3

I've created a test Argo Workflow to help me understand how I can CI/CD approach to deploy an Ansible Playbook. When I create the app in Argo CD, it syncs fine, but then it just gets stuck on Progressing and never gets out of that state.

I tried digging around to see if there was any indication in the logs, but I'm fairly new to Argo. It doesn't even get to the point where it's creating any pods to do any of the steps.

Thoughts?

Here is my workflow:

apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
  name: ansible-test

spec:
  entrypoint: ansible-test-ci
  arguments:
    parameters:
    - name: repo
      value: ****
    - name: revision
      value: '1.6'

  templates:
  - name: ansible-test-ci
    steps:
    - - name: checkout
        template: checkout
    #- - name: test-playbook
    #    template: test-playbook
    #    arguments:
    #      artifacts:
    #      - name: source
    #        from: "{{steps.checkout.outputs.artifacts.source}}"
    - - name: deploy
        template: deploy
        arguments:
          artifacts:
          - name: source
            from: "{{steps.checkout.outputs.artifacts.source}}"

  - name: checkout
    inputs:
      artifacts:
      - name: source
        path: /src
        git:
          repo: "{{workflow.parameters.repo}}"
          #revision: "{{workflow.parameters.revision}}"
          #sshPrivateKeySecret:
          #  name: my-secret
          #  key: ssh-private-key # kubectl create secret generic my-secret --from-file=ssh-private-key=~/.ssh/id_rsa2
    outputs:
      artifacts:
      - name: source
        path: /src
    container:
      image: alpine/git:latest
      command: ["/bin/sh", "-c"]
      args: ["cd /src && git status && ls -l"]

  #- name: test-playbook
  #  inputs:
  #    artifacts:
  #    - name: source
  #      path: /ansible/
  #  container:
  #    image: ansible/ansible-runner:latest
  #    command: ["/bin/sh", "-c"]
  #    args: ["
  #      cd /ansible &&
  #      ansible-playbook playbook.yaml -i inventory
  #    "]
  
  - name: deploy
    inputs:
      artifacts:
      - name: source
        path: /ansible/
    container:
      image: ansible/ansible-runner:latest
      command: ["/bin/sh", "-c"]
      args: ["
        cd /ansible &&
        ansible-playbook playbook.yaml -i inventory
      "]

Images of what's going on in Argo CD:

enter image description here

enter image description here

xil3
  • 16,305
  • 8
  • 63
  • 97
  • At this point there is no clear relationship with Ansible. This could potentially happen with any type of task in your argo workflow. So either give a clear explanation of how ansible is involved by adding a playbook, execution logs, debug info, etc... or remove the tag. Thanks. – Zeitounator Mar 24 '22 at 11:14
  • 1
    You're right, the issue is before it even gets to the Ansible step in the workflow. I can remove the Ansible tag from this. – xil3 Mar 24 '22 at 16:20
  • What is the output of kubectl get pods and can you share logs of your worflow controller pod – Nirley Gupta Mar 28 '22 at 16:10

1 Answers1

0

I ended up solving this by adding a ServiceAccount and Role resource to the namespace that Argo Workflow was trying to run within.

Here's the Role I added:

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: workflow-role
rules:
  # pod get/watch is used to identify the container IDs of the current pod
  # pod patch is used to annotate the step's outputs back to controller (e.g. artifact location)
  - apiGroups:
      - ""
    resources:
      - pods
    verbs:
      - get
      - watch
      - patch
  # logs get/watch are used to get the pods logs for script outputs, and for log archival
  - apiGroups:
      - ""
    resources:
      - pods/log
    verbs:
      - get
      - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: workflow-role-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: workflow-role
subjects:
  - kind: ServiceAccount
    name: default
xil3
  • 16,305
  • 8
  • 63
  • 97
  • I also found out that I should be using the Argo Workflow UI to get more detailed information, instead of Argo CD UI. – xil3 Mar 29 '22 at 19:14