Open azrdev opened 11 months ago
Are you talking about the images in ansible-test/
, or about the ones in execution-environments/
?
The former are meant for CI, but not for what you have in mind. They are meant to be used with the --docker
option of ansible-test.
The latter are meant to run ansible-core in them, but they are regular EEs (for end-users) and not aimed at CI. They are meant to be used with ansible-navigator or ansible-runner though, similar to awx-ee.
I was trying ghcr.io/ansible-community/community-ee-base:latest
apparently 2. is a possible solution since gitlab 16.5 https://gitlab.com/gitlab-org/gitlab/-/merge_requests/137907 -- using the following syntax:
jobname:
image:
name: ghcr.io/ansible-community/community-ee-base:latest
docker:
user: "root"
I just successfully ran ansible in a CI job as root.
Edit: using docker executor this works, but not using kubernetes.
I'm looking for an image to be used as-is for running ansible playbooks inside gitlab-CI (with docker runner). Gitlab does not have a possibility to specify the user a given job is run with inside the container: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2750
Since it uses a different image for doing the repo checkout and artifact placement before a job runs, these files will then belong to the default user of that helper image: 0/root. Which makes them read-only or inaccessible to the UID=1000 picked up from the ansible images.
Possible solutions:
Since the images here are explicitly meant for CI use (as opposed to e.g. the awx-ee), can we make this possible?