Ansible with Terraform 0.14.x
Dockerfile
: https://github.com/radekg/terraform-provisioner-ansible/pull/91, usage documented in the readme
ansible_ssh_settings.insecure_no_strict_host_key_checking
: if true
, host key checking will be disabled when connecting to the target host, default false
; when connecting via bastion, bastion will not execute any SSH keyscanansible_ssh_settings.insecure_bastion_no_strict_host_key_checking
: if true
, host key checking will be disabled when connecting to the bastion host, default false
ansible_ssh_settings.user_known_hosts_file
: used only when ansible_ssh_settings.insecure_no_strict_host_key_checking=false
; if set, the provided path will be used instead of an auto-generate known hosts file; when executing via bastion host, it allows the administrator to provide a known hosts file, no SSH keyscan will be executed on the bastion; default empty string
ansible_ssh_settings.bastion_user_known_hosts_file
: used only when ansible_ssh_settings.insecure_bastion_no_strict_host_key_checking=false
; if set, the provided path will be used instead of an auto-generate known hosts filesshagent
; additional private key examples will be provided laterANSIBLE_FORCE_COLOR
regardless of playbook or module
1.0.0
was implemented very badly, generally, that version should not be used when bastion host should be used; there are no plans for fixing 1.0.0
bastion support, please switch to 2.x
remote {}
resourceplays.playbook
and plays.module
to a resourceyes/no
strings, boolean values are used insteaddefaults
resourcediff
, become
and verbose
can be set only on plays
, no default override for boolean values--diff
support--vault_id
supportansible_ssh_settings {}
resource instead of magic environment variablesconnection.host_key
and connection.bastion_host_key
First release of the provisioner. Status as of https://github.com/radekg/terraform-provisioner-ansible/commit/25d515efeeac27db4d035fbcda1250eb15863931.
Relevant comment: https://github.com/hashicorp/terraform/issues/2661#issuecomment-423769085