堆栈内存溢出
  繁体   English   中英

使用 Ansible 获取 Azure 密钥保管库机密 - 我如何在 Ansible 脚本中告诉 azure_preview_modules 安装了正确的 Ansible?

[英]Get Azure key vault secret using Ansible - how can I tell azure_preview_modules in Ansible script where the correct Ansible is installed?

 原文  2022-08-16 13:28:43       python/ ubuntu/ ansible/ azure-keyvault

问题描述

我正在尝试获取 Ansible 剧本,以便能够读取 Azure 密钥库中的秘密,根据此页面https///docs.microsoft.com////-azure configure-secrets?tabs=ansible#get-secrets-from-key-vault 看起来很简单。 我的剧本如下:

---
- name: key vault testing
  hosts: localhost
  connection: local
  roles: 
    -  { role: azure.azure_preview_modules }

  vars:
    tenant_id: xxxxxxxxxxxxxx
    vault_name: xxxxxxxxx
    secret_name: xxxxxxxxxxxxxxx
    client_id: xxxxxxxxxxxxxxxx
    client_secret: xxxxxxxxxxxxxxx

  tasks:
  - name: Get Key Vault by name
    azure_rm_keyvault_info:
      resource_group: xxxxxxxxxx
      name: "{{ vault_name }}"
    register: keyvault

  - name: Set key vault URI fact
    set_fact: keyvaulturi="{{ keyvault['keyvaults'][0]['vault_uri'] }}"

  - name: Set key vault secret fact
    set_fact: secretValue={{ lookup('azure_keyvault_secret',secret_name,vault_url=keyvaulturi, client_id=client_id, secret=client_secret, tenant_id=tenant_id) }}

  - name: Output key vault secret
    debug:
      msg: "{{ secretValue }}"

当我运行它时,我得到以下输出/错误:

PLAY [key vault testing] ********************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] **********************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [azure.azure_preview_modules : Install Azure Python SDK required by modules.] **********************************************************************************************************************************************************
ok: [localhost]

TASK [azure.azure_preview_modules : debug] **************************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "Your Ansible version is lower than 2.5.0",
        "You may need to perform additional steps to install this roles:",
        "  sudo pip install -r /home/administrator/.ansible/roles/azure.azure_preview_modules/files/requirements-azure.txt",
        "or",
        "  pip install --user -r /home/administrator/.ansible/roles/azure.azure_preview_modules/files/requirements-azure.txt",
        "depending on your ansible setup."
    ]
}

TASK [Get Key Vault by name] ****************************************************************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: TypeError: AnsibleModule.__init__() got an unexpected keyword argument 'check_invalid_arguments'
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/home/administrator/.ansible/tmp/ansible-tmp-1660655181.949111-2808-175135597436300/AnsiballZ_azure_rm_keyvault_info.py\", line 107, in <module>\n    _ansiballz_main()\n  File \"/home/administrator/.ansible/tmp/ansible-tmp-1660655181.949111-2808-175135597436300/AnsiballZ_azure_rm_keyvault_info.py\", line 99, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/home/administrator/.ansible/tmp/ansible-tmp-1660655181.949111-2808-175135597436300/AnsiballZ_azure_rm_keyvault_info.py\", line 47, in invoke_module\n    runpy.run_module(mod_name='ansible.modules.azure_rm_keyvault_info', init_globals=dict(_module_fqn='ansible.modules.azure_rm_keyvault_info', _modlib_path=modlib_path),\n  File \"/usr/lib/python3.10/runpy.py\", line 209, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\n    _run_code(code, mod_globals, init_globals,\n  File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_azure_rm_keyvault_info_payload_7xtlk5_l/ansible_azure_rm_keyvault_info_payload.zip/ansible/modules/azure_rm_keyvault_info.py\", line 323, in <module>\n  File \"/tmp/ansible_azure_rm_keyvault_info_payload_7xtlk5_l/ansible_azure_rm_keyvault_info_payload.zip/ansible/modules/azure_rm_keyvault_info.py\", line 319, in main\n  File \"/tmp/ansible_azure_rm_keyvault_info_payload_7xtlk5_l/ansible_azure_rm_keyvault_info_payload.zip/ansible/modules/azure_rm_keyvault_info.py\", line 227, in __init__\n  File \"/tmp/ansible_azure_rm_keyvault_info_payload_7xtlk5_l/ansible_azure_rm_keyvault_info_payload.zip/ansible/module_utils/azure_rm_common.py\", line 288, in __init__\nTypeError: AnsibleModule.__init__() got an unexpected keyword argument 'check_invalid_arguments'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

PLAY RECAP **********************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

I'm using ubuntu 22.04 installed in Hyper-V, and I followed the Ansible installation instructions here https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html . 我可以很好地运行其他 Ansible 剧本。 我已经用 ansible ansible-galaxy install azure.azure_preview_modules 我认为我的错误可能与这部分有关:

"Your Ansible version is lower than 2.5.0"

如果我运行ansible --version我得到这个 output:

ansible [core 2.13.3]
  config file = None
  configured module search path = ['/home/administrator/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/administrator/.local/lib/python3.10/site-packages/ansible
  ansible collection location = /home/administrator/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/administrator/.local/bin/ansible
  python version = 3.10.4 (main, Jun 29 2022, 12:14:53) [GCC 11.2.0]
  jinja version = 3.1.2
  libyaml = True

这告诉我我的 Ansible 版本不低于 2.5.0,这就是为什么我认为这是我应该开始寻找的地方。 有人有什么我可以尝试的想法吗? 我正准备把我所有的头发都拔掉!!! 谢谢安德鲁

1 个解决方案

解决方案1
 0  2022-08-17 10:52:38

TASK [azure.azure_preview_modules: debug] * ok: [localhost] => { "msg": [ "Your Ansible version is below 2.5.0", "You may need to perform additional steps to install this roles:", An任务执行期间发生异常。 看到完整的

出现上述错误是由于您ansible-galaxy install azure.azure_preview_modules在 playbook 中是 2.5.0

通常剧本:

多个 collections 可能具有可以具有相同名称的模块(例如, user ),因此在 Ansible 2.10 及更高版本中,请确保在您的剧本中使用完全限定的集合名称,以便选择正确的模块。

使用 arguments 低于 ansible版本 2.10的 playbook 可能无法处理

可能解决的条件:

  • 卸载 Ansible

    sudo apt remove ansible

  • 使用 pip 安装 Ansible

    pip3 install ansible

  • 安装系统范围的apt

    sudo apt install ansible

参考:

https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何分发ansible模块? 我如何确认使用 ansible 安装了 python package 如何在Fedora 30上获取Ansible以查看模块 Ansible 找不到 pexpect 但已安装 在 ansible 中使用自定义 python 模块 - 如何导入安装在 Z594C103F2C6E04C3D8AB059F031E0C 上的 python 模块 使用 Ansible 通过 Python 脚本获取系统信息 Ansible:如何将注册变量添加到python脚本中 如何扩展ansible aws模块? 在哪里可以找到一些空的Ansible核心模块的源代码? 如何使用 ansible 和 pip 安装 ansible
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM