update isolated task execution for ansible-runner

2026-05-19 14:57:39 -02:30 · 2019-03-01 13:08:26 -05:00
parent 8fb65b40de
commit 602ef9750f
20 changed files with 190 additions and 1344 deletions
--- a/awx/playbooks/check_isolated.yml
+++ b/awx/playbooks/check_isolated.yml
@@ -1,5 +1,4 @@
 ---
-
 # The following variables will be set by the runner of this playbook:
 # src: /tmp/some/path/private_data_dir/

@@ -10,7 +9,7 @@
  tasks:

    - name: Determine if daemon process is alive.
-      shell: "awx-expect is-alive {{src}}"
+      shell: "ansible-runner is-alive {{src}}"
      register: is_alive
      ignore_errors: true

--- a/awx/playbooks/clean_isolated.yml
+++ b/awx/playbooks/clean_isolated.yml
@@ -11,7 +11,7 @@
  tasks:

    - name: cancel the job
-      command: "awx-expect stop {{private_data_dir}}"
+      command: "ansible-runner stop {{private_data_dir}}"
      ignore_errors: yes

    - name: remove build artifacts
--- a/awx/playbooks/run_isolated.yml
+++ b/awx/playbooks/run_isolated.yml
@@ -3,36 +3,34 @@
 # The following variables will be set by the runner of this playbook:
 # src: /tmp/some/path/private_data_dir
 # dest: /tmp/some/path/
-# proot_temp_dir: /tmp/some/path

 - name: Prepare data, dispatch job in isolated environment.
  hosts: all
  gather_facts: false
  vars:
-      secret: "{{ lookup('pipe', 'cat ' + src + '/env') }}"
+    secret: "{{ lookup('pipe', 'cat ' + src + '/env/ssh_key') }}"

  tasks:

-    - name: create a proot/bwrap temp dir (if necessary)
-      synchronize:
-        src: "{{proot_temp_dir}}"
-        dest: "{{dest}}"
-      when: proot_temp_dir is defined
-
    - name: synchronize job environment with isolated host
      synchronize:
        copy_links: true
        src: "{{src}}"
        dest: "{{dest}}"

+    - stat: path="{{src}}/env/ssh_key"
+      register: key
+
    - name: create a named pipe for secret environment data
-      command: "mkfifo {{src}}/env"
+      command: "mkfifo {{src}}/env/ssh_key"
+      when: key.stat.exists

    - name: spawn the playbook
-      command: "awx-expect start {{src}}"
+      command: "ansible-runner start {{src}} -p {{playbook}} -i {{ident}}"

    - name: write the secret environment data
      mkfifo:
        content: "{{secret}}"
-        path: "{{src}}/env"
+        path: "{{src}}/env/ssh_key"
+      when: key.stat.exists
      no_log: True