diff --git a/.gitignore b/.gitignore index c17815f..ad2ea9f 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,5 @@ node_modules/ .vaults/ vault vaults/ + +roles/ diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 369b1c8..84869f1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,40 +3,24 @@ stages: - test cache: - key: "$CI_COMMIT_REF_SLUG" + key: '$CI_COMMIT_REF_SLUG' paths: - .cache/pip - node_modules/ -lint: - stage: lint - image: python:3.7 - before_script: - - pip install ansible ansible-lint --quiet - script: - - ansible-lint playbook.yml - only: - refs: - - development - - merge_requests - pretty-lint: stage: lint image: node:12 before_script: - - npm install + - npm install prettier --no-save script: - npx prettier "**/*.yml" --check - only: - refs: - - development - - merge_requests syntax-test: stage: test image: python:3.7 before_script: - - pip install ansible ansible-lint --quiet + - pip install ansible --quiet - ansible-galaxy install -r roles/requirements.yml script: - ansible-playbook playbook.yml --syntax-check diff --git a/.prettier.json b/.prettier.json deleted file mode 100644 index 9c76f6b..0000000 --- a/.prettier.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "singleQuote": true, - "printWidth": 90, - "tabWidth": 2, - "useTabs": false, - "bracketSpacing": true, - "parser": "yaml" -} - diff --git a/.prettierrc.yml b/.prettierrc.yml new file mode 100644 index 0000000..0cb31e6 --- /dev/null +++ b/.prettierrc.yml @@ -0,0 +1,5 @@ +singleQuote: true +printWidth: 90 +tabWidth: 2 +useTabs: false +bracketSpacing: true diff --git a/ansible.cfg b/ansible.cfg index 002a50d..4c41b64 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,2 +1,5 @@ [defaults] roles_path = ./roles + +[privilege_escalation] +become_ask_pass = True diff --git a/roles/transip_client/handlers/main.yml b/handlers.yml similarity index 100% rename from roles/transip_client/handlers/main.yml rename to handlers.yml diff --git a/playbook.yml b/playbook.yml index 803c7b0..87ccf64 100644 --- a/playbook.yml +++ b/playbook.yml @@ -1,3 +1,7 @@ - hosts: localhost - roles: - - transip_client + tasks: + - import_tasks: 'tasks.yml' + handlers: + - import_tasks: 'handlers.yml' + vars_files: + - 'vars/main.yml' diff --git a/roles/requirements.yml b/requirements.yml similarity index 100% rename from roles/requirements.yml rename to requirements.yml diff --git a/roles/.gitignore b/roles/.gitignore deleted file mode 100644 index e699b2a..0000000 --- a/roles/.gitignore +++ /dev/null @@ -1,6 +0,0 @@ -# ignore all external roles and files in the roles dir -/* - -!.gitignore -!requirements.yml -!transip_client*/ diff --git a/roles/transip_client/tasks/main.yml b/roles/transip_client/tasks/main.yml deleted file mode 100644 index dcad9f3..0000000 --- a/roles/transip_client/tasks/main.yml +++ /dev/null @@ -1,79 +0,0 @@ -- name: load OS specific vars - include_vars: "{{ item }}" - with_first_found: - - files: - - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}.yml" - - "{{ ansible_distribution|lower }}.yml" - - "{{ ansible_os_family|lower }}.yml" - paths: - - "{{ role_path }}/vars" - -- name: install packages - become: true - package: - name: "{{ item }}" - state: present - loop: "{{ packages }}" - -- name: clone project - git: - repo: "{{ app_url }}" - dest: "{{ app_dir }}" - version: "{{ app_branch }}" - update: yes - -- name: include poetry tasks - include_role: - name: common - tasks_from: "poetry.yml" - vars: - poetry_user: "{{ ansible_user_id }}" - poetry_dir: "{{ ansible_env.HOME }}/.poetry" - -- name: run poetry tasks - block: - - name: retrieve user $PATH - shell: "echo $PATH" - register: path_stats - - - name: set poetry user variables - set_fact: - poetry_user_path: "{{ path_stats.stdout }}" - - - name: set default venv python version - command: "poetry env use python3.7" - args: - chdir: "{{ app_dir }}" - environment: - PATH: "/home/{{ app_user }}/.local/bin:{{ poetry_user_path }}" - - - name: install project dependencies - command: - argv: - - "poetry install" - - "--no-dev" - args: - chdir: "{{ app_dir }}" - environment: - PATH: "/home/{{ app_user }}/.local/bin:{{ poetry_user_path }}" - -- name: copy environment file - template: - src: "env.j2" - dest: "{{ app_dir }}/.env" - mode: 0600 - -- name: copy systemd templates - template: - loop: - - { - src: "timer.j2", - dest: "{{ systemd_dir }}/transip-client.timer", - mode: "0644", - } - - { - src: "service.j2", - dest: "{{ systemd_dir }}/transip-client.service", - mode: "0644", - } - notify: enable transip-client timer diff --git a/roles/transip_client/vars/debian-buster.yml b/roles/transip_client/vars/debian-buster.yml deleted file mode 100644 index 9f1c534..0000000 --- a/roles/transip_client/vars/debian-buster.yml +++ /dev/null @@ -1,5 +0,0 @@ -packages: - - python3 - - python3-dev - - python3-venv - - dns-utils diff --git a/tasks.yml b/tasks.yml new file mode 100644 index 0000000..5eed820 --- /dev/null +++ b/tasks.yml @@ -0,0 +1,69 @@ +- name: install packages + become: true + package: + name: '{{ item }}' + state: present + loop: '{{ packages }}' + +- name: clone project + git: + repo: '{{ app_url }}' + dest: '{{ app_dir }}' + version: '{{ app_branch }}' + update: yes + +- name: include poetry tasks + include_role: + name: common + tasks_from: 'poetry.yml' + vars: + poetry_user: '{{ ansible_user_id }}' + poetry_dir: '{{ ansible_env.HOME }}/.poetry' + +- name: run poetry tasks + block: + - name: retrieve user $PATH + shell: 'echo $PATH' + register: path_stats + + - name: set poetry user variables + set_fact: + poetry_user_path: '{{ path_stats.stdout }}' + + - name: set default venv python version + command: 'poetry env use python3.7' + args: + chdir: '{{ app_dir }}' + environment: + PATH: '/home/{{ app_user }}/.local/bin:{{ poetry_user_path }}' + + - name: install project dependencies + command: + argv: + - 'poetry install' + - '--no-dev' + args: + chdir: '{{ app_dir }}' + environment: + PATH: '/home/{{ app_user }}/.local/bin:{{ poetry_user_path }}' + +- name: copy environment file + template: + src: 'templates/env.j2' + dest: '{{ app_dir }}/.env' + mode: 0600 + +- name: copy systemd templates + template: + loop: + - { + src: 'templates/timer.j2', + dest: '{{ systemd_dir }}/transip-client.timer', + mode: '0644', + } + - { + src: 'templates/service.j2', + dest: '{{ systemd_dir }}/transip-client.service', + mode: '0644', + } + notify: enable transip-client timer diff --git a/roles/transip_client/templates/env.j2 b/templates/env.j2 similarity index 100% rename from roles/transip_client/templates/env.j2 rename to templates/env.j2 diff --git a/roles/transip_client/templates/service.j2 b/templates/service.j2 similarity index 100% rename from roles/transip_client/templates/service.j2 rename to templates/service.j2 diff --git a/roles/transip_client/templates/timer.j2 b/templates/timer.j2 similarity index 100% rename from roles/transip_client/templates/timer.j2 rename to templates/timer.j2 diff --git a/roles/transip_client/defaults/main.yml b/vars/main.yml similarity index 98% rename from roles/transip_client/defaults/main.yml rename to vars/main.yml index fdcca4e..6094269 100644 --- a/roles/transip_client/defaults/main.yml +++ b/vars/main.yml @@ -56,5 +56,8 @@ sentry_dsn: !vault | 35393536636238653338393163373966356636653362343039366230636364363233376336383331 636663383661346534613533653133376534 -packages: [] -skip_common_setup: true +packages: + - python3 + - python3-dev + - python3-venv + - dns-utils