actions/action-ansible-playbook
1
0
Fork 0
mirror of https://github.com/dawidd6/action-ansible-playbook.git synced 2025-09-03 15:25:46 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into master

Browse Source
This commit is contained in:
Dawid Dziurla 2021-07-19 17:45:37 +02:00 committed by GitHub
commit 8b926faefd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 134 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,18 @@
version: 2
updates:
- package-ecosystem: npm
directory: "/"
schedule:
interval: daily
time: "04:00"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily
time: "04:00"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10

95
.github/workflows/test.yml vendored
View File

@ -7,14 +7,56 @@ on:
pull_request:
jobs:
test-remote:
remote:
runs-on: ubuntu-latest
env:
SSH_PRIVATE_KEY: |
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAw1mPRVbmzA1LGWbk9rk9lNxC34M7ZlCHi/OAgglMtFfP6f95hoNA
mSggomlTgQNysk1/kTfhVuIvVDVroTV6iyxM6b0eBOwSMglZn60PPZCXzF+VstfrMUH5Vd
PbuahVTW453g1ZAhwA+EPDBMEp2VzzbZgX7dCO0WnYrIrXknfiJ+sNYErVm9WqY58a7aoi
Y4eCgRD/9FGMyGoQcrmuHPR6tKCN0zIoVKl/wjzWH2jRUhRbZbf7V72VN+lWwJyciH7V+S
l4YZiob/JmW0FIPcWckoO1+hLUAQ0LpSaoCyz7ua+G0wgRoeLH3c32yQVjAHFesYzQymhn
/KVZBRPfdI2Hjzqj+cnYvyfy0t3R8/K6rdutRSYaQoqfFaFxoWtl59B/v5/IEE7s0Zsy2B
5ZJ4SbdYs1lA74UUGn+XjXVor7TTxvDWBV83npHFGBOhn3gqSLRcZ8JLb7KY5CGhbpy3z7
y5JDY0lYiZaWXTUQmIOfX54csTu40+yCnlCjRHaDAAAFiAuND90LjQ/dAAAAB3NzaC1yc2
EAAAGBAMNZj0VW5swNSxlm5Pa5PZTcQt+DO2ZQh4vzgIIJTLRXz+n/eYaDQJkoIKJpU4ED
crJNf5E34VbiL1Q1a6E1eossTOm9HgTsEjIJWZ+tDz2Ql8xflbLX6zFB+VXT27moVU1uOd
4NWQIcAPhDwwTBKdlc822YF+3QjtFp2KyK15J34ifrDWBK1ZvVqmOfGu2qImOHgoEQ//RR
jMhqEHK5rhz0erSgjdMyKFSpf8I81h9o0VIUW2W3+1e9lTfpVsCcnIh+1fkpeGGYqG/yZl
tBSD3FnJKDtfoS1AENC6UmqAss+7mvhtMIEaHix93N9skFYwBxXrGM0MpoZ/ylWQUT33SN
h486o/nJ2L8n8tLd0fPyuq3brUUmGkKKnxWhcaFrZefQf7+fyBBO7NGbMtgeWSeEm3WLNZ
QO+FFBp/l411aK+008bw1gVfN56RxRgToZ94Kki0XGfCS2+ymOQhoW6ct8+8uSQ2NJWImW
ll01EJiDn1+eHLE7uNPsgp5Qo0R2gwAAAAMBAAEAAAGBAJixNlWCmaBBe8P9M1bOcB4dFI
BUuWc95tUzne0Gi9gjEzbaJAlKKoIMZYXNQiIDqfFItj+yKAabgVcW8mvtuz1xgSTqV76N
L6PAvzcaNGFw1dY/mGlUcFfuM5AsqwCxXQvK7pxsXnhRn0hu3s6mlal7CCNP0NRoQlnZnC
0x0VKBNlrxVWFA3TqThj2cLZY7d+nID/AGc6pq29oDXZvvGvMy/X6WSIUeHXwfiOcwWkXu
zj6T/uTBLErmuu4bC14+ipTv5JbdjiKW6Ob/uM8mBY9V1T+XJxYXVuICNHAiydFj73mnwo
RrtVx53w0/bt4FWtkzaN564DPHBm6GD4uIby+GRv600IzCQlYiz0RYPlQzaIbe5ut9rbQ/
lCrdkP0kuuO9SNcu9XuuTxetz9HfXprJaWwZbDXx/zUFNE9Q/d2X3N3NTWxNNVW6a4MxVx
856rvds+z0s4pu7SJXEPy7qMwLPqMZak7JALSmllaQ/FOSOCsEs0Mlfn+dsEVAlmVDwQAA
AMEA2jU9wUprSajSEf44kKuWk5amcdW4r7R09ZU5g6RWJEcIzfyeMdkab/3zm6/yWthZsT
TYFJlA/DINhclwMFY4W1K4hvedsbFy7RV55W21Mcv1e0Df1RHtV6+C8GFKCu1nXQY0wg5R
MvCet49Raqqg5OfMn0a2iGLSvNATUhI4PDUiHj5U4q6r6v5/XOs6+12lCExMaq1F+8TB/r
ClnveBFFUKByahd/0MeKqWnvHvsm25EOu7IuNbQ5+MgaNS5ugQAAAAwQD1BaD/r4rUhz8Z
bJzuqMJ+5c5BdS8m+I5yEYtXWM9LE4y1KuKZxl9kdWlC/YoceVh7cmhr2l0WWELLWpQUu0
qx9Pd4PDU3FIyBw9hrNAa+FVQmFMHPh69bXtC7c9yPqA8aUXwUCUAJaXBbTb8DmZsy79LG
ysdl5xbELZlcW0cCv1RLeorxdQGjqtLTOf6aHqtqQmNIwEm07rJzU2TVMQVnlQ2Dqnfp8X
qzShem8cdVWud5OJiC8ddZFJTVkZkpsjEAAADBAMwaMpJq+wNz4k6X8EUm056IoJUuHgL5
5z1bwpQcvKI+6QmoytK6QZD1aa77Qx4rEOS8bOmdeB4sTMjh88HR2x1XsXU8qi66sxh5Wv
dkiRyb5m8cxvdMywZJ9WuSD9+cI4lR5PQaKUMJdDyB42pBrHansXoS/zW1/j3Oecv0h1lV
hSK/8idmd/gOAkcRj8uf0FvyaftILlfSeyPQM60fMgW2rrEDBiIZ2cA7yduoQB08T0lzsA
8uPJFry1jRnJ7y8wAAAA5kYXdpZGQ2QFN1bGFjbwECAw==
-----END OPENSSH PRIVATE KEY-----
SSH_PUBLIC_KEY: |
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDDWY9FVubMDUsZZuT2uT2U3ELfgztmUIeL84CCCUy0V8/p/3mGg0CZKCCiaVOBA3KyTX+RN+FW4i9UNWuhNXqLLEzpvR4E7BIyCVmfrQ89kJfMX5Wy1+sxQflV09u5qFVNbjneDVkCHAD4Q8MEwSnZXPNtmBft0I7RadisiteSd+In6w1gStWb1apjnxrtqiJjh4KBEP/0UYzIahByua4c9Hq0oI3TMihUqX/CPNYfaNFSFFtlt/tXvZU36VbAnJyIftX5KXhhmKhv8mZbQUg9xZySg7X6EtQBDQulJqgLLPu5r4bTCBGh4sfdzfbJBWMAcV6xjNDKaGf8pVkFE990jYePOqP5ydi/J/LS3dHz8rqt261FJhpCip8VoXGha2Xn0H+/n8gQTuzRmzLYHlknhJt1izWUDvhRQaf5eNdWivtNPG8NYFXzeekcUYE6GfeCpItFxnwktvspjkIaFunLfPvLkkNjSViJlpZdNRCYg59fnhyxO7jT7IKeUKNEdoM=
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Setup remote
run: |
echo "${{secrets.SSH_PUBLIC_KEY}}" | sudo tee /etc/ssh/authorized_keys
echo "$SSH_PUBLIC_KEY" | sudo tee /etc/ssh/authorized_keys
sudo tee /etc/ssh/sshd_config <<EOF
PasswordAuthentication no
PubkeyAuthentication yes
@ -23,12 +65,18 @@ jobs:
Subsystem sftp /usr/lib/openssh/sftp-server
EOF
sudo systemctl restart sshd
- name: Test remote
echo 'SSH_KNOWN_HOSTS<<EOF' >> $GITHUB_ENV
echo $(ssh-keyscan localhost) >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
- name: With everything
uses: ./
with:
playbook: playbook.yml
key: ${{env.SSH_PRIVATE_KEY}}
known_hosts: ${{env.SSH_KNOWN_HOSTS}}
directory: test
key: ${{secrets.SSH_PRIVATE_KEY}}
vault_password: test
requirements: requirements.yml
inventory: |
[all]
localhost
@ -39,48 +87,29 @@ jobs:
-e db_name=db_name
-e db_user=db_user
-e db_pass=db_pass
test-local:
local:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Test local
- name: With requirements
uses: ./
with:
playbook: playbook.yml
directory: test
requirements: requirements.yml
options: |
--inventory hosts
--limit local
- name: Test local
options: --inventory hosts
- name: With requirements bundle
uses: ./
with:
playbook: playbook.yml
directory: test
requirements: requirements-bundle.yml
options: |
--inventory hosts
--limit local
test-local-more:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Test local
options: --inventory hosts
- name: With vault password
uses: ./
with:
playbook: playbook.yml
directory: test
vault_password: test
inventory: |
[all]
localhost ansible_connection=local
options: |
-e key1=val1
-e key2=val2
- name: Test local
uses: ./
with:
playbook: playbook.yml
vault_password: test
inventory: |
[all]
localhost ansible_connection=local
options: --inventory hosts

3
action.yml
View File

@ -22,6 +22,9 @@ inputs:
vault_password:
description: The password used for decrypting vaulted files
required: false
known_hosts:
description: Contents of SSH known_hosts file
required: false
options:
description: Extra options that should be passed to ansible-playbook command
required: false

24
main.js
View File

@ -12,6 +12,7 @@ async function main() {
const key = core.getInput("key")
const inventory = core.getInput("inventory")
const vaultPassword = core.getInput("vault_password")
const knownHosts = core.getInput("known_hosts")
const options = core.getInput("options")
const sudo = core.getInput("sudo")
@ -65,14 +66,33 @@ async function main() {
cmd.push(vaultPasswordFile)
}
if (sudo) {
cmd.unshift("sudo")
}
process.env.ANSIBLE_HOST_KEY_CHECKING = "False"
if (knownHosts) {
const knownHostsFile = ".ansible_known_hosts"
fs.writeFileSync(knownHostsFile, knownHosts, { mode: 0600 })
core.saveState("knownHostsFile", knownHostsFile)
let known_hosts_param = [
"--ssh-common-args=",
"\"",
"-o UserKnownHostsFile=",
knownHostsFile,
"\""
].join('')
cmd.push(known_hosts_param)
process.env.ANSIBLE_HOST_KEY_CHECKING = "True"
} else {
process.env.ANSIBLE_HOST_KEY_CHECKING = "False"
}
process.env.ANSIBLE_FORCE_COLOR = "True"
await exec.exec(cmd.join(" "))
await exec.exec(cmd.join(' '))
} catch (error) {
core.setFailed(error.message)
}

28
package-lock.json generated
View File

@ -5,15 +5,15 @@
"packages": {
"": {
"dependencies": {
"@actions/core": "^1.2.6",
"@actions/core": "^1.2.7",
"@actions/exec": "^1.0.4",
"yaml": "^1.10.0"
"yaml": "^1.10.2"
}
},
"node_modules/@actions/core": {
"version": "1.2.6",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz",
"integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA=="
"version": "1.2.7",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.7.tgz",
"integrity": "sha512-kzLFD5BgEvq6ubcxdgPbRKGD2Qrgya/5j+wh4LZzqT915I0V3rED+MvjH6NXghbvk1MXknpNNQ3uKjXSEN00Ig=="
},
"node_modules/@actions/exec": {
"version": "1.0.4",
@ -29,9 +29,9 @@
"integrity": "sha512-J8KuFqVPr3p6U8W93DOXlXW6zFvrQAJANdS+vw0YhusLIq+bszW8zmK2Fh1C2kDPX8FMvwIl1OUcFgvJoXLbAg=="
},
"node_modules/yaml": {
"version": "1.10.0",
"resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.0.tgz",
"integrity": "sha512-yr2icI4glYaNG+KWONODapy2/jDdMSDnrONSjblABjD9B4Z5LgiircSt8m8sRZFNi08kG9Sm0uSHtEmP3zaEGg==",
"version": "1.10.2",
"resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz",
"integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==",
"engines": {
"node": ">= 6"
}
@ -39,9 +39,9 @@
},
"dependencies": {
"@actions/core": {
"version": "1.2.6",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz",
"integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA=="
"version": "1.2.7",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.7.tgz",
"integrity": "sha512-kzLFD5BgEvq6ubcxdgPbRKGD2Qrgya/5j+wh4LZzqT915I0V3rED+MvjH6NXghbvk1MXknpNNQ3uKjXSEN00Ig=="
},
"@actions/exec": {
"version": "1.0.4",
@ -57,9 +57,9 @@
"integrity": "sha512-J8KuFqVPr3p6U8W93DOXlXW6zFvrQAJANdS+vw0YhusLIq+bszW8zmK2Fh1C2kDPX8FMvwIl1OUcFgvJoXLbAg=="
},
"yaml": {
"version": "1.10.0",
"resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.0.tgz",
"integrity": "sha512-yr2icI4glYaNG+KWONODapy2/jDdMSDnrONSjblABjD9B4Z5LgiircSt8m8sRZFNi08kG9Sm0uSHtEmP3zaEGg=="
"version": "1.10.2",
"resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz",
"integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg=="
}
}
}

4
package.json
View File

@ -2,8 +2,8 @@
"name": "action-ansible-playbook",
"main": "main.js",
"dependencies": {
"@actions/core": "^1.2.6",
"@actions/core": "^1.2.7",
"@actions/exec": "^1.0.4",
"yaml": "^1.10.0"
"yaml": "^1.10.2"
}
}

7
playbook.yml
View File

@ -1,7 +0,0 @@
- name: Test Action
hosts: all
tasks:
- name: Copy action.yml
copy:
src: action.yml
dest: /tmp/action.yml

5
post.js
View File

@ -14,6 +14,7 @@ async function main() {
const keyFile = core.getState("keyFile")
const inventoryFile = core.getState("inventoryFile")
const vaultPasswordFile = core.getState("vaultPasswordFile")
const knownHostsFile = core.getState("knownHostsFile")
if (directory)
process.chdir(directory)
@ -26,6 +27,10 @@ async function main() {
if (vaultPasswordFile)
rm(vaultPasswordFile)
if (knownHostsFile)
rm(knownHostsFile)
} catch (error) {
core.setFailed(error.message)
}

0
hosts → test/hosts
View File

11
test/playbook.yml
View File

@ -1,7 +1,12 @@
- name: Test Action
hosts: all
tasks:
- name: Copy action.yml
- name: Copy file
copy:
src: ../action.yml
dest: /tmp/action.yml
src: requirements.yml
dest: /tmp/requirements.yml
- name: Install cowsay
become: yes
apt:
name: cowsay
update_cache: yes

0
requirements-bundle.yml → test/requirements-bundle.yml
View File

0
requirements.yml → test/requirements.yml
View File