Gitlab CI Ansible Deployment with Passwords

Question

Gitlab CI Ansible Deployment with Passwords

I am trying to create a "no password" deployment workflow using Gitlab CI and Ansible. Some steps require a password (I already use SSH keys when I can), so I saved these passwords in Ansible Vault . Then I just need to provide a Vault password when starting the playbook.

But how could I integrate this with Gitlab CI?

Can I register a gitlab-ci task (or are the tasks suitable only for assembly?), Which simply launches the game, providing the storage password somehow ?! Can this be achieved without setting a password in plain text ?!

Also, I would be very happy if someone could point me to some material that shows how we can deploy assemblies using Ansible. As you can see, I finally found nothing about this.

+4

ansible gitlab-ci

cvsguimaraes 15 sept. '15 at 14:39

source share

2 answers

Laurynas mališauskas · Answer 1 · 2017-07-31T17:07:25+0000

You can set an environment variable in GitLab CI that will contain the Ansible Vault password. In my example, I called it$ANSIBLE_VAULT_PASSWORD

Here is an example for .gitlab-ci.yml:

deploy:
  only:
    - master
  script:
    - echo $ANSIBLE_VAULT_PASSWORD > .vault_password.txt
    - ansible-playbook -i ansible/staging.yml --vault-password-file .vault_password.txt

Hope this trick helps you.

Sean Azlin · Answer 2 · 2015-09-16T07:20:56+0000

gitlab ci, , , , - , , , . , s3. . , , , , vpc, vpn .

, , , , , , . ( ), , boned.

, , , , . , . . , pw, . , (, pw - - ). ansible script - , vpn .

Gitlab CI Ansible Deployment with Passwords

More articles: