Honor custom ssh args in kayobe-ansible-user.yml

Using the raw module will honor ssh args. The slight change behaviour is that it will print an unreachable message and show an unreachable task in the summary. Change-Id: I371e8a583c439264a88dbc4bdae14c472955a063
2021-04-27 11:32:49 +01:00 · 2021-04-27 11:32:49 +01:00 · ffbd1a7833
parent 3d5d72d53f
commit ffbd1a7833
2 changed files with 17 additions and 9 deletions
--- a/ansible/kayobe-ansible-user.yml
+++ b/ansible/kayobe-ansible-user.yml
@ -13,20 +13,15 @@
    - kayobe-ansible-user
  tasks:
    - name: Check whether the host is accessible via SSH
-      local_action:
-        module: command ssh -o BatchMode=yes -p {{ ssh_port }} {{ ssh_user }}@{{ ssh_host }} hostname
-      failed_when: false
+      raw: hostname
+      ignore_unreachable: true
      changed_when: false
      check_mode: no
      register: ssh_result
-      vars:
-        ssh_user: "{{ ansible_user }}"
-        ssh_host: "{{ ansible_host | default(inventory_hostname) }}"
-        ssh_port: "{{ ansible_ssh_port | default('22') }}"

    - name: Group hosts requiring kayobe user bootstrapping
      group_by:
-        key: kayobe_user_bootstrap_required_{{ ssh_result.rc != 0 }}
+        key: kayobe_user_bootstrap_required_{{ ssh_result.unreachable | default(false) }}
      changed_when: false

    - name: Display a message when bootstrapping is required
@ -34,7 +29,7 @@
        msg: >
          Cannot access host via SSH using Kayobe Ansible user account -
          attempting bootstrap
-      when: ssh_result.rc != 0
+      when: ssh_result.unreachable | default(false)

 - name: Ensure python is installed
  hosts: kayobe_user_bootstrap_required_True
--- a/releasenotes/notes/honor-ssh-args-for-bootstrap-ba894df14ba58167.yaml
+++ b/releasenotes/notes/honor-ssh-args-for-bootstrap-ba894df14ba58167.yaml
@ -0,0 +1,13 @@
+---
+fixes:
+  - |
+    When determining whether or not a host needs bootstrapping, we attempt to
+    connect to the host using ansible_user, if the login fails, we then assume
+    that the host needs bootstrapping. In previous releases we used a manually
+    crafted ``ssh`` command. This did respect any customisations to the SSH
+    arguments made through ansible configuration.  We now use the raw module so
+    that these customisations are used when connecting to the host. One
+    possible use case is to configure a jump host between the control host and
+    the target hosts. If bootstrapping was needed, hosts will now show as
+    unreachable in the summary stats at the end of the run. This can safely be
+    ignored.