How to Download and Use Ansible Galaxy Role with ansible-galaxy and requirements.yml? I’m going to show you a live Playbook with some simple Ansible code. I’m Luca Berton and welcome to today’s episode of Ansible Pilot.

What is an Ansible Role?

  • re-usable Ansible artifacts
  • one role contains tasks, variables, defaults, handlers, modules, or other plugins
  • easy to download and share via Ansible Galaxy

An Ansible Role is a set of re-usable Ansible artifacts. It solves one problem and contains all the relevant tasks, variables, defaults, handlers, modules, or other plugins. For Users, the Ansible Role is easy to download and share via Ansible Galaxy. For Developers the Ansible Role is easy to upload and share via Ansible Galaxy. Plus an Ansible role has a defined standard directory structure and format.

What is Ansible Galaxy?

The website is available at the URL https://galaxy.ansible.com/. The search engine, Tags, and Platform make it easy to find any content inside. I recommend you carefully evaluate the quality of content before using it in your system. Quality indicators are usually the quality assurance of code, the supported operating systems and platforms, the documentation, the release numbers, the presence of Changelog, the number of downloads, and the author or creator. Please notice that the website contains Ansible Roles and Ansible Collections. Today we’re focusing on Ansible Role content.

Playbook

Let’s jump into a real-life How to Download and Use the Ansible Galaxy Role lucab85.ansible_role_log4shell.

code

  • role.yml
---
- name: role Playbook
  hosts: all
  become: true
  roles:
    - role: lucab85.ansible_role_log4shell
      detector_path: "/var/www"
  • requirements.yml
---
roles:
  - name: lucab85.ansible_role_log4shell

execution before download

$ ansible-playbook -i virtualmachines/demo/inventory galaxy/role.yml
ERROR! the role 'lucab85.ansible_role_log4shell' was not found in /Users/lberton/prj/github/ansible-pilot/galaxy/roles:/Users/lberton/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/Users/lberton/prj/github/ansible-pilot/galaxy

The error appears to be in '/Users/lberton/prj/github/ansible-pilot/galaxy/role.yml': line 5, column 8, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  roles:
     - role: lucab85.ansible_role_log4shell
       ^ here

download execution


$ ansible-galaxy install -r galaxy/requirements.yml 
Starting galaxy role install process
- downloading role 'ansible_role_log4shell', owned by lucab85
- downloading role from https://github.com/lucab85/ansible-role-log4shell/archive/v0.4.1.tar.gz
- extracting lucab85.ansible_role_log4shell to /Users/lberton/.ansible/roles/lucab85.ansible_role_log4shell
- lucab85.ansible_role_log4shell (v0.4.1) was installed successfully

execution after download


$ ansible-playbook -i virtualmachines/demo/inventory galaxy/role.yml 

PLAY [role Playbook] ****************************************************************************

TASK [Gathering Facts] **********************************************************************
ok: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : dependency presents] *********************************
ok: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : create detector directory] ***************************
changed: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : download detector file] ******************************
ok: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : download detector signature] *************************
ok: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : gpg public key] *********************************
changed: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : gpg verify detector] ****************************
changed: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : remove any detector run directory] **************
ok: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : create detector run directory] ******************
changed: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : run detector/scanner] ***************************
changed: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : files in detector run directory] ****************
ok: [demo.example.com]

TASK [lucab85.ansible_role_log4shell : print vulnerable path(s) found] *****************
ok: [demo.example.com] => {
  "vulnerable": {
      "changed": false,
      "examined": 1,
      "failed": false,
      "files": [],
      "matched": 0,
      "msg": "All paths examined",
      "skipped_paths": {}
  }
}

TASK [ansible-role-log4shell : remove detector directory] **********************
changed: [demo.example.com]

PLAY RECAP *********************************************************************
instance                   : ok=14   changed=9    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0

code with ❤️ in GitHub

Conclusion

Now you know how to Download and Use Ansible Galaxy Role with Ansible. Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.

Academy

Learn the Ansible automation technology with some real-life examples in my Udemy 300+ Lessons Video Course.

BUY the Complete Udemy 300+ Lessons Video Course

My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps

BUY the Complete PDF BOOK to easily Copy and Paste the 250+ Ansible code

Want to keep this project going? Please donate

Patreon Buy me a Pizza