This repository provides a Docker container based upon RedHat Enterprise Linux 7 images.
You need to make sure you have the following:
- Locally hosted GitLab instance
- GitLab container registry enabled
- GitLab runner that has access to a Docker executor in privileged mode tagged as "docker".
- Accessible Docker daemon via TCP for the DIND to access privlieged containers for Test-Kitchen.
- GitLab hosted Ansible code repositories following best practices directory layout
To use this container you can perform the following steps
- Clone this project to your GitLab instance.
- Edit the .gitlab-cli.yml and replace
NAME_SPACE: "INTERNAL_GITLAB_GROUP"
DOCKER_REGISTRY: "INTERNAL_GITLAB_INSTANCE"
DOCKER_HOST: "tcp://INTERNAL_DOCKER_NODE:4243"
With your local information eg:
NAME_SPACE: "devops"
DOCKER_REGISTRY: "gitlab-registry.mydomain.com"
DOCKER_HOST: "tcp://docker-a1.mydomain.com:4243"
- Confirm the Pipeline builds the container and press the play button to tag it as "latest".
- Confirm you can access and run the container with docker commands eg:
docker run -it gitlab-registry.mydomain.com/devops/rhel7-docker-ansibleci ansible --version
Now that you have a pre-baked locally hosted container with ansible tooling you can use it for testing an ansible repository
The examples folder has sample example files you can copy to your local project for CI/CD testing.
- Edit the .gitlab-ci.yml and replace
image: INTERNAL_REGISTRY_TLD/NAMESPACE/rhel7-docker-ansibleci:latest
With your local information eg:
image: gitlab-registry.mydomain.com/devops/rhel7-docker-ansibleci:latest
Once set the CI/CD runner should execute the container and run the basic "ansible-playbook --syntax-check" on the first level playbooks in the directory.
The next stage in "Review" will execute ansible-lint and ansible-review.
- Ansible-Lint will give you most of the best practices and things to improve.
- Ansible-Review will give you a framework to test standards Ansible should be written to. Note this is totally customizable and the .ansible-review folder holds the configuration with the option to point to custom rules.
The final stage "Integration" is using test-kitchen to test your playbooks or roles on a Docker container to validate the changes with InSpec
TODO