Ansible provisioner not becoming root when run from Pipeline

Packer
1

Hi,

I am running Packer + Ansible provisioner from the Bitbucket pipeline. but ansible not becoming root even become: true is given. Ansible provisioner is used to run some server hardening scripts and configurations.

output from simple id command: When run from Pipeline

TASK [aws-basic : debug] *****************************************
 ok: [default] => {
 "command_output.stdout_lines": [
     "uid=1000(ec2-user) gid=1000(ec2-user) groups=1000(ec2-user),4(adm),10(wheel),190(systemd-journal)"
  ]
}

When running from Locally

    TASK [aws-basic : debug] *****************************************
 ok: [default] => {
 "command_output.stdout_lines": [
     "uid=0(root) gid=0(root) groups=0(root)"
  ]
}

Packer ansible provisioner config

  provisioner "ansible" {
    playbook_file = "../ansible/aws-ec2-base.yml"

    extra_arguments = ["--extra-vars", "api_key=${var.api_key}"]
    galaxy_file     = "../ansible/requirements.yml"
    ansible_ssh_extra_args = ["-oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa"]
  }

What would be the issue here? this happens when i run packer build from the pipeline. i am using ubuntu docker image with packer and ansible installed.

2

I think i hit this similar issue in the past few days.

try doing a sudo ec2-user -c "packer <arg> <file>" (may need to create the ec2-user prior something like; useradd -m -s /bin/bash -G root ec2-user). I was also going to test maybe just adding a command with that in the ansible provisioner as well.

I’m in a new env playing with gitlab-ci now and was seeing the same thing, stumbled over some github issue or something with this just yesterday. At a prior place our pipeline containers on jenkins never had this issue so probably a better way around this.