You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I understand that AWX is open source software provided for free and that I might not receive a timely response.
Summary
We used a signed ssh key for accessing some of ours hosts. For this we use a credential of the type HashiCorp Vault Signed SSH. Since upgrading from 19.4.0 to 20.0.0 we cannot access hosts that need a signed ssh key anymore.
I looked a bit into it, and to me looks like the shutil.rmtree(artifact_dir) introduced in #11472 inside awx/main/tasks/receptor.py is the culprit here... the cert file is still created inside the artifact dir, but it's deleted immediately afterwards. Removing that rmtree call makes the jobs pass again
Yes, I am already aware of problems introduced by that shutil.rmtree as @nilsding and I suspect it is the issue here.
That messes things up for node_type='hybrid' nodes. In AWX, all nodes should be node_type='control'. Anyway, we need a condition to not run that block of code if it's running locally. I had that change in some PR but it got mixed in with other work and tied up.
@al-lac the linked PR may fix this, if you want to test it, that could speed up getting it merged.
@john-westcott-iv I'm considering how we can add test coverage for certs, and we discussed testing for the existence of keys with ssh-add -l, I'm wondering if that might contain certificate information which would allow for some easy regression coverage of this issue.
Please confirm the following
Summary
We used a signed ssh key for accessing some of ours hosts. For this we use a credential of the type HashiCorp Vault Signed SSH. Since upgrading from 19.4.0 to 20.0.0 we cannot access hosts that need a signed ssh key anymore.
Before we would get this in the Job Logs:
Now we only get the following:
AWX version
20.0.0
Select the relevant components
Installation method
kubernetes
Modifications
no
Ansible version
No response
Operating system
No response
Web browser
No response
Steps to reproduce
Expected results
Connection to the host should be established
Actual results
Error when trying to connect to a host:
Additional information
No response
The text was updated successfully, but these errors were encountered: