-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a way to pass extra variables to ansible-local provisioner #555
Comments
@pas256 Thanks for requesting this. I have some ideas on how to make this work, expect a pull request for review soon. |
@kelseyhightower Have you made any progress on this? I have done an episode on using Aminator and the Ansible Provisioner here, and would like to do one on Packer for comparison, but need this in place before I can use my playbooks. |
i just needed this, so i submitted #842 which will let you pass in arbitrary arguments in to ansible-playbook. |
@strcrzy you legend! Thank you |
@kelseyhightower Should probably close this issue out since it's no longer valid. |
I think there was a bug in #842 that still exists in master that doesn't allow you to pass through the extra variables. In master the extra variables are passed in just before the extraArgs := ""
if len(p.config.ExtraArguments) > 0 {
extraArgs = " --extra-vars " + strings.Join(p.config.ExtraArguments, " ")
}
command := fmt.Sprintf("cd %s && %s %s%s -c local -i %s",
p.config.StagingDir, p.config.Command, playbook, extraArgs, inventory) The important part here is the amazon-ebs: Executing Ansible: ansible-playbook /tmp/packer-provisioner-ansible-local/solo.yml APP=tango REVISION=70c11781cfb3a3b6022924be2b8e487ca9c131f5 -c local -i "127.0.0.1,"
amazon-ebs: ERROR: the playbook: APP=tango could not be found with the following packer config: {
"type": "ansible-local",
"playbook_file": "ansible/solo.yml",
"role_paths": [
"ansible/roles/solo"
],
"extra_arguments": [
"APP={{user `app`}}",
"REVISION={{user `revision`}}"
]
} I couldn't find a test for this functionality in For the time being you can work around this problem by adjusting the {
"type": "ansible-local",
"playbook_file": "ansible/solo.yml",
"command": "APP={{user `app`}} REVISION={{user `revision`}} ansible-playbook",
"role_paths": [
"ansible/roles/solo"
]
} |
Thinking about it more I might have misunderstood the usage of {
"type": "ansible-local",
"playbook_file": "ansible/solo.yml",
"role_paths": [
"ansible/roles/solo"
],
"extra_arguments": [
"--extra-vars"
"APP={{user `app`}}",
"REVISION={{user `revision`}}"
]
} This approach also allows you to pass I think some solid examples in the documentation would help with this. Are the examples on github so I can contribute? |
it is not solely for passing extra variables to ansible. sorry for the confusion, and thank you for offering to add examples. the docs for the ansible provisioner can be found here if you'd like to edit them. |
@coop Curious—how did you pass |
@elithrar I used |
Just fyi, this doesn't work unless you first xfer the vault-password-file to the image being provisioned in some shell preprovisioning step. I ended up just using git-crypt, as it's more transparent, and since i've already init'd git-crypt on my local repo, and packer is copying the files across using scp (or some equivalent), the files are already unencrypted, and get destroyed as part of the builtin post-provisioners If anyone has a better way to do this, please speak up. |
Just a quick workaround, to read from stdin the password:
The only caveat is that it shows your password in your tty (so avoid eavesdroppers) more info: |
Yes please! I want this! |
+1 |
1 similar comment
+1 |
Kind of clunky, but here's a workaround to getting the vault password to ansible without displaying it in the TTY (using ubuntu 14.04 AMI):
ansible-vault-password.py:
And a snippet from the output:
It would probably also be wise to have a third shell provisioner which deletes the passwordExport file from the machine. |
Closing this since this have been implemented a long time ago, see https://www.packer.io/docs/provisioners/ansible-local.html#extra_arguments |
@bschwind Thanks for your example, it's a really helpful example and has more complete information than the documentation. |
@jaytaylor Glad I could help! |
@bschwind how are you getting the ansible-vault-password.py script on the box? Is this something that is part of your base image before you run the ansible provisioner? |
Please only use GitHub Issues for reporting bugs and feature requests. Do not ask for general help here. Use IRC See https://www.packer.io/community/ If you are describing a bug or a feature request please reopen and try to add some more details to make it clearer. |
This is for @kelseyhightower and the
ansible-local
provisioner:ansible-playbook
has an option to pass extra variables along from the command line:When using the
amazon-chroot
builder, it is important to not start any services (e.g. Apache) inside the chroot environment so that the volume can be unmounted correctly. I write my playbooks so that they can be run on both running instances, as well as to build AMIs, and I do that as a flag I pass in a AMI creation time. Right now, there is no way for me to pass that flag to theansible-local
provisioner.Please let me know if there is anything else you need.
The text was updated successfully, but these errors were encountered: