incus_connection: Allow non-root users to connect to an instance #9743
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ansibullbot
added
WIP
felixfontein
added
check-before-release
ansibullbot
removed
the
needs_ci
|
Can be tested with: - name: Create an incus container
hosts: localhost
gather_facts: true
tasks:
- name: Create a container
community.general.lxd_container:
name: "jammy"
state: started
url: "unix:/var/lib/incus/unix.socket"
source:
type: image
mode: pull
server: "https://images.linuxcontainers.org/"
protocol: simplestreams
alias: "ubuntu/jammy/cloud"
wait_for_container: true
wait_for_ipv4_addresses: true
- name: Add the container to the inventory
ansible.builtin.add_host:
name: "jammy"
groups:
- incus
ansible_connection: community.general.incus
ansible_user: ubuntu
- name: Run tasks in the container
hosts: incus
gather_facts: true
tasks:
- name: Create a file in the container
ansible.builtin.copy:
content: "Hello World!\n"
dest: "{{ ansible_env.HOME }}/hello.txt" |
felixfontein
approved these changes
Feb 16, 2025
|
LGTM |
Backport to stable-10: 💚 backport PR created✅ Backport PR branch: Backported as #9765 🤖 @patchback |
felixfontein
removed
backport-10
patchback bot
pushed a commit
that referenced
this pull request
Feb 17, 2025
* feat: add remote_user option to incus connection * feat: add changelog fragment * fix: formatting (cherry picked from commit 94e1511)
|
@yeetypete thanks for your contribution! |
felixfontein
pushed a commit
that referenced
this pull request
Feb 17, 2025
…oot users to connect to an instance (#9765) incus_connection: Allow non-root users to connect to an instance (#9743) * feat: add remote_user option to incus connection * feat: add changelog fragment * fix: formatting (cherry picked from commit 94e1511) Co-authored-by: Peter Siegel <[email protected]>
rt-vnx
pushed a commit
to rt-vnx/community.general
that referenced
this pull request
Feb 20, 2025
…ible-collections#9743) * feat: add remote_user option to incus connection * feat: add changelog fragment * fix: formatting
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
Currently the incus connection only supports connecting to an instance as root. This PR extends the plugin to allow a non-root user, configurable via the ansible_user var to connect to the instance. The option incus_become_method controls the command used to switch users, (su by default but could also be sudo -u). The defaults ensure the old behavior so this should be a non-breaking change.
ISSUE TYPE
COMPONENT NAME
incus_connection
ADDITIONAL INFORMATION
Replicates functionality from #9659 for the incus plugin