feat: add ansible-playbook command

action.yml

@@ -20,8 +20,8 @@ inputs:
     description: Ansible playbook filepath
     required: true
   inventory:
-    description: Ansible inventory filepath
-    required: true
+    description: Ansible inventory expression or filepath (multiple lines will be converted to a file)
+    required: false
   requirements:
     description: Ansible Galaxy requirements filepath
     required: false
@@ -34,15 +34,6 @@ inputs:
   vault_password:
     description: The password used for decrypting vaulted files
     required: false
-  private_key:
-    description: SSH private key used to connect to the host
-    required: false
-  known_hosts:
-    description: Contents of SSH known_hosts file
-    required: false
-  options:
-    description: Extra options that should be passed to ansible-playbook command
-    required: false
   become:
     description: Set to "true" if root is required for running your playbook
     required: false
@@ -51,6 +42,9 @@ inputs:
     description: Set to "true" to enable check (dry-run) mode
     required: false
     default: false
+  options:
+    description: Extra options that should be passed to ansible-playbook command
+    required: false
 runs:
   using: docker
   image: Dockerfile

entrypoint.sh

@@ -25,7 +25,7 @@ if [ -z "${INPUT_INVENTORY:-}" ] ; then
     exit 1
 fi
 
-# Setup Variables
+# Setup Provisioner Variables
 provisioner_name=${INPUT_PKI_PROVISIONER_NAME:-"ansible"}
 provisioner_password=${INPUT_PKI_PROVISIONER_PASSWORD}
 default_cert_subject="ansible-kraussnet-action-runner@$(hostname -f)"
@@ -53,5 +53,58 @@ step ssh certificate "${user_cert_subject}" ~/.ssh/id_ecdsa.pub --sign --provisi
 echo "Obtained User Certificate from CA"
 ssh-keygen -L -f ~/.ssh/id_ecdsa-cert.pub
 
-# Run a test command (will be replaced with the Ansible command)
-ssh ansible@rpi-ns1.lan.kraussnet.com 'echo "Hello from $(hostname -f)"'
+# Process the inventory parameter
+inventory=""
+if [ "${INPUT_INVENTORY}" =~ $'\n' ] ; then
+    echo "${INPUT_INVENTORY}" > /tmp/inventory
+    inventory="/tmp/inventory"
+else
+    inventory="${INPUT_INVENTORY}"
+fi
+echo "Using inventory ${inventory}"
+
+# Process Ansible Galaxy requirements
+if [ ! -z "${INPUT_REQUIREMENTS:-}" ] ; then
+    ansible-galaxy install -r "${INPUT_REQUIREMENTS}"
+    echo "Installed Galaxy Dependencies"
+fi
+
+# Change the working directory
+if [ ! - z "${INPUT_DIRECTORY:-}" ] ; then
+    cd "${INPUT_DIRECTORY}"
+    echo "Changed working directory to $(pwd)"
+fi
+
+# Process Ansible Configuration
+if [ ! -z "${INPUT_CONFIGURATION:-}" ] ; then
+    if [ -f ./ansible.cfg ] ; then
+        echo "An existing ansible.cfg file is in the current working directory"
+        exit 1
+    fi
+
+    echo "${INPUT_CONFIGURATION}" > ./ansible.cfg
+    echo "Created $(pwd)/ansible.cfg"
+fi
+
+# Setup and Run Ansible Playbook
+cmd=""
+become="${INPUT_BECOME:-false}"
+check_mode="${INPUT_CHECK_MODE:-false}"
+
+if [ "${become,,}" == "true" ] ; then
+    cmd="${cmd} -b"
+fi
+
+if [ "${check_mode,,}" == "true" ] ; then
+    cmd="${cmd} --check"
+fi
+
+if [ ! -z "${INPUT_VAULT_PASSWORD:-}" ] ; then
+    echo "${INPUT_VAULT_PASSWORD}" > /tmp/vault_password
+    cmd="${cmd} --vault-password-file /tmp/vault_password"
+fi
+
+cmd="${cmd} --inventory ${inventory} ${INPUT_PLAYBOOK}"
+print "Ansible Command: ansible-playbook ${cmd}"
+
+ansible-playbook $cmd