Hi team, I have a private repo that contain ansible playbooks.
When it runs, I get an error below saying the drone generated netrc access is too permissive. Should I do something like chmod 600 ~/.netrc somewhere? if so, where?
\"/usr/lib/python2.7/netrc.py\", line 35, in __init__\n self._parse(file, fp, default_netrc)\n File \"/usr/lib/python2.7/netrc.py\", line 113, in _parse\n \" the owner\", file, lexer.lineno)\nnetrc.NetrcParseError: ~/.netrc access too permissive: access permissions must restrict access to only the owner (/root/.netrc, line 1)\n",
Not sure if related, but a previous pipeline stage runs terraform which pulls down code from another private repo for building out infrastructure. This runs fine using an ssh key imported via drone secrets
I have a very similar issue. I use drone to validate my ansible playbook and roles. Part of this is to execute ansible-galaxy which downloads roles from a central repository (think of it as pip from python). Whenever a new role need to be downloaded, the mentioned error with wrong permissions on the .netrc file occurs.
latest: Pulling from ansible
Status: Downloaded newer image for myregistry/ansible:latest
+ ansible-lint playbook.yml
+ ansible-galaxy install -r roles/requirements.yml
- extracting geerlingguy.awx to /drone/src/roles/geerlingguy.awx
- geerlingguy.awx was installed successfully
[WARNING]: - dj-wasabi.telegraf was NOT installed successfully: Unknown error
when attempting to call Galaxy at 'https://galaxy.ansible.com/api/': ~/.netrc
access too permissive: access permissions must restrict access to only the
owner (/root/.netrc, line 1)
ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.