[英]Get Azure key vault secret using Ansible - how can I tell azure_preview_modules in Ansible script where the correct Ansible is installed?
我正在尝试获取 Ansible 剧本,以便能够读取 Azure 密钥库中的秘密,根据此页面https///docs.microsoft.com////-azure configure-secrets?tabs=ansible#get-secrets-from-key-vault 。 看起来很简单。 我的剧本如下:
---
- name: key vault testing
hosts: localhost
connection: local
roles:
- { role: azure.azure_preview_modules }
vars:
tenant_id: xxxxxxxxxxxxxx
vault_name: xxxxxxxxx
secret_name: xxxxxxxxxxxxxxx
client_id: xxxxxxxxxxxxxxxx
client_secret: xxxxxxxxxxxxxxx
tasks:
- name: Get Key Vault by name
azure_rm_keyvault_info:
resource_group: xxxxxxxxxx
name: "{{ vault_name }}"
register: keyvault
- name: Set key vault URI fact
set_fact: keyvaulturi="{{ keyvault['keyvaults'][0]['vault_uri'] }}"
- name: Set key vault secret fact
set_fact: secretValue={{ lookup('azure_keyvault_secret',secret_name,vault_url=keyvaulturi, client_id=client_id, secret=client_secret, tenant_id=tenant_id) }}
- name: Output key vault secret
debug:
msg: "{{ secretValue }}"
当我运行它时,我得到以下输出/错误:
PLAY [key vault testing] ********************************************************************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************************************************************
ok: [localhost]
TASK [azure.azure_preview_modules : Install Azure Python SDK required by modules.] **********************************************************************************************************************************************************
ok: [localhost]
TASK [azure.azure_preview_modules : debug] **************************************************************************************************************************************************************************************************
ok: [localhost] => {
"msg": [
"Your Ansible version is lower than 2.5.0",
"You may need to perform additional steps to install this roles:",
" sudo pip install -r /home/administrator/.ansible/roles/azure.azure_preview_modules/files/requirements-azure.txt",
"or",
" pip install --user -r /home/administrator/.ansible/roles/azure.azure_preview_modules/files/requirements-azure.txt",
"depending on your ansible setup."
]
}
TASK [Get Key Vault by name] ****************************************************************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: TypeError: AnsibleModule.__init__() got an unexpected keyword argument 'check_invalid_arguments'
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/home/administrator/.ansible/tmp/ansible-tmp-1660655181.949111-2808-175135597436300/AnsiballZ_azure_rm_keyvault_info.py\", line 107, in <module>\n _ansiballz_main()\n File \"/home/administrator/.ansible/tmp/ansible-tmp-1660655181.949111-2808-175135597436300/AnsiballZ_azure_rm_keyvault_info.py\", line 99, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/administrator/.ansible/tmp/ansible-tmp-1660655181.949111-2808-175135597436300/AnsiballZ_azure_rm_keyvault_info.py\", line 47, in invoke_module\n runpy.run_module(mod_name='ansible.modules.azure_rm_keyvault_info', init_globals=dict(_module_fqn='ansible.modules.azure_rm_keyvault_info', _modlib_path=modlib_path),\n File \"/usr/lib/python3.10/runpy.py\", line 209, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_azure_rm_keyvault_info_payload_7xtlk5_l/ansible_azure_rm_keyvault_info_payload.zip/ansible/modules/azure_rm_keyvault_info.py\", line 323, in <module>\n File \"/tmp/ansible_azure_rm_keyvault_info_payload_7xtlk5_l/ansible_azure_rm_keyvault_info_payload.zip/ansible/modules/azure_rm_keyvault_info.py\", line 319, in main\n File \"/tmp/ansible_azure_rm_keyvault_info_payload_7xtlk5_l/ansible_azure_rm_keyvault_info_payload.zip/ansible/modules/azure_rm_keyvault_info.py\", line 227, in __init__\n File \"/tmp/ansible_azure_rm_keyvault_info_payload_7xtlk5_l/ansible_azure_rm_keyvault_info_payload.zip/ansible/module_utils/azure_rm_common.py\", line 288, in __init__\nTypeError: AnsibleModule.__init__() got an unexpected keyword argument 'check_invalid_arguments'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
PLAY RECAP **********************************************************************************************************************************************************************************************************************************
localhost : ok=3 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
I'm using ubuntu 22.04 installed in Hyper-V, and I followed the Ansible installation instructions here https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html . 我可以很好地运行其他 Ansible 剧本。 我已经用 ansible ansible-galaxy install azure.azure_preview_modules
。 我认为我的错误可能与这部分有关:
"Your Ansible version is lower than 2.5.0"
如果我运行ansible --version
我得到这个 output:
ansible [core 2.13.3]
config file = None
configured module search path = ['/home/administrator/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/administrator/.local/lib/python3.10/site-packages/ansible
ansible collection location = /home/administrator/.ansible/collections:/usr/share/ansible/collections
executable location = /home/administrator/.local/bin/ansible
python version = 3.10.4 (main, Jun 29 2022, 12:14:53) [GCC 11.2.0]
jinja version = 3.1.2
libyaml = True
这告诉我我的 Ansible 版本不低于 2.5.0,这就是为什么我认为这是我应该开始寻找的地方。 有人有什么我可以尝试的想法吗? 我正准备把我所有的头发都拔掉!!! 谢谢安德鲁
TASK [azure.azure_preview_modules: debug] * ok: [localhost] => { "msg": [ "Your Ansible version is below 2.5.0", "You may need to perform additional steps to install this roles:", An任务执行期间发生异常。 看到完整的
出现上述错误是由于您ansible-galaxy install azure.azure_preview_modules
在 playbook 中是 2.5.0
通常剧本:
多个 collections 可能具有可以具有相同名称的模块(例如,
user
),因此在 Ansible 2.10 及更高版本中,请确保在您的剧本中使用完全限定的集合名称,以便选择正确的模块。
使用 arguments 低于 ansible版本 2.10的 playbook 可能无法处理
可能解决的条件:
卸载 Ansible
sudo apt remove ansible
使用 pip 安装 Ansible
pip3 install ansible
安装系统范围的apt
sudo apt install ansible
参考:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.