Olá, equipe,
Desenvolvi um pipeline Jenkins que se integra ao Hashicorp Vault para recuperar senhas e implantar pacotes com segurança em um host usando Ansible. Essa abordagem elimina a necessidade de um agente do Node Jenkins, simplificando o processo de implantação, mantendo a segurança.
Armazenamento de senha em Hashicorp Vault
No Vault Hashicorp, as senhas são armazenadas em um formato estruturado que Jenkins pode consultar dinamicamente.
Fluxo de trabalho do pipeline
Quando fornecido com parâmetros de entrada específicos, Jenkins irá:
- Jenkins baixará o repositório necessário.
- Análise a
deploy.jsonarquivo para extrair detalhes de implantação. Aqui está um exemplo dodeploy.jsonEstrutura de arquivo:
{
"ipaddress": "193.16.16.9",
"username": "bitra",
"hostname": "centos8",
"deploymentPath": "/home/bitra/apps/batch-jobs",
"backupPath": "/home/bitra/backup/batch-jobs"
}
Usando esses dados JSON, Jenkins gera um ID do objeto Vault Hashicorp no formato: — Para o exemplo acima, o ID do objeto seria: 193.16.16.9-bitra-centoos8
Jenkins então se conecta ao Hashicorp Vault, recupera a senha associada usando esse ID do objeto e usa o Ansible para executar a implantação.
Execução de pipeline
Abaixo está uma saída de amostra da execução do pipeline, ilustrando como Jenkins interage com o Hashicorp Vault e executa a implantação:
Started by user admin
[Pipeline] Start of Pipeline
[Pipeline] node
Running on Jenkins in /var/lib/jenkins/workspace/Bitroid
[Pipeline] {
[Pipeline] withEnv
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Initialization of Jenkins)
[Pipeline] sh
+ echo 'Initial step'
Initial step
+ ls
+ ls /var/lib/jenkins/workspace/Bitroid/
[Pipeline] echo
[Pipeline] echo
releasev1
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Checkout SCM)
[Pipeline] script
[Pipeline] {
[Pipeline] echo
Checking out the source code
[Pipeline] checkout
The recommended git tool is: NONE
using credential 0411e51e-acca-411d-bdb4-f2d55b2549a1
Cloning the remote Git repository
Cloning repository
> git init /var/lib/jenkins/workspace/Bitroid # timeout=10
Fetching upstream changes from
> git --version # timeout=10
> git --version # 'git version 2.43.5'
using GIT_ASKPASS to set credentials
> git fetch --tags --force --progress -- +refs/heads/*:refs/remotes/origin/* # timeout=10
> git config remote.origin.url # timeout=10
> git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10
Avoid second fetch
> git rev-parse origin/releasev1^{commit} # timeout=10
Checking out Revision 0a6a3b6908190dc25c326364f960372d1e7c9167 (origin/releasev1)
> git config core.sparsecheckout # timeout=10
> git checkout -f 0a6a3b6908190dc25c326364f960372d1e7c9167 # timeout=10
Commit message: "feat: change user"
> git rev-list --no-walk 0a6a3b6908190dc25c326364f960372d1e7c9167 # timeout=10
[Pipeline] sh
+ git log -1 --format=%cd --date=iso
[Pipeline] echo
scmData.GIT_BRANCH=origin/releasev1
[Pipeline] echo
scmData.GIT_COMMIT=0a6a3b6908190dc25c326364f960372d1e7c9167
[Pipeline] echo
scmData.GIT_URL=
[Pipeline] sh
+ git rev-parse --short HEAD
[Pipeline] echo
Build Version: 6_0a6a3b6
[Pipeline] checkout
The recommended git tool is: NONE
using credential 0411e51e-acca-411d-bdb4-f2d55b2549a1
Cloning the remote Git repository
Cloning repository
> git init /var/lib/jenkins/workspace/Bitroid/pipeline # timeout=10
Fetching upstream changes from
> git --version # timeout=10
> git --version # 'git version 2.43.5'
using GIT_ASKPASS to set credentials
> git fetch --tags --force --progress -- +refs/heads/*:refs/remotes/origin/* # timeout=10
> git config remote.origin.url # timeout=10
> git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10
Avoid second fetch
> git rev-parse origin/main^{commit} # timeout=10
Checking out Revision b83d505b09d779238b90ff841aa3c952148782e5 (origin/main)
> git config core.sparsecheckout # timeout=10
> git checkout -f b83d505b09d779238b90ff841aa3c952148782e5 # timeout=10
Commit message: "Update deploy.playbook"
> git rev-list --no-walk b83d505b09d779238b90ff841aa3c952148782e5 # timeout=10
[Pipeline] }
[Pipeline] // script
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Parse Deploy JSON and Set Env Vars)
[Pipeline] script
[Pipeline] {
[Pipeline] echo
Set environment variable: 193_16_16_9-bitra-centos8=193.16.16.9-bitra-centos8
[Pipeline] }
[Pipeline] // script
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Retrive secrets from vault)
[Pipeline] script
[Pipeline] {
[Pipeline] sh
+ vault login -method=userpass username=hemanth password=bitra
Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run "vault login"
again. Future Vault requests will automatically use this token.
Key Value
--- -----
token hvs.CAESILsgc5b2BAEz9PXicYSBb2o7ZVg-cEpRXAQzNoRx3MWqGh4KHGh2cy53MEp0SVc2VVB5Q29kQUhVZjlXamVCNlo
token_accessor QLXV3OdG9INVRzsNWSGBNMZV
token_duration 768h
token_renewable true
token_policies ["default" "hemanth-read-only"]
identity_policies []
policies ["default" "hemanth-read-only"]
token_meta_username hemanth
[Pipeline] sh
+ vault kv get -field=password secret/PRD_VM_LINUX_APP/193.16.16.9-bitra-centos8
[Pipeline] echo
Retrieved secret: hemanth
[Pipeline] echo
Retrieved secret and set as GLOBAL_SECRET: hemanth
[Pipeline] }
[Pipeline] // script
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Archive)
[Pipeline] sh
+ cd /var/lib/jenkins/workspace/Bitroid/
+ zip -v -9 archive.zip healthcheck.sh checkspace.sh
adding: healthcheck.sh (in=828) (out=346) (deflated 58%)
adding: checkspace.sh (in=281) (out=90) (deflated 68%)
total bytes=1109, compressed=436 -> 61% savings
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Deploy)
[Pipeline] echo
Object ID: 193.16.16.9-bitra-centos8
[Pipeline] echo
Deploying project. Last commit date: 2025-01-22 14:26:13 +0530
[Pipeline] sh
+ ls /var/lib/jenkins/workspace/Bitroid/
archive.zip
checkspace.sh
deploy.json
healthcheck.sh
pipeline
pipeline@tmp
README.md
secret_filename.json
+ echo =================================================
=================================================
+ ls /var/lib/jenkins/workspace/Bitroid/pipeline/BIT
deploy.playbook
set_env_vars.py
+ echo =================================================
=================================================
+ cp -v /var/lib/jenkins/workspace/Bitroid/pipeline/BIT/deploy.playbook /var/lib/jenkins/workspace/Bitroid
'/var/lib/jenkins/workspace/Bitroid/pipeline/BIT/deploy.playbook' -> '/var/lib/jenkins/workspace/Bitroid/deploy.playbook'
+ echo =================================================
=================================================
+ ls /var/lib/jenkins/workspace/Bitroid/
archive.zip
checkspace.sh
deploy.json
deploy.playbook
healthcheck.sh
pipeline
pipeline@tmp
README.md
secret_filename.json
+ echo =================================================
=================================================
[Pipeline] sh
+ ansible-playbook -vvvvv deploy.playbook -e ansible_become_pass=hemanth
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
ansible-playbook [core 2.18.1]
config file = None
configured module search path = ['/var/lib/jenkins/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.12/site-packages/ansible
ansible collection location = /var/lib/jenkins/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible-playbook
python version = 3.12.5 (main, Dec 3 2024, 00:00:00) [GCC 11.5.0 20240719 (Red Hat 11.5.0-2)] (/usr/bin/python3.12)
jinja version = 3.1.4
libyaml = True
No config file found; using defaults
setting up inventory plugins
Loading collection ansible.builtin from
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Loading callback plugin default of type stdout, v2.0 from /usr/local/lib/python3.12/site-packages/ansible/plugins/callback/default.py
Attempting to use 'default' callback.
Skipping callback 'default', as we already have a stdout callback.
Attempting to use 'junit' callback.
Attempting to use 'minimal' callback.
Skipping callback 'minimal', as we already have a stdout callback.
Attempting to use 'oneline' callback.
Skipping callback 'oneline', as we already have a stdout callback.
Attempting to use 'tree' callback.
PLAYBOOK: deploy.playbook ******************************************************
Positional arguments: deploy.playbook
verbosity: 5
connection: ssh
become_method: sudo
tags: ('all',)
inventory: ('/etc/ansible/hosts',)
extra_vars: ('ansible_become_pass=hemanth',)
forks: 5
2 plays in deploy.playbook
PLAY [Read username from deploy.json and use it for all tasks] *****************
TASK [Read the deploy.json file] ***********************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:6
looking for "deploy.json" at "/var/lib/jenkins/workspace/Bitroid/files/deploy.json"
looking for "deploy.json" at "/var/lib/jenkins/workspace/Bitroid/deploy.json"
File lookup using /var/lib/jenkins/workspace/Bitroid/deploy.json as file
ok: [localhost] => {
"ansible_facts": {
"deploy_data": {
"backupPath": "/home/bitra/backup/batch-jobs",
"deploymentPath": "/home/bitra/apps/batch-jobs",
"hostname": "centos8",
"ipaddress": "193.16.16.9",
"username": "bitra"
}
},
"changed": false
}
TASK [Extract username] ********************************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:11
ok: [localhost] => {
"ansible_facts": {
"deploy_username": "bitra"
},
"changed": false
}
TASK [Extract deploymentPath and backupPath] ***********************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:15
ok: [localhost] => {
"ansible_facts": {
"backup_path": "/home/bitra/backup/batch-jobs",
"deployment_path": "/home/bitra/apps/batch-jobs"
},
"changed": false
}
PLAY [Execute tasks as the extracted user] *************************************
TASK [Display the username] ****************************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:26
ok: [localhost] => {
"msg": "Running tasks as user: bitra"
}
TASK [Display backupPath] ******************************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:30
ok: [localhost] => {
"msg": "Backup Path: /home/bitra/backup/batch-jobs"
}
TASK [Display deploymentPath] **************************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:34
ok: [localhost] => {
"msg": "Deployment Path: /home/bitra/apps/batch-jobs"
}
TASK [Ensure deployment directory exists] **************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:38
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791468.711033-8335-94198148038812 `" && echo ansible-tmp-1737791468.711033-8335-94198148038812="` echo /var/tmp/ansible-tmp-1737791468.711033-8335-94198148038812 `" ) && sleep 0'
Including module_utils file ansible/__init__.py
Including module_utils file ansible/module_utils/__init__.py
Including module_utils file ansible/module_utils/basic.py
Including module_utils file ansible/module_utils/_text.py
Including module_utils file ansible/module_utils/common/_utils.py
Including module_utils file ansible/module_utils/common/__init__.py
Including module_utils file ansible/module_utils/common/arg_spec.py
Including module_utils file ansible/module_utils/common/file.py
Including module_utils file ansible/module_utils/common/locale.py
Including module_utils file ansible/module_utils/common/parameters.py
Including module_utils file ansible/module_utils/common/collections.py
Including module_utils file ansible/module_utils/common/process.py
Including module_utils file ansible/module_utils/common/sys_info.py
Including module_utils file ansible/module_utils/common/text/converters.py
Including module_utils file ansible/module_utils/common/text/__init__.py
Including module_utils file ansible/module_utils/common/text/formatters.py
Including module_utils file ansible/module_utils/common/validation.py
Including module_utils file ansible/module_utils/common/warnings.py
Including module_utils file ansible/module_utils/compat/selinux.py
Including module_utils file ansible/module_utils/compat/__init__.py
Including module_utils file ansible/module_utils/distro/__init__.py
Including module_utils file ansible/module_utils/distro/_distro.py
Including module_utils file ansible/module_utils/errors.py
Including module_utils file ansible/module_utils/parsing/convert_bool.py
Including module_utils file ansible/module_utils/parsing/__init__.py
Including module_utils file ansible/module_utils/pycompat24.py
Including module_utils file ansible/module_utils/six/__init__.py
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/file.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmp7k1pdsef TO /var/tmp/ansible-tmp-1737791468.711033-8335-94198148038812/AnsiballZ_file.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791468.711033-8335-94198148038812/ /var/tmp/ansible-tmp-1737791468.711033-8335-94198148038812/AnsiballZ_file.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=duzhrazqjvsednihbkcxkcfevsttcomt] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-duzhrazqjvsednihbkcxkcfevsttcomt ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791468.711033-8335-94198148038812/AnsiballZ_file.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791468.711033-8335-94198148038812/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"diff": {
"after": {
"path": "/home/bitra/apps/batch-jobs",
"state": "directory"
},
"before": {
"path": "/home/bitra/apps/batch-jobs",
"state": "absent"
}
},
"gid": 1001,
"group": "bitra",
"invocation": {
"module_args": {
"_diff_peek": null,
"_original_basename": null,
"access_time": null,
"access_time_format": "%Y%m%d%H%M.%S",
"attributes": null,
"follow": true,
"force": false,
"group": null,
"mode": null,
"modification_time": null,
"modification_time_format": "%Y%m%d%H%M.%S",
"owner": null,
"path": "/home/bitra/apps/batch-jobs",
"recurse": true,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"state": "directory",
"unsafe_writes": false
}
},
"mode": "0755",
"owner": "bitra",
"path": "/home/bitra/apps/batch-jobs",
"secontext": "system_u:object_r:user_home_t:s0",
"size": 6,
"state": "directory",
"uid": 1001
}
TASK [Ensure backup directory exists] ******************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:44
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791469.8975558-8375-28902586999237 `" && echo ansible-tmp-1737791469.8975558-8375-28902586999237="` echo /var/tmp/ansible-tmp-1737791469.8975558-8375-28902586999237 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/file.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmpce4_50t8 TO /var/tmp/ansible-tmp-1737791469.8975558-8375-28902586999237/AnsiballZ_file.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791469.8975558-8375-28902586999237/ /var/tmp/ansible-tmp-1737791469.8975558-8375-28902586999237/AnsiballZ_file.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=rjxafcsntawsucjldrodjcmatocpzgbs] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-rjxafcsntawsucjldrodjcmatocpzgbs ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791469.8975558-8375-28902586999237/AnsiballZ_file.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791469.8975558-8375-28902586999237/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"diff": {
"after": {
"path": "/home/bitra/backup/batch-jobs",
"state": "directory"
},
"before": {
"path": "/home/bitra/backup/batch-jobs",
"state": "absent"
}
},
"gid": 1001,
"group": "bitra",
"invocation": {
"module_args": {
"_diff_peek": null,
"_original_basename": null,
"access_time": null,
"access_time_format": "%Y%m%d%H%M.%S",
"attributes": null,
"follow": true,
"force": false,
"group": null,
"mode": null,
"modification_time": null,
"modification_time_format": "%Y%m%d%H%M.%S",
"owner": null,
"path": "/home/bitra/backup/batch-jobs",
"recurse": true,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"state": "directory",
"unsafe_writes": false
}
},
"mode": "0755",
"owner": "bitra",
"path": "/home/bitra/backup/batch-jobs",
"secontext": "system_u:object_r:user_home_t:s0",
"size": 6,
"state": "directory",
"uid": 1001
}
TASK [Create backup folder in backupPath] **************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:50
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791470.7729065-8396-148604401664756 `" && echo ansible-tmp-1737791470.7729065-8396-148604401664756="` echo /var/tmp/ansible-tmp-1737791470.7729065-8396-148604401664756 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/file.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmp3a8_4d7a TO /var/tmp/ansible-tmp-1737791470.7729065-8396-148604401664756/AnsiballZ_file.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791470.7729065-8396-148604401664756/ /var/tmp/ansible-tmp-1737791470.7729065-8396-148604401664756/AnsiballZ_file.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=baaslqvhdgdbmnsmahzpotmxeulgdoru] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-baaslqvhdgdbmnsmahzpotmxeulgdoru ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791470.7729065-8396-148604401664756/AnsiballZ_file.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791470.7729065-8396-148604401664756/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"diff": {
"after": {
"path": "/home/bitra/backup/batch-jobs/6_0a6a3b6",
"state": "directory"
},
"before": {
"path": "/home/bitra/backup/batch-jobs/6_0a6a3b6",
"state": "absent"
}
},
"gid": 1001,
"group": "bitra",
"invocation": {
"module_args": {
"_diff_peek": null,
"_original_basename": null,
"access_time": null,
"access_time_format": "%Y%m%d%H%M.%S",
"attributes": null,
"follow": true,
"force": false,
"group": null,
"mode": null,
"modification_time": null,
"modification_time_format": "%Y%m%d%H%M.%S",
"owner": null,
"path": "/home/bitra/backup/batch-jobs/6_0a6a3b6",
"recurse": false,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"state": "directory",
"unsafe_writes": false
}
},
"mode": "0755",
"owner": "bitra",
"path": "/home/bitra/backup/batch-jobs/6_0a6a3b6",
"secontext": "system_u:object_r:user_home_t:s0",
"size": 6,
"state": "directory",
"uid": 1001
}
TASK [Taking backup before deployment] *****************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:55
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791471.420877-8416-139413731791690 `" && echo ansible-tmp-1737791471.420877-8416-139413731791690="` echo /var/tmp/ansible-tmp-1737791471.420877-8416-139413731791690 `" ) && sleep 0'
Including module_utils file ansible/__init__.py
Including module_utils file ansible/module_utils/__init__.py
Including module_utils file ansible/module_utils/basic.py
Including module_utils file ansible/module_utils/_text.py
Including module_utils file ansible/module_utils/common/_utils.py
Including module_utils file ansible/module_utils/common/__init__.py
Including module_utils file ansible/module_utils/common/arg_spec.py
Including module_utils file ansible/module_utils/common/file.py
Including module_utils file ansible/module_utils/common/locale.py
Including module_utils file ansible/module_utils/common/parameters.py
Including module_utils file ansible/module_utils/common/collections.py
Including module_utils file ansible/module_utils/common/process.py
Including module_utils file ansible/module_utils/common/sys_info.py
Including module_utils file ansible/module_utils/common/text/converters.py
Including module_utils file ansible/module_utils/common/text/__init__.py
Including module_utils file ansible/module_utils/common/text/formatters.py
Including module_utils file ansible/module_utils/common/validation.py
Including module_utils file ansible/module_utils/common/warnings.py
Including module_utils file ansible/module_utils/compat/selinux.py
Including module_utils file ansible/module_utils/compat/__init__.py
Including module_utils file ansible/module_utils/distro/__init__.py
Including module_utils file ansible/module_utils/distro/_distro.py
Including module_utils file ansible/module_utils/errors.py
Including module_utils file ansible/module_utils/parsing/convert_bool.py
Including module_utils file ansible/module_utils/parsing/__init__.py
Including module_utils file ansible/module_utils/pycompat24.py
Including module_utils file ansible/module_utils/six/__init__.py
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/copy.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmpv3_qet4l TO /var/tmp/ansible-tmp-1737791471.420877-8416-139413731791690/AnsiballZ_copy.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791471.420877-8416-139413731791690/ /var/tmp/ansible-tmp-1737791471.420877-8416-139413731791690/AnsiballZ_copy.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=awpsixjfxcduyzlnyyossqkfzpgacgjf] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-awpsixjfxcduyzlnyyossqkfzpgacgjf ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791471.420877-8416-139413731791690/AnsiballZ_copy.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791471.420877-8416-139413731791690/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"checksum": null,
"dest": "/home/bitra/backup/batch-jobs/6_0a6a3b6/batch-jobs",
"gid": 1001,
"group": "bitra",
"invocation": {
"module_args": {
"_original_basename": null,
"attributes": null,
"backup": false,
"checksum": null,
"content": null,
"dest": "/home/bitra/backup/batch-jobs/6_0a6a3b6",
"directory_mode": null,
"follow": false,
"force": true,
"group": null,
"local_follow": null,
"mode": null,
"owner": null,
"remote_src": true,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": "/home/bitra/apps/batch-jobs",
"unsafe_writes": false,
"validate": null
}
},
"md5sum": null,
"mode": "0755",
"owner": "bitra",
"secontext": "system_u:object_r:user_home_t:s0",
"size": 6,
"src": "/home/bitra/apps/batch-jobs",
"state": "directory",
"uid": 1001
}
TASK [Copy archive.zip to the deployment path] *********************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:61
ESTABLISH LOCAL CONNECTION FOR USER: jenkins
EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536 `" && echo ansible-tmp-1737791472.580123-8436-162623729629536="` echo /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536 `" ) && sleep 0'
Including module_utils file ansible/__init__.py
Including module_utils file ansible/module_utils/__init__.py
Including module_utils file ansible/module_utils/basic.py
Including module_utils file ansible/module_utils/_text.py
Including module_utils file ansible/module_utils/common/_utils.py
Including module_utils file ansible/module_utils/common/__init__.py
Including module_utils file ansible/module_utils/common/arg_spec.py
Including module_utils file ansible/module_utils/common/file.py
Including module_utils file ansible/module_utils/common/locale.py
Including module_utils file ansible/module_utils/common/parameters.py
Including module_utils file ansible/module_utils/common/collections.py
Including module_utils file ansible/module_utils/common/process.py
Including module_utils file ansible/module_utils/common/sys_info.py
Including module_utils file ansible/module_utils/common/text/converters.py
Including module_utils file ansible/module_utils/common/text/__init__.py
Including module_utils file ansible/module_utils/common/text/formatters.py
Including module_utils file ansible/module_utils/common/validation.py
Including module_utils file ansible/module_utils/common/warnings.py
Including module_utils file ansible/module_utils/compat/selinux.py
Including module_utils file ansible/module_utils/compat/__init__.py
Including module_utils file ansible/module_utils/distro/__init__.py
Including module_utils file ansible/module_utils/distro/_distro.py
Including module_utils file ansible/module_utils/errors.py
Including module_utils file ansible/module_utils/parsing/convert_bool.py
Including module_utils file ansible/module_utils/parsing/__init__.py
Including module_utils file ansible/module_utils/pycompat24.py
Including module_utils file ansible/module_utils/six/__init__.py
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/stat.py
PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmpl8efrz28 TO /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/AnsiballZ_stat.py
EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/ /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/AnsiballZ_stat.py && sleep 0'
EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=omvlahtjkltvhrhoywxkajqdcwgkgyfs] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-omvlahtjkltvhrhoywxkajqdcwgkgyfs ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/AnsiballZ_stat.py'"'"' && sleep 0'
PUT /var/lib/jenkins/workspace/Bitroid/archive.zip TO /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/.source.zip
EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/ /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/.source.zip && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/copy.py
PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmp7ulbmu3s TO /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/AnsiballZ_copy.py
EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/ /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/AnsiballZ_copy.py && sleep 0'
EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=lipwnrxztrlbzcliaurgnzwqngnfqeck] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-lipwnrxztrlbzcliaurgnzwqngnfqeck ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/AnsiballZ_copy.py'"'"' && sleep 0'
EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"checksum": "8e4dcb0b9e8ef8a5098a2e17864d4f047227f144",
"dest": "/home/bitra/apps/batch-jobs/archive.zip",
"diff": [],
"gid": 1001,
"group": "bitra",
"invocation": {
"module_args": {
"_original_basename": "archive.zip",
"attributes": null,
"backup": false,
"checksum": "8e4dcb0b9e8ef8a5098a2e17864d4f047227f144",
"content": null,
"dest": "/home/bitra/apps/batch-jobs/archive.zip",
"directory_mode": null,
"follow": false,
"force": true,
"group": null,
"local_follow": null,
"mode": null,
"owner": null,
"remote_src": null,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": "/var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/.source.zip",
"unsafe_writes": false,
"validate": null
}
},
"md5sum": "dfc3a497e216f92713b75000a0b7cf99",
"mode": "0644",
"owner": "bitra",
"secontext": "unconfined_u:object_r:user_home_t:s0",
"size": 768,
"src": "/var/tmp/ansible-tmp-1737791472.580123-8436-162623729629536/.source.zip",
"state": "file",
"uid": 1001
}
TASK [Unzip archive.zip in the deployment path] ********************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:67
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024 `" && echo ansible-tmp-1737791473.9230413-8463-224736034219024="` echo /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/stat.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmpfdrwi4ny TO /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/AnsiballZ_stat.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/ /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/AnsiballZ_stat.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=gtbypymgvzryymyyclttaitfiopztqnf] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-gtbypymgvzryymyyclttaitfiopztqnf ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/AnsiballZ_stat.py'"'"' && sleep 0'
Including module_utils file ansible/__init__.py
Including module_utils file ansible/module_utils/__init__.py
Including module_utils file ansible/module_utils/basic.py
Including module_utils file ansible/module_utils/_text.py
Including module_utils file ansible/module_utils/common/_utils.py
Including module_utils file ansible/module_utils/common/__init__.py
Including module_utils file ansible/module_utils/common/arg_spec.py
Including module_utils file ansible/module_utils/common/file.py
Including module_utils file ansible/module_utils/common/locale.py
Including module_utils file ansible/module_utils/common/parameters.py
Including module_utils file ansible/module_utils/common/collections.py
Including module_utils file ansible/module_utils/common/process.py
Including module_utils file ansible/module_utils/common/sys_info.py
Including module_utils file ansible/module_utils/common/text/converters.py
Including module_utils file ansible/module_utils/common/text/__init__.py
Including module_utils file ansible/module_utils/common/text/formatters.py
Including module_utils file ansible/module_utils/common/validation.py
Including module_utils file ansible/module_utils/common/warnings.py
Including module_utils file ansible/module_utils/compat/selinux.py
Including module_utils file ansible/module_utils/compat/__init__.py
Including module_utils file ansible/module_utils/distro/__init__.py
Including module_utils file ansible/module_utils/distro/_distro.py
Including module_utils file ansible/module_utils/errors.py
Including module_utils file ansible/module_utils/parsing/convert_bool.py
Including module_utils file ansible/module_utils/parsing/__init__.py
Including module_utils file ansible/module_utils/pycompat24.py
Including module_utils file ansible/module_utils/six/__init__.py
Including module_utils file ansible/module_utils/urls.py
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/unarchive.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmpcn47g6ck TO /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/AnsiballZ_unarchive.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/ /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/AnsiballZ_unarchive.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=mlgvxhvyozjbqcxjepfpdhmknjkwelln] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-mlgvxhvyozjbqcxjepfpdhmknjkwelln ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/AnsiballZ_unarchive.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791473.9230413-8463-224736034219024/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"dest": "/home/bitra/apps/batch-jobs",
"diff": {
"prepared": ">f++++++.?? healthcheck.sh\n>f++++++.?? checkspace.sh\n"
},
"extract_results": {
"cmd": [
"/bin/unzip",
"-o",
"/home/bitra/apps/batch-jobs/archive.zip",
"-d",
"/home/bitra/apps/batch-jobs"
],
"err": "",
"out": "Archive: /home/bitra/apps/batch-jobs/archive.zip\n inflating: /home/bitra/apps/batch-jobs/healthcheck.sh \n inflating: /home/bitra/apps/batch-jobs/checkspace.sh \n",
"rc": 0
},
"gid": 1001,
"group": "bitra",
"handler": "ZipArchive",
"invocation": {
"module_args": {
"attributes": null,
"copy": true,
"creates": null,
"decrypt": true,
"dest": "/home/bitra/apps/batch-jobs",
"exclude": [],
"extra_opts": [],
"group": null,
"include": [],
"io_buffer_size": 65536,
"keep_newer": false,
"list_files": false,
"mode": null,
"owner": null,
"remote_src": true,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": "/home/bitra/apps/batch-jobs/archive.zip",
"unsafe_writes": false,
"validate_certs": true
}
},
"mode": "0755",
"owner": "bitra",
"secontext": "system_u:object_r:user_home_t:s0",
"size": 68,
"src": "/home/bitra/apps/batch-jobs/archive.zip",
"state": "directory",
"uid": 1001
}
TASK [Remove archive.zip after extraction] *************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:73
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791475.6690176-8491-203868210961988 `" && echo ansible-tmp-1737791475.6690176-8491-203868210961988="` echo /var/tmp/ansible-tmp-1737791475.6690176-8491-203868210961988 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/file.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmpfzfio98l TO /var/tmp/ansible-tmp-1737791475.6690176-8491-203868210961988/AnsiballZ_file.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791475.6690176-8491-203868210961988/ /var/tmp/ansible-tmp-1737791475.6690176-8491-203868210961988/AnsiballZ_file.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=pkkrvjehqcijdaafqflyhwctjxauagpx] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-pkkrvjehqcijdaafqflyhwctjxauagpx ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791475.6690176-8491-203868210961988/AnsiballZ_file.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791475.6690176-8491-203868210961988/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"diff": {
"after": {
"path": "/home/bitra/apps/batch-jobs/archive.zip",
"state": "absent"
},
"before": {
"path": "/home/bitra/apps/batch-jobs/archive.zip",
"state": "file"
}
},
"invocation": {
"module_args": {
"_diff_peek": null,
"_original_basename": null,
"access_time": null,
"access_time_format": "%Y%m%d%H%M.%S",
"attributes": null,
"follow": true,
"force": false,
"group": null,
"mode": null,
"modification_time": null,
"modification_time_format": "%Y%m%d%H%M.%S",
"owner": null,
"path": "/home/bitra/apps/batch-jobs/archive.zip",
"recurse": false,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"state": "absent",
"unsafe_writes": false
}
},
"path": "/home/bitra/apps/batch-jobs/archive.zip",
"state": "absent"
}
TASK [Set execute permissions on checkspace.sh and healthcheck.sh] *************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:78
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791476.282747-8508-202932323902923 `" && echo ansible-tmp-1737791476.282747-8508-202932323902923="` echo /var/tmp/ansible-tmp-1737791476.282747-8508-202932323902923 `" ) && sleep 0'
Including module_utils file ansible/__init__.py
Including module_utils file ansible/module_utils/__init__.py
Including module_utils file ansible/module_utils/basic.py
Including module_utils file ansible/module_utils/_text.py
Including module_utils file ansible/module_utils/common/_utils.py
Including module_utils file ansible/module_utils/common/__init__.py
Including module_utils file ansible/module_utils/common/arg_spec.py
Including module_utils file ansible/module_utils/common/collections.py
Including module_utils file ansible/module_utils/common/file.py
Including module_utils file ansible/module_utils/common/locale.py
Including module_utils file ansible/module_utils/common/parameters.py
Including module_utils file ansible/module_utils/common/process.py
Including module_utils file ansible/module_utils/common/sys_info.py
Including module_utils file ansible/module_utils/common/text/converters.py
Including module_utils file ansible/module_utils/common/text/__init__.py
Including module_utils file ansible/module_utils/common/text/formatters.py
Including module_utils file ansible/module_utils/common/validation.py
Including module_utils file ansible/module_utils/common/warnings.py
Including module_utils file ansible/module_utils/compat/selinux.py
Including module_utils file ansible/module_utils/compat/__init__.py
Including module_utils file ansible/module_utils/distro/__init__.py
Including module_utils file ansible/module_utils/distro/_distro.py
Including module_utils file ansible/module_utils/errors.py
Including module_utils file ansible/module_utils/parsing/convert_bool.py
Including module_utils file ansible/module_utils/parsing/__init__.py
Including module_utils file ansible/module_utils/pycompat24.py
Including module_utils file ansible/module_utils/six/__init__.py
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/command.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmpmh4t5qxx TO /var/tmp/ansible-tmp-1737791476.282747-8508-202932323902923/AnsiballZ_command.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791476.282747-8508-202932323902923/ /var/tmp/ansible-tmp-1737791476.282747-8508-202932323902923/AnsiballZ_command.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=qjtyozfcxibbtdemehgoabfumvpkxyas] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-qjtyozfcxibbtdemehgoabfumvpkxyas ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791476.282747-8508-202932323902923/AnsiballZ_command.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791476.282747-8508-202932323902923/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"cmd": "chmod 755 checkspace.sh healthcheck.sh\n",
"delta": "0:00:00.027129",
"end": "2025-01-25 07:51:17.011779",
"invocation": {
"module_args": {
"_raw_params": "chmod 755 checkspace.sh healthcheck.sh\n",
"_uses_shell": true,
"argv": null,
"chdir": "/home/bitra/apps/batch-jobs",
"creates": null,
"executable": "/bin/bash",
"expand_argument_vars": true,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true
}
},
"msg": "",
"rc": 0,
"start": "2025-01-25 07:51:16.984650",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
TASK [Execute healthcheck.sh script] *******************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:85
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791477.1430771-8528-262889491615249 `" && echo ansible-tmp-1737791477.1430771-8528-262889491615249="` echo /var/tmp/ansible-tmp-1737791477.1430771-8528-262889491615249 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/command.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmpqj2bvtew TO /var/tmp/ansible-tmp-1737791477.1430771-8528-262889491615249/AnsiballZ_command.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791477.1430771-8528-262889491615249/ /var/tmp/ansible-tmp-1737791477.1430771-8528-262889491615249/AnsiballZ_command.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=sinemorgugkdyuicsrkuacdmabtgyjax] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-sinemorgugkdyuicsrkuacdmabtgyjax ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791477.1430771-8528-262889491615249/AnsiballZ_command.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791477.1430771-8528-262889491615249/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"cmd": [
"sh",
"healthcheck.sh"
],
"delta": "0:00:00.098729",
"end": "2025-01-25 07:51:17.634513",
"invocation": {
"module_args": {
"_raw_params": "sh healthcheck.sh",
"_uses_shell": false,
"argv": null,
"chdir": "/home/bitra/apps/batch-jobs",
"creates": null,
"executable": null,
"expand_argument_vars": true,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true
}
},
"msg": "",
"rc": 0,
"start": "2025-01-25 07:51:17.535784",
"stderr": "",
"stderr_lines": [],
"stdout": "\n\n\u001b[1;34m*******************\u001b[0m\n\u001b[1;34m*\u001b[0m App Healthcheck \u001b[1;34m*\u001b[0m\n\u001b[1;34m*******************\u001b[0m\n\n[Services]\n\u001b[0;31m[Container]\t\t podman Not OK\u001b[0m\n\u001b[0;31m[Container]\t\t vscode Not OK\u001b[0m\n\u001b[0;32m[Container]\t\t vault OK\u001b[0m",
"stdout_lines": [
"",
"",
"\u001b[1;34m*******************\u001b[0m",
"\u001b[1;34m*\u001b[0m App Healthcheck \u001b[1;34m*\u001b[0m",
"\u001b[1;34m*******************\u001b[0m",
"",
"[Services]",
"\u001b[0;31m[Container]\t\t podman Not OK\u001b[0m",
"\u001b[0;31m[Container]\t\t vscode Not OK\u001b[0m",
"\u001b[0;32m[Container]\t\t vault OK\u001b[0m"
]
}
TASK [Execute checkspace.sh script] ********************************************
task path: /var/lib/jenkins/workspace/Bitroid/deploy.playbook:90
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: jenkins
<127.0.0.1> EXEC /bin/sh -c 'echo ~jenkins && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1737791477.7906954-8564-162420420268825 `" && echo ansible-tmp-1737791477.7906954-8564-162420420268825="` echo /var/tmp/ansible-tmp-1737791477.7906954-8564-162420420268825 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/command.py
<127.0.0.1> PUT /var/lib/jenkins/.ansible/tmp/ansible-local-8322c8bps25m/tmp8j3jwjre TO /var/tmp/ansible-tmp-1737791477.7906954-8564-162420420268825/AnsiballZ_command.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:bitra:r-x /var/tmp/ansible-tmp-1737791477.7906954-8564-162420420268825/ /var/tmp/ansible-tmp-1737791477.7906954-8564-162420420268825/AnsiballZ_command.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=bmrjxwskahxzmdntdwyehqbmvzmxspdt] password:" -u bitra /bin/sh -c '"'"'echo BECOME-SUCCESS-bmrjxwskahxzmdntdwyehqbmvzmxspdt ; /usr/bin/python3.12 /var/tmp/ansible-tmp-1737791477.7906954-8564-162420420268825/AnsiballZ_command.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1737791477.7906954-8564-162420420268825/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
"changed": true,
"cmd": [
"sh",
"checkspace.sh"
],
"delta": "0:00:00.135824",
"end": "2025-01-25 07:51:18.464837",
"failed_when_result": false,
"invocation": {
"module_args": {
"_raw_params": "sh checkspace.sh",
"_uses_shell": false,
"argv": null,
"chdir": "/home/bitra/apps/batch-jobs",
"creates": null,
"executable": null,
"expand_argument_vars": true,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true
}
},
"msg": "non-zero return code",
"rc": 1,
"start": "2025-01-25 07:51:18.329013",
"stderr": "",
"stderr_lines": [],
"stdout": "Used\tAvail\tUsed\tFilesystem\n/dev/sda5 xfs 29G 9.8G 20G 34% /\n/dev/sda2 xfs 936M 187M 750M 20% /boot",
"stdout_lines": [
"Used\tAvail\tUsed\tFilesystem",
"/dev/sda5 xfs 29G 9.8G 20G 34% /",
"/dev/sda2 xfs 936M 187M 750M 20% /boot"
]
}
PLAY RECAP *********************************************************************
localhost : ok=16 changed=10 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Declarative: Post Actions)
[Pipeline] echo
Pipeline completed. Last commit date was: 2025-01-22 14:26:13 +0530
[Pipeline] deleteDir
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
Finished: SUCCESS
Esse processo garante que as credenciais confidenciais nunca sejam codificadas ou expostas no pipeline, alavancando o Hashicorp Vault para gerenciamento de senhas seguro e dinâmico.
Ao integrar Jenkins ao Hashicorp Vault e Ansible, alcançamos um fluxo de trabalho de implantação mais eficiente e seguro.
