Introduce Ansible Playbook OSX CI Setup

It includes 2 roles - osx-ci and xcode.
Both prepare a build & deployment environment for OSX and iOS applications.

.gitignore

@@ -0,0 +1,4 @@
+*.py[co]
+*.retry
+.vscode
+.DS_Store

.travis.yml

@@ -0,0 +1,14 @@
+---
+
+language: python
+python: 2.7
+
+install:
+    - pip install ansible
+    - pip install yamllint
+    - pip install ansible-lint
+
+script:
+    - yamllint .
+    - ansible-lint site.yml
+    - ansible-galaxy install -r requirements.yml

.yamllint

@@ -0,0 +1,21 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+  braces: {max-spaces-inside: 1, level: error}
+  brackets: {max-spaces-inside: 1, level: error}
+  colons: {max-spaces-after: -1, level: error}
+  commas: {max-spaces-after: -1, level: error}
+  comments: disable
+  comments-indentation: disable
+  document-start: disable
+  empty-lines: {max: 3, level: error}
+  hyphens: {level: error}
+  indentation: disable
+  key-duplicates: enable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines: {type: unix}
+  trailing-spaces: disable
+  truthy: disable

README.md

@@ -1,2 +1,104 @@
-# ansible-playbook-osx-ci-setup
-Ansible Playbook: OSX CI Setup
+# Ansible Playbook: Setup OSX/iOS CI Environment
+
+![GPL-3.0 licensed][badge-license]
+
+This playbook uses two roles:
+
+* [OSX-CI][osx-ci]
+* [Xcode][xcode-role]
+
+They setup a CI user and install and configure common tools used for OSX/iOS CI environment:
+
+* [Homebrew][homebrew]
+* [Node.js 10 LTS][node10]
+* [Java 8][java8] - Jenkins requirement. By installing Java 8, the OSX machine can be easily become a Jenkins agent.
+* [fastlane][fastlane]
+* [CocoaPods][cocoapods]
+* [Xcode][xcode]
+
+The default role inventory targets `localhost` (found in [`inventory/main`](inventory/main)). This means that the playbook should be executed on the machine that needs to be configured.
+If you want to execute the playbook remotely you need to provide another Ansible inventory. Detailed description what is an inventory and how to use it can be found in the [Ansible documentation][inventory]
+
+## Requirements
+
+The playbook requires [Ansible][ansible] to be installed on both the host and the target machine.
+In the default setup the host and target machine are the same.
+You can find a configuration bash script in [`scripts/ansible_setup.sh`](scripts/ansible_setup.sh).
+
+Running
+
+    sudo scripts/ansible_setup.sh
+
+will install:
+* Xcode Command Line Tools
+* pip
+* Ansible
+
+Both roles come from [Ansible Galaxy][https://galaxy.ansible.com/]. In order to install them you need to run:
+
+    ansible-galaxy install -r requirements.yml
+
+The Xcode Command Line Tools and Xcode installations require a UI session. This means the user you are using to execute the playbook must be logged on to the OSX machine.
+
+## Variables
+
+The playbook will need several variables in order to work correctly. Their default values can be found in [`group_vars/all.yml`](group_vars/all.yml).
+
+    ansible_user: admin
+
+The default user name to use for installing and configuring the needed tooling.
+
+    ansible_become_pass
+
+The privilege escalation password. It is highly recommended not to pass the password in plain text.
+To encrypt it we will use [Ansible Vault][vault].
+You can add the variable to [`group_vars/all.yml`](group_vars/all.yml) and execute the following command:
+
+    ansible-vault encrypt group_vars/all.yml
+
+You will be asked for a vault password. It will be later used to decrypt the file.
+Once the operation is executed the file will be encrypted.
+Then you can run `ansible-playbook` with the `--ask-vault-pass` flag. You will be asked for the vault password you used to encrypt the file.
+Once the vault password is submitted the playbook will continue its execution.
+More on Ansible Vault can be found [here][vault].
+
+For information about the variables that `osx-ci` and `xcode` roles expect you can check their repositories:
+
+* [OSX-CI][osx-ci]
+* [Xcode][xcode-role]
+
+## Dependencies
+
+None.
+
+## Example
+
+    ansible-playbook site.yml -i inventory -e ansible_user=administrator -e xcode_xip_location='/Users/administrator/Downloads/Xcode_10.1.xip' -e xcode_major_version=10 -e ci_user_public_key_location='/tmp/ci_user.pub' --ask-vault-pass
+
+## License
+
+[GPL-3.0][link-license]
+
+## Author Information
+
+This playbook was created in 2019 by [MacStadium, Inc][macstadium].
+
+#### Maintainer(s)
+
+- [Ivan Spasov](https://github.com/ispasov)
+
+[macstadium]: https://www.macstadium.com/
+[ansible]: https://docs.ansible.com/ansible/2.4/index.html
+[galaxy]: https://galaxy.ansible.com/
+[vault]: https://docs.ansible.com/ansible/latest/user_guide/playbooks_vault.html
+[inventory]: https://docs.ansible.com/ansible/2.4/intro_inventory.html
+[badge-license]: https://img.shields.io/badge/License-GPL3-green.svg
+[link-license]: https://raw.githubusercontent.com/macstadium/ansible-playbook-osx-ci-setup/master/LICENSE
+[homebrew]: https://brew.sh/
+[node10]: https://nodejs.org/en/blog/release/v10.13.0/
+[java8]: https://www.oracle.com/technetwork/java/javase/overview/java8-2100321.html
+[fastlane]: https://fastlane.tools/
+[cocoapods]: https://cocoapods.org/
+[xcode]: https://developer.apple.com/xcode/
+[osx-ci]: https://galaxy.ansible.com/macstadium/osx-ci
+[xcode-role]: https://galaxy.ansible.com/macstadium/xcode

group_vars/all.yml

@@ -0,0 +1,3 @@
+ansible_user: admin
+# ansible_become_pass:
+# ci_user_default_keychain_password:

inventory/main

@@ -0,0 +1,2 @@
+[targets]
+localhost ansible_connection=local

requirements.yml

@@ -0,0 +1,2 @@
+- src: macstadium.osx_ci
+- src: macstadium.xcode

scripts/ansible_setup.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+OS_VERSION=$(sw_vers -productVersion | cut -d'.' -f 1-2)
+
+touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress;
+PROD=$(softwareupdate -l |
+  grep "\*.*Command Line *.* version $OS_VERSION" |
+  head -n 1 | awk -F"*" '{print $2}' |
+  sed -e 's/^ *//' |
+  tr -d '\n')
+softwareupdate -i "$PROD" --verbose
+rm /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
+
+curl https://bootstrap.pypa.io/get-pip.py | python
+pip install ansible

site.yml

@@ -0,0 +1,7 @@
+- hosts: targets
+  gather_facts: false
+  roles:
+    - role: macstadium.osx-ci
+      tags: ['osx-ci']
+    - role: macstadium.xcode
+      tags: ['xcode']