gpt4 book ai didi

azure - 使用 terraform 配置程序 "local-exec"运行 shell 脚本会返回 Azure DevOps 中拒绝的权限返回拒绝的权限

转载 作者:行者123 更新时间:2023-12-04 17:30:15 26 4
gpt4 key购买 nike

我正在尝试使用带有 null_resource 和 local-exec 的 pat token 来配置数据 block 。这是代码块:

resource "null_resource" "databricks_token" {
triggers = {
workspace = azurerm_databricks_workspace.databricks.id
key_vault_access = azurerm_key_vault_access_policy.terraform.id
}
provisioner "local-exec" {
command = "${path.cwd}/generate-pat-token.sh"
environment = {
RESOURCE_GROUP = var.resource_group_name
DATABRICKS_WORKSPACE_RESOURCE_ID = azurerm_databricks_workspace.databricks.id
KEY_VAULT = azurerm_key_vault.databricks_token.name
SECRET_NAME = "DATABRICKS-TOKEN"
DATABRICKS_ENDPOINT = "https://westeurope.azuredatabricks.net"
}
}
}

但是,我收到以下错误:

2020-02-26T19:41:51.9455473Z [0m[1mnull_resource.databricks_token: Provisioning with 'local-exec'...[0m[0m
2020-02-26T19:41:51.9458257Z [0m[0mnull_resource.databricks_token (local-exec): Executing: ["/bin/sh" "-c" "/home/vsts/work/r1/a/_Infrastructure/Infrastructure/ei-project/devtest/generate-pat-token.sh"]
2020-02-26T19:41:51.9480441Z [0m[0mnull_resource.databricks_token (local-exec): /bin/sh: 1: /home/vsts/work/r1/a/_Infrastructure/Infrastructure/ei-project/devtest/generate-pat-token.sh: Permission denied
2020-02-26T19:41:51.9481502Z [0m[0m
2020-02-26T19:41:52.0386092Z [31m
2020-02-26T19:41:52.0399075Z [1m[31mError: [0m[0m[1mError running command '/home/vsts/work/r1/a/_Infrastructure/Infrastructure/ei-project/devtest/generate-pat-token.sh': exit status 126. Output: /bin/sh: 1: /home/vsts/work/r1/a/_Infrastructure/Infrastructure/ei-project/devtest/generate-pat-token.sh: Permission denied
2020-02-26T19:41:52.0401076Z [0m
2020-02-26T19:41:52.0401373Z
2020-02-26T19:41:52.0401978Z [0m[0m[0m

旁注,这是 Azure DevOps

知道如何解决权限被拒绝的问题吗?

最佳答案

此问题的根源在于 Azure DevOps 如何存储项目和存储库。这是他们文档中的一个片段,解释了为什么会发生这种情况。

https://learn.microsoft.com/en-us/azure/devops/pipelines/artifacts/build-artifacts?view=azure-devops&tabs=yaml#download-to-debug

在提示部分下,您将看到以下内容:

  • 构建工件存储在 Windows 文件系统上,这会导致所有 UNIX 权限丢失,包括执行位。从 Azure Pipelines 或 TFS 下载项目后,您可能需要恢复正确的 UNIX 权限。

这意味着您下载的文件(在本例中是您的 shell 脚本)已删除所有 UNIX 权限。为了解决这个问题,我添加了一个步骤,在执行 shell 脚本之前首先对 shell 脚本设置适当的权限。请参阅下面的示例,其中我已将修复添加到您提供的代码中。

resource "null_resource" "databricks_token" {
triggers = {
workspace = azurerm_databricks_workspace.databricks.id
key_vault_access = azurerm_key_vault_access_policy.terraform.id
}
provisioner "local-exec" {
command = "chmod +x ${path.cwd}/generate-pat-token.sh; ${path.cwd}/generate-pat-token.sh"
environment = {
RESOURCE_GROUP = var.resource_group_name
DATABRICKS_WORKSPACE_RESOURCE_ID = azurerm_databricks_workspace.databricks.id
KEY_VAULT = azurerm_key_vault.databricks_token.name
SECRET_NAME = "DATABRICKS-TOKEN"
DATABRICKS_ENDPOINT = "https://westeurope.azuredatabricks.net"
}
}
}

命令部分会先设置shell脚本的执行权限,然后执行。

关于azure - 使用 terraform 配置程序 "local-exec"运行 shell 脚本会返回 Azure DevOps 中拒绝的权限返回拒绝的权限,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60421860/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com