Home > database >  Passing AWS Credentials in Jenkins into Ansible playbook
Passing AWS Credentials in Jenkins into Ansible playbook

Time:09-08

I am trying to pass an aws creds I have stored within jenkins into an ansible playbook and it doesnt seems to be taking it. I've done research and seems like everybody is storing their creds in the jenkins file. Is it possible to pass the variable into an ansible-playbook? Below is my current situation

Jenkins Creds

Jenkinsfile

pipeline {
    agent any
    stages {
        stage('GIT Code Checkout'){
           steps{
               git branch: 'ansible', credentialsId: 'test-pipeline', url: 'https://github.com/newbtech'
           }
    environment{
        AWS_ACCESS_KEY_ID = credentials('aws-key')
        AWS_SECRET_ACCESS_KEY = credentials('aws_secret_access_key')
        }
        stage('Run Tools Playbook'){
           steps{
               ansiblePlaybook credentialsId: 'root-key', 
               disableHostKeyChecking: true, installation: 'ansible', 
               extras: "-e HOST=${SERVER}", 
               inventory: 'ansible/host.inv', 
               playbook: 'ansible/cstest.yml'                
           }
        }
    }
}

Ansible-Playbook

---
- hosts: "{{ HOST }}"
  tasks:
    - name: "S3 Pull - Ubunutu"
      aws_s3:
        aws_access_key: "aws-key"
        aws_secret_key: "aws_secret_access_key"
        bucket: "images"
        object: "ubuntu.deb"
        dest: "/tmp/ubuntu.deb"
        mode: get
      when: ansible_facts['os_family'] == "Debian"
      vars:
         ansible_python_interpreter: /usr/bin/python3

CodePudding user response:

Using the plugin Credentials Binding
I've tried to use snippet generator for the Pipeline Syntax for this plugin, but it wasn't helpful at all for me.
Define a withCredentials block in the pipeline under the step you want the credentials to be available:

withCredentials(
[[
    $class: 'AmazonWebServicesCredentialsBinding',
    accessKeyVariable: 'AWS_ACCESS_KEY_ID',
    credentialsId: 'aws',  # ID of AWS credentials in Jenkins
    secretKeyVariable: 'AWS_SECRET_ACCESS_KEY'
]])

In your pipeline:

pipeline {
  agent any

  stages {
    stage ('Git checkout')
    {
      steps
      {
        git branch: 'ansible', credentialsId: 'test-pipeline', url: 'https://github.com/newbtech'
      } 
    }
    stage('Run Tools Playbook')
    {
      steps
      {
        withCredentials(
            [[
                $class: 'AmazonWebServicesCredentialsBinding',
                accessKeyVariable: 'AWS_ACCESS_KEY_ID',
                credentialsId: 'aws-key',
                secretKeyVariable: 'AWS_SECRET_ACCESS_KEY'
            ]])
        {
          ansiblePlaybook credentialsId: 'root-key', 
          disableHostKeyChecking: true, installation: 'ansible', 
          extras: "-e HOST=${SERVER}", 
          inventory: 'ansible/host.inv', 
          playbook: 'ansible/cstest.yml' 
        }
      }
    }
  }
}

Then you can define credentials in your playbook as follows:

---
- hosts: "{{ HOST }}"
  tasks:
  - name: "S3 Pull - Ubunutu"
    aws_s3:
      aws_access_key: "AWS_ACCESS_KEY_ID"
      aws_secret_key: "AWS_SECRET_ACCESS_KEY"
      bucket: "images"
      object: "ubuntu.deb"
      dest: "/tmp/ubuntu.deb"
      mode: get
    when: ansible_facts['os_family'] == "Debian"
    vars:
       ansible_python_interpreter: /usr/bin/python3

Page link:https//www.codepudding.com/database/537610.html

Prev:Delphi 11, VCL, runtime styles properties
Next:How to clear the output everytime run code in VSCode? I'm using terminal in VSCode to run
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding