我需要使用转发代理选项。在tf
中
provisioner "local-exec" {
command = <<-EOT
cd ../systems/ac/ansible/
ansible-playbook playbooks/install/ac/playbooks/preinstall.yml --inventory=../../ansible/ansible-local-environment/inventory/${var.domain}/${var.system}.${var.domain}
我克隆了一个git仓库,但是我被拒绝访问。
当我在本地启动playbook时-存储库克隆正确,因为ssh-add -l
中正确显示了密钥ssh-add -l
3072 SHA256:4RjItcuYK0WoCvSZsSmSDUsoYwuo+/M859066Y3d/E8 knex@local.ac.d (RSA)
3072 SHA256:gCZ+VTwFnOaLnYk9N+LNkDBzfcokQm4VG6+l/qzHxZg knex@Mac-knex.local (RSA)
我有正确的~/.ssh/config
Host *.ac.example.eu
User knex
ForwardAgent yes
IdentityFile ~/.ssh/id_rsa
我ansible.cfg
[defaults]
interpreter_python = auto_silent
transform_invalid_group_chars = always
deprecation_warnings = false
roles_path = ./ansible-roles
host_key_checking = False
sudo_flags=-HE
ANSIBLE_DEBUG=1
[ssh_connection]
ssh_args = -o ForwardAgent=yes -o StrictHostKeyChecking=no
pipelining=True
但是当我从terraform - terraform运行剧本时,忽略ssh-add -l我得到了
"Could not open a connection to your authentication agent."
有别的办法吗?我必须转发这些密钥
当我自己开始剧本时-一切都很好。
好了,我添加了local-exec ssh-add -k,现在可以工作了。