ansible-collections / ansible.scm Goto Github PK
View Code? Open in Web Editor NEWAn ansible collection for prescriptive retrieval and publish using git
License: GNU General Public License v3.0
An ansible collection for prescriptive retrieval and publish using git
License: GNU General Public License v3.0
it would be really helpful if you could add a key_file path option to the modules to point to specific private key file to gain permissions to private repos.
to allow easier usage of private key files to access private repos
- name: Commit and Push changes
ansible.scm.git_publish:
path: "{{ git_path }}"
user:
name: "David Danielsson"
key_file: "{{ lookup('env', 'MY_CERT_FILE_PATH') }}"
Coming to this repo, it is not clear what this collection does and how it can be used. A few sentences at the top of the README with the intended purpose and function of this collection would quickly provide that clarity to anyone that comes to the repo or find it in Galaxy or Automation Hub.
README.md
Would it be possible to add an argument to git_publish
to tag a current a specific release/commit, which we could as a reference to retrieve withgit_retrieve
.
The goal would be to save arbitrary network device configs to a git repository and be able to get them back based on the defined tag.
ansible.scm.git_publish
and ansible.scm.git_retrieve
.
A tentative playbook could look like this:
- name: Set a tag
ansible.builtin.set_fact:
time: "{{ ansible_date_time.iso8601_micro }}"
repo: "http://github.com/..."
- name: Publish the changes with a tag [Save current config]
ansible.scm.git_publish:
path: "{{ repo }}"
tag: "{{ time }}"
- name: Retrieve a repository [Get previously saved config]
ansible.scm.git_retrieve:
origin:
url: "{{ repo }}"
tag: "{{ time }}"
Will close this when complete
Token should be non-mandatory while perform check_argspec functionality
ansible.scm/plugins/action/git_publish.py
Line 104 in 78cba50
---
- hosts: rtr1
gather_facts: true
tasks:
- name: Network BGP Manager
ansible.builtin.include_role:
name: network.base.resource_manager
vars:
action: persist
ansible_network_os: cisco.ios.ios
resources:
- 'interfaces'
- 'l2_interfaces'
- 'l3_interfaces'
- 'bgp_global'
- 'bgp_address_family'
- 'ospfv2'
- 'ospfv3'
- 'ospf_interfaces'
origin: https://github.com/rohitthakur2590/network_validated_content_automation.git
The full traceback is:
NoneType: None
fatal: [rtr1]: FAILED! => {
"changed": false,
"msg": "Token can not be an empty string"
}
ansible.scm/plugins/action/git_publish.py
Line 104 in 78cba50
instead this need to be checked when token provided and is empty string
I am trying to use ansible.scm in an AAP Execution Environment to retrieve a git repository via SSH. When calling git_retrieve the execution stops, asking what to do about the new unknown hostkey. Afterwards the execution is aborted due to a timeout waiting for a console input.
I tried adding 'host_key_checking: "no"' to the task, but this did not change anything. I guess git_publish will have the same problem.
# ansible --version
ansible [core 2.14.5]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /home/runner/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.9.16 (main, May 31 2023, 12:21:58) [GCC 8.5.0 20210514 (Red Hat 8.5.0-18)] (/usr/bin/python3.9)
jinja version = 3.1.2
libyaml = True
Collection Version
----------- -------
ansible.scm 1.1.0
CONFIG_FILE() = /etc/ansible/ansible.cfg
Ansible Automation Platform Controller 4.3.8
The execution environment uses "Red Hat Enterprise Linux release 8.8 (Ootpa)"
Launch a Job Template in an execution environment which does not have any SSH known_hosts file.
---
- name: "ansible.scm tests"
hosts: localhost
gather_facts: false
collections:
- ansible.scm
tasks:
- name: "Retrieve Task"
ansible.scm.git_retrieve:
host_key_checking: "no"
origin:
url: ssh://git@gitithost/projectname/reponame.git
register: repository
The expectation is, that the given git repo is checked out into a temporary directory inside the execution environment accepting/ignoring the unknown host key. The same way as the "accept_hostkey: true" option of ansible.builtin.git is working.
The execution got stuck at the ssh prompt asking wether to accept the unknown host key. Finally running into a timeout as no answer is given.
Although not tested, I assume git_publish will have the same problem.
Enter passphrase for /runner/artifacts/707585/ssh_key_data:
Identity added: /runner/artifacts/707585/ssh_key_data (/runner/artifacts/707585/ssh_key_data)
PLAY [ansible.scm tests] *******************************************************
TASK [Retrieve Task] **************************************************************
The authenticity of host '[githost]:PORT ([IP ADDRESSE]:PORT)' can't be established.
RSA key fingerprint is SHA256:FINGERPRINT_REMOVED.
Are you sure you want to continue connecting (yes/no/[fingerprint])?
fatal: [localhost]: FAILED! => {"branch_name": "", "branches": [], "changed": true, "msg": "Timeout: Failed to clone repository: ssh://git@githost:PORT/projectname/reponame.git", "name": "", "output": [{"command": "git -C /tmp/tmpunfrecz9 clone --depth=1 --progress --no-single-branch ssh://git@githost:PORT/projectname/reponame.git", "env": "", "return_code": 62, "stderr_lines": ["Cloning into 'reponame'..."], "stdout_lines": []}], "path": ""}
PLAY RECAP *********************************************************************
localhost : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
My main reason I am trying to use ansible.scm is the git_publish functionality.
As a workaround I could use a dummy ansible.builtin.git with the "accept_hostkey: true" option, to add the git server's fingerprint to the ~/.ssh/known_hosts file in the EE, and afterwards use ansible.scm.*
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.