Jenkins Pipeline Integration

Overview

Learn how to integrate Ansible playbooks into Jenkins pipelines for automated infrastructure deployment.

Pipeline Examples

Basic Pipeline

pipeline {
    agent any

    environment {
        ANSIBLE_VAULT_PASSWORD = credentials('ansible-vault-password')
    }

    stages {
        stage('Checkout') {
            steps {
                git 'https://github.com/your-org/ansible-playbooks.git'
            }
        }

        stage('Lint') {
            steps {
                sh 'ansible-lint site.yml'
            }
        }

        stage('Syntax Check') {
            steps {
                sh 'ansible-playbook --syntax-check site.yml'
            }
        }

        stage('Deploy to Staging') {
            steps {
                sh """
                    echo \$ANSIBLE_VAULT_PASSWORD > .vault_pass
                    ansible-playbook -i inventories/staging \
                        --vault-password-file .vault_pass \
                        site.yml
                    rm .vault_pass
                """
            }
        }

        stage('Run Tests') {
            steps {
                sh 'molecule test'
            }
        }

        stage('Deploy to Production') {
            when {
                branch 'main'
            }
            input {
                message "Deploy to production?"
                ok "Deploy"
            }
            steps {
                sh """
                    echo \$ANSIBLE_VAULT_PASSWORD > .vault_pass
                    ansible-playbook -i inventories/production \
                        --vault-password-file .vault_pass \
                        site.yml
                    rm .vault_pass
                """
            }
        }
    }

    post {
        always {
            cleanWs()
        }
        failure {
            slackSend channel: '#deployments',
                      color: 'danger',
                      message: "Pipeline failed: ${env.JOB_NAME} [${env.BUILD_NUMBER}]"
        }
    }
}

Jenkins Configuration

Required Plugins

Ansible Plugin
Pipeline
Credentials
Git
Slack Notification

Credentials Setup

withCredentials([
    string(credentialsId: 'ansible-vault-password', variable: 'VAULT_PASS'),
    sshUserPrivateKey(credentialsId: 'ssh-key', keyFileVariable: 'SSH_KEY')
]) {
    sh """
        echo "\$VAULT_PASS" > .vault_pass
        export ANSIBLE_PRIVATE_KEY_FILE=\$SSH_KEY
        ansible-playbook site.yml
    """
}

Testing Integration

Molecule Tests

stage('Integration Tests') {
    steps {
        sh """
            cd roles/myapp
            molecule create
            molecule converge
            molecule verify
            molecule destroy
        """
    }
}

Parallel Testing

parallel {
    stage('Lint') {
        steps {
            sh 'ansible-lint'
        }
    }
    stage('Syntax') {
        steps {
            sh 'ansible-playbook --syntax-check site.yml'
        }
    }
    stage('Unit Tests') {
        steps {
            sh 'python -m pytest tests/'
        }
    }
}

Best Practices

Environment Segregation

def environments = ['dev', 'staging', 'prod']

environments.each { env ->
    stage("Deploy to ${env}") {
        when {
            expression { shouldDeployTo(env) }
        }
        steps {
            deployTo(env)
        }
    }
}

Artifact Management

stage('Package Artifacts') {
    steps {
        sh """
            tar -czf playbooks.tar.gz .
            aws s3 cp playbooks.tar.gz s3://artifacts/
        """
    }
}