Testing ansible-roles automatically on every git-push

7 December 2016


Ansible is a powerful configuration management tool. For developing and distributing ansible-roles we use Gitlab at Toscom. In this article I’ll describe how to automatically test ansible-roles for different Linux-Distributions in Docker-Container using Gitlab-Runner whenever someone pushes changes into our Gitlab-Repository.

Creating a Ansible-Debian-Docker-Image

First I created the following Dockerfile:

# This Dockerfile was tested with debian jessie
# Build with: docker build -t ansible/debian_jessie .
FROM debian


ENV DEBIAN_FRONTEND noninteractive

RUN echo "deb jessie-backports main" > /etc/apt/sources.list.d/backports.list
RUN apt-get update && apt-get upgrade -y 
RUN apt-get install -y build-essential git python python-dev libffi-dev libssl-dev python-pip libyaml-dev libgmp-dev libgmp10 libyaml-0-2 apt-utils
RUN apt-get install -y -t jessie-backports python-pyasn1 python-setuptools

RUN git clone /usr/local/src/ansible

RUN cd /usr/local/src/ansible && git checkout v2.1.2.0-1 && git submodule update --init --recursive && make && make install

USER root

WORKDIR /var/tmp

This Dockerfile is easily built by calling the follwing command

docker build -t ansible/debian_jessie .

Configuring the Gitlab-Repository

It’s very important to install the Gitlab-Runner and Docker on the same host. The Gitlab-Runner can easily installed using this instructions.

Now we can create the gitlab-runer-control-file(.gitlab-ci.yml) in our Gitlab-Repository of our ansible-role(let’s call it “fancy-ansible-role”):

  image: ansible/debian_jessie
    - mkdir -p roles/fancy-ansible-role
    - rsync -ar --exclude=.git --exclude=roles . roles/fancy-ansible-role
    - ansible-playbook .playbook.yml

And for our tests we create in our fancy-ansible-role-repository a file called .playbook.yml:

- hosts: localhost
    - fancy-ansible-role

To complete our ansible-role I’ll create a simple task and add it to the fancy-ansible-role. This simple code I’ll place at tasks/main.yml:


- name: Fancy Ansible Role Debug
  debug: msg="HELLO WORLD"

This role simply prints out “HELLO WORLD”.

Our Result

Finally we can push any changes in our repository and we can monitor the output of our tests in Gitlab:



In this article I just created a playbook for one Linux-Distribution but it could be easily extended to perform those tests on multiple Distributions. This clearly shows that Continous Integration-Tools can be very handy for Systemadministrators too.

[ Linux  Programming  Sysadmin  Tricks  git  Ansible  ]
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 Unported License.

Copyright 2015-present Hoti