search

maxhoesel-ansible / ansible-collection-smallstep

Unofficial Ansible Collection for Smallstep CLI and the step-ca server
https://github.com/smallstep
GNU General Public License v3.0
76 stars 23 forks source link

step_ca_provisioner: step-cli tried to open a terminal for interactive input #408

Open patsevanton opened 6 months ago

patsevanton commented 6 months ago

Hello! Thanks for ansible-collection-smallstep! I try bootstap smallstep with JWK like as photo: image

My code:

- hosts: smallstep
  become: yes
  tasks:
    - name: Install step-ca
      include_role:
        name: maxhoesel.smallstep.step_ca
      vars:
        step_ca_dns: "ca.mydomain.int"
        step_ca_name: "MyPrivateCA"
        step_ca_root_password: "incredibly secret password"
        step_ca_intermediate_password: "very secret password"
    - name: Add an JWK provisioner to the CA
      maxhoesel.smallstep.step_ca_provisioner:
        name: pki@mydomain.int
        type: JWK
        create: yes
      become_user: step-ca
      notify: reload step-ca
  handlers:
    - name: reload step-ca
      systemd:
        name: step-ca
        state: reloaded

But get error:

TASK [Add an JWK provisioner to the CA] **********************************************************************************************************************
fatal: [smallstep]: FAILED! => changed=false 
  msg: 'Failed to run command: step-cli tried to open a terminal for interactive input. This happens when step-cli prompts for additional parameters or asks for confirmation. You may be missing a required parameter (such as ''force''). Check the module documentation. If you are sure that you provided all required parameters, you may have encountered a bug. Please file an issue at https://github.com/maxhoesel-ansible/ansible-collection-smallstep if you think this is the case. Failed command: ''step-cli ca provisioner add pki@mydomain.int --type JWK --create --ssh --ca-config /etc/step-ca/.step/config/ca.json'''

How correct bootstap smallstep with JWK ?