Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

synchronize can't find ssh key on relative path when ansible can #500

Open
ltalirz opened this issue Oct 6, 2023 · 2 comments
Open

synchronize can't find ssh key on relative path when ansible can #500

ltalirz opened this issue Oct 6, 2023 · 2 comments

Comments

@ltalirz
Copy link

ltalirz commented Oct 6, 2023

SUMMARY

When providing a relative path to ssh key, synchronize can't find it.

More precisely, this problem occurs when the ansible playbook is not in the directory where ansible is run from. In that case, other ansible tasks find the ssh key just fine, but synchronize does not.

Related (fixed) bug from 2017 ansible/ansible-modules-core#18

ISSUE TYPE
  • Bug Report
COMPONENT NAME

ansible.posix.synchronize

ANSIBLE VERSION
ansible [core 2.14.8]
  config file = /home/hpcadmin/pilgrim/ansible.cfg
  configured module search path = ['/home/hpcadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/hpcadmin/pilgrim/miniconda/lib/python3.11/site-packages/ansible
  ansible collection location = /home/hpcadmin/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/hpcadmin/pilgrim/miniconda/bin/ansible
  python version = 3.11.4 (main, Jul  5 2023, 13:45:01) [GCC 11.2.0] (/home/hpcadmin/pilgrim/miniconda/bin/python3)
  jinja version = 3.1.2
  libyaml = True
COLLECTION VERSION
# /home/hpcadmin/.ansible/collections/ansible_collections
Collection    Version
------------- -------
ansible.posix 1.5.4
CONFIGURATION
CALLBACKS_ENABLED(/home/hpcadmin/pilgrim/ansible.cfg) = ['profile_roles']
CONFIG_FILE() = /home/hpcadmin/pilgrim/ansible.cfg
DEFAULT_FORKS(/home/hpcadmin/pilgrim/ansible.cfg) = 128
DEFAULT_LOG_PATH(/home/hpcadmin/pilgrim/ansible.cfg) = /home/hpcadmin/pilgrim/ansible.log
DEFAULT_ROLES_PATH(/home/hpcadmin/pilgrim/ansible.cfg) = ['/home/hpcadmin/pilgrim/playbooks/roles']
DEFAULT_STDOUT_CALLBACK(/home/hpcadmin/pilgrim/ansible.cfg) = debug
DEFAULT_TIMEOUT(/home/hpcadmin/pilgrim/ansible.cfg) = 30
HOST_KEY_CHECKING(/home/hpcadmin/pilgrim/ansible.cfg) = False
OS / ENVIRONMENT

CentOS 7.9

STEPS TO REPRODUCE

Directory layout

id_rsa
ansible.cfg
hosts
playbooks/
  playbook.yml
  folder_to_synchronize/

With playbook.yml

---
- hosts: myhost
  tasks:
  - name: Copy application files
    synchronize:
      src: './folder_to_synchronize'
      dest: /tmp/folder

hosts

all:
  hosts:
    myhost:
      ansible_host: <IP>
  vars:
    ansible_ssh_private_key_file: id_rsa
    # Replacing this with line below fixes the playbook
    #ansible_ssh_private_key_file: "{{'id_rsa'| realpath }}"

ansible.cfg

[defaults]
inventory=hosts
EXPECTED RESULTS

synchronize finds ssh key id_rsa

ACTUAL RESULTS

ansible finds ssh key id_rsa

TASK [Gathering Facts] ****************************************************************************************************************************
ok: [ondemand]

but synchronize fails with

TASK [Copy application files] *********************************************************************************************************************
fatal: [ondemand]: FAILED! => {"changed": false, "cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh='/usr/bin/ssh -S none -i id_rsa -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' --out-format='<<CHANGED>>%i %n%L' /home/hpcadmin/synchronize_issue/playbooks/folder [email protected]:/tmp/folder", "msg": "Warning: Identity file id_rsa not accessible: No such file or directory.\nWarning: Permanently added '10.132.1.9' (ECDSA) to the list of known hosts.\r\[email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\nrsync: connection unexpectedly closed (0 bytes received so far) [sender]\nrsync error: unexplained error (code 255) at io.c(235) [sender=3.1.3]\n", "rc": 255}
@ltalirz
Copy link
Author

ltalirz commented Oct 6, 2023
edited
Loading

Somewhat related to this: While the above behavior demonstrates that synchronize uses the ansible_ssh_private_key_file variable [1], it seems to entirely ignore the ansible_ssh_common_args variable.

ansible_ssh_common_args can contain important settings that are required for connecting to the host (e.g. ProxyJumps), so it is very unexpected that this variable is ignored. Happy to open another bug for this.

[1] By the way, where does this happen? I looked through the synchronize module source code to understand why ansible_ssh_private_key_file was used but not ansible_ssh_common_args, but I could not find ansible_ssh_private_key_file in the module.

@funkyfuture
Copy link

similarly, when using ssh arguments implied by use_ssh_args option the relative path to an identity file isn't resolved, see this previous report.

it would be helpful when an experienced Ansible developer could give advice where the expansion to an absolute path should happen. within the plugin or when options are read or somewher in between?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ltalirz @funkyfuture