Skip to content

lennysh/aap-execution-environments

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
collections
collections
 
 
roles/build_ee
roles/build_ee
 
 
tasks
tasks
 
 
vars
vars
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build_multiple_ees.yml
build_multiple_ees.yml
 
 
build_single_ee.yml
build_single_ee.yml
 
 

Repository files navigation

Ansible Execution Environment (EE) Builder

This repository contains Ansible automation to build custom Execution Environments (EEs) for use with Ansible Automation Platform (or ansible-navigator). It uses ansible-builder to assemble the EEs based on definition files and pushes them to a container registry.

Table of Contents

Prerequisites

Before you begin, ensure you have the following tools installed on your system:

  • ansible-core
  • ansible-builder
  • podman (or another compatible container engine)
  • ansible-vault

You will also need one or more Ansible collections:

ansible-galaxy collection install -r collections/requirements.yml

Configuration

Ansible Vault

This project uses Ansible Vault to manage sensitive registry credentials.

  1. Create the Vault File: Create a file named .vault.yml in the root of the repository with the following content:

    ---
# Credentials for the source registry (e.g., registry.redhat.io)
registry_name: "registry.redhat.io"
registry_user: "" # Your Red Hat username/service account
registry_pass: "" # Your Red Hat password/service account token
registry_token: "" # Your Red Hat Offline Token for Ansible Galaxy

# Credentials for the destination registry (e.g., quay.io)
dest_registry_name: "quay.io"
dest_registry_user: "" # Your destination registry username
dest_registry_pass: "" # Your destination registry password/token

  2. Create a Vault Password File: The ansible.cfg in this repository is configured to use a vault password file named .vault_pass.txt. Create this file and add your vault password to it.

    echo "your_super_secret_vault_password" > .vault_pass.txt

  3. Encrypt the Vault File: Encrypt the .vault.yml file using ansible-vault.

    ansible-vault encrypt .vault.yml --vault-password-file .vault_pass.txt

Usage

Building an Execution Environment

To build an EE, run the build_ee.yml playbook and specify which EE definition file you want to use with the ee_vars_file extra variable.

Example:

To build the ee-casc-rhel9 environment for Ansible Automation Platform 2.6, run the following command:

ansible-playbook build_ee.yml --extra-vars "ee_vars_file=vars/ansible-automation-platform-26/ee-casc-rhel9.yml"

The playbook will build the container image and push it to the destination registry specified in your .vault.yml file (e.g., quay.io/lshirley/ansible-automation-platform-26/ee-casc-rhel9).

Available Execution Environments

The definitions for the execution environments are located in the vars/ directory.

Name Purpose Notes Ansible Core OS Var File Public Repo
ansible-automation-platform-24/ee-casc-rhel8-git Config as Code for AAP 2.4 Collections pulled from Public Git Repos 2.16.x RHEL 8 Link Link
ansible-automation-platform-24/ee-casc-rhel8 Config as Code for AAP 2.4 Collections pulled from RH Console 2.16.x RHEL 8 Link Link
ansible-automation-platform-24/ee-casc-rhel9-git Config as Code for AAP 2.4 Collections pulled from Public Git Repos 2.16.x RHEL 9 Link Link
ansible-automation-platform-24/ee-casc-rhel9 Config as Code for AAP 2.4 Collections pulled from RH Console 2.16.x RHEL 9 Link Link
ansible-automation-platform-25/ee-casc-rhel8-git Config as Code for AAP 2.5 Collections pulled from Public Git Repos 2.16.x RHEL 8 Link Link
ansible-automation-platform-25/ee-casc-rhel8 Config as Code for AAP 2.5 Collections pulled from RH Console 2.16.x RHEL 8 Link Link
ansible-automation-platform-25/ee-casc-rhel9-git Config as Code for AAP 2.5 Collections pulled from Public Git Repos 2.16.x RHEL 9 Link Link
ansible-automation-platform-25/ee-casc-rhel9 Config as Code for AAP 2.5 Collections pulled from RH Console 2.16.x RHEL 9 Link Link
ansible-automation-platform-26/ee-casc-rhel9-git Config as Code for AAP 2.6 Collections pulled from Public Git Repos 2.16.x RHEL 9 Link Link
ansible-automation-platform-26/ee-casc-rhel9 Config as Code for AAP 2.6 Collections pulled from RH Console 2.16.x RHEL 9 Link Link
ee-proxmox-rhel9 Dynamic Proxmox Inventory 2.17.x RHEL 9 Link Link
ee-unifi-rhel9 Dynamic UniFi Inventory 2.17.x RHEL 9 Link Link
ee-xorriso-rhel9 Building ISO's 2.15.x RHEL 9 Link Link

How It Works

  1. The build_ee.yml playbook is the main entry point.
  2. It includes the variable file specified by ee_vars_file to get the specific EE definition.
  3. It calls the build_ee role.
  4. The role creates a _build directory and templates out the necessary files for ansible-builder, including execution-environment.yml, requirements.txt, etc.
  5. It runs the ansible-builder build command to create the container image.
  6. Finally, it tags the new image with latest and a timestamp, and pushes both tags to the destination registry.

Give credit where credit is due

  • My build_ee role is a tweaked version I got from Alex Dworjan's repo here. Please be sure to give him a shout out!

License

This project is licensed under the MIT License. See the LICENSE file for details.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Contributors

Languages