A container image for Ansible Development Tools (ADT).
The ADT python package provides an easy way to install and discover the best tools available to create and test ansible content. More details on ADT can be found in https://ansible.readthedocs.io/projects/dev-tools/.
This image is built on top of Fedora 39 minimal and has container-in-container support with podman
.
podman pull ghcr.io/ansible/community-ansible-dev-tools:latest
Dev Containers provide you with a containerized development environment in VS code. Details on what they are and how to use them can be found in Developing inside a Container.
This image can be used as an image for a Dev Container where you build and consume Ansible content.
This repository comes with a sample .devcontainer directory
with 2 subdirectories - podman
and docker
each having it's own
devcontainer.json
file.
You can simply copy over the .devcontainer
directory to your Ansible project and start using it!
To use this image with Github Codespaces, copy the devcontainer.json
in this repo to your project and push to Github.
Note: If you are planning to start writing a new Ansible playbook project or collection, use Ansible Creator to scaffold it for you and your project/collection will already have all the .devcontainer
files ready.
This image can also be used as an Ansible Execution Environment (EE). If you're not familiar with what an EE is, checkout the documentation in Getting started with EE. It is shipped with the following Ansible collections:
- ansible.netcommon
- ansible.posix
- ansible.scm
- ansible.utils
You can also create a new EE based on this with more Ansible collections (or Python/System packages) of your choice by using Ansible Builder. Read this documentation to know about ansible-builder.
The below example shows how to make a custom EE that adds the amazon.aws
and cisco.nxos
collections as well as the ansible-pylibssh
python package to this image.
-
Create an
execution-environment.yml
file with the following content.--- version: 3 images: base_image: ghcr.io/ansible/community-ansible-dev-tools-container:latest dependencies: galaxy: requirements.yml python: requirements.txt
-
Populate
requirements.txt
andrequirements.yml
with the respective contents.requirements.txt
ansible-pylibssh==1.1.0
requirements.yml
--- collections: - name: amazon.aws - name: cisco.nxos
-
Use
ansible-builder
to create the new EE.ansible-builder build -t custom-ee:latest --prune-images -v3
Once this image is built, you can use ansible-navigator
to reference this image and run your playbooks!
If you want to use this image with podman
the following command to run the container.
podman run -it --rm \
--cap-add=SYS_ADMIN \
--cap-add=SYS_RESOURCE \
--device "/dev/fuse" \
--hostname=ansible-dev-container \
--name=ansible-dev-container \
--security-opt "apparmor=unconfined" \
--security-opt "label=disable" \
--security-opt "seccomp=unconfined" \
--user=root \
--userns=host \
-e SSH_AUTH_SOCK=$SSH_AUTH_SOCK \
-v ansible-dev-tools-container-storage:/var/lib/containers \
-v $HOME/.gitconfig:/root/.gitconfig \
-v $PWD:/workdir \
-v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK \
ghcr.io/ansible/community-ansible-dev-tools:latest
Note:
- The
security-opt
andcap-add
options are used to allowpodman
to run in the container. - The
device
option is used to allow the container to access the/dev/fuse
device. userns=host
maps the default user account to root user in container.- This command will mount the current directory to
/workdir
in the container - The SSH agent socket is also mounted to the container to allow for SSH key forwarding.
- The user's
.gitconfig
is mounted to the container to allow for git operations. - The
ansible-dev-tools-container-storage
volume is mounted to the container to store the nested container images on the host.
If the user.signingkey
in the gitconfig
points directly public key on the file system that key may not be available in the container.
If only one key is preset, the ssh-add
command can be used for key retrieval in the user's gitconfig
:
[gpg "ssh"]
defaultKeyCommand = ssh-add -L
Alternatively, the public key can added in-line in the gitconfig
[user]
email = user@compnay.com
name = User's fullname
signingkey = key:: ssh-rsa AAAAB3N
In order to add the Ansible Devtools package and the container-in-container support with podman using a custom EE or another container image, you can use to the final
Containerfile from this repository. Update the FROM
instruction to point to
your preferred image and build it using podman
or docker
.
Note: The container-in-container support is added with the help of the podman image definition. For more information, read How to use Podman inside of a container.
We ask all of our community members and contributors to adhere to the Ansible code of conduct.
GNU General Public License v3.0 or later.
See LICENSE to see the full text.