kraussnet/kraussnet-ansible-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: update Docker image to pass initial checks

Browse Source
This commit is contained in:
Jonathan Krauss
2025-08-14 07:46:08 -07:00
parent 6131f838c2
commit 4a43ab51ff
3 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile
View File

@@ -1,7 +1,9 @@
FROM alpine:3.22
RUN apk update && \
apk add ansible bash openssh-client py3-pip step-cli
apk add ansible bash git openssh-client py3-pip step-cli
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
WORKDIR /workspace
ENTRYPOINT ["/entrypoint.sh"]

3
action.yml
View File

@@ -34,6 +34,9 @@ inputs:
vault_password:
description: The password used for decrypting vaulted files
required: false
remote_user:
description: The username to use when connecting to remote hosts (defaults to 'ansible')
required: false
become:
description: Set to "true" if root is required for running your playbook
required: false

11
entrypoint.sh
View File

@@ -39,7 +39,7 @@ echo "Bootstrapped PKI at ${INPUT_PKI_CA_URL}"
# Obtain the Host Certificate
[ ! -d ~/.ssh ] && mkdir ~/.ssh
echo "@cert-authority *.kraussnet.com $(step ssh config --host --roots)" > ~/.ssh/known_hosts
echo "@cert-authority * $(step ssh config --host --roots)" > ~/.ssh/known_hosts
echo "Obtained SSH Host Certificate Authority"
# Obtain a User Certificate for Ansible
@@ -55,7 +55,7 @@ ssh-keygen -L -f ~/.ssh/id_ecdsa-cert.pub
# Process the inventory parameter
inventory=""
if [ "${INPUT_INVENTORY}" =~ $'\n' ] ; then
if [[ "${INPUT_INVENTORY}" =~ $'\n' ]] ; then
echo "${INPUT_INVENTORY}" > /tmp/inventory
inventory="/tmp/inventory"
else
@@ -70,7 +70,7 @@ if [ ! -z "${INPUT_REQUIREMENTS:-}" ] ; then
fi
# Change the working directory
if [ ! - z "${INPUT_DIRECTORY:-}" ] ; then
if [ ! -z "${INPUT_DIRECTORY:-}" ] ; then
cd "${INPUT_DIRECTORY}"
echo "Changed working directory to $(pwd)"
fi
@@ -87,10 +87,11 @@ if [ ! -z "${INPUT_CONFIGURATION:-}" ] ; then
fi
# Setup and Run Ansible Playbook
cmd=""
become="${INPUT_BECOME:-false}"
check_mode="${INPUT_CHECK_MODE:-false}"
remote_user="${INPUT_REMOTE_USER:-ansible}"
cmd="-u ${remote_user}"
if [ "${become,,}" == "true" ] ; then
cmd="${cmd} -b"
fi
@@ -105,6 +106,6 @@ if [ ! -z "${INPUT_VAULT_PASSWORD:-}" ] ; then
fi
cmd="${cmd} --inventory ${inventory} ${INPUT_PLAYBOOK}"
print "Ansible Command: ansible-playbook ${cmd}"
echo "Ansible Command: ansible-playbook ${cmd}"
ansible-playbook $cmd