ansible-lint step in gitlab-ci pipeline is failing because of authentication error while running the ansible-galaxy install -r requirements.yml that pulls the roles dependency defined in the requirements.yml and clone the roles from git.
I tried passing the authentication token via CICD variables but it doesn’t like that.
requirements.yml
- src: git+https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/../ansible/roles/ansible-role-s3-yumrepo.git
version: master
scm: git
But it fails with below error
Starting galaxy role install process
[WARNING]: - ansible-role-s3-yumrepo was NOT installed successfully: -
command /usr/bin/git clone https://gitlab-ci-
token:${CI_JOB_TOKEN}@gitlab.com/../ansible/roles/ansible-role-s3-yumrepo.git
ansible-role-s3-yumrepo failed in directory /root/.ansible/tmp/ansible-local-526mx2pctt4/tmp2n3_tp7_
(rc=128) - Cloning into 'ansible-role-s3-yumrepo'... remote: HTTP Basic:
Access denied fatal: Authentication failed for 'https://gitlab-ci-
token:${CI_JOB_TOKEN}@gitlab.com/../ansible/roles/ansible-role-s3-yumrepo.git/'
Anyone faced this issue before or know a better way to handle this (edited)
The problem is that ansible-galaxy does not support environment variable substitution. One possible solution could be manual variable substitution using envsubst:
Depending on the environment setup it may be necessary to delete this file later (after the run), as it will contain all the passwords / tokens as plain text.
Another hint how to debug (confirm) that your user and deploy-token is really working, is to temporarily hardcode deploy-token-user and deploy-token
and test it manually.