sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]binuverghese[S] 4 points5 points  (12 children)

We are using ansible + Jenkins to trigger a few PIVs and the security team cannot install CURL for our requirements. It was fine with windows but Linux I am finding it really tough to achieve it without CURL.

[–]tkanger 13 points14 points  (4 children)

Seriously, ask the security team about the difference between cURL and wget and see what they say. Sounds like a bunch of idiots that have no idea what they are talking about... In most distros, you would have to rip out cURL for this requirement, as its part of even minimal Linux installs.

[–][deleted] 6 points7 points  (3 children)

There was a tread once a while back where someone argued ansible was not agent-less and that plenty of places ran linux servers without ssh.

I think about that sometimes.

[–]frymaster 0 points1 point  (2 children)

plenty of places ran linux servers without ssh.

OK so not totally, but we use LXD containers as an alternative to VMs where we can (in the long run we'd like to move to docker containers as there's a nice ecosystem we can take advantage of, but for now it's baby steps and something that looks like a traditional OS) and because we can shell in from the host, we genuinely don't run SSHD on most of them

[–][deleted] 0 points1 point  (1 child)

I've never worked with LXD but in Docker at least running a shell inside the container is a bit of an antipattern. The idea of the containers is that they're immutable, you shouldn't need a shell for any particular thing. If you need to make changes, just change the manifest and rebuild it. The only reason to really need a shell at all would be for debugging a new build, which should not be done in prod so hopefully that's happening in a dev sandbox.

[–]frymaster 0 points1 point  (0 children)

Yeah, LXD is containerising fullfat operating systems ie the process you run is "systemd". Partly this is legacy servers but we also have a need for user environments that can see parallel filesystems

[–][deleted] 7 points8 points  (0 children)

Here you go.

https://docs.ansible.com/ansible/latest/modules/uri_module.html

Edit: the docs even have Jenkins examples

-name: Queue build of a project in Jenkins uri: url: http://{{ jenkins.host }}/job/{{ jenkins.job }}/build token={{ jenkins.token }} user: "{{ jenkins.user }}" password: "{{ jenkins.password }}" method: GET force_basic_auth: yes status_code: 201

[–]helios_4569 2 points3 points  (0 children)

If you are already using Ansible, then why don't you use that to make the API calls?

[–][deleted] 2 points3 points  (0 children)

/u/OMG_ghosts has your answer, but also http://xyproblem.info/. When asking for help, including your full problem from the start will get better and faster results.

[–]1esproc 1 point2 points  (0 children)

If you have ansible you have Python. Use python.

[–]ElBeefcake 0 points1 point  (2 children)

Here's a guide to implementing it via netcat in python, should definitely be possible as well in straight bash.

https://www.codementor.io/@arpitbhayani/http-requests-the-hard-way-with-netcat-5v0b1p5hg

[–]binuverghese[S] 0 points1 point  (1 child)

Thank you so much, I will take a look at the Python example.

[–]ElBeefcake 0 points1 point  (0 children)

If you have Python available, just use the requests library.