mitogen-hq
Special ansible variable 'omit' gets interpreted as ssh user when used with `delegate_to` and `remote_user`
Hello, I've commented on this closed issue https://github.com/mitogen-hq/mitogen/issues/1040 - but opening new one for visibility.
On mitogen 0.3.18 I had to add
self._connection._play_context.post_validate(templar=connection.templar)
as mentioned in first comment of https://github.com/mitogen-hq/mitogen/issues/1040. With that patch all of my playbooks worked without hiccups after upgrading from mitogen 0.3.9.
I was hoping to now migrate from mitogen 0.3.18 to mitogen 0.3.22, since issue was closed and many other improvements were made to mitogen.
I noticed that using omit with delegate_to: and with remote_user: can make ssh use omit value as ssh user.
e.g. I will try to omit remote_user, by not defining test variable
- name: Test
hosts: all
gather_facts: false
tasks:
- name: Touch file using file module
ansible.builtin.file:
path: /tmp/test
state: touch
remote_user: "{{ test | default(omit) }}"
delegate_to: 1.2.3.4
In mitogen 0.3.18 (with the patch), ssh user is just not forwarded so default will be used:
[mux 93383] 18:18:18.765805 D mitogen.parent: creating connection to context 2 using mitogen.ssh
[mux 93383] 18:18:18.765558 D mitogen.io: PollPoller.poll(None)
[mux 93383] 18:18:18.810675 D mitogen.parent: command line for Connection(None): ssh -o "LogLevel ERROR" -o "Compression yes" ...
In mitogen 0.3.22, it tries to use value of omit as actual user
[mux 93949] 18:22:39.322810 D mitogen.parent: creating connection to context 2 using mitogen.ssh
[mux 93949] 18:22:39.322571 D mitogen.io: PollPoller.poll(None)
[mux 93949] 18:22:39.350936 D mitogen.parent: command line for Connection(None): ssh -o "LogLevel ERROR" -l __omit_place_holder__12cecd4460ad11a8ab6a9edbde1b2af5a4505b42 -o "Compression yes" ...
Without delegate_to: it works in both versions, but there are special cases where I need to use both.. I would appreciate any tips related to this.
- Which version of Ansible are you running? 2.16.13
- Is your version of Ansible patched in any way? No
- Are you running with any custom modules, or
module_utilsloaded? No - Have you tried the latest master version from Git? Tested on 0.3.22, it used to work on 0.3.9
- Mention your host and target OS and versions Host: macOS/Ubuntu 22.04, Target: Ubuntu 22.04 LTS
- Mention your host and target Python versions Host: Python 3.12.9, Target: Python 3.10.12
This looks like an upstream Ansible issue to me. I can reproduce it without Mitogen, e.g.
- hosts: d13.lan
gather_facts: false
vars:
ansible_python_interpreter: python3
tasks:
- file:
path: /tmp/mitogen-issue1250
mode: u=rw,go=
state: touch
- file:
path: /tmp/mitogen-issue1250-delegate
mode: u=rw,go=
state: touch
delegate_to: d12.lan
- file:
path: /tmp/mitogen-issue1250-delegate-ruser-omit
mode: u=rw,go=
state: touch
delegate_to: d12.lan
remote_user: "{{ variable_intentionally_undefined | default(omit) }}"
➜ mitogen git:(master) ✗ ANSIBLE_STRATEGY=linear ansible-playbook issue1250.yml
PLAY [d13.lan] *******************************************************************************************
TASK [file] **********************************************************************************************
changed: [d13.lan]
TASK [file] **********************************************************************************************
changed: [d13.lan -> d12.lan]
TASK [file] **********************************************************************************************
fatal: [d13.lan -> d12.lan]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: __omit_place_holder__2414c3f6600f005398ab5de9a4823e2cf44b8d48@d12.lan: Permission denied (publickey,password).", "unreachable": true}
PLAY RECAP ***********************************************************************************************
d13.lan : ok=2 changed=2 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
