Open mcretien opened 8 years ago
alex-luminal
commented
8 years ago I dont know if the ansible credstash plugin does the lookup on the target host, or on your local workstation. I'd try making sure that credstash in installed locally, and see if that fixes it.
aboyett
commented
8 years ago From the ansible lookup documentation:
Lookups occur on the local computer, not on the remote computer.
mcretien
commented
8 years ago I have double checked and I have it installed on my local computer (OS X).
Both credstash and sudo credstashcommands work locally..
aboyett
commented
8 years ago That is quite odd. It works for me.
$ ansible --version
ansible 2.3.0 (devel 236c923c25) last updated 2016/10/24 16:41:31 (GMT -700)
lib/ansible/modules/core: (detached HEAD 124bb92416) last updated 2016/10/24 16:43:41 (GMT -700)
lib/ansible/modules/extras: (detached HEAD 8ffe314ea5) last updated 2016/10/24 16:43:41 (GMT -700)
config file =
configured module search path = Default w/o overrides
$ ansible-playbook ./test-credstash.yml -i local
PLAY [credstash test] **********************************************************
TASK [setup] *******************************************************************
ok: [remoteserver]
TASK [check for credstash remote] **********************************************
fatal: [remoteserver]: FAILED! => {"changed": true, "cmd": "pip freeze | grep credstash", "delta": "0:00:01.386052", "end": "2016-10-25 00:09:53.823434", "failed": true, "rc": 1, "start": "2016-10-25 00:09:52.437382", "stderr": "Warning: cannot find svn location for distribute==0.6.24dev-r0", "stdout": "", "stdout_lines": [], "warnings": []}
...ignoring
TASK [check for credstash local] ***********************************************
changed: [remoteserver -> localhost]
TASK [Test credstash lookup plugin -- get an unimportant key] ******************
ok: [remoteserver] => {
"msg": "Credstash lookup! examplevalue"
}
PLAY RECAP *********************************************************************
remoteserver : ok=4 changed=1 unreachable=0 failed=0Here's the playbook I ran to get the above output: test-credstash.yml.txt
aboyett
commented
8 years ago Here are the contents of the attached playbook (so you don't need to download it if you just want to see the commands run)
---
- name: credstash test
hosts: remoteserver
tasks:
- name: check for credstash remote
shell: pip freeze | grep credstash
ignore_errors: yes
- name: check for credstash local
local_action: shell pip freeze | grep credstash
- name: "Test credstash lookup plugin -- get an unimportant key"
debug: msg="Credstash lookup! {{ lookup('credstash', 'examplekey') }}"
mblakele
commented
7 years ago I've also seen this. Allowing import credstash to raise an exception yields ImportError: No module named credstash, even though import credstash works in a standalone python interpreter.
Could http://stackoverflow.com/a/41261228/908390 be relevant? Adding pdb.set_trace() shows me:
> /usr/local/Cellar/ansible/2.2.1.0/libexec/lib/python2.7/site-packages/ansible/plugins/lookup/credstash.py(28)<module
-> import credstash
(Pdb)
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: BdbQuit
fatal: [fubar]: FAILED! => {"failed": true, "msg": "Unexpected failure during module execution.", "stdout": ""}EDIT: apparently it's essential to use ansible as installed by pip, not homebrew.
gruzewski
commented
7 years ago I had the same error. In my case, I have credstash installed with Python3, where Ansible was using Python2.
ykravch
commented
7 years ago I had the same issue on MacOS X. Don't use credstash with homebrew ansible installation.
Hi,
Sorry in advance if this is the wrong place to ask but maybe one of you has encountered that issue before. I try to use Credstash with Ansible:
{{ lookup('credstash', 'test.sample', 'region=eu-central-1') }}but it always returns:
The credstash lookup plugin requires credstash to be installedEverything is fine on the remote server: credstash is installed and can retrieve values from KMS..