{"id":14984471,"url":"https://github.com/ahelal/ansible-concourse","last_synced_at":"2025-04-10T20:34:28.288Z","repository":{"id":6230573,"uuid":"55140413","full_name":"ahelal/ansible-concourse","owner":"ahelal","description":"A role to install concourse CI https://concourse-ci.org/","archived":false,"fork":false,"pushed_at":"2022-02-16T20:12:00.000Z","size":345,"stargazers_count":62,"open_issues_count":3,"forks_count":29,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-03-24T18:11:28.911Z","etag":null,"topics":["ansible-galaxy","ansible-role","ci","cluster","concourse","concourse-ci","concourse-web","concourse-worker","vagrant"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ahelal.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-03-31T10:06:36.000Z","updated_at":"2024-09-08T07:49:49.000Z","dependencies_parsed_at":"2022-08-06T19:15:23.203Z","dependency_job_id":null,"html_url":"https://github.com/ahelal/ansible-concourse","commit_stats":null,"previous_names":[],"tags_count":66,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ahelal%2Fansible-concourse","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ahelal%2Fansible-concourse/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ahelal%2Fansible-concourse/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ahelal%2Fansible-concourse/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ahelal","download_url":"https://codeload.github.com/ahelal/ansible-concourse/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248290044,"owners_count":21078923,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible-galaxy","ansible-role","ci","cluster","concourse","concourse-ci","concourse-web","concourse-worker","vagrant"],"created_at":"2024-09-24T14:09:07.464Z","updated_at":"2025-04-10T20:34:28.268Z","avatar_url":"https://github.com/ahelal.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ansible-concourse\n\n[![Build Status](https://travis-ci.org/ahelal/ansible-concourse.svg?branch=master)](https://travis-ci.org/ahelal/ansible-concourse)\n\nAn easy way to deploy and manage a [Concourse CI](https://concourse-ci.org/) with a cluster of workers using ansible\n\n## Requirements\n\n* Ansible 2.6 or higher\n* PostgreSQL I recommend [ansible postgresql role](https://github.com/ANXS/postgresql)\n\nSupported concourse:\n\n* v4.x\n* v5.x\n\nSupported platforms:\n\n* Ubuntu 16.04 and 18.04\n* MacOS (Early support. Accepting PRs)\n* Windows (not supported yet. Accepting PRs)\n\nOptional TLS termination\n\n* Use concourse web argument to configure TLS (recommended)\n* [ansible nginx role](https://github.com/AutomationWithAnsible/ansible-nginx)\n\n## Overview\n\nI am a big fan of concourse. This role will install and manage concourse using Ansible. A more robust solution is to use Bosh\n\n## Examples\n\n### Single node\n\n```yaml\n---\n- name: Create Single node host\n  hosts: ci.example.com\n  become: True\n  vars:\n    # Set your own password and save it securely in vault\n    concourse_local_users:\n                          - {user: \"user1\", pass: \"pass1\"}\n    concourse_web_options:\n      CONCOURSE_POSTGRES_DATABASE                : \"concourse\"\n      CONCOURSE_POSTGRES_HOST                    : \"127.0.0.1\"\n      CONCOURSE_POSTGRES_PASSWORD                : \"conpass\"\n      CONCOURSE_POSTGRES_SSLMODE                 : \"disable\"\n      CONCOURSE_POSTGRES_USER                    : \"concourseci\"\n    # ********************* Example Keys (YOU MUST OVERRIDE THEM) *********************\n    # This keys are demo keys. generate your own and store them safely i.e. ansible-vault\n    # Check the key section on how to auto generate keys.\n    # **********************************************************************************\n    concourseci_key_session_public             : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6tKH.....\n    concourseci_key_session_private            : |\n                                                  -----BEGIN RSA PRIVATE KEY-----\n                                                  MIIEowIBAAKCAQEAurSh5kbUadGuUgHqm1ct6SUrqFkH5kyJNdOjHdWxoxCzw5I9\n                                                  ................................\n                                                  N1EQdIhtxo4mgHXjF/8L32SqinAJb5ErNXQQwT5k9G22mZkHZY7Y\n                                                  -----END RSA PRIVATE KEY-----\n\n    concourseci_key_tsa_public                  : ssh-rsa AAAAB3NzaC1yc2EAAAADAQ......\n    concourseci_key_tsa_private                 : |\n                                                  -----BEGIN RSA PRIVATE KEY-----\n                                                  MIIEogIBAAKCAQEAo3XY74qhdwY1Z8a5XnTbCjNMJu28CcEYJ1KJi1a8B143wKxM\n                                                  .........\n                                                  uPTcE+vQzvMV3lJo0CHTlNMo1JgHOO5UsFZ1cBxO7MZXCzChGE8=\n                                                  -----END RSA PRIVATE KEY-----\n    concourseci_worker_keys                     :\n                                  - public      : ssh-rsa AAAAB3N.....\n                                    private     : |\n                                                    -----BEGIN RSA PRIVATE KEY-----\n                                                    MIIEpQIBAAKCAQEAylt9UCFnAkdhofItX6HQzx6r4kFeXgFu2b9+x87NUiiEr2Hi\n                                                   .......\n                                                    ZNJ69MjK2HDIBIpqFJ7jnp32Dp8wviHXQ5e1PJQxoaXNyubfOs1Cpa0=\n                                                    -----END RSA PRIVATE KEY-----\n  roles:\n    - { name: \"postgresql\",        tags: \"postgresql\" }\n    - { name: \"ansible-concourse\", tags: \"concourse\"  }\n```\n\n```ìni\n[concourse-web]\nci.example.com\n[concourse-worker]\nci.example.com\n```\n\n## Breaking changes as of version v4.0.0\n\nAs of version 4.x of this role the user management has changed to reflect changes in Concourse 4.x the new team auth https://concourse-ci.org/authentication.html.\n\nI would recommend reading the new authentication before proceeding. A new top level list can be used `concourse_local_users` to add local user.\n example\n\n ```yaml\nconcourse_local_users:\n    - user: \"user1\"\n      pass: \"pass1\"\n    - user: \"user2\"\n      pass: \"pass2\"\n ```\n\n## Clustered nodes 2x web \u0026 4x worker\n\nIn order to make a cluster of servers you can easily add the host to groups\n\n```ini\n[concourse-web]\nci-web01.example.com\nci-web02.example.com\n[concourse-worker]\nci-worker01.example.com\nci-worker02.example.com\nci-worker03.example.com\nci-worker04.example.com\n```\n\nYou would also need to generate keys for workers check [key section](https://github.com/ahelal/ansible-concourse#keys)\n\n## Configuration\n\nAll command line options are now supported as of ansible-concourse version 4.x in *Web* and *worker* as a dictionary.\n**Note:** *if you are upgrade from a version prior to 3.0.0 you would need to accommodate for changes*\n\nThe configuration is split between two dictionaries *concourse_web_options* and *concourse_worker_options* all key values defined will be exported as an environmental variable to concourse process. There are some ansible-concourse flags that can be defined outside `concourse_web_options` and `concourse_worker_options` fpr more info check defaults.yml\n\n```yaml\nconcourse_local_users:\n                          - {user: \"user1\", pass: \"pass1\"}\n                          - {user: \"user2\", pass: \"pass2\"}\nconcourse_web_options                        :\n  CONCOURSE_POSTGRES_DATABASE                : \"concourse\"\n  CONCOURSE_POSTGRES_HOST                    : \"127.0.0.1\"\n  CONCOURSE_POSTGRES_PASSWORD                : \"NO_PLAIN_TEXT_USE_VAULT\"\n  CONCOURSE_POSTGRES_SSLMODE                 : \"disable\"\n  CONCOURSE_POSTGRES_USER                    : \"concourseci\"\n\nconcourse_worker_options                     :\n  CONCOURSE_GARDEN_NETWORK_POOL              : \"10.254.0.0/22\"\n  CONCOURSE_GARDEN_MAX_CONTAINERS            : 150\n```\n\nTo view all environmental options please check\n[web options](web_arguments.txt) and [worker options](worker_arguments.txt).\n\nansible-concourse has some sane defaults defined `concourse_web_options_default` and `concourse_worker_options_default` in [default.yml](default.yml) those default will merge with `concourse_web_option` and `concourse_worker_option`. `concourse_web_option` and `concourse_worker_option`has higher precedence.\n\n\n## Concourse versions\n\nThis role supports installation of release candidate and final releases. Simply overriding **concourseci_version** with desired version.\n\n* Fpr [rc](https://github.com/concourse/bin/releases/). `concourseci_version : \"vx.x.x-rc.xx\"` that will install release candidate.\n* For [final release](https://github.com/concourse/concourse/releases). ```concourseci_version : \"vx.x.x\"```\n\nBy default this role will try to have the latest stable release look at [defaults/main.yml](https://github.com/ahelal/ansible-concourse/blob/master/defaults/main.yml#L2-L3)\n\n## Default variables\n\nCheck [defaults/main.yml](/defaults/main.yml) for all bells and whistles.\n\n## Keys\n\n**Warning** the role comes with default keys. This keys are used for demo only you should generate your own and store them **safely** i.e. ansible-vault\n\nYou would need to generate 2 keys for web and one key for each worker node.\nAn easy way to generate your keys to use a script in ```keys/key.sh``` or you can reuse the same keys for all workers.\n\nThe bash script will ask you for the number of workers you require. It will then generate ansible compatible yaml files in ```keys/vars```\nYou can than copy the content in your group vars or any other method you prefer.\n\n## Managing teams\n\nThis role supports Managing teams :\n\n*NOTE* if you use manage _DO NOT USE DEFAULT PASSWORD_ you should set your own password and save it securely in vault. or you can look it up from web options\n\n\n```yaml\n    concourseci_manage_teams                : True\n    ## User must be added first concourse_local_users\n    concourseci_manage_credential_user          : \"api\"\n    concourseci_manage_credential_password      : \"apiPassword\"\n\n\n    concourseci_teams                 :\n          - name: \"team_1\"\n            state: \"present\"\n            flags:\n              local-user : user1\n          - name: \"team_2\"\n            state: \"absent\"\n          - name: \"team_3\"\n            state: \"present\"\n            flags:\n              # See [web options](web_arguments.txt) for how to integrate Concourse Web with GitHub for auth\n              github-organization: ORG\n              github-team: ORG:TEAM\n              github-user: LOGIN\n          - name: \"team_4\"\n            state: \"present\"\n            flags:\n                no-really-i-dont-want-any-auth: \"\"\n          - name: \"x5\"\n            state: \"absent\"\n            flags:\n                local-user : user5\n```\n\nThe role supports all arguments passed to fly for more info  `fly set-team --help`.\n*Please note if you delete a team you remove all the pipelines in that team*\n\n## Auto scaling\n\n* Scaling out: Simply just add a new instance :)\n* Scaling in: You would need to drain the worker first by running `service concourse-worker stop`\n\n## Vagrant demo\n\nYou can use vagrant to spin a test machine.\n\n```bash\n# Install postgresql role in test/helper_roles\n./test/setup_roles.sh\nvagrant up\n```\n\nThe vagrant machine will have an IP of **192.168.50.150** you can access the web `http://192.168.50.150:8080`\n\nYou can access the web and API on port 8080 with username **myuser** and **mypass**\n\nOnce your done\n\n```\nvagrant destroy\n```\n\n## Contribution\n\nPull requests on GitHub are welcome on any issue.\n\nThanks for all the [contrubtors](https://github.com/ahelal/ansible-concourse/graphs/contributors)\n\n\n## TODO\n\n* Support pipeline upload\n* Full MacOS support\n* Add distributed cluster tests\n* Windows support\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fahelal%2Fansible-concourse","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fahelal%2Fansible-concourse","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fahelal%2Fansible-concourse/lists"}