Buildmaster feature : drill down on Group Application ?

Hello

It would be great to have the application page like the otter plan plan (i.e. the plans are grouped by path).

I don't know if I am clear enough, but I think you understand.

Just a suggestion :)
Best Regards
PhilippeC.

Hello
I was looking to create a shared libray with Otter and BM and I meet the following probem with the Gitlab extension:
The credentials are not call in the same way, so it is not possible to share it.

In Otter:

                GitLab::Get-Source
                (
                    Credentials: gitlab-inedo,
                    Group: ansible/playbooks,
                    Project: $tolower($PLAYBOOK),
                    DiskPath: $DOSSIER,
                    Branch: master,
                    KeepInternals: false,
                    GitExePath: /usr/bin/git,
                    CleanWorkspace: true
                );

in BuildMaster:

GitLab::Get-Source global::GitLab
(
    Namespace: ansible/playbooks,
    Project: $tolower($PLAYBOOK),
    DiskPath: $DOSSIER,
    Branch: master,
    KeepInternals: false,
    GitExePath: /usr/bin/git,
    CleanWorkspace: true
);

When do you think the extension will be the same ?
I can bypass the problem, it is just to know.

Best regards
PhilippeC.

Hello
I am using Gitlab CE and successfully display the build step on it.
there I am looking to display badge for the pipeline steps.

Is it possible ?

I am looking for displaying something like that on Gitlab,

<build badge> | <integration badge> | <preprod badge> | <prod badge>

Thanks

Hello

I submit two features for the Application template:

• Select what you want to update (Variables, Pipeline etc ....) when you apply to an existing application

• Ability to apply to a group of applications

I don't know if anyone is also interested but it would be nice to have these features (I can't evaluate if it is simple or not implement)

Best regards
PhilippeC.

Gitlab offers too many options/features we don't need (CI/CD, Kubernetes, Promotheus etc ....).
This is why I was looking for a more lightweight Git repo

I was previously using BonoboGit on Windows which a very basic Git repo but good enough for our need.
As the webhook is not possible, I am looking to replace it.

I think we will stay on GitLab CE - everything is working
and I can't spend my time to evaluate all the possible software, I have to pick one and use it.

I finally switch to GitLab CE

I tested with Gitea.

I get the same 401 response as Gogs (as Gitea is a fork of Gogs it is not a big surprise).

As I am not good enough to create a a dedicated webhook in Gitea or Gogs for BM, I think I will stay stuck to GitHub.

As we are looking for a deeper automation with BM, the weebhook is a need for us, so we will stay on GitHub but we are still looking in my company to have a lightweight internal git repo.

I let you know if I found something.

Thanks for the answer.

Hey

It is not working
Gogs post X-Gogs-Signature whereas Buildmaster is expected X-Hub-Signature
And the GoG's json format seems far away from Github

@atripp
There was no errors, I had variables in the template and I re apply the template because I made some modifications on the Pipeline.
I did not anticiped that the reload of the tempalte removed the new value of the variables.

It would be nice to be able to check when you reload a Tempalte what you want to update (Variables, Pipeline etc ....).

And I did not find if it is possible to re-apply a template to a Group of applications

Hello
I want to move the build template configration linked to INedo Proget to my Proget instance.
and I have some problem with Credentials

Steps I have done:

• Proget : Create a Universal Feed named BuildMasterTemplate
• Proget: Create a Feed Connector named Inedo BuildMaster Templates) with the connector URL : https://proget.inedo.com/upack/BuildMasterTemplates/
• Create a Buildin account BuildMasterTemplate and assign PublishPackages task to the "BuildMaster Templates" Feed (AD authentification is enable, but Integrated authentification as not be set),
• Give to that

I can navigate to this Feed and see all the Inedo Template.

• BuildMaster : Create a Secure Credentials named global::Proget BuildMasterTemplate, UserName BuildMasterTemplate
• BuildMaster: Modify the existing Secure Resources global::Templates with :
  ** API Endpoint Url: https://proget.<mydomain>/upack/BuildMasterTemplate
  ** Credentials : global::Proget BuildMasterTemplate

If I want to Create a New Application, I have the error msg:

There was an error connecting to the "Templates" package source: Le serveur distant a retourné une erreur : (401) Non autorisé. 

Any help is welcome

@atripp Thank you
Just one small quesiton:
When do you plan to make the UPack raft available for both BuildMaster and Otter ?

Hello
Is it possible to share Rafts (Git Raft or File Rafts), and then Modules, files etc... between Otter and Buildmaster ?
Best Regards
PhilippeC.

Hello @atripp
You were right.

• In Otter Define the agent's temp directory as it should be by default /tmp/otter.
• In BuildMaster Force a sync Infrastructure

The pb is gone

I will now implant my ansible function on buildMaster

Best Regards
PhilippeC.

Hello

I am trying to run SHExec/SHCall on Linux in a Pipeline Script.

Shell script was working on 6.1.X

I always have the error no such file or directory, no matter I tried (command SHExec or SHCall a bash file from an Asset)

I have seen that the temporary folder are not removed after the BuildMaster Script

Here is my test script (I also tried as a shell script store in an Asset and called using SHCall)

##AH:UseTextMode
# Try/Catch
try
{
    SHExec pwd;
}

The result

DEBUG: 2020-04-13 20:01:09Z - Using SshAgent agent on VM111011
ERROR: 2020-04-13 20:01:09Z - bash: scripts/e457a6d9cd8744d2bd49c833849b7f67: No such file or directory
DEBUG: 2020-04-13 20:01:09Z - Cleaning up...
DEBUG: 2020-04-13 20:01:09Z - Deleting _E171158 on VM111011...
DEBUG: 2020-04-13 20:01:09Z - _E171158 on VM111011 deleted.
DEBUG: 2020-04-13 20:01:09Z - Cleanup complete.

Is it broken ?

thank you

Sync is working fine but the dependant roles don't exist in Buildmaster:

Exemple:
Otter

• GSRole depends on SRole depends on FRole
• Assign GSRole to server TEST

Buildmaster

• server TEST is sync with just GSRole
• SRole and FRole don't exist in Buildmaster

Bad news but thanks for the fast reply

How to sync infrastructure if role dependencies are not sync ?

I can manage without this feature but have you some plan to do it ?

Cdt

Hello

The dependant role are not sync from Otter to Buildmaster.

BuildMaster 6.2.10
Otter 2.2.19

I can't say if it was working with the previous versions

Cdt
PhilippeC.

I read about Terraform and BuildMaster. I follow more or less the same guideline.

I assumed the following original configuration:

• connection to the server with SSH as root
• ansible is already installed (without any config) - it is included in my Ubuntu vm template
• Assign the ANSIBLE-BASE Role to the server

Create a Role : ANSIBLE-BASE

• Variables : Set ${ANSIBLE-ROOT} = /tmp/ansible
• Configuration Plan

##AH:UseTextMode

    Ensure-Asset
    (
        Name: hosts,
        Raft: ANSIBLE,
        Type: File,
        Directory: /etc/ansible,
        FileName: hosts
    );
Ensure-Directory ${ANSIBLE-ROOT};

• Asset file host is

[localhost]
127.0.0.1  ansible_connection=local

Generic Playbook ANSIBLE::PLAYBOOK

##AH:UseTextMode
##AH:Description Execution d'un playbook pour un role
module PLAYBOOK<$FOLDER, $FILE, %MAP = %()>
{
    Ensure-Directory $FOLDER;

    Ensure-Asset
    (
        Name: $FILE.yml,
        Raft: ANSIBLE,
        Type: File,
        Directory: $FOLDER,
        FileName: playbook.yml
    );

    foreach $mapKey in @MapKeys(%MAP)
    {
        Replace-Text
        (
            Include: playbook.yml,
            Directory: $FOLDER/,
            SearchText: "`#$mapKey`#",
            ReplaceWith: $MapItem(%MAP, $mapKey)
        );
    }

    SHExec ansible-playbook $FOLDER/playbook.yml;

    Ensure-Directory $FOLDER
    (
        Exists: false
    );
}

Exemple to deploy MariaDB

• Create a Resource credential for MariaDB root password named ANSIBLE-MYSQL-ROOT

Create the module 
##AH:UseTextMode
module ROLE-MARIADB
{
    # General
    # Role MARIADB
    {
        for role ANSIBLE-ROLE-MARIADB
        {
            set %{ANSIBLE-VAR-MAP} = %();

            set %{ANSIBLE-VAR-MAP} = %(mysql_root_password:$GetCredentialProperty(ANSIBLE-MYSQL-ROOT,Password));

            set ${ANSIBLE-ROLE} = mariadb;

            set ${ANSIBLE-ROLE-FOLDER} = ${ANSIBLE-ROOT}/${ANSIBLE-ROLE};

            call ANSIBLE::PLAYBOOK
            (
                FOLDER: ${ANSIBLE-ROLE-FOLDER},
                FILE: ${ANSIBLE-ROLE},
                MAP: %{ANSIBLE-VAR-MAP}
            );

            Ensure-Directory ${ANSIBLE-ROLE-FOLDER}
            (
                Exists: false
            );
        }
    }
}

The ansible playbook of MariaDB is here - based of various info I grab on the net - a very straightforward installation
=> Install MariaDB 10.4
=> Setup the root password

- hosts: 127.0.0.1 
  connection: local
  vars:
        mysql_root_password: '#mysql_root_password#'
  tasks:           
    - name: update apt cache  
      apt: update_cache=yes cache_valid_time=3600     
    - name: Install Utility software 
      apt: name={{item}} state=latest     
      with_items:            
        - software-properties-common   
        - python-mysqldb         
    - name: Add apt key          
      command: apt-key adv --fetch-keys https://mariadb.org/mariadb_release_signing_key.asc     
    - name: Add MariaDB Repo  
      apt_repository:        
        filename: MariaDB-10.4    
        repo: deb [arch=amd64,i386]  http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.4/ubuntu bionic main   
        state: present   
    - name: Install MariaDB Packages   
      apt: name={{item}} state=present default_release=bionic update_cache=yes    
      with_items:                
        - mariadb-client        
        - mariadb-common        
        - mariadb-server         
    - name: Start MariaDB    
      service: name=mysql state=started    
    - name: Is root password set?   
      command: mysql -u root --execute "SELECT NOW()"    
      register: is_root_password_set       
      ignore_errors: yes    
    - name: Delete anonymous users  
      mysql_user: user="" state="absent"    
      when: is_root_password_set.rc == 0       
    - name: Set root password    
      mysql_user: user=root password="{{mysql_root_password}}" host=localhost          
      when: is_root_password_set.rc == 0     
    - name: Set root password for other hosts  
      mysql_user: user=root password="{{mysql_root_password}}" host="{{item}}" login_user="root" login_host="localhost" login_password="{{mysql_root_password}}"      
      when: is_root_password_set.rc == 0    
      with_items:   
        - "127.0.0.1"     
        - "::1"   

Then, If I need to deploy MariaDB in a Job, I just call the MariaDB module like :

call ANSIBLE::ROLE-MARIADB();

Actually, the more complexe deployment is about an Asset Management software named GLPI with 3 playbook (MariaDB, Apache2, GLPI itself) called in a job .
I could do it with a single ansible playbook, but as I need to deploy MariaDB and Apache2 for other software, it is better to make some modules and call them.

All this stuff can be improve a lot

• Better error handling
• using Text Template for the playbook instead of Asset file
  ...
  but it is working :)

Best Regards
PhilippeC.

Hello
Does anyone use Otter to deploy application on Linux with Ansible ?

Actually, I am using Otter to manage Windows server swith DSC to configure and deploy applications (like SQL serveur, IIS etc ) but soon I will have to handle few Linux servers and the Linux part of OtterScript is very small
to handle package, config etc ...

So, any experience is welcome

Best Regards and keep safe

PhilippeC.