Using Ansible to download a single file from a private github repo to a remote host

pldimitrov picture pldimitrov · Feb 6, 2014 · Viewed 22.2k times · Source

Example scenario: config files for a certain service are kept under version control on a private github repo. I want to write a playbook that fetches one of these files on the remote node and puts it into the desired location.

I can think of several solutions to this:

  1. do a checkout on the machine that runs ansible (local_action) and then use the copy module
  2. do a checkout on the remote node (with the git module), copy the files to the desired location with command: cp src dest creates=dest (perhaps do this with a handler - only when repo has changes to be pulled)
  3. use the url module or command: wget https://raw.github.com/repo/.../file creates=file in the playbook to only download the file of interest. Is the command module actually going to check if the file to be created is different from the one that may already exist or does it just check the file exists?
  4. use wget on the machine that runs ansible (local_action) and then use the copy module to push it to the remote node

What are the advantages/disadvantages of these. Which (if any) of these could be considered good practice. What is the best general solution to this?

Answer

Shahar picture Shahar · Feb 7, 2014

I'll start by saying that we chose the 2nd solution for our production environment and I guarantee one thing - it just works. Now for the longer version:

Solution no. 1:

  • Simple and robust - will just work
  • Does not "contaminate" production servers with irrelevant files (other configuration files)
  • Does not load production servers with I/O to GitHub (probably negligible)

Solution no. 2:

  • Simple and robust - will just work
  • To reduce contamination, we clone the configuration repo to /tmp and delete it at the end of the playbook

Solution no. 3/4:

My guess it will work, but feels a bit strange to have your configuration in source control and then not really using source control features. The advantage of these solutions is that you can "cherry pick" which configuration files you want to download rather than cloning the whole repository. This also reduces I/O against github as cloning becomes heavier over time.