search

Kaginari / terraform-provider-ansible-tower

Ansible Tower provider
MIT License
2 stars 0 forks source link

terraform apply is giving Authentication Error #1

Open outjoker opened 1 year ago

outjoker commented 1 year ago

terraform apply is giving Authentication Error , please find the below details about the execution here is the terraform template we have used note: we have used ansible awx host 

terraform {

  required_providers {

    ansible-tower = {

      source = "Kaginari/ansible-tower"

      version = "0.1.0"

    }

  }

}

provider "ansible-tower" {

  ssl_verify = false

  tower_host = https://<my_awx_ip>:8043

  tower_username = "user"

  tower_password = "password"

}

variable "db_pwd" {

  description = "database pwd passed as var to inventory"

  default="password"

}

resource "ansible-tower_organisation" "default" {

  name = "Default"

}

resource "ansible-tower_project" "base_service_config" {

  name                 = "vault cluster playbook"

  scm_type             = "git"

  scm_url              = https://github.kyndryl.net/user/release

  scm_branch           = "ansible"

  scm_update_on_launch = true

  organisation_id      = ansible-tower_organisation.default.id

}

resource "ansible-tower_inventory" "default" {

  name            = "demo_inventory"

  organisation_id = ansible-tower_organisation.default.id

  inv_var {

    key = "database_user"

    value = "root"

  }

  inv_var {

    key = "database_pwd"

    value = var.db_pwd

  }

}

resource "ansible-tower_job_template" "job_template1" {

    name           = "test-job-template"

    job_type       = "run"

    inventory_id   = ansible-tower_inventory.default.id

    project_id     = ansible-tower_project.base_service_config.id

    playbook       = "main.yml"

    become_enabled = true

}

and this is the error we are getting when we execute terraform apply

user@host MINGW64 /c/usr/workspace/ansible/kaginari

$ terraform apply

╷

│ Error: Authentication error

│

│   with provider["registry.terraform.io/kaginari/ansible-tower"],

│   on main.tf line 10, in provider "ansible-tower":

│   10: provider "ansible-tower" {

│

│ Check Host , Username and Password

we tried curl and it kind of worked 

user@host MINGW64 /c/usr/workspace/ansible/kaginari

$ curl -k 'https://<my_awx_ip>:8043/api/v2/ping/'

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100   855  100   855    0     0    842      0  0:00:01  0:00:01 --:--:--   844

{"ha":false,"version":"21.6.1.dev157+g8333b0cf66.d20220930","active_node":"awx_1","install_uuid":"89fc8c20-977e-4f2b-8d62-ab50976ab06b","instances":[{"node":"awx_1","node_type":"hybrid","uuid":"00000000-0000-0000-0000-000000000000","heartbeat":"2022-10-20T07:44:18.976577Z","capacity":57,"version":"21.6.1.dev157+g8333b0cf66.d20220930"},{"node":"receptor-1","node_type":"execution","uuid":"00000000-0000-0000-0000-000000000000","heartbeat":"2022-10-20T07:43:34.655869Z","capacity":0,"version":"ansible-runner-???"},{"node":"receptor-2","node_type":"execution","uuid":"00000000-0000-0000-0000-000000000000","heartbeat":"2022-10-20T07:43:34.906874Z","capacity":0,"version":"ansible-runner-???"}],"instance_groups":[{"name":"controlplane","capacity":57,"instances":["awx_1"]},{"name":"default","capacity":57,"instances":["awx_1","receptor-1","receptor-2"]}]}

please suggest how to resolve the authentication issue

ITMonta commented 1 year ago

It seems the problem comes from the authentication methode. Are you using an api key or a password ?

ITMonta commented 1 year ago

It seems an ssl problem ╷ │ Error: Authentication error │ │ with provider["registry.terraform.io/kaginari/ansible-tower"], │ on main.tf line 23, in provider "ansible-tower": │ 23: provider "ansible-tower" { │ │ Get "https://localhost:8043//api/v2/ping/": x509: certificate is not valid for any names, but wanted to match localhost

ITMonta commented 1 year ago

The condition is reversed can you try verify_ssl = true

outjoker commented 1 year ago

It seems the problem comes from the authentication methode. Are you using an api key or a password ?

we are using the password, the same one using which we login to the awx console

outjoker commented 1 year ago

The condition is reversed can you try verify_ssl = true

are you suggesting to use verify_ssl instead of ssl_verify??

when tried using verify_ssl it has given an error 

An argument named "verify_ssl" is not expected here.
ITMonta commented 1 year ago

@outjoker Sorry wrong typing i meant instead of using ssl_verify = false , use ssl_verify = true The condition of bypassing the SSL is reversed we will publish the correction in the next version