Hello,
I am seeing module failure while using hashivault_write module.
Ansible - Python - OpenSSH version on Ansible Node ;
root@35f3dfdc476f:playbooks # ansible --version ansible 2.9.2
config file = /root/galorndon-infra/playbooks/ansible.cfg configured
module search path = ['/root/.ansible/plugins/modules',
'/usr/share/ansible/plugins/modules'] ansible python module location =
/py36env/lib64/python3.6/site-packages/ansible executable location =
/py36env/bin/ansible python version = 3.6.8 (default, Aug 7 2019,
08:02:28) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39.0.1)]
root@35f3dfdc476f:playbooks # root@35f3dfdc476f:playbooks #
root@35f3dfdc476f:playbooks # root@6193af66d482:playbooks # rpm -qa
|grep -i openssh openssh-7.4p1-21.el7.x86_64
openssh-clients-7.4p1-21.el7.x86_64 root@6193af66d482:playbooks #
Ansible - Python - OpenSSH version on Vault3 VM ;
[root@vault3 ~]# ansible --version ansible 2.8.4 config file =
/etc/ansible/ansible.cfg configured module search path =
[u'/root/.ansible/plugins/modules',
u'/usr/share/ansible/plugins/modules'] ansible python module location =
/usr/lib/python2.7/site-packages/ansible executable location =
/bin/ansible python version = 2.7.5 (default, Nov 27 2019, 09:57:45)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-39.0.1)] [root@vault3 ~]#
[root@vault3 ~]# [root@vault3 ~]# rpm -qa |grep -i openssh
openssh-7.4p1-21.el7.x86_64 openssh-clients-7.4p1-21.el7.x86_64
openssh-server-7.4p1-21.el7.x86_64 [root@vault3 ~]#
Playbook ;
[osvcstage:cpetestphx:security_services]root@6193af66d482:playbooks # cat
hashivault_write.yml
---
- hosts: "{{ target_group }}{{ (':&' + availability_domain ) if
availability_domain is defined else '' }}"
serial: 1
max_fail_percentage: 30
become: yes
vars_files:
- "vars/defaults.yml"
- "vars/envs/{{ env }}.yml"
- "vars/regions/{{ region }}.yml"
tasks:
- name: "Write Secrets at path /secret/cpe-test"
hashivault_write:
url: 'https://127.0.0.1:8200'
ca_path: '/etc/pki/ca-trust/source/anchors/cpetestphx_ca.crt'
token: '7h4AHyZnXINsBAQ4MqYiNzau'
secret: 'secret/cpe-test'
data:
foo: 'password-foo'
- name: "Return all secrets from a path /secret/cpe-test"
debug:
msg: "{{ lookup('hashi_vault', 'secret=/secret/cpe-test
token=7h4AHyZnXINsBAQ4MqYiNzau url=https://127.0.0.1:8200')}}"
[osvcstage:cpetestphx:security_services]root@6193af66d482:playbooks #
Module error when the above playbook is run ;
root@6193af66d482:playbooks # ansible-playbook -u opc -i
inventories/$ENVIRONMENT.$REGION/oci_inventory.py -e
target_group=tag_componentType=vault_server -e target_group=10.5.4.58 -e
proxy_is_required=false hashivault_write.yml
[DEPRECATION WARNING]: The TRANSFORM_INVALID_GROUP_CHARS settings is set to
allow bad characters in group names by default, this will change, but still
be user configurable on deprecation. This feature will
be removed in version 2.10. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
[WARNING]: Invalid characters were found in group names but not replaced,
use -vvvv to see details
PLAY [10.5.4.58]
************************************************************************************************************************************************************************************************
TASK [Gathering Facts]
******************************************************************************************************************************************************************************************
ok: [10.5.4.58]
---
TASK [Write Secrets at path /secret/cpe-test]
*******************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: TypeError: Value of unknown type: <class
'requests.models.Response'>, <Response [204]>
fatal: [10.5.4.58]: FAILED! => {"changed": false, "module_stderr": "Traceback
(most recent call last):\n File \"<stdin>\", line 102, in <module>\n File
\"<stdin>\", line 94, in _ansiballz_main\n File \"<stdin>\", line 40, in
invoke_module\n File \"/usr/lib64/python2.7/runpy.py\", line 176, in
run_module\n fname, loader, pkg_name)\n File
\"/usr/lib64/python2.7/runpy.py\", line 82, in _run_module_code\n
mod_name, mod_fname, mod_loader, pkg_name)\n File
\"/usr/lib64/python2.7/runpy.py\", line 72, in _run_code\n exec code in
run_globals\n File
\"/tmp/ansible_hashivault_write_payload_A5NErK/ansible_hashivault_write_payload.zip/ansible/modules/hashivault/hashivault_write.py\",
line 229, in <module>\n File
\"/tmp/ansible_hashivault_write_payload_A5NErK/ansible_hashivault_write_payload.zip/ansible/modules/hashivault/hashivault_write.py\",
line 109, in main\n File
\"/tmp/ansible_hashivault_write_payload_A5NErK/ansible_hashivault_write_payload.zip/ansible/module_utils/basic.py\",
line 2072, in exit_json\n File
\"/tmp/ansible_hashivault_write_payload_A5NErK/ansible_hashivault_write_payload.zip/ansible/module_utils/basic.py\",
line 2065, in _return_formatted\n File
\"/tmp/ansible_hashivault_write_payload_A5NErK/ansible_hashivault_write_payload.zip/ansible/module_utils/basic.py\",
line 418, in remove_values\n File
\"/tmp/ansible_hashivault_write_payload_A5NErK/ansible_hashivault_write_payload.zip/ansible/module_utils/basic.py\",
line 401, in _remove_values_conditions\nTypeError: Value of unknown type:
<class 'requests.models.Response'>, <Response [204]>\n", "module_stdout": ""
, "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
NO MORE HOSTS LEFT
**********************************************************************************************************************************************************************************************
NO MORE HOSTS LEFT
**********************************************************************************************************************************************************************************************
PLAY RECAP
******************************************************************************************************************************************************************************************************
10.5.4.58 : ok=1 changed=0 unreachable=0 failed=1
skipped=0 rescued=0 ignored=0
Am I missing anything to pass in hashivault_write module or anything else?
Though i am able to manually create/list/delete secrets to this vault VM.
Please review and suggest. Thanks
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7740759b-9cca-41e9-b268-a57c2eda6e6a%40googlegroups.com.
