Our Red Hat Ansible projects drift to the Ansible Tower. I found that it much faster to do quick fixes and debug playbooks from the server rather than go through the full chain VSCode -> Git -> Tower. Well, to be productive, I automated the automation.
There are a few differences between Ansible books, and Ansible Tower projects the should be covered:
- The script should dynamically identify inventory. Our Tower project includes inventory. We keep a lot of information in group and host variables, and it's always an inventory.yml or inventory folder with host and group variables.
- Update roles from the code repository. Our Tower projects refer to the custom role repository, using projected dependencies.
- Point to the appropriate Vault credentials. Tower keeps Vault and host credentials separately, so I want to keep using our vaulted variables in the command line as well.
There could be more controls to touch, but this short is good enough to run Ansible Tower projects from the Ansible Controller console with the script below
#!/bin/sh
# Script Emulates Ansible Tower activities
# and runs playbooks from the Ansible controller
# Add project roles to the Ansible roles patch
export ANSIBLE_ROLES_PATH="./roles:${ANSIBLE_ROLES_PATH}"
# Point to the Vault password file
# Outside project scope
export ANSIBLE_VAULT_PASSWORD_FILE=~/.mysecret/.vault.pwd
# Use project invetory if possible
if [ -z "${ANSIBLE_INVENTORY}" ]; then
[ -e inventory* ] && (export ANSIBLE_INVENTORY="$(ls -1|grep inventory)")
fi
# Refresh project roles
ansible-galaxy install -r ./roles/requirements.yml -p .roles -f
# Environment is set, ready to run
ansible-playbook $@
Keep it along with your Ansible Tower project, and you can always run it from command line similar to the example below:
[myself@ansible-ctr tower-prj]$ ./tower-project.sh -vv my-tower-task.yml
Image source is https://www.wallpaperflare.com/three-man-working-together-construction-site-construction-workers-wallpaper-zypij