Setting a Failure Exit Code in a Docker Container

When the workflow failed to get the vault password, the build returned a green checkmark. It did not accurately return the Ansible failure. Without an accurate build status, you won’t know what or when to troubleshoot.

You fix this issue by setting failure exit codes in the Docker container. There are many ways to go about it, but a simple solution is to add an if statement to the entrypoint.sh.

Review the if statement below:

The entrypoint.sh now echoes Ansible failed! And throws an exit code of 1 when the ansible-playbook does not exit with a 0. This is enough for the Github workflow to report an accurate build status.

Update the <dynamic-inventory> with the dynamic inventory of the cloud provider of your choice in the entrypoint.sh file.

Open site.yml and remove the indentation for line 2.

Add, commit, and push the changes to GitHub.

Log into GitHub and review the latest run of the workflow. You’ll see the build status returned with a red x, as expected.

Correct the indentation on line 2 of the site.yml before moving on. Run the widget and add, commit, and push the changes to Github again.

Use a base image#

Notice that the deploy Ansible workflow takes a while. The reason is the Dockerfile.

Each time the workflow runs, it calls the Docker container action that you created. That action builds the Dockerfile and prepares the container for the workflow. The container is pretty big, so it will take a while. By improving the container, you can reduce the build time.

You will update the action to use a new base layer, our base layer.

You can push an image to DockerHub and use that image as Your GitHub action base. The benefit is, when the action runs, it won’t build the entire image, drastically reducing build time.

Within your Ansible repository, we have created a directory called Dockerfiles.

In that directory, we have created a new Dockerfile, copied all the contents of ./github/actions/ansible/Dockerfile except the COPY and ENTRYPOINT commands.

Replace <DockerHub-UserName> with your Dockerhub username.

Cloud Provider specific Dockerfile
You can use the Dockerfile that meets the requirements of the cloud provider of your choice.

Review the Dockerfiles directory below:

Perform the following steps:

1. Build the Dockerfile of your choice and push it to DockerHub. Replace the <Cloud-Provider> with either:
   • AWS
   • Azure
   • Multi-Cloud

2. Replace <DockerHub-UserName> with your DockerHub username. Push the image to DockerHub.

3. Add, commit, and push the changes to GitHub.

4. Log into GitHub and review the workflow output.

Notice the time that the job takes now.

Try it now#

At the moment, Ansible lint and deploy Ansible are two different workflows.

Combine lint and deploy into a single workflow#

In a release pipeline, you want to prevent deploying code if linting fails. So, you need to combine the two workflows into one.

Add Ansible lint to the deploy ansible workflow.

1. Open .github/workflows/deploy_ansible.yml.
2. Add the build job from the lint workflow before the deploy job.

You can review the .github/workflows/lint.yml and .github/workflows/deploy_ansible.yml for the build and deploy jobs, respectively.

3. Add needs: build to the deploy job.
4. Delete .github/workflows/lint.yml.
5. Add, commit, and push the changes.

Solution
The solution to this challenge is provided in the Solution directory. Try it yourself first and compare your solution with the provided solution.

In this lesson, we introduced failure exit code, how you can reduce the execution time of your workflows, and how to combine the two workflows, deploy ansible and lint.