydom.jks\nkeytool -genkey -alias mydom -keyalg RSA -sigalg SHA256withRSA -keystore /tmp/moht/dump/mydom.jks -keysize 2048", "stdout_lines": ["CERT RENEWAL:mydom.jks", "keytool -genkey -alias mydom -keyalg RSA -sigalg SHA256withRSA -keystore /tmp/moht/dump/mydom.jks -keysize 2048"], "warnings": []}
TASK [mgr : include] ***************************************************Running this command from renew.sh without ansible is interactive and desirable
keytool -genkey -alias $1 -keyalg RSA -sigalg SHA256withRSA -keystore $2"/"$1.jks -keysize 2048 < /dev/tty
Output:
keytool -genkey -alias mydom -keyalg RSA -sigalg SHA256withRSA -keystore /tmp/moht/dump/mydom.jks -keysize 2048
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: test me
What is the name of your organizational unit?
[Unknown]: testing
What is the name of your organization?
[Unknown]: tester
What is the name of your City or Locality?
[Unknown]:
but when the same is triggered using ansible it does not prompt the same way as it does above.
Can you please help explain and fix ?
Kai Stian Olstad
Apr 18, 2017, 12:51:58 PM4/18/17
to ansible...@googlegroups.com
On 13. april 2017 10:15, Know Your Tech wrote:
> Running this command from renew.sh without ansible is interactive and
> desirable
>
> keytool -genkey -alias $1 -keyalg RSA -sigalg SHA256withRSA -keystore $2"/"
> $1.jks -keysize 2048 < /dev/tty
>
> Output:
>
> keytool -genkey -alias mydom -keyalg RSA -sigalg SHA256withRSA -keystore /
> tmp/moht/dump/mydom.jks -keysize 2048
>
> Enter keystore password:
> Re-enter new password:
> What is your first and last name?
> [Unknown]: test me
> What is the name of your organizational unit?
> [Unknown]: testing
> What is the name of your organization?
> [Unknown]: tester
> What is the name of your City or Locality?
> [Unknown]:
>
>
>
> but when the same is triggered using ansible it does not prompt the same
> way as it does above.
>
> Can you please help explain and fix ?
Ansible can't be used in a interactive way like this.
> Running this command from renew.sh without ansible is interactive and
> desirable
>
> keytool -genkey -alias $1 -keyalg RSA -sigalg SHA256withRSA -keystore $2"/"
> $1.jks -keysize 2048 < /dev/tty
>
> Output:
>
> keytool -genkey -alias mydom -keyalg RSA -sigalg SHA256withRSA -keystore /
> tmp/moht/dump/mydom.jks -keysize 2048
>
> Enter keystore password:
> Re-enter new password:
> What is your first and last name?
> [Unknown]: test me
> What is the name of your organizational unit?
> [Unknown]: testing
> What is the name of your organization?
> [Unknown]: tester
> What is the name of your City or Locality?
> [Unknown]:
>
>
>
> but when the same is triggered using ansible it does not prompt the same
> way as it does above.
>
> Can you please help explain and fix ?
What you can do is using the expect module to automatic answer the question.
An alterative is to use vars_prompt and specify the information on the
command line.
https://docs.ansible.com/ansible/playbooks_prompts.html
--
Kai Stian Olstad
Reply all
Reply to author
Forward
0 new messages