ansible-collections / community.windows

Windows community collection for Ansible
https://galaxy.ansible.com/community/windows
GNU General Public License v3.0
203 stars 155 forks source link

Win credential manager freezes #458

Closed speedyT0RT0ISE closed 1 year ago

speedyT0RT0ISE commented 1 year ago
SUMMARY

When adding an access token into win credential manager, it sometimes just hangs and freezes. Even with verbose logging enabled, there are no error messages or suggestion as to why it is freezing.

ISSUE TYPE
COMPONENT NAME

community.windows.win_credential

ANSIBLE VERSION
ansible [core 2.12.4]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.8/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.8.10 (default, Jun 22 2022, 20:18:18) [GCC 9.4.0]
  jinja version = 2.10.1
  libyaml = True
COLLECTION VERSION
ansible-galaxy collection list community.windows

# /usr/local/lib/python3.8/dist-packages/ansible_collections
Collection        Version
----------------- -------
community.windows 1.9.0  
CONFIGURATION
ansible-config dump --only-changed
HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False
INVENTORY_ENABLED(/etc/ansible/ansible.cfg) = ['vmware_vm_inventory']
PERSISTENT_COMMAND_TIMEOUT(/etc/ansible/ansible.cfg) = 120
PERSISTENT_CONNECT_TIMEOUT(/etc/ansible/ansible.cfg) = 121
OS / ENVIRONMENT

Am just running it as part of a wider playbook to install and configure git on windows along with some default creds for a git instance

 - name: Add git access token to win credentials
      community.windows.win_credential:
        name: "https://git.{{ enclave_name }}"
        type: generic_password
        username: "{{ account_info[''+ user + ''].username }}"
        secret: "{{ account_info[''+ user + ''].git_access_token }}"
        state: present
        persistence: enterprise
      when:  ( account_info[''+ user + ''].git_pass  != "")
      vars:
        user: "{{ inventory_hostname | split('-') | last  }}"
        ansible_become: yes
        ansible_become_method: runas
        ansible_become_user: "{{ account_info[''+ user + ''].username }}"
EXPECTED RESULTS

Expected results are that the credentials get added

ACTUAL RESULTS

Nothing to show on what happens... it juts stops and freezes midway through on a random user often. have left it running for upwards of 40 mins sometimes

jborean93 commented 1 year ago

Does any other task hand with the become settings you've specified. Does it hang if you also provide ansible_become_pass?

speedyT0RT0ISE commented 1 year ago

Nope, other tasks dont hang with that, though the other task just uses the win_powershell. Does this ansible_become_pass require input?

jborean93 commented 1 year ago

It needs to be the password for the user you want to become. Setting a password changes the become process is slightly different ways which could impact things like accessing the credential manager which is why I want to check if it still hangs.

speedyT0RT0ISE commented 1 year ago

Ok will try adding that in and seeing if it hangs