When module launches a binary that relies on environment variables, credential variables are not passed to it

[megakoresh]

ISSUE TYPE

• Bug Report

COMPONENT NAME

• API
• UI

SUMMARY

When I use e.g. terraform module with a binary that is downloaded in the same playbook, the credentials I have configured don't get passed to the binary it seems. The same playbook executed on my own machine with the exact same environment variables configured works just fine. In addition dynamic inventory script in AWX that uses the same credentials (OpenStack) also works..

ENVIRONMENT

• AWX version: 1.0.5
• AWX install method: docker on linux
• Ansible version: 2.5
• Operating System: CentOS
• Web Browser: Google Chrome

STEPS TO REPRODUCE

1. Configure openstack credential type on AWX (Built in are broken, I had to create custom ones for it to work) with the following environment vars:

   OS_USERNAME=user name (can be AD)
   OS_PROJECT_NAME=project name
   OS_USER_DOMAIN_NAME=user domain name
   OS_PROJECT_DOMAIN_NAME=project domain name
   OS_AUTH_URL=openstack auth url
   OS_AUTH_TYPE=password
   OS_IDENTITY_API_VERSION=3
   OS_NO_CACHE=True 

2. Put in your credentials
3. Write a playbook that deploys some infra using terraform with the following tasks:

   
   - name: Download terraform
   get_url:
   url: https://releases.hashicorp.com/terraform/{{ terraform_version | default('0.11.7') }}/terraform_{{ terraform_version }}_linux_amd64.zip
   dest: /tmp/terraform-{{terraform_version}}.zip
   when: "'64' in ansible_architecture and 'Linux' == ansible_system and not stat_terraform.stat.exists and install_terraform"

• name: Install unzip to unarchive terraform package: name: unzip state: present when: install_terraform and not stat_terraform.stat.exists

• name: Unpack unarchive: dest: '{{playbook_dir}}' src: /tmp/terraform-{{terraform_version}}.zip mode: u+rwx when: not stat_terraform.stat.exists and install_terraform

• name: Check terraform again stat: path: '{{playbook_dir}}/terraform' register: stat_terraform when: install_terraform failed_when: install_terraform and not stat_terraform.stat.exists

• name: Lookup tfstate file stat: path: '{{terraform_path}}/{{infra}}/terraform.tfstate' register: stat_tfstate

• name: Lookup .terraform directory stat: path: '{{terraform_path}}/{{infra}}/.terraform' register: stat_tfmodules

• name: Init terraform if its downloaded (since force_init is broken in release currently) shell: 'pushd {{terraform_path}}/{{infra}} && {{playbook_dir}}/terraform init && popd' check_mode: no when: not stat_tfmodules.stat.exists and install_terraform

• name: Init terraform if its in path (since force_init is broken in release currently) shell: 'pushd {{terraform_path}}/{{infra}} && terraform init && popd' check_mode: no when: not stat_tfmodules.stat.exists and not install_terraform

• name: Run terraform terraform: binary_path: "{{install_terraform | ternary(playbook_dir+'/terraform', omit)}}" plan_file: '{{tf_plan | default(omit)}}' project_path: '{{terraform_path}}/{{infra}}' state_file: '{{stat_tfstate.stat.exists | ternary(stat_tfstate.stat.path, omit)}}' variables: '{{terraform_vars | default(omit)}}' register: tf_output environment:

  This is not necessary, I think, it does the same thing regardless of me putting these manual lookups in

  OS_USER_DOMAIN_NAME: "{{lookup('env', 'OS_USER_DOMAIN_NAME')}}" OS_PROJECT_NAME: "{{lookup('env', 'OS_PROJECT_NAME')}}" OS_IDENTITY_API_VERSION: "{{lookup('env', 'OS_IDENTITY_API_VERSION')}}" OS_PASSWORD: "{{lookup('env', 'OS_PASSWORD')}}" OS_AUTH_TYPE: "{{lookup('env', 'OS_AUTH_TYPE')}}" OS_AUTH_URL: "{{lookup('env', 'OS_AUTH_URL')}}" OS_USERNAME: "{{lookup('env', 'OS_USERNAME')}}" OS_NO_CACHE: "{{lookup('env', 'OS_NO_CACHE')}}" OS_PROJECT_DOMAIN_NAME: "{{lookup('env', 'OS_PROJECT_DOMAIN_NAME')}}"

  
  4. Deploy infra from your dev machine using the environment vars defined above. It should work.
  5. Try to run the same playbook in AWX
  ##### EXPECTED RESULTS

Infra is deployed

ACTUAL RESULTS

provider.openstack: Authentication failed

ADDITIONAL INFORMATION

N/A

[megakoresh]

Anyone managed to repoduce this? Any idea what's going on?

[ryanpetrello]

@megakoresh this ticket is quite old - are you still encountering this on newer versions of AWX?

[TheRealHaoLiu]

close due to age and lack of response