Bläddra i källkod

enhanced playbooks

Christian Lempa 2 år sedan
förälder
incheckning
a823c662b1

+ 42 - 0
kestra/ansible/playbook-inline.yaml

@@ -0,0 +1,42 @@
+---
+# Kestra ansible-playbook Template
+# ---
+#
+# Run an ansible playbook defined inline the kestra flow.
+#
+id: ansible_job
+namespace: # your-namespace
+
+tasks:
+  - id: ansible
+    type: io.kestra.plugin.core.flow.WorkingDirectory
+    tasks:
+      - id: local_files
+        type: io.kestra.core.tasks.storages.LocalFiles
+        inputs:
+          inventory.ini: |
+            srv-demo-1.home.clcreative.de
+          # --> replace with your playbook
+          myplaybook.yml: |
+            ---
+            - hosts: srv-demo-1.home.clcreative.de
+              tasks:
+              - name: upgrade apt packages
+                become: true
+                apt:
+                  upgrade: yes
+                  update_cache: yes
+          # <--
+          id_rsa: "{{ secret('SSH_KEY') }}"
+      - id: ansible_task
+        type: io.kestra.plugin.ansible.cli.AnsibleCLI
+        docker:
+          image: cytopia/ansible:latest-tools
+          user: "1000"  # required to set ssh key permissions
+        env:
+          "ANSIBLE_HOST_KEY_CHECKING": "false"
+          # --> (optional) when using a different remote user
+          # "ANSIBLE_REMOTE_USER": "your-remote-user"
+          # <--
+        commands:
+          - ansible-playbook -i inventory.ini --key-file id_rsa myplaybook.yaml

+ 7 - 4
kestra/ansible-playbook.yaml → kestra/ansible/playbook-password.yaml

@@ -14,17 +14,20 @@ tasks:
       - id: ansible_task
       - id: ansible_task
         namespaceFiles:
         namespaceFiles:
           enabled: true
           enabled: true
-          # Files are to be uploaded to the kestra data directory for the namespace in
-          # <docker volume for kestra-data>/<namespace>/_files/
+          # --> upload your files to the kestra data directory for the namespace in
+          #     <docker volume for kestra-data>/<namespace>/_files/
           include:
           include:
             - inventory.ini
             - inventory.ini
             - myplaybook.yaml
             - myplaybook.yaml
+          # <--
         type: io.kestra.plugin.ansible.cli.AnsibleCLI
         type: io.kestra.plugin.ansible.cli.AnsibleCLI
         docker:
         docker:
           image: cytopia/ansible:latest-tools
           image: cytopia/ansible:latest-tools
         env:
         env:
           "ANSIBLE_HOST_KEY_CHECKING": "false"
           "ANSIBLE_HOST_KEY_CHECKING": "false"
+          # --> (optional) when using a different remote user
+          # "ANSIBLE_REMOTE_USER": "your-remote-user"
+          # <--
         commands:
         commands:
-          # Apk command only required if use ssh passwords.
-          - apk add sshpass
+          - apk add sshpass  # only required if use ssh passwords.
           - ansible-playbook -i inventory.ini myplaybook.yaml
           - ansible-playbook -i inventory.ini myplaybook.yaml

+ 38 - 0
kestra/ansible/playbook-ssh-key.yaml

@@ -0,0 +1,38 @@
+---
+# Kestra ansible-playbook Template
+# ---
+#
+# Run an ansible playbook which has been uploaded to the server, using 
+# ssh key authentication.
+#
+id: ansible_job
+namespace: # your-namespace
+
+tasks:
+  - id: ansible
+    type: io.kestra.plugin.core.flow.WorkingDirectory
+    tasks:
+      - id: load_ssh_key
+        type: io.kestra.core.tasks.storages.LocalFiles
+        inputs:
+          id_rsa: "{{ secret('SSH_KEY') }}"
+      - id: ansible_task
+        namespaceFiles:
+          enabled: true
+          # --> upload your files to the kestra data directory for the namespace in
+          #     <docker volume for kestra-data>/<namespace>/_files/
+          include:
+            - inventory.ini
+            - myplaybook.yaml
+          # <--
+        type: io.kestra.plugin.ansible.cli.AnsibleCLI
+        docker:
+          image: cytopia/ansible:latest-tools
+          user: "1000"  # required to set ssh key permissions
+        env:
+          "ANSIBLE_HOST_KEY_CHECKING": "false"
+          # --> (optional) when using a different remote user
+          # "ANSIBLE_REMOTE_USER": "your-remote-user"
+          # <--
+        commands:
+          - ansible-playbook -i inventory.ini --key-file id_rsa myplaybook.yaml