Staff Solutions Architect at Collective[i].
Things I like:
- Rust, my current favourite language
- Good automation
- Drawing weird stuff
- Motorcycles
A Concourse CI resource for running Ansible playbooks
License: MIT License
Staff Solutions Architect at Collective[i].
Things I like:
resource_types:
resources:
name: ansible
type: ansible-playbook
source:
debug: true
user: cloud_user
ssh_private_key: ((ssh-key))
verbose: vvv
name: source-code
type: git
source:
uri: ((git-repo))
branch: master
private_key: ((ssh-key))
jobs:
name: "Running Current Working Directory"
hosts: test
gather_facts: no
tasks:
name: "Current Working Directory"
shell: pwd
register: value
debug:
msg: "The Current Working Directory {{value.stdout_lines}}"
all:
hosts:
test:
ansible_connection: ssh
ansible_host: "13.x.x.x"
ansible_port: 22
ansible_user: cloud_user
After having all this i am getting unable to connect via ssh .. I dont know how to proceed from here. Can you help me here please?
Hello
I have the latest version of concourse deployed on a Kubernetes cluster without persistence.
(K8s Image: concourse/concourse:7.11.2)
I want to deploy the pipeline via your ansible resource type, through this yaml, with fly:
fly set-pipeline /target test /pipeline ansible-playbook2 /config ./pipeline-ansible2.yaml
resource_types:
resources:
jobs:
fly deployment + resource type check - will be always successful.
But when I check the resource - I always get this error:
fly check-resource /target test /resource:ansible-playbook2/ansible
checking ansible-playbook2/ansible in build 4381
initializing check: ansible
initializing check: ansible
selected worker: concourse-worker-1
version is missing from previous step
version is missing from previous step
errored
I tried setting all possible combinations for version & tag key in source type and source too - no luck.
In your ansible playbook container, I can see that the container is really trying to output the version information:
ansible-test:/opt/resource# ls -all
total 24
drwxr-xr-x 3 root root 4096 Jan 17 18:42 .
drwxr-xr-x 1 root root 4096 Jan 17 18:42 ..
-rwxr-xr-x 1 root root 20 Jul 3 2023 check
-rwxr-xr-x 1 root root 34 Jul 3 2023 in
drwxrwxr-x 3 root root 4096 Nov 20 19:49 lib
-rwxr-xr-x 1 root root 276 Jul 3 2023 out
ansible-test:/opt/resource# cat in
#!/bin/sh
printf '{"version":{}}'
ansible-test:/opt/resource#
When I try another ansible resource type clone (e.g. - argon/concourse-ansible-playbook-resource) - everything works immediately.
This link also solves something similar - concourse/registry-image-resource#316 - but it didn't help me either.
Pls, where and how should I set it so that the resource type check will be successful?
@troykinsella Just wondering whether you could re-build and release a new version (since it's been > 1 year) so we have a more recent version of ansible? Thanks! ;-)
It would be great to be able to limit hosts with a limit variable.
Hello.
With new release something wrong, because resource doesn't run playbook but return success.
Can you check it, please?
My pipeline config:
resource_types:
- name: ansible-playbook
type: docker-image
source:
repository: troykinsella/concourse-ansible-playbook-resource
tag: latest
resources:
- name: ci-src
type: git
icon: github-circle
source:
branch: master
uri: ((git.uri))
private_key: ((ssh.private_key))
- name: ansible-playbook
type: ansible-playbook
icon: ansible
source:
debug: true
verbose: vvv
env:
ANSIBLE_DEPRECATION_WARNINGS: "False"
user: root
ssh_private_key: ((ssh.private_key))
jobs:
- name: Run playbook
plan:
- get: ci-src
- put: ansible-playbook
params:
check: false
diff: false
inventory: .ci/ansible/inventory/inventory.yml
playbook: .ci/ansible/playbook.yml
path: ci-src
vars:
host: test
My playbook (for testing purposes)
- hosts: "{{ host }}"
gather_facts: no
become: true
vars:
ansible_python_interpreter: /usr/bin/python3
tasks:
- name: test latest ansible concourse-ci resource
shell: echo Successfull! > ~/.test
concourse-ci anisble step log:
ansible-playbook --extra-vars '{"host":"test"}' -i .ci/ansible/inventory/inventory.yml --private-key /tmp/ansible-playbook-resource-ssh-private-key --user root -vvv .ci/ansible/playbook.yml
Hi,
Which format expects this variable? I'm tried with openssh private key and rsa private key formats without success.
Configuring ssh...
Configuring git...
SSH_ASKPASS=/opt/resource/lib/ssh_askpass.sh DISPLAY= ssh-add /tmp/ansible-playbook-resource-git-private-key
Error loading key "/tmp/ansible-playbook-resource-git-private-key": invalid format
/opt/resource/lib/ssh_config.rb:23:in `ssh_add_key!': ssh-add failed (RuntimeError)
from /opt/resource/lib/commands/out.rb:68:in `configure_git!'
from /opt/resource/lib/commands/out.rb:192:in `run!'
from /opt/resource/lib/commands/out.rb:206:in `<main>'
key example:
-----BEGIN OPENSSH PRIVATE KEY-----
keykeykye
keykey
-----END OPENSSH PRIVATE KEY-----
Regards,
It looks like the behaviour of SSH has changed in the latest image 28239a6eb5b4
. It defaults to using IPv6, which causes lookups which were previously working to fail.
A workaround for this issue is to add the following to the source configuration of the resource:
source:
ssh_common_args: "-4"
Ansible is currently version 2.10, and there are a few forwards-incompatible changes that were made since 2.9. Namely, galaxy collections have a fully qualified module name that is preferred over a name in the global namespace. For example, the docker_container
module is now named community.docker.docker_container
. Unfortunately, this is not supported in the version shipped in this image, so my playbooks for provisioning the machine, and the playbooks for deploying, have to be written in different syntaxes.
rsync is required for the synchronize module.
Some systems (like network devices) may not use SSH keys for connections, so it would be great to make this parameter optional so that we can use this resource with network devices where SSH key authentication is not available.
The Ansible reboot module fails to acknowledge a host is back up after a successful reboot.
To reproduce we can run the following from within the container:
ansible all -m reboot -i inventory.ini
The same command works outside of this container and inside other containers (though everything else about this resource is better than the others wherein the reboot is working).
Hi,
Seems that the move from Ubuntu to Alpine broke the resource for me... from the looks of it due to a missing gcc.
Installing collected packages: munch, netifaces, pbr, os-service-types, iso8601, stevedore, keystoneauth1, decorator, jmespath, jsonpointer, jsonpatch, requestsexceptions, dogpile.cache, appdirs, openstacksdk, os-client-config, shade
Running setup.py install for netifaces: started
Running setup.py install for netifaces: finished with status 'error'
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3.8 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-ie2zqkm2/netifaces/setup.py'"'"'; __file__='"'"'/tmp/pip-install-ie2zqkm2/netifaces/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-_xvsoba_/install-record.txt --single-version-externally-managed --compile --install-headers /usr/include/python3.8/netifaces
cwd: /tmp/pip-install-ie2zqkm2/netifaces/
Complete output (16 lines):
running install
running build
running build_ext
checking for getifaddrs...not found.
checking for getnameinfo...not found.
checking for socket IOCTLs...not found.
checking for optional header files...none found.
checking whether struct sockaddr has a length field...no.
checking which sockaddr_xxx structs are defined...none!
checking for routing socket support...no.
checking for sysctl(CTL_NET...) support...no.
checking for netlink support...no.
building 'netifaces' extension
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Os -fomit-frame-pointer -g -Os -fomit-frame-pointer -g -Os -fomit-frame-pointer -g -DTHREAD_STACK_SIZE=0x100000 -fPIC -DNETIFACES_VERSION=0.10.9 -I/usr/include/python3.8 -c netifaces.c -o build/temp.linux-x86_64-3.8/netifaces.o
unable to execute 'gcc': No such file or directory
error: command 'gcc' failed with exit status 1
----------------------------------------
Correct me if I'm wrong, but I think the out
parameter vars_file
is being ignored at the moment. Only vars
is used. Am I just missing something?
If that's the case I think it should be either implemented back, or removed from the documentation.
/opt/resource/lib/commands/out.rb:82:in `configure_ansible!': undefined method `exists?' for File:Class (NoMethodError)
if File.exists? ansible_cfg_path
^^^^^^^^
Did you mean? exist?
from /opt/resource/lib/commands/out.rb:195:in `run!'
from /opt/resource/lib/commands/out.rb:208:in `<main>'
According to this StackOverflow answer it looks like Ruby 3.2.0 removes some deprecated aliases that need to be updated in this resource (or have a specific Ruby version pinned)
It would be great to enable ARA in the resource.
I am trying this resource type to execute my ansible playbook but every time got the error as private key not found although i have stored private key in vault and even same issue after directly inserting passbook to pipeline . Is there anything else need to be taken care?
According to e.g. https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html, I gather the format of netrc should be:
"default login #{username} password #{password}\n"
instead of
I had errors complaining about a "bad follower token". For my use case, I overwrote the generated netrc with the following, which fixed the problem:
machine github.com login XXX password YYY
default login anonymous password user@site
@troykinsella Hello again ;-) Just wondering whether you could re-build and release a new version so we have the option of using the current ansible version (7.x / ansible-core 2.14)?
Haven't explicitly checked whether the new version could introduce problems, but I'm not aware of any. https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_7.html
Thanks a lot!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.