Ansible Build

Immutable Release Package

The key construct for the Release Train is that all aspects of the release process are predictable and repeatable. To avoid deploy-time variations in Ansible dependencies, playbooks are not downloaded at deploytime, instead they are resolved at build time and packaged into an immutable release package. For a consistent way-of-working, the Ansible build process resolves dependencies and validates the playbooks.

Due to the complexity, a customer build script build.sh is defined, and broken down into the steps below

Sprint Zero

Based on Sprint-Zero, it is critical that a deployment is verifiable by version. A message of the day (motd) file is generated with the build number included so that a user who logs in to the host can verify what version has been applied.

executeExpression "ansible-playbook --version"

echo "[$scriptName] Build the message of the day verification file"; echo
executeExpression "cp -v devops/motd motd.txt"
propertiesList=$(eval "$AUTOMATIONROOT/remote/transform.sh devops/CDAF.solution")
printf "$propertiesList"
eval $propertiesList
cat >> motd.txt <<< "State version : ${artifactPrefix}.${BUILDNUMBER}"
cat motd.txt

Resolve Dependencies

Playbooks are then downloaded to the release.

common_collections='community.general ansible.posix containers.podman'
for common_collection in $common_collections; do
	executeExpression "ansible-galaxy collection install $common_collection $force_install -p ."
done

alt text

Validation

Once all playbooks have been downloaded, syntax is then validated.

for play in `find playbooks/ -maxdepth 1 -type f -name '*.yaml'`; do
	executeExpression "ansible-playbook $play --list-tasks -vv"
	for inventory in `find inventory/ -maxdepth 1 -type f`; do
		echo
		echo "ansible-playbook ${play} -i $inventory --list-hosts -vv"
		echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
		echo
		executeExpression "ansible-playbook ${play} -i $inventory --list-hosts -vv"
	done
done

alt text

Release Package

The deploytime components are then copied into the release package, based on the storeFor definition in your solution directory

# All Deploy-time Playbooks
release

alt text

The playbooks and helper scripts are then packed into a self-extracting release executable as per standard CDAF release build process

alt text