Skip to content

JankoTreuner/example-github-actions-run-ansible-workflow

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
.github/workflows
.github/workflows
 
 
ansible
ansible
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
requirements.yml
requirements.yml
 
 
test.txt
test.txt
 
 

Repository files navigation

example-github-actions-run-ansible-workflow

Example showing how to run an ansible playbook using github actions

How to run this example (in a forked repository, with your own configuration)

Setup GitHub secrets INVENTORY, KNOWN_HOSTS and SSH_KEY.

Important

Ensure that the tool you use to set the GitHub secret supports multiline content (VSCode seems not to support it). I recommend using the github.com website itself.

Afterwards every push to the repository or manual trigger of the workflow direktly (via GitHub.com -> Actions) should trigger the workflow and execute the playbook on the confiured hosts.

For more details see description below.

How this example works

This repository contains following things:

  • python requirements for running ansible
  • simple ansible playbook
  • github action workflow

Python requirements for running ansible

See file requirements.txt

Install requirements locally using a venv:

python3 -m venv ./venv
source venv/bin/activate
pip install -r requirements.txt

Simple ansilbe-playbook

See file ansible/ping.yaml

Uses the ansible.builtin.ping module to test connection to remote

Github action workflow

See file .github/workflows/main.yml

The workflow contains the following jobs

  1. validate - Validates the playbook, using ansible-lint
  2. run-playbook

validate

Runs asible-lint to ensure the code quality of the playbook.

The requirements.yml is required to resolve additional namespaces while linting.

run-playbook

Steps
install requirements

Installs requirements.txt or test.requirements.txt if file exists in project-root.

write inventory to file

Writes the inventory information from GitHub secret to file

The content should be a valid ansible inventory

ungrouped:
  hosts:
    my.domain.de: 
      ansible_user: the_user
configure ssh

Creates everything need for ssh. Therefor GitHub secret KNOWN_HOSTS and SSH_KEY must exist.

KNOWN_HOSTS Well known file ~/.ssh/known_hosts. The GitHub secret must be set to the required hosts.

my.domain.de ecdsa-sha2-nistp256 <key>

SSH_KEY The secret SSH_KEY must be set to a valid private key for the user that is used to run ansible on the target.

  1. generate ssh-key
ssh-keygen -o -a 1000 -t ed25519

  1. add public key to the authorized_keys of the user on the target system.

  2. set the private key as GitHub secret SSH_KEY. Should be something like:

-----BEGIN OPENSSH PRIVATE KEY-----
<LongPrivateKey>...==
-----END OPENSSH PRIVATE KEY-----

Credits

While looking for an example how to use github actions to run ansible notebooks I stumbled over the following article of @xNok (https://github.com/xNok) at medium: https://medium.com/faun/how-to-run-an-ansible-playbook-using-github-action-42430dec944 This repository contains the outcome of playing around with this example as a start.

About

Example showing how to run an ansible playbook using github actions

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published