From 6131f838c25bb5d5f742e1ba3eab604939487c47 Mon Sep 17 00:00:00 2001 From: "J.P. Krauss" Date: Thu, 14 Aug 2025 07:27:55 -0700 Subject: [PATCH] feat: add ansible-playbook command --- action.yml | 16 +++++--------- entrypoint.sh | 59 ++++++++++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 61 insertions(+), 14 deletions(-) diff --git a/action.yml b/action.yml index 2506e8e..6d556d4 100644 --- a/action.yml +++ b/action.yml @@ -20,8 +20,8 @@ inputs: description: Ansible playbook filepath required: true inventory: - description: Ansible inventory filepath - required: true + description: Ansible inventory expression or filepath (multiple lines will be converted to a file) + required: false requirements: description: Ansible Galaxy requirements filepath required: false @@ -34,15 +34,6 @@ inputs: vault_password: description: The password used for decrypting vaulted files required: false - private_key: - description: SSH private key used to connect to the host - required: false - known_hosts: - description: Contents of SSH known_hosts file - required: false - options: - description: Extra options that should be passed to ansible-playbook command - required: false become: description: Set to "true" if root is required for running your playbook required: false @@ -51,6 +42,9 @@ inputs: description: Set to "true" to enable check (dry-run) mode required: false default: false + options: + description: Extra options that should be passed to ansible-playbook command + required: false runs: using: docker image: Dockerfile diff --git a/entrypoint.sh b/entrypoint.sh index e35f419..8e0449d 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -25,7 +25,7 @@ if [ -z "${INPUT_INVENTORY:-}" ] ; then exit 1 fi -# Setup Variables +# Setup Provisioner Variables provisioner_name=${INPUT_PKI_PROVISIONER_NAME:-"ansible"} provisioner_password=${INPUT_PKI_PROVISIONER_PASSWORD} default_cert_subject="ansible-kraussnet-action-runner@$(hostname -f)" @@ -53,5 +53,58 @@ step ssh certificate "${user_cert_subject}" ~/.ssh/id_ecdsa.pub --sign --provisi echo "Obtained User Certificate from CA" ssh-keygen -L -f ~/.ssh/id_ecdsa-cert.pub -# Run a test command (will be replaced with the Ansible command) -ssh ansible@rpi-ns1.lan.kraussnet.com 'echo "Hello from $(hostname -f)"' +# Process the inventory parameter +inventory="" +if [ "${INPUT_INVENTORY}" =~ $'\n' ] ; then + echo "${INPUT_INVENTORY}" > /tmp/inventory + inventory="/tmp/inventory" +else + inventory="${INPUT_INVENTORY}" +fi +echo "Using inventory ${inventory}" + +# Process Ansible Galaxy requirements +if [ ! -z "${INPUT_REQUIREMENTS:-}" ] ; then + ansible-galaxy install -r "${INPUT_REQUIREMENTS}" + echo "Installed Galaxy Dependencies" +fi + +# Change the working directory +if [ ! - z "${INPUT_DIRECTORY:-}" ] ; then + cd "${INPUT_DIRECTORY}" + echo "Changed working directory to $(pwd)" +fi + +# Process Ansible Configuration +if [ ! -z "${INPUT_CONFIGURATION:-}" ] ; then + if [ -f ./ansible.cfg ] ; then + echo "An existing ansible.cfg file is in the current working directory" + exit 1 + fi + + echo "${INPUT_CONFIGURATION}" > ./ansible.cfg + echo "Created $(pwd)/ansible.cfg" +fi + +# Setup and Run Ansible Playbook +cmd="" +become="${INPUT_BECOME:-false}" +check_mode="${INPUT_CHECK_MODE:-false}" + +if [ "${become,,}" == "true" ] ; then + cmd="${cmd} -b" +fi + +if [ "${check_mode,,}" == "true" ] ; then + cmd="${cmd} --check" +fi + +if [ ! -z "${INPUT_VAULT_PASSWORD:-}" ] ; then + echo "${INPUT_VAULT_PASSWORD}" > /tmp/vault_password + cmd="${cmd} --vault-password-file /tmp/vault_password" +fi + +cmd="${cmd} --inventory ${inventory} ${INPUT_PLAYBOOK}" +print "Ansible Command: ansible-playbook ${cmd}" + +ansible-playbook $cmd