kraussnet/kraussnet-ansible-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: update Docker image to pass initial checks

Browse Source
This commit is contained in:
Jonathan Krauss
2025-08-14 07:46:08 -07:00
parent 6131f838c2
commit 4a43ab51ff
3 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile
View File

@@ -1,7 +1,9 @@
FROM alpine:3.22 FROM alpine:3.22
RUN apk update && \ RUN apk update && \
apk add ansible bash openssh-client py3-pip step-cli apk add ansible bash git openssh-client py3-pip step-cli
COPY entrypoint.sh /entrypoint.sh COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh RUN chmod +x /entrypoint.sh
WORKDIR /workspace
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]

3
action.yml
View File

@@ -34,6 +34,9 @@ inputs:
vault_password: vault_password:
description: The password used for decrypting vaulted files description: The password used for decrypting vaulted files
required: false required: false
remote_user:
description: The username to use when connecting to remote hosts (defaults to 'ansible')
required: false
become: become:
description: Set to "true" if root is required for running your playbook description: Set to "true" if root is required for running your playbook
required: false required: false

11
entrypoint.sh
View File

@@ -39,7 +39,7 @@ echo "Bootstrapped PKI at ${INPUT_PKI_CA_URL}"
# Obtain the Host Certificate # Obtain the Host Certificate
[ ! -d ~/.ssh ] && mkdir ~/.ssh [ ! -d ~/.ssh ] && mkdir ~/.ssh
echo "@cert-authority *.kraussnet.com $(step ssh config --host --roots)" > ~/.ssh/known_hosts echo "@cert-authority * $(step ssh config --host --roots)" > ~/.ssh/known_hosts
echo "Obtained SSH Host Certificate Authority" echo "Obtained SSH Host Certificate Authority"
# Obtain a User Certificate for Ansible # Obtain a User Certificate for Ansible
@@ -55,7 +55,7 @@ ssh-keygen -L -f ~/.ssh/id_ecdsa-cert.pub
# Process the inventory parameter # Process the inventory parameter
inventory="" inventory=""
if [ "${INPUT_INVENTORY}" =~ $'\n' ] ; then if [[ "${INPUT_INVENTORY}" =~ $'\n' ]] ; then
echo "${INPUT_INVENTORY}" > /tmp/inventory echo "${INPUT_INVENTORY}" > /tmp/inventory
inventory="/tmp/inventory" inventory="/tmp/inventory"
else else
@@ -70,7 +70,7 @@ if [ ! -z "${INPUT_REQUIREMENTS:-}" ] ; then
fi fi
# Change the working directory # Change the working directory
if [ ! - z "${INPUT_DIRECTORY:-}" ] ; then if [ ! -z "${INPUT_DIRECTORY:-}" ] ; then
cd "${INPUT_DIRECTORY}" cd "${INPUT_DIRECTORY}"
echo "Changed working directory to $(pwd)" echo "Changed working directory to $(pwd)"
fi fi
@@ -87,10 +87,11 @@ if [ ! -z "${INPUT_CONFIGURATION:-}" ] ; then
fi fi
# Setup and Run Ansible Playbook # Setup and Run Ansible Playbook
cmd=""
become="${INPUT_BECOME:-false}" become="${INPUT_BECOME:-false}"
check_mode="${INPUT_CHECK_MODE:-false}" check_mode="${INPUT_CHECK_MODE:-false}"
remote_user="${INPUT_REMOTE_USER:-ansible}"
cmd="-u ${remote_user}"
if [ "${become,,}" == "true" ] ; then if [ "${become,,}" == "true" ] ; then
cmd="${cmd} -b" cmd="${cmd} -b"
fi fi
@@ -105,6 +106,6 @@ if [ ! -z "${INPUT_VAULT_PASSWORD:-}" ] ; then
fi fi
cmd="${cmd} --inventory ${inventory} ${INPUT_PLAYBOOK}" cmd="${cmd} --inventory ${inventory} ${INPUT_PLAYBOOK}"
print "Ansible Command: ansible-playbook ${cmd}" echo "Ansible Command: ansible-playbook ${cmd}"
ansible-playbook $cmd ansible-playbook $cmd