Best practice to manage artifacts in Ansible

Sagar Parbhane

unread,

Jan 1, 2019, 9:51:17 AM1/1/19

to ansible...@googlegroups.com

Hi All,

What is the best practice to manage artifacts like Jars files etc in Ansible and if I want only client approve softwares which are are kept on some location to be installed on my node systems then what is the best practise to achieve this any specific modules that can be used in this case. Also how the licence softwares installation can be manage in Ansible

Any link to some document will be a great help.

eric...@ipconfigure.com

unread,

Jan 8, 2019, 4:25:43 PM1/8/19

to Ansible Project

Have you tried Maven and Sonatype Nexus?

goforawalktwice

unread,

Jan 8, 2019, 6:11:17 PM1/8/19

to Ansible Project

Hi, here's the sorts of things we're doing at my company:

- binary collateral (.jars, .msi, .zip, .exe installers) kept in Artifactory (Nexus is other option as mentioned)

- some of those we have source for and use things like maven to build, package and push to Artifactory

- other deployable artifacts we get directly from 3rd parties (we have no source code for them) and upload those to Artifactory

- version number of the artifact forms part of the artifactory repo path - http://<artifactory-host>/artifactory/<repo-name>/<component>/<version>/<artifact-<version>.msi>

- we have two instances of artifactory - one for everything except production and production

- we have a formal process to authorise and promote approved artifacts to the production artifactory instance (there's a repo proxying feature of Artifactory that we use)

- not all collateral is being kept in artifactory - in some cases, where the frequency of update is low we're managing files in ansible (which is being source controlled in git/bit-bucket)

- we've yet to have a formal process for deploying the ansible collateral to admin/control machine servers - for non-prod we're just doing git clone of the ansible collateral, but we're considering making an RPM so we

can have proper discoverability of the anisble collateral (we have a dozen administrator/ops people that can do deployments so we need consistency and certainty of ansible collateral versions)