使用terraform provisioner运行shell脚本;“本地执行官”;返回Azure DevOps中被拒绝的权限返回被拒绝的权限
我正在尝试为databricks提供一个pat令牌,该令牌具有null_资源和本地exec。 这是代码块:使用terraform provisioner运行shell脚本;“本地执行官”;返回Azure DevOps中被拒绝的权限返回被拒绝的权限,azure,azure-devops,sh,terraform,azure-databricks,Azure,Azure Devops,Sh,Terraform,Azure Databricks,我正在尝试为databricks提供一个pat令牌,该令牌具有null_资源和本地exec。 这是代码块: resource "null_resource" "databricks_token" { triggers = { workspace = azurerm_databricks_workspace.databricks.id key_vault_access = azurerm_key_vault_access_policy.terraform.id } pr
resource "null_resource" "databricks_token" {
triggers = {
workspace = azurerm_databricks_workspace.databricks.id
key_vault_access = azurerm_key_vault_access_policy.terraform.id
}
provisioner "local-exec" {
command = "${path.cwd}/generate-pat-token.sh"
environment = {
RESOURCE_GROUP = var.resource_group_name
DATABRICKS_WORKSPACE_RESOURCE_ID = azurerm_databricks_workspace.databricks.id
KEY_VAULT = azurerm_key_vault.databricks_token.name
SECRET_NAME = "DATABRICKS-TOKEN"
DATABRICKS_ENDPOINT = "https://westeurope.azuredatabricks.net"
}
}
}
但是,我得到以下错误:
2020-02-26T19:41:51.9455473Z [0m[1mnull_resource.databricks_token: Provisioning with 'local-exec'...[0m[0m
2020-02-26T19:41:51.9458257Z [0m[0mnull_resource.databricks_token (local-exec): Executing: ["/bin/sh" "-c" "/home/vsts/work/r1/a/_Infrastructure/Infrastructure/ei-project/devtest/generate-pat-token.sh"]
2020-02-26T19:41:51.9480441Z [0m[0mnull_resource.databricks_token (local-exec): /bin/sh: 1: /home/vsts/work/r1/a/_Infrastructure/Infrastructure/ei-project/devtest/generate-pat-token.sh: Permission denied
2020-02-26T19:41:51.9481502Z [0m[0m
2020-02-26T19:41:52.0386092Z [31m
2020-02-26T19:41:52.0399075Z [1m[31mError: [0m[0m[1mError running command '/home/vsts/work/r1/a/_Infrastructure/Infrastructure/ei-project/devtest/generate-pat-token.sh': exit status 126. Output: /bin/sh: 1: /home/vsts/work/r1/a/_Infrastructure/Infrastructure/ei-project/devtest/generate-pat-token.sh: Permission denied
2020-02-26T19:41:52.0401076Z [0m
2020-02-26T19:41:52.0401373Z
2020-02-26T19:41:52.0401978Z [0m[0m[0m
附带说明,这是Azure DevOps的
知道如何解决权限被拒绝的问题吗?这个问题的根源在于Azure DevOps如何存储工件和存储库。下面是他们文档中的一个片段,解释了为什么会发生这种情况 在“提示”部分下,您将看到以下内容:
- 生成工件存储在Windows文件系统上,这会导致所有UNIX权限(包括执行位)丢失。从Azure管道或TFS下载工件后,您可能需要恢复正确的UNIX权限
resource "null_resource" "databricks_token" {
triggers = {
workspace = azurerm_databricks_workspace.databricks.id
key_vault_access = azurerm_key_vault_access_policy.terraform.id
}
provisioner "local-exec" {
command = "chmod +x ${path.cwd}/generate-pat-token.sh; ${path.cwd}/generate-pat-token.sh"
environment = {
RESOURCE_GROUP = var.resource_group_name
DATABRICKS_WORKSPACE_RESOURCE_ID = azurerm_databricks_workspace.databricks.id
KEY_VAULT = azurerm_key_vault.databricks_token.name
SECRET_NAME = "DATABRICKS-TOKEN"
DATABRICKS_ENDPOINT = "https://westeurope.azuredatabricks.net"
}
}
}
命令部分将首先设置shell脚本的执行权限,然后执行它。您的意思是通过Azure DevOps运行
.sh
脚本吗?如果在本地运行此脚本会怎么样?你也会得到同样的结果吗?这将有助于缩小问题是否与Azure DevOps相关的范围。在生成pat令牌.sh
中有什么内容?您是在设置Databricks工作区,还是正在创建Databricks pat令牌?