terraform icon indicating copy to clipboard operation
terraform copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Generate a working ps1 command from remote-exec ssh

Open craigminihan opened this issue 2 years ago • 9 comments

Terraform's remote-exec with type=ssh won't connect to remote Windows boxes due to quoted escaping on the scp command passed to the ssh layer.

The Windows command "scp" -vt c:/windows/temp is passed to the remote which works fine where the shell is cmd.exe but fails when the shell is powershell.exe.

Raised as issue #31423.

craigminihan avatar Jul 12 '22 11:07 craigminihan

CLA assistant check
All committers have signed the CLA.

hashicorp-cla avatar Jul 12 '22 11:07 hashicorp-cla

Thanks for this submission. Although I cannot commit to having this PR reviewed at this time, we acknowledge your contribution and appreciate it! Thanks again for the submission!

crw avatar Jul 12 '22 21:07 crw

I just saw comment https://github.com/hashicorp/terraform/issues/31423#issuecomment-1181822679! Apologies if my previous message was confusing.

crw avatar Jul 12 '22 21:07 crw

@crw no worries, I've got a local build with this change and will be running it as part of my IaC workflow until/if the PR is merged

craigminihan avatar Jul 12 '22 22:07 craigminihan

does noone manage issues/PRs at hashicorp. how long do things have to lie in wait when the community contributes?

rismoney avatar Sep 28 '22 22:09 rismoney

@rismoney We do look at them. Unfortunately Provisioners are in a bit of a stasis, in general we are not trying to add more features to them although we do occasionally accept bugfix contributions. This PR is the victim of its specific use case, we'd need someone internally with Powershell to test - not impossible, but it has not been a top priority for a variety of reasons. For more on Provisioners generally see: https://github.com/hashicorp/terraform/blob/main/.github/CONTRIBUTING.md#provisioners

Thanks for your comment!

crw avatar Sep 28 '22 23:09 crw

@craigminihan Please see the above comments from @alisdair.

crw avatar Oct 11 '22 16:10 crw

@crw @alisdair I can create some HCL to provision a Windows box with OpenSSH + cmd and another with OpenSSH + PowerShell and test code to exercise this change.

TBH the quote change made previously (go-shquot) broke the PowerShell handling of the script command. "/script/hello-world.ps1" is a string whereas /script/hello-world.ps1 is an executable command to the PowerShell command interpreter.

Prefixing the string with a & turns it back into a command again, for example &"/script/hello-world.ps1" would be executed.

craigminihan avatar Oct 17 '22 15:10 craigminihan

Sample configs for manual testing would be great, thanks!

TBH the quote change made previously (go-shquot) broke the PowerShell handling of the script command.

I understand that. What I'm suggesting is that we should try to make use of the ViaPowerShell function in go-shquot to implement the correct command quoting, instead of prepending an ampersand inline.

If you're revisiting this, I think it's worth considering my other question from the prior review, too:

Do we need a way for users to specify that the target platform is Windows+Powershell?

alisdair avatar Oct 17 '22 16:10 alisdair