packer-plugin-ansible icon indicating copy to clipboard operation
packer-plugin-ansible copied to clipboard
verified publisher icon hashicorp

ssh_authorized_key_file Does not get passed to ansible

Open jeremymcgee73 opened this issue 4 years ago • 1 comments

Overview of the Issue

When setting the ssh_authorized_key_file property, it seems to be ignored. The temp key still is generated (which is empty per another issue), and passed to ansible via the ansible_ssh_private_key_file param.

Reproduction Steps

provisioner "ansible" {
    playbook_file    = "main.yml"
    use_proxy        = false
    ansible_env_vars = ["ANSIBLE_CONFIG=ansible.cfg"]
    ssh_authorized_key_file = "privatekey.file"
}

Plugin and Packer version

packer 1.7.0

ansible 2.9.10

Operating system and Environment details

This happens with Windows and RHEL.

jeremymcgee73 avatar Apr 29 '21 17:04 jeremymcgee73

We can provide an option to customise the catalog names when using our code to set up the red hat catalogs, but generally speeaking if there's already a certified-operator-index catalog source there shouldn't be a need to set up one with our roles.

durera avatar Apr 26 '24 13:04 durera

@durera: Thank you for your response!

While there is already a certified-operator-index catalog source, it does not mirror the full catalog to reduce size. Re-using the catalog from the MAS Ansible Role would allow us to rely on the MAS Ansible role to specify dependencies & versioning

ChrisSchneiderIBM avatar Apr 29 '24 10:04 ChrisSchneiderIBM

@ChrisSchneiderIBM had a internal chat with David, here is how you can solve this.

In this case you don’t need to use mirror ocp. We can’t just name them something different, it’s still clashes. There are 2 options:

  • manage the red hat catalogs yourself
  • OR use the mas cli to manage them

We would recommend MAS CLI to manage the OCP and MAS catalogs

lokesh-sreedhara avatar Jul 03 '24 22:07 lokesh-sreedhara

Thank you for your response @lokesh-sreedhara. Is there a way in MAS CLI to add my own operators, like OpenShift Update Service, RHACM, Logging etc?

Managing the RH catalogs required by Maximo myself comes with the challenge that I've to manually keep them in sync with MAS CLI.

For now I worked around the issue by giving my separately mirrored catalog a different name:

ocp_mirror_operators:
- catalog: registry.redhat.io/redhat/redhat-operator-index:v{{ ocp_version }}
  targetCatalog: redhat2/redhat-operator-index
  packages:
    ...

ChrisSchneiderIBM avatar Jul 04 '24 07:07 ChrisSchneiderIBM

Action here should be:

  • new parameter in https://github.com/ibm-mas/ansible-devops/tree/b8cd290493651529ac0a85117e6d5ec5c588dbab/ibm/mas_devops/roles/ocp_contentsourcepolicy redhat_catalogs_prefix
  • use this prefix in the catalog source names: https://github.com/ibm-mas/ansible-devops/blob/b8cd290493651529ac0a85117e6d5ec5c588dbab/ibm/mas_devops/roles/ocp_contentsourcepolicy/templates/redhat-catalogs.yml.j2
  • prefix should default to nothing, resulting in no change of behaviour/making sure this isn't a breaking change

Should be straightforward change to make and test by just running the role in isolation and checking the catalogsources, doesn't matter if the catalog sources are pointing at something that even exists for the purpose of this test.

durera avatar Aug 23 '24 10:08 durera