You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I understand that AWX is open source software provided for free and that I might not receive a timely response.
I am NOT reporting a (potential) security vulnerability. (These should be emailed to [email protected] instead.)
Bug Summary
Try to use machine credentials with SSH certificate for authentication, but the certificate didn't seems to be included in the job runner during execution:
Of course I triple checked that the key and certificate works find outside of AWX.
AWX version
24.6.1
Select the relevant components
UI
UI (tech preview)
API
Docs
Collection
CLI
Other
Installation method
kubernetes
Modifications
no
Ansible version
No response
Operating system
No response
Web browser
No response
Steps to reproduce
I've created a machine credentials with SSH private key and signed certificate:
Then used that credentials in a job template that I've run.
I'm using AWX for the first time, so I'm not sure if my exceptions are correct, but I've found an old PR that shows an output with both the private key and certificate log lines in the job output
Actual results
Identity added: /runner/artifacts/34/ssh_key_data (root@b910556ae2cd)
ansible-playbook [core 2.15.12]
config file = None
configured module search path = ['/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.11/site-packages/ansible
ansible collection location = /runner/requirements_collections:/runner/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible-playbook
python version = 3.11.10 (main, Sep 9 2024, 00:00:00) [GCC 11.5.0 20240719 (Red Hat 11.5.0-2)] (/usr/bin/python3.11)
jinja version = 3.1.4
libyaml = True
No config file found; using defaults
setting up inventory plugins
Loading collection ansible.builtin from
host_list declined parsing /runner/inventory/hosts as it did not pass its verify_file() method
Parsed /runner/inventory/hosts inventory source with script plugin
Loading callback plugin default of type stdout, v2.0 from /usr/local/lib/python3.11/site-packages/ansible/plugins/callback/default.py
Loading callback plugin awx_display of type stdout, v2.0 from /usr/local/lib/python3.11/site-packages/ansible_runner/display_callback/callback/awx_display.py
Datadog callback disabled because of a dependency problem: No module named 'datadog'. Please install requirements with "pip install -r requirements.txt"
Skipping callback 'awx_display', as we already have a stdout callback.
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
---SNIP---
And of course the playbook authentication fails because of missing certificate in the ssh-agent.
Additional information
Please let me know if this needs further debugging to help find the cause.
The text was updated successfully, but these errors were encountered:
Please confirm the following
[email protected]instead.)Bug Summary
Try to use machine credentials with SSH certificate for authentication, but the certificate didn't seems to be included in the job runner during execution:
Of course I triple checked that the key and certificate works find outside of AWX.
AWX version
24.6.1
Select the relevant components
Installation method
kubernetes
Modifications
no
Ansible version
No response
Operating system
No response
Web browser
No response
Steps to reproduce
I've created a machine credentials with SSH private key and signed certificate:
Then used that credentials in a job template that I've run.
Expected results
I'm using AWX for the first time, so I'm not sure if my exceptions are correct, but I've found an old PR that shows an output with both the private key and certificate log lines in the job output
Actual results
And of course the playbook authentication fails because of missing certificate in the ssh-agent.
Additional information
Please let me know if this needs further debugging to help find the cause.
The text was updated successfully, but these errors were encountered: