Configure An Ansible Job in Rundeck, using Terraform/OpenTofu
I've successfully managed to create a Terraform file for configuring Rundeck to run an inline BASH script. However, I want to take things further by figuring out how to automatically configure a job that makes use of Ansible.
From reading the provider documentation for a job, it looks like I need to configure the step_plugin within the command block that references the Ansible plugin. This takes a type and a config as shown below:
Unfortunately, unlike the other areas of the documentation, it does not list possible values for the type so I have had to guess, with no success thus far. I always get an error message similar to:
Workflow has one or more invalid steps: [1: [The step plugin type "com.batix.rundeck.plugins.AnsiblePlaybookInlineWorkflowNodeStep" is not valid: Plugin not found: com.batix.rundeck.plugins.AnsiblePlaybookInlineWorkflowNodeStep]]
I did look up the list of plugins from the GET /plugins/list endpoint and tried these names but they didn't work:
I also tried lots of variations of camelCase, snake_case etc on the words "ansible" "playbook" and "inline" with no combination seeming to work. I saw that in the returned API output, it stated that builtin was set to false. However, if I go to artifact/index/configurations then I can see the Uninstall button suggesting that they are installed.
Question
Does anybody know how to configure an Ansible job in Rundeck through Terraform/Tofu and can provide a basic example?
You must add the node_step_plugin block (inside the command block) pointing to the plugin's name and the config. A good way to see which options elements you need is to create a mockup ansible job, export it in YAML format, and then see the job definition content to apply on the terraform config subblock.
The terraform rundeck deployment file looks as follows (a very basic example tested on Terraform 1.8.0 and Rundeck 5.2.0):
terraform {
required_providers {
rundeck = {
source = "rundeck/rundeck"
version = "0.4.7"
}
}
}
provider "rundeck" {
url = "http://rundeck_url:4440/"
api_version = "47"
auth_token = "rundeck_auth_token"
}
resource "rundeck_project" "terraform" {
name = "terraform"
description = "Sample Created using Terraform Rundeck Provider"
resource_model_source {
type = "file"
config = {
format = "resourcexml"
file = "/path/to/your/resources.xml"
writable = "true"
generateFileAutomatically = "true"
}
}
extra_config = {
"project.label" = "Ansible Example"
}
}
resource "rundeck_job" "ansiblejob" {
name = "Ansible Test"
project_name = "${rundeck_project.terraform.name}"
node_filter_query = "tags: ansible"
description = "Ansible Playbook Test"
command {
node_step_plugin {
type = "com.batix.rundeck.plugins.AnsiblePlaybookWorflowNodeStep"
config = {
ansible-base-dir-path = "/path/to/ansible/config/"
ansible-become = "false"
ansible-binaries-dir-path = "/path/to/ansible/executable/"
ansible-playbook = "/path/to/your/playbook/ping.yml"
ansible-ssh-passphrase-option = "option.password"
ansible-ssh-use-agent = "false"
}
}
}
}
- Ansible gets stuck on tasks having key become: true
- Slow Ansible performance when using loop with large YAML var
- Can Ansible check if password is correct before running playbook?
- Unable to parse query a value node corresponding to a name node from a XML using Ansible
- Matching multiple strings in regex_search or regex_findall gives other strings which should not match
- How do I reverse lookup on an ansible dict?
- Run ansible task if the client is not in ad domain
- How to decrypt string with ansible-vault 2.3.0
- How to ignore ansible SSH authenticity checking?
- AWX + Hashicorp Vault django.request Bad Request
- Run Ansible playbook without inventory
- Ansible Failed to set permissions on the temporary
- How to pass parameters to task from file
- Ansible regex_replace on values of specific keys in a list of dict
- Custom Job Status for AWX/Ansible Tower workflows
- Checking the first digit in a number in ansible playbook
- How to get a formatted line from a dictionary var?
- Ansible find output
- How to create a file locally with ansible templates on the development machine
- Ansible how to convert boolean types true and false to corresponding strings
- Why does blockinfile with state=absent not work for these lines?
- Ansible: overwrite inventory's ansible_host from command line
- ansible playbook if else if
- Use a default if a variable is not defined
- ansible-playbook: "Failed to update cache: unknown reason"
- Is it possible to debug multiple variables in one Ansible task without using a loop?
- Failed to import the required Python library (suds) on hosts's Python /usr/bin/python3
- Ansible how to create list of dictionary keys
- Pervent Ansible from changing \a to \u0007 in a variable
- Ansible-Playbook for the Install of mod_ssl, python-passlib and firewalld (and keep them always latest)