1
0
mirror of https://github.com/tektoncd/catalog.git synced 2024-11-27 06:27:23 +00:00
catalog/ansible-tower-cli
ishani2412 c89d3965b7 Improve Readme.md
PR to improve the Readme.md migrating the install task URL from
master to v1beta1

Signed-off-by: ishani2412 <ishani.1613039@kiet.edu>
2020-06-02 09:03:51 +01:00
..
ansible-tower-cli-task.yaml Port ansible-tower-cli to v1beta1 🦇 2020-03-06 07:49:46 -06:00
Dockerfile Adding the OWNERS and the Dockerfile for the custom image 2019-12-03 04:22:37 -06:00
OWNERS Adding the OWNERS and the Dockerfile for the custom image 2019-12-03 04:22:37 -06:00
README.md Improve Readme.md 2020-06-02 09:03:51 +01:00

Ansible Tower CLI Task

Ansible Tower (formerly AWX) is a web-based solution that makes Ansible even more easy to use for IT teams of all kinds, It provides the tower-cli(Tower-CLI) command line tool that simplifies the tasks of starting jobs, workflow jobs, manage users, projects etc.

Install the Task

Install tower-cli task:

kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/v1beta1/ansible-tower-cli/ansible-tower-cli-task.yaml

Parameters

  • ARGS: args to execute which are appended to tower-cli e.g. user-list (default: --help)
  • SSLVERIFY: args to disable Tower SSL verification (default: false)
  • HOST: The Ansible Tower HOST
  • tower-secret: the name of the secret containing the user and password for authentication on the ansible tower host (default: tower-creds)

Tower-Secret

This is a secret example with USER and PASS information that are going to be used by the task

kind: Secret
apiVersion: v1
metadata:
   name: tower-creds
   namespace: ansible-tower-pipelines-test
   selfLink: /api/v1/namespaces/ansible-tower-pipelines-test/secrets/tower-creds
   uid: 024681c0-f4e8-11e9-81e2-52fdfc072182
   resourceVersion: '721636'
   creationTimestamp: '2019-10-22T16:21:31Z'
data:
   PASS: YWRtaW50b3dlcg==
   USER: YWRtaW4=
type: Opaque

To create a secret you can use the following command

kubectl create secret generic tower-creds --from-literal=username=TOWER_USER --from-literal=password=TOWER_USER_PASSWORD

ServiceAccount

If you don't specify a service account to be used for running the TaskRun or PipelineRun, the default service account. OpenShift by default does not allow the default service account to modify objects in the namespace. Therefore you should either explicitly grant permission to the default service account (by creating rolebindings) or create a new service account with sufficient privileges and specify it on the TaskRun or PipelineRun.

You can do the former via oc and running the following command, replacing <namespace> with your target namespace:

oc policy add-role-to-user edit -z default -n <namespace>

Usage

This is a pipeline example passing the required credentials, and a list of arguments to the ARGS array variable.

apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: tower-cli-example
spec:
  tasks:
  - name: tower
    taskRef:
      name: ansible-tower-cli
    params:
     - name: SSLVERIFY
       value: "false"
     - name: HOST
       value: "10.8.109.202"
     - name: tower-secret
       value: "tower-creds"
     - name: ARGS
       value:
         - user
         - list