Deploying the Ansible Code

Running Ansible within a release pipeline isn’t as easy as running a playbook. The build agents running your code are not configured to run Ansible. You are responsible for building that environment at runtime.

You already have the Ansible environment codified in a Dockerfile. Now the question becomes, "How do you run that container with GitHub actions?"

To accomplish this, you will create a Docker container GitHub action and a workflow that uses that action to deploy Ansible.

Create a Docker container GitHub action#

Use the following Dockerfile to create the container that our release pipeline uses:

Multi Cloud Dockerfile
The Dockerfile contains all the tools and packages required to manage both Azure and AWS environments.

We have created the ansible Github action directory using the command below:

The above Dockerfile has already been to the .github/actions/ansible directory.

Add an ENTRYPOINT#

Currently, your Ansible container runs interactively. You issue commands at the terminal. Github actions don’t allow you to do that. Instead, you must programmatically run the container and add an entrypoint to the Dockerfile.

An entrypoint allows you to configure a container that will run as an executable. It does that by calling a command or script when the container starts. Using a shell script, you will turn your container into an executable that runs the site.yml playbook.

Without the ability to run interactively, you have to automate all the steps of running Ansible.

Use the entrypoint.sh to define all the steps necessary to run the site.yml without manual intervention.

Each time that you start the Ansible container, you have to install the Galaxy roles. This can easily be accounted for by adding the ansible-galaxy command to the entrypoint.sh script.

Next is automating the Vault password. Previously, you used --ask-vault-pass with the ansible-playbook command to prompt the Vault password. That won’t work in the pipeline. To fix this issue, you will use a password file instead.

Use the ANSIBLE_VAULT_PASSWORD environment variable to output the Vault password to a file named .vault.

You will need to update the Dockerfile. You can use the COPY command to copy the entrypoint.sh file into the container image.

Add an ENTRYPOINT using bash to execute the entrypoint.sh script in the Dockerfile.

Docker container action#

Within the .github/actions/ansible directory, you will create the Github action file. Review the file below:

The action.yml file defines the action.

Specifying using: 'docker' defines the action as a Docker action, and configures the image used for the Docker action.

Essentially, it is equivalent to the docker build command. It prepares the image on the hosted build agent, so the workflow can use it to run Ansible playbooks from your repository.

AWS#

Azure#

Let’s add, commit, and push the changes. Execute the following commands in the widget’s terminal:

Creating a Github Docker action solves installing and configuring Ansible, but passing in environment variables still needs to be accounted for.

In this lesson, you created a docker container GitHub action and pushed the ansible code to your repository.