Ansible AWX - Gitlab integration

AWX supports SCM integration.

This post will provide a guide on how to setup a connection to a Gitlab repository.

At the end a test will be carried out to ensure AWX is able to checkout from the repository.

Gitlab deploy token

The deploy token approach was used here as it only provides read access to a Gitlab repository.

Create a deploy token

  • Navigate to the Gitlab repository
  • Head over to Settings from the left menu
  • Click on CI/CD

  • Then expand Deploy Tokens

Fill in the name.

Leaving Expires at empty - ensures the token never expires; fill this in if access is required temporarily.

For scopes check the option for** read_repository**

Once you click on Create deploy token two fields will become visible - Deploy token username and Deploy token password. Make sure you copy and save these 2 values securely.

Setup Gitlab connection

  • Login to AWX as admin
  • Navigate to credentials

  • Click on the Green plus icon to Create a new credential (on the right)

Fill in the following fields:

  1. Name
  2. Description
  3. Organization
  4. Credential Type = Source Control
  5. Username = Gitlab deploy token username
  6. Password = Gitlab deploy token password

SCM Private key / passphrase can be left empty. The credential will work even without the key info.

Click save to create the credential.

After saving, the new Gitlab credential should show up in the list of credentials.

Testing the Gitlab integration

With the new Gitlab credential setup in AWX, it’s now time to test the connection.

Create a new inventory

Navigate to Inventories

  • Click on the Green plus icon to create a new inventory

  • Fill in the name
  • Description
  • Organization

As this is a test inventory, adding hosts are not required.

Click on save.

Create a new project

Navigate to Projects

  • Click on the Green plus icon to create a new project

  • Fill in the name
  • SCM type = Git
  • SCM URL = your Gitlab repository .e.g. https://gitlab.com//.git
  • SCM credential = select the Gitlab credential you saved in AWX earlier
  • Organization = select the correct Organization you require this Project to be associated with
  • SCM branch/tag/commit/update/refspec = optional

Click save.

Create Job template

Navigate to templates.

  • Click on the Green plus icon to create a new template

  • Fill in the name
  • Description
  • Job type = Check (this will only check the syntax of the playbook)
  • Inventory = select the one you created in the earlier step
  • Project = select the one you created in the earlier step
  • Playbook = select the path to where the <main>.yml file is located in the repository

Click on save, then launch the template.

SCM check output

Once the Job template has launched.

Navigate to Jobs, 2 jobs should be visible

  • Job1 - is the SCM update

  • Job2 - is the Playbook run (in this case this is only a syntax test as we chose to only Check in the Job template)

Open Job1 - since this is the SCM test.

If successful you should see the console output similar to the following, which demonstrates that the git checkout was OK.

  PLAY [Update source tree if necessary] ***************************************** 
  TASK [update project using git] ************************************************ 
  ok: [localhost] TASK [Set the git repository version] ****************************************** 
  ok: [localhost] TASK [Repository Version] ****************************************************** 
  ok: [localhost] => { "msg": "Repository Version adfb3f696604e6b4f48a0bc4fbbeb6d82c8667ee" }
  
  PLAY [Install content with ansible-galaxy command if necessary] 
  *****PLAYRECAP*********************** localhost : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Last updated on 10 Mar 2020
Published on 10 Mar 2020