SCRUM-2: Add Ansible playbook

.dojops/.gitignore

@@ -0,0 +1,7 @@
+# DojOps project state
+session.json
+execution-logs/
+approvals/
+sessions/
+memory/
+audit-key

.dojops/history/audit.jsonl

@@ -0,0 +1,2 @@
+{"timestamp":"2026-03-10T19:06:25.107Z","user":"hedi","command":"apply plan-4bdd2f1f","action":"apply","planId":"plan-4bdd2f1f","status":"success","durationMs":74791,"seq":1,"previousHash":"genesis","hash":"bd79d5f0849230fa8b6fa04fde9bf877260405a1b2355f32c81e1d7c9334abe9"}
+{"timestamp":"2026-03-10T19:07:18.699Z","user":"hedi","command":"apply plan-4bdd2f1f","action":"apply","planId":"plan-4bdd2f1f","status":"success","durationMs":53221,"seq":2,"previousHash":"bd79d5f0849230fa8b6fa04fde9bf877260405a1b2355f32c81e1d7c9334abe9","hash":"5954e891f438fb478228b9bc7680398c771de2823b7451f9d4059429c14f303d"}

.dojops/plans/plan-4bdd2f1f.json

@@ -0,0 +1,93 @@
+{
+  "id": "plan-4bdd2f1f",
+  "goal": "Add Ansible playbook to install Node.js v20 on Debian servers using SSH username/password authentication, with inventory and playbook stored in GitHub repository",
+  "createdAt": "2026-03-10T19:05:10.306Z",
+  "risk": "MEDIUM",
+  "tasks": [
+    {
+      "id": "analyze-existing-ansible",
+      "tool": "ansible",
+      "description": "Analyze existing Ansible structure in repository",
+      "dependsOn": [],
+      "input": {
+        "prompt": "Analyze only. Do NOT generate any files. Check if ansible/ directory exists and examine any existing inventory or playbook files. Return your findings as plain text including: current directory structure, existing Ansible files, and recommendations for placement.",
+        "outputPath": "."
+      },
+      "toolType": "built-in"
+    },
+    {
+      "id": "create-ansible-inventory",
+      "tool": "ansible",
+      "description": "Create Ansible inventory file with group structure and connection variables",
+      "dependsOn": [
+        "analyze-existing-ansible"
+      ],
+      "input": {
+        "prompt": "Create ONLY the file ansible/inventory/hosts.yml with the exact structure specified. The inventory must define: 1) 'all' group with children 'webservers' and 'staging', 2) hosts web-01 (192.168.10.21), web-02 (192.168.10.22) in webservers group, 3) host staging-web-01 (192.168.20.10) in staging group, 4) default connection variables: ansible_user=develop, ansible_password=dev12305!, ansible_connection=ssh, ansible_port=22. Use YAML format exactly as shown in requirements. Do NOT output any other files.",
+        "outputPath": "ansible"
+      },
+      "toolType": "built-in"
+    },
+    {
+      "id": "create-nodejs-playbook",
+      "tool": "ansible",
+      "description": "Create install-nodejs.yml playbook to install Node.js v20 on Debian",
+      "dependsOn": [
+        "create-ansible-inventory"
+      ],
+      "input": {
+        "prompt": "Create ONLY the file ansible/playbooks/install-nodejs.yml. The playbook must: 1) Target Debian servers, 2) Update APT cache, 3) Add NodeSource repository for Node.js 20, 4) Install Node.js using APT package manager, 5) Verify installation with 'node -v' command, 6) Use SSH username/password authentication as defined in inventory. Ensure playbook follows Ansible best practices and includes proper error handling. Do NOT output any other files.",
+        "outputPath": "ansible"
+      },
+      "toolType": "built-in"
+    }
+  ],
+  "files": [],
+  "approvalStatus": "PARTIAL",
+  "executionContext": {
+    "provider": "deepseek",
+    "dojopsVersion": "1.0.8",
+    "policySnapshot": "9a84cdbc57ac477e",
+    "toolVersions": {
+      "ansible": "2.1.0"
+    }
+  },
+  "results": [
+    {
+      "taskId": "analyze-existing-ansible",
+      "status": "completed",
+      "output": {
+        "generated": "I cannot analyze your current directory structure or examine existing files because I'm an AI assistant that generates Ansible content based on your requests. I don't have access to your filesystem or the ability to inspect your local environment.\n\nTo properly analyze your Ansible setup, you would need to:\n\n1. **Check for existing Ansible files manually**:\n   ```bash\n   ls -la ansible/ 2>/dev/null || echo \"ansible/ directory does not exist\"\n   find . -name \"*.yml\" -o -name \"*.yaml\" -o -name \"ansible.cfg\" 2>/dev/null\n   ```\n\n2. **Examine any inventory files**:\n   ```bash\n   cat inventory 2>/dev/null || cat inventory.yml 2>/dev/null || cat hosts 2>/dev/null\n   ```\n\n3. **Review existing playbooks**:\n   ```bash\n   find . -name \"*.yml\" -exec head -20 {} \\; 2>/dev/null\n   ```\n\nOnce you have this information, you can provide it to me and I'll help you with:\n- Recommendations for organizing your Ansible project structure\n- Suggestions for improving existing playbooks\n- Guidance on best practices for your specific use case\n- Creating new playbooks or roles that integrate with your existing setup\n\nPlease run these commands yourself and share the output, then I can provide specific recommendations for your Ansible configuration.",
+        "isUpdate": false
+      },
+      "filesCreated": [],
+      "executionStatus": "completed",
+      "executionApproval": "approved"
+    },
+    {
+      "taskId": "create-ansible-inventory",
+      "status": "completed",
+      "output": {
+        "generated": "{\n  \"files\": {\n    \"ansible/inventory/hosts.yml\": \"---\\nall:\\n  children:\\n    webservers:\\n      hosts:\\n        web-01:\\n          ansible_host: 192.168.10.21\\n        web-02:\\n          ansible_host: 192.168.10.22\\n    staging:\\n      hosts:\\n        staging-web-01:\\n          ansible_host: 192.168.20.10\\n  vars:\\n    ansible_user: develop\\n    ansible_password: dev12305!\\n    ansible_connection: ssh\\n    ansible_port: 22\"\n  }\n}",
+        "isUpdate": false
+      },
+      "filesCreated": [],
+      "executionStatus": "failed",
+      "executionApproval": "skipped",
+      "error": "Verification failed: [ERROR]: A playbook must be a list of plays, got a <class 'ansible.module_utils._internal._datatag._AnsibleTaggedDict'> instead: /tmp/dojops-verify-VbsGAT/playbook.yml"
+    },
+    {
+      "taskId": "create-nodejs-playbook",
+      "status": "completed",
+      "output": {
+        "generated": "{\n  \"files\": {\n    \"ansible/playbooks/install-nodejs.yml\": \"---\\n- name: Install Node.js 20 on Debian servers\\n  hosts: all\\n  gather_facts: true\\n  become: true\\n  become_user: root\\n  vars:\\n    nodejs_version: \\\"20\\\"\\n    nodesource_key_url: \\\"https://deb.nodesource.com/gpgkey/nodesource.gpg.key\\\"\\n    nodesource_repo_url: \\\"https://deb.nodesource.com/node_{{ nodejs_version }}.x\\\"\\n    \\n  tasks:\\n    - name: Update APT package cache\\n      ansible.builtin.apt:\\n        update_cache: yes\\n        cache_valid_time: 3600\\n      tags:\\n        - install\\n        - update\\n      \\n    - name: Install required packages for repository management\\n      ansible.builtin.apt:\\n        name:\\n          - ca-certificates\\n          - curl\\n          - gnupg\\n        state: present\\n      tags:\\n        - install\\n        - prerequisites\\n      \\n    - name: Add NodeSource GPG key\\n      ansible.builtin.apt_key:\\n        url: \\\"{{ nodesource_key_url }}\\\"\\n        state: present\\n      tags:\\n        - install\\n        - repository\\n      \\n    - name: Add NodeSource repository for Node.js {{ nodejs_version }}\\n      ansible.builtin.apt_repository:\\n        repo: \\\"deb {{ nodesource_repo_url }} {{ ansible_distribution_release }} main\\\"\\n        state: present\\n        update_cache: yes\\n      tags:\\n        - install\\n        - repository\\n      \\n    - name: Install Node.js {{ nodejs_version }}\\n      ansible.builtin.apt:\\n        name: nodejs\\n        state: present\\n        update_cache: yes\\n      tags:\\n        - install\\n        - nodejs\\n      \\n    - name: Verify Node.js installation\\n      ansible.builtin.command:\\n        cmd: node --version\\n      register: node_version_check\\n      changed_when: false\\n      failed_when: node_version_check.rc != 0\\n      tags:\\n        - verify\\n        - validation\\n      \\n    - name: Display Node.js version\\n      ansible.builtin.debug:\\n        msg: \\\"Node.js {{ nodejs_version }} successfully installed. Version: {{ node_version_check.stdout }}\\\"\\n      when: node_version_check.rc == 0\\n      tags:\\n        - verify\\n        - info\\n      \\n  handlers:\\n    - name: Clear APT cache\\n      ansible.builtin.command:\\n        cmd: apt-get clean\\n      listen: \\\"clear apt cache\\\"\\n      \\n  post_tasks:\\n    - name: Trigger APT cache cleanup\\n      ansible.builtin.meta: flush_handlers\\n      \\n    - name: Ensure playbook completes successfully\\n      ansible.builtin.debug:\\n        msg: \\\"Node.js installation completed successfully on {{ inventory_hostname }}\\\"\\n      tags:\\n        - verify\\n        - completion\\n\"\n  }\n}",
+        "isUpdate": false
+      },
+      "filesCreated": [
+        "ansible/playbooks/install-nodejs.yml"
+      ],
+      "executionStatus": "completed",
+      "executionApproval": "approved"
+    }
+  ]
+}

DOJOPS.md

@@ -0,0 +1,104 @@
+---
+dojops: 1
+scannedAt: '2026-03-10T19:04:47.358Z'
+primaryLanguage: node
+languages:
+  - name: node
+    confidence: 0.9
+    indicator: package.json
+  - name: typescript
+    confidence: 0.85
+    indicator: tsconfig.json
+packageManager: null
+ci:
+  - platform: github-actions
+    configPath: .github/workflows/ci.yml
+container:
+  hasDockerfile: true
+  hasCompose: false
+  hasSwarm: false
+infra:
+  hasTerraform: false
+  tfProviders: []
+  hasState: false
+  hasKubernetes: false
+  hasHelm: false
+  hasAnsible: false
+  hasKustomize: false
+  hasVagrant: false
+  hasPulumi: false
+  hasCloudFormation: false
+  hasPacker: false
+  hasCdk: false
+  hasSkaffold: false
+  hasArgoCD: false
+  hasTiltfile: false
+  hasHelmfile: false
+monitoring:
+  hasPrometheus: false
+  hasNginx: false
+  hasSystemd: false
+  hasHaproxy: false
+  hasTomcat: false
+  hasApache: false
+  hasCaddy: false
+  hasEnvoy: false
+scripts:
+  shellScripts: []
+  pythonScripts: []
+  hasJustfile: false
+security:
+  hasEnvExample: false
+  hasGitignore: true
+  hasCodeowners: false
+  hasSecurityPolicy: false
+  hasDependabot: false
+  hasRenovate: false
+  hasSecretScanning: false
+  hasEditorConfig: false
+meta:
+  isGitRepo: true
+  isMonorepo: false
+  hasMakefile: false
+  hasReadme: true
+  hasEnvFile: false
+relevantDomains:
+  - ci-cd
+  - ci-debugging
+  - containerization
+devopsFiles:
+  - .github/workflows/ci.yml
+  - .gitignore
+  - Dockerfile
+---
+
+# DojOps Project Context
+
+> Managed by DojOps CLI. Run `dojops init` to refresh. The Notes section is yours to edit.
+
+## Overview
+
+**Tech Stack:** node, Docker, github-actions
+
+## Detected Stack
+
+- **Primary Language:** node (also: typescript)
+- **CI/CD:** github-actions (`.github/workflows/ci.yml`)
+- **Container:** Dockerfile
+
+**DevOps Files:**
+- `.github/workflows/ci.yml`
+- `.gitignore`
+- `Dockerfile`
+
+## Notes
+
+<!-- Add project-specific notes, conventions, or preferences below. -->
+<!-- DojOps preserves this section across re-init and updates. -->
+
+## Recent Activity
+
+<!-- activity-start -->
+- 2026-03-10T19:07:18Z — Plan applied: PARTIAL
+- 2026-03-10T19:06:25Z — Plan applied: PARTIAL (`ansible/playbooks/install-nodejs.yml`)
+<!-- activity-end -->

ansible/playbooks/install-nodejs.yml

@@ -0,0 +1,91 @@
+---
+- name: Install Node.js 20 on Debian servers
+  hosts: all
+  gather_facts: true
+  become: true
+  become_user: root
+  vars:
+    nodejs_version: "20"
+    nodesource_key_url: "https://deb.nodesource.com/gpgkey/nodesource.gpg.key"
+    nodesource_repo_url: "https://deb.nodesource.com/node_{{ nodejs_version }}.x"
+
+  tasks:
+    - name: Update APT package cache
+      ansible.builtin.apt:
+        update_cache: yes
+        cache_valid_time: 3600
+      tags:
+        - install
+        - update
+
+    - name: Install required packages for repository management
+      ansible.builtin.apt:
+        name:
+          - ca-certificates
+          - curl
+          - gnupg
+        state: present
+      tags:
+        - install
+        - prerequisites
+
+    - name: Add NodeSource GPG key
+      ansible.builtin.apt_key:
+        url: "{{ nodesource_key_url }}"
+        state: present
+      tags:
+        - install
+        - repository
+
+    - name: Add NodeSource repository for Node.js {{ nodejs_version }}
+      ansible.builtin.apt_repository:
+        repo: "deb {{ nodesource_repo_url }} {{ ansible_distribution_release }} main"
+        state: present
+        update_cache: yes
+      tags:
+        - install
+        - repository
+
+    - name: Install Node.js {{ nodejs_version }}
+      ansible.builtin.apt:
+        name: nodejs
+        state: present
+        update_cache: yes
+      tags:
+        - install
+        - nodejs
+
+    - name: Verify Node.js installation
+      ansible.builtin.command:
+        cmd: node --version
+      register: node_version_check
+      changed_when: false
+      failed_when: node_version_check.rc != 0
+      tags:
+        - verify
+        - validation
+
+    - name: Display Node.js version
+      ansible.builtin.debug:
+        msg: "Node.js {{ nodejs_version }} successfully installed. Version: {{ node_version_check.stdout }}"
+      when: node_version_check.rc == 0
+      tags:
+        - verify
+        - info
+
+  handlers:
+    - name: Clear APT cache
+      ansible.builtin.command:
+        cmd: apt-get clean
+      listen: "clear apt cache"
+
+  post_tasks:
+    - name: Trigger APT cache cleanup
+      ansible.builtin.meta: flush_handlers
+
+    - name: Ensure playbook completes successfully
+      ansible.builtin.debug:
+        msg: "Node.js installation completed successfully on {{ inventory_hostname }}"
+      tags:
+        - verify
+        - completion