Github Action for running Ansible Playbooks.
Specifies the path to the Ansible Galaxy requirements file.
Forces the reinstallation of roles or collections from the Galaxy file.
Sets the API key used for authenticating to Ansible Galaxy.
Defines the URL of the Ansible Galaxy API server to interact with.
Sets the path to the directory where Galaxy collections are stored.
Disables GPG signature verification for Ansible Galaxy operations.
Forces the installation of collections with their dependencies from Galaxy.
Ignores SSL certificate validation for Ansible Galaxy requests.
Lists HTTP status codes to ignore during Galaxy signature validation.
Specifies the path to the GPG keyring used with Ansible Galaxy.
Enables offline mode, preventing any requests to Ansible Galaxy.
Allows the installation of pre-release versions from Ansible Galaxy.
Sets the required number of valid GPG signatures for Galaxy content.
Defines the path to the Ansible Galaxy requirements file.
Specifies a specific GPG signature to verify for Galaxy content.
Sets the timeout in seconds for Ansible Galaxy operations.
Enables automatic upgrading of Galaxy collections to the latest version.
Disables automatic resolution of dependencies in Ansible Galaxy.
Required. Specifies one or more inventory host files for Ansible to use.
Required. List of playbooks to apply.
Further limit selected hosts to an additional pattern.
Only run plays and tasks whose tags do not match these values.
Start the playbook at the task matching this name.
Only run plays and tasks tagged with these values.
Set additional variables in a key=value format for the playbook.
Prepends specified paths to the module library path list.
Executes a dry run, showing what changes would be made without making them.
Shows the differences in files and templates when changing them.
Clears the fact cache for every host in the inventory.
Runs all handlers even if a task fails.
Outputs a list of matching hosts.
List all available tags.
List all tasks that would be executed.
Performs a syntax check on the playbook, without executing it.
Defines the number of parallel processes to use during playbook execution.
Specifies the identity to use when accessing an Ansible Vault.
The vault password to use. This should be stored in a Secret on Github.
Sets the verbosity level, ranging from 0 (minimal output) to 4 (maximum verbosity).
Specifies the SSH private key content for connections. The key will be written to a temporary file by the action. This should be stored in a Secret on Github.
Starting with v1.2.0: The action automatically normalizes SSH keys (converts CRLF to LF, adds trailing newlines, validates format).
Note: For bastion host or ProxyCommand issues on older versions, see the SSH Authentication section for workarounds.
Defines the username for making connections.
Sets the type of connection to use (e.g., SSH).
Overrides the default connection timeout in seconds.
Specifies common arguments to pass to all SSH-based connection methods (SSH, SCP, SFTP).
Provides extra arguments to pass only to SFTP.
Provides extra arguments to pass only to SCP.
Provides extra arguments to pass only to SSH.
Enables privilege escalation, allowing operations to run as another user.
Specifies the method to use for privilege escalation (e.g., sudo).
Sets the user to impersonate when using privilege escalation.
β¨ New in v1.2.0+
SSH private keys are automatically normalized:
- Windows line endings (CRLF) β Unix format (LF)
- Missing trailing newlines are added
- Format validation (RSA, OpenSSH, EC, DSA)
- name: Deploy with Ansible
uses: arillso/[email protected]
with:
playbook: deploy.yml
inventory: ansible_hosts.yml
private_key: ${{ secrets.SSH_PRIVATE_KEY }}
env:
ANSIBLE_HOST_KEY_CHECKING: 'false'π Security Warning: NEVER commit private SSH keys to your repository!
- Go to repository Settings β Secrets and variables β Actions
- Click "New repository secret"
- Name:
SSH_PRIVATE_KEY - Value: Paste your entire private key (including
-----BEGIN/END-----headers) - Click "Add secret"
Your key must have proper PEM headers (-----BEGIN RSA PRIVATE KEY----- or similar). Line endings and trailing newlines are automatically fixed in v1.2.0+.
For versions < 1.2.0 or edge cases, use extra_vars to pass the key file path:
- name: Setup SSH Key
run: |
echo "${{ secrets.SSH_PRIVATE_KEY }}" > /tmp/ssh_key
chmod 600 /tmp/ssh_key
- name: Deploy
uses: arillso/action.playbook@master
with:
playbook: deploy.yml
inventory: ansible_hosts.yml
extra_vars: ansible_ssh_private_key_file=/tmp/ssh_keyFor verbose SSH debugging, set verbose: 4 in the action inputs.
- name: Play Ansible Playbook
uses: arillso/action.playbook@master
with:
playbook: tests/playbook.yml
inventory: tests/hosts.yml
galaxy_file: tests/requirements.yml
env:
ANSIBLE_HOST_KEY_CHECKING: 'false'
ANSIBLE_DEPRECATION_WARNINGS: 'false'This project is under the MIT License. See the LICENSE file for the full license text.
(c) 2020, Arillso