From d350c525d7212fb1288fc6309fbc8ebc5a9de263 Mon Sep 17 00:00:00 2001
From: Macley <26381427+Macleykun@users.noreply.github.com>
Date: Tue, 18 Feb 2025 19:47:28 +0100
Subject: [PATCH] prettier readme
---
Containerfile | 110 ++++++++++++++--------------
README.md | 45 +++---------
ansible-navigator.yml | 164 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 230 insertions(+), 89 deletions(-)
create mode 100644 ansible-navigator.yml
diff --git a/Containerfile b/Containerfile
index 744f5f5..d02d94d 100644
--- a/Containerfile
+++ b/Containerfile
@@ -1,62 +1,62 @@
######################################### BUILD #########################################
FROM python:alpine as builder
+
+# Add configuration files
+COPY requirements/apk.build.list requirements/pip.list /requirements/
- # Add configuration files
- COPY requirements/apk.build.list requirements/pip.list /requirements/
-
- # Install system build dependencies
- RUN apk add --update --no-cache $(cat /requirements/apk.build.list)
- RUN python -m venv /opt/ansible_venv/ && PATH=/opt/ansible_venv/bin:${PATH} \
- pip install --upgrade --no-cache-dir --requirement requirements/pip.list
-
+# Install system build dependencies
+RUN apk add --update --no-cache $(cat /requirements/apk.build.list)
+RUN python -m venv /opt/ansible_venv/ && PATH=/opt/ansible_venv/bin:${PATH} \
+ pip install --upgrade --no-cache-dir --requirement requirements/pip.list
+
######################################### RUNNER #########################################
FROM python:alpine
-
- # Directory for executing Playbooks
- WORKDIR /runner/
-
- # Add non-root user
- ARG USER=ansible && \
- GROUP=ansible && \
- UID=1000 && \
- GID=1000
- RUN addgroup ${GROUP} --gid ${GID} && \
- adduser ${USER} --uid ${UID} \
- --ingroup "${GROUP}" \
- --disabled-password && \
- chown ${USER}:${GROUP} /runner/ /home/"${USER}"/
-
- # Add requirements
- COPY requirements/apk.list requirements/pip.list requirements/ansible.yaml /requirements/
-
- RUN apk add --update --no-cache $(cat /requirements/apk.list) && \
- ln -s /usr/local/bin/python3 /usr/bin/python3 && \
- pip install --upgrade --no-cache-dir $(grep ansible-core /requirements/pip.list) # Needed for ansible-navigator
-
- # Copy python environment (Ansible required args and scripts)
- ENV PATH=/opt/ansible_venv/bin:${PATH} \
- ANSIBLE_ROLES_PATH=roles:/runner/roles:/usr/share/ansible/roles \
- ANSIBLE_COLLECTIONS_PATH=collections:/runner/collections:/usr/share/ansible/collections \
- ANSIBLE_LOCAL_TEMP=/tmp \
- ANSIBLE_INVENTORY_PLUGINS=/runner/project/plugins \
- ANSIBLE_SSH_ARGS="-o ControlMaster=auto -o ControlPersist=60s" \
- ANSIBLE_SSH_PIPELINING=True \
- ANSIBLE_HASH_BEHAVIOUR=merge
-# ANSIBLE_SSH_HOST_KEY_CHECKING=False \
-
- COPY --from=builder /opt/ansible_venv/ /opt/ansible_venv/
-
- ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS=
- ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS=
- RUN ansible-galaxy role install ${ANSIBLE_GALAXY_CLI_ROLE_OPTS} --role-file /requirements/ansible.yaml \
- --roles-path "/usr/share/ansible/roles" && \
- ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install ${ANSIBLE_GALAXY_CLI_COLLECTION_OPTS} \
- --requirements-file /requirements/ansible.yaml --collections-path "/usr/share/ansible/collections" && \
- chmod -R a=rX /usr/share/ansible
-
- ENV HOME=/home/"${USER}"
-
- # Switch to non-root user
- USER ${UID}:${GID}
\ No newline at end of file
+
+LABEL org.opencontainers.image.description Just a really small Ansible Execution Environment that is easily customizable and maintainable withoud using the bloated ansible-builder ;)
+
+# Directory for executing Playbooks
+WORKDIR /runner/
+
+# Add non-root user
+ARG USER=ansible && \
+ GROUP=ansible && \
+ UID=1000 && \
+ GID=1000
+RUN addgroup ${GROUP} --gid ${GID} && \
+ adduser ${USER} --uid ${UID} \
+ --ingroup "${GROUP}" \
+ --disabled-password && \
+ chown ${USER}:${GROUP} /runner/ /home/"${USER}"/
+
+# Add requirements
+COPY requirements/apk.list requirements/pip.list requirements/ansible.yaml /requirements/
+
+RUN apk add --update --no-cache $(cat /requirements/apk.list) && \
+ ln -s /usr/local/bin/python3 /usr/bin/python3 && \
+ pip install --upgrade --no-cache-dir $(grep ansible-core /requirements/pip.list) # Needed for ansible-navigator
+
+# Copy python environment (Ansible required args and scripts)
+ENV PATH=/opt/ansible_venv/bin:${PATH} \
+ ANSIBLE_ROLES_PATH=roles:/runner/roles:/usr/share/ansible/roles \
+ ANSIBLE_COLLECTIONS_PATH=collections:/runner/collections:/usr/share/ansible/collections \
+ ANSIBLE_LOCAL_TEMP=/tmp \
+ ANSIBLE_INVENTORY_PLUGINS=/runner/project/plugins \
+ ANSIBLE_SSH_ARGS="-o ControlMaster=auto -o ControlPersist=60s" \
+ ANSIBLE_SSH_PIPELINING=True \
+ ANSIBLE_HASH_BEHAVIOUR=merge
+ ANSIBLE_SSH_HOST_KEY_CHECKING=False \
+COPY --from=builder /opt/ansible_venv/ /opt/ansible_venv/
+
+ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS=
+ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS=
+RUN ansible-galaxy role install ${ANSIBLE_GALAXY_CLI_ROLE_OPTS} --role-file /requirements/ansible.yaml \
+ --roles-path "/usr/share/ansible/roles" && \
+ ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install ${ANSIBLE_GALAXY_CLI_COLLECTION_OPTS} \
+ --requirements-file /requirements/ansible.yaml --collections-path "/usr/share/ansible/collections" && \
+ chmod -R a=rX /usr/share/ansible
+ENV HOME=/home/"${USER}"
+
+# Switch to non-root user
+USER ${UID}:${GID}
\ No newline at end of file
diff --git a/README.md b/README.md
index 87d2538..acdb2c2 100644
--- a/README.md
+++ b/README.md
@@ -1,35 +1,13 @@
Thanks to [justsomescripts](https://github.com/justsomescripts/ansible-ee-alpine) for the initial setup!
+[](https://github.com/Macleykun/ansible-ee-alpine/actions/workflows/docker-publish.yml)
+[](https://github.com/Macleykun/ansible-ee-alpine/pkgs/container/ansible-ee-alpine/358082990?tag=main)
+[](https://github.com/Macleykun/ansible-ee-alpine/pkgs/container/ansible-ee-alpine/358082990?tag=main)
-
-
-
-
-
-
-
-[](https://github.com/justsomescripts/ansible-ee-alpine/actions/workflows/container.yml)
-[](https://hub.docker.com/r/justsomescripts/ansible-ee-alpine)
-[](https://hub.docker.com/r/justsomescripts/ansible-ee-alpine)
-
-
# Alpine Ansible Execution Environment
This repository provides an alternative to the official CentOS-based Ansible [Execution Environments](https://docs.ansible.com/automation-controller/latest/html/userguide/execution_environments.html). Being based on Alpine, it aims to be more lightweight and runs with a non-root user by default.
-
-## đ Table of Contents
-
-- [âšī¸ About The Project](#âšī¸-about-the-project)
-- [âī¸ Getting Started](#ī¸-getting-started)
-- [đ Usage](#-usage)
-- [đ¤ Contributing](#-contributing)
-- [đ License](#-license)
-- [đŦ Contact](#-contact)
-
-
-(back to top)
-
## âšī¸ About The Project
This project provides container images for Ansible [Execution Environments](https://docs.ansible.com/automation-controller/latest/html/userguide/execution_environments.html) based on [Alpine Linux](https://www.alpinelinux.org/).
@@ -40,21 +18,20 @@ This project provides container images for Ansible [Execution Environments](http
- simpler Containerfile
- small Container image
- easy to use without ansible-runner
-
-(back to top)
+- easy to tweak what pip packages and collections you want to include
## âī¸ Getting Started
-TBD
+```bash
+ansible-navigator collections -m interactive # by default we use the stdout mode in the config
+```
-## đ Usage
+Generally make a hosts file to a remote host you already have ssh'd into and also setup an example playbook where you use the ping module. Run it with: `ansible-navigator run test-playbook.yml` and enjoy the output!
-TBD
+## đ Usage
-(back to top)
+See the ansible-navigator.yml file! It's configured that you can use your own private keys from your host easily and not leave logging/artefacts behind.
## đŦ Contact
-David Gries - [@dgries](https://www.linkedin.com/in/dgries/) - mail@dgries.de
-
-(back to top)
+Through GitHub only please :)
\ No newline at end of file
diff --git a/ansible-navigator.yml b/ansible-navigator.yml
new file mode 100644
index 0000000..c508a77
--- /dev/null
+++ b/ansible-navigator.yml
@@ -0,0 +1,164 @@
+---
+ansible-navigator:
+# ansible:
+# config:
+# # Help options for ansible-config command in stdout mode
+# help: False
+# # Specify the path to the ansible configuration file
+# path: ./ansible.cfg
+# # Extra parameters passed to the corresponding command
+# cmdline: "--forks 15"
+# doc:
+# # Help options for ansible-doc command in stdout mode
+# help: False
+# plugin:
+# # Specify the plugin name
+# name: debug
+# # Specify the plugin type, 'become', 'cache', 'callback', 'cliconf',
+# # 'connection', 'filter', 'httpapi', 'inventory', 'keyword', 'lookup',
+# # 'module', 'netconf', 'role', 'shell', 'strategy', 'test' or 'vars'
+# type: module
+# inventory:
+# # Help options for ansible-inventory command in stdout mode
+# help: True
+# # Specify an inventory file path or comma separated host list
+# entries:
+# - host1,
+# - router1,router2
+# - inventory.yml
+# playbook:
+# # Help options for ansible-playbook command in stdout mode
+#
+# help: False
+# # Specify the playbook name
+# path: site.yml
+# ansible-builder:
+# # Help options for ansible-builder command in stdout mode
+# help: False
+# # Specify the path that contains ansible-builder manifest files
+# workdir: /tmp/
+# ansible-lint:
+# # Specify the path to the ansible-lint configuration file
+# config: ~/lint-config.yml
+# # Path to files on which to run ansible-lint
+# lintables: ~/myproject/
+# ansible-runner:
+# # The directory path to store artifacts generated by ansible-runner
+# artifact-dir: ./runner-artifacts
+# # Keep ansible-runner artifact directories, for last n runs, if set to 0
+# # artifact directories won't be deleted
+# rotate-artifacts-count: 10
+# # The timeout value after which ansible-runner will forcefully stop the
+# # execution
+# timeout: 300
+# # Write ansible-runner job_events in the artifact directory
+# job-events: True
+# # Subcommands
+# app: welcome
+# # The path to collection doc cache
+# collection-doc-cache-path: $HOME/.cache/ansible-navigator/collection_doc_cache.db
+# color:
+# # Enable the use of color for mode interactive and stdout
+# enable: True
+# # Enable or disable terminal color changing support with OSC 4
+# osc4: True
+# editor:
+# # Specify the editor command
+# command: vim_from_setting
+# # Specify if the editor is console based
+# console: False
+# # Enable prompts for password and in playbooks. This will set mode to
+# # stdout and disable playbook artifact creation
+# enable-prompts: False
+# exec:
+# # Specify the exec command should be run in a shell
+# shell: True
+# # Specify the command to run within the execution environment
+# command: /bin/bash
+ execution-environment:
+# # Specify the container engine (auto=podman then docker)
+# container-engine: auto
+# # Extra parameters passed to the container engine command
+# container-options:
+# - "--net=host"
+# # Enable or disable the use of an execution environment
+# enabled: True
+# environment-variables:
+# # Specify an existing environment variable to be passed through to and
+# # set within the execution environment (--penv MY_VAR)
+# pass:
+# - ONE
+# - TWO
+# - THREE
+# # Specify an environment variable and a value to be set within the
+# # execution environment (--senv MY_VAR=42)
+# set:
+# KEY1: VALUE1
+# KEY2: VALUE2
+# KEY3: VALUE3
+# # Specify the name of the execution environment image
+ image: ghcr.io/macleykun/ansible-ee-alpine:main
+ pull:
+# # Specify any additional parameters that should be added to the pull
+# # command when pulling an execution environment from a container
+# # registry. e.g. --pa='--tls-verify=false'
+# arguments:
+# - "--tls-verify=false"
+# # Specify the image pull policy always:Always pull the image,
+# # missing:Pull if not locally available, never:Never pull the image,
+# # tag:if the image tag is 'latest', always pull the image, otherwise
+# # pull if not locally available
+ policy: missing
+# # Specify volume to be bind mounted within an execution environment
+# # (--eev /home/user/test:/home/user/test:Z)
+ volume-mounts: # Mount private keys and host fingerprints
+ - src: "~/.ssh"
+ dest: "/home/ansible/.ssh"
+ options: "Z"
+# # Specify the format for stdout output.
+# format: json
+# images:
+# # Provide detailed information about the selected execution environment
+# # image
+# details:
+# - ansible_collections
+# - ansible_version
+# # Specify a host attribute to show in the inventory view
+# inventory-columns:
+# - ansible_network_os
+# - ansible_network_cli_ssh_type
+# - ansible_connection
+ logging:
+# # Specify the ansible-navigator log level
+ #level: debug
+# # Specify if log messages should be appended to an existing log file,
+# # otherwise a new log file will be created per session
+# append: False
+# # Specify the full path for the ansible-navigator log file
+ file: /dev/null
+# # Specify the user-interface mode
+ mode: stdout # To view collections: ansible-navigator collections -m interactive
+ playbook-artifact:
+ # Enable or disable the creation of artifacts for completed playbooks.
+# # Note: not compatible with '--mode stdout' when playbooks require user
+# # input
+ enable: False
+# # Specify the path for the playbook artifact to replay
+# replay: /tmp/test_artifact.json
+# # Specify the name for artifacts created from completed playbooks. The
+# # following placeholders are available: {playbook_dir}, {playbook_name},
+# # {playbook_status}, and {time_stamp}
+# save-as: "{playbook_dir}/{playbook_name}-artifact-{time_stamp}.json"
+# settings:
+# # Show the effective settings. Defaults, CLI parameters, environment
+# # variables, and the settings file will be combined
+# effective: False
+# # Generate a sample settings file
+# sample: False
+# # Generate a schema for the settings file ('json'= draft-07 JSON Schema)
+# schema: json
+# # Show the source of each current settings entry
+# sources: False
+# # Specify the IANA time zone to use or 'local' to use the system time
+# # zone
+# time-zone: UTC
\ No newline at end of file