Skip to main content
Version: Current 🚧

Ansible

Description​

This plugin is designed for using ansible-playbook and ansible-lint in a Vela pipeline.

Source Code: https://github.com/go-vela/vela-ansible

Registry: https://hub.docker.com/r/target/vela-ansible

Usage​

NOTE:

Users should refrain from using latest as the tag for the Docker image.

It is recommended to use a semantically versioned tag instead.

More information for ansible-lint can be found at: ansible-lint docs.
More information for ansible-playbook can be found at: ansible-playbook docs.

Sample for .vela.yml​

steps:
- name: ansible-lint
image: target/vela-ansible:latest
parameters:
action: lint
playbook: "abox/main.yml"
lint_skip:
- no-changed-when
- key-order

- name: ansible-playbook
image: target/vela-ansible:latest
parameters:
action: playbook
playbook: "abox/main.yml"
options_inventory: "abox/inventory/hosts.yml"
connection_user: root

Parameters​

The following parameters are used to configure the image:

ParameterDescriptionRequiredDefault
log_levelset the log level for the plugin (valid options: info, debug, trace)trueinfo
action set plugin action (valid options: lint, playbook)truelint

Note: action parameter will determine whether to run ansible-lint or ansible-playbook. The default is set to ansible-lint.

Ansible-Lint​

ParameterDescriptionRequiredDefault
playbookplaybook to be ran by ansible-linttruefalse
lint_versionreturns ansible-lint version and exits the program.falsefalse
lint_listlists all the rules.falsefalse
lint_formatformat used rules output (rich,plain,rst,codeclimate,quiet,pep8)falserich
lint_quieterquieter, although not silent output.falsefalse
lint_parseableparseable output in the format of pep8.falsefalse
lint_parseableseverityparseable output including severity of rule.falsefalse
lint_progressivereturn success if it detects a reduction in number of violations compared with previous git commit. This feature works only in git repositories.falsefalse
lint_projectdirlocation of project/repository, autodetected based on location of configuration file.falseN/A
lint_rulespecify one or more rules directories. -r flag (lint_rule) overrides the default rules in /path/to/ansible-lint/lib/ansiblelint/rules, unless -R (lint_rulesdefault) is also used.falseN/A
lint_rulesdefaultuse default rules in /path/to/ansible-lint/lib/ansiblelint/rules in addition to any extra rules directories specified with -r (lint_rule). There is no need to specify this if no -r (lint_rule) flag/s is/are used.falsefalse
lint_showrelativepathdisplay path relative to CWD.falsefalse
lint_tagsonly check rules whose id/tags match these values.falseN/A
lint_tagslistlist all the tags.falsefalse
lint_verboseincrease verbosity level.falsefalse
lint_skiponly check rules whose id/tags does not match these values.falseN/A
lint_warnonly warn about these rules, unless overridden in config file defaults to 'experimental'falseexperimental
lint_enableactivate optional rules by their tag namefalseN/A
lint_nocolordisable colored output.falsefalse
lint_forcecolortry force colored output.falsefalse
lint_excludepath to directories or files to skip.falseN/A
lint_configspecify a configuration file to use.false.ansible-lint
lint_offlinedisable installation of requirements.ymlfalsefalse

Ansible-Playbook​

ParameterDescriptionRequiredDefault
playbookplaybook to be ran by ansible-playbook.trueN/A

ansible-playbook options​

ParameterDescriptionRequiredDefault
options_askvaultpassask for vault password.falsefalse
options_flushcacheclear the fact cache for every host in inventory.falsefalse
options_forcehandlersrun handlers even if a task fails.falsefalse
options_listhostsoutputs a list of matching hosts and exits program.falsefalse
options_listtagslist all available tagsfalsefalse
options_listtaskslist all tasks to be executed.falsefalse
options_skiptagsonly run plays and tasks whose tags does not match these values.falseN/A
options_startattaskstart the playbook at the task matching this name.falseN/A
options_stepone-set-at-a-time: confirm each task before running.falsefalse
options_syntaxcheckperform a syntax check on the playbook and exits program.falsefalse
options_vaultidthe vault identity to use.falseN/A
options_vaultpasswordfilevault password file.falseN/A
options_versionreturns ansible-playbook version number, configuration file location, configured module search path, module location, executable location and exits program.falsefalse
options_checkdry-run, does not make any changes; instead, tries to predict some of the changes that may occur.falsefalse
options_differencewhen changing (small) files and template, shows the difference in those files.falsefalse
options_modulepathprepend colon-separated path(s) to module libraryfalse~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
options_extravarsset additional variables as key=value or YAML/JSON, if filename is prepend with @falseN/A
options_forksspecify number of parallel processes to use.false5
options_inventoryspecify inventory host path or comma separated host list.trueN/A
options_limitfurther limit selected hosts to additional pattern.falsefalse
options_tagsonly run plays and task whose tags matches these values.falseN/A
options_verboseverbose mode.falsefalse
options_verbosemoreverbose mode: more verbose.falsefalse
options_verbosedebugverbose mode: connection debuggingfalsefalse

ansible-playbook connection​

ParameterDescriptionRequiredDefault
connection_privatekeyuse this file to authenticate the connection.falseN/A
connection_scpextraargsspecify extra arguments to pass to scp only.falseN/A
connection_sftpextraargsspecify extra arguments to pass to sftp only.falseN/A
connection_sshextraargsspecify extra arguments to pass to ssh only.falseN/A
connection_sshcommonargsspecify common arguments to pass to scp/sftp/ssh.falseN/A
connection_timeoutoverride the connection timeout in seconds.false10
connection_connectionconnection type to use.falsesmart
connection_userconnect as this user.falsenone
connection_passwordfileconnection password filefalseN/A

ansible-playbook privilege escalation​

ParameterDescriptionRequiredDefault
privilege_becomemethodprivilege escalation method to use.falsesudo
privilege_becomeuserrun operation as this user.falseroot
privilege_askbecomepassask for privilege escalation password.falsefalse
privilege_becomerun operations with become (does not imply password prompting)falsefalse
privilege_becomepassfilebecome password filefalseN/A

Template​

COMING SOON!

Troubleshooting​

You can start troubleshooting this plugin by tuning the level of logs being displayed:

steps:
- name: ansible-lint
image: target/vela-ansible:latest
parameters:
+ log_level: trace
action: lint
playbook: "abox/main.yml"

Below are a list of common problems and how to solve them: