Currently Azure CLI authentication is not working for atleast the modules around "azure_rm_keyvaultsecret_info".
ansible 2.9.9
config file = /home/linux_root/infrastructure/ansible/ansible.cfg
configured module search path = ['/home/linux_root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/linux_root/.local/lib/python3.6/site-packages/ansible
executable location = /home/linux_root/.local/bin/ansible
python version = 3.6.8 (default, Nov 21 2019, 19:31:34) [GCC 8.3.1 20190507 (Red Hat 8.3.1-4)]
DEFAULT_CALLBACK_WHITELIST(/home/linux_root/infrastructure/ansible/ansible.cfg) = ['profile_tasks']
DEFAULT_HOST_LIST(/home/linux_root/infrastructure/ansible/ansible.cfg) = ['/home/linux_root/infrastructure/ansible/hosts']
DEFAULT_REMOTE_USER(/home/linux_root/infrastructure/ansible/ansible.cfg) = linux_root
DEFAULT_ROLES_PATH(/home/linux_root/infrastructure/ansible/ansible.cfg) = ['/home/linux_root/infrastructure/ansible/roles']
DEFAULT_STDOUT_CALLBACK(/home/linux_root/infrastructure/ansible/ansible.cfg) = yaml
Its neither working on a CentOS 7.6 (Python 2.7) nor on CentOS 8.1 (python 3.6).
The secret should be collected and can be used for other tasks.
Python exception with not finding client_id comes up.
[linux_root@rkno-deleteme ansible]$ ansible-playbook playbooks/rkno.yml
PLAY [Ensure Keyvault-Secrets are present] **************************************************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************************************************************
Tuesday 26 May 2020 14:51:51 +0000 (0:00:00.026) 0:00:00.026 ***********
ok: [localhost]
TASK [Ensure Keyvault-Secrets are present] **************************************************************************************************************************************************************************************************
Tuesday 26 May 2020 14:51:52 +0000 (0:00:00.997) 0:00:01.024 ***********
fatal: [localhost]: FAILED! => changed=false
module_stderr: |-
Your credentials class does not support session injection. Performance will not be at the maximum.
Traceback (most recent call last):
File "/home/linux_root/.ansible/tmp/ansible-tmp-1590504712.0743444-27255-260440206983742/AnsiballZ_azure_rm_keyvaultsecret_info.py", line 102, in <module>
_ansiballz_main()
File "/home/linux_root/.ansible/tmp/ansible-tmp-1590504712.0743444-27255-260440206983742/AnsiballZ_azure_rm_keyvaultsecret_info.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/linux_root/.ansible/tmp/ansible-tmp-1590504712.0743444-27255-260440206983742/AnsiballZ_azure_rm_keyvaultsecret_info.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_keyvaultsecret_info', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib64/python3.6/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib64/python3.6/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 433, in <module>
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 429, in main
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 245, in __init__
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", line 418, in __init__
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 263, in exec_module
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 318, in get_secret
File "/usr/local/lib/python3.6/site-packages/azure/keyvault/key_vault_client.py", line 1795, in get_secret
response = self._client.send(request, header_parameters, **operation_config)
File "/usr/local/lib/python3.6/site-packages/msrest/service_client.py", line 336, in send
pipeline_response = self.config.pipeline.run(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/__init__.py", line 197, in run
return first_node.send(pipeline_request, **kwargs) # type: ignore
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/__init__.py", line 150, in send
response = self.next.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/requests.py", line 72, in send
return self.next.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/requests.py", line 137, in send
return self.next.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/__init__.py", line 150, in send
response = self.next.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/requests.py", line 193, in send
self.driver.send(request.http_request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/universal_http/requests.py", line 333, in send
return super(RequestsHTTPSender, self).send(request, **requests_kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/universal_http/requests.py", line 142, in send
**kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 650, in send
r = dispatch_hook('response', hooks, r, **kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/hooks.py", line 31, in dispatch_hook
_hook_data = hook(hook_data, **kwargs)
File "/usr/local/lib/python3.6/site-packages/azure/keyvault/custom/key_vault_authentication.py", line 146, in _handle_401
security = self._get_message_security(prep, challenge)
File "/usr/local/lib/python3.6/site-packages/azure/keyvault/custom/key_vault_authentication.py", line 172, in _get_message_security
scheme))
File "/usr/local/lib/python3.6/site-packages/azure/keyvault/custom/key_vault_authentication.py", line 61, in _auth_callback_compat
if len(inspect.getargspec(self._user_callback).args) == 3 \
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 282, in auth_callback
KeyError: 'client_id'
module_stdout: ''
msg: |-
MODULE FAILURE
See stdout/stderr for the exact error
rc: 1
PLAY RECAP **********************************************************************************************************************************************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0