Setting ansible.cfg in Jenkins job

Question

Actually I'm working on creating software deployment jobs which will deploy my software over Ansible roles. The Ansible roles will be executed over a central Jenkins Server to have a GUI for "everybody" who should be able to execute the software deployment.

My Ansible roles and playbooks and so on have their own ansible.cfg which is different to standard ansible configuration under /etc/ansible/ansible.cfg, also /etc/ansible/ansible.cfg will not be changed because it will be used by different Ansible Tasks which need other options.

Now I'm searching for a way how I can set the path to the ansible.cfg file in the Jenkins job. I've already found the Ansible docu (https://docs.ansible.com/ansible/latest/reference_appendices/config.html#ansible-configuration-settings) but I'm not able to set ANSIBLE_CONFIG in the Jenkins Job and also I don't know the "home" of the Jenkins job.

Does anybody had the same problem and has any solution for that? Maybe by setting env vars in Jenkins Job?

EDIT: I've also tried the way over EnvInject Plugin in Jenkins to set ANSIBLE_CONFIG for the build run. Unfortunately with no solution here. I've tried it in the two ways which are described here: How to set environment variables in Jenkins?

That is my output in Jenkins (also tried it without the " " for the path):

Running as SYSTEM
[EnvInject] - Loading node environment variables.
Building in workspace /var/lib/jenkins/workspace/prepare-app-deploy-set-hostgroups
using credential app-deploy-qit-ssh-key
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url git@op-scm.sys.fintechgroup.com:jenkins-ansible-deployments/non-docker-deployment.git # timeout=10
Fetching upstream changes from git@op-scm.sys.fintechgroup.com:jenkins-ansible-deployments/non-docker-deployment.git
 > git --version # timeout=10
using GIT_SSH to set credentials app-deploy-qit SSH Key
 > git fetch --tags --progress git@op-scm.sys.fintechgroup.com:jenkins-ansible-deployments/non-docker-deployment.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/qit^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/qit^{commit} # timeout=10
Checking out Revision 8bfcc1186338670f2e16c60e1f274d399d44c2a2 (refs/remotes/origin/qit)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 8bfcc1186338670f2e16c60e1f274d399d44c2a2
Commit message: "envinject-api und envinject für Jenkins Qit"
 > git rev-list --no-walk c49903a669f19bf04451d9fc933e791e59bd50b5 # timeout=10
[EnvInject] - Executing scripts and injecting environment variables after the SCM step.
[EnvInject] - Injecting as environment variables the properties content 
ANSIBLE_CONFIG="/opt/ansible/non-docker-deployment/ansible.cfg"

[EnvInject] - Variables injected successfully.
[prepare-app-deploy-set-hostgroups] $ /bin/sh -xe /tmp/jenkins4170164383320983136.sh
+ echo '"/opt/ansible/non-docker-deployment/ansible.cfg"'
"/opt/ansible/non-docker-deployment/ansible.cfg"
[prepare-app-deploy-set-hostgroups] $ ansible-playbook /opt/ansible/non-docker-deployment/playbooks/prepare-app-deploy-serial.yml -i /opt/ansible/non-docker-deployment/hosts_qit -f 5 --vault-password-file /var/lib/jenkins/workspace/prepare-app-deploy-set-hostgroups/vault5523069360317322241.password -e @/opt/ansible/non-docker-deployment/vaults/app-deploy-qit.yml -e host=banksystem_ha2_all_qit -e {'javainstall':false,'wildflyinstall':false,'perlinstall':false,'updateos':false,'rebootserver':false}
ERROR! the role 'prepare-app-deploy' was not found in /opt/ansible/non-docker-deployment/playbooks/roles:/root/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/opt/ansible/non-docker-deployment/playbooks

The error appears to be in '/opt/ansible/non-docker-deployment/playbooks/prepare-app-deploy-serial.yml': line 5, column 9, but may
be elsewhere in the file depending on the exact syntax problem.

Background to the error from Ansible side: My roles are saved under a different directory which is set in the separate ansible.cfg. As Ansible can't find the roles I know that the ansible.cfg isn' loaded correct.

EDITEDIT: Here the export of my frestyle project in xml:

<?xml version='1.1' encoding='UTF-8'?>
<project>
  <actions/>
  <description>prepare-app-deploy over ansible on qit instances and set hostgroups by yourself</description>
  <keepDependencies>false</keepDependencies>
  <properties>
    <hudson.model.ParametersDefinitionProperty>
      <parameterDefinitions>
        <com.cwctravel.hudson.plugins.extended__choice__parameter.ExtendedChoiceParameterDefinition plugin="extended-choice-parameter@0.78">
          <name>Hostgruppen</name>
          <description>Hier die Hostgruppen aus dem Ansible inventory auswählen, die vorbereitet werden sollen</description>
          <quoteValue>false</quoteValue>
          <saveJSONParameterToFile>false</saveJSONParameterToFile>
          <visibleItemCount>10</visibleItemCount>
          <type>PT_RADIO</type>
          <value>host1,host2,host3,host4,host5</value>
          <multiSelectDelimiter>,</multiSelectDelimiter>
          <projectName>prepare-app-deploy-set-hostgroups</projectName>
        </com.cwctravel.hudson.plugins.extended__choice__parameter.ExtendedChoiceParameterDefinition>
        <hudson.model.BooleanParameterDefinition>
          <name>javainstall</name>
          <description>Soll Java installiert werden?</description>
          <defaultValue>false</defaultValue>
        </hudson.model.BooleanParameterDefinition>
        <hudson.model.BooleanParameterDefinition>
          <name>wildflyinstall</name>
          <description>Soll Wildfly installiert werden? - nur für Linuxsysteme</description>
          <defaultValue>false</defaultValue>
        </hudson.model.BooleanParameterDefinition>
        <hudson.model.BooleanParameterDefinition>
          <name>perlinstall</name>
          <description>Soll Perl installiert werden?</description>
          <defaultValue>false</defaultValue>
        </hudson.model.BooleanParameterDefinition>
        <hudson.model.BooleanParameterDefinition>
          <name>updateos</name>
          <description>Sollen OS Updates durchgeführt werden? Schließt einen evtl. Reboot des Servers mit ein!</description>
          <defaultValue>false</defaultValue>
        </hudson.model.BooleanParameterDefinition>
        <hudson.model.BooleanParameterDefinition>
          <name>rebootserver</name>
          <description>Soll der Server durchgebootet werden?</description>
          <defaultValue>false</defaultValue>
        </hudson.model.BooleanParameterDefinition>
      </parameterDefinitions>
    </hudson.model.ParametersDefinitionProperty>
    <hudson.plugins.disk__usage.DiskUsageProperty plugin="disk-usage@0.28"/>
    <com.dabsquared.gitlabjenkins.connection.GitLabConnectionProperty plugin="gitlab-plugin@1.5.12">
      <gitLabConnection></gitLabConnection>
    </com.dabsquared.gitlabjenkins.connection.GitLabConnectionProperty>
    <hudson.plugins.jira.JiraProjectProperty plugin="jira@3.0.9"/>
  </properties>
  <scm class="hudson.plugins.git.GitSCM" plugin="git@3.12.0">
    <configVersion>2</configVersion>
    <userRemoteConfigs>
      <hudson.plugins.git.UserRemoteConfig>
        <url>git@op-scm.sys.fintechgroup.com:jenkins-ansible-deployments/non-docker-deployment.git</url>
        <credentialsId>app-deploy-qit-ssh-key</credentialsId>
      </hudson.plugins.git.UserRemoteConfig>
    </userRemoteConfigs>
    <branches>
      <hudson.plugins.git.BranchSpec>
        <name>*/qit</name>
      </hudson.plugins.git.BranchSpec>
    </branches>
    <doGenerateSubmoduleConfigurations>false</doGenerateSubmoduleConfigurations>
    <submoduleCfg class="list"/>
    <extensions>
      <hudson.plugins.git.extensions.impl.RelativeTargetDirectory>
        <relativeTargetDir>/opt/ansible/non-docker-deployment</relativeTargetDir>
      </hudson.plugins.git.extensions.impl.RelativeTargetDirectory>
    </extensions>
  </scm>
  <canRoam>true</canRoam>
  <disabled>false</disabled>
  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
  <triggers/>
  <concurrentBuild>false</concurrentBuild>
  <builders>
    <hudson.tasks.Shell>
      <command>ln -sf /opt/ansible/non-docker-deployment/ansible.cfg ${PWD}/ansible.cfg</command>
    </hudson.tasks.Shell>
    <org.jenkinsci.plugins.ansible.AnsiblePlaybookBuilder plugin="ansible@1.0">
      <playbook>/opt/ansible/non-docker-deployment/playbooks/prepare-app-deploy-serial.yml</playbook>
      <inventory class="org.jenkinsci.plugins.ansible.InventoryPath">
        <path>/opt/ansible/non-docker-deployment/hosts_qit</path>
      </inventory>
      <limit></limit>
      <tags></tags>
      <skippedTags></skippedTags>
      <startAtTask></startAtTask>
      <credentialsId></credentialsId>
      <vaultCredentialsId>app-deploy-qit-ansible-vault</vaultCredentialsId>
      <become>false</become>
      <becomeUser></becomeUser>
      <sudo>false</sudo>
      <sudoUser></sudoUser>
      <forks>5</forks>
      <unbufferedOutput>true</unbufferedOutput>
      <colorizedOutput>false</colorizedOutput>
      <disableHostKeyChecking>true</disableHostKeyChecking>
      <additionalParameters>-e @/opt/ansible/non-docker-deployment/vaults/app-deploy-qit.yml -e host=$Hostgruppen -e &quot;{&apos;javainstall&apos;:$javainstall,&apos;wildflyinstall&apos;:$wildflyinstall,&apos;perlinstall&apos;:$perlinstall,&apos;updateos&apos;:$updateos,&apos;rebootserver&apos;:$rebootserver}&quot;</additionalParameters>
      <copyCredentialsInWorkspace>false</copyCredentialsInWorkspace>
    </org.jenkinsci.plugins.ansible.AnsiblePlaybookBuilder>
  </builders>
  <publishers>
    <hudson.tasks.Mailer plugin="mailer@1.24">
      <recipients>david.pasternak@flatex.com mando.ahnert@flatex.com christian.baron@flatex.com markus.frahm@flatex.com tobias.koenigs@flatex.com</recipients>
      <dontNotifyEveryUnstableBuild>true</dontNotifyEveryUnstableBuild>
      <sendToIndividuals>false</sendToIndividuals>
    </hudson.tasks.Mailer>
  </publishers>
  <buildWrappers/>
</project>

I've also tried it over a groovy script for creating a pipeline. Unfotrunately with the same result.

pipeline {
  agent any

  parameters {
    extendedChoice description: 'Hier die Hostgruppen aus dem Ansible inventory auswählen, die vorbereitet werden sollen', multiSelectDelimiter: ',', name: 'Hostgruppen', quoteValue: false, saveJSONParameterToFile: false, type: 'PT_RADIO', value: 'appdeploy_servers_qit,banksystem_ha1_lx_qit,banksystem_ha1_win_qit,banksystem_ha1_all_qit,banksystem_ha2_lx_qit,banksystem_ha2_win_qit,banksystem_ha2_all_qit,banksystem_ha2_ungerade_qit,banksystem_ha2_gerade_qit,BaZe_biw_qit,BaZe_kat_qit,BaZe_pbb_qit,BaZe_vdh_qit,calcserv_data_blz2_qit,calcserv_data_ibanplus_qit,calcserv_data_rocs_qit,WebFiliale2_banking_pbb_qit,WebFiliale2_banking_pbb_btz_qit,WebFiliale2_biw_qit,WebFiliale2_biw_auxmoney_qit,WebFiliale2_biwzv_bds_qit,WebFiliale2_biwzv_fcc_qit,WebFiliale2_biwzv_xs2a_qit,WebFiliale2_crosslend_qit,WebFiliale2_flatex_de_qit,WebFiliale2_flatex_de_cfd_login_qit,WebFiliale2_flatex_de_wpinfo_qit,WebFiliale2_flatexbanking_de_qit,WebFiliale2_flatexbanking_de_wpinfo_qit,WebFiliale2_flatex_at_cfd_login_qit,WebFiliale2_flatexbanking_at_qit,WebFiliale2_flatexbanking_at_wpinfo_qit,WebFiliale2_flatexbanking_nl_qit,WebFiliale2_flatexbanking_nl_cfd_login_qit,WebFiliale2_flatexbanking_nl_wpinfo_qit,WebFiliale2_kat_at_qit,WebFiliale2_kat_de_qit,WebFiliale2_vitrade_qit,WebFiliale2_vitrade_cfd_login_qit,WebFiliale2_banking_vitrade_qit', visibleItemCount: 10
    booleanParam defaultValue: false, description: 'Soll Java installiert werden?', name: 'javainstall'
    booleanParam defaultValue: false, description: 'Soll Wildfly installiert werden? - nur für Linuxsysteme', name: 'wildflyinstall'
    booleanParam defaultValue: false, description: 'Soll Perl installiert werden?', name: 'perlinstall'
    booleanParam defaultValue: false, description: 'Sollen OS Updates durchgeführt werden? Schließt einen evtl. Reboot des Servers mit ein!', name: 'updateos'
    booleanParam defaultValue: false, description: 'Soll der Server durchgebootet werden?', name: 'rebootserver'
  }

  stages {
    stage('Parameter testen') {
      steps {
        echo "Hostgruppen: $params.Hostgruppen"
        echo "Java installieren?: $params.javainstall"
        echo "Wildfly installieren?: $params.wildflyinstall"
        echo "Perl installieren?: $params.perlinstall"
        echo "Updates installieren?: $params.updateos"
        echo "Server rebooten?: $params.rebootserver"
      }
    }

    stage ('Git Projekt auschecken') {
      steps {
        checkout([$class: 'GitSCM', branches: [[name: '*/qit']], doGenerateSubmoduleConfigurations: false, extensions: [[$class: 'RelativeTargetDirectory', relativeTargetDir: '/opt/ansible/non-docker-deployment']], submoduleCfg: [], userRemoteConfigs: [[credentialsId: 'app-deploy-qit-ssh-key', url: 'git@op-scm.sys.fintechgroup.com:jenkins-ansible-deployments/non-docker-deployment.git']]])
      }
    }

    stage ('Ansible Playbook ausführen') {
      environment {
        ANSIBLE_CONFIG = "/opt/ansible/non-docker-deployment/ansible.cfg"
        ANSIBLE_INVENTORY = "/opt/ansible/non-docker-deployment/hosts_qit"
        ANSIBLE_PB = "/opt/ansible/non-docker-deployment/playbooks/prepare-app-deploy-serial.yml"
        ANSIBLE_VAULT = "/opt/ansible/non-docker-deployment/vaults/app-deploy-qit.yml"
      }
      steps {
        sh label: '', script: 'export ANSIBLE_CONFIG=$ANSIBLE_CONFIG'
        ansiblePlaybook disableHostKeyChecking: true, extras: '-e @$ANSIBLE_VAULT -e host=$params.Hostgruppen -e \"{\'javainstall\':$params.javainstall,\'wildflyinstall\':$params.wildflyinstall,\'perlinstall\':$params.perlinstall,\'updateos\':$params.updateos,\'rebootserver\':$params.rebootserver}\"', inventory: '$ANSIBLE_INVENTORY', playbook: '$ANSIBLE_PB', vaultCredentialsId: 'app-deploy-qit-ansible-vault'
      }
    }
  }
}

Anybody who could help?

Thanks and regards, David

score 0 · Accepted Answer · answered Sep 26 '19 at 09:13

0

From the output it looks like you are using shell command to execute ansible-playbook. You can try setting environment variable before ansible-playbook command. Below is the example.

$ env ANSIBLE_CONFIG=/opt/ansible/non-docker-deployment/ansible.cfg ansible-playbook /opt/ansible/non-docker-deployment/playbooks/prepare-app-deploy-serial.yml -i /opt/ansible/non-docker-deployment/hosts_qit -f 5 --vault-password-file /var/lib/jenkins/workspace/prepare-app-deploy-set-hostgroups/vault5523069360317322241.password -e @/opt/ansible/non-docker-deployment/vaults/app-deploy-qit.yml -e host=banksystem_ha2_all_qit -e {'javainstall':false,'wildflyinstall':false,'perlinstall':false,'updateos':false,'rebootserver':false}

answered Sep 26 '19 at 09:13

Sriram

626
7
11

I'm using the ansible plugin for executing my plays: https://wiki.jenkins.io/display/JENKINS/Ansible+Plugin – gurbelunder Sep 26 '19 at 09:45
You could try setting the environment variable ANSIBLE_CONFIG in Jenkins stage. And the ansible plugin should pick it. – Sriram Sep 26 '19 at 10:24
Yo mean by setting a build step before with type "executing shell" and do an "export ANSIBLE_CONFIG=/path/o/config.cfg"? Already done and doesn't work. Or did you mean on another way? – gurbelunder Sep 26 '19 at 10:39
I'm not using pipelines. Where could I set such parameters? – gurbelunder Sep 26 '19 at 10:53
Are you using Freestyle project or any other type? – Sriram Sep 26 '19 at 11:15
Simple freestyle project. I'm missing to add some screenshots here in Stackoverflow :D – gurbelunder Sep 26 '19 at 11:17
@gurbelunder I have a workaround for this. Before running ansible playbook, add "executing shell" and copy or create symbolic link to the ansible.cfg file at the current working directory. ln -sf /opt/ansible/non-docker-deployment/ansible.cfg ${PWD}/ansible.cfg. I tried in my Jenkins with freestyle and ansible plugin. It works! Make sure to delete the copied ansible.cfg or symbolic link after the ansible playbook execution – Sriram Sep 26 '19 at 12:22
Unfortunately it doesn't work for me on that way. Can't tell you why. Maybe I should export my job for you? – gurbelunder Sep 26 '19 at 12:25
Yes, that would help in setting the job config same as you and testing. – Sriram Sep 26 '19 at 12:33
I've also tried it now with a groovy pipeline, same result. The grovy script is also attached to the question. – gurbelunder Sep 26 '19 at 13:09
I tried changing the symbolic link destination and it worked. "ln -sf /opt/ansible/non-docker-deployment/ansible.cfg /opt/ansible/non-docker-deployment/playbooks/ansible.cfg". What is the error message you are getting? – Sriram Sep 26 '19 at 14:03
Still the same error for me. Ansible throws the error that my roles can't be find. In my ansible.cfg I've set "roles_path" to a different path /opt/ansible/non-docker-deployment/roles" and as that parameter will not be loaded I know that the ansible.cfg wasn't loaded. – gurbelunder Sep 26 '19 at 14:17
ERROR! the role 'prepare-app-deploy' was not found in /opt/ansible/non-docker-deployment/playbooks/roles:/opt/ansible/non-docker-deployment/roles, /etc/ansible/roles:/opt/ansible/non-docker-deployment/playbooks – gurbelunder Sep 26 '19 at 14:18
I've moved my roles now to playbook folder and no error occurs. The rest parameters will be loaded now from config file. Don't ask me, what exactly the error was... – gurbelunder Sep 26 '19 at 14:56

Setting ansible.cfg in Jenkins job

1 Answers1