Embed ansible playbooks in instance templates

[jandubois]

          Should be rewritten with the new feature to assemble templates.

i.e. provision.playbook should be converted to use locator as well

provision:
- mode: ansible
  file:
    url: ./templates/ansible/playbook.yaml

Currently it is being read into script, but should also be for playbook.

NOTE: The playbook is recursive, so needs to be parsed to be embedded...

templates/ansible
├── playbook.yaml
├── README.md
└── roles
    └── hostname
        ├── tasks
        │   └── main.yaml
        └── templates
            └── test.j2

4 directories, 4 files

Unfortunately Ansible does not provide a good way to use a single yaml file.

I have no idea if embedding works for scripts that include functions from files...

Originally posted by @afbjorklund in #2676 (comment)

[afbjorklund]

Currently it works, because the playbook is just a local path passed to ansible-playbook.

provision:
- mode: ansible
  playbook: ./templates/ansible/playbook.yaml

So any files that are next to that playbook (like roles), are available to the playbook by default.

- name: My first play
  hosts: all
  tasks:
  - name: Ping my hosts
    ansible.builtin.ping:

  - name: Print message
    ansible.builtin.debug:
      msg: Hello world
  roles:
  - hostname

https://docs.ansible.com/ansible/latest/tips_tricks/sample_setup.html

The recommendation from upstream is to use a git repository (ansible-pull)

But then we need to add git (and tar, for directories?) support to limactl template

Or do some kind of recursive adding of files as yaml binary objects in a yaml map...

roles:
  hostname:
    tasks:
      main.yaml:
        ---
        - name: write hostname using jinja2
          ansible.builtin.template:
             src: templates/test.j2
             dest: /tmp/hostname
    templates:
      test.j2:
        My name is {{ ansible_facts['hostname'] }}

• Add example of ansible provisioning with playbook #2676

  • https://docs.ansible.com/ansible/latest/getting_started/get_started_inventory.html
  • https://docs.ansible.com/ansible/latest/getting_started/get_started_playbook.html

[afbjorklund]

Related to:

• Allow providing scripts as separate files #2442 -->
• Assemble templates using the new base setting #3072

But for playbook, rather than script.

An alternative would be to skip the Ansible playbook provisioning, and use the ssh.config files for the Ansible inventory? Then it should be not so much work to run ansible-playbook manually, by referring to e.g. the lima-default alias.

inventory.yaml

lima:
  hosts:
    ansible:
      ansible_connection: ssh
      ansible_host: lima-ansible
      ansible_ssh_common_args: -F /home/anders/.lima/ansible/ssh.config

If we "assume" the ssh.config is included, then we can just use "lima-ansible" host (since ssh is the default connection). Simple enough to be generate on the fly, in the INI format: https://docs.ansible.com/ansible/latest/inventory_guide/

hosts (inventory)

[lima]
ansible ansible_host=lima-ansible

Also works better for multiple instances, since otherwise you have to "merge" the ansible-inventory.yaml files.

╭────────────╮
⟨ DEPRECATED ⟩
╰────────────╯
        ╲   ^__^
         ╲  (xx)\_______
            (__)\       )\/\
             U  ||----w |
                ||     ||

[afbjorklund]

• Deprecate the ansible provision playbook #3450

[jandubois]

Given #3450 and #3451 I think we can close this issue.