Skip to content
/ ansible-role-release-from-github Public

Fetch and install release archives from GitHub with automatic latest detection and special handling for HashiCorp products

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

isometry/ansible-role-release-from-github

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
defaults
defaults
 
 
meta
meta
 
 
tasks
tasks
 
 
tests
tests
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Ansible Role: Release from GitHub

Fetch and install release archives from GitHub with automatic latest detection and special handling for HashiCorp products.

Requirements

The Ansible user must have write access to release_tmp_path (default: /tmp) and release_bin_path (default: /usr/local/bin). The role expects to be called with become if privilege escalation is required, and will chown all files to the effective user/group with which ansible runs, maintaining rwx permissions from the source archive but stripping write permissions from other users.

Role Variables

All role variables are prefixed with release_ with defaults listed in defaults/main.yml.

The only mandatory variable is release_repo which is expected to take the form <user|organisation>/<repo>:

release_repo: hashicorp/terraform

If release_version is not specified the role will attempt to determine the "latest" release using the GitHub Releases API, falling back to Git tags:

release_version: 0.12.23

By default, remote TLS certificates are not validated on macOS:

release_validate_certs: yes

The role will leave a copy of the release archive in release_tmp_path (default: /tmp) and only re-download if the version or checksum (remote value checked on each run) changes:

release_tmp_path: ~/Downloads

The role extracts the release archive to release_bin_path (default: /usr/local/bin), ignoring files listed in release_exclude_files:

release_bin_path: ~/bin
release_exclude_files:
  - README

If an external handler should be notified when the release is updated, the handler name can be passed via release_notify.

Dependencies

  • The target system must have unzip(1) or tar(1) and gunzip(1) available as determined by the format of the release to be installed.

Example Playbooks

Deploy v1.24.0 of GoBGP to /usr/local/bin:

- hosts: all
  become: yes
  roles:
    - name: breathe.release-from-github
      release_repo: osrg/gobgp
      release_version: 1.24.0

Deploy the latest version of Terraform to ~/bin:

- hosts: localhost
  roles:
    - name: breathe.release-from-github
      release_repo: hashicorp/terraform
      release_tmp_path: ~/Downloads
      release_bin_path: ~/bin

Deploy version 1.6.0 of Vault and trigger a rolling restart of cluster members:

- hosts: vault-cluster

  roles:
    - name: breathe.release-from-github
      release_repo: hashicorp/vault
      release_version: 1.6.0
      release_owner: root
      release_group: root
      release_notify: restart vault

  handlers:
    - name: restart vault
      become: yes
      systemd:
        name: vault
        state: restarted
      throttle: 1

  tasks:
    # ellided

License

MIT

About

Fetch and install release archives from GitHub with automatic latest detection and special handling for HashiCorp products

Topics

ansible-role deployment-automation

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published