Jenkins setup:
Hello
We are running Jenkins on Windows (version 2.492.3 on Windows server 2022 all 64 bit using Eclipse Temurin JDK with Hotspot 17.0.14+7 x64 as the Java client). We want to use the Jenkins Ansible plugin (Version: 524.v9fa_a_4c989224) to run ansible from an agent Ubuntu 22.04.2 LTS VM (hostname is DBA-Jenkins-02) to alter a target Ubuntu 22.04.2 LTS VM (hostname is JenkTest-01).
We pretty much followed Darin Pope’s YouTube video ‘How to Integrate Ansible With Jenkins’
We use an RSA key pair for root to connect to the agent VM with no errors. Our problems come when we try to run ansible on the agent VM (through Jenkins) it cannot SSH to the target VM as it cannot find the key.
Our setup. This is the ansible pipeline running from the Windows Jenkins server. The agent VM (DBA-Jenkins-02) has been setup as a node in Jenkins and synchronisation is no problem. We use a Jenkins credential (called DBAJenkins02) which is a SSH username and private key and Manually trusted key Verification Strategy.
We created another RSA key pair for the agent computer to SSH to the target computer and this all worked from the terminal point of view. We could easily ssh root@ with no need for passwords from the agent to the target VMs. We could also SSH to the target computer from the agent computer and run the ansible playbook with no errors.
Following Darin Pope’s advice we used the new RSA private key to create another Jenkins credential (named ‘new_target_root’) as a secret file. The ansible yaml and inventory were copied to the agent VM in the /opt/jenkins/ansible and /opt/jenkins/ansible/files locations, respectively.
Here is the ansible job pipeline:
pipeline {
agent {label ‘DBA-Jenkins-02’}
environment {
ANSIBLE_PRIVATE_KEY=credentials(‘new_target_root’)
}
stages {
stage(‘Ansible workflow’){
steps {
sh ‘ansible-playbook --become-user=root -v --private-key=$ANSIBLE_PRIVATE_KEY /opt/jenkins/ansible/JenTest.v1.yaml -i /opt/jenkins/ansible/files/JenTest.v1’
}
}
}
}
Here is the entire console output:
Started by user admin
[Pipeline] Start of Pipeline
[Pipeline] node
Running on DBA-Jenkins-02 in /opt/jenkins/workspace/Dev/5. ansible
[Pipeline] {
[Pipeline] withCredentials
Masking supported pattern matches of $ANSIBLE_PRIVATE_KEY
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Ansible workflow)
[Pipeline] sh
- ansible-playbook --become-user=root -v --private-key=**** /opt/jenkins/ansible/JenTest.v1.yaml -i /opt/jenkins/ansible/files/JenTest.v1
ERROR! the playbook: ansible@tmp/secretFiles/063ec6cc-353c-48c1-8f29-4f2cd56a9c7f/new_target_root.key could not be found
Using /etc/ansible/ansible.cfg as config file
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // withCredentials
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE
Can anyone explain what we are doing wrong? We can change the credential from secret key to SSH username and private key and the result is always the same: the key cannot be found.
Thanks in advance for any help
John Harris