catalog

mirror of https://github.com/tektoncd/catalog.git synced 2024-11-22 06:02:51 +00:00

History

Vincent Demeester 323e8d05f1 Update README to change inputs/params levels Signed-off-by: Vincent Demeester <vdemeest@redhat.com>		2020-03-06 09:01:47 -06:00
..
ansible-tower-cli-task.yaml	Port ansible-tower-cli to v1beta1 🦇	2020-03-06 07:49:46 -06:00
Dockerfile	Adding the OWNERS and the Dockerfile for the custom image	2019-12-03 04:22:37 -06:00
OWNERS	Adding the OWNERS and the Dockerfile for the custom image	2019-12-03 04:22:37 -06:00
README.md	Update README to change inputs/params levels	2020-03-06 09:01:47 -06:00

README.md

Ansible Tower CLI Task

Ansible Tower (formerly ‘AWX’) is a web-based solution that makes Ansible even more easy to use for IT teams of all kinds, It provides the tower-cli(Tower-CLI) command line tool that simplifies the tasks of starting jobs, workflow jobs, manage users, projects etc.

Install the Task

Install tower-cli task:

kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/ansible-tower-cli/ansible-tower-cli-task.yaml

Parameters

ARGS: args to execute which are appended to tower-cli e.g. user-list (default: --help)
SSLVERIFY: args to disable Tower SSL verification (default: false)
HOST: The Ansible Tower HOST
tower-secret: the name of the secret containing the user and password for authentication on the ansible tower host (default: tower-creds)

Tower-Secret

This is a secret example with USER and PASS information that are going to be used by the task

kind: Secret
apiVersion: v1
metadata:
   name: tower-creds
   namespace: ansible-tower-pipelines-test
   selfLink: /api/v1/namespaces/ansible-tower-pipelines-test/secrets/tower-creds
   uid: 024681c0-f4e8-11e9-81e2-52fdfc072182
   resourceVersion: '721636'
   creationTimestamp: '2019-10-22T16:21:31Z'
data:
   PASS: YWRtaW50b3dlcg==
   USER: YWRtaW4=
type: Opaque

To create a secret you can use the following command

kubectl create secret generic tower-creds --from-literal=username=TOWER_USER --from-literal=password=TOWER_USER_PASSWORD

ServiceAccount

If you don't specify a service account to be used for running the TaskRun or PipelineRun, the default service account. OpenShift by default does not allow the default service account to modify objects in the namespace. Therefore you should either explicitly grant permission to the default service account (by creating rolebindings) or create a new service account with sufficient privileges and specify it on the TaskRun or PipelineRun.

You can do the former via oc and running the following command, replacing <namespace> with your target namespace:

oc policy add-role-to-user edit -z default -n <namespace>

Usage

This is a pipeline example passing the required credentials, and a list of arguments to the ARGS array variable.

apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: tower-cli-example
spec:
  tasks:
  - name: tower
    taskRef:
      name: ansible-tower-cli
    params:
     - name: SSLVERIFY
       value: "false"
     - name: HOST
       value: "10.8.109.202"
     - name: tower-secret
       value: "tower-creds"
     - name: ARGS
       value:
         - user
         - list